Relanding: Allow the DTLS fingerprint verification to occur after the handshake.

webrtc/p2p/base/dtlstransportchannel_unittest.cc

 /*
  *  Copyright 2011 The WebRTC Project Authors. All rights reserved.
  *
  *  Use of this source code is governed by a BSD-style license
  *  that can be found in the LICENSE file in the root of the source
  *  tree. An additional intellectual property rights grant can be found
  *  in the file PATENTS.  All contributing project authors may
  *  be found in the AUTHORS file in the root of the source tree.
  */
 
@@ skipping 63 matching lines @@
     return certificate_;
   }
   void SetupSrtp() {
     ASSERT(certificate_);
     use_dtls_srtp_ = true;
   }
   void SetupMaxProtocolVersion(rtc::SSLProtocolVersion version) {
     ASSERT(!transport_);
     ssl_max_version_ = version;
   }
-  void SetupChannels(int count, cricket::IceRole role) {
+  void SetupChannels(int count, cricket::IceRole role, int async_delay_ms = 0) {
     transport_.reset(new cricket::DtlsTransport<cricket::FakeTransport>(
         "dtls content name", nullptr, certificate_));
     transport_->SetAsync(true);
+    transport_->SetAsyncDelay(async_delay_ms);
     transport_->SetIceRole(role);
     transport_->SetIceTiebreaker(
         (role == cricket::ICEROLE_CONTROLLING) ? 1 : 2);
 
     for (int i = 0; i < count; ++i) {
       cricket::DtlsTransportChannelWrapper* channel =
           static_cast<cricket::DtlsTransportChannelWrapper*>(
               transport_->CreateChannel(i));
       ASSERT_TRUE(channel != NULL);
       channel->SetSslMaxProtocolVersion(ssl_max_version_);
@@ skipping 14 matching lines @@
   cricket::Transport* transport() { return transport_.get(); }
 
   cricket::FakeTransportChannel* GetFakeChannel(int component) {
     cricket::TransportChannelImpl* ch = transport_->GetChannel(component);
     cricket::DtlsTransportChannelWrapper* wrapper =
         static_cast<cricket::DtlsTransportChannelWrapper*>(ch);
     return (wrapper) ?
         static_cast<cricket::FakeTransportChannel*>(wrapper->channel()) : NULL;
   }
 
+  cricket::DtlsTransportChannelWrapper* GetDtlsChannel(int component) {
+    cricket::TransportChannelImpl* ch = transport_->GetChannel(component);
+    return static_cast<cricket::DtlsTransportChannelWrapper*>(ch);
+  }
+
   // Offer DTLS if we have an identity; pass in a remote fingerprint only if
   // both sides support DTLS.
   void Negotiate(DtlsTestClient* peer, cricket::ContentAction action,
                  ConnectionRole local_role, ConnectionRole remote_role,
                  int flags) {
     Negotiate(certificate_, certificate_ ? peer->certificate_ : nullptr, action,
               local_role, remote_role, flags);
   }
 
   void MaybeSetSrtpCryptoSuites() {
@@ skipping 13 matching lines @@
       cricket::ContentAction action,
       ConnectionRole role,
       int flags) {
     // If |NF_EXPECT_FAILURE| is set, expect SRTD or SLTD to fail when
     // content action is CA_ANSWER.
     bool expect_success =
         !((action == cricket::CA_ANSWER) && (flags & NF_EXPECT_FAILURE));
     EXPECT_EQ(expect_success,
               transport_->SetLocalTransportDescription(
                   MakeTransportDescription(cert, role), action, nullptr));
-    set_local_cert_ = (cert != nullptr);
   }
 
   void SetRemoteTransportDescription(
       const rtc::scoped_refptr<rtc::RTCCertificate>& cert,
       cricket::ContentAction action,
       ConnectionRole role,
       int flags) {
     // If |NF_EXPECT_FAILURE| is set, expect SRTD or SLTD to fail when
     // content action is CA_ANSWER.
     bool expect_success =
         !((action == cricket::CA_ANSWER) && (flags & NF_EXPECT_FAILURE));
     EXPECT_EQ(expect_success,
               transport_->SetRemoteTransportDescription(
                   MakeTransportDescription(cert, role), action, nullptr));
-    set_remote_cert_ = (cert != nullptr);
   }
 
