| OLD | NEW |
|---|
| 1 /* | 1 /* |
| 2 * Copyright 2011 The WebRTC Project Authors. All rights reserved. | 2 * Copyright 2011 The WebRTC Project Authors. All rights reserved. |
| 3 * | 3 * |
| 4 * Use of this source code is governed by a BSD-style license | 4 * Use of this source code is governed by a BSD-style license |
| 5 * that can be found in the LICENSE file in the root of the source | 5 * that can be found in the LICENSE file in the root of the source |
| 6 * tree. An additional intellectual property rights grant can be found | 6 * tree. An additional intellectual property rights grant can be found |
| 7 * in the file PATENTS. All contributing project authors may | 7 * in the file PATENTS. All contributing project authors may |
| 8 * be found in the AUTHORS file in the root of the source tree. | 8 * be found in the AUTHORS file in the root of the source tree. |
| 9 */ | 9 */ |
| 10 | 10 |
| (...skipping 148 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 159 SSLStreamAdapterTestBase(const std::string& client_cert_pem, | 159 SSLStreamAdapterTestBase(const std::string& client_cert_pem, |
| 160 const std::string& client_private_key_pem, | 160 const std::string& client_private_key_pem, |
| 161 bool dtls) : | 161 bool dtls) : |
| 162 client_buffer_(kFifoBufferSize), server_buffer_(kFifoBufferSize), | 162 client_buffer_(kFifoBufferSize), server_buffer_(kFifoBufferSize), |
| 163 client_stream_( | 163 client_stream_( |
| 164 new SSLDummyStream(this, "c2s", &client_buffer_, &server_buffer_)), | 164 new SSLDummyStream(this, "c2s", &client_buffer_, &server_buffer_)), |
| 165 server_stream_( | 165 server_stream_( |
| 166 new SSLDummyStream(this, "s2c", &server_buffer_, &client_buffer_)), | 166 new SSLDummyStream(this, "s2c", &server_buffer_, &client_buffer_)), |
| 167 client_ssl_(rtc::SSLStreamAdapter::Create(client_stream_)), | 167 client_ssl_(rtc::SSLStreamAdapter::Create(client_stream_)), |
| 168 server_ssl_(rtc::SSLStreamAdapter::Create(server_stream_)), | 168 server_ssl_(rtc::SSLStreamAdapter::Create(server_stream_)), |
| 169 client_identity_(NULL), server_identity_(NULL), | |
| 170 delay_(0), mtu_(1460), loss_(0), lose_first_packet_(false), | 169 delay_(0), mtu_(1460), loss_(0), lose_first_packet_(false), |
| 171 damage_(false), dtls_(dtls), | 170 damage_(false), dtls_(dtls), |
| 172 handshake_wait_(5000), identities_set_(false) { | 171 handshake_wait_(5000), identities_set_(false) { |
| 173 // Set use of the test RNG to get predictable loss patterns. | 172 // Set use of the test RNG to get predictable loss patterns. |
| 174 rtc::SetRandomTestMode(true); | 173 rtc::SetRandomTestMode(true); |
| 175 | 174 |
| 176 // Set up the slots | 175 // Set up the slots |
| 177 client_ssl_->SignalEvent.connect(this, &SSLStreamAdapterTestBase::OnEvent); | 176 client_ssl_->SignalEvent.connect(this, &SSLStreamAdapterTestBase::OnEvent); |
| 178 server_ssl_->SignalEvent.connect(this, &SSLStreamAdapterTestBase::OnEvent); | 177 server_ssl_->SignalEvent.connect(this, &SSLStreamAdapterTestBase::OnEvent); |
| 179 | 178 |
| 180 if (!client_cert_pem.empty() && !client_private_key_pem.empty()) { | 179 if (!client_cert_pem.empty() && !client_private_key_pem.empty()) { |
| 181 client_identity_ = rtc::SSLIdentity::FromPEMStrings( | 180 client_certificate_ = webrtc::DtlsCertificate::Create( |
