/* Copyright (c) 2014, Google Inc. * * Permission to use, copy, modify, and/or distribute this software for any * purpose with or without fee is hereby granted, provided that the above * copyright notice and this permission notice appear in all copies. * * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY * SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION * OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN * CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. */ #include <limits.h> #include <stdio.h> #include <string.h> #include <time.h> #include <algorithm> #include <limits> #include <string> #include <utility> #include <vector> #include <gmock/gmock.h> #include <gtest/gtest.h> #include <openssl/aead.h> #include <openssl/base64.h> #include <openssl/bytestring.h> #include <openssl/bio.h> #include <openssl/cipher.h> #include <openssl/crypto.h> #include <openssl/curve25519.h> #include <openssl/err.h> #include <openssl/hmac.h> #include <openssl/hpke.h> #include <openssl/pem.h> #include <openssl/sha.h> #include <openssl/ssl.h> #include <openssl/rand.h> #include <openssl/x509.h> #include "internal.h" #include "../crypto/internal.h" #include "../crypto/test/file_util.h" #include "../crypto/test/test_util.h" #if defined(OPENSSL_WINDOWS) // Windows defines struct timeval in winsock2.h. OPENSSL_MSVC_PRAGMA(warning(push, 3)) #include <winsock2.h> OPENSSL_MSVC_PRAGMA(warning(pop)) #else #include <sys/time.h> #endif #if defined(OPENSSL_THREADS) #include <thread> #endif ElementsAre; Key; BSSL_NAMESPACE_BEGIN namespace { #define TRACED_CALL(code) … struct VersionParam { … }; static const size_t kTicketKeyLen = …; static const VersionParam kAllVersions[] = …; struct ExpectedCipher { … }; struct CipherTest { … }; struct CurveTest { … }; template <typename T> class UnownedSSLExData { … }; static const CipherTest kCipherTests[] = …; static const char *kBadRules[] = …; static const char *kMustNotIncludeDeprecated[] = …; static const char* kShouldIncludeCBCSHA256[] = …; static const CurveTest kCurveTests[] = …; static const char *kBadCurvesLists[] = …; static std::string CipherListToString(SSL_CTX *ctx) { … } static bool CipherListsEqual(SSL_CTX *ctx, const std::vector<ExpectedCipher> &expected) { … } TEST(GrowableArrayTest, Resize) { … } TEST(GrowableArrayTest, MoveConstructor) { … } TEST(GrowableArrayTest, GrowableArrayContainingGrowableArrays) { … } TEST(ReconstructSeqnumTest, Increment) { … } TEST(ReconstructSeqnumTest, Decrement) { … } TEST(ReconstructSeqnumTest, Halfway) { … } TEST(SSLTest, CipherRules) { … } TEST(SSLTest, CurveRules) { … } // kOpenSSLSession is a serialized SSL_SESSION. static const char kOpenSSLSession[] = …; // kCustomSession is a custom serialized SSL_SESSION generated by // filling in missing fields from |kOpenSSLSession|. This includes // providing |peer_sha256|, so |peer| is not serialized. static const char kCustomSession[] = …; // kBoringSSLSession is a serialized SSL_SESSION generated from bssl client. static const char kBoringSSLSession[] = …; // kBadSessionExtraField is a custom serialized SSL_SESSION generated by replacing // the final (optional) element of |kCustomSession| with tag number 99. static const char kBadSessionExtraField[] = …; // kBadSessionVersion is a custom serialized SSL_SESSION generated by replacing // the version of |kCustomSession| with 2. static const char kBadSessionVersion[] = …; // kBadSessionTrailingData is a custom serialized SSL_SESSION with trailing data // appended. static const char