diff options
39 files changed, 685 insertions, 261 deletions
diff --git a/.dir-locals.el b/.dir-locals.el index 042381f63b..e40e4962ab 100644 --- a/.dir-locals.el +++ b/.dir-locals.el @@ -1 +1,2 @@ -((c-mode . ((c-file-style . "linux")))) +((c-mode . ((c-file-style . "linux"))) + (js-mode . ((indent-tabs-mode . nil)))) @@ -13,6 +13,15 @@ See the end for copying conditions. an inappropriate for TLS1.3 certificate is seen on the credentials structure GnuTLS will disable TLS1.3 support for that session (#690). +** libgnutls: enforce the equality of the two signature parameters fields in + a certificate. We were already enforcing the signature algorithm, but there + was a bug in parameter checking code. + +** libgnutls: no longer send downgrade sentinel in TLS 1.3. + Previously the sentinel value was embedded to early in version + negotiation and was sent even on TLS 1.3. It is now sent only when + TLS 1.2 or earlier is negotiated (#689). + ** API and ABI modifications: No changes since last version. diff --git a/bootstrap.conf b/bootstrap.conf index 7d10d5c792..2b04d686ec 100644 --- a/bootstrap.conf +++ b/bootstrap.conf @@ -24,7 +24,6 @@ use_libtool=1 checkout_only_file= local_gl_dir=gl/override/ required_submodules="tests/suite/tls-fuzzer/python-ecdsa tests/suite/tls-fuzzer/tlsfuzzer tests/suite/tls-fuzzer/tlslite-ng" -GNULIB_SRCDIR="${GNULIB_SRCDIR:-./gnulib/}" # Reproduce by: gnulib-tool --import --local-dir=gl/override --lib=libgnu --source-base=gl --m4-base=gl/m4 --doc-base=doc --tests-base=gl/tests --aux-dir=build-aux --with-tests --avoid=alignof-tests --avoid=lock-tests --avoid=lseek-tests --lgpl=2 --no-conditional-dependencies --libtool --macro-prefix=gl --no-vc-files alloca byteswap c-ctype extensions func gendocs getline gettext-h gettimeofday hash-pjw-bare havelib intprops lib-msvc-compat lib-symbol-versions maintainer-makefile manywarnings memmem-simple minmax netdb netinet_in pmccabe2html read-file secure_getenv snprintf stdint strcase strndup strtok_r strverscmp sys_socket sys_stat time_r unistd vasprintf vsnprintf warnings @@ -74,15 +73,18 @@ for mod in $required_submodules;do git submodule update --init $git_options $mod done - -deps=$(${GNULIB_SRCDIR}/gnulib-tool --extract-recursive-dependencies ${gnulib_modules}) -deps="echo -n ${deps} ${gnulib_modules}|sort -u" -case ${deps} in - *select*|*poll*|*sockets*|*recv*|*send*) - echo "******************************************************************" - die "the library cannot include the gnulib sockets; see CONTRIBUTION.md" - ;; -esac +if test -d ./gnulib;then + TMP_GNULIB_SRCDIR="${GNULIB_SRCDIR:-./gnulib/}" + + deps=$(${TMP_GNULIB_SRCDIR}/gnulib-tool --extract-recursive-dependencies ${gnulib_modules}) + deps="echo -n ${deps} ${gnulib_modules}|sort -u" + case ${deps} in + *select*|*poll*|*sockets*|*recv*|*send*) + echo "******************************************************************" + die "the library cannot include the gnulib sockets; see CONTRIBUTION.md" + ;; + esac +fi bootstrap_post_import_hook () { diff --git a/configure.ac b/configure.ac index 88580c0604..430530e179 100644 --- a/configure.ac +++ b/configure.ac @@ -735,18 +735,6 @@ fi AM_CONDITIONAL(NEED_LIBOPTS, test "$included_libopts" = "yes") -AC_CHECK_TYPE(ssize_t, - [ - DEFINE_SSIZE_T="#include <sys/types.h>" - AC_SUBST(DEFINE_SSIZE_T) - ], [ - AC_DEFINE([NO_SSIZE_T], 1, [no ssize_t type was found]) - DEFINE_SSIZE_T="typedef int ssize_t;" - AC_SUBST(DEFINE_SSIZE_T) - ], [ - #include <sys/types.h> - ]) - # For minitasn1. AC_CHECK_SIZEOF(unsigned long int, 4) AC_CHECK_SIZEOF(unsigned int, 4) diff --git a/devel/check_if_signed b/devel/check_if_signed index a053bbc0c8..b8b4fef112 100755 --- a/devel/check_if_signed +++ b/devel/check_if_signed @@ -7,6 +7,11 @@ fi echo "target=$CI_MERGE_REQUEST_TARGET_BRANCH_NAME" echo "source=$CI_MERGE_REQUEST_SOURCE_BRANCH_NAME" +if test -z "$CI_MERGE_REQUEST_SOURCE_BRANCH_NAME"; then + CI_MERGE_REQUEST_SOURCE_BRANCH_NAME=$(git rev-parse --abbrev-ref HEAD) + echo "branch=$CI_MERGE_REQUEST_SOURCE_BRANCH_NAME" +fi + # create list of commits of the current branch commits=$(git rev-list --no-merges $CI_MERGE_REQUEST_TARGET_BRANCH_NAME..$CI_MERGE_REQUEST_SOURCE_BRANCH_NAME) diff --git a/lib/cipher.c b/lib/cipher.c index 3ea1cb1bb2..28075b00d1 100644 --- a/lib/cipher.c +++ b/lib/cipher.c @@ -872,6 +872,15 @@ decrypt_packet_tls13(gnutls_session_t session, if (unlikely(ret < 0)) return gnutls_assert_val(ret); + /* 1 octet for content type */ + if (length > max_decrypted_size(session) + 1) { + _gnutls_audit_log + (session, "Received packet with illegal length: %u\n", + (unsigned int) length); + + return gnutls_assert_val(GNUTLS_E_RECORD_OVERFLOW); + } + length_set = 0; /* now figure the actual data size. We intentionally iterate through all data, diff --git a/lib/constate.c b/lib/constate.c index fbbff886e9..e6ed8a3532 100644 --- a/lib/constate.c +++ b/lib/constate.c @@ -822,6 +822,15 @@ int _gnutls_write_connection_state_init(gnutls_session_t session) session->security_parameters.epoch_next; int ret; + /* reset max_record_recv_size if it was negotiated in the + * previous handshake using the record_size_limit extension */ + if (session->security_parameters.max_record_recv_size != + session->security_parameters.max_record_send_size && + !(session->internals.hsk_flags & HSK_RECORD_SIZE_LIMIT_NEGOTIATED) && + session->security_parameters.entity == GNUTLS_SERVER) + session->security_parameters.max_record_recv_size = + session->security_parameters.max_record_send_size; + /* Update internals from CipherSuite selected. * If we are resuming just copy the connection session */ diff --git a/lib/ext/max_record.c b/lib/ext/max_record.c index 2a7a9d3496..c67920376e 100644 --- a/lib/ext/max_record.c +++ b/lib/ext/max_record.c @@ -153,16 +153,16 @@ _gnutls_max_record_send_params(gnutls_session_t session, } else { /* server side */ + if (session->internals.hsk_flags & HSK_RECORD_SIZE_LIMIT_SENT) + return 0; + if (session->security_parameters.max_record_recv_size != DEFAULT_MAX_RECORD_SIZE) { ret = _gnutls_mre_record2num (session->security_parameters. max_record_recv_size); - - /* it's not an error, as long as we send the - * record_size_limit extension with that value */ if (ret < 0) - return 0; + return gnutls_assert_val(ret); p = (uint8_t) ret; ret = _gnutls_buffer_append_data(extdata, &p, 1); @@ -240,8 +240,7 @@ size_t gnutls_record_get_max_size(gnutls_session_t session) * @size: is the new size * * This function sets the maximum record packet size in this - * connection. This property can only be set to clients. The server - * may choose not to accept the requested size. + * connection. * * The requested record size does get in effect immediately only while * sending data. The receive part will take effect after a successful @@ -255,14 +254,14 @@ size_t gnutls_record_get_max_size(gnutls_session_t session) * 512 and 16384. Note that not all TLS implementations use or even * understand those extension. * + * In TLS 1.3, the value is the length of plaintext content plus its + * padding, excluding content type octet. + * * Returns: On success, %GNUTLS_E_SUCCESS (0) is returned, * otherwise a negative error code is returned. **/ ssize_t gnutls_record_set_max_size(gnutls_session_t session, size_t size) { - if (session->security_parameters.entity == GNUTLS_SERVER) - return GNUTLS_E_INVALID_REQUEST; - if (size < MIN_RECORD_SIZE || size > DEFAULT_MAX_RECORD_SIZE) return GNUTLS_E_INVALID_REQUEST; diff --git a/lib/ext/record_size_limit.c b/lib/ext/record_size_limit.c index c74ae81e4b..4c7698ea20 100644 --- a/lib/ext/record_size_limit.c +++ b/lib/ext/record_size_limit.c @@ -52,6 +52,7 @@ _gnutls_record_size_limit_recv_params(gnutls_session_t session, { ssize_t new_size; ssize_t data_size = _data_size; + const version_entry_st *vers; DECR_LEN(data_size, 2); if (data_size != 0) @@ -62,19 +63,35 @@ _gnutls_record_size_limit_recv_params(gnutls_session_t session, if (new_size < 64) return