gitee.com/ks-custle/core-gm@v0.0.0-20230922171213-b83bdd97b62c/gmtls/auth_test.go (about) 1 // Copyright (c) 2022 zhaochun 2 // core-gm is licensed under Mulan PSL v2. 3 // You can use this software according to the terms and conditions of the Mulan PSL v2. 4 // You may obtain a copy of Mulan PSL v2 at: 5 // http://license.coscl.org.cn/MulanPSL2 6 // THIS SOFTWARE IS PROVIDED ON AN "AS IS" BASIS, WITHOUT WARRANTIES OF ANY KIND, EITHER EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO NON-INFRINGEMENT, MERCHANTABILITY OR FIT FOR A PARTICULAR PURPOSE. 7 // See the Mulan PSL v2 for more details. 8 9 /* 10 gmtls是基于`golang/go`的`tls`包实现的国密改造版本。 11 对应版权声明: thrid_licenses/github.com/golang/go/LICENSE 12 */ 13 14 package gmtls 15 16 import ( 17 "testing" 18 19 "gitee.com/ks-custle/core-gm/x509" 20 ) 21 22 func TestSignatureSelection(t *testing.T) { 23 rsaCert := &Certificate{ 24 Certificate: [][]byte{testRSACertificate}, 25 PrivateKey: testRSAPrivateKey, 26 } 27 pkcs1Cert := &Certificate{ 28 Certificate: [][]byte{testRSACertificate}, 29 PrivateKey: testRSAPrivateKey, 30 SupportedSignatureAlgorithms: []SignatureScheme{PKCS1WithSHA1, PKCS1WithSHA256}, 31 } 32 ecdsaCert := &Certificate{ 33 Certificate: [][]byte{testP256Certificate}, 34 PrivateKey: testP256PrivateKey, 35 } 36 ed25519Cert := &Certificate{ 37 Certificate: [][]byte{testEd25519Certificate}, 38 PrivateKey: testEd25519PrivateKey, 39 } 40 41 tests := []struct { 42 cert *Certificate 43 peerSigAlgs []SignatureScheme 44 tlsVersion uint16 45 46 expectedSigAlg SignatureScheme 47 expectedSigType uint8 48 expectedHash x509.Hash 49 }{ 50 {rsaCert, []SignatureScheme{PKCS1WithSHA1, PKCS1WithSHA256}, VersionTLS12, PKCS1WithSHA1, signaturePKCS1v15, x509.SHA1}, 51 {rsaCert, []SignatureScheme{PKCS1WithSHA512, PKCS1WithSHA1}, VersionTLS12, PKCS1WithSHA512, signaturePKCS1v15, x509.SHA512}, 52 {rsaCert, []SignatureScheme{PSSWithSHA256, PKCS1WithSHA256}, VersionTLS12, PSSWithSHA256, signatureRSAPSS, x509.SHA256}, 53 {pkcs1Cert, []SignatureScheme{PSSWithSHA256, PKCS1WithSHA256}, VersionTLS12, PKCS1WithSHA256, signaturePKCS1v15, x509.SHA256}, 54 {rsaCert, []SignatureScheme{PSSWithSHA384, PKCS1WithSHA1}, VersionTLS13, PSSWithSHA384, signatureRSAPSS, x509.SHA384}, 55 {ecdsaCert, []SignatureScheme{ECDSAWithSHA1}, VersionTLS12, ECDSAWithSHA1, signatureECDSA, x509.SHA1}, 56 {ecdsaCert, []SignatureScheme{ECDSAWithP256AndSHA256}, VersionTLS12, ECDSAWithP256AndSHA256, signatureECDSA, x509.SHA256}, 57 {ecdsaCert, []SignatureScheme{ECDSAWithP256AndSHA256}, VersionTLS13, ECDSAWithP256AndSHA256, signatureECDSA, x509.SHA256}, 58 {ed25519Cert, []SignatureScheme{Ed25519}, VersionTLS12, Ed25519, signatureEd25519, directSigning}, 59 {ed25519Cert, []SignatureScheme{Ed25519}, VersionTLS13, Ed25519, signatureEd25519, directSigning}, 60 61 // TLS 1.2 without signature_algorithms extension 62 {rsaCert, nil, VersionTLS12, PKCS1WithSHA1, signaturePKCS1v15, x509.SHA1}, 63 {ecdsaCert, nil, VersionTLS12, ECDSAWithSHA1, signatureECDSA, x509.SHA1}, 64 65 // TLS 1.2 does not restrict the ECDSA curve (our ecdsaCert is P-256) 66 {ecdsaCert, []SignatureScheme{ECDSAWithP384AndSHA384}, VersionTLS12, ECDSAWithP384AndSHA384, signatureECDSA, x509.SHA384}, 67 } 68 69 for testNo, test := range tests { 70 sigAlg, err := selectSignatureScheme(test.tlsVersion, test.cert, test.peerSigAlgs) 71 if err != nil { 72 t.Errorf("test[%d]: unexpected selectSignatureScheme error: %v", testNo, err) 73 } 74 if test.expectedSigAlg != sigAlg { 75 t.Errorf("test[%d]: expected signature scheme %v, got %v", testNo, test.expectedSigAlg, sigAlg) 76 } 77 sigType, hashFunc, err := typeAndHashFromSignatureScheme(sigAlg) 78 if err != nil { 79 t.Errorf("test[%d]: unexpected typeAndHashFromSignatureScheme error: %v", testNo, err) 80 } 81 if test.expectedSigType != sigType { 82 t.Errorf("test[%d]: expected signature algorithm %#x, got %#x", testNo, test.expectedSigType, sigType) 