   // Allow any DTLS configuration to be specified (including invalid ones).
   void Negotiate(const rtc::scoped_refptr<rtc::RTCCertificate>& local_cert,
                  const rtc::scoped_refptr<rtc::RTCCertificate>& remote_cert,
                  cricket::ContentAction action,
                  ConnectionRole local_role,
                  ConnectionRole remote_role,
                  int flags) {
     if (!(flags & NF_REOFFER)) {
@@ skipping 41 matching lines @@
         return false;
       }
     }
     return true;
   }
 
   int received_dtls_client_hellos() const {
     return received_dtls_client_hellos_;
   }
 
-  bool negotiated_dtls() const { return set_local_cert_ && set_remote_cert_; }
+  int received_dtls_server_hellos() const {
+    return received_dtls_server_hellos_;
+  }
+
+  bool negotiated_dtls() const {
+    return transport_->local_description() &&
+           transport_->local_description()->identity_fingerprint &&
+           transport_->remote_description() &&
+           transport_->remote_description()->identity_fingerprint;
+  }
 
   void CheckRole(rtc::SSLRole role) {
     if (role == rtc::SSL_CLIENT) {
       ASSERT_EQ(0, received_dtls_client_hellos_);
       ASSERT_GT(received_dtls_server_hellos_, 0);
     } else {
       ASSERT_GT(received_dtls_client_hellos_, 0);
       ASSERT_EQ(0, received_dtls_server_hellos_);
     }
   }
@@ skipping 161 matching lines @@
 
  private:
   std::string name_;
   rtc::scoped_refptr<rtc::RTCCertificate> certificate_;
   std::unique_ptr<cricket::FakeTransport> transport_;
   std::vector<cricket::DtlsTransportChannelWrapper*> channels_;
   size_t packet_size_ = 0u;
   std::set<int> received_;
   bool use_dtls_srtp_ = false;
   rtc::SSLProtocolVersion ssl_max_version_ = rtc::SSL_PROTOCOL_DTLS_12;
-  bool set_local_cert_ = false;
-  bool set_remote_cert_ = false;
   int received_dtls_client_hellos_ = 0;
   int received_dtls_server_hellos_ = 0;
   rtc::SentPacket sent_packet_;
 };
 
+// Base class for DtlsTransportChannelTest and DtlsEventOrderingTest, which
+// inherit from different variants of testing::Test.
+//
 // Note that this test always uses a FakeClock, due to the |fake_clock_| member
 // variable.
-class DtlsTransportChannelTest : public testing::Test {
+class DtlsTransportChannelTestBase {
  public:
-  DtlsTransportChannelTest()
+  DtlsTransportChannelTestBase()
       : client1_("P1"),
         client2_("P2"),
         channel_ct_(1),
         use_dtls_(false),
         use_dtls_srtp_(false),
         ssl_expected_version_(rtc::SSL_PROTOCOL_DTLS_12) {}
 
   void SetChannelCount(size_t channel_ct) {
     channel_ct_ = static_cast<int>(channel_ct);
   }
@@ skipping 52 matching lines @@
           client2_.certificate(), cricket::CA_ANSWER, client2_role, 0);
       rv = client1_.Connect(&client2_, false);
       client1_.SetRemoteTransportDescription(
           client2_.certificate(), cricket::CA_ANSWER, client2_role, 0);
     }
 
     EXPECT_TRUE(rv);
     if (!rv)
       return false;
 
