Add SSL tests for certificates with embedded SCTs

The only SSL tests prior to this tested using certificates with no
embedded Signed Certificate Timestamps (SCTs), which meant they couldn't
confirm whether Certificate Transparency checks in "strict" mode were
working.

These tests reveal a bug in the validation of SCT timestamps, which is
fixed by the next commit.

Reviewed-by: Rich Salz <rsalz@openssl.org>
Reviewed-by: Andy Polyakov <appro@openssl.org>
Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/3138)

test/certs/embeddedSCTs1-key.pem

@@ -0,0 +1,15 @@
+-----BEGIN RSA PRIVATE KEY-----
+MIICWwIBAAKBgQC+75jnwmh3rjhfdTJaDB0ym+3xj6r015a/BH634c4VyVui+A7k
+WL19uG+KSyUhkaeb1wDDjpwDibRc1NyaEgqyHgy0HNDnKAWkEM2cW9tdSSdyba8X
+EPYBhzd+olsaHjnu0LiBGdwVTcaPfajjDK8VijPmyVCfSgWwFAn/Xdh+tQIDAQAB
+AoGAK/daG0vt6Fkqy/hdrtSJSKUVRoGRmS2nnba4Qzlwzh1+x2kdbMFuaOu2a37g
+PvmeQclheKZ3EG1+Jb4yShwLcBCV6pkRJhOKuhvqGnjngr6uBH4gMCjpZVj7GDMf
+flYHhdJCs3Cz/TY0wKN3o1Fldil2DHR/AEOc1nImeSp5/EUCQQDjKS3W957kYtTU
+X5BeRjvg03Ug8tJq6IFuhTFvUJ+XQ5bAc0DmxAbQVKqRS7Wje59zTknVvS+MFdeQ
+pz4dGuV7AkEA1y0X2yarIls+0A/S1uwkvwRTIkfS+QwFJ1zVya8sApRdKAcidIzA
+b70hkKLilU9+LrXg5iZdFp8l752qJiw9jwJAXjItN/7mfH4fExGto+or2kbVQxxt
+9LcFNPc2UJp2ExuL37HrL8YJrUnukOF8KJaSwBWuuFsC5GwKP4maUCdfEQJAUwBR
+83c3DEmmMRvpeH4erpA8gTyzZN3+HvDwhpvLnjMcvBQEdnDUykVqbSBnxrCjO+Fs
+n1qtDczWFVf8Cj2GgQJAQ14Awx32Cn9sF+3M+sEVtlAf6CqiEbkYeYdSCbsplMmZ
+1UoaxiwXY3z+B7epsRnnPR3KaceAlAxw2/zQJMFNOQ==
+-----END RSA PRIVATE KEY-----

test/ssl-tests/12-ct.conf

@@ -1,135 +1,191 @@
 # Generated with generate_ssl_tests.pl
 
-num_tests = 4
+num_tests = 6
 
-test-0 = 0-ct-permissive
-test-1 = 1-ct-strict
-test-2 = 2-ct-permissive-resumption
-test-3 = 3-ct-strict-resumption
+test-0 = 0-ct-permissive-without-scts
+test-1 = 1-ct-permissive-with-scts
+test-2 = 2-ct-strict-without-scts
+test-3 = 3-ct-strict-with-scts
+test-4 = 4-ct-permissive-resumption
+test-5 = 5-ct-strict-resumption
 # ===========================================================
 
-[0-ct-permissive]
-ssl_conf = 0-ct-permissive-ssl
+[0-ct-permissive-without-scts]
+ssl_conf = 0-ct-permissive-without-scts-ssl
 
-[0-ct-permissive-ssl]
-server = 0-ct-permissive-server
-client = 0-ct-permissive-client
+[0-ct-permissive-without-scts-ssl]
+server = 0-ct-permissive-without-scts-server
+client = 0-ct-permissive-without-scts-client
 
-[0-ct-permissive-server]
+[0-ct-permissive-without-scts-server]
 Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
 CipherString = DEFAULT
 PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
 
-[0-ct-permissive-client]
+[0-ct-permissive-without-scts-client]
 CipherString = DEFAULT
 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
 VerifyMode = Peer
 
 [test-0]
 ExpectedResult = Success
-client = 0-ct-permissive-client-extra
+client = 0-ct-permissive-without-scts-client-extra
 
-[0-ct-permissive-client-extra]
+[0-ct-permissive-without-scts-client-extra]
 CTValidation = Permissive
 
 
 # ===========================================================
 
-[1-ct-strict]
-ssl_conf = 1-ct-strict-ssl
+[1-ct-permissive-with-scts]
+ssl_conf = 1-ct-permissive-with-scts-ssl
 
-[1-ct-strict-ssl]
-server = 1-ct-strict-server
-client = 1-ct-strict-client
+[1-ct-permissive-with-scts-ssl]
+server = 1-ct-permissive-with-scts-server
+client = 1-ct-permissive-with-scts-client
 
