| OLD | NEW |
|---|
| 1 /* | 1 /* |
| 2 * Copyright 2004 The WebRTC project authors. All Rights Reserved. | 2 * Copyright 2004 The WebRTC project authors. All Rights Reserved. |
| 3 * | 3 * |
| 4 * Use of this source code is governed by a BSD-style license | 4 * Use of this source code is governed by a BSD-style license |
| 5 * that can be found in the LICENSE file in the root of the source | 5 * that can be found in the LICENSE file in the root of the source |
| 6 * tree. An additional intellectual property rights grant can be found | 6 * tree. An additional intellectual property rights grant can be found |
| 7 * in the file PATENTS. All contributing project authors may | 7 * in the file PATENTS. All contributing project authors may |
| 8 * be found in the AUTHORS file in the root of the source tree. | 8 * be found in the AUTHORS file in the root of the source tree. |
| 9 */ | 9 */ |
| 10 | 10 |
| (...skipping 89 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 100 const std::vector<CryptoParams>& params2) { | 100 const std::vector<CryptoParams>& params2) { |
| 101 EXPECT_TRUE(f1_.SetOffer(params1, CS_LOCAL)); | 101 EXPECT_TRUE(f1_.SetOffer(params1, CS_LOCAL)); |
| 102 EXPECT_TRUE(f2_.SetOffer(params1, CS_REMOTE)); | 102 EXPECT_TRUE(f2_.SetOffer(params1, CS_REMOTE)); |
| 103 EXPECT_FALSE(f1_.IsActive()); | 103 EXPECT_FALSE(f1_.IsActive()); |
| 104 EXPECT_FALSE(f2_.IsActive()); | 104 EXPECT_FALSE(f2_.IsActive()); |
| 105 EXPECT_TRUE(f2_.SetAnswer(params2, CS_LOCAL)); | 105 EXPECT_TRUE(f2_.SetAnswer(params2, CS_LOCAL)); |
| 106 EXPECT_TRUE(f1_.SetAnswer(params2, CS_REMOTE)); | 106 EXPECT_TRUE(f1_.SetAnswer(params2, CS_REMOTE)); |
| 107 EXPECT_TRUE(f1_.IsActive()); | 107 EXPECT_TRUE(f1_.IsActive()); |
| 108 EXPECT_TRUE(f2_.IsActive()); | 108 EXPECT_TRUE(f2_.IsActive()); |
| 109 } | 109 } |
| 110 void TestRtpAuthParams(cricket::SrtpFilter* filter, const std::string& cs) { | |
| 111 int overhead; | |
| 112 EXPECT_TRUE(filter->GetSrtpOverhead(&overhead)); | |
| 113 switch (rtc::SrtpCryptoSuiteFromName(cs)) { | |
| 114 case rtc::SRTP_AES128_CM_SHA1_32: | |
| 115 EXPECT_EQ(32/8, overhead); // 32-bit tag. | |
| 116 break; | |
| 117 case rtc::SRTP_AES128_CM_SHA1_80: | |
| 118 EXPECT_EQ(80/8, overhead); // 80-bit tag. | |
| 119 break; | |
| 120 default: | |
| 121 RTC_NOTREACHED(); | |
| 122 break; | |
| 123 } | |
| 124 | |
| 125 uint8_t* auth_key = nullptr; | |
| 126 int key_len = 0; | |
| 127 int tag_len = 0; | |
| 128 EXPECT_TRUE(filter->GetRtpAuthParams(&auth_key, &key_len, &tag_len)); | |
| 129 EXPECT_NE(nullptr, auth_key); | |
| 130 EXPECT_EQ(160/8, key_len); // Length of SHA-1 is 160 bits. | |
| 131 EXPECT_EQ(overhead, tag_len); | |
| 132 } | |
