| OLD | NEW |
|---|
| 1 /* | 1 /* |
| 2 * Copyright 2011 The WebRTC Project Authors. All rights reserved. | 2 * Copyright 2011 The WebRTC Project Authors. All rights reserved. |
| 3 * | 3 * |
| 4 * Use of this source code is governed by a BSD-style license | 4 * Use of this source code is governed by a BSD-style license |
| 5 * that can be found in the LICENSE file in the root of the source | 5 * that can be found in the LICENSE file in the root of the source |
| 6 * tree. An additional intellectual property rights grant can be found | 6 * tree. An additional intellectual property rights grant can be found |
| 7 * in the file PATENTS. All contributing project authors may | 7 * in the file PATENTS. All contributing project authors may |
| 8 * be found in the AUTHORS file in the root of the source tree. | 8 * be found in the AUTHORS file in the root of the source tree. |
| 9 */ | 9 */ |
| 10 | 10 |
| (...skipping 34 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 45 class DtlsTestClient : public sigslot::has_slots<> { | 45 class DtlsTestClient : public sigslot::has_slots<> { |
| 46 public: | 46 public: |
| 47 DtlsTestClient(const std::string& name) | 47 DtlsTestClient(const std::string& name) |
| 48 : name_(name), | 48 : name_(name), |
| 49 packet_size_(0), | 49 packet_size_(0), |
| 50 use_dtls_srtp_(false), | 50 use_dtls_srtp_(false), |
| 51 ssl_max_version_(rtc::SSL_PROTOCOL_DTLS_10), | 51 ssl_max_version_(rtc::SSL_PROTOCOL_DTLS_10), |
| 52 negotiated_dtls_(false), | 52 negotiated_dtls_(false), |
| 53 received_dtls_client_hello_(false), | 53 received_dtls_client_hello_(false), |
| 54 received_dtls_server_hello_(false) {} | 54 received_dtls_server_hello_(false) {} |
| 55 void CreateCertificate(rtc::KeyType key_type) { | 55 void CreateCertificate(rtc::KeyTypeFull key_type) { |
| 56 certificate_ = rtc::RTCCertificate::Create( | 56 certificate_ = rtc::RTCCertificate::Create( |
| 57 rtc::scoped_ptr<rtc::SSLIdentity>( | 57 rtc::scoped_ptr<rtc::SSLIdentity>( |
| 58 rtc::SSLIdentity::Generate(name_, key_type)).Pass()); | 58 rtc::SSLIdentity::Generate(name_, key_type)).Pass()); |
| 59 } | 59 } |
| 60 const rtc::scoped_refptr<rtc::RTCCertificate>& certificate() { | 60 const rtc::scoped_refptr<rtc::RTCCertificate>& certificate() { |
| 61 return certificate_; | 61 return certificate_; |
| 62 } | 62 } |
| 63 void SetupSrtp() { | 63 void SetupSrtp() { |
| 64 ASSERT(certificate_); | 64 ASSERT(certificate_); |
| 65 use_dtls_srtp_ = true; | 65 use_dtls_srtp_ = true; |
| (...skipping 326 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 392 | 392 |
| 393 void SetChannelCount(size_t channel_ct) { | 393 void SetChannelCount(size_t channel_ct) { |
| 394 channel_ct_ = static_cast<int>(channel_ct); | 394 channel_ct_ = static_cast<int>(channel_ct); |
| 395 } | 395 } |
| 396 void SetMaxProtocolVersions(rtc::SSLProtocolVersion c1, | 396 void SetMaxProtocolVersions(rtc::SSLProtocolVersion c1, |
| 397 rtc::SSLProtocolVersion c2) { | 397 rtc::SSLProtocolVersion c2) { |
| 398 client1_.SetupMaxProtocolVersion(c1); | 398 client1_.SetupMaxProtocolVersion(c1); |
| 399 client2_.SetupMaxProtocolVersion(c2); | 399 client2_.SetupMaxProtocolVersion(c2); |
| 400 ssl_expected_version_ = std::min(c1, c2); | 400 ssl_expected_version_ = std::min(c1, c2); |
| 401 } | 401 } |
| 402 void PrepareDtls(bool c1, bool c2, rtc::KeyType key_type) { | 402 void PrepareDtls(bool c1, bool c2, rtc::KeyTypeFull key_type) { |
| 403 if (c1) { | 403 if (c1) { |
| 404 client1_.CreateCertificate(key_type); | 404 client1_.CreateCertificate(key_type); |
| 405 } | 405 } |
| 406 if (c2) { | 406 if (c2) { |
| 407 client2_.CreateCertificate(key_type); | 407 client2_.CreateCertificate(key_type); |
