henrike@webrtc.org | f7795df | 2014-05-13 18:00:26 +0000 | [diff] [blame^] | 1 | /* |
| 2 | * Copyright 2011 The WebRTC Project Authors. All rights reserved. |
| 3 | * |
| 4 | * Use of this source code is governed by a BSD-style license |
| 5 | * that can be found in the LICENSE file in the root of the source |
| 6 | * tree. An additional intellectual property rights grant can be found |
| 7 | * in the file PATENTS. All contributing project authors may |
| 8 | * be found in the AUTHORS file in the root of the source tree. |
| 9 | */ |
| 10 | |
| 11 | |
| 12 | #include <algorithm> |
| 13 | #include <set> |
| 14 | #include <string> |
| 15 | |
| 16 | #include "webrtc/base/gunit.h" |
| 17 | #include "webrtc/base/helpers.h" |
| 18 | #include "webrtc/base/scoped_ptr.h" |
| 19 | #include "webrtc/base/ssladapter.h" |
| 20 | #include "webrtc/base/sslconfig.h" |
| 21 | #include "webrtc/base/sslidentity.h" |
| 22 | #include "webrtc/base/sslstreamadapter.h" |
| 23 | #include "webrtc/base/stream.h" |
| 24 | |
| 25 | static const int kBlockSize = 4096; |
| 26 | static const char kAES_CM_HMAC_SHA1_80[] = "AES_CM_128_HMAC_SHA1_80"; |
| 27 | static const char kAES_CM_HMAC_SHA1_32[] = "AES_CM_128_HMAC_SHA1_32"; |
| 28 | static const char kExporterLabel[] = "label"; |
| 29 | static const unsigned char kExporterContext[] = "context"; |
| 30 | static int kExporterContextLen = sizeof(kExporterContext); |
| 31 | |
| 32 | static const char kRSA_PRIVATE_KEY_PEM[] = |
| 33 | "-----BEGIN RSA PRIVATE KEY-----\n" |
| 34 | "MIICdwIBADANBgkqhkiG9w0BAQEFAASCAmEwggJdAgEAAoGBAMYRkbhmI7kVA/rM\n" |
| 35 | "czsZ+6JDhDvnkF+vn6yCAGuRPV03zuRqZtDy4N4to7PZu9PjqrRl7nDMXrG3YG9y\n" |
| 36 | "rlIAZ72KjcKKFAJxQyAKLCIdawKRyp8RdK3LEySWEZb0AV58IadqPZDTNHHRX8dz\n" |
| 37 | "5aTSMsbbkZ+C/OzTnbiMqLL/vg6jAgMBAAECgYAvgOs4FJcgvp+TuREx7YtiYVsH\n" |
| 38 | "mwQPTum2z/8VzWGwR8BBHBvIpVe1MbD/Y4seyI2aco/7UaisatSgJhsU46/9Y4fq\n" |
| 39 | "2TwXH9QANf4at4d9n/R6rzwpAJOpgwZgKvdQjkfrKTtgLV+/dawvpxUYkRH4JZM1\n" |
| 40 | "CVGukMfKNrSVH4Ap4QJBAOJmGV1ASPnB4r4nc99at7JuIJmd7fmuVUwUgYi4XgaR\n" |
| 41 | "WhScBsgYwZ/JoywdyZJgnbcrTDuVcWG56B3vXbhdpMsCQQDf9zeJrjnPZ3Cqm79y\n" |
| 42 | "kdqANep0uwZciiNiWxsQrCHztywOvbFhdp8iYVFG9EK8DMY41Y5TxUwsHD+67zao\n" |
| 43 | "ZNqJAkEA1suLUP/GvL8IwuRneQd2tWDqqRQ/Td3qq03hP7e77XtF/buya3Ghclo5\n" |
| 44 | "54czUR89QyVfJEC6278nzA7n2h1uVQJAcG6mztNL6ja/dKZjYZye2CY44QjSlLo0\n" |
| 45 | "MTgTSjdfg/28fFn2Jjtqf9Pi/X+50LWI/RcYMC2no606wRk9kyOuIQJBAK6VSAim\n" |
| 46 | "1pOEjsYQn0X5KEIrz1G3bfCbB848Ime3U2/FWlCHMr6ch8kCZ5d1WUeJD3LbwMNG\n" |
| 47 | "UCXiYxSsu20QNVw=\n" |
| 48 | "-----END RSA PRIVATE KEY-----\n"; |
| 49 | |
| 50 | static const char kCERT_PEM[] = |
| 51 | "-----BEGIN CERTIFICATE-----\n" |
| 52 | "MIIBmTCCAQKgAwIBAgIEbzBSAjANBgkqhkiG9w0BAQsFADARMQ8wDQYDVQQDEwZX\n" |
| 53 | "ZWJSVEMwHhcNMTQwMTAyMTgyNDQ3WhcNMTQwMjAxMTgyNDQ3WjARMQ8wDQYDVQQD\n" |
| 54 | "EwZXZWJSVEMwgZ8wDQYJKoZIhvcNAQEBBQADgY0AMIGJAoGBAMYRkbhmI7kVA/rM\n" |
| 55 | "czsZ+6JDhDvnkF+vn6yCAGuRPV03zuRqZtDy4N4to7PZu9PjqrRl7nDMXrG3YG9y\n" |
| 56 | "rlIAZ72KjcKKFAJxQyAKLCIdawKRyp8RdK3LEySWEZb0AV58IadqPZDTNHHRX8dz\n" |
| 57 | "5aTSMsbbkZ+C/OzTnbiMqLL/vg6jAgMBAAEwDQYJKoZIhvcNAQELBQADgYEAUflI\n" |
| 58 | "VUe5Krqf5RVa5C3u/UTAOAUJBiDS3VANTCLBxjuMsvqOG0WvaYWP3HYPgrz0jXK2\n" |
| 59 | "LJE/mGw3MyFHEqi81jh95J+ypl6xKW6Rm8jKLR87gUvCaVYn/Z4/P3AqcQTB7wOv\n" |
| 60 | "UD0A8qfhfDM+LK6rPAnCsVN0NRDY3jvd6rzix9M=\n" |
| 61 | "-----END CERTIFICATE-----\n"; |
| 62 | |
| 63 | #define MAYBE_SKIP_TEST(feature) \ |
| 64 | if (!(rtc::SSLStreamAdapter::feature())) { \ |
| 65 | LOG(LS_INFO) << "Feature disabled... skipping"; \ |
| 66 | return; \ |
| 67 | } |
| 68 | |
| 69 | class SSLStreamAdapterTestBase; |
| 70 | |
| 71 | class SSLDummyStream : public rtc::StreamInterface, |
| 72 | public sigslot::has_slots<> { |
| 73 | public: |
| 74 | explicit SSLDummyStream(SSLStreamAdapterTestBase *test, |
| 75 | const std::string &side, |
| 76 | rtc::FifoBuffer *in, |
| 77 | rtc::FifoBuffer *out) : |
| 78 | test_(test), |
| 79 | side_(side), |
| 80 | in_(in), |
| 81 | out_(out), |
| 82 | first_packet_(true) { |
| 83 | in_->SignalEvent.connect(this, &SSLDummyStream::OnEventIn); |
| 84 | out_->SignalEvent.connect(this, &SSLDummyStream::OnEventOut); |
| 85 | } |
| 86 | |
| 87 | virtual rtc::StreamState GetState() const { return rtc::SS_OPEN; } |
| 88 | |
