PageRenderTime 27ms CodeModel.GetById 15ms RepoModel.GetById 0ms app.codeStats 1ms

/src/crypto/tls/handshake_messages_test.go

https://bitbucket.org/bnat6582/go192
Go | 329 lines | 269 code | 43 blank | 17 comment | 37 complexity | f82c9547795f11014e0a009551f6b8d7 MD5 | raw file
Possible License(s): BSD-3-Clause, Apache-2.0
  1. // Copyright 2009 The Go Authors. All rights reserved.
  2. // Use of this source code is governed by a BSD-style
  3. // license that can be found in the LICENSE file.
  4. package tls
  5. import (
  6. "bytes"
  7. "math/rand"
  8. "reflect"
  9. "strings"
  10. "testing"
  11. "testing/quick"
  12. )
  13. var tests = []interface{}{
  14. &clientHelloMsg{},
  15. &serverHelloMsg{},
  16. &finishedMsg{},
  17. &certificateMsg{},
  18. &certificateRequestMsg{},
  19. &certificateVerifyMsg{},
  20. &certificateStatusMsg{},
  21. &clientKeyExchangeMsg{},
  22. &nextProtoMsg{},
  23. &newSessionTicketMsg{},
  24. &sessionState{},
  25. }
  26. type testMessage interface {
  27. marshal() []byte
  28. unmarshal([]byte) bool
  29. equal(interface{}) bool
  30. }
  31. func TestMarshalUnmarshal(t *testing.T) {
  32. rand := rand.New(rand.NewSource(0))
  33. for i, iface := range tests {
  34. ty := reflect.ValueOf(iface).Type()
  35. n := 100
  36. if testing.Short() {
  37. n = 5
  38. }
  39. for j := 0; j < n; j++ {
  40. v, ok := quick.Value(ty, rand)
  41. if !ok {
  42. t.Errorf("#%d: failed to create value", i)
  43. break
  44. }
  45. m1 := v.Interface().(testMessage)
  46. marshaled := m1.marshal()
  47. m2 := iface.(testMessage)
  48. if !m2.unmarshal(marshaled) {
  49. t.Errorf("#%d failed to unmarshal %#v %x", i, m1, marshaled)
  50. break
  51. }
  52. m2.marshal() // to fill any marshal cache in the message
  53. if !m1.equal(m2) {
  54. t.Errorf("#%d got:%#v want:%#v %x", i, m2, m1, marshaled)
  55. break
  56. }
  57. if i >= 3 {
  58. // The first three message types (ClientHello,
  59. // ServerHello and Finished) are allowed to
  60. // have parsable prefixes because the extension
  61. // data is optional and the length of the
  62. // Finished varies across versions.
  63. for j := 0; j < len(marshaled); j++ {
  64. if m2.unmarshal(marshaled[0:j]) {
  65. t.Errorf("#%d unmarshaled a prefix of length %d of %#v", i, j, m1)
  66. break
  67. }
  68. }
  69. }
  70. }
  71. }
  72. }
  73. func TestFuzz(t *testing.T) {
  74. rand := rand.New(rand.NewSource(0))
  75. for _, iface := range tests {
  76. m := iface.(testMessage)
  77. for j := 0; j < 1000; j++ {
  78. len := rand.Intn(100)
  79. bytes := randomBytes(len, rand)
  80. // This just looks for crashes due to bounds errors etc.
