Merge branch 'ingela/ssl/property-tests'

* ingela/ssl/property-tests:
  ssl: Correct compression decoding
  ssl: Add property tests framework
  ssl: Fix typo

7 files changed, 212 insertions, 8 deletions

diff --git a/lib/ssl/src/ssl_record.erl b/lib/ssl/src/ssl_record.erl
index 659e1485ac..446bb6c56a 100644
--- a/lib/ssl/src/ssl_record.erl
+++ b/lib/ssl/src/ssl_record.erl
@@ -278,13 +278,12 @@ compress(?NULL, Data, CS) ->
     {Data, CS}.
 
 %%--------------------------------------------------------------------
--spec compressions() -> [binary()].
+-spec compressions() -> [integer()].
 %%
 %% Description: return a list of compressions supported (currently none)
 %%--------------------------------------------------------------------
 compressions() ->
-    [?byte(?NULL)].
-
+    [?NULL].
 
 %%====================================================================
 %% Payload encryption/decryption
diff --git a/lib/ssl/src/tls_handshake.erl b/lib/ssl/src/tls_handshake.erl
index 1fccc216cb..82ed2e8d14 100644
--- a/lib/ssl/src/tls_handshake.erl
+++ b/lib/ssl/src/tls_handshake.erl
@@ -419,7 +419,7 @@ decode_handshake(_Version, ?CLIENT_HELLO,
        random = Random,
        session_id = Session_ID,
        cipher_suites = ssl_handshake:decode_suites('2_bytes', CipherSuites),
-       compression_methods = Comp_methods,
+       compression_methods = erlang:binary_to_list(Comp_methods),
        extensions = DecodedExtensions
       };
 decode_handshake({3, 4}, Tag, Msg) ->
diff --git a/lib/ssl/src/tls_handshake_1_3.erl b/lib/ssl/src/tls_handshake_1_3.erl
index b4c5f268b8..2957e3a5b4 100644
--- a/lib/ssl/src/tls_handshake_1_3.erl
+++ b/lib/ssl/src/tls_handshake_1_3.erl
@@ -58,7 +58,7 @@ encode_handshake(#new_session_ticket{
     {?NEW_SESSION_TICKET, <<?UINT32(LifeTime), ?UINT32(Age),
                             ?BYTE(Nonce), ?UINT16(TicketSize), Ticket/binary,
                             BinExts/binary>>};
-encode_handshake(#end_of_earyly_data{}) ->
+encode_handshake(#end_of_early_data{}) ->
     {?END_OF_EARLY_DATA, <<>>};
 encode_handshake(#key_update{request_update = Update}) ->
     {?KEY_UPDATE, <<?BYTE(Update)>>};
@@ -103,7 +103,7 @@ decode_handshake(?NEW_SESSION_TICKET, <<?UINT32(LifeTime), ?UINT32(Age),
                         ticket = Ticket,           
                         extensions = Exts};
 decode_handshake(?END_OF_EARLY_DATA, _) ->
-    #end_of_earyly_data{};
+    #end_of_early_data{};
 decode_handshake(?KEY_UPDATE, <<?BYTE(Update)>>) ->
     #key_update{request_update = Update};
 decode_handshake(Tag, HandshakeMsg) ->
diff --git a/lib/ssl/src/tls_handshake_1_3.hrl b/lib/ssl/src/tls_handshake_1_3.hrl
index b07fa967b5..0ef954e2e9 100644
--- a/lib/ssl/src/tls_handshake_1_3.hrl
+++ b/lib/ssl/src/tls_handshake_1_3.hrl
@@ -217,7 +217,7 @@
          }).
 
 %%  RFC 8446 B.3.5. Updating Keys
--record(end_of_earyly_data, {
+-record(end_of_early_data, {
          }).
 
