diff options
| author | Daiki Ueno <ueno@gnu.org> | 2019-02-18 12:10:11 +0000 |
|---|---|---|
| committer | Daiki Ueno <ueno@gnu.org> | 2019-02-18 12:10:11 +0000 |
| commit | 72fb20c6c0a2a6c2e70b073994df4b48e04d3b0b (patch) | |
| tree | 7dec8dfb5c7d9f1993fa84cd75b1c6a79fd131c1 | |
| parent | cc875c0a1862845d44dff12319dbb49a50c8bd7c (diff) | |
| parent | 0396af045f073f86a37ef1dcd9d0f4934468b79e (diff) | |
| download | gnutls-72fb20c6c0a2a6c2e70b073994df4b48e04d3b0b.tar.gz | |
Merge branch 'tmp-fix-record-size-limit-resumption' into 'master'
Fix issues in record_size_limit extension handling
See merge request gnutls/gnutls!879
| -rw-r--r-- | .dir-locals.el | 3 | ||||
| -rw-r--r-- | lib/cipher.c | 9 | ||||
| -rw-r--r-- | lib/constate.c | 9 | ||||
| -rw-r--r-- | lib/ext/max_record.c | 17 | ||||
| -rw-r--r-- | lib/ext/record_size_limit.c | 68 | ||||
| -rw-r--r-- | lib/gnutls_int.h | 19 | ||||
| -rw-r--r-- | lib/hello_ext.c | 4 | ||||
| -rw-r--r-- | lib/hello_ext.h | 2 | ||||
| -rw-r--r-- | lib/record.c | 9 | ||||
| -rw-r--r-- | lib/session_pack.c | 15 | ||||
| -rw-r--r-- | tests/suite/tls-fuzzer/gnutls-nocert-tls13.json | 27 | ||||
| -rw-r--r-- | tests/suite/tls-fuzzer/gnutls-nocert.json | 31 | ||||
| m--------- | tests/suite/tls-fuzzer/tlsfuzzer | 0 | ||||
| -rw-r--r-- | tests/tls-record-size-limit.c | 223 | ||||
| -rw-r--r-- | tests/tls13/prf.c | 8 |
15 files changed, 320 insertions, 124 deletions
diff --git a/.dir-locals.el b/.dir-locals.el index 042381f63b..e40e4962ab 100644 --- a/.dir-locals.el +++ b/.dir-locals.el @@ -1 +1,2 @@ -((c-mode . ((c-file-style . "linux")))) +((c-mode . ((c-file-style . "linux"))) + (js-mode . ((indent-tabs-mode . nil)))) diff --git a/lib/cipher.c b/lib/cipher.c index 3ea1cb1bb2..28075b00d1 100644 --- a/lib/cipher.c +++ b/lib/cipher.c @@ -872,6 +872,15 @@ decrypt_packet_tls13(gnutls_session_t session, if (unlikely(ret < 0)) return gnutls_assert_val(ret); + /* 1 octet for content type */ + if (length > max_decrypted_size(session) + 1) { + _gnutls_audit_log + (session, "Received packet with illegal length: %u\n", + (unsigned int) length); + + return gnutls_assert_val(GNUTLS_E_RECORD_OVERFLOW); + } + length_set = 0; /* now figure the actual data size. We intentionally iterate through all data, diff --git a/lib/constate.c b/lib/constate.c index fbbff886e9..e6ed8a3532 100644 --- a/lib/constate.c +++ b/lib/constate.c @@ -822,6 +822,15 @@ int _gnutls_write_connection_state_init(gnutls_session_t session) session->security_parameters.epoch_next; int ret; + /* reset max_record_recv_size if it was negotiated in the + * previous handshake using the record_size_limit extension */ + if (session->security_parameters.max_record_recv_size != + session->security_parameters.max_record_send_size && + !(session->internals.hsk_flags & HSK_RECORD_SIZE_LIMIT_NEGOTIATED) && + session->security_parameters.entity == GNUTLS_SERVER) + session->security_parameters.max_record_recv_size = + session->security_parameters.max_record_send_size; + /* Update internals from CipherSuite selected. * If we are resuming just copy the connection session */ diff --git a/lib/ext/max_record.c b/lib/ext/max_record.c index 2a7a9d3496..c67920376e 100644 --- a/lib/ext/max_record.c +++ b/lib/ext/max_record.c @@ -153,16 +153,16 @@ _gnutls_max_record_send_params(gnutls_session_t session, } else { /* server side */ + if (session->internals.hsk_flags & HSK_RECORD_SIZE_LIMIT_SENT) + return 0; + if (session->security_parameters.max_record_recv_size != DEFAULT_MAX_RECORD_SIZE) { ret = _gnutls_mre_record2num (session->security_parameters. max_record_recv_size); - - /* it's not an error, as long as we send the - * record_size_limit extension