1e1051a39Sopenharmony_ci/* 2e1051a39Sopenharmony_ci * Copyright 2016-2021 The OpenSSL Project Authors. All Rights Reserved. 3e1051a39Sopenharmony_ci * 4e1051a39Sopenharmony_ci * Licensed under the Apache License 2.0 (the "License"); 5e1051a39Sopenharmony_ci * you may not use this file except in compliance with the License. 6e1051a39Sopenharmony_ci * You may obtain a copy of the License at 7e1051a39Sopenharmony_ci * https://www.openssl.org/source/license.html 8e1051a39Sopenharmony_ci * or in the file LICENSE in the source distribution. 9e1051a39Sopenharmony_ci */ 10e1051a39Sopenharmony_ci 11e1051a39Sopenharmony_ci#include <stdio.h> 12e1051a39Sopenharmony_ci#include <string.h> 13e1051a39Sopenharmony_ci 14e1051a39Sopenharmony_ci#include <openssl/opensslconf.h> 15e1051a39Sopenharmony_ci#include <openssl/err.h> 16e1051a39Sopenharmony_ci#include <openssl/e_os2.h> 17e1051a39Sopenharmony_ci#include <openssl/ssl.h> 18e1051a39Sopenharmony_ci#include <openssl/ssl3.h> 19e1051a39Sopenharmony_ci#include <openssl/tls1.h> 20e1051a39Sopenharmony_ci 21e1051a39Sopenharmony_ci#include "internal/nelem.h" 22e1051a39Sopenharmony_ci#include "testutil.h" 23e1051a39Sopenharmony_ci 24e1051a39Sopenharmony_citypedef struct cipherlist_test_fixture { 25e1051a39Sopenharmony_ci const char *test_case_name; 26e1051a39Sopenharmony_ci SSL_CTX *server; 27e1051a39Sopenharmony_ci SSL_CTX *client; 28e1051a39Sopenharmony_ci} CIPHERLIST_TEST_FIXTURE; 29e1051a39Sopenharmony_ci 30e1051a39Sopenharmony_ci 31e1051a39Sopenharmony_cistatic void tear_down(CIPHERLIST_TEST_FIXTURE *fixture) 32e1051a39Sopenharmony_ci{ 33e1051a39Sopenharmony_ci if (fixture != NULL) { 34e1051a39Sopenharmony_ci SSL_CTX_free(fixture->server); 35e1051a39Sopenharmony_ci SSL_CTX_free(fixture->client); 36e1051a39Sopenharmony_ci fixture->server = fixture->client = NULL; 37e1051a39Sopenharmony_ci OPENSSL_free(fixture); 38e1051a39Sopenharmony_ci } 39e1051a39Sopenharmony_ci} 40e1051a39Sopenharmony_ci 41e1051a39Sopenharmony_cistatic CIPHERLIST_TEST_FIXTURE *set_up(const char *const test_case_name) 42e1051a39Sopenharmony_ci{ 43e1051a39Sopenharmony_ci CIPHERLIST_TEST_FIXTURE *fixture; 44e1051a39Sopenharmony_ci 45e1051a39Sopenharmony_ci if (!TEST_ptr(fixture = OPENSSL_zalloc(sizeof(*fixture)))) 46e1051a39Sopenharmony_ci return NULL; 47e1051a39Sopenharmony_ci fixture->test_case_name = test_case_name; 48e1051a39Sopenharmony_ci if (!TEST_ptr(fixture->server = SSL_CTX_new(TLS_server_method())) 49e1051a39Sopenharmony_ci || !TEST_ptr(fixture->client = SSL_CTX_new(TLS_client_method()))) { 50e1051a39Sopenharmony_ci tear_down(fixture); 51e1051a39Sopenharmony_ci return NULL; 52e1051a39Sopenharmony_ci } 53e1051a39Sopenharmony_ci return fixture; 54e1051a39Sopenharmony_ci} 55e1051a39Sopenharmony_ci 56e1051a39Sopenharmony_ci/* 57e1051a39Sopenharmony_ci * All ciphers in the DEFAULT cipherlist meet the default security level. 