Add tests for missing CA chains and bad curves.
This commit adds four tests to tests/ssl-opt.sh:
(1) & (2): Check behaviour of optional/required verification when the
trusted CA chain is empty.
(3) & (4): Check behaviour of optional/required verification when the
client receives a server certificate with an unsupported curve.
diff --git a/programs/ssl/ssl_server2.c b/programs/ssl/ssl_server2.c
index 095fabd..95438f9 100644
--- a/programs/ssl/ssl_server2.c
+++ b/programs/ssl/ssl_server2.c
@@ -106,6 +106,7 @@
#define DFL_CACHE_TIMEOUT -1
#define DFL_SNI NULL
#define DFL_ALPN_STRING NULL
+#define DFL_CURVES NULL
#define DFL_DHM_FILE NULL
#define DFL_EXTENDED_MS -1
#define DFL_ETM -1
@@ -215,6 +216,17 @@
#define USAGE_ALPN ""
#endif /* POLARSSL_SSL_ALPN */
+#if defined(POLARSSL_SSL_SET_CURVES)
+#define USAGE_CURVES \
+ " curves=a,b,c,d default: \"default\" (library default)\n" \
+ " example: \"secp521r1,brainpoolP512r1\"\n" \
+ " - use \"none\" for empty list\n" \
+ " - see ecp_curve_list()\n" \
+ " for acceptable curve names\n"
+#else
+#define USAGE_CURVES ""
+#endif /* POLARSSL_SSL_SET_CURVES */
+
#if defined(POLARSSL_SSL_EXTENDED_MASTER_SECRET)
#define USAGE_EMS \
" extended_ms=0/1 default: (library default: on)\n"
@@ -263,6 +275,7 @@
USAGE_MAX_FRAG_LEN \
USAGE_TRUNC_HMAC \
USAGE_ALPN \
+ USAGE_CURVES \
USAGE_EMS \
USAGE_ETM \
"\n" \
@@ -327,6 +340,7 @@
int cache_max; /* max number of session cache entries */
int cache_timeout; /* expiration delay of session cache entries */
char *sni; /* string describing sni information */
+ const char *curves; /* list of supported elliptic curves */
const char *alpn_string; /* ALPN supported protocols */
const char *dhm_file; /* the file with the DH parameters */
int extended_ms; /* allow negotiation of extended MS? */
@@ -685,6 +699,10 @@
#if defined(POLARSSL_SSL_ALPN)
const char *alpn_list[10];
#endif
+#if defined(POLARSSL_SSL_SET_CURVES)
+ ecp_group_id curve_list[20];
+ const ecp_curve_info *curve_cur;
+#endif
#if defined(POLARSSL_MEMORY_BUFFER_ALLOC_C)
unsigned char alloc_buf[100000];
#endif
@@ -780,6 +798,7 @@
opt.cache_timeout = DFL_CACHE_TIMEOUT;
opt.sni = DFL_SNI;
opt.alpn_string = DFL_ALPN_STRING;
+ opt.curves = DFL_CURVES;
opt.dhm_file = DFL_DHM_FILE;
opt.extended_ms = DFL_EXTENDED_MS;
opt.etm = DFL_ETM;
@@ -987,6 +1006,8 @@
default: goto usage;
}
}
+ else if( strcmp( p, "curves" ) == 0 )
+ opt.curves = q;
else if( strcmp( p, "etm" ) == 0 )
{
switch( atoi( q ) )
@@ -1118,6 +1139,64 @@
}
#endif /* POLARSSL_KEY_EXCHANGE__SOME__PSK_ENABLED */
+#if defined(POLARSSL_SSL_SET_CURVES)
+ if( opt.curves != NULL )
+ {
+ p = (char *) opt.curves;
+ i = 0;
+
+ if( strcmp( p, "none" ) == 0 )
+ {
+ curve_list[0] = POLARSSL_ECP_DP_NONE;
+ }
+ else if( strcmp( p, "default" ) != 0 )
+ {
+ /* Leave room for a final NULL in curve list */
+ while( i < (int) ( sizeof( curve_list ) / sizeof( *curve_list ) ) - 1
+ && *p != '\0' )
+ {
+ q = p;
+
+ /* Terminate the current string */
+ while( *p != ',' && *p != '\0' )
+ p++;
+ if( *p == ',' )
+ *p++ = '\0';
+
+ if( ( curve_cur = ecp_curve_info_from_name( q ) ) != NULL )
+ {
+ curve_list[i++] = curve_cur->grp_id;
+ }
+ else
+ {
+ polarssl_printf( "unknown curve %s\n", q );
+ polarssl_printf( "supported curves: " );
+ for( curve_cur = ecp_curve_list();
+ curve_cur->grp_id != POLARSSL_ECP_DP_NONE;
+ curve_cur++ )
+ {
+ polarssl_printf( "%s ", curve_cur->name );
+ }
+ polarssl_printf( "\n" );
+ goto exit;
+ }
+ }
+
+ polarssl_printf( "Number of curves: %d\n", i );
+
+ if( i == (int) ( sizeof( curve_list ) / sizeof( *curve_list ) ) - 1
+ && *p != '\0' )
+ {
+ polarssl_printf( "curves list too long, maximum %zu",
+ (size_t) ( sizeof( curve_list ) / sizeof( *curve_list ) - 1 ) );
+ goto exit;
+ }
+
+ curve_list[i] = POLARSSL_ECP_DP_NONE;
+ }
+ }
+#endif /* POLARSSL_SSL_SET_CURVES */
+
#if defined(POLARSSL_SSL_ALPN)
if( opt.alpn_string != NULL )
{
@@ -1397,6 +1476,14 @@
}
#endif
+#if defined(POLARSSL_SSL_SET_CURVES)
+ if( opt.curves != NULL &&
+ strcmp( opt.curves, "default" ) != 0 )
+ {
+ ssl_set_curves( &ssl, curve_list );
+ }
+#endif
+
ssl_set_rng( &ssl, ctr_drbg_random, &ctr_drbg );
ssl_set_dbg( &ssl, my_debug, stdout );