From: jsing <jsing@openbsd.org>
Date: Sat, 17 Dec 2022 16:05:28 +0000 (+0000)
Subject: Revise cipher list regress coverage of SSL_set_security_level().
X-Git-Url: http://artulab.com/gitweb/?a=commitdiff_plain;h=dc96bea7434e27848506dbf73fc47104aa767443;p=openbsd

Revise cipher list regress coverage of SSL_set_security_level().

A SSL_set_security_level() call was added to the cipher list regress, which
expects a failure - however, it should succeed and fails for a completely
unrelated reason. Rework this regress so that it actually passes and tests
for the expected behaviour.
---

diff --git a/regress/lib/libssl/unit/cipher_list.c b/regress/lib/libssl/unit/cipher_list.c
index a63c5ae69fa..c715f60e0b7 100644
--- a/regress/lib/libssl/unit/cipher_list.c
+++ b/regress/lib/libssl/unit/cipher_list.c
@@ -1,4 +1,4 @@
-/*	$OpenBSD: cipher_list.c,v 1.13 2022/11/26 16:08:57 tb Exp $	*/
+/*	$OpenBSD: cipher_list.c,v 1.14 2022/12/17 16:05:28 jsing Exp $	*/
 /*
  * Copyright (c) 2015 Doug Hogan <doug@openbsd.org>
  * Copyright (c) 2015 Joel Sing <jsing@openbsd.org>
@@ -51,6 +51,12 @@ static uint8_t cipher_bytes[] = {
 	0x00, 0x3d,	/* AES256-SHA256 */
 };
 
+static uint8_t cipher_bytes_seclevel3[] = {
+	0xcc, 0xa8,	/* ECDHE-ECDSA-CHACHA20-POLY1305 */
+	0xcc, 0xa9,	/* ECDHE-RSA-CHACHA20-POLY1305 */
+	0xcc, 0xaa,	/* DHE-RSA-CHACHA20-POLY1305 */
+};
+
 static uint16_t cipher_values[] = {
 	0xcca8,		/* ECDHE-ECDSA-CHACHA20-POLY1305 */
 	0xcca9,		/* ECDHE-RSA-CHACHA20-POLY1305 */
@@ -85,7 +91,8 @@ ssl_bytes_to_list_alloc(SSL *s, STACK_OF(SSL_CIPHER) **ciphers)
 }
 
 static int
-ssl_list_to_bytes_scsv(SSL *s, STACK_OF(SSL_CIPHER) **ciphers)
+ssl_list_to_bytes_scsv(SSL *s, STACK_OF(SSL_CIPHER) **ciphers,
+    const uint8_t *cb, size_t cb_len)
 {
 	CBB cbb;
 	unsigned char *buf = NULL;
@@ -94,27 +101,31 @@ ssl_list_to_bytes_scsv(SSL *s, STACK_OF(SSL_CIPHER) **ciphers)
 
 	/* Space for cipher bytes, plus reneg SCSV and two spare bytes. */
 	CHECK(sk_SSL_CIPHER_num(*ciphers) == N_CIPHERS);
-	buflen = sizeof(cipher_bytes) + 2 + 2;
+	buflen = cb_len + 2 + 2;
 	CHECK((buf = calloc(1, buflen)) != NULL);
 
-	CHECK(CBB_init_fixed(&cbb, buf, buflen));
-	CHECK(ssl_cipher_list_to_bytes(s, *ciphers, &cbb));
-	CHECK(CBB_finish(&cbb, NULL, &outlen));
+	/* Clear renegotiate so it adds SCSV */
+	s->renegotiate = 0;
+
+	CHECK_GOTO(CBB_init_fixed(&cbb, buf, buflen));
+	CHECK_GOTO(ssl_cipher_list_to_bytes(s, *ciphers, &cbb));
+	CHECK_GOTO(CBB_finish(&cbb, NULL, &outlen));
 
-	CHECK_GOTO(outlen > 0 && outlen == buflen - 2);
-	CHECK_GOTO(memcmp(buf, cipher_bytes, sizeof(cipher_bytes)) == 0);
+	CHECK_GOTO(outlen > 0 && outlen == cb_len + 2);
+	CHECK_GOTO(memcmp(buf, cb, cb_len) == 0);
 	CHECK_GOTO(buf[buflen - 4] == 0x00 && buf[buflen - 3] == 0xff);
 	CHECK_GOTO(buf[buflen - 2] == 0x00 && buf[buflen - 1] == 0x00);
 
 	ret = 1;
 