kBadSessionTrailingData[] = …; static bool DecodeBase64(std::vector<uint8_t> *out, const char *in) { … } static bool DecodeLowerHex(std::vector<uint8_t> *out, bssl::Span<const char> in) { … } TEST(SSLTest, SessionEncoding) { … } static void ExpectDefaultVersion(uint16_t min_version, uint16_t max_version, const SSL_METHOD *(*method)(void)) { … } TEST(SSLTest, DefaultVersion) { … } TEST(SSLTest, CipherProperties) { … } // CreateSessionWithTicket returns a sample |SSL_SESSION| with the specified // version and ticket length or nullptr on failure. static bssl::UniquePtr<SSL_SESSION> CreateSessionWithTicket(uint16_t version, size_t ticket_len) { … } static bool GetClientHello(SSL *ssl, std::vector<uint8_t> *out) { … } // GetClientHelloLen creates a client SSL connection with the specified version // and ticket length. It returns the length of the ClientHello, not including // the record header, on success and zero on error. static size_t GetClientHelloLen(uint16_t max_version, uint16_t session_version, size_t ticket_len) { … } TEST(SSLTest, Padding) { … } static bssl::UniquePtr<X509> CertFromPEM(const char *pem) { … } static bssl::UniquePtr<EVP_PKEY> KeyFromPEM(const char *pem) { … } static bssl::UniquePtr<CRYPTO_BUFFER> BufferFromPEM(const char *pem) { … } static bssl::UniquePtr<X509> X509FromBuffer( bssl::UniquePtr<CRYPTO_BUFFER> buffer) { … } static bssl::UniquePtr<X509> GetTestCertificate() { … } static bssl::UniquePtr<EVP_PKEY> GetTestKey() { … } static bssl::UniquePtr<SSL_CTX> CreateContextWithTestCertificate( const SSL_METHOD *method) { … } static bssl::UniquePtr<CRYPTO_BUFFER> GetECDSATestCertificateBuffer() { … } static bssl::UniquePtr<X509> GetECDSATestCertificate() { … } static bssl::UniquePtr<EVP_PKEY> GetECDSATestKey() { … } static bssl::UniquePtr<CRYPTO_BUFFER> GetChainTestCertificateBuffer() { … } static bssl::UniquePtr<X509> GetChainTestCertificate() { … } static bssl::UniquePtr<CRYPTO_BUFFER> GetChainTestIntermediateBuffer() { … } static bssl::UniquePtr<X509> GetChainTestIntermediate() { … } static bssl::UniquePtr<EVP_PKEY> GetChainTestKey() { … } static bool CompleteHandshakes(SSL *client, SSL *server) { … } static bool FlushNewSessionTickets(SSL *client, SSL *server) { … } // CreateClientAndServer creates a client and server |SSL| objects whose |BIO|s // are paired with each other. It does not run the handshake. The caller is // expected to configure the objects and drive the handshake as needed. static bool CreateClientAndServer(bssl::UniquePtr<SSL> *out_client, bssl::UniquePtr<SSL> *out_server, SSL_CTX *client_ctx, SSL_CTX *server_ctx) { … } struct ClientConfig { … }; static bool ConnectClientAndServer(bssl::UniquePtr<SSL> *out_client, bssl::UniquePtr<SSL> *out_server, SSL_CTX *client_ctx, SSL_CTX *server_ctx, const ClientConfig &config = ClientConfig(), bool shed_handshake_config = true) { … } static bssl::UniquePtr<SSL_SESSION> g_last_session; static int SaveLastSession(SSL *ssl, SSL_SESSION *session) { … } static bssl::UniquePtr<SSL_SESSION> CreateClientSession( SSL_CTX *client_ctx, SSL_CTX *server_ctx, const ClientConfig &config = ClientConfig()) { … } static void SetUpExpectedNewCodePoint(SSL_CTX *ctx) { … } static void SetUpExpectedOldCodePoint(SSL_CTX *ctx) { … } // Test that |SSL_get_client_CA_list| echoes back the configured parameter even // before configuring as a server. TEST(SSLTest, ClientCAList) { … } TEST(SSLTest, AddClientCA) { … } struct ECHConfigParams { … }; // MakeECHConfig serializes an ECHConfig from |params| and writes it to // |*out|. bool MakeECHConfig(std::vector<uint8_t> *out, const ECHConfigParams ¶ms) { … } static bssl::UniquePtr<SSL_ECH_KEYS> MakeTestECHKeys(uint8_t config_id = 1) { … } static bool InstallECHConfigList(SSL *client, const SSL_ECH_KEYS *keys) { … } // Test that |SSL_marshal_ech_config| and |SSL_ECH_KEYS_marshal_retry_configs| // output values as expected. TEST(SSLTest, MarshalECHConfig) { … } TEST(SSLTest, ECHHasDuplicateConfigID) { … } // Test that |SSL_ECH_KEYS_add| checks consistency between the public and // private key. TEST(SSLTest, ECHKeyConsistency) { … } // Test that |SSL_CTX_set1_ech_keys| fails when the config list // has no retry configs. TEST(SSLTest, ECHServerConfigsWithoutRetryConfigs) { … } // Test that the server APIs reject ECHConfigs with unsupported features. TEST(SSLTest, UnsupportedECHConfig) { … } // Test that |SSL_get_client_random| reports the correct value on both client // and server in ECH. The client sends two different random values. When ECH is // accepted, we should report the inner one. TEST(SSLTest, ECHClientRandomsMatch) { … } // GetECHLength sets |*out_client_hello_len| and |*out_ech_len| to the lengths // of the ClientHello and ECH extension, respectively, when a client created // from |ctx| constructs a ClientHello with name |name| and an ECHConfig with // maximum name length |max_name_len|. static bool GetECHLength(SSL_CTX *ctx, size_t *out_client_hello_len, size_t *out_ech_len, size_t max_name_len, const char *name) { … } TEST(SSLTest, ECHPadding) { … } TEST(SSLTest, ECHPublicName) { … } // When using the built-in verifier, test that |SSL_get0_ech_name_override| is // applied automatically. TEST(SSLTest, ECHBuiltinVerifier) { … } #if defined(OPENSSL_THREADS) // Test that the server ECH config can be swapped out while the |SSL_CTX| is // in use on other threads. This test is intended to be run with TSan. TEST(SSLTest, ECHThreads) { … } #endif // OPENSSL_THREADS TEST(SSLTest, TLS13ExporterAvailability) { … } static void AppendSession(SSL_SESSION *session, void *arg) { … } // CacheEquals returns true if |ctx|'s session cache consists of |expected|, in // order. static bool CacheEquals(SSL_CTX *ctx, const std::vector<SSL_SESSION*> &expected) { … } static bssl::UniquePtr<SSL_SESSION> CreateTestSession(uint32_t number) { … } // Test that the internal session cache behaves as expected. TEST(SSLTest, InternalSessionCache) { … } static uint16_t EpochFromSequence(uint64_t seq) { … } static const uint8_t kTestName[] = …; // SSLVersionTest executes its test cases under all available protocol versions. // Test cases call |Connect| to create a connection using context objects with // the protocol version fixed to the current version under test. class SSLVersionTest : public ::testing::TestWithParam<VersionParam> { … }; INSTANTIATE_TEST_SUITE_P(…); TEST_P(SSLVersionTest, SequenceNumber) { … } TEST_P(SSLVersionTest, OneSidedShutdown) { … } // Test that, after calling |SSL_shutdown|, |SSL_write| fails. TEST_P(SSLVersionTest, WriteAfterShutdown) { … } // Test that, after sending a fatal alert in a failed |SSL_read|, |SSL_write| // fails. TEST_P(SSLVersionTest, WriteAfterReadSentFatalAlert) { … } // Test that, after sending a fatal alert from the handshake, |SSL_write| fails. TEST_P(SSLVersionTest, WriteAfterHandshakeSentFatalAlert) { … } // Test that, after seeing TLS 1.2 in response to early data, |SSL_write| // continues to report |SSL_R_WRONG_VERSION_ON_EARLY_DATA|. See // https://crbug.com/1078515. TEST(SSLTest, WriteAfterWrongVersionOnEarlyData) { … } TEST(SSLTest, SessionDuplication) { … } static