| 182 client_private_key_pem, client_cert_pem); | 181 rtc::scoped_ptr<rtc::SSLIdentity>( |
| 182 rtc::SSLIdentity::FromPEMStrings(client_private_key_pem, |
| 183 client_cert_pem)).Pass()); |
| 183 } else { | 184 } else { |
| 184 client_identity_ = rtc::SSLIdentity::Generate("client"); | 185 client_certificate_ = webrtc::DtlsCertificate::Create( |
| 186 rtc::scoped_ptr<rtc::SSLIdentity>( |
| 187 rtc::SSLIdentity::Generate("client")).Pass()); |
| 185 } | 188 } |
| 186 server_identity_ = rtc::SSLIdentity::Generate("server"); | 189 server_certificate_ = webrtc::DtlsCertificate::Create( |
| 190 rtc::scoped_ptr<rtc::SSLIdentity>( |
| 191 rtc::SSLIdentity::Generate("server")).Pass()); |
| 187 | 192 |
| 188 client_ssl_->SetIdentity(client_identity_); | 193 client_ssl_->SetCertificate(client_certificate_); |
| 189 server_ssl_->SetIdentity(server_identity_); | 194 server_ssl_->SetCertificate(server_certificate_); |
| 190 } | 195 } |
| 191 | 196 |
| 192 ~SSLStreamAdapterTestBase() { | 197 ~SSLStreamAdapterTestBase() { |
| 193 // Put it back for the next test. | 198 // Put it back for the next test. |
| 194 rtc::SetRandomTestMode(false); | 199 rtc::SetRandomTestMode(false); |
| 195 } | 200 } |
| 196 | 201 |
| 197 // Recreate the client/server identities with the specified validity period. | 202 // Recreate the client/server identities with the specified validity period. |
| 198 // |not_before| and |not_after| are offsets from the current time in number | 203 // |not_before| and |not_after| are offsets from the current time in number |
| 199 // of seconds. | 204 // of seconds. |
| 200 void ResetIdentitiesWithValidity(int not_before, int not_after) { | 205 void ResetIdentitiesWithValidity(int not_before, int not_after) { |
| 201 client_stream_ = | 206 client_stream_ = |
| 202 new SSLDummyStream(this, "c2s", &client_buffer_, &server_buffer_); | 207 new SSLDummyStream(this, "c2s", &client_buffer_, &server_buffer_); |
| 203 server_stream_ = | 208 server_stream_ = |
| 204 new SSLDummyStream(this, "s2c", &server_buffer_, &client_buffer_); | 209 new SSLDummyStream(this, "s2c", &server_buffer_, &client_buffer_); |
| 205 | 210 |
| 206 client_ssl_.reset(rtc::SSLStreamAdapter::Create(client_stream_)); | 211 client_ssl_.reset(rtc::SSLStreamAdapter::Create(client_stream_)); |
| 207 server_ssl_.reset(rtc::SSLStreamAdapter::Create(server_stream_)); | 212 server_ssl_.reset(rtc::SSLStreamAdapter::Create(server_stream_)); |
| 208 | 213 |
| 209 client_ssl_->SignalEvent.connect(this, &SSLStreamAdapterTestBase::OnEvent); | 214 client_ssl_->SignalEvent.connect(this, &SSLStreamAdapterTestBase::OnEvent); |
| 210 server_ssl_->SignalEvent.connect(this, &SSLStreamAdapterTestBase::OnEvent); | 215 server_ssl_->SignalEvent.connect(this, &SSLStreamAdapterTestBase::OnEvent); |
| 211 | 216 |
| 212 rtc::SSLIdentityParams client_params; | 217 rtc::SSLIdentityParams client_params; |
| 213 client_params.common_name = "client"; | 218 client_params.common_name = "client"; |
| 214 client_params.not_before = not_before; | 219 client_params.not_before = not_before; |
| 215 client_params.not_after = not_after; | 220 client_params.not_after = not_after; |
