12 #include <CoreFoundation/CoreFoundation.h>
14 #include <AssertMacros.h>
15 #include <Security/SecureTransportPriv.h> /* SSLSetOption */
16 #include <Security/SecureTransport.h>
17 #include <Security/SecPolicy.h>
18 #include <Security/SecTrust.h>
19 #include <Security/SecIdentity.h>
20 #include <Security/SecIdentityPriv.h>
21 #include <Security/SecCertificatePriv.h>
22 #include <Security/SecKeyPriv.h>
23 #include <Security/SecItem.h>
24 #include <Security/SecRandom.h>
27 #include <sys/types.h>
28 #include <sys/socket.h>
31 #include <mach/mach_time.h>
34 #include <Security/SecRSAKey.h>
37 #include "ssl_regressions.h"
38 #include "ssl-utils.h"
40 #include <tls_stream_parser.h>
41 #include <tls_handshake.h>
42 #include <tls_record.h>
44 #include <sys/queue.h>
47 #define test_printf(x...)
49 #include <corecrypto/ccrng.h>
50 #define CCRNGSTATE ccrng(NULL)
53 STAILQ_ENTRY(RecQueueItem
) next
; /* link to next queued entry or NULL */
55 size_t offset
; /* byte reads from this one */
60 tls_stream_parser_t parser
;
63 STAILQ_HEAD(, RecQueueItem
) rec_queue
; // coretls server queue packet in this queue
69 int tls_buffer_alloc(tls_buffer
*buf
, size_t length
)
71 buf
->data
= malloc(length
);
72 if(!buf
->data
) return -ENOMEM
;
78 int tls_buffer_free(tls_buffer
*buf
)
87 #pragma mark SecureTransport support
90 static void hexdump(const char *s
, const uint8_t *bytes
, size_t len
) {
92 printf("socket %s(%p, %lu)\n", s
, bytes
, len
);
93 for (ix
= 0; ix
< len
; ++ix
) {
96 printf("%02X ", bytes
[ix
]);
101 #define hexdump(string, bytes, len)
104 static OSStatus
SocketWrite(SSLConnectionRef h
, const void *data
, size_t *length
)
106 ssl_test_handle
*handle
=(ssl_test_handle
*)h
;
108 size_t len
= *length
;
109 uint8_t *ptr
= (uint8_t *)data
;
114 return tls_stream_parser_parse(handle
->parser
, buffer
);
117 static OSStatus
SocketRead(SSLConnectionRef h
, void *data
, size_t *length
)
119 ssl_test_handle
*handle
=(ssl_test_handle
*)h
;
121 test_printf("%s: %p requesting len=%zd\n", __FUNCTION__
, h
, *length
);
123 struct RecQueueItem
*item
= STAILQ_FIRST(&handle
->rec_queue
);
126 test_printf("%s: %p no data available\n", __FUNCTION__
, h
);
127 return errSSLWouldBlock
;
130 size_t avail
= item
->record
.length
- item
->offset
;
132 test_printf("%s: %p %zd bytes available in %p\n", __FUNCTION__
, h
, avail
, item
);
134 if(avail
> *length
) {
135 memcpy(data
, item
->record
.data
+item
->offset
, *length
);
136 item
->offset
+= *length
;
138 memcpy(data
, item
->record
.data
+item
->offset
, avail
);
140 STAILQ_REMOVE_HEAD(&handle
->rec_queue
, next
);
141 tls_buffer_free(&item
->record
);
145 test_printf("%s: %p %zd bytes read\n", __FUNCTION__
, h
, *length
);
151 static int process(tls_stream_parser_ctx_t ctx
, tls_buffer record
)
153 ssl_test_handle
*h
= (ssl_test_handle
*)ctx
;
154 tls_buffer decrypted
;
158 test_printf("%s: %p processing %zd bytes\n", __FUNCTION__
, ctx
, record
.length
);
161 decrypted
.length
= tls_record_decrypted_size(h
->record
, record
.length
);
162 decrypted
