ssl/test/handshake_util.cc - boringssl.git - Git at Google

 /* Copyright (c) 2018, Google Inc.
  *
  * Permission to use, copy, modify, and/or distribute this software for any
  * purpose with or without fee is hereby granted, provided that the above
  * copyright notice and this permission notice appear in all copies.
  *
  * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
  * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
  * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY
  * SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
  * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION
  * OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN
  * CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. */

 #include "handshake_util.h"

 #include <assert.h>

 #include <functional>

 #include "async_bio.h"
 #include "packeted_bio.h"
 #include "test_config.h"
 #include "test_state.h"

 #include <openssl/ssl.h>

 using namespace bssl;

 bool RetryAsync(SSL *ssl, int ret) {
   // No error; don't retry.
   if (ret >= 0) {
     return false;
   }

   TestState *test_state = GetTestState(ssl);
   assert(GetTestConfig(ssl)->async);

   if (test_state->packeted_bio != nullptr &&
       PacketedBioAdvanceClock(test_state->packeted_bio)) {
     // The DTLS retransmit logic silently ignores write failures. So the test
     // may progress, allow writes through synchronously.
     AsyncBioEnforceWriteQuota(test_state->async_bio, false);
     int timeout_ret = DTLSv1_handle_timeout(ssl);
     AsyncBioEnforceWriteQuota(test_state->async_bio, true);

     if (timeout_ret < 0) {
       fprintf(stderr, "Error retransmitting.\n");
       return false;
     }
     return true;
   }

   // See if we needed to read or write more. If so, allow one byte through on
   // the appropriate end to maximally stress the state machine.
   switch (SSL_get_error(ssl, ret)) {
     case SSL_ERROR_WANT_READ:
       AsyncBioAllowRead(test_state->async_bio, 1);
       return true;
     case SSL_ERROR_WANT_WRITE:
       AsyncBioAllowWrite(test_state->async_bio, 1);
       return true;
     case SSL_ERROR_WANT_CHANNEL_ID_LOOKUP: {
       UniquePtr<EVP_PKEY> pkey =
           LoadPrivateKey(GetTestConfig(ssl)->send_channel_id);
       if (!pkey) {
         return false;
       }
       test_state->channel_id = std::move(pkey);
       return true;
     }
     case SSL_ERROR_WANT_X509_LOOKUP:
       test_state->cert_ready = true;
       return true;
     case SSL_ERROR_PENDING_SESSION:
       test_state->session = std::move(test_state->pending_session);
       return true;
     case SSL_ERROR_PENDING_CERTIFICATE:
       test_state->early_callback_ready = true;
       return true;
     case SSL_ERROR_WANT_PRIVATE_KEY_OPERATION:
       test_state->private_key_retries++;
       return true;
     case SSL_ERROR_WANT_CERTIFICATE_VERIFY:
       test_state->custom_verify_ready = true;
       return true;
     default:
       return false;
   }
 }

 int CheckIdempotentError(const char *name, SSL *ssl,
                          std::function<int()> func) {
   int ret = func();
   int ssl_err = SSL_get_error(ssl, ret);
   uint32_t err = ERR_peek_error();
   if (ssl_err == SSL_ERROR_SSL || ssl_err == SSL_ERROR_ZERO_RETURN) {
     int ret2 = func();
     int ssl_err2 = SSL_get_error(ssl, ret2);
     uint32_t err2 = ERR_peek_error();
     if (ret != ret2 || ssl_err != ssl_err2 || err != err2) {
       fprintf(stderr, "Repeating %s did not replay the error.\n", name);
       char buf[256];
       ERR_error_string_n(err, buf, sizeof(buf));
       fprintf(stderr, "Wanted: %d %d %s\n", ret, ssl_err, buf);
       ERR_error_string_n(err2, buf, sizeof(buf));
       fprintf(stderr, "Got:    %d %d %s\n", ret2, ssl_err2, buf);
       // runner treats exit code 90 as always failing. Otherwise, it may
       // accidentally consider the result an expected protocol failure.
       exit(90);
     }
   }
   return ret;
 }