-    EXPECT_TRUE_WAIT(
+    EXPECT_TRUE_SIMULATED_WAIT(
         client1_.all_channels_writable() && client2_.all_channels_writable(),
-        kTimeout);
+        kTimeout, fake_clock_);
     if (!client1_.all_channels_writable() || !client2_.all_channels_writable())
       return false;
 
     // Check that we used the right roles.
     if (use_dtls_) {
       rtc::SSLRole client1_ssl_role =
           (client1_role == cricket::CONNECTIONROLE_ACTIVE ||
            (client2_role == cricket::CONNECTIONROLE_PASSIVE &&
             client1_role == cricket::CONNECTIONROLE_ACTPASS)) ?
               rtc::SSL_CLIENT : rtc::SSL_SERVER;
@@ skipping 70 matching lines @@
                          client2_role, client1_role, flags);
       client1_.Negotiate(&client2_, cricket::CA_ANSWER,
                          client1_role, client2_role, flags);
     }
   }
 
   void TestTransfer(size_t channel, size_t size, size_t count, bool srtp) {
     LOG(LS_INFO) << "Expect packets, size=" << size;
     client2_.ExpectPackets(channel, size);
     client1_.SendPackets(channel, size, count, srtp);
-    EXPECT_EQ_WAIT(count, client2_.NumPacketsReceived(), kTimeout);
+    EXPECT_EQ_SIMULATED_WAIT(count, client2_.NumPacketsReceived(), kTimeout,
+                             fake_clock_);
   }
 
  protected:
   rtc::ScopedFakeClock fake_clock_;
   DtlsTestClient client1_;
   DtlsTestClient client2_;
   int channel_ct_;
   bool use_dtls_;
   bool use_dtls_srtp_;
   rtc::SSLProtocolVersion ssl_expected_version_;
 };
 
+class DtlsTransportChannelTest : public DtlsTransportChannelTestBase,
+                                 public ::testing::Test {};
+
 // Test that transport negotiation of ICE, no DTLS works properly.
 TEST_F(DtlsTransportChannelTest, TestChannelSetupIce) {
   Negotiate();
   cricket::FakeTransportChannel* channel1 = client1_.GetFakeChannel(0);
   cricket::FakeTransportChannel* channel2 = client2_.GetFakeChannel(0);
   ASSERT_TRUE(channel1 != NULL);
   ASSERT_TRUE(channel2 != NULL);
   EXPECT_EQ(cricket::ICEROLE_CONTROLLING, channel1->GetIceRole());
   EXPECT_EQ(1U, channel1->IceTiebreaker());
   EXPECT_EQ(kIceUfrag1, channel1->ice_ufrag());
@@ skipping 263 matching lines @@
   MAYBE_SKIP_TEST(HaveDtlsSrtp);
   SetChannelCount(2);
   PrepareDtls(true, true, rtc::KT_DEFAULT);
   PrepareDtlsSrtp(true, true);
   Negotiate();
 
   Renegotiate(&client1_, cricket::CONNECTIONROLE_ACTPASS,
               cricket::CONNECTIONROLE_ACTIVE, NF_REOFFER);
   bool rv = client1_.Connect(&client2_, false);
   EXPECT_TRUE(rv);
-  EXPECT_TRUE_WAIT(
+  EXPECT_TRUE_SIMULATED_WAIT(
       client1_.all_channels_writable() && client2_.all_channels_writable(),
-      kTimeout);
+      kTimeout, fake_clock_);
 
