1 /*
2 * Copyright Amazon.com, Inc. or its affiliates. All Rights Reserved.
3 *
4 * Licensed under the Apache License, Version 2.0 (the "License").
5 * You may not use this file except in compliance with the License.
6 * A copy of the License is located at
7 *
8 * http://aws.amazon.com/apache2.0
9 *
10 * or in the "license" file accompanying this file. This file is distributed
11 * on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either
12 * express or implied. See the License for the specific language governing
13 * permissions and limitations under the License.
14 */
15
16 #include "s2n_test.h"
17
18 #include <string.h>
19 #include <stdio.h>
20 #include <s2n.h>
21
22 #include "stuffer/s2n_stuffer.h"
23 #include "testlib/s2n_testlib.h"
24 #include "tls/s2n_tls.h"
25 #include "tls/s2n_tls13.h"
26 #include "utils/s2n_safety.h"
27
28 /* Test vectors from https://tools.ietf.org/html/rfc8448#section-3 */
29
30 /* whole cert message without 0b0001b9 header */
31 const char tls13_cert_message_hex[] =
32 "000001b50001b03082"
33 "01ac30820115a003020102020102300d06092a8648"
34 "86f70d01010b0500300e310c300a06035504031303"
35 "727361301e170d3136303733303031323335395a17"
36 "0d3236303733303031323335395a300e310c300a06"
37 "03550403130372736130819f300d06092a864886f7"
38 "0d010101050003818d0030818902818100b4bb498f"
39 "8279303d980836399b36c6988c0c68de55e1bdb826"
40 "d3901a2461eafd2de49a91d015abbc9a95137ace6c"
41 "1af19eaa6af98c7ced43120998e187a80ee0ccb052"
42 "4b1b018c3e0b63264d449a6d38e22a5fda43084674"
43 "8030530ef0461c8ca9d9efbfae8ea6d1d03e2bd193"
44 "eff0ab9a8002c47428a6d35a8d88d79f7f1e3f0203"
45 "010001a31a301830090603551d1304023000300b06"
46 "03551d0f0404030205a0300d06092a864886f70d01"
47 "010b05000381810085aad2a0e5b9276b908c65f73a"
48 "7267170618a54c5f8a7b337d2df7a594365417f2ea"
49 "e8f8a58c8f8172f9319cf36b7fd6c55b80f21a0301"
50 "5156726096fd335e5e67f2dbf102702e608ccae6be"
51 "c1fc63a42a99be5c3eb7107c3c54e9b9eb2bd5203b"
52 "1c3b84e0a8b2f759409ba3eac9d91d402dcc0cc8f8"
53 "961229ac9187b42b4de10000";
54
55 /* cert only */
56 const char tls13_cert_hex[] =
57 "3082" /* without certificate chain header */
58 "01ac30820115a003020102020102300d06092a8648"
59 "86f70d01010b0500300e310c300a06035504031303"
60 "727361301e170d3136303733303031323335395a17"
61 "0d3236303733303031323335395a300e310c300a06"
62 "03550403130372736130819f300d06092a864886f7"
63 "0d010101050003818d0030818902818100b4bb498f"
64 "8279303d980836399b36c6988c0c68de55e1bdb826"
65 "d3901a2461eafd2de49a91d015abbc9a95137ace6c"
66 "1af19eaa6af98c7ced43120998e187a80ee0ccb052"
67 "4b1b018c3e0b63264d449a6d38e22a5fda43084674"
68 "8030530ef0461c8ca9d9efbfae8ea6d1d03e2bd193"
69 "eff0ab9a8002c47428a6d35a8d88d79f7f1e3f0203"
70 "010001a31a301830090603551d1304023000300b06"
71 "03551d0f0404030205a0300d06092a864886f70d01"
72 "010b05000381810085aad2a0e5b9276b908c65f73a"
