2 * Copyright (c) 2011-2014 Apple Inc. All Rights Reserved.
4 * @APPLE_LICENSE_HEADER_START@
6 * This file contains Original Code and/or Modifications of Original Code
7 * as defined in and that are subject to the Apple Public Source License
8 * Version 2.0 (the 'License'). You may not use this file except in
9 * compliance with the License. Please obtain a copy of the License at
10 * http://www.opensource.apple.com/apsl/ and read it before using this
13 * The Original Code and all software distributed under the License are
14 * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER
15 * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES,
16 * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY,
17 * FITNESS FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT.
18 * Please see the License for the specific language governing rights and
19 * limitations under the License.
21 * @APPLE_LICENSE_HEADER_END@
30 #include <sys/types.h>
31 #include <netinet/in.h>
32 #include <sys/socket.h>
34 #include <arpa/inet.h>
35 #include <CoreFoundation/CoreFoundation.h>
37 #include <AssertMacros.h>
38 #include <Security/SecureTransportPriv.h> /* SSLSetOption */
39 #include <Security/SecureTransport.h>
40 #include <Security/SecPolicy.h>
41 #include <Security/SecTrust.h>
42 #include <Security/SecIdentity.h>
43 #include <Security/SecIdentityPriv.h>
44 #include <Security/SecCertificatePriv.h>
45 #include <Security/SecKeyPriv.h>
46 #include <Security/SecItem.h>
47 #include <Security/SecRandom.h>
48 #include <utilities/SecCFRelease.h>
51 #include <sys/types.h>
52 #include <sys/socket.h>
55 #include <mach/mach_time.h>
57 #include "STLegacyTests.h"
59 @implementation STLegacyTests (tls12)
68 struct s_server *server;
70 bool is_session_resume;
72 bool client_side_auth;
78 #pragma clang diagnostic push
79 #pragma clang diagnostic ignored "-Wdeprecated-declarations"
81 #if SECTRANS_VERBOSE_DEBUG
82 static void hexdump(const uint8_t *bytes, size_t len) {
84 printf("socket write(%p, %lu)\n", bytes, len);
85 for (ix = 0; ix < len; ++ix) {
88 printf("%02X ", bytes[ix]);
93 #define hexdump(bytes, len)
96 static int SocketConnect(const char *hostName, int port)
98 struct sockaddr_in addr;
104 if (hostName[0] >= '0' && hostName[0] <= '9') {
105 host.s_addr = inet_addr(hostName);
107 ent = gethostbyname(hostName);
109 printf("\n***gethostbyname(%s) returned: %s\n", hostName, hstrerror(h_errno));
112 memcpy(&host, ent->h_addr, sizeof(struct in_addr));
115 sock = socket(AF_INET, SOCK_STREAM, 0);
116 addr.sin_addr = host;
117 addr.sin_port = htons((u_short)port);
119 addr.sin_family = AF_INET;
120 err = connect(sock, (struct sockaddr *) &addr, sizeof(struct sockaddr_in));
123 perror("connect failed");
131 static OSStatus SocketWrite(SSLConnectionRef conn, const void *data, size_t *length)
133 size_t len = *length;
134 uint8_t *ptr = (uint8_t *)data;
140 ret = write((int)conn, ptr, len);
144 } while ((ret < 0) && (errno == EAGAIN || errno == EINTR));
154 *length = *length - len;
155 return errSecSuccess;
158 static OSStatus SocketRead(SSLConnectionRef conn, void *data, size_t *length)
160 size_t len = *length;
161 uint8_t *ptr = (uint8_t *)data;
166 ret = read((int)conn, ptr, len);
169 } while ((ret < 0) && (errno == EAGAIN || errno == EINTR));
179 *length = *length - len;
180 return errSecSuccess;
183 static SSLContextRef make_ssl_ref(int sock, SSLProtocol maxprot, const char *peerName)
185 SSLContextRef ctx = NULL;
186 require((ctx = SSLCreateContext(kCFAllocatorDefault, kSSLClientSide, kSSLStreamType)), out);
187 require_noerr(SSLSetIOFuncs(ctx,
188 (SSLReadFunc)SocketRead, (SSLWriteFunc)SocketWrite), out);
189 require_noerr(SSLSetConnection(ctx, (SSLConnectionRef)(intptr_t)sock), out);
191 require_noerr(SSLSetSessionOption(ctx,
192 kSSLSessionOptionBreakOnServerAuth, true), out);
