| OLD | NEW |
|---|
| 1 /* | 1 /* |
| 2 * Copyright 2011 The WebRTC Project Authors. All rights reserved. | 2 * Copyright 2011 The WebRTC Project Authors. All rights reserved. |
| 3 * | 3 * |
| 4 * Use of this source code is governed by a BSD-style license | 4 * Use of this source code is governed by a BSD-style license |
| 5 * that can be found in the LICENSE file in the root of the source | 5 * that can be found in the LICENSE file in the root of the source |
| 6 * tree. An additional intellectual property rights grant can be found | 6 * tree. An additional intellectual property rights grant can be found |
| 7 * in the file PATENTS. All contributing project authors may | 7 * in the file PATENTS. All contributing project authors may |
| 8 * be found in the AUTHORS file in the root of the source tree. | 8 * be found in the AUTHORS file in the root of the source tree. |
| 9 */ | 9 */ |
| 10 | 10 |
| (...skipping 143 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 154 rtc::FifoBuffer *in_; | 154 rtc::FifoBuffer *in_; |
| 155 rtc::FifoBuffer *out_; | 155 rtc::FifoBuffer *out_; |
| 156 bool first_packet_; | 156 bool first_packet_; |
| 157 }; | 157 }; |
| 158 | 158 |
| 159 static const int kFifoBufferSize = 4096; | 159 static const int kFifoBufferSize = 4096; |
| 160 | 160 |
| 161 class SSLStreamAdapterTestBase : public testing::Test, | 161 class SSLStreamAdapterTestBase : public testing::Test, |
| 162 public sigslot::has_slots<> { | 162 public sigslot::has_slots<> { |
| 163 public: | 163 public: |
| 164 SSLStreamAdapterTestBase(const std::string& client_cert_pem, | 164 SSLStreamAdapterTestBase( |
| 165 const std::string& client_private_key_pem, | 165 const std::string& client_cert_pem, |
| 166 bool dtls, | 166 const std::string& client_private_key_pem, |
| 167 rtc::KeyType client_key_type = rtc::KT_DEFAULT, | 167 bool dtls, |
| 168 rtc::KeyType server_key_type = rtc::KT_DEFAULT) | 168 rtc::KeyParams client_key_type = rtc::KeyParams(rtc::KT_DEFAULT), |
| 169 rtc::KeyParams server_key_type = rtc::KeyParams(rtc::KT_DEFAULT)) |
| 169 : client_buffer_(kFifoBufferSize), | 170 : client_buffer_(kFifoBufferSize), |
| 170 server_buffer_(kFifoBufferSize), | 171 server_buffer_(kFifoBufferSize), |
| 171 client_stream_( | 172 client_stream_( |
| 172 new SSLDummyStream(this, "c2s", &client_buffer_, &server_buffer_)), | 173 new SSLDummyStream(this, "c2s", &client_buffer_, &server_buffer_)), |
| 173 server_stream_( | 174 server_stream_( |
| 174 new SSLDummyStream(this, "s2c", &server_buffer_, &client_buffer_)), | 175 new SSLDummyStream(this, "s2c", &server_buffer_, &client_buffer_)), |
| 175 client_ssl_(rtc::SSLStreamAdapter::Create(client_stream_)), | 176 client_ssl_(rtc::SSLStreamAdapter::Create(client_stream_)), |
| 176 server_ssl_(rtc::SSLStreamAdapter::Create(server_stream_)), | 177 server_ssl_(rtc::SSLStreamAdapter::Create(server_stream_)), |
| 177 client_identity_(NULL), | 178 client_identity_(NULL), |
| 178 server_identity_(NULL), | 179 server_identity_(NULL), |
| (...skipping 38 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 217 server_stream_ = | 218 server_stream_ = |
