Add support for GCM cipher suites from RFC 7714.

talk/app/webrtc/peerconnection_unittest.cc

Index: talk/app/webrtc/peerconnection_unittest.cc
diff --git a/talk/app/webrtc/peerconnection_unittest.cc b/talk/app/webrtc/peerconnection_unittest.cc
index 605e1a5e1f91f83701f17a8cd3e6a63c9a5bd1a7..00da6890cff2566042d0cdde50e475f2a45234ae 100644
--- a/talk/app/webrtc/peerconnection_unittest.cc
+++ b/talk/app/webrtc/peerconnection_unittest.cc
@@ -115,6 +115,7 @@ static const char kDataChannelLabel[] = "data_channel";
 // SRTP cipher name negotiated by the tests. This must be updated if the
 // default changes.
 static const int kDefaultSrtpCryptoSuite = rtc::SRTP_AES128_CM_SHA1_32;
+static const int kDefaultSrtpCryptoSuiteGcm = rtc::SRTP_AEAD_AES_256_GCM;
 #endif
 
 static void RemoveLinesFromSdp(const std::string& line_start,
@@ -1530,6 +1531,92 @@ TEST_F(P2PTestConductor, GetDtls12Recv) {
                                           kDefaultSrtpCryptoSuite));
 }
 
+// Test that a non-GCM cipher is used if both sides only support non-GCM.
+TEST_F(P2PTestConductor, GetGcmNone) {
+  PeerConnectionFactory::Options init_options;
+  init_options.enable_gcm_ciphers = false;
+  PeerConnectionFactory::Options recv_options;
+  recv_options.enable_gcm_ciphers = false;
+  ASSERT_TRUE(
+      CreateTestClients(nullptr, &init_options, nullptr, &recv_options));
+  rtc::scoped_refptr<webrtc::FakeMetricsObserver>
+      init_observer = new rtc::RefCountedObject<webrtc::FakeMetricsObserver>();
+  initializing_client()->pc()->RegisterUMAObserver(init_observer);
+  LocalP2PTest();
+
+  EXPECT_EQ_WAIT(rtc::SrtpCryptoSuiteToName(kDefaultSrtpCryptoSuite),
+                 initializing_client()->GetSrtpCipherStats(),
+                 kMaxWaitForStatsMs);
+  EXPECT_EQ(1,
+            init_observer->GetEnumCounter(webrtc::kEnumCounterAudioSrtpCipher,
+                                          kDefaultSrtpCryptoSuite));

[pthatcher1, 2015/12/18 20:31:31]

Can you move this common logic into a separate method that's something like:

TestGcmNegotiation(bool local_gcm_enabled, bool remote_gcm_enabled, int
expected_cipher_suite);

TestGcmNegotiation(true, true, kDefaultSrtpCryptoSuiteGcm);
TestGcmNegotiation(true, false, kDefaultSrtpCryptoSuite);
TestGcmNegotiation(false, true, kDefaultSrtpCryptoSuite);
TestGcmNegotiation(false, false, kDefaultSrtpCryptoSuite);

[joachim, 2015/12/19 15:26:23]

Done.

+}
+
+// Test that a GCM cipher is used if both ends support it.
+TEST_F(P2PTestConductor, GetGcmBoth) {
+  PeerConnectionFactory::Options init_options;
+  init_options.enable_gcm_ciphers = true;
+  PeerConnectionFactory::Options recv_options;
+  recv_options.enable_gcm_ciphers = true;
+  ASSERT_TRUE(
+      CreateTestClients(nullptr, &init_options, nullptr, &recv_options));
+  rtc::scoped_refptr<webrtc::FakeMetricsObserver>
+      init_observer = new rtc::RefCountedObject<webrtc::FakeMetricsObserver>();
+  initializing_client()->pc()->RegisterUMAObserver(init_observer);
+  LocalP2PTest();
+
+  EXPECT_EQ_WAIT(rtc::SrtpCryptoSuiteToName(kDefaultSrtpCryptoSuiteGcm),
+                 initializing_client()->GetSrtpCipherStats(),
+                 kMaxWaitForStatsMs);
+  EXPECT_EQ(1,
+            init_observer->GetEnumCounter(webrtc::kEnumCounterAudioSrtpCipher,
+                                          kDefaultSrtpCryptoSuiteGcm));
+}
+
+// Test that a non-GCM cipher is used if the initator supports GCM and the
+// received supports non-GCM.
+TEST_F(P2PTestConductor, GetGcmInit) {
+  PeerConnectionFactory::Options init_options;
+  init_options.enable_gcm_ciphers = true;
+  PeerConnectionFactory::Options recv_options;
+  recv_options.enable_gcm_ciphers = false;
+  ASSERT_TRUE(
+      CreateTestClients(nullptr, &init_options, nullptr, &recv_options));
+  rtc::scoped_refptr<webrtc::FakeMetricsObserver>
+      init_observer = new rtc::RefCountedObject<webrtc::FakeMetricsObserver>();
+  initializing_client()->pc()->RegisterUMAObserver(init_observer);
+  LocalP2PTest();
+
+  EXPECT_EQ_WAIT(rtc::SrtpCryptoSuiteToName(kDefaultSrtpCryptoSuite),
+                 initializing_client()->GetSrtpCipherStats(),
+                 kMaxWaitForStatsMs);
+  EXPECT_EQ(1,
+            init_observer->GetEnumCounter(webrtc::kEnumCounterAudioSrtpCipher,
+                                          kDefaultSrtpCryptoSuite));
+}
+
+// Test that a non-GCM cipher is used if the initator supports non-GCM and the
+// received supports GCM.
+TEST_F(P2PTestConductor, GetGcmRecv) {
+  PeerConnectionFactory::Options init_options;
+  init_options.enable_gcm_ciphers = false;
+  PeerConnectionFactory::Options recv_options;
+  recv_options.enable_gcm_ciphers = true;
+  ASSERT_TRUE(
+      CreateTestClients(nullptr, &init_options, nullptr, &recv_options));
+  rtc::scoped_refptr<webrtc::FakeMetricsObserver>
+      init_observer = new rtc::RefCountedObject<webrtc::FakeMetricsObserver>();
+  initializing_client()->pc()->RegisterUMAObserver(init_observer);
+  LocalP2PTest();
+
+  EXPECT_EQ_WAIT(rtc::SrtpCryptoSuiteToName(kDefaultSrtpCryptoSuite),
+                 initializing_client()->GetSrtpCipherStats(),
+                 kMaxWaitForStatsMs);
+  EXPECT_EQ(1,
+            init_observer->GetEnumCounter(webrtc::kEnumCounterAudioSrtpCipher,
+                                          kDefaultSrtpCryptoSuite));
+}
+
 // This test sets up a call between two parties with audio, video and an RTP
 // data channel.
 TEST_F(P2PTestConductor, LocalP2PTestRtpDataChannel) {