openssl/util/perl/checkhandshake.pm

#! /usr/bin/env perl
# Copyright 2015-2019 The OpenSSL Project Authors. All Rights Reserved.
#
# Licensed under the OpenSSL license (the "License").  You may not use
# this file except in compliance with the License.  You can obtain a copy
# in the file LICENSE in the source distribution or at
# https://www.openssl.org/source/license.html

package checkhandshake;

use OpenSSL::Test qw/:DEFAULT cmdstr srctop_file srctop_dir bldtop_dir/;
use OpenSSL::Test::Utils;
use TLSProxy::Proxy;

use Exporter;
our @ISA = 'Exporter';
our @EXPORT = qw(@handmessages @extensions checkhandshake);

use constant {
    DEFAULT_HANDSHAKE => 1,
    OCSP_HANDSHAKE => 2,
    RESUME_HANDSHAKE => 4,
    CLIENT_AUTH_HANDSHAKE => 8,
    RENEG_HANDSHAKE => 16,
    NPN_HANDSHAKE => 32,
    EC_HANDSHAKE => 64,
    HRR_HANDSHAKE => 128,
    HRR_RESUME_HANDSHAKE => 256,

    ALL_HANDSHAKES => 511
};

use constant {
    #DEFAULT also includes SESSION_TICKET_SRV_EXTENSION and SERVER_NAME_CLI
    DEFAULT_EXTENSIONS => 0x00000007,
    SESSION_TICKET_SRV_EXTENSION => 0x00000002,
    SERVER_NAME_CLI_EXTENSION => 0x00000004,
    SERVER_NAME_SRV_EXTENSION => 0x00000008,
    STATUS_REQUEST_CLI_EXTENSION => 0x00000010,
    STATUS_REQUEST_SRV_EXTENSION => 0x00000020,
    ALPN_CLI_EXTENSION => 0x00000040,
    ALPN_SRV_EXTENSION => 0x00000080,
    SCT_CLI_EXTENSION => 0x00000100,
    SCT_SRV_EXTENSION => 0x00000200,
    RENEGOTIATE_CLI_EXTENSION => 0x00000400,
    NPN_CLI_EXTENSION => 0x00000800,
    NPN_SRV_EXTENSION => 0x00001000,
    SRP_CLI_EXTENSION => 0x00002000,
    #Client side for ec point formats is a default extension
    EC_POINT_FORMAT_SRV_EXTENSION => 0x00004000,
    PSK_CLI_EXTENSION => 0x00008000,
    PSK_SRV_EXTENSION => 0x00010000,
    KEY_SHARE_SRV_EXTENSION => 0x00020000,
    PSK_KEX_MODES_EXTENSION => 0x00040000,
    KEY_SHARE_HRR_EXTENSION => 0x00080000,
    SUPPORTED_GROUPS_SRV_EXTENSION => 0x00100000,
    POST_HANDSHAKE_AUTH_CLI_EXTENSION => 0x00200000
};

our @handmessages = ();
our @extensions = ();

sub checkhandshake($$$$)
{
    my ($proxy, $handtype, $exttype, $testname) = @_;

    subtest $testname => sub {
        my $loop = 0;
        my $numtests;
        my $extcount;
        my $clienthelloseen = 0;

        my $lastmt = 0;
        my $numsh = 0;
        if (TLSProxy::Proxy::is_tls13()) {
            #How many ServerHellos are we expecting?
            for ($numtests = 0; $handmessages[$loop][1] != 0; $loop++) {
                next if (($handmessages[$loop][1] & $handtype) == 0);
                $numsh++ if ($lastmt != TLSProxy::Message::MT_SERVER_HELLO
                             && $handmessages[$loop][0] == TLSProxy::Message::MT_SERVER_HELLO);
                $lastmt = $handmessages[$loop][0];
            }
        }

        #First count the number of tests
        my $nextmess = 0;
        my $message = undef;
        my $chnum = 0;
        my $shnum = 0;
        if (!TLSProxy::Proxy::is_tls13()) {
            # In non-TLSv1.3 we always treat reneg CH and SH like the first CH
            # and SH
            $chnum = 1;
            $shnum = 1;
        }
        #If we're only expecting one ServerHello out of two then we skip the
        #first ServerHello in the list completely
        $shnum++ if ($numsh == 1 && TLSProxy::Proxy::is_tls13());
        $loop = 0;
        for ($numtests = 0; $handmessages[$loop][1] != 0; $loop++) {
            next if (($handmessages[$loop][1] & $handtype) == 0);
            if (scalar @{$proxy->message_list} > $nextmess) {
                $message = ${$proxy->message_list}[$nextmess];
                $nextmess++;
            } else {
                $message = undef;
            }
            $numtests++;

