}
tcpConn = connOrError.(net.Conn)
case <-time.After(2 * time.Second):
- output.WriteTo(os.Stdout)
return nil, nil, errors.New("timed out waiting for connection from child process")
}
t.Fatalf("Failed to start subcommand: %s", err)
}
serverConn = recordingConn
+ defer func() {
+ if t.Failed() {
+ t.Logf("OpenSSL output:\n\n%s", childProcess.Stdout)
+ }
+ }()
} else {
clientConn, serverConn = localPipe(t)
}
defer out.Close()
recordingConn.Close()
if len(recordingConn.flows) < 3 {
- childProcess.Stdout.(*bytes.Buffer).WriteTo(os.Stdout)
if len(test.expectHandshakeErrorIncluding) == 0 {
t.Fatalf("Handshake failed")
}
}
recordingConn.WriteTo(out)
- fmt.Printf("Wrote %s\n", path)
+ t.Logf("Wrote %s\n", path)
childProcess.Wait()
}
}
runServerTestTLS13(t, test)
}
+func TestHandshakeServerPSSDisabled(t *testing.T) {
+ test := &serverTest{
+ name: "RSA-PSS-Disabled",
+ command: []string{"openssl", "s_client", "-no_ticket"},
+ wait: true,
+ }
+
+ // Restore the default signature algorithms, disabling RSA-PSS in TLS 1.2,
+ // and check that handshakes still work.
+ testSupportedSignatureAlgorithmsTLS12 := defaultSupportedSignatureAlgorithmsTLS12
+ defer func() { defaultSupportedSignatureAlgorithmsTLS12 = testSupportedSignatureAlgorithmsTLS12 }()
+ defaultSupportedSignatureAlgorithmsTLS12 = savedSupportedSignatureAlgorithmsTLS12
+
+ runServerTestTLS12(t, test)
+ runServerTestTLS13(t, test)
+
+ test = &serverTest{
+ name: "RSA-PSS-Disabled-Required",
+ command: []string{"openssl", "s_client", "-no_ticket", "-sigalgs", "rsa_pss_rsae_sha256"},
+ wait: true,
+
+ expectHandshakeErrorIncluding: "peer doesn't support any common signature algorithms",
+ }
+
+ runServerTestTLS12(t, test)
+}
+
func benchmarkHandshakeServer(b *testing.B, version uint16, cipherSuite uint16, curve CurveID, cert []byte, key crypto.PrivateKey) {
config := testConfig.Clone()
config.CipherSuites = []uint16{cipherSuite}
defer os.Remove(ecdsaCertPath)
ecdsaKeyPath = tempFile(clientECDSAKeyPEM)
defer os.Remove(ecdsaKeyPath)
- } else {
- t.Parallel()
}
- config := testConfig.Clone()
- config.ClientAuth = RequestClientCert
+ t.Run("Normal", func(t *testing.T) {
+ config := testConfig.Clone()
+ config.ClientAuth = RequestClientCert
- test := &serverTest{
- name: "ClientAuthRequestedNotGiven",
- command: []string{"openssl", "s_client", "-no_ticket", "-cipher", "AES128-SHA"},
- config: config,
- }
- runServerTestTLS12(t, test)
- runServerTestTLS13(t, test)
+ test := &serverTest{
+ name: "ClientAuthRequestedNotGiven",
+ command: []string{"openssl", "s_client", "-no_ticket", "-cipher", "AES128-SHA"},
+ config: config,
+ }
+ runServerTestTLS12(t, test)
+ runServerTestTLS13(t, test)
- test = &serverTest{
- name: "ClientAuthRequestedAndGiven",
- command: []string{"openssl", "s_client", "-no_ticket", "-cipher", "AES128-SHA",