| 408 } | 408 } |
| 409 if (c1 && c2) | 409 if (c1 && c2) |
| 410 use_dtls_ = true; | 410 use_dtls_ = true; |
| 411 } | 411 } |
| 412 void PrepareDtlsSrtp(bool c1, bool c2) { | 412 void PrepareDtlsSrtp(bool c1, bool c2) { |
| (...skipping 162 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 575 TEST_F(DtlsTransportChannelTest, TestTransferSrtpTwoChannels) { | 575 TEST_F(DtlsTransportChannelTest, TestTransferSrtpTwoChannels) { |
| 576 SetChannelCount(2); | 576 SetChannelCount(2); |
| 577 ASSERT_TRUE(Connect()); | 577 ASSERT_TRUE(Connect()); |
| 578 TestTransfer(0, 1000, 100, true); | 578 TestTransfer(0, 1000, 100, true); |
| 579 TestTransfer(1, 1000, 100, true); | 579 TestTransfer(1, 1000, 100, true); |
| 580 } | 580 } |
| 581 | 581 |
| 582 // Connect with DTLS, and transfer some data. | 582 // Connect with DTLS, and transfer some data. |
| 583 TEST_F(DtlsTransportChannelTest, TestTransferDtls) { | 583 TEST_F(DtlsTransportChannelTest, TestTransferDtls) { |
| 584 MAYBE_SKIP_TEST(HaveDtls); | 584 MAYBE_SKIP_TEST(HaveDtls); |
| 585 PrepareDtls(true, true, rtc::KT_DEFAULT); | 585 PrepareDtls(true, true, rtc::KeyTypeFull()); |
| 586 ASSERT_TRUE(Connect()); | 586 ASSERT_TRUE(Connect()); |
| 587 TestTransfer(0, 1000, 100, false); | 587 TestTransfer(0, 1000, 100, false); |
| 588 } | 588 } |
| 589 | 589 |
| 590 // Create two channels with DTLS, and transfer some data. | 590 // Create two channels with DTLS, and transfer some data. |
| 591 TEST_F(DtlsTransportChannelTest, TestTransferDtlsTwoChannels) { | 591 TEST_F(DtlsTransportChannelTest, TestTransferDtlsTwoChannels) { |
| 592 MAYBE_SKIP_TEST(HaveDtls); | 592 MAYBE_SKIP_TEST(HaveDtls); |
| 593 SetChannelCount(2); | 593 SetChannelCount(2); |
| 594 PrepareDtls(true, true, rtc::KT_DEFAULT); | 594 PrepareDtls(true, true, rtc::KeyTypeFull()); |
| 595 ASSERT_TRUE(Connect()); | 595 ASSERT_TRUE(Connect()); |
| 596 TestTransfer(0, 1000, 100, false); | 596 TestTransfer(0, 1000, 100, false); |
| 597 TestTransfer(1, 1000, 100, false); | 597 TestTransfer(1, 1000, 100, false); |
| 598 } | 598 } |
| 599 | 599 |
| 600 // Connect with A doing DTLS and B not, and transfer some data. | 600 // Connect with A doing DTLS and B not, and transfer some data. |
| 601 TEST_F(DtlsTransportChannelTest, TestTransferDtlsRejected) { | 601 TEST_F(DtlsTransportChannelTest, TestTransferDtlsRejected) { |
| 602 PrepareDtls(true, false, rtc::KT_DEFAULT); | 602 PrepareDtls(true, false, rtc::KeyTypeFull()); |
| 603 ASSERT_TRUE(Connect()); | 603 ASSERT_TRUE(Connect()); |
| 604 TestTransfer(0, 1000, 100, false); | 604 TestTransfer(0, 1000, 100, false); |
| 605 } | 605 } |
| 606 | 606 |
| 607 // Connect with B doing DTLS and A not, and transfer some data. | 607 // Connect with B doing DTLS and A not, and transfer some data. |
| 608 TEST_F(DtlsTransportChannelTest, TestTransferDtlsNotOffered) { | 608 TEST_F(DtlsTransportChannelTest, TestTransferDtlsNotOffered) { |
| 609 PrepareDtls(false, true, rtc::KT_DEFAULT); | 609 PrepareDtls(false, true, rtc::KeyTypeFull()); |
| 610 ASSERT_TRUE(Connect()); | 610 ASSERT_TRUE(Connect()); |
| 611 TestTransfer(0, 1000, 100, false); | 611 TestTransfer(0, 1000, 100, false); |
| 612 } | 612 } |
| 613 | 613 |
| 614 // Create two channels with DTLS 1.0 and check ciphers. | 614 // Create two channels with DTLS 1.0 and check ciphers. |
| 615 TEST_F(DtlsTransportChannelTest, TestDtls12None) { | 615 TEST_F(DtlsTransportChannelTest, TestDtls12None) { |
| 616 MAYBE_SKIP_TEST(HaveDtls); | 616 MAYBE_SKIP_TEST(HaveDtls); |
| 617 SetChannelCount(2); | 617 SetChannelCount(2); |
| 618 PrepareDtls(true, true, rtc::KT_DEFAULT); | 618 PrepareDtls(true, true, rtc::KeyTypeFull()); |