.data
= malloc(decrypted
.length
);
164 require_action(decrypted
.data
, errOut
, err
=-ENOMEM
);
165 require_noerr((err
=tls_record_decrypt(h
->record
, record
, &decrypted
, &ct
)), errOut
);
167 test_printf("%s: %p decrypted %zd bytes, ct=%d\n", __FUNCTION__
, ctx
, decrypted
.length
, ct
);
169 err
=tls_handshake_process(h
->hdsk
, decrypted
, ct
);
171 test_printf("%s: %p processed, err=%d\n", __FUNCTION__
, ctx
, err
);
174 free(decrypted
.data
);
179 tls_handshake_write_callback(tls_handshake_ctx_t ctx
, const tls_buffer data
, uint8_t content_type
)
182 ssl_test_handle
*handle
= (ssl_test_handle
*)ctx
;
184 test_printf("%s: %p writing data ct=%d, len=%zd\n", __FUNCTION__
, ctx
, content_type
, data
.length
);
186 struct RecQueueItem
*item
= malloc(sizeof(struct RecQueueItem
));
187 require_action(item
, errOut
, err
=-ENOMEM
);
189 err
=tls_buffer_alloc(&item
->record
, tls_record_encrypted_size(handle
->record
, content_type
, data
.length
));
190 require_noerr(err
, errOut
);
192 err
=tls_record_encrypt(handle
->record
, data
, content_type
, &item
->record
);
193 require_noerr(err
, errOut
);
197 test_printf("%s: %p queing %zd encrypted bytes, item=%p\n", __FUNCTION__
, ctx
, item
->record
.length
, item
);
199 STAILQ_INSERT_TAIL(&handle
->rec_queue
, item
, next
);
205 tls_buffer_free(&item
->record
);
213 tls_handshake_message_callback(tls_handshake_ctx_t ctx
, tls_handshake_message_t event
)
215 ssl_test_handle __unused
*handle
= (ssl_test_handle
*)ctx
;
217 test_printf("%s: %p event = %d\n", __FUNCTION__
, handle
, event
);
226 static uint8_t appdata
[] = "appdata";
228 tls_buffer appdata_buffer
= {
230 .length
= sizeof(appdata
),
235 tls_handshake_ready_callback(tls_handshake_ctx_t ctx
, bool write
, bool ready
)
237 ssl_test_handle
*handle
= (ssl_test_handle
*)ctx
;
239 test_printf("%s: %p %s ready=%d\n", __FUNCTION__
, handle
, write
?"write":"read", ready
);
243 if(handle
->ready_count
== 0) {
244 tls_handshake_request_renegotiation(handle
->hdsk
);
246 tls_handshake_write_callback(ctx
, appdata_buffer
, tls_record_type_AppData
);
248 handle
->ready_count
++;;
254 tls_handshake_set_retransmit_timer_callback(tls_handshake_ctx_t ctx
, int attempt
)
256 ssl_test_handle __unused
*handle
= (ssl_test_handle
*)ctx
;
258 test_printf("%s: %p attempt = %d\n", __FUNCTION__
, handle
, attempt
);
264 int mySSLRecordInitPendingCiphersFunc(tls_handshake_ctx_t ref
,
265 uint16_t selectedCipher
,
269 ssl_test_handle
*handle
= (ssl_test_handle
*)ref
;
271 test_printf("%s: %p, cipher=%04x, server=%d\n", __FUNCTION__
, ref
, selectedCipher
, server
);
272 return tls_record_init_pending_ciphers(handle
->record
, selectedCipher
, server
, key
);
276 int mySSLRecordAdvanceWriteCipherFunc(tls_handshake_ctx_t ref
)
278 ssl_test_handle
*handle
= (ssl_test_handle
*)ref
;
279 test_printf("%s: %p\n", __FUNCTION__
, ref
);
280 return tls_record_advance_write_cipher(handle
->record
);
284 int mySSLRecordRollbackWriteCipherFunc(tls_handshake_ctx_t ref
)
286 ssl_test_handle
*handle
