Add support for GCM cipher suites from RFC 7714.

webrtc/pc/srtpfilter_unittest.cc

 /*
  *  Copyright 2004 The WebRTC project authors. All Rights Reserved.
  *
  *  Use of this source code is governed by a BSD-style license
  *  that can be found in the LICENSE file in the root of the source
  *  tree. An additional intellectual property rights grant can be found
  *  in the file PATENTS.  All contributing project authors may
  *  be found in the AUTHORS file in the root of the source tree.
  */
 
 #include "webrtc/base/byteorder.h"
 #include "webrtc/base/constructormagic.h"
 #include "webrtc/base/gunit.h"
 #include "webrtc/base/thread.h"
 #include "webrtc/media/base/cryptoparams.h"
 #include "webrtc/media/base/fakertp.h"
 #include "webrtc/p2p/base/sessiondescription.h"
 #include "webrtc/pc/srtpfilter.h"
 extern "C" {
 #ifdef SRTP_RELATIVE_PATH
 #include "crypto/include/err.h"
 #else
 #include "third_party/libsrtp/srtp/crypto/include/err.h"
 #endif
 }
 
 using rtc::CS_AES_CM_128_HMAC_SHA1_80;
 using rtc::CS_AES_CM_128_HMAC_SHA1_32;
+using rtc::CS_AEAD_AES_128_GCM;
+using rtc::CS_AEAD_AES_256_GCM;
 using cricket::CryptoParams;
 using cricket::CS_LOCAL;
 using cricket::CS_REMOTE;
 
 static const uint8_t kTestKey1[] = "ABCDEFGHIJKLMNOPQRSTUVWXYZ1234";
 static const uint8_t kTestKey2[] = "4321ZYXWVUTSRQPONMLKJIHGFEDCBA";
 static const int kTestKeyLen = 30;
 static const std::string kTestKeyParams1 =
     "inline:WVNfX19zZW1jdGwgKCkgewkyMjA7fQp9CnVubGVz";
 static const std::string kTestKeyParams2 =
     "inline:PS1uQCVeeCFCanVmcjkpPywjNWhcYD0mXXtxaVBR";
 static const std::string kTestKeyParams3 =
     "inline:1234X19zZW1jdGwgKCkgewkyMjA7fQp9CnVubGVz";
 static const std::string kTestKeyParams4 =
     "inline:4567QCVeeCFCanVmcjkpPywjNWhcYD0mXXtxaVBR";
+static const std::string kTestKeyParamsGcm1 =
+    "inline:e166KFlKzJsGW0d5apX+rrI05vxbrvMJEzFI14aTDCa63IRTlLK4iH66uOI=";
+static const std::string kTestKeyParamsGcm2 =
+    "inline:6X0oCd55zfz4VgtOwsuqcFq61275PDYN5uwuu3p7ZUHbfUY2FMpdP4m2PEo=";
+static const std::string kTestKeyParamsGcm3 =
+    "inline:YKlABGZWMgX32xuMotrG0v0T7G83veegaVzubQ==";
+static const std::string kTestKeyParamsGcm4 =
+    "inline:gJ6tWoUym2v+/F6xjr7xaxiS3QbJJozl3ZD/0A==";
 static const cricket::CryptoParams kTestCryptoParams1(
     1, "AES_CM_128_HMAC_SHA1_80", kTestKeyParams1, "");
 static const cricket::CryptoParams kTestCryptoParams2(
     1, "AES_CM_128_HMAC_SHA1_80", kTestKeyParams2, "");
+static const cricket::CryptoParams kTestCryptoParamsGcm1(
+    1, "AEAD_AES_256_GCM", kTestKeyParamsGcm1, "");
+static const cricket::CryptoParams kTestCryptoParamsGcm2(
+    1, "AEAD_AES_256_GCM", kTestKeyParamsGcm2, "");
+static const cricket::CryptoParams kTestCryptoParamsGcm3(
+    1, "AEAD_AES_128_GCM", kTestKeyParamsGcm3, "");
+static const cricket::CryptoParams kTestCryptoParamsGcm4(
+    1, "AEAD_AES_128_GCM", kTestKeyParamsGcm4, "");
 
 static int rtp_auth_tag_len(const std::string& cs) {
   return (cs == CS_AES_CM_128_HMAC_SHA1_32) ? 4 : 10;
 }
 static int rtcp_auth_tag_len(const std::string& cs) {
   return 10;
 }
 
 class SrtpFilterTest : public testing::Test {
  protected:
@@ skipping 68 matching lines @@
 };
 