void ExpectFDs(const SSL *ssl, int rfd, int wfd) { … } TEST(SSLTest, SetFD) { … } TEST(SSLTest, SetBIO) { … } static int VerifySucceed(X509_STORE_CTX *store_ctx, void *arg) { … } TEST_P(SSLVersionTest, GetPeerCertificate) { … } TEST_P(SSLVersionTest, NoPeerCertificate) { … } TEST_P(SSLVersionTest, RetainOnlySHA256OfCerts) { … } // Tests that our ClientHellos do not change unexpectedly. These are purely // change detection tests. If they fail as part of an intentional ClientHello // change, update the test vector. TEST(SSLTest, ClientHello) { … } static void ExpectSessionReused(SSL_CTX *client_ctx, SSL_CTX *server_ctx, SSL_SESSION *session, bool want_reused) { … } static bssl::UniquePtr<SSL_SESSION> ExpectSessionRenewed(SSL_CTX *client_ctx, SSL_CTX *server_ctx, SSL_SESSION *session) { … } static void ExpectTicketKeyChanged(SSL_CTX *ctx, uint8_t *inout_key, bool changed) { … } static int SwitchSessionIDContextSNI(SSL *ssl, int *out_alert, void *arg) { … } TEST_P(SSLVersionTest, SessionIDContext) { … } static timeval g_current_time; static void CurrentTimeCallback(const SSL *ssl, timeval *out_clock) { … } static void FrozenTimeCallback(const SSL *ssl, timeval *out_clock) { … } static int RenewTicketCallback(SSL *ssl, uint8_t *key_name, uint8_t *iv, EVP_CIPHER_CTX *ctx, HMAC_CTX *hmac_ctx, int encrypt) { … } static bool GetServerTicketTime(long *out, const SSL_SESSION *session) { … } TEST_P(SSLVersionTest, SessionTimeout) { … } TEST_P(SSLVersionTest, DefaultTicketKeyInitialization) { … } TEST_P(SSLVersionTest, DefaultTicketKeyRotation) { … } static int SwitchContext(SSL *ssl, int *out_alert, void *arg) { … } TEST_P(SSLVersionTest, SNICallback) { … } // Test that the early callback can swap the maximum version. TEST(SSLTest, EarlyCallbackVersionSwitch) { … } TEST(SSLTest, SetVersion) { … } static const char *GetVersionName(uint16_t version) { … } TEST_P(SSLVersionTest, Version) { … } // Tests that that |SSL_get_pending_cipher| is available during the ALPN // selection callback. TEST_P(SSLVersionTest, ALPNCipherAvailable) { … } TEST_P(SSLVersionTest, SSLClearSessionResumption) { … } TEST_P(SSLVersionTest, SSLClearFailsWithShedding) { … } static bool ChainsEqual(const STACK_OF(X509) *chain, const std::vector<X509 *> &expected) { … } static bool BuffersEqual(const STACK_OF(CRYPTO_BUFFER) *chain, const std::vector<CRYPTO_BUFFER *> &expected) { … } TEST_P(SSLVersionTest, AutoChain) { … } static bool ExpectSingleError(int lib, int reason) { … } TEST_P(SSLVersionTest, SSLWriteRetry) { … } TEST_P(SSLVersionTest, RecordCallback) { … } TEST_P(SSLVersionTest, GetServerName) { … } // Test that session cache mode bits are honored in the client session callback. TEST_P(SSLVersionTest, ClientSessionCacheMode) { … } // Test that all versions survive tiny write buffers. In particular, TLS 1.3 // NewSessionTickets are written post-handshake. Servers that block // |SSL_do_handshake| on writing them will deadlock if clients are not draining // the buffer. Test that we do not do this. TEST_P(SSLVersionTest, SmallBuffer) { … } TEST(SSLTest, AddChainCertHack) { … } TEST(SSLTest, GetCertificate) { … } TEST(SSLTest, SetChainAndKeyMismatch) { … } TEST(SSLTest, CertThenKeyMismatch) { … } TEST(SSLTest, KeyThenCertMismatch) { … } TEST(SSLTest, OverrideCertAndKey) { … } TEST(SSLTest, OverrideKeyMethodWithKey) { … } // Configuring a chain and then overwriting it with a different chain should // clear the old