 -define(UPDATE_NOT_REQUESTED, 0).
diff --git a/lib/ssl/test/Makefile b/lib/ssl/test/Makefile
index 9dfb2eba53..d5ba105478 100644
--- a/lib/ssl/test/Makefile
+++ b/lib/ssl/test/Makefile
@@ -61,6 +61,7 @@ MODULES = \
 	ssl_ECC\
 	ssl_upgrade_SUITE\
 	ssl_sni_SUITE \
+	ssl_eqc_SUITE \
 	make_certs\
         x509_test
 
@@ -144,7 +145,7 @@ release_tests_spec: opt
 	$(INSTALL_DATA)  $(ERL_FILES) $(HRL_FILES) $(HRL_FILES_NEEDED_IN_TEST) $(COVER_FILE) "$(RELSYSDIR)"
 	$(INSTALL_DATA) ssl.spec ssl_bench.spec ssl.cover "$(RELSYSDIR)"
 	chmod -R u+w "$(RELSYSDIR)"
-	@tar cf - *_SUITE_data | (cd "$(RELSYSDIR)"; tar xf -)
+	@tar cf - *_SUITE_data property_test | (cd "$(RELSYSDIR)"; tar xf -)
 
 release_docs_spec:
 
diff --git a/lib/ssl/test/property_test/ssl_eqc_handshake.erl b/lib/ssl/test/property_test/ssl_eqc_handshake.erl
new file mode 100644
index 0000000000..5303785b17
--- /dev/null
+++ b/lib/ssl/test/property_test/ssl_eqc_handshake.erl
@@ -0,0 +1,146 @@
+%%
+%% %CopyrightBegin%
+%% 
+%% Copyright Ericsson AB 2004-2015. All Rights Reserved.
+%% 
+%% The contents of this file are subject to the Erlang Public License,
+%% Version 1.1, (the "License"); you may not use this file except in
+%% compliance with the License. You should have received a copy of the
+%% Erlang Public License along with this software. If not, it can be
+%% retrieved online at http://www.erlang.org/.
+%% 
+%% Software distributed under the License is distributed on an "AS IS"
+%% basis, WITHOUT WARRANTY OF ANY KIND, either express or implied. See
+%% the License for the specific language governing rights and limitations
+%% under the License.
+%% 
+%% %CopyrightEnd%
+%%
+%%
+
+-module(ssl_eqc_handshake).
+
+-compile(export_all).
+
+-proptest(eqc).
+-proptest([triq,proper]).
+
+-ifndef(EQC).
+-ifndef(PROPER).
+-ifndef(TRIQ).
+-define(EQC,true).
+-endif.
+-endif.
+-endif.
+
+-ifdef(EQC).
+-include_lib("eqc/include/eqc.hrl").
+-define(MOD_eqc,eqc).
+
+-else.
+-ifdef(PROPER).
+-include_lib("proper/include/proper.hrl").
+-define(MOD_eqc,proper).
+
+-else.
+-ifdef(TRIQ).
+-define(MOD_eqc,triq).
+-include_lib("triq/include/triq.hrl").
+
+-endif.
+-endif.
+-endif.
+
+-include_lib("ssl/src/tls_handshake_1_3.hrl").
+-include_lib("ssl/src/tls_handshake.hrl").
+-include_lib("ssl/src/ssl_handshake.hrl").
+-include_lib("ssl/src/ssl_alert.hrl").
+-include_lib("ssl/src/ssl_internal.hrl").
+
+-define('TLS_v1.3', {3,4}).
+-define('TLS_v1.2', {3,3}).
+-define('TLS_v1.1', {3,2}).
+-define('TLS_v1',   {3,1}).
+-define('SSL_v3',   {3,0}).
+
+%%--------------------------------------------------------------------
+%% Properties --------------------------------------------------------
+%%--------------------------------------------------------------------
+
+prop_tls_hs_encode_decode() ->
+    ?FORALL({Handshake, TLSVersion}, ?LET(Version, tls_version(), {tls_msg(Version), Version}),
+            try 
+                [Type, _Length, Data] = tls_handshake:encode_handshake(Handshake, TLSVersion),
+                case tls_handshake:decode_handshake(TLSVersion, Type, Data) of
+                    Handshake ->
+                        true;
+                    _ ->
+                        false
+                end
+            catch
+                throw:#alert{} ->
+                    true
+            end
+	   ).
+
+tls_version() ->
+    oneof([?'TLS_v1.2', ?'TLS_v1.1', ?'TLS_v1', ?'SSL_v3']). 
+
+tls_msg(?'TLS_v1.3'= Version) ->
+    oneof([client_hello(Version),
+           %%server_hello(Version)
+           %%new_session_ticket()
+           #end_of_early_data{},
+           %%encrypted_extensions()
+           %%certificate_1_3(),
+           %%certificate_request()