| 218 new SSLDummyStream(this, "s2c", &server_buffer_, &client_buffer_); | 219 new SSLDummyStream(this, "s2c", &server_buffer_, &client_buffer_); |
| 219 | 220 |
| 220 client_ssl_.reset(rtc::SSLStreamAdapter::Create(client_stream_)); | 221 client_ssl_.reset(rtc::SSLStreamAdapter::Create(client_stream_)); |
| 221 server_ssl_.reset(rtc::SSLStreamAdapter::Create(server_stream_)); | 222 server_ssl_.reset(rtc::SSLStreamAdapter::Create(server_stream_)); |
| 222 | 223 |
| 223 client_ssl_->SignalEvent.connect(this, &SSLStreamAdapterTestBase::OnEvent); | 224 client_ssl_->SignalEvent.connect(this, &SSLStreamAdapterTestBase::OnEvent); |
| 224 server_ssl_->SignalEvent.connect(this, &SSLStreamAdapterTestBase::OnEvent); | 225 server_ssl_->SignalEvent.connect(this, &SSLStreamAdapterTestBase::OnEvent); |
| 225 | 226 |
| 226 rtc::SSLIdentityParams client_params; | 227 rtc::SSLIdentityParams client_params; |
| 228 client_params.key_params = rtc::KeyParams(rtc::KT_DEFAULT); |
| 227 client_params.common_name = "client"; | 229 client_params.common_name = "client"; |
| 228 client_params.not_before = not_before; | 230 client_params.not_before = not_before; |
| 229 client_params.not_after = not_after; | 231 client_params.not_after = not_after; |
| 230 client_params.key_type = rtc::KT_DEFAULT; | |
| 231 client_identity_ = rtc::SSLIdentity::GenerateForTest(client_params); | 232 client_identity_ = rtc::SSLIdentity::GenerateForTest(client_params); |
| 232 | 233 |
| 233 rtc::SSLIdentityParams server_params; | 234 rtc::SSLIdentityParams server_params; |
| 235 server_params.key_params = rtc::KeyParams(rtc::KT_DEFAULT); |
| 234 server_params.common_name = "server"; | 236 server_params.common_name = "server"; |
| 235 server_params.not_before = not_before; | 237 server_params.not_before = not_before; |
| 236 server_params.not_after = not_after; | 238 server_params.not_after = not_after; |
| 237 server_params.key_type = rtc::KT_DEFAULT; | |
| 238 server_identity_ = rtc::SSLIdentity::GenerateForTest(server_params); | 239 server_identity_ = rtc::SSLIdentity::GenerateForTest(server_params); |
| 239 | 240 |
| 240 client_ssl_->SetIdentity(client_identity_); | 241 client_ssl_->SetIdentity(client_identity_); |
| 241 server_ssl_->SetIdentity(server_identity_); | 242 server_ssl_->SetIdentity(server_identity_); |
| 242 } | 243 } |
| 243 | 244 |
| 244 virtual void OnEvent(rtc::StreamInterface *stream, int sig, int err) { | 245 virtual void OnEvent(rtc::StreamInterface *stream, int sig, int err) { |
| 245 LOG(LS_INFO) << "SSLStreamAdapterTestBase::OnEvent sig=" << sig; | 246 LOG(LS_INFO) << "SSLStreamAdapterTestBase::OnEvent sig=" << sig; |
| 246 | 247 |
| 247 if (sig & rtc::SE_READ) { | 248 if (sig & rtc::SE_READ) { |
| (...skipping 207 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 455 int loss_; | 456 int loss_; |
| 456 bool lose_first_packet_; | 457 bool lose_first_packet_; |
| 457 bool damage_; | 458 bool damage_; |
| 458 bool dtls_; | 459 bool dtls_; |
| 459 int handshake_wait_; | 460 int handshake_wait_; |
