github.com/hxx258456/ccgo@v0.0.5-0.20230213014102-48b35f46f66f/gmtls/auth_test.go (about) 1 // Copyright 2022 s1ren@github.com/hxx258456. 2 3 /* 4 gmtls是基于`golang/go`的`tls`包实现的国密改造版本。 5 对应版权声明: thrid_licenses/github.com/golang/go/LICENSE 6 */ 7 8 package gmtls 9 10 import ( 11 "testing" 12 13 "github.com/hxx258456/ccgo/x509" 14 ) 15 16 func TestSignatureSelection(t *testing.T) { 17 rsaCert := &Certificate{ 18 Certificate: [][]byte{testRSACertificate}, 19 PrivateKey: testRSAPrivateKey, 20 } 21 pkcs1Cert := &Certificate{ 22 Certificate: [][]byte{testRSACertificate}, 23 PrivateKey: testRSAPrivateKey, 24 SupportedSignatureAlgorithms: []SignatureScheme{PKCS1WithSHA1, PKCS1WithSHA256}, 25 } 26 ecdsaCert := &Certificate{ 27 Certificate: [][]byte{testP256Certificate}, 28 PrivateKey: testP256PrivateKey, 29 } 30 ed25519Cert := &Certificate{ 31 Certificate: [][]byte{testEd25519Certificate}, 32 PrivateKey: testEd25519PrivateKey, 33 } 34 35 tests := []struct { 36 cert *Certificate 37 peerSigAlgs []SignatureScheme 38 tlsVersion uint16 39 40 expectedSigAlg SignatureScheme 41 expectedSigType uint8 42 expectedHash x509.Hash 43 }{ 44 {rsaCert, []SignatureScheme{PKCS1WithSHA1, PKCS1WithSHA256}, VersionTLS12, PKCS1WithSHA1, signaturePKCS1v15, x509.SHA1}, 45 {rsaCert, []SignatureScheme{PKCS1WithSHA512, PKCS1WithSHA1}, VersionTLS12, PKCS1WithSHA512, signaturePKCS1v15, x509.SHA512}, 46 {rsaCert, []SignatureScheme{PSSWithSHA256, PKCS1WithSHA256}, VersionTLS12, PSSWithSHA256, signatureRSAPSS, x509.SHA256}, 47 {pkcs1Cert, []SignatureScheme{PSSWithSHA256, PKCS1WithSHA256}, VersionTLS12, PKCS1WithSHA256, signaturePKCS1v15, x509.SHA256}, 48 {rsaCert, []SignatureScheme{PSSWithSHA384, PKCS1WithSHA1}, VersionTLS13, PSSWithSHA384, signatureRSAPSS, x509.SHA384}, 49 {ecdsaCert, []SignatureScheme{ECDSAWithSHA1}, VersionTLS12, ECDSAWithSHA1, signatureECDSA, x509.SHA1}, 50 {ecdsaCert, []SignatureScheme{ECDSAWithP256AndSHA256}, VersionTLS12, ECDSAWithP256AndSHA256, signatureECDSA, x509.SHA256}, 51 {ecdsaCert, []SignatureScheme{ECDSAWithP256AndSHA256}, VersionTLS13, ECDSAWithP256AndSHA256, signatureECDSA, x509.SHA256}, 52 {ed25519Cert, []SignatureScheme{Ed25519}, VersionTLS12, Ed25519, signatureEd25519, directSigning}, 53 {ed25519Cert, []SignatureScheme{Ed25519}, VersionTLS13, Ed25519, signatureEd25519, directSigning}, 54 55 // TLS 1.2 without signature_algorithms extension 56 {rsaCert, nil, VersionTLS12, PKCS1WithSHA1, signaturePKCS1v15, x509.SHA1}, 57 {ecdsaCert, nil, VersionTLS12, ECDSAWithSHA1, signatureECDSA, x509.SHA1}, 58 59 // TLS 1.2 does not restrict the ECDSA curve (our ecdsaCert is P-256) 60 {ecdsaCert, []SignatureScheme{ECDSAWithP384AndSHA384}, VersionTLS12, ECDSAWithP384AndSHA384, signatureECDSA, x509.SHA384}, 61 } 62 63 for testNo, test := range tests { 64 sigAlg, err := selectSignatureScheme(test.tlsVersion, test.cert, test.peerSigAlgs) 65 if err != nil { 66 t.Errorf("test[%d]: unexpected selectSignatureScheme error: %v", testNo, err) 67 } 68 if test.expectedSigAlg != sigAlg { 69 t.Errorf("test[%d]: expected signature scheme %v, got %v", testNo, test.expectedSigAlg, sigAlg) 70 } 71 sigType, hashFunc, err := typeAndHashFromSignatureScheme(sigAlg) 72 if err != nil { 73 t.Errorf("test[%d]: unexpected typeAndHashFromSignatureScheme error: %v", testNo, err) 74 } 75 if test.expectedSigType != sigType { 76 t.Errorf("test[%d]: expected signature algorithm %#x, got %#x", testNo, test.expectedSigType, sigType) 77 } 78 if test.expectedHash != hashFunc { 79 t.Errorf("test[%d]: expected hash function %#x, got %#x", testNo, test.expectedHash, hashFunc) 80 } 81 } 82 83 brokenCert := &Certificate{ 84 Certificate: [][]byte{testRSACertificate}, 