1 /*
2 * Copyright 2011 The WebRTC Project Authors. All rights reserved.
3 *
4 * Use of this source code is governed by a BSD-style license
5 * that can be found in the LICENSE file in the root of the source
6 * tree. An additional intellectual property rights grant can be found
7 * in the file PATENTS. All contributing project authors may
8 * be found in the AUTHORS file in the root of the source tree.
9 */
10
11 #include <algorithm>
12 #include <memory>
13 #include <set>
14 #include <string>
15
16 #include "absl/memory/memory.h"
17 #include "rtc_base/buffer_queue.h"
18 #include "rtc_base/checks.h"
19 #include "rtc_base/gunit.h"
20 #include "rtc_base/helpers.h"
21 #include "rtc_base/memory/fifo_buffer.h"
22 #include "rtc_base/memory_stream.h"
23 #include "rtc_base/message_digest.h"
24 #include "rtc_base/ssl_adapter.h"
25 #include "rtc_base/ssl_identity.h"
26 #include "rtc_base/ssl_stream_adapter.h"
27 #include "rtc_base/stream.h"
28 #include "test/field_trial.h"
29
30 using ::testing::Combine;
31 using ::testing::tuple;
32 using ::testing::Values;
33 using ::testing::WithParamInterface;
34
35 static const int kBlockSize = 4096;
36 static const char kExporterLabel[] = "label";
37 static const unsigned char kExporterContext[] = "context";
38 static int kExporterContextLen = sizeof(kExporterContext);
39
40 // A private key used for testing, broken into pieces in order to avoid
41 // issues with Git's checks for private keys in repos.
42 #define RSA_PRIVATE_KEY_HEADER "-----BEGIN RSA PRIVATE KEY-----\n"
43
44 static const char kRSA_PRIVATE_KEY_PEM[] = RSA_PRIVATE_KEY_HEADER
45 "MIICdwIBADANBgkqhkiG9w0BAQEFAASCAmEwggJdAgEAAoGBAMYRkbhmI7kVA/rM\n"
46 "czsZ+6JDhDvnkF+vn6yCAGuRPV03zuRqZtDy4N4to7PZu9PjqrRl7nDMXrG3YG9y\n"
47 "rlIAZ72KjcKKFAJxQyAKLCIdawKRyp8RdK3LEySWEZb0AV58IadqPZDTNHHRX8dz\n"
48 "5aTSMsbbkZ+C/OzTnbiMqLL/vg6jAgMBAAECgYAvgOs4FJcgvp+TuREx7YtiYVsH\n"
49 "mwQPTum2z/8VzWGwR8BBHBvIpVe1MbD/Y4seyI2aco/7UaisatSgJhsU46/9Y4fq\n"
50 "2TwXH9QANf4at4d9n/R6rzwpAJOpgwZgKvdQjkfrKTtgLV+/dawvpxUYkRH4JZM1\n"
51 "CVGukMfKNrSVH4Ap4QJBAOJmGV1ASPnB4r4nc99at7JuIJmd7fmuVUwUgYi4XgaR\n"
52 "WhScBsgYwZ/JoywdyZJgnbcrTDuVcWG56B3vXbhdpMsCQQDf9zeJrjnPZ3Cqm79y\n"
53 "kdqANep0uwZciiNiWxsQrCHztywOvbFhdp8iYVFG9EK8DMY41Y5TxUwsHD+67zao\n"
54 "ZNqJAkEA1suLUP/GvL8IwuRneQd2tWDqqRQ/Td3qq03hP7e77XtF/buya3Ghclo5\n"
55 "54czUR89QyVfJEC6278nzA7n2h1uVQJAcG6mztNL6ja/dKZjYZye2CY44QjSlLo0\n"
56 "MTgTSjdfg/28fFn2Jjtqf9Pi/X+50LWI/RcYMC2no606wRk9kyOuIQJBAK6VSAim\n"
57 "1pOEjsYQn0X5KEIrz1G3bfCbB848Ime3U2/FWlCHMr6ch8kCZ5d1WUeJD3LbwMNG\n"
58 "UCXiYxSsu20QNVw=\n"
59 "-----END RSA PRIVATE KEY-----\n";
60
61 #undef RSA_PRIVATE_KEY_HEADER
62
63 static const char kCERT_PEM[] =
64 "-----BEGIN CERTIFICATE-----\n"
65 "MIIBmTCCAQKgAwIBAgIEbzBSAjANBgkqhkiG9w0BAQsFADARMQ8wDQYDVQQDEwZX\n"
66 "ZWJSVEMwHhcNMTQwMTAyMTgyNDQ3WhcNMTQwMjAxMTgyNDQ3WjARMQ8wDQYDVQQD\n"
67 "EwZXZWJSVEMwgZ8wDQYJKoZIhvcNAQEBBQADgY0AMIGJAoGBAMYRkbhmI7kVA/rM\n"
68 "czsZ+6JDhDvnkF+vn6yCAGuRPV03zuRqZtDy4N4to7PZu9PjqrRl7nDMXrG3YG9y\n"
69 "rlIAZ72KjcKKFAJxQyAKLCIdawKRyp8RdK3LEySWEZb0AV58IadqPZDTNHHRX8dz\n"
70 "5aTSMsbbkZ+C/OzTnbiMqLL/vg6jAgMBAAEwDQYJKoZIhvcNAQELBQADgYEAUflI\n"
71 "VUe5Krqf5RVa5C3u/UTAOAUJBiDS3VANTCLBxjuMsvqOG0WvaYWP3HYPgrz0jXK2\n"
72 "LJE/mGw3MyFHEqi81jh95J+ypl6xKW6Rm8jKLR87gUvCaVYn/Z4/P3AqcQTB7wOv\n"
73 "UD0A8qfhfDM+LK6rPAnCsVN0NRDY3jvd6rzix9M=\n"
74 "-----END CERTIFICATE-----\n";
75
76 static const char kIntCert1[] =
77 "-----BEGIN CERTIFICATE-----\n"
78 "MIIEUjCCAjqgAwIBAgIBAjANBgkqhkiG9w0BAQsFADCBljELMAkGA1UEBhMCVVMx\n"
79 "EzARBgNVBAgMCkNhbGlmb3JuaWExFjAUBgNVBAcMDU1vdW50YWluIFZpZXcxFDAS\n"
80 "BgNVBAoMC0dvb2dsZSwgSW5jMQwwCgYDVQQLDANHVFAxFzAVBgNVBAMMDnRlbGVw\n"
81 "aG9ueS5nb29nMR0wGwYJKoZIhvcNAQkBFg5ndHBAZ29vZ2xlLmNvbTAeFw0xNzA5\n"
82 "MjYwNDA5MDNaFw0yMDA2MjIwNDA5MDNaMGQxCzAJBgNVBAYTAlVTMQswCQYDVQQI\n"
83 "DAJDQTEWMBQGA1UEBwwNTW91bnRhaW4gVmlldzEXMBUGA1UECgwOdGVsZXBob255\n"
84 "Lmdvb2cxFzAVBgNVBAMMDnRlbGVwaG9ueS5nb29nMIGfMA0GCSqGSIb3DQEBAQUA\n"
85 "A4GNADCBiQKBgQDJXWeeU1v1+wlqkVobzI3aN7Uh2iVQA9YCdq5suuabtiD/qoOD\n"
86 "NKpmQqsx7WZGGWSZTDFEBaUpvIK7Hb+nzRqk6iioPCFOFuarm6GxO1xVneImMuE6\n"
87 "tuWb3YZPr+ikChJbl11y5UcSbg0QsbeUc+jHl5umNvrL85Y+z8SP0rxbBwIDAQAB\n"
88 "o2AwXjAdBgNVHQ4EFgQU7tdZobqlN8R8V72FQnRxmqq8tKswHwYDVR0jBBgwFoAU\n"
89 "5GgKMUtcxkQ2dJrtNR5YOlIAPDswDwYDVR0TAQH/BAUwAwEB/zALBgNVHQ8EBAMC\n"
90 "AQYwDQYJKoZIhvcNAQELBQADggIBADObh9Z+z14FmP9zSenhFtq7hFnmNrSkklk8\n"
91 "eyYWXKfOuIriEQQBZsz76ZcnzStih8Rj+yQ0AXydk4fJ5LOwC2cUqQBar17g6Pd2\n"
92 "8g4SIL4azR9WvtiSvpuGlwp25b+yunaacDne6ebnf/MUiiKT5w61Xo3cEPVfl38e\n"
93 "/Up2l0bioid5enUTmg6LY6RxDO6tnZQkz3XD+nNSwT4ehtkqFpHYWjErj0BbkDM2\n"
94 "hiVc/JsYOZn3DmuOlHVHU6sKwqh3JEyvHO/d7DGzMGWHpHwv2mCTJq6l/sR95Tc2\n"
95 "GaQZgGDVNs9pdEouJCDm9e/PbQWRYhnat82PTkXx/6mDAAwdZlIi/pACzq8K4p7e\n"
96 "6hF0t8uKGnXJubHPXxlnJU6yxZ0yWmivAGjwWK4ur832gKlho4jeMDhiI/T3QPpl\n"
97 "iMNsIvxRhdD+GxJkQP1ezayw8s+Uc9KwKglrkBSRRDLCJUfPOvMmXLUDSTMX7kp4\n"
98 "/Ak1CA8dVLJIlfEjLBUuvAttlP7+7lsKNgxAjCxZkWLXIyGULzNPQwVWkGfCbrQs\n"
99 "XyMvSbFsSIb7blV7eLlmf9a+2RprUUkc2ALXLLCI9YQXmxm2beBfMyNmmebwBJzT\n"
100 "B0OR+5pFFNTJPoNlqpdrDsGrDu7JlUtk0ZLZzYyKXbgy2qXxfd4OWzXXjxpLMszZ\n"
101 "LDIpOAkj\n"
102 "-----END CERTIFICATE-----\n";
103
104 static const char kCACert[] =
105 "-----BEGIN CERTIFICATE-----\n"
106 "MIIGETCCA/mgAwIBAgIJAKN9r/BdbGUJMA0GCSqGSIb3DQEBCwUAMIGWMQswCQYD\n"
107 "VQQGEwJVUzETMBEGA1UECAwKQ2FsaWZvcm5pYTEWMBQGA1UEBwwNTW91bnRhaW4g\n"
108 "VmlldzEUMBIGA1UECgwLR29vZ2xlLCBJbmMxDDAKBgNVBAsMA0dUUDEXMBUGA1UE\n"
109 "AwwOdGVsZXBob255Lmdvb2cxHTAbBgkqhkiG9w0BCQEWDmd0cEBnb29nbGUuY29t\n"
110 "MB4XDTE3MDcyNzIzMDE0NVoXDTE3MDgyNjIzMDE0NVowgZYxCzAJBgNVBAYTAlVT\n"
111 "MRMwEQYDVQQIDApDYWxpZm9ybmlhMRYwFAYDVQQHDA1Nb3VudGFpbiBWaWV3MRQw\n"
112 "EgYDVQQKDAtHb29nbGUsIEluYzEMMAoGA1UECwwDR1RQMRcwFQYDVQQDDA50ZWxl\n"
113 "cGhvbnkuZ29vZzEdMBsGCSqGSIb3DQEJARYOZ3RwQGdvb2dsZS5jb20wggIiMA0G\n"
114 "CSqGSIb3DQEBAQUAA4ICDwAwggIKAoICAQCfvpF7aBV5Hp1EHsWoIlL3GeHwh8dS\n"
115 "lv9VQCegN9rD06Ny7MgcED5AiK2vqXmUmOVS+7NbATkdVYN/eozDhKtN3Q3n87kJ\n"
116 "Nt/TD/TcZZHOZIGsRPbrf2URK26E/5KzTzbzXVBOA1e+gSj+EBbltGqb01ZO5ErF\n"
117 "iPGViPM/HpYKdq6mfz2bS5PhU67XZMM2zvToyReQ/Fjm/6PJhwKSRXSgZF5djPhk\n"
118 "2LfOKMLS0AeZtd2C4DFsCU41lfLUkybioDgFuzTQ3TFi1K8A07KYTMmLY/yQppnf\n"
119 "SpNX58shlVhM+Ed37K1Z0rU0OfVCZ5P+KKaSSfMranjlU7zeUIhZYjqq/EYrEhbS\n"
120 "dLnNHwgJrqxzId3kq8uuLM6+VB7JZKnZLfT90GdAbX4+tutNe21smmogF9f80vEy\n"
121 "gM4tOp9rXrvz9vCwWHXVY9kdKemdLAsREoO6MS9k2ctK4jj80o2dROuFC6Q3e7mz\n"
122 "RjvZr5Tvi464c2o9o/jNlJ0O6q7V2eQzohD+7VnV5QPpRGXxlIeqpR2zoAg+WtRS\n"
123 "4OgHOVYiD3M6uAlggJA5pcDjMfkEZ+pkhtVcT4qMCEoruk6GbyPxS565oSHu16bH\n"
124 "EjeCqbZOVND5T3oA7nz6aQSs8sJabt0jmxUkGVnE+4ZDIuuRtkRma+0P/96Mtqor\n"
125 "OlpNWY1OBDY64QIDAQABo2AwXjAdBgNVHQ4EFgQU5GgKMUtcxkQ2dJrtNR5YOlIA\n"
126 "PDswHwYDVR0jBBgwFoAU5GgKMUtcxkQ2dJrtNR5YOlIAPDswDwYDVR0TAQH/BAUw\n"
127 "AwEB/zALBgNVHQ8EBAMCAQYwDQYJKoZIhvcNAQELBQADggIBAARQly5/bB6VUL2C\n"
128 "ykDYgWt48go407pAra6tL2kjpdfxV5PdL7iMZRkeht00vj+BVahIqZKrNOa/f5Fx\n"
129 "vlpahZFu0PDN436aQwRZ9qWut2qDOK0/z9Hhj6NWybquRFwMwqkPG/ivLMDU8Dmj\n"