   TestTransfer(0, 1000, 100, true);
   TestTransfer(1, 1000, 100, true);
 }
 
 // Test Certificates state after negotiation but before connection.
 TEST_F(DtlsTransportChannelTest, TestCertificatesBeforeConnect) {
   MAYBE_SKIP_TEST(HaveDtls);
   PrepareDtls(true, true, rtc::KT_DEFAULT);
   Negotiate();
@@ skipping 34 matching lines @@
   ASSERT_TRUE(remote_cert1);
   ASSERT_EQ(remote_cert1->ToPEMString(),
             certificate2->ssl_certificate().ToPEMString());
   std::unique_ptr<rtc::SSLCertificate> remote_cert2 =
       client2_.transport()->GetRemoteSSLCertificate();
   ASSERT_TRUE(remote_cert2);
   ASSERT_EQ(remote_cert2->ToPEMString(),
             certificate1->ssl_certificate().ToPEMString());
 }
 
-// Test that DTLS completes promptly if a ClientHello is received before the
-// transport channel is writable (allowing a ServerHello to be sent).
-TEST_F(DtlsTransportChannelTest, TestReceiveClientHelloBeforeWritable) {
-  MAYBE_SKIP_TEST(HaveDtls);
-  PrepareDtls(true, true, rtc::KT_DEFAULT);
-  // Exchange transport descriptions.
-  Negotiate(cricket::CONNECTIONROLE_ACTPASS, cricket::CONNECTIONROLE_ACTIVE);
-
-  // Make client2_ writable, but not client1_.
-  EXPECT_TRUE(client2_.Connect(&client1_, true));
-  EXPECT_TRUE_WAIT(client2_.all_raw_channels_writable(), kTimeout);
-
-  // Expect a DTLS ClientHello to be sent even while client1_ isn't writable.
-  EXPECT_EQ_WAIT(1, client1_.received_dtls_client_hellos(), kTimeout);
-  EXPECT_FALSE(client1_.all_raw_channels_writable());
-
-  // Now make client1_ writable and expect the handshake to complete
-  // without client2_ needing to retransmit the ClientHello.
-  EXPECT_TRUE(client1_.Connect(&client2_, true));
-  EXPECT_TRUE_WAIT(
-      client1_.all_channels_writable() && client2_.all_channels_writable(),
-      kTimeout);
-  EXPECT_EQ(1, client1_.received_dtls_client_hellos());
-}
-
-// Test that DTLS completes promptly if a ClientHello is received before the
-// transport channel has a remote fingerprint (allowing a ServerHello to be
-// sent).
-TEST_F(DtlsTransportChannelTest,
-       TestReceiveClientHelloBeforeRemoteFingerprint) {
-  MAYBE_SKIP_TEST(HaveDtls);
-  PrepareDtls(true, true, rtc::KT_DEFAULT);
-  client1_.SetupChannels(channel_ct_, cricket::ICEROLE_CONTROLLING);
-  client2_.SetupChannels(channel_ct_, cricket::ICEROLE_CONTROLLED);
-
-  // Make client2_ writable and give it local/remote certs, but don't yet give
-  // client1_ a remote fingerprint.
-  client1_.transport()->SetLocalTransportDescription(
-      MakeTransportDescription(client1_.certificate(),
-                               cricket::CONNECTIONROLE_ACTPASS),
-      cricket::CA_OFFER, nullptr);
-  client2_.Negotiate(&client1_, cricket::CA_ANSWER,
-                     cricket::CONNECTIONROLE_ACTIVE,
-                     cricket::CONNECTIONROLE_ACTPASS, 0);
-  EXPECT_TRUE(client2_.Connect(&client1_, true));
-  EXPECT_TRUE_WAIT(client2_.all_raw_channels_writable(), kTimeout);
-
-  // Expect a DTLS ClientHello to be sent even while client1_ doesn't have a
-  // remote fingerprint.
-  EXPECT_EQ_WAIT(1, client1_.received_dtls_client_hellos(), kTimeout);
-  EXPECT_FALSE(client1_.all_raw_channels_writable());
-
-  // Now make give client1_ its remote fingerprint and make it writable, and
-  // expect the handshake to complete without client2_ needing to retransmit
-  // the ClientHello.
-  client1_.transport()->SetRemoteTransportDescription(
-      MakeTransportDescription(client2_.certificate(),
-                               cricket::CONNECTIONROLE_ACTIVE),
-      cricket::CA_ANSWER, nullptr);
-  EXPECT_TRUE(client1_.Connect(&client2_, true));
-  EXPECT_TRUE_WAIT(
-      client1_.all_channels_writable() && client2_.all_channels_writable(),
-      kTimeout);
-  EXPECT_EQ(1, client1_.received_dtls_client_hellos());
-}
-
 // Test that packets are retransmitted according to the expected schedule.
 // Each time a timeout occurs, the retransmission timer should be doubled up to
 // 60 seconds. The timer defaults to 1 second, but for WebRTC we should be
 // initializing it to 50ms.
 TEST_F(DtlsTransportChannelTest, TestRetransmissionSchedule) {
   MAYBE_SKIP_TEST(HaveDtls);
   // We can only change the retransmission schedule with a recently-added
   // BoringSSL API. Skip the test if not built with BoringSSL.
   MAYBE_SKIP_TEST(IsBoringSsl);
 