+           %%certificate_verify()
+           %%finished()
+           key_update()
+           %%message_hash()
+          ]);
+tls_msg(Version) ->
+    oneof([#hello_request{},
+           client_hello(Version),
+           %%server_hello(Version)
+           %%certificate(),
+           %%server_key_exchange()
+           %%certificate_request()
+           #server_hello_done{}
+           %%certificate_verify()
+           %%client_key_exchange()
+           %%finished()
+          ]).
+
+client_hello(?'TLS_v1.3' = Version) ->
+    #client_hello{session_id = session_id(),
+		  client_version = ?'TLS_v1.2',
+		  cipher_suites = ssl_cipher:suites(Version), 
+		  compression_methods = compressions(Version),
+		  random = client_random(Version),
+		  extensions = client_extensions(Version)    
+                 };
+client_hello(Version) ->
+    #client_hello{session_id = session_id(),
+		  client_version = Version,
+		  cipher_suites = ssl_cipher:suites(Version), 
+		  compression_methods = compressions(Version),
+		  random = client_random(Version),
+		  extensions = client_extensions(Version)    
+                 }.
+session_id() ->
+    crypto:strong_rand_bytes(?NUM_OF_SESSION_ID_BYTES).
+ 
+compressions(_) -> 
+    ssl_record:compressions().
+client_random(_) ->
+    crypto:strong_rand_bytes(32).
+       
+client_extensions(_) ->
+    #hello_extensions{}.
+
+key_update() ->
+    #key_update{request_update = request_update()}.
+
+request_update() ->
+     oneof([?UPDATE_NOT_REQUESTED, ?UPDATE_REQUESTED]).
diff --git a/lib/ssl/test/ssl_eqc_SUITE.erl b/lib/ssl/test/ssl_eqc_SUITE.erl
new file mode 100644
index 0000000000..bd36d35c02
--- /dev/null
+++ b/lib/ssl/test/ssl_eqc_SUITE.erl
@@ -0,0 +1,58 @@
+%%
+%% %CopyrightBegin%
+%% 
+%% Copyright Ericsson AB 2015-2015. All Rights Reserved.
+%% 
+%% The contents of this file are subject to the Erlang Public License,
+%% Version 1.1, (the "License"); you may not use this file except in
+%% compliance with the License. You should have received a copy of the
+%% Erlang Public License along with this software. If not, it can be
+%% retrieved online at http://www.erlang.org/.
+%% 
+%% Software distributed under the License is distributed on an "AS IS"
+%% basis, WITHOUT WARRANTY OF ANY KIND, either express or implied. See
+%% the License for the specific language governing rights and limitations
+%% under the License.
+%% 
+%% %CopyrightEnd%
+%%
+%%
+
+-module(ssl_eqc_SUITE).
+
+-compile(export_all).
+%%--------------------------------------------------------------------
+%% Common Test interface functions -----------------------------------
+%%--------------------------------------------------------------------
+
+all() -> 
+    [
+     tls_handshake_encoding
+    ].
+
+%%--------------------------------------------------------------------
+init_per_suite(Config) ->
+    ct_property_test:init_per_suite(Config).
+end_per_suite(Config) ->
+    Config.
+
+init_per_group(_GroupName, Config) ->
+    Config.
+
+end_per_group(_,Config) ->
+    Config.
+
+init_per_testcase(_, Config0) ->
+    Config0.
+
+end_per_testcase(_TestCase, Config) ->
+    Config.
+
+%%--------------------------------------------------------------------
+%% Test Cases --------------------------------------------------------
+%%--------------------------------------------------------------------
+
+tls_handshake_encoding(Config) when is_list(Config) ->
+    %% manual test:  proper:quickcheck(ssl_eqc_handshake:prop_tls_hs_encode_decode()).
+    true =  ct_property_test:quickcheck(ssl_eqc_handshake:prop_tls_hs_encode_decode(),
+                                        Config).