X-Git-Url: https://git.saurik.com/apple/security.git/blobdiff_plain/b04fe171f0375ecd5d8a24747ca1dff85720a0ca..6b200bc335dc93c5516ccb52f14bd896d8c7fad7:/SecurityTests/cspxutils/ssl2Padding/ssl2Padding.cpp

diff --git a/SecurityTests/cspxutils/ssl2Padding/ssl2Padding.cpp b/SecurityTests/cspxutils/ssl2Padding/ssl2Padding.cpp
deleted file mode 100644
index 3c842a7d..00000000
--- a/SecurityTests/cspxutils/ssl2Padding/ssl2Padding.cpp
+++ /dev/null
@@ -1,394 +0,0 @@
-/* Copyright (c) 2005-2006 Apple Computer, Inc.
- *
- * ssl2Padding.cpp - test CSSM_PADDING_APPLE_SSLv2.
- */
- 
-
- /*
-  * This table illustrates the combinations of:
-  *
-  * -- SSLv2 (v2) and SSLv3/TLSv1 (v3+) enables (0/1) on the client and server side
-  * -- the resulting negotiated protocols (including those forced by a man-in-the-middle 
-  *    attacker, denoted by (m))
-  * -- the padding generated by the client (client pad)
-  * -- the padding style checked by the server (server pad) 
-  * -- and the end results
-  *
-  * client  server 
-  * ------  ------ 
-  * v2 v3+  v2 v3+  negotiate client pad  server pad   result
-  * -- --   -- --   --------- ----------  ----------   ------
-  * 0  0    x  x                                       impossible
-  * x  x    0  0                                       impossible
-  * 0  1    0  1     v3+         PKCS1      PKCS1      normal
-  * 0  1    0  1     v2 (m)                            Attack fails, client rejects server hello
-  * 0  1    1  0     fail                              incompatible
-  * 0  1    1  1     v3+         PKCS1      PKCS1      normal
-  * 0  1    1  1     v2 (m)                            Attack fails, client rejects server hello
-  * 1  0    0  1     fail                              incompatible
-  * 1  0    1  0     v2          PKCS1      PKCS1      normal, both sides are dumb SSL2
-  * 1  0    1  0     v3+                               Attack fails, server rejects client hello
-  * 1  0    1  1     v2          PKCS1      SSLv2      normal, dumb client
-  * 1  0    1  1     v3+ (m)                           Attack fails, client rejects server hello
-  * 1  1    0  1     v3+         PKCS1      PKCS1      normal
-  * 1  1    0  1     v2 (m)                            Attack fails, server rejects SSL2 handshake
-  * 1  1    1  0     v2          SSLv2      PKCS1      normal, dumb server
-  * 1  1    1  0     v3+ (m)                           Attack fails, server rejects SSL3 handshakes
-  * 1  1    1  1     v3+         PKCS1      PKCS1      normal
-  * 1  1    1  1     v2 (m)      SSLv2      SSLv2      Attack fails due to SSLv2 pad detect
-  *
-  * The client generates SSLv2 padding if it's capable of v3+ but is currently operating
-  * in v2 per negotiation. 
-  *
-  * The server checks for SSLv2 padding if it's capable of v3+ but is currently operating
-  * in v2 per negotiation. If SSLv2 padding is seen, fail. 
