Commit 9e6a32025e6e69949ad3e53a29a0b85f61f30b85 - openssl

Add a test for mismatch between key OID and sig alg Reviewed-by: Rich Salz <rsalz@openssl.org> (Merged from https://github.com/openssl/openssl/pull/6732) Matt Caswell 5 years ago

2 changed file(s) with 49 addition(s) and 20 deletion(s). Raw diff Collapse all Expand all

+43

-17

test/recipes/70-test_sslsigalgs.t less more

52	52
53	53	#Test 1: Default sig algs should succeed
54	54	$proxy->start() or plan skip_all => "Unable to start up Proxy for tests";
55		plan tests => 21;
	55	plan tests => 22;
56	56	ok(TLSProxy::Message->success, "Default sigalgs");
57	57	my $testtype;
58	58
59	59	SKIP: {
60		skip "TLSv1.3 disabled", 5 if disabled("tls1_3");
	60	skip "TLSv1.3 disabled", 6 if disabled("tls1_3");
61	61
62	62	$proxy->filter(\&sigalgs_filter);
63	63

93	93	$testtype = PSS_ONLY_SIG_ALGS;
94	94	$proxy->start();
95	95	ok(TLSProxy::Message->success, "PSS only sigalgs in TLSv1.3");
	96
	97	#Test 7: Modify the CertificateVerify sigalg from rsa_pss_rsae_sha256 to
	98	# rsa_pss_pss_sha256. This should fail because the public key OID
	99	# in the certificate is rsaEncryption and not rsassaPss
	100	$proxy->filter(\&modify_cert_verify_sigalg);
	101	$proxy->clear();
	102	$proxy->start();
	103	ok(TLSProxy::Message->fail,
	104	"Mismatch between CertVerify sigalg and public key OID");
96	105	}
97	106
98	107	SKIP: {
99	108	skip "EC or TLSv1.3 disabled", 1
100	109	if disabled("tls1_3") \|\| disabled("ec");
101		#Test 7: Sending a valid sig algs list but not including a sig type that
	110	#Test 8: Sending a valid sig algs list but not including a sig type that
102	111	# matches the certificate should fail in TLSv1.3.
103	112	$proxy->clear();
104	113	$proxy->clientflags("-sigalgs ECDSA+SHA256");

111	120	skip "EC, TLSv1.3 or TLSv1.2 disabled", 1
112	121	if disabled("tls1_2") \|\| disabled("tls1_3") \|\| disabled("ec");
113	122
114		#Test 8: Sending a full list of TLSv1.3 sig algs but negotiating TLSv1.2
	123	#Test 9: Sending a full list of TLSv1.3 sig algs but negotiating TLSv1.2
115	124	# should succeed
116	125	$proxy->clear();
117	126	$proxy->serverflags("-no_tls1_3");

126	135
127	136	$proxy->filter(\&sigalgs_filter);
128	137
129		#Test 9: Sending no sig algs extension in TLSv1.2 should succeed
	138	#Test 10: Sending no sig algs extension in TLSv1.2 should succeed
130	139	$proxy->clear();
131	140	$testtype = NO_SIG_ALGS_EXT;
132	141	$proxy->clientflags("-no_tls1_3");

134	143	$proxy->start();
135	144	ok(TLSProxy::Message->success, "No TLSv1.2 sigalgs");
136	145
137		#Test 10: Sending an empty sig algs extension in TLSv1.2 should fail
	146	#Test 11: Sending an empty sig algs extension in TLSv1.2 should fail
138	147	$proxy->clear();
139	148	$testtype = EMPTY_SIG_ALGS_EXT;
140	149	$proxy->clientflags("-no_tls1_3");

142	151	$proxy->start();
143	152	ok(TLSProxy::Message->fail, "Empty TLSv1.2 sigalgs");
144	153
145		#Test 11: Sending a list with no recognised sig algs in TLSv1.2 should fail
	154	#Test 12: Sending a list with no recognised sig algs in TLSv1.2 should fail
146	155	$proxy->clear();
147	156	$testtype = NO_KNOWN_SIG_ALGS;
148	157	$proxy->clientflags("-no_tls1_3");

150	159	$proxy->start();
151	160	ok(TLSProxy::Message->fail, "No known TLSv1.3 sigalgs");
152	161
153		#Test 12: Sending a sig algs list without pss for an RSA cert in TLSv1.2
	162	#Test 13: Sending a sig algs list without pss for an RSA cert in TLSv1.2
154	163	# should succeed
155	164	$proxy->clear();
156	165	$testtype = NO_PSS_SIG_ALGS;

159	168	$proxy->start();
160	169	ok(TLSProxy::Message->success, "No PSS TLSv1.2 sigalgs");
161	170
162		#Test 13: Sending only TLSv1.3 PSS sig algs in TLSv1.2 should succeed
	171	#Test 14: Sending only TLSv1.3 PSS sig algs in TLSv1.2 should succeed
163	172	$proxy->clear();
164	173	$testtype = PSS_ONLY_SIG_ALGS;
165	174	$proxy->serverflags("-no_tls1_3");

167	176	$proxy->start();
168	177	ok(TLSProxy::Message->success, "PSS only sigalgs in TLSv1.2");
169	178
170		#Test 14: Responding with a sig alg we did not send in TLSv1.2 should fail
	179	#Test 15: Responding with a sig alg we did not send in TLSv1.2 should fail
171	180	# We send rsa_pkcs1_sha256 and respond with rsa_pss_rsae_sha256
172	181	# TODO(TLS1.3): Add a similar test to the TLSv1.3 section above
173	182	# when we have an API capable of configuring the TLSv1.3 sig algs

