webrtc/base/sslstreamadapter_unittest.cc - Issue 1774583002: Add IsAcceptableCipher, use instead of GetDefaultCipher.

Side by Side Diff: webrtc/base/sslstreamadapter_unittest.cc

Issue 1774583002: Add IsAcceptableCipher, use instead of GetDefaultCipher. (Closed) Base URL: https://chromium.googlesource.com/external/webrtc.git@master

Patch Set: Address feedback Created 4 years, 9 months ago

Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.

Jump to:

View unified diff | Download patch

OLD	NEW
1 /*	1 /*

2 * Copyright 2011 The WebRTC Project Authors. All rights reserved.	2 * Copyright 2011 The WebRTC Project Authors. All rights reserved.

3 *	3 *

4 * Use of this source code is governed by a BSD-style license	4 * Use of this source code is governed by a BSD-style license

5 * that can be found in the LICENSE file in the root of the source	5 * that can be found in the LICENSE file in the root of the source

6 * tree. An additional intellectual property rights grant can be found	6 * tree. An additional intellectual property rights grant can be found

7 * in the file PATENTS. All contributing project authors may	7 * in the file PATENTS. All contributing project authors may

8 * be found in the AUTHORS file in the root of the source tree.	8 * be found in the AUTHORS file in the root of the source tree.

9 */	9 */

10	10

(...skipping 470 matching lines...) Expand 10 before \| Expand all \| Expand 10 after Loading...
481 return server_ssl_->GetPeerCertificate(cert);	481 return server_ssl_->GetPeerCertificate(cert);

482 }	482 }

483	483

484 bool GetSslCipherSuite(bool client, int* retval) {	484 bool GetSslCipherSuite(bool client, int* retval) {

485 if (client)	485 if (client)

486 return client_ssl_->GetSslCipherSuite(retval);	486 return client_ssl_->GetSslCipherSuite(retval);

487 else	487 else

488 return server_ssl_->GetSslCipherSuite(retval);	488 return server_ssl_->GetSslCipherSuite(retval);

489 }	489 }

490	490

	491 int GetSslVersion(bool client) {

	492 if (client)

	493 return client_ssl_->GetSslVersion();

	494 else

	495 return server_ssl_->GetSslVersion();

	496 }

	497

491 bool ExportKeyingMaterial(const char *label,	498 bool ExportKeyingMaterial(const char *label,

492 const unsigned char *context,	499 const unsigned char *context,

493 size_t context_len,	500 size_t context_len,

494 bool use_context,	501 bool use_context,

495 bool client,	502 bool client,

496 unsigned char *result,	503 unsigned char *result,

497 size_t result_len) {	504 size_t result_len) {

498 if (client)	505 if (client)

499 return client_ssl_->ExportKeyingMaterial(label,	506 return client_ssl_->ExportKeyingMaterial(label,

500 context, context_len,	507 context, context_len,

(...skipping 558 matching lines...) Expand 10 before \| Expand all \| Expand 10 after Loading...
1059 // It's kCERT_PEM	1066 // It's kCERT_PEM

1060 ASSERT_EQ(kCERT_PEM, server_peer_cert->ToPEMString());	1067 ASSERT_EQ(kCERT_PEM, server_peer_cert->ToPEMString());

1061	1068

1062 // It must not have a chain, because the test certs are self-signed.	1069 // It must not have a chain, because the test certs are self-signed.

1063 rtc::SSLCertChain* server_peer_chain;	1070 rtc::SSLCertChain* server_peer_chain;

1064 ASSERT_FALSE(server_peer_cert->GetChain(&server_peer_chain));	1071 ASSERT_FALSE(server_peer_cert->GetChain(&server_peer_chain));

1065 }	1072 }

1066	1073

1067 // Test getting the used DTLS ciphers.	1074 // Test getting the used DTLS ciphers.

1068 // DTLS 1.2 enabled for neither client nor server -> DTLS 1.0 will be used.	1075 // DTLS 1.2 enabled for neither client nor server -> DTLS 1.0 will be used.

