mirrors/utls
1
0
Fork 0
mirror of https://github.com/refraction-networking/utls.git synced 2025-04-04 04:27:36 +03:00
Code Issues Projects Releases Packages Wiki Activity

sync: merge changes from go 1.24.0

Browse source
This commit is contained in:
Mingye Chen 2025-03-01 00:13:08 -07:00
commit a99feacec2
50 changed files with 2505 additions and 2734 deletions
Download patch file Download diff file Expand all files Collapse all files

132
handshake_client_test.go
View file

@ -32,6 +32,7 @@ import (
"time"
"github.com/refraction-networking/utls/internal/byteorder"
"github.com/refraction-networking/utls/internal/fips140tls"
)
// Note: see comment in handshake_test.go for details of how the reference
@ -208,7 +209,7 @@ func (test *clientTest) connFromCommand() (conn *recordingConn, child *exec.Cmd,
var serverInfo bytes.Buffer
for _, ext := range test.extensions {
pem.Encode(&serverInfo, &pem.Block{
Type: fmt.Sprintf("SERVERINFO FOR EXTENSION %d", byteorder.BeUint16(ext)),
Type: fmt.Sprintf("SERVERINFO FOR EXTENSION %d", byteorder.BEUint16(ext)),
Bytes: ext,
})
}
@ -434,7 +435,7 @@ func (test *clientTest) run(t *testing.T, write bool) {
}
if write {
clientConn.Close()
client.Close()
path := test.dataPath()
out, err := os.OpenFile(path, os.O_WRONLY|os.O_CREATE|os.O_TRUNC, 0644)
if err != nil {
@ -849,14 +850,17 @@ func testResumption(t *testing.T, version uint16) {
if testing.Short() {
t.Skip("skipping in -short mode")
}
// Note: using RSA 2048 test certificates because they are compatible with FIPS mode.
testCertificates := []Certificate{{Certificate: [][]byte{testRSA2048Certificate}, PrivateKey: testRSA2048PrivateKey}}
serverConfig := &Config{
MaxVersion: version,
CipherSuites: []uint16{TLS_RSA_WITH_RC4_128_SHA, TLS_ECDHE_RSA_WITH_RC4_128_SHA},
Certificates: testConfig.Certificates,
Time: testTime, // [uTLS]
CipherSuites: []uint16{TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256, TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384},
Certificates: testCertificates,
Time: testTime,
}
issuer, err := x509.ParseCertificate(testRSACertificateIssuer)
issuer, err := x509.ParseCertificate(testRSA2048CertificateIssuer)
if err != nil {
panic(err)
}
@ -866,11 +870,11 @@ func testResumption(t *testing.T, version uint16) {
clientConfig := &Config{
MaxVersion: version,
CipherSuites: []uint16{TLS_RSA_WITH_RC4_128_SHA},
CipherSuites: []uint16{TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256},
ClientSessionCache: NewLRUClientSessionCache(32),
RootCAs: rootCAs,
ServerName: "example.golang",
Time: testTime, // [uTLS]
Time: testTime,
}
testResumeState := func(test string, didResume bool) {
@ -917,7 +921,7 @@ func testResumption(t *testing.T, version uint16) {
// An old session ticket is replaced with a ticket encrypted with a fresh key.
ticket = getTicket()
serverConfig.Time = func() time.Time { return testTime().Add(24*time.Hour + time.Minute) } // [uTLS]
serverConfig.Time = func() time.Time { return testTime().Add(24*time.Hour + time.Minute) }
testResumeState("ResumeWithOldTicket", true)
if bytes.Equal(ticket, getTicket()) {
t.Fatal("old first ticket matches the fresh one")
@ -925,13 +929,13 @@ func testResumption(t *testing.T, version uint16) {
// Once the session master secret is expired, a full handshake should occur.
ticket = getTicket()
serverConfig.Time = func() time.Time { return testTime().Add(24*8*time.Hour + time.Minute) } // [uTLS]
serverConfig.Time = func() time.Time { return testTime().Add(24*8*time.Hour + time.Minute) }
testResumeState("ResumeWithExpiredTicket", false)
if bytes.Equal(ticket, getTicket()) {
t.Fatal("expired first ticket matches the fresh one")
}
serverConfig.Time = testTime // reset the time back // [uTLS]
serverConfig.Time = testTime // reset the time back
key1 := randomKey()
serverConfig.SetSessionTicketKeys([][32]byte{key1})
@ -948,11 +952,11 @@ func testResumption(t *testing.T, version uint16) {
testResumeState("KeyChangeFinish", true)
// Age the session ticket a bit, but not yet expired.