with that value */ if (ret < 0) - return 0; + return gnutls_assert_val(ret); p = (uint8_t) ret; ret = _gnutls_buffer_append_data(extdata, &p, 1); @@ -240,8 +240,7 @@ size_t gnutls_record_get_max_size(gnutls_session_t session) * @size: is the new size * * This function sets the maximum record packet size in this - * connection. This property can only be set to clients. The server - * may choose not to accept the requested size. + * connection. * * The requested record size does get in effect immediately only while * sending data. The receive part will take effect after a successful @@ -255,14 +254,14 @@ size_t gnutls_record_get_max_size(gnutls_session_t session) * 512 and 16384. Note that not all TLS implementations use or even * understand those extension. * + * In TLS 1.3, the value is the length of plaintext content plus its + * padding, excluding content type octet. + * * Returns: On success, %GNUTLS_E_SUCCESS (0) is returned, * otherwise a negative error code is returned. **/ ssize_t gnutls_record_set_max_size(gnutls_session_t session, size_t size) { - if (session->security_parameters.entity == GNUTLS_SERVER) - return GNUTLS_E_INVALID_REQUEST; - if (size < MIN_RECORD_SIZE || size > DEFAULT_MAX_RECORD_SIZE) return GNUTLS_E_INVALID_REQUEST; diff --git a/lib/ext/record_size_limit.c b/lib/ext/record_size_limit.c index c74ae81e4b..4c7698ea20 100644 --- a/lib/ext/record_size_limit.c +++ b/lib/ext/record_size_limit.c @@ -52,6 +52,7 @@ _gnutls_record_size_limit_recv_params(gnutls_session_t session, { ssize_t new_size; ssize_t data_size = _data_size; + const version_entry_st *vers; DECR_LEN(data_size, 2); if (data_size != 0) @@ -62,19 +63,35 @@ _gnutls_record_size_limit_recv_params(gnutls_session_t session, if (new_size < 64) return gnutls_assert_val(GNUTLS_E_RECEIVED_ILLEGAL_PARAMETER); - /* we do not want to accept sizes less than our minimum */ - if (new_size < MIN_RECORD_SIZE) - return 0; + session->internals.hsk_flags |= HSK_RECORD_SIZE_LIMIT_RECEIVED; + + /* we do not want to accept sizes outside of our supported range */ + if (new_size < MIN_RECORD_SIZE) { + /* for server, reject it by omitting the extension in the reply */ + if (session->security_parameters.entity == GNUTLS_SERVER) { + _gnutls_handshake_log("EXT[%p]: client requested too small record_size_limit %u; ignoring\n", + session, (unsigned)new_size); + return gnutls_assert_val(0); + } else { + _gnutls_handshake_log("EXT[%p]: server requested too small record_size_limit %u; closing the connection\n", + session, (unsigned)new_size); + return gnutls_assert_val(GNUTLS_E_RECEIVED_ILLEGAL_PARAMETER); + } + } session->internals.hsk_flags |= HSK_RECORD_SIZE_LIMIT_NEGOTIATED; - /* if a larger record size limit than the protocol limit is - * provided by the peer, ignore it and stick to the default */ - if (unlikely(new_size > DEFAULT_MAX_RECORD_SIZE)) - return gnutls_assert_val(0); + _gnutls_handshake_log("EXT[%p]: record_size_limit %u negotiated\n", + session, (unsigned)new_size); - session->security_parameters.max_record_send_size = new_size; - session->security_parameters.max_record_recv_size = new_size; + /* subtract 1 octet for content type */ + vers = get_version(session); + if (unlikely(vers == NULL)) + return gnutls_assert_val(GNUTLS_E_INTERNAL_ERROR); + + session->security_parameters.max_record_recv_size = + MIN(new_size - vers->tls13_sem, + session->security_parameters.max_record_send_size); return 0; } @@ -86,15 +103,44 @@ _gnutls_record_size_limit_send_params(gnutls_session_t session, gnutls_buffer_st * extdata) { int ret; + uint16_t send_size; assert(session->security_parameters.max_record_send_size >= 64 && session->security_parameters.max_record_send_size <= DEFAULT_MAX_RECORD_SIZE); - ret = _gnutls_buffer_append_prefix(extdata, 16, - session->security_parameters.max_record_send_size); + send_size = session->security_parameters.max_record_send_size; + + if (session->security_parameters.entity == GNUTLS_SERVER) { + const version_entry_st *vers; + + /* if we had received the extension and rejected, don't send it */ + if (session->internals.hsk_flags & HSK_RECORD_SIZE_LIMIT_RECEIVED && + !