| 89 | virtual rtc::StreamResult Read(void* buffer, size_t buffer_len, |
| 90 | size_t* read, int* error) { |
| 91 | rtc::StreamResult r; |
| 92 | |
| 93 | r = in_->Read(buffer, buffer_len, read, error); |
| 94 | if (r == rtc::SR_BLOCK) |
| 95 | return rtc::SR_BLOCK; |
| 96 | if (r == rtc::SR_EOS) |
| 97 | return rtc::SR_EOS; |
| 98 | |
| 99 | if (r != rtc::SR_SUCCESS) { |
| 100 | ADD_FAILURE(); |
| 101 | return rtc::SR_ERROR; |
| 102 | } |
| 103 | |
| 104 | return rtc::SR_SUCCESS; |
| 105 | } |
| 106 | |
| 107 | // Catch readability events on in and pass them up. |
| 108 | virtual void OnEventIn(rtc::StreamInterface *stream, int sig, |
| 109 | int err) { |
| 110 | int mask = (rtc::SE_READ | rtc::SE_CLOSE); |
| 111 | |
| 112 | if (sig & mask) { |
| 113 | LOG(LS_INFO) << "SSLDummyStream::OnEvent side=" << side_ << " sig=" |
| 114 | << sig << " forwarding upward"; |
| 115 | PostEvent(sig & mask, 0); |
| 116 | } |
| 117 | } |
| 118 | |
| 119 | // Catch writeability events on out and pass them up. |
| 120 | virtual void OnEventOut(rtc::StreamInterface *stream, int sig, |
| 121 | int err) { |
| 122 | if (sig & rtc::SE_WRITE) { |
| 123 | LOG(LS_INFO) << "SSLDummyStream::OnEvent side=" << side_ << " sig=" |
| 124 | << sig << " forwarding upward"; |
| 125 | |
| 126 | PostEvent(sig & rtc::SE_WRITE, 0); |
| 127 | } |
| 128 | } |
| 129 | |
| 130 | // Write to the outgoing FifoBuffer |
| 131 | rtc::StreamResult WriteData(const void* data, size_t data_len, |
| 132 | size_t* written, int* error) { |
| 133 | return out_->Write(data, data_len, written, error); |
| 134 | } |
| 135 | |
| 136 | // Defined later |
| 137 | virtual rtc::StreamResult Write(const void* data, size_t data_len, |
| 138 | size_t* written, int* error); |
| 139 | |
| 140 | virtual void Close() { |
| 141 | LOG(LS_INFO) << "Closing outbound stream"; |
| 142 | out_->Close(); |
| 143 | } |
| 144 | |
| 145 | private: |
| 146 | SSLStreamAdapterTestBase *test_; |
| 147 | const std::string side_; |
| 148 | rtc::FifoBuffer *in_; |
| 149 | rtc::FifoBuffer *out_; |
| 150 | bool first_packet_; |
| 151 | }; |
| 152 | |
| 153 | static const int kFifoBufferSize = 4096; |
| 154 | |
| 155 | class SSLStreamAdapterTestBase : public testing::Test, |
| 156 | public sigslot::has_slots<> { |
| 157 | public: |
| 158 | SSLStreamAdapterTestBase(const std::string& client_cert_pem, |
| 159 | const std::string& client_private_key_pem, |
| 160 | bool dtls) : |
| 161 | client_buffer_(kFifoBufferSize), server_buffer_(kFifoBufferSize), |
| 162 | client_stream_( |
| 163 | new SSLDummyStream(this, "c2s", &client_buffer_, &server_buffer_)), |
| 164 | server_stream_( |
| 165 | new SSLDummyStream(this, "s2c", &server_buffer_, &client_buffer_)), |
| 166 | client_ssl_(rtc::SSLStreamAdapter::Create(client_stream_)), |
| 167 | server_ssl_(rtc::SSLStreamAdapter::Create(server_stream_)), |
| 168 | client_identity_(NULL), server_identity_(NULL), |
| 169 | delay_(0), mtu_(1460), loss_(0), lose_first_packet_(false), |
| 170 | damage_(false), dtls_(dtls), |
| 171 | handshake_wait_(5000), identities_set_(false) { |
| 172 | // Set use of the test RNG to get predictable loss patterns. |
| 173 | rtc::SetRandomTestMode(true); |
| 174 | |
| 175 | // Set up the slots |
| 176 | client_ssl_->SignalEvent.connect(this, &SSLStreamAdapterTestBase::OnEvent); |
| 177 | server_ssl_->SignalEvent.connect(this, &SSLStreamAdapterTestBase::OnEvent); |
| 178 | |
| 179 | if (!client_cert_pem.empty() && !client_private_key_pem.empty()) { |
| 180 | client_identity_ = rtc::SSLIdentity::FromPEMStrings( |
| 181 | client_private_key_pem, client_cert_pem); |
| 182 | } else { |
| 183 | client_identity_ = rtc::SSLIdentity::Generate("client"); |
| 184 | } |
| 185 | server_identity_ = rtc::SSLIdentity::Generate("server"); |
| 186 | |
| 187 | client_ssl_->SetIdentity(client_identity_); |
| 188 | server_ssl_->SetIdentity(server_identity_); |
| 189 | } |
| 190 | |
| 191 | ~SSLStreamAdapterTestBase() { |
| 192 | // Put it back for the next test. |
| 193 | rtc::SetRandomTestMode(false); |
| 194 | } |
| 195 | |
| 196 | static void SetUpTestCase() { |
| 197 | rtc::InitializeSSL(); |
| 198 | } |
| 199 | |
| 200 | static void TearDownTestCase() { |
| 201 | rtc::CleanupSSL(); |
| 202 | } |
| 203 | |
| 204 | // Recreate the client/server identities with the specified validity period. |
