xref: /aosp_15_r20/external/cronet/net/ssl/ssl_cipher_suite_names_unittest.cc (revision 6777b5387eb2ff775bb5750e3f5d96f37fb7352b) 
1 // Copyright 2011 The Chromium Authors
2 // Use of this source code is governed by a BSD-style license that can be
3 // found in the LICENSE file.
4 
5 #include "net/ssl/ssl_cipher_suite_names.h"
6 
7 #include "net/ssl/ssl_connection_status_flags.h"
8 #include "testing/gtest/include/gtest/gtest.h"
9 #include "third_party/boringssl/src/include/openssl/ssl.h"
10 
11 namespace net {
12 
13 namespace {
14 
15 int kObsoleteVersion = SSL_CONNECTION_VERSION_TLS1;
16 int kModernVersion = SSL_CONNECTION_VERSION_TLS1_2;
17 
18 uint16_t kModernCipherSuite =
19     0xc02f; /* TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256 */
20 
21 uint16_t kObsoleteCipherObsoleteKeyExchange =
22     0x2f; /* TLS_RSA_WITH_AES_128_CBC_SHA */
23 uint16_t kObsoleteCipherModernKeyExchange =
24     0xc014; /* TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA */
25 uint16_t kModernCipherObsoleteKeyExchange =
26     0x9c; /* TLS_RSA_WITH_AES_128_GCM_SHA256 */
27 uint16_t kModernCipherModernKeyExchange =
28     0xc02f; /* TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256 */
29 
30 uint16_t kObsoleteSignature = SSL_SIGN_RSA_PKCS1_SHA1;
31 uint16_t kModernSignature = SSL_SIGN_RSA_PSS_RSAE_SHA256;
32 
MakeConnectionStatus(int version,uint16_t cipher_suite)33 int MakeConnectionStatus(int version, uint16_t cipher_suite) {
34   int connection_status = 0;
35 
36   SSLConnectionStatusSetVersion(version, &connection_status);
37   SSLConnectionStatusSetCipherSuite(cipher_suite, &connection_status);
38 
39   return connection_status;
40 }
41 
TEST(CipherSuiteNamesTest,Basic)42 TEST(CipherSuiteNamesTest, Basic) {
43   const char *key_exchange, *cipher, *mac;
44   bool is_aead, is_tls13;
45 
46   SSLCipherSuiteToStrings(&key_exchange, &cipher, &mac, &is_aead, &is_tls13,
47                           0x000a);
48   EXPECT_STREQ("RSA", key_exchange);
49   EXPECT_STREQ("3DES_EDE_CBC", cipher);
50   EXPECT_STREQ("HMAC-SHA1", mac);
51   EXPECT_FALSE(is_aead);
52   EXPECT_FALSE(is_tls13);
53 
54   SSLCipherSuiteToStrings(&key_exchange, &cipher, &mac, &is_aead, &is_tls13,
55                           0x002f);
56   EXPECT_STREQ("RSA", key_exchange);
57   EXPECT_STREQ("AES_128_CBC", cipher);
58   EXPECT_STREQ("HMAC-SHA1", mac);
59   EXPECT_FALSE(is_aead);
60   EXPECT_FALSE(is_tls13);
61 
62   SSLCipherSuiteToStrings(&key_exchange, &cipher, &mac, &is_aead, &is_tls13,
63                           0xc030);
64   EXPECT_STREQ("ECDHE_RSA", key_exchange);
