OLD | NEW |
1 /* | 1 /* |
2 * Copyright 2011 The WebRTC Project Authors. All rights reserved. | 2 * Copyright 2011 The WebRTC Project Authors. All rights reserved. |
3 * | 3 * |
4 * Use of this source code is governed by a BSD-style license | 4 * Use of this source code is governed by a BSD-style license |
5 * that can be found in the LICENSE file in the root of the source | 5 * that can be found in the LICENSE file in the root of the source |
6 * tree. An additional intellectual property rights grant can be found | 6 * tree. An additional intellectual property rights grant can be found |
7 * in the file PATENTS. All contributing project authors may | 7 * in the file PATENTS. All contributing project authors may |
8 * be found in the AUTHORS file in the root of the source tree. | 8 * be found in the AUTHORS file in the root of the source tree. |
9 */ | 9 */ |
10 | 10 |
(...skipping 143 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
154 rtc::FifoBuffer *in_; | 154 rtc::FifoBuffer *in_; |
155 rtc::FifoBuffer *out_; | 155 rtc::FifoBuffer *out_; |
156 bool first_packet_; | 156 bool first_packet_; |
157 }; | 157 }; |
158 | 158 |
159 static const int kFifoBufferSize = 4096; | 159 static const int kFifoBufferSize = 4096; |
160 | 160 |
161 class SSLStreamAdapterTestBase : public testing::Test, | 161 class SSLStreamAdapterTestBase : public testing::Test, |
162 public sigslot::has_slots<> { | 162 public sigslot::has_slots<> { |
163 public: | 163 public: |
164 SSLStreamAdapterTestBase( | 164 SSLStreamAdapterTestBase(const std::string& client_cert_pem, |
165 const std::string& client_cert_pem, | 165 const std::string& client_private_key_pem, |
166 const std::string& client_private_key_pem, | 166 bool dtls, |
167 bool dtls, | 167 rtc::KeyType client_key_type = rtc::KT_DEFAULT, |
168 rtc::KeyParams client_key_type = rtc::KeyParams(rtc::KT_DEFAULT), | 168 rtc::KeyType server_key_type = rtc::KT_DEFAULT) |
169 rtc::KeyParams server_key_type = rtc::KeyParams(rtc::KT_DEFAULT)) | |
170 : client_buffer_(kFifoBufferSize), | 169 : client_buffer_(kFifoBufferSize), |
171 server_buffer_(kFifoBufferSize), | 170 server_buffer_(kFifoBufferSize), |
172 client_stream_( | 171 client_stream_( |
173 new SSLDummyStream(this, "c2s", &client_buffer_, &server_buffer_)), | 172 new SSLDummyStream(this, "c2s", &client_buffer_, &server_buffer_)), |
174 server_stream_( | 173 server_stream_( |
175 new SSLDummyStream(this, "s2c", &server_buffer_, &client_buffer_)), | 174 new SSLDummyStream(this, "s2c", &server_buffer_, &client_buffer_)), |
176 client_ssl_(rtc::SSLStreamAdapter::Create(client_stream_)), | 175 client_ssl_(rtc::SSLStreamAdapter::Create(client_stream_)), |
177 server_ssl_(rtc::SSLStreamAdapter::Create(server_stream_)), | 176 server_ssl_(rtc::SSLStreamAdapter::Create(server_stream_)), |
178 client_identity_(NULL), | 177 client_identity_(NULL), |
179 server_identity_(NULL), | 178 server_identity_(NULL), |
(...skipping 38 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
