Skip to content

Commit

Permalink
[ssl] Add tests for Perfect Forward Secrecy criteria on SECLEVEL >= 3
Browse files Browse the repository at this point in the history
Reviewed-by: Dmitry Belyavskiy <beldmit@gmail.com>
Reviewed-by: Paul Dale <pauli@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from #17763)

(cherry picked from commit d71151a)
  • Loading branch information
romen committed Mar 1, 2022
1 parent a108f66 commit 679a4f7
Show file tree
Hide file tree
Showing 4 changed files with 91 additions and 10 deletions.
21 changes: 21 additions & 0 deletions test/helpers/predefined_dhparams.c
Original file line number Diff line number Diff line change
Expand Up @@ -170,4 +170,25 @@ EVP_PKEY *get_dh2048(OSSL_LIB_CTX *libctx)
return dhpkey;
}

EVP_PKEY *get_dh4096(OSSL_LIB_CTX *libctx)
{
BIGNUM *p = NULL, *g = NULL;
EVP_PKEY *dhpkey = NULL;

g = BN_new();
if (g == NULL || !BN_set_word(g, 2))
goto err;

p = BN_get_rfc3526_prime_4096(NULL);
if (p == NULL)
goto err;

dhpkey = get_dh_from_pg_bn(libctx, "DH", p, g, NULL);

err:
BN_free(p);
BN_free(g);
return dhpkey;
}

#endif
1 change: 1 addition & 0 deletions test/helpers/predefined_dhparams.h
Original file line number Diff line number Diff line change
Expand Up @@ -14,4 +14,5 @@ EVP_PKEY *get_dh512(OSSL_LIB_CTX *libctx);
EVP_PKEY *get_dhx512(OSSL_LIB_CTX *libctx);
EVP_PKEY *get_dh1024dsa(OSSL_LIB_CTX *libct);
EVP_PKEY *get_dh2048(OSSL_LIB_CTX *libctx);
EVP_PKEY *get_dh4096(OSSL_LIB_CTX *libctx);
#endif
41 changes: 39 additions & 2 deletions test/recipes/80-test_ssl_old.t
Original file line number Diff line number Diff line change
Expand Up @@ -530,7 +530,7 @@ sub testssl {
subtest 'RSA/(EC)DHE/PSK tests' => sub {
######################################################################

plan tests => 6;
plan tests => 10;

SKIP: {
skip "TLSv1.0 is not supported by this OpenSSL build", 6
Expand Down Expand Up @@ -567,7 +567,7 @@ sub testssl {

ok(run(test([@ssltest, "-bio_pair", "-tls1", "-cipher", "PSK", "-psk", "abc123"])),
'test tls1 with PSK via BIO pair');
}
}

SKIP: {
skip "skipping auto DH PSK tests", 1
Expand All @@ -578,6 +578,43 @@ sub testssl {
}
}

SKIP: {
skip "TLSv1.1 is not supported by this OpenSSL build", 4
if $no_tls1_1;

SKIP: {
skip "skipping auto DHE PSK test at SECLEVEL 3", 1
if ($no_dh || $no_psk);

ok(run(test(['ssl_old_test', '-tls1_1', '-dhe4096', '-psk', '0102030405', '-cipher', '@SECLEVEL=3:DHE-PSK-AES256-CBC-SHA384'])),
'test auto DHE PSK meets security strength');
}

SKIP: {
skip "skipping auto ECDHE PSK test at SECLEVEL 3", 1
if ($no_ec || $no_psk);

ok(run(test(['ssl_old_test', '-tls1_1', '-no_dhe', '-psk', '0102030405', '-cipher', '@SECLEVEL=3:ECDHE-PSK-AES256-CBC-SHA384'])),
'test auto ECDHE PSK meets security strength');
}

SKIP: {
skip "skipping no RSA PSK at SECLEVEL 3 test", 1
if ($no_rsa || $no_psk);

ok(!run(test(['ssl_old_test', '-tls1_1', '-no_dhe', '-psk', '0102030405', '-cipher', '@SECLEVEL=3:RSA-PSK-AES256-CBC-SHA384'])),
'test auto RSA PSK does not meet security level 3 requirements (PFS)');
}

SKIP: {
skip "skipping no PSK at SECLEVEL 3 test", 1
if ($no_psk);

ok(!run(test(['ssl_old_test', '-tls1_1', '-no_dhe', '-psk', '0102030405', '-cipher', '@SECLEVEL=3:PSK-AES256-CBC-SHA384'])),
'test auto PSK does not meet security level 3 requirements (PFS)');
}
}

};