serverConfig.Time = func() time.Time { return testTime().Add(24*time.Hour + time.Minute) } // [uTLS]
serverConfig.Time = func() time.Time { return testTime().Add(24*time.Hour + time.Minute) }
testResumeState("OldSessionTicket", true)
ticket = getTicket()
// Expire the session ticket, which would force a full handshake.
serverConfig.Time = func() time.Time { return testTime().Add(24*8*time.Hour + 2*time.Minute) } // [uTLS]
serverConfig.Time = func() time.Time { return testTime().Add(24*8*time.Hour + 2*time.Minute) }
testResumeState("ExpiredSessionTicket", false)
if bytes.Equal(ticket, getTicket()) {
t.Fatal("new ticket wasn't provided after old ticket expired")
@ -960,7 +964,7 @@ func testResumption(t *testing.T, version uint16) {
// Age the session ticket a bit at a time, but don't expire it.
d := 0 * time.Hour
serverConfig.Time = func() time.Time { return testTime().Add(d) } // [uTLS]
serverConfig.Time = func() time.Time { return testTime().Add(d) }
deleteTicket()
testResumeState("GetFreshSessionTicket", false)
for i := 0; i < 13; i++ {
@ -971,7 +975,7 @@ func testResumption(t *testing.T, version uint16) {
// handshake occurs for TLS 1.2. Resumption should still occur for
// TLS 1.3 since the client should be using a fresh ticket sent over
// by the server.
d += 12*time.Hour + time.Minute // [uTLS]
d += 12*time.Hour + time.Minute
if version == VersionTLS13 {
testResumeState("ExpiredSessionTicket", true)
} else {
@ -985,9 +989,9 @@ func testResumption(t *testing.T, version uint16) {
// before the serverConfig is used works.
serverConfig = &Config{
MaxVersion: version,
CipherSuites: []uint16{TLS_RSA_WITH_RC4_128_SHA, TLS_ECDHE_RSA_WITH_RC4_128_SHA},
Certificates: testConfig.Certificates,
Time: testTime, // [uTLS]
CipherSuites: []uint16{TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256, TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384},
Certificates: testCertificates,
Time: testTime,
}
serverConfig.SetSessionTicketKeys([][32]byte{key2})
@ -996,7 +1000,7 @@ func testResumption(t *testing.T, version uint16) {
// In TLS 1.3, cross-cipher suite resumption is allowed as long as the KDF
// hash matches. Also, Config.CipherSuites does not apply to TLS 1.3.
if version != VersionTLS13 {
clientConfig.CipherSuites = []uint16{TLS_ECDHE_RSA_WITH_RC4_128_SHA}
clientConfig.CipherSuites = []uint16{TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384}
testResumeState("DifferentCipherSuite", false)
testResumeState("DifferentCipherSuiteRecovers", true)
}
@ -1012,8 +1016,8 @@ func testResumption(t *testing.T, version uint16) {
// Use a different curve than the client to force a HelloRetryRequest.
CurvePreferences: []CurveID{CurveP521, CurveP384, CurveP256},
MaxVersion: version,
Certificates: testConfig.Certificates,
Time: testTime, // [uTLS]
Certificates: testCertificates,
Time: testTime,
}
testResumeState("InitialHandshake", false)
testResumeState("WithHelloRetryRequest", true)
@ -1021,9 +1025,9 @@ func testResumption(t *testing.T, version uint16) {
// Reset serverConfig back.
serverConfig = &Config{
MaxVersion: version,
CipherSuites: []uint16{TLS_RSA_WITH_RC4_128_SHA, TLS_ECDHE_RSA_WITH_RC4_128_SHA},
Certificates: testConfig.Certificates,
Time: testTime, // [uTLS]
CipherSuites: []uint16{TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256, TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384},
Certificates: testCertificates,
Time: testTime,
}
}
@ -1278,7 +1282,7 @@ func TestServerSelectingUnconfiguredApplicationProtocol(t *testing.T) {
go func() {
client := Client(c, &Config{
ServerName: "foo",
CipherSuites: []uint16{TLS_RSA_WITH_AES_128_GCM_SHA256},
CipherSuites: []uint16{TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256},
NextProtos: []string{"http", "something-else"},
})
errChan <- client.Handshake()
@ -1298,7 +1302,7 @@ func TestServerSelectingUnconfiguredApplicationProtocol(t *testing.T) {
serverHello := &serverHelloMsg{
vers: VersionTLS12,
random: make([]byte, 32),
cipherSuite: TLS_RSA_WITH_AES_128_GCM_SHA256,
cipherSuite: TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256,
alpnProtocol: "how-about-this",
}
serverHelloBytes := mustMarshal(t, serverHello)
@ -1314,7 +1318,7 @@ func TestServerSelectingUnconfiguredApplicationProtocol(t *testing.T) {
s.Close()
if err := <-errChan; !strings.Contains(err.Error(), "server selected unadvertised ALPN protocol") {
t.Fatalf("Expected error about unconfigured cipher suite but got %q", err)
t.Fatalf("Expected error about unconfigured ALPN protocol but got %q", err)
}
}
@ -1730,7 +1734,10 @@ func testVerifyConnection(t *testing.T, version uint16) {
},
}
for _, test := range tests {
issuer, err := x509.ParseCertificate(testRSACertificateIssuer)
// Note: using RSA 2048 test certificates because they are compatible with FIPS mode.