| 133 void TestProtectUnprotect(const std::string& cs1, const std::string& cs2) { | 110 void TestProtectUnprotect(const std::string& cs1, const std::string& cs2) { |
| 134 rtc::Buffer rtp_buffer(sizeof(kPcmuFrame) + rtp_auth_tag_len(cs1)); | 111 rtc::Buffer rtp_buffer(sizeof(kPcmuFrame) + rtp_auth_tag_len(cs1)); |
| 135 char* rtp_packet = rtp_buffer.data<char>(); | 112 char* rtp_packet = rtp_buffer.data<char>(); |
| 136 char original_rtp_packet[sizeof(kPcmuFrame)]; | 113 char original_rtp_packet[sizeof(kPcmuFrame)]; |
| 137 rtc::Buffer rtcp_buffer(sizeof(kRtcpReport) + 4 + rtcp_auth_tag_len(cs2)); | 114 rtc::Buffer rtcp_buffer(sizeof(kRtcpReport) + 4 + rtcp_auth_tag_len(cs2)); |
| 138 char* rtcp_packet = rtcp_buffer.data<char>(); | 115 char* rtcp_packet = rtcp_buffer.data<char>(); |
| 139 int rtp_len = sizeof(kPcmuFrame), rtcp_len = sizeof(kRtcpReport), out_len; | 116 int rtp_len = sizeof(kPcmuFrame), rtcp_len = sizeof(kRtcpReport), out_len; |
| 140 memcpy(rtp_packet, kPcmuFrame, rtp_len); | 117 memcpy(rtp_packet, kPcmuFrame, rtp_len); |
| 141 // In order to be able to run this test function multiple times we can not | 118 // In order to be able to run this test function multiple times we can not |
| 142 // use the same sequence number twice. Increase the sequence number by one. | 119 // use the same sequence number twice. Increase the sequence number by one. |
| 143 rtc::SetBE16(reinterpret_cast<uint8_t*>(rtp_packet) + 2, | 120 rtc::SetBE16(reinterpret_cast<uint8_t*>(rtp_packet) + 2, |
| 144 ++sequence_number_); | 121 ++sequence_number_); |
| 145 memcpy(original_rtp_packet, rtp_packet, rtp_len); | 122 memcpy(original_rtp_packet, rtp_packet, rtp_len); |
| 146 memcpy(rtcp_packet, kRtcpReport, rtcp_len); | 123 memcpy(rtcp_packet, kRtcpReport, rtcp_len); |
| 147 | 124 |
| 148 EXPECT_TRUE(f1_.ProtectRtp(rtp_packet, rtp_len, | 125 EXPECT_TRUE(f1_.ProtectRtp(rtp_packet, rtp_len, |
| 149 static_cast<int>(rtp_buffer.size()), | 126 static_cast<int>(rtp_buffer.size()), |
| 150 &out_len)); | 127 &out_len)); |
| 151 EXPECT_EQ(out_len, rtp_len + rtp_auth_tag_len(cs1)); | 128 EXPECT_EQ(out_len, rtp_len + rtp_auth_tag_len(cs1)); |
| 152 EXPECT_NE(0, memcmp(rtp_packet, original_rtp_packet, rtp_len)); | 129 EXPECT_NE(0, memcmp(rtp_packet, original_rtp_packet, rtp_len)); |
| 153 if (!f1_.IsExternalAuthActive()) { | 130 EXPECT_TRUE(f2_.UnprotectRtp(rtp_packet, out_len, &out_len)); |
| 154 EXPECT_TRUE(f2_.UnprotectRtp(rtp_packet, out_len, &out_len)); | 131 EXPECT_EQ(rtp_len, out_len); |
| 155 EXPECT_EQ(rtp_len, out_len); | 132 EXPECT_EQ(0, memcmp(rtp_packet, original_rtp_packet, rtp_len)); |
| 156 EXPECT_EQ(0, memcmp(rtp_packet, original_rtp_packet, rtp_len)); | |