194 require_noerr(SSLSetProtocolVersionMax(ctx, maxprot), out);
196 require_noerr(SSLSetPeerDomainName(ctx, peerName, strlen(peerName)), out);
197 /* Tell SecureTransport to not check certs itself: it will break out of the
198 handshake to let us take care of it instead. */
199 require_noerr(SSLSetEnableCertVerify(ctx, false), out);
207 static OSStatus securetransport(ssl_test_handle * ssl)
210 SSLContextRef ctx = ssl->st;
211 SecTrustRef trust = NULL;
212 bool got_server_auth = false, got_client_cert_req = false;
215 ortn = SSLHandshake(ctx);
217 if (ortn == errSSLServerAuthCompleted) {
218 require_string(!got_server_auth, out, "second server auth");
219 require_string(!got_client_cert_req, out, "got client cert req before server auth");
220 got_server_auth = true;
221 require_string(!trust, out, "Got errSSLServerAuthCompleted twice?");
222 /* verify peer cert chain */
223 require_noerr(SSLCopyPeerTrust(ctx, &trust), out);
224 SecTrustResultType trust_result = 0;
225 /* this won't verify without setting up a trusted anchor */
226 require_noerr(SecTrustEvaluate(trust, &trust_result), out);
227 require((trust_result == kSecTrustResultUnspecified || trust_result == kSecTrustResultProceed), out);
230 } while (ortn == errSSLWouldBlock
231 || ortn == errSSLServerAuthCompleted);
232 require_noerr_action_quiet(ortn, out,
233 fprintf(stderr, "Fell out of SSLHandshake with error: %d\n", (int)ortn));
235 require_string(got_server_auth, out, "never got server auth");
237 SSLProtocol proto = kSSLProtocolUnknown;
238 require_noerr_quiet(SSLGetNegotiatedProtocolVersion(ctx, &proto), out);
240 SSLCipherSuite cipherSuite;
241 require_noerr_quiet(ortn = SSLGetNegotiatedCipher(ctx, &cipherSuite), out);
247 CFReleaseNull(trust);
254 #define CONNECT_TRIES 3
256 -(ssl_test_handle *)ssl_test_handle_create:(struct s_server *)server
260 for (int try = 0; comm < 0 && try < CONNECT_TRIES; try++) {
261 comm = SocketConnect(server->host, server->port);
268 ssl_test_handle *handle = calloc(1, sizeof(ssl_test_handle));
271 handle->st = make_ssl_ref(comm, server->maxprot, server->host);
272 handle->server = server;
278 ssl_test_handle_destroy(ssl_test_handle *handle)
285 struct s_server servers[] = {
286 #if !TARGET_OS_IPHONE //This test run on AppleWifi on iPhone, so we can't connect to internal servers.
287 {"nod.apple.com", 636, kTLSProtocol12 }, // This one has only the server eku, not the client one.
289 {"gsa.apple.com", 443, kTLSProtocol12 }, // This one has only the server eku, not the client one.
290 /* Good tls 1.2 servers */
291 {"sslanalyzer.comodoca.com", 443, kTLSProtocol12 }, // This one has a stapled OCSP response with SCTs.
292 {"encrypted.google.com", 443, kTLSProtocol12 },
293 {"www.amazon.com",443, kTLSProtocol12 },
294 //{"www.mikestoolbox.org",443, kTLSProtocol12 },
295 /* servers with issues */
296 // This server went offline as of May 2016 -- {"vpp.visa.co.uk", 443, kTLSProtocol12 }, // Doesnt like SSL 3.0 in initial record layer version
297 {"imap.softbank.jp",993, kTLSProtocol12 }, // softbank imap server, there are multiple servers behind this, one of them is not able to handle downgrading to TLS 1.2 properly (126.240.66.17).
298 {"mobile.charter.net",993, kTLSProtocol12 }, // Support 1.2 but fail to negotiate properly
299 {"mybill.vodafone.com.au", 443, kTLSProtocol1 }, /* 2056 bit server key */
302 #define NSERVERS (int)(sizeof(servers)/sizeof(servers[0]))
310 for (p = 0; p < NSERVERS; p++) {
311 for (int loops = 0; loops < NLOOPS; loops++) {
312 ssl_test_handle *client;
315 if (!(client = [self ssl_test_handle_create:&servers[p]]))
317 r = securetransport(client);
318 XCTAssert(r == errSecSuccess, "handshake failed with err=%ld - %s:%d (try %d)", (long)r, servers[p].host, servers[p].port, loops);
320 ssl_test_handle_destroy(client);
328 #pragma clang diagnostic pop