Add a set of tests for cipher string parsing.

Change-Id: I4f9cdfa443bc5916f1899a7fc90aca2bf3c6027c Reviewed-on: https://boringssl-review.googlesource.com/1801 Reviewed-by: Adam Langley <agl@google.com>
author: David Benjamin <davidben@chromium.org> 2014-09-20 15:35:39 -0400
committer: Adam Langley <agl@google.com> 2014-09-22 16:47:44 +0000
commit: bb0a17c5e18a8f8b0416443dc78c08fb7133e37a (patch)
tree: eef1ecb90bc163f52e3db6a89a6b70550bac088b
parent: e113608a1c577b46512c61c7c482ee73d52d4531 (diff)
download: src-bb0a17c5e18a8f8b0416443dc78c08fb7133e37a.tar.gz
3 files changed, 253 insertions, 3 deletions
diff --git a/include/openssl/ssl.h b/include/openssl/ssl.h
index 1e8747e..48ad549 100644
--- a/include/openssl/ssl.h
+++ b/include/openssl/ssl.h
@@ -783,7 +783,7 @@ DECLARE_LHASH_OF(SSL_SESSION);
 struct ssl_cipher_preference_list_st
 	{
 	STACK_OF(SSL_CIPHER) *ciphers;
-	unsigned char *in_group_flags;
+	uint8_t *in_group_flags;
 	};
 
 struct ssl_ctx_st
diff --git a/ssl/CMakeLists.txt b/ssl/CMakeLists.txt
index 3db8607..49f7c3d 100644
--- a/ssl/CMakeLists.txt
+++ b/ssl/CMakeLists.txt
@@ -53,4 +53,4 @@ add_executable(
 	ssl_test.c
 )
 
-target_link_libraries(ssl_test crypto)
+target_link_libraries(ssl_test ssl crypto)
diff --git a/ssl/ssl_test.c b/ssl/ssl_test.c
index cc63268..19f7efd 100644
--- a/ssl/ssl_test.c
+++ b/ssl/ssl_test.c
@@ -14,9 +14,259 @@
 