  81. m.unmarshal(bytes)
  82. }
  83. }
  84. }
  85. func randomBytes(n int, rand *rand.Rand) []byte {
  86. r := make([]byte, n)
  87. for i := 0; i < n; i++ {
  88. r[i] = byte(rand.Int31())
  89. }
  90. return r
  91. }
  92. func randomString(n int, rand *rand.Rand) string {
  93. b := randomBytes(n, rand)
  94. return string(b)
  95. }
  96. func (*clientHelloMsg) Generate(rand *rand.Rand, size int) reflect.Value {
  97. m := &clientHelloMsg{}
  98. m.vers = uint16(rand.Intn(65536))
  99. m.random = randomBytes(32, rand)
  100. m.sessionId = randomBytes(rand.Intn(32), rand)
  101. m.cipherSuites = make([]uint16, rand.Intn(63)+1)
  102. for i := 0; i < len(m.cipherSuites); i++ {
  103. m.cipherSuites[i] = uint16(rand.Int31())
  104. }
  105. m.compressionMethods = randomBytes(rand.Intn(63)+1, rand)
  106. if rand.Intn(10) > 5 {
  107. m.nextProtoNeg = true
  108. }
  109. if rand.Intn(10) > 5 {
  110. m.serverName = randomString(rand.Intn(255), rand)
  111. for strings.HasSuffix(m.serverName, ".") {
  112. m.serverName = m.serverName[:len(m.serverName)-1]
  113. }
  114. }
  115. m.ocspStapling = rand.Intn(10) > 5
  116. m.supportedPoints = randomBytes(rand.Intn(5)+1, rand)
  117. m.supportedCurves = make([]CurveID, rand.Intn(5)+1)
  118. for i := range m.supportedCurves {
  119. m.supportedCurves[i] = CurveID(rand.Intn(30000))
  120. }
  121. if rand.Intn(10) > 5 {
  122. m.ticketSupported = true
  123. if rand.Intn(10) > 5 {
  124. m.sessionTicket = randomBytes(rand.Intn(300), rand)
  125. }
  126. }
  127. if rand.Intn(10) > 5 {
  128. m.signatureAndHashes = supportedSignatureAlgorithms
  129. }
  130. m.alpnProtocols = make([]string, rand.Intn(5))
  131. for i := range m.alpnProtocols {
  132. m.alpnProtocols[i] = randomString(rand.Intn(20)+1, rand)
  133. }
  134. if rand.Intn(10) > 5 {
  135. m.scts = true
  136. }
  137. return reflect.ValueOf(m)
  138. }
  139. func (*serverHelloMsg) Generate(rand *rand.Rand, size int) reflect.Value {
  140. m := &serverHelloMsg{}
  141. m.vers = uint16(rand.Intn(65536))
  142. m.random = randomBytes(32, rand)
  143. m.sessionId = randomBytes(rand.Intn(32), rand)
  144. m.cipherSuite = uint16(rand.Int31())
  145. m.compressionMethod = uint8(rand.Intn(256))
  146. if rand.Intn(10) > 5 {
  147. m.nextProtoNeg = true
  148. n := rand.Intn(10)
  149. m.nextProtos = make([]string, n)
  150. for i := 0; i < n; i++ {
  151. m.nextProtos[i] = randomString(20, rand)
  152. }
  153. }
  154. if rand.Intn(10) > 5 {
  155. m.ocspStapling = true
  156. }
  157. if rand.Intn(10) > 5 {
  158. m.ticketSupported = true
  159. }
  160. m.alpnProtocol = randomString(rand.Intn(32)+1, rand)
  161. if rand.Intn(10) > 5 {
  162. numSCTs := rand.Intn(4)
  163. m.scts = make([][]byte, numSCTs)
  164. for i := range m.scts {
  165. m.scts[i] = randomBytes(rand.Intn(500), rand)
  166. }
  167. }
  168. return reflect.ValueOf(m)
  169. }
  170. func (*certificateMsg) Generate(rand *rand.Rand, size int) reflect.Value {
  171. m := &certificateMsg{}
  172. numCerts := rand.Intn(20)
  173. m.certificates = make([][]byte, numCerts)
  174. for i := 0; i < numCerts; i++ {
  175. m.certificates[i] = randomBytes(rand.Intn(10)+1, rand)
  176. }
  177. return reflect.ValueOf(m)
  178. }
  179. func (*certificateRequestMsg) Generate(rand *rand.Rand, size int) reflect.Value {
  180. m := &certificateRequestMsg{}
  181. m.certificateTypes = randomBytes(rand.Intn(5)+1, rand)
  182. numCAs := rand.Intn(100)
  183. m.certificateAuthorities = make([][]byte, numCAs)
  184. for i := 0; i < numCAs; i++ {
  185. m.certificateAuthorities[i] = randomBytes(rand.Intn(15)+1, rand)
  186. }
  187. return reflect.ValueOf(m)
  188. }
  189. func (*certificateVerifyMsg) Generate(rand *rand.Rand, size int) reflect.Value {
  190. m := &certificateVerifyMsg{}
  191. m.signature = randomBytes(rand.Intn(15)+1, rand)
  192. return reflect.ValueOf(m)
  193. }