            next if (!defined $message);
            if (TLSProxy::Proxy::is_tls13()) {
                $chnum++ if $message->mt() == TLSProxy::Message::MT_CLIENT_HELLO;
                $shnum++ if $message->mt() == TLSProxy::Message::MT_SERVER_HELLO;
            }
            next if ($message->mt() != TLSProxy::Message::MT_CLIENT_HELLO
                    && $message->mt() != TLSProxy::Message::MT_SERVER_HELLO
                    && $message->mt() !=
                       TLSProxy::Message::MT_ENCRYPTED_EXTENSIONS
                    && $message->mt() != TLSProxy::Message::MT_CERTIFICATE
                    && $message->mt() != TLSProxy::Message::MT_CERTIFICATE_REQUEST);

            next if $message->mt() == TLSProxy::Message::MT_CERTIFICATE
                    && !TLSProxy::Proxy::is_tls13();

            my $extchnum = 1;
            my $extshnum = 1;
            for (my $extloop = 0;
                    $extensions[$extloop][3] != 0;
                    $extloop++) {
                $extchnum = 2 if $extensions[$extloop][0] != TLSProxy::Message::MT_CLIENT_HELLO
                                 && TLSProxy::Proxy::is_tls13();
                $extshnum = 2 if $extensions[$extloop][0] != TLSProxy::Message::MT_SERVER_HELLO
                                 && $extchnum == 2;
                next if $extensions[$extloop][0] == TLSProxy::Message::MT_CLIENT_HELLO
                                 && $extchnum != $chnum;
                next if $extensions[$extloop][0] == TLSProxy::Message::MT_SERVER_HELLO
                                 && $extshnum != $shnum;
                next if ($message->mt() != $extensions[$extloop][0]);
                next if ($message->server() != $extensions[$extloop][2]);
                $numtests++;
            }
            $numtests++;
        }

        plan tests => $numtests;

        $nextmess = 0;
        $message = undef;
        if (TLSProxy::Proxy::is_tls13()) {
            $chnum = 0;
            $shnum = 0;
        } else {
            # In non-TLSv1.3 we always treat reneg CH and SH like the first CH
            # and SH
            $chnum = 1;
            $shnum = 1;
        }
        #If we're only expecting one ServerHello out of two then we skip the
        #first ServerHello in the list completely
        $shnum++ if ($numsh == 1 && TLSProxy::Proxy::is_tls13());
        for ($loop = 0; $handmessages[$loop][1] != 0; $loop++) {
            next if (($handmessages[$loop][1] & $handtype) == 0);
            if (scalar @{$proxy->message_list} > $nextmess) {
                $message = ${$proxy->message_list}[$nextmess];
                $nextmess++;
            } else {
                $message = undef;
            }
            if (!defined $message) {
                fail("Message type check. Got nothing, expected "
                     .$handmessages[$loop][0]);
                next;
            } else {
                ok($message->mt == $handmessages[$loop][0],
                   "Message type check. Got ".$message->mt
                   .", expected ".$handmessages[$loop][0]);
            }
            if (TLSProxy::Proxy::is_tls13()) {
                $chnum++ if $message->mt() == TLSProxy::Message::MT_CLIENT_HELLO;
                $shnum++ if $message->mt() == TLSProxy::Message::MT_SERVER_HELLO;
            }

            next if ($message->mt() != TLSProxy::Message::MT_CLIENT_HELLO
                    && $message->mt() != TLSProxy::Message::MT_SERVER_HELLO
                    && $message->mt() !=
                       TLSProxy::Message::MT_ENCRYPTED_EXTENSIONS
                    && $message->mt() != TLSProxy::Message::MT_CERTIFICATE
                    && $message->mt() != TLSProxy::Message::MT_CERTIFICATE_REQUEST);

            next if $message->mt() == TLSProxy::Message::MT_CERTIFICATE
                    && !TLSProxy::Proxy::is_tls13();