one. TEST(SSLTest, OverrideChain) { … } TEST(SSLTest, OverrideChainAndKey) { … } TEST(SSLTest, OverrideCredentialChain) { … } TEST(SSLTest, SetChainAndKeyCtx) { … } TEST(SSLTest, SetChainAndKeySSL) { … } TEST(SSLTest, BuffersFailWithoutCustomVerify) { … } TEST(SSLTest, CustomVerify) { … } TEST(SSLTest, ClientCABuffers) { … } // Configuring the empty cipher list, though an error, should still modify the // configuration. TEST(SSLTest, EmptyCipherList) { … } // ssl_test_ticket_aead_failure_mode enumerates the possible ways in which the // test |SSL_TICKET_AEAD_METHOD| can fail. enum ssl_test_ticket_aead_failure_mode { … }; struct ssl_test_ticket_aead_state { … }; static int ssl_test_ticket_aead_ex_index_dup(CRYPTO_EX_DATA *to, const CRYPTO_EX_DATA *from, void **from_d, int index, long argl, void *argp) { … } static void ssl_test_ticket_aead_ex_index_free(void *parent, void *ptr, CRYPTO_EX_DATA *ad, int index, long argl, void *argp) { … } static CRYPTO_once_t g_ssl_test_ticket_aead_ex_index_once = …; static int g_ssl_test_ticket_aead_ex_index; static int ssl_test_ticket_aead_get_ex_index() { … } static size_t ssl_test_ticket_aead_max_overhead(SSL *ssl) { … } static int ssl_test_ticket_aead_seal(SSL *ssl, uint8_t *out, size_t *out_len, size_t max_out_len, const uint8_t *in, size_t in_len) { … } static ssl_ticket_aead_result_t ssl_test_ticket_aead_open( SSL *ssl, uint8_t *out, size_t *out_len, size_t max_out_len, const uint8_t *in, size_t in_len) { … } static const SSL_TICKET_AEAD_METHOD kSSLTestTicketMethod = …; static void ConnectClientAndServerWithTicketMethod( bssl::UniquePtr<SSL> *out_client, bssl::UniquePtr<SSL> *out_server, SSL_CTX *client_ctx, SSL_CTX *server_ctx, unsigned retry_count, ssl_test_ticket_aead_failure_mode failure_mode, SSL_SESSION *session) { … } TicketAEADMethodParam; class TicketAEADMethodTest : public ::testing::TestWithParam<TicketAEADMethodParam> { … }; TEST_P(TicketAEADMethodTest, Resume) { … } std::string TicketAEADMethodParamToString( const testing::TestParamInfo<TicketAEADMethodParam> ¶ms) { … } INSTANTIATE_TEST_SUITE_P(…); TEST(SSLTest, SelectNextProto) { … } // The client should gracefully handle no suitable ciphers being enabled. TEST(SSLTest, NoCiphersAvailable) { … } TEST_P(SSLVersionTest, SessionVersion) { … } TEST_P(SSLVersionTest, SSLPending) { … } // Test that post-handshake tickets consumed by |SSL_shutdown| are ignored. TEST(SSLTest, ShutdownIgnoresTickets) { … } TEST(SSLTest, SignatureAlgorithmProperties) { … } static int XORCompressFunc(SSL *ssl, CBB *out, const uint8_t *in, size_t in_len) { … } static int XORDecompressFunc(SSL *ssl, CRYPTO_BUFFER **out, size_t uncompressed_len, const uint8_t *in, size_t in_len) { … } TEST(SSLTest, CertCompression) { … } void MoveBIOs(SSL *dest, SSL *src) { … } void VerifyHandoff(bool use_new_alps_codepoint) { … } TEST(SSLTest, Handoff) { … } TEST(SSLTest, HandoffDeclined) { … } static std::string SigAlgsToString(Span<const uint16_t> sigalgs) { … } void ExpectSigAlgsEqual(Span<const uint16_t> expected, Span<const uint16_t> actual) { … } TEST(SSLTest, SigAlgs) { … } TEST(SSLTest, SigAlgsList) { … } TEST(SSLTest, ApplyHandoffRemovesUnsupportedCiphers) { … } TEST(SSLTest, ApplyHandoffRemovesUnsupportedCurves) { … } TEST(SSLTest, ZeroSizedWiteFlushesHandshakeMessages) { … } TEST_P(SSLVersionTest, VerifyBeforeCertRequest) { … } // Test that ticket-based sessions on the client get fake session IDs. TEST_P(SSLVersionTest, FakeIDsForTickets) { … } // These tests test multi-threaded behavior. They are intended to run