 #include <stdio.h>
 
-#include "openssl/ssl.h"
+#include <openssl/err.h>
+#include <openssl/ssl.h>
+
+typedef struct {
+  int id;
+  int in_group_flag;
+} EXPECTED_CIPHER;
+
+typedef struct {
+  /* The rule string to apply. */
+  const char *rule;
+  /* The list of expected ciphers, in order, terminated with -1. */
+  const EXPECTED_CIPHER *expected;
+} CIPHER_TEST;
+
+/* Selecting individual ciphers should work. */
+static const char kRule1[] =
+    "ECDHE-ECDSA-CHACHA20-POLY1305:"
+    "ECDHE-RSA-CHACHA20-POLY1305:"
+    "ECDHE-ECDSA-AES128-GCM-SHA256:"
+    "ECDHE-RSA-AES128-GCM-SHA256";
+
+static const EXPECTED_CIPHER kExpected1[] = {
+  { TLS1_CK_ECDHE_ECDSA_CHACHA20_POLY1305, 0 },
+  { TLS1_CK_ECDHE_RSA_CHACHA20_POLY1305, 0 },
+  { TLS1_CK_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256, 0 },
+  { TLS1_CK_ECDHE_RSA_WITH_AES_128_GCM_SHA256, 0 },
+  { -1, -1 },
+};
+
+/* + reorders selected ciphers to the end, keeping their relative
+ * order. */
+static const char kRule2[] =
+    "ECDHE-ECDSA-CHACHA20-POLY1305:"
+    "ECDHE-RSA-CHACHA20-POLY1305:"
+    "ECDHE-ECDSA-AES128-GCM-SHA256:"
+    "ECDHE-RSA-AES128-GCM-SHA256:"
+    "+aRSA";
+
+static const EXPECTED_CIPHER kExpected2[] = {
+  { TLS1_CK_ECDHE_ECDSA_CHACHA20_POLY1305, 0 },
+  { TLS1_CK_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256, 0 },
+  { TLS1_CK_ECDHE_RSA_CHACHA20_POLY1305, 0 },
+  { TLS1_CK_ECDHE_RSA_WITH_AES_128_GCM_SHA256, 0 },
+  { -1, -1 },
+};
+
+/* ! banishes ciphers from future selections. */
+static const char kRule3[] =
+    "!aRSA:"
+    "ECDHE-ECDSA-CHACHA20-POLY1305:"
+    "ECDHE-RSA-CHACHA20-POLY1305:"
+    "ECDHE-ECDSA-AES128-GCM-SHA256:"
+    "ECDHE-RSA-AES128-GCM-SHA256";
+
+static const EXPECTED_CIPHER kExpected3[] = {
+  { TLS1_CK_ECDHE_ECDSA_CHACHA20_POLY1305, 0 },
+  { TLS1_CK_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256, 0 },
+  { -1, -1 },
+};
+
+/* Multiple masks can be ANDed in a single rule. */
+static const char kRule4[] = "kRSA+AESGCM+AES128";
+
+static const EXPECTED_CIPHER kExpected4[] = {
+  { TLS1_CK_RSA_WITH_AES_128_GCM_SHA256, 0 },
+  { -1, -1 },
+};
+
+/* - removes selected ciphers, but preserves their order for future
+ * selections. Select AES_128_GCM, but order the key exchanges RSA,
+ * DHE_RSA, ECDHE_RSA. */
+static const char kRule5[] =
+    "ALL:-kEECDH:-kEDH:-kRSA:-ALL:"
+    "AESGCM+AES128+aRSA";
+
+static const EXPECTED_CIPHER kExpected5[] = {
+  { TLS1_CK_RSA_WITH_AES_128_GCM_SHA256, 0 },
+  { TLS1_CK_DHE_RSA_WITH_AES_128_GCM_SHA256, 0 },
+  { TLS1_CK_ECDHE_RSA_WITH_AES_128_GCM_SHA256, 0 },
+  { -1, -1 },
+};
+
+/* Unknown selectors are no-ops. */
+static const char kRule6[] =
+    "ECDHE-ECDSA-CHACHA20-POLY1305:"
+    "ECDHE-RSA-CHACHA20-POLY1305:"
+    "ECDHE-ECDSA-AES128-GCM-SHA256:"
+    "ECDHE-RSA-AES128-GCM-SHA256:"
+    "BOGUS1:-BOGUS2:+BOGUS3:!BOGUS4";
+
+static const EXPECTED_CIPHER kExpected6[] = {
+  { TLS1_CK_ECDHE_ECDSA_CHACHA20_POLY1305, 0 },
+  { TLS1_CK_ECDHE_RSA_CHACHA20_POLY1305, 0 },
+  { TLS1_CK_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256, 0 },
+  { TLS1_CK_ECDHE_RSA_WITH_AES_128_GCM_SHA256, 0 },
+  { -1, -1 },
+};
+
+/* Square brackets specify equi-preference groups. */
+static const char kRule7[] =
+    "[ECDHE-ECDSA-CHACHA20-POLY1305|ECDHE-ECDSA-AES128-GCM-SHA256]:"
+    "[ECDHE-RSA-CHACHA20-POLY1305]:"
+    "ECDHE-RSA-AES128-GCM-SHA256";
+
+static const EXPECTED_CIPHER kExpected7[] = {
+  { TLS1_CK_ECDHE_ECDSA_CHACHA20_POLY1305, 1 },
+  { TLS1_CK_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256, 0 },
+  { TLS1_CK_ECDHE_RSA_CHACHA20_POLY1305, 0 },
+  { TLS1_CK_ECDHE_RSA_WITH_AES_128_GCM_SHA256, 0 },
+  { -1, -1 },
+};
+
+/* @STRENGTH performs a stable strength-sort of the selected
+ * ciphers and only the selected ciphers. */
+static const char kRule8[] =
+    /* To simplify things, banish all but {ECDHE_RSA,RSA} x
+     * {CHACHA20,AES_256_CBC,AES_128_CBC,RC4} x SHA1. */
+    "!kEDH:!AESGCM:!3DES:!SHA256:!MD5:!SHA384:"
+    /* Order some ciphers backwards by strength. */