-  */
-  
-#include <stdlib.h>
-#include <stdio.h>
-#include <string.h>
-#include <time.h>
-#include <Security/cssm.h>
-#include "cspwrap.h"
-#include "common.h"
-#include "cspdlTesting.h"
-
-#define USAGE_NAME			"noUsage"
-#define USAGE_NAME_LEN		(strlen(USAGE_NAME))
-#define LOOPS_DEF			10
-
-#define KEY_SIZE_DEF		1024
-#define KEY_SIZE_SMALL		512
-
-#define PTEXT_LEN			32		/* bytes */
-
-static void usage(char **argv)
-{
-	printf("usage: %s [options]\n", argv[0]);
-	printf("   Options:\n");
-	printf("   l=loops (default=%d; 0=forever)\n", LOOPS_DEF);
-	printf("   k=keySizeInBits; default=%d\n", KEY_SIZE_DEF);
-	printf("   D (CSP/DL; default = bare CSP)\n");
-	printf("   p (pause on each loop)\n");
-	printf("   u (quick; small keys)\n");
-	printf("   v(erbose)\n");
-	printf("   q(uiet)\n");
-	printf("   h(elp)\n");
-	exit(1);
-}
-
-/* special-purpose generate-context, encrypt, and decrypt routines just for this test */
-static int genRsaCryptContext(
-	CSSM_CSP_HANDLE		cspHand,
-	CSSM_KEY_PTR		key,
-	CSSM_PADDING		padding,
-	CSSM_BOOL			quiet,
-	CSSM_CC_HANDLE		&ccHand)			// RETURNED
-{
-	CSSM_RETURN crtn;
-	CSSM_ACCESS_CREDENTIALS	creds;
-	
-	memset(&creds, 0, sizeof(CSSM_ACCESS_CREDENTIALS));
-	crtn = CSSM_CSP_CreateAsymmetricContext(cspHand,
-		CSSM_ALGID_RSA,
-		&creds,			// access
-		key,
-		padding,
-		&ccHand);
-	if(crtn) {
-		cssmPerror("CSSM_CSP_CreateAsymmetricContext", crtn);
-		return testError(quiet);
-	}
-	return 0;
-}
-
-static int doRsaEncrypt(
-	CSSM_CSP_HANDLE		cspHand,
-	CSSM_KEY_PTR		key,
-	CSSM_PADDING		padding,
-	CSSM_BOOL			quiet,
-	CSSM_DATA			*ptext,
-	CSSM_DATA			*ctext)
-{
-	CSSM_CC_HANDLE	ccHand;
-	int				rtn;
-	CSSM_RETURN		crtn;
-	CSSM_SIZE		bytesMoved;
-	CSSM_DATA		remData = {0, NULL};
-	
-	rtn = genRsaCryptContext(cspHand, key, padding, quiet, ccHand);
-	if(rtn) {
-		return rtn;
-	}
-	crtn = CSSM_EncryptData(ccHand,
-		ptext,
-		1,
-		ctext,
-		1,
-		&bytesMoved,
-		&remData);
-	CSSM_DeleteContext(ccHand);
-	if(crtn == CSSM_OK) {
-		/*
-		 * Deal with remData - its contents are included in bytesMoved.
-		 */
-		if(remData.Length != 0) {
-			/* malloc and copy a new one */
-			uint8 *newCdata = (uint8 *)appMalloc(bytesMoved, NULL);
-			memmove(newCdata, ctext->Data, ctext->Length);
-			memmove(newCdata+ctext->Length, remData.Data, remData.Length);
-			CSSM_FREE(ctext->Data);
-			ctext->Data = newCdata;
-		}
-		ctext->Length = bytesMoved;
-		return 0;
-	}
-	else {
-		cssmPerror("CSSM_EncryptData", crtn);
-		return testError(quiet);
-	}
-}
-
-static int doRsaDecrypt(
-	CSSM_CSP_HANDLE		cspHand,
-	CSSM_KEY_PTR		key,
-	CSSM_PADDING		padding,
-	CSSM_BOOL			quiet,
-	CSSM_RETURN			expectRtn,
-	CSSM_DATA			*ctext,
-	CSSM_DATA			*rptext)
-{
-	CSSM_CC_HANDLE	ccHand;
-	int				rtn;
-	CSSM_RETURN		crtn;
-	CSSM_SIZE		bytesMoved;
-	CSSM_DATA		remData = {0, NULL};
-	
-	rtn = genRsaCryptContext(cspHand, key, padding, quiet, ccHand);
-	if(rtn) {
-		return rtn;
-	}
-	crtn = CSSM_DecryptData(ccHand,
-		ctext,
-		1,
-		rptext,
-		1,
-		&bytesMoved,
-		&remData);
-	CSSM_DeleteContext(ccHand);
-	if(crtn != expectRtn) {
-		printf("   CSSM_DecryptData: expect %s\n",	cssmErrToStr(expectRtn));
-		printf("   CSSM_DecryptData: got    %s\n",  cssmErrToStr(crtn));
-		return testError(quiet);
-	}
-	if(crtn) {
-		/* no need to process further */
-		return 0;
-	}
-	if(crtn == CSSM_OK) {
-		/*
-		 * Deal with remData - its contents are included in bytesMoved.