with // ThreadSanitizer. #if defined(OPENSSL_THREADS) TEST_P(SSLVersionTest, SessionCacheThreads) { … } TEST_P(SSLVersionTest, SessionTicketThreads) { … } // SSL_CTX_get0_certificate needs to lock internally. Test this works. TEST(SSLTest, GetCertificateThreads) { … } // Functions which access properties on the negotiated session are thread-safe // where needed. Prior to TLS 1.3, clients resuming sessions and servers // performing stateful resumption will share an underlying SSL_SESSION object, // potentially across threads. TEST_P(SSLVersionTest, SessionPropertiesThreads) { … } static void SetValueOnFree(void *parent, void *ptr, CRYPTO_EX_DATA *ad, int index, long argl, void *argp) { … } // Test that one thread can register ex_data while another thread is destroying // an object that uses it. TEST(SSLTest, ExDataThreads) { … } #endif // OPENSSL_THREADS constexpr size_t kNumQUICLevels = …; static_assert …; static_assert …; static_assert …; static_assert …; const char *LevelToString(ssl_encryption_level_t level) { … } class MockQUICTransport { … }; class MockQUICTransportPair { … }; class QUICMethodTest : public testing::Test { … }; UnownedSSLExData<MockQUICTransport> QUICMethodTest::ex_data_; // Test a full handshake and resumption work. TEST_F(QUICMethodTest, Basic) { … } // Test that HelloRetryRequest in QUIC works. TEST_F(QUICMethodTest, HelloRetryRequest) { … } // Test that the client does not send a legacy_session_id in the ClientHello. TEST_F(QUICMethodTest, NoLegacySessionId) { … } // Test that, even in a 1-RTT handshake, the server installs keys at the right // time. Half-RTT keys are available early, but 1-RTT read keys are deferred. TEST_F(QUICMethodTest, HalfRTTKeys) { … } TEST_F(QUICMethodTest, ZeroRTTAccept) { … } TEST_F(QUICMethodTest, ZeroRTTRejectMismatchedParameters) { … } TEST_F(QUICMethodTest, NoZeroRTTTicketWithoutEarlyDataContext) { … } TEST_F(QUICMethodTest, ZeroRTTReject) { … } TEST_F(QUICMethodTest, NoZeroRTTKeysBeforeReverify) { … } // Test only releasing data to QUIC one byte at a time on request, to maximize // state machine pauses. Additionally, test that existing asynchronous callbacks // still work. TEST_F(QUICMethodTest, Async) { … } // Test buffering write data until explicit flushes. TEST_F(QUICMethodTest, Buffered) { … } // Test that excess data at one level is rejected. That is, if a single // |SSL_provide_quic_data| call included both ServerHello and // EncryptedExtensions in a single chunk, BoringSSL notices and rejects this on // key change. TEST_F(QUICMethodTest, ExcessProvidedData) { … } // Test that |SSL_provide_quic_data| will reject data at the wrong level. TEST_F(QUICMethodTest, ProvideWrongLevel) { … } TEST_F(QUICMethodTest, TooMuchData) { … } // Provide invalid post-handshake data. TEST_F(QUICMethodTest, BadPostHandshake) { … } static void ExpectReceivedTransportParamsEqual(const SSL *ssl, Span<const uint8_t> expected) { … } TEST_F(QUICMethodTest, SetTransportParameters) { … } TEST_F(QUICMethodTest, SetTransportParamsInCallback) { … } TEST_F(QUICMethodTest, ForbidCrossProtocolResumptionClient) { … } TEST_F(QUICMethodTest, ForbidCrossProtocolResumptionServer) { … } TEST_F(QUICMethodTest, ClientRejectsMissingTransportParams) { … } TEST_F(QUICMethodTest, ServerRejectsMissingTransportParams) { … } TEST_F(QUICMethodTest, QuicLegacyCodepointEnabled) { … } TEST_F(QUICMethodTest, QuicLegacyCodepointDisabled) { … } TEST_F(QUICMethodTest, QuicLegacyCodepointClientOnly) { … } TEST_F(QUICMethodTest, QuicLegacyCodepointServerOnly) { … } // Test