= (ssl_test_handle
*)ref
;
287 test_printf("%s: %p\n", __FUNCTION__
, ref
);
288 return tls_record_rollback_write_cipher(handle
->record
);
292 int mySSLRecordAdvanceReadCipherFunc(tls_handshake_ctx_t ref
)
294 ssl_test_handle
*handle
= (ssl_test_handle
*)ref
;
295 test_printf("%s: %p\n", __FUNCTION__
, ref
);
296 return tls_record_advance_read_cipher(handle
->record
);
300 int mySSLRecordSetProtocolVersionFunc(tls_handshake_ctx_t ref
,
301 tls_protocol_version protocolVersion
)
303 ssl_test_handle
*handle
= (ssl_test_handle
*)ref
;
304 test_printf("%s: %p, version=%04x\n", __FUNCTION__
, ref
, protocolVersion
);
305 return tls_record_set_protocol_version(handle
->record
, protocolVersion
);
310 tls_handshake_save_session_data_callback(tls_handshake_ctx_t ctx
, tls_buffer sessionKey
, tls_buffer sessionData
)
312 ssl_test_handle __unused
*handle
= (ssl_test_handle
*)ctx
;
314 test_printf("%s: %p\n", __FUNCTION__
, handle
);
320 tls_handshake_load_session_data_callback(tls_handshake_ctx_t ctx
, tls_buffer sessionKey
, tls_buffer
*sessionData
)
322 ssl_test_handle __unused
*handle
= (ssl_test_handle
*)ctx
;
324 test_printf("%s: %p\n", __FUNCTION__
, handle
);
330 tls_handshake_delete_session_data_callback(tls_handshake_ctx_t ctx
, tls_buffer sessionKey
)
332 ssl_test_handle __unused
*handle
= (ssl_test_handle
*)ctx
;
334 test_printf("%s: %p\n", __FUNCTION__
, handle
);
340 tls_handshake_delete_all_sessions_callback(tls_handshake_ctx_t ctx
)
342 ssl_test_handle __unused
*handle
= (ssl_test_handle
*)ctx
;
344 test_printf("%s: %p\n", __FUNCTION__
, handle
);
350 tls_handshake_callbacks_t tls_handshake_callbacks
= {
351 .write
= tls_handshake_write_callback
,
352 .message
= tls_handshake_message_callback
,
353 .ready
= tls_handshake_ready_callback
,
354 .set_retransmit_timer
= tls_handshake_set_retransmit_timer_callback
,
355 .init_pending_cipher
= mySSLRecordInitPendingCiphersFunc
,
356 .advance_write_cipher
= mySSLRecordAdvanceWriteCipherFunc
,
357 .rollback_write_cipher
= mySSLRecordRollbackWriteCipherFunc
,
358 .advance_read_cipher
= mySSLRecordAdvanceReadCipherFunc
,
359 .set_protocol_version
= mySSLRecordSetProtocolVersionFunc
,
360 .load_session_data
= tls_handshake_load_session_data_callback
,
361 .save_session_data
= tls_handshake_save_session_data_callback
,
362 .delete_session_data
= tls_handshake_delete_session_data_callback
,
363 .delete_all_sessions
= tls_handshake_delete_all_sessions_callback
,
368 ssl_test_handle_destroy(ssl_test_handle
*handle
)
371 if(handle
->parser
) tls_stream_parser_destroy(handle
->parser
);
372 if(handle
->record
) tls_record_destroy(handle
->record
);
373 if(handle
->hdsk
) tls_handshake_destroy(handle
->hdsk
);
374 if(handle
->st
) CFRelease(handle
->st
);
379 static uint16_t ciphers
[] = {
380 TLS_PSK_WITH_AES_128_CBC_SHA
,
382 static int nciphers
= sizeof(ciphers
)/sizeof(ciphers
[0]);
384 static SSLCipherSuite ciphersuites
[] = {
385 TLS_PSK_WITH_AES_128_CBC_SHA
,
387 static int nciphersuites
= sizeof(ciphersuites
)/sizeof(ciphersuites