 // Test that we can set up the session and keys properly.
 TEST_F(SrtpFilterTest, TestGoodSetupOneCipherSuite) {
   EXPECT_TRUE(f1_.SetOffer(MakeVector(kTestCryptoParams1), CS_LOCAL));
   EXPECT_FALSE(f1_.IsActive());
   EXPECT_TRUE(f1_.SetAnswer(MakeVector(kTestCryptoParams2), CS_REMOTE));
   EXPECT_TRUE(f1_.IsActive());
 }
 
+TEST_F(SrtpFilterTest, TestGoodSetupOneCipherSuiteGcm) {
+  EXPECT_TRUE(f1_.SetOffer(MakeVector(kTestCryptoParamsGcm1), CS_LOCAL));
+  EXPECT_FALSE(f1_.IsActive());
+  EXPECT_TRUE(f1_.SetAnswer(MakeVector(kTestCryptoParamsGcm2), CS_REMOTE));
+  EXPECT_TRUE(f1_.IsActive());
+}
+
 // Test that we can set up things with multiple params.
 TEST_F(SrtpFilterTest, TestGoodSetupMultipleCipherSuites) {
   std::vector<CryptoParams> offer(MakeVector(kTestCryptoParams1));
   std::vector<CryptoParams> answer(MakeVector(kTestCryptoParams2));
   offer.push_back(kTestCryptoParams1);
   offer[1].tag = 2;
   offer[1].cipher_suite = CS_AES_CM_128_HMAC_SHA1_32;
   answer[0].tag = 2;
   answer[0].cipher_suite = CS_AES_CM_128_HMAC_SHA1_32;
   EXPECT_TRUE(f1_.SetOffer(offer, CS_LOCAL));
   EXPECT_FALSE(f1_.IsActive());
   EXPECT_TRUE(f1_.SetAnswer(answer, CS_REMOTE));
   EXPECT_TRUE(f1_.IsActive());
 }
 
+TEST_F(SrtpFilterTest, TestGoodSetupMultipleCipherSuitesGcm) {
+  std::vector<CryptoParams> offer(MakeVector(kTestCryptoParamsGcm1));
+  std::vector<CryptoParams> answer(MakeVector(kTestCryptoParamsGcm3));
+  offer.push_back(kTestCryptoParamsGcm4);
+  offer[1].tag = 2;
+  answer[0].tag = 2;
+  EXPECT_TRUE(f1_.SetOffer(offer, CS_LOCAL));
+  EXPECT_FALSE(f1_.IsActive());
+  EXPECT_TRUE(f1_.SetAnswer(answer, CS_REMOTE));
+  EXPECT_TRUE(f1_.IsActive());
+}
+
 // Test that we handle the cases where crypto is not desired.
 TEST_F(SrtpFilterTest, TestGoodSetupNoCipherSuites) {
   std::vector<CryptoParams> offer, answer;
   EXPECT_TRUE(f1_.SetOffer(offer, CS_LOCAL));
   EXPECT_TRUE(f1_.SetAnswer(answer, CS_REMOTE));
   EXPECT_FALSE(f1_.IsActive());
 }
 
 // Test that we handle the cases where crypto is not desired by the remote side.
 TEST_F(SrtpFilterTest, TestGoodSetupNoAnswerCipherSuites) {
@@ skipping 739 matching lines @@
   srtp_stat_.AddUnprotectRtcpResult(err_status_fail);
   EXPECT_EQ(-1, mode_);
   EXPECT_EQ(cricket::SrtpFilter::ERROR_NONE, error_);
   // Now the error will be triggered again.
   Reset();
   rtc::Thread::Current()->SleepMs(210);
   srtp_stat_.AddUnprotectRtcpResult(err_status_fail);
   EXPECT_EQ(cricket::SrtpFilter::UNPROTECT, mode_);
   EXPECT_EQ(cricket::SrtpFilter::ERROR_FAIL, error_);
 }