cipherbytes_test.c 4.4 KB

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151
  1. /*
  2. * Copyright 2017-2020 The OpenSSL Project Authors. All Rights Reserved.
  3. *
  4. * Licensed under the Apache License 2.0 (the "License");
  5. * you may not use this file except in compliance with the License.
  6. * You may obtain a copy of the License at
  7. * https://www.openssl.org/source/license.html
  8. * or in the file LICENSE in the source distribution.
  9. */
  10. #include <string.h>
  11. #include <stdio.h>
  12. #include <openssl/opensslconf.h>
  13. #include <openssl/err.h>
  14. #include <openssl/e_os2.h>
  15. #include <openssl/ssl.h>
  16. #include <openssl/ssl3.h>
  17. #include <openssl/tls1.h>
  18. #include "internal/nelem.h"
  19. #include "testutil.h"
  20. DEFINE_STACK_OF(SSL_CIPHER)
  21. static SSL_CTX *ctx;
  22. static SSL *s;
  23. static int test_empty(void)
  24. {
  25. STACK_OF(SSL_CIPHER) *sk = NULL, *scsv = NULL;
  26. const unsigned char bytes[] = {0x00};
  27. int ret = 0;
  28. if (!TEST_int_eq(SSL_bytes_to_cipher_list(s, bytes, 0, 0, &sk, &scsv), 0)
  29. || !TEST_ptr_null(sk)
  30. || !TEST_ptr_null(scsv))
  31. goto err;
  32. ret = 1;
  33. err:
  34. sk_SSL_CIPHER_free(sk);
  35. sk_SSL_CIPHER_free(scsv);
  36. return ret;
  37. }
  38. static int test_unsupported(void)
  39. {
  40. STACK_OF(SSL_CIPHER) *sk, *scsv;
  41. /* ECDH-RSA-AES256 (unsupported), ECDHE-ECDSA-AES128, <unassigned> */
  42. const unsigned char bytes[] = {0xc0, 0x0f, 0x00, 0x2f, 0x01, 0x00};
  43. int ret = 0;
  44. if (!TEST_true(SSL_bytes_to_cipher_list(s, bytes, sizeof(bytes),
  45. 0, &sk, &scsv))
  46. || !TEST_ptr(sk)
  47. || !TEST_int_eq(sk_SSL_CIPHER_num(sk), 1)
  48. || !TEST_ptr(scsv)
  49. || !TEST_int_eq(sk_SSL_CIPHER_num(scsv), 0)
  50. || !TEST_str_eq(SSL_CIPHER_get_name(sk_SSL_CIPHER_value(sk, 0)),
  51. "AES128-SHA"))
  52. goto err;
  53. ret = 1;
  54. err:
  55. sk_SSL_CIPHER_free(sk);
  56. sk_SSL_CIPHER_free(scsv);
  57. return ret;
  58. }
  59. static int test_v2(void)
  60. {
  61. STACK_OF(SSL_CIPHER) *sk, *scsv;
  62. /* ECDHE-ECDSA-AES256GCM, SSL2_RC4_1238_WITH_MD5,
  63. * ECDHE-ECDSA-CHACHA20-POLY1305 */
  64. const unsigned char bytes[] = {0x00, 0x00, 0x35, 0x01, 0x00, 0x80,
  65. 0x00, 0x00, 0x33};
  66. int ret = 0;
  67. if (!TEST_true(SSL_bytes_to_cipher_list(s, bytes, sizeof(bytes), 1,
  68. &sk, &scsv))
  69. || !TEST_ptr(sk)
  70. || !TEST_int_eq(sk_SSL_CIPHER_num(sk), 2)
  71. || !TEST_ptr(scsv)
  72. || !TEST_int_eq(sk_SSL_CIPHER_num(scsv), 0))
  73. goto err;
  74. if (strcmp(SSL_CIPHER_get_name(sk_SSL_CIPHER_value(sk, 0)),
  75. "AES256-SHA") != 0 ||
  76. strcmp(SSL_CIPHER_get_name(sk_SSL_CIPHER_value(sk, 1)),
  77. "DHE-RSA-AES128-SHA") != 0)
  78. goto err;
  79. ret = 1;
  80. err:
  81. sk_SSL_CIPHER_free(sk);
  82. sk_SSL_CIPHER_free(scsv);
  83. return ret;
  84. }
  85. static int test_v3(void)
  86. {
  87. STACK_OF(SSL_CIPHER) *sk = NULL, *scsv = NULL;
  88. /* ECDHE-ECDSA-AES256GCM, ECDHE-ECDSA-CHACHAPOLY, DHE-RSA-AES256GCM,
  89. * EMPTY-RENEGOTIATION-INFO-SCSV, FALLBACK-SCSV */
  90. const unsigned char bytes[] = {0x00, 0x2f, 0x00, 0x33, 0x00, 0x9f, 0x00, 0xff,
  91. 0x56, 0x00};
  92. int ret = 0;
  93. if (!SSL_bytes_to_cipher_list(s, bytes, sizeof(bytes), 0, &sk, &scsv)
  94. || !TEST_ptr(sk)
  95. || !TEST_int_eq(sk_SSL_CIPHER_num(sk), 3)
  96. || !TEST_ptr(scsv)
  97. || !TEST_int_eq(sk_SSL_CIPHER_num(scsv), 2)
  98. || !TEST_str_eq(SSL_CIPHER_get_name(sk_SSL_CIPHER_value(sk, 0)),
  99. "AES128-SHA")
  100. || !TEST_str_eq(SSL_CIPHER_get_name(sk_SSL_CIPHER_value(sk, 1)),
  101. "DHE-RSA-AES128-SHA")
  102. || !TEST_str_eq(SSL_CIPHER_get_name(sk_SSL_CIPHER_value(sk, 2)),
  103. "DHE-RSA-AES256-GCM-SHA384")
  104. || !TEST_str_eq(SSL_CIPHER_get_name(sk_SSL_CIPHER_value(scsv, 0)),
  105. "TLS_EMPTY_RENEGOTIATION_INFO_SCSV")
  106. || !TEST_str_eq(SSL_CIPHER_get_name(sk_SSL_CIPHER_value(scsv, 1)),
  107. "TLS_FALLBACK_SCSV"))
  108. goto err;
  109. ret = 1;
  110. err:
  111. sk_SSL_CIPHER_free(sk);
  112. sk_SSL_CIPHER_free(scsv);
  113. return ret;
  114. }
  115. int setup_tests(void)
  116. {
  117. if (!TEST_ptr(ctx = SSL_CTX_new(TLS_server_method()))
  118. || !TEST_ptr(s = SSL_new(ctx)))
  119. return 0;
  120. ADD_TEST(test_empty);
  121. ADD_TEST(test_unsupported);
  122. ADD_TEST(test_v2);
  123. ADD_TEST(test_v3);
  124. return 1;
  125. }
  126. void cleanup_tests(void)
  127. {
  128. SSL_free(s);
  129. SSL_CTX_free(ctx);
  130. }