From 16ab2bbd02d6a7ed90865a80a91f7c366ead754e Mon Sep 17 00:00:00 2001 From: Rajeev Ranjan Date: Wed, 13 Dec 2023 23:23:53 +0100 Subject: [PATCH] sslapitest.c, ssltestlib.h: update test for integrity-only cipher --- test/helpers/ssltestlib.h | 2 ++ test/sslapitest.c | 55 ++++++++++++++++++++++++++++++--------- 2 files changed, 44 insertions(+), 13 deletions(-) diff --git a/test/helpers/ssltestlib.h b/test/helpers/ssltestlib.h index 871f9bd52e09db..468662ed0bfd7a 100644 --- a/test/helpers/ssltestlib.h +++ b/test/helpers/ssltestlib.h @@ -17,6 +17,8 @@ #define TLS13_CHACHA20_POLY1305_SHA256_BYTES ((const unsigned char *)"\x13\x03") #define TLS13_AES_128_CCM_SHA256_BYTES ((const unsigned char *)"\x13\x04") #define TLS13_AES_128_CCM_8_SHA256_BYTES ((const unsigned char *)"\x13\05") +#define TLS13_SHA256_SHA256_BYTES ((const unsigned char *)"\xC0\xB4") +#define TLS13_SHA384_SHA384_BYTES ((const unsigned char *)"\xC0\xB5") int create_ssl_ctx_pair(OSSL_LIB_CTX *libctx, const SSL_METHOD *sm, const SSL_METHOD *cm, int min_proto_version, diff --git a/test/sslapitest.c b/test/sslapitest.c index 61981101bc390c..3fc0f025b1f8d0 100644 --- a/test/sslapitest.c +++ b/test/sslapitest.c @@ -3841,7 +3841,11 @@ static const char *ciphersuites[] = { "TLS_AES_256_GCM_SHA384", "TLS_AES_128_CCM_SHA256", #if !defined(OPENSSL_NO_CHACHA) && !defined(OPENSSL_NO_POLY1305) - "TLS_CHACHA20_POLY1305_SHA256" + "TLS_CHACHA20_POLY1305_SHA256", +#endif +#if !defined(OPENSSL_NO_INTEGRITY_ONLY_CIPHER) + "TLS_SHA256_SHA256", + "TLS_SHA384_SHA384" #endif }; @@ -3862,7 +3866,7 @@ static int early_data_skip_helper(int testtype, int cipher, int idx) unsigned char buf[20]; size_t readbytes, written; - if (is_fips && cipher == 4) + if (is_fips && (cipher == 4 || cipher == 5 || cipher == 6)) return 1; if (!TEST_true(create_ssl_ctx_pair(libctx, TLS_server_method(), @@ -3871,7 +3875,7 @@ static int early_data_skip_helper(int testtype, int cipher, int idx) &sctx, &cctx, cert, privkey))) goto end; - if (cipher == 0) { + if (cipher == 0 || cipher == 5 || cipher == 6) { SSL_CTX_set_security_level(sctx, 0); SSL_CTX_set_security_level(cctx, 0); } @@ -3882,8 +3886,9 @@ static int early_data_skip_helper(int testtype, int cipher, int idx) if (!TEST_true(setupearly_data_test(&cctx, &sctx, &clientssl, &serverssl, &sess, idx, - cipher == 2 ? SHA384_DIGEST_LENGTH - : SHA256_DIGEST_LENGTH))) + cipher == 2 || cipher == 6 + ? SHA384_DIGEST_LENGTH + : SHA256_DIGEST_LENGTH))) goto end; if (testtype == 1 || testtype == 2) { @@ -4334,12 +4339,14 @@ static int test_early_data_psk(int idx) } /* - * Test TLSv1.3 PSK can be used to send early_data with all 5 ciphersuites + * Test TLSv1.3 PSK can be used to send early_data with all 7 ciphersuites * idx == 0: Test with TLS1_3_RFC_AES_128_GCM_SHA256 * idx == 1: Test with TLS1_3_RFC_AES_256_GCM_SHA384 * idx == 2: Test with TLS1_3_RFC_CHACHA20_POLY1305_SHA256, * idx == 3: Test with TLS1_3_RFC_AES_128_CCM_SHA256 * idx == 4: Test with TLS1_3_RFC_AES_128_CCM_8_SHA256 + * idx == 5: Test with TLS1_3_RFC_SHA256_SHA256 + * idx == 6: Test with TLS1_3_RFC_SHA384_SHA384 */ static int test_early_data_psk_with_all_ciphers(int idx) { @@ -4359,7 +4366,14 @@ static int test_early_data_psk_with_all_ciphers(int idx) NULL, # endif TLS1_3_RFC_AES_128_CCM_SHA256, - TLS1_3_RFC_AES_128_CCM_8_SHA256 + TLS1_3_RFC_AES_128_CCM_8_SHA256, +# if !defined(OPENSSL_NO_INTEGRITY_ONLY_CIPHER) + TLS1_3_RFC_SHA256_SHA256, + TLS1_3_RFC_SHA384_SHA384 +#else + NULL, + NULL +#endif }; const unsigned char *cipher_bytes[] = { TLS13_AES_128_GCM_SHA256_BYTES, @@ -4370,13 +4384,23 @@ static int test_early_data_psk_with_all_ciphers(int idx) NULL, # endif TLS13_AES_128_CCM_SHA256_BYTES, - TLS13_AES_128_CCM_8_SHA256_BYTES + TLS13_AES_128_CCM_8_SHA256_BYTES, +# if !defined(OPENSSL_NO_INTEGRITY_ONLY_CIPHER) + TLS13_SHA256_SHA256_BYTES, + TLS13_SHA384_SHA384_BYTES +#else + NULL, + NULL +#endif }; if (cipher_str[idx] == NULL) return 1; - /* Skip ChaCha20Poly1305 as currently FIPS module does not support it */ - if (idx == 2 && is_fips == 1) + /* + * Skip ChaCha20Poly1305 & TLS_SHA{256,384}_SHA{256,384} cipher as + * currently FIPS module does not support it. + */ + if ((idx == 2 || idx == 5 || idx == 6) && is_fips == 1) return 1; /* We always set this up with a final parameter of "2" for PSK */ @@ -4385,7 +4409,7 @@ static int test_early_data_psk_with_all_ciphers(int idx) SHA384_DIGEST_LENGTH))) goto end; - if (idx == 4) { + if (idx == 4 || idx == 5 || idx == 6) { /* CCM8 ciphers are considered low security due to their short tag */ SSL_set_security_level(clientssl, 0); SSL_set_security_level(serverssl, 0); @@ -5232,7 +5256,12 @@ static int test_tls13_ciphersuite(int idx) # endif /* CCM8 ciphers are considered low security due to their short tag */ { TLS1_3_RFC_AES_128_CCM_8_SHA256 - ":" TLS1_3_RFC_AES_128_CCM_SHA256, 1, 1 } + ":" TLS1_3_RFC_AES_128_CCM_SHA256, 1, 1 }, +# if !defined(OPENSSL_NO_INTEGRITY_ONLY_CIPHER) + /* Integrity-only cipher do not provide any confidentiality */ + { TLS1_3_RFC_SHA256_SHA256 + ":" TLS1_3_RFC_SHA384_SHA384, 0, 1 } +# endif }; const char *t13_cipher = NULL; const char *t12_cipher = NULL; @@ -11411,7 +11440,7 @@ int setup_tests(void) ADD_ALL_TESTS(test_early_data_skip_abort, OSSL_NELEM(ciphersuites) * 3); ADD_ALL_TESTS(test_early_data_not_sent, 3); ADD_ALL_TESTS(test_early_data_psk, 8); - ADD_ALL_TESTS(test_early_data_psk_with_all_ciphers, 5); + ADD_ALL_TESTS(test_early_data_psk_with_all_ciphers, 7); ADD_ALL_TESTS(test_early_data_not_expected, 3); # ifndef OPENSSL_NO_TLS1_2 ADD_ALL_TESTS(test_early_data_tls1_2, 3);