65   EXPECT_STREQ("AES_256_GCM", cipher);
66   EXPECT_TRUE(is_aead);
67   EXPECT_FALSE(is_tls13);
68   EXPECT_EQ(nullptr, mac);
69 
70   SSLCipherSuiteToStrings(&key_exchange, &cipher, &mac, &is_aead, &is_tls13,
71                           0xcca9);
72   EXPECT_STREQ("ECDHE_ECDSA", key_exchange);
73   EXPECT_STREQ("CHACHA20_POLY1305", cipher);
74   EXPECT_TRUE(is_aead);
75   EXPECT_FALSE(is_tls13);
76   EXPECT_EQ(nullptr, mac);
77 
78   SSLCipherSuiteToStrings(&key_exchange, &cipher, &mac, &is_aead, &is_tls13,
79                           0xff31);
80   EXPECT_STREQ("???", key_exchange);
81   EXPECT_STREQ("???", cipher);
82   EXPECT_STREQ("???", mac);
83   EXPECT_FALSE(is_aead);
84   EXPECT_FALSE(is_tls13);
85 
86   SSLCipherSuiteToStrings(&key_exchange, &cipher, &mac, &is_aead, &is_tls13,
87                           0x1301);
88   EXPECT_STREQ("AES_128_GCM", cipher);
89   EXPECT_TRUE(is_aead);
90   EXPECT_TRUE(is_tls13);
91   EXPECT_EQ(nullptr, mac);
92   EXPECT_EQ(nullptr, key_exchange);
93 
94   SSLCipherSuiteToStrings(&key_exchange, &cipher, &mac, &is_aead, &is_tls13,
95                           0x1302);
96   EXPECT_STREQ("AES_256_GCM", cipher);
97   EXPECT_TRUE(is_aead);
98   EXPECT_TRUE(is_tls13);
99   EXPECT_EQ(nullptr, mac);
100   EXPECT_EQ(nullptr, key_exchange);
101 
102   SSLCipherSuiteToStrings(&key_exchange, &cipher, &mac, &is_aead, &is_tls13,
103                           0x1303);
104   EXPECT_STREQ("CHACHA20_POLY1305", cipher);
105   EXPECT_TRUE(is_aead);
106   EXPECT_TRUE(is_tls13);
107   EXPECT_EQ(nullptr, mac);
108   EXPECT_EQ(nullptr, key_exchange);
109 }
110 
TEST(CipherSuiteNamesTest,ParseSSLCipherString)111 TEST(CipherSuiteNamesTest, ParseSSLCipherString) {
112   uint16_t cipher_suite = 0;
113   EXPECT_TRUE(ParseSSLCipherString("0x0004", &cipher_suite));
114   EXPECT_EQ(0x00004u, cipher_suite);
115 
116   EXPECT_TRUE(ParseSSLCipherString("0xBEEF", &cipher_suite));
117   EXPECT_EQ(0xBEEFu, cipher_suite);
118 }
119 
TEST(CipherSuiteNamesTest,ParseSSLCipherStringFails)120 TEST(CipherSuiteNamesTest, ParseSSLCipherStringFails) {
121   const char* const cipher_strings[] = {
122     "0004",
123     "0x004",
124     "0xBEEFY",
125   };
126 
127   for (const auto* cipher_string : cipher_strings) {
128     uint16_t cipher_suite = 0;
129     EXPECT_FALSE(ParseSSLCipherString(cipher_string, &cipher_suite));
130   }
131 }
132 
TEST(CipherSuiteNamesTest,ObsoleteSSLStatusProtocol)133 TEST(CipherSuiteNamesTest, ObsoleteSSLStatusProtocol) {
134   // Obsolete
135   // Note all of these combinations are impossible; TLS 1.2 is necessary for
136   // kModernCipherSuite.