gnutls_assert_val(GNUTLS_E_RECEIVED_ILLEGAL_PARAMETER); - /* we do not want to accept sizes less than our minimum */ - if (new_size < MIN_RECORD_SIZE) - return 0; + session->internals.hsk_flags |= HSK_RECORD_SIZE_LIMIT_RECEIVED; + + /* we do not want to accept sizes outside of our supported range */ + if (new_size < MIN_RECORD_SIZE) { + /* for server, reject it by omitting the extension in the reply */ + if (session->security_parameters.entity == GNUTLS_SERVER) { + _gnutls_handshake_log("EXT[%p]: client requested too small record_size_limit %u; ignoring\n", + session, (unsigned)new_size); + return gnutls_assert_val(0); + } else { + _gnutls_handshake_log("EXT[%p]: server requested too small record_size_limit %u; closing the connection\n", + session, (unsigned)new_size); + return gnutls_assert_val(GNUTLS_E_RECEIVED_ILLEGAL_PARAMETER); + } + } session->internals.hsk_flags |= HSK_RECORD_SIZE_LIMIT_NEGOTIATED; - /* if a larger record size limit than the protocol limit is - * provided by the peer, ignore it and stick to the default */ - if (unlikely(new_size > DEFAULT_MAX_RECORD_SIZE)) - return gnutls_assert_val(0); + _gnutls_handshake_log("EXT[%p]: record_size_limit %u negotiated\n", + session, (unsigned)new_size); - session->security_parameters.max_record_send_size = new_size; - session->security_parameters.max_record_recv_size = new_size; + /* subtract 1 octet for content type */ + vers = get_version(session); + if (unlikely(vers == NULL)) + return gnutls_assert_val(GNUTLS_E_INTERNAL_ERROR); + + session->security_parameters.max_record_recv_size = + MIN(new_size - vers->tls13_sem, + session->security_parameters.max_record_send_size); return 0; } @@ -86,15 +103,44 @@ _gnutls_record_size_limit_send_params(gnutls_session_t session, gnutls_buffer_st * extdata) { int ret; + uint16_t send_size; assert(session->security_parameters.max_record_send_size >= 64 && session->security_parameters.max_record_send_size <= DEFAULT_MAX_RECORD_SIZE); - ret = _gnutls_buffer_append_prefix(extdata, 16, - session->security_parameters.max_record_send_size); + send_size = session->security_parameters.max_record_send_size; + + if (session->security_parameters.entity == GNUTLS_SERVER) { + const version_entry_st *vers; + + /* if we had received the extension and rejected, don't send it */ + if (session->internals.hsk_flags & HSK_RECORD_SIZE_LIMIT_RECEIVED && + !(session->internals.hsk_flags & HSK_RECORD_SIZE_LIMIT_NEGOTIATED)) + return gnutls_assert_val(0); + + /* add 1 octet for content type */ + vers = get_version(session); + if (unlikely(vers == NULL)) + return gnutls_assert_val(GNUTLS_E_INTERNAL_ERROR); + + send_size += vers->tls13_sem; + } else { + const version_entry_st *vers; + + /* add 1 octet for content type */ + vers = _gnutls_version_max(session); + if (unlikely(vers == NULL)) + return gnutls_assert_val(GNUTLS_E_INTERNAL_ERROR); + + send_size += vers->tls13_sem; + } + + ret = _gnutls_buffer_append_prefix(extdata, 16, send_size); if (ret < 0) return gnutls_assert_val(ret); + session->internals.hsk_flags |= HSK_RECORD_SIZE_LIMIT_SENT; + return 2; } diff --git a/lib/ext/supported_versions.c b/lib/ext/supported_versions.c index b7fe31f75b..b016c61c3c 100644 --- a/lib/ext/supported_versions.c +++ b/lib/ext/supported_versions.c @@ -63,7 +63,10 @@ supported_versions_recv_params(gnutls_session_t session, int ret; if (session->security_parameters.entity == GNUTLS_SERVER) { + const version_entry_st *old_vers; + vers = _gnutls_version_max(session); + old_vers = get_version(session); /* do not parse this extension when we haven't TLS1.3 * enabled. That is because we cannot handle earlier protocol @@ -97,6 +100,18 @@ supported_versions_recv_params(gnutls_session_t session, _gnutls_handshake_log("EXT[%p]: Negotiated version: %d.%d\n", session, (int)major, (int)minor); + + vers = get_version(session); + if (old_vers != vers) { + /* regenerate the random value to set + * downgrade sentinel if necessary + */ + ret = _gnutls_gen_server_random(session, + vers->id); + if (ret < 0) + return gnutls_assert_val(ret); + } + return 0; } } diff --git a/lib/gnutls_int.h b/lib/gnutls_int.h index 93ffd7cee9..2352299cd8 100644 --- a/lib/gnutls_int.h +++ b/lib/gnutls_int.h @@ -325,8 +325,7 @@ typedef enum recv_state_t { /* IDs are allocated in a way that all values fit in 64-bit integer as (1<<val) */ typedef enum extensions_t { GNUTLS_EXTENSION_INVALID = 0xffff, - GNUTLS_EXTENSION_MAX_RECORD_SIZE = 0, - GNUTLS_EXTENSION_STATUS_REQUEST, + GNUTLS_EXTENSION_STATUS_REQUEST = 0, GNUTLS_EXTENSION_CERT_TYPE, GNUTLS_EXTENSION_CLIENT_CERT_TYPE, GNUTLS_EXTENSION_SERVER_CERT_TYPE, @@ -349,6 +348,7 @@ typedef enum extensions_t { GNUTLS_EXTENSION_EARLY_DATA, GNUTLS_EXTENSION_PSK_KE_MODES, GNUTLS_EXTENSION_RECORD_SIZE_LIMIT, + GNUTLS_EXTENSION_MAX_RECORD_SIZE, /* * pre_shared_key and dumbfw must always be the last extensions, * in that order */ @@ -1357,6 +1357,8 @@ typedef struct { * server: intend to process early data */ #define HSK_RECORD_SIZE_LIMIT_NEGOTIATED (1<<24) +#define HSK_RECORD_SIZE_LIMIT_SENT (1<<25) /* record_size_limit extension was sent */ +#define HSK_RECORD_SIZE_LIMIT_RECEIVED (1<<26) /* server: record_size_limit extension was seen but not accepted yet */ /* The hsk_flags are for use within the ongoing handshake; * they are reset to zero prior to handshake start by gnutls_handshake. */ @@ -1546,17 +1548,20 @@ inline static int _gnutls_set_current_version(gnutls_session_t s, unsigned v) return 0; } +/* Returns the maximum size of the plaintext to be sent, considering + * both user-specified/negotiated maximum values. + */ inline static size_t max_user_send_size(gnutls_session_t session, record_parameters_st * record_params) { size_t max; - if (IS_DTLS(session)) { - max = MIN(gnutls_dtls_get_data_mtu(session), session->security_parameters.max_record_send_size); - } else { - max = session->security_parameters.max_record_send_size; - } + max = MIN(session->security_parameters.max_record_send_size, + session->security_parameters.max_record_recv_size); + + if (IS_DTLS(session)) + max = MIN(gnutls_dtls_get_data_mtu(session), max); return max; } diff --git a/lib/gthreads.h b/lib/gthreads.h index 5887d46ba5..ec2e4db91c 100644 --- a/lib/gthreads.h +++ b/lib/gthreads.h @@ -26,6 +26,8 @@ # include <threads.h> #elif defined(__GNUC__) # define _Thread_local __thread +#elif defined(_MSC_VER) +# define _Thread_local __declspec(thread) #else # error Unsupported platform #endif diff --git a/lib/hello_ext.c b/lib/hello_ext.c index 5692a14d2d..2d7cd806f6 100644 --- a/lib/hello_ext.c +++ b/lib/hello_ext.c @@ -64,7 +64,6 @@ unset_ext_data(gnutls_session_t session, const struct hello_ext_entry_st *, unsi static void unset_resumed_ext_data(gnutls_session_t session, const struct hello_ext_entry_st *, unsigned idx); static hello_ext_entry_st const *extfunc[MAX_EXT_TYPES+1] = { - [GNUTLS_EXTENSION_MAX_RECORD_SIZE] = &ext_mod_max_record_size, [GNUTLS_EXTENSION_EXT_MASTER_SECRET] = &ext_mod_ext_master_secret, [GNUTLS_EXTENSION_SUPPORTED_VERSIONS] = &ext_mod_supported_versions, [GNUTLS_EXTENSION_POST_HANDSHAKE] = &ext_mod_post_handshake, @@ -95,9 +94,10 @@ static hello_ext_entry_st const *extfunc[MAX_EXT_TYPES+1] = { #ifdef ENABLE_ALPN [GNUTLS_EXTENSION_ALPN] = &ext_mod_alpn, #endif + [GNUTLS_EXTENSION_RECORD_SIZE_LIMIT] = &ext_mod_record_size_limit, + [GNUTLS_EXTENSION_MAX_RECORD_SIZE] = &ext_mod_max_record_size, [GNUTLS_EXTENSION_PSK_KE_MODES] = &ext_mod_psk_ke_modes, [GNUTLS_EXTENSION_PRE_SHARED_KEY] = &ext_mod_pre_shared_key, - [GNUTLS_EXTENSION_RECORD_SIZE_LIMIT] = &ext_mod_record_size_limit, /* This must be the last extension registered. */ [GNUTLS_EXTENSION_DUMBFW] = &ext_mod_dumbfw, diff --git a/lib/hello_ext.h b/lib/hello_ext.h index 1ad16e19d7..55bdbe86d3 100644 --- a/lib/hello_ext.h +++ b/lib/hello_ext.h @@ -159,7 +159,7 @@ typedef struct hello_ext_entry_st { inline static unsigned _gnutls_hello_ext_is_present(gnutls_session_t session, extensions_t id) { - if (id != 