OLD | NEW |
1 /* | 1 /* |
2 * Copyright 2004 The WebRTC project authors. All Rights Reserved. | 2 * Copyright 2004 The WebRTC project authors. All Rights Reserved. |
3 * | 3 * |
4 * Use of this source code is governed by a BSD-style license | 4 * Use of this source code is governed by a BSD-style license |
5 * that can be found in the LICENSE file in the root of the source | 5 * that can be found in the LICENSE file in the root of the source |
6 * tree. An additional intellectual property rights grant can be found | 6 * tree. An additional intellectual property rights grant can be found |
7 * in the file PATENTS. All contributing project authors may | 7 * in the file PATENTS. All contributing project authors may |
8 * be found in the AUTHORS file in the root of the source tree. | 8 * be found in the AUTHORS file in the root of the source tree. |
9 */ | 9 */ |
10 | 10 |
11 #include "webrtc/base/byteorder.h" | 11 #include "webrtc/base/byteorder.h" |
12 #include "webrtc/base/constructormagic.h" | 12 #include "webrtc/base/constructormagic.h" |
13 #include "webrtc/base/gunit.h" | 13 #include "webrtc/base/gunit.h" |
14 #include "webrtc/base/thread.h" | 14 #include "webrtc/base/thread.h" |
15 #include "webrtc/media/base/cryptoparams.h" | 15 #include "webrtc/media/base/cryptoparams.h" |
16 #include "webrtc/media/base/fakertp.h" | 16 #include "webrtc/media/base/fakertp.h" |
17 #include "webrtc/p2p/base/sessiondescription.h" | 17 #include "webrtc/p2p/base/sessiondescription.h" |
18 #include "webrtc/pc/srtpfilter.h" | 18 #include "webrtc/pc/srtpfilter.h" |
19 extern "C" { | 19 extern "C" { |
20 #ifdef SRTP_RELATIVE_PATH | 20 #ifdef SRTP_RELATIVE_PATH |
21 #include "crypto/include/err.h" | 21 #include "crypto/include/err.h" |
22 #else | 22 #else |
23 #include "third_party/libsrtp/srtp/crypto/include/err.h" | 23 #include "third_party/libsrtp/srtp/crypto/include/err.h" |
24 #endif | 24 #endif |
25 } | 25 } |
26 | 26 |
27 using rtc::CS_AES_CM_128_HMAC_SHA1_80; | 27 using rtc::CS_AES_CM_128_HMAC_SHA1_80; |
28 using rtc::CS_AES_CM_128_HMAC_SHA1_32; | 28 using rtc::CS_AES_CM_128_HMAC_SHA1_32; |
| 29 using rtc::CS_AEAD_AES_128_GCM; |
| 30 using rtc::CS_AEAD_AES_256_GCM; |
29 using cricket::CryptoParams; | 31 using cricket::CryptoParams; |
30 using cricket::CS_LOCAL; | 32 using cricket::CS_LOCAL; |
31 using cricket::CS_REMOTE; | 33 using cricket::CS_REMOTE; |
32 | 34 |
33 static const uint8_t kTestKey1[] = "ABCDEFGHIJKLMNOPQRSTUVWXYZ1234"; | 35 static const uint8_t kTestKey1[] = "ABCDEFGHIJKLMNOPQRSTUVWXYZ1234"; |
34 static const uint8_t kTestKey2[] = "4321ZYXWVUTSRQPONMLKJIHGFEDCBA"; | 36 static const uint8_t kTestKey2[] = "4321ZYXWVUTSRQPONMLKJIHGFEDCBA"; |
35 static const int kTestKeyLen = 30; | 37 static const int kTestKeyLen = 30; |
36 static const std::string kTestKeyParams1 = | 38 static const std::string kTestKeyParams1 = |
37 "inline:WVNfX19zZW1jdGwgKCkgewkyMjA7fQp9CnVubGVz"; | 39 "inline:WVNfX19zZW1jdGwgKCkgewkyMjA7fQp9CnVubGVz"; |
38 static const std::string kTestKeyParams2 = | 40 static const std::string kTestKeyParams2 = |
39 "inline:PS1uQCVeeCFCanVmcjkpPywjNWhcYD0mXXtxaVBR"; | 41 "inline:PS1uQCVeeCFCanVmcjkpPywjNWhcYD0mXXtxaVBR"; |
40 static const std::string kTestKeyParams3 = | 42 static const std::string kTestKeyParams3 = |
41 "inline:1234X19zZW1jdGwgKCkgewkyMjA7fQp9CnVubGVz"; | 43 "inline:1234X19zZW1jdGwgKCkgewkyMjA7fQp9CnVubGVz"; |
42 static const std::string kTestKeyParams4 = | 44 static const std::string kTestKeyParams4 = |
