Skip to content

Commit

Permalink
Browse files Browse the repository at this point in the history
Bug 1316231 - DTLS 1.3 ACKs. r=mt
--HG--
branch : NSS_TLS13_DRAFT19_BRANCH
  • Loading branch information
ekr committed Sep 4, 2017
1 parent fffa2df commit a2c482e
Show file tree
Hide file tree
Showing 39 changed files with 2,052 additions and 513 deletions.
16 changes: 14 additions & 2 deletions cpputil/databuffer.h
Expand Up @@ -100,8 +100,8 @@ class DataBuffer {

// This can't use the same trick as Write(), since we might be reading from a
// smaller data source.
bool Read(size_t index, size_t count, uint32_t* val) const {
assert(count < sizeof(uint32_t));
bool Read(size_t index, size_t count, uint64_t* val) const {
assert(count <= sizeof(uint64_t));
assert(val);
if ((index > len()) || (count > (len() - index))) {
return false;
Expand All @@ -113,6 +113,18 @@ class DataBuffer {
return true;
}

// Overload because we have a lot of places where we are doing uint32_t
bool Read(size_t index, size_t count, uint32_t* val) const {
assert(count <= sizeof(uint32_t));
uint64_t tmp;

if (!Read(index, count, &tmp)) {
return false;
}
*val = tmp & 0xffffffff;
return true;
}

// Starting at |index|, remove |remove| bytes and replace them with the
// contents of |buf|.
void Splice(const DataBuffer& buf, size_t index, size_t remove = 0) {
Expand Down
26 changes: 16 additions & 10 deletions gtests/ssl_gtest/libssl_internals.c
Expand Up @@ -92,35 +92,37 @@ PRInt32 SSLInt_CountTls13CipherSpecs(PRFileDesc *fd) {
return ct;
}

void SSLInt_PrintTls13CipherSpecs(PRFileDesc *fd) {
void SSLInt_PrintTls13CipherSpecs(const char *label, PRFileDesc *fd) {
PRCList *cur_p;

sslSocket *ss = ssl_FindSocket(fd);
if (!ss) {
return;
}

fprintf(stderr, "Cipher specs\n");
fprintf(stderr, "Cipher specs for %s\n", label);
for (cur_p = PR_NEXT_LINK(&ss->ssl3.hs.cipherSpecs);
cur_p != &ss->ssl3.hs.cipherSpecs; cur_p = PR_NEXT_LINK(cur_p)) {
ssl3CipherSpec *spec = (ssl3CipherSpec *)cur_p;
fprintf(stderr, " %s\n", spec->phase);
fprintf(stderr, " %s %s refct=%d\n", spec->phase,
spec->direction == CipherSpecRead ? "read" : "write", spec->refCt);
}
}

/* Force a timer expiry by backdating when the timer was started.
* We could set the remaining time to 0 but then backoff would not
* work properly if we decide to test it. */
void SSLInt_ForceTimerExpiry(PRFileDesc *fd) {
/* Force a retransmission timer expiry by backdating when the timer
* was started. We could set the remaining time to 0 but then backoff
* would not work properly if we decide to test it. */
void SSLInt_ForceRtTimerExpiry(PRFileDesc *fd) {
sslSocket *ss = ssl_FindSocket(fd);
if (!ss) {
return;
}

if (!ss->ssl3.hs.rtTimerCb) return;
if (!ss->ssl3.hs.rtTimer->cb) return;

ss->ssl3.hs.rtTimerStarted =
PR_IntervalNow() - PR_MillisecondsToInterval(ss->ssl3.hs.rtTimeoutMs + 1);
ss->ssl3.hs.rtTimer->started =
PR_IntervalNow() -
PR_MillisecondsToInterval(ss->ssl3.hs.rtTimer->timeout + 1);
}

#define CHECK_SECRET(secret) \
Expand Down Expand Up @@ -330,6 +332,10 @@ unsigned char *SSLInt_CipherSpecToIv(PRBool isServer, ssl3CipherSpec *spec) {
return GetKeyingMaterial(isServer, spec)->write_iv;
}

