OLD | NEW |
---|---|
1 // Copyright (c) 2011 The Chromium Authors. All rights reserved. | 1 // Copyright (c) 2011 The Chromium Authors. All rights reserved. |
2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
4 | 4 |
5 #include "net/ssl/ssl_cipher_suite_names.h" | 5 #include "net/ssl/ssl_cipher_suite_names.h" |
6 | 6 |
7 #include "base/basictypes.h" | 7 #include "base/basictypes.h" |
8 #include "testing/gtest/include/gtest/gtest.h" | 8 #include "testing/gtest/include/gtest/gtest.h" |
9 | 9 |
10 namespace net { | 10 namespace net { |
(...skipping 46 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... | |
57 }; | 57 }; |
58 | 58 |
59 for (size_t i = 0; i < arraysize(cipher_strings); ++i) { | 59 for (size_t i = 0; i < arraysize(cipher_strings); ++i) { |
60 uint16 cipher_suite = 0; | 60 uint16 cipher_suite = 0; |
61 EXPECT_FALSE(ParseSSLCipherString(cipher_strings[i], &cipher_suite)); | 61 EXPECT_FALSE(ParseSSLCipherString(cipher_strings[i], &cipher_suite)); |
62 } | 62 } |
63 } | 63 } |
64 | 64 |
65 TEST(CipherSuiteNamesTest, SecureCipherSuites) { | 65 TEST(CipherSuiteNamesTest, SecureCipherSuites) { |
66 // Picked some random cipher suites. | 66 // Picked some random cipher suites. |
67 EXPECT_FALSE(IsSecureTLSCipherSuite(0x0)); | 67 EXPECT_FALSE(IsSecureTLSCipherSuite(0x0 /* TLS_NULL_WITH_NULL_NULL */)); |
68 EXPECT_FALSE(IsSecureTLSCipherSuite(0x39)); | 68 EXPECT_FALSE( |
69 EXPECT_FALSE(IsSecureTLSCipherSuite(0xc5)); | 69 IsSecureTLSCipherSuite(0x39 /* TLS_DHE_RSA_WITH_AES_256_CBC_SHA */)); |
70 EXPECT_FALSE(IsSecureTLSCipherSuite(0xc00f)); | 70 EXPECT_FALSE(IsSecureTLSCipherSuite( |
71 EXPECT_FALSE(IsSecureTLSCipherSuite(0xc083)); | 71 0xc5 /* TLS_DH_anon_WITH_CAMELLIA_256_CBC_SHA256 */)); |
72 EXPECT_FALSE( | |
73 IsSecureTLSCipherSuite(0xc00f /* TLS_ECDH_RSA_WITH_AES_256_CBC_SHA */)); | |
74 EXPECT_FALSE(IsSecureTLSCipherSuite( | |
75 0xc083 /* TLS_DH_DSS_WITH_CAMELLIA_256_GCM_SHA384 */)); | |
76 EXPECT_FALSE( | |
77 IsSecureTLSCipherSuite(0x9e /* TLS_DHE_RSA_WITH_AES_128_GCM_SHA256 */)); | |
78 EXPECT_FALSE( | |
79 IsSecureTLSCipherSuite(0xc014 /* TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA */)); | |
80 EXPECT_FALSE( | |
81 IsSecureTLSCipherSuite(0x9c /* TLS_RSA_WITH_AES_128_GCM_SHA256 */)); | |
72 | 82 |
73 // Non-existent cipher suite. | 83 // Non-existent cipher suite. |
74 EXPECT_FALSE(IsSecureTLSCipherSuite(0xffff)) << "Doesn't exist!"; | 84 EXPECT_FALSE(IsSecureTLSCipherSuite(0xffff)) << "Doesn't exist!"; |
75 | 85 |
76 // Secure ones. | 86 // Secure ones. |
77 EXPECT_TRUE(IsSecureTLSCipherSuite(0xcc13)); | 87 EXPECT_TRUE(IsSecureTLSCipherSuite( |
78 EXPECT_TRUE(IsSecureTLSCipherSuite(0xcc14)); | 88 0xc02f /* TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256 */)); |
79 EXPECT_TRUE(IsSecureTLSCipherSuite(0xcc15)); | 89 EXPECT_TRUE(IsSecureTLSCipherSuite( |
davidben
2015/10/16 21:39:19
(0xcc15 is the non-standard DHE_RSA CHACHA20_POLY1
| |
90 0xcc13 /* ECDHE_RSA_WITH_CHACHA20_POLY1305 (non-standard) */)); | |
91 EXPECT_TRUE(IsSecureTLSCipherSuite( | |
92 0xcc14 /* ECDHE_ECDSA_WITH_CHACHA20_POLY1305 (non-standard) */)); | |
93 } | |
94 | |
95 TEST(CipherSuiteNamesTest, HTTP2CipherSuites) { | |
96 // Picked some random cipher suites. | |
97 EXPECT_FALSE( | |
98 IsTLSCipherSuiteAllowedByHTTP2(0x0 /* TLS_NULL_WITH_NULL_NULL */)); | |
99 EXPECT_FALSE(IsTLSCipherSuiteAllowedByHTTP2( | |
100 0x39 /* TLS_DHE_RSA_WITH_AES_256_CBC_SHA */)); | |
101 EXPECT_FALSE(IsTLSCipherSuiteAllowedByHTTP2( | |
102 0xc5 /* TLS_DH_anon_WITH_CAMELLIA_256_CBC_SHA256 */)); | |
103 EXPECT_FALSE(IsTLSCipherSuiteAllowedByHTTP2( | |
104 0xc00f /* TLS_ECDH_RSA_WITH_AES_256_CBC_SHA */)); | |
105 EXPECT_FALSE(IsTLSCipherSuiteAllowedByHTTP2( | |
106 0xc083 /* TLS_DH_DSS_WITH_CAMELLIA_256_GCM_SHA384 */)); | |
107 EXPECT_FALSE(IsTLSCipherSuiteAllowedByHTTP2( | |
108 0xc014 /* TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA */)); | |
109 EXPECT_FALSE(IsTLSCipherSuiteAllowedByHTTP2( | |
110 0x9c /* TLS_RSA_WITH_AES_128_GCM_SHA256 */)); | |
111 | |
112 // Non-existent cipher suite. | |
113 EXPECT_FALSE(IsTLSCipherSuiteAllowedByHTTP2(0xffff)) << "Doesn't exist!"; | |
114 | |
115 // HTTP/2-compatible ones. | |
116 EXPECT_TRUE(IsTLSCipherSuiteAllowedByHTTP2( | |
117 0x9e /* TLS_DHE_RSA_WITH_AES_128_GCM_SHA256 */)); | |
118 EXPECT_TRUE(IsTLSCipherSuiteAllowedByHTTP2( | |
119 0xc02f /* TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256 */)); | |
120 EXPECT_TRUE(IsTLSCipherSuiteAllowedByHTTP2( | |
121 0xcc13 /* ECDHE_RSA_WITH_CHACHA20_POLY1305 (non-standard) */)); | |
122 EXPECT_TRUE(IsTLSCipherSuiteAllowedByHTTP2( | |
123 0xcc14 /* ECDHE_ECDSA_WITH_CHACHA20_POLY1305 (non-standard) */)); | |
80 } | 124 } |
81 | 125 |
82 } // anonymous namespace | 126 } // anonymous namespace |
83 | 127 |
84 } // namespace net | 128 } // namespace net |
OLD | NEW |