]>
Commit | Line | Data |
---|---|---|
5a22cf96 | 1 | /* |
454afd98 | 2 | * Copyright 2016-2020 The OpenSSL Project Authors. All Rights Reserved. |
5a22cf96 | 3 | * |
909f1a2e | 4 | * Licensed under the Apache License 2.0 (the "License"); |
5a22cf96 EK |
5 | * you may not use this file except in compliance with the License. |
6 | * You may obtain a copy of the License at | |
7 | * https://www.openssl.org/source/license.html | |
8 | * or in the file LICENSE in the source distribution. | |
9 | */ | |
10 | ||
11 | #include <stdio.h> | |
019e47ce | 12 | #include <string.h> |
5a22cf96 EK |
13 | |
14 | #include <openssl/opensslconf.h> | |
15 | #include <openssl/err.h> | |
16 | #include <openssl/e_os2.h> | |
17 | #include <openssl/ssl.h> | |
18 | #include <openssl/ssl3.h> | |
19 | #include <openssl/tls1.h> | |
20 | ||
176db6dc | 21 | #include "internal/nelem.h" |
5a22cf96 EK |
22 | #include "testutil.h" |
23 | ||
852c2ed2 RS |
24 | DEFINE_STACK_OF_CONST(SSL_CIPHER) |
25 | ||
5a22cf96 EK |
26 | typedef struct cipherlist_test_fixture { |
27 | const char *test_case_name; | |
28 | SSL_CTX *server; | |
29 | SSL_CTX *client; | |
30 | } CIPHERLIST_TEST_FIXTURE; | |
31 | ||
32 | ||
019e47ce | 33 | static void tear_down(CIPHERLIST_TEST_FIXTURE *fixture) |
5a22cf96 | 34 | { |
019e47ce P |
35 | if (fixture != NULL) { |
36 | SSL_CTX_free(fixture->server); | |
37 | SSL_CTX_free(fixture->client); | |
38 | fixture->server = fixture->client = NULL; | |
2326bba0 | 39 | OPENSSL_free(fixture); |
019e47ce P |
40 | } |
41 | } | |
42 | ||
43 | static CIPHERLIST_TEST_FIXTURE *set_up(const char *const test_case_name) | |
44 | { | |
2326bba0 | 45 | CIPHERLIST_TEST_FIXTURE *fixture; |
019e47ce | 46 | |
2326bba0 P |
47 | if (!TEST_ptr(fixture = OPENSSL_zalloc(sizeof(*fixture)))) |
48 | return NULL; | |
49 | fixture->test_case_name = test_case_name; | |
50 | if (!TEST_ptr(fixture->server = SSL_CTX_new(TLS_server_method())) | |
51 | || !TEST_ptr(fixture->client = SSL_CTX_new(TLS_client_method()))) { | |
52 | tear_down(fixture); | |
019e47ce P |
53 | return NULL; |
54 | } | |
2326bba0 | 55 | return fixture; |
5a22cf96 EK |
56 | } |
57 | ||
58 | /* | |
59 | * All ciphers in the DEFAULT cipherlist meet the default security level. | |
60 | * However, default supported ciphers exclude SRP and PSK ciphersuites | |
61 | * for which no callbacks have been set up. | |
62 | * | |
63 | * Supported ciphers also exclude TLSv1.2 ciphers if TLSv1.2 is disabled, | |
64 | * and individual disabled algorithms. However, NO_RSA, NO_AES and NO_SHA | |
65 | * are currently broken and should be considered mission impossible in libssl. | |
66 | */ | |
67 | static const uint32_t default_ciphers_in_order[] = { | |
f865b081 MC |
68 | #ifndef OPENSSL_NO_TLS1_3 |
69 | TLS1_3_CK_AES_256_GCM_SHA384, | |
70 | # if !defined(OPENSSL_NO_CHACHA) && !defined(OPENSSL_NO_POLY1305) | |
71 | TLS1_3_CK_CHACHA20_POLY1305_SHA256, | |
72 | # endif | |
73 | TLS1_3_CK_AES_128_GCM_SHA256, | |
74 | #endif | |
5a22cf96 EK |
75 | #ifndef OPENSSL_NO_TLS1_2 |
76 | # ifndef OPENSSL_NO_EC | |
77 | TLS1_CK_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384, | |
78 | TLS1_CK_ECDHE_RSA_WITH_AES_256_GCM_SHA384, | |
79 | # endif | |
80 | # ifndef OPENSSL_NO_DH | |
81 | TLS1_CK_DHE_RSA_WITH_AES_256_GCM_SHA384, | |
82 | # endif | |
83 | ||