58e1051a39Sopenharmony_ci * However, default supported ciphers exclude SRP and PSK ciphersuites 59e1051a39Sopenharmony_ci * for which no callbacks have been set up. 60e1051a39Sopenharmony_ci * 61e1051a39Sopenharmony_ci * Supported ciphers also exclude TLSv1.2 ciphers if TLSv1.2 is disabled, 62e1051a39Sopenharmony_ci * and individual disabled algorithms. However, NO_RSA, NO_AES and NO_SHA 63e1051a39Sopenharmony_ci * are currently broken and should be considered mission impossible in libssl. 64e1051a39Sopenharmony_ci */ 65e1051a39Sopenharmony_cistatic const uint32_t default_ciphers_in_order[] = { 66e1051a39Sopenharmony_ci#ifndef OPENSSL_NO_TLS1_3 67e1051a39Sopenharmony_ci TLS1_3_CK_AES_256_GCM_SHA384, 68e1051a39Sopenharmony_ci# if !defined(OPENSSL_NO_CHACHA) && !defined(OPENSSL_NO_POLY1305) 69e1051a39Sopenharmony_ci TLS1_3_CK_CHACHA20_POLY1305_SHA256, 70e1051a39Sopenharmony_ci# endif 71e1051a39Sopenharmony_ci TLS1_3_CK_AES_128_GCM_SHA256, 72e1051a39Sopenharmony_ci#endif 73e1051a39Sopenharmony_ci#ifndef OPENSSL_NO_TLS1_2 74e1051a39Sopenharmony_ci# ifndef OPENSSL_NO_EC 75e1051a39Sopenharmony_ci TLS1_CK_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384, 76e1051a39Sopenharmony_ci TLS1_CK_ECDHE_RSA_WITH_AES_256_GCM_SHA384, 77e1051a39Sopenharmony_ci# endif 78e1051a39Sopenharmony_ci# ifndef OPENSSL_NO_DH 79e1051a39Sopenharmony_ci TLS1_CK_DHE_RSA_WITH_AES_256_GCM_SHA384, 80e1051a39Sopenharmony_ci# endif 81e1051a39Sopenharmony_ci 82e1051a39Sopenharmony_ci# if !defined(OPENSSL_NO_CHACHA) && !defined(OPENSSL_NO_POLY1305) 83e1051a39Sopenharmony_ci# ifndef OPENSSL_NO_EC 84e1051a39Sopenharmony_ci TLS1_CK_ECDHE_ECDSA_WITH_CHACHA20_POLY1305, 85e1051a39Sopenharmony_ci TLS1_CK_ECDHE_RSA_WITH_CHACHA20_POLY1305, 86e1051a39Sopenharmony_ci# endif 87e1051a39Sopenharmony_ci# ifndef OPENSSL_NO_DH 88e1051a39Sopenharmony_ci TLS1_CK_DHE_RSA_WITH_CHACHA20_POLY1305, 89e1051a39Sopenharmony_ci# endif 90e1051a39Sopenharmony_ci# endif /* !OPENSSL_NO_CHACHA && !OPENSSL_NO_POLY1305 */ 91e1051a39Sopenharmony_ci 92e1051a39Sopenharmony_ci# ifndef OPENSSL_NO_EC 93e1051a39Sopenharmony_ci TLS1_CK_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256, 94e1051a39Sopenharmony_ci TLS1_CK_ECDHE_RSA_WITH_AES_128_GCM_SHA256, 95e1051a39Sopenharmony_ci# endif 96e1051a39Sopenharmony_ci# ifndef OPENSSL_NO_DH 97e1051a39Sopenharmony_ci TLS1_CK_DHE_RSA_WITH_AES_128_GCM_SHA256, 