+    "ALL:-CHACHA20:-AES256:-AES128:-RC4:-ALL:"
+    /* Select ECDHE ones and sort them by strength. Ties should resolve
+     * based on the order above. */
+    "kEECDH:@STRENGTH:-ALL:"
+    /* Now bring back everything uses RSA. ECDHE_RSA should be first,
+     * sorted by strength. Then RSA, backwards by strength. */
+    "aRSA";
+
+static const EXPECTED_CIPHER kExpected8[] = {
+  { TLS1_CK_ECDHE_RSA_WITH_AES_256_CBC_SHA, 0 },
+  { TLS1_CK_ECDHE_RSA_CHACHA20_POLY1305, 0 },
+  { TLS1_CK_ECDHE_RSA_WITH_RC4_128_SHA, 0 },
+  { TLS1_CK_ECDHE_RSA_WITH_AES_128_CBC_SHA, 0 },
+  { SSL3_CK_RSA_RC4_128_SHA, 0 },
+  { TLS1_CK_RSA_WITH_AES_128_SHA, 0 },
+  { TLS1_CK_RSA_WITH_AES_256_SHA, 0 },
+  { -1, -1 },
+};
+
+static CIPHER_TEST kCipherTests[] = {
+  { kRule1, kExpected1 },
+  { kRule2, kExpected2 },
+  { kRule3, kExpected3 },
+  { kRule4, kExpected4 },
+  { kRule5, kExpected5 },
+  { kRule6, kExpected6 },
+  { kRule7, kExpected7 },
+  { kRule8, kExpected8 },
+  { NULL, NULL },
+};
+
+static const char *kBadRules[] = {
+  /* Invalid brackets. */
+  "[ECDHE-RSA-CHACHA20-POLY1305|ECDHE-RSA-AES128-GCM-SHA256",
+  "RSA]",
+  "[[RSA]]",
+  /* Operators inside brackets */
+  "[+RSA]",
+  /* Unknown directive. */
+  "@BOGUS",
+  /* Empty cipher lists error at SSL_CTX_set_cipher_list. */
+  "",
+  "BOGUS",
+  /* Invalid command. */
+  "?BAR",
+  NULL,
+};
+
+static void print_cipher_preference_list(
+    struct ssl_cipher_preference_list_st *list) {
+  size_t i;
+  int in_group = 0;
+  for (i = 0; i < sk_SSL_CIPHER_num(list->ciphers); i++) {
+    const SSL_CIPHER *cipher = sk_SSL_CIPHER_value(list->ciphers, i);
+    if (!in_group && list->in_group_flags[i]) {
+      fprintf(stderr, "\t[\n");
+      in_group = 1;
+    }
+    fprintf(stderr, "\t");
+    if (in_group) {
+      fprintf(stderr, "  ");
+    }
+    fprintf(stderr, "%s\n", SSL_CIPHER_get_name(cipher));
+    if (in_group && !list->in_group_flags[i]) {
+      fprintf(stderr, "\t]\n");
+      in_group = 0;
+    }
+  }
+}
+
+static int test_cipher_rule(CIPHER_TEST *t) {
+  int ret = 0;
+  SSL_CTX *ctx = SSL_CTX_new(SSLv23_server_method());
+  size_t i;
+
+  if (!SSL_CTX_set_cipher_list(ctx, t->rule)) {
+    fprintf(stderr, "Error testing cipher rule '%s'\n", t->rule);
+    BIO_print_errors_fp(stderr);
+    goto done;
+  }
+
+  /* Compare the two lists. */
+  for (i = 0; i < sk_SSL_CIPHER_num(ctx->cipher_list->ciphers); i++) {
+    const SSL_CIPHER *cipher =
+        sk_SSL_CIPHER_value(ctx->cipher_list->ciphers, i);
+    if (t->expected[i].id != SSL_CIPHER_get_id(cipher) ||
+        t->expected[i].in_group_flag != ctx->cipher_list->in_group_flags[i]) {
+      fprintf(stderr, "Error: cipher rule '%s' evaluted to:\n", t->rule);
+      print_cipher_preference_list(ctx->cipher_list);
+      goto done;
+    }
+  }
+
+  if (t->expected[i].id != -1) {
+    fprintf(stderr, "Error: cipher rule '%s' evaluted to:\n", t->rule);
+    print_cipher_preference_list(ctx->cipher_list);
+    goto done;
+  }
+
+  ret = 1;
+done:
+  SSL_CTX_free(ctx);
+  return ret;
+}
+
+static int test_cipher_rules(void) {
+  size_t i;
+  for (i = 0; kCipherTests[i].rule != NULL; i++) {
+    if (!test_cipher_rule(&kCipherTests[i])) {
+      return 0;
+    }
+  }
+
+  for (i = 0; kBadRules[i] != NULL; i++) {
+    SSL_CTX *ctx = SSL_CTX_new(SSLv23_server_method());
+    if (SSL_CTX_set_cipher_list(ctx, kBadRules[i])) {
+      fprintf(stderr, "Cipher rule '%s' unexpectedly succeeded\n", kBadRules[i]);
+      return 0;
+    }
+    ERR_clear_error();
+    SSL_CTX_free(ctx);
+  }
+
+  return 1;
+}
 
 int main(void) {
+  SSL_library_init();
+
+  if (!test_cipher_rules()) {
+    return 1;
+  }
+
   printf("PASS\n");
   return 0;
 }
author	David Benjamin <davidben@chromium.org>	2014-09-20 15:35:39 -0400
committer	Adam Langley <agl@google.com>	2014-09-22 16:47:44 +0000
commit	bb0a17c5e18a8f8b0416443dc78c08fb7133e37a (patch)
tree	eef1ecb90bc163f52e3db6a89a6b70550bac088b
parent	e113608a1c577b46512c61c7c482ee73d52d4531 (diff)
download	src-bb0a17c5e18a8f8b0416443dc78c08fb7133e37a.tar.gz