- "-cert", certPath, "-key", keyPath, "-sigalgs", "rsa_pss_rsae_sha256"},
- config: config,
- expectedPeerCerts: []string{clientCertificatePEM},
- }
- runServerTestTLS12(t, test)
- runServerTestTLS13(t, test)
+ config.ClientAuth = RequireAnyClientCert
- test = &serverTest{
- name: "ClientAuthRequestedAndECDSAGiven",
- command: []string{"openssl", "s_client", "-no_ticket", "-cipher", "AES128-SHA",
- "-cert", ecdsaCertPath, "-key", ecdsaKeyPath},
- config: config,
- expectedPeerCerts: []string{clientECDSACertificatePEM},
- }
- runServerTestTLS12(t, test)
- runServerTestTLS13(t, test)
+ test = &serverTest{
+ name: "ClientAuthRequestedAndGiven",
+ command: []string{"openssl", "s_client", "-no_ticket", "-cipher", "AES128-SHA",
+ "-cert", certPath, "-key", keyPath, "-sigalgs", "rsa_pss_rsae_sha256"},
+ config: config,
+ expectedPeerCerts: []string{clientCertificatePEM},
+ }
+ runServerTestTLS12(t, test)
+ runServerTestTLS13(t, test)
+
+ test = &serverTest{
+ name: "ClientAuthRequestedAndECDSAGiven",
+ command: []string{"openssl", "s_client", "-no_ticket", "-cipher", "AES128-SHA",
+ "-cert", ecdsaCertPath, "-key", ecdsaKeyPath},
+ config: config,
+ expectedPeerCerts: []string{clientECDSACertificatePEM},
+ }
+ runServerTestTLS12(t, test)
+ runServerTestTLS13(t, test)
+
+ test = &serverTest{
+ name: "ClientAuthRequestedAndPKCS1v15Given",
+ command: []string{"openssl", "s_client", "-no_ticket", "-cipher", "AES128-SHA",
+ "-cert", certPath, "-key", keyPath, "-sigalgs", "rsa_pkcs1_sha256"},
+ config: config,
+ expectedPeerCerts: []string{clientCertificatePEM},
+ }
+ runServerTestTLS12(t, test)
+ })
- test = &serverTest{
- name: "ClientAuthRequestedAndPKCS1v15Given",
- command: []string{"openssl", "s_client", "-no_ticket", "-cipher", "AES128-SHA",
- "-cert", certPath, "-key", keyPath, "-sigalgs", "rsa_pkcs1_sha256"},
- config: config,
- expectedPeerCerts: []string{clientCertificatePEM},
- }
- runServerTestTLS12(t, test)
+ // Restore the default signature algorithms, disabling RSA-PSS in TLS 1.2,
+ // and check that handshakes still work.
+ testSupportedSignatureAlgorithmsTLS12 := defaultSupportedSignatureAlgorithmsTLS12
+ defer func() { defaultSupportedSignatureAlgorithmsTLS12 = testSupportedSignatureAlgorithmsTLS12 }()
+ defaultSupportedSignatureAlgorithmsTLS12 = savedSupportedSignatureAlgorithmsTLS12
+
+ t.Run("PSSDisabled", func(t *testing.T) {
+ config := testConfig.Clone()
+ config.ClientAuth = RequireAnyClientCert
+
+ test := &serverTest{
+ name: "ClientAuthRequestedAndGiven-PSS-Disabled",
+ command: []string{"openssl", "s_client", "-no_ticket", "-cipher", "AES128-SHA",
+ "-cert", certPath, "-key", keyPath},
+ config: config,
+ expectedPeerCerts: []string{clientCertificatePEM},
+ }
+ runServerTestTLS12(t, test)
+ runServerTestTLS13(t, test)
+
+ test = &serverTest{