-		 */
-		if(remData.Length != 0) {
-			/* malloc and copy a new one */
-			uint8 *newRpdata = (uint8 *)appMalloc(bytesMoved, NULL);
-			memmove(newRpdata, rptext->Data, rptext->Length);
-			memmove(newRpdata+rptext->Length, remData.Data, remData.Length);
-			CSSM_FREE(rptext->Data);
-			rptext->Data = newRpdata;
-		}
-		rptext->Length = bytesMoved;
-		return 0;
-	}
-	else {
-		cssmPerror("CSSM_DecryptData", crtn);
-		return testError(quiet);
-	}
-}
-
-/*
- * encrypt with specified pad
- * decrypt with specified pad, verify expected result (which may be failure)
- */
-static int doTest(
-	CSSM_CSP_HANDLE		cspHand,
-	CSSM_KEY_PTR		pubKey,
-	CSSM_KEY_PTR		privKey,
-	CSSM_PADDING		encrPad,
-	CSSM_PADDING		decrPad,
-	CSSM_BOOL			quiet,
-	CSSM_RETURN			expectResult)
-{
-	int				rtn;
-	uint8			ptext[PTEXT_LEN];
-	CSSM_DATA		ptextData = {PTEXT_LEN, ptext};
-	CSSM_DATA		ctext = {0, NULL};
-	CSSM_DATA		rptext = {0, NULL};
-	
-	simpleGenData(&ptextData, PTEXT_LEN, PTEXT_LEN);
-	rtn = doRsaEncrypt(cspHand, pubKey, encrPad, quiet, &ptextData, &ctext);
-	if(rtn) {
-		goto errOut;
-	}
-	rtn = doRsaDecrypt(cspHand, privKey, decrPad, quiet, expectResult, &ctext, &rptext);
-	if(rtn) {
-		goto errOut;
-	}
-	if(expectResult == CSSM_OK) {
-		if(memcmp(rptext.Data, ptextData.Data, PTEXT_LEN)) {
-			printf("***Data miscomapare after decrypt\n");
-			rtn = testError(quiet);
-		}
-	}
-errOut:
-	if(ctext.Data) {
-		CSSM_FREE(ctext.Data);
-	}
-	if(rptext.Data) {
-		CSSM_FREE(rptext.Data);
-	}
-	return rtn;
-}
-
-int main(int argc, char **argv)
-{
-	int					arg;
-	char				*argp;
-	unsigned			loop;
-	CSSM_CSP_HANDLE 	cspHand;
-	int					rtn = 0;
-	
-	/*
-	 * User-spec'd params
-	 */
-	unsigned			loops = LOOPS_DEF;
-	CSSM_BOOL			verbose = CSSM_FALSE;
-	CSSM_BOOL			quiet = CSSM_FALSE;
-	uint32				keySizeInBits = KEY_SIZE_DEF;
-	CSSM_BOOL			bareCsp = CSSM_TRUE;
-	CSSM_BOOL			doPause = CSSM_FALSE;
-	
-	for(arg=1; arg<argc; arg++) {
-		argp = argv[arg];
-		switch(argp[0]) {
-		    case 'l':
-				loops = atoi(&argp[2]);
-				break;
-			case 'k':
-				keySizeInBits = atoi(&argv[arg][2]);
-				break;
-			case 'D':
-				bareCsp = CSSM_FALSE;
-				break;
-			case 'u':
-				keySizeInBits = KEY_SIZE_SMALL;
-				break;
-		    case 'v':
-		    	verbose = CSSM_TRUE;
-				break;
-		    case 'p':
-		    	doPause = CSSM_TRUE;
-				break;
-		    case 'q':
