Chromium Code Reviews Chromium Code Reviews
Issue 1528843005:
Add support for GCM cipher suites from RFC 7714. (Closed)
Base URL: https://chromium.googlesource.com/external/webrtc.git@master| Index: webrtc/pc/channel_unittest.cc |
| diff --git a/webrtc/pc/channel_unittest.cc b/webrtc/pc/channel_unittest.cc |
| index 6039065e8321b38757834d9ef940d41ae144c113..da4e54c9499dfc9b9633a828ec98748dd51737c0 100644 |
| --- a/webrtc/pc/channel_unittest.cc |
| +++ b/webrtc/pc/channel_unittest.cc |
| @@ -20,6 +20,7 @@ |
| #include "webrtc/base/signalthread.h" |
| #include "webrtc/base/ssladapter.h" |
| #include "webrtc/base/sslidentity.h" |
| +#include "webrtc/base/sslstreamadapter.h" |
| #include "webrtc/base/window.h" |
| #include "webrtc/media/base/fakemediaengine.h" |
| #include "webrtc/media/base/fakertp.h" |
| @@ -111,7 +112,7 @@ template<class T> |
| class ChannelTest : public testing::Test, public sigslot::has_slots<> { |
| public: |
| enum Flags { RTCP = 0x1, RTCP_MUX = 0x2, SECURE = 0x4, SSRC_MUX = 0x8, |
| - DTLS = 0x10 }; |
| + DTLS = 0x10, GCM_CIPHER = 0x20 }; |
| ChannelTest(bool verify_playout, |
| const uint8_t* rtp_data, |
| @@ -139,11 +140,9 @@ class ChannelTest : public testing::Test, public sigslot::has_slots<> { |
| media_channel1_ = ch1; |
| media_channel2_ = ch2; |
| channel1_.reset(CreateChannel(thread, &media_engine_, ch1, |
| - &transport_controller1_, |
| - (flags1 & RTCP) != 0)); |
| + &transport_controller1_, flags1)); |
| channel2_.reset(CreateChannel(thread, &media_engine_, ch2, |
| - &transport_controller2_, |
| - (flags2 & RTCP) != 0)); |
| + &transport_controller2_, flags2)); |
| channel1_->SignalMediaMonitor.connect( |
| this, &ChannelTest<T>::OnMediaMonitor); |
| channel2_->SignalMediaMonitor.connect( |
| @@ -191,9 +190,13 @@ class ChannelTest : public testing::Test, public sigslot::has_slots<> { |
| cricket::MediaEngineInterface* engine, |
| typename T::MediaChannel* ch, |
| cricket::TransportController* transport_controller, |
| - bool rtcp) { |
| + int flags) { |
| typename T::Channel* channel = new typename T::Channel( |
| - thread, engine, ch, transport_controller, cricket::CN_AUDIO, rtcp); |
| + thread, engine, ch, transport_controller, cricket::CN_AUDIO, |
| + (flags & RTCP) != 0); |
| + rtc::CryptoOptions crypto_options; |
| + crypto_options.enable_gcm_crypto_suites = (flags & GCM_CIPHER) != 0; |
| + channel->SetCryptoOptions(crypto_options); |
| if (!channel->Init()) { |
| delete channel; |
| channel = NULL; |
| @@ -383,6 +386,19 @@ class ChannelTest : public testing::Test, public sigslot::has_slots<> { |
| bool CheckNoRtcp2() { |
| return media_channel2_->CheckNoRtcp(); |
| } |
| + bool CheckGcmCipher(typename T::Channel* channel, int flags) { |
|
mattdr
2016/05/06 22:34:14
A quick comment might be useful:
// Checks that th
joachim
2016/05/09 23:21:40
Done.
|
| + int suite; |
| + if (!channel->transport_channel()->GetSrtpCryptoSuite(&suite)) { |
| + return false; |
| + } |
| + |
| + if (flags & GCM_CIPHER) { |
| + return rtc::IsGcmCryptoSuite(suite); |
| + } else { |
| + return (suite != rtc::SRTP_INVALID_CRYPTO_SUITE && |
| + !rtc::IsGcmCryptoSuite(suite)); |
| + } |
| + } |
| void CreateContent(int flags, |
| const cricket::AudioCodec& audio_codec, |
| @@ -1309,8 +1325,8 @@ class ChannelTest : public testing::Test, public sigslot::has_slots<> { |
| // Test that we properly send SRTP with RTCP in both directions. |
| // You can pass in DTLS and/or RTCP_MUX as flags. |
| void SendSrtpToSrtp(int flags1_in = 0, int flags2_in = 0) { |
| - ASSERT((flags1_in & ~(RTCP_MUX | DTLS)) == 0); |
| - ASSERT((flags2_in & ~(RTCP_MUX | DTLS)) == 0); |
| + ASSERT((flags1_in & ~(RTCP_MUX | DTLS | GCM_CIPHER)) == 0); |
| + ASSERT((flags2_in & ~(RTCP_MUX | DTLS | GCM_CIPHER)) == 0); |
| int flags1 = RTCP | SECURE | flags1_in; |
| int flags2 = RTCP | SECURE | flags2_in; |
| @@ -1327,6 +1343,14 @@ class ChannelTest : public testing::Test, public sigslot::has_slots<> { |
| EXPECT_TRUE(channel2_->secure()); |
| EXPECT_EQ(dtls1 && dtls2, channel1_->secure_dtls()); |
| EXPECT_EQ(dtls1 && dtls2, channel2_->secure_dtls()); |
| + // We can only query the negotiated cipher suite for DTLS-SRTP transport |
| + // channels. |
| + if (dtls1 && dtls2) { |
| + // A GCM cipher is only used if both channels support GCM ciphers. |
| + int common_gcm_flags = (flags1 & GCM_CIPHER) & (flags2 & GCM_CIPHER); |
|
mattdr
2016/05/06 22:34:14
flags1 & flags2 & GCM_CIPHER
joachim
2016/05/09 23:21:40
Done.
