| OLD | NEW |
|---|
| 1 // Copyright (c) 2011 The Chromium Authors. All rights reserved. | 1 // Copyright (c) 2011 The Chromium Authors. All rights reserved. |
| 2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
| 3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
| 4 | 4 |
| 5 #include "net/ssl/ssl_cipher_suite_names.h" | 5 #include "net/ssl/ssl_cipher_suite_names.h" |
| 6 | 6 |
| 7 #include "base/macros.h" | 7 #include "base/macros.h" |
| 8 #include "base/strings/stringprintf.h" | 8 #include "base/strings/stringprintf.h" |
| 9 #include "net/ssl/ssl_connection_status_flags.h" | 9 #include "net/ssl/ssl_connection_status_flags.h" |
| 10 #include "testing/gtest/include/gtest/gtest.h" | 10 #include "testing/gtest/include/gtest/gtest.h" |
| (...skipping 21 matching lines...) Expand all Loading... |
| 32 int connection_status = 0; | 32 int connection_status = 0; |
| 33 | 33 |
| 34 SSLConnectionStatusSetVersion(version, &connection_status); | 34 SSLConnectionStatusSetVersion(version, &connection_status); |
| 35 SSLConnectionStatusSetCipherSuite(cipher_suite, &connection_status); | 35 SSLConnectionStatusSetCipherSuite(cipher_suite, &connection_status); |
| 36 | 36 |
| 37 return connection_status; | 37 return connection_status; |
| 38 } | 38 } |
| 39 | 39 |
| 40 TEST(CipherSuiteNamesTest, Basic) { | 40 TEST(CipherSuiteNamesTest, Basic) { |
| 41 const char *key_exchange, *cipher, *mac; | 41 const char *key_exchange, *cipher, *mac; |
| 42 bool is_aead; | 42 bool is_aead, is_tls13; |
| 43 | 43 |
| 44 SSLCipherSuiteToStrings(&key_exchange, &cipher, &mac, &is_aead, 0xc001); | 44 SSLCipherSuiteToStrings(&key_exchange, &cipher, &mac, &is_aead, &is_tls13, |
| 45 0xc001); |
| 45 EXPECT_STREQ("ECDH_ECDSA", key_exchange); | 46 EXPECT_STREQ("ECDH_ECDSA", key_exchange); |
| 46 EXPECT_STREQ("NULL", cipher); | 47 EXPECT_STREQ("NULL", cipher); |
| 47 EXPECT_STREQ("HMAC-SHA1", mac); | 48 EXPECT_STREQ("HMAC-SHA1", mac); |
| 48 EXPECT_FALSE(is_aead); | 49 EXPECT_FALSE(is_aead); |
| 50 EXPECT_FALSE(is_tls13); |
| 49 | 51 |
| 50 SSLCipherSuiteToStrings(&key_exchange, &cipher, &mac, &is_aead, 0x009f); | 52 SSLCipherSuiteToStrings(&key_exchange, &cipher, &mac, &is_aead, &is_tls13, |
| 53 0x009f); |
| 51 EXPECT_STREQ("DHE_RSA", key_exchange); | 54 EXPECT_STREQ("DHE_RSA", key_exchange); |
| 52 EXPECT_STREQ("AES_256_GCM", cipher); | 55 EXPECT_STREQ("AES_256_GCM", cipher); |
| 53 EXPECT_TRUE(is_aead); | 56 EXPECT_TRUE(is_aead); |
| 54 EXPECT_EQ(NULL, mac); | 57 EXPECT_FALSE(is_tls13); |
| 58 EXPECT_EQ(nullptr, mac); |
| 55 | 59 |
| 56 SSLCipherSuiteToStrings(&key_exchange, &cipher, &mac, &is_aead, 0xcca9); | 60 SSLCipherSuiteToStrings(&key_exchange, &cipher, &mac, &is_aead, &is_tls13, |