73 "7267170618a54c5f8a7b337d2df7a594365417f2ea"
74 "e8f8a58c8f8172f9319cf36b7fd6c55b80f21a0301"
75 "5156726096fd335e5e67f2dbf102702e608ccae6be"
76 "c1fc63a42a99be5c3eb7107c3c54e9b9eb2bd5203b"
77 "1c3b84e0a8b2f759409ba3eac9d91d402dcc0cc8f8"
78 "961229ac9187b42b4de1";
79
80 /* certificate chain header. It contains
81 1. Request Context length (00)
82 2. Cert chain length (0001b5)
83 3. Cert length (0001b0)
84 */
85 const char tls13_cert_chain_header_hex[] =
86 "000001b50001b0";
87
88
main(int argc,char ** argv)89 int main(int argc, char **argv)
90 {
91 BEGIN_TEST();
92 EXPECT_SUCCESS(s2n_disable_tls13());
93
94 /* Test s2n_server_cert_recv() parses tls13 certificate */
95 {
96 S2N_BLOB_FROM_HEX(tls13_cert, tls13_cert_message_hex);
97 struct s2n_connection *conn;
98 EXPECT_NOT_NULL(conn = s2n_connection_new(S2N_CLIENT));
99
100 conn->x509_validator.skip_cert_validation = 1;
101
102 /* success case in tls13 parsing mode */
103 conn->actual_protocol_version = S2N_TLS13;
104 EXPECT_EQUAL(conn->actual_protocol_version, S2N_TLS13);
105 EXPECT_SUCCESS(s2n_stuffer_write(&conn->handshake.io, &tls13_cert));
106 EXPECT_SUCCESS(s2n_server_cert_recv(conn));
107 EXPECT_EQUAL(s2n_stuffer_data_available(&conn->handshake.io), 0);
108
109 /* failure case in tls12 parsing mode */
110 conn->actual_protocol_version = S2N_TLS12;
111 EXPECT_EQUAL(conn->actual_protocol_version, S2N_TLS12);
112 EXPECT_SUCCESS(s2n_stuffer_write(&conn->handshake.io, &tls13_cert));
113 EXPECT_FAILURE(s2n_server_cert_recv(conn));
114
115 EXPECT_SUCCESS(s2n_connection_free(conn));
116 }
117
118 /* Test s2n_server_cert_send() verify server's certificate */
119 {
120 char *tls13_cert_chain_hex;
121 /* creating a certificate chain by concatenating
122 1. chain header
123 2. certificate
124 */
125 EXPECT_NOT_NULL(tls13_cert_chain_hex = malloc(S2N_MAX_TEST_PEM_SIZE));
126 strcpy(tls13_cert_chain_hex, tls13_cert_chain_header_hex);
127 strcat(tls13_cert_chain_hex, tls13_cert_hex);
128 /* convert certificate chain hex to bytes*/
129 struct s2n_blob tls13_cert = {0};
130 EXPECT_SUCCESS(s2n_alloc(&tls13_cert, strlen(tls13_cert_chain_hex) / 2 ));
131 POSIX_GUARD(s2n_hex_string_to_bytes((uint8_t*)tls13_cert_chain_hex, &tls13_cert));
132
133 S2N_BLOB_FROM_HEX(tls13_cert_chain, tls13_cert_hex);
134
135 struct s2n_connection *conn;
136 uint8_t certificate_request_context_len;
137
138 struct s2n_cert cert = {.raw = tls13_cert_chain,.next = NULL};
139 /* .chain_size is size of cert + 3 for the 3 bytes to express the length */
140 struct s2n_cert_chain cert_chain = {.head = &cert, .chain_size = tls13_cert_chain.size + 3};
141 struct s2n_cert_chain_and_key cert_chain_and_key = {.cert_chain = &cert_chain};
142
143 /* tls13 mode */
144 EXPECT_NOT_NULL(conn = s2n_connection_new(S2N_SERVER));
145 conn->actual_protocol_version = S2N_TLS13;