|
| + EXPECT_TRUE(CheckGcmCipher(channel1_.get(), common_gcm_flags)); |
| + EXPECT_TRUE(CheckGcmCipher(channel2_.get(), common_gcm_flags)); |
| + } |
| EXPECT_TRUE(SendRtp1()); |
| EXPECT_TRUE(SendRtp2()); |
| EXPECT_TRUE(SendRtcp1()); |
| @@ -1973,9 +1997,13 @@ cricket::VideoChannel* ChannelTest<VideoTraits>::CreateChannel( |
| cricket::MediaEngineInterface* engine, |
| cricket::FakeVideoMediaChannel* ch, |
| cricket::TransportController* transport_controller, |
| - bool rtcp) { |
| + int flags) { |
| cricket::VideoChannel* channel = new cricket::VideoChannel( |
| - thread, ch, transport_controller, cricket::CN_VIDEO, rtcp); |
| + thread, ch, transport_controller, cricket::CN_VIDEO, |
| + (flags & RTCP) != 0); |
| + rtc::CryptoOptions crypto_options; |
| + crypto_options.enable_gcm_crypto_suites = (flags & GCM_CIPHER) != 0; |
| + channel->SetCryptoOptions(crypto_options); |
| if (!channel->Init()) { |
| delete channel; |
| channel = NULL; |
| @@ -2198,6 +2226,21 @@ TEST_F(VoiceChannelTest, SendDtlsSrtpToDtlsSrtp) { |
| Base::SendSrtpToSrtp(DTLS, DTLS); |
| } |
| +TEST_F(VoiceChannelTest, SendDtlsSrtpToDtlsSrtpGcmBoth) { |
| + MAYBE_SKIP_TEST(HaveDtlsSrtp); |
| + Base::SendSrtpToSrtp(DTLS | GCM_CIPHER, DTLS | GCM_CIPHER); |
| +} |
| + |
| +TEST_F(VoiceChannelTest, SendDtlsSrtpToDtlsSrtpGcmOne) { |
| + MAYBE_SKIP_TEST(HaveDtlsSrtp); |
| + Base::SendSrtpToSrtp(DTLS | GCM_CIPHER, DTLS); |
| +} |
| + |
| +TEST_F(VoiceChannelTest, SendDtlsSrtpToDtlsSrtpGcmTwo) { |
| + MAYBE_SKIP_TEST(HaveDtlsSrtp); |
| + Base::SendSrtpToSrtp(DTLS, DTLS | GCM_CIPHER); |
| +} |
| + |
| TEST_F(VoiceChannelTest, SendDtlsSrtpToDtlsSrtpRtcpMux) { |
| MAYBE_SKIP_TEST(HaveDtlsSrtp); |
| Base::SendSrtpToSrtp(DTLS | RTCP_MUX, DTLS | RTCP_MUX); |
| @@ -2516,6 +2559,21 @@ TEST_F(VideoChannelTest, SendDtlsSrtpToDtlsSrtp) { |
| Base::SendSrtpToSrtp(DTLS, DTLS); |
| } |
| +TEST_F(VideoChannelTest, SendDtlsSrtpToDtlsSrtpGcmBoth) { |
| + MAYBE_SKIP_TEST(HaveDtlsSrtp); |
| + Base::SendSrtpToSrtp(DTLS | GCM_CIPHER, DTLS | GCM_CIPHER); |
| +} |
| + |
| +TEST_F(VideoChannelTest, SendDtlsSrtpToDtlsSrtpGcmOne) { |
| + MAYBE_SKIP_TEST(HaveDtlsSrtp); |
| + Base::SendSrtpToSrtp(DTLS | GCM_CIPHER, DTLS); |
| +} |
| + |
| +TEST_F(VideoChannelTest, SendDtlsSrtpToDtlsSrtpGcmTwo) { |
| + MAYBE_SKIP_TEST(HaveDtlsSrtp); |
| + Base::SendSrtpToSrtp(DTLS, DTLS | GCM_CIPHER); |
| +} |
| + |
| TEST_F(VideoChannelTest, SendDtlsSrtpToDtlsSrtpRtcpMux) { |
| MAYBE_SKIP_TEST(HaveDtlsSrtp); |
| Base::SendSrtpToSrtp(DTLS | RTCP_MUX, DTLS | RTCP_MUX); |
| @@ -2627,9 +2685,13 @@ cricket::DataChannel* ChannelTest<DataTraits>::CreateChannel( |
| cricket::MediaEngineInterface* engine, |
| cricket::FakeDataMediaChannel* ch, |
| cricket::TransportController* transport_controller, |
| - bool rtcp) { |
| + int flags) { |
| cricket::DataChannel* channel = new cricket::DataChannel( |
| - thread, ch, transport_controller, cricket::CN_DATA, rtcp); |
| + thread, ch, transport_controller, cricket::CN_DATA, |
| + (flags & RTCP) != 0); |
| + rtc::CryptoOptions crypto_options; |
| + crypto_options.enable_gcm_crypto_suites = (flags & GCM_CIPHER) != 0; |
| + channel->SetCryptoOptions(crypto_options); |
| if (!channel->Init()) { |
| delete channel; |
| channel = NULL; |