| 619 SetMaxProtocolVersions(rtc::SSL_PROTOCOL_DTLS_10, rtc::SSL_PROTOCOL_DTLS_10); | 619 SetMaxProtocolVersions(rtc::SSL_PROTOCOL_DTLS_10, rtc::SSL_PROTOCOL_DTLS_10); |
| 620 ASSERT_TRUE(Connect()); | 620 ASSERT_TRUE(Connect()); |
| 621 } | 621 } |
| 622 | 622 |
| 623 // Create two channels with DTLS 1.2 and check ciphers. | 623 // Create two channels with DTLS 1.2 and check ciphers. |
| 624 TEST_F(DtlsTransportChannelTest, TestDtls12Both) { | 624 TEST_F(DtlsTransportChannelTest, TestDtls12Both) { |
| 625 MAYBE_SKIP_TEST(HaveDtls); | 625 MAYBE_SKIP_TEST(HaveDtls); |
| 626 SetChannelCount(2); | 626 SetChannelCount(2); |
| 627 PrepareDtls(true, true, rtc::KT_DEFAULT); | 627 PrepareDtls(true, true, rtc::KeyTypeFull()); |
| 628 SetMaxProtocolVersions(rtc::SSL_PROTOCOL_DTLS_12, rtc::SSL_PROTOCOL_DTLS_12); | 628 SetMaxProtocolVersions(rtc::SSL_PROTOCOL_DTLS_12, rtc::SSL_PROTOCOL_DTLS_12); |
| 629 ASSERT_TRUE(Connect()); | 629 ASSERT_TRUE(Connect()); |
| 630 } | 630 } |
| 631 | 631 |
| 632 // Create two channels with DTLS 1.0 / DTLS 1.2 and check ciphers. | 632 // Create two channels with DTLS 1.0 / DTLS 1.2 and check ciphers. |
| 633 TEST_F(DtlsTransportChannelTest, TestDtls12Client1) { | 633 TEST_F(DtlsTransportChannelTest, TestDtls12Client1) { |
| 634 MAYBE_SKIP_TEST(HaveDtls); | 634 MAYBE_SKIP_TEST(HaveDtls); |
| 635 SetChannelCount(2); | 635 SetChannelCount(2); |
| 636 PrepareDtls(true, true, rtc::KT_DEFAULT); | 636 PrepareDtls(true, true, rtc::KeyTypeFull()); |
| 637 SetMaxProtocolVersions(rtc::SSL_PROTOCOL_DTLS_12, rtc::SSL_PROTOCOL_DTLS_10); | 637 SetMaxProtocolVersions(rtc::SSL_PROTOCOL_DTLS_12, rtc::SSL_PROTOCOL_DTLS_10); |
| 638 ASSERT_TRUE(Connect()); | 638 ASSERT_TRUE(Connect()); |
| 639 } | 639 } |
| 640 | 640 |
| 641 // Create two channels with DTLS 1.2 / DTLS 1.0 and check ciphers. | 641 // Create two channels with DTLS 1.2 / DTLS 1.0 and check ciphers. |
| 642 TEST_F(DtlsTransportChannelTest, TestDtls12Client2) { | 642 TEST_F(DtlsTransportChannelTest, TestDtls12Client2) { |
| 643 MAYBE_SKIP_TEST(HaveDtls); | 643 MAYBE_SKIP_TEST(HaveDtls); |
| 644 SetChannelCount(2); | 644 SetChannelCount(2); |
| 645 PrepareDtls(true, true, rtc::KT_DEFAULT); | 645 PrepareDtls(true, true, rtc::KeyTypeFull()); |
| 646 SetMaxProtocolVersions(rtc::SSL_PROTOCOL_DTLS_10, rtc::SSL_PROTOCOL_DTLS_12); | 646 SetMaxProtocolVersions(rtc::SSL_PROTOCOL_DTLS_10, rtc::SSL_PROTOCOL_DTLS_12); |
| 647 ASSERT_TRUE(Connect()); | 647 ASSERT_TRUE(Connect()); |
| 648 } | 648 } |
| 649 | 649 |
| 650 // Connect with DTLS, negotiate DTLS-SRTP, and transfer SRTP using bypass. | 650 // Connect with DTLS, negotiate DTLS-SRTP, and transfer SRTP using bypass. |
| 651 TEST_F(DtlsTransportChannelTest, TestTransferDtlsSrtp) { | 651 TEST_F(DtlsTransportChannelTest, TestTransferDtlsSrtp) { |
| 652 MAYBE_SKIP_TEST(HaveDtlsSrtp); | 652 MAYBE_SKIP_TEST(HaveDtlsSrtp); |
| 653 PrepareDtls(true, true, rtc::KT_DEFAULT); | 653 PrepareDtls(true, true, rtc::KeyTypeFull()); |
| 654 PrepareDtlsSrtp(true, true); | 654 PrepareDtlsSrtp(true, true); |
| 655 ASSERT_TRUE(Connect()); | 655 ASSERT_TRUE(Connect()); |
| 656 TestTransfer(0, 1000, 100, true); | 656 TestTransfer(0, 1000, 100, true); |
| 657 } | 657 } |
| 658 | 658 |
| 659 // Connect with DTLS-SRTP, transfer an invalid SRTP packet, and expects -1 | 659 // Connect with DTLS-SRTP, transfer an invalid SRTP packet, and expects -1 |
| 660 // returned. | 660 // returned. |
| 661 TEST_F(DtlsTransportChannelTest, TestTransferDtlsInvalidSrtpPacket) { | 661 TEST_F(DtlsTransportChannelTest, TestTransferDtlsInvalidSrtpPacket) { |
| 662 MAYBE_SKIP_TEST(HaveDtls); | 662 MAYBE_SKIP_TEST(HaveDtls); |
| 663 PrepareDtls(true, true, rtc::KT_DEFAULT); | 663 PrepareDtls(true, true, rtc::KeyTypeFull()); |