| 205 | // |not_before| and |not_after| are offsets from the current time in number |
| 206 | // of seconds. |
| 207 | void ResetIdentitiesWithValidity(int not_before, int not_after) { |
| 208 | client_stream_ = |
| 209 | new SSLDummyStream(this, "c2s", &client_buffer_, &server_buffer_); |
| 210 | server_stream_ = |
| 211 | new SSLDummyStream(this, "s2c", &server_buffer_, &client_buffer_); |
| 212 | |
| 213 | client_ssl_.reset(rtc::SSLStreamAdapter::Create(client_stream_)); |
| 214 | server_ssl_.reset(rtc::SSLStreamAdapter::Create(server_stream_)); |
| 215 | |
| 216 | client_ssl_->SignalEvent.connect(this, &SSLStreamAdapterTestBase::OnEvent); |
| 217 | server_ssl_->SignalEvent.connect(this, &SSLStreamAdapterTestBase::OnEvent); |
| 218 | |
| 219 | rtc::SSLIdentityParams client_params; |
| 220 | client_params.common_name = "client"; |
| 221 | client_params.not_before = not_before; |
| 222 | client_params.not_after = not_after; |
| 223 | client_identity_ = rtc::SSLIdentity::GenerateForTest(client_params); |
| 224 | |
| 225 | rtc::SSLIdentityParams server_params; |
| 226 | server_params.common_name = "server"; |
| 227 | server_params.not_before = not_before; |
| 228 | server_params.not_after = not_after; |
| 229 | server_identity_ = rtc::SSLIdentity::GenerateForTest(server_params); |
| 230 | |
| 231 | client_ssl_->SetIdentity(client_identity_); |
| 232 | server_ssl_->SetIdentity(server_identity_); |
| 233 | } |
| 234 | |
| 235 | virtual void OnEvent(rtc::StreamInterface *stream, int sig, int err) { |
| 236 | LOG(LS_INFO) << "SSLStreamAdapterTestBase::OnEvent sig=" << sig; |
| 237 | |
| 238 | if (sig & rtc::SE_READ) { |
| 239 | ReadData(stream); |
| 240 | } |
| 241 | |
| 242 | if ((stream == client_ssl_.get()) && (sig & rtc::SE_WRITE)) { |
| 243 | WriteData(); |
| 244 | } |
| 245 | } |
| 246 | |
| 247 | void SetPeerIdentitiesByDigest(bool correct) { |
| 248 | unsigned char digest[20]; |
| 249 | size_t digest_len; |
| 250 | bool rv; |
| 251 | |
| 252 | LOG(LS_INFO) << "Setting peer identities by digest"; |
| 253 | |
| 254 | rv = server_identity_->certificate().ComputeDigest(rtc::DIGEST_SHA_1, |
| 255 | digest, 20, |
| 256 | &digest_len); |
| 257 | ASSERT_TRUE(rv); |
| 258 | if (!correct) { |
| 259 | LOG(LS_INFO) << "Setting bogus digest for server cert"; |
| 260 | digest[0]++; |
| 261 | } |
| 262 | rv = client_ssl_->SetPeerCertificateDigest(rtc::DIGEST_SHA_1, digest, |
| 263 | digest_len); |
| 264 | ASSERT_TRUE(rv); |
| 265 | |
| 266 | |
| 267 | rv = client_identity_->certificate().ComputeDigest(rtc::DIGEST_SHA_1, |
| 268 | digest, 20, &digest_len); |
| 269 | ASSERT_TRUE(rv); |
| 270 | if (!correct) { |
| 271 | LOG(LS_INFO) << "Setting bogus digest for client cert"; |
| 272 | digest[0]++; |
| 273 | } |
| 274 | rv = server_ssl_->SetPeerCertificateDigest(rtc::DIGEST_SHA_1, digest, |
| 275 | digest_len); |
| 276 | ASSERT_TRUE(rv); |
| 277 | |
| 278 | identities_set_ = true; |
| 279 | } |
| 280 | |
| 281 | void TestHandshake(bool expect_success = true) { |
| 282 | server_ssl_->SetMode(dtls_ ? rtc::SSL_MODE_DTLS : |
| 283 | rtc::SSL_MODE_TLS); |
| 284 | client_ssl_->SetMode(dtls_ ? rtc::SSL_MODE_DTLS : |
| 285 | rtc::SSL_MODE_TLS); |
| 286 | |
| 287 | if (!dtls_) { |
| 288 | // Make sure we simulate a reliable network for TLS. |
| 289 | // This is just a check to make sure that people don't write wrong |
| 290 | // tests. |
| 291 | ASSERT((mtu_ == 1460) && (loss_ == 0) && (lose_first_packet_ == 0)); |
| 292 | } |
| 293 | |
| 294 | if (!identities_set_) |
| 295 | SetPeerIdentitiesByDigest(true); |
| 296 | |
| 297 | // Start the handshake |
| 298 | int rv; |
| 299 | |
| 300 | server_ssl_->SetServerRole(); |
| 301 | rv = server_ssl_->StartSSLWithPeer(); |
| 302 | ASSERT_EQ(0, rv); |
| 303 | |
| 304 | rv = client_ssl_->StartSSLWithPeer(); |
| 305 | ASSERT_EQ(0, rv); |
| 306 | |
| 307 | // Now run the handshake |
| 308 | if (expect_success) { |
| 309 | EXPECT_TRUE_WAIT((client_ssl_->GetState() == rtc::SS_OPEN) |
| 310 | && (server_ssl_->GetState() == rtc::SS_OPEN), |
| 311 | handshake_wait_); |
| 312 | } else { |
| 313 | EXPECT_TRUE_WAIT(client_ssl_->GetState() == rtc::SS_CLOSED, |
| 314 | handshake_wait_); |
| 315 | } |
| 316 | } |
| 317 | |
| 318 | rtc::StreamResult DataWritten(SSLDummyStream *from, const void *data, |
| 319 | size_t data_len, size_t *written, |
| 320 | int *error) { |