1069 // Disabled due to new BoringSSLL version, see webrtc:5634	1076 TEST_P(SSLStreamAdapterTestDTLS, TestGetSslCipherSuite) {

1070 TEST_P(SSLStreamAdapterTestDTLS, DISABLED_TestGetSslCipherSuite) {

1071 MAYBE_SKIP_TEST(HaveDtls);	1077 MAYBE_SKIP_TEST(HaveDtls);

1072 SetupProtocolVersions(rtc::SSL_PROTOCOL_DTLS_10, rtc::SSL_PROTOCOL_DTLS_10);	1078 SetupProtocolVersions(rtc::SSL_PROTOCOL_DTLS_10, rtc::SSL_PROTOCOL_DTLS_10);

1073 TestHandshake();	1079 TestHandshake();

1074	1080

1075 int client_cipher;	1081 int client_cipher;

1076 ASSERT_TRUE(GetSslCipherSuite(true, &client_cipher));	1082 ASSERT_TRUE(GetSslCipherSuite(true, &client_cipher));

1077 int server_cipher;	1083 int server_cipher;

1078 ASSERT_TRUE(GetSslCipherSuite(false, &server_cipher));	1084 ASSERT_TRUE(GetSslCipherSuite(false, &server_cipher));

1079	1085

	1086 ASSERT_EQ(rtc::SSL_PROTOCOL_DTLS_10, GetSslVersion(true));

	1087 ASSERT_EQ(rtc::SSL_PROTOCOL_DTLS_10, GetSslVersion(false));

	1088

1080 ASSERT_EQ(client_cipher, server_cipher);	1089 ASSERT_EQ(client_cipher, server_cipher);

1081 ASSERT_EQ(	1090 ASSERT_TRUE(rtc::SSLStreamAdapter::IsAcceptableCipher(

1082 rtc::SSLStreamAdapter::GetDefaultSslCipherForTest(	1091 server_cipher, ::testing::get<1>(GetParam()).type()));

1083 rtc::SSL_PROTOCOL_DTLS_10, ::testing::get<1>(GetParam()).type()),

1084 server_cipher);

1085 }	1092 }

1086	1093

1087 // Test getting the used DTLS 1.2 ciphers.	1094 // Test getting the used DTLS 1.2 ciphers.

1088 // DTLS 1.2 enabled for client and server -> DTLS 1.2 will be used.	1095 // DTLS 1.2 enabled for client and server -> DTLS 1.2 will be used.

1089 TEST_P(SSLStreamAdapterTestDTLS, TestGetSslCipherSuiteDtls12Both) {	1096 TEST_P(SSLStreamAdapterTestDTLS, TestGetSslCipherSuiteDtls12Both) {

1090 MAYBE_SKIP_TEST(HaveDtls);	1097 MAYBE_SKIP_TEST(HaveDtls);

1091 SetupProtocolVersions(rtc::SSL_PROTOCOL_DTLS_12, rtc::SSL_PROTOCOL_DTLS_12);	1098 SetupProtocolVersions(rtc::SSL_PROTOCOL_DTLS_12, rtc::SSL_PROTOCOL_DTLS_12);

1092 TestHandshake();	1099 TestHandshake();

1093	1100

1094 int client_cipher;	1101 int client_cipher;

1095 ASSERT_TRUE(GetSslCipherSuite(true, &client_cipher));	1102 ASSERT_TRUE(GetSslCipherSuite(true, &client_cipher));

1096 int server_cipher;	1103 int server_cipher;

1097 ASSERT_TRUE(GetSslCipherSuite(false, &server_cipher));	1104 ASSERT_TRUE(GetSslCipherSuite(false, &server_cipher));

1098	1105

	1106 ASSERT_EQ(rtc::SSL_PROTOCOL_DTLS_12, GetSslVersion(true));

	1107 ASSERT_EQ(rtc::SSL_PROTOCOL_DTLS_12, GetSslVersion(false));

	1108

1099 ASSERT_EQ(client_cipher, server_cipher);	1109 ASSERT_EQ(client_cipher, server_cipher);

1100 ASSERT_EQ(	1110 ASSERT_TRUE(rtc::SSLStreamAdapter::IsAcceptableCipher(

1101 rtc::SSLStreamAdapter::GetDefaultSslCipherForTest(	1111 server_cipher, ::testing::get<1>(GetParam()).type()));

1102 rtc::SSL_PROTOCOL_DTLS_12, ::testing::get<1>(GetParam()).type()),

1103 server_cipher);

1104 }	1112 }

1105	1113

1106 // DTLS 1.2 enabled for client only -> DTLS 1.0 will be used.	1114 // DTLS 1.2 enabled for client only -> DTLS 1.0 will be used.

