diff options
Diffstat (limited to 'src/ssl/test/runner/runner.go')
| -rw-r--r-- | src/ssl/test/runner/runner.go | 269 |
1 files changed, 266 insertions, 3 deletions
diff --git a/src/ssl/test/runner/runner.go b/src/ssl/test/runner/runner.go index 362a7a53..4cfce261 100644 --- a/src/ssl/test/runner/runner.go +++ b/src/ssl/test/runner/runner.go @@ -431,6 +431,9 @@ type testCase struct { exportLabel string exportContext string useExportContext bool + // exportEarlyKeyingMaterial, if non-zero, behaves like + // exportKeyingMaterial, but for the early exporter. + exportEarlyKeyingMaterial int // flags, if not empty, contains a list of command-line flags that will // be passed to the shim program. flags []string @@ -694,6 +697,20 @@ func doExchange(test *testCase, config *Config, conn net.Conn, isResume bool, tr } } + if isResume && test.exportEarlyKeyingMaterial > 0 { + actual := make([]byte, test.exportEarlyKeyingMaterial) + if _, err := io.ReadFull(tlsConn, actual); err != nil { + return err + } + expected, err := tlsConn.ExportEarlyKeyingMaterial(test.exportEarlyKeyingMaterial, []byte(test.exportLabel), []byte(test.exportContext)) + if err != nil { + return err + } + if !bytes.Equal(actual, expected) { + return fmt.Errorf("early keying material mismatch; got %x, wanted %x", actual, expected) + } + } + if test.exportKeyingMaterial > 0 { actual := make([]byte, test.exportKeyingMaterial) if _, err := io.ReadFull(tlsConn, actual); err != nil { @@ -704,7 +721,7 @@ func doExchange(test *testCase, config *Config, conn net.Conn, isResume bool, tr return err } if !bytes.Equal(actual, expected) { - return fmt.Errorf("keying material mismatch") + return fmt.Errorf("keying material mismatch; got %x, wanted %x", actual, expected) } } @@ -1037,12 +1054,18 @@ func runTest(test *testCase, shimPath string, mallocNumToFail int64) error { if test.exportKeyingMaterial > 0 { flags = append(flags, "-export-keying-material", strconv.Itoa(test.exportKeyingMaterial)) - flags = append(flags, "-export-label", test.exportLabel) - flags = append(flags, "-export-context", test.exportContext) if test.useExportContext { flags = append(flags, "-use-export-context") } } + if test.exportEarlyKeyingMaterial > 0 { + flags = append(flags, "-on-resume-export-early-keying-material", strconv.Itoa(test.exportEarlyKeyingMaterial)) + } + if test.exportKeyingMaterial > 0 || test.exportEarlyKeyingMaterial > 0 { + flags = append(flags, "-export-label", test.exportLabel) + flags = append(flags, "-export-context", test.exportContext) + } + if test.expectResumeRejected { flags = append(flags, "-expect-session-miss") } @@ -9047,6 +9070,9 @@ func addExportKeyingMaterialTests() { config: Config{ MaxVersion: vers.version, }, + // Test the exporter in both initial and resumption + // handshakes. + resumeSession: true, tls13Variant: vers.tls13Variant, exportKeyingMaterial: 1024, exportLabel: "label", @@ -9081,6 +9107,229 @@ func addExportKeyingMaterialTests() { exportContext: "context", useExportContext: true, }) + + if vers.version >= VersionTLS13 { + // Test the exporters do not work while the client is + // sending 0-RTT data. + testCases = append(testCases, testCase{ + name: "NoEarlyKeyingMaterial-Client-InEarlyData-" + vers.name, + config: Config{ + MaxVersion: vers.version, + MaxEarlyDataSize: 16384, + }, + resumeSession: true, + tls13Variant: vers.tls13Variant, + flags: []string{ + "-enable-early-data", + "-expect-ticket-supports-early-data", + "-expect-accept-early-data", + "-on-resume-export-keying-material", "1024", + "-on-resume-export-label", "label", + "-on-resume-export-context", "context", + }, + shouldFail: true, + expectedError: ":HANDSHAKE_NOT_COMPLETE:", + }) + + // Test the early exporter works while the client is + // sending 0-RTT data. This data arrives during the + // server handshake, so we test it with ProtocolBugs. + testCases = append(testCases, testCase{ + name: "ExportEarlyKeyingMaterial-Client-InEarlyData-" + vers.name, + config: Config{ + MaxVersion: vers.version, + MaxEarlyDataSize: 16384, + }, + resumeConfig: &Config{ + MaxVersion: vers.version, + MaxEarlyDataSize: 16384, + Bugs: ProtocolBugs{ + ExpectEarlyKeyingMaterial: 1024, + ExpectEarlyKeyingLabel: "label", + ExpectEarlyKeyingContext: "context", + }, + }, + resumeSession: true, + tls13Variant: vers.tls13Variant, + flags: []string{ + "-enable-early-data", + "-expect-ticket-supports-early-data", + "-expect-accept-early-data", + "-on-resume-export-early-keying-material", "1024", + "-on-resume-export-label", "label", + "-on-resume-export-context", "context", + }, + }) + + // Test the early exporter still works on the client + // after the handshake is confirmed. This arrives after + // the server handshake, so the normal hooks work. + testCases = append(testCases, testCase{ + name: "ExportEarlyKeyingMaterial-Client-EarlyDataAccept-" + vers.name, + config: Config{ + MaxVersion: vers.version, + MaxEarlyDataSize: 16384, + }, + resumeConfig: &Config{ + MaxVersion: vers.version, + MaxEarlyDataSize: 16384, + }, + resumeSession: true, + tls13Variant: vers.tls13Variant, + exportEarlyKeyingMaterial: 1024, + exportLabel: "label", + exportContext: "context", + flags: []string{ + "-enable-early-data", + "-expect-ticket-supports-early-data", + "-expect-accept-early-data", + // Handshake twice on the client to force + // handshake confirmation. + "-handshake-twice", + }, + }) + + // Test the early exporter does not work on the client + // if 0-RTT was not offered. + testCases = append(testCases, testCase{ + name: "NoExportEarlyKeyingMaterial-Client-Initial-" + vers.name, + config: Config{ + MaxVersion: vers.version, + }, + tls13Variant: vers.tls13Variant, + flags: []string{"-export-early-keying-material", "1024"}, + shouldFail: true, + expectedError: ":EARLY_DATA_NOT_IN_USE:", + }) + testCases = append(testCases, testCase{ + name: "NoExportEarlyKeyingMaterial-Client-Resume-" + vers.name, + config: Config{ + MaxVersion: vers.version, + }, + resumeSession: true, + tls13Variant: vers.tls13Variant, + flags: []string{"-on-resume-export-early-keying-material", "1024"}, + shouldFail: true, + expectedError: ":EARLY_DATA_NOT_IN_USE:", + }) + + // Test the early exporter does not work on the client + // after a 0-RTT reject. + testCases = append(testCases, testCase{ + name: "NoExportEarlyKeyingMaterial-Client-EarlyDataReject-" + vers.name, + config: Config{ + MaxVersion: vers.version, + MaxEarlyDataSize: 16384, + Bugs: ProtocolBugs{ + AlwaysRejectEarlyData: true, + }, + }, + resumeSession: true, + tls13Variant: vers.tls13Variant, + flags: []string{ + "-enable-early-data", + "-expect-ticket-supports-early-data", + "-expect-reject-early-data", + "-on-retry-export-early-keying-material", "1024", + }, + shouldFail: true, + expectedError: ":EARLY_DATA_NOT_IN_USE:", + }) + + // Test the normal exporter on the server in half-RTT. + testCases = append(testCases, testCase{ + testType: serverTest, + name: "ExportKeyingMaterial-Server-HalfRTT-" + vers.name, + config: Config{ + MaxVersion: vers.version, + Bugs: ProtocolBugs{ + SendEarlyData: [][]byte{}, + ExpectEarlyDataAccepted: true, + }, + }, + tls13Variant: vers.tls13Variant, + resumeSession: true, + exportKeyingMaterial: 1024, + exportLabel: "label", + exportContext: "context", + useExportContext: true, + flags: []string{"-enable-early-data"}, + }) + + // Test the early exporter works on the server in half-RTT. + testCases = append(testCases, testCase{ + testType: serverTest, + name: "ExportEarlyKeyingMaterial-Server-HalfRTT-" + vers.name, + config: Config{ + MaxVersion: vers.version, + Bugs: ProtocolBugs{ + SendEarlyData: [][]byte{}, + ExpectEarlyDataAccepted: true, + }, + }, + tls13Variant: vers.tls13Variant, + resumeSession: true, + exportEarlyKeyingMaterial: 1024, + exportLabel: "label", + exportContext: "context", + flags: []string{"-enable-early-data"}, + }) + + // Test the early exporter does not work on the server + // if 0-RTT was not offered. + testCases = append(testCases, testCase{ + testType: serverTest, + name: "NoExportEarlyKeyingMaterial-Server-Initial-" + vers.name, + config: Config{ + MaxVersion: vers.version, + }, + tls13Variant: vers.tls13Variant, + flags: []string{"-export-early-keying-material", "1024"}, + shouldFail: true, + expectedError: ":EARLY_DATA_NOT_IN_USE:", + }) + testCases = append(testCases, testCase{ + testType: serverTest, + name: "NoExportEarlyKeyingMaterial-Server-Resume-" + vers.name, + config: Config{ + MaxVersion: vers.version, + }, + resumeSession: true, + tls13Variant: vers.tls13Variant, + flags: []string{"-on-resume-export-early-keying-material", "1024"}, + shouldFail: true, + expectedError: ":EARLY_DATA_NOT_IN_USE:", + }) + } else { + // Test the early exporter fails before TLS 1.3. + testCases = append(testCases, testCase{ + name: "NoExportEarlyKeyingMaterial-Client-" + vers.name, + config: Config{ + MaxVersion: vers.version, + }, + resumeSession: true, + tls13Variant: vers.tls13Variant, + exportEarlyKeyingMaterial: 1024, + exportLabel: "label", + exportContext: "context", + shouldFail: true, + expectedError: ":WRONG_SSL_VERSION:", + }) + testCases = append(testCases, testCase{ + testType: serverTest, + name: "NoExportEarlyKeyingMaterial-Server-" + vers.name, + config: Config{ + MaxVersion: vers.version, + }, + resumeSession: true, + tls13Variant: vers.tls13Variant, + exportEarlyKeyingMaterial: 1024, + exportLabel: "label", + exportContext: "context", + shouldFail: true, + expectedError: ":WRONG_SSL_VERSION:", + }) + } } testCases = append(testCases, testCase{ @@ -11149,6 +11398,20 @@ func addTLS13HandshakeTests() { tls13Variant: variant, }) + // Test that the client omits the fake session ID when the max version is TLS 1.2 and below. + testCases = append(testCases, testCase{ + testType: clientTest, + name: "TLS12NoSessionID-" + name, + config: Config{ + MaxVersion: VersionTLS13, + Bugs: ProtocolBugs{ + ExpectNoTLS12Session: true, + }, + }, + tls13Variant: variant, + flags: []string{"-max-version", strconv.Itoa(VersionTLS12)}, + }) + testCases = append(testCases, testCase{ testType: clientTest, name: "EarlyData-Client-" + name, |