diff options
| author | Theo Buehler <tb@cvs.openbsd.org> | 2020-09-25 08:38:26 +0000 |
|---|---|---|
| committer | Theo Buehler <tb@cvs.openbsd.org> | 2020-09-25 08:38:26 +0000 |
| commit | a00b7d4bd65e9009059465bc72961601ad881f49 (patch) | |
| tree | b81a01596e1b5b38d3ca3ac0cefd8665369eaae1 | |
| parent | 6ceb114dc7a3a1d1a79f99e8c0380bde51c6ae4b (diff) | |
test-tls13-finished.py has 70 failing tests that expect a "decode_error"
instead of the "decrypt_error" sent by tls13_server_finished_recv().
Both alerts appear to be reasonable in this context, so enable the tests
while working around this.
| -rw-r--r-- | regress/lib/libssl/tlsfuzzer/tlsfuzzer.py | 100 |
1 files changed, 94 insertions, 6 deletions
diff --git a/regress/lib/libssl/tlsfuzzer/tlsfuzzer.py b/regress/lib/libssl/tlsfuzzer/tlsfuzzer.py index c4733826217..4e8f2c60a3a 100644 --- a/regress/lib/libssl/tlsfuzzer/tlsfuzzer.py +++ b/regress/lib/libssl/tlsfuzzer/tlsfuzzer.py @@ -1,4 +1,4 @@ -# $OpenBSD: tlsfuzzer.py,v 1.18 2020/09/25 06:34:59 tb Exp $ +# $OpenBSD: tlsfuzzer.py,v 1.19 2020/09/25 08:38:25 tb Exp $ # # Copyright (c) 2020 Theo Buehler <tb@openbsd.org> # @@ -92,6 +92,97 @@ tls13_tests = TestGroup("TLSv1.3 tests", [ ]), ]) +# test-tls13-finished.py has 70 failing tests that expect a "decode_error" +# instead of the "decrypt_error" sent by tls13_server_finished_recv(). +# Both alerts appear to be reasonable in this context, so work around this +# in the test instead of the library. +def generate_test_tls13_finished_args(): + assertion = "Expected alert description \"decode_error\" does not match received \"decrypt_error\"" + paddings = [ + ("TLS_AES_128_GCM_SHA256", 0, 1), + ("TLS_AES_128_GCM_SHA256", 0, 2), + ("TLS_AES_128_GCM_SHA256", 0, 4), + ("TLS_AES_128_GCM_SHA256", 0, 8), + ("TLS_AES_128_GCM_SHA256", 0, 16), + ("TLS_AES_128_GCM_SHA256", 0, 32), + ("TLS_AES_128_GCM_SHA256", 0, 48), + ("TLS_AES_128_GCM_SHA256", 0, 2**14-4-32), + ("TLS_AES_128_GCM_SHA256", 0, 0x20000), + ("TLS_AES_128_GCM_SHA256", 0, 0x30000), + ("TLS_AES_128_GCM_SHA256", 1, 0), + ("TLS_AES_128_GCM_SHA256", 2, 0), + ("TLS_AES_128_GCM_SHA256", 4, 0), + ("TLS_AES_128_GCM_SHA256", 8, 0), + ("TLS_AES_128_GCM_SHA256", 16, 0), + ("TLS_AES_128_GCM_SHA256", 32, 0), + ("TLS_AES_128_GCM_SHA256", 48, 0), + ("TLS_AES_128_GCM_SHA256", 2**14-4-32, 0), + ("TLS_AES_128_GCM_SHA256", 12, 0), + ("TLS_AES_128_GCM_SHA256", 1, 1), + ("TLS_AES_128_GCM_SHA256", 8, 8), + ("TLS_AES_256_GCM_SHA384", 0, 1), + ("TLS_AES_256_GCM_SHA384", 0, 2), + ("TLS_AES_256_GCM_SHA384", 0, 4), + ("TLS_AES_256_GCM_SHA384", 0, 8), + ("TLS_AES_256_GCM_SHA384", 0, 16), + ("TLS_AES_256_GCM_SHA384", 0, 32), + ("TLS_AES_256_GCM_SHA384", 0, 48), + ("TLS_AES_256_GCM_SHA384", 0, 2**14-4-48), + ("TLS_AES_256_GCM_SHA384", 0, 0x20000), + ("TLS_AES_256_GCM_SHA384", 0, 0x30000), + ("TLS_AES_256_GCM_SHA384", 0, 12), + ("TLS_AES_256_GCM_SHA384", 1, 0), + ("TLS_AES_256_GCM_SHA384", 2, 0), + ("TLS_AES_256_GCM_SHA384", 4, 