218 server_stream_ = | 217 server_stream_ = |
219 new SSLDummyStream(this, "s2c", &server_buffer_, &client_buffer_); | 218 new SSLDummyStream(this, "s2c", &server_buffer_, &client_buffer_); |
220 | 219 |
221 client_ssl_.reset(rtc::SSLStreamAdapter::Create(client_stream_)); | 220 client_ssl_.reset(rtc::SSLStreamAdapter::Create(client_stream_)); |
222 server_ssl_.reset(rtc::SSLStreamAdapter::Create(server_stream_)); | 221 server_ssl_.reset(rtc::SSLStreamAdapter::Create(server_stream_)); |
223 | 222 |
224 client_ssl_->SignalEvent.connect(this, &SSLStreamAdapterTestBase::OnEvent); | 223 client_ssl_->SignalEvent.connect(this, &SSLStreamAdapterTestBase::OnEvent); |
225 server_ssl_->SignalEvent.connect(this, &SSLStreamAdapterTestBase::OnEvent); | 224 server_ssl_->SignalEvent.connect(this, &SSLStreamAdapterTestBase::OnEvent); |
226 | 225 |
227 rtc::SSLIdentityParams client_params; | 226 rtc::SSLIdentityParams client_params; |
228 client_params.key_params = rtc::KeyParams(rtc::KT_DEFAULT); | |
229 client_params.common_name = "client"; | 227 client_params.common_name = "client"; |
230 client_params.not_before = not_before; | 228 client_params.not_before = not_before; |
231 client_params.not_after = not_after; | 229 client_params.not_after = not_after; |
| 230 client_params.key_type = rtc::KT_DEFAULT; |
232 client_identity_ = rtc::SSLIdentity::GenerateForTest(client_params); | 231 client_identity_ = rtc::SSLIdentity::GenerateForTest(client_params); |
233 | 232 |
234 rtc::SSLIdentityParams server_params; | 233 rtc::SSLIdentityParams server_params; |
235 server_params.key_params = rtc::KeyParams(rtc::KT_DEFAULT); | |
236 server_params.common_name = "server"; | 234 server_params.common_name = "server"; |
237 server_params.not_before = not_before; | 235 server_params.not_before = not_before; |
238 server_params.not_after = not_after; | 236 server_params.not_after = not_after; |
| 237 server_params.key_type = rtc::KT_DEFAULT; |
239 server_identity_ = rtc::SSLIdentity::GenerateForTest(server_params); | 238 server_identity_ = rtc::SSLIdentity::GenerateForTest(server_params); |
240 | 239 |
241 client_ssl_->SetIdentity(client_identity_); | 240 client_ssl_->SetIdentity(client_identity_); |
242 server_ssl_->SetIdentity(server_identity_); | 241 server_ssl_->SetIdentity(server_identity_); |
243 } | 242 } |
244 | 243 |
245 virtual void OnEvent(rtc::StreamInterface *stream, int sig, int err) { | 244 virtual void OnEvent(rtc::StreamInterface *stream, int sig, int err) { |
246 LOG(LS_INFO) << "SSLStreamAdapterTestBase::OnEvent sig=" << sig; | 245 LOG(LS_INFO) << "SSLStreamAdapterTestBase::OnEvent sig=" << sig; |
247 | 246 |
248 if (sig & rtc::SE_READ) { | 247 if (sig & rtc::SE_READ) { |
(...skipping 207 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
456 int loss_; | 455 int loss_; |
457 bool lose_first_packet_; | 456 bool lose_first_packet_; |
458 bool damage_; | 457 bool damage_; |
459 bool dtls_; | 458 bool dtls_; |