-		    	quiet = CSSM_TRUE;
-				break;
-		    case 'h':
-		    default:
-				usage(argv);
-		}
-	}
-	
-	testStartBanner("ssl2Padding", argc, argv);
-
-	cspHand = cspDlDbStartup(bareCsp, NULL);
-	if(cspHand == 0) {
-		exit(1);
-	}
-	CSSM_KEY pubKey;
-	CSSM_KEY privKey;
-	
-	CSSM_RETURN crtn = cspGenKeyPair(cspHand, CSSM_ALGID_RSA,
-		USAGE_NAME, USAGE_NAME_LEN,
-		keySizeInBits,
-		&pubKey, CSSM_TRUE /* ref */, CSSM_KEYUSE_ANY, CSSM_KEYBLOB_RAW_FORMAT_NONE,
-		&privKey, CSSM_TRUE /* ref */, CSSM_KEYUSE_ANY, CSSM_KEYBLOB_RAW_FORMAT_NONE,
-		CSSM_FALSE);
-	if(crtn) {
-		printf("***Error generating key pair. Aborting.\n");
-		exit(1);
-	}
-	for(loop=1; ; loop++) {
-		if(doPause) {
-			fpurge(stdin);
-			printf("Top of loop; hit CR to proceed: ");
-			getchar();
-		}
-		
-		/* encrypt by client, decrypt by server. */
-		
-		/*
-		 * SSLv3+ negotiated, normal case, or
-		 * both sides support SSLv2 only
-		 */
-		if(!quiet) {
-			printf("...loop %u\n", loop);
-			printf("   encrPad PKCS1 decrPad PKCS1\n");
-		}
-		rtn = doTest(cspHand, &pubKey, &privKey, 
-			CSSM_PADDING_PKCS1, CSSM_PADDING_PKCS1,
-			quiet, CSSM_OK);
-		if(rtn) {
-			break;
-		}
-		
-		/* 
-		 * Server supports SSLv2 and SSLv3+, client supports SSLv2 only
-		 */
-		if(!quiet) {
-			printf("   encrPad PKCS1 decrPad SSLv2\n");
-		}
-		rtn = doTest(cspHand, &pubKey, &privKey, 
-			CSSM_PADDING_PKCS1, CSSM_PADDING_APPLE_SSLv2,
-			quiet, CSSM_OK);
-		if(rtn) {
-			break;
-		}
-		 
-		/*
-		 * Server supports SSLv2 only, client supports SSLv2 and SSLv3+
-		 */
-		if(!quiet) {
-			printf("   encrPad SSLv2 decrPad PKCS1\n");
-		}
-		rtn = doTest(cspHand, &pubKey, &privKey, 
-			CSSM_PADDING_APPLE_SSLv2, CSSM_PADDING_PKCS1,
-			quiet, CSSM_OK);
-		if(rtn) {
-			break;
-		}
-		 
-		/*
-		 * Both sides support SSLv3+ but a man in the middle has forced the 
-		 * negotiated protocol down to SSLv2 
-		 */
-		if(!quiet) {
-			printf("   encrPad SSLv2 decrPad SSLv2, expect failure\n");
-		}
-		rtn = doTest(cspHand, &pubKey, &privKey, 
-			CSSM_PADDING_APPLE_SSLv2, CSSM_PADDING_APPLE_SSLv2,
-			quiet, CSSMERR_CSP_APPLE_SSLv2_ROLLBACK);
-		if(rtn) {
-			break;
-		}
-
-		if(loops && (loop == loops)) {
-			break;
-		}
-	}	/* for loop */
-
-	CSSM_ModuleDetach(cspHand);
-	if((rtn == 0) && !quiet) {
-		printf("%s test complete\n", argv[0]);
-	}
-	return rtn;
-}