(session->internals.hsk_flags & HSK_RECORD_SIZE_LIMIT_NEGOTIATED)) + return gnutls_assert_val(0); + + /* add 1 octet for content type */ + vers = get_version(session); + if (unlikely(vers == NULL)) + return gnutls_assert_val(GNUTLS_E_INTERNAL_ERROR); + + send_size += vers->tls13_sem; + } else { + const version_entry_st *vers; + + /* add 1 octet for content type */ + vers = _gnutls_version_max(session); + if (unlikely(vers == NULL)) + return gnutls_assert_val(GNUTLS_E_INTERNAL_ERROR); + + send_size += vers->tls13_sem; + } + + ret = _gnutls_buffer_append_prefix(extdata, 16, send_size); if (ret < 0) return gnutls_assert_val(ret); + session->internals.hsk_flags |= HSK_RECORD_SIZE_LIMIT_SENT; + return 2; } diff --git a/lib/gnutls_int.h b/lib/gnutls_int.h index 93ffd7cee9..2352299cd8 100644 --- a/lib/gnutls_int.h +++ b/lib/gnutls_int.h @@ -325,8 +325,7 @@ typedef enum recv_state_t { /* IDs are allocated in a way that all values fit in 64-bit integer as (1<<val) */ typedef enum extensions_t { GNUTLS_EXTENSION_INVALID = 0xffff, - GNUTLS_EXTENSION_MAX_RECORD_SIZE = 0, - GNUTLS_EXTENSION_STATUS_REQUEST, + GNUTLS_EXTENSION_STATUS_REQUEST = 0, GNUTLS_EXTENSION_CERT_TYPE, GNUTLS_EXTENSION_CLIENT_CERT_TYPE, GNUTLS_EXTENSION_SERVER_CERT_TYPE, @@ -349,6 +348,7 @@ typedef enum extensions_t { GNUTLS_EXTENSION_EARLY_DATA, GNUTLS_EXTENSION_PSK_KE_MODES, GNUTLS_EXTENSION_RECORD_SIZE_LIMIT, + GNUTLS_EXTENSION_MAX_RECORD_SIZE, /* * pre_shared_key and dumbfw must always be the last extensions, * in that order */ @@ -1357,6 +1357,8 @@ typedef struct { * server: intend to process early data */ #define HSK_RECORD_SIZE_LIMIT_NEGOTIATED (1<<24) +#define HSK_RECORD_SIZE_LIMIT_SENT (1<<25) /* record_size_limit extension was sent */ +#define HSK_RECORD_SIZE_LIMIT_RECEIVED (1<<26) /* server: record_size_limit extension was seen but not accepted yet */ /* The hsk_flags are for use within the ongoing handshake; * they are reset to zero prior to handshake start by gnutls_handshake. */ @@ -1546,17 +1548,20 @@ inline static int _gnutls_set_current_version(gnutls_session_t s, unsigned v) return 0; } +/* Returns the maximum size of the plaintext to be sent, considering + * both user-specified/negotiated maximum values. + */ inline static size_t max_user_send_size(gnutls_session_t session, record_parameters_st * record_params) { size_t max; - if (IS_DTLS(session)) { - max = MIN(gnutls_dtls_get_data_mtu(session), session->security_parameters.max_record_send_size); - } else { - max = session->security_parameters.max_record_send_size; - } + max = MIN(session->security_parameters.max_record_send_size, + session->security_parameters.max_record_recv_size); + + if (IS_DTLS(session)) + max = MIN(gnutls_dtls_get_data_mtu(session), max); return max; } diff --git a/lib/hello_ext.c b/lib/hello_ext.c index 5692a14d2d..2d7cd806f6 100644 --- a/lib/hello_ext.c +++ b/lib/hello_ext.c @@ -64,7 +64,6 @@ unset_ext_data(gnutls_session_t session, const struct hello_ext_entry_st *, unsi static void unset_resumed_ext_data(gnutls_session_t session, const struct hello_ext_entry_st *, unsigned idx); static hello_ext_entry_st const *extfunc[MAX_EXT_TYPES+1] = { - [GNUTLS_EXTENSION_MAX_RECORD_SIZE] = &ext_mod_max_record_size, [GNUTLS_EXTENSION_EXT_MASTER_SECRET] = &ext_mod_ext_master_secret, [GNUTLS_EXTENSION_SUPPORTED_VERSIONS] = &ext_mod_supported_versions, [GNUTLS_EXTENSION_POST_HANDSHAKE] = &ext_mod_post_handshake, @@ -95,9 +94,10 @@ static hello_ext_entry_st const *extfunc[MAX_EXT_TYPES+1] = { #ifdef ENABLE_ALPN [GNUTLS_EXTENSION_ALPN] = &ext_mod_alpn, #endif + [GNUTLS_EXTENSION_RECORD_SIZE_LIMIT] = &ext_mod_record_size_limit, + [GNUTLS_EXTENSION_MAX_RECORD_SIZE] = &ext_mod_max_record_size, [GNUTLS_EXTENSION_PSK_KE_MODES] = &ext_mod_psk_ke_modes, [GNUTLS_EXTENSION_PRE_SHARED_KEY] = &ext_mod_pre_shared_key, - [GNUTLS_EXTENSION_RECORD_SIZE_LIMIT] = &ext_mod_record_size_limit, /* This must be the last extension registered. */ [GNUTLS_EXTENSION_DUMBFW] = &ext_mod_dumbfw, diff --git a/lib/hello_ext.h b/lib/hello_ext.h index 1ad16e19d7..55bdbe86d3 100644 --- a/lib/hello_ext.h +++ b/lib/hello_ext.h @@ -159,7 +159,7 @@ typedef struct hello_ext_entry_st { inline static unsigned _gnutls_hello_ext_is_present(gnutls_session_t session, extensions_t id) { - if (id != 0 && ((1 << id) & session->internals.used_exts)) + if ((1 << id) & session->internals.used_exts) return 1; return 0; diff --git a/lib/record.c b/lib/record.c index 2dc997d09b..08aad540db 100644 --- a/lib/record.c +++ b/lib/record.c @@ -1547,6 +1547,15 @@ _gnutls_recv_in_buffers(gnutls_session_t session, content_type_t type, goto begin; } + if (_mbuffer_get_udata_size(decrypted) > max_decrypted_size(session)) { + _gnutls_audit_log + (session, "Received packet with illegal length: %u\n", + (unsigned int) ret); + + ret = gnutls_assert_val(GNUTLS_E_RECORD_OVERFLOW); + goto sanity_check_error; + } + #ifdef ENABLE_SSL2 if (record.v2) { decrypted->htype = GNUTLS_HANDSHAKE_CLIENT_HELLO_V2; diff --git a/lib/session_pack.c b/lib/session_pack.c index eec594e38e..da74f45e0c 100644 --- a/lib/session_pack.c +++ b/lib/session_pack.c @@ -923,9 +923,18 @@ pack_security_parameters(gnutls_session_t session, gnutls_buffer_st * ps) BUFFER_APPEND_NUM(ps, session->security_parameters. max_record_send_size); - BUFFER_APPEND_NUM(ps, - session->security_parameters. - max_record_recv_size); + + /* reset max_record_recv_size if it was negotiated + * using the record_size_limit extension */ + if (session->internals.hsk_flags & HSK_RECORD_SIZE_LIMIT_NEGOTIATED) { + BUFFER_APPEND_NUM(ps, + session->security_parameters. + max_record_send_size); + } else { + BUFFER_APPEND_NUM(ps, + session->security_parameters. + max_record_recv_size); + } if (session->security_parameters.grp) { BUFFER_APPEND_NUM(ps, session->security_parameters.grp->id); diff --git a/tests/suite/tls-fuzzer/gnutls-nocert-tls13.json b/tests/suite/tls-fuzzer/gnutls-nocert-tls13.json index 06fbf92351..c764130306 100644 --- a/tests/suite/tls-fuzzer/gnutls-nocert-tls13.json +++ b/tests/suite/tls-fuzzer/gnutls-nocert-tls13.json @@ -12,6 +12,33 @@ "server_hostname": "localhost", "server_port": @PORT@, "tests" : [ + {"name" : "test-record-size-limit.py", + "comment" : "changed extension after HRR is not supported #617", + "arguments" : ["-p", "@PORT@", "--reply-AD-size", "685", + "--minimal-size", "512", + "-e", "change size in TLS 1.2 resumption", + "-e", "change size in TLS 1.3 session resumption", + "-e", "check if server accepts maximum size in TLS 1.0", + "-e", "check if server accepts maximum size in TLS 1.1", + "-e", "check if server accepts maximum size in TLS 1.2", + "-e", "check if server accepts minimal size in TLS 1.0", + "-e", "check if server accepts minimal size in TLS 1.1", + "-e", "check if server accepts minimal size in TLS 1.2", + "-e", "check interaction with sha256 prf", + "-e", "check interaction with sha384 prf", + "-e", "check