| 216 client_identity_ = rtc::SSLIdentity::GenerateForTest(client_params); | 221 client_certificate_ = webrtc::DtlsCertificate::Create( |
| 222 rtc::scoped_ptr<rtc::SSLIdentity>( |
| 223 rtc::SSLIdentity::GenerateForTest(client_params)).Pass()); |
| 217 | 224 |
| 218 rtc::SSLIdentityParams server_params; | 225 rtc::SSLIdentityParams server_params; |
| 219 server_params.common_name = "server"; | 226 server_params.common_name = "server"; |
| 220 server_params.not_before = not_before; | 227 server_params.not_before = not_before; |
| 221 server_params.not_after = not_after; | 228 server_params.not_after = not_after; |
| 222 server_identity_ = rtc::SSLIdentity::GenerateForTest(server_params); | 229 server_certificate_ = webrtc::DtlsCertificate::Create( |
| 230 rtc::scoped_ptr<rtc::SSLIdentity>( |
| 231 rtc::SSLIdentity::GenerateForTest(server_params)).Pass()); |
| 223 | 232 |
| 224 client_ssl_->SetIdentity(client_identity_); | 233 client_ssl_->SetCertificate(client_certificate_); |
| 225 server_ssl_->SetIdentity(server_identity_); | 234 server_ssl_->SetCertificate(server_certificate_); |
| 226 } | 235 } |
| 227 | 236 |
| 228 virtual void OnEvent(rtc::StreamInterface *stream, int sig, int err) { | 237 virtual void OnEvent(rtc::StreamInterface *stream, int sig, int err) { |
| 229 LOG(LS_INFO) << "SSLStreamAdapterTestBase::OnEvent sig=" << sig; | 238 LOG(LS_INFO) << "SSLStreamAdapterTestBase::OnEvent sig=" << sig; |
| 230 | 239 |
| 231 if (sig & rtc::SE_READ) { | 240 if (sig & rtc::SE_READ) { |
| 232 ReadData(stream); | 241 ReadData(stream); |
| 233 } | 242 } |
| 234 | 243 |
| 235 if ((stream == client_ssl_.get()) && (sig & rtc::SE_WRITE)) { | 244 if ((stream == client_ssl_.get()) && (sig & rtc::SE_WRITE)) { |
| 236 WriteData(); | 245 WriteData(); |
| 237 } | 246 } |
| 238 } | 247 } |
| 239 | 248 |
| 240 void SetPeerIdentitiesByDigest(bool correct) { | 249 void SetPeerIdentitiesByDigest(bool correct) { |
| 241 unsigned char digest[20]; | 250 unsigned char digest[20]; |
| 242 size_t digest_len; | 251 size_t digest_len; |
| 243 bool rv; | 252 bool rv; |
| 244 | 253 |
| 245 LOG(LS_INFO) << "Setting peer identities by digest"; | 254 LOG(LS_INFO) << "Setting peer identities by digest"; |
| 246 | 255 |
| 247 rv = server_identity_->certificate().ComputeDigest(rtc::DIGEST_SHA_1, | 256 rv = server_certificate_->identity()->certificate().ComputeDigest( |
| 248 digest, 20, | 257 rtc::DIGEST_SHA_1, digest, 20, &digest_len); |
| 249 &digest_len); | |
| 250 ASSERT_TRUE(rv); | 258 ASSERT_TRUE(rv); |
| 251 if (!correct) { | 259 if (!correct) { |
| 252 LOG(LS_INFO) << "Setting bogus digest for server cert"; | 260 LOG(LS_INFO) << "Setting bogus digest for server cert"; |
| 253 digest[0]++; | 261 digest[0]++; |
| 254 } | 262 } |
| 255 rv = client_ssl_->SetPeerCertificateDigest(rtc::DIGEST_SHA_1, digest, | 263 rv = client_ssl_->SetPeerCertificateDigest(rtc::DIGEST_SHA_1, digest, |
| 256 digest_len); | 264 digest_len); |
| 257 ASSERT_TRUE(rv); | 265 ASSERT_TRUE(rv); |
| 258 | 266 |
| 259 | 267 |
| 260 rv = client_identity_->certificate().ComputeDigest(rtc::DIGEST_SHA_1, | 268 rv = client_certificate_->identity()->certificate().ComputeDigest( |
| 261 digest, 20, &digest_len); | 269 rtc::DIGEST_SHA_1, digest, 20, &digest_len); |
| 262 ASSERT_TRUE(rv); | 270 ASSERT_TRUE(rv); |
| 263 if (!correct) { | 271 if (!correct) { |