130 "CIplpngPYNwXCs0KzdjSXYxqxJbwMjQXELD+/RcurY0oTtJMM1/2vKQMzw24UJqe\n"
131 "XLJAlsnd2AnWzWNUEviDZY89j9NdkHerBmV2gGzcU+X5lgOO5M8odBv0ZC9D+a6Z\n"
132 "QPZAOfdGVw60hhGvTW5s/s0dHwCpegRidhs0MD0fTmwwjYFBSmUx3Gztr4JTzOOr\n"
133 "7e5daJuak2ujQ5DqcGBvt1gePjSudb5brS7JQtN8tI/FyrnR4q/OuOwv1EvlC5RG\n"
134 "hLX+TXaWqFxB1Hd8ebKRR40mboFG6KcUI3lLBthDvQE7jnq48QfZMjlMQK0ZF1l7\n"
135 "SrlwRXWA74bU8CLJvnZKKo9p4TsTiDYGSYC6tNHKj5s3TGWL46oqGyZ0KdGNhrtC\n"
136 "rIGenMhth1vPYjyy0XuGBndXT85yi+IM2l8g8oU845+plxIhgpSI8bbC0oLwnhQ5\n"
137 "ARfsiYLkXDE7imSS0CSUmye76372mlzAIB1is4bBB/SzpPQtBuB9LDKtONgpSGHn\n"
138 "dGaXBy+qbVXVyGXaeEbIRjtJ6m92\n"
139 "-----END CERTIFICATE-----\n";
140
141 class SSLStreamAdapterTestBase;
142
143 class SSLDummyStreamBase : public rtc::StreamInterface,
144 public sigslot::has_slots<> {
145 public:
SSLDummyStreamBase(SSLStreamAdapterTestBase * test,const std::string & side,rtc::StreamInterface * in,rtc::StreamInterface * out)146 SSLDummyStreamBase(SSLStreamAdapterTestBase* test,
147 const std::string& side,
148 rtc::StreamInterface* in,
149 rtc::StreamInterface* out)
150 : test_base_(test), side_(side), in_(in), out_(out), first_packet_(true) {
151 in_->SignalEvent.connect(this, &SSLDummyStreamBase::OnEventIn);
152 out_->SignalEvent.connect(this, &SSLDummyStreamBase::OnEventOut);
153 }
154
GetState() const155 rtc::StreamState GetState() const override { return rtc::SS_OPEN; }
156
Read(void * buffer,size_t buffer_len,size_t * read,int * error)157 rtc::StreamResult Read(void* buffer,
158 size_t buffer_len,
159 size_t* read,
160 int* error) override {
161 rtc::StreamResult r;
162
163 r = in_->Read(buffer, buffer_len, read, error);
164 if (r == rtc::SR_BLOCK)
165 return rtc::SR_BLOCK;
166 if (r == rtc::SR_EOS)
167 return rtc::SR_EOS;
168
169 if (r != rtc::SR_SUCCESS) {
170 ADD_FAILURE();
171 return rtc::SR_ERROR;
172 }
173
174 return rtc::SR_SUCCESS;
175 }
176
177 // Catch readability events on in and pass them up.
OnEventIn(rtc::StreamInterface * stream,int sig,int err)178 void OnEventIn(rtc::StreamInterface* stream, int sig, int err) {
179 int mask = (rtc::SE_READ | rtc::SE_CLOSE);
180
181 if (sig & mask) {
182 RTC_LOG(LS_VERBOSE) << "SSLDummyStreamBase::OnEvent side=" << side_
183 << " sig=" << sig << " forwarding upward";
184 PostEvent(sig & mask, 0);
185 }
186 }
187
188 // Catch writeability events on out and pass them up.
OnEventOut(rtc::StreamInterface * stream,int sig,int err)189 void OnEventOut(rtc::StreamInterface* stream, int sig, int err) {
190 if (sig & rtc::SE_WRITE) {
191 RTC_LOG(LS_VERBOSE) << "SSLDummyStreamBase::OnEvent side=" << side_
192 << " sig=" << sig << " forwarding upward";
193
194 PostEvent(sig & rtc::SE_WRITE, 0);
195 }
196 }
197
198 // Write to the outgoing FifoBuffer
WriteData(const void * data,size_t data_len,size_t * written,int * error)199 rtc::StreamResult WriteData(const void* data,
200 size_t data_len,
201 size_t* written,
202 int* error) {
203 return out_->Write(data, data_len, written, error);
204 }
205
206 rtc::StreamResult Write(const void* data,
207 size_t data_len,
208 size_t* written,
209 int* error) override;
210
Close()211 void Close() override {
212 RTC_LOG(LS_INFO) << "Closing outbound stream";
213 out_->Close();
214 }
215
216 protected:
217 SSLStreamAdapterTestBase* test_base_;
218 const std::string side_;
219 rtc::StreamInterface* in_;
220 rtc::StreamInterface* out_;
221 bool first_packet_;
222 };
223
224 class SSLDummyStreamTLS : public SSLDummyStreamBase {
225 public:
SSLDummyStreamTLS(SSLStreamAdapterTestBase * test,const std::string & side,rtc::FifoBuffer * in,rtc::FifoBuffer * out)226 SSLDummyStreamTLS(SSLStreamAdapterTestBase* test,
227 const std::string& side,
228 rtc::FifoBuffer* in,
229 rtc::FifoBuffer* out)
230 : SSLDummyStreamBase(test, side, in, out) {}
231 };
232
233 class BufferQueueStream : public rtc::BufferQueue, public rtc::StreamInterface {
234 public:
BufferQueueStream(size_t capacity,size_t default_size)235 BufferQueueStream(size_t capacity, size_t default_size)
236 : rtc::BufferQueue(capacity, default_size) {}
237
238 // Implementation of abstract StreamInterface methods.
239
240 // A buffer queue stream is always "open".
GetState() const241 rtc::StreamState GetState() const override { return rtc::SS_OPEN; }
242
243 // Reading a buffer queue stream will either succeed or block.
Read(void * buffer,size_t buffer_len,size_t * read,int * error)244 rtc::StreamResult Read(void* buffer,
245 size_t buffer_len,
246 size_t* read,
247 int* error) override {
248 if (!ReadFront(buffer, buffer_len, read)) {
249 return rtc::SR_BLOCK;
250 }
251 return rtc::SR_SUCCESS;
252 }
253
254 // Writing to a buffer queue stream will either succeed or block.
Write(const void * data,size_t data_len,size_t * written,int * error)255 rtc::StreamResult Write(const void* data,
256 size_t data_len,
257 size_t* written,
258 int* error) override {
259 if (!WriteBack(data, data_len, written)) {
260 return rtc::SR_BLOCK;
261 }
262 return rtc::SR_SUCCESS;
263 }
264
265 // A buffer queue stream can not be closed.
Close()266 void Close() override {}
267
268 protected:
NotifyReadableForTest()269 void NotifyReadableForTest() override { PostEvent(rtc::SE_READ, 0); }
270
NotifyWritableForTest()271 void NotifyWritableForTest() override { PostEvent(rtc::SE_WRITE, 0); }
272 };
273
274 class SSLDummyStreamDTLS : public SSLDummyStreamBase {
275 public:
SSLDummyStreamDTLS(SSLStreamAdapterTestBase * test,const std::string & side,BufferQueueStream * in,BufferQueueStream * out)276 SSLDummyStreamDTLS(SSLStreamAdapterTestBase* test,
277 const std::string& side,
278 BufferQueueStream* in,
279 BufferQueueStream* out)
280 : SSLDummyStreamBase(test, side, in, out) {}
281 };
282
283 static const int kFifoBufferSize = 4096;
284 static const int kBufferCapacity = 1;
285 static const size_t kDefaultBufferSize = 2048;
286
287 class SSLStreamAdapterTestBase : public ::testing::Test,
288 public sigslot::has_slots<> {
289 public:
SSLStreamAdapterTestBase(const std::string & client_cert_pem,const std::string & client_private_key_pem,bool dtls,rtc::KeyParams client_key_type=rtc::KeyParams (rtc::KT_DEFAULT),rtc::KeyParams server_key_type=rtc::KeyParams (rtc::KT_DEFAULT))290 SSLStreamAdapterTestBase(
291 const std::string& client_cert_pem,
292 const std::string& client_private_key_pem,
293 bool dtls,
294 rtc::KeyParams client_key_type = rtc::KeyParams(rtc::KT_DEFAULT),
295 rtc::KeyParams server_key_type = rtc::KeyParams(rtc::KT_DEFAULT))
296 : client_cert_pem_(client_cert_pem),
297 client_private_key_pem_(client_private_key_pem),
298 client_key_type_(client_key_type),
299 server_key_type_(server_key_type),
300 client_stream_(nullptr),
301 server_stream_(nullptr),
302 delay_(0),
303 mtu_(1460),
304 loss_(0),
305 lose_first_packet_(false),
306 damage_(false),
307 dtls_(dtls),
308 handshake_wait_(5000),
309 identities_set_(false) {
310 // Set use of the test RNG to get predictable loss patterns.