that the default QUIC code point is consistent with // |TLSEXT_TYPE_quic_transport_parameters|. This test ensures we remember to // update the two values together. TEST_F(QUICMethodTest, QuicCodePointDefault) { … } extern "C" { int BORINGSSL_enum_c_type_test(void); } TEST(SSLTest, EnumTypes) { … } TEST_P(SSLVersionTest, DoubleSSLError) { … } TEST_P(SSLVersionTest, SameKeyResume) { … } TEST_P(SSLVersionTest, DifferentKeyNoResume) { … } TEST_P(SSLVersionTest, UnrelatedServerNoResume) { … } Span<const uint8_t> SessionIDOf(const SSL* ssl) { … } TEST_P(SSLVersionTest, TicketSessionIDsMatch) { … } static void WriteHelloRequest(SSL *server) { … } TEST(SSLTest, WriteWhileExplicitRenegotiate) { … } TEST(SSLTest, ConnectionPropertiesDuringRenegotiate) { … } TEST(SSLTest, CopyWithoutEarlyData) { … } TEST(SSLTest, ProcessTLS13NewSessionTicket) { … } TEST(SSLTest, BIO) { … } TEST(SSLTest, ALPNConfig) { … } // This is a basic unit-test class to verify completing handshake successfully, // sending the correct codepoint extension and having correct application // setting on different combination of ALPS codepoint settings. More integration // tests on runner.go. class AlpsNewCodepointTest : public testing::Test { … }; TEST_F(AlpsNewCodepointTest, Enabled) { … } TEST_F(AlpsNewCodepointTest, Disabled) { … } TEST_F(AlpsNewCodepointTest, ClientOnly) { … } TEST_F(AlpsNewCodepointTest, ServerOnly) { … } // Test that the key usage checker can correctly handle issuerUID and // subjectUID. See https://crbug.com/1199744. TEST(SSLTest, KeyUsageWithUIDs) { … } // Test that |SSL_can_release_private_key| reports true as early as expected. // The internal asserts in the library check we do not report true too early. TEST(SSLTest, CanReleasePrivateKey) { … } // GetExtensionOrder sets |*out| to the list of extensions a client attached to // |ctx| will send in the ClientHello. If |ech_keys| is non-null, the client // will offer ECH with the public component. If |decrypt_ech| is true, |*out| // will be set to the ClientHelloInner's extensions, rather than // ClientHelloOuter. static bool GetExtensionOrder(SSL_CTX *client_ctx, std::vector<uint16_t> *out, SSL_ECH_KEYS *ech_keys, bool decrypt_ech) { … } // Test that, when extension permutation is enabled, the ClientHello extension // order changes, both with and without ECH, and in both ClientHelloInner and // ClientHelloOuter. TEST(SSLTest, PermuteExtensions) { … } TEST(SSLTest, HostMatching) { … } TEST(SSLTest, NumTickets) { … } TEST(SSLTest, CertSubjectsToStack) { … } TEST(SSLTest, EmptyClientCAList) { … } TEST(SSLTest, EmptyWriteBlockedOnHandshakeData) { … } // Test that |SSL_ERROR_SYSCALL| continues to work after a close_notify. TEST(SSLTest, ErrorSyscallAfterCloseNotify) { … } // Test that |SSL_shutdown|, when quiet shutdown is enabled, simulates receiving // a close_notify, down to |SSL_read| reporting |SSL_ERROR_ZERO_RETURN|. TEST(SSLTest, QuietShutdown) { … } TEST(SSLTest, InvalidSignatureAlgorithm) { … } TEST(SSLTest, InvalidGroups) { … } TEST(SSLTest, NameLists) { … } // Test that it is possible for the certificate to be configured on a mix of // SSL_CTX and SSL. This ensures that we do not inadvertently overshare objects // in SSL_new. TEST(SSLTest, MixContextAndConnection) { … } // Test that the server handshake cleanly fails if it had no certificate // configured, at all versions. TEST_P(SSLVersionTest, NoCertOrKey) { … } TEST_P(SSLVersionTest, KeyLog) { … } } // namespace BSSL_NAMESPACE_END
Codebase Browser
chromium