1107 // Disabled due to new BoringSSLL version, see webrtc:5634	1115 TEST_P(SSLStreamAdapterTestDTLS, TestGetSslCipherSuiteDtls12Client) {

1108 TEST_P(SSLStreamAdapterTestDTLS, DISABLED_TestGetSslCipherSuiteDtls12Client) {

1109 MAYBE_SKIP_TEST(HaveDtls);	1116 MAYBE_SKIP_TEST(HaveDtls);

1110 SetupProtocolVersions(rtc::SSL_PROTOCOL_DTLS_10, rtc::SSL_PROTOCOL_DTLS_12);	1117 SetupProtocolVersions(rtc::SSL_PROTOCOL_DTLS_10, rtc::SSL_PROTOCOL_DTLS_12);

1111 TestHandshake();	1118 TestHandshake();

1112	1119

1113 int client_cipher;	1120 int client_cipher;

1114 ASSERT_TRUE(GetSslCipherSuite(true, &client_cipher));	1121 ASSERT_TRUE(GetSslCipherSuite(true, &client_cipher));

1115 int server_cipher;	1122 int server_cipher;

1116 ASSERT_TRUE(GetSslCipherSuite(false, &server_cipher));	1123 ASSERT_TRUE(GetSslCipherSuite(false, &server_cipher));

1117	1124

	1125 ASSERT_EQ(rtc::SSL_PROTOCOL_DTLS_10, GetSslVersion(true));

	1126 ASSERT_EQ(rtc::SSL_PROTOCOL_DTLS_10, GetSslVersion(false));

	1127

1118 ASSERT_EQ(client_cipher, server_cipher);	1128 ASSERT_EQ(client_cipher, server_cipher);

1119 ASSERT_EQ(	1129 ASSERT_TRUE(rtc::SSLStreamAdapter::IsAcceptableCipher(

1120 rtc::SSLStreamAdapter::GetDefaultSslCipherForTest(	1130 server_cipher, ::testing::get<1>(GetParam()).type()));

1121 rtc::SSL_PROTOCOL_DTLS_10, ::testing::get<1>(GetParam()).type()),

1122 server_cipher);

1123 }	1131 }

1124	1132

1125 // DTLS 1.2 enabled for server only -> DTLS 1.0 will be used.	1133 // DTLS 1.2 enabled for server only -> DTLS 1.0 will be used.

1126 // Disabled due to new BoringSSLL version, see webrtc:5634	1134 TEST_P(SSLStreamAdapterTestDTLS, TestGetSslCipherSuiteDtls12Server) {

1127 TEST_P(SSLStreamAdapterTestDTLS, DISABLED_TestGetSslCipherSuiteDtls12Server) {

1128 MAYBE_SKIP_TEST(HaveDtls);	1135 MAYBE_SKIP_TEST(HaveDtls);

1129 SetupProtocolVersions(rtc::SSL_PROTOCOL_DTLS_12, rtc::SSL_PROTOCOL_DTLS_10);	1136 SetupProtocolVersions(rtc::SSL_PROTOCOL_DTLS_12, rtc::SSL_PROTOCOL_DTLS_10);

1130 TestHandshake();	1137 TestHandshake();

1131	1138

1132 int client_cipher;	1139 int client_cipher;

1133 ASSERT_TRUE(GetSslCipherSuite(true, &client_cipher));	1140 ASSERT_TRUE(GetSslCipherSuite(true, &client_cipher));

1134 int server_cipher;	1141 int server_cipher;