311 rtc::SetRandomTestMode(true);
312 }
313
~SSLStreamAdapterTestBase()314 ~SSLStreamAdapterTestBase() override {
315 // Put it back for the next test.
316 rtc::SetRandomTestMode(false);
317 }
318
SetUp()319 void SetUp() override {
320 CreateStreams();
321
322 client_ssl_ =
323 rtc::SSLStreamAdapter::Create(absl::WrapUnique(client_stream_));
324 server_ssl_ =
325 rtc::SSLStreamAdapter::Create(absl::WrapUnique(server_stream_));
326
327 // Set up the slots
328 client_ssl_->SignalEvent.connect(this, &SSLStreamAdapterTestBase::OnEvent);
329 server_ssl_->SignalEvent.connect(this, &SSLStreamAdapterTestBase::OnEvent);
330
331 std::unique_ptr<rtc::SSLIdentity> client_identity;
332 if (!client_cert_pem_.empty() && !client_private_key_pem_.empty()) {
333 client_identity = rtc::SSLIdentity::CreateFromPEMStrings(
334 client_private_key_pem_, client_cert_pem_);
335 } else {
336 client_identity = rtc::SSLIdentity::Create("client", client_key_type_);
337 }
338 auto server_identity = rtc::SSLIdentity::Create("server", server_key_type_);
339
340 client_ssl_->SetIdentity(std::move(client_identity));
341 server_ssl_->SetIdentity(std::move(server_identity));
342 }
343
TearDown()344 void TearDown() override {
345 client_ssl_.reset(nullptr);
346 server_ssl_.reset(nullptr);
347 }
348
349 virtual void CreateStreams() = 0;
350
351 // Recreate the client/server identities with the specified validity period.
352 // |not_before| and |not_after| are offsets from the current time in number
353 // of seconds.
ResetIdentitiesWithValidity(int not_before,int not_after)354 void ResetIdentitiesWithValidity(int not_before, int not_after) {
355 CreateStreams();
356
357 client_ssl_ =
358 rtc::SSLStreamAdapter::Create(absl::WrapUnique(client_stream_));
359 server_ssl_ =
360 rtc::SSLStreamAdapter::Create(absl::WrapUnique(server_stream_));
361
362 client_ssl_->SignalEvent.connect(this, &SSLStreamAdapterTestBase::OnEvent);
363 server_ssl_->SignalEvent.connect(this, &SSLStreamAdapterTestBase::OnEvent);
364
365 time_t now = time(nullptr);
366
367 rtc::SSLIdentityParams client_params;
368 client_params.key_params = rtc::KeyParams(rtc::KT_DEFAULT);
369 client_params.common_name = "client";
370 client_params.not_before = now + not_before;
371 client_params.not_after = now + not_after;
372 auto client_identity = rtc::SSLIdentity::CreateForTest(client_params);
373
374 rtc::SSLIdentityParams server_params;
375 server_params.key_params = rtc::KeyParams(rtc::KT_DEFAULT);
376 server_params.common_name = "server";
377 server_params.not_before = now + not_before;
378 server_params.not_after = now + not_after;
379 auto server_identity = rtc::SSLIdentity::CreateForTest(server_params);
380
381 client_ssl_->SetIdentity(std::move(client_identity));
382 server_ssl_->SetIdentity(std::move(server_identity));
383 }
384
OnEvent(rtc::StreamInterface * stream,int sig,int err)385 virtual void OnEvent(rtc::StreamInterface* stream, int sig, int err) {
386 RTC_LOG(LS_VERBOSE) << "SSLStreamAdapterTestBase::OnEvent sig=" << sig;
387
388 if (sig & rtc::SE_READ) {
389 ReadData(stream);
390 }
391
392 if ((stream == client_ssl_.get()) && (sig & rtc::SE_WRITE)) {
393 WriteData();
394 }
395 }
396
SetPeerIdentitiesByDigest(bool correct,bool expect_success)397 void SetPeerIdentitiesByDigest(bool correct, bool expect_success) {
398 unsigned char server_digest[20];
399 size_t server_digest_len;
400 unsigned char client_digest[20];
401 size_t client_digest_len;
402 bool rv;
403 rtc::SSLPeerCertificateDigestError err;
404 rtc::SSLPeerCertificateDigestError expected_err =
405 expect_success
406 ? rtc::SSLPeerCertificateDigestError::NONE
407 : rtc::SSLPeerCertificateDigestError::VERIFICATION_FAILED;
408
409 RTC_LOG(LS_INFO) << "Setting peer identities by digest";
410
411 rv = server_identity()->certificate().ComputeDigest(
412 rtc::DIGEST_SHA_1, server_digest, 20, &server_digest_len);
413 ASSERT_TRUE(rv);
414 rv = client_identity()->certificate().ComputeDigest(
415 rtc::DIGEST_SHA_1, client_digest, 20, &client_digest_len);
416 ASSERT_TRUE(rv);
417
418 if (!correct) {
419 RTC_LOG(LS_INFO) << "Setting bogus digest for server cert";
420 server_digest[0]++;
421 }
422 rv = client_ssl_->SetPeerCertificateDigest(rtc::DIGEST_SHA_1, server_digest,
423 server_digest_len, &err);
424 EXPECT_EQ(expected_err, err);
425 EXPECT_EQ(expect_success, rv);
426
427 if (!correct) {
428 RTC_LOG(LS_INFO) << "Setting bogus digest for client cert";
429 client_digest[0]++;
430 }
431 rv = server_ssl_->SetPeerCertificateDigest(rtc::DIGEST_SHA_1, client_digest,
432 client_digest_len, &err);
433 EXPECT_EQ(expected_err, err);
434 EXPECT_EQ(expect_success, rv);
435
436 identities_set_ = true;
437 }
438
SetupProtocolVersions(rtc::SSLProtocolVersion server_version,rtc::SSLProtocolVersion client_version)439 void SetupProtocolVersions(rtc::SSLProtocolVersion server_version,
440 rtc::SSLProtocolVersion client_version) {
441 server_ssl_->SetMaxProtocolVersion(server_version);
442 client_ssl_->SetMaxProtocolVersion(client_version);
443 }
444
TestHandshake(bool expect_success=true)445 void TestHandshake(bool expect_success = true) {
446 server_ssl_->SetMode(dtls_ ? rtc::SSL_MODE_DTLS : rtc::SSL_MODE_TLS);
447 client_ssl_->SetMode(dtls_ ? rtc::SSL_MODE_DTLS : rtc::SSL_MODE_TLS);
448
449 if (!dtls_) {
450 // Make sure we simulate a reliable network for TLS.
451 // This is just a check to make sure that people don't write wrong
452 // tests.
453 RTC_CHECK_EQ(1460, mtu_);
454 RTC_CHECK(!loss_);
455 RTC_CHECK(!lose_first_packet_);
456 }
457
458 if (!identities_set_)
459 SetPeerIdentitiesByDigest(true, true);
460
461 // Start the handshake
462 int rv;
463
464 server_ssl_->SetServerRole();
465 rv = server_ssl_->StartSSL();
466 ASSERT_EQ(0, rv);
467
468 rv = client_ssl_->StartSSL();
469 ASSERT_EQ(0, rv);
470
471 // Now run the handshake
472 if (expect_success) {
473 EXPECT_TRUE_WAIT((client_ssl_->GetState() == rtc::SS_OPEN) &&
474 (server_ssl_->GetState() == rtc::SS_OPEN),
475 handshake_wait_);
476 } else {
477 EXPECT_TRUE_WAIT(client_ssl_->GetState() == rtc::SS_CLOSED,
478 handshake_wait_);
479 }
480 }
481
482 // This tests that the handshake can complete before the identity is
483 // verified, and the identity will be verified after the fact.
TestHandshakeWithDelayedIdentity(bool valid_identity)484 void TestHandshakeWithDelayedIdentity(bool valid_identity) {
485 server_ssl_->SetMode(dtls_ ? rtc::SSL_MODE_DTLS : rtc::SSL_MODE_TLS);
486 client_ssl_->SetMode(dtls_ ? rtc::SSL_MODE_DTLS : rtc::SSL_MODE_TLS);
487
488 if (!dtls_) {
489 // Make sure we simulate a reliable network for TLS.
490 // This is just a check to make sure that people don't write wrong
491 // tests.
492 RTC_CHECK_EQ(1460, mtu_);
493 RTC_CHECK(!loss_);
494 RTC_CHECK(!lose_first_packet_);
495 }
496
497 // Start the handshake
498 int rv;
499
500 server_ssl_->SetServerRole();
501 rv = server_ssl_->StartSSL();
502 ASSERT_EQ(0, rv);
503
504 rv = client_ssl_->StartSSL();
505 ASSERT_EQ(0, rv);
506
507 // Now run the handshake.
508 EXPECT_TRUE_WAIT(
509 client_ssl_->IsTlsConnected() && server_ssl_->IsTlsConnected(),
510 handshake_wait_);
511
512 // Until the identity has been verified, the state should still be
513 // SS_OPENING and writes should return SR_BLOCK.
514 EXPECT_EQ(rtc::SS_OPENING, client_ssl_->GetState());
515 EXPECT_EQ(rtc::SS_OPENING, server_ssl_->GetState());
516 unsigned char packet[1];
517 size_t sent;
518 EXPECT_EQ(rtc::SR_BLOCK, client_ssl_->Write(&packet, 1, &sent, 0));
519 EXPECT_EQ(rtc::SR_BLOCK, server_ssl_->Write(&packet, 1, &sent, 0));
520
521 // If we set an invalid identity at this point, SetPeerCertificateDigest
522 // should return false.
523 SetPeerIdentitiesByDigest(valid_identity, valid_identity);
524 // State should then transition to SS_OPEN or SS_CLOSED based on validation
525 // of the identity.
526 if (valid_identity) {
527 EXPECT_EQ(rtc::SS_OPEN, client_ssl_->GetState());
528 EXPECT_EQ(rtc::SS_OPEN, server_ssl_->GetState());
529 } else {
530 EXPECT_EQ(rtc::SS_CLOSED, client_ssl_->GetState());
531 EXPECT_EQ(rtc::SS_CLOSED, server_ssl_->GetState());
532 }
533 }
534
DataWritten(SSLDummyStreamBase * from,const void * data,size_t data_len,size_t * written,int * error)535 rtc::StreamResult DataWritten(SSLDummyStreamBase* from,
536 const void* data,
537 size_t data_len,
538 size_t* written,
539 int* error) {
540 // Randomly drop loss_ percent of packets
541 if (rtc::CreateRandomId() % 100 < static_cast<uint32_t>(loss_)) {
542 RTC_LOG(LS_VERBOSE) << "Randomly dropping packet, size=" << data_len;
543 *written = data_len;
544 return rtc::SR_SUCCESS;
545 }
546 if (dtls_ && (data_len > mtu_)) {
547 RTC_LOG(LS_VERBOSE) << "Dropping packet > mtu, size=" << data_len;
548 *written = data_len;
549 return rtc::SR_SUCCESS;
550 }
551
552 // Optionally damage application data (type 23). Note that we don't damage
553 // handshake packets and we damage the last byte to keep the header
554 // intact but break the MAC.