43 "inline:4567QCVeeCFCanVmcjkpPywjNWhcYD0mXXtxaVBR"; | 45 "inline:4567QCVeeCFCanVmcjkpPywjNWhcYD0mXXtxaVBR"; |
| 46 static const std::string kTestKeyParamsGcm1 = |
| 47 "inline:e166KFlKzJsGW0d5apX+rrI05vxbrvMJEzFI14aTDCa63IRTlLK4iH66uOI="; |
| 48 static const std::string kTestKeyParamsGcm2 = |
| 49 "inline:6X0oCd55zfz4VgtOwsuqcFq61275PDYN5uwuu3p7ZUHbfUY2FMpdP4m2PEo="; |
| 50 static const std::string kTestKeyParamsGcm3 = |
| 51 "inline:YKlABGZWMgX32xuMotrG0v0T7G83veegaVzubQ=="; |
| 52 static const std::string kTestKeyParamsGcm4 = |
| 53 "inline:gJ6tWoUym2v+/F6xjr7xaxiS3QbJJozl3ZD/0A=="; |
44 static const cricket::CryptoParams kTestCryptoParams1( | 54 static const cricket::CryptoParams kTestCryptoParams1( |
45 1, "AES_CM_128_HMAC_SHA1_80", kTestKeyParams1, ""); | 55 1, "AES_CM_128_HMAC_SHA1_80", kTestKeyParams1, ""); |
46 static const cricket::CryptoParams kTestCryptoParams2( | 56 static const cricket::CryptoParams kTestCryptoParams2( |
47 1, "AES_CM_128_HMAC_SHA1_80", kTestKeyParams2, ""); | 57 1, "AES_CM_128_HMAC_SHA1_80", kTestKeyParams2, ""); |
| 58 static const cricket::CryptoParams kTestCryptoParamsGcm1( |
| 59 1, "AEAD_AES_256_GCM", kTestKeyParamsGcm1, ""); |
| 60 static const cricket::CryptoParams kTestCryptoParamsGcm2( |
| 61 1, "AEAD_AES_256_GCM", kTestKeyParamsGcm2, ""); |
| 62 static const cricket::CryptoParams kTestCryptoParamsGcm3( |
| 63 1, "AEAD_AES_128_GCM", kTestKeyParamsGcm3, ""); |
| 64 static const cricket::CryptoParams kTestCryptoParamsGcm4( |
| 65 1, "AEAD_AES_128_GCM", kTestKeyParamsGcm4, ""); |
48 | 66 |
49 static int rtp_auth_tag_len(const std::string& cs) { | 67 static int rtp_auth_tag_len(const std::string& cs) { |
50 return (cs == CS_AES_CM_128_HMAC_SHA1_32) ? 4 : 10; | 68 return (cs == CS_AES_CM_128_HMAC_SHA1_32) ? 4 : 10; |
51 } | 69 } |
52 static int rtcp_auth_tag_len(const std::string& cs) { | 70 static int rtcp_auth_tag_len(const std::string& cs) { |
53 return 10; | 71 return 10; |
54 } | 72 } |
55 | 73 |
56 class SrtpFilterTest : public testing::Test { | 74 class SrtpFilterTest : public testing::Test { |
57 protected: | 75 protected: |
(...skipping 68 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
126 }; | 144 }; |
127 | 145 |
128 // Test that we can set up the session and keys properly. | 146 // Test that we can set up the session and keys properly. |
129 TEST_F(SrtpFilterTest, TestGoodSetupOneCipherSuite) { | 147 TEST_F(SrtpFilterTest, TestGoodSetupOneCipherSuite) { |
130 EXPECT_TRUE(f1_.SetOffer(MakeVector(kTestCryptoParams1), CS_LOCAL)); | 148 EXPECT_TRUE(f1_.SetOffer(MakeVector(kTestCryptoParams1), CS_LOCAL)); |
131 EXPECT_FALSE(f1_.IsActive()); | 149 EXPECT_FALSE(f1_.IsActive()); |
132 EXPECT_TRUE(f1_.SetAnswer(MakeVector(kTestCryptoParams2), CS_REMOTE)); | 150 EXPECT_TRUE(f1_.SetAnswer(MakeVector(kTestCryptoParams2), CS_REMOTE)); |
133 EXPECT_TRUE(f1_.IsActive()); | 151 EXPECT_TRUE(f1_.IsActive()); |
134 } | 152 } |
135 | 153 |
| 154 TEST_F(SrtpFilterTest, TestGoodSetupOneCipherSuiteGcm) { |
| 155 EXPECT_TRUE(f1_.SetOffer(MakeVector(kTestCryptoParamsGcm1), CS_LOCAL)); |
| 156 EXPECT_FALSE(f1_.IsActive()); |
| 157 EXPECT_TRUE(f1_.SetAnswer(MakeVector(kTestCryptoParamsGcm2), CS_REMOTE)); |
| 158 EXPECT_TRUE(f1_.IsActive()); |
| 159 } |
| 160 |
136 // Test that we can set up things with multiple params. | 161 // Test that we can set up things with multiple params. |
137 TEST_F(SrtpFilterTest, TestGoodSetupMultipleCipherSuites) { | 162 TEST_F(SrtpFilterTest, TestGoodSetupMultipleCipherSuites) { |