| 664 PrepareDtlsSrtp(true, true); | 664 PrepareDtlsSrtp(true, true); |
| 665 ASSERT_TRUE(Connect()); | 665 ASSERT_TRUE(Connect()); |
| 666 int result = client1_.SendInvalidSrtpPacket(0, 100); | 666 int result = client1_.SendInvalidSrtpPacket(0, 100); |
| 667 ASSERT_EQ(-1, result); | 667 ASSERT_EQ(-1, result); |
| 668 } | 668 } |
| 669 | 669 |
| 670 // Connect with DTLS. A does DTLS-SRTP but B does not. | 670 // Connect with DTLS. A does DTLS-SRTP but B does not. |
| 671 TEST_F(DtlsTransportChannelTest, TestTransferDtlsSrtpRejected) { | 671 TEST_F(DtlsTransportChannelTest, TestTransferDtlsSrtpRejected) { |
| 672 MAYBE_SKIP_TEST(HaveDtlsSrtp); | 672 MAYBE_SKIP_TEST(HaveDtlsSrtp); |
| 673 PrepareDtls(true, true, rtc::KT_DEFAULT); | 673 PrepareDtls(true, true, rtc::KeyTypeFull()); |
| 674 PrepareDtlsSrtp(true, false); | 674 PrepareDtlsSrtp(true, false); |
| 675 ASSERT_TRUE(Connect()); | 675 ASSERT_TRUE(Connect()); |
| 676 } | 676 } |
| 677 | 677 |
| 678 // Connect with DTLS. B does DTLS-SRTP but A does not. | 678 // Connect with DTLS. B does DTLS-SRTP but A does not. |
| 679 TEST_F(DtlsTransportChannelTest, TestTransferDtlsSrtpNotOffered) { | 679 TEST_F(DtlsTransportChannelTest, TestTransferDtlsSrtpNotOffered) { |
| 680 MAYBE_SKIP_TEST(HaveDtlsSrtp); | 680 MAYBE_SKIP_TEST(HaveDtlsSrtp); |
| 681 PrepareDtls(true, true, rtc::KT_DEFAULT); | 681 PrepareDtls(true, true, rtc::KeyTypeFull()); |
| 682 PrepareDtlsSrtp(false, true); | 682 PrepareDtlsSrtp(false, true); |
| 683 ASSERT_TRUE(Connect()); | 683 ASSERT_TRUE(Connect()); |
| 684 } | 684 } |
| 685 | 685 |
| 686 // Create two channels with DTLS, negotiate DTLS-SRTP, and transfer bypass SRTP. | 686 // Create two channels with DTLS, negotiate DTLS-SRTP, and transfer bypass SRTP. |
| 687 TEST_F(DtlsTransportChannelTest, TestTransferDtlsSrtpTwoChannels) { | 687 TEST_F(DtlsTransportChannelTest, TestTransferDtlsSrtpTwoChannels) { |
| 688 MAYBE_SKIP_TEST(HaveDtlsSrtp); | 688 MAYBE_SKIP_TEST(HaveDtlsSrtp); |
| 689 SetChannelCount(2); | 689 SetChannelCount(2); |
| 690 PrepareDtls(true, true, rtc::KT_DEFAULT); | 690 PrepareDtls(true, true, rtc::KeyTypeFull()); |
| 691 PrepareDtlsSrtp(true, true); | 691 PrepareDtlsSrtp(true, true); |
| 692 ASSERT_TRUE(Connect()); | 692 ASSERT_TRUE(Connect()); |
| 693 TestTransfer(0, 1000, 100, true); | 693 TestTransfer(0, 1000, 100, true); |
| 694 TestTransfer(1, 1000, 100, true); | 694 TestTransfer(1, 1000, 100, true); |
| 695 } | 695 } |
| 696 | 696 |
| 697 // Create a single channel with DTLS, and send normal data and SRTP data on it. | 697 // Create a single channel with DTLS, and send normal data and SRTP data on it. |
| 698 TEST_F(DtlsTransportChannelTest, TestTransferDtlsSrtpDemux) { | 698 TEST_F(DtlsTransportChannelTest, TestTransferDtlsSrtpDemux) { |
| 699 MAYBE_SKIP_TEST(HaveDtlsSrtp); | 699 MAYBE_SKIP_TEST(HaveDtlsSrtp); |
| 700 PrepareDtls(true, true, rtc::KT_DEFAULT); | 700 PrepareDtls(true, true, rtc::KeyTypeFull()); |
| 701 PrepareDtlsSrtp(true, true); | 701 PrepareDtlsSrtp(true, true); |
| 702 ASSERT_TRUE(Connect()); | 702 ASSERT_TRUE(Connect()); |
| 703 TestTransfer(0, 1000, 100, false); | 703 TestTransfer(0, 1000, 100, false); |
| 704 TestTransfer(0, 1000, 100, true); | 704 TestTransfer(0, 1000, 100, true); |
| 705 } | 705 } |
| 706 | 706 |
| 707 // Testing when the remote is passive. | 707 // Testing when the remote is passive. |
| 708 TEST_F(DtlsTransportChannelTest, TestTransferDtlsAnswererIsPassive) { | 708 TEST_F(DtlsTransportChannelTest, TestTransferDtlsAnswererIsPassive) { |
| 709 MAYBE_SKIP_TEST(HaveDtlsSrtp); | 709 MAYBE_SKIP_TEST(HaveDtlsSrtp); |
| 710 SetChannelCount(2); | 710 SetChannelCount(2); |