server sent size in TLS 1.0", + "-e", "check server sent size in TLS 1.1", + "-e", "check server sent size in TLS 1.2", + "-e", "drop extension in TLS 1.2 resumption", + "-e", "drop extension in TLS 1.3 session resumption", + "-e", "modified extension in 2nd CH in HRR handshake", + "-e", "renegotiation with changed limit", + "-e", "renegotiation with dropped extension"] }, + {"name" : "test-record-size-limit.py", + "arguments" : ["-p", "@PORT@", "--reply-AD-size", "672", + "--minimal-size", "512", + "change size in TLS 1.3 session resumption", + "drop extension in TLS 1.3 session resumption"] }, {"name" : "test-tls13-0rtt-garbage.py", "arguments": ["-p", "@PORT@"]}, {"name" : "test-tls13-ccs.py", diff --git a/tests/suite/tls-fuzzer/gnutls-nocert.json b/tests/suite/tls-fuzzer/gnutls-nocert.json index 04376f40ea..fe7a6fff17 100644 --- a/tests/suite/tls-fuzzer/gnutls-nocert.json +++ b/tests/suite/tls-fuzzer/gnutls-nocert.json @@ -231,27 +231,34 @@ "-e", "small, maximum fragmentation: 1 fragment - 20B extension", "-e", "medium, maximum fragmentation: 1 fragment - 1024B extension"]}, {"name" : "test-record-size-limit.py", - "comment" : "These tests rely on too small lower limit we don't support; TLS 1.3 high limit is not what we expect; 1/n-1 splitting is not supported in TLS 1.0; we don't reject too large appliation_data records in TLS 1.2 #676", - "arguments" : ["-p", "@PORT@", "--reply-AD-size", "{expected_size}", - "-e", "change size in TLS 1.2 resumption", - "-e", "change size in TLS 1.3 session resumption", + "comment" : "TLS 1.3 tests are done separately; 1/n-1 splitting is not supported in TLS 1.0", + "arguments" : ["-p", "@PORT@", "--reply-AD-size", "821", + "--minimal-size", "512", "-e", "check if server accepts maximum size in TLS 1.0", "-e", "check if server accepts maximum size in TLS 1.3", "-e", "check if server accepts minimal size in TLS 1.0", - "-e", "check if server accepts minimal size in TLS 1.1", - "-e", "check if server accepts minimal size in TLS 1.2", "-e", "check if server accepts minimal size in TLS 1.3", + "-e", "check if server omits extension for unrecognized size 64 in TLS 1.3", + "-e", "check if server omits extension for unrecognized size 511 in TLS 1.3", "-e", "check interaction with sha256 prf", "-e", "check interaction with sha384 prf", "-e", "check server sent size in TLS 1.0", "-e", "check server sent size in TLS 1.3", - "-e", "drop extension in TLS 1.3 session resumption", "-e", "HRR sanity", - "-e", "modified extension in 2nd CH in HRR handshake", - "-e", "renegotiation with changed limit", - "-e", "renegotiation with dropped extension", - "-e", "too large record in TLS 1.2", - "-e", "too large record payload in TLS 1.3"] }, + "-e", "too large record payload in TLS 1.3", + "-e", "change size in TLS 1.3 session resumption", + "-e", "drop extension in TLS 1.3 session resumption", + "-e", "modified extension in 2nd CH in HRR handshake"] }, + {"name" : "test-record-size-limit.py", + "comment" : "The reply includes PRF algorithm and affects the AD size", + "arguments" : ["-p", "@PORT@", "--reply-AD-size", "827", + "--minimal-size", "512", + "check interaction with sha256 prf"] }, + {"name" : "test-record-size-limit.py", + "comment" : "The reply includes PRF algorithm and affects the AD size", + "arguments" : ["-p", "@PORT@", "--reply-AD-size", "816", + "--minimal-size", "512", + "check interaction with sha384 prf"] }, {"name" : "test-sessionID-resumption.py", "arguments" : ["-p", "@PORT@"] }, {"name" : "test-serverhello-random.py", diff --git a/tests/suite/tls-fuzzer/tlsfuzzer b/tests/suite/tls-fuzzer/tlsfuzzer -Subproject 7b2ebe4c8bd06e5a1059a8aeb5bfe2b014e2b52 +Subproject