tests: check the behavior of TLS1.2 key exchange methods under TLS1.3tmp-rsa-psk-fix

Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
author: Nikos Mavrogiannopoulos <nmav@redhat.com> 2018-04-23 15:02:53 +0200
committer: Nikos Mavrogiannopoulos <nmav@gnutls.org> 2018-04-23 20:56:49 +0200
commit: e8dfd0a705a8e9777b771ecc9dc71f43f6059e8a (patch)
tree: 30019290465560309dae3c26a2d527f0928832d5
parent: 138c0e2d3d786d582cdc0d1cc844141623bd22ae (diff)
download: gnutls-tmp-rsa-psk-fix.tar.gz
3 files changed, 249 insertions, 1 deletions
diff --git a/tests/Makefile.am b/tests/Makefile.am
index 88f56455c8..77819a3777 100644
--- a/tests/Makefile.am
+++ b/tests/Makefile.am
@@ -192,7 +192,8 @@ ctests += mini-record-2 simple gnutls_hmac_fast set_pkcs12_cred cert certuniquei
 	 send-data-before-handshake recv-data-before-handshake crt_inv_write \
 	 x509sign-verify-error rng-op-nonce rng-op-random rng-op-key x509-dn-decode-compat \
 	 ip-check mini-x509-ipaddr trust-store base64-raw random-art dhex509self \
-	 dss-sig-val sign-pk-api tls-session-ext-override mini-record-pad
+	 dss-sig-val sign-pk-api tls-session-ext-override mini-record-pad \
+	 tls13-server-kx-neg
 
 if HAVE_SECCOMP_TESTS
 ctests += dtls-with-seccomp tls-with-seccomp dtls-client-with-seccomp tls-client-with-seccomp
diff --git a/tests/server-kx-neg-common.c b/tests/server-kx-neg-common.c
index de4c7ad91a..5f80a60b15 100644
--- a/tests/server-kx-neg-common.c
+++ b/tests/server-kx-neg-common.c
@@ -39,6 +39,7 @@ typedef struct test_case_st {
 	unsigned have_ed25519_sign_cert;
 	unsigned have_rsa_decrypt_cert;
 	unsigned not_on_fips;
+	unsigned exp_version;
 	const char *client_prio;
 	const char *server_prio;
 } test_case_st;
@@ -230,6 +231,13 @@ static void try(test_case_st *test)
 
 	HANDSHAKE_EXPECT(client, server, test->client_ret, test->server_ret);
 
+	if (test->client_ret == 0 && test->server_ret == 0 && test->exp_version) {
+		if (gnutls_protocol_get_version(client) != test->exp_version)
+			fail("expected version (%s) does not match %s\n",
+			     gnutls_protocol_get_name(test->exp_version),
+			     gnutls_protocol_get_name(gnutls_protocol_get_version(client)));
+	}
+
 	gnutls_deinit(server);
 	gnutls_deinit(client);
 	gnutls_anon_free_client_credentials(c_anon_cred);
diff --git a/tests/tls13-server-kx-neg.c b/tests/tls13-server-kx-neg.c
new file mode 100644
index 0000000000..aba7944b1c
--- /dev/null
+++ b/tests/tls13-server-kx-neg.c
@@ -0,0 +1,239 @@
+/*
+ * Copyright (C) 2017-2018 Red Hat, Inc.
+ *
+ * Author: Nikos Mavrogiannopoulos
+ *
+ * This file is part of GnuTLS.
+ *
+ * GnuTLS is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 3 of the License, or
+ * (at your option) any later version.
+ *
+ * GnuTLS is distributed in the hope that it will be useful, but
+ * WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+ * General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public License
+ * along with this program.  If not, see <http://www.gnu.org/licenses/>
+ */
+
+#ifdef HAVE_CONFIG_H
+#include <config.h>
+#endif
+
+/* This program tests the negotiation for various key exchange
+ * methods and options which are considered legacy in TLS1.3. */
+
+#include <stdio.h>
+#include <stdlib.h>
+#include <string.h>
+#include <errno.h>