| 711 PrepareDtls(true, true, rtc::KT_DEFAULT); | 711 PrepareDtls(true, true, rtc::KeyTypeFull()); |
| 712 PrepareDtlsSrtp(true, true); | 712 PrepareDtlsSrtp(true, true); |
| 713 ASSERT_TRUE(Connect(cricket::CONNECTIONROLE_ACTPASS, | 713 ASSERT_TRUE(Connect(cricket::CONNECTIONROLE_ACTPASS, |
| 714 cricket::CONNECTIONROLE_PASSIVE)); | 714 cricket::CONNECTIONROLE_PASSIVE)); |
| 715 TestTransfer(0, 1000, 100, true); | 715 TestTransfer(0, 1000, 100, true); |
| 716 TestTransfer(1, 1000, 100, true); | 716 TestTransfer(1, 1000, 100, true); |
| 717 } | 717 } |
| 718 | 718 |
| 719 // Testing with the legacy DTLS client which doesn't use setup attribute. | 719 // Testing with the legacy DTLS client which doesn't use setup attribute. |
| 720 // In this case legacy is the answerer. | 720 // In this case legacy is the answerer. |
| 721 TEST_F(DtlsTransportChannelTest, TestDtlsSetupWithLegacyAsAnswerer) { | 721 TEST_F(DtlsTransportChannelTest, TestDtlsSetupWithLegacyAsAnswerer) { |
| 722 MAYBE_SKIP_TEST(HaveDtlsSrtp); | 722 MAYBE_SKIP_TEST(HaveDtlsSrtp); |
| 723 PrepareDtls(true, true, rtc::KT_DEFAULT); | 723 PrepareDtls(true, true, rtc::KeyTypeFull()); |
| 724 NegotiateWithLegacy(); | 724 NegotiateWithLegacy(); |
| 725 rtc::SSLRole channel1_role; | 725 rtc::SSLRole channel1_role; |
| 726 rtc::SSLRole channel2_role; | 726 rtc::SSLRole channel2_role; |
| 727 EXPECT_TRUE(client1_.transport()->GetSslRole(&channel1_role)); | 727 EXPECT_TRUE(client1_.transport()->GetSslRole(&channel1_role)); |
| 728 EXPECT_TRUE(client2_.transport()->GetSslRole(&channel2_role)); | 728 EXPECT_TRUE(client2_.transport()->GetSslRole(&channel2_role)); |
| 729 EXPECT_EQ(rtc::SSL_SERVER, channel1_role); | 729 EXPECT_EQ(rtc::SSL_SERVER, channel1_role); |
| 730 EXPECT_EQ(rtc::SSL_CLIENT, channel2_role); | 730 EXPECT_EQ(rtc::SSL_CLIENT, channel2_role); |
| 731 } | 731 } |
| 732 | 732 |
| 733 // Testing re offer/answer after the session is estbalished. Roles will be | 733 // Testing re offer/answer after the session is estbalished. Roles will be |
| 734 // kept same as of the previous negotiation. | 734 // kept same as of the previous negotiation. |
| 735 TEST_F(DtlsTransportChannelTest, TestDtlsReOfferFromOfferer) { | 735 TEST_F(DtlsTransportChannelTest, TestDtlsReOfferFromOfferer) { |
| 736 MAYBE_SKIP_TEST(HaveDtlsSrtp); | 736 MAYBE_SKIP_TEST(HaveDtlsSrtp); |
| 737 SetChannelCount(2); | 737 SetChannelCount(2); |
| 738 PrepareDtls(true, true, rtc::KT_DEFAULT); | 738 PrepareDtls(true, true, rtc::KeyTypeFull()); |
| 739 PrepareDtlsSrtp(true, true); | 739 PrepareDtlsSrtp(true, true); |
| 740 // Initial role for client1 is ACTPASS and client2 is ACTIVE. | 740 // Initial role for client1 is ACTPASS and client2 is ACTIVE. |
| 741 ASSERT_TRUE(Connect(cricket::CONNECTIONROLE_ACTPASS, | 741 ASSERT_TRUE(Connect(cricket::CONNECTIONROLE_ACTPASS, |
| 742 cricket::CONNECTIONROLE_ACTIVE)); | 742 cricket::CONNECTIONROLE_ACTIVE)); |
| 743 TestTransfer(0, 1000, 100, true); | 743 TestTransfer(0, 1000, 100, true); |
| 744 TestTransfer(1, 1000, 100, true); | 744 TestTransfer(1, 1000, 100, true); |
| 745 // Using input roles for the re-offer. | 745 // Using input roles for the re-offer. |
| 746 Renegotiate(&client1_, cricket::CONNECTIONROLE_ACTPASS, | 746 Renegotiate(&client1_, cricket::CONNECTIONROLE_ACTPASS, |
| 747 cricket::CONNECTIONROLE_ACTIVE, NF_REOFFER); | 747 cricket::CONNECTIONROLE_ACTIVE, NF_REOFFER); |
| 748 TestTransfer(0, 1000, 100, true); | 748 TestTransfer(0, 1000, 100, true); |
| 749 TestTransfer(1, 1000, 100, true); | 749 TestTransfer(1, 1000, 100, true); |
| 750 } | 750 } |
| 751 | 751 |
