xref: /freebsd/crypto/openssl/test/recipes/70-test_tls13downgrade.t (revision 5ca8e32633c4ffbbcd6762e5888b6a4ba0708c6c)
1#! /usr/bin/env perl
2# Copyright 2017-2021 The OpenSSL Project Authors. All Rights Reserved.
3#
4# Licensed under the Apache License 2.0 (the "License").  You may not use
5# this file except in compliance with the License.  You can obtain a copy
6# in the file LICENSE in the source distribution or at
7# https://www.openssl.org/source/license.html
8
9use strict;
10use OpenSSL::Test qw/:DEFAULT cmdstr srctop_file bldtop_dir/;
11use OpenSSL::Test::Utils;
12use TLSProxy::Proxy;
13
14my $test_name = "test_tls13downgrade";
15setup($test_name);
16
17plan skip_all => "TLSProxy isn't usable on $^O"
18    if $^O =~ /^(VMS)$/;
19
20plan skip_all => "$test_name needs the dynamic engine feature enabled"
21    if disabled("engine") || disabled("dynamic-engine");
22
23plan skip_all => "$test_name needs the sock feature enabled"
24    if disabled("sock");
25
26plan skip_all => "$test_name needs TLS1.3 and TLS1.2 enabled"
27    if disabled("tls1_3")
28       || (disabled("ec") && disabled("dh"))
29       || disabled("tls1_2");
30
31$ENV{OPENSSL_ia32cap} = '~0x200000200000000';
32
33my $proxy = TLSProxy::Proxy->new(
34    undef,
35    cmdstr(app(["openssl"]), display => 1),
36    srctop_file("apps", "server.pem"),
37    (!$ENV{HARNESS_ACTIVE} || $ENV{HARNESS_VERBOSE})
38);
39
40use constant {
41    DOWNGRADE_TO_TLS_1_2 => 0,
42    DOWNGRADE_TO_TLS_1_1 => 1,
43    FALLBACK_FROM_TLS_1_3 => 2,
44};
45
46#Test 1: Downgrade from TLSv1.3 to TLSv1.2
47$proxy->filter(\&downgrade_filter);
48my $testtype = DOWNGRADE_TO_TLS_1_2;
49$proxy->start() or plan skip_all => "Unable to start up Proxy for tests";
50plan tests => 6;
51ok(TLSProxy::Message->fail(), "Downgrade TLSv1.3 to TLSv1.2");
52
53#Test 2: Downgrade from TLSv1.3 to TLSv1.1
54$proxy->clear();
55$testtype = DOWNGRADE_TO_TLS_1_1;
56$proxy->start();
57ok(TLSProxy::Message->fail(), "Downgrade TLSv1.3 to TLSv1.1");
58
59#Test 3: Downgrade from TLSv1.2 to TLSv1.1
60$proxy->clear();
61$proxy->clientflags("-no_tls1_3");
62$proxy->serverflags("-no_tls1_3");
63$proxy->start();
64ok(TLSProxy::Message->fail(), "Downgrade TLSv1.2 to TLSv1.1");
65
66#Test 4: Client falls back from TLSv1.3 (server does not support the fallback
67#        SCSV)
68$proxy->clear();
69$testtype = FALLBACK_FROM_TLS_1_3;
70$proxy->clientflags("-fallback_scsv -no_tls1_3");
71$proxy->start();
72my $alert = TLSProxy::Message->alert();
73ok(TLSProxy::Message->fail()
74   && !$alert->server()
75   && $alert->description() == TLSProxy::Message::AL_DESC_ILLEGAL_PARAMETER,
76   "Fallback from TLSv1.3");
77
78SKIP: {
79    skip "TLSv1.1 disabled", 2 if disabled("tls1_1");
80    #Test 5: A client side protocol "hole" should not be detected as a downgrade
81    $proxy->clear();
82    $proxy->filter(undef);
83    $proxy->clientflags("-no_tls1_2");
84    $proxy->ciphers("AES128-SHA:\@SECLEVEL=0");
85    $proxy->start();
86    ok(TLSProxy::Message->success(), "TLSv1.2 client-side protocol hole");
87
88    #Test 6: A server side protocol "hole" should not be detected as a downgrade
89    $proxy->clear();
90    $proxy->filter(undef);
91    $proxy->serverflags("-no_tls1_2");
92    $proxy->start();
93    ok(TLSProxy::Message->success(), "TLSv1.2 server-side protocol hole");
94}
95
96sub downgrade_filter
97{
98    my $proxy = shift;
99
100    # We're only interested in the initial ClientHello
101    if ($proxy->flight != 0) {
102        return;
103    }
104
105    my $message = ${$proxy->message_list}[0];
106
107    my $ext;
108    if ($testtype == FALLBACK_FROM_TLS_1_3) {
109        #The default ciphersuite we use for TLSv1.2 without any SCSV
110        my @ciphersuites = (TLSProxy::Message::CIPHER_RSA_WITH_AES_128_CBC_SHA);
111        $message->ciphersuite_len(2 * scalar @ciphersuites);
112        $message->ciphersuites(\@ciphersuites);
113    } else {
114        if ($testtype == DOWNGRADE_TO_TLS_1_2) {
115            $ext = pack "C3",
116                0x02, # Length
117                0x03, 0x03; #TLSv1.2
118        } else {
119            $ext = pack "C3",
120                0x02, # Length
121                0x03, 0x02; #TLSv1.1
122        }
123
124        $message->set_extension(TLSProxy::Message::EXT_SUPPORTED_VERSIONS, $ext);
125    }
126
127    $message->repack();
128}
129
130