| 61 0xcca9); |
| 57 EXPECT_STREQ("ECDHE_ECDSA", key_exchange); | 62 EXPECT_STREQ("ECDHE_ECDSA", key_exchange); |
| 58 EXPECT_STREQ("CHACHA20_POLY1305", cipher); | 63 EXPECT_STREQ("CHACHA20_POLY1305", cipher); |
| 59 EXPECT_TRUE(is_aead); | 64 EXPECT_TRUE(is_aead); |
| 60 EXPECT_EQ(NULL, mac); | 65 EXPECT_FALSE(is_tls13); |
| 66 EXPECT_EQ(nullptr, mac); |
| 61 | 67 |
| 62 // Non-standard variant. | 68 // Non-standard variant. |
| 63 SSLCipherSuiteToStrings(&key_exchange, &cipher, &mac, &is_aead, 0xcc14); | 69 SSLCipherSuiteToStrings(&key_exchange, &cipher, &mac, &is_aead, &is_tls13, |
| 70 0xcc14); |
| 64 EXPECT_STREQ("ECDHE_ECDSA", key_exchange); | 71 EXPECT_STREQ("ECDHE_ECDSA", key_exchange); |
| 65 EXPECT_STREQ("CHACHA20_POLY1305", cipher); | 72 EXPECT_STREQ("CHACHA20_POLY1305", cipher); |
| 66 EXPECT_TRUE(is_aead); | 73 EXPECT_TRUE(is_aead); |
| 67 EXPECT_EQ(NULL, mac); | 74 EXPECT_FALSE(is_tls13); |
| 75 EXPECT_EQ(nullptr, mac); |
| 68 | 76 |
| 69 SSLCipherSuiteToStrings(&key_exchange, &cipher, &mac, &is_aead, 0xff31); | 77 SSLCipherSuiteToStrings(&key_exchange, &cipher, &mac, &is_aead, &is_tls13, |
| 78 0xff31); |
| 70 EXPECT_STREQ("???", key_exchange); | 79 EXPECT_STREQ("???", key_exchange); |
| 71 EXPECT_STREQ("???", cipher); | 80 EXPECT_STREQ("???", cipher); |
| 72 EXPECT_STREQ("???", mac); | 81 EXPECT_STREQ("???", mac); |
| 73 EXPECT_FALSE(is_aead); | 82 EXPECT_FALSE(is_aead); |
| 83 EXPECT_FALSE(is_tls13); |
| 84 |
| 85 SSLCipherSuiteToStrings(&key_exchange, &cipher, &mac, &is_aead, &is_tls13, |
| 86 0x1301); |
| 87 EXPECT_STREQ("AES_128_GCM", cipher); |
| 88 EXPECT_TRUE(is_aead); |
| 89 EXPECT_TRUE(is_tls13); |
| 90 EXPECT_EQ(nullptr, mac); |
| 91 EXPECT_EQ(nullptr, key_exchange); |
| 92 |
| 93 SSLCipherSuiteToStrings(&key_exchange, &cipher, &mac, &is_aead, &is_tls13, |
| 94 0x1302); |
| 95 EXPECT_STREQ("AES_256_GCM", cipher); |
| 96 EXPECT_TRUE(is_aead); |
| 97 EXPECT_TRUE(is_tls13); |
| 98 EXPECT_EQ(nullptr, mac); |
| 99 EXPECT_EQ(nullptr, key_exchange); |
| 100 |
| 101 SSLCipherSuiteToStrings(&key_exchange, &cipher, &mac, &is_aead, &is_tls13, |
| 102 0x1303); |
| 103 EXPECT_STREQ("CHACHA20_POLY1305", cipher); |
| 104 EXPECT_TRUE(is_aead); |
| 105 EXPECT_TRUE(is_tls13); |
| 106 EXPECT_EQ(nullptr, mac); |
| 107 EXPECT_EQ(nullptr, key_exchange); |
| 74 } | 108 } |
| 75 | 109 |
| 76 TEST(CipherSuiteNamesTest, ParseSSLCipherString) { | 110 TEST(CipherSuiteNamesTest, ParseSSLCipherString) { |
| 77 uint16_t cipher_suite = 0; | 111 uint16_t cipher_suite = 0; |
| 78 EXPECT_TRUE(ParseSSLCipherString("0x0004", &cipher_suite)); | 112 EXPECT_TRUE(ParseSSLCipherString("0x0004", &cipher_suite)); |