| 264 LOG(LS_INFO) << "Setting bogus digest for client cert"; | 272 LOG(LS_INFO) << "Setting bogus digest for client cert"; |
| 265 digest[0]++; | 273 digest[0]++; |
| 266 } | 274 } |
| 267 rv = server_ssl_->SetPeerCertificateDigest(rtc::DIGEST_SHA_1, digest, | 275 rv = server_ssl_->SetPeerCertificateDigest(rtc::DIGEST_SHA_1, digest, |
| 268 digest_len); | 276 digest_len); |
| 269 ASSERT_TRUE(rv); | 277 ASSERT_TRUE(rv); |
| 270 | 278 |
| 271 identities_set_ = true; | 279 identities_set_ = true; |
| (...skipping 153 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 425 virtual void ReadData(rtc::StreamInterface *stream) = 0; | 433 virtual void ReadData(rtc::StreamInterface *stream) = 0; |
| 426 virtual void TestTransfer(int size) = 0; | 434 virtual void TestTransfer(int size) = 0; |
| 427 | 435 |
| 428 protected: | 436 protected: |
| 429 rtc::FifoBuffer client_buffer_; | 437 rtc::FifoBuffer client_buffer_; |
| 430 rtc::FifoBuffer server_buffer_; | 438 rtc::FifoBuffer server_buffer_; |
| 431 SSLDummyStream *client_stream_; // freed by client_ssl_ destructor | 439 SSLDummyStream *client_stream_; // freed by client_ssl_ destructor |
| 432 SSLDummyStream *server_stream_; // freed by server_ssl_ destructor | 440 SSLDummyStream *server_stream_; // freed by server_ssl_ destructor |
| 433 rtc::scoped_ptr<rtc::SSLStreamAdapter> client_ssl_; | 441 rtc::scoped_ptr<rtc::SSLStreamAdapter> client_ssl_; |
| 434 rtc::scoped_ptr<rtc::SSLStreamAdapter> server_ssl_; | 442 rtc::scoped_ptr<rtc::SSLStreamAdapter> server_ssl_; |
| 435 rtc::SSLIdentity *client_identity_; // freed by client_ssl_ destructor | 443 rtc::scoped_refptr<webrtc::DtlsCertificate> client_certificate_; |
| 436 rtc::SSLIdentity *server_identity_; // freed by server_ssl_ destructor | 444 rtc::scoped_refptr<webrtc::DtlsCertificate> server_certificate_; |
| 437 int delay_; | 445 int delay_; |
| 438 size_t mtu_; | 446 size_t mtu_; |
| 439 int loss_; | 447 int loss_; |
| 440 bool lose_first_packet_; | 448 bool lose_first_packet_; |
| 441 bool damage_; | 449 bool damage_; |
| 442 bool dtls_; | 450 bool dtls_; |
| 443 int handshake_wait_; | 451 int handshake_wait_; |
| 444 bool identities_set_; | 452 bool identities_set_; |
| 445 }; | 453 }; |
| 446 | 454 |
| (...skipping 568 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 1015 std::string client_cipher; | 1023 std::string client_cipher; |
| 1016 ASSERT_TRUE(GetSslCipher(true, &client_cipher)); | 1024 ASSERT_TRUE(GetSslCipher(true, &client_cipher)); |
| 1017 std::string server_cipher; | 1025 std::string server_cipher; |
| 1018 ASSERT_TRUE(GetSslCipher(false, &server_cipher)); | 1026 ASSERT_TRUE(GetSslCipher(false, &server_cipher)); |
| 1019 | 1027 |
| 1020 ASSERT_EQ(client_cipher, server_cipher); | 1028 ASSERT_EQ(client_cipher, server_cipher); |
| 1021 ASSERT_EQ( | 1029 ASSERT_EQ( |
| 1022 rtc::SSLStreamAdapter::GetDefaultSslCipher(rtc::SSL_PROTOCOL_DTLS_10), | 1030 rtc::SSLStreamAdapter::GetDefaultSslCipher(rtc::SSL_PROTOCOL_DTLS_10), |
| 1023 client_cipher); | 1031 client_cipher); |
| 1024 } | 1032 } |
| OLD | NEW |
|---|
Chromium Code Reviews
Issue 1269843005:
Added DtlsCertificate, a ref counted object owning an SSLIdentity (Closed)
Base URL: https://chromium.googlesource.com/external/webrtc.git@master