0), + ("TLS_AES_256_GCM_SHA384", 8, 0), + ("TLS_AES_256_GCM_SHA384", 16, 0), + ("TLS_AES_256_GCM_SHA384", 32, 0), + ("TLS_AES_256_GCM_SHA384", 48, 0), + ("TLS_AES_256_GCM_SHA384", 2**14-4-48, 0), + ("TLS_AES_256_GCM_SHA384", 1, 1), + ("TLS_AES_256_GCM_SHA384", 8, 8), + ] + truncations = [ + ("TLS_AES_128_GCM_SHA256", 0, -1), + ("TLS_AES_128_GCM_SHA256", 0, -2), + ("TLS_AES_128_GCM_SHA256", 0, -4), + ("TLS_AES_128_GCM_SHA256", 0, -8), + ("TLS_AES_128_GCM_SHA256", 0, -16), + ("TLS_AES_128_GCM_SHA256", 0, -32), + ("TLS_AES_128_GCM_SHA256", 0, 12), + ("TLS_AES_128_GCM_SHA256", 1, None), + ("TLS_AES_128_GCM_SHA256", 2, None), + ("TLS_AES_128_GCM_SHA256", 4, None), + ("TLS_AES_128_GCM_SHA256", 8, None), + ("TLS_AES_128_GCM_SHA256", 16, None), + ("TLS_AES_128_GCM_SHA256", 32, None), + ("TLS_AES_256_GCM_SHA384", 0, -1), + ("TLS_AES_256_GCM_SHA384", 0, -2), + ("TLS_AES_256_GCM_SHA384", 0, -4), + ("TLS_AES_256_GCM_SHA384", 0, -8), + ("TLS_AES_256_GCM_SHA384", 0, -16), + ("TLS_AES_256_GCM_SHA384", 0, -32), + ("TLS_AES_256_GCM_SHA384", 0, 12), + ("TLS_AES_256_GCM_SHA384", 1, None), + ("TLS_AES_256_GCM_SHA384", 2, None), + ("TLS_AES_256_GCM_SHA384", 4, None), + ("TLS_AES_256_GCM_SHA384", 8, None), + ("TLS_AES_256_GCM_SHA384", 16, None), + ("TLS_AES_256_GCM_SHA384", 32, None), + ] + + args = [ + "-x", "empty - cipher TLS_AES_128_GCM_SHA256", "-X", assertion, + "-x", "empty - cipher TLS_AES_256_GCM_SHA384", "-X", assertion, + ] + padding_fmt = "padding - cipher %s, pad_byte 0, pad_left %d, pad_right %d" + for padding in paddings: + args += ["-x", padding_fmt % padding, "-X", assertion] + truncation_fmt = "truncation - cipher %s, start %d, end %s" + for truncation in truncations: + args += ["-x", truncation_fmt % truncation, "-X", assertion] + return args + # Tests that take a lot of time (> ~30s on an x280) tls13_slow_tests = TestGroup("slow TLSv1.3 tests", [ # XXX: Investigate the occasional message @@ -101,6 +192,8 @@ tls13_slow_tests = TestGroup("slow TLSv1.3 tests", [ Test("test-tls13-invalid-ciphers.py"), Test("test-tls13-serverhello-random.py", tls13_unsupported_ciphers), + Test("test-tls13-finished.py", generate_test_tls13_finished_args()), + # Mark two tests cases as xfail for now. The tests expect an arguably # correct decode_error while we send a decrypt_error (like fizz/boring). Test("test-tls13-record-layer-limits.py", [ @@ -161,11 +254,6 @@ tls13_slow_failing_tests = TestGroup("slow, failing TLSv1.3 tests", [ Test("test-tls13-symetric-ciphers.py"), # unexpected message from peer - # 70 fail and 644 pass. For some reason the tests expect a decode_error - # but we send a decrypt_error after the CBS_mem_equal() fails in - # tls13_server_finished_recv() (which is correct). - Test("test-tls13-finished.py"), # decrypt_error -> decode_error? - # 6 tests fail: 'rsa_pkcs1_{md5,sha{1,224,256,384,512}} signature' # We send server hello, but the test expects handshake_failure Test("test-tls13-pkcs-signature.py"), |