1#! /usr/bin/env perl 2# Copyright 2016-2021 The OpenSSL Project Authors. All Rights Reserved. 3# 4# Licensed under the Apache License 2.0 (the "License"). You may not use 5# this file except in compliance with the License. You can obtain a copy 6# in the file LICENSE in the source distribution or at 7# https://www.openssl.org/source/license.html 8 9use strict; 10use feature 'state'; 11 12use OpenSSL::Test qw/:DEFAULT cmdstr srctop_file bldtop_dir/; 13use OpenSSL::Test::Utils; 14use TLSProxy::Proxy; 15 16my $test_name = "test_sslcbcpadding"; 17setup($test_name); 18 19plan skip_all => "TLSProxy isn't usable on $^O" 20 if $^O =~ /^(VMS)$/; 21 22plan skip_all => "$test_name needs the dynamic engine feature enabled" 23 if disabled("engine") || disabled("dynamic-engine"); 24 25plan skip_all => "$test_name needs the sock feature enabled" 26 if disabled("sock"); 27 28plan skip_all => "$test_name needs TLSv1.2 enabled" 29 if disabled("tls1_2"); 30 31$ENV{OPENSSL_ia32cap} = '~0x200000200000000'; 32my $proxy = TLSProxy::Proxy->new( 33 \&add_maximal_padding_filter, 34 cmdstr(app(["openssl"]), display => 1), 35 srctop_file("apps", "server.pem"), 36 (!$ENV{HARNESS_ACTIVE} || $ENV{HARNESS_VERBOSE}) 37); 38 39# TODO: We could test all 256 values, but then the log file gets too large for 40# CI. See https://github.com/openssl/openssl/issues/1440. 41my @test_offsets = (0, 128, 254, 255); 42 43# Test that maximally-padded records are accepted. 44my $bad_padding_offset = -1; 45$proxy->serverflags("-tls1_2"); 46$proxy->clientflags("-no_tls1_3"); 47$proxy->serverconnects(1 + scalar(@test_offsets)); 48$proxy->start() or plan skip_all => "Unable to start up Proxy for tests"; 49plan tests => 1 + scalar(@test_offsets); 50ok(TLSProxy::Message->success(), "Maximally-padded record test"); 51 52# Test that invalid padding is rejected. 53my $fatal_alert; # set by add_maximal_padding_filter on client's fatal alert 54 55foreach my $offset (@test_offsets) { 56 $bad_padding_offset = $offset; 57 $fatal_alert = 0; 58 $proxy->clearClient(); 59 $proxy->clientflags("-no_tls1_3"); 60 $proxy->clientstart(); 61 ok($fatal_alert, "Invalid padding byte $bad_padding_offset"); 62} 63 64sub add_maximal_padding_filter 65{ 66 my $proxy = shift; 67 my $messages = $proxy->message_list; 68 state $sent_corrupted_payload; 69 70 if ($proxy->flight == 0) { 71 # Disable Encrypt-then-MAC. 72 foreach my $message (@{$messages}) { 73 if ($message->mt != TLSProxy::Message::MT_CLIENT_HELLO) { 74 next; 75 } 76 77 $message->delete_extension(TLSProxy::Message::EXT_ENCRYPT_THEN_MAC); 78 $message->process_extensions(); 79 $message->repack(); 80 } 81 $sent_corrupted_payload = 0; 82 return; 83 } 84 85 my $last_message = @{$messages}[-1]; 86 if (defined($last_message) 87 && $last_message->server 88 && $last_message->mt == TLSProxy::Message::MT_FINISHED 89 && !@{$last_message->records}[0]->{sent}) { 90 91 # Insert a maximally-padded record. Assume a block size of 16 (AES) and 92 # a MAC length of 20 (SHA-1). 93 my $block_size = 16; 94 my $mac_len = 20; 95 96 # Size the plaintext so that 256 is a valid padding. 97 my $plaintext_len = $block_size - ($mac_len % $block_size); 98 my $plaintext = "A" x $plaintext_len; 99 100 my $data = "B" x $block_size; # Explicit IV. 101 $data .= $plaintext; 102 $data .= TLSProxy::Proxy::fill_known_data($mac_len); # MAC. 103 104 # Add padding. 105 for (my $i = 0; $i < 256; $i++) { 106 if ($i == $bad_padding_offset) { 107 $sent_corrupted_payload = 1; 108 $data .= "\xfe"; 109 } else { 110 $data .= "\xff"; 111 } 112 } 113 114 my $record = TLSProxy::Record->new( 115 $proxy->flight, 116 TLSProxy::Record::RT_APPLICATION_DATA, 117 TLSProxy::Record::VERS_TLS_1_2, 118 length($data), 119 0, 120 length($data), 121 $plaintext_len, 122 $data, 123 $plaintext, 124 ); 125 126 # Send the record immediately after the server Finished. 127 push @{$proxy->record_list}, $record; 128 } elsif ($sent_corrupted_payload) { 129 # Check for bad_record_mac from client 130 my $last_record = @{$proxy->record_list}[-1]; 131 $fatal_alert = 1 if $last_record->is_fatal_alert(0) == 20; 132 } 133} 134