555 if (damage_ && (*static_cast<const unsigned char*>(data) == 23)) {
556 std::vector<char> buf(data_len);
557
558 RTC_LOG(LS_VERBOSE) << "Damaging packet";
559
560 memcpy(&buf[0], data, data_len);
561 buf[data_len - 1]++;
562
563 return from->WriteData(&buf[0], data_len, written, error);
564 }
565
566 return from->WriteData(data, data_len, written, error);
567 }
568
SetDelay(int delay)569 void SetDelay(int delay) { delay_ = delay; }
GetDelay()570 int GetDelay() { return delay_; }
571
SetLoseFirstPacket(bool lose)572 void SetLoseFirstPacket(bool lose) { lose_first_packet_ = lose; }
GetLoseFirstPacket()573 bool GetLoseFirstPacket() { return lose_first_packet_; }
574
SetLoss(int percent)575 void SetLoss(int percent) { loss_ = percent; }
576
SetDamage()577 void SetDamage() { damage_ = true; }
578
SetMtu(size_t mtu)579 void SetMtu(size_t mtu) { mtu_ = mtu; }
580
SetHandshakeWait(int wait)581 void SetHandshakeWait(int wait) { handshake_wait_ = wait; }
582
SetDtlsSrtpCryptoSuites(const std::vector<int> & ciphers,bool client)583 void SetDtlsSrtpCryptoSuites(const std::vector<int>& ciphers, bool client) {
584 if (client)
585 client_ssl_->SetDtlsSrtpCryptoSuites(ciphers);
586 else
587 server_ssl_->SetDtlsSrtpCryptoSuites(ciphers);
588 }
589
GetDtlsSrtpCryptoSuite(bool client,int * retval)590 bool GetDtlsSrtpCryptoSuite(bool client, int* retval) {
591 if (client)
592 return client_ssl_->GetDtlsSrtpCryptoSuite(retval);
593 else
594 return server_ssl_->GetDtlsSrtpCryptoSuite(retval);
595 }
596
GetPeerCertificate(bool client)597 std::unique_ptr<rtc::SSLCertificate> GetPeerCertificate(bool client) {
598 std::unique_ptr<rtc::SSLCertChain> chain;
599 if (client)
600 chain = client_ssl_->GetPeerSSLCertChain();
601 else
602 chain = server_ssl_->GetPeerSSLCertChain();
603 return (chain && chain->GetSize()) ? chain->Get(0).Clone() : nullptr;
604 }
605
GetSslCipherSuite(bool client,int * retval)606 bool GetSslCipherSuite(bool client, int* retval) {
607 if (client)
608 return client_ssl_->GetSslCipherSuite(retval);
609 else
610 return server_ssl_->GetSslCipherSuite(retval);
611 }
612
GetSslVersion(bool client)613 int GetSslVersion(bool client) {
614 if (client)
615 return client_ssl_->GetSslVersion();
616 else
617 return server_ssl_->GetSslVersion();
618 }
619
ExportKeyingMaterial(const char * label,const unsigned char * context,size_t context_len,bool use_context,bool client,unsigned char * result,size_t result_len)620 bool ExportKeyingMaterial(const char* label,
621 const unsigned char* context,
622 size_t context_len,
623 bool use_context,
624 bool client,
625 unsigned char* result,
626 size_t result_len) {
627 if (client)
628 return client_ssl_->ExportKeyingMaterial(label, context, context_len,
629 use_context, result, result_len);
630 else
631 return server_ssl_->ExportKeyingMaterial(label, context, context_len,
632 use_context, result, result_len);
633 }
634
635 // To be implemented by subclasses.
636 virtual void WriteData() = 0;
637 virtual void ReadData(rtc::StreamInterface* stream) = 0;
638 virtual void TestTransfer(int size) = 0;
639
640 protected:
client_identity() const641 rtc::SSLIdentity* client_identity() const {
642 if (!client_ssl_) {
643 return nullptr;
644 }
645 return client_ssl_->GetIdentityForTesting();
646 }
server_identity() const647 rtc::SSLIdentity* server_identity() const {
648 if (!server_ssl_) {
649 return nullptr;
650 }
651 return server_ssl_->GetIdentityForTesting();
652 }
653
654 std::string client_cert_pem_;
655 std::string client_private_key_pem_;
656 rtc::KeyParams client_key_type_;
657 rtc::KeyParams server_key_type_;
658 SSLDummyStreamBase* client_stream_; // freed by client_ssl_ destructor
659 SSLDummyStreamBase* server_stream_; // freed by server_ssl_ destructor
660 std::unique_ptr<rtc::SSLStreamAdapter> client_ssl_;
661 std::unique_ptr<rtc::SSLStreamAdapter> server_ssl_;
662 int delay_;
663 size_t mtu_;
664 int loss_;
665 bool lose_first_packet_;
666 bool damage_;
667 bool dtls_;
668 int handshake_wait_;
669 bool identities_set_;
670 };
671
672 class SSLStreamAdapterTestTLS
673 : public SSLStreamAdapterTestBase,
674 public WithParamInterface<tuple<rtc::KeyParams, rtc::KeyParams>> {
675 public:
SSLStreamAdapterTestTLS()676 SSLStreamAdapterTestTLS()
677 : SSLStreamAdapterTestBase("",
678 "",
679 false,
680 ::testing::get<0>(GetParam()),
681 ::testing::get<1>(GetParam())),
682 client_buffer_(kFifoBufferSize),
683 server_buffer_(kFifoBufferSize) {}
684
CreateStreams()685 void CreateStreams() override {
686 client_stream_ =
687 new SSLDummyStreamTLS(this, "c2s", &client_buffer_, &server_buffer_);
688 server_stream_ =
689 new SSLDummyStreamTLS(this, "s2c", &server_buffer_, &client_buffer_);
690 }
691
692 // Test data transfer for TLS
TestTransfer(int size)693 void TestTransfer(int size) override {
694 RTC_LOG(LS_INFO) << "Starting transfer test with " << size << " bytes";
695 // Create some dummy data to send.
696 size_t received;
697
698 send_stream_.ReserveSize(size);
699 for (int i = 0; i < size; ++i) {
700 char ch = static_cast<char>(i);
701 send_stream_.Write(&ch, 1, nullptr, nullptr);
702 }
703 send_stream_.Rewind();
704
705 // Prepare the receive stream.
706 recv_stream_.ReserveSize(size);
707
708 // Start sending
709 WriteData();
710
711 // Wait for the client to close
712 EXPECT_TRUE_WAIT(server_ssl_->GetState() == rtc::SS_CLOSED, 10000);
713
714 // Now check the data
715 recv_stream_.GetSize(&received);
716
717 EXPECT_EQ(static_cast<size_t>(size), received);
718 EXPECT_EQ(0,
719 memcmp(send_stream_.GetBuffer(), recv_stream_.GetBuffer(), size));
720 }
721
WriteData()722 void WriteData() override {
723 size_t position, tosend, size;
724 rtc::StreamResult rv;
725 size_t sent;
726 char block[kBlockSize];
727
728 send_stream_.GetSize(&size);
729 if (!size)
730 return;
731
732 for (;;) {
733 send_stream_.GetPosition(&position);
734 if (send_stream_.Read(block, sizeof(block), &tosend, nullptr) !=
735 rtc::SR_EOS) {
736 rv = client_ssl_->Write(block, tosend, &sent, 0);
737
738 if (rv == rtc::SR_SUCCESS) {
739 send_stream_.SetPosition(position + sent);
740 RTC_LOG(LS_VERBOSE) << "Sent: " << position + sent;
741 } else if (rv == rtc::SR_BLOCK) {
742 RTC_LOG(LS_VERBOSE) << "Blocked...";
743 send_stream_.SetPosition(position);
744 break;
745 } else {
746 ADD_FAILURE();
747 break;
748 }
749 } else {
750 // Now close
751 RTC_LOG(LS_INFO) << "Wrote " << position << " bytes. Closing";
752 client_ssl_->Close();
753 break;
754 }
755 }
756 }
757
ReadData(rtc::StreamInterface * stream)758 void ReadData(rtc::StreamInterface* stream) override {
759 char buffer[1600];
760 size_t bread;
761 int err2;
762 rtc::StreamResult r;
763
764 for (;;) {
765 r = stream->Read(buffer, sizeof(buffer), &bread, &err2);
766
767 if (r == rtc::SR_ERROR || r == rtc::SR_EOS) {
768 // Unfortunately, errors are the way that the stream adapter
769 // signals close in OpenSSL.
770 stream->Close();
771 return;
772 }
773
774 if (r == rtc::SR_BLOCK)
775 break;
776
777 ASSERT_EQ(rtc::SR_SUCCESS, r);
778 RTC_LOG(LS_VERBOSE) << "Read " << bread;
779
780 recv_stream_.Write(buffer, bread, nullptr, nullptr);
781 }
782 }
783
784 private:
785 rtc::FifoBuffer client_buffer_;
786 rtc::FifoBuffer server_buffer_;
787 rtc::MemoryStream send_stream_;
788 rtc::MemoryStream recv_stream_;
789 };
790
791 class SSLStreamAdapterTestDTLSBase : public SSLStreamAdapterTestBase {
792 public:
SSLStreamAdapterTestDTLSBase(rtc::KeyParams param1,rtc::KeyParams param2)793 SSLStreamAdapterTestDTLSBase(rtc::KeyParams param1, rtc::KeyParams param2)
794 : SSLStreamAdapterTestBase("", "", true, param1, param2),
795 client_buffer_(kBufferCapacity, kDefaultBufferSize),
796 server_buffer_(kBufferCapacity, kDefaultBufferSize),
797 packet_size_(1000),
798 count_(0),
799 sent_(0) {}
800
SSLStreamAdapterTestDTLSBase(const std::string & cert_pem,const std::string & private_key_pem)801 SSLStreamAdapterTestDTLSBase(const std::string& cert_pem,
802 const std::string& private_key_pem)
803 : SSLStreamAdapterTestBase(cert_pem, private_key_pem, true),
804 client_buffer_(kBufferCapacity, kDefaultBufferSize),
805 server_buffer_(kBufferCapacity, kDefaultBufferSize),
806 packet_size_(1000),
807 count_(0),
808 sent_(0) {}
809
CreateStreams()810 void CreateStreams() override {
811 client_stream_ =
812 new SSLDummyStreamDTLS(this, "c2s", &client_buffer_, &server_buffer_);
813 server_stream_ =
814 new SSLDummyStreamDTLS(this, "s2c", &server_buffer_, &client_buffer_);
815 }
816
WriteData()817 void WriteData() override {
818 unsigned char* packet = new unsigned char[1600];
819
820 while (sent_ < count_) {
821 unsigned int rand_state = sent_;
822 packet[0] = sent_;
823 for (size_t i = 1; i < packet_size_; i++) {
824 // This is a simple LC PRNG. Keep in synch with identical code below.