 // MoveBIOs moves the |BIO|s of |src| to |dst|.  It is used for handoff.
 static void MoveBIOs(SSL *dest, SSL *src) {
   BIO *rbio = SSL_get_rbio(src);
   BIO_up_ref(rbio);
   SSL_set0_rbio(dest, rbio);

   BIO *wbio = SSL_get_wbio(src);
   BIO_up_ref(wbio);
   SSL_set0_wbio(dest, wbio);

   SSL_set0_rbio(src, nullptr);
   SSL_set0_wbio(src, nullptr);
 }

 static bool HandoffReady(SSL *ssl, int ret) {
   return ret < 0 && SSL_get_error(ssl, ret) == SSL_ERROR_HANDOFF;
 }

 static bool HandbackReady(SSL *ssl, int ret) {
   return ret < 0 && SSL_get_error(ssl, ret) == SSL_ERROR_HANDBACK;
 }

 bool DoSplitHandshake(UniquePtr<SSL> *ssl_uniqueptr, SettingsWriter *writer,
                       bool is_resume) {
   SSL *ssl = ssl_uniqueptr->get();
   SSL_set_handoff_mode(ssl, 1);

   const TestConfig *config = GetTestConfig(ssl);
   int ret = -1;
   do {
     ret = CheckIdempotentError("SSL_do_handshake", ssl,
                                [&]() -> int { return SSL_do_handshake(ssl); });
   } while (!HandoffReady(ssl, ret) &&
            config->async &&
            RetryAsync(ssl, ret));

   ScopedCBB cbb;
   Array<uint8_t> handoff;
   if (!HandoffReady(ssl, ret) ||
       !CBB_init(cbb.get(), 512) ||
       !SSL_serialize_handoff(ssl, cbb.get()) ||
       !CBBFinishArray(cbb.get(), &handoff) ||
       !writer->WriteHandoff(handoff)) {
     fprintf(stderr, "Handoff failed.\n");
     return false;
   }

   UniquePtr<SSL_CTX> ctx = config->SetupCtx(ssl->ctx.get());
   if (!ctx) {
     return false;
   }
   UniquePtr<SSL> ssl_handshaker =
       config->NewSSL(ctx.get(), nullptr, false, nullptr);
   if (!ssl_handshaker) {
     return false;
   }
   MoveBIOs(ssl_handshaker.get(), ssl);

   if (!MoveTestState(ssl_handshaker.get(), ssl) ||
       !SSL_apply_handoff(ssl_handshaker.get(), handoff)) {
     fprintf(stderr, "Handoff application failed.\n");
     return false;
   }

   do {
     ret = CheckIdempotentError(
         "SSL_do_handshake", ssl_handshaker.get(),
         [&]() -> int { return SSL_do_handshake(ssl_handshaker.get()); });
   } while (config->async && RetryAsync(ssl_handshaker.get(), ret));

   Array<uint8_t> handback;
   if (!HandbackReady(ssl_handshaker.get(), ret) ||
       !CBB_init(cbb.get(), 512) ||
       !SSL_serialize_handback(ssl_handshaker.get(), cbb.get()) ||
       !CBBFinishArray(cbb.get(), &handback) ||
       !writer->WriteHandback(handback)) {
     fprintf(stderr, "Handback failed.\n");
     return false;
   }

   UniquePtr<SSL> ssl_handback =
       config->NewSSL(ctx.get(), nullptr, false, nullptr);
   if (!ssl_handback) {
     return false;
   }
   MoveBIOs(ssl_handback.get(), ssl_handshaker.get());

   if (!MoveTestState(ssl_handback.get(), ssl_handshaker.get()) ||
       !SSL_apply_handback(ssl_handback.get(), handback)) {
     fprintf(stderr, "Handback application failed.\n");
     return false;
   }