| 460 bool identities_set_; | 461 bool identities_set_; |
| 461 }; | 462 }; |
| 462 | 463 |
| 463 class SSLStreamAdapterTestTLS | 464 class SSLStreamAdapterTestTLS |
| 464 : public SSLStreamAdapterTestBase, | 465 : public SSLStreamAdapterTestBase, |
| 465 public WithParamInterface<tuple<rtc::KeyType, rtc::KeyType>> { | 466 public WithParamInterface<tuple<rtc::KeyParams, rtc::KeyParams>> { |
| 466 public: | 467 public: |
| 467 SSLStreamAdapterTestTLS() | 468 SSLStreamAdapterTestTLS() |
| 468 : SSLStreamAdapterTestBase("", | 469 : SSLStreamAdapterTestBase("", |
| 469 "", | 470 "", |
| 470 false, | 471 false, |
| 471 ::testing::get<0>(GetParam()), | 472 ::testing::get<0>(GetParam()), |
| 472 ::testing::get<1>(GetParam())){}; | 473 ::testing::get<1>(GetParam())){}; |
| 473 | 474 |
| 474 // Test data transfer for TLS | 475 // Test data transfer for TLS |
| 475 virtual void TestTransfer(int size) { | 476 virtual void TestTransfer(int size) { |
| (...skipping 87 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 563 } | 564 } |
| 564 } | 565 } |
| 565 | 566 |
| 566 private: | 567 private: |
| 567 rtc::MemoryStream send_stream_; | 568 rtc::MemoryStream send_stream_; |
| 568 rtc::MemoryStream recv_stream_; | 569 rtc::MemoryStream recv_stream_; |
| 569 }; | 570 }; |
| 570 | 571 |
| 571 class SSLStreamAdapterTestDTLS | 572 class SSLStreamAdapterTestDTLS |
| 572 : public SSLStreamAdapterTestBase, | 573 : public SSLStreamAdapterTestBase, |
| 573 public WithParamInterface<tuple<rtc::KeyType, rtc::KeyType>> { | 574 public WithParamInterface<tuple<rtc::KeyParams, rtc::KeyParams>> { |
| 574 public: | 575 public: |
| 575 SSLStreamAdapterTestDTLS() | 576 SSLStreamAdapterTestDTLS() |
| 576 : SSLStreamAdapterTestBase("", | 577 : SSLStreamAdapterTestBase("", |
| 577 "", | 578 "", |
| 578 true, | 579 true, |
| 579 ::testing::get<0>(GetParam()), | 580 ::testing::get<0>(GetParam()), |
| 580 ::testing::get<1>(GetParam())), | 581 ::testing::get<1>(GetParam())), |
| 581 packet_size_(1000), | 582 packet_size_(1000), |
| 582 count_(0), | 583 count_(0), |
| 583 sent_(0) {} | 584 sent_(0) {} |
| (...skipping 387 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 971 MAYBE_SKIP_TEST(HaveDtls); | 972 MAYBE_SKIP_TEST(HaveDtls); |
| 972 SetupProtocolVersions(rtc::SSL_PROTOCOL_DTLS_10, rtc::SSL_PROTOCOL_DTLS_10); | 973 SetupProtocolVersions(rtc::SSL_PROTOCOL_DTLS_10, rtc::SSL_PROTOCOL_DTLS_10); |
| 973 TestHandshake(); | 974 TestHandshake(); |
| 974 | 975 |
| 975 int client_cipher; | 976 int client_cipher; |
| 976 ASSERT_TRUE(GetSslCipherSuite(true, &client_cipher)); | 977 ASSERT_TRUE(GetSslCipherSuite(true, &client_cipher)); |
| 977 int server_cipher; | 978 int server_cipher; |
| 978 ASSERT_TRUE(GetSslCipherSuite(false, &server_cipher)); | 979 ASSERT_TRUE(GetSslCipherSuite(false, &server_cipher)); |
| 979 | 980 |
| 980 ASSERT_EQ(client_cipher, server_cipher); | 981 ASSERT_EQ(client_cipher, server_cipher); |
| 981 ASSERT_EQ(rtc::SSLStreamAdapter::GetDefaultSslCipherForTest( | 982 ASSERT_EQ( |
| 982 rtc::SSL_PROTOCOL_DTLS_10, ::testing::get<1>(GetParam())), | 983 rtc::SSLStreamAdapter::GetDefaultSslCipherForTest( |
