cipherbytes_test.c 4.4 KB

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149
  1. /*
  2. * Copyright 2017-2020 The OpenSSL Project Authors. All Rights Reserved.
  3. *
  4. * Licensed under the Apache License 2.0 (the "License");
  5. * you may not use this file except in compliance with the License.
  6. * You may obtain a copy of the License at
  7. * https://www.openssl.org/source/license.html
  8. * or in the file LICENSE in the source distribution.
  9. */
  10. #include <string.h>
  11. #include <stdio.h>
  12. #include <openssl/opensslconf.h>
  13. #include <openssl/err.h>
  14. #include <openssl/e_os2.h>
  15. #include <openssl/ssl.h>
  16. #include <openssl/ssl3.h>
  17. #include <openssl/tls1.h>
  18. #include "internal/nelem.h"
  19. #include "testutil.h"
  20. static SSL_CTX *ctx;
  21. static SSL *s;
  22. static int test_empty(void)
  23. {
  24. STACK_OF(SSL_CIPHER) *sk = NULL, *scsv = NULL;
  25. const unsigned char bytes[] = {0x00};
  26. int ret = 0;
  27. if (!TEST_int_eq(SSL_bytes_to_cipher_list(s, bytes, 0, 0, &sk, &scsv), 0)
  28. || !TEST_ptr_null(sk)
  29. || !TEST_ptr_null(scsv))
  30. goto err;
  31. ret = 1;
  32. err:
  33. sk_SSL_CIPHER_free(sk);
  34. sk_SSL_CIPHER_free(scsv);
  35. return ret;
  36. }
  37. static int test_unsupported(void)
  38. {
  39. STACK_OF(SSL_CIPHER) *sk, *scsv;
  40. /* ECDH-RSA-AES256 (unsupported), ECDHE-ECDSA-AES128, <unassigned> */
  41. const unsigned char bytes[] = {0xc0, 0x0f, 0x00, 0x2f, 0x01, 0x00};
  42. int ret = 0;
  43. if (!TEST_true(SSL_bytes_to_cipher_list(s, bytes, sizeof(bytes),
  44. 0, &sk, &scsv))
  45. || !TEST_ptr(sk)
  46. || !TEST_int_eq(sk_SSL_CIPHER_num(sk), 1)
  47. || !TEST_ptr(scsv)
  48. || !TEST_int_eq(sk_SSL_CIPHER_num(scsv), 0)
  49. || !TEST_str_eq(SSL_CIPHER_get_name(sk_SSL_CIPHER_value(sk, 0)),
  50. "AES128-SHA"))
  51. goto err;
  52. ret = 1;
  53. err:
  54. sk_SSL_CIPHER_free(sk);
  55. sk_SSL_CIPHER_free(scsv);
  56. return ret;
  57. }
  58. static int test_v2(void)
  59. {
  60. STACK_OF(SSL_CIPHER) *sk, *scsv;
  61. /* ECDHE-ECDSA-AES256GCM, SSL2_RC4_1238_WITH_MD5,
  62. * ECDHE-ECDSA-CHACHA20-POLY1305 */
  63. const unsigned char bytes[] = {0x00, 0x00, 0x35, 0x01, 0x00, 0x80,
  64. 0x00, 0x00, 0x33};
  65. int ret = 0;
  66. if (!TEST_true(SSL_bytes_to_cipher_list(s, bytes, sizeof(bytes), 1,
  67. &sk, &scsv))
  68. || !TEST_ptr(sk)
  69. || !TEST_int_eq(sk_SSL_CIPHER_num(sk), 2)
  70. || !TEST_ptr(scsv)
  71. || !TEST_int_eq(sk_SSL_CIPHER_num(scsv), 0))
  72. goto err;
  73. if (strcmp(SSL_CIPHER_get_name(sk_SSL_CIPHER_value(sk, 0)),
  74. "AES256-SHA") != 0 ||
  75. strcmp(SSL_CIPHER_get_name(sk_SSL_CIPHER_value(sk, 1)),
  76. "DHE-RSA-AES128-SHA") != 0)
  77. goto err;
  78. ret = 1;
  79. err:
  80. sk_SSL_CIPHER_free(sk);
  81. sk_SSL_CIPHER_free(scsv);
  82. return ret;
  83. }
  84. static int test_v3(void)
  85. {
  86. STACK_OF(SSL_CIPHER) *sk = NULL, *scsv = NULL;
  87. /* ECDHE-ECDSA-AES256GCM, ECDHE-ECDSA-CHACHAPOLY, DHE-RSA-AES256GCM,
  88. * EMPTY-RENEGOTIATION-INFO-SCSV, FALLBACK-SCSV */
  89. const unsigned char bytes[] = {0x00, 0x2f, 0x00, 0x33, 0x00, 0x9f, 0x00, 0xff,
  90. 0x56, 0x00};
  91. int ret = 0;
  92. if (!SSL_bytes_to_cipher_list(s, bytes, sizeof(bytes), 0, &sk, &scsv)
  93. || !TEST_ptr(sk)
  94. || !TEST_int_eq(sk_SSL_CIPHER_num(sk), 3)
  95. || !TEST_ptr(scsv)
  96. || !TEST_int_eq(sk_SSL_CIPHER_num(scsv), 2)
  97. || !TEST_str_eq(SSL_CIPHER_get_name(sk_SSL_CIPHER_value(sk, 0)),
  98. "AES128-SHA")
  99. || !TEST_str_eq(SSL_CIPHER_get_name(sk_SSL_CIPHER_value(sk, 1)),
  100. "DHE-RSA-AES128-SHA")
  101. || !TEST_str_eq(SSL_CIPHER_get_name(sk_SSL_CIPHER_value(sk, 2)),
  102. "DHE-RSA-AES256-GCM-SHA384")
  103. || !TEST_str_eq(SSL_CIPHER_get_name(sk_SSL_CIPHER_value(scsv, 0)),
  104. "TLS_EMPTY_RENEGOTIATION_INFO_SCSV")
  105. || !TEST_str_eq(SSL_CIPHER_get_name(sk_SSL_CIPHER_value(scsv, 1)),
  106. "TLS_FALLBACK_SCSV"))
  107. goto err;
  108. ret = 1;
  109. err:
  110. sk_SSL_CIPHER_free(sk);
  111. sk_SSL_CIPHER_free(scsv);
  112. return ret;
  113. }
  114. int setup_tests(void)
  115. {
  116. if (!TEST_ptr(ctx = SSL_CTX_new(TLS_server_method()))
  117. || !TEST_ptr(s = SSL_new(ctx)))
  118. return 0;
  119. ADD_TEST(test_empty);
  120. ADD_TEST(test_unsupported);
  121. ADD_TEST(test_v2);
  122. ADD_TEST(test_v3);
  123. return 1;
  124. }
  125. void cleanup_tests(void)
  126. {
  127. SSL_free(s);
  128. SSL_CTX_free(ctx);
  129. }