ssl: Update property tests with pre_shared_key

author: Péter Dimitrov <[email protected]> 2019-07-22 16:43:54 +0200
committer: Péter Dimitrov <[email protected]> 2019-07-25 14:49:16 +0200
commit: 9339bfd586b4c2dca1ac623b95ac4b377e187a5d (patch)
tree: 06b11cbdf7ffa23bbf745873051249aeb6ad8672 /lib/ssl/test
parent: c45076cbbcb954434234dc7b33fee68692768cc5 (diff)
download: otp-9339bfd586b4c2dca1ac623b95ac4b377e187a5d.tar.gz
otp-9339bfd586b4c2dca1ac623b95ac4b377e187a5d.tar.bz2
otp-9339bfd586b4c2dca1ac623b95ac4b377e187a5d.zip
1 files changed, 56 insertions, 10 deletions
diff --git a/lib/ssl/test/property_test/ssl_eqc_handshake.erl b/lib/ssl/test/property_test/ssl_eqc_handshake.erl
index f495161e78..82c9aebe36 100644
--- a/lib/ssl/test/property_test/ssl_eqc_handshake.erl
+++ b/lib/ssl/test/property_test/ssl_eqc_handshake.erl
@@ -307,7 +307,7 @@ pre_shared_keyextension() ->
 %% |                                                  |             |
 %% | signature_algorithms_cert (RFC 8446)             |      CH, CR |
 %% +--------------------------------------------------+-------------+
-extensions(?'TLS_v1.3' = Version, client_hello) ->
+extensions(?'TLS_v1.3' = Version, MsgType = client_hello) ->
      ?LET({
            ServerName,
            %% MaxFragmentLength,
@@ -322,7 +322,7 @@ extensions(?'TLS_v1.3' = Version, client_hello) ->
            %% ServerCertificateType,
            %% Padding,
            KeyShare,
-           %% PreSharedKey,
+           PreSharedKey,
            PSKKeyExchangeModes,
            %% EarlyData,
            %% Cookie,
@@ -344,8 +344,8 @@ extensions(?'TLS_v1.3' = Version, client_hello) ->
            %% oneof([client_cert_type(), undefined]),
            %% oneof([server_cert_type(), undefined]),
            %% oneof([padding(), undefined]),
-           oneof([key_share(client_hello), undefined]),
-           %% oneof([pre_shared_key(), undefined]),
+           oneof([key_share(MsgType), undefined]),
+           oneof([pre_shared_key(MsgType), undefined]),
            oneof([psk_key_exchange_modes(), undefined]),
            %% oneof([early_data(), undefined]),
            %% oneof([cookie(), undefined]),
@@ -373,7 +373,7 @@ extensions(?'TLS_v1.3' = Version, client_hello) ->
                         %% server_cert_type => ServerCertificateType,
                         %% padding => Padding,
                         key_share => KeyShare,
-                        %% pre_shared_key => PreSharedKey,
+                        pre_shared_key => PreSharedKey,
                         psk_key_exchange_modes => PSKKeyExchangeModes,
                         %% early_data => EarlyData,
                         %% cookie => Cookie,
@@ -417,15 +417,15 @@ extensions(Version, client_hello) ->
                        srp => SRP
                        %% renegotiation_info => RenegotiationInfo
                       }));
-extensions(?'TLS_v1.3' = Version, server_hello) ->
+extensions(?'TLS_v1.3' = Version, MsgType = server_hello) ->
     ?LET({
           KeyShare,
-          %% PreSharedKeys,
+          PreSharedKey,
           SupportedVersions
          },
          {
-          oneof([key_share(server_hello), undefined]),
-          %% oneof([pre_shared_keys(),  undefined]),
+          oneof([key_share(MsgType), undefined]),
+          oneof([pre_shared_key(MsgType),  undefined]),
           oneof([server_hello_selected_version()])
          },
          maps:filter(fun(_, undefined) ->
@@ -435,7 +435,7 @@ extensions(?'TLS_v1.3' = Version, server_hello) ->
                      end,
                      #{
                        key_share => KeyShare,
-                       %% pre_shared_keys => PreSharedKeys,
+                       pre_shared_key => PreSharedKey,
                        server_hello_selected_version => SupportedVersions
                       }));
 extensions(Version, server_hello) ->
@@ -835,3 +835,49 @@ psk_key_exchange_modes() ->
     ?LET(KEModes, ke_modes(),
          #psk_key_exchange_modes{
             ke_modes = KEModes}).
+
+pre_shared_key(client_hello) ->
+    ?LET(OfferedPsks, offered_psks(),
+         #pre_shared_key_client_hello{
+            offered_psks = OfferedPsks});
+pre_shared_key(server_hello) ->
+    ?LET(SelectedIdentity, selected_identity(),
+         #pre_shared_key_server_hello{
+           selected_identity = SelectedIdentity}).
+
+selected_identity() ->
+    rand:uniform(32).
+
+offered_psks() ->
+    ?LET(Size, choose(1,5),
+         #offered_psks{
+            identities = psk_identities(Size),
+            binders = psk_binders(Size)}).
+
+psk_identities(Size) ->
+    psk_identities(Size, []).
+%%
+psk_identities(0, Acc) ->
+    Acc;
+psk_identities(N, Acc) ->
+    psk_identities(N - 1, [psk_identity()|Acc]).
+
+psk_identity() ->
+    Len = rand:uniform(32),
+    Identity = crypto:strong_rand_bytes(Len),
+    Age = crypto:strong_rand_bytes(4),
+    #psk_identity{
+      identity = Identity,
+      obfuscated_ticket_age = Age}.
+
+psk_binders(Size) ->
+    psk_binders(Size, []).
+%%
+psk_binders(0, Acc) ->
+    Acc;
+psk_binders(N, Acc) ->
+    psk_binders(N - 1, [psk_binder()|Acc]).
+
+psk_binder() ->
+    Len = rand:uniform(224) + 31,
+    crypto:strong_rand_bytes(Len).
author	Péter Dimitrov <[email protected]>	2019-07-22 16:43:54 +0200
committer	Péter Dimitrov <[email protected]>	2019-07-25 14:49:16 +0200
commit	9339bfd586b4c2dca1ac623b95ac4b377e187a5d (patch)
tree	06b11cbdf7ffa23bbf745873051249aeb6ad8672 /lib/ssl/test
parent	c45076cbbcb954434234dc7b33fee68692768cc5 (diff)
download	otp-9339bfd586b4c2dca1ac623b95ac4b377e187a5d.tar.gz otp-9339bfd586b4c2dca1ac623b95ac4b377e187a5d.tar.bz2 otp-9339bfd586b4c2dca1ac623b95ac4b377e187a5d.zip