| 321 | // Randomly drop loss_ percent of packets |
| 322 | if (rtc::CreateRandomId() % 100 < static_cast<uint32>(loss_)) { |
| 323 | LOG(LS_INFO) << "Randomly dropping packet, size=" << data_len; |
| 324 | *written = data_len; |
| 325 | return rtc::SR_SUCCESS; |
| 326 | } |
| 327 | if (dtls_ && (data_len > mtu_)) { |
| 328 | LOG(LS_INFO) << "Dropping packet > mtu, size=" << data_len; |
| 329 | *written = data_len; |
| 330 | return rtc::SR_SUCCESS; |
| 331 | } |
| 332 | |
| 333 | // Optionally damage application data (type 23). Note that we don't damage |
| 334 | // handshake packets and we damage the last byte to keep the header |
| 335 | // intact but break the MAC. |
| 336 | if (damage_ && (*static_cast<const unsigned char *>(data) == 23)) { |
| 337 | std::vector<char> buf(data_len); |
| 338 | |
| 339 | LOG(LS_INFO) << "Damaging packet"; |
| 340 | |
| 341 | memcpy(&buf[0], data, data_len); |
| 342 | buf[data_len - 1]++; |
| 343 | |
| 344 | return from->WriteData(&buf[0], data_len, written, error); |
| 345 | } |
| 346 | |
| 347 | return from->WriteData(data, data_len, written, error); |
| 348 | } |
| 349 | |
| 350 | void SetDelay(int delay) { |
| 351 | delay_ = delay; |
| 352 | } |
| 353 | int GetDelay() { return delay_; } |
| 354 | |
| 355 | void SetLoseFirstPacket(bool lose) { |
| 356 | lose_first_packet_ = lose; |
| 357 | } |
| 358 | bool GetLoseFirstPacket() { return lose_first_packet_; } |
| 359 | |
| 360 | void SetLoss(int percent) { |
| 361 | loss_ = percent; |
| 362 | } |
| 363 | |
| 364 | void SetDamage() { |
| 365 | damage_ = true; |
| 366 | } |
| 367 | |
| 368 | void SetMtu(size_t mtu) { |
| 369 | mtu_ = mtu; |
| 370 | } |
| 371 | |
| 372 | void SetHandshakeWait(int wait) { |
| 373 | handshake_wait_ = wait; |
| 374 | } |
| 375 | |
| 376 | void SetDtlsSrtpCiphers(const std::vector<std::string> &ciphers, |
| 377 | bool client) { |
| 378 | if (client) |
| 379 | client_ssl_->SetDtlsSrtpCiphers(ciphers); |
| 380 | else |
| 381 | server_ssl_->SetDtlsSrtpCiphers(ciphers); |
| 382 | } |
| 383 | |
| 384 | bool GetDtlsSrtpCipher(bool client, std::string *retval) { |
| 385 | if (client) |
| 386 | return client_ssl_->GetDtlsSrtpCipher(retval); |
| 387 | else |
| 388 | return server_ssl_->GetDtlsSrtpCipher(retval); |
| 389 | } |
| 390 | |
| 391 | bool GetPeerCertificate(bool client, rtc::SSLCertificate** cert) { |
| 392 | if (client) |
| 393 | return client_ssl_->GetPeerCertificate(cert); |
| 394 | else |
| 395 | return server_ssl_->GetPeerCertificate(cert); |
| 396 | } |
| 397 | |
| 398 | bool ExportKeyingMaterial(const char *label, |
| 399 | const unsigned char *context, |
| 400 | size_t context_len, |
| 401 | bool use_context, |
| 402 | bool client, |
| 403 | unsigned char *result, |
| 404 | size_t result_len) { |
| 405 | if (client) |
| 406 | return client_ssl_->ExportKeyingMaterial(label, |
| 407 | context, context_len, |
| 408 | use_context, |
| 409 | result, result_len); |
| 410 | else |
| 411 | return server_ssl_->ExportKeyingMaterial(label, |
| 412 | context, context_len, |
| 413 | use_context, |
| 414 | result, result_len); |
| 415 | } |
| 416 | |
| 417 | // To be implemented by subclasses. |
| 418 | virtual void WriteData() = 0; |
| 419 | virtual void ReadData(rtc::StreamInterface *stream) = 0; |
| 420 | virtual void TestTransfer(int size) = 0; |
| 421 | |
| 422 | protected: |
| 423 | rtc::FifoBuffer client_buffer_; |
| 424 | rtc::FifoBuffer server_buffer_; |
| 425 | SSLDummyStream *client_stream_; // freed by client_ssl_ destructor |
| 426 | SSLDummyStream *server_stream_; // freed by server_ssl_ destructor |
| 427 | rtc::scoped_ptr<rtc::SSLStreamAdapter> client_ssl_; |
| 428 | rtc::scoped_ptr<rtc::SSLStreamAdapter> server_ssl_; |
| 429 | rtc::SSLIdentity *client_identity_; // freed by client_ssl_ destructor |
| 430 | rtc::SSLIdentity *server_identity_; // freed by server_ssl_ destructor |
| 431 | int delay_; |
| 432 | size_t mtu_; |
| 433 | int loss_; |
| 434 | bool lose_first_packet_; |
| 435 | bool damage_; |
| 436 | bool dtls_; |
| 437 | int handshake_wait_; |
| 438 | bool identities_set_; |
| 439 | }; |
| 440 | |
| 441 | class SSLStreamAdapterTestTLS : public SSLStreamAdapterTestBase { |
| 442 | public: |
| 443 | SSLStreamAdapterTestTLS() : |
| 444 | SSLStreamAdapterTestBase("", "", false) { |
| 445 | }; |
| 446 | |
| 447 | // Test data transfer for TLS |