   PrepareDtls(true, true, rtc::KT_DEFAULT);
   // Exchange transport descriptions.
   Negotiate(cricket::CONNECTIONROLE_ACTPASS, cricket::CONNECTIONROLE_ACTIVE);
 
   // Make client2_ writable, but not client1_.
   // This means client1_ will send DTLS client hellos but get no response.
   EXPECT_TRUE(client2_.Connect(&client1_, true));
-  EXPECT_TRUE_WAIT(client2_.all_raw_channels_writable(), kTimeout);
+  EXPECT_TRUE_SIMULATED_WAIT(client2_.all_raw_channels_writable(), kTimeout,
+                             fake_clock_);
 
   // Wait for the first client hello to be sent.
   EXPECT_EQ_WAIT(1, client1_.received_dtls_client_hellos(), kTimeout);
   EXPECT_FALSE(client1_.all_raw_channels_writable());
 
   static int timeout_schedule_ms[] = {50,   100,  200,   400,   800,   1600,
                                       3200, 6400, 12800, 25600, 51200, 60000};
 
   int expected_hellos = 1;
   for (size_t i = 0;
@@ skipping 14 matching lines @@
 // Test that a DTLS connection can be made even if the underlying transport
 // is connected before DTLS fingerprints/roles have been negotiated.
 TEST_F(DtlsTransportChannelTest, TestConnectBeforeNegotiate) {
   MAYBE_SKIP_TEST(HaveDtls);
   PrepareDtls(true, true, rtc::KT_DEFAULT);
   ASSERT_TRUE(Connect(cricket::CONNECTIONROLE_ACTPASS,
                       cricket::CONNECTIONROLE_ACTIVE,
                       CONNECT_BEFORE_NEGOTIATE));
   TestTransfer(0, 1000, 100, false);
 }
+
+// The following events can occur in many different orders:
+// 1. Caller receives remote fingerprint.
+// 2. Caller is writable.
+// 3. Caller receives ClientHello.
+// 4. DTLS handshake finishes.
+//
+// The tests below cover all causally consistent permutations of these events;
+// the caller must be writable and receive a ClientHello before the handshake
+// finishes, but otherwise any ordering is possible.
+//
+// For each permutation, the test verifies that a connection is established and
+// fingerprint verified without any DTLS packet needing to be retransmitted.
+//
+// Each permutation is also tested with valid and invalid fingerprints,
+// ensuring that the handshake fails with an invalid fingerprint.
+enum DtlsTransportEvent {
+  CALLER_RECEIVES_FINGERPRINT,
+  CALLER_WRITABLE,
+  CALLER_RECEIVES_CLIENTHELLO,
+  HANDSHAKE_FINISHES
+};
+
+class DtlsEventOrderingTest
+    : public DtlsTransportChannelTestBase,
+      public ::testing::TestWithParam<
+          ::testing::tuple<std::vector<DtlsTransportEvent>, bool>> {
+ protected:
+  // If |valid_fingerprint| is false, the caller will receive a fingerprint
+  // that doesn't match the callee's certificate, so the handshake should fail.
+  void TestEventOrdering(const std::vector<DtlsTransportEvent>& events,
+                         bool valid_fingerprint) {
+    // Pre-setup: Set local certificate on both caller and callee, and
+    // remote fingerprint on callee, but neither is writable and the caller
+    // doesn't have the callee's fingerprint.
+    PrepareDtls(true, true, rtc::KT_DEFAULT);
+    // Simulate packets being sent and arriving asynchronously.