178	187	$proxy->start();
179	188	ok(TLSProxy::Message->fail, "Sigalg we did not send in TLSv1.2");
180	189
181		#Test 15: Sending a valid sig algs list but not including a sig type that
	190	#Test 16: Sending a valid sig algs list but not including a sig type that
182	191	# matches the certificate should fail in TLSv1.2
183	192	$proxy->clear();
184	193	$proxy->clientflags("-no_tls1_3 -sigalgs ECDSA+SHA256");

188	197	ok(TLSProxy::Message->fail, "No matching TLSv1.2 sigalgs");
189	198	$proxy->filter(\&sigalgs_filter);
190	199
191		#Test 16: No sig algs extension, ECDSA cert, TLSv1.2 should succeed
	200	#Test 17: No sig algs extension, ECDSA cert, TLSv1.2 should succeed
192	201	$proxy->clear();
193	202	$testtype = NO_SIG_ALGS_EXT;
194	203	$proxy->clientflags("-no_tls1_3");

204	213	my ($dsa_status, $sha1_status, $sha224_status);
205	214	SKIP: {
206	215	skip "TLSv1.3 disabled", 2 if disabled("tls1_3") \|\| disabled("dsa");
207		#Test 17: signature_algorithms with 1.3-only ClientHello
	216	#Test 18: signature_algorithms with 1.3-only ClientHello
208	217	$testtype = PURE_SIGALGS;
209	218	$dsa_status = $sha1_status = $sha224_status = 0;
210	219	$proxy->clear();

214	223	ok($dsa_status && $sha1_status && $sha224_status,
215	224	"DSA/SHA2 sigalg sent for 1.3-only ClientHello");
216	225
217		#Test 18: signature_algorithms with backwards compatible ClientHello
	226	#Test 19: signature_algorithms with backwards compatible ClientHello
218	227	SKIP: {
219	228	skip "TLSv1.2 disabled", 1 if disabled("tls1_2");
220	229	$testtype = COMPAT_SIGALGS;

229	238
230	239	SKIP: {
231	240	skip "TLSv1.3 disabled", 3 if disabled("tls1_3");
232		#Test 19: Insert signature_algorithms_cert that match normal sigalgs
	241	#Test 20: Insert signature_algorithms_cert that match normal sigalgs
233	242	$testtype = SIGALGS_CERT_ALL;
234	243	$proxy->clear();
235	244	$proxy->filter(\&modify_sigalgs_cert_filter);
236	245	$proxy->start();
237	246	ok(TLSProxy::Message->success, "sigalgs_cert in TLSv1.3");
238	247
239		#Test 19: Insert signature_algorithms_cert that forces PKCS#1 cert
	248	#Test 21: Insert signature_algorithms_cert that forces PKCS#1 cert
240	249	$testtype = SIGALGS_CERT_PKCS;
241	250	$proxy->clear();
242	251	$proxy->filter(\&modify_sigalgs_cert_filter);
243	252	$proxy->start();
244	253	ok(TLSProxy::Message->success, "sigalgs_cert in TLSv1.3 with PKCS#1 cert");
245	254
246		#Test 19: Insert signature_algorithms_cert that fails
	255	#Test 22: Insert signature_algorithms_cert that fails
247	256	$testtype = SIGALGS_CERT_INVALID;
248	257	$proxy->clear();
249	258	$proxy->filter(\&modify_sigalgs_cert_filter);

379	388	}
380	389	}
381	390	}
	391
	392	sub modify_cert_verify_sigalg
	393	{
	394	my $proxy = shift;
	395
	396	# We're only interested in the CertificateVerify
	397	if ($proxy->flight != 1) {
	398	return;
	399	}
	400
	401	foreach my $message (@{$proxy->message_list}) {
	402	if ($message->mt == TLSProxy::Message::MT_CERTIFICATE_VERIFY) {
	403	$message->sigalg(TLSProxy::Message::SIG_ALG_RSA_PSS_PSS_SHA256);
	404	$message->repack();
	405	}
	406	}
	407	}

-3

util/perl/TLSProxy/Message.pm less more

102	102	SIG_ALG_ECDSA_SECP256R1_SHA256 => 0x0403,
103	103	SIG_ALG_ECDSA_SECP384R1_SHA384 => 0x0503,
104	104	SIG_ALG_ECDSA_SECP521R1_SHA512 => 0x0603,
105		SIG_ALG_RSA_PSS_SHA256 => 0x0804,
106		SIG_ALG_RSA_PSS_SHA384 => 0x0805,
107		SIG_ALG_RSA_PSS_SHA512 => 0x0806,
	105	SIG_ALG_RSA_PSS_RSAE_SHA256 => 0x0804,
	106	SIG_ALG_RSA_PSS_RSAE_SHA384 => 0x0805,
	107	SIG_ALG_RSA_PSS_RSAE_SHA512 => 0x0806,
108	108	SIG_ALG_ED25519 => 0x0807,
109	109	SIG_ALG_ED448 => 0x0808,
	110	SIG_ALG_RSA_PSS_PSS_SHA256 => 0x0809,
	111	SIG_ALG_RSA_PSS_PSS_SHA384 => 0x080a,
	112	SIG_ALG_RSA_PSS_PSS_SHA512 => 0x080b,
110	113	SIG_ALG_RSA_PKCS1_SHA1 => 0x0201,
111	114	SIG_ALG_ECDSA_SHA1 => 0x0203,
112	115	SIG_ALG_DSA_SHA1 => 0x0202,