+#include <gnutls/gnutls.h>
+#include "utils.h"
+#include "cert-common.h"
+#include "eagain-common.h"
+
+#include "server-kx-neg-common.c"
+
+#define PVERSION "-VERS-ALL:+VERS-TLS1.3:+VERS-TLS1.2"
+
+test_case_st tests[] = {
+	{
+		.name = "TLS 1.3 DHE-PSK without cred",
+		.client_ret = GNUTLS_E_AGAIN,
+		.server_ret = GNUTLS_E_INSUFFICIENT_CREDENTIALS,
+		.server_prio = "NORMAL:-KX-ALL:+DHE-PSK:"PVERSION,
+		.client_prio = "NORMAL:-KX-ALL:+DHE-PSK:"PVERSION,
+		.exp_version = GNUTLS_TLS1_3,
+	},
+	{
+		.name = "TLS 1.3 DHE-PSK with cred but no DH params",
+		.client_ret = 0,
+		.server_ret = 0,
+		.have_psk_cred = 1,
+		.server_prio = "NORMAL:-KX-ALL:+DHE-PSK:"PVERSION,
+		.client_prio = "NORMAL:-KX-ALL:+DHE-PSK:"PVERSION,
+		.exp_version = GNUTLS_TLS1_3,
+	},
+	{
+		.name = "TLS 1.3 DHE-PSK with cred and DH params (level)",
+		.client_ret = 0,
+		.server_ret = 0,
+		.have_psk_cred = 1,
+		.have_psk_dh_params = 1,
+		.server_prio = "NORMAL:-KX-ALL:+DHE-PSK:"PVERSION,
+		.client_prio = "NORMAL:-KX-ALL:+DHE-PSK:"PVERSION,
+		.exp_version = GNUTLS_TLS1_3,
+	},
+	{
+		.name = "TLS 1.3 DHE-PSK with cred and DH params (explicit)",
+		.client_ret = 0,
+		.server_ret = 0,
+		.have_psk_cred = 1,
+		.have_psk_exp_dh_params = 1,
+		.server_prio = "NORMAL:-KX-ALL:+DHE-PSK:"PVERSION,
+		.client_prio = "NORMAL:-KX-ALL:+DHE-PSK:"PVERSION,
+		.exp_version = GNUTLS_TLS1_3,
+	},
+	{
+		.name = "TLS 1.3 ECDHE-PSK with cred but no common curve",
+		.client_ret = GNUTLS_E_AGAIN,
+		.server_ret = GNUTLS_E_NO_COMMON_KEY_SHARE,
+		.have_psk_cred = 1,
+		.server_prio = "NORMAL:-KX-ALL:+ECDHE-PSK:-CURVE-ALL:+CURVE-SECP256R1:"PVERSION,
+		.client_prio = "NORMAL:-KX-ALL:+ECDHE-PSK:-CURVE-ALL:+CURVE-SECP384R1:"PVERSION,
+		.exp_version = GNUTLS_TLS1_3,
+	},
+	{
+		.name = "TLS 1.3 ECDHE-PSK with cred and common curve",
+		.client_ret = 0,
+		.server_ret = 0,
+		.have_psk_cred = 1,
+		.server_prio = "NORMAL:-KX-ALL:+ECDHE-PSK:"PVERSION,
+		.client_prio = "NORMAL:-KX-ALL:+ECDHE-PSK:"PVERSION,
+		.exp_version = GNUTLS_TLS1_3,
+	},
+	{
+		.name = "TLS 1.3 RSA-PSK without cert cred",
+		.client_ret = GNUTLS_E_AGAIN,
+		.server_ret = GNUTLS_E_INSUFFICIENT_CREDENTIALS,
+		.have_psk_cred = 1,
+		.server_prio = "NORMAL:-KX-ALL:+RSA-PSK:"PVERSION,
+		.client_prio = "NORMAL:-KX-ALL:+RSA-PSK:"PVERSION,
+		.exp_version = GNUTLS_TLS1_2,
+	},
+	{
+		.name = "TLS 1.3 RSA-PSK without psk cred",
+		.client_ret = GNUTLS_E_AGAIN,
+		.server_ret = GNUTLS_E_NO_CIPHER_SUITES,
+		.have_psk_cred = 0,
+		.have_cert_cred = 1,
+		.server_prio = "NORMAL:-KX-ALL:+RSA-PSK:"PVERSION,
+		.client_prio = "NORMAL:-KX-ALL:+RSA-PSK:"PVERSION,
+		.exp_version = GNUTLS_TLS1_2,
+	},
+	{
+		.name = "TLS 1.3 RSA-PSK with cred but invalid cert",
+		.client_ret = GNUTLS_E_AGAIN,
+		.server_ret = GNUTLS_E_NO_CIPHER_SUITES,
+		.have_psk_cred = 1,
+		.have_cert_cred = 1,
+		.have_rsa_sign_cert = 1,
+		.have_ecc_sign_cert = 1,
+		.server_prio = "NORMAL:-KX-ALL:+RSA-PSK:"PVERSION,
+		.client_prio = "NORMAL:-KX-ALL:+RSA-PSK:"PVERSION,
+		.exp_version = GNUTLS_TLS1_2,
+	},
+	{
+		.name = "TLS 1.3 RSA-PSK with cred",
+		.server_ret = 0,
+		.client_ret = 0,
+		.have_psk_cred = 1,
+		.have_cert_cred = 1,
+		.have_rsa_decrypt_cert = 1,
+		.server_prio = "NORMAL:-KX-ALL:+RSA-PSK:"PVERSION,