| 448 | virtual void TestTransfer(int size) { |
| 449 | LOG(LS_INFO) << "Starting transfer test with " << size << " bytes"; |
| 450 | // Create some dummy data to send. |
| 451 | size_t received; |
| 452 | |
| 453 | send_stream_.ReserveSize(size); |
| 454 | for (int i = 0; i < size; ++i) { |
| 455 | char ch = static_cast<char>(i); |
| 456 | send_stream_.Write(&ch, 1, NULL, NULL); |
| 457 | } |
| 458 | send_stream_.Rewind(); |
| 459 | |
| 460 | // Prepare the receive stream. |
| 461 | recv_stream_.ReserveSize(size); |
| 462 | |
| 463 | // Start sending |
| 464 | WriteData(); |
| 465 | |
| 466 | // Wait for the client to close |
| 467 | EXPECT_TRUE_WAIT(server_ssl_->GetState() == rtc::SS_CLOSED, 10000); |
| 468 | |
| 469 | // Now check the data |
| 470 | recv_stream_.GetSize(&received); |
| 471 | |
| 472 | EXPECT_EQ(static_cast<size_t>(size), received); |
| 473 | EXPECT_EQ(0, memcmp(send_stream_.GetBuffer(), |
| 474 | recv_stream_.GetBuffer(), size)); |
| 475 | } |
| 476 | |
| 477 | void WriteData() { |
| 478 | size_t position, tosend, size; |
| 479 | rtc::StreamResult rv; |
| 480 | size_t sent; |
| 481 | char block[kBlockSize]; |
| 482 | |
| 483 | send_stream_.GetSize(&size); |
| 484 | if (!size) |
| 485 | return; |
| 486 | |
| 487 | for (;;) { |
| 488 | send_stream_.GetPosition(&position); |
| 489 | if (send_stream_.Read(block, sizeof(block), &tosend, NULL) != |
| 490 | rtc::SR_EOS) { |
| 491 | rv = client_ssl_->Write(block, tosend, &sent, 0); |
| 492 | |
| 493 | if (rv == rtc::SR_SUCCESS) { |
| 494 | send_stream_.SetPosition(position + sent); |
| 495 | LOG(LS_VERBOSE) << "Sent: " << position + sent; |
| 496 | } else if (rv == rtc::SR_BLOCK) { |
| 497 | LOG(LS_VERBOSE) << "Blocked..."; |
| 498 | send_stream_.SetPosition(position); |
| 499 | break; |
| 500 | } else { |
| 501 | ADD_FAILURE(); |
| 502 | break; |
| 503 | } |
| 504 | } else { |
| 505 | // Now close |
| 506 | LOG(LS_INFO) << "Wrote " << position << " bytes. Closing"; |
| 507 | client_ssl_->Close(); |
| 508 | break; |
| 509 | } |
| 510 | } |
| 511 | }; |
| 512 | |
| 513 | virtual void ReadData(rtc::StreamInterface *stream) { |
| 514 | char buffer[1600]; |
| 515 | size_t bread; |
| 516 | int err2; |
| 517 | rtc::StreamResult r; |
| 518 | |
| 519 | for (;;) { |
| 520 | r = stream->Read(buffer, sizeof(buffer), &bread, &err2); |
| 521 | |
| 522 | if (r == rtc::SR_ERROR || r == rtc::SR_EOS) { |
| 523 | // Unfortunately, errors are the way that the stream adapter |
| 524 | // signals close in OpenSSL |
| 525 | stream->Close(); |
| 526 | return; |
| 527 | } |
| 528 | |
| 529 | if (r == rtc::SR_BLOCK) |
| 530 | break; |
| 531 | |
| 532 | ASSERT_EQ(rtc::SR_SUCCESS, r); |
| 533 | LOG(LS_INFO) << "Read " << bread; |
| 534 | |
| 535 | recv_stream_.Write(buffer, bread, NULL, NULL); |
| 536 | } |
| 537 | } |
| 538 | |
| 539 | private: |
| 540 | rtc::MemoryStream send_stream_; |
| 541 | rtc::MemoryStream recv_stream_; |
| 542 | }; |
| 543 | |
| 544 | class SSLStreamAdapterTestDTLS : public SSLStreamAdapterTestBase { |
| 545 | public: |
| 546 | SSLStreamAdapterTestDTLS() : |
| 547 | SSLStreamAdapterTestBase("", "", true), |
| 548 | packet_size_(1000), count_(0), sent_(0) { |
| 549 | } |
| 550 | |
| 551 | SSLStreamAdapterTestDTLS(const std::string& cert_pem, |
| 552 | const std::string& private_key_pem) : |
| 553 | SSLStreamAdapterTestBase(cert_pem, private_key_pem, true), |
| 554 | packet_size_(1000), count_(0), sent_(0) { |
| 555 | } |
| 556 | |
| 557 | virtual void WriteData() { |
| 558 | unsigned char *packet = new unsigned char[1600]; |
| 559 | |
| 560 | do { |
| 561 | memset(packet, sent_ & 0xff, packet_size_); |
| 562 | *(reinterpret_cast<uint32_t *>(packet)) = sent_; |
| 563 | |
| 564 | size_t sent; |
| 565 | int rv = client_ssl_->Write(packet, packet_size_, &sent, 0); |
| 566 | if (rv == rtc::SR_SUCCESS) { |
| 567 | LOG(LS_VERBOSE) << "Sent: " << sent_; |
| 568 | sent_++; |
| 569 | } else if (rv == rtc::SR_BLOCK) { |
| 570 | LOG(LS_VERBOSE) << "Blocked..."; |
| 571 | break; |
| 572 | } else { |
| 573 | ADD_FAILURE(); |
| 574 | break; |
| 575 | } |
| 576 | } while (sent_ < count_); |
| 577 | |
| 578 | delete [] packet; |
| 579 | } |
| 580 | |
| 581 | virtual void ReadData(rtc::StreamInterface *stream) { |
| 582 | unsigned char buffer[2000]; |
| 583 | size_t bread; |
| 584 | int err2; |