| 157 } else { | |
| 158 // With external auth enabled, SRTP doesn't write the auth tag and | |
| 159 // unprotect would fail. Check accessing the information about the | |
| 160 // tag instead, similar to what the actual code would do that relies | |
| 161 // on external auth. | |
| 162 TestRtpAuthParams(&f1_, cs1); | |
| 163 } | |
| 164 | 133 |
| 165 EXPECT_TRUE(f2_.ProtectRtp(rtp_packet, rtp_len, | 134 EXPECT_TRUE(f2_.ProtectRtp(rtp_packet, rtp_len, |
| 166 static_cast<int>(rtp_buffer.size()), | 135 static_cast<int>(rtp_buffer.size()), |
| 167 &out_len)); | 136 &out_len)); |
| 168 EXPECT_EQ(out_len, rtp_len + rtp_auth_tag_len(cs2)); | 137 EXPECT_EQ(out_len, rtp_len + rtp_auth_tag_len(cs2)); |
| 169 EXPECT_NE(0, memcmp(rtp_packet, original_rtp_packet, rtp_len)); | 138 EXPECT_NE(0, memcmp(rtp_packet, original_rtp_packet, rtp_len)); |
| 170 if (!f2_.IsExternalAuthActive()) { | 139 EXPECT_TRUE(f1_.UnprotectRtp(rtp_packet, out_len, &out_len)); |
| 171 EXPECT_TRUE(f1_.UnprotectRtp(rtp_packet, out_len, &out_len)); | 140 EXPECT_EQ(rtp_len, out_len); |
| 172 EXPECT_EQ(rtp_len, out_len); | 141 EXPECT_EQ(0, memcmp(rtp_packet, original_rtp_packet, rtp_len)); |
| 173 EXPECT_EQ(0, memcmp(rtp_packet, original_rtp_packet, rtp_len)); | |
| 174 } else { | |
| 175 TestRtpAuthParams(&f2_, cs2); | |
| 176 } | |
| 177 | 142 |
| 178 EXPECT_TRUE(f1_.ProtectRtcp(rtcp_packet, rtcp_len, | 143 EXPECT_TRUE(f1_.ProtectRtcp(rtcp_packet, rtcp_len, |
| 179 static_cast<int>(rtcp_buffer.size()), | 144 static_cast<int>(rtcp_buffer.size()), |
| 180 &out_len)); | 145 &out_len)); |
| 181 EXPECT_EQ(out_len, rtcp_len + 4 + rtcp_auth_tag_len(cs1)); // NOLINT | 146 EXPECT_EQ(out_len, rtcp_len + 4 + rtcp_auth_tag_len(cs1)); // NOLINT |
| 182 EXPECT_NE(0, memcmp(rtcp_packet, kRtcpReport, rtcp_len)); | 147 EXPECT_NE(0, memcmp(rtcp_packet, kRtcpReport, rtcp_len)); |
| 183 EXPECT_TRUE(f2_.UnprotectRtcp(rtcp_packet, out_len, &out_len)); | 148 EXPECT_TRUE(f2_.UnprotectRtcp(rtcp_packet, out_len, &out_len)); |
| 184 EXPECT_EQ(rtcp_len, out_len); | 149 EXPECT_EQ(rtcp_len, out_len); |
| 185 EXPECT_EQ(0, memcmp(rtcp_packet, kRtcpReport, rtcp_len)); | 150 EXPECT_EQ(0, memcmp(rtcp_packet, kRtcpReport, rtcp_len)); |
| 186 | 151 |
| 187 EXPECT_TRUE(f2_.ProtectRtcp(rtcp_packet, rtcp_len, | 152 EXPECT_TRUE(f2_.ProtectRtcp(rtcp_packet, rtcp_len, |
| 188 static_cast<int>(rtcp_buffer.size()), | 153 static_cast<int>(rtcp_buffer.size()), |
| 189 &out_len)); | 154 &out_len)); |
| 190 EXPECT_EQ(out_len, rtcp_len + 4 + rtcp_auth_tag_len(cs2)); // NOLINT | 155 EXPECT_EQ(out_len, rtcp_len + 4 + rtcp_auth_tag_len(cs2)); // NOLINT |
| 191 EXPECT_NE(0, memcmp(rtcp_packet, kRtcpReport, rtcp_len)); | 156 EXPECT_NE(0, memcmp(rtcp_packet, kRtcpReport, rtcp_len)); |