            if ($message->mt() == TLSProxy::Message::MT_CLIENT_HELLO) {
                #Add renegotiate extension we will expect if renegotiating
                $exttype |= RENEGOTIATE_CLI_EXTENSION
                    if ($clienthelloseen && !TLSProxy::Proxy::is_tls13());
                $clienthelloseen = 1;
            }
            #Now check that we saw the extensions we expected
            my $msgexts = $message->extension_data();
            my $extchnum = 1;
            my $extshnum = 1;
            for (my $extloop = 0, $extcount = 0; $extensions[$extloop][3] != 0;
                                $extloop++) {
                #In TLSv1.3 we can have two ClientHellos if there has been a
                #HelloRetryRequest, and they may have different extensions. Skip
                #if these are extensions for a different ClientHello
                $extchnum = 2 if $extensions[$extloop][0] != TLSProxy::Message::MT_CLIENT_HELLO
                                 && TLSProxy::Proxy::is_tls13();
                $extshnum = 2 if $extensions[$extloop][0] != TLSProxy::Message::MT_SERVER_HELLO
                                 && $extchnum == 2;
                next if $extensions[$extloop][0] == TLSProxy::Message::MT_CLIENT_HELLO
                                 && $extchnum != $chnum;
                next if $extensions[$extloop][0] == TLSProxy::Message::MT_SERVER_HELLO
                                 && $extshnum != $shnum;
                next if ($message->mt() != $extensions[$extloop][0]);
                next if ($message->server() != $extensions[$extloop][2]);
                ok (($extensions[$extloop][3] & $exttype) == 0
                      || defined ($msgexts->{$extensions[$extloop][1]}),
                    "Extension presence check (Message: ".$message->mt()
                    ." Extension: ".($extensions[$extloop][3] & $exttype).", "
                    .$extloop.")");
                $extcount++ if (($extensions[$extloop][3] & $exttype) != 0);
            }
            ok($extcount == keys %$msgexts, "Extensions count mismatch ("
                                            .$extcount.", ".(keys %$msgexts)
                                            .")");
        }
    }
}

1;
v1.1.1t 2023-05-09 22:08:48 +00:00			`#! /usr/bin/env perl`
			`# Copyright 2015-2019 The OpenSSL Project Authors. All Rights Reserved.`
			`#`
			`# Licensed under the OpenSSL license (the "License"). You may not use`
			`# this file except in compliance with the License. You can obtain a copy`
			`# in the file LICENSE in the source distribution or at`
			`# https://www.openssl.org/source/license.html`

			`package checkhandshake;`

			`use OpenSSL::Test qw/:DEFAULT cmdstr srctop_file srctop_dir bldtop_dir/;`
			`use OpenSSL::Test::Utils;`
			`use TLSProxy::Proxy;`

			`use Exporter;`
			`our @ISA = 'Exporter';`
			`our @EXPORT = qw(@handmessages @extensions checkhandshake);`

			`use constant {`
			`DEFAULT_HANDSHAKE => 1,`
			`OCSP_HANDSHAKE => 2,`
			`RESUME_HANDSHAKE => 4,`
			`CLIENT_AUTH_HANDSHAKE => 8,`
			`RENEG_HANDSHAKE => 16,`
			`NPN_HANDSHAKE => 32,`
			`EC_HANDSHAKE => 64,`
			`HRR_HANDSHAKE => 128,`
			`HRR_RESUME_HANDSHAKE => 256,`

			`ALL_HANDSHAKES => 511`
			`};`

			`use constant {`
			`#DEFAULT also includes SESSION_TICKET_SRV_EXTENSION and SERVER_NAME_CLI`
			`DEFAULT_EXTENSIONS => 0x00000007,`
			`SESSION_TICKET_SRV_EXTENSION => 0x00000002,`
			`SERVER_NAME_CLI_EXTENSION => 0x00000004,`
			`SERVER_NAME_SRV_EXTENSION => 0x00000008,`
			`STATUS_REQUEST_CLI_EXTENSION => 0x00000010,`
			`STATUS_REQUEST_SRV_EXTENSION => 0x00000020,`
			`ALPN_CLI_EXTENSION => 0x00000040,`
			`ALPN_SRV_EXTENSION => 0x00000080,`
			`SCT_CLI_EXTENSION => 0x00000100,`
			`SCT_SRV_EXTENSION => 0x00000200,`
			`RENEGOTIATE_CLI_EXTENSION => 0x00000400,`
			`NPN_CLI_EXTENSION => 0x00000800,`
			`NPN_SRV_EXTENSION => 0x00001000,`
			`SRP_CLI_EXTENSION => 0x00002000,`
			`#Client side for ec point formats is a default extension`
			`EC_POINT_FORMAT_SRV_EXTENSION => 0x00004000,`
			`PSK_CLI_EXTENSION => 0x00008000,`
			`PSK_SRV_EXTENSION => 0x00010000,`
			`KEY_SHARE_SRV_EXTENSION => 0x00020000,`
			`PSK_KEX_MODES_EXTENSION => 0x00040000,`
			`KEY_SHARE_HRR_EXTENSION => 0x00080000,`
			`SUPPORTED_GROUPS_SRV_EXTENSION => 0x00100000,`
			`POST_HANDSHAKE_AUTH_CLI_EXTENSION => 0x00200000`
			`};`