460 int handshake_wait_; | 459 int handshake_wait_; |
461 bool identities_set_; | 460 bool identities_set_; |
462 }; | 461 }; |
463 | 462 |
464 class SSLStreamAdapterTestTLS | 463 class SSLStreamAdapterTestTLS |
465 : public SSLStreamAdapterTestBase, | 464 : public SSLStreamAdapterTestBase, |
466 public WithParamInterface<tuple<rtc::KeyParams, rtc::KeyParams>> { | 465 public WithParamInterface<tuple<rtc::KeyType, rtc::KeyType>> { |
467 public: | 466 public: |
468 SSLStreamAdapterTestTLS() | 467 SSLStreamAdapterTestTLS() |
469 : SSLStreamAdapterTestBase("", | 468 : SSLStreamAdapterTestBase("", |
470 "", | 469 "", |
471 false, | 470 false, |
472 ::testing::get<0>(GetParam()), | 471 ::testing::get<0>(GetParam()), |
473 ::testing::get<1>(GetParam())){}; | 472 ::testing::get<1>(GetParam())){}; |
474 | 473 |
475 // Test data transfer for TLS | 474 // Test data transfer for TLS |
476 virtual void TestTransfer(int size) { | 475 virtual void TestTransfer(int size) { |
(...skipping 87 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
564 } | 563 } |
565 } | 564 } |
566 | 565 |
567 private: | 566 private: |
568 rtc::MemoryStream send_stream_; | 567 rtc::MemoryStream send_stream_; |
569 rtc::MemoryStream recv_stream_; | 568 rtc::MemoryStream recv_stream_; |
570 }; | 569 }; |
571 | 570 |
572 class SSLStreamAdapterTestDTLS | 571 class SSLStreamAdapterTestDTLS |
573 : public SSLStreamAdapterTestBase, | 572 : public SSLStreamAdapterTestBase, |
574 public WithParamInterface<tuple<rtc::KeyParams, rtc::KeyParams>> { | 573 public WithParamInterface<tuple<rtc::KeyType, rtc::KeyType>> { |
575 public: | 574 public: |
576 SSLStreamAdapterTestDTLS() | 575 SSLStreamAdapterTestDTLS() |
577 : SSLStreamAdapterTestBase("", | 576 : SSLStreamAdapterTestBase("", |
578 "", | 577 "", |
579 true, | 578 true, |
580 ::testing::get<0>(GetParam()), | 579 ::testing::get<0>(GetParam()), |
581 ::testing::get<1>(GetParam())), | 580 ::testing::get<1>(GetParam())), |
582 packet_size_(1000), | 581 packet_size_(1000), |
583 count_(0), | 582 count_(0), |
584 sent_(0) {} | 583 sent_(0) {} |
(...skipping 387 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
972 MAYBE_SKIP_TEST(HaveDtls); | 971 MAYBE_SKIP_TEST(HaveDtls); |
973 SetupProtocolVersions(rtc::SSL_PROTOCOL_DTLS_10, rtc::SSL_PROTOCOL_DTLS_10); | 972 SetupProtocolVersions(rtc::SSL_PROTOCOL_DTLS_10, rtc::SSL_PROTOCOL_DTLS_10); |
974 TestHandshake(); | 973 TestHandshake(); |
975 | 974 |
976 int client_cipher; | 975 int client_cipher; |
977 ASSERT_TRUE(GetSslCipherSuite(true, &client_cipher)); | 976 ASSERT_TRUE(GetSslCipherSuite(true, &client_cipher)); |
978 int server_cipher; | 977 int server_cipher; |
979 ASSERT_TRUE(GetSslCipherSuite(false, &server_cipher)); | 978 ASSERT_TRUE(GetSslCipherSuite(false, &server_cipher)); |
980 | 979 |
981 ASSERT_EQ(client_cipher, server_cipher); | 980 ASSERT_EQ(client_cipher, server_cipher); |
982 ASSERT_EQ( | 981 ASSERT_EQ(rtc::SSLStreamAdapter::GetDefaultSslCipherForTest( |