| 192 EXPECT_TRUE(f1_.UnprotectRtcp(rtcp_packet, out_len, &out_len)); | 157 EXPECT_TRUE(f1_.UnprotectRtcp(rtcp_packet, out_len, &out_len)); |
| 193 EXPECT_EQ(rtcp_len, out_len); | 158 EXPECT_EQ(rtcp_len, out_len); |
| 194 EXPECT_EQ(0, memcmp(rtcp_packet, kRtcpReport, rtcp_len)); | 159 EXPECT_EQ(0, memcmp(rtcp_packet, kRtcpReport, rtcp_len)); |
| 195 } | 160 } |
| 196 void TestProtectSetParamsDirect(bool enable_external_auth, int cs, | |
| 197 const uint8_t* key1, int key1_len, const uint8_t* key2, int key2_len, | |
| 198 const std::string& cs_name) { | |
| 199 EXPECT_EQ(key1_len, key2_len); | |
| 200 EXPECT_EQ(cs_name, rtc::SrtpCryptoSuiteToName(cs)); | |
| 201 if (enable_external_auth) { | |
| 202 f1_.EnableExternalAuth(); | |
| 203 f2_.EnableExternalAuth(); | |
| 204 } | |
| 205 EXPECT_TRUE(f1_.SetRtpParams(cs, key1, key1_len, cs, key2, key2_len)); | |
| 206 EXPECT_TRUE(f2_.SetRtpParams(cs, key2, key2_len, cs, key1, key1_len)); | |
| 207 EXPECT_TRUE(f1_.SetRtcpParams(cs, key1, key1_len, cs, key2, key2_len)); | |
| 208 EXPECT_TRUE(f2_.SetRtcpParams(cs, key2, key2_len, cs, key1, key1_len)); | |
| 209 EXPECT_TRUE(f1_.IsActive()); | |
| 210 EXPECT_TRUE(f2_.IsActive()); | |
| 211 if (rtc::IsGcmCryptoSuite(cs)) { | |
| 212 EXPECT_FALSE(f1_.IsExternalAuthActive()); | |
| 213 EXPECT_FALSE(f2_.IsExternalAuthActive()); | |
| 214 } else if (enable_external_auth) { | |
| 215 EXPECT_TRUE(f1_.IsExternalAuthActive()); | |
| 216 EXPECT_TRUE(f2_.IsExternalAuthActive()); | |
| 217 } | |
| 218 TestProtectUnprotect(cs_name, cs_name); | |
| 219 } | |
| 220 cricket::SrtpFilter f1_; | 161 cricket::SrtpFilter f1_; |
| 221 cricket::SrtpFilter f2_; | 162 cricket::SrtpFilter f2_; |
| 222 int sequence_number_; | 163 int sequence_number_; |
| 223 }; | 164 }; |
| 224 | 165 |
| 225 // Test that we can set up the session and keys properly. | 166 // Test that we can set up the session and keys properly. |
| 226 TEST_F(SrtpFilterTest, TestGoodSetupOneCipherSuite) { | 167 TEST_F(SrtpFilterTest, TestGoodSetupOneCipherSuite) { |
| 227 EXPECT_TRUE(f1_.SetOffer(MakeVector(kTestCryptoParams1), CS_LOCAL)); | 168 EXPECT_TRUE(f1_.SetOffer(MakeVector(kTestCryptoParams1), CS_LOCAL)); |
| 228 EXPECT_FALSE(f1_.IsActive()); | 169 EXPECT_FALSE(f1_.IsActive()); |
| 229 EXPECT_TRUE(f1_.SetAnswer(MakeVector(kTestCryptoParams2), CS_REMOTE)); | 170 EXPECT_TRUE(f1_.SetAnswer(MakeVector(kTestCryptoParams2), CS_REMOTE)); |
| (...skipping 369 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 599 TestProtectUnprotect(CS_AES_CM_128_HMAC_SHA1_80, CS_AES_CM_128_HMAC_SHA1_80); | 540 TestProtectUnprotect(CS_AES_CM_128_HMAC_SHA1_80, CS_AES_CM_128_HMAC_SHA1_80); |
| 600 | 541 |
