diff options
| -rw-r--r-- | test/recipes/70-test_sslcbcpadding.t | 1 | ||||
| -rw-r--r-- | test/recipes/70-test_sslrecords.t | 9 | ||||
| -rw-r--r-- | util/TLSProxy/Proxy.pm | 8 | ||||
| -rw-r--r-- | util/TLSProxy/Record.pm | 27 |
4 files changed, 29 insertions, 16 deletions
diff --git a/test/recipes/70-test_sslcbcpadding.t b/test/recipes/70-test_sslcbcpadding.t index fdaa46680c..22825a096d 100644 --- a/test/recipes/70-test_sslcbcpadding.t +++ b/test/recipes/70-test_sslcbcpadding.t @@ -40,6 +40,7 @@ my @test_offsets = (0, 128, 254, 255); # Test that maximally-padded records are accepted. my $bad_padding_offset = -1; +$proxy->serverflags("-tls1_2"); $proxy->start() or plan skip_all => "Unable to start up Proxy for tests"; plan tests => 1 + scalar(@test_offsets); ok(TLSProxy::Message->success(), "Maximally-padded record test"); diff --git a/test/recipes/70-test_sslrecords.t b/test/recipes/70-test_sslrecords.t index d1c8d3ad2a..fc9b59ffef 100644 --- a/test/recipes/70-test_sslrecords.t +++ b/test/recipes/70-test_sslrecords.t @@ -37,6 +37,7 @@ my $proxy = TLSProxy::Proxy->new( #Test 1: Injecting out of context empty records should fail my $content_type = TLSProxy::Record::RT_APPLICATION_DATA; my $inject_recs_num = 1; +$proxy->serverflags("-tls1_2"); $proxy->start() or plan skip_all => "Unable to start up Proxy for tests"; plan tests => 9; ok(TLSProxy::Message->fail(), "Out of context empty records test"); @@ -44,6 +45,7 @@ ok(TLSProxy::Message->fail(), "Out of context empty records test"); #Test 2: Injecting in context empty records should succeed $proxy->clear(); $content_type = TLSProxy::Record::RT_HANDSHAKE; +$proxy->serverflags("-tls1_2"); $proxy->start(); ok(TLSProxy::Message->success(), "In context empty records test"); @@ -51,6 +53,7 @@ ok(TLSProxy::Message->success(), "In context empty records test"); $proxy->clear(); #We allow 32 consecutive in context empty records $inject_recs_num = 33; +$proxy->serverflags("-tls1_2"); $proxy->start(); ok(TLSProxy::Message->fail(), "Too many in context empty records test"); @@ -59,6 +62,7 @@ ok(TLSProxy::Message->fail(), "Too many in context empty records test"); # alert, i.e. this will look like a disorderly close $proxy->clear(); $proxy->filter(\&add_frag_alert_filter); +$proxy->serverflags("-tls1_2"); $proxy->start(); ok(!TLSProxy::Message->end(), "Fragmented alert records test"); @@ -75,6 +79,7 @@ use constant { my $sslv2testtype = TLSV1_2_IN_SSLV2; $proxy->clear(); $proxy->filter(\&add_sslv2_filter); +$proxy->serverflags("-tls1_2"); $proxy->start(); ok(TLSProxy::Message->success(), "TLSv1.2 in SSLv2 ClientHello test"); @@ -83,6 +88,7 @@ ok(TLSProxy::Message->success(), "TLSv1.2 in SSLv2 ClientHello test"); # protocol so we don't even send an alert in this case. $sslv2testtype = SSLV2_IN_SSLV2; $proxy->clear(); +$proxy->serverflags("-tls1_2"); $proxy->start(); ok(!TLSProxy::Message->end(), "SSLv2 in SSLv2 ClientHello test"); @@ -91,6 +97,7 @@ ok(!TLSProxy::Message->end(), "SSLv2 in SSLv2 ClientHello test"); # reasons $sslv2testtype = FRAGMENTED_IN_TLSV1_2; $proxy->clear(); +$proxy->serverflags("-tls1_2"); $proxy->start(); ok(TLSProxy::Message->success(), "Fragmented ClientHello in TLSv1.2 test"); @@ -98,6 +105,7 @@ ok(TLSProxy::Message->success(), "Fragmented ClientHello in TLSv1.2 test"); # record; and another TLS1.2 record. This isn't allowed so should fail $sslv2testtype = FRAGMENTED_IN_SSLV2; $proxy->clear(); +$proxy->serverflags("-tls1_2"); $proxy->start(); ok(TLSProxy::Message->fail(), "Fragmented ClientHello in TLSv1.2/SSLv2 test"); @@ -105,6 +113,7 @@ ok(TLSProxy::Message->fail(), "Fragmented ClientHello in TLSv1.2/SSLv2 test"); # fail because an SSLv2 ClientHello must be the first record. $sslv2testtype = ALERT_BEFORE_SSLV2; $proxy->clear(); +$proxy->serverflags("-tls1_2"); $proxy->start(); ok(TLSProxy::Message->fail(), "Alert before SSLv2 ClientHello test"); sub add_empty_recs_filter diff --git a/util/TLSProxy/Proxy.pm b/util/TLSProxy/Proxy.pm index c15019dace..16fd09463f 100644 --- a/util/TLSProxy/Proxy.pm +++ b/util/TLSProxy/Proxy.pm @@ -48,7 +48,7 @@ sub new cert => $cert, debug => $debug, cipherc => "", - ciphers => "AES128-SHA", + ciphers => "AES128-SHA:TLS13-AES-128-GCM-SHA256", flight => 0, record_list => [], message_list => [], @@ -113,7 +113,7 @@ sub clear my $self = shift; $self->clearClient; - $self->{ciphers} = "AES128-SHA"; + $self->{ciphers} = "AES128-SHA:TLS13-AES-128-GCM-SHA256"; $self->{serverflags} = ""; $self->{serverconnects} = 1; $self->{serverpid} = 0; @@ -147,10 +147,8 @@ sub start or die "Failed to redirect stdout: $!"; open(STDERR, ">&STDOUT"); } - # TODO(TLS1.3): Temporarily disabled for TLS1.3...no shared cipher - # because the TLS1.3 ciphersuites are not compatible with ossltest my $execcmd = $self->execute - ." s_server -no_tls1_3 -no_comp -rev -engine ossltest -accept " + ." s_server -no_comp -rev -engine ossltest -accept " .($self->server_port) ." -cert ".$self->cert." -naccept ".$self->serverconnects; if ($self->ciphers ne "") { diff --git a/util/TLSProxy/Record.pm b/util/TLSProxy/Record.pm index 423bad3bf1..93a3a4bd5e 100644 --- a/util/TLSProxy/Record.pm +++ b/util/TLSProxy/Record.pm @@ -107,7 +107,7 @@ sub get_records if (($server && $server_ccs_seen) || (!$server && $client_ccs_seen)) { - if ($etm) { + if ($version != VERS_TLS_1_3() && $etm) { $record->decryptETM(); } else { $record->decrypt(); @@ -221,22 +221,27 @@ sub decryptETM sub decrypt() { my ($self) = shift; - + my $mactaglen = 20; my $data = $self->data; - if($self->version >= VERS_TLS_1_1()) { - #TLS1.1+ has an explicit IV. Throw it away + #Throw away any IVs + if ($self->version >= VERS_TLS_1_3()) { + #8 bytes for a GCM IV + $data = substr($data, 8); + $mactaglen = 16; + } elsif ($self->version >= VERS_TLS_1_1()) { + #16 bytes for a standard IV $data = substr($data, 16); - } - #Find out what the padding byte is - my $padval = unpack("C", substr($data, length($data) - 1)); + #Find out what the padding byte is + my $padval = unpack("C", substr($data, length($data) - 1)); - #Throw away the padding - $data = substr($data, 0, length($data) - ($padval + 1)); + #Throw away the padding + $data = substr($data, 0, length($data) - ($padval + 1)); + } - #Throw away the MAC (assumes MAC is 20 bytes for now. FIXME) - $data = substr($data, 0, length($data) - 20); + #Throw away the MAC or TAG + $data = substr($data, 0, length($data) - $mactaglen); $self->decrypt_data($data); $self->decrypt_len(length($data)); |