| 752 TEST_F(DtlsTransportChannelTest, TestDtlsReOfferFromAnswerer) { | 752 TEST_F(DtlsTransportChannelTest, TestDtlsReOfferFromAnswerer) { |
| 753 MAYBE_SKIP_TEST(HaveDtlsSrtp); | 753 MAYBE_SKIP_TEST(HaveDtlsSrtp); |
| 754 SetChannelCount(2); | 754 SetChannelCount(2); |
| 755 PrepareDtls(true, true, rtc::KT_DEFAULT); | 755 PrepareDtls(true, true, rtc::KeyTypeFull()); |
| 756 PrepareDtlsSrtp(true, true); | 756 PrepareDtlsSrtp(true, true); |
| 757 // Initial role for client1 is ACTPASS and client2 is ACTIVE. | 757 // Initial role for client1 is ACTPASS and client2 is ACTIVE. |
| 758 ASSERT_TRUE(Connect(cricket::CONNECTIONROLE_ACTPASS, | 758 ASSERT_TRUE(Connect(cricket::CONNECTIONROLE_ACTPASS, |
| 759 cricket::CONNECTIONROLE_ACTIVE)); | 759 cricket::CONNECTIONROLE_ACTIVE)); |
| 760 TestTransfer(0, 1000, 100, true); | 760 TestTransfer(0, 1000, 100, true); |
| 761 TestTransfer(1, 1000, 100, true); | 761 TestTransfer(1, 1000, 100, true); |
| 762 // Using input roles for the re-offer. | 762 // Using input roles for the re-offer. |
| 763 Renegotiate(&client2_, cricket::CONNECTIONROLE_PASSIVE, | 763 Renegotiate(&client2_, cricket::CONNECTIONROLE_PASSIVE, |
| 764 cricket::CONNECTIONROLE_ACTPASS, NF_REOFFER); | 764 cricket::CONNECTIONROLE_ACTPASS, NF_REOFFER); |
| 765 TestTransfer(0, 1000, 100, true); | 765 TestTransfer(0, 1000, 100, true); |
| 766 TestTransfer(1, 1000, 100, true); | 766 TestTransfer(1, 1000, 100, true); |
| 767 } | 767 } |
| 768 | 768 |
| 769 // Test that any change in role after the intial setup will result in failure. | 769 // Test that any change in role after the intial setup will result in failure. |
| 770 TEST_F(DtlsTransportChannelTest, TestDtlsRoleReversal) { | 770 TEST_F(DtlsTransportChannelTest, TestDtlsRoleReversal) { |
| 771 MAYBE_SKIP_TEST(HaveDtlsSrtp); | 771 MAYBE_SKIP_TEST(HaveDtlsSrtp); |
| 772 SetChannelCount(2); | 772 SetChannelCount(2); |
| 773 PrepareDtls(true, true, rtc::KT_DEFAULT); | 773 PrepareDtls(true, true, rtc::KeyTypeFull()); |
| 774 PrepareDtlsSrtp(true, true); | 774 PrepareDtlsSrtp(true, true); |
| 775 ASSERT_TRUE(Connect(cricket::CONNECTIONROLE_ACTPASS, | 775 ASSERT_TRUE(Connect(cricket::CONNECTIONROLE_ACTPASS, |
| 776 cricket::CONNECTIONROLE_PASSIVE)); | 776 cricket::CONNECTIONROLE_PASSIVE)); |
| 777 | 777 |
| 778 // Renegotiate from client2 with actpass and client1 as active. | 778 // Renegotiate from client2 with actpass and client1 as active. |
| 779 Renegotiate(&client2_, cricket::CONNECTIONROLE_ACTPASS, | 779 Renegotiate(&client2_, cricket::CONNECTIONROLE_ACTPASS, |
| 780 cricket::CONNECTIONROLE_ACTIVE, | 780 cricket::CONNECTIONROLE_ACTIVE, |
| 781 NF_REOFFER | NF_EXPECT_FAILURE); | 781 NF_REOFFER | NF_EXPECT_FAILURE); |
| 782 } | 782 } |
| 783 | 783 |
| 784 // Test that using different setup attributes which results in similar ssl | 784 // Test that using different setup attributes which results in similar ssl |
| 785 // role as the initial negotiation will result in success. | 785 // role as the initial negotiation will result in success. |
| 786 TEST_F(DtlsTransportChannelTest, TestDtlsReOfferWithDifferentSetupAttr) { | 786 TEST_F(DtlsTransportChannelTest, TestDtlsReOfferWithDifferentSetupAttr) { |
| 787 MAYBE_SKIP_TEST(HaveDtlsSrtp); | 787 MAYBE_SKIP_TEST(HaveDtlsSrtp); |
| 788 SetChannelCount(2); | 788 SetChannelCount(2); |
| 789 PrepareDtls(true, true, rtc::KT_DEFAULT); | 789 PrepareDtls(true, true, rtc::KeyTypeFull()); |
| 790 PrepareDtlsSrtp(true, true); | 790 PrepareDtlsSrtp(true, true); |
| 791 ASSERT_TRUE(Connect(cricket::CONNECTIONROLE_ACTPASS, | 791 ASSERT_TRUE(Connect(cricket::CONNECTIONROLE_ACTPASS, |
| 792 cricket::CONNECTIONROLE_PASSIVE)); | 792 cricket::CONNECTIONROLE_PASSIVE)); |