-[1-ct-strict-server]
-Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
+[1-ct-permissive-with-scts-server]
+Certificate = ${ENV::TEST_CERTS_DIR}/embeddedSCTs1.pem
 CipherString = DEFAULT
-PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
+PrivateKey = ${ENV::TEST_CERTS_DIR}/embeddedSCTs1-key.pem
 
-[1-ct-strict-client]
+[1-ct-permissive-with-scts-client]
 CipherString = DEFAULT
-VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
+VerifyCAFile = ${ENV::TEST_CERTS_DIR}/embeddedSCTs1_issuer.pem
 VerifyMode = Peer
 
 [test-1]
-ExpectedClientAlert = HandshakeFailure
-ExpectedResult = ClientFail
-client = 1-ct-strict-client-extra
+ExpectedResult = Success
+client = 1-ct-permissive-with-scts-client-extra
 
-[1-ct-strict-client-extra]
-CTValidation = Strict
+[1-ct-permissive-with-scts-client-extra]
+CTValidation = Permissive
 
 
 # ===========================================================
 
-[2-ct-permissive-resumption]
-ssl_conf = 2-ct-permissive-resumption-ssl
+[2-ct-strict-without-scts]
+ssl_conf = 2-ct-strict-without-scts-ssl
 
-[2-ct-permissive-resumption-ssl]
-server = 2-ct-permissive-resumption-server
-client = 2-ct-permissive-resumption-client
-resume-server = 2-ct-permissive-resumption-server
-resume-client = 2-ct-permissive-resumption-client
+[2-ct-strict-without-scts-ssl]
+server = 2-ct-strict-without-scts-server
+client = 2-ct-strict-without-scts-client
 
-[2-ct-permissive-resumption-server]
+[2-ct-strict-without-scts-server]
 Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
 CipherString = DEFAULT
 PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
 
-[2-ct-permissive-resumption-client]
+[2-ct-strict-without-scts-client]
 CipherString = DEFAULT
 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
 VerifyMode = Peer
 
 [test-2]
+ExpectedClientAlert = HandshakeFailure
+ExpectedResult = ClientFail
+client = 2-ct-strict-without-scts-client-extra
+
+[2-ct-strict-without-scts-client-extra]
+CTValidation = Strict
+
+
+# ===========================================================
+
+[3-ct-strict-with-scts]
+ssl_conf = 3-ct-strict-with-scts-ssl
+
+[3-ct-strict-with-scts-ssl]
+server = 3-ct-strict-with-scts-server
+client = 3-ct-strict-with-scts-client
+
+[3-ct-strict-with-scts-server]
+Certificate = ${ENV::TEST_CERTS_DIR}/embeddedSCTs1.pem
+CipherString = DEFAULT
+PrivateKey = ${ENV::TEST_CERTS_DIR}/embeddedSCTs1-key.pem
+
+[3-ct-strict-with-scts-client]
+CipherString = DEFAULT
+VerifyCAFile = ${ENV::TEST_CERTS_DIR}/embeddedSCTs1_issuer.pem
+VerifyMode = Peer
+
+[test-3]
+ExpectedResult = Success
+client = 3-ct-strict-with-scts-client-extra
+
+[3-ct-strict-with-scts-client-extra]
+CTValidation = Strict
+
+
+# ===========================================================
+
+[4-ct-permissive-resumption]
+ssl_conf = 4-ct-permissive-resumption-ssl
+
+[4-ct-permissive-resumption-ssl]
+server = 4-ct-permissive-resumption-server
+client = 4-ct-permissive-resumption-client
+resume-server = 4-ct-permissive-resumption-server
+resume-client = 4-ct-permissive-resumption-client
+
+[4-ct-permissive-resumption-server]
+Certificate = ${ENV::TEST_CERTS_DIR}/embeddedSCTs1.pem
+CipherString = DEFAULT
+PrivateKey = ${ENV::TEST_CERTS_DIR}/embeddedSCTs1-key.pem
+
+[4-ct-permissive-resumption-client]
+CipherString = DEFAULT
+VerifyCAFile = ${ENV::TEST_CERTS_DIR}/embeddedSCTs1_issuer.pem
+VerifyMode = Peer
+
+[test-4]
 ExpectedResult = Success
 HandshakeMode = Resume
 ResumptionExpected = Yes
-client = 2-ct-permissive-resumption-client-extra
-resume-client = 2-ct-permissive-resumption-client-extra
+client = 4-ct-permissive-resumption-client-extra
+resume-client = 4-ct-permissive-resumption-client-extra
 
-[2-ct-permissive-resumption-client-extra]
+[4-ct-permissive-resumption-client-extra]
 CTValidation = Permissive
 
 
 # ===========================================================
 
-[3-ct-strict-resumption]
-ssl_conf = 3-ct-strict-resumption-ssl
+[5-ct-strict-resumption]
+ssl_conf = 5-ct-strict-resumption-ssl
 
