* CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. */
#include <stdio.h>
+#include <string.h>
+#include <openssl/base64.h>
+#include <openssl/bio.h>
#include <openssl/err.h>
#include <openssl/ssl.h>
return 1;
}
+/* kOpenSSLSession is a serialized SSL_SESSION generated from openssl
+ * s_client -sess_out. */
+static const char kOpenSSLSession[] =
+ "MIIFpQIBAQICAwMEAsAvBCAG5Q1ndq4Yfmbeo1zwLkNRKmCXGdNgWvGT3cskV0yQ"
+ "kAQwJlrlzkAWBOWiLj/jJ76D7l+UXoizP2KI2C7I2FccqMmIfFmmkUy32nIJ0mZH"
+ "IWoJoQYCBFRDO46iBAICASyjggR6MIIEdjCCA16gAwIBAgIIK9dUvsPWSlUwDQYJ"
+ "KoZIhvcNAQEFBQAwSTELMAkGA1UEBhMCVVMxEzARBgNVBAoTCkdvb2dsZSBJbmMx"
+ "JTAjBgNVBAMTHEdvb2dsZSBJbnRlcm5ldCBBdXRob3JpdHkgRzIwHhcNMTQxMDA4"
+ "MTIwNzU3WhcNMTUwMTA2MDAwMDAwWjBoMQswCQYDVQQGEwJVUzETMBEGA1UECAwK"
+ "Q2FsaWZvcm5pYTEWMBQGA1UEBwwNTW91bnRhaW4gVmlldzETMBEGA1UECgwKR29v"
+ "Z2xlIEluYzEXMBUGA1UEAwwOd3d3Lmdvb2dsZS5jb20wggEiMA0GCSqGSIb3DQEB"
+ "AQUAA4IBDwAwggEKAoIBAQCcKeLrplAC+Lofy8t/wDwtB6eu72CVp0cJ4V3lknN6"
+ "huH9ct6FFk70oRIh/VBNBBz900jYy+7111Jm1b8iqOTQ9aT5C7SEhNcQFJvqzH3e"
+ "MPkb6ZSWGm1yGF7MCQTGQXF20Sk/O16FSjAynU/b3oJmOctcycWYkY0ytS/k3LBu"
+ "Id45PJaoMqjB0WypqvNeJHC3q5JjCB4RP7Nfx5jjHSrCMhw8lUMW4EaDxjaR9KDh"
+ "PLgjsk+LDIySRSRDaCQGhEOWLJZVLzLo4N6/UlctCHEllpBUSvEOyFga52qroGjg"
+ "rf3WOQ925MFwzd6AK+Ich0gDRg8sQfdLH5OuP1cfLfU1AgMBAAGjggFBMIIBPTAd"
+ "BgNVHSUEFjAUBggrBgEFBQcDAQYIKwYBBQUHAwIwGQYDVR0RBBIwEIIOd3d3Lmdv"
+ "b2dsZS5jb20waAYIKwYBBQUHAQEEXDBaMCsGCCsGAQUFBzAChh9odHRwOi8vcGtp"
+ "Lmdvb2dsZS5jb20vR0lBRzIuY3J0MCsGCCsGAQUFBzABhh9odHRwOi8vY2xpZW50"
+ "czEuZ29vZ2xlLmNvbS9vY3NwMB0GA1UdDgQWBBQ7a+CcxsZByOpc+xpYFcIbnUMZ"
+ "hTAMBgNVHRMBAf8EAjAAMB8GA1UdIwQYMBaAFErdBhYbvPZotXb1gba7Yhq6WoEv"
+ "MBcGA1UdIAQQMA4wDAYKKwYBBAHWeQIFATAwBgNVHR8EKTAnMCWgI6Ahhh9odHRw"
+ "Oi8vcGtpLmdvb2dsZS5jb20vR0lBRzIuY3JsMA0GCSqGSIb3DQEBBQUAA4IBAQCa"
+ "OXCBdoqUy5bxyq+Wrh1zsyyCFim1PH5VU2+yvDSWrgDY8ibRGJmfff3r4Lud5kal"
+ "dKs9k8YlKD3ITG7P0YT/Rk8hLgfEuLcq5cc0xqmE42xJ+Eo2uzq9rYorc5emMCxf"
+ "5L0TJOXZqHQpOEcuptZQ4OjdYMfSxk5UzueUhA3ogZKRcRkdB3WeWRp+nYRhx4St"
+ "o2rt2A0MKmY9165GHUqMK9YaaXHDXqBu7Sefr1uSoAP9gyIJKeihMivsGqJ1TD6Z"
+ "cc6LMe+dN2P8cZEQHtD1y296ul4Mivqk3jatUVL8/hCwgch9A8O4PGZq9WqBfEWm"
+ "IyHh1dPtbg1lOXdYCWtjpAIEAKUDAgEUqQUCAwGJwKqBpwSBpBwUQvoeOk0Kg36S"
+ "YTcLEkXqKwOBfF9vE4KX0NxeLwjcDTpsuh3qXEaZ992r1N38VDcyS6P7I6HBYN9B"
+ "sNHM362zZnY27GpTw+Kwd751CLoXFPoaMOe57dbBpXoro6Pd3BTbf/Tzr88K06yE"
+ "OTDKPNj3+inbMaVigtK4PLyPq+Topyzvx9USFgRvyuoxn0Hgb+R0A3j6SLRuyOdA"
+ "i4gv7Y5oliyn";
+
+/* kCustomSession is a custom serialized SSL_SESSION generated by
+ * filling in missing fields from |kOpenSSLSession|. This includes
+ * providing |peer_sha256|, so |peer| is not serialized. */
+static const char kCustomSession[] =
+ "MIIBfwIBAQICAwMEAsAvBCAG5Q1ndq4Yfmbeo1zwLkNRKmCXGdNgWvGT3cskV0yQ"
+ "kAQwJlrlzkAWBOWiLj/jJ76D7l+UXoizP2KI2C7I2FccqMmIfFmmkUy32nIJ0mZH"
+ "IWoJoQYCBFRDO46iBAICASykAwQBAqUDAgEUphAEDnd3dy5nb29nbGUuY29tpwcE"
+ "BWhlbGxvqAcEBXdvcmxkqQUCAwGJwKqBpwSBpBwUQvoeOk0Kg36SYTcLEkXqKwOB"
