Bug 1494063, add -x option to tstclnt/selfserv to export keying material, r=mt

Reviewers: rrelyea, mt

Reviewed By: mt

Subscribers: HubertKario

Bug #: 1494063

Differential Revision: https://phabricator.services.mozilla.com/D29166

1 files changed, 32 insertions, 4 deletions

diff --git a/cmd/selfserv/selfserv.c b/cmd/selfserv/selfserv.c
index fb2d8d53c..03e39d67b 100644
--- a/cmd/selfserv/selfserv.c
+++ b/cmd/selfserv/selfserv.c
@@ -235,7 +235,13 @@ PrintParameterUsage()
         "     rsa_pss_pss_sha256, rsa_pss_pss_sha384, rsa_pss_pss_sha512,\n"
         "-Z enable 0-RTT (for TLS 1.3; also use -u)\n"
         "-E enable post-handshake authentication\n"
-        "   (for TLS 1.3; only has an effect with 3 or more -r options)\n",
+        "   (for TLS 1.3; only has an effect with 3 or more -r options)\n"
+        "-x Export and print keying material after successful handshake\n"
+        "   The argument is a comma separated list of exporters in the form:\n"
+        "     LABEL[:OUTPUT-LENGTH[:CONTEXT]]\n"
+        "   where LABEL and CONTEXT can be either a free-form string or\n"
+        "   a hex string if it is preceded by \"0x\"; OUTPUT-LENGTH\n"
+        "   is a decimal integer.\n",
         stderr);
 }
 
@@ -812,6 +818,8 @@ SSLNamedGroup *enabledGroups = NULL;
 unsigned int enabledGroupsCount = 0;
 const SSLSignatureScheme *enabledSigSchemes = NULL;
 unsigned int enabledSigSchemeCount = 0;
+const secuExporter *enabledExporters = NULL;
+unsigned int enabledExporterCount = 0;
 
 static char *virtServerNameArray[MAX_VIRT_SERVER_NAME_ARRAY_INDEX];
 static int virtServerNameIndex = 1;
@@ -1822,6 +1830,15 @@ handshakeCallback(PRFileDesc *fd, void *client_data)
             SECITEM_FreeItem(hostInfo, PR_TRUE);
         }
     }
+    if (enabledExporters) {
+        SECStatus rv = exportKeyingMaterials(fd, enabledExporters, enabledExporterCount);
+        if (rv != SECSuccess) {
+            PRErrorCode err = PR_GetError();
+            fprintf(stderr,
+                    "couldn't export keying material: %s\n",
+                    SECU_Strerror(err));
+        }
+    }
 }
 
 void
@@ -2012,7 +2029,7 @@ server_main(
         errExit("SSL_CipherPrefSetDefault:TLS_RSA_WITH_NULL_MD5");
     }
 
-    if (expectedHostNameVal) {
+    if (expectedHostNameVal || enabledExporters) {
         SSL_HandshakeCallback(model_sock, handshakeCallback,
                               (void *)expectedHostNameVal);
     }
@@ -2246,11 +2263,11 @@ main(int argc, char **argv)
 
     /* please keep this list of options in ASCII collating sequence.
     ** numbers, then capital letters, then lower case, alphabetical.
-    ** XXX: 'B', 'E', 'q', and 'x' were used in the past but removed
+    ** XXX: 'B', and 'q' were used in the past but removed
     **      in 3.28, please leave some time before resuing those.
     **      'z' was removed in 3.39. */
     optstate = PL_CreateOptState(argc, argv,
-                                 "2:A:C:DEGH:I:J:L:M:NP:QRS:T:U:V:W:YZa:bc:d:e:f:g:hi:jk:lmn:op:rst:uvw:y");
+                                 "2:A:C:DEGH:I:J:L:M:NP:QRS:T:U:V:W:YZa:bc:d:e:f:g:hi:jk:lmn:op:rst:uvw:x:y");
     while ((status = PL_GetNextOpt(optstate)) == PL_OPT_OK) {
         ++optionsFound;
         switch (optstate->option) {
@@ -2496,6 +2513,17 @@ main(int argc, char **argv)
                 }
                 break;
 
+            case 'x':
+                rv = parseExporters(optstate->value,
+                                    &enabledExporters, &enabledExporterCount);
+                if (rv != SECSuccess) {
+                    PL_DestroyOptState(optstate);
+                    fprintf(stderr, "Bad exporter specified.\n");
+                    fprintf(stderr, "Run '%s -h' for usage information.\n", progName);
+                    exit(5);
+                }
+                break;
+
             default:
             case '?':
                 fprintf(stderr, "Unrecognized or bad option specified.\n");