1 // Copyright 2011 The Chromium Authors
2 // Use of this source code is governed by a BSD-style license that can be
3 // found in the LICENSE file.
4
5 #include "net/ssl/ssl_cipher_suite_names.h"
6
7 #include <ostream>
8
9 #include "base/notreached.h"
10 #include "base/strings/string_number_conversions.h"
11 #include "base/strings/string_util.h"
12 #include "net/ssl/ssl_connection_status_flags.h"
13 #include "third_party/boringssl/src/include/openssl/ssl.h"
14
15 namespace net {
16
17 namespace {
18
ObsoleteSSLStatusForProtocol(int ssl_version)19 int ObsoleteSSLStatusForProtocol(int ssl_version) {
20 int obsolete_ssl = OBSOLETE_SSL_NONE;
21 if (ssl_version < SSL_CONNECTION_VERSION_TLS1_2)
22 obsolete_ssl |= OBSOLETE_SSL_MASK_PROTOCOL;
23 return obsolete_ssl;
24 }
25
ObsoleteSSLStatusForCipherSuite(uint16_t cipher_suite)26 int ObsoleteSSLStatusForCipherSuite(uint16_t cipher_suite) {
27 int obsolete_ssl = OBSOLETE_SSL_NONE;
28
29 const SSL_CIPHER* cipher = SSL_get_cipher_by_value(cipher_suite);
30 if (!cipher) {
31 // Cannot determine/unknown cipher suite. Err on the side of caution.
32 obsolete_ssl |= OBSOLETE_SSL_MASK_KEY_EXCHANGE;
33 obsolete_ssl |= OBSOLETE_SSL_MASK_CIPHER;
34 return obsolete_ssl;
35 }
36
37 if (SSL_CIPHER_get_kx_nid(cipher) == NID_kx_rsa) {
38 obsolete_ssl |= OBSOLETE_SSL_MASK_KEY_EXCHANGE;
39 }
40
41 if (!SSL_CIPHER_is_aead(cipher)) {
42 obsolete_ssl |= OBSOLETE_SSL_MASK_CIPHER;
43 }
44
45 return obsolete_ssl;
46 }
47
ObsoleteSSLStatusForSignature(uint16_t signature_algorithm)48 int ObsoleteSSLStatusForSignature(uint16_t signature_algorithm) {
49 switch (signature_algorithm) {
50 case SSL_SIGN_ECDSA_SHA1:
51 case SSL_SIGN_RSA_PKCS1_MD5_SHA1:
52 case SSL_SIGN_RSA_PKCS1_SHA1:
53 return OBSOLETE_SSL_MASK_SIGNATURE;
54 default:
55 return OBSOLETE_SSL_NONE;
56 }
57 }
58
59 } // namespace
60
SSLCipherSuiteToStrings(const char ** key_exchange_str,const char ** cipher_str,const char ** mac_str,bool * is_aead,bool * is_tls13,uint16_t cipher_suite)61 void SSLCipherSuiteToStrings(const char** key_exchange_str,
62 const char** cipher_str,
63 const char** mac_str,
64 bool* is_aead,
65 bool* is_tls13,
66 uint16_t cipher_suite) {
67 *key_exchange_str = *cipher_str = *mac_str = "???";
68 *is_aead = false;
69 *is_tls13 = false;
70
71 const SSL_CIPHER* cipher = SSL_get_cipher_by_value(cipher_suite);
72 if (!cipher)
73 return;
74
75 switch (SSL_CIPHER_get_kx_nid(cipher)) {
76 case NID_kx_any:
77 *key_exchange_str = nullptr;
78 *is_tls13 = true;
79 break;
80 case NID_kx_rsa:
81 *key_exchange_str = "RSA";
82 break;
83 case NID_kx_ecdhe:
84 switch (SSL_CIPHER_get_auth_nid(cipher)) {
85 case NID_auth_rsa:
86 *key_exchange_str = "ECDHE_RSA";
87 break;
88 case NID_auth_ecdsa:
89 *key_exchange_str = "ECDHE_ECDSA";
90 break;
91 }
92 break;
93 }
94
95 switch (SSL_CIPHER_get_cipher_nid(cipher)) {