| 585 | rtc::StreamResult r; |
| 586 | |
| 587 | for (;;) { |
| 588 | r = stream->Read(buffer, 2000, &bread, &err2); |
| 589 | |
| 590 | if (r == rtc::SR_ERROR) { |
| 591 | // Unfortunately, errors are the way that the stream adapter |
| 592 | // signals close right now |
| 593 | stream->Close(); |
| 594 | return; |
| 595 | } |
| 596 | |
| 597 | if (r == rtc::SR_BLOCK) |
| 598 | break; |
| 599 | |
| 600 | ASSERT_EQ(rtc::SR_SUCCESS, r); |
| 601 | LOG(LS_INFO) << "Read " << bread; |
| 602 | |
| 603 | // Now parse the datagram |
| 604 | ASSERT_EQ(packet_size_, bread); |
| 605 | unsigned char* ptr_to_buffer = buffer; |
| 606 | uint32_t packet_num = *(reinterpret_cast<uint32_t *>(ptr_to_buffer)); |
| 607 | |
| 608 | for (size_t i = 4; i < packet_size_; i++) { |
| 609 | ASSERT_EQ((packet_num & 0xff), buffer[i]); |
| 610 | } |
| 611 | received_.insert(packet_num); |
| 612 | } |
| 613 | } |
| 614 | |
| 615 | virtual void TestTransfer(int count) { |
| 616 | count_ = count; |
| 617 | |
| 618 | WriteData(); |
| 619 | |
| 620 | EXPECT_TRUE_WAIT(sent_ == count_, 10000); |
| 621 | LOG(LS_INFO) << "sent_ == " << sent_; |
| 622 | |
| 623 | if (damage_) { |
| 624 | WAIT(false, 2000); |
| 625 | EXPECT_EQ(0U, received_.size()); |
| 626 | } else if (loss_ == 0) { |
| 627 | EXPECT_EQ_WAIT(static_cast<size_t>(sent_), received_.size(), 1000); |
| 628 | } else { |
| 629 | LOG(LS_INFO) << "Sent " << sent_ << " packets; received " << |
| 630 | received_.size(); |
| 631 | } |
| 632 | }; |
| 633 | |
| 634 | private: |
| 635 | size_t packet_size_; |
| 636 | int count_; |
| 637 | int sent_; |
| 638 | std::set<int> received_; |
| 639 | }; |
| 640 | |
| 641 | |
| 642 | rtc::StreamResult SSLDummyStream::Write(const void* data, size_t data_len, |
| 643 | size_t* written, int* error) { |
| 644 | *written = data_len; |
| 645 | |
| 646 | LOG(LS_INFO) << "Writing to loopback " << data_len; |
| 647 | |
| 648 | if (first_packet_) { |
| 649 | first_packet_ = false; |
| 650 | if (test_->GetLoseFirstPacket()) { |
| 651 | LOG(LS_INFO) << "Losing initial packet of length " << data_len; |
| 652 | return rtc::SR_SUCCESS; |
| 653 | } |
| 654 | } |
| 655 | |
| 656 | return test_->DataWritten(this, data, data_len, written, error); |
| 657 | |
| 658 | return rtc::SR_SUCCESS; |
| 659 | }; |
| 660 | |
| 661 | class SSLStreamAdapterTestDTLSFromPEMStrings : public SSLStreamAdapterTestDTLS { |
| 662 | public: |
| 663 | SSLStreamAdapterTestDTLSFromPEMStrings() : |
| 664 | SSLStreamAdapterTestDTLS(kCERT_PEM, kRSA_PRIVATE_KEY_PEM) { |
| 665 | } |
| 666 | }; |
| 667 | |
| 668 | // Basic tests: TLS |
| 669 | |
| 670 | // Test that we cannot read/write if we have not yet handshaked. |
| 671 | // This test only applies to NSS because OpenSSL has passthrough |
| 672 | // semantics for I/O before the handshake is started. |
| 673 | #if SSL_USE_NSS |
| 674 | TEST_F(SSLStreamAdapterTestTLS, TestNoReadWriteBeforeConnect) { |
| 675 | rtc::StreamResult rv; |
| 676 | char block[kBlockSize]; |
| 677 | size_t dummy; |
| 678 | |
| 679 | rv = client_ssl_->Write(block, sizeof(block), &dummy, NULL); |
| 680 | ASSERT_EQ(rtc::SR_BLOCK, rv); |
| 681 | |
| 682 | rv = client_ssl_->Read(block, sizeof(block), &dummy, NULL); |
| 683 | ASSERT_EQ(rtc::SR_BLOCK, rv); |
| 684 | } |
| 685 | #endif |
| 686 | |
| 687 | |
| 688 | // Test that we can make a handshake work |
| 689 | TEST_F(SSLStreamAdapterTestTLS, TestTLSConnect) { |
| 690 | TestHandshake(); |
| 691 | }; |
| 692 | |
| 693 | // Test transfer -- trivial |
| 694 | TEST_F(SSLStreamAdapterTestTLS, TestTLSTransfer) { |
| 695 | TestHandshake(); |
| 696 | TestTransfer(100000); |
| 697 | }; |
| 698 | |
| 699 | // Test read-write after close. |
| 700 | TEST_F(SSLStreamAdapterTestTLS, ReadWriteAfterClose) { |
| 701 | TestHandshake(); |
| 702 | TestTransfer(100000); |
| 703 | client_ssl_->Close(); |
| 704 | |
| 705 | rtc::StreamResult rv; |
| 706 | char block[kBlockSize]; |
| 707 | size_t dummy; |
| 708 | |
| 709 | // It's an error to write after closed. |
| 710 | rv = client_ssl_->Write(block, sizeof(block), &dummy, NULL); |
| 711 | ASSERT_EQ(rtc::SR_ERROR, rv); |
| 712 | |
| 713 | // But after closed read gives you EOS. |
| 714 | rv = client_ssl_->Read(block, sizeof(block), &dummy, NULL); |
| 715 | ASSERT_EQ(rtc::SR_EOS, rv); |
| 716 | }; |
| 717 | |
| 718 | // Test a handshake with a bogus peer digest |