71cff963 | 84 | # if !defined(OPENSSL_NO_CHACHA) && !defined(OPENSSL_NO_POLY1305) |
5a22cf96 EK |
85 | # ifndef OPENSSL_NO_EC |
86 | TLS1_CK_ECDHE_ECDSA_WITH_CHACHA20_POLY1305, | |
87 | TLS1_CK_ECDHE_RSA_WITH_CHACHA20_POLY1305, | |
88 | # endif | |
89 | # ifndef OPENSSL_NO_DH | |
90 | TLS1_CK_DHE_RSA_WITH_CHACHA20_POLY1305, | |
91 | # endif | |
92 | # endif /* !OPENSSL_NO_CHACHA && !OPENSSL_NO_POLY1305 */ | |
93 | ||
94 | # ifndef OPENSSL_NO_EC | |
95 | TLS1_CK_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256, | |
96 | TLS1_CK_ECDHE_RSA_WITH_AES_128_GCM_SHA256, | |
97 | # endif | |
98 | # ifndef OPENSSL_NO_DH | |
99 | TLS1_CK_DHE_RSA_WITH_AES_128_GCM_SHA256, | |
100 | # endif | |
101 | # ifndef OPENSSL_NO_EC | |
102 | TLS1_CK_ECDHE_ECDSA_WITH_AES_256_SHA384, | |
103 | TLS1_CK_ECDHE_RSA_WITH_AES_256_SHA384, | |
104 | # endif | |
105 | # ifndef OPENSSL_NO_DH | |
106 | TLS1_CK_DHE_RSA_WITH_AES_256_SHA256, | |
107 | # endif | |
108 | # ifndef OPENSSL_NO_EC | |
109 | TLS1_CK_ECDHE_ECDSA_WITH_AES_128_SHA256, | |
110 | TLS1_CK_ECDHE_RSA_WITH_AES_128_SHA256, | |
111 | # endif | |
112 | # ifndef OPENSSL_NO_DH | |
113 | TLS1_CK_DHE_RSA_WITH_AES_128_SHA256, | |
114 | # endif | |
115 | #endif /* !OPENSSL_NO_TLS1_2 */ | |
116 | ||
c423ecaa MC |
117 | #if !defined(OPENSSL_NO_TLS1_2) || defined(OPENSSL_NO_TLS1_3) |
118 | /* These won't be usable if TLSv1.3 is available but TLSv1.2 isn't */ | |
119 | # ifndef OPENSSL_NO_EC | |
5a22cf96 EK |
120 | TLS1_CK_ECDHE_ECDSA_WITH_AES_256_CBC_SHA, |
121 | TLS1_CK_ECDHE_RSA_WITH_AES_256_CBC_SHA, | |
c423ecaa MC |
122 | # endif |
123 | #ifndef OPENSSL_NO_DH | |
5a22cf96 | 124 | TLS1_CK_DHE_RSA_WITH_AES_256_SHA, |
c423ecaa MC |
125 | # endif |
126 | # ifndef OPENSSL_NO_EC | |
5a22cf96 EK |
127 | TLS1_CK_ECDHE_ECDSA_WITH_AES_128_CBC_SHA, |
128 | TLS1_CK_ECDHE_RSA_WITH_AES_128_CBC_SHA, | |
c423ecaa MC |
129 | # endif |
130 | # ifndef OPENSSL_NO_DH | |
5a22cf96 | 131 | TLS1_CK_DHE_RSA_WITH_AES_128_SHA, |
c423ecaa MC |
132 | # endif |
133 | #endif /* !defined(OPENSSL_NO_TLS1_2) || defined(OPENSSL_NO_TLS1_3) */ | |
5a22cf96 | 134 | |
5a22cf96 EK |
135 | #ifndef OPENSSL_NO_TLS1_2 |
136 | TLS1_CK_RSA_WITH_AES_256_GCM_SHA384, | |
137 | TLS1_CK_RSA_WITH_AES_128_GCM_SHA256, | |
582a17d6 | 138 | #endif |
582a17d6 | 139 | #ifndef OPENSSL_NO_TLS1_2 |
5a22cf96 EK |
140 | TLS1_CK_RSA_WITH_AES_256_SHA256, |
141 | TLS1_CK_RSA_WITH_AES_128_SHA256, | |
142 | #endif | |
c423ecaa MC |
143 | #if !defined(OPENSSL_NO_TLS1_2) || defined(OPENSSL_NO_TLS1_3) |
144 | /* These won't be usable if TLSv1.3 is available but TLSv1.2 isn't */ | |
5a22cf96 EK |
145 | TLS1_CK_RSA_WITH_AES_256_SHA, |
146 | TLS1_CK_RSA_WITH_AES_128_SHA, | |
c423ecaa | 147 | #endif |
5a22cf96 EK |
148 | }; |
149 | ||
150 | static int test_default_cipherlist(SSL_CTX *ctx) | |
151 | { | |
019e47ce P |
152 | STACK_OF(SSL_CIPHER) *ciphers = NULL; |
153 | SSL *ssl = NULL; | |
5a22cf96 EK |
154 | int i, ret = 0, num_expected_ciphers, num_ciphers; |
155 | uint32_t expected_cipher_id, cipher_id; | |
156 | ||
019e47ce P |
157 | if (ctx == NULL) |
158 | return 0; | |
159 | ||
160 | if (!TEST_ptr(ssl = SSL_new(ctx)) | |
161 | || !TEST_ptr(ciphers = SSL_get1_supported_ciphers(ssl))) | |
162 | goto err; | |
5a22cf96 | 163 | |
5a22cf96 EK |
164 | num_expected_ciphers = OSSL_NELEM(default_ciphers_in_order); |
