kris
/
tls-tris
1
0
포크 0
코드 이슈 0 풀 리퀘스트 0 릴리즈 0 위키 활동
25개 이상의 토픽을 선택하실 수 없습니다. Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
324 커밋
4 브랜치
2.5 MiB
 
 
 
 
 
 
트리: 1b8b6efd10
브랜치 태그
${ item.name }
${ searchTerm } 브랜치 생성
from '1b8b6efd10'
${ noResults }
tls-tris/handshake_messages_test.go

326 lines
8.4 KiB
Raw Blame 히스토리 

  1. // Copyright 2009 The Go Authors. All rights reserved.

  2. // Use of this source code is governed by a BSD-style

  3. // license that can be found in the LICENSE file.

  4. 

  5. package tls

  6. 

  7. import (

  8. 	"bytes"

  9. 	"math/rand"

  10. 	"reflect"

  11. 	"testing"

  12. 	"testing/quick"

  13. )

  14. 

  15. var tests = []interface{}{

  16. 	&clientHelloMsg{},

  17. 	&serverHelloMsg{},

  18. 	&finishedMsg{},

  19. 

  20. 	&certificateMsg{},

  21. 	&certificateRequestMsg{},

  22. 	&certificateVerifyMsg{},

  23. 	&certificateStatusMsg{},

  24. 	&clientKeyExchangeMsg{},

  25. 	&nextProtoMsg{},

  26. 	&newSessionTicketMsg{},

  27. 	&sessionState{},

  28. }

  29. 

  30. type testMessage interface {

  31. 	marshal() []byte

  32. 	unmarshal([]byte) bool

  33. 	equal(interface{}) bool

  34. }

  35. 

  36. func TestMarshalUnmarshal(t *testing.T) {

  37. 	rand := rand.New(rand.NewSource(0))

  38. 

  39. 	for i, iface := range tests {

  40. 		ty := reflect.ValueOf(iface).Type()

  41. 

  42. 		n := 100

  43. 		if testing.Short() {

  44. 			n = 5

  45. 		}

  46. 		for j := 0; j < n; j++ {

  47. 			v, ok := quick.Value(ty, rand)

  48. 			if !ok {

  49. 				t.Errorf("#%d: failed to create value", i)

  50. 				break

  51. 			}

  52. 

  53. 			m1 := v.Interface().(testMessage)

  54. 			marshaled := m1.marshal()

  55. 			m2 := iface.(testMessage)

  56. 			if !m2.unmarshal(marshaled) {

  57. 				t.Errorf("#%d failed to unmarshal %#v %x", i, m1, marshaled)

  58. 				break

  59. 			}

  60. 			m2.marshal() // to fill any marshal cache in the message

  61. 

  62. 			if !m1.equal(m2) {

  63. 				t.Errorf("#%d got:%#v want:%#v %x", i, m2, m1, marshaled)

  64. 				break

  65. 			}

  66. 

  67. 			if i >= 3 {

  68. 				// The first three message types (ClientHello,

  69. 				// ServerHello and Finished) are allowed to

  70. 				// have parsable prefixes because the extension

  71. 				// data is optional and the length of the

  72. 				// Finished varies across versions.

  73. 				for j := 0; j < len(marshaled); j++ {

  74. 					if m2.unmarshal(marshaled[0:j]) {

  75. 						t.Errorf("#%d unmarshaled a prefix of length %d of %#v", i, j, m1)

  76. 						break

  77. 					}

  78. 				}

  79. 			}

  80. 		}

  81. 	}

  82. }

  83. 

  84. func TestFuzz(t *testing.T) {

  85. 	rand := rand.New(rand.NewSource(0))

  86. 	for _, iface := range tests {

  87. 		m := iface.(testMessage)

  88. 

  89. 		for j := 0; j < 1000; j++ {

  90. 			len := rand.Intn(100)

  91. 			bytes := randomBytes(len, rand)

  92. 			// This just looks for crashes due to bounds errors etc.

  93. 			m.unmarshal(bytes)

  94. 		}

  95. 	}

  96. }

  97. 

  98. func randomBytes(n int, rand *rand.Rand) []byte {

  99. 	r := make([]byte, n)

  100. 	for i := 0; i < n; i++ {

  101. 		r[i] = byte(rand.Int31())

  102. 	}

  103. 	return r

  104. }

  105. 

  106. func randomString(n int, rand *rand.Rand) string {

  107. 	b := randomBytes(n, rand)

  108. 	return string(b)

  109. }

  110. 