| 719 | TEST_F(SSLStreamAdapterTestTLS, TestTLSBogusDigest) { |
| 720 | SetPeerIdentitiesByDigest(false); |
| 721 | TestHandshake(false); |
| 722 | }; |
| 723 | |
| 724 | // Test moving a bunch of data |
| 725 | |
| 726 | // Basic tests: DTLS |
| 727 | // Test that we can make a handshake work |
| 728 | TEST_F(SSLStreamAdapterTestDTLS, TestDTLSConnect) { |
| 729 | MAYBE_SKIP_TEST(HaveDtls); |
| 730 | TestHandshake(); |
| 731 | }; |
| 732 | |
| 733 | // Test that we can make a handshake work if the first packet in |
| 734 | // each direction is lost. This gives us predictable loss |
| 735 | // rather than having to tune random |
| 736 | TEST_F(SSLStreamAdapterTestDTLS, TestDTLSConnectWithLostFirstPacket) { |
| 737 | MAYBE_SKIP_TEST(HaveDtls); |
| 738 | SetLoseFirstPacket(true); |
| 739 | TestHandshake(); |
| 740 | }; |
| 741 | |
| 742 | // Test a handshake with loss and delay |
| 743 | TEST_F(SSLStreamAdapterTestDTLS, |
| 744 | TestDTLSConnectWithLostFirstPacketDelay2s) { |
| 745 | MAYBE_SKIP_TEST(HaveDtls); |
| 746 | SetLoseFirstPacket(true); |
| 747 | SetDelay(2000); |
| 748 | SetHandshakeWait(20000); |
| 749 | TestHandshake(); |
| 750 | }; |
| 751 | |
| 752 | // Test a handshake with small MTU |
| 753 | TEST_F(SSLStreamAdapterTestDTLS, TestDTLSConnectWithSmallMtu) { |
| 754 | MAYBE_SKIP_TEST(HaveDtls); |
| 755 | SetMtu(700); |
| 756 | SetHandshakeWait(20000); |
| 757 | TestHandshake(); |
| 758 | }; |
| 759 | |
| 760 | // Test transfer -- trivial |
| 761 | TEST_F(SSLStreamAdapterTestDTLS, TestDTLSTransfer) { |
| 762 | MAYBE_SKIP_TEST(HaveDtls); |
| 763 | TestHandshake(); |
| 764 | TestTransfer(100); |
| 765 | }; |
| 766 | |
| 767 | TEST_F(SSLStreamAdapterTestDTLS, TestDTLSTransferWithLoss) { |
| 768 | MAYBE_SKIP_TEST(HaveDtls); |
| 769 | TestHandshake(); |
| 770 | SetLoss(10); |
| 771 | TestTransfer(100); |
| 772 | }; |
| 773 | |
| 774 | TEST_F(SSLStreamAdapterTestDTLS, TestDTLSTransferWithDamage) { |
| 775 | MAYBE_SKIP_TEST(HaveDtls); |
| 776 | SetDamage(); // Must be called first because first packet |
| 777 | // write happens at end of handshake. |
| 778 | TestHandshake(); |
| 779 | TestTransfer(100); |
| 780 | }; |
| 781 | |
| 782 | // Test DTLS-SRTP with all high ciphers |
| 783 | TEST_F(SSLStreamAdapterTestDTLS, TestDTLSSrtpHigh) { |
| 784 | MAYBE_SKIP_TEST(HaveDtlsSrtp); |
| 785 | std::vector<std::string> high; |
| 786 | high.push_back(kAES_CM_HMAC_SHA1_80); |
| 787 | SetDtlsSrtpCiphers(high, true); |
| 788 | SetDtlsSrtpCiphers(high, false); |
| 789 | TestHandshake(); |
| 790 | |
| 791 | std::string client_cipher; |
| 792 | ASSERT_TRUE(GetDtlsSrtpCipher(true, &client_cipher)); |
| 793 | std::string server_cipher; |
| 794 | ASSERT_TRUE(GetDtlsSrtpCipher(false, &server_cipher)); |
| 795 | |
| 796 | ASSERT_EQ(client_cipher, server_cipher); |
| 797 | ASSERT_EQ(client_cipher, kAES_CM_HMAC_SHA1_80); |
| 798 | }; |
| 799 | |
| 800 | // Test DTLS-SRTP with all low ciphers |
| 801 | TEST_F(SSLStreamAdapterTestDTLS, TestDTLSSrtpLow) { |
| 802 | MAYBE_SKIP_TEST(HaveDtlsSrtp); |
| 803 | std::vector<std::string> low; |
| 804 | low.push_back(kAES_CM_HMAC_SHA1_32); |
| 805 | SetDtlsSrtpCiphers(low, true); |
| 806 | SetDtlsSrtpCiphers(low, false); |
| 807 | TestHandshake(); |
| 808 | |
| 809 | std::string client_cipher; |
| 810 | ASSERT_TRUE(GetDtlsSrtpCipher(true, &client_cipher)); |
| 811 | std::string server_cipher; |
| 812 | ASSERT_TRUE(GetDtlsSrtpCipher(false, &server_cipher)); |
| 813 | |
| 814 | ASSERT_EQ(client_cipher, server_cipher); |
| 815 | ASSERT_EQ(client_cipher, kAES_CM_HMAC_SHA1_32); |
| 816 | }; |
| 817 | |
| 818 | |
| 819 | // Test DTLS-SRTP with a mismatch -- should not converge |
| 820 | TEST_F(SSLStreamAdapterTestDTLS, TestDTLSSrtpHighLow) { |
| 821 | MAYBE_SKIP_TEST(HaveDtlsSrtp); |
| 822 | std::vector<std::string> high; |
| 823 | high.push_back(kAES_CM_HMAC_SHA1_80); |
| 824 | std::vector<std::string> low; |
| 825 | low.push_back(kAES_CM_HMAC_SHA1_32); |
| 826 | SetDtlsSrtpCiphers(high, true); |
| 827 | SetDtlsSrtpCiphers(low, false); |
| 828 | TestHandshake(); |
| 829 | |
| 830 | std::string client_cipher; |
| 831 | ASSERT_FALSE(GetDtlsSrtpCipher(true, &client_cipher)); |
| 832 | std::string server_cipher; |
| 833 | ASSERT_FALSE(GetDtlsSrtpCipher(false, &server_cipher)); |
| 834 | }; |
| 835 | |
| 836 | // Test DTLS-SRTP with each side being mixed -- should select high |