98e1051a39Sopenharmony_ci# endif 99e1051a39Sopenharmony_ci# ifndef OPENSSL_NO_EC 100e1051a39Sopenharmony_ci TLS1_CK_ECDHE_ECDSA_WITH_AES_256_SHA384, 101e1051a39Sopenharmony_ci TLS1_CK_ECDHE_RSA_WITH_AES_256_SHA384, 102e1051a39Sopenharmony_ci# endif 103e1051a39Sopenharmony_ci# ifndef OPENSSL_NO_DH 104e1051a39Sopenharmony_ci TLS1_CK_DHE_RSA_WITH_AES_256_SHA256, 105e1051a39Sopenharmony_ci# endif 106e1051a39Sopenharmony_ci# ifndef OPENSSL_NO_EC 107e1051a39Sopenharmony_ci TLS1_CK_ECDHE_ECDSA_WITH_AES_128_SHA256, 108e1051a39Sopenharmony_ci TLS1_CK_ECDHE_RSA_WITH_AES_128_SHA256, 109e1051a39Sopenharmony_ci# endif 110e1051a39Sopenharmony_ci# ifndef OPENSSL_NO_DH 111e1051a39Sopenharmony_ci TLS1_CK_DHE_RSA_WITH_AES_128_SHA256, 112e1051a39Sopenharmony_ci# endif 113e1051a39Sopenharmony_ci#endif /* !OPENSSL_NO_TLS1_2 */ 114e1051a39Sopenharmony_ci 115e1051a39Sopenharmony_ci#if !defined(OPENSSL_NO_TLS1_2) || defined(OPENSSL_NO_TLS1_3) 116e1051a39Sopenharmony_ci /* These won't be usable if TLSv1.3 is available but TLSv1.2 isn't */ 117e1051a39Sopenharmony_ci# ifndef OPENSSL_NO_EC 118e1051a39Sopenharmony_ci TLS1_CK_ECDHE_ECDSA_WITH_AES_256_CBC_SHA, 119e1051a39Sopenharmony_ci TLS1_CK_ECDHE_RSA_WITH_AES_256_CBC_SHA, 120e1051a39Sopenharmony_ci# endif 121e1051a39Sopenharmony_ci #ifndef OPENSSL_NO_DH 122e1051a39Sopenharmony_ci TLS1_CK_DHE_RSA_WITH_AES_256_SHA, 123e1051a39Sopenharmony_ci# endif 124e1051a39Sopenharmony_ci# ifndef OPENSSL_NO_EC 125e1051a39Sopenharmony_ci TLS1_CK_ECDHE_ECDSA_WITH_AES_128_CBC_SHA, 126e1051a39Sopenharmony_ci TLS1_CK_ECDHE_RSA_WITH_AES_128_CBC_SHA, 127e1051a39Sopenharmony_ci# endif 128e1051a39Sopenharmony_ci# ifndef OPENSSL_NO_DH 129e1051a39Sopenharmony_ci TLS1_CK_DHE_RSA_WITH_AES_128_SHA, 130e1051a39Sopenharmony_ci# endif 131e1051a39Sopenharmony_ci#endif /* !defined(OPENSSL_NO_TLS1_2) || defined(OPENSSL_NO_TLS1_3) */ 132e1051a39Sopenharmony_ci 133e1051a39Sopenharmony_ci#ifndef OPENSSL_NO_TLS1_2 134e1051a39Sopenharmony_ci TLS1_CK_RSA_WITH_AES_256_GCM_SHA384, 135e1051a39Sopenharmony_ci TLS1_CK_RSA_WITH_AES_128_GCM_SHA256, 136e1051a39Sopenharmony_ci#endif 137e1051a39Sopenharmony_ci#ifndef OPENSSL_NO_TLS1_2 138e1051a39Sopenharmony_ci TLS1_CK_RSA_WITH_AES_256_SHA256, 139e1051a39Sopenharmony_ci TLS1_CK_RSA_WITH_AES_128_SHA256, 140e1051a39Sopenharmony_ci#endif 141e1051a39Sopenharmony_ci#if !defined(OPENSSL_NO_TLS1_2) || defined(OPENSSL_NO_TLS1_3) 142e1051a39Sopenharmony_ci /* These won't be usable if TLSv1.3 is available but TLSv1.2 isn't */ 143e1051a39Sopenharmony_ci TLS1_CK_RSA_WITH_AES_256_SHA, 144e1051a39Sopenharmony_ci TLS1_CK_RSA_WITH_AES_128_SHA, 145e1051a39Sopenharmony_ci#endif 146e1051a39Sopenharmony_ci}; 