85 PrivateKey: testRSAPrivateKey, 86 SupportedSignatureAlgorithms: []SignatureScheme{Ed25519}, 87 } 88 89 badTests := []struct { 90 cert *Certificate 91 peerSigAlgs []SignatureScheme 92 tlsVersion uint16 93 }{ 94 {rsaCert, []SignatureScheme{ECDSAWithP256AndSHA256, ECDSAWithSHA1}, VersionTLS12}, 95 {ecdsaCert, []SignatureScheme{PKCS1WithSHA256, PKCS1WithSHA1}, VersionTLS12}, 96 {rsaCert, []SignatureScheme{0}, VersionTLS12}, 97 {ed25519Cert, []SignatureScheme{ECDSAWithP256AndSHA256, ECDSAWithSHA1}, VersionTLS12}, 98 {ecdsaCert, []SignatureScheme{Ed25519}, VersionTLS12}, 99 {brokenCert, []SignatureScheme{Ed25519}, VersionTLS12}, 100 {brokenCert, []SignatureScheme{PKCS1WithSHA256}, VersionTLS12}, 101 // RFC 5246, Section 7.4.1.4.1, says to only consider {sha1,ecdsa} as 102 // default when the extension is missing, and RFC 8422 does not update 103 // it. Anyway, if a stack supports Ed25519 it better support sigalgs. 104 {ed25519Cert, nil, VersionTLS12}, 105 // TLS 1.3 has no default signature_algorithms. 106 {rsaCert, nil, VersionTLS13}, 107 {ecdsaCert, nil, VersionTLS13}, 108 {ed25519Cert, nil, VersionTLS13}, 109 // Wrong curve, which TLS 1.3 checks 110 {ecdsaCert, []SignatureScheme{ECDSAWithP384AndSHA384}, VersionTLS13}, 111 // TLS 1.3 does not support PKCS1v1.5 or SHA-1. 112 {rsaCert, []SignatureScheme{PKCS1WithSHA256}, VersionTLS13}, 113 {pkcs1Cert, []SignatureScheme{PSSWithSHA256, PKCS1WithSHA256}, VersionTLS13}, 114 {ecdsaCert, []SignatureScheme{ECDSAWithSHA1}, VersionTLS13}, 115 // The key can be too small for the hash. 116 {rsaCert, []SignatureScheme{PSSWithSHA512}, VersionTLS12}, 117 } 118 119 for testNo, test := range badTests { 120 sigAlg, err := selectSignatureScheme(test.tlsVersion, test.cert, test.peerSigAlgs) 121 if err == nil { 122 t.Errorf("test[%d]: unexpected success, got %v", testNo, sigAlg) 123 } 124 } 125 } 126 127 func TestLegacyTypeAndHash(t *testing.T) { 128 sigType, hashFunc, err := legacyTypeAndHashFromPublicKey(testRSAPrivateKey.Public()) 129 if err != nil { 130 t.Errorf("RSA: unexpected error: %v", err) 131 } 132 if expectedSigType := signaturePKCS1v15; expectedSigType != sigType { 133 t.Errorf("RSA: expected signature type %#x, got %#x", expectedSigType, sigType) 134 } 135 if expectedHashFunc := x509.MD5SHA1; expectedHashFunc != hashFunc { 136 t.Errorf("RSA: expected hash %#x, got %#x", expectedHashFunc, hashFunc) 137 } 138 139 sigType, hashFunc, err = legacyTypeAndHashFromPublicKey(testECDSAPrivateKey.Public()) 140 if err != nil { 141 t.Errorf("ECDSA: unexpected error: %v", err) 142 } 143 if expectedSigType := signatureECDSA; expectedSigType != sigType { 144 t.Errorf("ECDSA: expected signature type %#x, got %#x", expectedSigType, sigType) 145 } 146 if expectedHashFunc := x509.SHA1; expectedHashFunc != hashFunc { 147 t.Errorf("ECDSA: expected hash %#x, got %#x", expectedHashFunc, hashFunc) 148 } 149 150 // Ed25519 is not supported by TLS 1.0 and 1.1. 151 _, _, err = legacyTypeAndHashFromPublicKey(testEd25519PrivateKey.Public()) 152 if err == nil { 153 t.Errorf("Ed25519: unexpected success") 154 } 155 } 156 157 // TestSupportedSignatureAlgorithms checks that all supportedSignatureAlgorithms 158 // have valid type and hash information. 159 func TestSupportedSignatureAlgorithms(t *testing.T) { 160 for _, sigAlg := range supportedSignatureAlgorithms { 161 sigType, hash, err := typeAndHashFromSignatureScheme(sigAlg) 162 if err != nil { 163 t.Errorf("%v: unexpected error: %v", sigAlg, err) 164 } 165 if sigType == 0 { 166 t.Errorf("%v: missing signature type", sigAlg) 167 } 168 if hash == 0 && sigAlg != Ed25519 { 169 t.Errorf("%v: missing hash", sigAlg) 170 } 171 } 172 }