1 /* 2 * Copyright 2016-2018 The OpenSSL Project Authors. All Rights Reserved. 3 * 4 * Licensed under the OpenSSL license (the "License"). You may not use 5 * this file except in compliance with the License. You can obtain a copy 6 * in the file LICENSE in the source distribution or at 7 * https://www.openssl.org/source/license.html 8 */ 9 10 #include "ssltestlib.h" 11 #include "testutil.h" 12 13 static void copy_flags(BIO *bio) 14 { 15 int flags; 16 BIO *next = BIO_next(bio); 17 18 flags = BIO_test_flags(next, BIO_FLAGS_SHOULD_RETRY | BIO_FLAGS_RWS); 19 BIO_clear_flags(bio, BIO_FLAGS_SHOULD_RETRY | BIO_FLAGS_RWS); 20 BIO_set_flags(bio, flags); 21 } 22 23 static int tls_corrupt_read(BIO *bio, char *out, int outl) 24 { 25 int ret; 26 BIO *next = BIO_next(bio); 27 28 ret = BIO_read(next, out, outl); 29 copy_flags(bio); 30 31 return ret; 32 } 33 34 static int tls_corrupt_write(BIO *bio, const char *in, int inl) 35 { 36 int ret; 37 BIO *next = BIO_next(bio); 38 char *copy; 39 40 if (in[0] == SSL3_RT_APPLICATION_DATA) { 41 copy = BUF_memdup(in, inl); 42 TEST_check(copy != NULL); 43 /* corrupt last bit of application data */ 44 copy[inl-1] ^= 1; 45 ret = BIO_write(next, copy, inl); 46 OPENSSL_free(copy); 47 } else { 48 ret = BIO_write(next, in, inl); 49 } 50 copy_flags(bio); 51 52 return ret; 53 } 54 55 static long tls_corrupt_ctrl(BIO *bio, int cmd, long num, void *ptr) 56 { 57 long ret; 58 BIO *next = BIO_next(bio); 59 60 if (next == NULL) 61 return 0; 62 63 switch (cmd) { 64 case BIO_CTRL_DUP: 65 ret = 0L; 66 break; 67 default: 68 ret = BIO_ctrl(next, cmd, num, ptr); 69 break; 70 } 71 return ret; 72 } 73 74 static int tls_corrupt_gets(BIO *bio, char *buf, int size) 75 { 76 /* We don't support this - not needed anyway */ 77 return -1; 78 } 79 80 static int tls_corrupt_puts(BIO *bio, const char *str) 81 { 82 /* We don't support this - not needed anyway */ 83 return -1; 84 } 85 86 static int tls_corrupt_new(BIO *bio) 87 { 88 BIO_set_init(bio, 1); 89 90 return 1; 91 } 92 93 static int tls_corrupt_free(BIO *bio) 94 { 95 BIO_set_init(bio, 0); 96 97 return 1; 98 } 99 100 #define BIO_TYPE_CUSTOM_FILTER (0x80 | BIO_TYPE_FILTER) 101 102 static BIO_METHOD *method_tls_corrupt = NULL; 103 104 /* Note: Not thread safe! */ 105 static const BIO_METHOD *bio_f_tls_corrupt_filter(void) 106 { 107 if (method_tls_corrupt == NULL) { 108 method_tls_corrupt = BIO_meth_new(BIO_TYPE_CUSTOM_FILTER, 109 "TLS corrupt filter"); 110 if ( method_tls_corrupt == NULL 111 || !BIO_meth_set_write(method_tls_corrupt, tls_corrupt_write) 112 || !BIO_meth_set_read(method_tls_corrupt, tls_corrupt_read) 113 || !BIO_meth_set_puts(method_tls_corrupt, tls_corrupt_puts) 114 || !BIO_meth_set_gets(method_tls_corrupt, tls_corrupt_gets) 115 || !BIO_meth_set_ctrl(method_tls_corrupt, tls_corrupt_ctrl) 116 || !BIO_meth_set_create(method_tls_corrupt, tls_corrupt_new) 117 || !BIO_meth_set_destroy(method_tls_corrupt, tls_corrupt_free)) 118 return NULL; 119 } 120 return method_tls_corrupt; 121 } 122 123 static void bio_f_tls_corrupt_filter_free(void) 124 { 125 BIO_meth_free(method_tls_corrupt); 126 } 127 128 /* 129 * The test is supposed to be executed with RSA key, customarily 130 * with apps/server.pem used even in other tests. For this reason 131 * |cipher_list| is initialized with RSA ciphers' names. This 132 * naturally means that if test is to be re-purposed for other 133 * type of key, then NID_auth_* filter below would need adjustment. 