  194. func (*certificateStatusMsg) Generate(rand *rand.Rand, size int) reflect.Value {
  195. m := &certificateStatusMsg{}
  196. if rand.Intn(10) > 5 {
  197. m.statusType = statusTypeOCSP
  198. m.response = randomBytes(rand.Intn(10)+1, rand)
  199. } else {
  200. m.statusType = 42
  201. }
  202. return reflect.ValueOf(m)
  203. }
  204. func (*clientKeyExchangeMsg) Generate(rand *rand.Rand, size int) reflect.Value {
  205. m := &clientKeyExchangeMsg{}
  206. m.ciphertext = randomBytes(rand.Intn(1000)+1, rand)
  207. return reflect.ValueOf(m)
  208. }
  209. func (*finishedMsg) Generate(rand *rand.Rand, size int) reflect.Value {
  210. m := &finishedMsg{}
  211. m.verifyData = randomBytes(12, rand)
  212. return reflect.ValueOf(m)
  213. }
  214. func (*nextProtoMsg) Generate(rand *rand.Rand, size int) reflect.Value {
  215. m := &nextProtoMsg{}
  216. m.proto = randomString(rand.Intn(255), rand)
  217. return reflect.ValueOf(m)
  218. }
  219. func (*newSessionTicketMsg) Generate(rand *rand.Rand, size int) reflect.Value {
  220. m := &newSessionTicketMsg{}
  221. m.ticket = randomBytes(rand.Intn(4), rand)
  222. return reflect.ValueOf(m)
  223. }
  224. func (*sessionState) Generate(rand *rand.Rand, size int) reflect.Value {
  225. s := &sessionState{}
  226. s.vers = uint16(rand.Intn(10000))
  227. s.cipherSuite = uint16(rand.Intn(10000))
  228. s.masterSecret = randomBytes(rand.Intn(100), rand)
  229. numCerts := rand.Intn(20)
  230. s.certificates = make([][]byte, numCerts)
  231. for i := 0; i < numCerts; i++ {
  232. s.certificates[i] = randomBytes(rand.Intn(10)+1, rand)
  233. }
  234. return reflect.ValueOf(s)
  235. }
  236. func TestRejectEmptySCTList(t *testing.T) {
  237. // https://tools.ietf.org/html/rfc6962#section-3.3.1 specifies that
  238. // empty SCT lists are invalid.
  239. var random [32]byte
  240. sct := []byte{0x42, 0x42, 0x42, 0x42}
  241. serverHello := serverHelloMsg{
  242. vers: VersionTLS12,
  243. random: random[:],
  244. scts: [][]byte{sct},
  245. }
  246. serverHelloBytes := serverHello.marshal()
  247. var serverHelloCopy serverHelloMsg
  248. if !serverHelloCopy.unmarshal(serverHelloBytes) {
  249. t.Fatal("Failed to unmarshal initial message")
  250. }
  251. // Change serverHelloBytes so that the SCT list is empty
  252. i := bytes.Index(serverHelloBytes, sct)
  253. if i < 0 {
  254. t.Fatal("Cannot find SCT in ServerHello")
  255. }
  256. var serverHelloEmptySCT []byte
  257. serverHelloEmptySCT = append(serverHelloEmptySCT, serverHelloBytes[:i-6]...)
  258. // Append the extension length and SCT list length for an empty list.
  259. serverHelloEmptySCT = append(serverHelloEmptySCT, []byte{0, 2, 0, 0}...)
  260. serverHelloEmptySCT = append(serverHelloEmptySCT, serverHelloBytes[i+4:]...)
  261. // Update the handshake message length.
  262. serverHelloEmptySCT[1] = byte((len(serverHelloEmptySCT) - 4) >> 16)
  263. serverHelloEmptySCT[2] = byte((len(serverHelloEmptySCT) - 4) >> 8)
  264. serverHelloEmptySCT[3] = byte(len(serverHelloEmptySCT) - 4)
  265. // Update the extensions length
  266. serverHelloEmptySCT[42] = byte((len(serverHelloEmptySCT) - 44) >> 8)
  267. serverHelloEmptySCT[43] = byte((len(serverHelloEmptySCT) - 44))
  268. if serverHelloCopy.unmarshal(serverHelloEmptySCT) {
  269. t.Fatal("Unmarshaled ServerHello with empty SCT list")
  270. }
  271. }
  272. func TestRejectEmptySCT(t *testing.T) {
  273. // Not only must the SCT list be non-empty, but the SCT elements must
  274. // not be zero length.
  275. var random [32]byte
  276. serverHello := serverHelloMsg{
  277. vers: VersionTLS12,
  278. random: random[:],
  279. scts: [][]byte{nil},
  280. }
  281. serverHelloBytes := serverHello.marshal()
  282. var serverHelloCopy serverHelloMsg
  283. if serverHelloCopy.unmarshal(serverHelloBytes) {
  284. t.Fatal("Unmarshaled ServerHello with zero-length SCT")
  285. }
  286. }