Test an old style PSK callback with no cert will prefer SHA-256

If using an old style PSK callback and no certificate is configured for
the server, we should prefer ciphersuites based on SHA-256, because that
is the default hash for those callbacks as specified in the TLSv1.3 spec.

Reviewed-by: Rich Salz <rsalz@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/6215)
This commit is contained in:
Matt Caswell 2018-05-10 12:33:51 +01:00
parent 9e064bc170
commit 0d8da77908
2 changed files with 97 additions and 74 deletions

View file

@ -2781,6 +2781,13 @@ static int test_ciphersuite_change(void)
return testresult; return testresult;
} }
/*
* Test TLSv1.3 PSKs
* Test 0 = Test new style callbacks
* Test 1 = Test both new and old style callbacks
* Test 2 = Test old style callbacks
* Test 3 = Test old style callbacks with no certificate
*/
static int test_tls13_psk(int idx) static int test_tls13_psk(int idx)
{ {
SSL_CTX *sctx = NULL, *cctx = NULL; SSL_CTX *sctx = NULL, *cctx = NULL;
@ -2796,15 +2803,21 @@ static int test_tls13_psk(int idx)
if (!TEST_true(create_ssl_ctx_pair(TLS_server_method(), TLS_client_method(), if (!TEST_true(create_ssl_ctx_pair(TLS_server_method(), TLS_client_method(),
TLS1_VERSION, TLS_MAX_VERSION, TLS1_VERSION, TLS_MAX_VERSION,
&sctx, &cctx, cert, privkey))) &sctx, &cctx, idx == 3 ? NULL : cert,
idx == 3 ? NULL : privkey)))
goto end; goto end;
/* if (idx != 3) {
* We use a ciphersuite with SHA256 to ease testing old style PSK callbacks /*
* which will always default to SHA256 * We use a ciphersuite with SHA256 to ease testing old style PSK
*/ * callbacks which will always default to SHA256. This should not be
if (!TEST_true(SSL_CTX_set_ciphersuites(cctx, "TLS_AES_128_GCM_SHA256"))) * necessary if we have no cert/priv key. In that case the server should
goto end; * prefer SHA256 automatically.
*/
if (!TEST_true(SSL_CTX_set_ciphersuites(cctx,
"TLS_AES_128_GCM_SHA256")))
goto end;
}
/* /*
* Test 0: New style callbacks only * Test 0: New style callbacks only
@ -2816,7 +2829,7 @@ static int test_tls13_psk(int idx)
SSL_CTX_set_psk_find_session_callback(sctx, find_session_cb); SSL_CTX_set_psk_find_session_callback(sctx, find_session_cb);
} }
#ifndef OPENSSL_NO_PSK #ifndef OPENSSL_NO_PSK
if (idx == 1 || idx == 2) { if (idx >= 1) {
SSL_CTX_set_psk_client_callback(cctx, psk_client_cb); SSL_CTX_set_psk_client_callback(cctx, psk_client_cb);
SSL_CTX_set_psk_server_callback(sctx, psk_server_cb); SSL_CTX_set_psk_server_callback(sctx, psk_server_cb);
} }
@ -2827,37 +2840,42 @@ static int test_tls13_psk(int idx)
psk_client_cb_cnt = 0; psk_client_cb_cnt = 0;
psk_server_cb_cnt = 0; psk_server_cb_cnt = 0;
/* Check we can create a connection if callback decides not to send a PSK */ if (idx != 3) {
if (!TEST_true(create_ssl_objects(sctx, cctx, &serverssl, &clientssl, /*
NULL, NULL)) * Check we can create a connection if callback decides not to send a
|| !TEST_true(create_ssl_connection(serverssl, clientssl, * PSK
SSL_ERROR_NONE)) */
|| !TEST_false(SSL_session_reused(clientssl)) if (!TEST_true(create_ssl_objects(sctx, cctx, &serverssl, &clientssl,
|| !TEST_false(SSL_session_reused(serverssl))) NULL, NULL))
goto end; || !TEST_true(create_ssl_connection(serverssl, clientssl,
SSL_ERROR_NONE))
|| !TEST_false(SSL_session_reused(clientssl))
|| !TEST_false(SSL_session_reused(serverssl)))
goto end;
if (idx == 0 || idx == 1) { if (idx == 0 || idx == 1) {
if (!TEST_true(use_session_cb_cnt == 1) if (!TEST_true(use_session_cb_cnt == 1)
|| !TEST_true(find_session_cb_cnt == 0) || !TEST_true(find_session_cb_cnt == 0)
/* /*
* If no old style callback then below should be 0 * If no old style callback then below should be 0
* otherwise 1 * otherwise 1
*/ */
|| !TEST_true(psk_client_cb_cnt == idx) || !TEST_true(psk_client_cb_cnt == idx)
|| !TEST_true(psk_server_cb_cnt == 0)) || !TEST_true(psk_server_cb_cnt == 0))
goto end; goto end;
} else { } else {
if (!TEST_true(use_session_cb_cnt == 0) if (!TEST_true(use_session_cb_cnt == 0)