a520d50cf84aba0126d1e09b12fd0038af0944b diff --git a/tests/tls-record-size-limit.c b/tests/tls-record-size-limit.c index 8c9729719f..8346ee56d9 100644 --- a/tests/tls-record-size-limit.c +++ b/tests/tls-record-size-limit.c @@ -52,9 +52,10 @@ #define HANDSHAKE_SESSION_ID_POS 34 -static size_t max_record_size; +static size_t server_max_send_size; +static size_t client_max_send_size; -#define SERVER_PUSH_ADD if (len > max_record_size + 5+32) fail("max record set to %d, len: %d\n", (int)max_record_size, (int)len); +#define SERVER_PUSH_ADD if (len > server_max_send_size + 5+32) fail("max record set to %d, len: %d\n", (int)server_max_send_size, (int)len); #include "eagain-common.h" #include "cert-common.h" @@ -136,22 +137,23 @@ static int handshake_callback(gnutls_session_t session, unsigned int htype, #define MAX_BUF 16384 static char buffer[MAX_BUF]; -struct test_ext_st { +struct test_exp_st { + int error; + size_t size; bool max_record_size; bool record_size_limit; }; struct test_st { const char *prio; - size_t max_size; + size_t server_max_size; + size_t client_max_size; - int expect_error; - size_t expect_size; - struct test_ext_st expect_server_ext; - struct test_ext_st expect_client_ext; + struct test_exp_st server_exp; + struct test_exp_st client_exp; }; -static void check_exts(const struct test_ext_st *exp, +static void check_exts(const struct test_exp_st *exp, struct handshake_cb_data_st *data) { if (exp->max_record_size && !data->found_max_record_size) @@ -198,6 +200,15 @@ static void start(const struct test_st *test) serverx509cred); gnutls_priority_set_direct(server, test->prio, NULL); + + ret = gnutls_record_set_max_size(server, test->server_max_size); + if (ret != test->server_exp.error) + fail("server: unexpected error from gnutls_record_set_max_size()"); + if (ret == 0) + server_max_send_size = test->server_max_size; + else + server_max_send_size = MAX_BUF; + gnutls_transport_set_push_function(server, server_push); gnutls_transport_set_pull_function(server, server_pull); gnutls_transport_set_pull_timeout_function(server, @@ -233,13 +244,13 @@ static void start(const struct test_st *test) if (ret < 0) exit(1); - ret = gnutls_record_set_max_size(client, test->max_size); - if (ret != test->expect_error) - fail("unexpected error from gnutls_record_set_max_size()"); + ret = gnutls_record_set_max_size(client, test->client_max_size); + if (ret != test->client_exp.error) + fail("client: unexpected error from gnutls_record_set_max_size()"); if (ret == 0) - max_record_size = test->max_size; + client_max_send_size = test->client_max_size; else - max_record_size = MAX_BUF; + client_max_send_size = MAX_BUF; gnutls_transport_set_push_function(client, client_push); gnutls_transport_set_pull_function(client, client_pull); @@ -256,22 +267,39 @@ static void start(const struct test_st *test) HANDSHAKE(client, server); memset(buffer, 1, sizeof(buffer)); - ret = gnutls_record_send(server, buffer, max_record_size + 1); + ret = gnutls_record_send(server, buffer, server_max_send_size + 1); if (ret < 0) { gnutls_perror(ret); exit(1); } - if (ret != (int)test->expect_size) - fail("unexpected record size sent: %d (%d)\n", - ret, (int)test->expect_size); - success("did not send a %d-byte packet\n", (int)max_record_size + 1); + if (ret != (int)test->server_exp.size) + fail("server: unexpected record size sent: %d (%d)\n", + ret, (int)test->server_exp.size); + success("server: did not send a %d-byte packet\n", (int)server_max_send_size + 1); - ret = gnutls_record_send(server, buffer, max_record_size); + ret = gnutls_record_send(server, buffer, server_max_send_size); if (ret < 0) { gnutls_perror(ret); exit(1); } - success("did