1/*
2 * Copyright 2017-2022 The OpenSSL Project Authors. All Rights Reserved.
3 *
4 * Licensed under the Apache License 2.0 (the "License").  You may not use
5 * this file except in compliance with the License.  You can obtain a copy
6 * in the file LICENSE in the source distribution or at
7 * https://www.openssl.org/source/license.html
8 */
9
10#include <string.h>
11
12#include "helpers/ssltestlib.h"
13#include "testutil.h"
14
15static char *cert = NULL;
16static char *privkey = NULL;
17
18#define TEST_PLAINTEXT_OVERFLOW_OK      0
19#define TEST_PLAINTEXT_OVERFLOW_NOT_OK  1
20#define TEST_ENCRYPTED_OVERFLOW_TLS1_3_OK       2
21#define TEST_ENCRYPTED_OVERFLOW_TLS1_3_NOT_OK   3
22#define TEST_ENCRYPTED_OVERFLOW_TLS1_2_OK       4
23#define TEST_ENCRYPTED_OVERFLOW_TLS1_2_NOT_OK   5
24
25#define TOTAL_RECORD_OVERFLOW_TESTS 6
26
27static int write_record(BIO *b, size_t len, int rectype, int recversion)
28{
29    unsigned char header[SSL3_RT_HEADER_LENGTH];
30    size_t written;
31    unsigned char buf[256];
32
33    memset(buf, 0, sizeof(buf));
34
35    header[0] = rectype;
36    header[1] = (recversion >> 8) & 0xff;
37    header[2] = recversion & 0xff;
38    header[3] = (len >> 8) & 0xff;
39    header[4] = len & 0xff;
40
41    if (!BIO_write_ex(b, header, SSL3_RT_HEADER_LENGTH, &written)
42            || written != SSL3_RT_HEADER_LENGTH)
43        return 0;
44
45    while (len > 0) {
46        size_t outlen;
47
48        if (len > sizeof(buf))
49            outlen = sizeof(buf);
50        else
51            outlen = len;
52
53        if (!BIO_write_ex(b, buf, outlen, &written)
54                || written != outlen)
55            return 0;
56
57        len -= outlen;
58    }
59
60    return 1;
61}
62
63static int fail_due_to_record_overflow(int enc)
64{
65    long err = ERR_peek_error();
66    int reason;
67
68    if (enc)
69        reason = SSL_R_ENCRYPTED_LENGTH_TOO_LONG;
70    else
71        reason = SSL_R_DATA_LENGTH_TOO_LONG;
72
73    if (ERR_GET_LIB(err) == ERR_LIB_SSL
74            && ERR_GET_REASON(err) == reason)
75        return 1;
76
77    return 0;
78}
79
80static int test_record_overflow(int idx)
81{
82    SSL_CTX *cctx = NULL, *sctx = NULL;
83    SSL *clientssl = NULL, *serverssl = NULL;
84    int testresult = 0;
85    size_t len = 0;
86    size_t written;
87    int overf_expected;
88    unsigned char buf;
89    BIO *serverbio;
90    int recversion;
91
92#ifdef OPENSSL_NO_TLS1_2
93    if (idx == TEST_ENCRYPTED_OVERFLOW_TLS1_2_OK
94            || idx == TEST_ENCRYPTED_OVERFLOW_TLS1_2_NOT_OK)
95        return 1;
96#endif
97#if defined(OPENSSL_NO_TLS1_3) \
98    || (defined(OPENSSL_NO_EC) && defined(OPENSSL_NO_DH))
99    if (idx == TEST_ENCRYPTED_OVERFLOW_TLS1_3_OK
100            || idx == TEST_ENCRYPTED_OVERFLOW_TLS1_3_NOT_OK)
101        return 1;
102#endif
103
104    if (!TEST_true(create_ssl_ctx_pair(NULL, TLS_server_method(),
105                                       TLS_client_method(),
106                                       TLS1_VERSION, 0,