137   EXPECT_EQ(OBSOLETE_SSL_MASK_PROTOCOL,
138             ObsoleteSSLStatus(MakeConnectionStatus(SSL_CONNECTION_VERSION_SSL2,
139                                                    kModernCipherSuite),
140                               kModernSignature));
141   EXPECT_EQ(OBSOLETE_SSL_MASK_PROTOCOL,
142             ObsoleteSSLStatus(MakeConnectionStatus(SSL_CONNECTION_VERSION_SSL3,
143                                                    kModernCipherSuite),
144                               kModernSignature));
145   EXPECT_EQ(OBSOLETE_SSL_MASK_PROTOCOL,
146             ObsoleteSSLStatus(MakeConnectionStatus(SSL_CONNECTION_VERSION_TLS1,
147                                                    kModernCipherSuite),
148                               kModernSignature));
149   EXPECT_EQ(
150       OBSOLETE_SSL_MASK_PROTOCOL,
151       ObsoleteSSLStatus(MakeConnectionStatus(SSL_CONNECTION_VERSION_TLS1_1,
152                                              kModernCipherSuite),
153                         kModernSignature));
154 
155   // Modern
156   EXPECT_EQ(
157       OBSOLETE_SSL_NONE,
158       ObsoleteSSLStatus(MakeConnectionStatus(SSL_CONNECTION_VERSION_TLS1_2,
159                                              kModernCipherSuite),
160                         kModernSignature));
161   EXPECT_EQ(OBSOLETE_SSL_NONE,
162             ObsoleteSSLStatus(MakeConnectionStatus(SSL_CONNECTION_VERSION_QUIC,
163                                                    kModernCipherSuite),
164                               kModernSignature));
165 }
166 
TEST(CipherSuiteNamesTest,ObsoleteSSLStatusProtocolAndCipherSuite)167 TEST(CipherSuiteNamesTest, ObsoleteSSLStatusProtocolAndCipherSuite) {
168   // Cartesian combos
169   // As above, some of these combinations can't happen in practice.
170   EXPECT_EQ(OBSOLETE_SSL_MASK_PROTOCOL | OBSOLETE_SSL_MASK_KEY_EXCHANGE |
171                 OBSOLETE_SSL_MASK_CIPHER | OBSOLETE_SSL_MASK_SIGNATURE,
172             ObsoleteSSLStatus(
173                 MakeConnectionStatus(kObsoleteVersion,
174                                      kObsoleteCipherObsoleteKeyExchange),
175                 kObsoleteSignature));
176   EXPECT_EQ(OBSOLETE_SSL_MASK_PROTOCOL | OBSOLETE_SSL_MASK_KEY_EXCHANGE |
177                 OBSOLETE_SSL_MASK_CIPHER,
178             ObsoleteSSLStatus(
179                 MakeConnectionStatus(kObsoleteVersion,
180                                      kObsoleteCipherObsoleteKeyExchange),
181                 kModernSignature));
182   EXPECT_EQ(
183       OBSOLETE_SSL_MASK_PROTOCOL | OBSOLETE_SSL_MASK_KEY_EXCHANGE,
184       ObsoleteSSLStatus(MakeConnectionStatus(kObsoleteVersion,
185                                              kModernCipherObsoleteKeyExchange),
186                         kModernSignature));
187   EXPECT_EQ(
188       OBSOLETE_SSL_MASK_PROTOCOL | OBSOLETE_SSL_MASK_CIPHER,
189       ObsoleteSSLStatus(MakeConnectionStatus(kObsoleteVersion,
190                                              kObsoleteCipherModernKeyExchange),
191                         kModernSignature));
192   EXPECT_EQ(
193       OBSOLETE_SSL_MASK_PROTOCOL,
194       ObsoleteSSLStatus(MakeConnectionStatus(kObsoleteVersion,
195                                              kModernCipherModernKeyExchange),
196                         kModernSignature));
197   EXPECT_EQ(
198       OBSOLETE_SSL_MASK_KEY_EXCHANGE | OBSOLETE_SSL_MASK_CIPHER,
199       ObsoleteSSLStatus(MakeConnectionStatus(
200                             kModernVersion, kObsoleteCipherObsoleteKeyExchange),
201                         kModernSignature));
202   EXPECT_EQ(
203       OBSOLETE_SSL_MASK_KEY_EXCHANGE,
204       ObsoleteSSLStatus(MakeConnectionStatus(kModernVersion,
205                                              kModernCipherObsoleteKeyExchange),
206                         kModernSignature));
207   EXPECT_EQ(
208       OBSOLETE_SSL_MASK_CIPHER,
209       ObsoleteSSLStatus(MakeConnectionStatus(kModernVersion,
210                                              kObsoleteCipherModernKeyExchange),
211                         kModernSignature));
212   EXPECT_EQ(
213       OBSOLETE_SSL_NONE,
214       ObsoleteSSLStatus(
215           MakeConnectionStatus(kModernVersion, kModernCipherModernKeyExchange),
216           kModernSignature));
217   EXPECT_EQ(
218       OBSOLETE_SSL_NONE,
219       ObsoleteSSLStatus(MakeConnectionStatus(SSL_CONNECTION_VERSION_TLS1_3,
220                                              0x1301 /* AES_128_GCM_SHA256 */),
221                         kModernSignature));
222 
223   // Don't flag the signature as obsolete if not present. It may be an old cache
224   // entry or a key exchange that doesn't involve a signature. (Though, in the
225   // latter case, we would always flag a bad key exchange.)