  111. func (*clientHelloMsg) Generate(rand *rand.Rand, size int) reflect.Value {

  112. 	m := &clientHelloMsg{}

  113. 	m.vers = uint16(rand.Intn(65536))

  114. 	m.random = randomBytes(32, rand)

  115. 	m.sessionId = randomBytes(rand.Intn(32), rand)

  116. 	m.cipherSuites = make([]uint16, rand.Intn(63)+1)

  117. 	for i := 0; i < len(m.cipherSuites); i++ {

  118. 		m.cipherSuites[i] = uint16(rand.Int31())

  119. 	}

  120. 	m.compressionMethods = randomBytes(rand.Intn(63)+1, rand)

  121. 	if rand.Intn(10) > 5 {

  122. 		m.nextProtoNeg = true

  123. 	}

  124. 	if rand.Intn(10) > 5 {

  125. 		m.serverName = randomString(rand.Intn(255), rand)

  126. 	}

  127. 	m.ocspStapling = rand.Intn(10) > 5

  128. 	m.supportedPoints = randomBytes(rand.Intn(5)+1, rand)

  129. 	m.supportedCurves = make([]CurveID, rand.Intn(5)+1)

  130. 	for i := range m.supportedCurves {

  131. 		m.supportedCurves[i] = CurveID(rand.Intn(30000))

  132. 	}

  133. 	if rand.Intn(10) > 5 {

  134. 		m.ticketSupported = true

  135. 		if rand.Intn(10) > 5 {

  136. 			m.sessionTicket = randomBytes(rand.Intn(300), rand)

  137. 		}

  138. 	}

  139. 	if rand.Intn(10) > 5 {

  140. 		m.signatureAndHashes = supportedSignatureAlgorithms

  141. 	}

  142. 	m.alpnProtocols = make([]string, rand.Intn(5))

  143. 	for i := range m.alpnProtocols {

  144. 		m.alpnProtocols[i] = randomString(rand.Intn(20)+1, rand)

  145. 	}

  146. 	if rand.Intn(10) > 5 {

  147. 		m.scts = true

  148. 	}

  149. 

  150. 	return reflect.ValueOf(m)

  151. }

  152. 

  153. func (*serverHelloMsg) Generate(rand *rand.Rand, size int) reflect.Value {

  154. 	m := &serverHelloMsg{}

  155. 	m.vers = uint16(rand.Intn(65536))

  156. 	m.random = randomBytes(32, rand)

  157. 	m.sessionId = randomBytes(rand.Intn(32), rand)

  158. 	m.cipherSuite = uint16(rand.Int31())

  159. 	m.compressionMethod = uint8(rand.Intn(256))

  160. 

  161. 	if rand.Intn(10) > 5 {

  162. 		m.nextProtoNeg = true

  163. 

  164. 		n := rand.Intn(10)

  165. 		m.nextProtos = make([]string, n)

  166. 		for i := 0; i < n; i++ {

  167. 			m.nextProtos[i] = randomString(20, rand)

  168. 		}

  169. 	}

  170. 

  171. 	if rand.Intn(10) > 5 {

  172. 		m.ocspStapling = true

  173. 	}

  174. 	if rand.Intn(10) > 5 {

  175. 		m.ticketSupported = true

  176. 	}

  177. 	m.alpnProtocol = randomString(rand.Intn(32)+1, rand)

  178. 

  179. 	if rand.Intn(10) > 5 {

  180. 		numSCTs := rand.Intn(4)

  181. 		m.scts = make([][]byte, numSCTs)

  182. 		for i := range m.scts {

  183. 			m.scts[i] = randomBytes(rand.Intn(500), rand)

  184. 		}

  185. 	}

  186. 

  187. 	return reflect.ValueOf(m)

  188. }

  189. 

  190. func (*certificateMsg) Generate(rand *rand.Rand, size int) reflect.Value {

  191. 	m := &certificateMsg{}

  192. 	numCerts := rand.Intn(20)

  193. 	m.certificates = make([][]byte, numCerts)

  194. 	for i := 0; i < numCerts; i++ {

  195. 		m.certificates[i] = randomBytes(rand.Intn(10)+1, rand)

  196. 	}

  197. 	return reflect.ValueOf(m)

  198. }

  199. 

  200. func (*certificateRequestMsg) Generate(rand *rand.Rand, size int) reflect.Value {

  201. 	m := &certificateRequestMsg{}

  202. 	m.certificateTypes = randomBytes(rand.Intn(5)+1, rand)

  203. 	numCAs := rand.Intn(100)

  204. 	m.certificateAuthorities = make([][]byte, numCAs)

  205. 	for i := 0; i < numCAs; i++ {

  206. 		m.certificateAuthorities[i] = randomBytes(rand.Intn(15)+1, rand)

  207. 	}

  208. 	return reflect.ValueOf(m)

  209. }

  210. 

  211. func (*certificateVerifyMsg) Generate(rand *rand.Rand, size int) reflect.Value {

  212. 	m := &certificateVerifyMsg{}

  213. 	m.signature = randomBytes(rand.Intn(15)+1, rand)

  214. 	return reflect.ValueOf(m)

  215. }

  216. 

  217. func (*certificateStatusMsg) Generate(rand *rand.Rand, size int) reflect.Value {

  218. 	m := &certificateStatusMsg{}

  219. 	if rand.Intn(10) > 5 {

  220. 		m.statusType = statusTypeOCSP

  221. 		m.response = randomBytes(rand.Intn(10)+1, rand)

  222. 	} else {

  223. 		m.statusType = 42

  224. 	}

  225. 	return reflect.ValueOf(m)

  226. }

  227. 