107                                       &sctx, &cctx, cert, privkey)))
108        goto end;
109
110    if (idx == TEST_ENCRYPTED_OVERFLOW_TLS1_2_OK
111            || idx == TEST_ENCRYPTED_OVERFLOW_TLS1_2_NOT_OK) {
112        len = SSL3_RT_MAX_ENCRYPTED_LENGTH;
113#ifndef OPENSSL_NO_COMP
114        len -= SSL3_RT_MAX_COMPRESSED_OVERHEAD;
115#endif
116        SSL_CTX_set_max_proto_version(sctx, TLS1_2_VERSION);
117    } else if (idx == TEST_ENCRYPTED_OVERFLOW_TLS1_3_OK
118               || idx == TEST_ENCRYPTED_OVERFLOW_TLS1_3_NOT_OK) {
119        len = SSL3_RT_MAX_TLS13_ENCRYPTED_LENGTH;
120    }
121
122    if (!TEST_true(create_ssl_objects(sctx, cctx, &serverssl, &clientssl,
123                                      NULL, NULL)))
124        goto end;
125
126    serverbio = SSL_get_rbio(serverssl);
127
128    if (idx == TEST_PLAINTEXT_OVERFLOW_OK
129            || idx == TEST_PLAINTEXT_OVERFLOW_NOT_OK) {
130        len = SSL3_RT_MAX_PLAIN_LENGTH;
131
132        if (idx == TEST_PLAINTEXT_OVERFLOW_NOT_OK)
133            len++;
134
135        if (!TEST_true(write_record(serverbio, len,
136                                    SSL3_RT_HANDSHAKE, TLS1_VERSION)))
137            goto end;
138
139        if (!TEST_int_le(SSL_accept(serverssl), 0))
140            goto end;
141
142        overf_expected = (idx == TEST_PLAINTEXT_OVERFLOW_OK) ? 0 : 1;
143        if (!TEST_int_eq(fail_due_to_record_overflow(0), overf_expected))
144            goto end;
145
146        goto success;
147    }
148
149    if (!TEST_true(create_ssl_connection(serverssl, clientssl,
150                                         SSL_ERROR_NONE)))
151        goto end;
152
153    if (idx == TEST_ENCRYPTED_OVERFLOW_TLS1_2_NOT_OK
154            || idx == TEST_ENCRYPTED_OVERFLOW_TLS1_3_NOT_OK) {
155        overf_expected = 1;
156        len++;
157    } else {
158        overf_expected = 0;
159    }
160
161    recversion = TLS1_2_VERSION;
162
163    if (!TEST_true(write_record(serverbio, len, SSL3_RT_APPLICATION_DATA,
164                                recversion)))
165        goto end;
166
167    if (!TEST_false(SSL_read_ex(serverssl, &buf, sizeof(buf), &written)))
168        goto end;
169
170    if (!TEST_int_eq(fail_due_to_record_overflow(1), overf_expected))
171        goto end;
172
173 success:
174    testresult = 1;
175
176 end:
177    SSL_free(serverssl);
178    SSL_free(clientssl);
179    SSL_CTX_free(sctx);
180    SSL_CTX_free(cctx);
181    return testresult;
182}
183
184OPT_TEST_DECLARE_USAGE("certfile privkeyfile\n")
185
186int setup_tests(void)
187{
188    if (!test_skip_common_options()) {
189        TEST_error("Error parsing test options\n");
190        return 0;
191    }
192
193    if (!TEST_ptr(cert = test_get_argument(0))
194            || !TEST_ptr(privkey = test_get_argument(1)))
195        return 0;
196
197    ADD_ALL_TESTS(test_record_overflow, TOTAL_RECORD_OVERFLOW_TESTS);
198    return 1;
199}
200
201void cleanup_tests(void)
202{
203    bio_s_mempacket_test_free();
204}
205