825 rand_state = (rand_state * 251 + 19937) >> 7;
826 packet[i] = rand_state & 0xff;
827 }
828
829 size_t sent;
830 rtc::StreamResult rv = client_ssl_->Write(packet, packet_size_, &sent, 0);
831 if (rv == rtc::SR_SUCCESS) {
832 RTC_LOG(LS_VERBOSE) << "Sent: " << sent_;
833 sent_++;
834 } else if (rv == rtc::SR_BLOCK) {
835 RTC_LOG(LS_VERBOSE) << "Blocked...";
836 break;
837 } else {
838 ADD_FAILURE();
839 break;
840 }
841 }
842
843 delete[] packet;
844 }
845
ReadData(rtc::StreamInterface * stream)846 void ReadData(rtc::StreamInterface* stream) override {
847 unsigned char buffer[2000];
848 size_t bread;
849 int err2;
850 rtc::StreamResult r;
851
852 for (;;) {
853 r = stream->Read(buffer, 2000, &bread, &err2);
854
855 if (r == rtc::SR_ERROR) {
856 // Unfortunately, errors are the way that the stream adapter
857 // signals close right now
858 stream->Close();
859 return;
860 }
861
862 if (r == rtc::SR_BLOCK)
863 break;
864
865 ASSERT_EQ(rtc::SR_SUCCESS, r);
866 RTC_LOG(LS_VERBOSE) << "Read " << bread;
867
868 // Now parse the datagram
869 ASSERT_EQ(packet_size_, bread);
870 unsigned char packet_num = buffer[0];
871
872 unsigned int rand_state = packet_num;
873 for (size_t i = 1; i < packet_size_; i++) {
874 // This is a simple LC PRNG. Keep in synch with identical code above.
875 rand_state = (rand_state * 251 + 19937) >> 7;
876 ASSERT_EQ(rand_state & 0xff, buffer[i]);
877 }
878 received_.insert(packet_num);
879 }
880 }
881
TestTransfer(int count)882 void TestTransfer(int count) override {
883 count_ = count;
884
885 WriteData();
886
887 EXPECT_TRUE_WAIT(sent_ == count_, 10000);
888 RTC_LOG(LS_INFO) << "sent_ == " << sent_;
889
890 if (damage_) {
891 WAIT(false, 2000);
892 EXPECT_EQ(0U, received_.size());
893 } else if (loss_ == 0) {
894 EXPECT_EQ_WAIT(static_cast<size_t>(sent_), received_.size(), 1000);
895 } else {
896 RTC_LOG(LS_INFO) << "Sent " << sent_ << " packets; received "
897 << received_.size();
898 }
899 }
900
901 protected:
902 BufferQueueStream client_buffer_;
903 BufferQueueStream server_buffer_;
904
905 private:
906 size_t packet_size_;
907 int count_;
908 int sent_;
909 std::set<int> received_;
910 };
911
912 class SSLStreamAdapterTestDTLS
913 : public SSLStreamAdapterTestDTLSBase,
914 public WithParamInterface<tuple<rtc::KeyParams, rtc::KeyParams>> {
915 public:
SSLStreamAdapterTestDTLS()916 SSLStreamAdapterTestDTLS()
917 : SSLStreamAdapterTestDTLSBase(::testing::get<0>(GetParam()),
918 ::testing::get<1>(GetParam())) {}
919
SSLStreamAdapterTestDTLS(const std::string & cert_pem,const std::string & private_key_pem)920 SSLStreamAdapterTestDTLS(const std::string& cert_pem,
921 const std::string& private_key_pem)
922 : SSLStreamAdapterTestDTLSBase(cert_pem, private_key_pem) {}
923 };
924
Write(const void * data,size_t data_len,size_t * written,int * error)925 rtc::StreamResult SSLDummyStreamBase::Write(const void* data,
926 size_t data_len,
927 size_t* written,
928 int* error) {
929 RTC_LOG(LS_VERBOSE) << "Writing to loopback " << data_len;
930
931 if (first_packet_) {
932 first_packet_ = false;
933 if (test_base_->GetLoseFirstPacket()) {
934 RTC_LOG(LS_INFO) << "Losing initial packet of length " << data_len;
935 *written = data_len; // Fake successful writing also to writer.
936 return rtc::SR_SUCCESS;
937 }
938 }
939
940 return test_base_->DataWritten(this, data, data_len, written, error);
941 }
942
943 class SSLStreamAdapterTestDTLSFromPEMStrings : public SSLStreamAdapterTestDTLS {
944 public:
SSLStreamAdapterTestDTLSFromPEMStrings()945 SSLStreamAdapterTestDTLSFromPEMStrings()
946 : SSLStreamAdapterTestDTLS(kCERT_PEM, kRSA_PRIVATE_KEY_PEM) {}
947 };
948
949 // Test fixture for certificate chaining. Server will push more than one
950 // certificate.
951 class SSLStreamAdapterTestDTLSCertChain : public SSLStreamAdapterTestDTLS {
952 public:
SSLStreamAdapterTestDTLSCertChain()953 SSLStreamAdapterTestDTLSCertChain() : SSLStreamAdapterTestDTLS("", "") {}
SetUp()954 void SetUp() override {
955 CreateStreams();
956
957 client_ssl_ =
958 rtc::SSLStreamAdapter::Create(absl::WrapUnique(client_stream_));
959 server_ssl_ =
960 rtc::SSLStreamAdapter::Create(absl::WrapUnique(server_stream_));
961
962 // Set up the slots
963 client_ssl_->SignalEvent.connect(
964 reinterpret_cast<SSLStreamAdapterTestBase*>(this),
965 &SSLStreamAdapterTestBase::OnEvent);
966 server_ssl_->SignalEvent.connect(
967 reinterpret_cast<SSLStreamAdapterTestBase*>(this),
968 &SSLStreamAdapterTestBase::OnEvent);
969
970 std::unique_ptr<rtc::SSLIdentity> client_identity;
971 if (!client_cert_pem_.empty() && !client_private_key_pem_.empty()) {
972 client_identity = rtc::SSLIdentity::CreateFromPEMStrings(
973 client_private_key_pem_, client_cert_pem_);
974 } else {
975 client_identity = rtc::SSLIdentity::Create("client", client_key_type_);
976 }
977
978 client_ssl_->SetIdentity(std::move(client_identity));
979 }
980 };
981
982 // Basic tests: TLS
983
984 // Test that we can make a handshake work
TEST_P(SSLStreamAdapterTestTLS,TestTLSConnect)985 TEST_P(SSLStreamAdapterTestTLS, TestTLSConnect) {
986 TestHandshake();
987 }
988
TEST_P(SSLStreamAdapterTestTLS,GetPeerCertChainWithOneCertificate)989 TEST_P(SSLStreamAdapterTestTLS, GetPeerCertChainWithOneCertificate) {
990 TestHandshake();
991 std::unique_ptr<rtc::SSLCertChain> cert_chain =
992 client_ssl_->GetPeerSSLCertChain();
993 ASSERT_NE(nullptr, cert_chain);
994 EXPECT_EQ(1u, cert_chain->GetSize());
995 EXPECT_EQ(cert_chain->Get(0).ToPEMString(),
996 server_identity()->certificate().ToPEMString());
997 }
998
TEST_F(SSLStreamAdapterTestDTLSCertChain,TwoCertHandshake)999 TEST_F(SSLStreamAdapterTestDTLSCertChain, TwoCertHandshake) {
1000 auto server_identity = rtc::SSLIdentity::CreateFromPEMChainStrings(
1001 kRSA_PRIVATE_KEY_PEM, std::string(kCERT_PEM) + kCACert);
1002 server_ssl_->SetIdentity(std::move(server_identity));
1003 TestHandshake();
1004 std::unique_ptr<rtc::SSLCertChain> peer_cert_chain =
1005 client_ssl_->GetPeerSSLCertChain();
1006 ASSERT_NE(nullptr, peer_cert_chain);
1007 ASSERT_EQ(2u, peer_cert_chain->GetSize());
1008 EXPECT_EQ(kCERT_PEM, peer_cert_chain->Get(0).ToPEMString());
1009 EXPECT_EQ(kCACert, peer_cert_chain->Get(1).ToPEMString());
1010 }
1011
TEST_F(SSLStreamAdapterTestDTLSCertChain,TwoCertHandshakeWithCopy)1012 TEST_F(SSLStreamAdapterTestDTLSCertChain, TwoCertHandshakeWithCopy) {
1013 server_ssl_->SetIdentity(rtc::SSLIdentity::CreateFromPEMChainStrings(
1014 kRSA_PRIVATE_KEY_PEM, std::string(kCERT_PEM) + kCACert));
1015 TestHandshake();
1016 std::unique_ptr<rtc::SSLCertChain> peer_cert_chain =
1017 client_ssl_->GetPeerSSLCertChain();
1018 ASSERT_NE(nullptr, peer_cert_chain);
1019 ASSERT_EQ(2u, peer_cert_chain->GetSize());
1020 EXPECT_EQ(kCERT_PEM, peer_cert_chain->Get(0).ToPEMString());
1021 EXPECT_EQ(kCACert, peer_cert_chain->Get(1).ToPEMString());
1022 }
1023
TEST_F(SSLStreamAdapterTestDTLSCertChain,ThreeCertHandshake)1024 TEST_F(SSLStreamAdapterTestDTLSCertChain, ThreeCertHandshake) {
1025 server_ssl_->SetIdentity(rtc::SSLIdentity::CreateFromPEMChainStrings(
1026 kRSA_PRIVATE_KEY_PEM, std::string(kCERT_PEM) + kIntCert1 + kCACert));
1027 TestHandshake();
1028 std::unique_ptr<rtc::SSLCertChain> peer_cert_chain =
1029 client_ssl_->GetPeerSSLCertChain();
1030 ASSERT_NE(nullptr, peer_cert_chain);
1031 ASSERT_EQ(3u, peer_cert_chain->GetSize());
1032 EXPECT_EQ(kCERT_PEM, peer_cert_chain->Get(0).ToPEMString());
1033 EXPECT_EQ(kIntCert1, peer_cert_chain->Get(1).ToPEMString());
1034 EXPECT_EQ(kCACert, peer_cert_chain->Get(2).ToPEMString());
1035 }
1036
1037 // Test that closing the connection on one side updates the other side.
TEST_P(SSLStreamAdapterTestTLS,TestTLSClose)1038 TEST_P(SSLStreamAdapterTestTLS, TestTLSClose) {
1039 TestHandshake();
1040 client_ssl_->Close();
1041 EXPECT_EQ_WAIT(rtc::SS_CLOSED, server_ssl_->GetState(), handshake_wait_);
1042 }
1043
1044 // Test transfer -- trivial
TEST_P(SSLStreamAdapterTestTLS,TestTLSTransfer)1045 TEST_P(SSLStreamAdapterTestTLS, TestTLSTransfer) {
1046 TestHandshake();
1047 TestTransfer(100000);
1048 }
1049
1050 // Test read-write after close.
TEST_P(SSLStreamAdapterTestTLS,ReadWriteAfterClose)1051 TEST_P(SSLStreamAdapterTestTLS, ReadWriteAfterClose) {
1052 TestHandshake();
1053 TestTransfer(100000);
1054 client_ssl_->Close();
1055
1056 rtc::StreamResult rv;
1057 char block[kBlockSize];
1058 size_t dummy;
1059
1060 // It's an error to write after closed.
1061 rv = client_ssl_->Write(block, sizeof(block), &dummy, nullptr);
1062 ASSERT_EQ(rtc::SR_ERROR, rv);
1063
1064 // But after closed read gives you EOS.