983 rtc::SSLStreamAdapter::GetDefaultSslCipherForTest( | 982 rtc::SSL_PROTOCOL_DTLS_10, ::testing::get<1>(GetParam())), |
984 rtc::SSL_PROTOCOL_DTLS_10, ::testing::get<1>(GetParam()).type()), | 983 server_cipher); |
985 server_cipher); | |
986 } | 984 } |
987 | 985 |
988 // Test getting the used DTLS 1.2 ciphers. | 986 // Test getting the used DTLS 1.2 ciphers. |
989 // DTLS 1.2 enabled for client and server -> DTLS 1.2 will be used. | 987 // DTLS 1.2 enabled for client and server -> DTLS 1.2 will be used. |
990 TEST_P(SSLStreamAdapterTestDTLS, TestGetSslCipherSuiteDtls12Both) { | 988 TEST_P(SSLStreamAdapterTestDTLS, TestGetSslCipherSuiteDtls12Both) { |
991 MAYBE_SKIP_TEST(HaveDtls); | 989 MAYBE_SKIP_TEST(HaveDtls); |
992 SetupProtocolVersions(rtc::SSL_PROTOCOL_DTLS_12, rtc::SSL_PROTOCOL_DTLS_12); | 990 SetupProtocolVersions(rtc::SSL_PROTOCOL_DTLS_12, rtc::SSL_PROTOCOL_DTLS_12); |
993 TestHandshake(); | 991 TestHandshake(); |
994 | 992 |
995 int client_cipher; | 993 int client_cipher; |
996 ASSERT_TRUE(GetSslCipherSuite(true, &client_cipher)); | 994 ASSERT_TRUE(GetSslCipherSuite(true, &client_cipher)); |
997 int server_cipher; | 995 int server_cipher; |
998 ASSERT_TRUE(GetSslCipherSuite(false, &server_cipher)); | 996 ASSERT_TRUE(GetSslCipherSuite(false, &server_cipher)); |
999 | 997 |
1000 ASSERT_EQ(client_cipher, server_cipher); | 998 ASSERT_EQ(client_cipher, server_cipher); |
1001 ASSERT_EQ( | 999 ASSERT_EQ(rtc::SSLStreamAdapter::GetDefaultSslCipherForTest( |
1002 rtc::SSLStreamAdapter::GetDefaultSslCipherForTest( | 1000 rtc::SSL_PROTOCOL_DTLS_12, ::testing::get<1>(GetParam())), |
1003 rtc::SSL_PROTOCOL_DTLS_12, ::testing::get<1>(GetParam()).type()), | 1001 server_cipher); |
1004 server_cipher); | |
1005 } | 1002 } |
1006 | 1003 |
1007 // DTLS 1.2 enabled for client only -> DTLS 1.0 will be used. | 1004 // DTLS 1.2 enabled for client only -> DTLS 1.0 will be used. |
1008 TEST_P(SSLStreamAdapterTestDTLS, TestGetSslCipherSuiteDtls12Client) { | 1005 TEST_P(SSLStreamAdapterTestDTLS, TestGetSslCipherSuiteDtls12Client) { |
1009 MAYBE_SKIP_TEST(HaveDtls); | 1006 MAYBE_SKIP_TEST(HaveDtls); |
1010 SetupProtocolVersions(rtc::SSL_PROTOCOL_DTLS_10, rtc::SSL_PROTOCOL_DTLS_12); | 1007 SetupProtocolVersions(rtc::SSL_PROTOCOL_DTLS_10, rtc::SSL_PROTOCOL_DTLS_12); |
1011 TestHandshake(); | 1008 TestHandshake(); |
1012 | 1009 |
1013 int client_cipher; | 1010 int client_cipher; |
1014 ASSERT_TRUE(GetSslCipherSuite(true, &client_cipher)); | 1011 ASSERT_TRUE(GetSslCipherSuite(true, &client_cipher)); |
1015 int server_cipher; | 1012 int server_cipher; |
1016 ASSERT_TRUE(GetSslCipherSuite(false, &server_cipher)); | 1013 ASSERT_TRUE(GetSslCipherSuite(false, &server_cipher)); |
1017 | 1014 |
1018 ASSERT_EQ(client_cipher, server_cipher); | 1015 ASSERT_EQ(client_cipher, server_cipher); |
1019 ASSERT_EQ( | 1016 ASSERT_EQ(rtc::SSLStreamAdapter::GetDefaultSslCipherForTest( |
1020 rtc::SSLStreamAdapter::GetDefaultSslCipherForTest( | 1017 rtc::SSL_PROTOCOL_DTLS_10, ::testing::get<1>(GetParam())), |