96 case NID_aes_128_gcm:
97 *cipher_str = "AES_128_GCM";
98 break;
99 case NID_aes_256_gcm:
100 *cipher_str = "AES_256_GCM";
101 break;
102 case NID_chacha20_poly1305:
103 *cipher_str = "CHACHA20_POLY1305";
104 break;
105 case NID_aes_128_cbc:
106 *cipher_str = "AES_128_CBC";
107 break;
108 case NID_aes_256_cbc:
109 *cipher_str = "AES_256_CBC";
110 break;
111 case NID_des_ede3_cbc:
112 *cipher_str = "3DES_EDE_CBC";
113 break;
114 }
115
116 if (SSL_CIPHER_is_aead(cipher)) {
117 *is_aead = true;
118 *mac_str = nullptr;
119 } else {
120 switch (SSL_CIPHER_get_digest_nid(cipher)) {
121 case NID_sha1:
122 *mac_str = "HMAC-SHA1";
123 break;
124 case NID_sha256:
125 *mac_str = "HMAC-SHA256";
126 break;
127 case NID_sha384:
128 *mac_str = "HMAC-SHA384";
129 break;
130 }
131 }
132 }
133
SSLVersionToString(const char ** name,int ssl_version)134 void SSLVersionToString(const char** name, int ssl_version) {
135 switch (ssl_version) {
136 case SSL_CONNECTION_VERSION_SSL2:
137 *name = "SSL 2.0";
138 break;
139 case SSL_CONNECTION_VERSION_SSL3:
140 *name = "SSL 3.0";
141 break;
142 case SSL_CONNECTION_VERSION_TLS1:
143 *name = "TLS 1.0";
144 break;
145 case SSL_CONNECTION_VERSION_TLS1_1:
146 *name = "TLS 1.1";
147 break;
148 case SSL_CONNECTION_VERSION_TLS1_2:
149 *name = "TLS 1.2";
150 break;
151 case SSL_CONNECTION_VERSION_TLS1_3:
152 *name = "TLS 1.3";
153 break;
154 case SSL_CONNECTION_VERSION_QUIC:
155 *name = "QUIC";
156 break;
157 default:
158 NOTREACHED() << ssl_version;
159 *name = "???";
160 break;
161 }
162 }
163
ParseSSLCipherString(const std::string & cipher_string,uint16_t * cipher_suite)164 bool ParseSSLCipherString(const std::string& cipher_string,
165 uint16_t* cipher_suite) {
166 int value = 0;
167 if (cipher_string.size() == 6 &&
168 base::StartsWith(cipher_string, "0x",
169 base::CompareCase::INSENSITIVE_ASCII) &&
170 base::HexStringToInt(cipher_string, &value)) {
171 *cipher_suite = static_cast<uint16_t>(value);
172 return true;
173 }
174 return false;
175 }
176
ObsoleteSSLStatus(int connection_status,uint16_t signature_algorithm)177 int ObsoleteSSLStatus(int connection_status, uint16_t signature_algorithm) {
178 int obsolete_ssl = OBSOLETE_SSL_NONE;
179
180 int ssl_version = SSLConnectionStatusToVersion(connection_status);
181 obsolete_ssl |= ObsoleteSSLStatusForProtocol(ssl_version);
182
183 uint16_t cipher_suite = SSLConnectionStatusToCipherSuite(connection_status);
184 obsolete_ssl |= ObsoleteSSLStatusForCipherSuite(cipher_suite);
185
186 obsolete_ssl |= ObsoleteSSLStatusForSignature(signature_algorithm);
187
188 return obsolete_ssl;
189 }
190
IsTLSCipherSuiteAllowedByHTTP2(uint16_t cipher_suite)191 bool IsTLSCipherSuiteAllowedByHTTP2(uint16_t cipher_suite) {
192 return ObsoleteSSLStatusForCipherSuite(cipher_suite) == OBSOLETE_SSL_NONE;
193 }
194
195 } // namespace net
196