+    // Otherwise the entire DTLS handshake would occur in one clock tick, and
+    // we couldn't inject method calls in the middle of it.
+    int simulated_delay_ms = 10;
+    client1_.SetupChannels(channel_ct_, cricket::ICEROLE_CONTROLLING,
+                           simulated_delay_ms);
+    client2_.SetupChannels(channel_ct_, cricket::ICEROLE_CONTROLLED,
+                           simulated_delay_ms);
+    client1_.SetLocalTransportDescription(client1_.certificate(),
+                                          cricket::CA_OFFER,
+                                          cricket::CONNECTIONROLE_ACTPASS, 0);
+    client2_.Negotiate(&client1_, cricket::CA_ANSWER,
+                       cricket::CONNECTIONROLE_ACTIVE,
+                       cricket::CONNECTIONROLE_ACTPASS, 0);
+
+    for (DtlsTransportEvent e : events) {
+      switch (e) {
+        case CALLER_RECEIVES_FINGERPRINT:
+          if (valid_fingerprint) {
+            client1_.SetRemoteTransportDescription(
+                client2_.certificate(), cricket::CA_ANSWER,
+                cricket::CONNECTIONROLE_ACTIVE, 0);
+          } else {
+            // Create a fingerprint with a correct algorithm but an invalid
+            // digest.
+            cricket::TransportDescription remote_desc =
+                MakeTransportDescription(client2_.certificate(),
+                                         cricket::CONNECTIONROLE_ACTIVE);
+            ++(remote_desc.identity_fingerprint->digest[0]);
+            // Even if certificate verification fails inside this method,
+            // it should return true as long as the fingerprint was formatted
+            // correctly.
+            EXPECT_TRUE(client1_.transport()->SetRemoteTransportDescription(
+                remote_desc, cricket::CA_ANSWER, nullptr));
+          }
+          break;
+        case CALLER_WRITABLE:
+          EXPECT_TRUE(client1_.Connect(&client2_, true));
+          EXPECT_TRUE_SIMULATED_WAIT(client1_.all_raw_channels_writable(),
+                                     kTimeout, fake_clock_);
+          break;
+        case CALLER_RECEIVES_CLIENTHELLO:
+          // Sanity check that a ClientHello hasn't already been received.
+          EXPECT_EQ(0, client1_.received_dtls_client_hellos());
+          // Making client2_ writable will cause it to send the ClientHello.
+          EXPECT_TRUE(client2_.Connect(&client1_, true));
+          EXPECT_TRUE_SIMULATED_WAIT(client2_.all_raw_channels_writable(),
+                                     kTimeout, fake_clock_);
+          EXPECT_EQ_SIMULATED_WAIT(1, client1_.received_dtls_client_hellos(),
+                                   kTimeout, fake_clock_);
+          break;
+        case HANDSHAKE_FINISHES:
+          // Sanity check that the handshake hasn't already finished.
+          EXPECT_FALSE(client1_.GetDtlsChannel(0)->IsDtlsConnected() ||
+                       client1_.GetDtlsChannel(0)->dtls_state() ==
+                           cricket::DTLS_TRANSPORT_FAILED);
+          EXPECT_TRUE_SIMULATED_WAIT(