| 601 // Complete the negotiation. | 542 // Complete the negotiation. |
| 602 EXPECT_TRUE(f2_.SetAnswer(answer, CS_LOCAL)); | 543 EXPECT_TRUE(f2_.SetAnswer(answer, CS_LOCAL)); |
| 603 EXPECT_TRUE(f1_.SetAnswer(answer, CS_REMOTE)); | 544 EXPECT_TRUE(f1_.SetAnswer(answer, CS_REMOTE)); |
| 604 | 545 |
| 605 EXPECT_FALSE(f1_.IsActive()); | 546 EXPECT_FALSE(f1_.IsActive()); |
| 606 EXPECT_FALSE(f2_.IsActive()); | 547 EXPECT_FALSE(f2_.IsActive()); |
| 607 } | 548 } |
| 608 | 549 |
| 609 class SrtpFilterProtectSetParamsDirectTest | |
| 610 : public SrtpFilterTest, | |
| 611 public testing::WithParamInterface<bool> { | |
| 612 }; | |
| 613 | |
| 614 // Test directly setting the params with AES_CM_128_HMAC_SHA1_80. | 550 // Test directly setting the params with AES_CM_128_HMAC_SHA1_80. |
| 615 TEST_P(SrtpFilterProtectSetParamsDirectTest, Test_AES_CM_128_HMAC_SHA1_80) { | 551 TEST_F(SrtpFilterTest, TestProtect_SetParamsDirect_AES_CM_128_HMAC_SHA1_80) { |
| 616 bool enable_external_auth = GetParam(); | 552 EXPECT_TRUE(f1_.SetRtpParams(rtc::SRTP_AES128_CM_SHA1_80, kTestKey1, |
| 617 TestProtectSetParamsDirect(enable_external_auth, rtc::SRTP_AES128_CM_SHA1_80, | 553 kTestKeyLen, rtc::SRTP_AES128_CM_SHA1_80, |
| 618 kTestKey1, kTestKeyLen, kTestKey2, kTestKeyLen, | 554 kTestKey2, kTestKeyLen)); |
| 619 CS_AES_CM_128_HMAC_SHA1_80); | 555 EXPECT_TRUE(f2_.SetRtpParams(rtc::SRTP_AES128_CM_SHA1_80, kTestKey2, |
| 556 kTestKeyLen, rtc::SRTP_AES128_CM_SHA1_80, |
| 557 kTestKey1, kTestKeyLen)); |
| 558 EXPECT_TRUE(f1_.SetRtcpParams(rtc::SRTP_AES128_CM_SHA1_80, kTestKey1, |
| 559 kTestKeyLen, rtc::SRTP_AES128_CM_SHA1_80, |
| 560 kTestKey2, kTestKeyLen)); |
| 561 EXPECT_TRUE(f2_.SetRtcpParams(rtc::SRTP_AES128_CM_SHA1_80, kTestKey2, |
| 562 kTestKeyLen, rtc::SRTP_AES128_CM_SHA1_80, |
| 563 kTestKey1, kTestKeyLen)); |
| 564 EXPECT_TRUE(f1_.IsActive()); |
| 565 EXPECT_TRUE(f2_.IsActive()); |
| 566 #if defined(ENABLE_EXTERNAL_AUTH) |
| 567 EXPECT_TRUE(f1_.IsExternalAuthActive()); |
| 568 EXPECT_TRUE(f2_.IsExternalAuthActive()); |
| 569 #endif |
| 570 TestProtectUnprotect(CS_AES_CM_128_HMAC_SHA1_80, CS_AES_CM_128_HMAC_SHA1_80); |
| 620 } | 571 } |
| 621 | 572 |
| 622 // Test directly setting the params with AES_CM_128_HMAC_SHA1_32. | 573 // Test directly setting the params with AES_CM_128_HMAC_SHA1_32. |
| 623 TEST_P(SrtpFilterProtectSetParamsDirectTest, Test_AES_CM_128_HMAC_SHA1_32) { | 574 TEST_F(SrtpFilterTest, TestProtect_SetParamsDirect_AES_CM_128_HMAC_SHA1_32) { |
| 624 bool enable_external_auth = GetParam(); | 575 EXPECT_TRUE(f1_.SetRtpParams(rtc::SRTP_AES128_CM_SHA1_32, kTestKey1, |
| 625 TestProtectSetParamsDirect(enable_external_auth, rtc::SRTP_AES128_CM_SHA1_32, | 576 kTestKeyLen, rtc::SRTP_AES128_CM_SHA1_32, |
