OLD | NEW |
1 /* | 1 /* |
2 * Copyright 2011 The WebRTC Project Authors. All rights reserved. | 2 * Copyright 2011 The WebRTC Project Authors. All rights reserved. |
3 * | 3 * |
4 * Use of this source code is governed by a BSD-style license | 4 * Use of this source code is governed by a BSD-style license |
5 * that can be found in the LICENSE file in the root of the source | 5 * that can be found in the LICENSE file in the root of the source |
6 * tree. An additional intellectual property rights grant can be found | 6 * tree. An additional intellectual property rights grant can be found |
7 * in the file PATENTS. All contributing project authors may | 7 * in the file PATENTS. All contributing project authors may |
8 * be found in the AUTHORS file in the root of the source tree. | 8 * be found in the AUTHORS file in the root of the source tree. |
9 */ | 9 */ |
10 | 10 |
(...skipping 929 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
940 | 940 |
941 int client_cipher; | 941 int client_cipher; |
942 ASSERT_TRUE(GetDtlsSrtpCryptoSuite(true, &client_cipher)); | 942 ASSERT_TRUE(GetDtlsSrtpCryptoSuite(true, &client_cipher)); |
943 int server_cipher; | 943 int server_cipher; |
944 ASSERT_TRUE(GetDtlsSrtpCryptoSuite(false, &server_cipher)); | 944 ASSERT_TRUE(GetDtlsSrtpCryptoSuite(false, &server_cipher)); |
945 | 945 |
946 ASSERT_EQ(client_cipher, server_cipher); | 946 ASSERT_EQ(client_cipher, server_cipher); |
947 ASSERT_EQ(client_cipher, rtc::SRTP_AES128_CM_SHA1_32); | 947 ASSERT_EQ(client_cipher, rtc::SRTP_AES128_CM_SHA1_32); |
948 }; | 948 }; |
949 | 949 |
950 | |
951 // Test DTLS-SRTP with a mismatch -- should not converge | 950 // Test DTLS-SRTP with a mismatch -- should not converge |
952 TEST_P(SSLStreamAdapterTestDTLS, TestDTLSSrtpHighLow) { | 951 TEST_P(SSLStreamAdapterTestDTLS, TestDTLSSrtpHighLow) { |
953 MAYBE_SKIP_TEST(HaveDtlsSrtp); | 952 MAYBE_SKIP_TEST(HaveDtlsSrtp); |
954 std::vector<int> high; | 953 std::vector<int> high; |
955 high.push_back(rtc::SRTP_AES128_CM_SHA1_80); | 954 high.push_back(rtc::SRTP_AES128_CM_SHA1_80); |
956 std::vector<int> low; | 955 std::vector<int> low; |
957 low.push_back(rtc::SRTP_AES128_CM_SHA1_32); | 956 low.push_back(rtc::SRTP_AES128_CM_SHA1_32); |
958 SetDtlsSrtpCryptoSuites(high, true); | 957 SetDtlsSrtpCryptoSuites(high, true); |
959 SetDtlsSrtpCryptoSuites(low, false); | 958 SetDtlsSrtpCryptoSuites(low, false); |
960 TestHandshake(); | 959 TestHandshake(); |
(...skipping 16 matching lines...) Expand all Loading... |
977 | 976 |
978 int client_cipher; | 977 int client_cipher; |
979 ASSERT_TRUE(GetDtlsSrtpCryptoSuite(true, &client_cipher)); | 978 ASSERT_TRUE(GetDtlsSrtpCryptoSuite(true, &client_cipher)); |
980 int server_cipher; | 979 int server_cipher; |
981 ASSERT_TRUE(GetDtlsSrtpCryptoSuite(false, &server_cipher)); | 980 ASSERT_TRUE(GetDtlsSrtpCryptoSuite(false, &server_cipher)); |
982 | 981 |