			`our @handmessages = ();`
			`our @extensions = ();`

			`sub checkhandshake($$$$)`
			`{`
			`my ($proxy, $handtype, $exttype, $testname) = @_;`

			`subtest $testname => sub {`
			`my $loop = 0;`
			`my $numtests;`
			`my $extcount;`
			`my $clienthelloseen = 0;`

			`my $lastmt = 0;`
			`my $numsh = 0;`
			`if (TLSProxy::Proxy::is_tls13()) {`
			`#How many ServerHellos are we expecting?`
			`for ($numtests = 0; $handmessages[$loop][1] != 0; $loop++) {`
			`next if (($handmessages[$loop][1] & $handtype) == 0);`
			`$numsh++ if ($lastmt != TLSProxy::Message::MT_SERVER_HELLO`
			`&& $handmessages[$loop][0] == TLSProxy::Message::MT_SERVER_HELLO);`
			`$lastmt = $handmessages[$loop][0];`
			`}`
			`}`

			`#First count the number of tests`
			`my $nextmess = 0;`
			`my $message = undef;`
			`my $chnum = 0;`
			`my $shnum = 0;`
			`if (!TLSProxy::Proxy::is_tls13()) {`
			`# In non-TLSv1.3 we always treat reneg CH and SH like the first CH`
			`# and SH`
			`$chnum = 1;`
			`$shnum = 1;`
			`}`
			`#If we're only expecting one ServerHello out of two then we skip the`
			`#first ServerHello in the list completely`
			`$shnum++ if ($numsh == 1 && TLSProxy::Proxy::is_tls13());`
			`$loop = 0;`
			`for ($numtests = 0; $handmessages[$loop][1] != 0; $loop++) {`
			`next if (($handmessages[$loop][1] & $handtype) == 0);`
			`if (scalar @{$proxy->message_list} > $nextmess) {`
			`$message = ${$proxy->message_list}[$nextmess];`
			`$nextmess++;`
			`} else {`
			`$message = undef;`
			`}`
			`$numtests++;`

			`next if (!defined $message);`
			`if (TLSProxy::Proxy::is_tls13()) {`
			`$chnum++ if $message->mt() == TLSProxy::Message::MT_CLIENT_HELLO;`
			`$shnum++ if $message->mt() == TLSProxy::Message::MT_SERVER_HELLO;`
			`}`
			`next if ($message->mt() != TLSProxy::Message::MT_CLIENT_HELLO`
			`&& $message->mt() != TLSProxy::Message::MT_SERVER_HELLO`
			`&& $message->mt() !=`
			`TLSProxy::Message::MT_ENCRYPTED_EXTENSIONS`
			`&& $message->mt() != TLSProxy::Message::MT_CERTIFICATE`
			`&& $message->mt() != TLSProxy::Message::MT_CERTIFICATE_REQUEST);`

			`next if $message->mt() == TLSProxy::Message::MT_CERTIFICATE`
			`&& !TLSProxy::Proxy::is_tls13();`

			`my $extchnum = 1;`
			`my $extshnum = 1;`
			`for (my $extloop = 0;`
			`$extensions[$extloop][3] != 0;`
			`$extloop++) {`
			`$extchnum = 2 if $extensions[$extloop][0] != TLSProxy::Message::MT_CLIENT_HELLO`
			`&& TLSProxy::Proxy::is_tls13();`
			`$extshnum = 2 if $extensions[$extloop][0] != TLSProxy::Message::MT_SERVER_HELLO`
			`&& $extchnum == 2;`
			`next if $extensions[$extloop][0] == TLSProxy::Message::MT_CLIENT_HELLO`
			`&& $extchnum != $chnum;`
			`next if $extensions[$extloop][0] == TLSProxy::Message::MT_SERVER_HELLO`
			`&& $extshnum != $shnum;`
			`next if ($message->mt() != $extensions[$extloop][0]);`
			`next if ($message->server() != $extensions[$extloop][2]);`
			`$numtests++;`
			`}`
			`$numtests++;`
			`}`