+		.client_prio = "NORMAL:-KX-ALL:+RSA-PSK:"PVERSION,
+		.exp_version = GNUTLS_TLS1_2,
+	},
+	{
+		.name = "TLS 1.3 RSA-PSK with cred and multiple certs",
+		.server_ret = 0,
+		.client_ret = 0,
+		.have_psk_cred = 1,
+		.have_cert_cred = 1,
+		.have_rsa_sign_cert = 1,
+		.have_ecc_sign_cert = 1,
+		.have_rsa_decrypt_cert = 1,
+		.server_prio = "NORMAL:-KX-ALL:+RSA-PSK:"PVERSION,
+		.client_prio = "NORMAL:-KX-ALL:+RSA-PSK:"PVERSION,
+		.exp_version = GNUTLS_TLS1_2,
+	},
+	{
+		.name = "TLS 1.3 SRP-RSA without cert cred",
+		.client_ret = GNUTLS_E_AGAIN,
+		.server_ret = GNUTLS_E_INSUFFICIENT_CREDENTIALS,
+		.have_srp_cred = 1,
+		.server_prio = "NORMAL:-KX-ALL:+SRP-RSA:"PVERSION,
+		.client_prio = "NORMAL:-KX-ALL:+SRP-RSA:"PVERSION,
+		.exp_version = GNUTLS_TLS1_2,
+	},
+	{
+		.name = "TLS 1.3 SRP-RSA without srp cred",
+		.client_ret = GNUTLS_E_AGAIN,
+		.server_ret = GNUTLS_E_NO_CIPHER_SUITES,
+		.have_srp_cred = 0,
+		.have_cert_cred = 1,
+		.server_prio = "NORMAL:-KX-ALL:+SRP-RSA:"PVERSION,
+		.client_prio = "NORMAL:-KX-ALL:+SRP-RSA:"PVERSION,
+		.exp_version = GNUTLS_TLS1_2,
+	},
+	{
+		.name = "TLS 1.3 SRP-RSA with cred but invalid cert",
+		.client_ret = GNUTLS_E_AGAIN,
+		.server_ret = GNUTLS_E_NO_CIPHER_SUITES,
+		.have_srp_cred = 1,
+		.have_cert_cred = 1,
+		.have_rsa_decrypt_cert = 1,
+		.have_ecc_sign_cert = 1,
+		.server_prio = "NORMAL:-KX-ALL:+SRP-RSA:"PVERSION,
+		.client_prio = "NORMAL:-KX-ALL:+SRP-RSA:"PVERSION,
+		.exp_version = GNUTLS_TLS1_2,
+	},
+	{
+		.name = "TLS 1.3 SRP-RSA with cred",
+		.server_ret = 0,
+		.client_ret = 0,
+		.have_srp_cred = 1,
+		.have_cert_cred = 1,
+		.have_rsa_sign_cert = 1,
+		.server_prio = "NORMAL:-KX-ALL:+SRP-RSA:"PVERSION,
+		.client_prio = "NORMAL:-KX-ALL:+SRP-RSA:"PVERSION,
+		.exp_version = GNUTLS_TLS1_2,
+	},
+	{
+		.name = "TLS 1.3 SRP-RSA with cred and multiple certs",
+		.server_ret = 0,
+		.client_ret = 0,
+		.have_srp_cred = 1,
+		.have_cert_cred = 1,
+		.have_rsa_sign_cert = 1,
+		.have_ecc_sign_cert = 1,
+		.have_rsa_decrypt_cert = 1,
+		.server_prio = "NORMAL:-KX-ALL:+SRP-RSA:"PVERSION,
+		.client_prio = "NORMAL:-KX-ALL:+SRP-RSA:"PVERSION,
+		.exp_version = GNUTLS_TLS1_2,
+	},
+	{
+		.name = "TLS 1.3 SRP without srp cred",
+		.client_ret = GNUTLS_E_AGAIN,
+		.server_ret = GNUTLS_E_INSUFFICIENT_CREDENTIALS,
+		.have_srp_cred = 0,
+		.have_cert_cred = 1,
+		.server_prio = "NORMAL:-KX-ALL:+SRP:"PVERSION,
+		.client_prio = "NORMAL:-KX-ALL:+SRP:"PVERSION,
+		.exp_version = GNUTLS_TLS1_2,
+	},
+	{
+		.name = "TLS 1.3 SRP with cred",
+		.server_ret = 0,
+		.client_ret = 0,
+		.have_srp_cred = 1,
+		.server_prio = "NORMAL:-KX-ALL:+SRP:"PVERSION,
+		.client_prio = "NORMAL:-KX-ALL:+SRP:"PVERSION,
+		.exp_version = GNUTLS_TLS1_2,
+	}
+};
+
+void doit(void)
+{
+	unsigned i;
+	global_init();
+
+	for (i=0;i<sizeof(tests)/sizeof(tests[0]);i++) {
+		try(&tests[i]);
+	}
+
+	gnutls_global_deinit();
+}
author	Nikos Mavrogiannopoulos <nmav@redhat.com>	2018-04-23 15:02:53 +0200
committer	Nikos Mavrogiannopoulos <nmav@gnutls.org>	2018-04-23 20:56:49 +0200
commit	e8dfd0a705a8e9777b771ecc9dc71f43f6059e8a (patch)
tree	30019290465560309dae3c26a2d527f0928832d5
parent	138c0e2d3d786d582cdc0d1cc844141623bd22ae (diff)
download	gnutls-tmp-rsa-psk-fix.tar.gz