| 983 server_cipher); | 984 rtc::SSL_PROTOCOL_DTLS_10, ::testing::get<1>(GetParam()).type()), |
| 985 server_cipher); |
| 984 } | 986 } |
| 985 | 987 |
| 986 // Test getting the used DTLS 1.2 ciphers. | 988 // Test getting the used DTLS 1.2 ciphers. |
| 987 // DTLS 1.2 enabled for client and server -> DTLS 1.2 will be used. | 989 // DTLS 1.2 enabled for client and server -> DTLS 1.2 will be used. |
| 988 TEST_P(SSLStreamAdapterTestDTLS, TestGetSslCipherSuiteDtls12Both) { | 990 TEST_P(SSLStreamAdapterTestDTLS, TestGetSslCipherSuiteDtls12Both) { |
| 989 MAYBE_SKIP_TEST(HaveDtls); | 991 MAYBE_SKIP_TEST(HaveDtls); |
| 990 SetupProtocolVersions(rtc::SSL_PROTOCOL_DTLS_12, rtc::SSL_PROTOCOL_DTLS_12); | 992 SetupProtocolVersions(rtc::SSL_PROTOCOL_DTLS_12, rtc::SSL_PROTOCOL_DTLS_12); |
| 991 TestHandshake(); | 993 TestHandshake(); |
| 992 | 994 |
| 993 int client_cipher; | 995 int client_cipher; |
| 994 ASSERT_TRUE(GetSslCipherSuite(true, &client_cipher)); | 996 ASSERT_TRUE(GetSslCipherSuite(true, &client_cipher)); |
| 995 int server_cipher; | 997 int server_cipher; |
| 996 ASSERT_TRUE(GetSslCipherSuite(false, &server_cipher)); | 998 ASSERT_TRUE(GetSslCipherSuite(false, &server_cipher)); |
| 997 | 999 |
| 998 ASSERT_EQ(client_cipher, server_cipher); | 1000 ASSERT_EQ(client_cipher, server_cipher); |
| 999 ASSERT_EQ(rtc::SSLStreamAdapter::GetDefaultSslCipherForTest( | 1001 ASSERT_EQ( |
| 1000 rtc::SSL_PROTOCOL_DTLS_12, ::testing::get<1>(GetParam())), | 1002 rtc::SSLStreamAdapter::GetDefaultSslCipherForTest( |
| 1001 server_cipher); | 1003 rtc::SSL_PROTOCOL_DTLS_12, ::testing::get<1>(GetParam()).type()), |
| 1004 server_cipher); |
| 1002 } | 1005 } |
| 1003 | 1006 |
| 1004 // DTLS 1.2 enabled for client only -> DTLS 1.0 will be used. | 1007 // DTLS 1.2 enabled for client only -> DTLS 1.0 will be used. |
| 1005 TEST_P(SSLStreamAdapterTestDTLS, TestGetSslCipherSuiteDtls12Client) { | 1008 TEST_P(SSLStreamAdapterTestDTLS, TestGetSslCipherSuiteDtls12Client) { |
| 1006 MAYBE_SKIP_TEST(HaveDtls); | 1009 MAYBE_SKIP_TEST(HaveDtls); |
| 1007 SetupProtocolVersions(rtc::SSL_PROTOCOL_DTLS_10, rtc::SSL_PROTOCOL_DTLS_12); | 1010 SetupProtocolVersions(rtc::SSL_PROTOCOL_DTLS_10, rtc::SSL_PROTOCOL_DTLS_12); |
| 1008 TestHandshake(); | 1011 TestHandshake(); |
| 1009 | 1012 |
| 1010 int client_cipher; | 1013 int client_cipher; |
| 1011 ASSERT_TRUE(GetSslCipherSuite(true, &client_cipher)); | 1014 ASSERT_TRUE(GetSslCipherSuite(true, &client_cipher)); |
| 1012 int server_cipher; | 1015 int server_cipher; |
| 1013 ASSERT_TRUE(GetSslCipherSuite(false, &server_cipher)); | 1016 ASSERT_TRUE(GetSslCipherSuite(false, &server_cipher)); |
| 1014 | 1017 |
| 1015 ASSERT_EQ(client_cipher, server_cipher); | 1018 ASSERT_EQ(client_cipher, server_cipher); |
| 1016 ASSERT_EQ(rtc::SSLStreamAdapter::GetDefaultSslCipherForTest( | 1019 ASSERT_EQ( |
| 1017 rtc::SSL_PROTOCOL_DTLS_10, ::testing::get<1>(GetParam())), | 1020 rtc::SSLStreamAdapter::GetDefaultSslCipherForTest( |
| 1018 server_cipher); | 1021 rtc::SSL_PROTOCOL_DTLS_10, ::testing::get<1>(GetParam()).type()), |