[0]);
391 static uint8_t shared_secret
[] = "secret";
393 tls_buffer psk_secret
= {
394 .data
= shared_secret
,
395 .length
= sizeof(shared_secret
),
398 static ssl_test_handle
*
399 ssl_test_handle_create(bool server
)
401 ssl_test_handle
*handle
= calloc(1, sizeof(ssl_test_handle
));
402 SSLContextRef ctx
= SSLCreateContext(kCFAllocatorDefault
, server
?kSSLServerSide
:kSSLClientSide
, kSSLStreamType
);
404 require(handle
, out
);
407 require_noerr(SSLSetIOFuncs(ctx
, (SSLReadFunc
)SocketRead
, (SSLWriteFunc
)SocketWrite
), out
);
408 require_noerr(SSLSetConnection(ctx
, (SSLConnectionRef
)handle
), out
);
409 require_noerr(SSLSetSessionOption(ctx
, kSSLSessionOptionBreakOnServerAuth
, true), out
);
410 require_noerr(SSLSetEnabledCiphers(ctx
, ciphersuites
, nciphersuites
), out
);
411 require_noerr(SSLSetPSKSharedSecret(ctx
, shared_secret
, sizeof(shared_secret
)), out
);
414 handle
->parser
= tls_stream_parser_create(handle
, process
);
415 handle
->record
= tls_record_create(false, CCRNGSTATE
);
416 handle
->hdsk
= tls_handshake_create(false, true); // server.
418 require_noerr(tls_handshake_set_ciphersuites(handle
->hdsk
, ciphers
, nciphers
), out
);
419 require_noerr(tls_handshake_set_callbacks(handle
->hdsk
, &tls_handshake_callbacks
, handle
), out
);
420 require_noerr(tls_handshake_set_psk_secret(handle
->hdsk
, &psk_secret
), out
);
421 require_noerr(tls_handshake_set_renegotiation(handle
->hdsk
, true), out
);
423 // Initialize the record queue
424 STAILQ_INIT(&handle
->rec_queue
);
429 if (handle
) free(handle
);
430 if (ctx
) CFRelease(ctx
);
439 ssl_test_handle
*client
;
440 SSLSessionState state
;
442 client
= ssl_test_handle_create(false);
444 require_action(client
, out
, ortn
= -1);
446 ortn
= SSLGetSessionState(client
->st
, &state
);
447 require_noerr(ortn
, out
);
448 is(state
, kSSLIdle
, "State should be Idle");
451 ortn
= SSLHandshake(client
->st
);
452 test_printf("SSLHandshake returned err=%d\n", (int)ortn
);
454 require_noerr(SSLGetSessionState(client
->st
, &state
), out
);
456 if (ortn
== errSSLPeerAuthCompleted
|| ortn
== errSSLWouldBlock
)
458 require_action(state
==kSSLHandshake
, out
, ortn
= -1);
461 } while(ortn
==errSSLWouldBlock
||
462 ortn
==errSSLPeerAuthCompleted
);
465 is(ortn
, 0, "Unexpected SSLHandshake exit code");
466 is(state
, kSSLConnected
, "State should be Connected");
469 size_t available
= 0;
471 test_printf("Initial handshake done\n");
474 ortn
= SSLRead(client
->st
, buffer
, sizeof(buffer
), &available
);
475 test_printf("SSLRead returned err=%d, avail=%zd\n", (int)ortn
, available
);
476 require_noerr(SSLGetSessionState(client
->st
, &state
), out
);
478 if (ortn
== errSSLPeerAuthCompleted
)
480 require_action(state
==kSSLHandshake
, out
, ortn
= -1);
483 } while(available
==0);
485 is(ortn
, 0, "Unexpected SSLRead exit code");
486 is(state
, kSSLConnected
, "State should be Connected");
490 is(ortn
, 0, "Final result is non zero");
491 ssl_test_handle_destroy(client
);
495 int ssl_51_state(int argc
, char *const *argv
)