1135 ASSERT_TRUE(GetSslCipherSuite(false, &server_cipher));	1142 ASSERT_TRUE(GetSslCipherSuite(false, &server_cipher));

1136	1143

	1144 ASSERT_EQ(rtc::SSL_PROTOCOL_DTLS_10, GetSslVersion(true));

	1145 ASSERT_EQ(rtc::SSL_PROTOCOL_DTLS_10, GetSslVersion(false));

	1146

1137 ASSERT_EQ(client_cipher, server_cipher);	1147 ASSERT_EQ(client_cipher, server_cipher);

1138 ASSERT_EQ(	1148 ASSERT_TRUE(rtc::SSLStreamAdapter::IsAcceptableCipher(

1139 rtc::SSLStreamAdapter::GetDefaultSslCipherForTest(	1149 server_cipher, ::testing::get<1>(GetParam()).type()));

1140 rtc::SSL_PROTOCOL_DTLS_10, ::testing::get<1>(GetParam()).type()),

1141 server_cipher);

1142 }	1150 }

1143	1151

1144 // The RSA keysizes here might look strange, why not include the RFC's size	1152 // The RSA keysizes here might look strange, why not include the RFC's size

1145 // 2048?. The reason is test case slowness; testing two sizes to exercise	1153 // 2048?. The reason is test case slowness; testing two sizes to exercise

1146 // parametrization is sufficient.	1154 // parametrization is sufficient.

1147 INSTANTIATE_TEST_CASE_P(	1155 INSTANTIATE_TEST_CASE_P(

1148 SSLStreamAdapterTestsTLS,	1156 SSLStreamAdapterTestsTLS,

1149 SSLStreamAdapterTestTLS,	1157 SSLStreamAdapterTestTLS,

1150 Combine(Values(rtc::KeyParams::RSA(1024, 65537),	1158 Combine(Values(rtc::KeyParams::RSA(1024, 65537),

1151 rtc::KeyParams::RSA(1152, 65537),	1159 rtc::KeyParams::RSA(1152, 65537),

1152 rtc::KeyParams::ECDSA(rtc::EC_NIST_P256)),	1160 rtc::KeyParams::ECDSA(rtc::EC_NIST_P256)),

1153 Values(rtc::KeyParams::RSA(1024, 65537),	1161 Values(rtc::KeyParams::RSA(1024, 65537),

1154 rtc::KeyParams::RSA(1152, 65537),	1162 rtc::KeyParams::RSA(1152, 65537),

1155 rtc::KeyParams::ECDSA(rtc::EC_NIST_P256))));	1163 rtc::KeyParams::ECDSA(rtc::EC_NIST_P256))));

1156 INSTANTIATE_TEST_CASE_P(	1164 INSTANTIATE_TEST_CASE_P(

1157 SSLStreamAdapterTestsDTLS,	1165 SSLStreamAdapterTestsDTLS,

1158 SSLStreamAdapterTestDTLS,	1166 SSLStreamAdapterTestDTLS,

1159 Combine(Values(rtc::KeyParams::RSA(1024, 65537),	1167 Combine(Values(rtc::KeyParams::RSA(1024, 65537),

1160 rtc::KeyParams::RSA(1152, 65537),	1168 rtc::KeyParams::RSA(1152, 65537),

1161 rtc::KeyParams::ECDSA(rtc::EC_NIST_P256)),	1169 rtc::KeyParams::ECDSA(rtc::EC_NIST_P256)),

1162 Values(rtc::KeyParams::RSA(1024, 65537),	1170 Values(rtc::KeyParams::RSA(1024, 65537),

1163 rtc::KeyParams::RSA(1152, 65537),	1171 rtc::KeyParams::RSA(1152, 65537),

1164 rtc::KeyParams::ECDSA(rtc::EC_NIST_P256))));	1172 rtc::KeyParams::ECDSA(rtc::EC_NIST_P256))));

OLD	NEW

« no previous file with comments | « webrtc/base/sslstreamadapter.cc ('k') | webrtc/p2p/base/dtlstransportchannel_unittest.cc » ('j') | no next file with comments »