			`plan tests => $numtests;`

			`$nextmess = 0;`
			`$message = undef;`
			`if (TLSProxy::Proxy::is_tls13()) {`
			`$chnum = 0;`
			`$shnum = 0;`
			`} else {`
			`# In non-TLSv1.3 we always treat reneg CH and SH like the first CH`
			`# and SH`
			`$chnum = 1;`
			`$shnum = 1;`
			`}`
			`#If we're only expecting one ServerHello out of two then we skip the`
			`#first ServerHello in the list completely`
			`$shnum++ if ($numsh == 1 && TLSProxy::Proxy::is_tls13());`
			`for ($loop = 0; $handmessages[$loop][1] != 0; $loop++) {`
			`next if (($handmessages[$loop][1] & $handtype) == 0);`
			`if (scalar @{$proxy->message_list} > $nextmess) {`
			`$message = ${$proxy->message_list}[$nextmess];`
			`$nextmess++;`
			`} else {`
			`$message = undef;`
			`}`
			`if (!defined $message) {`
			`fail("Message type check. Got nothing, expected "`
			`.$handmessages[$loop][0]);`
			`next;`
			`} else {`
			`ok($message->mt == $handmessages[$loop][0],`
			`"Message type check. Got ".$message->mt`
			`.", expected ".$handmessages[$loop][0]);`
			`}`
			`if (TLSProxy::Proxy::is_tls13()) {`
			`$chnum++ if $message->mt() == TLSProxy::Message::MT_CLIENT_HELLO;`
			`$shnum++ if $message->mt() == TLSProxy::Message::MT_SERVER_HELLO;`
			`}`

			`next if ($message->mt() != TLSProxy::Message::MT_CLIENT_HELLO`
			`&& $message->mt() != TLSProxy::Message::MT_SERVER_HELLO`
			`&& $message->mt() !=`
			`TLSProxy::Message::MT_ENCRYPTED_EXTENSIONS`
			`&& $message->mt() != TLSProxy::Message::MT_CERTIFICATE`
			`&& $message->mt() != TLSProxy::Message::MT_CERTIFICATE_REQUEST);`

			`next if $message->mt() == TLSProxy::Message::MT_CERTIFICATE`
			`&& !TLSProxy::Proxy::is_tls13();`

			`if ($message->mt() == TLSProxy::Message::MT_CLIENT_HELLO) {`
			`#Add renegotiate extension we will expect if renegotiating`
			`$exttype \|= RENEGOTIATE_CLI_EXTENSION`
			`if ($clienthelloseen && !TLSProxy::Proxy::is_tls13());`
			`$clienthelloseen = 1;`
			`}`
			`#Now check that we saw the extensions we expected`
			`my $msgexts = $message->extension_data();`
			`my $extchnum = 1;`
			`my $extshnum = 1;`
			`for (my $extloop = 0, $extcount = 0; $extensions[$extloop][3] != 0;`
			`$extloop++) {`
			`#In TLSv1.3 we can have two ClientHellos if there has been a`
			`#HelloRetryRequest, and they may have different extensions. Skip`
			`#if these are extensions for a different ClientHello`
			`$extchnum = 2 if $extensions[$extloop][0] != TLSProxy::Message::MT_CLIENT_HELLO`
			`&& TLSProxy::Proxy::is_tls13();`
			`$extshnum = 2 if $extensions[$extloop][0] != TLSProxy::Message::MT_SERVER_HELLO`
			`&& $extchnum == 2;`
			`next if $extensions[$extloop][0] == TLSProxy::Message::MT_CLIENT_HELLO`
			`&& $extchnum != $chnum;`
			`next if $extensions[$extloop][0] == TLSProxy::Message::MT_SERVER_HELLO`
			`&& $extshnum != $shnum;`
			`next if ($message->mt() != $extensions[$extloop][0]);`
			`next if ($message->server() != $extensions[$extloop][2]);`
			`ok (($extensions[$extloop][3] & $exttype) == 0`
			`\|\| defined ($msgexts->{$extensions[$extloop][1]}),`
			`"Extension presence check (Message: ".$message->mt()`
			`." Extension: ".($extensions[$extloop][3] & $exttype).", "`
			`.$extloop.")");`
			`$extcount++ if (($extensions[$extloop][3] & $exttype) != 0);`
			`}`
			`ok($extcount == keys %$msgexts, "Extensions count mismatch ("`
			`.$extcount.", ".(keys %$msgexts)`
			`.")");`
			`}`
			`}`
			`}`

			`1;`