   *ssl_uniqueptr = std::move(ssl_handback);
   return true;
 }
	/* Copyright (c) 2018, Google Inc.
	*
	* Permission to use, copy, modify, and/or distribute this software for any
	* purpose with or without fee is hereby granted, provided that the above
	* copyright notice and this permission notice appear in all copies.
	*
	* THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
	* WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
	* MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY
	* SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
	* WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION
	* OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN
	* CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. */

	#include "handshake_util.h"

	#include <assert.h>

	#include <functional>

	#include "async_bio.h"
	#include "packeted_bio.h"
	#include "test_config.h"
	#include "test_state.h"

	#include <openssl/ssl.h>

	using namespace bssl;

	bool RetryAsync(SSL *ssl, int ret) {
	// No error; don't retry.
	if (ret >= 0) {
	return false;
	}

	TestState *test_state = GetTestState(ssl);
	assert(GetTestConfig(ssl)->async);

	if (test_state->packeted_bio != nullptr &&
	PacketedBioAdvanceClock(test_state->packeted_bio)) {
	// The DTLS retransmit logic silently ignores write failures. So the test
	// may progress, allow writes through synchronously.
	AsyncBioEnforceWriteQuota(test_state->async_bio, false);
	int timeout_ret = DTLSv1_handle_timeout(ssl);
	AsyncBioEnforceWriteQuota(test_state->async_bio, true);

	if (timeout_ret < 0) {
	fprintf(stderr, "Error retransmitting.\n");
	return false;
	}
	return true;
	}

	// See if we needed to read or write more. If so, allow one byte through on
	// the appropriate end to maximally stress the state machine.
	switch (SSL_get_error(ssl, ret)) {
	case SSL_ERROR_WANT_READ:
	AsyncBioAllowRead(test_state->async_bio, 1);
	return true;
	case SSL_ERROR_WANT_WRITE:
	AsyncBioAllowWrite(test_state->async_bio, 1);
	return true;
	case SSL_ERROR_WANT_CHANNEL_ID_LOOKUP: {
	UniquePtr<EVP_PKEY> pkey =
	LoadPrivateKey(GetTestConfig(ssl)->send_channel_id);
	if (!pkey) {
	return false;
	}
	test_state->channel_id = std::move(pkey);
	return true;
	}
	case SSL_ERROR_WANT_X509_LOOKUP:
	test_state->cert_ready = true;
	return true;
	case SSL_ERROR_PENDING_SESSION:
	test_state->session = std::move(test_state->pending_session);
	return true;
	case SSL_ERROR_PENDING_CERTIFICATE:
	test_state->early_callback_ready = true;
	return true;
	case SSL_ERROR_WANT_PRIVATE_KEY_OPERATION:
	test_state->private_key_retries++;
	return true;
	case SSL_ERROR_WANT_CERTIFICATE_VERIFY:
	test_state->custom_verify_ready = true;
	return true;
	default:
	return false;
	}
	}

	int CheckIdempotentError(const char name, SSL ssl,
	std::function<int()> func) {
	int ret = func();
	int ssl_err = SSL_get_error(ssl, ret);
	uint32_t err = ERR_peek_error();
	if (ssl_err == SSL_ERROR_SSL \|\| ssl_err == SSL_ERROR_ZERO_RETURN) {
	int ret2 = func();
	int ssl_err2 = SSL_get_error(ssl, ret2);
	uint32_t err2 = ERR_peek_error();
	if (ret != ret2 \|\| ssl_err != ssl_err2 \|\| err != err2) {
	fprintf(stderr, "Repeating %s did not replay the error.\n", name);
	char buf[256];
	ERR_error_string_n(err, buf, sizeof(buf));
	fprintf(stderr, "Wanted: %d %d %s\n", ret, ssl_err, buf);
	ERR_error_string_n(err2, buf, sizeof(buf));
	fprintf(stderr, "Got: %d %d %s\n", ret2, ssl_err2, buf);
	// runner treats exit code 90 as always failing. Otherwise, it may
	// accidentally consider the result an expected protocol failure.
	exit(90);
	}
	}
	return ret;
	}