subtest 'Custom Extension tests' => sub {
Expand Down
38 changes: 30 additions & 8 deletions test/ssl_old_test.c
Original file line number Diff line number Diff line change
Expand Up @@ -629,10 +629,12 @@ static void sv_usage(void)
#ifndef OPENSSL_NO_DH
fprintf(stderr,
" -dhe512 - use 512 bit key for DHE (to test failure)\n");
fprintf(stderr,
" -dhe1024 - use 1024 bit key (safe prime) for DHE (default, no-op)\n");
fprintf(stderr,
" -dhe1024dsa - use 1024 bit key (with 160-bit subprime) for DHE\n");
fprintf(stderr,
" -dhe2048 - use 2048 bit key (safe prime) for DHE (default, no-op)\n");
fprintf(stderr,
" -dhe4096 - use 4096 bit key (safe prime) for DHE\n");
#endif
fprintf(stderr, " -no_dhe - disable DHE\n");
#ifndef OPENSSL_NO_EC
Expand All @@ -647,6 +649,12 @@ static void sv_usage(void)
#ifndef OPENSSL_NO_TLS1
fprintf(stderr, " -tls1 - use TLSv1\n");
#endif
#ifndef OPENSSL_NO_TLS1_1
fprintf(stderr, " -tls1_1 - use TLSv1.1\n");
#endif
#ifndef OPENSSL_NO_TLS1_2
fprintf(stderr, " -tls1_2 - use TLSv1.2\n");
#endif
#ifndef OPENSSL_NO_DTLS
fprintf(stderr, " -dtls - use DTLS\n");
#ifndef OPENSSL_NO_DTLS1
Expand Down Expand Up @@ -873,7 +881,7 @@ int main(int argc, char *argv[])
int badop = 0;
enum { BIO_MEM, BIO_PAIR, BIO_IPV4, BIO_IPV6 } bio_type = BIO_MEM;
int force = 0;
int dtls1 = 0, dtls12 = 0, dtls = 0, tls1 = 0, tls1_2 = 0, ssl3 = 0;
int dtls1 = 0, dtls12 = 0, dtls = 0, tls1 = 0, tls1_1 = 0, tls1_2 = 0, ssl3 = 0;
int ret = EXIT_FAILURE;
int client_auth = 0;
int server_auth = 0, i;
Expand All @@ -889,7 +897,7 @@ int main(int argc, char *argv[])
long bytes = 256L;
#ifndef OPENSSL_NO_DH
EVP_PKEY *dhpkey;
int dhe512 = 0, dhe1024dsa = 0;
int dhe512 = 0, dhe1024dsa = 0, dhe4096 = 0;
int no_dhe = 0;
#endif
int no_psk = 0;
Expand Down Expand Up @@ -984,6 +992,8 @@ int main(int argc, char *argv[])
dhe512 = 1;
else if (strcmp(*argv, "-dhe1024dsa") == 0)
dhe1024dsa = 1;
else if (strcmp(*argv, "-dhe4096") == 0)
dhe4096 = 1;
#endif
else if (strcmp(*argv, "-no_ecdhe") == 0)
/* obsolete */;
Expand All @@ -1002,6 +1012,8 @@ int main(int argc, char *argv[])
}
else if (strcmp(*argv, "-tls1_2") == 0) {
tls1_2 = 1;
} else if (strcmp(*argv, "-tls1_1") == 0) {
tls1_1 = 1;
} else if (strcmp(*argv, "-tls1") == 0) {
tls1 = 1;
} else if (strcmp(*argv, "-ssl3") == 0) {
Expand Down Expand Up @@ -1224,8 +1236,8 @@ int main(int argc, char *argv[])
goto end;
}

if (ssl3 + tls1 + tls1_2 + dtls + dtls1 + dtls12 > 1) {
fprintf(stderr, "At most one of -ssl3, -tls1, -tls1_2, -dtls, -dtls1 or -dtls12 should "
if (ssl3 + tls1 + tls1_1 + tls1_2 + dtls + dtls1 + dtls12 > 1) {
fprintf(stderr, "At most one of -ssl3, -tls1, -tls1_1, -tls1_2, -dtls, -dtls1 or -dtls12 should "
"be requested.\n");
EXIT(1);
}
Expand All @@ -1240,6 +1252,11 @@ int main(int argc, char *argv[])
no_protocol = 1;
else
#endif
#ifdef OPENSSL_NO_TLS1_1
if (tls1_1)
no_protocol = 1;
else
#endif
#ifdef OPENSSL_NO_TLS1_2
if (tls1_2)
no_protocol = 1;
Expand Down Expand Up @@ -1269,11 +1286,11 @@ int main(int argc, char *argv[])
goto end;
}

if (!ssl3 && !tls1 && !tls1_2 && !dtls && !dtls1 && !dtls12 && number > 1
if (!ssl3 && !tls1 && !tls1_1 && !tls1_2 && !dtls && !dtls1 && !dtls12 && number > 1
&& !reuse && !force) {
fprintf(stderr, "This case cannot work. Use -f to perform "
"the test anyway (and\n-d to see what happens), "
"or add one of -ssl3, -tls1, -tls1_2, -dtls, -dtls1, -dtls12, -reuse\n"
"or add one of -ssl3, -tls1, -tls1_1, -tls1_2, -dtls, -dtls1, -dtls12, -reuse\n"
"to avoid protocol mismatch.\n");
EXIT(1);
}
Expand Down Expand Up @@ -1325,6 +1342,9 @@ int main(int argc, char *argv[])
} else if (tls1) {
min_version = TLS1_VERSION;
max_version = TLS1_VERSION;
} else if (tls1_1) {
min_version = TLS1_1_VERSION;
max_version = TLS1_1_VERSION;
} else if (tls1_2) {
min_version = TLS1_2_VERSION;
max_version = TLS1_2_VERSION;
Expand Down Expand Up @@ -1489,6 +1509,8 @@ int main(int argc, char *argv[])
dhpkey = get_dh1024dsa(libctx);
else if (dhe512)
dhpkey = get_dh512(libctx);
else if (dhe4096)
dhpkey = get_dh4096(libctx);
else
dhpkey = get_dh2048(libctx);

Expand Down

0 comments on commit 679a4f7

Please sign in to comment.