138 std::vector<CryptoParams> offer(MakeVector(kTestCryptoParams1)); | 163 std::vector<CryptoParams> offer(MakeVector(kTestCryptoParams1)); |
139 std::vector<CryptoParams> answer(MakeVector(kTestCryptoParams2)); | 164 std::vector<CryptoParams> answer(MakeVector(kTestCryptoParams2)); |
140 offer.push_back(kTestCryptoParams1); | 165 offer.push_back(kTestCryptoParams1); |
141 offer[1].tag = 2; | 166 offer[1].tag = 2; |
142 offer[1].cipher_suite = CS_AES_CM_128_HMAC_SHA1_32; | 167 offer[1].cipher_suite = CS_AES_CM_128_HMAC_SHA1_32; |
143 answer[0].tag = 2; | 168 answer[0].tag = 2; |
144 answer[0].cipher_suite = CS_AES_CM_128_HMAC_SHA1_32; | 169 answer[0].cipher_suite = CS_AES_CM_128_HMAC_SHA1_32; |
145 EXPECT_TRUE(f1_.SetOffer(offer, CS_LOCAL)); | 170 EXPECT_TRUE(f1_.SetOffer(offer, CS_LOCAL)); |
146 EXPECT_FALSE(f1_.IsActive()); | 171 EXPECT_FALSE(f1_.IsActive()); |
147 EXPECT_TRUE(f1_.SetAnswer(answer, CS_REMOTE)); | 172 EXPECT_TRUE(f1_.SetAnswer(answer, CS_REMOTE)); |
148 EXPECT_TRUE(f1_.IsActive()); | 173 EXPECT_TRUE(f1_.IsActive()); |
149 } | 174 } |
150 | 175 |
| 176 TEST_F(SrtpFilterTest, TestGoodSetupMultipleCipherSuitesGcm) { |
| 177 std::vector<CryptoParams> offer(MakeVector(kTestCryptoParamsGcm1)); |
| 178 std::vector<CryptoParams> answer(MakeVector(kTestCryptoParamsGcm3)); |
| 179 offer.push_back(kTestCryptoParamsGcm4); |
| 180 offer[1].tag = 2; |
| 181 answer[0].tag = 2; |
| 182 EXPECT_TRUE(f1_.SetOffer(offer, CS_LOCAL)); |
| 183 EXPECT_FALSE(f1_.IsActive()); |
| 184 EXPECT_TRUE(f1_.SetAnswer(answer, CS_REMOTE)); |
| 185 EXPECT_TRUE(f1_.IsActive()); |
| 186 } |
| 187 |
151 // Test that we handle the cases where crypto is not desired. | 188 // Test that we handle the cases where crypto is not desired. |
152 TEST_F(SrtpFilterTest, TestGoodSetupNoCipherSuites) { | 189 TEST_F(SrtpFilterTest, TestGoodSetupNoCipherSuites) { |
153 std::vector<CryptoParams> offer, answer; | 190 std::vector<CryptoParams> offer, answer; |
154 EXPECT_TRUE(f1_.SetOffer(offer, CS_LOCAL)); | 191 EXPECT_TRUE(f1_.SetOffer(offer, CS_LOCAL)); |
155 EXPECT_TRUE(f1_.SetAnswer(answer, CS_REMOTE)); | 192 EXPECT_TRUE(f1_.SetAnswer(answer, CS_REMOTE)); |
156 EXPECT_FALSE(f1_.IsActive()); | 193 EXPECT_FALSE(f1_.IsActive()); |
157 } | 194 } |
158 | 195 |
159 // Test that we handle the cases where crypto is not desired by the remote side. | 196 // Test that we handle the cases where crypto is not desired by the remote side. |
160 TEST_F(SrtpFilterTest, TestGoodSetupNoAnswerCipherSuites) { | 197 TEST_F(SrtpFilterTest, TestGoodSetupNoAnswerCipherSuites) { |
(...skipping 739 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
900 srtp_stat_.AddUnprotectRtcpResult(err_status_fail); | 937 srtp_stat_.AddUnprotectRtcpResult(err_status_fail); |
901 EXPECT_EQ(-1, mode_); | 938 EXPECT_EQ(-1, mode_); |
902 EXPECT_EQ(cricket::SrtpFilter::ERROR_NONE, error_); | 939 EXPECT_EQ(cricket::SrtpFilter::ERROR_NONE, error_); |
903 // Now the error will be triggered again. | 940 // Now the error will be triggered again. |
904 Reset(); | 941 Reset(); |
905 rtc::Thread::Current()->SleepMs(210); | 942 rtc::Thread::Current()->SleepMs(210); |
906 srtp_stat_.AddUnprotectRtcpResult(err_status_fail); | 943 srtp_stat_.AddUnprotectRtcpResult(err_status_fail); |
907 EXPECT_EQ(cricket::SrtpFilter::UNPROTECT, mode_); | 944 EXPECT_EQ(cricket::SrtpFilter::UNPROTECT, mode_); |
908 EXPECT_EQ(cricket::SrtpFilter::ERROR_FAIL, error_); | 945 EXPECT_EQ(cricket::SrtpFilter::ERROR_FAIL, error_); |
909 } | 946 } |
OLD | NEW |