+              client1_.GetDtlsChannel(0)->IsDtlsConnected() ||
+                  client1_.GetDtlsChannel(0)->dtls_state() ==
+                      cricket::DTLS_TRANSPORT_FAILED,
+              kTimeout, fake_clock_);
+          break;
+      }
+    }
+
+    cricket::DtlsTransportState expected_final_state =
+        valid_fingerprint ? cricket::DTLS_TRANSPORT_CONNECTED
+                          : cricket::DTLS_TRANSPORT_FAILED;
+    EXPECT_EQ_SIMULATED_WAIT(expected_final_state,
+                             client1_.GetDtlsChannel(0)->dtls_state(), kTimeout,
+                             fake_clock_);
+    EXPECT_EQ_SIMULATED_WAIT(expected_final_state,
+                             client2_.GetDtlsChannel(0)->dtls_state(), kTimeout,
+                             fake_clock_);
+
+    // Channel should be writable iff there was a valid fingerprint.
+    EXPECT_EQ(valid_fingerprint, client1_.GetDtlsChannel(0)->writable());
+    EXPECT_EQ(valid_fingerprint, client2_.GetDtlsChannel(0)->writable());
+
+    // Check that no hello needed to be retransmitted.
+    EXPECT_EQ(1, client1_.received_dtls_client_hellos());
+    EXPECT_EQ(1, client2_.received_dtls_server_hellos());
+
+    if (valid_fingerprint) {
+      TestTransfer(0, 1000, 100, false);
+    }
+  }
+};
+
+TEST_P(DtlsEventOrderingTest, TestEventOrdering) {
+  MAYBE_SKIP_TEST(HaveDtls);
+  TestEventOrdering(::testing::get<0>(GetParam()),
+                    ::testing::get<1>(GetParam()));
+}
+
+INSTANTIATE_TEST_CASE_P(
+    TestEventOrdering,
+    DtlsEventOrderingTest,
+    ::testing::Combine(
+        ::testing::Values(
+            std::vector<DtlsTransportEvent>{
+                CALLER_RECEIVES_FINGERPRINT, CALLER_WRITABLE,
+                CALLER_RECEIVES_CLIENTHELLO, HANDSHAKE_FINISHES},
+            std::vector<DtlsTransportEvent>{
+                CALLER_WRITABLE, CALLER_RECEIVES_FINGERPRINT,
+                CALLER_RECEIVES_CLIENTHELLO, HANDSHAKE_FINISHES},
+            std::vector<DtlsTransportEvent>{
+                CALLER_WRITABLE, CALLER_RECEIVES_CLIENTHELLO,
+                CALLER_RECEIVES_FINGERPRINT, HANDSHAKE_FINISHES},
+            std::vector<DtlsTransportEvent>{
+                CALLER_WRITABLE, CALLER_RECEIVES_CLIENTHELLO,
+                HANDSHAKE_FINISHES, CALLER_RECEIVES_FINGERPRINT},
+            std::vector<DtlsTransportEvent>{
+                CALLER_RECEIVES_FINGERPRINT, CALLER_RECEIVES_CLIENTHELLO,
+                CALLER_WRITABLE, HANDSHAKE_FINISHES},
+            std::vector<DtlsTransportEvent>{
+                CALLER_RECEIVES_CLIENTHELLO, CALLER_RECEIVES_FINGERPRINT,
+                CALLER_WRITABLE, HANDSHAKE_FINISHES},
+            std::vector<DtlsTransportEvent>{
+                CALLER_RECEIVES_CLIENTHELLO, CALLER_WRITABLE,
+                CALLER_RECEIVES_FINGERPRINT, HANDSHAKE_FINISHES},
+            std::vector<DtlsTransportEvent>{CALLER_RECEIVES_CLIENTHELLO,
+                                            CALLER_WRITABLE, HANDSHAKE_FINISHES,
+                                            CALLER_RECEIVES_FINGERPRINT}),
+        ::testing::Bool()));