send a %d-byte packet\n", (int)max_record_size); + success("server: did send a %d-byte packet\n", (int)server_max_send_size); + + ret = gnutls_record_send(client, buffer, client_max_send_size + 1); + if (ret < 0) { + gnutls_perror(ret); + exit(1); + } + if (ret != (int)test->client_exp.size) + fail("client: unexpected record size sent: %d (%d)\n", + ret, (int)test->client_exp.size); + success("client: did not send a %d-byte packet\n", (int)client_max_send_size + 1); + + ret = gnutls_record_send(client, buffer, client_max_send_size); + if (ret < 0) { + gnutls_perror(ret); + exit(1); + } + success("client: did send a %d-byte packet\n", (int)client_max_send_size); gnutls_bye(client, GNUTLS_SHUT_RDWR); gnutls_bye(server, GNUTLS_SHUT_RDWR); @@ -286,79 +314,94 @@ static void start(const struct test_st *test) reset_buffers(); - check_exts(&test->expect_server_ext, + check_exts(&test->server_exp, &server_handshake_cb_data); - check_exts(&test->expect_client_ext, + check_exts(&test->client_exp, &client_handshake_cb_data); } static const struct test_st tests[] = { { .prio = "NORMAL:-VERS-ALL:+VERS-TLS1.2", - .max_size = 511, - .expect_error = GNUTLS_E_INVALID_REQUEST, - .expect_size = 16384, - .expect_server_ext = { + .server_max_size = 511, + .client_max_size = 511, + .server_exp = { + .error = GNUTLS_E_INVALID_REQUEST, + .size = 16384, .max_record_size = 0, .record_size_limit = 1 }, - .expect_client_ext = { + .client_exp = { + .error = GNUTLS_E_INVALID_REQUEST, + .size = 16384, .max_record_size = 0, .record_size_limit = 1 } }, { .prio = "NORMAL:-VERS-ALL:+VERS-TLS1.2", - .max_size = 512, - .expect_error = 0, - .expect_size = 512, - .expect_server_ext = { + .server_max_size = 512, + .client_max_size = 512, + .server_exp = { + .error = 0, + .size = 512, .max_record_size = 1, .record_size_limit = 1 }, - .expect_client_ext = { + .client_exp = { + .error = 0, + .size = 512, .max_record_size = 0, .record_size_limit = 1 } }, { .prio = "NORMAL:-VERS-ALL:+VERS-TLS1.2", - .max_size = 8192, - .expect_error = 0, - .expect_size = 8192, - .expect_server_ext = { + .server_max_size = 8192, + .client_max_size = 8192, + .server_exp = { + .error = 0, + .size = 8192, .max_record_size = 0, .record_size_limit = 1 }, - .expect_client_ext = { + .client_exp = { + .error = 0, + .size = 8192, .max_record_size = 0, .record_size_limit = 1 } }, { .prio = "NORMAL:-VERS-ALL:+VERS-TLS1.2", - .max_size = 16384, - .expect_error = 0, - .expect_size = 16384, - .expect_server_ext = { + .server_max_size = 16384, + .client_max_size = 16384, + .server_exp = { + .error = 0, + .size = 16384, .max_record_size = 0, .record_size_limit = 1 }, - .expect_client_ext = { + .client_exp = { + .error = 0, + .size = 16384, .max_record_size = 0, .record_size_limit = 1 } }, { .prio = "NORMAL:-VERS-ALL:+VERS-TLS1.2", - .max_size = 16385, - .expect_error = GNUTLS_E_INVALID_REQUEST, - .expect_size = 16384, - .expect_server_ext = { + .server_max_size = 16385, + .client_max_size = 16385, + .server_exp = { + .error = GNUTLS_E_INVALID_REQUEST, + .size = 16384, .max_record_size = 0, .record_size_limit = 1 }, - .expect_client_ext = { + .client_exp = { + .error = GNUTLS_E_INVALID_REQUEST, + .size = 16384, .max_record_size = 0, .record_size_limit = 1 } @@ -366,70 +409,102 @@ static const struct test_st tests[] = { { .prio = "NORMAL:-VERS-ALL:+VERS-TLS1.3", - .max_size = 511, - .expect_error = GNUTLS_E_INVALID_REQUEST, - .expect_size = 16384, - .expect_server_ext = { + .server_max_size = 511, + .client_max_size = 511, + .server_exp = { + .error = GNUTLS_E_INVALID_REQUEST, + .size = 16384, .max_record_size = 0, .record_size_limit = 1 }, - .expect_client_ext = { + .client_exp = { + .error = GNUTLS_E_INVALID_REQUEST, + .size = 16384, .max_record_size = 0, .record_size_limit = 1 } - }, + }, { .prio = "NORMAL:-VERS-ALL:+VERS-TLS1.3", - .max_size = 512, - .expect_error = 0, - .expect_size = 512, - .expect_server_ext = { + .server_max_size = 512, + .client_max_size = 512, + .server_exp = { + .error = 0, + .size = 512, .max_record_size = 1, .record_size_limit = 1 }, - .expect_client_ext = { + .client_exp = { + .error = 0, + .size = 512, + .max_record_size = 0, + .record_size_limit = 1 + } + }, + { + .prio = "NORMAL:-VERS-ALL:+VERS-TLS1.3", + .server_max_size = 8192, + .client_max_size = 8192, + .server_exp = { + .error = 0, + .size = 8192, + .max_record_size = 0, + .record_size_limit = 1 + }, + .client_exp = { + .error = 0, + .size = 8192, .max_record_size = 0, .record_size_limit = 1 } }, { .prio = "NORMAL:-VERS-ALL:+VERS-TLS1.3", - .max_size = 8192, - .expect_error = 0, - .expect_size = 8192, - .expect_server_ext = { + .server_max_size = 16384, + .client_max_size = 16384, + .server_exp = { + .error = 0, + .size = 16384, .max_record_size = 0, .record_size_limit = 1 }, - .expect_client_ext = { + .client_exp = { + .error = 0, + .size = 16384, .max_record_size = 0, .record_size_limit = 1 } }, { .prio = "NORMAL:-VERS-ALL:+VERS-TLS1.3", - .max_size = 16384, - .expect_error = 0, - .expect_size = 16384, - .expect_server_ext = { + .server_max_size = 16383, + .client_max_size = 16384, + .server_exp = { + .error = 0, + .size = 16383, .max_record_size = 0, .record_size_limit = 1 }, - .expect_client_ext = { + .client_exp = { + .error = 0, + .size = 16383, .max_record_size = 0, .record_size_limit = 1 } }, { .prio = "NORMAL:-VERS-ALL:+VERS-TLS1.3", - .max_size = 16385, - .expect_error = GNUTLS_E_INVALID_REQUEST, - .expect_size = 16384, - .expect_server_ext = { + .server_max_size = 16385, + .client_max_size = 16385, + .server_exp = { + .error = GNUTLS_E_INVALID_REQUEST, + .size = 16384, .max_record_size = 0, .record_size_limit = 1 }, - .expect_client_ext = { + .client_exp = { + .error = GNUTLS_E_INVALID_REQUEST, + .size = 16384, .max_record_size = 0, .record_size_limit = 1 } diff --git a/tests/tls13/prf.c b/tests/tls13/prf.c index 75daff59d4..fda8ce6843 100644 --- a/tests/tls13/prf.c +++ b/tests/tls13/prf.c @@ -130,10 +130,10 @@ static void dump(const char *name, const uint8_t *data, unsigned data_size) } \ } -#define KEY_EXP_VALUE "\xfb\xcb\x96\x87\x8c\x64\x8b\x60\xef\xdc\x76\xb0\x7c\x3b\xd1\x50\x1e\xb1\x3f\x39\xb2\x20\x74\x2c\xb2\x76\x12\x9f\xfc\xad\xb9\xce\x1d\x9a" -#define HELLO_VALUE "\x61\x32\x14\x81\x9b\xa0\x43\xcd\x39\xbf\x63\x18\x7c\xb7\xf3\x02\x65\xab\x2c\xa4\xaf\xbc\x1c\x7a\x1d\xa4\xc5\x28\x8f\x45\x68" -#define CONTEXT_VALUE "\xa7\x3c\xa7\x59\x94\x33\xb4\x97\x90\x92\x8c\xe2\x39\xda\x56\x42\x4a\xeb\xeb\xab\x73\xc4\x20\xf0\x34\x4f\xda\xf8\x17\xf5\xbd" -#define NULL_CONTEXT_VALUE "\x66\xa1\x0a\xcb\xfa\x28\x85\x79\xa3\x30\xeb\xc5\xd5\x50\x62\xdd\xb4\x9c\xa7\x0b\x0b\xe0\x28\x03\x18\xfb\x32\x3d\x37\xf2\xe5" +#define KEY_EXP_VALUE "\xec\x26\x9e\x8c\x5f\xff\x5c\xb2\x60\x4f\x82\xe7\x6b\xb9\x70\x40\xb9\x2d\x2f\xe7\x41\xa8\xe7\xfa\x03\x7c\xe8\x6d\xfa\xda\xc2\xa9\x3f\x58" +#define HELLO_VALUE "\xd4\x74\x4a\x09\x28\x0a\x99\xb9\xa4\x5b\x51\x5b\x80\xe7\x50\x1c\x16\xca\x57\x78\xf0\xe5\xa1\x94\x6b\x20\x2b\x14\xff\x2b\x53" +#define CONTEXT_VALUE "\x8d\xde\xea\x58\xab\x90\xaf\x6c\x5c\x7a\x69\xbf\x8a\xd2\x16\xb4\x0f\x75\xb8\x63\xdb\x86\xe7\x66\x04\x59\xac\x57\xe0\x03\x37" +#define NULL_CONTEXT_VALUE "\x6c\x1a\x10\x1f\xa9\x5a\xfd\xcd\xf4\xcf\x27\x09\x00\xa8\xca\x8e\x8a\x56\xfb\x80\xf0\x0d\xb3\xa6\xe9\x4a\x5f\xe0\x0c\x31\xd9" static void check_prfs(gnutls_session_t session) { unsigned char key_material[512]; |