| 79 EXPECT_EQ(0x00004u, cipher_suite); | 113 EXPECT_EQ(0x00004u, cipher_suite); |
| 80 | 114 |
| 81 EXPECT_TRUE(ParseSSLCipherString("0xBEEF", &cipher_suite)); | 115 EXPECT_TRUE(ParseSSLCipherString("0xBEEF", &cipher_suite)); |
| 82 EXPECT_EQ(0xBEEFu, cipher_suite); | 116 EXPECT_EQ(0xBEEFu, cipher_suite); |
| 83 } | 117 } |
| (...skipping 56 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 140 kModernVersion, kObsoleteCipherObsoleteKeyExchange))); | 174 kModernVersion, kObsoleteCipherObsoleteKeyExchange))); |
| 141 EXPECT_EQ(OBSOLETE_SSL_MASK_KEY_EXCHANGE, | 175 EXPECT_EQ(OBSOLETE_SSL_MASK_KEY_EXCHANGE, |
| 142 ObsoleteSSLStatus(MakeConnectionStatus( | 176 ObsoleteSSLStatus(MakeConnectionStatus( |
| 143 kModernVersion, kObsoleteCipherModernKeyExchange))); | 177 kModernVersion, kObsoleteCipherModernKeyExchange))); |
| 144 EXPECT_EQ(OBSOLETE_SSL_MASK_CIPHER, | 178 EXPECT_EQ(OBSOLETE_SSL_MASK_CIPHER, |
| 145 ObsoleteSSLStatus(MakeConnectionStatus( | 179 ObsoleteSSLStatus(MakeConnectionStatus( |
| 146 kModernVersion, kModernCipherObsoleteKeyExchange))); | 180 kModernVersion, kModernCipherObsoleteKeyExchange))); |
| 147 EXPECT_EQ(OBSOLETE_SSL_NONE, | 181 EXPECT_EQ(OBSOLETE_SSL_NONE, |
| 148 ObsoleteSSLStatus(MakeConnectionStatus( | 182 ObsoleteSSLStatus(MakeConnectionStatus( |
| 149 kModernVersion, kModernCipherModernKeyExchange))); | 183 kModernVersion, kModernCipherModernKeyExchange))); |
| 184 EXPECT_EQ(OBSOLETE_SSL_NONE, ObsoleteSSLStatus(MakeConnectionStatus( |
| 185 SSL_CONNECTION_VERSION_TLS1_3, |
| 186 0x1301 /* AES_128_GCM_SHA256 */))); |
| 150 } | 187 } |
| 151 | 188 |
| 152 TEST(CipherSuiteNamesTest, HTTP2CipherSuites) { | 189 TEST(CipherSuiteNamesTest, HTTP2CipherSuites) { |
| 153 // Picked some random cipher suites. | 190 // Picked some random cipher suites. |
| 154 EXPECT_FALSE( | 191 EXPECT_FALSE( |
| 155 IsTLSCipherSuiteAllowedByHTTP2(0x0 /* TLS_NULL_WITH_NULL_NULL */)); | 192 IsTLSCipherSuiteAllowedByHTTP2(0x0 /* TLS_NULL_WITH_NULL_NULL */)); |
| 156 EXPECT_FALSE(IsTLSCipherSuiteAllowedByHTTP2( | 193 EXPECT_FALSE(IsTLSCipherSuiteAllowedByHTTP2( |
| 157 0x39 /* TLS_DHE_RSA_WITH_AES_256_CBC_SHA */)); | 194 0x39 /* TLS_DHE_RSA_WITH_AES_256_CBC_SHA */)); |
| 158 EXPECT_FALSE(IsTLSCipherSuiteAllowedByHTTP2( | 195 EXPECT_FALSE(IsTLSCipherSuiteAllowedByHTTP2( |
| 159 0xc5 /* TLS_DH_anon_WITH_CAMELLIA_256_CBC_SHA256 */)); | 196 0xc5 /* TLS_DH_anon_WITH_CAMELLIA_256_CBC_SHA256 */)); |
| (...skipping 15 matching lines...) Expand all Loading... |
| 175 EXPECT_TRUE(IsTLSCipherSuiteAllowedByHTTP2( | 212 EXPECT_TRUE(IsTLSCipherSuiteAllowedByHTTP2( |
| 176 0xc02f /* TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256 */)); | 213 0xc02f /* TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256 */)); |