1021 rtc::SSL_PROTOCOL_DTLS_10, ::testing::get<1>(GetParam()).type()), | 1018 server_cipher); |
1022 server_cipher); | |
1023 } | 1019 } |
1024 | 1020 |
1025 // DTLS 1.2 enabled for server only -> DTLS 1.0 will be used. | 1021 // DTLS 1.2 enabled for server only -> DTLS 1.0 will be used. |
1026 TEST_P(SSLStreamAdapterTestDTLS, TestGetSslCipherSuiteDtls12Server) { | 1022 TEST_P(SSLStreamAdapterTestDTLS, TestGetSslCipherSuiteDtls12Server) { |
1027 MAYBE_SKIP_TEST(HaveDtls); | 1023 MAYBE_SKIP_TEST(HaveDtls); |
1028 SetupProtocolVersions(rtc::SSL_PROTOCOL_DTLS_12, rtc::SSL_PROTOCOL_DTLS_10); | 1024 SetupProtocolVersions(rtc::SSL_PROTOCOL_DTLS_12, rtc::SSL_PROTOCOL_DTLS_10); |
1029 TestHandshake(); | 1025 TestHandshake(); |
1030 | 1026 |
1031 int client_cipher; | 1027 int client_cipher; |
1032 ASSERT_TRUE(GetSslCipherSuite(true, &client_cipher)); | 1028 ASSERT_TRUE(GetSslCipherSuite(true, &client_cipher)); |
1033 int server_cipher; | 1029 int server_cipher; |
1034 ASSERT_TRUE(GetSslCipherSuite(false, &server_cipher)); | 1030 ASSERT_TRUE(GetSslCipherSuite(false, &server_cipher)); |
1035 | 1031 |
1036 ASSERT_EQ(client_cipher, server_cipher); | 1032 ASSERT_EQ(client_cipher, server_cipher); |
1037 ASSERT_EQ( | 1033 ASSERT_EQ(rtc::SSLStreamAdapter::GetDefaultSslCipherForTest( |
1038 rtc::SSLStreamAdapter::GetDefaultSslCipherForTest( | 1034 rtc::SSL_PROTOCOL_DTLS_10, ::testing::get<1>(GetParam())), |
1039 rtc::SSL_PROTOCOL_DTLS_10, ::testing::get<1>(GetParam()).type()), | 1035 server_cipher); |
1040 server_cipher); | |
1041 } | 1036 } |
1042 | 1037 |
1043 // The RSA keysizes here might look strange, why not include the RFC's size | 1038 INSTANTIATE_TEST_CASE_P(SSLStreamAdapterTestsTLS, |
1044 // 2048?. The reason is test case slowness; testing two sizes to exercise | 1039 SSLStreamAdapterTestTLS, |
1045 // parametrization is sufficient. | 1040 Combine(Values(rtc::KT_RSA, rtc::KT_ECDSA), |
1046 INSTANTIATE_TEST_CASE_P( | 1041 Values(rtc::KT_RSA, rtc::KT_ECDSA))); |
1047 SSLStreamAdapterTestsTLS, | 1042 INSTANTIATE_TEST_CASE_P(SSLStreamAdapterTestsDTLS, |
1048 SSLStreamAdapterTestTLS, | 1043 SSLStreamAdapterTestDTLS, |
1049 Combine(Values(rtc::KeyParams::RSA(1024, 65537), | 1044 Combine(Values(rtc::KT_RSA, rtc::KT_ECDSA), |
1050 rtc::KeyParams::RSA(1152, 65537), | 1045 Values(rtc::KT_RSA, rtc::KT_ECDSA))); |
1051 rtc::KeyParams::ECDSA(rtc::EC_NIST_P256)), | |
1052 Values(rtc::KeyParams::RSA(1024, 65537), | |
1053 rtc::KeyParams::RSA(1152, 65537), | |
1054 rtc::KeyParams::ECDSA(rtc::EC_NIST_P256)))); | |
1055 INSTANTIATE_TEST_CASE_P( | |
1056 SSLStreamAdapterTestsDTLS, | |
1057 SSLStreamAdapterTestDTLS, | |
1058 Combine(Values(rtc::KeyParams::RSA(1024, 65537), | |
1059 rtc::KeyParams::RSA(1152, 65537), | |
1060 rtc::KeyParams::ECDSA(rtc::EC_NIST_P256)), | |
1061 Values(rtc::KeyParams::RSA(1024, 65537), | |
1062 rtc::KeyParams::RSA(1152, 65537), | |
1063 rtc::KeyParams::ECDSA(rtc::EC_NIST_P256)))); | |
OLD | NEW |