| 793 // Renegotiate from client2 with actpass and client1 as active. | 793 // Renegotiate from client2 with actpass and client1 as active. |
| 794 Renegotiate(&client2_, cricket::CONNECTIONROLE_ACTIVE, | 794 Renegotiate(&client2_, cricket::CONNECTIONROLE_ACTIVE, |
| 795 cricket::CONNECTIONROLE_ACTPASS, NF_REOFFER); | 795 cricket::CONNECTIONROLE_ACTPASS, NF_REOFFER); |
| 796 TestTransfer(0, 1000, 100, true); | 796 TestTransfer(0, 1000, 100, true); |
| 797 TestTransfer(1, 1000, 100, true); | 797 TestTransfer(1, 1000, 100, true); |
| 798 } | 798 } |
| 799 | 799 |
| 800 // Test that re-negotiation can be started before the clients become connected | 800 // Test that re-negotiation can be started before the clients become connected |
| 801 // in the first negotiation. | 801 // in the first negotiation. |
| 802 TEST_F(DtlsTransportChannelTest, TestRenegotiateBeforeConnect) { | 802 TEST_F(DtlsTransportChannelTest, TestRenegotiateBeforeConnect) { |
| 803 MAYBE_SKIP_TEST(HaveDtlsSrtp); | 803 MAYBE_SKIP_TEST(HaveDtlsSrtp); |
| 804 SetChannelCount(2); | 804 SetChannelCount(2); |
| 805 PrepareDtls(true, true, rtc::KT_DEFAULT); | 805 PrepareDtls(true, true, rtc::KeyTypeFull()); |
| 806 PrepareDtlsSrtp(true, true); | 806 PrepareDtlsSrtp(true, true); |
| 807 Negotiate(); | 807 Negotiate(); |
| 808 | 808 |
| 809 Renegotiate(&client1_, cricket::CONNECTIONROLE_ACTPASS, | 809 Renegotiate(&client1_, cricket::CONNECTIONROLE_ACTPASS, |
| 810 cricket::CONNECTIONROLE_ACTIVE, NF_REOFFER); | 810 cricket::CONNECTIONROLE_ACTIVE, NF_REOFFER); |
| 811 bool rv = client1_.Connect(&client2_); | 811 bool rv = client1_.Connect(&client2_); |
| 812 EXPECT_TRUE(rv); | 812 EXPECT_TRUE(rv); |
| 813 EXPECT_TRUE_WAIT( | 813 EXPECT_TRUE_WAIT( |
| 814 client1_.all_channels_writable() && client2_.all_channels_writable(), | 814 client1_.all_channels_writable() && client2_.all_channels_writable(), |
| 815 10000); | 815 10000); |
| 816 | 816 |
| 817 TestTransfer(0, 1000, 100, true); | 817 TestTransfer(0, 1000, 100, true); |
| 818 TestTransfer(1, 1000, 100, true); | 818 TestTransfer(1, 1000, 100, true); |
| 819 } | 819 } |
| 820 | 820 |
| 821 // Test Certificates state after negotiation but before connection. | 821 // Test Certificates state after negotiation but before connection. |
| 822 TEST_F(DtlsTransportChannelTest, TestCertificatesBeforeConnect) { | 822 TEST_F(DtlsTransportChannelTest, TestCertificatesBeforeConnect) { |
| 823 MAYBE_SKIP_TEST(HaveDtls); | 823 MAYBE_SKIP_TEST(HaveDtls); |
| 824 PrepareDtls(true, true, rtc::KT_DEFAULT); | 824 PrepareDtls(true, true, rtc::KeyTypeFull()); |
| 825 Negotiate(); | 825 Negotiate(); |
| 826 | 826 |
| 827 rtc::scoped_refptr<rtc::RTCCertificate> certificate1; | 827 rtc::scoped_refptr<rtc::RTCCertificate> certificate1; |
| 828 rtc::scoped_refptr<rtc::RTCCertificate> certificate2; | 828 rtc::scoped_refptr<rtc::RTCCertificate> certificate2; |
| 829 rtc::scoped_ptr<rtc::SSLCertificate> remote_cert1; | 829 rtc::scoped_ptr<rtc::SSLCertificate> remote_cert1; |
| 830 rtc::scoped_ptr<rtc::SSLCertificate> remote_cert2; | 830 rtc::scoped_ptr<rtc::SSLCertificate> remote_cert2; |
| 831 | 831 |
| 832 // After negotiation, each side has a distinct local certificate, but still no | 832 // After negotiation, each side has a distinct local certificate, but still no |
| 833 // remote certificate, because connection has not yet occurred. | 833 // remote certificate, because connection has not yet occurred. |
| 834 ASSERT_TRUE(client1_.transport()->GetLocalCertificate(&certificate1)); | 834 ASSERT_TRUE(client1_.transport()->GetLocalCertificate(&certificate1)); |
| 835 ASSERT_TRUE(client2_.transport()->GetLocalCertificate(&certificate2)); | 835 ASSERT_TRUE(client2_.transport()->GetLocalCertificate(&certificate2)); |