| 626 kTestKey1, kTestKeyLen, kTestKey2, kTestKeyLen, | 577 kTestKey2, kTestKeyLen)); |
| 627 CS_AES_CM_128_HMAC_SHA1_32); | 578 EXPECT_TRUE(f2_.SetRtpParams(rtc::SRTP_AES128_CM_SHA1_32, kTestKey2, |
| 579 kTestKeyLen, rtc::SRTP_AES128_CM_SHA1_32, |
| 580 kTestKey1, kTestKeyLen)); |
| 581 EXPECT_TRUE(f1_.SetRtcpParams(rtc::SRTP_AES128_CM_SHA1_32, kTestKey1, |
| 582 kTestKeyLen, rtc::SRTP_AES128_CM_SHA1_32, |
| 583 kTestKey2, kTestKeyLen)); |
| 584 EXPECT_TRUE(f2_.SetRtcpParams(rtc::SRTP_AES128_CM_SHA1_32, kTestKey2, |
| 585 kTestKeyLen, rtc::SRTP_AES128_CM_SHA1_32, |
| 586 kTestKey1, kTestKeyLen)); |
| 587 EXPECT_TRUE(f1_.IsActive()); |
| 588 EXPECT_TRUE(f2_.IsActive()); |
| 589 #if defined(ENABLE_EXTERNAL_AUTH) |
| 590 EXPECT_TRUE(f1_.IsExternalAuthActive()); |
| 591 EXPECT_TRUE(f2_.IsExternalAuthActive()); |
| 592 #endif |
| 593 TestProtectUnprotect(CS_AES_CM_128_HMAC_SHA1_32, CS_AES_CM_128_HMAC_SHA1_32); |
| 628 } | 594 } |
| 629 | 595 |
| 630 // Test directly setting the params with SRTP_AEAD_AES_128_GCM. | 596 // Test directly setting the params with SRTP_AEAD_AES_128_GCM. |
| 631 TEST_P(SrtpFilterProtectSetParamsDirectTest, Test_SRTP_AEAD_AES_128_GCM) { | 597 TEST_F(SrtpFilterTest, TestProtect_SetParamsDirect_SRTP_AEAD_AES_128_GCM) { |
| 632 bool enable_external_auth = GetParam(); | 598 EXPECT_TRUE(f1_.SetRtpParams(rtc::SRTP_AEAD_AES_128_GCM, kTestKeyGcm128_1, |
| 633 TestProtectSetParamsDirect(enable_external_auth, rtc::SRTP_AEAD_AES_128_GCM, | 599 kTestKeyGcm128Len, rtc::SRTP_AEAD_AES_128_GCM, |
| 634 kTestKeyGcm128_1, kTestKeyGcm128Len, kTestKeyGcm128_2, kTestKeyGcm128Len, | 600 kTestKeyGcm128_2, kTestKeyGcm128Len)); |
| 635 CS_AEAD_AES_128_GCM); | 601 EXPECT_TRUE(f2_.SetRtpParams(rtc::SRTP_AEAD_AES_128_GCM, kTestKeyGcm128_2, |
| 602 kTestKeyGcm128Len, rtc::SRTP_AEAD_AES_128_GCM, |
| 603 kTestKeyGcm128_1, kTestKeyGcm128Len)); |
| 604 EXPECT_TRUE(f1_.SetRtcpParams(rtc::SRTP_AEAD_AES_128_GCM, kTestKeyGcm128_1, |
| 605 kTestKeyGcm128Len, rtc::SRTP_AEAD_AES_128_GCM, |
| 606 kTestKeyGcm128_2, kTestKeyGcm128Len)); |
| 607 EXPECT_TRUE(f2_.SetRtcpParams(rtc::SRTP_AEAD_AES_128_GCM, kTestKeyGcm128_2, |
| 608 kTestKeyGcm128Len, rtc::SRTP_AEAD_AES_128_GCM, |
| 609 kTestKeyGcm128_1, kTestKeyGcm128Len)); |
| 610 EXPECT_TRUE(f1_.IsActive()); |
| 611 EXPECT_TRUE(f2_.IsActive()); |
| 612 #if defined(ENABLE_EXTERNAL_AUTH) |
| 613 EXPECT_FALSE(f1_.IsExternalAuthActive()); |
| 614 EXPECT_FALSE(f2_.IsExternalAuthActive()); |
| 615 #endif |
| 616 TestProtectUnprotect(CS_AEAD_AES_128_GCM, CS_AEAD_AES_128_GCM); |
| 636 } | 617 } |
| 637 | 618 |
| 638 // Test directly setting the params with SRTP_AEAD_AES_256_GCM. | 619 // Test directly setting the params with SRTP_AEAD_AES_256_GCM. |