983 ASSERT_EQ(client_cipher, server_cipher); | 982 ASSERT_EQ(client_cipher, server_cipher); |
984 ASSERT_EQ(client_cipher, rtc::SRTP_AES128_CM_SHA1_80); | 983 ASSERT_EQ(client_cipher, rtc::SRTP_AES128_CM_SHA1_80); |
985 }; | 984 }; |
986 | 985 |
| 986 // Test DTLS-SRTP with all GCM-128 ciphers. |
| 987 TEST_P(SSLStreamAdapterTestDTLS, TestDTLSSrtpGCM128) { |
| 988 MAYBE_SKIP_TEST(HaveDtlsSrtp); |
| 989 std::vector<int> gcm128; |
| 990 gcm128.push_back(rtc::SRTP_AEAD_AES_128_GCM); |
| 991 SetDtlsSrtpCryptoSuites(gcm128, true); |
| 992 SetDtlsSrtpCryptoSuites(gcm128, false); |
| 993 TestHandshake(); |
| 994 |
| 995 int client_cipher; |
| 996 ASSERT_TRUE(GetDtlsSrtpCryptoSuite(true, &client_cipher)); |
| 997 int server_cipher; |
| 998 ASSERT_TRUE(GetDtlsSrtpCryptoSuite(false, &server_cipher)); |
| 999 |
| 1000 ASSERT_EQ(client_cipher, server_cipher); |
| 1001 ASSERT_EQ(client_cipher, rtc::SRTP_AEAD_AES_128_GCM); |
| 1002 }; |
| 1003 |
| 1004 // Test DTLS-SRTP with all GCM-256 ciphers. |
| 1005 TEST_P(SSLStreamAdapterTestDTLS, TestDTLSSrtpGCM256) { |
| 1006 MAYBE_SKIP_TEST(HaveDtlsSrtp); |
| 1007 std::vector<int> gcm256; |
| 1008 gcm256.push_back(rtc::SRTP_AEAD_AES_256_GCM); |
| 1009 SetDtlsSrtpCryptoSuites(gcm256, true); |
| 1010 SetDtlsSrtpCryptoSuites(gcm256, false); |
| 1011 TestHandshake(); |
| 1012 |
| 1013 int client_cipher; |
| 1014 ASSERT_TRUE(GetDtlsSrtpCryptoSuite(true, &client_cipher)); |
| 1015 int server_cipher; |
| 1016 ASSERT_TRUE(GetDtlsSrtpCryptoSuite(false, &server_cipher)); |
| 1017 |
| 1018 ASSERT_EQ(client_cipher, server_cipher); |
| 1019 ASSERT_EQ(client_cipher, rtc::SRTP_AEAD_AES_256_GCM); |
| 1020 }; |
| 1021 |
| 1022 // Test DTLS-SRTP with mixed GCM-128/-256 ciphers -- should not converge. |
| 1023 TEST_P(SSLStreamAdapterTestDTLS, TestDTLSSrtpGCMMismatch) { |
| 1024 MAYBE_SKIP_TEST(HaveDtlsSrtp); |
| 1025 std::vector<int> gcm128; |
| 1026 gcm128.push_back(rtc::SRTP_AEAD_AES_128_GCM); |
| 1027 std::vector<int> gcm256; |
| 1028 gcm256.push_back(rtc::SRTP_AEAD_AES_256_GCM); |
| 1029 SetDtlsSrtpCryptoSuites(gcm128, true); |
| 1030 SetDtlsSrtpCryptoSuites(gcm256, false); |
| 1031 TestHandshake(); |
| 1032 |
| 1033 int client_cipher; |
| 1034 ASSERT_FALSE(GetDtlsSrtpCryptoSuite(true, &client_cipher)); |
| 1035 int server_cipher; |
| 1036 ASSERT_FALSE(GetDtlsSrtpCryptoSuite(false, &server_cipher)); |
| 1037 }; |
| 1038 |
| 1039 // Test DTLS-SRTP with both GCM-128/-256 ciphers -- should select GCM-256. |
| 1040 TEST_P(SSLStreamAdapterTestDTLS, TestDTLSSrtpGCMMixed) { |
| 1041 MAYBE_SKIP_TEST(HaveDtlsSrtp); |
| 1042 std::vector<int> gcmBoth; |
| 1043 gcmBoth.push_back(rtc::SRTP_AEAD_AES_256_GCM); |
| 1044 gcmBoth.push_back(rtc::SRTP_AEAD_AES_128_GCM); |
| 1045 SetDtlsSrtpCryptoSuites(gcmBoth, true); |
| 1046 SetDtlsSrtpCryptoSuites(gcmBoth, false); |
| 1047 TestHandshake(); |
| 1048 |
| 1049 int client_cipher; |
| 1050 ASSERT_TRUE(GetDtlsSrtpCryptoSuite(true, &client_cipher)); |
| 1051 int server_cipher; |