| 837 | TEST_F(SSLStreamAdapterTestDTLS, TestDTLSSrtpMixed) { |
| 838 | MAYBE_SKIP_TEST(HaveDtlsSrtp); |
| 839 | std::vector<std::string> mixed; |
| 840 | mixed.push_back(kAES_CM_HMAC_SHA1_80); |
| 841 | mixed.push_back(kAES_CM_HMAC_SHA1_32); |
| 842 | SetDtlsSrtpCiphers(mixed, true); |
| 843 | SetDtlsSrtpCiphers(mixed, false); |
| 844 | TestHandshake(); |
| 845 | |
| 846 | std::string client_cipher; |
| 847 | ASSERT_TRUE(GetDtlsSrtpCipher(true, &client_cipher)); |
| 848 | std::string server_cipher; |
| 849 | ASSERT_TRUE(GetDtlsSrtpCipher(false, &server_cipher)); |
| 850 | |
| 851 | ASSERT_EQ(client_cipher, server_cipher); |
| 852 | ASSERT_EQ(client_cipher, kAES_CM_HMAC_SHA1_80); |
| 853 | }; |
| 854 | |
| 855 | // Test an exporter |
| 856 | TEST_F(SSLStreamAdapterTestDTLS, TestDTLSExporter) { |
| 857 | MAYBE_SKIP_TEST(HaveExporter); |
| 858 | TestHandshake(); |
| 859 | unsigned char client_out[20]; |
| 860 | unsigned char server_out[20]; |
| 861 | |
| 862 | bool result; |
| 863 | result = ExportKeyingMaterial(kExporterLabel, |
| 864 | kExporterContext, kExporterContextLen, |
| 865 | true, true, |
| 866 | client_out, sizeof(client_out)); |
| 867 | ASSERT_TRUE(result); |
| 868 | |
| 869 | result = ExportKeyingMaterial(kExporterLabel, |
| 870 | kExporterContext, kExporterContextLen, |
| 871 | true, false, |
| 872 | server_out, sizeof(server_out)); |
| 873 | ASSERT_TRUE(result); |
| 874 | |
| 875 | ASSERT_TRUE(!memcmp(client_out, server_out, sizeof(client_out))); |
| 876 | } |
| 877 | |
| 878 | // Test not yet valid certificates are not rejected. |
| 879 | TEST_F(SSLStreamAdapterTestDTLS, TestCertNotYetValid) { |
| 880 | MAYBE_SKIP_TEST(HaveDtls); |
| 881 | long one_day = 60 * 60 * 24; |
| 882 | // Make the certificates not valid until one day later. |
| 883 | ResetIdentitiesWithValidity(one_day, one_day); |
| 884 | TestHandshake(); |
| 885 | } |
| 886 | |
| 887 | // Test expired certificates are not rejected. |
| 888 | TEST_F(SSLStreamAdapterTestDTLS, TestCertExpired) { |
| 889 | MAYBE_SKIP_TEST(HaveDtls); |
| 890 | long one_day = 60 * 60 * 24; |
| 891 | // Make the certificates already expired. |
| 892 | ResetIdentitiesWithValidity(-one_day, -one_day); |
| 893 | TestHandshake(); |
| 894 | } |
| 895 | |
| 896 | // Test data transfer using certs created from strings. |
| 897 | TEST_F(SSLStreamAdapterTestDTLSFromPEMStrings, TestTransfer) { |
| 898 | MAYBE_SKIP_TEST(HaveDtls); |
| 899 | TestHandshake(); |
| 900 | TestTransfer(100); |
| 901 | } |
| 902 | |
| 903 | // Test getting the remote certificate. |
| 904 | TEST_F(SSLStreamAdapterTestDTLSFromPEMStrings, TestDTLSGetPeerCertificate) { |
| 905 | MAYBE_SKIP_TEST(HaveDtls); |
| 906 | |
| 907 | // Peer certificates haven't been received yet. |
| 908 | rtc::scoped_ptr<rtc::SSLCertificate> client_peer_cert; |
| 909 | ASSERT_FALSE(GetPeerCertificate(true, client_peer_cert.accept())); |
| 910 | ASSERT_FALSE(client_peer_cert != NULL); |
| 911 | |
| 912 | rtc::scoped_ptr<rtc::SSLCertificate> server_peer_cert; |
| 913 | ASSERT_FALSE(GetPeerCertificate(false, server_peer_cert.accept())); |
| 914 | ASSERT_FALSE(server_peer_cert != NULL); |
| 915 | |
| 916 | TestHandshake(); |
| 917 | |
| 918 | // The client should have a peer certificate after the handshake. |
| 919 | ASSERT_TRUE(GetPeerCertificate(true, client_peer_cert.accept())); |
| 920 | ASSERT_TRUE(client_peer_cert != NULL); |
| 921 | |
| 922 | // It's not kCERT_PEM. |
| 923 | std::string client_peer_string = client_peer_cert->ToPEMString(); |
| 924 | ASSERT_NE(kCERT_PEM, client_peer_string); |
| 925 | |
| 926 | // It must not have a chain, because the test certs are self-signed. |
| 927 | rtc::SSLCertChain* client_peer_chain; |
| 928 | ASSERT_FALSE(client_peer_cert->GetChain(&client_peer_chain)); |
| 929 | |
| 930 | // The server should have a peer certificate after the handshake. |
| 931 | ASSERT_TRUE(GetPeerCertificate(false, server_peer_cert.accept())); |
| 932 | ASSERT_TRUE(server_peer_cert != NULL); |
| 933 | |
| 934 | // It's kCERT_PEM |
| 935 | ASSERT_EQ(kCERT_PEM, server_peer_cert->ToPEMString()); |
| 936 | |
| 937 | // It must not have a chain, because the test certs are self-signed. |
| 938 | rtc::SSLCertChain* server_peer_chain; |
| 939 | ASSERT_FALSE(server_peer_cert->GetChain(&server_peer_chain)); |
| 940 | } |