134 */ 135 static const char **cipher_list = NULL; 136 137 static int setup_cipher_list() 138 { 139 SSL_CTX *ctx = NULL; 140 SSL *ssl = NULL; 141 static STACK_OF(SSL_CIPHER) *sk_ciphers = NULL; 142 int i, numciphers; 143 144 ctx = SSL_CTX_new(TLS_server_method()); 145 TEST_check(ctx != NULL); 146 ssl = SSL_new(ctx); 147 TEST_check(ssl != NULL); 148 sk_ciphers = SSL_get1_supported_ciphers(ssl); 149 TEST_check(sk_ciphers != NULL); 150 151 /* 152 * The |cipher_list| will be filled only with names of RSA ciphers, 153 * so that some of the allocated space will be wasted, but the loss 154 * is deemed acceptable... 155 */ 156 cipher_list = OPENSSL_malloc(sk_SSL_CIPHER_num(sk_ciphers) * 157 sizeof(cipher_list[0])); 158 TEST_check(cipher_list != NULL); 159 160 for (numciphers = 0, i = 0; i < sk_SSL_CIPHER_num(sk_ciphers); i++) { 161 const SSL_CIPHER *cipher = sk_SSL_CIPHER_value(sk_ciphers, i); 162 163 if (SSL_CIPHER_get_auth_nid(cipher) == NID_auth_rsa) 164 cipher_list[numciphers++] = SSL_CIPHER_get_name(cipher); 165 } 166 TEST_check(numciphers != 0); 167 168 sk_SSL_CIPHER_free(sk_ciphers); 169 SSL_free(ssl); 170 SSL_CTX_free(ctx); 171 172 return numciphers; 173 } 174 175 static char *cert = NULL; 176 static char *privkey = NULL; 177 178 static int test_ssl_corrupt(int testidx) 179 { 180 SSL_CTX *sctx = NULL, *cctx = NULL; 181 SSL *server = NULL, *client = NULL; 182 BIO *c_to_s_fbio; 183 int testresult = 0; 184 static unsigned char junk[16000] = { 0 }; 185 186 printf("Starting Test %d, %s\n", testidx, cipher_list[testidx]); 187 188 if (!create_ssl_ctx_pair(TLS_server_method(), TLS_client_method(), 189 TLS1_VERSION, TLS_MAX_VERSION, &sctx, &cctx, 190 cert, privkey)) { 191 printf("Unable to create SSL_CTX pair\n"); 192 return 0; 193 } 194 195 if (!SSL_CTX_set_cipher_list(cctx, cipher_list[testidx])) { 196 printf("Failed setting cipher list\n"); 197 goto end; 198 } 199 200 c_to_s_fbio = BIO_new(bio_f_tls_corrupt_filter()); 201 if (c_to_s_fbio == NULL) { 202 printf("Failed to create filter BIO\n"); 203 goto end; 204 } 205 206 /* BIO is freed by create_ssl_connection on error */ 207 if (!create_ssl_objects(sctx, cctx, &server, &client, NULL, 208 c_to_s_fbio)) { 209 printf("Unable to create SSL objects\n"); 210 ERR_print_errors_fp(stdout); 211 goto end; 212 } 213 214 if (!create_ssl_connection(server, client)) { 215 printf("Unable to create SSL connection\n"); 216 ERR_print_errors_fp(stdout); 217 goto end; 218 } 219 220 if (SSL_write(client, junk, sizeof(junk)) < 0) { 221 printf("Unable to SSL_write\n"); 222 ERR_print_errors_fp(stdout); 223 goto end; 224 } 225 226 if (SSL_read(server, junk, sizeof(junk)) >= 0) { 227 printf("Read should have failed with \"bad record mac\"\n"); 228 goto end; 229 } 230 231 if (ERR_GET_REASON(ERR_peek_error()) != 232 SSL_R_DECRYPTION_FAILED_OR_BAD_RECORD_MAC) { 233 ERR_print_errors_fp(stdout); 234 goto end; 235 } 236 237 testresult = 1; 238 end: 239 SSL_free(server); 240 SSL_free(client); 241 SSL_CTX_free(sctx); 242 SSL_CTX_free(cctx); 243 244 return testresult; 245 } 246 247 int main(int argc, char *argv[]) 248 { 249 BIO *err = NULL; 250 int testresult = 1; 251 252 if (argc != 3) { 253 printf("Invalid argument count\n"); 254 return 1; 255 } 256 257 cert = argv[1]; 258 privkey = argv[2]; 259 260 err = BIO_new_fp(stderr, BIO_NOCLOSE | BIO_FP_TEXT); 261 262 CRYPTO_set_mem_debug(1); 263 CRYPTO_mem_ctrl(CRYPTO_MEM_CHECK_ON); 264 265 ADD_ALL_TESTS(test_ssl_corrupt, setup_cipher_list()); 266 267 testresult = run_tests(argv[0]); 268 269 bio_f_tls_corrupt_filter_free(); 270 271 OPENSSL_free(cipher_list); 272 273 #ifndef OPENSSL_NO_CRYPTO_MDEBUG 274 if (CRYPTO_mem_leaks(err) <= 0) 275 testresult = 1; 276 #endif 277 BIO_free(err); 278 279 if (!testresult) 280 printf("PASS\n"); 281 282 return testresult; 283 } 284