1065 rv = client_ssl_->Read(block, sizeof(block), &dummy, nullptr);
1066 ASSERT_EQ(rtc::SR_EOS, rv);
1067 }
1068
1069 // Test a handshake with a bogus peer digest
TEST_P(SSLStreamAdapterTestTLS,TestTLSBogusDigest)1070 TEST_P(SSLStreamAdapterTestTLS, TestTLSBogusDigest) {
1071 SetPeerIdentitiesByDigest(false, true);
1072 TestHandshake(false);
1073 }
1074
TEST_P(SSLStreamAdapterTestTLS,TestTLSDelayedIdentity)1075 TEST_P(SSLStreamAdapterTestTLS, TestTLSDelayedIdentity) {
1076 TestHandshakeWithDelayedIdentity(true);
1077 }
1078
TEST_P(SSLStreamAdapterTestTLS,TestTLSDelayedIdentityWithBogusDigest)1079 TEST_P(SSLStreamAdapterTestTLS, TestTLSDelayedIdentityWithBogusDigest) {
1080 TestHandshakeWithDelayedIdentity(false);
1081 }
1082
1083 // Test that the correct error is returned when SetPeerCertificateDigest is
1084 // called with an unknown algorithm.
TEST_P(SSLStreamAdapterTestTLS,TestSetPeerCertificateDigestWithUnknownAlgorithm)1085 TEST_P(SSLStreamAdapterTestTLS,
1086 TestSetPeerCertificateDigestWithUnknownAlgorithm) {
1087 unsigned char server_digest[20];
1088 size_t server_digest_len;
1089 bool rv;
1090 rtc::SSLPeerCertificateDigestError err;
1091
1092 rv = server_identity()->certificate().ComputeDigest(
1093 rtc::DIGEST_SHA_1, server_digest, 20, &server_digest_len);
1094 ASSERT_TRUE(rv);
1095
1096 rv = client_ssl_->SetPeerCertificateDigest("unknown algorithm", server_digest,
1097 server_digest_len, &err);
1098 EXPECT_EQ(rtc::SSLPeerCertificateDigestError::UNKNOWN_ALGORITHM, err);
1099 EXPECT_FALSE(rv);
1100 }
1101
1102 // Test that the correct error is returned when SetPeerCertificateDigest is
1103 // called with an invalid digest length.
TEST_P(SSLStreamAdapterTestTLS,TestSetPeerCertificateDigestWithInvalidLength)1104 TEST_P(SSLStreamAdapterTestTLS, TestSetPeerCertificateDigestWithInvalidLength) {
1105 unsigned char server_digest[20];
1106 size_t server_digest_len;
1107 bool rv;
1108 rtc::SSLPeerCertificateDigestError err;
1109
1110 rv = server_identity()->certificate().ComputeDigest(
1111 rtc::DIGEST_SHA_1, server_digest, 20, &server_digest_len);
1112 ASSERT_TRUE(rv);
1113
1114 rv = client_ssl_->SetPeerCertificateDigest(rtc::DIGEST_SHA_1, server_digest,
1115 server_digest_len - 1, &err);
1116 EXPECT_EQ(rtc::SSLPeerCertificateDigestError::INVALID_LENGTH, err);
1117 EXPECT_FALSE(rv);
1118 }
1119
1120 // Test moving a bunch of data
1121
1122 // Basic tests: DTLS
1123 // Test that we can make a handshake work
TEST_P(SSLStreamAdapterTestDTLS,TestDTLSConnect)1124 TEST_P(SSLStreamAdapterTestDTLS, TestDTLSConnect) {
1125 TestHandshake();
1126 }
1127
1128 // Test that we can make a handshake work if the first packet in
1129 // each direction is lost. This gives us predictable loss
1130 // rather than having to tune random
TEST_P(SSLStreamAdapterTestDTLS,TestDTLSConnectWithLostFirstPacket)1131 TEST_P(SSLStreamAdapterTestDTLS, TestDTLSConnectWithLostFirstPacket) {
1132 SetLoseFirstPacket(true);
1133 TestHandshake();
1134 }
1135
1136 // Test a handshake with loss and delay
TEST_P(SSLStreamAdapterTestDTLS,TestDTLSConnectWithLostFirstPacketDelay2s)1137 TEST_P(SSLStreamAdapterTestDTLS, TestDTLSConnectWithLostFirstPacketDelay2s) {
1138 SetLoseFirstPacket(true);
1139 SetDelay(2000);
1140 SetHandshakeWait(20000);
1141 TestHandshake();
1142 }
1143
1144 // Test a handshake with small MTU
1145 // Disabled due to https://code.google.com/p/webrtc/issues/detail?id=3910
TEST_P(SSLStreamAdapterTestDTLS,DISABLED_TestDTLSConnectWithSmallMtu)1146 TEST_P(SSLStreamAdapterTestDTLS, DISABLED_TestDTLSConnectWithSmallMtu) {
1147 SetMtu(700);
1148 SetHandshakeWait(20000);
1149 TestHandshake();
1150 }
1151
1152 // Test transfer -- trivial
TEST_P(SSLStreamAdapterTestDTLS,TestDTLSTransfer)1153 TEST_P(SSLStreamAdapterTestDTLS, TestDTLSTransfer) {
1154 TestHandshake();
1155 TestTransfer(100);
1156 }
1157
TEST_P(SSLStreamAdapterTestDTLS,TestDTLSTransferWithLoss)1158 TEST_P(SSLStreamAdapterTestDTLS, TestDTLSTransferWithLoss) {
1159 TestHandshake();
1160 SetLoss(10);
1161 TestTransfer(100);
1162 }
1163
TEST_P(SSLStreamAdapterTestDTLS,TestDTLSTransferWithDamage)1164 TEST_P(SSLStreamAdapterTestDTLS, TestDTLSTransferWithDamage) {
1165 SetDamage(); // Must be called first because first packet
1166 // write happens at end of handshake.
1167 TestHandshake();
1168 TestTransfer(100);
1169 }
1170
TEST_P(SSLStreamAdapterTestDTLS,TestDTLSDelayedIdentity)1171 TEST_P(SSLStreamAdapterTestDTLS, TestDTLSDelayedIdentity) {
1172 TestHandshakeWithDelayedIdentity(true);
1173 }
1174
TEST_P(SSLStreamAdapterTestDTLS,TestDTLSDelayedIdentityWithBogusDigest)1175 TEST_P(SSLStreamAdapterTestDTLS, TestDTLSDelayedIdentityWithBogusDigest) {
1176 TestHandshakeWithDelayedIdentity(false);
1177 }
1178
1179 // Test DTLS-SRTP with all high ciphers
TEST_P(SSLStreamAdapterTestDTLS,TestDTLSSrtpHigh)1180 TEST_P(SSLStreamAdapterTestDTLS, TestDTLSSrtpHigh) {
1181 std::vector<int> high;
1182 high.push_back(rtc::SRTP_AES128_CM_SHA1_80);
1183 SetDtlsSrtpCryptoSuites(high, true);
1184 SetDtlsSrtpCryptoSuites(high, false);
1185 TestHandshake();
1186
1187 int client_cipher;
1188 ASSERT_TRUE(GetDtlsSrtpCryptoSuite(true, &client_cipher));
1189 int server_cipher;
1190 ASSERT_TRUE(GetDtlsSrtpCryptoSuite(false, &server_cipher));
1191
1192 ASSERT_EQ(client_cipher, server_cipher);
1193 ASSERT_EQ(client_cipher, rtc::SRTP_AES128_CM_SHA1_80);
1194 }
1195
1196 // Test DTLS-SRTP with all low ciphers
TEST_P(SSLStreamAdapterTestDTLS,TestDTLSSrtpLow)1197 TEST_P(SSLStreamAdapterTestDTLS, TestDTLSSrtpLow) {
1198 std::vector<int> low;
1199 low.push_back(rtc::SRTP_AES128_CM_SHA1_32);
1200 SetDtlsSrtpCryptoSuites(low, true);
1201 SetDtlsSrtpCryptoSuites(low, false);
1202 TestHandshake();
1203
1204 int client_cipher;
1205 ASSERT_TRUE(GetDtlsSrtpCryptoSuite(true, &client_cipher));
1206 int server_cipher;
1207 ASSERT_TRUE(GetDtlsSrtpCryptoSuite(false, &server_cipher));
1208
1209 ASSERT_EQ(client_cipher, server_cipher);
1210 ASSERT_EQ(client_cipher, rtc::SRTP_AES128_CM_SHA1_32);
1211 }
1212
1213 // Test DTLS-SRTP with a mismatch -- should not converge
TEST_P(SSLStreamAdapterTestDTLS,TestDTLSSrtpHighLow)1214 TEST_P(SSLStreamAdapterTestDTLS, TestDTLSSrtpHighLow) {
1215 std::vector<int> high;
1216 high.push_back(rtc::SRTP_AES128_CM_SHA1_80);
1217 std::vector<int> low;
1218 low.push_back(rtc::SRTP_AES128_CM_SHA1_32);
1219 SetDtlsSrtpCryptoSuites(high, true);
1220 SetDtlsSrtpCryptoSuites(low, false);
1221 TestHandshake();
1222
1223 int client_cipher;
1224 ASSERT_FALSE(GetDtlsSrtpCryptoSuite(true, &client_cipher));
1225 int server_cipher;
1226 ASSERT_FALSE(GetDtlsSrtpCryptoSuite(false, &server_cipher));
1227 }
1228
1229 // Test DTLS-SRTP with each side being mixed -- should select high
TEST_P(SSLStreamAdapterTestDTLS,TestDTLSSrtpMixed)1230 TEST_P(SSLStreamAdapterTestDTLS, TestDTLSSrtpMixed) {
1231 std::vector<int> mixed;
1232 mixed.push_back(rtc::SRTP_AES128_CM_SHA1_80);
1233 mixed.push_back(rtc::SRTP_AES128_CM_SHA1_32);
1234 SetDtlsSrtpCryptoSuites(mixed, true);
1235 SetDtlsSrtpCryptoSuites(mixed, false);
1236 TestHandshake();
1237
1238 int client_cipher;
1239 ASSERT_TRUE(GetDtlsSrtpCryptoSuite(true, &client_cipher));
1240 int server_cipher;
1241 ASSERT_TRUE(GetDtlsSrtpCryptoSuite(false, &server_cipher));
1242
1243 ASSERT_EQ(client_cipher, server_cipher);
1244 ASSERT_EQ(client_cipher, rtc::SRTP_AES128_CM_SHA1_80);
1245 }
1246
1247 // Test DTLS-SRTP with all GCM-128 ciphers.
TEST_P(SSLStreamAdapterTestDTLS,TestDTLSSrtpGCM128)1248 TEST_P(SSLStreamAdapterTestDTLS, TestDTLSSrtpGCM128) {
1249 std::vector<int> gcm128;
1250 gcm128.push_back(rtc::SRTP_AEAD_AES_128_GCM);
1251 SetDtlsSrtpCryptoSuites(gcm128, true);
1252 SetDtlsSrtpCryptoSuites(gcm128, false);
1253 TestHandshake();
1254
1255 int client_cipher;
1256 ASSERT_TRUE(GetDtlsSrtpCryptoSuite(true, &client_cipher));
1257 int server_cipher;
1258 ASSERT_TRUE(GetDtlsSrtpCryptoSuite(false, &server_cipher));
1259
1260 ASSERT_EQ(client_cipher, server_cipher);
1261 ASSERT_EQ(client_cipher, rtc::SRTP_AEAD_AES_128_GCM);
1262 }
1263
1264 // Test DTLS-SRTP with all GCM-256 ciphers.
