1/* 2 * Copyright (c) 2012,2014 Apple Inc. All Rights Reserved. 3 * 4 * @APPLE_LICENSE_HEADER_START@ 5 * 6 * This file contains Original Code and/or Modifications of Original Code 7 * as defined in and that are subject to the Apple Public Source License 8 * Version 2.0 (the 'License'). You may not use this file except in 9 * compliance with the License. Please obtain a copy of the License at 10 * http://www.opensource.apple.com/apsl/ and read it before using this 11 * file. 12 * 13 * The Original Code and all software distributed under the License are 14 * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER 15 * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES, 16 * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY, 17 * FITNESS FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT. 18 * Please see the License for the specific language governing rights and 19 * limitations under the License. 20 * 21 * @APPLE_LICENSE_HEADER_END@ 22 */ 23 24 25#include <stdio.h> 26#include <stdlib.h> 27#include <Security/SecureTransport.h> 28#include <AssertMacros.h> 29 30#include "ssl_regressions.h" 31#include "ssl-utils.h" 32 33 34#include "cipherSpecs.h" 35 36static int test_GetSupportedCiphers(SSLContextRef ssl) 37{ 38 size_t max_ciphers = 0; 39 int fail=1; 40 SSLCipherSuite *ciphers = NULL; 41 42 require_noerr(SSLGetNumberSupportedCiphers(ssl, &max_ciphers), out); 43 44 size_t size = max_ciphers * sizeof (SSLCipherSuite); 45 ciphers = (SSLCipherSuite *) malloc(size); 46 47 require_string(ciphers, out, "out of memory"); 48 memset(ciphers, 0xff, size); 49 50 size_t num_ciphers = max_ciphers; 51 require_noerr(SSLGetSupportedCiphers(ssl, ciphers, &num_ciphers), out); 52 53 54 for (size_t i = 0; i < num_ciphers; i++) { 55 require(ciphers[i]!=(SSLCipherSuite)(-1), out); 56 } 57 58 /* Success! */ 59 fail=0; 60 61out: 62 if(ciphers) free(ciphers); 63 return fail; 64} 65 66static 67int allowed_default_ciphers(SSLCipherSuite cs) 68{ 69 switch (cs) { 70 71 /* BAD to enable by default */ 72 73 74 /* 75 * Tags for SSL 2 cipher kinds which are not specified 76 * for SSL 3. 77 */ 78 case SSL_RSA_WITH_RC2_CBC_MD5: 79 case SSL_RSA_WITH_IDEA_CBC_MD5: 80 case SSL_RSA_WITH_DES_CBC_MD5: 81 case SSL_RSA_WITH_3DES_EDE_CBC_MD5: 82 83 /* Export and Simple DES ciphers */ 84 case SSL_RSA_EXPORT_WITH_RC4_40_MD5: 85 case SSL_RSA_EXPORT_WITH_RC2_CBC_40_MD5: 86 case SSL_RSA_WITH_IDEA_CBC_SHA: 87 case SSL_RSA_EXPORT_WITH_DES40_CBC_SHA: 88 case SSL_RSA_WITH_DES_CBC_SHA: 89 case SSL_DH_DSS_EXPORT_WITH_DES40_CBC_SHA: 90 case SSL_DH_DSS_WITH_DES_CBC_SHA: 91 case SSL_DH_RSA_EXPORT_WITH_DES40_CBC_SHA: 92 case SSL_DH_RSA_WITH_DES_CBC_SHA: 93 case SSL_DHE_DSS_EXPORT_WITH_DES40_CBC_SHA: 94 case SSL_DHE_DSS_WITH_DES_CBC_SHA: 95 case SSL_DHE_RSA_EXPORT_WITH_DES40_CBC_SHA: 96 case SSL_DHE_RSA_WITH_DES_CBC_SHA: 97 case SSL_DH_anon_EXPORT_WITH_RC4_40_MD5: 98 case SSL_DH_anon_EXPORT_WITH_DES40_CBC_SHA: 99 case SSL_DH_anon_WITH_DES_CBC_SHA: 100 case SSL_FORTEZZA_DMS_WITH_NULL_SHA: 101 case SSL_FORTEZZA_DMS_WITH_FORTEZZA_CBC_SHA: 102 103 case SSL_NO_SUCH_CIPHERSUITE: 104 105 /* Null ciphers. */ 106 case TLS_NULL_WITH_NULL_NULL: 107 case TLS_RSA_WITH_NULL_MD5: 108 case TLS_RSA_WITH_NULL_SHA: 109 case TLS_RSA_WITH_NULL_SHA256: 110 case TLS_ECDH_ECDSA_WITH_NULL_SHA: 111 case TLS_ECDHE_ECDSA_WITH_NULL_SHA: 112 case TLS_ECDHE_RSA_WITH_NULL_SHA: 113 case TLS_ECDH_RSA_WITH_NULL_SHA: 114 case TLS_ECDH_anon_WITH_NULL_SHA: 115 116 /* Completely anonymous Diffie-Hellman */ 117 case TLS_DH_anon_WITH_RC4_128_MD5: 118 case TLS_DH_anon_WITH_3DES_EDE_CBC_SHA: 119 case TLS_DH_anon_WITH_AES_128_CBC_SHA: 120 case