| 177 EXPECT_TRUE(IsTLSCipherSuiteAllowedByHTTP2( | 214 EXPECT_TRUE(IsTLSCipherSuiteAllowedByHTTP2( |
| 178 0xcc13 /* ECDHE_RSA_WITH_CHACHA20_POLY1305 (non-standard) */)); | 215 0xcc13 /* ECDHE_RSA_WITH_CHACHA20_POLY1305 (non-standard) */)); |
| 179 EXPECT_TRUE(IsTLSCipherSuiteAllowedByHTTP2( | 216 EXPECT_TRUE(IsTLSCipherSuiteAllowedByHTTP2( |
| 180 0xcc14 /* ECDHE_ECDSA_WITH_CHACHA20_POLY1305 (non-standard) */)); | 217 0xcc14 /* ECDHE_ECDSA_WITH_CHACHA20_POLY1305 (non-standard) */)); |
| 181 EXPECT_TRUE(IsTLSCipherSuiteAllowedByHTTP2( | 218 EXPECT_TRUE(IsTLSCipherSuiteAllowedByHTTP2( |
| 182 0xcca8 /* ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256 */)); | 219 0xcca8 /* ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256 */)); |
| 183 EXPECT_TRUE(IsTLSCipherSuiteAllowedByHTTP2( | 220 EXPECT_TRUE(IsTLSCipherSuiteAllowedByHTTP2( |
| 184 0xcca9 /* ECDHE_ECDSA_WITH_CHACHA20_POLY1305_SHA256 */)); | 221 0xcca9 /* ECDHE_ECDSA_WITH_CHACHA20_POLY1305_SHA256 */)); |
| 222 EXPECT_TRUE(IsTLSCipherSuiteAllowedByHTTP2(0x1301 /* AES_128_GCM_SHA256 */)); |
| 223 EXPECT_TRUE(IsTLSCipherSuiteAllowedByHTTP2(0x1302 /* AES_256_GCM_SHA384 */)); |
| 224 EXPECT_TRUE(IsTLSCipherSuiteAllowedByHTTP2(0x1303 /* CHACHA20_POLY1305 */)); |
| 185 } | 225 } |
| 186 | 226 |
| 187 TEST(CipherSuiteNamesTest, CECPQ1) { | 227 TEST(CipherSuiteNamesTest, CECPQ1) { |
| 188 const std::vector<uint16_t> kCECPQ1CipherSuites = { | 228 const std::vector<uint16_t> kCECPQ1CipherSuites = { |
| 189 0x16b7, // TLS_CECPQ1_RSA_WITH_CHACHA20_POLY1305_SHA256 (non-standard) | 229 0x16b7, // TLS_CECPQ1_RSA_WITH_CHACHA20_POLY1305_SHA256 (non-standard) |
| 190 0x16b8, // TLS_CECPQ1_ECDSA_WITH_CHACHA20_POLY1305_SHA256 (non-standard) | 230 0x16b8, // TLS_CECPQ1_ECDSA_WITH_CHACHA20_POLY1305_SHA256 (non-standard) |
| 191 0x16b9, // TLS_CECPQ1_RSA_WITH_AES_256_GCM_SHA384 (non-standard) | 231 0x16b9, // TLS_CECPQ1_RSA_WITH_AES_256_GCM_SHA384 (non-standard) |
| 192 0x16ba, // TLS_CECPQ1_ECDSA_WITH_AES_256_GCM_SHA384 (non-standard) | 232 0x16ba, // TLS_CECPQ1_ECDSA_WITH_AES_256_GCM_SHA384 (non-standard) |
| 193 }; | 233 }; |
| 194 const char *key_exchange, *cipher, *mac; | 234 const char *key_exchange, *cipher, *mac; |
| 195 bool is_aead; | 235 bool is_aead, is_tls13; |
| 196 | 236 |
| 197 for (const uint16_t cipher_suite_id : kCECPQ1CipherSuites) { | 237 for (const uint16_t cipher_suite_id : kCECPQ1CipherSuites) { |
| 198 SCOPED_TRACE(base::StringPrintf("cipher suite %x", cipher_suite_id)); | 238 SCOPED_TRACE(base::StringPrintf("cipher suite %x", cipher_suite_id)); |
| 199 EXPECT_TRUE(IsTLSCipherSuiteAllowedByHTTP2(cipher_suite_id)); | 239 EXPECT_TRUE(IsTLSCipherSuiteAllowedByHTTP2(cipher_suite_id)); |