PRUint16 SSLInt_CipherSpecToEpoch(PRBool isServer, ssl3CipherSpec *spec) {
return spec->epoch;
}

void SSLInt_SetTicketLifetime(uint32_t lifetime) {
ssl_ticket_lifetime = lifetime;
}
Expand Down
5 changes: 3 additions & 2 deletions gtests/ssl_gtest/libssl_internals.h
Expand Up @@ -25,8 +25,8 @@ PRBool SSLInt_ExtensionNegotiated(PRFileDesc *fd, PRUint16 ext);
void SSLInt_ClearSelfEncryptKey();
void SSLInt_SetSelfEncryptMacKey(PK11SymKey *key);
PRInt32 SSLInt_CountTls13CipherSpecs(PRFileDesc *fd);
void SSLInt_PrintTls13CipherSpecs(PRFileDesc *fd);
void SSLInt_ForceTimerExpiry(PRFileDesc *fd);
void SSLInt_PrintTls13CipherSpecs(const char *label, PRFileDesc *fd);
void SSLInt_ForceRtTimerExpiry(PRFileDesc *fd);
SECStatus SSLInt_SetMTU(PRFileDesc *fd, PRUint16 mtu);
PRBool SSLInt_CheckSecretsDestroyed(PRFileDesc *fd);
PRBool SSLInt_DamageClientHsTrafficSecret(PRFileDesc *fd);
Expand All @@ -47,6 +47,7 @@ PK11SymKey *SSLInt_CipherSpecToKey(PRBool isServer, ssl3CipherSpec *spec);
SSLCipherAlgorithm SSLInt_CipherSpecToAlgorithm(PRBool isServer,
ssl3CipherSpec *spec);
unsigned char *SSLInt_CipherSpecToIv(PRBool isServer, ssl3CipherSpec *spec);
PRUint16 SSLInt_CipherSpecToEpoch(PRBool isServer, ssl3CipherSpec *spec);
void SSLInt_SetTicketLifetime(uint32_t lifetime);
void SSLInt_SetMaxEarlyDataSize(uint32_t size);
SECStatus SSLInt_SetSocketMaxEarlyDataSize(PRFileDesc *fd, uint32_t size);
Expand Down
24 changes: 7 additions & 17 deletions gtests/ssl_gtest/ssl_0rtt_unittest.cc
Expand Up @@ -59,8 +59,7 @@ TEST_P(TlsConnectTls13, ZeroRttApparentReplayAfterRestart) {
CheckKeys();

Reset();
server_->StartConnect();
client_->StartConnect();
StartConnect();
client_->Set0RttEnabled(true);
server_->Set0RttEnabled(true);
ExpectResumption(RESUME_TICKET);
Expand Down Expand Up @@ -141,8 +140,7 @@ TEST_P(TlsConnectTls13, ZeroRttOptionsSetLate) {
SendReceive(); // Need to read so that we absorb the session ticket.
CheckKeys(ssl_kea_ecdh, ssl_auth_rsa_sign);
Reset();
server_->StartConnect();
client_->StartConnect();
StartConnect();
// Now turn on 0-RTT but too late for the ticket.
client_->Set0RttEnabled(true);
server_->Set0RttEnabled(true);
Expand All @@ -169,8 +167,7 @@ TEST_P(TlsConnectTls13, ZeroRttServerForgetTicket) {
TEST_P(TlsConnectTls13, ZeroRttServerOnly) {
ExpectResumption(RESUME_NONE);
server_->Set0RttEnabled(true);
client_->StartConnect();
server_->StartConnect();
StartConnect();