+ name: "ClientAuthRequestedAndGiven-PSS-Disabled-Required",
+ command: []string{"openssl", "s_client", "-no_ticket", "-cipher", "AES128-SHA",
+ "-cert", certPath, "-key", keyPath, "-client_sigalgs", "rsa_pss_rsae_sha256"},
+ config: config,
+
+ expectHandshakeErrorIncluding: "client didn't provide a certificate",
+ }
+ runServerTestTLS12(t, test)
+ })
}
func TestSNIGivenOnFailure(t *testing.T) {
t.Error("cloned hash generated a different sum")
}
}
+
+func TestKeyTooSmallForRSAPSS(t *testing.T) {
+ clientConn, serverConn := localPipe(t)
+ client := Client(clientConn, testConfig)
+ cert, err := X509KeyPair([]byte(`-----BEGIN CERTIFICATE-----
+MIIBcTCCARugAwIBAgIQGjQnkCFlUqaFlt6ixyz/tDANBgkqhkiG9w0BAQsFADAS
+MRAwDgYDVQQKEwdBY21lIENvMB4XDTE5MDExODIzMjMyOFoXDTIwMDExODIzMjMy
+OFowEjEQMA4GA1UEChMHQWNtZSBDbzBcMA0GCSqGSIb3DQEBAQUAA0sAMEgCQQDd
+ez1rFUDwax2HTxbcnFUP9AhcgEGMHVV2nn4VVEWFJB6I8C/Nkx0XyyQlrmFYBzEQ
+nIPhKls4T0hFoLvjJnXpAgMBAAGjTTBLMA4GA1UdDwEB/wQEAwIFoDATBgNVHSUE
+DDAKBggrBgEFBQcDATAMBgNVHRMBAf8EAjAAMBYGA1UdEQQPMA2CC2V4YW1wbGUu
+Y29tMA0GCSqGSIb3DQEBCwUAA0EAxDuUS+BrrS3c+h+k+fQPOmOScy6yTX9mHw0Q
+KbucGamXYEy0URIwOdO0tQ3LHPc1YGvYSPwkDjkjqECs2Vm/AA==
+-----END CERTIFICATE-----`), []byte(`-----BEGIN RSA PRIVATE KEY-----
+MIIBOgIBAAJBAN17PWsVQPBrHYdPFtycVQ/0CFyAQYwdVXaefhVURYUkHojwL82T
+HRfLJCWuYVgHMRCcg+EqWzhPSEWgu+MmdekCAwEAAQJBALjQYNTdXF4CFBbXwUz/
+yt9QFDYT9B5WT/12jeGAe653gtYS6OOi/+eAkGmzg1GlRnw6fOfn+HYNFDORST7z
+4j0CIQDn2xz9hVWQEu9ee3vecNT3f60huDGTNoRhtqgweQGX0wIhAPSLj1VcRZEz
+nKpbtU22+PbIMSJ+e80fmY9LIPx5N4HTAiAthGSimMR9bloz0EY3GyuUEyqoDgMd
+hXxjuno2WesoJQIgemilbcALXpxsLmZLgcQ2KSmaVr7jb5ECx9R+hYKTw1sCIG4s
+T+E0J8wlH24pgwQHzy7Ko2qLwn1b5PW8ecrlvP1g
+-----END RSA PRIVATE KEY-----`))
+ if err != nil {
+ t.Fatal(err)
+ }
+
+ done := make(chan struct{})
+ go func() {
+ config := testConfig.Clone()
+ config.Certificates = []Certificate{cert}
+ config.MinVersion = VersionTLS13
+ server := Server(serverConn, config)
+ err := server.Handshake()
+ if !strings.Contains(err.Error(), "key size too small for PSS signature") {
+ t.Errorf(`expected "key size too small for PSS signature", got %q`, err)
+ }
+ close(done)
+ }()
+ err = client.Handshake()
+ if !strings.Contains(err.Error(), "handshake failure") {
+ t.Errorf(`expected "handshake failure", got %q`, err)
+ }
+ <-done
+
+ // With RSA-PSS disabled and TLS 1.2, this should work.
+
+ testSupportedSignatureAlgorithmsTLS12 := defaultSupportedSignatureAlgorithmsTLS12
+ defer func() { defaultSupportedSignatureAlgorithmsTLS12 = testSupportedSignatureAlgorithmsTLS12 }()
+ defaultSupportedSignatureAlgorithmsTLS12 = savedSupportedSignatureAlgorithmsTLS12
+
+ serverConfig := testConfig.Clone()
+ serverConfig.Certificates = []Certificate{cert}
+ serverConfig.MaxVersion = VersionTLS12
+ testHandshake(t, testConfig, serverConfig)
+}