From 71215950e69f1cf66b0e68a14cfc335bf02c6d94 Mon Sep 17 00:00:00 2001 From: =?utf8?q?Felix=20D=C3=B6rre?= Date: Thu, 4 Dec 2014 16:20:20 +0100 Subject: [PATCH] add: test for SSL through slip, and patching slip --- src/bios.h | 11 +++++++- src/slipBio.cpp | 44 ++++++++++++++++++++------------ src/slipBio.h | 4 +++ test/Makefile | 2 +- test/genTestData.sh | 3 +++ test/src/slipBioTest.cpp | 54 ++++++++++++++++++++++++++++++++++++++++ 6 files changed, 100 insertions(+), 18 deletions(-) diff --git a/src/bios.h b/src/bios.h index 4ea874c..e1f26b4 100644 --- a/src/bios.h +++ b/src/bios.h @@ -19,9 +19,13 @@ public: namespace BIOWrapper { int write( BIO* b, const char* buf, int num ); + int read( BIO* b, char* buf, int size ); + int puts( BIO* b, const char* str ); + int gets( BIO* b, char* str, int size ); + long ctrl( BIO* b, int cmod, long arg1, void* arg2 ); template @@ -38,6 +42,11 @@ namespace BIOWrapper { template BIO_METHOD* toBio() { + return toBio( BIOWrapper::bio_new ); +} + +template +BIO_METHOD* toBio( int ( *newfunc )( BIO* ) ) { static BIO_METHOD new_method = { T::typeID, T::getName(), @@ -46,7 +55,7 @@ BIO_METHOD* toBio() { BIOWrapper::puts, BIOWrapper::gets, BIOWrapper::ctrl, - BIOWrapper::bio_new, + newfunc, BIOWrapper::free, NULL, }; diff --git a/src/slipBio.cpp b/src/slipBio.cpp index 6f1105c..f796341 100644 --- a/src/slipBio.cpp +++ b/src/slipBio.cpp @@ -35,9 +35,19 @@ std::string toHex( const char* buf, int len ) { return std::string( mem.get(), len * 2 ); } -SlipBIO::SlipBIO( std::shared_ptr target ) { +SlipBIO::SlipBIO() { + this->buffer = std::vector( 4096 ); + this->decodeTarget = 0; + this->decodePos = 0; + this->rawPos = 0; +} + +void SlipBIO::setTarget( std::shared_ptr target ) { this->target = target; +} +SlipBIO::SlipBIO( std::shared_ptr target ) { + this->target = target; this->buffer = std::vector( 4096 ); this->decodeTarget = 0; this->decodePos = 0; @@ -57,7 +67,7 @@ int SlipBIO::write( const char* buf, int num ) { } } - int totalLen = num + badOnes + 2; + int totalLen = num + badOnes + 1; // 2 char* targetPtr = ( char* ) malloc( totalLen ); if( !targetPtr ) { @@ -66,7 +76,8 @@ int SlipBIO::write( const char* buf, int num ) { std::shared_ptr t = std::shared_ptr( targetPtr, free ); int j = 0; - targetPtr[j++] = ( char )0xC0; + + //targetPtr[j++] = (char)0xC0; for( int i = 0; i < num; i++ ) { if( buf[i] == ( char )0xc0 ) { @@ -83,20 +94,16 @@ int SlipBIO::write( const char* buf, int num ) { targetPtr[j++] = ( char )0xC0; if( target->write( targetPtr, j ) != j ) { + std::cout << "sent " << j << std::endl; throw "Error, target write failed"; } - std::cout << toHex( targetPtr, j ) << std::endl; return num; } int SlipBIO::read( char* buf, int size ) { - if( ( unsigned int ) size < buffer.capacity() ) { - // fail... - } - // while we have no data to decode or unmasking does not yield a full package - while( decodePos >= rawPos || !unmask() ) { + while( !packageLeft && ( decodePos >= rawPos || !unmask() ) ) { // we have no data, read more if( buffer.size() - rawPos < 64 ) { @@ -110,18 +117,24 @@ int SlipBIO::read( char* buf, int size ) { if( len > 0 ) { rawPos += len; } else { - decodeTarget = 0; - failed = true; + return -1; + //decodeTarget = 0; + //failed = true; } } + packageLeft = true; + int len = std::min( decodeTarget, ( unsigned int ) size ); // a package finished, return it - std::copy( buffer.data(), buffer.data() + decodeTarget, buf ); + std::copy( buffer.data(), buffer.data() + len, buf ); // move the buffer contents back + std::copy( buffer.data() + len, buffer.data() + decodeTarget, buffer.data() ); + decodeTarget -= len; - int len = decodeTarget; - decodeTarget = 0; + if( decodeTarget == 0 ) { + packageLeft = false; + } return len; } @@ -130,8 +143,7 @@ long SlipBIO::ctrl( int cmod, long arg1, void* arg2 ) { ( void ) cmod; ( void ) arg1; ( void ) arg2; - - return 0; + return target->ctrl( cmod, arg1, arg2 ); } const char* SlipBIO::getName() { diff --git a/src/slipBio.h b/src/slipBio.h index 76403c5..26de30a 100644 --- a/src/slipBio.h +++ b/src/slipBio.h @@ -16,14 +16,18 @@ private: unsigned int rawPos; bool failed; + bool packageLeft = false; private: bool unmask(); public: SlipBIO( std::shared_ptr target ); + SlipBIO(); ~SlipBIO(); + void setTarget( std::shared_ptr target ); + virtual int write( const char* buf, int num ); virtual int read( char* buf, int size ); virtual long ctrl( int cmod, long arg1, void* arg2 ); diff --git a/test/Makefile b/test/Makefile index ed9ae63..7c7c7af 100644 --- a/test/Makefile +++ b/test/Makefile @@ -73,7 +73,7 @@ libs: ${LIBS} .PHONY: openssl openssl: - ${MAKE} -C ../lib/openssl + ${MAKE} -C ../lib openssl .PHONY: collissiondetect collissiondetect: diff --git a/test/genTestData.sh b/test/genTestData.sh index ca44bc2..e66735a 100755 --- a/test/genTestData.sh +++ b/test/genTestData.sh @@ -16,3 +16,6 @@ for alg in csr spkac; do fake_sigalg testdata/test.$alg testdata/test_invalid_sig.$alg fake_sig testdata/test.$alg testdata/test_false_sig.$alg done + +openssl req -new -newkey rsa:2048 -nodes -subj "/CN=cn" -keyout testdata/server.key -out testdata/server.csr 2> /dev/null +openssl x509 -in testdata/server.csr -signkey testdata/server.key -req -out testdata/server.crt 2> /dev/null diff --git a/test/src/slipBioTest.cpp b/test/src/slipBioTest.cpp index a54637f..7b45158 100644 --- a/test/src/slipBioTest.cpp +++ b/test/src/slipBioTest.cpp @@ -3,7 +3,11 @@ #include +#include +#include + #include "bios.h" +#include "opensslBIO.h" #include "slipBio.h" class OpensslBIOVector : public OpensslBIO { @@ -105,4 +109,54 @@ BOOST_AUTO_TEST_CASE( TestSLIP ) { BOOST_CHECK_EQUAL_COLLECTIONS( buf, buf + 2, res3, res3 + 2 ); } +BOOST_AUTO_TEST_CASE( TestSSLThroughSLIP ) { + BIO* bio1, *bio2; + BOOST_REQUIRE_EQUAL( BIO_new_bio_pair( &bio1, 8096, &bio2, 8096 ), 1 ); + BIO* slip1 = BIO_new( toBio() ); + ( ( SlipBIO* )slip1->ptr )->setTarget( std::shared_ptr( new OpensslBIOWrapper( bio1 ) ) ); + BIO* slip2 = BIO_new( toBio() ); + ( ( SlipBIO* )slip2->ptr )->setTarget( std::shared_ptr( new OpensslBIOWrapper( bio2 ) ) ); + + auto meth = TLSv1_method(); + auto c_ctx = SSL_CTX_new( meth ); + auto s_ctx = SSL_CTX_new( meth ); + //SSL_CTX_set_cipher_list(c_ctx, "ALL"); + //SSL_CTX_set_cipher_list(s_ctx, "ALL"); + SSL_CTX_use_certificate_file( s_ctx, "testdata/server.crt", SSL_FILETYPE_PEM ); + SSL_CTX_use_PrivateKey_file( s_ctx, "testdata/server.key", SSL_FILETYPE_PEM ); + auto c_ssl = SSL_new( c_ctx ); + auto s_ssl = SSL_new( s_ctx ); + auto c_bio = BIO_new( BIO_f_ssl() ); + auto s_bio = BIO_new( BIO_f_ssl() ); + SSL_set_connect_state( c_ssl ); + SSL_set_bio( c_ssl, slip1, slip1 ); + BIO_set_ssl( c_bio, c_ssl, BIO_NOCLOSE ); + + SSL_set_accept_state( s_ssl ); + SSL_set_bio( s_ssl, slip2, slip2 ); + BIO_set_ssl( s_bio, s_ssl, BIO_NOCLOSE ); + + char data[] = {1, 2, 3, 4, 5}; + char data2[5]; + ERR_load_SSL_strings(); + ERR_load_crypto_strings(); + + int res = BIO_write( c_bio, data, 5 ); + BOOST_CHECK_EQUAL( res, -1 ); + res = BIO_read( s_bio, data2, sizeof( data2 ) ); + BOOST_CHECK_EQUAL( res, -1 ); + + res = BIO_write( c_bio, data, 5 ); + BOOST_CHECK_EQUAL( res, -1 ); + + + res = BIO_read( s_bio, data2, sizeof( data2 ) ); + BOOST_CHECK_EQUAL( res, -1 ); + res = BIO_write( c_bio, data, 5 ); + BOOST_CHECK_EQUAL( res, 5 ); + res = BIO_read( s_bio, data2, sizeof( data2 ) ); + BOOST_CHECK_EQUAL( res, 5 ); + BOOST_CHECK_EQUAL_COLLECTIONS( data, data + 5, data2, data2 + 5 ); +} + BOOST_AUTO_TEST_SUITE_END() -- 2.39.2