  228. func (*clientKeyExchangeMsg) Generate(rand *rand.Rand, size int) reflect.Value {

  229. 	m := &clientKeyExchangeMsg{}

  230. 	m.ciphertext = randomBytes(rand.Intn(1000)+1, rand)

  231. 	return reflect.ValueOf(m)

  232. }

  233. 

  234. func (*finishedMsg) Generate(rand *rand.Rand, size int) reflect.Value {

  235. 	m := &finishedMsg{}

  236. 	m.verifyData = randomBytes(12, rand)

  237. 	return reflect.ValueOf(m)

  238. }

  239. 

  240. func (*nextProtoMsg) Generate(rand *rand.Rand, size int) reflect.Value {

  241. 	m := &nextProtoMsg{}

  242. 	m.proto = randomString(rand.Intn(255), rand)

  243. 	return reflect.ValueOf(m)

  244. }

  245. 

  246. func (*newSessionTicketMsg) Generate(rand *rand.Rand, size int) reflect.Value {

  247. 	m := &newSessionTicketMsg{}

  248. 	m.ticket = randomBytes(rand.Intn(4), rand)

  249. 	return reflect.ValueOf(m)

  250. }

  251. 

  252. func (*sessionState) Generate(rand *rand.Rand, size int) reflect.Value {

  253. 	s := &sessionState{}

  254. 	s.vers = uint16(rand.Intn(10000))

  255. 	s.cipherSuite = uint16(rand.Intn(10000))

  256. 	s.masterSecret = randomBytes(rand.Intn(100), rand)

  257. 	numCerts := rand.Intn(20)

  258. 	s.certificates = make([][]byte, numCerts)

  259. 	for i := 0; i < numCerts; i++ {

  260. 		s.certificates[i] = randomBytes(rand.Intn(10)+1, rand)

  261. 	}

  262. 	return reflect.ValueOf(s)

  263. }

  264. 

  265. func TestRejectEmptySCTList(t *testing.T) {

  266. 	// https://tools.ietf.org/html/rfc6962#section-3.3.1 specifies that

  267. 	// empty SCT lists are invalid.

  268. 

  269. 	var random [32]byte

  270. 	sct := []byte{0x42, 0x42, 0x42, 0x42}

  271. 	serverHello := serverHelloMsg{

  272. 		vers:   VersionTLS12,

  273. 		random: random[:],

  274. 		scts:   [][]byte{sct},

  275. 	}

  276. 	serverHelloBytes := serverHello.marshal()

  277. 

  278. 	var serverHelloCopy serverHelloMsg

  279. 	if !serverHelloCopy.unmarshal(serverHelloBytes) {

  280. 		t.Fatal("Failed to unmarshal initial message")

  281. 	}

  282. 

  283. 	// Change serverHelloBytes so that the SCT list is empty

  284. 	i := bytes.Index(serverHelloBytes, sct)

  285. 	if i < 0 {

  286. 		t.Fatal("Cannot find SCT in ServerHello")

  287. 	}

  288. 

  289. 	var serverHelloEmptySCT []byte

  290. 	serverHelloEmptySCT = append(serverHelloEmptySCT, serverHelloBytes[:i-6]...)

  291. 	// Append the extension length and SCT list length for an empty list.

  292. 	serverHelloEmptySCT = append(serverHelloEmptySCT, []byte{0, 2, 0, 0}...)

  293. 	serverHelloEmptySCT = append(serverHelloEmptySCT, serverHelloBytes[i+4:]...)

  294. 

  295. 	// Update the handshake message length.

  296. 	serverHelloEmptySCT[1] = byte((len(serverHelloEmptySCT) - 4) >> 16)

  297. 	serverHelloEmptySCT[2] = byte((len(serverHelloEmptySCT) - 4) >> 8)

  298. 	serverHelloEmptySCT[3] = byte(len(serverHelloEmptySCT) - 4)

  299. 

  300. 	// Update the extensions length

  301. 	serverHelloEmptySCT[42] = byte((len(serverHelloEmptySCT) - 44) >> 8)

  302. 	serverHelloEmptySCT[43] = byte((len(serverHelloEmptySCT) - 44))

  303. 

  304. 	if serverHelloCopy.unmarshal(serverHelloEmptySCT) {

  305. 		t.Fatal("Unmarshaled ServerHello with empty SCT list")

  306. 	}

  307. }

  308. 

  309. func TestRejectEmptySCT(t *testing.T) {

  310. 	// Not only must the SCT list be non-empty, but the SCT elements must

  311. 	// not be zero length.

  312. 

  313. 	var random [32]byte

  314. 	serverHello := serverHelloMsg{

  315. 		vers:   VersionTLS12,

  316. 		random: random[:],

  317. 		scts:   [][]byte{nil},

  318. 	}

  319. 	serverHelloBytes := serverHello.marshal()

  320. 

  321. 	var serverHelloCopy serverHelloMsg

  322. 	if serverHelloCopy.unmarshal(serverHelloBytes) {

  323. 		t.Fatal("Unmarshaled ServerHello with zero-length SCT")

  324. 	}

  325. }