]>
Commit | Line | Data |
---|---|---|
5a22cf96 | 1 | /* |
6738bf14 | 2 | * Copyright 2016-2018 The OpenSSL Project Authors. All Rights Reserved. |
5a22cf96 EK |
3 | * |
4 | * Licensed under the OpenSSL licenses, (the "License"); | |
5 | * you may not use this file except in compliance with the License. | |
6 | * You may obtain a copy of the License at | |
7 | * https://www.openssl.org/source/license.html | |
8 | * or in the file LICENSE in the source distribution. | |
9 | */ | |
10 | ||
11 | #include <stdio.h> | |
019e47ce | 12 | #include <string.h> |
5a22cf96 EK |
13 | |
14 | #include <openssl/opensslconf.h> | |
15 | #include <openssl/err.h> | |
16 | #include <openssl/e_os2.h> | |
17 | #include <openssl/ssl.h> | |
18 | #include <openssl/ssl3.h> | |
19 | #include <openssl/tls1.h> | |
20 | ||
176db6dc | 21 | #include "internal/nelem.h" |
5a22cf96 EK |
22 | #include "testutil.h" |
23 | ||
24 | typedef struct cipherlist_test_fixture { | |
25 | const char *test_case_name; | |
26 | SSL_CTX *server; | |
27 | SSL_CTX *client; | |
28 | } CIPHERLIST_TEST_FIXTURE; | |
29 | ||
30 | ||
019e47ce | 31 | static void tear_down(CIPHERLIST_TEST_FIXTURE *fixture) |
5a22cf96 | 32 | { |
019e47ce P |
33 | if (fixture != NULL) { |
34 | SSL_CTX_free(fixture->server); | |
35 | SSL_CTX_free(fixture->client); | |
36 | fixture->server = fixture->client = NULL; | |
2326bba0 | 37 | OPENSSL_free(fixture); |
019e47ce P |
38 | } |
39 | } | |
40 | ||
41 | static CIPHERLIST_TEST_FIXTURE *set_up(const char *const test_case_name) | |
42 | { | |
2326bba0 | 43 | CIPHERLIST_TEST_FIXTURE *fixture; |
019e47ce | 44 | |
2326bba0 P |
45 | if (!TEST_ptr(fixture = OPENSSL_zalloc(sizeof(*fixture)))) |
46 | return NULL; | |
47 | fixture->test_case_name = test_case_name; | |
48 | if (!TEST_ptr(fixture->server = SSL_CTX_new(TLS_server_method())) | |
49 | || !TEST_ptr(fixture->client = SSL_CTX_new(TLS_client_method()))) { | |
50 | tear_down(fixture); | |
019e47ce P |
51 | return NULL; |
52 | } | |
2326bba0 | 53 | return fixture; |
5a22cf96 EK |
54 | } |
55 | ||
56 | /* | |
57 | * All ciphers in the DEFAULT cipherlist meet the default security level. | |
58 | * However, default supported ciphers exclude SRP and PSK ciphersuites | |
59 | * for which no callbacks have been set up. | |
60 | * | |
61 | * Supported ciphers also exclude TLSv1.2 ciphers if TLSv1.2 is disabled, | |
62 | * and individual disabled algorithms. However, NO_RSA, NO_AES and NO_SHA | |
63 | * are currently broken and should be considered mission impossible in libssl. | |
64 | */ | |
65 | static const uint32_t default_ciphers_in_order[] = { | |
f865b081 MC |
66 | #ifndef OPENSSL_NO_TLS1_3 |
67 | TLS1_3_CK_AES_256_GCM_SHA384, | |
68 | # if !defined(OPENSSL_NO_CHACHA) && !defined(OPENSSL_NO_POLY1305) | |
69 | TLS1_3_CK_CHACHA20_POLY1305_SHA256, | |
70 | # endif | |
71 | TLS1_3_CK_AES_128_GCM_SHA256, | |
72 | #endif | |
5a22cf96 EK |
73 | #ifndef OPENSSL_NO_TLS1_2 |
74 | # ifndef OPENSSL_NO_EC | |
75 | TLS1_CK_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384, | |
76 | TLS1_CK_ECDHE_RSA_WITH_AES_256_GCM_SHA384, | |
77 | # endif | |
78 | # ifndef OPENSSL_NO_DH | |
79 | TLS1_CK_DHE_RSA_WITH_AES_256_GCM_SHA384, | |
80 | # endif | |
81 | ||
71cff963 | 82 | # if !defined(OPENSSL_NO_CHACHA) && !defined(OPENSSL_NO_POLY1305) |