146 conn->handshake_params.our_chain_and_key = &cert_chain_and_key;
147 EXPECT_EQUAL(conn->actual_protocol_version, S2N_TLS13);
148 EXPECT_SUCCESS(s2n_server_cert_send(conn));
149
150 EXPECT_EQUAL(s2n_stuffer_data_available(&conn->handshake.io), tls13_cert.size + 2);
151 EXPECT_SUCCESS(s2n_stuffer_read_uint8(&conn->handshake.io, &certificate_request_context_len));
152
153 /* server's certificate request context should always be of zero length */
154 EXPECT_EQUAL(certificate_request_context_len, 0);
155 EXPECT_SUCCESS(s2n_connection_free(conn));
156
157 /* tls12 mode */
158 EXPECT_NOT_NULL(conn = s2n_connection_new(S2N_SERVER));
159 conn->actual_protocol_version = S2N_TLS12;
160 conn->handshake_params.our_chain_and_key = &cert_chain_and_key;
161 EXPECT_EQUAL(conn->actual_protocol_version, S2N_TLS12);
162 EXPECT_SUCCESS(s2n_server_cert_send(conn));
163 /* In tls1.2 there is no certificate request context.
164 TLS1.2 Cert length = TLS1.3 Cert length -1 (server's request context)*/
165 EXPECT_EQUAL(s2n_stuffer_data_available(&conn->handshake.io), tls13_cert.size - 1);
166 EXPECT_SUCCESS(s2n_connection_free(conn));
167
168 free(tls13_cert_chain_hex);
169 /* free memory allocated in s2n_alloc*/
170 free(tls13_cert.data);
171 }
172
173 /* Test server sends cert and client receives cert for tls 1.3 */
174 {
175 EXPECT_SUCCESS(s2n_enable_tls13());
176
177 struct s2n_connection *server_conn;
178 struct s2n_connection *client_conn;
179 EXPECT_NOT_NULL(server_conn = s2n_connection_new(S2N_SERVER));
180 EXPECT_NOT_NULL(client_conn = s2n_connection_new(S2N_CLIENT));
181 server_conn->actual_protocol_version = S2N_TLS13;
182 client_conn->actual_protocol_version = S2N_TLS13;
183 client_conn->x509_validator.skip_cert_validation = 1;
184
185 S2N_BLOB_FROM_HEX(tls13_cert_chain, tls13_cert_hex);
186 S2N_BLOB_FROM_HEX(tls13_cert_message, tls13_cert_message_hex);
187
188 struct s2n_cert cert = {.raw = tls13_cert_chain,.next = NULL};
189 struct s2n_cert_chain cert_chain = {.head = &cert, .chain_size = tls13_cert_chain.size + 3};
190 struct s2n_cert_chain_and_key cert_chain_and_key = {.cert_chain = &cert_chain};
191 server_conn->handshake_params.our_chain_and_key = &cert_chain_and_key;
192
193 EXPECT_SUCCESS(s2n_server_cert_send(server_conn));
194 EXPECT_EQUAL(s2n_stuffer_data_available(&server_conn->handshake.io), tls13_cert_message.size);
195 EXPECT_SUCCESS(s2n_stuffer_copy(&server_conn->handshake.io, &client_conn->handshake.io, s2n_stuffer_data_available(&server_conn->handshake.io)));
196 EXPECT_EQUAL(s2n_stuffer_data_available(&client_conn->handshake.io), tls13_cert_message.size);
197 EXPECT_SUCCESS(s2n_server_cert_recv(client_conn));
198
199 EXPECT_SUCCESS(s2n_connection_free(server_conn));
200 EXPECT_SUCCESS(s2n_connection_free(client_conn));
201
202 EXPECT_SUCCESS(s2n_disable_tls13());
203 }
204
205 END_TEST();
206 }
207