226   EXPECT_EQ(
227       OBSOLETE_SSL_NONE,
228       ObsoleteSSLStatus(
229           MakeConnectionStatus(kModernVersion, kModernCipherModernKeyExchange),
230           0));
231   EXPECT_EQ(
232       OBSOLETE_SSL_MASK_KEY_EXCHANGE,
233       ObsoleteSSLStatus(MakeConnectionStatus(kModernVersion,
234                                              kModernCipherObsoleteKeyExchange),
235                         0));
236 
237   // Flag obsolete signatures.
238   EXPECT_EQ(
239       OBSOLETE_SSL_MASK_SIGNATURE,
240       ObsoleteSSLStatus(
241           MakeConnectionStatus(kModernVersion, kModernCipherModernKeyExchange),
242           kObsoleteSignature));
243 }
244 
TEST(CipherSuiteNamesTest,HTTP2CipherSuites)245 TEST(CipherSuiteNamesTest, HTTP2CipherSuites) {
246   // Picked some random cipher suites.
247   EXPECT_FALSE(
248       IsTLSCipherSuiteAllowedByHTTP2(0x0 /* TLS_NULL_WITH_NULL_NULL */));
249   EXPECT_FALSE(IsTLSCipherSuiteAllowedByHTTP2(
250       0xc014 /* TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA */));
251   EXPECT_FALSE(IsTLSCipherSuiteAllowedByHTTP2(
252       0x9c /* TLS_RSA_WITH_AES_128_GCM_SHA256 */));
253 
254   // Non-existent cipher suite.
255   EXPECT_FALSE(IsTLSCipherSuiteAllowedByHTTP2(0xffff)) << "Doesn't exist!";
256 
257   // HTTP/2-compatible ones.
258   EXPECT_TRUE(IsTLSCipherSuiteAllowedByHTTP2(
259       0xc02f /* TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256 */));
260   EXPECT_TRUE(IsTLSCipherSuiteAllowedByHTTP2(
261       0xcca8 /* ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256 */));
262   EXPECT_TRUE(IsTLSCipherSuiteAllowedByHTTP2(
263       0xcca9 /* ECDHE_ECDSA_WITH_CHACHA20_POLY1305_SHA256 */));
264   EXPECT_TRUE(IsTLSCipherSuiteAllowedByHTTP2(0x1301 /* AES_128_GCM_SHA256 */));
265   EXPECT_TRUE(IsTLSCipherSuiteAllowedByHTTP2(0x1302 /* AES_256_GCM_SHA384 */));
266   EXPECT_TRUE(IsTLSCipherSuiteAllowedByHTTP2(0x1303 /* CHACHA20_POLY1305 */));
267 }
268 
269 }  // anonymous namespace
270 
271 }  // namespace net
272