-[3-ct-strict-resumption-ssl]
-server = 3-ct-strict-resumption-server
-client = 3-ct-strict-resumption-client
-resume-server = 3-ct-strict-resumption-server
-resume-client = 3-ct-strict-resumption-resume-client
+[5-ct-strict-resumption-ssl]
+server = 5-ct-strict-resumption-server
+client = 5-ct-strict-resumption-client
+resume-server = 5-ct-strict-resumption-server
+resume-client = 5-ct-strict-resumption-resume-client
 
-[3-ct-strict-resumption-server]
-Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
+[5-ct-strict-resumption-server]
+Certificate = ${ENV::TEST_CERTS_DIR}/embeddedSCTs1.pem
 CipherString = DEFAULT
-PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
+PrivateKey = ${ENV::TEST_CERTS_DIR}/embeddedSCTs1-key.pem
 
-[3-ct-strict-resumption-client]
+[5-ct-strict-resumption-client]
+CipherString = DEFAULT
+VerifyCAFile = ${ENV::TEST_CERTS_DIR}/embeddedSCTs1_issuer.pem
+VerifyMode = Peer
+
+[5-ct-strict-resumption-resume-client]
 CipherString = DEFAULT
 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
 VerifyMode = Peer
 
-[3-ct-strict-resumption-resume-client]
-CipherString = DEFAULT
-VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
-VerifyMode = Peer
-
-[test-3]
+[test-5]
 ExpectedResult = Success
 HandshakeMode = Resume
 ResumptionExpected = Yes
-client = 3-ct-strict-resumption-client-extra
-resume-client = 3-ct-strict-resumption-resume-client-extra
+client = 5-ct-strict-resumption-client-extra
+resume-client = 5-ct-strict-resumption-resume-client-extra
 
-[3-ct-strict-resumption-client-extra]
-CTValidation = Permissive
+[5-ct-strict-resumption-client-extra]
+CTValidation = Strict
 
-[3-ct-strict-resumption-resume-client-extra]
+[5-ct-strict-resumption-resume-client-extra]
 CTValidation = Strict
 
 

test/ssl-tests/12-ct.conf.in

@@ -16,9 +16,8 @@ package ssltests;
 
 
 our @tests = (
-    # Currently only have tests for certs without SCTs.
     {
-        name => "ct-permissive",
+        name => "ct-permissive-without-scts",
         server => { },
         client => {
             extra => {
@@ -28,9 +27,25 @@ our @tests = (
         test => {
             "ExpectedResult" => "Success",
         },
-    }, 
+    },
     {
-        name => "ct-strict",
+        name => "ct-permissive-with-scts",
+        server => {
+            "Certificate" => test_pem("embeddedSCTs1.pem"),
+            "PrivateKey"  => test_pem("embeddedSCTs1-key.pem"),
+        },
+        client => {
+            "VerifyCAFile" => test_pem("embeddedSCTs1_issuer.pem"),
+            extra => {
+                "CTValidation" => "Permissive",
+            },
+        },
+        test => {
+            "ExpectedResult" => "Success",
+        },
+    },
+    {
+        name => "ct-strict-without-scts",
         server => { },
         client => {
             extra => {
@@ -43,9 +58,29 @@ our @tests = (
         },
     },
     {
-        name => "ct-permissive-resumption",
-        server => { },
+        name => "ct-strict-with-scts",
+        server => {
+            "Certificate" => test_pem("embeddedSCTs1.pem"),
+            "PrivateKey"  => test_pem("embeddedSCTs1-key.pem"),
+        },
         client => {
+            "VerifyCAFile" => test_pem("embeddedSCTs1_issuer.pem"),
+            extra => {
+                "CTValidation" => "Strict",
+            },
+        },
+        test => {
+            "ExpectedResult" => "Success",
+        },
+    },
+    {
+        name => "ct-permissive-resumption",
+        server => {
+            "Certificate" => test_pem("embeddedSCTs1.pem"),
+            "PrivateKey"  => test_pem("embeddedSCTs1-key.pem"),
+        },
+        client => {
+            "VerifyCAFile" => test_pem("embeddedSCTs1_issuer.pem"),
             extra => {
                 "CTValidation" => "Permissive",
             },
@@ -55,13 +90,17 @@ our @tests = (
             "ResumptionExpected" => "Yes",
             "ExpectedResult" => "Success",
         },
-    }, 
+    },
     {
         name => "ct-strict-resumption",
-        server => { },
+        server => {
+            "Certificate" => test_pem("embeddedSCTs1.pem"),
+            "PrivateKey"  => test_pem("embeddedSCTs1-key.pem"),
+        },
         client => {
+            "VerifyCAFile" => test_pem("embeddedSCTs1_issuer.pem"),
             extra => {
-                "CTValidation" => "Permissive",
+                "CTValidation" => "Strict",
             },
         },
         # SCTs are not present during resumption, so the resumption