Fix ssltest to use 1024-bit DHE parameters

Also add more ciphersuite test coverage, and a negative test for 512-bit DHE. Reviewed-by: Rich Salz <rsalz@openssl.org> (cherry picked from commit 1ee85aab75d7c9f20058f781bfe9222323df08eb)
author: Emilia Kasper <emilia@openssl.org> 2015-05-22 18:35:50 +0200
committer: Emilia Kasper <emilia@openssl.org> 2015-05-26 12:49:26 +0200
commit: e8356e32aed70d139eae2d05aeaeb160509262aa (patch)
tree: 8b6177c042b6014563988141bc3763f1d822acb4
parent: 9c89d290834f3ed9146eeb8b64fe5de817679a0b (diff)
2 files changed, 45 insertions, 13 deletions
diff --git a/test/ssltest.c b/test/ssltest.c
index 136bf9a3c9..f640d927f2 100644
--- a/test/ssltest.c
+++ b/test/ssltest.c
@@ -766,7 +766,9 @@ static void sv_usage(void)
             " -bytes <val>  - number of bytes to swap between client/server\n");
 #ifndef OPENSSL_NO_DH
     fprintf(stderr,
-            " -dhe1024      - use 1024 bit key (safe prime) for DHE\n");
+            " -dhe512       - use 512 bit key for DHE (to test failure)\n");
+    fprintf(stderr,
+            " -dhe1024      - use 1024 bit key (safe prime) for DHE (default, no-op)\n");
     fprintf(stderr,
             " -dhe1024dsa   - use 1024 bit key (with 160-bit subprime) for DHE\n");
     fprintf(stderr, " -no_dhe       - disable DHE\n");
@@ -978,7 +980,7 @@ int main(int argc, char *argv[])
     long bytes = 256L;
 #ifndef OPENSSL_NO_DH
     DH *dh;
-    int dhe1024 = 0, dhe1024dsa = 0;
+    int dhe512 = 0, dhe1024dsa = 0;
 #endif
 #ifndef OPENSSL_NO_EC
     EC_KEY *ecdh = NULL;
@@ -1084,19 +1086,19 @@ int main(int argc, char *argv[])
             debug = 1;
         else if (strcmp(*argv, "-reuse") == 0)
             reuse = 1;
-        else if (strcmp(*argv, "-dhe1024") == 0) {
+        else if (strcmp(*argv, "-dhe512") == 0) {
 #ifndef OPENSSL_NO_DH
-            dhe1024 = 1;
+            dhe512 = 1;
 #else
             fprintf(stderr,
-                    "ignoring -dhe1024, since I'm compiled without DH\n");
+                    "ignoring -dhe512, since I'm compiled without DH\n");
 #endif
         } else if (strcmp(*argv, "-dhe1024dsa") == 0) {
 #ifndef OPENSSL_NO_DH
             dhe1024dsa = 1;
 #else
             fprintf(stderr,
-                    "ignoring -dhe1024, since I'm compiled without DH\n");
+                    "ignoring -dhe1024dsa, since I'm compiled without DH\n");
 #endif
         } else if (strcmp(*argv, "-no_dhe") == 0)
             no_dhe = 1;
@@ -1473,10 +1475,10 @@ int main(int argc, char *argv[])
              */
             SSL_CTX_set_options(s_ctx, SSL_OP_SINGLE_DH_USE);
             dh = get_dh1024dsa();
-        } else if (dhe1024)
-            dh = get_dh1024();
-        else
+        } else if (dhe512)
             dh = get_dh512();
+        else
+            dh = get_dh1024();
         SSL_CTX_set_tmp_dh(s_ctx, dh);
         DH_free(dh);
     }
diff --git a/test/testssl b/test/testssl
index 367807b47b..2998b7321e 100644
--- a/test/testssl
+++ b/test/testssl
@@ -118,10 +118,9 @@ $ssltest -bio_pair -server_auth -client_auth $CA $extra || exit 1
 echo test sslv2/sslv3 with both client and server authentication via BIO pair and app verify
 $ssltest -bio_pair -server_auth -client_auth -app_verify $CA $extra || exit 1
 
-echo "Testing ciphersuites"
-for protocol in TLSv1.2 SSLv3; do
-  echo "Testing ciphersuites for $protocol"
-  for cipher in `../util/shlib_wrap.sh ../apps/openssl ciphers "RSA+$protocol" | tr ':' ' '`; do
+test_cipher() {
+  local cipher=$1
+  local protocol=$2
     echo "Testing $cipher"
     prot=""
     if [ $protocol = "SSLv3" ] ; then
@@ -132,7 +131,38 @@ for protocol in TLSv1.2 SSLv3; do
 	  echo "Failed $cipher"
 	  exit 1
     fi
+}
+
+echo "Testing ciphersuites"
+for protocol in TLSv1.2 SSLv3; do
+  echo "Testing ciphersuites for $protocol"
+  for cipher in `../util/shlib_wrap.sh ../apps/openssl ciphers "RSA+$protocol" | tr ':' ' '`; do
+    test_cipher $cipher $protocol
   done
+  if ../util/shlib_wrap.sh ../apps/openssl no-dh; then
+    echo "skipping RSA+DHE tests"
+  else
+    for cipher in `../util/shlib_wrap.sh ../apps/openssl ciphers "EDH+aRSA+$protocol:-EXP" | tr ':' ' '`; do
+      test_cipher $cipher $protocol
+    done
+    echo "testing connection with weak DH, expecting failure"
+    if [ $protocol = "SSLv3" ] ; then
+      $ssltest -cipher EDH -dhe512 -ssl3
+    else
+      $ssltest -cipher EDH -dhe512
+    fi
+    if [ $? -eq 0 ]; then
+      echo "FAIL: connection with weak DH succeeded"
+      exit 1
+    fi
+  fi
+  if ../util/shlib_wrap.sh ../apps/openssl no-ec; then
+    echo "skipping RSA+ECDHE tests"
+  else
+    for cipher in `../util/shlib_wrap.sh ../apps/openssl ciphers "EECDH+aRSA+$protocol:-EXP" | tr ':' ' '`; do
+      test_cipher $cipher $protocol
+    done
+  fi
 done
 
 #############################################################################
author	Emilia Kasper <emilia@openssl.org>	2015-05-22 18:35:50 +0200
committer	Emilia Kasper <emilia@openssl.org>	2015-05-26 12:49:26 +0200
commit	e8356e32aed70d139eae2d05aeaeb160509262aa (patch)
tree	8b6177c042b6014563988141bc3763f1d822acb4
parent	9c89d290834f3ed9146eeb8b64fe5de817679a0b (diff)