TLS_DH_anon_WITH_AES_256_CBC_SHA: 121 case TLS_DH_anon_WITH_AES_128_CBC_SHA256: 122 case TLS_DH_anon_WITH_AES_256_CBC_SHA256: 123 case TLS_DH_anon_WITH_AES_128_GCM_SHA256: 124 case TLS_DH_anon_WITH_AES_256_GCM_SHA384: 125 case TLS_ECDH_anon_WITH_RC4_128_SHA: 126 case TLS_ECDH_anon_WITH_3DES_EDE_CBC_SHA: 127 case TLS_ECDH_anon_WITH_AES_128_CBC_SHA: 128 case TLS_ECDH_anon_WITH_AES_256_CBC_SHA: 129 130 return 0; 131 132 133 /* OK to enable by default */ 134 135 /* Server provided RSA certificate for key exchange. */ 136 case TLS_RSA_WITH_RC4_128_MD5: 137 case TLS_RSA_WITH_RC4_128_SHA: 138 case TLS_RSA_WITH_3DES_EDE_CBC_SHA: 139 case TLS_RSA_WITH_AES_128_CBC_SHA: 140 case TLS_RSA_WITH_AES_256_CBC_SHA: 141 case TLS_RSA_WITH_AES_128_CBC_SHA256: 142 case TLS_RSA_WITH_AES_256_CBC_SHA256: 143 return 1; 144 145 /* Server-authenticated (and optionally client-authenticated) Diffie-Hellman. */ 146 case TLS_DH_DSS_WITH_3DES_EDE_CBC_SHA: 147 case TLS_DH_RSA_WITH_3DES_EDE_CBC_SHA: 148 case TLS_DHE_DSS_WITH_3DES_EDE_CBC_SHA: 149 case TLS_DHE_RSA_WITH_3DES_EDE_CBC_SHA: 150 case TLS_DH_DSS_WITH_AES_128_CBC_SHA: 151 case TLS_DH_RSA_WITH_AES_128_CBC_SHA: 152 case TLS_DHE_DSS_WITH_AES_128_CBC_SHA: 153 case TLS_DHE_RSA_WITH_AES_128_CBC_SHA: 154 case TLS_DH_DSS_WITH_AES_256_CBC_SHA: 155 case TLS_DH_RSA_WITH_AES_256_CBC_SHA: 156 case TLS_DHE_DSS_WITH_AES_256_CBC_SHA: 157 case TLS_DHE_RSA_WITH_AES_256_CBC_SHA: 158 case TLS_DH_DSS_WITH_AES_128_CBC_SHA256: 159 case TLS_DH_RSA_WITH_AES_128_CBC_SHA256: 160 case TLS_DHE_DSS_WITH_AES_128_CBC_SHA256: 161 case TLS_DHE_RSA_WITH_AES_128_CBC_SHA256: 162 case TLS_DH_DSS_WITH_AES_256_CBC_SHA256: 163 case TLS_DH_RSA_WITH_AES_256_CBC_SHA256: 164 case TLS_DHE_DSS_WITH_AES_256_CBC_SHA256: 165 case TLS_DHE_RSA_WITH_AES_256_CBC_SHA256: 166 167 case TLS_RSA_WITH_AES_128_GCM_SHA256: 168 case TLS_RSA_WITH_AES_256_GCM_SHA384: 169 case TLS_DHE_RSA_WITH_AES_128_GCM_SHA256: 170 case TLS_DHE_RSA_WITH_AES_256_GCM_SHA384: 171 case TLS_DH_RSA_WITH_AES_128_GCM_SHA256: 172 case TLS_DH_RSA_WITH_AES_256_GCM_SHA384: 173 case TLS_DHE_DSS_WITH_AES_128_GCM_SHA256: 174 case TLS_DHE_DSS_WITH_AES_256_GCM_SHA384: 175 case TLS_DH_DSS_WITH_AES_128_GCM_SHA256: 176 case TLS_DH_DSS_WITH_AES_256_GCM_SHA384: 177 178 case TLS_ECDH_ECDSA_WITH_RC4_128_SHA: 179 case TLS_ECDH_ECDSA_WITH_3DES_EDE_CBC_SHA: 180 case TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA: 181 case TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA: 182 case TLS_ECDHE_ECDSA_WITH_RC4_128_SHA: 183 case TLS_ECDHE_ECDSA_WITH_3DES_EDE_CBC_SHA: 184 case TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA: 185 case TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA: 186 case TLS_ECDH_RSA_WITH_RC4_128_SHA: 187 case TLS_ECDH_RSA_WITH_3DES_EDE_CBC_SHA: 188 case TLS_ECDH_RSA_WITH_AES_128_CBC_SHA: 189 case TLS_ECDH_RSA_WITH_AES_256_CBC_SHA: 190 case TLS_ECDHE_RSA_WITH_RC4_128_SHA: 191 case TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA: 192 case TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA: 193 case TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA: 194 195 case TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256: 196 case TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384: 197 case TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA256: 198 case TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA384: 199 case TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256: 200 case TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384: 201 case TLS_ECDH_RSA_WITH_AES_128_CBC_SHA256: 202 case TLS_ECDH_RSA_WITH_AES_256_CBC_SHA384: 203 204 case TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256: 205 case TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384: 206 case TLS_ECDH_ECDSA_WITH_AES_128_GCM_SHA256: 207 case TLS_ECDH_ECDSA_WITH_AES_256_GCM_SHA384: 208 case TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256: 209 case TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384: 210 case TLS_ECDH_RSA_WITH_AES_128_GCM_SHA256: 211 case TLS_ECDH_RSA_WITH_AES_256_GCM_SHA384: 212 213 /* RFC 5746 - Secure Renegotiation */ 214 case TLS_EMPTY_RENEGOTIATION_INFO_SCSV: 215 return 1; 216 217 /* unknown cipher ? */ 218 default: 219 return 0; 220 } 221} 222 223static OSStatus SocketWrite(SSLConnectionRef conn, const void *data, size_t *length) 224{ 225 return errSSLWouldBlock; 226} 227 228static OSStatus SocketRead(SSLConnectionRef conn, void *data, size_t *length) 229{ 230 return errSSLWouldBlock; 231} 232 233 234static int test_GetEnabledCiphers(SSLContextRef ssl) 235{ 236 size_t max_ciphers = 0; 237 int fail=1; 238 SSLCipherSuite *ciphers = NULL; 239 OSStatus err; 240 241 err=SSLSetIOFuncs(ssl, &SocketRead, &SocketWrite); 242 err=SSLSetConnection(ssl, NULL); 243 err=SSLHandshake(ssl); 244 245 require_noerr(SSLGetNumberEnabledCiphers(ssl, &max_ciphers), out); 246 247 size_t size = max_ciphers * sizeof (SSLCipherSuite); 248 ciphers = (SSLCipherSuite *) malloc(size); 249 250 require_string(ciphers, out, "out of memory"); 251 memset(ciphers, 0xff, size); 252 253 size_t num_ciphers = max_ciphers; 254 require_noerr(SSLGetEnabledCiphers(ssl, ciphers, &num_ciphers), out); 255 256 for (size_t i = 0; i < num_ciphers; i++) { 257 char csname[256]; 258 snprintf(csname, 256, "(%04x) %s", ciphers[i], ciphersuite_name(ciphers[i])); 259 /* Uncomment the next line if you want to list the default enabled ciphers */ 260 //printf("%s\n", csname); 261 require_string(allowed_default_ciphers(ciphers[i]), out, csname); 262 } 263 264 /* Success! */ 265 fail=0; 266 267out: 268 if(ciphers) free(ciphers); 269 return fail; 270} 271 272static int test_SetEnabledCiphers(SSLContextRef ssl) 273{ 274 int fail=1; 275 size_t num_enabled; 276 277 /* This should not fail as long as we have one valid cipher in this table */ 278 SSLCipherSuite ciphers[] = { 279 SSL_RSA_WITH_RC2_CBC_MD5, /* unsupported */ 280 TLS_RSA_WITH_NULL_SHA, /* supported by not enabled by default */ 281 TLS_RSA_WITH_AES_128_CBC_SHA, /* Supported and enabled by default */ 282 }; 283 284 require_noerr(SSLSetEnabledCiphers(ssl, ciphers, sizeof(ciphers)/sizeof(SSLCipherSuite)), out); 285 require_noerr(SSLGetNumberEnabledCiphers(ssl, &num_enabled), out); 286 287 require(num_enabled==2, out); /* 2 ciphers in the above table are supported */ 288 289 /* Success! */ 290 fail=0; 291 292out: 293 return fail; 294} 295 296 297static void 298test(void) 299{ 300 SSLContextRef ssl = NULL; 301 302 require(ssl=SSLCreateContext(kCFAllocatorDefault, kSSLClientSide, kSSLStreamType), out); 303 ok(ssl, "SSLCreateContext failed"); 304 305 /* The order of this tests does matter, be careful when adding tests */ 306 ok(!test_GetSupportedCiphers(ssl), "GetSupportedCiphers test failed"); 307 ok(!test_GetEnabledCiphers(ssl), "GetEnabledCiphers test failed"); 308 309 CFRelease(ssl); ssl=NULL; 310 311 require(ssl=SSLCreateContext(kCFAllocatorDefault, kSSLClientSide, kSSLStreamType), out); 312 ok(ssl, "SSLCreateContext failed"); 313 314 ok(!test_SetEnabledCiphers(ssl), "SetEnabledCiphers test failed"); 315 316out: 317 if(ssl) CFRelease(ssl); 318} 319 320 321int ssl_46_SSLGetSupportedCiphers(int argc, char *const *argv) 322{ 323 plan_tests(5); 324 325 test(); 326 327 return 0; 328} 329 330