| 1052 ASSERT_TRUE(GetDtlsSrtpCryptoSuite(false, &server_cipher)); |
| 1053 |
| 1054 ASSERT_EQ(client_cipher, server_cipher); |
| 1055 ASSERT_EQ(client_cipher, rtc::SRTP_AEAD_AES_256_GCM); |
| 1056 }; |
| 1057 |
| 1058 // Test SRTP cipher suite lengths. |
| 1059 TEST_P(SSLStreamAdapterTestDTLS, TestDTLSSrtpKeyAndSaltLengths) { |
| 1060 int key_len; |
| 1061 int salt_len; |
| 1062 |
| 1063 ASSERT_FALSE(rtc::GetSrtpKeyAndSaltLengths( |
| 1064 rtc::SRTP_INVALID_CRYPTO_SUITE, &key_len, &salt_len)); |
| 1065 |
| 1066 ASSERT_TRUE(rtc::GetSrtpKeyAndSaltLengths( |
| 1067 rtc::SRTP_AES128_CM_SHA1_32, &key_len, &salt_len)); |
| 1068 ASSERT_EQ(128/8, key_len); |
| 1069 ASSERT_EQ(112/8, salt_len); |
| 1070 |
| 1071 ASSERT_TRUE(rtc::GetSrtpKeyAndSaltLengths( |
| 1072 rtc::SRTP_AES128_CM_SHA1_80, &key_len, &salt_len)); |
| 1073 ASSERT_EQ(128/8, key_len); |
| 1074 ASSERT_EQ(112/8, salt_len); |
| 1075 |
| 1076 ASSERT_TRUE(rtc::GetSrtpKeyAndSaltLengths( |
| 1077 rtc::SRTP_AEAD_AES_128_GCM, &key_len, &salt_len)); |
| 1078 ASSERT_EQ(128/8, key_len); |
| 1079 ASSERT_EQ(96/8, salt_len); |
| 1080 |
| 1081 ASSERT_TRUE(rtc::GetSrtpKeyAndSaltLengths( |
| 1082 rtc::SRTP_AEAD_AES_256_GCM, &key_len, &salt_len)); |
| 1083 ASSERT_EQ(256/8, key_len); |
| 1084 ASSERT_EQ(96/8, salt_len); |
| 1085 }; |
| 1086 |
987 // Test an exporter | 1087 // Test an exporter |
988 TEST_P(SSLStreamAdapterTestDTLS, TestDTLSExporter) { | 1088 TEST_P(SSLStreamAdapterTestDTLS, TestDTLSExporter) { |
989 MAYBE_SKIP_TEST(HaveExporter); | 1089 MAYBE_SKIP_TEST(HaveExporter); |
990 TestHandshake(); | 1090 TestHandshake(); |
991 unsigned char client_out[20]; | 1091 unsigned char client_out[20]; |
992 unsigned char server_out[20]; | 1092 unsigned char server_out[20]; |
993 | 1093 |
994 bool result; | 1094 bool result; |
995 result = ExportKeyingMaterial(kExporterLabel, | 1095 result = ExportKeyingMaterial(kExporterLabel, |
996 kExporterContext, kExporterContextLen, | 1096 kExporterContext, kExporterContextLen, |
(...skipping 161 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
1158 rtc::KeyParams::ECDSA(rtc::EC_NIST_P256)))); | 1258 rtc::KeyParams::ECDSA(rtc::EC_NIST_P256)))); |
1159 INSTANTIATE_TEST_CASE_P( | 1259 INSTANTIATE_TEST_CASE_P( |
1160 SSLStreamAdapterTestsDTLS, | 1260 SSLStreamAdapterTestsDTLS, |
1161 SSLStreamAdapterTestDTLS, | 1261 SSLStreamAdapterTestDTLS, |
1162 Combine(Values(rtc::KeyParams::RSA(1024, 65537), | 1262 Combine(Values(rtc::KeyParams::RSA(1024, 65537), |
1163 rtc::KeyParams::RSA(1152, 65537), | 1263 rtc::KeyParams::RSA(1152, 65537), |
1164 rtc::KeyParams::ECDSA(rtc::EC_NIST_P256)), | 1264 rtc::KeyParams::ECDSA(rtc::EC_NIST_P256)), |
1165 Values(rtc::KeyParams::RSA(1024, 65537), | 1265 Values(rtc::KeyParams::RSA(1024, 65537), |
1166 rtc::KeyParams::RSA(1152, 65537), | 1266 rtc::KeyParams::RSA(1152, 65537), |
1167 rtc::KeyParams::ECDSA(rtc::EC_NIST_P256)))); | 1267 rtc::KeyParams::ECDSA(rtc::EC_NIST_P256)))); |
OLD | NEW |