147e1051a39Sopenharmony_ci 148e1051a39Sopenharmony_cistatic int test_default_cipherlist(SSL_CTX *ctx) 149e1051a39Sopenharmony_ci{ 150e1051a39Sopenharmony_ci STACK_OF(SSL_CIPHER) *ciphers = NULL; 151e1051a39Sopenharmony_ci SSL *ssl = NULL; 152e1051a39Sopenharmony_ci int i, ret = 0, num_expected_ciphers, num_ciphers; 153e1051a39Sopenharmony_ci uint32_t expected_cipher_id, cipher_id; 154e1051a39Sopenharmony_ci 155e1051a39Sopenharmony_ci if (ctx == NULL) 156e1051a39Sopenharmony_ci return 0; 157e1051a39Sopenharmony_ci 158e1051a39Sopenharmony_ci if (!TEST_ptr(ssl = SSL_new(ctx)) 159e1051a39Sopenharmony_ci || !TEST_ptr(ciphers = SSL_get1_supported_ciphers(ssl))) 160e1051a39Sopenharmony_ci goto err; 161e1051a39Sopenharmony_ci 162e1051a39Sopenharmony_ci num_expected_ciphers = OSSL_NELEM(default_ciphers_in_order); 163e1051a39Sopenharmony_ci num_ciphers = sk_SSL_CIPHER_num(ciphers); 164e1051a39Sopenharmony_ci if (!TEST_int_eq(num_ciphers, num_expected_ciphers)) 165e1051a39Sopenharmony_ci goto err; 166e1051a39Sopenharmony_ci 167e1051a39Sopenharmony_ci for (i = 0; i < num_ciphers; i++) { 168e1051a39Sopenharmony_ci expected_cipher_id = default_ciphers_in_order[i]; 169e1051a39Sopenharmony_ci cipher_id = SSL_CIPHER_get_id(sk_SSL_CIPHER_value(ciphers, i)); 170e1051a39Sopenharmony_ci if (!TEST_int_eq(cipher_id, expected_cipher_id)) { 171e1051a39Sopenharmony_ci TEST_info("Wrong cipher at position %d", i); 172e1051a39Sopenharmony_ci goto err; 173e1051a39Sopenharmony_ci } 174e1051a39Sopenharmony_ci } 175e1051a39Sopenharmony_ci 176e1051a39Sopenharmony_ci ret = 1; 177e1051a39Sopenharmony_ci 178e1051a39Sopenharmony_ci err: 179e1051a39Sopenharmony_ci sk_SSL_CIPHER_free(ciphers); 180e1051a39Sopenharmony_ci SSL_free(ssl); 181e1051a39Sopenharmony_ci return ret; 182e1051a39Sopenharmony_ci} 183e1051a39Sopenharmony_ci 184e1051a39Sopenharmony_cistatic int execute_test(CIPHERLIST_TEST_FIXTURE *fixture) 185e1051a39Sopenharmony_ci{ 186e1051a39Sopenharmony_ci return fixture != NULL 187e1051a39Sopenharmony_ci && test_default_cipherlist(fixture->server) 188e1051a39Sopenharmony_ci && test_default_cipherlist(fixture->client); 189e1051a39Sopenharmony_ci} 190e1051a39Sopenharmony_ci 191e1051a39Sopenharmony_ci#define SETUP_CIPHERLIST_TEST_FIXTURE() \ 192e1051a39Sopenharmony_ci SETUP_TEST_FIXTURE(CIPHERLIST_TEST_FIXTURE, set_up) 193e1051a39Sopenharmony_ci 194e1051a39Sopenharmony_ci#define EXECUTE_CIPHERLIST_TEST() \ 195e1051a39Sopenharmony_ci EXECUTE_TEST(execute_test, tear_down) 196e1051a39Sopenharmony_ci 197e1051a39Sopenharmony_cistatic int test_default_cipherlist_implicit(void) 198e1051a39Sopenharmony_ci{ 