5a22cf96 EK |
83 | # ifndef OPENSSL_NO_EC |
84 | TLS1_CK_ECDHE_ECDSA_WITH_CHACHA20_POLY1305, | |
85 | TLS1_CK_ECDHE_RSA_WITH_CHACHA20_POLY1305, | |
86 | # endif | |
87 | # ifndef OPENSSL_NO_DH | |
88 | TLS1_CK_DHE_RSA_WITH_CHACHA20_POLY1305, | |
89 | # endif | |
90 | # endif /* !OPENSSL_NO_CHACHA && !OPENSSL_NO_POLY1305 */ | |
91 | ||
92 | # ifndef OPENSSL_NO_EC | |
93 | TLS1_CK_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256, | |
94 | TLS1_CK_ECDHE_RSA_WITH_AES_128_GCM_SHA256, | |
95 | # endif | |
96 | # ifndef OPENSSL_NO_DH | |
97 | TLS1_CK_DHE_RSA_WITH_AES_128_GCM_SHA256, | |
98 | # endif | |
99 | # ifndef OPENSSL_NO_EC | |
100 | TLS1_CK_ECDHE_ECDSA_WITH_AES_256_SHA384, | |
101 | TLS1_CK_ECDHE_RSA_WITH_AES_256_SHA384, | |
102 | # endif | |
103 | # ifndef OPENSSL_NO_DH | |
104 | TLS1_CK_DHE_RSA_WITH_AES_256_SHA256, | |
105 | # endif | |
106 | # ifndef OPENSSL_NO_EC | |
107 | TLS1_CK_ECDHE_ECDSA_WITH_AES_128_SHA256, | |
108 | TLS1_CK_ECDHE_RSA_WITH_AES_128_SHA256, | |
109 | # endif | |
110 | # ifndef OPENSSL_NO_DH | |
111 | TLS1_CK_DHE_RSA_WITH_AES_128_SHA256, | |
112 | # endif | |
113 | #endif /* !OPENSSL_NO_TLS1_2 */ | |
114 | ||
c423ecaa MC |
115 | #if !defined(OPENSSL_NO_TLS1_2) || defined(OPENSSL_NO_TLS1_3) |
116 | /* These won't be usable if TLSv1.3 is available but TLSv1.2 isn't */ | |
117 | # ifndef OPENSSL_NO_EC | |
5a22cf96 EK |
118 | TLS1_CK_ECDHE_ECDSA_WITH_AES_256_CBC_SHA, |
119 | TLS1_CK_ECDHE_RSA_WITH_AES_256_CBC_SHA, | |
c423ecaa MC |
120 | # endif |
121 | #ifndef OPENSSL_NO_DH | |
5a22cf96 | 122 | TLS1_CK_DHE_RSA_WITH_AES_256_SHA, |
c423ecaa MC |
123 | # endif |
124 | # ifndef OPENSSL_NO_EC | |
5a22cf96 EK |
125 | TLS1_CK_ECDHE_ECDSA_WITH_AES_128_CBC_SHA, |
126 | TLS1_CK_ECDHE_RSA_WITH_AES_128_CBC_SHA, | |
c423ecaa MC |
127 | # endif |
128 | # ifndef OPENSSL_NO_DH | |
5a22cf96 | 129 | TLS1_CK_DHE_RSA_WITH_AES_128_SHA, |
c423ecaa MC |
130 | # endif |
131 | #endif /* !defined(OPENSSL_NO_TLS1_2) || defined(OPENSSL_NO_TLS1_3) */ | |
5a22cf96 | 132 | |
5a22cf96 EK |
133 | #ifndef OPENSSL_NO_TLS1_2 |
134 | TLS1_CK_RSA_WITH_AES_256_GCM_SHA384, | |
135 | TLS1_CK_RSA_WITH_AES_128_GCM_SHA256, | |
582a17d6 | 136 | #endif |
582a17d6 | 137 | #ifndef OPENSSL_NO_TLS1_2 |
5a22cf96 EK |
138 | TLS1_CK_RSA_WITH_AES_256_SHA256, |
139 | TLS1_CK_RSA_WITH_AES_128_SHA256, | |
140 | #endif | |
c423ecaa MC |
141 | #if !defined(OPENSSL_NO_TLS1_2) || defined(OPENSSL_NO_TLS1_3) |
142 | /* These won't be usable if TLSv1.3 is available but TLSv1.2 isn't */ | |
5a22cf96 EK |
143 | TLS1_CK_RSA_WITH_AES_256_SHA, |
144 | TLS1_CK_RSA_WITH_AES_128_SHA, | |
c423ecaa | 145 | #endif |
5a22cf96 EK |
146 | }; |
147 | ||
148 | static int test_default_cipherlist(SSL_CTX *ctx) | |
149 | { | |
019e47ce P |
150 | STACK_OF(SSL_CIPHER) *ciphers = NULL; |
151 | SSL *ssl = NULL; | |
5a22cf96 EK |
152 | int i, ret = 0, num_expected_ciphers, num_ciphers; |
153 | uint32_t expected_cipher_id, cipher_id; | |
154 | ||
019e47ce P |
155 | if (ctx == NULL) |
156 | return 0; | |
157 | ||
158 | if (!TEST_ptr(ssl = SSL_new(ctx)) | |
159 | || !TEST_ptr(ciphers = SSL_get1_supported_ciphers(ssl))) | |
160 | goto err; | |
5a22cf96 | 161 | |
5a22cf96 EK |
162 | num_expected_ciphers = OSSL_NELEM(default_ciphers_in_order); |
163 | num_ciphers = sk_SSL_CIPHER_num(ciphers); | |