| 200 | 240 |
| 201 int connection_status = | 241 int connection_status = |
| 202 MakeConnectionStatus(kModernVersion, cipher_suite_id); | 242 MakeConnectionStatus(kModernVersion, cipher_suite_id); |
| 203 EXPECT_EQ(OBSOLETE_SSL_NONE, ObsoleteSSLStatus(connection_status)); | 243 EXPECT_EQ(OBSOLETE_SSL_NONE, ObsoleteSSLStatus(connection_status)); |
| 204 SSLCipherSuiteToStrings(&key_exchange, &cipher, &mac, &is_aead, | 244 EXPECT_TRUE(IsTLSCipherSuiteAllowedByHTTP2(cipher_suite_id)); |
| 245 SSLCipherSuiteToStrings(&key_exchange, &cipher, &mac, &is_aead, &is_tls13, |
| 205 cipher_suite_id); | 246 cipher_suite_id); |
| 206 EXPECT_TRUE(is_aead); | 247 EXPECT_TRUE(is_aead); |
| 248 EXPECT_FALSE(is_tls13); |
| 207 EXPECT_EQ(nullptr, mac); | 249 EXPECT_EQ(nullptr, mac); |
| 208 } | 250 } |
| 209 | 251 |
| 210 SSLCipherSuiteToStrings(&key_exchange, &cipher, &mac, &is_aead, 0x16b7); | 252 SSLCipherSuiteToStrings(&key_exchange, &cipher, &mac, &is_aead, &is_tls13, |
| 253 0x16b7); |
| 211 EXPECT_STREQ("CECPQ1_RSA", key_exchange); | 254 EXPECT_STREQ("CECPQ1_RSA", key_exchange); |
| 212 EXPECT_STREQ("CHACHA20_POLY1305", cipher); | 255 EXPECT_STREQ("CHACHA20_POLY1305", cipher); |
| 213 | 256 |
| 214 SSLCipherSuiteToStrings(&key_exchange, &cipher, &mac, &is_aead, 0x16b8); | 257 SSLCipherSuiteToStrings(&key_exchange, &cipher, &mac, &is_aead, &is_tls13, |
| 258 0x16b8); |
| 215 EXPECT_STREQ("CECPQ1_ECDSA", key_exchange); | 259 EXPECT_STREQ("CECPQ1_ECDSA", key_exchange); |
| 216 EXPECT_STREQ("CHACHA20_POLY1305", cipher); | 260 EXPECT_STREQ("CHACHA20_POLY1305", cipher); |
| 217 | 261 |
| 218 SSLCipherSuiteToStrings(&key_exchange, &cipher, &mac, &is_aead, 0x16b9); | 262 SSLCipherSuiteToStrings(&key_exchange, &cipher, &mac, &is_aead, &is_tls13, |
| 263 0x16b9); |
| 219 EXPECT_STREQ("CECPQ1_RSA", key_exchange); | 264 EXPECT_STREQ("CECPQ1_RSA", key_exchange); |
| 220 EXPECT_STREQ("AES_256_GCM", cipher); | 265 EXPECT_STREQ("AES_256_GCM", cipher); |
| 221 | 266 |
| 222 SSLCipherSuiteToStrings(&key_exchange, &cipher, &mac, &is_aead, 0x16ba); | 267 SSLCipherSuiteToStrings(&key_exchange, &cipher, &mac, &is_aead, &is_tls13, |
| 268 0x16ba); |
| 223 EXPECT_STREQ("CECPQ1_ECDSA", key_exchange); | 269 EXPECT_STREQ("CECPQ1_ECDSA", key_exchange); |
| 224 EXPECT_STREQ("AES_256_GCM", cipher); | 270 EXPECT_STREQ("AES_256_GCM", cipher); |
| 225 } | 271 } |
| 226 | 272 |
| 227 } // anonymous namespace | 273 } // anonymous namespace |
| 228 | 274 |
| 229 } // namespace net | 275 } // namespace net |
| OLD | NEW |
|---|
Chromium Code Reviews
Issue 2395323002:
Roll src/third_party/boringssl/src 0d81373f9..1991af690 (Closed)