| 639 TEST_P(SrtpFilterProtectSetParamsDirectTest, Test_SRTP_AEAD_AES_256_GCM) { | 620 TEST_F(SrtpFilterTest, TestProtect_SetParamsDirect_SRTP_AEAD_AES_256_GCM) { |
| 640 bool enable_external_auth = GetParam(); | 621 EXPECT_TRUE(f1_.SetRtpParams(rtc::SRTP_AEAD_AES_256_GCM, kTestKeyGcm256_1, |
| 641 TestProtectSetParamsDirect(enable_external_auth, rtc::SRTP_AEAD_AES_256_GCM, | 622 kTestKeyGcm256Len, rtc::SRTP_AEAD_AES_256_GCM, |
| 642 kTestKeyGcm256_1, kTestKeyGcm256Len, kTestKeyGcm256_2, kTestKeyGcm256Len, | 623 kTestKeyGcm256_2, kTestKeyGcm256Len)); |
| 643 CS_AEAD_AES_256_GCM); | 624 EXPECT_TRUE(f2_.SetRtpParams(rtc::SRTP_AEAD_AES_256_GCM, kTestKeyGcm256_2, |
| 625 kTestKeyGcm256Len, rtc::SRTP_AEAD_AES_256_GCM, |
| 626 kTestKeyGcm256_1, kTestKeyGcm256Len)); |
| 627 EXPECT_TRUE(f1_.SetRtcpParams(rtc::SRTP_AEAD_AES_256_GCM, kTestKeyGcm256_1, |
| 628 kTestKeyGcm256Len, rtc::SRTP_AEAD_AES_256_GCM, |
| 629 kTestKeyGcm256_2, kTestKeyGcm256Len)); |
| 630 EXPECT_TRUE(f2_.SetRtcpParams(rtc::SRTP_AEAD_AES_256_GCM, kTestKeyGcm256_2, |
| 631 kTestKeyGcm256Len, rtc::SRTP_AEAD_AES_256_GCM, |
| 632 kTestKeyGcm256_1, kTestKeyGcm256Len)); |
| 633 EXPECT_TRUE(f1_.IsActive()); |
| 634 EXPECT_TRUE(f2_.IsActive()); |
| 635 #if defined(ENABLE_EXTERNAL_AUTH) |
| 636 EXPECT_FALSE(f1_.IsExternalAuthActive()); |
| 637 EXPECT_FALSE(f2_.IsExternalAuthActive()); |
| 638 #endif |
| 639 TestProtectUnprotect(CS_AEAD_AES_256_GCM, CS_AEAD_AES_256_GCM); |
| 644 } | 640 } |
| 645 | 641 |
| 646 // Run all tests both with and without external auth enabled. | |
| 647 INSTANTIATE_TEST_CASE_P(ExternalAuth, | |
| 648 SrtpFilterProtectSetParamsDirectTest, | |
| 649 ::testing::Values(true, false)); | |
| 650 | |
| 651 // Test directly setting the params with bogus keys. | 642 // Test directly setting the params with bogus keys. |
| 652 TEST_F(SrtpFilterTest, TestSetParamsKeyTooShort) { | 643 TEST_F(SrtpFilterTest, TestSetParamsKeyTooShort) { |
| 653 EXPECT_FALSE(f1_.SetRtpParams(rtc::SRTP_AES128_CM_SHA1_80, kTestKey1, | 644 EXPECT_FALSE(f1_.SetRtpParams(rtc::SRTP_AES128_CM_SHA1_80, kTestKey1, |
| 654 kTestKeyLen - 1, rtc::SRTP_AES128_CM_SHA1_80, | 645 kTestKeyLen - 1, rtc::SRTP_AES128_CM_SHA1_80, |
| 655 kTestKey1, kTestKeyLen - 1)); | 646 kTestKey1, kTestKeyLen - 1)); |
| 656 EXPECT_FALSE(f1_.SetRtcpParams(rtc::SRTP_AES128_CM_SHA1_80, kTestKey1, | 647 EXPECT_FALSE(f1_.SetRtcpParams(rtc::SRTP_AES128_CM_SHA1_80, kTestKey1, |
| 657 kTestKeyLen - 1, rtc::SRTP_AES128_CM_SHA1_80, | 648 kTestKeyLen - 1, rtc::SRTP_AES128_CM_SHA1_80, |
| 658 kTestKey1, kTestKeyLen - 1)); | 649 kTestKey1, kTestKeyLen - 1)); |
| 659 } | 650 } |