0 && ((1 << id) & session->internals.used_exts)) + if ((1 << id) & session->internals.used_exts) return 1; return 0; diff --git a/lib/includes/gnutls/gnutls.h.in b/lib/includes/gnutls/gnutls.h.in index 8359fe2ea5..2965889664 100644 --- a/lib/includes/gnutls/gnutls.h.in +++ b/lib/includes/gnutls/gnutls.h.in @@ -37,15 +37,12 @@ #ifndef GNUTLS_H #define GNUTLS_H +/* Get ssize_t. */ +#include <sys/types.h> + /* Get size_t. */ #include <stddef.h> -/* Get ssize_t. */ -#ifndef HAVE_SSIZE_T -#define HAVE_SSIZE_T -/* *INDENT-OFF* */ -@DEFINE_SSIZE_T@ -/* *INDENT-ON* */ -#endif + /* Get time_t. */ #include <time.h> diff --git a/lib/pkcs11.c b/lib/pkcs11.c index 39e2799b1e..80d7c57b1f 100644 --- a/lib/pkcs11.c +++ b/lib/pkcs11.c @@ -2475,7 +2475,6 @@ gnutls_pkcs11_token_get_info(const char *url, { struct p11_kit_uri *info = NULL; const uint8_t *str; - size_t str_max; char *temp_str = NULL; size_t len; int ret; @@ -2491,19 +2490,19 @@ gnutls_pkcs11_token_get_info(const char *url, switch (ttype) { case GNUTLS_PKCS11_TOKEN_LABEL: str = p11_kit_uri_get_token_info(info)->label; - str_max = 32; + len = p11_kit_space_strlen(str, 32); break; case GNUTLS_PKCS11_TOKEN_SERIAL: str = p11_kit_uri_get_token_info(info)->serial_number; - str_max = 16; + len = p11_kit_space_strlen(str, 16); break; case GNUTLS_PKCS11_TOKEN_MANUFACTURER: str = p11_kit_uri_get_token_info(info)->manufacturer_id; - str_max = 32; + len = p11_kit_space_strlen(str, 32); break; case GNUTLS_PKCS11_TOKEN_MODEL: str = p11_kit_uri_get_token_info(info)->model; - str_max = 16; + len = p11_kit_space_strlen(str, 16); break; case GNUTLS_PKCS11_TOKEN_MODNAME: { struct find_token_modname tn; @@ -2518,11 +2517,12 @@ gnutls_pkcs11_token_get_info(const char *url, } temp_str = tn.modname; - if (temp_str == NULL) { - gnutls_assert(); - str_max = 0; - } else { + if (temp_str) { str = (uint8_t *)temp_str; + len = strlen(temp_str); + } else { + gnutls_assert(); + len = 0; } break; } @@ -2532,27 +2532,17 @@ gnutls_pkcs11_token_get_info(const char *url, goto cleanup; } - if (temp_str) - len = strlen(temp_str); - else if (str_max == 0) - len = 0; - else - len = p11_kit_space_strlen(str, str_max); - - if (len + 1 > *output_size) { + if (len < *output_size) { + if (len) + memcpy(output, str, len); + ((char *) output)[len] = '\0'; + *output_size = len; + ret = 0; + } else { *output_size = len + 1; ret = GNUTLS_E_SHORT_MEMORY_BUFFER; - goto cleanup; } - if (len) - memcpy(output, str, len); - ((char *) output)[len] = '\0'; - - *output_size = len; - - ret = 0; - cleanup: free(temp_str); p11_kit_uri_free(info); diff --git a/lib/record.c b/lib/record.c index 2dc997d09b..08aad540db 100644 --- a/lib/record.c +++ b/lib/record.c @@ -1547,6 +1547,15 @@ _gnutls_recv_in_buffers(gnutls_session_t session, content_type_t type, goto begin; } + if (_mbuffer_get_udata_size(decrypted) > max_decrypted_size(session)) { + _gnutls_audit_log + (session, "Received packet with illegal length: %u\n", + (unsigned int) ret); + + ret = gnutls_assert_val(GNUTLS_E_RECORD_OVERFLOW); + goto sanity_check_error; + } + #ifdef ENABLE_SSL2 if (record.v2) { decrypted->htype = GNUTLS_HANDSHAKE_CLIENT_HELLO_V2; diff --git a/lib/session_pack.c b/lib/session_pack.c index eec594e38e..da74f45e0c 100644 --- a/lib/session_pack.c +++ b/lib/session_pack.c @@ -923,9 +923,18 @@ pack_security_parameters(gnutls_session_t session, gnutls_buffer_st * ps) BUFFER_APPEND_NUM(ps, session->security_parameters. max_record_send_size); - BUFFER_APPEND_NUM(ps, - session->security_parameters. - max_record_recv_size); + + /* reset max_record_recv_size if it was negotiated + * using the record_size_limit extension */ + if (session->internals.hsk_flags & HSK_RECORD_SIZE_LIMIT_NEGOTIATED) { + BUFFER_APPEND_NUM(ps, + session->security_parameters. + max_record_send_size); + } else { + BUFFER_APPEND_NUM(ps, + session->security_parameters. + max_record_recv_size); + } if (session->security_parameters.grp) { BUFFER_APPEND_NUM(ps, session->security_parameters.grp->id); diff --git a/lib/str-iconv.c b/lib/str-iconv.c index f5e3943e21..9606613e48 100644 --- a/lib/str-iconv.c +++ b/lib/str-iconv.c @@ -117,9 +117,8 @@ int _gnutls_ucs2_to_utf8(const void *data, size_t size, return ret; } -/* This is big-endian output only */ int _gnutls_utf8_to_ucs2(const void *data, size_t size, - gnutls_datum_t * output) + gnutls_datum_t * output, unsigned be) { int ret; size_t dstlen, nrm_size = 0, tmp_size = 0; @@ -150,7 +149,7 @@ int _gnutls_utf8_to_ucs2(const void *data, size_t size, } /* convert to BE */ - change_u16_endianness(dst, (uint8_t*)tmp_dst, dstlen, 1); + change_u16_endianness(dst, (uint8_t*)tmp_dst, dstlen, be); dst[dstlen] = 0; dst[dstlen+1] = 0; diff --git a/lib/system.h b/lib/system.h index 2e77322e1d..ccae6475f8 100644 --- a/lib/system.h +++ b/lib/system.h @@ -100,7 +100,7 @@ int _gnutls_find_config_path(char *path, size_t max_size); int _gnutls_ucs2_to_utf8(const void *data, size_t size, gnutls_datum_t * output, unsigned bigendian); int _gnutls_utf8_to_ucs2(const void *data, size_t size, - gnutls_datum_t * output); + gnutls_datum_t * output, unsigned be); void _gnutls_global_set_gettime_function(gnutls_gettime_func gettime_func); diff --git a/lib/x509/pkcs12_encr.c b/lib/x509/pkcs12_encr.c index 9d9c1d64a9..76fbb4e8ab 100644 --- a/lib/x509/pkcs12_encr.c +++ b/lib/x509/pkcs12_encr.c @@ -96,7 +96,7 @@ _gnutls_pkcs12_string_to_key(const mac_entry_st * me, return gnutls_assert_val(GNUTLS_E_MEMORY_ERROR); ucs2.size = 2; } else { - rc = _gnutls_utf8_to_ucs2(pw, pwlen, &ucs2); + rc = _gnutls_utf8_to_ucs2(pw, pwlen, &ucs2, 1); if (rc < 0) return gnutls_assert_val(rc); diff --git a/lib/x509/verify-high2.c b/lib/x509/verify-high2.c index f4a580bb05..ff574ababe 100644 --- a/lib/x509/verify-high2.c +++ b/lib/x509/verify-high2.c @@ -45,6 +45,10 @@ # endif #endif +#ifdef _WIN32 +# include <tchar.h> +#endif + /* Convenience functions for verify-high functionality */ @@ -386,21 +390,21 @@ int load_dir_certs(const char *dirname, unsigned int tl_flags, unsigned int tl_vflags, unsigned type, unsigned crl) { - DIR *dirp; - struct dirent *d; int ret; int r = 0; char path[GNUTLS_PATH_MAX]; +#if !defined(_WIN32) || !defined(_UNICODE) + DIR *dirp; + struct dirent *d; + dirp = opendir(dirname); if (dirp != NULL) { - do { - d = readdir(dirp); - if (d != NULL + while ((d = readdir(dirp)) != NULL) { #ifdef _DIRENT_HAVE_D_TYPE - && (d->d_type == DT_REG || d->d_type == DT_LNK || d->d_type == DT_UNKNOWN) + if (d->d_type == DT_REG || d->d_type == DT_LNK || d->d_type == DT_UNKNOWN) #endif - ) { + { snprintf(path, sizeof(path), "%s/%s", dirname, d->d_name); @@ -419,10 +423,50 @@ int load_dir_certs(const char *dirname, r += ret; } } - while (d != NULL); closedir(dirp); } +#else /* _WIN32 */ + + _TDIR *dirp; + struct _tdirent *d; + gnutls_datum_t utf16 = {NULL, 0}; +#ifdef WORDS_BIGENDIAN + r = _gnutls_utf8_to_ucs2(dirname, strlen(dirname), &utf16, 1); +#else + r = _gnutls_utf8_to_ucs2(dirname, strlen(dirname), &utf16, 0); +#endif + if (r < 0) + return gnutls_assert_val(r); + dirp = _topendir((_TCHAR*)utf16.data); + gnutls_free(utf16.data); + if (dirp != NULL) { + while ((d = _treaddir(dirp)) != NULL) { +#ifdef _DIRENT_HAVE_D_TYPE + if (d->d_type == DT_REG || d->d_type == DT_LNK || d->d_type == DT_UNKNOWN) +#endif + { + snprintf(path, sizeof(path), "%s/%ls", + dirname, d->d_name); + + if (crl != 0) { + ret = + gnutls_x509_trust_list_add_trust_file + (list, NULL, path, type, tl_flags, + tl_vflags); + } else { + ret = + gnutls_x509_trust_list_add_trust_file + (list, path, NULL, type, tl_flags, + tl_vflags); + } + if (ret >= 0) + r += ret; + } + } + _tclosedir(dirp); + } +#endif /* _WIN32 */ return r; } diff --git a/lib/x509/x509.c b/lib/x509/x509.c index b5de7cb7c8..88aab5538e 100644 --- a/lib/x509/x509.c +++ b/lib/x509/x509.c @@ -338,7 +338,7 @@ static int compare_sig_algorithm(gnutls_x509_crt_t cert) return ret; } - ret = _gnutls_x509_read_value(cert->cert, "signatureAlgorithm.parameters", &sp2); + ret = _gnutls_x509_read_value(cert->cert, "tbsCertificate.signature.parameters", &sp2); if (ret == GNUTLS_E_ASN1_ELEMENT_NOT_FOUND) { empty2 = 1; } else if (ret < 0) { diff --git a/src/serv-args.def b/src/serv-args.def index 7c4c32479c..ac056f37dc 100644 --- a/src/serv-args.def +++ b/src/serv-args.def @@ -51,7 +51,7 @@ flag = { flag = { name = maxearlydata; arg-type = number; - arg-range = "1->4294967296"; + arg-range = "1->4294967295"; descrip = "The maximum early data size to accept"; doc = ""; }; diff --git a/tests/cert-tests/Makefile.am b/tests/cert-tests/Makefile.am index 0e5692df6d..f3beadec0d 100644 --- a/tests/cert-tests/Makefile.am +++ b/tests/cert-tests/Makefile.am @@ -35,8 +35,8 @@ EXTRA_DIST = data/ca-no-pathlen.pem data/no-ca-or-pathlen.pem data/aki-cert.pem templates/template-generalized.tmpl data/privkey1.pem data/privkey2.pem data/privkey3.pem \ data/name-constraints-ip.pem data/cert-invalid-utf8.der data/very-long-dn.pem \ data/provable3072.pem data/provable2048.pem data/provable-dsa2048.pem \ - data/provable-dsa2048-fips.pem templates/template-crq.tmpl \ - templates/template-unique.tmpl data/template-unique.pem \ + data/provable-dsa2048-fips.pem templates/template-crq.tmpl data/invalid-sig5.pem \ + templates/template-unique.tmpl data/template-unique.pem data/invalid-sig4.pem \ templates/template-othername.tmpl data/template-othername.pem \ templates/template-othername-xmpp.tmpl data/template-othername-xmpp.pem \ templates/template-krb5name.tmpl data/crl-demo1.pem data/crl-demo2.pem data/crl-demo3.pem \ diff --git a/tests/cert-tests/data/invalid-sig4.pem b/tests/cert-tests/data/invalid-sig4.pem new file mode 100644 index 0000000000..f039e3c18f --- /dev/null +++ b/tests/cert-tests/data/invalid-sig4.pem @@ -0,0 +1,23 @@ +-----BEGIN CERTIFICATE----- +MIID1jCCAr2gAwIBAgIDAjbRMA0GCSqGSIb3DQEBBQUAMEIxCzAJBgNVBAYTAlVT +MRYwFAYDVQQKEw1HZW9UcnVzdCBJbmMuMRswGQYDVQQDExJHZW9UcnVzdCBHbG9i +YWwgQ0EwHhcNMTAwMjE5MjI0NTA1WhcNMjAwMjE4MjI0NTA1WjA8MQswCQYDVQQG +EwJVUzEXMBUGA1UEChMOR2VvVHJ1c3QsIEluYy4xFDASBgNVBAMTC1JhcGlkU1NM +IENBMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAx3H4Vsce2cy1rfa0 +l6P7oeYLUF9QqjraD/w9KSRDxhApwfxVQHLuverfn7ZB9EhLyG7+T1cSi1v6kt1e +6K3z8Buxe037z/3R5fjj3Of1c3/fAUnPjFbBvTfjW761T4uL8NpPx+PdVUdp3/Jb +ewdPPeWsIcHIHXro5/YPoar1b96oZU8QiZwD84l6pV4BcjPtqelaHnnzh8jfyMX8 +N8iamte4dsywPuf95lTq319SQXhZV63xEtZ/vNWfcNMFbPqjfWdY3SZiHTGSDHl5 +HI7PynvBZq+odEj7joLCniyZXHstXZu8W1eefDp6E63yoxhbK1kPzVw662gzxigd +gtFQiwIDAQABo4HZMIHWMA4GA1UdDwEB/wQEAwIBBjAdBgNVHQ4EFgQUa2k9ahhC +St2PAmU5/TUkhniRFjAwHwYDVR0jBBgwFoAUwHqYaI2J+6sFZAwRfap9ZbjKzE4w +EgYDVR0TAQH/BAgwBgEB/wIBADA6BgNVHR8EMzAxMC+gLaArhilodHRwOi8vY3Js +Lmdlb3RydXN0LmNvbS9jcmxzL2d0Z2xvYmFsLmNybDA0BggrBgEFBQcBAQQoMCYw +JAYIKwYBBQUHMAGGGGh0dHA6Ly9vY3NwLmdlb3RydXN0LmNvbTAOBgkqhkiG9w0B +AQUEAUEDggEBAKu8vApdGJTjwbHDqExV1r60mPHuPBzNz/MkJFyWAydY/Dauoi+P +8f7aKwLDM73I3UgiK2APpQMQ/Xf40O2WZ0/96kcgcFTcqQxVfuGWJYrZtdpXSr6N +jklDY6VsTieHJetbbf6ifzgo4DarrTmlpWLEt1xYLKpdAWCmYmejwMdiI/TnbEbu +tdOAaiIT0i0/dE/qr4xftDic267Or4QepvY0UVl50+N13LzX83PfkuzSIFlvnPuV ++JJ2GAp8Dyymyt6KYnvY885faL2PPsF0uxVyOhaDqQvmTZmc2FfsqAFRx29XNF6r +SixC9k8ciXjeJk71b5NMFWsnVk0AVGx6t7c= +-----END CERTIFICATE----- diff --git a/tests/cert-tests/data/invalid-sig5.pem b/tests/cert-tests/data/invalid-sig5.pem new file mode 100644 index 0000000000..f7a148cf42 --- /dev/null +++ b/tests/cert-tests/data/invalid-sig5.pem @@ -0,0 +1,22 @@ +-----BEGIN CERTIFICATE----- +MIIDmjCCAlKgAwIBAgIMWXnRYyHbNWzuFxmzMD0GCSqGSIb3DQEBCjAwoA0wCwYJ +YIZIAWUDBAIBoRowGAYJKoZIhvcNAQEIMAsGCWCGSAFlAwQCAaIDAgFAMA8xDTAL +BgNVBAMTBENBLTAwIBcNMTcwNzI3MTE0MTIzWhgPOTk5OTEyMzEyMzU5NTlaMA8x +DTALBgNVBAMTBENBLTEwggFSMD0GCSqGSIb3DQEBCjAwoA0wCwYJYIZIAWUDBAIB +oRowGAYJKoZIhvcNAQEIMAsGCWCGSAFlAwQCAaIDAgEgA4IBDwAwggEKAoIBAQDB +uQ2UwKWT1BfN6H2B3svKL34aPW/+MTfN8McvExZsZYuQyRxeG8SV4uJ+GAtJ/Ml/ +eaUqiKG0pNCna846FUtAax/0quuVSaZ2xOVA3lMKj2frtRLJ3W6ZaglCHkZUHhII +JEtE1s0F8aaaZ6X4/57OAi6uyFNuBSBsp3giQS6SrtFMbhq7OuSSt2T14XlVGvAI +TiO7t21+Eukq2jDGOerUax4Yxki4l8589uXu5IQzZalj42hr9YKbNb75RAICNnY8 +jxCezc0o8KNoDF0IAK7UERz6uUQElUh/bdm0k3UV+uVA6t0disZ4gdenPuLsGSVD +9fcbh/zFlv2V3A9HLJB3AgMBAAGjZDBiMA8GA1UdEwEB/wQFMAMBAf8wDwYDVR0P +AQH/BAUDAwcEADAdBgNVHQ4EFgQU6h4fxmpkIoNy/qx6u4Z13H7WN+QwHwYDVR0j +BBgwFoAUZ97LfvATPRiWxwNOO+sxC5ig8VkwPQYJKoZIhvcNAQEKMDCgDTALBglg +hkgBZQMEAgGhGjAYBgkqhkiG9w0BAQgwCwYJYIZIAWUDBAIBogMCASADggEBAFGH +zxWW8R95wmmuDecuKf31LEKPubtaeqMRqt2Vk2mGCQOxcerl6MMGyl3w46hEkAjU +jAPwmNnB9xyEyqR5w2TYrpzsrnUcZn+6HzSiPTEJ0jhY2S8N2V+Bch1QgMwlgeaD +bZrY6qAG6PeqoQ8XhZ8+1sI/IpQKJHmmBN+qYbLFxEPjE4QnBahPbKfbpMY0MMX0 +uuI2nSBKcYmkYiWBYdydpP24VfeoUP0V6bXc5rrDdCNGp+AxUID51GT0AoMf2FGK +LeOLJtPqH7raz44pa1qezHq4gPeXC0Ende9j7IimpsdB6eDVle8UZipfeASq9XVL +F430KTcS7x42r71NZUU= +-----END CERTIFICATE----- diff --git a/tests/cert-tests/invalid-sig b/tests/cert-tests/invalid-sig index eaa75c7543..bc2774e1f5 100755 --- a/tests/cert-tests/invalid-sig +++ b/tests/cert-tests/invalid-sig @@ -59,4 +59,24 @@ if test "${rc}" = "0"; then exit ${rc} fi +#check whether different parameters in tbsCertificate than the outer signature is tolerated +${VALGRIND} "${CERTTOOL}" -e --infile "${srcdir}/data/invalid-sig4.pem" +rc=$? + +# We're done. +if test "${rc}" = "0"; then + echo "Verification of invalid signature (4) failed" + exit ${rc} +fi + +#check whether different RSA-PSS parameters in tbsCertificate than the outer signature is tolerated +${VALGRIND} "${CERTTOOL}" --verify-chain --infile "${srcdir}/data/invalid-sig5.pem" +rc=$? + +# We're done. +if test "${rc}" = "0"; then + echo "Verification of invalid signature (4) failed" + exit ${rc} +fi + exit 0 diff --git a/tests/conv-utf8.c b/tests/conv-utf8.c index 73f4ff3abd..9d630e73d0 100644 --- a/tests/conv-utf8.c +++ b/tests/conv-utf8.c @@ -35,7 +35,7 @@ #include <cmocka.h> int _gnutls_utf8_to_ucs2(const void *data, size_t size, - gnutls_datum_t * output); + gnutls_datum_t * output, unsigned be); int _gnutls_ucs2_to_utf8(const void *data, size_t size, gnutls_datum_t * output, unsigned be); @@ -60,7 +60,7 @@ static void PRINT(const char *str, unsigned char *val, unsigned int size) static void fname(void **glob_state) \ { \ gnutls_datum_t out; \ - int ret = _gnutls_utf8_to_ucs2(utf8, strlen(utf8), &out); \ + int ret = _gnutls_utf8_to_ucs2(utf8, strlen(utf8), &out, 1); \ assert_int_equal(ret, 0); \ if (out.size != sizeof(utf16)-1 || memcmp(utf16, out.data, out.size) != 0) { PRINT("got: ", out.data, out.size); \ PRINT("expected: ", (unsigned char*)utf16, sizeof(utf16)-1); } \ @@ -86,7 +86,7 @@ static void fname(void **glob_state) \ static void fname(void **glob_state) \ { \ gnutls_datum_t out; \ - int ret = _gnutls_utf8_to_ucs2(utf8, utf8_size, &out); \ + int ret = _gnutls_utf8_to_ucs2(utf8, utf8_size, &out, 1); \ assert_int_not_equal(ret, 0); \ } diff --git a/tests/pkcs11/pkcs11-token-raw.c b/tests/pkcs11/pkcs11-token-raw.c index bbcb23eb81..c09e762cc5 100644 --- a/tests/pkcs11/pkcs11-token-raw.c +++ b/tests/pkcs11/pkcs11-token-raw.c @@ -57,6 +57,7 @@ static void tls_log_func(int level, const char *str) fprintf(stderr, "|<%d>| %s", level, str); } +#define TOKEN_NAME "whatever" void doit(void) { int ret; @@ -93,6 +94,42 @@ void doit(void) exit(1); } + { + static const char url[] = "pkcs11:token="TOKEN_NAME; + + /* Testing a too small buffer */ + size_t size = 1; + char *buf = gnutls_malloc(size); + assert(buf != NULL); + ret = gnutls_pkcs11_token_get_info(url, + GNUTLS_PKCS11_TOKEN_LABEL, + buf, &size); + assert(ret == GNUTLS_E_SHORT_MEMORY_BUFFER); + assert(size == strlen(TOKEN_NAME)+1); + + /* Testing a too small buffer by one */ + size -= 1; + buf = gnutls_realloc(buf, size); + assert(buf != NULL); + ret = gnutls_pkcs11_token_get_info(url, + GNUTLS_PKCS11_TOKEN_LABEL, + buf, &size); + assert(ret == GNUTLS_E_SHORT_MEMORY_BUFFER); + assert(size == strlen(TOKEN_NAME)+1); + + /* Testing an exactly fitting buffer */ + buf = gnutls_realloc(buf, size); + assert(buf != NULL); + ret = gnutls_pkcs11_token_get_info(url, + GNUTLS_PKCS11_TOKEN_LABEL, + buf, &size); + assert(ret == 0); + assert(strcmp(buf, TOKEN_NAME) == 0); + assert(size == strlen(TOKEN_NAME)); + + gnutls_free(buf); + } + ret = gnutls_pkcs11_token_get_ptr("pkcs11:token=invalid", (void**)&mod, &slot_id, 0); assert(ret == GNUTLS_E_REQUESTED_DATA_NOT_AVAILABLE); diff --git a/tests/seccomp.c b/tests/seccomp.c index b68fcd7efa..466f7db740 100644 --- a/tests/seccomp.c +++ b/tests/seccomp.c @@ -26,6 +26,9 @@ #include <seccomp.h> #include <errno.h> #include <string.h> +#if defined(__linux__) +# include <sys/syscall.h> +#endif int disable_system_calls(void) { @@ -70,7 +73,9 @@ int disable_system_calls(void) /* to read from /dev/urandom */ ADD_SYSCALL(read, 0); +#ifdef SYS_getrandom ADD_SYSCALL(getrandom, 0); +#endif /* we use it in select */ ADD_SYSCALL(sigprocmask, 0); diff --git a/tests/suite/tls-fuzzer/gnutls-nocert-ssl3.json b/tests/suite/tls-fuzzer/gnutls-nocert-ssl3.json index 9bf3fa20f1..a297392255 100644 --- a/tests/suite/tls-fuzzer/gnutls-nocert-ssl3.json +++ b/tests/suite/tls-fuzzer/gnutls-nocert-ssl3.json @@ -18,7 +18,7 @@ }, {"name" : "test-export-ciphers-rejected.py", "comment" : "we negotiate AES even in SSL3.0", - "arguments" : ["--ssl3", "-p", "@PORT@"] }, + "arguments" : ["-p", "@PORT@"] }, {"name" : "test-client-compatibility.py", "arguments" : ["-p", "@PORT@", "18: IE 6 on XP", "52: YandexBot 3.0 on unknown", diff --git a/tests/suite/tls-fuzzer/gnutls-nocert-tls13.json b/tests/suite/tls-fuzzer/gnutls-nocert-tls13.json index 06fbf92351..47fcf878a4 100644 --- a/tests/suite/tls-fuzzer/gnutls-nocert-tls13.json +++ b/tests/suite/tls-fuzzer/gnutls-nocert-tls13.json @@ -12,6 +12,38 @@ "server_hostname": "localhost", "server_port": @PORT@, "tests" : [ + {"name" : "test-record-size-limit.py", + "comment" : "changed extension after HRR is not supported #617", + "arguments" : ["-p", "@PORT@", "--reply-AD-size", "685", + "--minimal-size", "512", + "-e", "change size in TLS 1.2 resumption", + "-e", "change size in TLS 1.3 session resumption", + "-e", "check if server accepts maximum size in TLS 1.0", + "-e", "check if server accepts maximum size in TLS 1.1", + "-e", "check if server accepts maximum size in TLS 1.2", + "-e", "check if server accepts minimal size in TLS 1.0", + "-e", "check if server accepts minimal size in TLS 1.1", + "-e", "check if server accepts minimal size in TLS 1.2", + "-e", "check interaction with sha256 prf", + "-e", "check interaction with sha384 prf", + "-e", "check server sent size in TLS 1.0", + "-e", "check server sent size in TLS 1.1", + "-e", "check server sent size in TLS 1.2", + "-e", "drop extension in TLS 1.2 resumption", + "-e", "drop extension in TLS 1.3 session resumption", + "-e", "modified extension in 2nd CH in HRR handshake", + "-e", "renegotiation with changed limit", + "-e", "renegotiation with dropped extension", + "-e", "added extension in 2nd CH in HRR handshake", + "-e", "check server sent size in TLS 1.0 with max_fragment_length", + "-e", "check server sent size in TLS 1.1 with max_fragment_length", + "-e", "check server sent size in TLS 1.2 with max_fragment_length", + "-e", "removed extension in 2nd CH in HRR handshake"] }, + {"name" : "test-record-size-limit.py", + "arguments" : ["-p", "@PORT@", "--reply-AD-size", "672", + "--minimal-size", "512", + "change size in TLS 1.3 session resumption", + "drop extension in TLS 1.3 session resumption"] }, {"name" : "test-tls13-0rtt-garbage.py", "arguments": ["-p", "@PORT@"]}, {"name" : "test-tls13-ccs.py", @@ -81,7 +113,11 @@ {"name" : "test-tls13-version-negotiation.py", "arguments": ["-p", "@PORT@"]}, {"name" : "test-tls13-zero-length-data.py", - "arguments": ["-p", "@PORT@"]} + "arguments": ["-p", "@PORT@"]}, + {"name" : "test-downgrade-protection.py", + "comment" : "1/n-1 splitting in TLS 1.0 is not supported", + "arguments": ["-p", "@PORT@", "--server-max-protocol", "TLSv1.3", + "-e", "TLS 1.3 downgrade check for Protocol (3, 1)"]} ] } ] diff --git a/tests/suite/tls-fuzzer/gnutls-nocert.json b/tests/suite/tls-fuzzer/gnutls-nocert.json index 04376f40ea..e25b6b3613 100644 --- a/tests/suite/tls-fuzzer/gnutls-nocert.json +++ b/tests/suite/tls-fuzzer/gnutls-nocert.json @@ -231,27 +231,38 @@ "-e", "small, maximum fragmentation: 1 fragment - 20B extension", "-e", "medium, maximum fragmentation: 1 fragment - 1024B extension"]}, {"name" : "test-record-size-limit.py", - "comment" : "These tests rely on too small lower limit we don't support; TLS 1.3 high limit is not what we expect; 1/n-1 splitting is not supported in TLS 1.0; we don't reject too large appliation_data records in TLS 1.2 #676", - "arguments" : ["-p", "@PORT@", "--reply-AD-size", "{expected_size}", - "-e", "change size in TLS 1.2 resumption", - "-e", "change size in TLS 1.3 session resumption", + "comment" : "TLS 1.3 tests are done separately; 1/n-1 splitting is not supported in TLS 1.0", + "arguments" : ["-p", "@PORT@", "--reply-AD-size", "821", + "--minimal-size", "512", "-e", "check if server accepts maximum size in TLS 1.0", "-e", "check if server accepts maximum size in TLS 1.3", "-e", "check if server accepts minimal size in TLS 1.0", - "-e", "check if server accepts minimal size in TLS 1.1", - "-e", "check if server accepts minimal size in TLS 1.2", "-e", "check if server accepts minimal size in TLS 1.3", + "-e", "check if server omits extension for unrecognized size 64 in TLS 1.3", + "-e", "check if server omits extension for unrecognized size 511 in TLS 1.3", "-e", "check interaction with sha256 prf", "-e", "check interaction with sha384 prf", "-e", "check server sent size in TLS 1.0", "-e", "check server sent size in TLS 1.3", - "-e", "drop extension in TLS 1.3 session resumption", "-e", "HRR sanity", + "-e", "too large record payload in TLS 1.3", + "-e", "change size in TLS 1.3 session resumption", + "-e", "drop extension in TLS 1.3 session resumption", "-e", "modified extension in 2nd CH in HRR handshake", - "-e", "renegotiation with changed limit", - "-e", "renegotiation with dropped extension", - "-e", "too large record in TLS 1.2", - "-e", "too large record payload in TLS 1.3"] }, + "-e", "added extension in 2nd CH in HRR handshake", + "-e", "check server sent size in TLS 1.0 with max_fragment_length", + "-e", "check server sent size in TLS 1.3 with max_fragment_length", + "-e", "removed extension in 2nd CH in HRR handshake"] }, + {"name" : "test-record-size-limit.py", + "comment" : "The reply includes PRF algorithm and affects the AD size", + "arguments" : ["-p", "@PORT@", "--reply-AD-size", "827", + "--minimal-size", "512", + "check interaction with sha256 prf"] }, + {"name" : "test-record-size-limit.py", + "comment" : "The reply includes PRF algorithm and affects the AD size", + "arguments" : ["-p", "@PORT@", "--reply-AD-size", "816", + "--minimal-size", "512", + "check interaction with sha384 prf"] }, {"name" : "test-sessionID-resumption.py", "arguments" : ["-p", "@PORT@"] }, {"name" : "test-serverhello-random.py", diff --git a/tests/suite/tls-fuzzer/tlsfuzzer b/tests/suite/tls-fuzzer/tlsfuzzer -Subproject 7b2ebe4c8bd06e5a1059a8aeb5bfe2b014e2b52 +Subproject 13479e5a44bc10e3577fc28b921c5b999a363ce diff --git a/tests/test-chains.h b/tests/test-chains.h index 09a386c821..095ccbabd2 100644 --- a/tests/test-chains.h +++ b/tests/test-chains.h @@ -154,71 +154,76 @@ static const char *chain_with_no_subject_id_in_ca_ok[] = { "-----END CERTIFICATE-----\n" }; +/* This chain was generated by a modified gnutls lib. The script tests/suite/certs/create-chain.sh + * was used after modifying it to generate RSA-PSS certificates and set 64 byte salt in intermediate + * CA, and 48-byte otherwise. Then _gnutls_x509_write_sign_params() was modified to set a 32-byte salt + * when it would have set a 64-byte one. That way signatures from the intermediate certificate restricted + * to 64-byte salts will be incorrectly set to 32-bytes. */ static const char *rsa_pss_chain_smaller_salt_in_sig_fail[] = { "-----BEGIN