testCertificates := []Certificate{{Certificate: [][]byte{testRSA2048Certificate}, PrivateKey: testRSA2048PrivateKey}}
issuer, err := x509.ParseCertificate(testRSA2048CertificateIssuer)
if err != nil {
panic(err)
}
@ -1741,8 +1748,8 @@ func testVerifyConnection(t *testing.T, version uint16) {
serverConfig := &Config{
MaxVersion: version,
Certificates: []Certificate{testConfig.Certificates[0]},
Time: testTime, // [uTLS]
Certificates: testCertificates,
Time: testTime,
ClientCAs: rootCAs,
NextProtos: []string{"protocol1"},
}
@ -1755,8 +1762,8 @@ func testVerifyConnection(t *testing.T, version uint16) {
ClientSessionCache: NewLRUClientSessionCache(32),
RootCAs: rootCAs,
ServerName: "example.golang",
Certificates: []Certificate{testConfig.Certificates[0]},
Time: testTime, // [uTLS]
Certificates: testCertificates,
Time: testTime,
NextProtos: []string{"protocol1"},
}
test.configureClient(clientConfig, &clientCalled)
@ -1791,7 +1798,8 @@ func TestVerifyPeerCertificate(t *testing.T) {
}
func testVerifyPeerCertificate(t *testing.T, version uint16) {
issuer, err := x509.ParseCertificate(testRSACertificateIssuer)
// Note: using RSA 2048 test certificates because they are compatible with FIPS mode.
issuer, err := x509.ParseCertificate(testRSA2048CertificateIssuer)
if err != nil {
panic(err)
}
@ -1799,8 +1807,6 @@ func testVerifyPeerCertificate(t *testing.T, version uint16) {
rootCAs := x509.NewCertPool()
rootCAs.AddCert(issuer)
now := func() time.Time { return time.Unix(1476984729, 0) }
sentinelErr := errors.New("TestVerifyPeerCertificate")
verifyPeerCertificateCallback := func(called *bool, rawCerts [][]byte, validatedChains [][]*x509.Certificate) error {
@ -2046,11 +2052,11 @@ func testVerifyPeerCertificate(t *testing.T, version uint16) {
config.ServerName = "example.golang"
config.ClientAuth = RequireAndVerifyClientCert
config.ClientCAs = rootCAs
config.Time = now
config.Time = testTime
config.MaxVersion = version
config.Certificates = make([]Certificate, 1)
config.Certificates[0].Certificate = [][]byte{testRSACertificate}
config.Certificates[0].PrivateKey = testRSAPrivateKey
config.Certificates[0].Certificate = [][]byte{testRSA2048Certificate}
config.Certificates[0].PrivateKey = testRSA2048PrivateKey
config.Certificates[0].SignedCertificateTimestamps = [][]byte{[]byte("dummy sct 1"), []byte("dummy sct 2")}
config.Certificates[0].OCSPStaple = []byte("dummy ocsp")
test.configureServer(config, &serverCalled)
@ -2061,9 +2067,10 @@ func testVerifyPeerCertificate(t *testing.T, version uint16) {
}()
config := testConfig.Clone()
config.Certificates = []Certificate{{Certificate: [][]byte{testRSA2048Certificate}, PrivateKey: testRSA2048PrivateKey}}
config.ServerName = "example.golang"
config.RootCAs = rootCAs
config.Time = now
config.Time = testTime
config.MaxVersion = version
test.configureClient(config, &clientCalled)
clientErr := Client(c, config).Handshake()
@ -2344,8 +2351,8 @@ var getClientCertificateTests = []struct {
panic("empty AcceptableCAs")
}
cert := &Certificate{
Certificate: [][]byte{testRSACertificate},
PrivateKey: testRSAPrivateKey,
Certificate: [][]byte{testRSA2048Certificate},
PrivateKey: testRSA2048PrivateKey,
}
return cert, nil
}
@ -2365,25 +2372,34 @@ func TestGetClientCertificate(t *testing.T) {
}
func testGetClientCertificate(t *testing.T, version uint16) {
issuer, err := x509.ParseCertificate(testRSACertificateIssuer)
// Note: using RSA 2048 test certificates because they are compatible with FIPS mode.
