diff options
| author | Benjamin Kaduk <kaduk@mit.edu> | 2020-04-10 12:27:28 -0700 |
|---|---|---|
| committer | Matt Caswell <matt@openssl.org> | 2020-04-21 11:22:51 +0100 |
| commit | 64eef86733fd40a5b7737dc586754c3fa3414b0c (patch) | |
| tree | 720edb8d71c1882494df6f5737a36b5076e5c78e | |
| parent | 23424be835dc10f0942c91952142d75345ef9de1 (diff) | |
Add test for CVE-2020-1967
Add to test_sslsigalgs a TLSProxy test that injects a
"signature_algorithms_cert" extension that contains an unallocated
codepoint.
The test currently fails, since s_server segfaults instead of
ignoring the unrecognized value.
Since "signature_algorithms" and "signature_algorithms_cert" are very
similar, also add the analogous test for "signature_algorithms".
Reviewed-by: Matt Caswell <matt@openssl.org>
| -rw-r--r-- | test/recipes/70-test_sslsigalgs.t | 66 |
1 files changed, 64 insertions, 2 deletions
diff --git a/test/recipes/70-test_sslsigalgs.t b/test/recipes/70-test_sslsigalgs.t index b3339ff59f..9ea9d05219 100644 --- a/test/recipes/70-test_sslsigalgs.t +++ b/test/recipes/70-test_sslsigalgs.t @@ -44,7 +44,9 @@ use constant { COMPAT_SIGALGS => 6, SIGALGS_CERT_ALL => 7, SIGALGS_CERT_PKCS => 8, - SIGALGS_CERT_INVALID => 9 + SIGALGS_CERT_INVALID => 9, + UNRECOGNIZED_SIGALGS_CERT => 10, + UNRECOGNIZED_SIGALG => 11 }; #Note: Throughout this test we override the default ciphersuites where TLSv1.2 @@ -53,7 +55,7 @@ use constant { #Test 1: Default sig algs should succeed $proxy->start() or plan skip_all => "Unable to start up Proxy for tests"; -plan tests => 24; +plan tests => 26; ok(TLSProxy::Message->success, "Default sigalgs"); my $testtype; @@ -282,6 +284,39 @@ SKIP: { ok(TLSProxy::Message->fail, "No matching certificate for sigalgs_cert"); } +SKIP: { + skip "TLS 1.3 disabled", 2 if disabled("tls1_3"); + #Test 25: Send an unrecognized signature_algorithms_cert + # We should be able to skip over the unrecognized value and use a + # valid one that appears later in the list. + $proxy->clear(); + $proxy->filter(\&inject_unrecognized_sigalg); + $proxy->clientflags("-tls1_3"); + # Use -xcert to get SSL_check_chain() to run in the cert_cb. This is + # needed to trigger (e.g.) CVE-2020-1967 + $proxy->serverflags("" . + " -xcert " . srctop_file("test", "certs", "servercert.pem") . + " -xkey " . srctop_file("test", "certs", "serverkey.pem") . + " -xchain " . srctop_file("test", "certs", "rootcert.pem")); + $testtype = UNRECOGNIZED_SIGALGS_CERT; + $proxy->start(); + ok(TLSProxy::Message->success(), "Unrecognized sigalg_cert in ClientHello"); + + #Test 26: Send an unrecognized signature_algorithms + # We should be able to skip over the unrecognized value and use a + # valid one that appears later in the list. + $proxy->clear(); + $proxy->filter(\&inject_unrecognized_sigalg); + $proxy->clientflags("-tls1_3"); + $proxy->serverflags("" . + " -xcert " . srctop_file("test", "certs", "servercert.pem") . + " -xkey " . srctop_file("test", "certs", "serverkey.pem") . + " -xchain " . srctop_file("test", "certs", "rootcert.pem")); + $testtype = UNRECOGNIZED_SIGALG; + $proxy->start(); + ok(TLSProxy::Message->success(), "Unrecognized sigalg in ClientHello"); +} + sub sigalgs_filter @@ -427,3 +462,30 @@ sub modify_cert_verify_sigalg } } } + +sub inject_unrecognized_sigalg +{ + my $proxy = shift; + my $type; + + # We're only interested in the initial ClientHello + if ($proxy->flight != 0) { + return; + } + if ($testtype == UNRECOGNIZED_SIGALGS_CERT) { + $type = TLSProxy::Message::EXT_SIG_ALGS_CERT; + } elsif ($testtype == UNRECOGNIZED_SIGALG) { + $type = TLSProxy::Message::EXT_SIG_ALGS; + } else { + return; + } + + my $ext = pack "C8", + 0x00, 0x06, #Extension length + 0xfe, 0x18, #private use + 0x04, 0x01, #rsa_pkcs1_sha256 + 0x08, 0x04; #rsa_pss_rsae_sha256; + my $message = ${$proxy->message_list}[0]; + $message->set_extension($type, $ext); + $message->repack; +} |