CERTIFICATE-----\n" - "MIIDfzCCAjegAwIBAgIMWXnRYyUPHcgwMUF2MD0GCSqGSIb3DQEBCjAwoA0wCwYJ\n" - "YIZIAWUDBAIBoRowGAYJKoZIhvcNAQEIMAsGCWCGSAFlAwQCAaIDAgEgMA8xDTAL\n" - "BgNVBAMTBENBLTEwIBcNMTcwNzI3MTE0MTIzWhgPOTk5OTEyMzEyMzU5NTlaMBMx\n" - "ETAPBgNVBAMTCHNlcnZlci0yMIIBIDALBgkqhkiG9w0BAQoDggEPADCCAQoCggEB\n" - "ALPUjrvjgPh9hv3gYDxu/Un28TzS3os+O1eAbVGuTeO0BX3u5D2ZtaVeB7gLwSku\n" - "YkDKLrXs+M5BsvpZOfKIyQjrLuc5U5ik8W7SsSH5MVliergMTz4Qi+DtXdsrIjpk\n" - "oTDxgUatrpYQSocPfqdMgma3DyW3jlZv4BoLZ95TsJi23qZxZI9fQeGG9DZ+x2h6\n" - "3QeW4OTpJB75O6ruas7KiId9RH6WHj/JvLF99RGhPHa7SUZstyvnDA80Igood6S6\n" - "J3GNs1RHnaHeOqcyfbdNzlyTaLK0Acos6AKlkm4OYABXRmfDSyjVPto7FTV4I9CV\n" - "jSRXOa5IK3kUvFApM6SvzQsCAwEAAaN3MHUwDAYDVR0TAQH/BAIwADAUBgNVHREE\n" - "DTALgglsb2NhbGhvc3QwDwYDVR0PAQH/BAUDAweAADAdBgNVHQ4EFgQUhAHLtEhd\n" - "NxMr6TQX5GB4a29ng4YwHwYDVR0jBBgwFoAU6h4fxmpkIoNy/qx6u4Z13H7WN+Qw\n" - "PQYJKoZIhvcNAQEKMDCgDTALBglghkgBZQMEAgGhGjAYBgkqhkiG9w0BAQgwCwYJ\n" - "YIZIAWUDBAIBogMCASADggEBAL5SQpMtcGQ4mNZaaW3SNB8EBPo4VZ1GXYsOd0ef\n" - "JmhNKKrw5Z2WHR8xDbP7cwq/X+U0M9TMhCWPaDgzt46TJu+ct43UqGt/bgz2Xt2R\n" - "xCvlhwGNM3A5c417jmNQiQvMyCiEZSPD7RLowoE34XyjaxydYoWGq9otNoIq0CX9\n" - "Q7GZudWfWvwDU3zM8gy6k8EPmOgG8PdvW6PjKyf5y/uSDHY7Dm8d9E/uybAbZUVo\n" - "WfdwhhP66EDmNozTNaBcfIkJTmuxq2oxnA8JS1V5hMccfZLIRh0hBkpdGXSAOMNV\n" - "qjqJUOWrbU5hbcZUk2UHK34rNvkX+rDmuKD2vAQ7MguzHfI=\n" + "MIIDiTCCAkGgAwIBAgIUMquMu6/Azo9N40rNZ1z7hkotqC0wPQYJKoZIhvcNAQEK\n" + "MDCgDTALBglghkgBZQMEAgKhGjAYBgkqhkiG9w0BAQgwCwYJYIZIAWUDBAICogMC\n" + "ASAwDzENMAsGA1UEAxMEQ0EtMTAgFw0xOTAyMTIyMDU0NTlaGA85OTk5MTIzMTIz\n" + "NTk1OVowEzERMA8GA1UEAxMIc2VydmVyLTIwggEiMA0GCSqGSIb3DQEBAQUAA4IB\n" + "DwAwggEKAoIBAQDrEJ5ONj7OYNjDZ3johFKItvX6BFJ7ejLfNELvT7I9hsiGJBr5\n" + "Q/NgeQolSXLKHYG0L5Lxu1fbHINzC43NEivY3KMKKl0+MdXWwAr0yW/cTeuDc/+e\n" + "YqGT3TpCcxa/0dJ+Y3zAS1DqsHjNOxyYBvyKATyvFKo+oAwOqtR/OLflUvoXvYZV\n" + "YByseOLhE70Vfuk8yppRcKwokwk/3S6dZjoxK1K3PBQGARJNaUChtx5iM1qMrluK\n" + "uDj7yV9DYhtyhSmYvcZ1gb3t0aAxGoGbfdOHa7XMovzfRDUPbwvkKUJqcNfGkeGn\n" + "pZRzbA8D/YrjFtm7QVgf6yD20DbZChzoxRWzAgMBAAGjdzB1MAwGA1UdEwEB/wQC\n" + "MAAwFAYDVR0RBA0wC4IJbG9jYWxob3N0MA8GA1UdDwEB/wQFAwMHoAAwHQYDVR0O\n" + "BBYEFM/CHpfVzdNRBMYfqBXUieW9m9oFMB8GA1UdIwQYMBaAFDBBFsyy+oqRFlRx\n" + "MH5qlHt7guXUMD0GCSqGSIb3DQEBCjAwoA0wCwYJYIZIAWUDBAICoRowGAYJKoZI\n" + "hvcNAQEIMAsGCWCGSAFlAwQCAqIDAgEgA4IBAQADuShUlCXrs5K6Yu7mKvoyZztJ\n" + "dQFuxv4WDvbhoZ19GEEg6icRUoaA3tWKf7tNRnqQklMLhWIZParXtt+xz7q5K6ic\n" + "kX5oGzzUNryAx5DJkZCCffdA1FaQjCEI6Cy5cEnGifXyacwA7BViUwMnWvJRSKYi\n" + "gvBVKc1TBwA+vPIzlSb3COo1zhshxM+C7mhzspDFkceXV7qapFDMj7M/GbgqH7h0\n" + "yuJv2bymytjXadR43LuG6yqqsFvIPHYBcyPq3Uzu+57UJbHhAlkTXaAXfZkc1Ut7\n" + "Xz8pOEzcxZHl4SEgsO6KeT2uQUE1Zx5AgwaNfuMmg0aFJep8vKcQ1jvdzxS2\n" "-----END CERTIFICATE-----\n", "-----BEGIN CERTIFICATE-----\n" - "MIIDmjCCAlKgAwIBAgIMWXnRYyHbNWzuFxmzMD0GCSqGSIb3DQEBCjAwoA0wCwYJ\n" - "YIZIAWUDBAIBoRowGAYJKoZIhvcNAQEIMAsGCWCGSAFlAwQCAaIDAgFAMA8xDTAL\n" - "BgNVBAMTBENBLTAwIBcNMTcwNzI3MTE0MTIzWhgPOTk5OTEyMzEyMzU5NTlaMA8x\n" - "DTALBgNVBAMTBENBLTEwggFSMD0GCSqGSIb3DQEBCjAwoA0wCwYJYIZIAWUDBAIB\n" - "oRowGAYJKoZIhvcNAQEIMAsGCWCGSAFlAwQCAaIDAgEgA4IBDwAwggEKAoIBAQDB\n" - "uQ2UwKWT1BfN6H2B3svKL34aPW/+MTfN8McvExZsZYuQyRxeG8SV4uJ+GAtJ/Ml/\n" - "eaUqiKG0pNCna846FUtAax/0quuVSaZ2xOVA3lMKj2frtRLJ3W6ZaglCHkZUHhII\n" - "JEtE1s0F8aaaZ6X4/57OAi6uyFNuBSBsp3giQS6SrtFMbhq7OuSSt2T14XlVGvAI\n" - "TiO7t21+Eukq2jDGOerUax4Yxki4l8589uXu5IQzZalj42hr9YKbNb75RAICNnY8\n" - "jxCezc0o8KNoDF0IAK7UERz6uUQElUh/bdm0k3UV+uVA6t0disZ4gdenPuLsGSVD\n" - "9fcbh/zFlv2V3A9HLJB3AgMBAAGjZDBiMA8GA1UdEwEB/wQFMAMBAf8wDwYDVR0P\n" - "AQH/BAUDAwcEADAdBgNVHQ4EFgQU6h4fxmpkIoNy/qx6u4Z13H7WN+QwHwYDVR0j\n" - "BBgwFoAUZ97LfvATPRiWxwNOO+sxC5ig8VkwPQYJKoZIhvcNAQEKMDCgDTALBglg\n" - "hkgBZQMEAgGhGjAYBgkqhkiG9w0BAQgwCwYJYIZIAWUDBAIBogMCASADggEBAFGH\n" - "zxWW8R95wmmuDecuKf31LEKPubtaeqMRqt2Vk2mGCQOxcerl6MMGyl3w46hEkAjU\n" - "jAPwmNnB9xyEyqR5w2TYrpzsrnUcZn+6HzSiPTEJ0jhY2S8N2V+Bch1QgMwlgeaD\n" - "bZrY6qAG6PeqoQ8XhZ8+1sI/IpQKJHmmBN+qYbLFxEPjE4QnBahPbKfbpMY0MMX0\n" - "uuI2nSBKcYmkYiWBYdydpP24VfeoUP0V6bXc5rrDdCNGp+AxUID51GT0AoMf2FGK\n" - "LeOLJtPqH7raz44pa1qezHq4gPeXC0Ende9j7IimpsdB6eDVle8UZipfeASq9XVL\n" - "F430KTcS7x42r71NZUU=\n" + "MIIDojCCAlqgAwIBAgIUYIZPL5Kf86B0XYSKAdI8dv4HJY8wPQYJKoZIhvcNAQEK\n" + "MDCgDTALBglghkgBZQMEAgGhGjAYBgkqhkiG9w0BAQgwCwYJYIZIAWUDBAIBogMC\n" + "ATAwDzENMAsGA1UEAxMEQ0EtMDAgFw0xOTAyMTIyMDU0NTlaGA85OTk5MTIzMTIz\n" + "NTk1OVowDzENMAsGA1UEAxMEQ0EtMTCCAVIwPQYJKoZIhvcNAQEKMDCgDTALBglg\n" + "hkgBZQMEAgKhGjAYBgkqhkiG9w0BAQgwCwYJYIZIAWUDBAICogMCAUADggEPADCC\n" + "AQoCggEBANCQ6fUJYYI3OTDYIcyshBdnVBQq0uGjHg/04niCpoAZi/nlfP3tCRZS\n" + "k44kMt6hla9cEkdj5mzeGFlG5AYG9C5MimyYwTJ5Sho6t8ct4wPESeypuDbcvMRX\n" + "MTLM/9+ZECkDgKA238z4sNX0T0ppsCXy8IK0Jmn7bky6lqNmaMTjYWy7Tu4kQOMX\n" + "7RE4tv/WlaH95d7zHYuaAf5dNY5GJ/cGrkYLrL1KpN/UU/4KKxvWs3EbsnDvrTcs\n" + "mzLrTOIaedrrNXY6FsGE3+XKDCo+Z80LsrySpCozAECrEFCENMfS3ptOwI+Vblb1\n" + "Kar8+4+7uMxbGY/RJ/gGIKGYibkpzicCAwEAAaNkMGIwDwYDVR0TAQH/BAUwAwEB\n" + "/zAPBgNVHQ8BAf8EBQMDBwQAMB0GA1UdDgQWBBQwQRbMsvqKkRZUcTB+apR7e4Ll\n" + "1DAfBgNVHSMEGDAWgBR1lWzS3rLSrmdPPgma8JL4j1PJgzA9BgkqhkiG9w0BAQow\n" + "MKANMAsGCWCGSAFlAwQCAaEaMBgGCSqGSIb3DQEBCDALBglghkgBZQMEAgGiAwIB\n" + "MAOCAQEAnYZf5bo7ZtysyLO/3QjAM+o1IWXinH97XANEbs5oZOK/rQNLBIpOLaYp\n" + "YcnziJTEIqvy+7/KNwdjLcKZ4f5PBlDHBsr70XeJmMc+9/ZadY14BHZUEWNfBPx5\n" + "dZR55/g62CdermdCJEoY6XdIMqdTHrdwmBIS/7g/dciQt0+lrjanX14VLAVRUAIu\n" + "HMn5C4ZGeBDd8av3P+VIqdkFfpAYlZ5BsYqshel4pnAyhpUO5wTmY7cm78fqctyX\n" + "qmQ0PRLQXmlqrL2oJtlGcSWlT0u1bS0gJPpvszataCZhnX/O9x6yzzgeUpP4I/AR\n" + "KS4ZXRehFmQH4xS1eq5fmWiTzbvWHA==\n" "-----END CERTIFICATE-----\n", NULL, "-----BEGIN CERTIFICATE-----\n" - "MIIDeTCCAjGgAwIBAgIMWXnRYxvG34hjjASYMD0GCSqGSIb3DQEBCjAwoA0wCwYJ\n" - "YIZIAWUDBAIBoRowGAYJKoZIhvcNAQEIMAsGCWCGSAFlAwQCAaIDAgFAMA8xDTAL\n" - "BgNVBAMTBENBLTAwIBcNMTcwNzI3MTE0MTIzWhgPOTk5OTEyMzEyMzU5NTlaMA8x\n" - "DTALBgNVBAMTBENBLTAwggFSMD0GCSqGSIb3DQEBCjAwoA0wCwYJYIZIAWUDBAIB\n" - "oRowGAYJKoZIhvcNAQEIMAsGCWCGSAFlAwQCAaIDAgFAA4IBDwAwggEKAoIBAQCw\n" - "/vJ8ccKv5ptzLvQjduQJ67JMAsizWhdkOlEy1idzXo/qjtEw6eqUJdcraF5Nzhon\n" - "HnXtioIvV2C3cYtauKO2rCKjlChiK59YaaeIbl521sSLRpFYhYIKkjOLHJePxHny\n" - "FTQEuF8b8CvrM8GsxIVZ9U+DRnxJdzhUiqxadnPpiXG/IrQRBjm/Abb8s/CG+Ny6\n" - "sEJBt9gDYfIfgDfbzeLu5zaPibi4N/+fYfToA7I8LXn7/AmsWAIjrY9rSOxdKJKw\n" - "H5C0Yd7myhtJY0EeHDl3Y3L+lwO/JkqxhRzIiZnIbxFcgeb9lZjeU94z/oi3mI7H\n" - "xzOk+D7IGgCkEBhfY53RAgMBAAGjQzBBMA8GA1UdEwEB/wQFMAMBAf8wDwYDVR0P\n" - "AQH/BAUDAwcGADAdBgNVHQ4EFgQUZ97LfvATPRiWxwNOO+sxC5ig8VkwPQYJKoZI\n" - "hvcNAQEKMDCgDTALBglghkgBZQMEAgGhGjAYBgkqhkiG9w0BAQgwCwYJYIZIAWUD\n" - "BAIBogMCAUADggEBAH3ilegUORDk8WQ7sQWFsM1L3nnfGLlHAcac+P6vLnMCkkiD\n" - "bpzqKEfAvEnRnZhU9vMLJkv2vUNzqIaLalPveZx98yYAxDkjGbF3PU9Eesd+JYWd\n" - "aJQIqpFxMDgnAXhpny6JFnMS4PWqu8NDLukEXCeeC+asweChP4TubHTJYXVRlCPL\n" - "Xla2fDgaG3ZKAgoUo18Hmc+Ju/17jQxgVa+SUQW9AJL+87pUoaGP1lzwrRuZl4rr\n" - "kmuKVjoKukJ9BYIlz6RZ/8kZZtoCd7e84DJ+zEAd0/s9w5K6lzS0gpFDi/Yo23sr\n" - "6L6PwffJ42OdtgXobk6AlzKU5r3iQFdu4juNNQ0=\n" + "MIIDgTCCAjmgAwIBAgIUUVxp7I/ecuDCjWdn2Rng+TBNidUwPQYJKoZIhvcNAQEK\n" + "MDCgDTALBglghkgBZQMEAgGhGjAYBgkqhkiG9w0BAQgwCwYJYIZIAWUDBAIBogMC\n" + "ATAwDzENMAsGA1UEAxMEQ0EtMDAgFw0xOTAyMTIyMDU0NTlaGA85OTk5MTIzMTIz\n" + "NTk1OVowDzENMAsGA1UEAxMEQ0EtMDCCAVIwPQYJKoZIhvcNAQEKMDCgDTALBglg\n" + "hkgBZQMEAgGhGjAYBgkqhkiG9w0BAQgwCwYJYIZIAWUDBAIBogMCATADggEPADCC\n" + "AQoCggEBAMcPAwX89KK6Nz39xdQRbSy9Ax7XzKAqtmmIczRVTKqsdQh4bm/gDuD6\n" + "Edxjl02cISBLczWV13brINSBI+QX/eLPyBmGGzI4ryyJuP+1qc0NMjDAlfYw+kXF\n" + "NZz02W6svxvrrt26mKJ1F+K/bZE+s9XHN0DW+hifQBBr8HX3BWJ9g6yj6YPd55pm\n" + "kQQcVgRG3BG1EMkJGK4LNesGdJGTHy+uqgtcykrMjh25uhr0oTOG6UjVYjXalZ5o\n" + "rOqo6CV+uGPmJYW2pBOlAOmblMMXSHXhIAhRBY8+h01BCsCU5wlEfPIsvclP2gSG\n" + "RVbM/9XgS/+4yN0fD+oXgi5Jh6TCYz8CAwEAAaNDMEEwDwYDVR0TAQH/BAUwAwEB\n" + "/zAPBgNVHQ8BAf8EBQMDBwYAMB0GA1UdDgQWBBR1lWzS3rLSrmdPPgma8JL4j1PJ\n" + "gzA9BgkqhkiG9w0BAQowMKANMAsGCWCGSAFlAwQCAaEaMBgGCSqGSIb3DQEBCDAL\n" + "BglghkgBZQMEAgGiAwIBMAOCAQEAqudvb92hfo7iAS63u902onL2XwhfS9IZtu3D\n" + "Lum78Q8nzhWf+YSls4/o8ln/Erv8LfrrhxoPEVpxQTPCbj/mmHez3hh+xrb0ZUVQ\n" + "pi5gE6kkkzzvL1VEMce85RLbm4AyVDl4onU2gaFXTxpMpKwBTZoKRbLcG2TsQgyW\n" + "Kgq+XnyT/1AC2vp4Ou8G1MIh5bkfetTeo2KJ3lmEVGoUh0k0diayDwaBgBDeX7hl\n" + "XvKrG/hhhWPVWNDXdQsiYYKVty76yM3vJiK9No1+jPZzNTv+pZaRqJiQ/ZaCICvC\n" + "uK/63Yrle+W/W1Jdj23/kSSL94ugw7PFwbqo2gPkECbG2Mk8pw==\n" "-----END