issuer, err := x509.ParseCertificate(testRSA2048CertificateIssuer)
if err != nil {
panic(err)
}
for i, test := range getClientCertificateTests {
serverConfig := testConfig.Clone()
serverConfig.Certificates = []Certificate{{Certificate: [][]byte{testRSA2048Certificate}, PrivateKey: testRSA2048PrivateKey}}
serverConfig.ClientAuth = VerifyClientCertIfGiven
serverConfig.RootCAs = x509.NewCertPool()
serverConfig.RootCAs.AddCert(issuer)
serverConfig.ClientCAs = serverConfig.RootCAs
serverConfig.Time = func() time.Time { return time.Unix(1476984729, 0) }
serverConfig.Time = testTime
serverConfig.MaxVersion = version
clientConfig := testConfig.Clone()
clientConfig.Certificates = []Certificate{{Certificate: [][]byte{testRSA2048Certificate}, PrivateKey: testRSA2048PrivateKey}}
clientConfig.MaxVersion = version
test.setup(clientConfig, serverConfig)
// TLS 1.1 isn't available for FIPS required
if fips140tls.Required() && clientConfig.MaxVersion == VersionTLS11 {
t.Logf("skipping test %d for FIPS mode", i)
continue
}
type serverResult struct {
cs ConnectionState
err error
@ -2522,11 +2538,15 @@ func TestDowngradeCanary(t *testing.T) {
if err := testDowngradeCanary(t, VersionTLS12, VersionTLS12); err != nil {
t.Errorf("client didn't ignore expected TLS 1.2 canary")
}
if err := testDowngradeCanary(t, VersionTLS11, VersionTLS11); err != nil {
t.Errorf("client unexpectedly reacted to a canary in TLS 1.1")
}
if err := testDowngradeCanary(t, VersionTLS10, VersionTLS10); err != nil {
t.Errorf("client unexpectedly reacted to a canary in TLS 1.0")
if !fips140tls.Required() {
if err := testDowngradeCanary(t, VersionTLS11, VersionTLS11); err != nil {
t.Errorf("client unexpectedly reacted to a canary in TLS 1.1")
}
if err := testDowngradeCanary(t, VersionTLS10, VersionTLS10); err != nil {
t.Errorf("client unexpectedly reacted to a canary in TLS 1.0")
}
} else {
t.Logf("skiping TLS 1.1 and TLS 1.0 downgrade canary checks in FIPS mode")
}
}
@ -2536,7 +2556,8 @@ func TestResumptionKeepsOCSPAndSCT(t *testing.T) {
}
func testResumptionKeepsOCSPAndSCT(t *testing.T, ver uint16) {
issuer, err := x509.ParseCertificate(testRSACertificateIssuer)
// Note: using RSA 2048 test certificates because they are compatible with FIPS mode.
issuer, err := x509.ParseCertificate(testRSA2048CertificateIssuer)
if err != nil {
t.Fatalf("failed to parse test issuer")
}
@ -2547,9 +2568,10 @@ func testResumptionKeepsOCSPAndSCT(t *testing.T, ver uint16) {
ClientSessionCache: NewLRUClientSessionCache(32),
ServerName: "example.golang",
RootCAs: roots,
Time: testTime, // [uTLS]
Time: testTime,
}
serverConfig := testConfig.Clone()
serverConfig.Certificates = []Certificate{{Certificate: [][]byte{testRSA2048Certificate}, PrivateKey: testRSA2048PrivateKey}}
serverConfig.MaxVersion = ver
serverConfig.Certificates[0].OCSPStaple = []byte{1, 2, 3}
serverConfig.Certificates[0].SignedCertificateTimestamps = [][]byte{{4, 5, 6}}
@ -2684,11 +2706,15 @@ func testTLS13OnlyClientHelloCipherSuite(t *testing.T, ciphers []uint16) {
serverConfig := &Config{
Certificates: testConfig.Certificates,
GetConfigForClient: func(chi *ClientHelloInfo) (*Config, error) {
if len(chi.CipherSuites) != len(defaultCipherSuitesTLS13NoAES) {
expectedCiphersuites := defaultCipherSuitesTLS13NoAES
if fips140tls.Required() {
expectedCiphersuites = defaultCipherSuitesTLS13FIPS
}
if len(chi.CipherSuites) != len(expectedCiphersuites) {
t.Errorf("only TLS 1.3 suites should be advertised, got=%x", chi.CipherSuites)
} else {
for i := range defaultCipherSuitesTLS13NoAES {
if want, got := defaultCipherSuitesTLS13NoAES[i], chi.CipherSuites[i]; want != got {
for i := range expectedCiphersuites {
if want, got := expectedCiphersuites[i], chi.CipherSuites[i]; want != got {
t.Errorf("cipher at index %d does not match, want=%x, got=%x", i, want, got)
}
}