|| !TEST_true(find_session_cb_cnt == 0) || !TEST_true(find_session_cb_cnt == 0)
|| !TEST_true(psk_client_cb_cnt == 1) || !TEST_true(psk_client_cb_cnt == 1)
|| !TEST_true(psk_server_cb_cnt == 0)) || !TEST_true(psk_server_cb_cnt == 0))
goto end; goto end;
}
shutdown_ssl_connection(serverssl, clientssl);
serverssl = clientssl = NULL;
use_session_cb_cnt = psk_client_cb_cnt = 0;
} }
shutdown_ssl_connection(serverssl, clientssl);
serverssl = clientssl = NULL;
use_session_cb_cnt = psk_client_cb_cnt = 0;
if (!TEST_true(create_ssl_objects(sctx, cctx, &serverssl, &clientssl, if (!TEST_true(create_ssl_objects(sctx, cctx, &serverssl, &clientssl,
NULL, NULL))) NULL, NULL)))
goto end; goto end;
@ -2937,39 +2955,41 @@ static int test_tls13_psk(int idx)
use_session_cb_cnt = find_session_cb_cnt = 0; use_session_cb_cnt = find_session_cb_cnt = 0;
psk_client_cb_cnt = psk_server_cb_cnt = 0; psk_client_cb_cnt = psk_server_cb_cnt = 0;
/* if (idx != 3) {
* Check that if the server rejects the PSK we can still connect, but with /*
* a full handshake * Check that if the server rejects the PSK we can still connect, but with
*/ * a full handshake
srvid = "Dummy Identity"; */
if (!TEST_true(create_ssl_objects(sctx, cctx, &serverssl, &clientssl, srvid = "Dummy Identity";
NULL, NULL)) if (!TEST_true(create_ssl_objects(sctx, cctx, &serverssl, &clientssl,
|| !TEST_true(create_ssl_connection(serverssl, clientssl, NULL, NULL))
SSL_ERROR_NONE)) || !TEST_true(create_ssl_connection(serverssl, clientssl,
|| !TEST_false(SSL_session_reused(clientssl)) SSL_ERROR_NONE))
|| !TEST_false(SSL_session_reused(serverssl))) || !TEST_false(SSL_session_reused(clientssl))
goto end; || !TEST_false(SSL_session_reused(serverssl)))
goto end;
if (idx == 0 || idx == 1) { if (idx == 0 || idx == 1) {
if (!TEST_true(use_session_cb_cnt == 1) if (!TEST_true(use_session_cb_cnt == 1)
|| !TEST_true(find_session_cb_cnt == 1) || !TEST_true(find_session_cb_cnt == 1)
|| !TEST_true(psk_client_cb_cnt == 0) || !TEST_true(psk_client_cb_cnt == 0)
/* /*
* If no old style callback then below should be 0 * If no old style callback then below should be 0
* otherwise 1 * otherwise 1
*/ */
|| !TEST_true(psk_server_cb_cnt == idx)) || !TEST_true(psk_server_cb_cnt == idx))
goto end; goto end;
} else { } else {
if (!TEST_true(use_session_cb_cnt == 0) if (!TEST_true(use_session_cb_cnt == 0)
|| !TEST_true(find_session_cb_cnt == 0) || !TEST_true(find_session_cb_cnt == 0)
|| !TEST_true(psk_client_cb_cnt == 1) || !TEST_true(psk_client_cb_cnt == 1)
|| !TEST_true(psk_server_cb_cnt == 1)) || !TEST_true(psk_server_cb_cnt == 1))
goto end; goto end;
}
shutdown_ssl_connection(serverssl, clientssl);
serverssl = clientssl = NULL;
} }
shutdown_ssl_connection(serverssl, clientssl);
serverssl = clientssl = NULL;
testresult = 1; testresult = 1;
end: end:
@ -4640,7 +4660,7 @@ int setup_tests(void)
#ifdef OPENSSL_NO_PSK #ifdef OPENSSL_NO_PSK
ADD_ALL_TESTS(test_tls13_psk, 1); ADD_ALL_TESTS(test_tls13_psk, 1);
#else #else
ADD_ALL_TESTS(test_tls13_psk, 3); ADD_ALL_TESTS(test_tls13_psk, 4);
#endif /* OPENSSL_NO_PSK */ #endif /* OPENSSL_NO_PSK */
ADD_ALL_TESTS(test_custom_exts, 5); ADD_ALL_TESTS(test_custom_exts, 5);
ADD_TEST(test_stateless); ADD_TEST(test_stateless);

View file

@ -594,12 +594,15 @@ int create_ssl_ctx_pair(const SSL_METHOD *sm, const SSL_METHOD *cm,
max_proto_version))))) max_proto_version)))))
goto err; goto err;
if (!TEST_int_eq(SSL_CTX_use_certificate_file(serverctx, certfile, if (certfile != NULL && privkeyfile != NULL) {
SSL_FILETYPE_PEM), 1) if (!TEST_int_eq(SSL_CTX_use_certificate_file(serverctx, certfile,
|| !TEST_int_eq(SSL_CTX_use_PrivateKey_file(serverctx, privkeyfile, SSL_FILETYPE_PEM), 1)
SSL_FILETYPE_PEM), 1) || !TEST_int_eq(SSL_CTX_use_PrivateKey_file(serverctx,
|| !TEST_int_eq(SSL_CTX_check_private_key(serverctx), 1)) privkeyfile,
goto err; SSL_FILETYPE_PEM), 1)
|| !TEST_int_eq(SSL_CTX_check_private_key(serverctx), 1))
goto err;
}
#ifndef OPENSSL_NO_DH #ifndef OPENSSL_NO_DH
SSL_CTX_set_dh_auto(serverctx, 1); SSL_CTX_set_dh_auto(serverctx, 1);