More precise testing of dhm_min_len

An SSL client can be configured to insist on a minimum size for the
Diffie-Hellman (DHM) parameters sent by the server. Add several test
cases where the server sends parameters with exactly the minimum
size (must be accepted) or parameters that are one bit too short (must
be rejected). Make sure that there are test cases both where the
boundary is byte-aligned and where it isn't.

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
This commit is contained in:
Gilles Peskine 2020-12-08 22:31:52 +01:00
parent 384a0880c4
commit 3e7b61c42b
4 changed files with 79 additions and 0 deletions

View file

@ -1052,6 +1052,16 @@ cert_md5.crt: cert_md5.csr
$(MBEDTLS_CERT_WRITE) request_file=$< serial=6 issuer_crt=$(test_ca_crt) issuer_key=$(test_ca_key_file_rsa) issuer_pwd=$(test_ca_pwd_rsa) not_before=20190210144406 not_after=20290210144406 md=MD5 version=3 output_file=$@
all_final += cert_md5.crt
################################################################
#### Diffie-Hellman parameters
################################################################
dh.998.pem:
$(OPENSSL) dhparam -out $@ -text 998
dh.999.pem:
$(OPENSSL) dhparam -out $@ -text 999
################################################################
#### Meta targets
################################################################

View file

@ -0,0 +1,17 @@
DH Parameters: (998 bit)
prime:
39:5f:30:c0:7b:06:b7:6a:49:c6:c0:81:1f:39:77:
b3:35:e2:8d:66:fc:6a:6e:94:f3:df:97:f2:89:31:
6c:75:39:08:16:d1:a4:b8:0c:68:c5:63:21:61:eb:
48:2d:77:99:08:1d:67:38:37:0a:cd:cf:39:b6:3c:
9d:8a:e5:85:3c:71:e3:4b:3e:1e:b9:80:e3:cc:7a:
fd:84:05:b0:df:36:15:29:4e:3e:23:3b:c3:ae:6b:
c7:11:b9:64:43:40:75:c7:4a:ef:a7:2d:00:e2:62:
8f:93:78:96:8f:2c:25:8d:7d:1f:eb:5c:3c:bf:51:
de:f8:08:25:db
generator: 2 (0x2)
-----BEGIN DH PARAMETERS-----
MIGCAn05XzDAewa3aknGwIEfOXezNeKNZvxqbpTz35fyiTFsdTkIFtGkuAxoxWMh
YetILXeZCB1nODcKzc85tjydiuWFPHHjSz4euYDjzHr9hAWw3zYVKU4+IzvDrmvH
EblkQ0B1x0rvpy0A4mKPk3iWjywljX0f61w8v1He+Agl2wIBAg==
-----END DH PARAMETERS-----

View file

@ -0,0 +1,17 @@
DH Parameters: (999 bit)
prime:
4f:b8:d2:d8:3c:b3:02:c9:64:f5:99:fe:61:cc:b3:
69:1c:ba:bb:a2:33:db:38:2f:85:87:b7:12:fb:69:
6e:a5:32:3e:ff:24:df:c4:61:07:0c:e1:88:72:fa:
14:d4:22:65:18:66:09:7e:43:35:c4:5a:62:f7:0a:
69:be:45:71:6e:ac:c5:56:d8:22:9e:c4:9c:23:2b:
bd:6d:3b:b6:02:4f:5d:12:a7:ac:90:b8:9e:be:93:
82:bc:09:7c:cd:e1:09:21:1e:3d:69:2a:76:41:00:
68:6d:b7:e8:e8:df:d6:1b:82:93:d9:21:4a:ea:71:
f2:e6:c4:94:03
generator: 2 (0x2)
-----BEGIN DH PARAMETERS-----
MIGCAn1PuNLYPLMCyWT1mf5hzLNpHLq7ojPbOC+Fh7cS+2lupTI+/yTfxGEHDOGI
cvoU1CJlGGYJfkM1xFpi9wppvkVxbqzFVtginsScIyu9bTu2Ak9dEqeskLievpOC
vAl8zeEJIR49aSp2QQBobbfo6N/WG4KT2SFK6nHy5sSUAwIBAg==
-----END DH PARAMETERS-----

View file

@ -3960,6 +3960,20 @@ run_test "DHM size: server 1024, client default, OK" \
0 \
-C "DHM prime too short:"
run_test "DHM size: server 999, client 999, OK" \
"$P_SRV dhm_file=data_files/dh.999.pem" \
"$P_CLI force_ciphersuite=TLS-DHE-RSA-WITH-AES-128-CBC-SHA \
debug_level=1 dhmlen=999" \
0 \
-C "DHM prime too short:"
run_test "DHM size: server 1000, client 1000, OK" \
"$P_SRV dhm_file=data_files/dh.1000.pem" \
"$P_CLI force_ciphersuite=TLS-DHE-RSA-WITH-AES-128-CBC-SHA \
debug_level=1 dhmlen=1000" \
0 \
-C "DHM prime too short:"
run_test "DHM size: server 1000, client default, rejected" \
"$P_SRV dhm_file=data_files/dh.1000.pem" \
"$P_CLI force_ciphersuite=TLS-DHE-RSA-WITH-AES-128-CBC-SHA \
@ -3967,6 +3981,27 @@ run_test "DHM size: server 1000, client default, rejected" \
1 \
-c "DHM prime too short:"
run_test "DHM size: server 1000, client 1001, rejected" \
"$P_SRV dhm_file=data_files/dh.1000.pem" \
"$P_CLI force_ciphersuite=TLS-DHE-RSA-WITH-AES-128-CBC-SHA \
debug_level=1 dhmlen=1001" \
1 \
-c "DHM prime too short:"
run_test "DHM size: server 999, client 1000, rejected" \
"$P_SRV dhm_file=data_files/dh.999.pem" \
"$P_CLI force_ciphersuite=TLS-DHE-RSA-WITH-AES-128-CBC-SHA \
debug_level=1 dhmlen=1000" \
1 \
-c "DHM prime too short:"
run_test "DHM size: server 998, client 999, rejected" \
"$P_SRV dhm_file=data_files/dh.998.pem" \
"$P_CLI force_ciphersuite=TLS-DHE-RSA-WITH-AES-128-CBC-SHA \
debug_level=1 dhmlen=999" \
1 \
-c "DHM prime too short:"
run_test "DHM size: server default, client 2049, rejected" \
"$P_SRV" \
"$P_CLI force_ciphersuite=TLS-DHE-RSA-WITH-AES-128-CBC-SHA \