83 } 84 if test.expectedHash != hashFunc { 85 t.Errorf("test[%d]: expected hash function %#x, got %#x", testNo, test.expectedHash, hashFunc) 86 } 87 } 88 89 brokenCert := &Certificate{ 90 Certificate: [][]byte{testRSACertificate}, 91 PrivateKey: testRSAPrivateKey, 92 SupportedSignatureAlgorithms: []SignatureScheme{Ed25519}, 93 } 94 95 badTests := []struct { 96 cert *Certificate 97 peerSigAlgs []SignatureScheme 98 tlsVersion uint16 99 }{ 100 {rsaCert, []SignatureScheme{ECDSAWithP256AndSHA256, ECDSAWithSHA1}, VersionTLS12}, 101 {ecdsaCert, []SignatureScheme{PKCS1WithSHA256, PKCS1WithSHA1}, VersionTLS12}, 102 {rsaCert, []SignatureScheme{0}, VersionTLS12}, 103 {ed25519Cert, []SignatureScheme{ECDSAWithP256AndSHA256, ECDSAWithSHA1}, VersionTLS12}, 104 {ecdsaCert, []SignatureScheme{Ed25519}, VersionTLS12}, 105 {brokenCert, []SignatureScheme{Ed25519}, VersionTLS12}, 106 {brokenCert, []SignatureScheme{PKCS1WithSHA256}, VersionTLS12}, 107 // RFC 5246, Section 7.4.1.4.1, says to only consider {sha1,ecdsa} as 108 // default when the extension is missing, and RFC 8422 does not update 109 // it. Anyway, if a stack supports Ed25519 it better support sigalgs. 110 {ed25519Cert, nil, VersionTLS12}, 111 // TLS 1.3 has no default signature_algorithms. 112 {rsaCert, nil, VersionTLS13}, 113 {ecdsaCert, nil, VersionTLS13}, 114 {ed25519Cert, nil, VersionTLS13}, 115 // Wrong curve, which TLS 1.3 checks 116 {ecdsaCert, []SignatureScheme{ECDSAWithP384AndSHA384}, VersionTLS13}, 117 // TLS 1.3 does not support PKCS1v1.5 or SHA-1. 118 {rsaCert, []SignatureScheme{PKCS1WithSHA256}, VersionTLS13}, 119 {pkcs1Cert, []SignatureScheme{PSSWithSHA256, PKCS1WithSHA256}, VersionTLS13}, 120 {ecdsaCert, []SignatureScheme{ECDSAWithSHA1}, VersionTLS13}, 121 // The key can be too small for the hash. 122 {rsaCert, []SignatureScheme{PSSWithSHA512}, VersionTLS12}, 123 } 124 125 for testNo, test := range badTests { 126 sigAlg, err := selectSignatureScheme(test.tlsVersion, test.cert, test.peerSigAlgs) 127 if err == nil { 128 t.Errorf("test[%d]: unexpected success, got %v", testNo, sigAlg) 129 } 130 } 131 } 132 133 func TestLegacyTypeAndHash(t *testing.T) { 134 sigType, hashFunc, err := legacyTypeAndHashFromPublicKey(testRSAPrivateKey.Public()) 135 if err != nil { 136 t.Errorf("RSA: unexpected error: %v", err) 137 } 138 if expectedSigType := signaturePKCS1v15; expectedSigType != sigType { 139 t.Errorf("RSA: expected signature type %#x, got %#x", expectedSigType, sigType) 140 } 141 if expectedHashFunc := x509.MD5SHA1; expectedHashFunc != hashFunc { 142 t.Errorf("RSA: expected hash %#x, got %#x", expectedHashFunc, hashFunc) 143 } 144 145 sigType, hashFunc, err = legacyTypeAndHashFromPublicKey(testECDSAPrivateKey.Public()) 146 if err != nil { 147 t.Errorf("ECDSA: unexpected error: %v", err) 148 } 149 if expectedSigType := signatureECDSA; expectedSigType != sigType { 150 t.Errorf("ECDSA: expected signature type %#x, got %#x", expectedSigType, sigType) 151 } 152 if expectedHashFunc := x509.SHA1; expectedHashFunc != hashFunc { 153 t.Errorf("ECDSA: expected hash %#x, got %#x", expectedHashFunc, hashFunc) 154 } 155 156 // Ed25519 is not supported by TLS 1.0 and 1.1. 157 _, _, err = legacyTypeAndHashFromPublicKey(testEd25519PrivateKey.Public()) 158 if err == nil { 159 t.Errorf("Ed25519: unexpected success") 160 } 161 } 162 163 // TestSupportedSignatureAlgorithms checks that all supportedSignatureAlgorithms 164 // have valid type and hash information. 165 func TestSupportedSignatureAlgorithms(t *testing.T) { 166 for _, sigAlg := range supportedSignatureAlgorithms { 167 sigType, hash, err := typeAndHashFromSignatureScheme(sigAlg) 168 if err != nil { 169 t.Errorf("%v: unexpected error: %v", sigAlg, err) 170 } 171 if sigType == 0 { 172 t.Errorf("%v: missing signature type", sigAlg) 173 } 174 if hash == 0 && sigAlg != Ed25519 { 175 t.Errorf("%v: missing hash", sigAlg) 176 } 177 } 178 }