// Client sends ordinary ClientHello.
client_->Handshake();
Expand Down Expand Up @@ -219,8 +216,7 @@ TEST_P(TlsConnectTls13, ZeroRttRejectPrematureTicket) {
ConfigureSessionCache(RESUME_BOTH, RESUME_TICKET);
ConfigureVersion(SSL_LIBRARY_VERSION_TLS_1_3);
server_->Set0RttEnabled(true);
client_->StartConnect();
server_->StartConnect();
StartConnect();
client_->Handshake(); // ClientHello
server_->Handshake(); // ServerHello
PR_Sleep(PR_MillisecondsToInterval(10));
Expand All @@ -237,9 +233,7 @@ TEST_P(TlsConnectTls13, ZeroRttRejectPrematureTicket) {
SSLInt_RolloverAntiReplay();
ExpectResumption(RESUME_TICKET);
ExpectEarlyDataAccepted(false);

server_->StartConnect();
client_->StartConnect();
StartConnect();
ZeroRttSendReceive(true, false);
Handshake();
CheckConnected();
Expand Down Expand Up @@ -383,9 +377,7 @@ TEST_P(TlsConnectTls13, TestTls13ZeroRttDowngrade) {
SSL_LIBRARY_VERSION_TLS_1_3);
server_->SetVersionRange(SSL_LIBRARY_VERSION_TLS_1_2,
SSL_LIBRARY_VERSION_TLS_1_2);
client_->StartConnect();
server_->StartConnect();

StartConnect();
// We will send the early data xtn without sending actual early data. Thus
// a 1.2 server shouldn't fail until the client sends an alert because the
// client sends end_of_early_data only after reading the server's flight.
Expand Down Expand Up @@ -426,9 +418,7 @@ TEST_P(TlsConnectTls13, TestTls13ZeroRttDowngradeEarlyData) {
SSL_LIBRARY_VERSION_TLS_1_3);
server_->SetVersionRange(SSL_LIBRARY_VERSION_TLS_1_2,
SSL_LIBRARY_VERSION_TLS_1_2);
client_->StartConnect();
server_->StartConnect();

StartConnect();
// Send the early data xtn in the CH, followed by early app data. The server
// will fail right after sending its flight, when receiving the early data.
client_->Set0RttEnabled(true);
Expand Down
6 changes: 2 additions & 4 deletions gtests/ssl_gtest/ssl_auth_unittest.cc
Expand Up @@ -581,8 +581,7 @@ class EnforceNoActivity : public PacketFilter {
TEST_P(TlsConnectGenericPre13, AuthCompleteDelayed) {
client_->SetAuthCertificateCallback(AuthCompleteBlock);

server_->StartConnect();
client_->StartConnect();
StartConnect();
client_->Handshake(); // Send ClientHello
server_->Handshake(); // Send ServerHello
client_->Handshake(); // Send ClientKeyExchange and Finished
Expand Down Expand Up @@ -610,8 +609,7 @@ TEST_P(TlsConnectGenericPre13, AuthCompleteDelayed) {
TEST_P(TlsConnectTls13, AuthCompleteDelayed) {
client_->SetAuthCertificateCallback(AuthCompleteBlock);

server_->StartConnect();
client_->StartConnect();
StartConnect();
client_->Handshake(); // Send ClientHello
server_->Handshake(); // Send ServerHello
EXPECT_EQ(TlsAgent::STATE_CONNECTING, client_->state());
Expand Down
6 changes: 2 additions & 4 deletions gtests/ssl_gtest/ssl_damage_unittest.cc
Expand Up @@ -29,8 +29,7 @@ TEST_F(TlsConnectTest, DamageSecretHandleClientFinished) {
SSL_LIBRARY_VERSION_TLS_1_3);
server_->SetVersionRange(SSL_LIBRARY_VERSION_TLS_1_1,
SSL_LIBRARY_VERSION_TLS_1_3);
server_->StartConnect();
client_->StartConnect();
StartConnect();
client_->Handshake();
server_->Handshake();
std::cerr << "Damaging HS secret" << std::endl;
Expand Down Expand Up @@ -89,8 +88,7 @@ TEST_P(TlsConnectGeneric, DamageClientSignature) {
server_->ExpectSendAlert(kTlsAlertDecryptError);
// Do these handshakes by hand to avoid race condition on
// the client processing the server's alert.
client_->StartConnect();
server_->StartConnect();
StartConnect();
client_->Handshake();
server_->Handshake();
client_->Handshake();
Expand Down

0 comments on commit a2c482e

Please sign in to comment.