| 660 | 651 |
| 652 #if defined(ENABLE_EXTERNAL_AUTH) |
| 653 TEST_F(SrtpFilterTest, TestGetSendAuthParams) { |
| 654 EXPECT_TRUE(f1_.SetRtpParams(rtc::SRTP_AES128_CM_SHA1_32, kTestKey1, |
| 655 kTestKeyLen, rtc::SRTP_AES128_CM_SHA1_32, |
| 656 kTestKey2, kTestKeyLen)); |
| 657 EXPECT_TRUE(f1_.SetRtcpParams(rtc::SRTP_AES128_CM_SHA1_32, kTestKey1, |
| 658 kTestKeyLen, rtc::SRTP_AES128_CM_SHA1_32, |
| 659 kTestKey2, kTestKeyLen)); |
| 660 // Non-GCM ciphers support external auth. |
| 661 EXPECT_TRUE(f1_.IsExternalAuthActive()); |
| 662 uint8_t* auth_key = NULL; |
| 663 int auth_key_len = 0, auth_tag_len = 0; |
| 664 EXPECT_TRUE(f1_.GetRtpAuthParams(&auth_key, &auth_key_len, &auth_tag_len)); |
| 665 EXPECT_TRUE(auth_key != NULL); |
| 666 EXPECT_EQ(20, auth_key_len); |
| 667 EXPECT_EQ(4, auth_tag_len); |
| 668 } |
| 669 #endif |
| 670 |
| 661 class SrtpSessionTest : public testing::Test { | 671 class SrtpSessionTest : public testing::Test { |
| 662 protected: | 672 protected: |
| 663 virtual void SetUp() { | 673 virtual void SetUp() { |
| 664 rtp_len_ = sizeof(kPcmuFrame); | 674 rtp_len_ = sizeof(kPcmuFrame); |
| 665 rtcp_len_ = sizeof(kRtcpReport); | 675 rtcp_len_ = sizeof(kRtcpReport); |
| 666 memcpy(rtp_packet_, kPcmuFrame, rtp_len_); | 676 memcpy(rtp_packet_, kPcmuFrame, rtp_len_); |
| 667 memcpy(rtcp_packet_, kRtcpReport, rtcp_len_); | 677 memcpy(rtcp_packet_, kRtcpReport, rtcp_len_); |
| 668 } | 678 } |
| 669 void TestProtectRtp(const std::string& cs) { | 679 void TestProtectRtp(const std::string& cs) { |
| 670 int out_len = 0; | 680 int out_len = 0; |
| (...skipping 332 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 1003 srtp_stat_.AddUnprotectRtcpResult(srtp_err_status_fail); | 1013 srtp_stat_.AddUnprotectRtcpResult(srtp_err_status_fail); |
| 1004 EXPECT_EQ(-1, mode_); | 1014 EXPECT_EQ(-1, mode_); |
| 1005 EXPECT_EQ(cricket::SrtpFilter::ERROR_NONE, error_); | 1015 EXPECT_EQ(cricket::SrtpFilter::ERROR_NONE, error_); |
| 1006 // Now the error will be triggered again. | 1016 // Now the error will be triggered again. |
| 1007 Reset(); | 1017 Reset(); |
| 1008 rtc::Thread::Current()->SleepMs(210); | 1018 rtc::Thread::Current()->SleepMs(210); |
| 1009 srtp_stat_.AddUnprotectRtcpResult(srtp_err_status_fail); | 1019 srtp_stat_.AddUnprotectRtcpResult(srtp_err_status_fail); |
| 1010 EXPECT_EQ(cricket::SrtpFilter::UNPROTECT, mode_); | 1020 EXPECT_EQ(cricket::SrtpFilter::UNPROTECT, mode_); |
| 1011 EXPECT_EQ(cricket::SrtpFilter::ERROR_FAIL, error_); | 1021 EXPECT_EQ(cricket::SrtpFilter::ERROR_FAIL, error_); |
| 1012 } | 1022 } |
| OLD | NEW |
|---|
Chromium Code Reviews
Issue 2734643002:
Revert of Improve testing of SRTP external auth code paths. (Closed)