CERTIFICATE-----\n" }; @@ -4120,7 +4125,7 @@ static struct { "rsa pss: invalid self sig - fail", rsa_pss_invalid_self_sig, &rsa_pss_invalid_self_sig[0], GNUTLS_VERIFY_DO_NOT_ALLOW_SAME, GNUTLS_CERT_INVALID | GNUTLS_CERT_SIGNER_CONSTRAINTS_FAILURE, 0, 1501138253}, { "rsa pss: invalid chain with pkcs#1 1.5 sig - fail", rsa_pss_invalid_chain_with_pkcs1_sig, &rsa_pss_invalid_chain_with_pkcs1_sig[2], 0, GNUTLS_CERT_INVALID | GNUTLS_CERT_SIGNER_CONSTRAINTS_FAILURE, 0, 1501138253}, { "rsa pss: invalid chain with wrong hash (sha384-sha256) - fail", rsa_pss_invalid_chain_with_wrong_hash, &rsa_pss_invalid_chain_with_wrong_hash[3], 0, GNUTLS_CERT_INVALID | GNUTLS_CERT_SIGNER_CONSTRAINTS_FAILURE, 0, 1501138253}, - { "rsa pss: smaller salt in sig than spki - fail", rsa_pss_chain_smaller_salt_in_sig_fail, &rsa_pss_chain_smaller_salt_in_sig_fail[3], 0, GNUTLS_CERT_INVALID | GNUTLS_CERT_SIGNER_CONSTRAINTS_FAILURE, 0, 1501159136}, + { "rsa pss: smaller salt in sig than spki - fail", rsa_pss_chain_smaller_salt_in_sig_fail, &rsa_pss_chain_smaller_salt_in_sig_fail[3], 0, GNUTLS_CERT_INVALID | GNUTLS_CERT_SIGNER_CONSTRAINTS_FAILURE, 0, 1550005473}, { "rsa pss: chain with sha1 hash - fail", rsa_pss_chain_with_sha1_fail, &rsa_pss_chain_with_sha1_fail[3], 0, GNUTLS_CERT_INVALID, 0, 1501159136}, { "rsa pss: chain with different mgf hash - fail", rsa_pss_chain_with_diff_mgf_oid_fail, &rsa_pss_chain_with_diff_mgf_oid_fail[3], 0, GNUTLS_CERT_INVALID, 0, 1501159136}, { "rsa pss: chain with sha256 - ok", rsa_pss_chain_sha256_ok, &rsa_pss_chain_sha256_ok[3], 0, 0, 0, 1501138253}, diff --git a/tests/tls-record-size-limit.c b/tests/tls-record-size-limit.c index 8c9729719f..8346ee56d9 100644 --- a/tests/tls-record-size-limit.c +++ b/tests/tls-record-size-limit.c @@ -52,9 +52,10 @@ #define HANDSHAKE_SESSION_ID_POS 34 -static size_t max_record_size; +static size_t server_max_send_size; +static size_t client_max_send_size; -#define SERVER_PUSH_ADD if (len > max_record_size + 5+32) fail("max record set to %d, len: %d\n", (int)max_record_size, (int)len); +#define SERVER_PUSH_ADD if (len > server_max_send_size + 5+32) fail("max record set to %d, len: %d\n", (int)server_max_send_size, (int)len); #include "eagain-common.h" #include "cert-common.h" @@ -136,22 +137,23 @@ static int handshake_callback(gnutls_session_t session, unsigned int htype, #define MAX_BUF 16384 static char buffer[MAX_BUF]; -struct test_ext_st { +struct test_exp_st { + int error; + size_t size; bool max_record_size; bool record_size_limit; }; struct test_st { const char *prio; - size_t max_size; + size_t server_max_size; + size_t client_max_size; - int expect_error; - size_t expect_size; - struct test_ext_st expect_server_ext; - struct test_ext_st expect_client_ext; + struct test_exp_st server_exp; + struct test_exp_st client_exp; }; -static void check_exts(const struct test_ext_st *exp, +static void check_exts(const struct test_exp_st *exp, struct handshake_cb_data_st *data) { if (exp->max_record_size && !data->found_max_record_size) @@ -198,6 +200,15 @@ static void start(const struct test_st *test) serverx509cred); gnutls_priority_set_direct(server, test->prio, NULL); + + ret = gnutls_record_set_max_size(server, test->server_max_size); + if (ret != test->server_exp.error) + fail("server: unexpected error from gnutls_record_set_max_size()"); + if (ret == 0) + server_max_send_size = test->server_max_size; + else + server_max_send_size = MAX_BUF; + gnutls_transport_set_push_function(server, server_push); gnutls_transport_set_pull_function(server, server_pull); gnutls_transport_set_pull_timeout_function(server, @@ -233,13 +244,13 @@ static void start(const struct test_st *test) if (ret < 0) exit(1); - ret = gnutls_record_set_max_size(client, test->max_size); - if (ret != test->expect_error) - fail("unexpected error from gnutls_record_set_max_size()"); + ret = gnutls_record_set_max_size(client, test->client_max_size); + if (ret != test->client_exp.error) + fail("client: unexpected error from gnutls_record_set_max_size()"); if (ret == 0) - max_record_size = test->max_size; + client_max_send_size = test->client_max_size; else - max_record_size = MAX_BUF; + client_max_send_size = MAX_BUF; gnutls_transport_set_push_function(client, client_push); gnutls_transport_set_pull_function(client, client_pull); @@ -256,22 +267,39 @@ static void start(const struct test_st *test) HANDSHAKE(client, server); memset(buffer, 1, sizeof(buffer)); - ret = gnutls_record_send(server, buffer, max_record_size + 1); + ret = gnutls_record_send(server, buffer, server_max_send_size + 1); if (ret < 0) { gnutls_perror(ret); exit(1); } - if (ret != (int)test->expect_size) - fail("unexpected record size sent: %d (%d)\n", - ret, (int)test->expect_size); - success("did not send a %d-byte packet\n", (int)max_record_size + 1); + if (ret != (int)test->server_exp.size) + fail("server: unexpected record size sent: %d (%d)\n", + ret, (int)test->server_exp.size); + success("server: did not send a %d-byte packet\n", (int)server_max_send_size + 1); - ret = gnutls_record_send(server, buffer, max_record_size); + ret = gnutls_record_send(server, buffer, server_max_send_size); if (ret < 0) { gnutls_perror(ret); exit(1); } - success("did send a %d-byte packet\n", (int)max_record_size); + success("server: did send a %d-byte packet\n", (int)server_max_send_size); + + ret = gnutls_record_send(client, buffer, client_max_send_size + 1); + if (ret < 0) { + gnutls_perror(ret); + exit(1); + } + if (ret != (int)test->client_exp.size) + fail("client: unexpected record size sent: %d (%d)\n", + ret, (int)test->client_exp.size); + success("client: did not send a %d-byte packet\n", (int)client_max_send_size + 1); + + ret = gnutls_record_send(client, buffer, client_max_send_size); + if (ret < 0) { + gnutls_perror(ret); + exit(1); + } + success("client: did send a %d-byte packet\n", (int)client_max_send_size); gnutls_bye(client, GNUTLS_SHUT_RDWR); gnutls_bye(server, GNUTLS_SHUT_RDWR); @@ -286,79 +314,94 @@ static void start(const struct test_st *test) reset_buffers(); - check_exts(&test->expect_server_ext, + check_exts(&test->server_exp, &server_handshake_cb_data); - check_exts(&test->expect_client_ext, + check_exts(&test->client_exp, &client_handshake_cb_data); } static const struct test_st tests[] = { { .prio = "NORMAL:-VERS-ALL:+VERS-TLS1.2", - .max_size = 511, - .expect_error = GNUTLS_E_INVALID_REQUEST, - .expect_size = 16384, - .expect_server_ext = { + .server_max_size = 511, + .client_max_size = 511, + .server_exp = { + .error = GNUTLS_E_INVALID_REQUEST, + .size = 16384, .max_record_size = 0, .record_size_limit = 1 }, - .expect_client_ext = { + .client_exp = { + .error = GNUTLS_E_INVALID_REQUEST, + .size = 16384, .max_record_size = 0, .record_size_limit = 1 } }, { .prio = "NORMAL:-VERS-ALL:+VERS-TLS1.2", - .max_size = 512, - .expect_error = 0, - .expect_size = 512, - .expect_server_ext = { + .server_max_size = 512, + .client_max_size = 512, + .server_exp = { + .error = 0, + .size = 512, .max_record_size = 1, .record_size_limit = 1 }, - .expect_client_ext = { + .client_exp = { + .error = 0, + .size = 512, .max_record_size = 0, .record_size_limit = 1 } }, { .prio = "NORMAL:-VERS-ALL:+VERS-TLS1.2", - .max_size = 8192, - .expect_error = 0, - .expect_size = 8192, - .expect_server_ext = { + .server_max_size = 8192, + .client_max_size = 8192, + .server_exp = { + .error = 0, + .size = 8192, .max_record_size = 0, .record_size_limit = 1 }, - .expect_client_ext = { + .client_exp = { + .error = 0, + .size = 8192, .max_record_size = 0, .record_size_limit = 1 } }, { .prio = "NORMAL:-VERS-ALL:+VERS-TLS1.2", - .max_size = 16384, - .expect_error = 