| 836 ASSERT_NE(certificate1->ssl_certificate().ToPEMString(), | 836 ASSERT_NE(certificate1->ssl_certificate().ToPEMString(), |
| 837 certificate2->ssl_certificate().ToPEMString()); | 837 certificate2->ssl_certificate().ToPEMString()); |
| 838 ASSERT_FALSE( | 838 ASSERT_FALSE( |
| 839 client1_.transport()->GetRemoteSSLCertificate(remote_cert1.accept())); | 839 client1_.transport()->GetRemoteSSLCertificate(remote_cert1.accept())); |
| 840 ASSERT_FALSE(remote_cert1 != NULL); | 840 ASSERT_FALSE(remote_cert1 != NULL); |
| 841 ASSERT_FALSE( | 841 ASSERT_FALSE( |
| 842 client2_.transport()->GetRemoteSSLCertificate(remote_cert2.accept())); | 842 client2_.transport()->GetRemoteSSLCertificate(remote_cert2.accept())); |
| 843 ASSERT_FALSE(remote_cert2 != NULL); | 843 ASSERT_FALSE(remote_cert2 != NULL); |
| 844 } | 844 } |
| 845 | 845 |
| 846 // Test Certificates state after connection. | 846 // Test Certificates state after connection. |
| 847 TEST_F(DtlsTransportChannelTest, TestCertificatesAfterConnect) { | 847 TEST_F(DtlsTransportChannelTest, TestCertificatesAfterConnect) { |
| 848 MAYBE_SKIP_TEST(HaveDtls); | 848 MAYBE_SKIP_TEST(HaveDtls); |
| 849 PrepareDtls(true, true, rtc::KT_DEFAULT); | 849 PrepareDtls(true, true, rtc::KeyTypeFull()); |
| 850 ASSERT_TRUE(Connect()); | 850 ASSERT_TRUE(Connect()); |
| 851 | 851 |
| 852 rtc::scoped_refptr<rtc::RTCCertificate> certificate1; | 852 rtc::scoped_refptr<rtc::RTCCertificate> certificate1; |
| 853 rtc::scoped_refptr<rtc::RTCCertificate> certificate2; | 853 rtc::scoped_refptr<rtc::RTCCertificate> certificate2; |
| 854 rtc::scoped_ptr<rtc::SSLCertificate> remote_cert1; | 854 rtc::scoped_ptr<rtc::SSLCertificate> remote_cert1; |
| 855 rtc::scoped_ptr<rtc::SSLCertificate> remote_cert2; | 855 rtc::scoped_ptr<rtc::SSLCertificate> remote_cert2; |
| 856 | 856 |
| 857 // After connection, each side has a distinct local certificate. | 857 // After connection, each side has a distinct local certificate. |
| 858 ASSERT_TRUE(client1_.transport()->GetLocalCertificate(&certificate1)); | 858 ASSERT_TRUE(client1_.transport()->GetLocalCertificate(&certificate1)); |
| 859 ASSERT_TRUE(client2_.transport()->GetLocalCertificate(&certificate2)); | 859 ASSERT_TRUE(client2_.transport()->GetLocalCertificate(&certificate2)); |
| 860 ASSERT_NE(certificate1->ssl_certificate().ToPEMString(), | 860 ASSERT_NE(certificate1->ssl_certificate().ToPEMString(), |
| 861 certificate2->ssl_certificate().ToPEMString()); | 861 certificate2->ssl_certificate().ToPEMString()); |
| 862 | 862 |
| 863 // Each side's remote certificate is the other side's local certificate. | 863 // Each side's remote certificate is the other side's local certificate. |
| 864 ASSERT_TRUE( | 864 ASSERT_TRUE( |
| 865 client1_.transport()->GetRemoteSSLCertificate(remote_cert1.accept())); | 865 client1_.transport()->GetRemoteSSLCertificate(remote_cert1.accept())); |
| 866 ASSERT_EQ(remote_cert1->ToPEMString(), | 866 ASSERT_EQ(remote_cert1->ToPEMString(), |
| 867 certificate2->ssl_certificate().ToPEMString()); | 867 certificate2->ssl_certificate().ToPEMString()); |
| 868 ASSERT_TRUE( | 868 ASSERT_TRUE( |
| 869 client2_.transport()->GetRemoteSSLCertificate(remote_cert2.accept())); | 869 client2_.transport()->GetRemoteSSLCertificate(remote_cert2.accept())); |
| 870 ASSERT_EQ(remote_cert2->ToPEMString(), | 870 ASSERT_EQ(remote_cert2->ToPEMString(), |
| 871 certificate1->ssl_certificate().ToPEMString()); | 871 certificate1->ssl_certificate().ToPEMString()); |
| 872 } | 872 } |
| OLD | NEW |
|---|
Chromium Code Reviews
Issue 1329493005:
Provide RSA2048 as per RFC (Closed)
Base URL: https://chromium.googlesource.com/external/webrtc.git@master