	// MoveBIOs moves the \|BIO\|s of \|src\| to \|dst\|. It is used for handoff.
	static void MoveBIOs(SSL dest, SSL src) {
	BIO *rbio = SSL_get_rbio(src);
	BIO_up_ref(rbio);
	SSL_set0_rbio(dest, rbio);

	BIO *wbio = SSL_get_wbio(src);
	BIO_up_ref(wbio);
	SSL_set0_wbio(dest, wbio);

	SSL_set0_rbio(src, nullptr);
	SSL_set0_wbio(src, nullptr);
	}

	static bool HandoffReady(SSL *ssl, int ret) {
	return ret < 0 && SSL_get_error(ssl, ret) == SSL_ERROR_HANDOFF;
	}

	static bool HandbackReady(SSL *ssl, int ret) {
	return ret < 0 && SSL_get_error(ssl, ret) == SSL_ERROR_HANDBACK;
	}

	bool DoSplitHandshake(UniquePtr<SSL> ssl_uniqueptr, SettingsWriter writer,
	bool is_resume) {
	SSL *ssl = ssl_uniqueptr->get();
	SSL_set_handoff_mode(ssl, 1);

	const TestConfig *config = GetTestConfig(ssl);
	int ret = -1;
	do {
	ret = CheckIdempotentError("SSL_do_handshake", ssl,
	[&]() -> int { return SSL_do_handshake(ssl); });
	} while (!HandoffReady(ssl, ret) &&
	config->async &&
	RetryAsync(ssl, ret));

	ScopedCBB cbb;
	Array<uint8_t> handoff;
	if (!HandoffReady(ssl, ret) \|\|
	!CBB_init(cbb.get(), 512) \|\|
	!SSL_serialize_handoff(ssl, cbb.get()) \|\|
	!CBBFinishArray(cbb.get(), &handoff) \|\|
	!writer->WriteHandoff(handoff)) {
	fprintf(stderr, "Handoff failed.\n");
	return false;
	}

	UniquePtr<SSL_CTX> ctx = config->SetupCtx(ssl->ctx.get());
	if (!ctx) {
	return false;
	}
	UniquePtr<SSL> ssl_handshaker =
	config->NewSSL(ctx.get(), nullptr, false, nullptr);
	if (!ssl_handshaker) {
	return false;
	}
	MoveBIOs(ssl_handshaker.get(), ssl);

	if (!MoveTestState(ssl_handshaker.get(), ssl) \|\|
	!SSL_apply_handoff(ssl_handshaker.get(), handoff)) {
	fprintf(stderr, "Handoff application failed.\n");
	return false;
	}

	do {
	ret = CheckIdempotentError(
	"SSL_do_handshake", ssl_handshaker.get(),
	[&]() -> int { return SSL_do_handshake(ssl_handshaker.get()); });
	} while (config->async && RetryAsync(ssl_handshaker.get(), ret));

	Array<uint8_t> handback;
	if (!HandbackReady(ssl_handshaker.get(), ret) \|\|
	!CBB_init(cbb.get(), 512) \|\|
	!SSL_serialize_handback(ssl_handshaker.get(), cbb.get()) \|\|
	!CBBFinishArray(cbb.get(), &handback) \|\|
	!writer->WriteHandback(handback)) {
	fprintf(stderr, "Handback failed.\n");
	return false;
	}

	UniquePtr<SSL> ssl_handback =
	config->NewSSL(ctx.get(), nullptr, false, nullptr);
	if (!ssl_handback) {
	return false;
	}
	MoveBIOs(ssl_handback.get(), ssl_handshaker.get());

	if (!MoveTestState(ssl_handback.get(), ssl_handshaker.get()) \|\|
	!SSL_apply_handback(ssl_handback.get(), handback)) {
	fprintf(stderr, "Handback application failed.\n");
	return false;
	}

	*ssl_uniqueptr = std::move(ssl_handback);
	return true;
	}