2fae041d | 164 | if (!TEST_int_eq(num_ciphers, num_expected_ciphers)) |
5a22cf96 | 165 | goto err; |
5a22cf96 EK |
166 | |
167 | for (i = 0; i < num_ciphers; i++) { | |
168 | expected_cipher_id = default_ciphers_in_order[i]; | |
169 | cipher_id = SSL_CIPHER_get_id(sk_SSL_CIPHER_value(ciphers, i)); | |
2fae041d P |
170 | if (!TEST_int_eq(cipher_id, expected_cipher_id)) { |
171 | TEST_info("Wrong cipher at position %d", i); | |
5a22cf96 EK |
172 | goto err; |
173 | } | |
174 | } | |
175 | ||
176 | ret = 1; | |
177 | ||
178 | err: | |
179 | sk_SSL_CIPHER_free(ciphers); | |
180 | SSL_free(ssl); | |
181 | return ret; | |
182 | } | |
183 | ||
019e47ce | 184 | static int execute_test(CIPHERLIST_TEST_FIXTURE *fixture) |
5a22cf96 | 185 | { |
019e47ce P |
186 | return fixture != NULL |
187 | && test_default_cipherlist(fixture->server) | |
188 | && test_default_cipherlist(fixture->client); | |
5a22cf96 EK |
189 | } |
190 | ||
191 | #define SETUP_CIPHERLIST_TEST_FIXTURE() \ | |
99801878 | 192 | SETUP_TEST_FIXTURE(CIPHERLIST_TEST_FIXTURE, set_up) |
5a22cf96 EK |
193 | |
194 | #define EXECUTE_CIPHERLIST_TEST() \ | |
195 | EXECUTE_TEST(execute_test, tear_down) | |
196 | ||
31a80694 | 197 | static int test_default_cipherlist_implicit(void) |
5a22cf96 EK |
198 | { |
199 | SETUP_CIPHERLIST_TEST_FIXTURE(); | |
99801878 P |
200 | if (fixture == NULL) |
201 | return 0; | |
5a22cf96 | 202 | EXECUTE_CIPHERLIST_TEST(); |
99801878 | 203 | return result; |
5a22cf96 EK |
204 | } |
205 | ||
31a80694 | 206 | static int test_default_cipherlist_explicit(void) |
5a22cf96 EK |
207 | { |
208 | SETUP_CIPHERLIST_TEST_FIXTURE(); | |
019e47ce P |
209 | if (fixture == NULL) |
210 | return 0; | |
211 | if (!TEST_true(SSL_CTX_set_cipher_list(fixture->server, "DEFAULT")) | |
212 | || !TEST_true(SSL_CTX_set_cipher_list(fixture->client, "DEFAULT"))) | |
213 | tear_down(fixture); | |
5a22cf96 | 214 | EXECUTE_CIPHERLIST_TEST(); |
99801878 | 215 | return result; |
5a22cf96 EK |
216 | } |
217 | ||
1c31fe7e SR |
218 | /* SSL_CTX_set_cipher_list() should fail if it clears all TLSv1.2 ciphers. */ |
219 | static int test_default_cipherlist_clear(void) | |
220 | { | |
221 | SETUP_CIPHERLIST_TEST_FIXTURE(); | |
222 | SSL *s = NULL; | |
223 | ||
224 | if (fixture == NULL) | |
225 | return 0; | |
226 | ||
227 | if (!TEST_int_eq(SSL_CTX_set_cipher_list(fixture->server, "no-such"), 0)) | |
228 | goto end; | |
229 | ||
230 | if (!TEST_int_eq(ERR_GET_REASON(ERR_get_error()), SSL_R_NO_CIPHER_MATCH)) | |
231 | goto end; | |
232 | ||
233 | s = SSL_new(fixture->client); | |
234 | ||
235 | if (!TEST_ptr(s)) | |
236 | goto end; | |
237 | ||
238 | if (!TEST_int_eq(SSL_set_cipher_list(s, "no-such"), 0)) | |
239 | goto end; | |
240 | ||
241 | if (!TEST_int_eq(ERR_GET_REASON(ERR_get_error()), | |
242 | SSL_R_NO_CIPHER_MATCH)) | |
243 | goto end; | |
244 | ||
245 | result = 1; | |
246 | end: | |
247 | SSL_free(s); | |
248 | tear_down(fixture); | |
249 | return result; | |
250 | } | |
251 | ||
3cb7c5cf | 252 | int setup_tests(void) |
5a22cf96 | 253 | { |
5a22cf96 EK |
254 | ADD_TEST(test_default_cipherlist_implicit); |
255 | ADD_TEST(test_default_cipherlist_explicit); | |
1c31fe7e | 256 | ADD_TEST(test_default_cipherlist_clear); |
ad887416 | 257 | return 1; |
5a22cf96 | 258 | } |