| 1022 server_cipher); |
| 1019 } | 1023 } |
| 1020 | 1024 |
| 1021 // DTLS 1.2 enabled for server only -> DTLS 1.0 will be used. | 1025 // DTLS 1.2 enabled for server only -> DTLS 1.0 will be used. |
| 1022 TEST_P(SSLStreamAdapterTestDTLS, TestGetSslCipherSuiteDtls12Server) { | 1026 TEST_P(SSLStreamAdapterTestDTLS, TestGetSslCipherSuiteDtls12Server) { |
| 1023 MAYBE_SKIP_TEST(HaveDtls); | 1027 MAYBE_SKIP_TEST(HaveDtls); |
| 1024 SetupProtocolVersions(rtc::SSL_PROTOCOL_DTLS_12, rtc::SSL_PROTOCOL_DTLS_10); | 1028 SetupProtocolVersions(rtc::SSL_PROTOCOL_DTLS_12, rtc::SSL_PROTOCOL_DTLS_10); |
| 1025 TestHandshake(); | 1029 TestHandshake(); |
| 1026 | 1030 |
| 1027 int client_cipher; | 1031 int client_cipher; |
| 1028 ASSERT_TRUE(GetSslCipherSuite(true, &client_cipher)); | 1032 ASSERT_TRUE(GetSslCipherSuite(true, &client_cipher)); |
| 1029 int server_cipher; | 1033 int server_cipher; |
| 1030 ASSERT_TRUE(GetSslCipherSuite(false, &server_cipher)); | 1034 ASSERT_TRUE(GetSslCipherSuite(false, &server_cipher)); |
| 1031 | 1035 |
| 1032 ASSERT_EQ(client_cipher, server_cipher); | 1036 ASSERT_EQ(client_cipher, server_cipher); |
| 1033 ASSERT_EQ(rtc::SSLStreamAdapter::GetDefaultSslCipherForTest( | 1037 ASSERT_EQ( |
| 1034 rtc::SSL_PROTOCOL_DTLS_10, ::testing::get<1>(GetParam())), | 1038 rtc::SSLStreamAdapter::GetDefaultSslCipherForTest( |
| 1035 server_cipher); | 1039 rtc::SSL_PROTOCOL_DTLS_10, ::testing::get<1>(GetParam()).type()), |
| 1040 server_cipher); |
| 1036 } | 1041 } |
| 1037 | 1042 |
| 1038 INSTANTIATE_TEST_CASE_P(SSLStreamAdapterTestsTLS, | 1043 // The RSA keysizes here might look strange, why not include the RFC's size |
| 1039 SSLStreamAdapterTestTLS, | 1044 // 2048?. The reason is test case slowness; testing two sizes to exercise |
| 1040 Combine(Values(rtc::KT_RSA, rtc::KT_ECDSA), | 1045 // parametrization is sufficient. |
| 1041 Values(rtc::KT_RSA, rtc::KT_ECDSA))); | 1046 INSTANTIATE_TEST_CASE_P( |
| 1042 INSTANTIATE_TEST_CASE_P(SSLStreamAdapterTestsDTLS, | 1047 SSLStreamAdapterTestsTLS, |
| 1043 SSLStreamAdapterTestDTLS, | 1048 SSLStreamAdapterTestTLS, |
| 1044 Combine(Values(rtc::KT_RSA, rtc::KT_ECDSA), | 1049 Combine(Values(rtc::KeyParams::RSA(1024, 65537), |
| 1045 Values(rtc::KT_RSA, rtc::KT_ECDSA))); | 1050 rtc::KeyParams::RSA(1152, 65537), |
| 1051 rtc::KeyParams::ECDSA(rtc::EC_NIST_P256)), |
| 1052 Values(rtc::KeyParams::RSA(1024, 65537), |
| 1053 rtc::KeyParams::RSA(1152, 65537), |
| 1054 rtc::KeyParams::ECDSA(rtc::EC_NIST_P256)))); |
| 1055 INSTANTIATE_TEST_CASE_P( |
| 1056 SSLStreamAdapterTestsDTLS, |
| 1057 SSLStreamAdapterTestDTLS, |
| 1058 Combine(Values(rtc::KeyParams::RSA(1024, 65537), |
| 1059 rtc::KeyParams::RSA(1152, 65537), |
| 1060 rtc::KeyParams::ECDSA(rtc::EC_NIST_P256)), |
| 1061 Values(rtc::KeyParams::RSA(1024, 65537), |
| 1062 rtc::KeyParams::RSA(1152, 65537), |
| 1063 rtc::KeyParams::ECDSA(rtc::EC_NIST_P256)))); |
| OLD | NEW |
|---|
Chromium Code Reviews
Issue 1394223002:
Provide RSA2048 as per RFC (Closed)
Base URL: https://chromium.googlesource.com/external/webrtc.git@master