+ "fF9vE4KX0NxeLwjcDTpsuh3qXEaZ992r1N38VDcyS6P7I6HBYN9BsNHM362zZnY2"
+ "7GpTw+Kwd751CLoXFPoaMOe57dbBpXoro6Pd3BTbf/Tzr88K06yEOTDKPNj3+inb"
+ "MaVigtK4PLyPq+Topyzvx9USFgRvyuoxn0Hgb+R0A3j6SLRuyOdAi4gv7Y5oliyn"
+ "rSIEIAYGBgYGBgYGBgYGBgYGBgYGBgYGBgYGBgYGBgYGBgYGrgMEAQevAwQBBLAD"
+ "BAEF";
+
+static int decode_base64(uint8_t **out, size_t *out_len, const char *in) {
+ size_t len;
+
+ if (!EVP_DecodedLength(&len, strlen(in))) {
+ fprintf(stderr, "EVP_DecodedLength failed\n");
+ return 0;
+ }
+
+ *out = OPENSSL_malloc(len);
+ if (*out == NULL) {
+ fprintf(stderr, "malloc failed\n");
+ return 0;
+ }
+
+ if (!EVP_DecodeBase64(*out, out_len, len, (const uint8_t *)in,
+ strlen(in))) {
+ fprintf(stderr, "EVP_DecodeBase64 failed\n");
+ OPENSSL_free(*out);
+ *out = NULL;
+ return 0;
+ }
+ return 1;
+}
+
+static int test_ssl_session_asn1(const char *input_b64) {
+ int ret = 0, len;
+ size_t input_len, encoded_len;
+ uint8_t *input = NULL, *encoded = NULL;
+ const uint8_t *cptr;
+ uint8_t *ptr;
+ SSL_SESSION *session = NULL;
+
+ /* Decode the input. */
+ if (!decode_base64(&input, &input_len, input_b64)) {
+ goto done;
+ }
+
+ /* Verify the SSL_SESSION decodes. */
+ cptr = input;
+ session = d2i_SSL_SESSION(NULL, &cptr, input_len);
+ if (session == NULL || cptr != input + input_len) {
+ fprintf(stderr, "d2i_SSL_SESSION failed\n");
+ goto done;
+ }
+
+ /* Verify the SSL_SESSION encoding round-trips. */
+ if (!SSL_SESSION_to_bytes(session, &encoded, &encoded_len)) {
+ fprintf(stderr, "SSL_SESSION_to_bytes failed\n");
+ goto done;
+ }
+ if (encoded_len != input_len ||
+ memcmp(input, encoded, input_len) != 0) {
+ fprintf(stderr, "SSL_SESSION_to_bytes did not round-trip\n");
+ goto done;
+ }
+ OPENSSL_free(encoded);
+ encoded = NULL;
+
+ /* Verify the SSL_SESSION encoding round-trips via the legacy API. */
+ len = i2d_SSL_SESSION(session, NULL);
+ if (len < 0 || (size_t)len != input_len) {
+ fprintf(stderr, "i2d_SSL_SESSION(NULL) returned invalid length\n");
+ goto done;
+ }
+
+ encoded = OPENSSL_malloc(input_len);
+ if (encoded == NULL) {
+ fprintf(stderr, "malloc failed\n");
+ goto done;
+ }
+ ptr = encoded;
+ len = i2d_SSL_SESSION(session, &ptr);
+ if (len < 0 || (size_t)len != input_len) {
+ fprintf(stderr, "i2d_SSL_SESSION returned invalid length\n");
+ goto done;
+ }
+ if (ptr != encoded + input_len) {
+ fprintf(stderr, "i2d_SSL_SESSION did not advance ptr correctly\n");
+ goto done;
+ }
+ if (memcmp(input, encoded, input_len) != 0) {
+ fprintf(stderr, "i2d_SSL_SESSION did not round-trip\n");
+ goto done;
+ }
+
+ ret = 1;
+
+ done:
+ if (!ret) {
+ BIO_print_errors_fp(stderr);
+ }
+
+ if (session) {
+ SSL_SESSION_free(session);
+ }
+ if (input) {
+ OPENSSL_free(input);
+ }
+ if (encoded) {
+ OPENSSL_free(encoded);
+ }
+ return ret;
+}
+
int main(void) {
SSL_library_init();
- if (!test_cipher_rules()) {
+ if (!test_cipher_rules() ||
+ !test_ssl_session_asn1(kOpenSSLSession) ||
+ !test_ssl_session_asn1(kCustomSession)) {
return 1;
}