165 | num_ciphers = sk_SSL_CIPHER_num(ciphers); | |
2fae041d | 166 | if (!TEST_int_eq(num_ciphers, num_expected_ciphers)) |
5a22cf96 | 167 | goto err; |
5a22cf96 EK |
168 | |
169 | for (i = 0; i < num_ciphers; i++) { | |
170 | expected_cipher_id = default_ciphers_in_order[i]; | |
171 | cipher_id = SSL_CIPHER_get_id(sk_SSL_CIPHER_value(ciphers, i)); | |
2fae041d P |
172 | if (!TEST_int_eq(cipher_id, expected_cipher_id)) { |
173 | TEST_info("Wrong cipher at position %d", i); | |
5a22cf96 EK |
174 | goto err; |
175 | } | |
176 | } | |
177 | ||
178 | ret = 1; | |
179 | ||
180 | err: | |
181 | sk_SSL_CIPHER_free(ciphers); | |
182 | SSL_free(ssl); | |
183 | return ret; | |
184 | } | |
185 | ||
019e47ce | 186 | static int execute_test(CIPHERLIST_TEST_FIXTURE *fixture) |
5a22cf96 | 187 | { |
019e47ce P |
188 | return fixture != NULL |
189 | && test_default_cipherlist(fixture->server) | |
190 | && test_default_cipherlist(fixture->client); | |
5a22cf96 EK |
191 | } |
192 | ||
193 | #define SETUP_CIPHERLIST_TEST_FIXTURE() \ | |
99801878 | 194 | SETUP_TEST_FIXTURE(CIPHERLIST_TEST_FIXTURE, set_up) |
5a22cf96 EK |
195 | |
196 | #define EXECUTE_CIPHERLIST_TEST() \ | |
197 | EXECUTE_TEST(execute_test, tear_down) | |
198 | ||
31a80694 | 199 | static int test_default_cipherlist_implicit(void) |
5a22cf96 EK |
200 | { |
201 | SETUP_CIPHERLIST_TEST_FIXTURE(); | |
99801878 P |
202 | if (fixture == NULL) |
203 | return 0; | |
5a22cf96 | 204 | EXECUTE_CIPHERLIST_TEST(); |
99801878 | 205 | return result; |
5a22cf96 EK |
206 | } |
207 | ||
31a80694 | 208 | static int test_default_cipherlist_explicit(void) |
5a22cf96 EK |
209 | { |
210 | SETUP_CIPHERLIST_TEST_FIXTURE(); | |
019e47ce P |
211 | if (fixture == NULL) |
212 | return 0; | |
213 | if (!TEST_true(SSL_CTX_set_cipher_list(fixture->server, "DEFAULT")) | |
214 | || !TEST_true(SSL_CTX_set_cipher_list(fixture->client, "DEFAULT"))) | |
215 | tear_down(fixture); | |
5a22cf96 | 216 | EXECUTE_CIPHERLIST_TEST(); |
99801878 | 217 | return result; |
5a22cf96 EK |
218 | } |
219 | ||
3c83c5ba SR |
220 | /* SSL_CTX_set_cipher_list() should fail if it clears all TLSv1.2 ciphers. */ |
221 | static int test_default_cipherlist_clear(void) | |
222 | { | |
223 | SETUP_CIPHERLIST_TEST_FIXTURE(); | |
224 | SSL *s = NULL; | |
225 | ||
226 | if (fixture == NULL) | |
227 | return 0; | |
228 | ||
229 | if (!TEST_int_eq(SSL_CTX_set_cipher_list(fixture->server, "no-such"), 0)) | |
230 | goto end; | |
231 | ||
232 | if (!TEST_int_eq(ERR_GET_REASON(ERR_get_error()), SSL_R_NO_CIPHER_MATCH)) | |
233 | goto end; | |
234 | ||
235 | s = SSL_new(fixture->client); | |
236 | ||
237 | if (!TEST_ptr(s)) | |
238 | goto end; | |
239 | ||
240 | if (!TEST_int_eq(SSL_set_cipher_list(s, "no-such"), 0)) | |
241 | goto end; | |
242 | ||
243 | if (!TEST_int_eq(ERR_GET_REASON(ERR_get_error()), | |
244 | SSL_R_NO_CIPHER_MATCH)) | |
245 | goto end; | |
246 | ||
247 | result = 1; | |
248 | end: | |
249 | SSL_free(s); | |
250 | tear_down(fixture); | |
251 | return result; | |
252 | } | |
253 | ||
3cb7c5cf | 254 | int setup_tests(void) |
5a22cf96 | 255 | { |
5a22cf96 EK |
256 | ADD_TEST(test_default_cipherlist_implicit); |
257 | ADD_TEST(test_default_cipherlist_explicit); | |
3c83c5ba | 258 | ADD_TEST(test_default_cipherlist_clear); |
ad887416 | 259 | return 1; |
5a22cf96 | 260 | } |