-err:
+ err:
 	free(buf);
 	return ret;
 }
 
 static int
-ssl_list_to_bytes_no_scsv(SSL *s, STACK_OF(SSL_CIPHER) **ciphers)
+ssl_list_to_bytes_no_scsv(SSL *s, STACK_OF(SSL_CIPHER) **ciphers,
+    const uint8_t *cb, size_t cb_len)
 {
 	CBB cbb;
 	unsigned char *buf = NULL;
@@ -123,7 +134,7 @@ ssl_list_to_bytes_no_scsv(SSL *s, STACK_OF(SSL_CIPHER) **ciphers)
 
 	/* Space for cipher bytes and two spare bytes */
 	CHECK(sk_SSL_CIPHER_num(*ciphers) == N_CIPHERS);
-	buflen = sizeof(cipher_bytes) + 2;
+	buflen = cb_len + 2;
 	CHECK((buf = calloc(1, buflen)) != NULL);
 	buf[buflen - 2] = 0xfe;
 	buf[buflen - 1] = 0xab;
@@ -131,17 +142,17 @@ ssl_list_to_bytes_no_scsv(SSL *s, STACK_OF(SSL_CIPHER) **ciphers)
 	/* Set renegotiate so it doesn't add SCSV */
 	s->renegotiate = 1;
 
-	CHECK(CBB_init_fixed(&cbb, buf, buflen));
-	CHECK(ssl_cipher_list_to_bytes(s, *ciphers, &cbb));
-	CHECK(CBB_finish(&cbb, NULL, &outlen));
+	CHECK_GOTO(CBB_init_fixed(&cbb, buf, buflen));
+	CHECK_GOTO(ssl_cipher_list_to_bytes(s, *ciphers, &cbb));
+	CHECK_GOTO(CBB_finish(&cbb, NULL, &outlen));
 
-	CHECK_GOTO(outlen > 0 && outlen == buflen - 2);
-	CHECK_GOTO(memcmp(buf, cipher_bytes, sizeof(cipher_bytes)) == 0);
+	CHECK_GOTO(outlen > 0 && outlen == cb_len);
+	CHECK_GOTO(memcmp(buf, cb, cb_len) == 0);
 	CHECK_GOTO(buf[buflen - 2] == 0xfe && buf[buflen - 1] == 0xab);
 
 	ret = 1;
 
-err:
+ err:
 	free(buf);
 	return ret;
 }
@@ -184,20 +195,31 @@ main(void)
 
 	if (!ssl_bytes_to_list_alloc(s, &ciphers))
 		goto err;
-	if (!ssl_list_to_bytes_scsv(s, &ciphers))
+	if (!ssl_list_to_bytes_scsv(s, &ciphers, cipher_bytes,
+	    sizeof(cipher_bytes)))
 		goto err;
-	if (!ssl_list_to_bytes_no_scsv(s, &ciphers))
+	if (!ssl_list_to_bytes_no_scsv(s, &ciphers, cipher_bytes,
+	    sizeof(cipher_bytes)))
 		goto err;
 	if (!ssl_bytes_to_list_invalid(s, &ciphers))
 		goto err;
 
+	sk_SSL_CIPHER_free(ciphers);
+	ciphers = NULL;
+
 	SSL_set_security_level(s, 3);
-	if (ssl_list_to_bytes_scsv(s, &ciphers))
+	if (!ssl_bytes_to_list_alloc(s, &ciphers))
+		goto err;
+	if (!ssl_list_to_bytes_scsv(s, &ciphers, cipher_bytes_seclevel3,
+	    sizeof(cipher_bytes_seclevel3)))
+		goto err;
+	if (!ssl_list_to_bytes_no_scsv(s, &ciphers, cipher_bytes_seclevel3,
+	    sizeof(cipher_bytes_seclevel3)))
 		goto err;
 
 	rv = 0;
 
-err:
+ err:
 	sk_SSL_CIPHER_free(ciphers);
 	SSL_CTX_free(ctx);
 	SSL_free(s);