0, - .expect_size = 16384, - .expect_server_ext = { + .server_max_size = 16384, + .client_max_size = 16384, + .server_exp = { + .error = 0, + .size = 16384, .max_record_size = 0, .record_size_limit = 1 }, - .expect_client_ext = { + .client_exp = { + .error = 0, + .size = 16384, .max_record_size = 0, .record_size_limit = 1 } }, { .prio = "NORMAL:-VERS-ALL:+VERS-TLS1.2", - .max_size = 16385, - .expect_error = GNUTLS_E_INVALID_REQUEST, - .expect_size = 16384, - .expect_server_ext = { + .server_max_size = 16385, + .client_max_size = 16385, + .server_exp = { + .error = GNUTLS_E_INVALID_REQUEST, + .size = 16384, .max_record_size = 0, .record_size_limit = 1 }, - .expect_client_ext = { + .client_exp = { + .error = GNUTLS_E_INVALID_REQUEST, + .size = 16384, .max_record_size = 0, .record_size_limit = 1 } @@ -366,70 +409,102 @@ static const struct test_st tests[] = { { .prio = "NORMAL:-VERS-ALL:+VERS-TLS1.3", - .max_size = 511, - .expect_error = GNUTLS_E_INVALID_REQUEST, - .expect_size = 16384, - .expect_server_ext = { + .server_max_size = 511, + .client_max_size = 511, + .server_exp = { + .error = GNUTLS_E_INVALID_REQUEST, + .size = 16384, .max_record_size = 0, .record_size_limit = 1 }, - .expect_client_ext = { + .client_exp = { + .error = GNUTLS_E_INVALID_REQUEST, + .size = 16384, .max_record_size = 0, .record_size_limit = 1 } - }, + }, { .prio = "NORMAL:-VERS-ALL:+VERS-TLS1.3", - .max_size = 512, - .expect_error = 0, - .expect_size = 512, - .expect_server_ext = { + .server_max_size = 512, + .client_max_size = 512, + .server_exp = { + .error = 0, + .size = 512, .max_record_size = 1, .record_size_limit = 1 }, - .expect_client_ext = { + .client_exp = { + .error = 0, + .size = 512, + .max_record_size = 0, + .record_size_limit = 1 + } + }, + { + .prio = "NORMAL:-VERS-ALL:+VERS-TLS1.3", + .server_max_size = 8192, + .client_max_size = 8192, + .server_exp = { + .error = 0, + .size = 8192, + .max_record_size = 0, + .record_size_limit = 1 + }, + .client_exp = { + .error = 0, + .size = 8192, .max_record_size = 0, .record_size_limit = 1 } }, { .prio = "NORMAL:-VERS-ALL:+VERS-TLS1.3", - .max_size = 8192, - .expect_error = 0, - .expect_size = 8192, - .expect_server_ext = { + .server_max_size = 16384, + .client_max_size = 16384, + .server_exp = { + .error = 0, + .size = 16384, .max_record_size = 0, .record_size_limit = 1 }, - .expect_client_ext = { + .client_exp = { + .error = 0, + .size = 16384, .max_record_size = 0, .record_size_limit = 1 } }, { .prio = "NORMAL:-VERS-ALL:+VERS-TLS1.3", - .max_size = 16384, - .expect_error = 0, - .expect_size = 16384, - .expect_server_ext = { + .server_max_size = 16383, + .client_max_size = 16384, + .server_exp = { + .error = 0, + .size = 16383, .max_record_size = 0, .record_size_limit = 1 }, - .expect_client_ext = { + .client_exp = { + .error = 0, + .size = 16383, .max_record_size = 0, .record_size_limit = 1 } }, { .prio = "NORMAL:-VERS-ALL:+VERS-TLS1.3", - .max_size = 16385, - .expect_error = GNUTLS_E_INVALID_REQUEST, - .expect_size = 16384, - .expect_server_ext = { + .server_max_size = 16385, + .client_max_size = 16385, + .server_exp = { + .error = GNUTLS_E_INVALID_REQUEST, + .size = 16384, .max_record_size = 0, .record_size_limit = 1 }, - .expect_client_ext = { + .client_exp = { + .error = GNUTLS_E_INVALID_REQUEST, + .size = 16384, .max_record_size = 0, .record_size_limit = 1 } diff --git a/tests/tls13/prf.c b/tests/tls13/prf.c index 75daff59d4..fda8ce6843 100644 --- a/tests/tls13/prf.c +++ b/tests/tls13/prf.c @@ -130,10 +130,10 @@ static void dump(const char *name, const uint8_t *data, unsigned data_size) } \ } -#define KEY_EXP_VALUE "\xfb\xcb\x96\x87\x8c\x64\x8b\x60\xef\xdc\x76\xb0\x7c\x3b\xd1\x50\x1e\xb1\x3f\x39\xb2\x20\x74\x2c\xb2\x76\x12\x9f\xfc\xad\xb9\xce\x1d\x9a" -#define HELLO_VALUE "\x61\x32\x14\x81\x9b\xa0\x43\xcd\x39\xbf\x63\x18\x7c\xb7\xf3\x02\x65\xab\x2c\xa4\xaf\xbc\x1c\x7a\x1d\xa4\xc5\x28\x8f\x45\x68" -#define CONTEXT_VALUE "\xa7\x3c\xa7\x59\x94\x33\xb4\x97\x90\x92\x8c\xe2\x39\xda\x56\x42\x4a\xeb\xeb\xab\x73\xc4\x20\xf0\x34\x4f\xda\xf8\x17\xf5\xbd" -#define NULL_CONTEXT_VALUE "\x66\xa1\x0a\xcb\xfa\x28\x85\x79\xa3\x30\xeb\xc5\xd5\x50\x62\xdd\xb4\x9c\xa7\x0b\x0b\xe0\x28\x03\x18\xfb\x32\x3d\x37\xf2\xe5" +#define KEY_EXP_VALUE "\xec\x26\x9e\x8c\x5f\xff\x5c\xb2\x60\x4f\x82\xe7\x6b\xb9\x70\x40\xb9\x2d\x2f\xe7\x41\xa8\xe7\xfa\x03\x7c\xe8\x6d\xfa\xda\xc2\xa9\x3f\x58" +#define HELLO_VALUE "\xd4\x74\x4a\x09\x28\x0a\x99\xb9\xa4\x5b\x51\x5b\x80\xe7\x50\x1c\x16\xca\x57\x78\xf0\xe5\xa1\x94\x6b\x20\x2b\x14\xff\x2b\x53" +#define CONTEXT_VALUE "\x8d\xde\xea\x58\xab\x90\xaf\x6c\x5c\x7a\x69\xbf\x8a\xd2\x16\xb4\x0f\x75\xb8\x63\xdb\x86\xe7\x66\x04\x59\xac\x57\xe0\x03\x37" +#define NULL_CONTEXT_VALUE "\x6c\x1a\x10\x1f\xa9\x5a\xfd\xcd\xf4\xcf\x27\x09\x00\xa8\xca\x8e\x8a\x56\xfb\x80\xf0\x0d\xb3\xa6\xe9\x4a\x5f\xe0\x0c\x31\xd9" static void check_prfs(gnutls_session_t session) { unsigned char key_material[512]; diff --git a/tests/tls13/rnd-check-rollback-val.c b/tests/tls13/rnd-check-rollback-val.c index f573596c5e..6b7adafcb5 100644 --- a/tests/tls13/rnd-check-rollback-val.c +++ b/tests/tls13/rnd-check-rollback-val.c @@ -89,6 +89,8 @@ static void client(int fd) gnutls_certificate_credentials_t x509_cred; gnutls_session_t session; gnutls_datum_t srandom; + unsigned try = 0; + gnutls_datum_t session_data = { NULL, 0 }; global_init(); @@ -102,6 +104,7 @@ static void client(int fd) &cli_ca3_key, GNUTLS_X509_FMT_PEM); + retry: /* Initialize TLS session */ gnutls_init(&session, GNUTLS_CLIENT); @@ -112,6 +115,9 @@ static void client(int fd) if (ret < 0) fail("cannot set TLS priorities\n"); + if (try > 0) + gnutls_session_set_data(session, session_data.data, session_data.size); + /* put the anonymous credentials to the current session */ gnutls_credentials_set(session, GNUTLS_CRD_CERTIFICATE, x509_cred); @@ -129,6 +135,9 @@ static void client(int fd) fail("error in handshake: %s\n", gnutls_strerror(ret)); } + if (try > 0) + assert(gnutls_session_is_resumed(session)); + gnutls_session_get_random(session, NULL, &srandom); if (srandom.size != 32) @@ -147,10 +156,28 @@ static void client(int fd) fail("unexpected random data for %s\n", name); } - close(fd); + do { + ret = gnutls_record_send(session, "\x00", 1); + } while (ret == GNUTLS_E_AGAIN || ret == GNUTLS_E_INTERRUPTED); + + if (try == 0) { + ret = gnutls_session_get_data2(session, &session_data); + if (ret < 0) + fail("couldn't retrieve session data: %s\n", + gnutls_strerror(ret)); + } gnutls_deinit(session); + if (try == 0) { + try++; + goto retry; + } + + close(fd); + + gnutls_free(session_data.data); + gnutls_certificate_free_credentials(x509_cred); gnutls_global_deinit(); @@ -162,6 +189,9 @@ static void server(int fd) int ret; gnutls_session_t session; gnutls_certificate_credentials_t x509_cred; + gnutls_datum_t skey; + unsigned try = 0; + unsigned char buf[16]; /* this must be called once in the program */ @@ -177,6 +207,9 @@ static void server(int fd) &server_key, GNUTLS_X509_FMT_PEM); + assert(gnutls_session_ticket_key_generate(&skey) >= 0); + + retry: gnutls_init(&session, GNUTLS_SERVER); gnutls_handshake_set_timeout(session, 20 * 1000); @@ -185,6 +218,8 @@ static void server(int fd) gnutls_credentials_set(session, GNUTLS_CRD_CERTIFICATE, x509_cred); + assert(gnutls_session_ticket_enable_server(session, &skey) >= 0); + gnutls_transport_set_int(session, fd); do { @@ -197,9 +232,26 @@ static void server(int fd) if (ret < 0) fail("error in handshake: %s\n", gnutls_strerror(ret)); - close(fd); + if (try > 0) + assert(gnutls_session_is_resumed(session)); + + do { + ret = gnutls_record_recv(session, buf, sizeof(buf)); + } while (ret == GNUTLS_E_AGAIN || ret == GNUTLS_E_INTERRUPTED); + + if (ret < 0) + fail("server: recv did not succeed as expected: %s\n", gnutls_strerror(ret)); + gnutls_deinit(session); + if (try == 0) { + try++; + goto retry; + } + + close(fd); + + gnutls_free(skey.data); gnutls_certificate_free_credentials(x509_cred); gnutls_global_deinit(); |