TEST_P(SSLStreamAdapterTestDTLS,TestDTLSSrtpGCM256)1265 TEST_P(SSLStreamAdapterTestDTLS, TestDTLSSrtpGCM256) {
1266 std::vector<int> gcm256;
1267 gcm256.push_back(rtc::SRTP_AEAD_AES_256_GCM);
1268 SetDtlsSrtpCryptoSuites(gcm256, true);
1269 SetDtlsSrtpCryptoSuites(gcm256, false);
1270 TestHandshake();
1271
1272 int client_cipher;
1273 ASSERT_TRUE(GetDtlsSrtpCryptoSuite(true, &client_cipher));
1274 int server_cipher;
1275 ASSERT_TRUE(GetDtlsSrtpCryptoSuite(false, &server_cipher));
1276
1277 ASSERT_EQ(client_cipher, server_cipher);
1278 ASSERT_EQ(client_cipher, rtc::SRTP_AEAD_AES_256_GCM);
1279 }
1280
1281 // Test DTLS-SRTP with mixed GCM-128/-256 ciphers -- should not converge.
TEST_P(SSLStreamAdapterTestDTLS,TestDTLSSrtpGCMMismatch)1282 TEST_P(SSLStreamAdapterTestDTLS, TestDTLSSrtpGCMMismatch) {
1283 std::vector<int> gcm128;
1284 gcm128.push_back(rtc::SRTP_AEAD_AES_128_GCM);
1285 std::vector<int> gcm256;
1286 gcm256.push_back(rtc::SRTP_AEAD_AES_256_GCM);
1287 SetDtlsSrtpCryptoSuites(gcm128, true);
1288 SetDtlsSrtpCryptoSuites(gcm256, false);
1289 TestHandshake();
1290
1291 int client_cipher;
1292 ASSERT_FALSE(GetDtlsSrtpCryptoSuite(true, &client_cipher));
1293 int server_cipher;
1294 ASSERT_FALSE(GetDtlsSrtpCryptoSuite(false, &server_cipher));
1295 }
1296
1297 // Test DTLS-SRTP with both GCM-128/-256 ciphers -- should select GCM-256.
TEST_P(SSLStreamAdapterTestDTLS,TestDTLSSrtpGCMMixed)1298 TEST_P(SSLStreamAdapterTestDTLS, TestDTLSSrtpGCMMixed) {
1299 std::vector<int> gcmBoth;
1300 gcmBoth.push_back(rtc::SRTP_AEAD_AES_256_GCM);
1301 gcmBoth.push_back(rtc::SRTP_AEAD_AES_128_GCM);
1302 SetDtlsSrtpCryptoSuites(gcmBoth, true);
1303 SetDtlsSrtpCryptoSuites(gcmBoth, false);
1304 TestHandshake();
1305
1306 int client_cipher;
1307 ASSERT_TRUE(GetDtlsSrtpCryptoSuite(true, &client_cipher));
1308 int server_cipher;
1309 ASSERT_TRUE(GetDtlsSrtpCryptoSuite(false, &server_cipher));
1310
1311 ASSERT_EQ(client_cipher, server_cipher);
1312 ASSERT_EQ(client_cipher, rtc::SRTP_AEAD_AES_256_GCM);
1313 }
1314
1315 // Test SRTP cipher suite lengths.
TEST_P(SSLStreamAdapterTestDTLS,TestDTLSSrtpKeyAndSaltLengths)1316 TEST_P(SSLStreamAdapterTestDTLS, TestDTLSSrtpKeyAndSaltLengths) {
1317 int key_len;
1318 int salt_len;
1319
1320 ASSERT_FALSE(rtc::GetSrtpKeyAndSaltLengths(rtc::SRTP_INVALID_CRYPTO_SUITE,
1321 &key_len, &salt_len));
1322
1323 ASSERT_TRUE(rtc::GetSrtpKeyAndSaltLengths(rtc::SRTP_AES128_CM_SHA1_32,
1324 &key_len, &salt_len));
1325 ASSERT_EQ(128 / 8, key_len);
1326 ASSERT_EQ(112 / 8, salt_len);
1327
1328 ASSERT_TRUE(rtc::GetSrtpKeyAndSaltLengths(rtc::SRTP_AES128_CM_SHA1_80,
1329 &key_len, &salt_len));
1330 ASSERT_EQ(128 / 8, key_len);
1331 ASSERT_EQ(112 / 8, salt_len);
1332
1333 ASSERT_TRUE(rtc::GetSrtpKeyAndSaltLengths(rtc::SRTP_AEAD_AES_128_GCM,
1334 &key_len, &salt_len));
1335 ASSERT_EQ(128 / 8, key_len);
1336 ASSERT_EQ(96 / 8, salt_len);
1337
1338 ASSERT_TRUE(rtc::GetSrtpKeyAndSaltLengths(rtc::SRTP_AEAD_AES_256_GCM,
1339 &key_len, &salt_len));
1340 ASSERT_EQ(256 / 8, key_len);
1341 ASSERT_EQ(96 / 8, salt_len);
1342 }
1343
1344 // Test an exporter
TEST_P(SSLStreamAdapterTestDTLS,TestDTLSExporter)1345 TEST_P(SSLStreamAdapterTestDTLS, TestDTLSExporter) {
1346 TestHandshake();
1347 unsigned char client_out[20];
1348 unsigned char server_out[20];
1349
1350 bool result;
1351 result = ExportKeyingMaterial(kExporterLabel, kExporterContext,
1352 kExporterContextLen, true, true, client_out,
1353 sizeof(client_out));
1354 ASSERT_TRUE(result);
1355
1356 result = ExportKeyingMaterial(kExporterLabel, kExporterContext,
1357 kExporterContextLen, true, false, server_out,
1358 sizeof(server_out));
1359 ASSERT_TRUE(result);
1360
1361 ASSERT_TRUE(!memcmp(client_out, server_out, sizeof(client_out)));
1362 }
1363
1364 // Test not yet valid certificates are not rejected.
TEST_P(SSLStreamAdapterTestDTLS,TestCertNotYetValid)1365 TEST_P(SSLStreamAdapterTestDTLS, TestCertNotYetValid) {
1366 long one_day = 60 * 60 * 24;
1367 // Make the certificates not valid until one day later.
1368 ResetIdentitiesWithValidity(one_day, one_day);
1369 TestHandshake();
1370 }
1371
1372 // Test expired certificates are not rejected.
TEST_P(SSLStreamAdapterTestDTLS,TestCertExpired)1373 TEST_P(SSLStreamAdapterTestDTLS, TestCertExpired) {
1374 long one_day = 60 * 60 * 24;
1375 // Make the certificates already expired.
1376 ResetIdentitiesWithValidity(-one_day, -one_day);
1377 TestHandshake();
1378 }
1379
1380 // Test data transfer using certs created from strings.
TEST_F(SSLStreamAdapterTestDTLSFromPEMStrings,TestTransfer)1381 TEST_F(SSLStreamAdapterTestDTLSFromPEMStrings, TestTransfer) {
1382 TestHandshake();
1383 TestTransfer(100);
1384 }
1385
1386 // Test getting the remote certificate.
TEST_F(SSLStreamAdapterTestDTLSFromPEMStrings,TestDTLSGetPeerCertificate)1387 TEST_F(SSLStreamAdapterTestDTLSFromPEMStrings, TestDTLSGetPeerCertificate) {
1388 // Peer certificates haven't been received yet.
1389 ASSERT_FALSE(GetPeerCertificate(true));
1390 ASSERT_FALSE(GetPeerCertificate(false));
1391
1392 TestHandshake();
1393
1394 // The client should have a peer certificate after the handshake.
1395 std::unique_ptr<rtc::SSLCertificate> client_peer_cert =
1396 GetPeerCertificate(true);
1397 ASSERT_TRUE(client_peer_cert);
1398
1399 // It's not kCERT_PEM.
1400 std::string client_peer_string = client_peer_cert->ToPEMString();
1401 ASSERT_NE(kCERT_PEM, client_peer_string);
1402
1403 // The server should have a peer certificate after the handshake.
1404 std::unique_ptr<rtc::SSLCertificate> server_peer_cert =
1405 GetPeerCertificate(false);
1406 ASSERT_TRUE(server_peer_cert);
1407
1408 // It's kCERT_PEM
1409 ASSERT_EQ(kCERT_PEM, server_peer_cert->ToPEMString());
1410 }
1411
1412 // Test getting the used DTLS 1.2 ciphers.
1413 // DTLS 1.2 enabled for client and server -> DTLS 1.2 will be used.
TEST_P(SSLStreamAdapterTestDTLS,TestGetSslCipherSuiteDtls12Both)1414 TEST_P(SSLStreamAdapterTestDTLS, TestGetSslCipherSuiteDtls12Both) {
1415 SetupProtocolVersions(rtc::SSL_PROTOCOL_DTLS_12, rtc::SSL_PROTOCOL_DTLS_12);
1416 TestHandshake();
1417
1418 int client_cipher;
1419 ASSERT_TRUE(GetSslCipherSuite(true, &client_cipher));
1420 int server_cipher;
1421 ASSERT_TRUE(GetSslCipherSuite(false, &server_cipher));
1422
1423 ASSERT_EQ(rtc::SSL_PROTOCOL_DTLS_12, GetSslVersion(true));
1424 ASSERT_EQ(rtc::SSL_PROTOCOL_DTLS_12, GetSslVersion(false));
1425
1426 ASSERT_EQ(client_cipher, server_cipher);
1427 ASSERT_TRUE(rtc::SSLStreamAdapter::IsAcceptableCipher(
1428 server_cipher, ::testing::get<1>(GetParam()).type()));
1429 }
1430
1431 // Test getting the used DTLS ciphers.
1432 // DTLS 1.0 is max version for client and server, this will only work if
1433 // legacy is enabled.
TEST_P(SSLStreamAdapterTestDTLS,TestGetSslCipherSuite)1434 TEST_P(SSLStreamAdapterTestDTLS, TestGetSslCipherSuite) {
1435 SetupProtocolVersions(rtc::SSL_PROTOCOL_DTLS_10, rtc::SSL_PROTOCOL_DTLS_10);
1436 TestHandshake();
1437
1438 int client_cipher;
1439 ASSERT_TRUE(GetSslCipherSuite(true, &client_cipher));
1440 int server_cipher;
1441 ASSERT_TRUE(GetSslCipherSuite(false, &server_cipher));
1442
1443 ASSERT_EQ(rtc::SSL_PROTOCOL_DTLS_10, GetSslVersion(true));
1444 ASSERT_EQ(rtc::SSL_PROTOCOL_DTLS_10, GetSslVersion(false));
1445
1446 ASSERT_EQ(client_cipher, server_cipher);
1447 ASSERT_TRUE(rtc::SSLStreamAdapter::IsAcceptableCipher(
1448 server_cipher, ::testing::get<1>(GetParam()).type()));
1449 }
1450
1451 // The RSA keysizes here might look strange, why not include the RFC's size
1452 // 2048?. The reason is test case slowness; testing two sizes to exercise
1453 // parametrization is sufficient.