199e1051a39Sopenharmony_ci SETUP_CIPHERLIST_TEST_FIXTURE(); 200e1051a39Sopenharmony_ci EXECUTE_CIPHERLIST_TEST(); 201e1051a39Sopenharmony_ci return result; 202e1051a39Sopenharmony_ci} 203e1051a39Sopenharmony_ci 204e1051a39Sopenharmony_cistatic int test_default_cipherlist_explicit(void) 205e1051a39Sopenharmony_ci{ 206e1051a39Sopenharmony_ci SETUP_CIPHERLIST_TEST_FIXTURE(); 207e1051a39Sopenharmony_ci if (!TEST_true(SSL_CTX_set_cipher_list(fixture->server, "DEFAULT")) 208e1051a39Sopenharmony_ci || !TEST_true(SSL_CTX_set_cipher_list(fixture->client, "DEFAULT"))) { 209e1051a39Sopenharmony_ci tear_down(fixture); 210e1051a39Sopenharmony_ci fixture = NULL; 211e1051a39Sopenharmony_ci } 212e1051a39Sopenharmony_ci EXECUTE_CIPHERLIST_TEST(); 213e1051a39Sopenharmony_ci return result; 214e1051a39Sopenharmony_ci} 215e1051a39Sopenharmony_ci 216e1051a39Sopenharmony_ci/* SSL_CTX_set_cipher_list() should fail if it clears all TLSv1.2 ciphers. */ 217e1051a39Sopenharmony_cistatic int test_default_cipherlist_clear(void) 218e1051a39Sopenharmony_ci{ 219e1051a39Sopenharmony_ci SSL *s = NULL; 220e1051a39Sopenharmony_ci SETUP_CIPHERLIST_TEST_FIXTURE(); 221e1051a39Sopenharmony_ci 222e1051a39Sopenharmony_ci if (!TEST_int_eq(SSL_CTX_set_cipher_list(fixture->server, "no-such"), 0)) 223e1051a39Sopenharmony_ci goto end; 224e1051a39Sopenharmony_ci 225e1051a39Sopenharmony_ci if (!TEST_int_eq(ERR_GET_REASON(ERR_get_error()), SSL_R_NO_CIPHER_MATCH)) 226e1051a39Sopenharmony_ci goto end; 227e1051a39Sopenharmony_ci 228e1051a39Sopenharmony_ci s = SSL_new(fixture->client); 229e1051a39Sopenharmony_ci 230e1051a39Sopenharmony_ci if (!TEST_ptr(s)) 231e1051a39Sopenharmony_ci goto end; 232e1051a39Sopenharmony_ci 233e1051a39Sopenharmony_ci if (!TEST_int_eq(SSL_set_cipher_list(s, "no-such"), 0)) 234e1051a39Sopenharmony_ci goto end; 235e1051a39Sopenharmony_ci 236e1051a39Sopenharmony_ci if (!TEST_int_eq(ERR_GET_REASON(ERR_get_error()), 237e1051a39Sopenharmony_ci SSL_R_NO_CIPHER_MATCH)) 238e1051a39Sopenharmony_ci goto end; 239e1051a39Sopenharmony_ci 240e1051a39Sopenharmony_ci result = 1; 241e1051a39Sopenharmony_ciend: 242e1051a39Sopenharmony_ci SSL_free(s); 243e1051a39Sopenharmony_ci tear_down(fixture); 244e1051a39Sopenharmony_ci return result; 245e1051a39Sopenharmony_ci} 246e1051a39Sopenharmony_ci 247e1051a39Sopenharmony_ciint setup_tests(void) 248e1051a39Sopenharmony_ci{ 249e1051a39Sopenharmony_ci ADD_TEST(test_default_cipherlist_implicit); 250e1051a39Sopenharmony_ci ADD_TEST(test_default_cipherlist_explicit); 251e1051a39Sopenharmony_ci ADD_TEST(test_default_cipherlist_clear); 252e1051a39Sopenharmony_ci return 1; 253e1051a39Sopenharmony_ci} 254