1454 INSTANTIATE_TEST_SUITE_P(
1455 SSLStreamAdapterTestsTLS,
1456 SSLStreamAdapterTestTLS,
1457 Combine(Values(rtc::KeyParams::RSA(1024, 65537),
1458 rtc::KeyParams::RSA(1152, 65537),
1459 rtc::KeyParams::ECDSA(rtc::EC_NIST_P256)),
1460 Values(rtc::KeyParams::RSA(1024, 65537),
1461 rtc::KeyParams::RSA(1152, 65537),
1462 rtc::KeyParams::ECDSA(rtc::EC_NIST_P256))));
1463 INSTANTIATE_TEST_SUITE_P(
1464 SSLStreamAdapterTestsDTLS,
1465 SSLStreamAdapterTestDTLS,
1466 Combine(Values(rtc::KeyParams::RSA(1024, 65537),
1467 rtc::KeyParams::RSA(1152, 65537),
1468 rtc::KeyParams::ECDSA(rtc::EC_NIST_P256)),
1469 Values(rtc::KeyParams::RSA(1024, 65537),
1470 rtc::KeyParams::RSA(1152, 65537),
1471 rtc::KeyParams::ECDSA(rtc::EC_NIST_P256))));
1472
1473 // Tests for enabling / disabling legacy TLS protocols in DTLS.
1474 class SSLStreamAdapterTestDTLSLegacyProtocols
1475 : public SSLStreamAdapterTestDTLSBase {
1476 public:
SSLStreamAdapterTestDTLSLegacyProtocols()1477 SSLStreamAdapterTestDTLSLegacyProtocols()
1478 : SSLStreamAdapterTestDTLSBase(rtc::KeyParams::ECDSA(rtc::EC_NIST_P256),
1479 rtc::KeyParams::ECDSA(rtc::EC_NIST_P256)) {
1480 }
1481
1482 // Do not use the SetUp version from the parent class.
SetUp()1483 void SetUp() override {}
1484
1485 // The legacy TLS protocols flag is read when the OpenSSLStreamAdapter is
1486 // initialized, so we set the experiment while creationg client_ssl_
1487 // and server_ssl_.
1488
ConfigureClient(std::string experiment)1489 void ConfigureClient(std::string experiment) {
1490 webrtc::test::ScopedFieldTrials trial(experiment);
1491 client_stream_ =
1492 new SSLDummyStreamDTLS(this, "c2s", &client_buffer_, &server_buffer_);
1493 client_ssl_ =
1494 rtc::SSLStreamAdapter::Create(absl::WrapUnique(client_stream_));
1495 client_ssl_->SignalEvent.connect(
1496 static_cast<SSLStreamAdapterTestBase*>(this),
1497 &SSLStreamAdapterTestBase::OnEvent);
1498 auto client_identity = rtc::SSLIdentity::Create("client", client_key_type_);
1499 client_ssl_->SetIdentity(std::move(client_identity));
1500 }
1501
ConfigureServer(std::string experiment)1502 void ConfigureServer(std::string experiment) {
1503 // webrtc::test::ScopedFieldTrials trial(experiment);
1504 server_stream_ =
1505 new SSLDummyStreamDTLS(this, "s2c", &server_buffer_, &client_buffer_);
1506 server_ssl_ =
1507 rtc::SSLStreamAdapter::Create(absl::WrapUnique(server_stream_));
1508 server_ssl_->SignalEvent.connect(
1509 static_cast<SSLStreamAdapterTestBase*>(this),
1510 &SSLStreamAdapterTestBase::OnEvent);
1511 server_ssl_->SetIdentity(
1512 rtc::SSLIdentity::Create("server", server_key_type_));
1513 }
1514 };
1515
1516 // Test getting the used DTLS ciphers.
1517 // DTLS 1.2 enabled for neither client nor server -> DTLS 1.0 will be used.
TEST_F(SSLStreamAdapterTestDTLSLegacyProtocols,TestGetSslCipherSuite)1518 TEST_F(SSLStreamAdapterTestDTLSLegacyProtocols, TestGetSslCipherSuite) {
1519 ConfigureClient("");
1520 ConfigureServer("");
1521 SetupProtocolVersions(rtc::SSL_PROTOCOL_DTLS_10, rtc::SSL_PROTOCOL_DTLS_10);
1522 TestHandshake();
1523
1524 int client_cipher;
1525 ASSERT_TRUE(GetSslCipherSuite(true, &client_cipher));
1526 int server_cipher;
1527 ASSERT_TRUE(GetSslCipherSuite(false, &server_cipher));
1528
1529 ASSERT_EQ(rtc::SSL_PROTOCOL_DTLS_10, GetSslVersion(true));
1530 ASSERT_EQ(rtc::SSL_PROTOCOL_DTLS_10, GetSslVersion(false));
1531
1532 ASSERT_EQ(client_cipher, server_cipher);
1533 }
1534
1535 // Test getting the used DTLS 1.2 ciphers.
1536 // DTLS 1.2 enabled for client and server -> DTLS 1.2 will be used.
TEST_F(SSLStreamAdapterTestDTLSLegacyProtocols,TestGetSslCipherSuiteDtls12Both)1537 TEST_F(SSLStreamAdapterTestDTLSLegacyProtocols,
1538 TestGetSslCipherSuiteDtls12Both) {
1539 ConfigureClient("");
1540 ConfigureServer("");
1541 SetupProtocolVersions(rtc::SSL_PROTOCOL_DTLS_12, rtc::SSL_PROTOCOL_DTLS_12);
1542 TestHandshake();
1543
1544 int client_cipher;
1545 ASSERT_TRUE(GetSslCipherSuite(true, &client_cipher));
1546 int server_cipher;
1547 ASSERT_TRUE(GetSslCipherSuite(false, &server_cipher));
1548
1549 ASSERT_EQ(rtc::SSL_PROTOCOL_DTLS_12, GetSslVersion(true));
1550 ASSERT_EQ(rtc::SSL_PROTOCOL_DTLS_12, GetSslVersion(false));
1551
1552 ASSERT_EQ(client_cipher, server_cipher);
1553 }
1554
1555 // DTLS 1.2 enabled for client only -> DTLS 1.0 will be used.
TEST_F(SSLStreamAdapterTestDTLSLegacyProtocols,TestGetSslCipherSuiteDtls12Client)1556 TEST_F(SSLStreamAdapterTestDTLSLegacyProtocols,
1557 TestGetSslCipherSuiteDtls12Client) {
1558 ConfigureClient("");
1559 ConfigureServer("");
1560 SetupProtocolVersions(rtc::SSL_PROTOCOL_DTLS_10, rtc::SSL_PROTOCOL_DTLS_12);
1561 TestHandshake();
1562
1563 int client_cipher;
1564 ASSERT_TRUE(GetSslCipherSuite(true, &client_cipher));
1565 int server_cipher;
1566 ASSERT_TRUE(GetSslCipherSuite(false, &server_cipher));
1567
1568 ASSERT_EQ(rtc::SSL_PROTOCOL_DTLS_10, GetSslVersion(true));
1569 ASSERT_EQ(rtc::SSL_PROTOCOL_DTLS_10, GetSslVersion(false));
1570
1571 ASSERT_EQ(client_cipher, server_cipher);
1572 }
1573
1574 // DTLS 1.2 enabled for server only -> DTLS 1.0 will be used.
TEST_F(SSLStreamAdapterTestDTLSLegacyProtocols,TestGetSslCipherSuiteDtls12Server)1575 TEST_F(SSLStreamAdapterTestDTLSLegacyProtocols,
1576 TestGetSslCipherSuiteDtls12Server) {
1577 ConfigureClient("");
1578 ConfigureServer("");
1579 SetupProtocolVersions(rtc::SSL_PROTOCOL_DTLS_12, rtc::SSL_PROTOCOL_DTLS_10);
1580 TestHandshake();
1581
1582 int client_cipher;
1583 ASSERT_TRUE(GetSslCipherSuite(true, &client_cipher));
1584 int server_cipher;
1585 ASSERT_TRUE(GetSslCipherSuite(false, &server_cipher));
1586
1587 ASSERT_EQ(rtc::SSL_PROTOCOL_DTLS_10, GetSslVersion(true));
1588 ASSERT_EQ(rtc::SSL_PROTOCOL_DTLS_10, GetSslVersion(false));
1589
1590 ASSERT_EQ(client_cipher, server_cipher);
1591 }
1592
1593 // Client has legacy TLS versions disabled, server has DTLS 1.0 only.
1594 // This is meant to cause a failure.
TEST_F(SSLStreamAdapterTestDTLSLegacyProtocols,TestGetSslVersionLegacyDisabledServer10)1595 TEST_F(SSLStreamAdapterTestDTLSLegacyProtocols,
1596 TestGetSslVersionLegacyDisabledServer10) {
1597 ConfigureClient("WebRTC-LegacyTlsProtocols/Disabled/");
1598 ConfigureServer("");
1599 SetupProtocolVersions(rtc::SSL_PROTOCOL_DTLS_10, rtc::SSL_PROTOCOL_DTLS_12);
1600 // Handshake should fail.
1601 TestHandshake(false);
1602 }
1603
1604 // Both client and server have legacy TLS versions disabled and support
1605 // DTLS 1.2. This should work.
TEST_F(SSLStreamAdapterTestDTLSLegacyProtocols,TestGetSslVersionLegacyDisabledServer12)1606 TEST_F(SSLStreamAdapterTestDTLSLegacyProtocols,
1607 TestGetSslVersionLegacyDisabledServer12) {
1608 ConfigureClient("WebRTC-LegacyTlsProtocols/Disabled/");
1609 ConfigureServer("WebRTC-LegacyTlsProtocols/Disabled/");
1610 SetupProtocolVersions(rtc::SSL_PROTOCOL_DTLS_12, rtc::SSL_PROTOCOL_DTLS_12);
1611 TestHandshake();
1612 }
1613
1614 // Both client and server have legacy TLS versions enabled and support DTLS 1.0.
1615 // This should work.
TEST_F(SSLStreamAdapterTestDTLSLegacyProtocols,TestGetSslVersionLegacyEnabledClient10Server10)1616 TEST_F(SSLStreamAdapterTestDTLSLegacyProtocols,
1617 TestGetSslVersionLegacyEnabledClient10Server10) {
1618 ConfigureClient("WebRTC-LegacyTlsProtocols/Enabled/");
1619 ConfigureServer("WebRTC-LegacyTlsProtocols/Enabled/");
1620 SetupProtocolVersions(rtc::SSL_PROTOCOL_DTLS_10, rtc::SSL_PROTOCOL_DTLS_10);
1621 TestHandshake();
1622 }
1623
1624 // Legacy protocols are disabled, max TLS version is 1.0
1625 // This should be a configuration error, and handshake should fail.
TEST_F(SSLStreamAdapterTestDTLSLegacyProtocols,TestGetSslVersionLegacyDisabledClient10Server10)1626 TEST_F(SSLStreamAdapterTestDTLSLegacyProtocols,
1627 TestGetSslVersionLegacyDisabledClient10Server10) {
1628 ConfigureClient("WebRTC-LegacyTlsProtocols/Disabled/");
1629 ConfigureServer("WebRTC-LegacyTlsProtocols/Disabled/");
1630 SetupProtocolVersions(rtc::SSL_PROTOCOL_DTLS_10, rtc::SSL_PROTOCOL_DTLS_10);
1631 TestHandshake(false);
1632 }
1633