OLD | NEW |
1 /* | 1 /* |
2 * Copyright 2017 The WebRTC project authors. All Rights Reserved. | 2 * Copyright 2017 The WebRTC project authors. All Rights Reserved. |
3 * | 3 * |
4 * Use of this source code is governed by a BSD-style license | 4 * Use of this source code is governed by a BSD-style license |
5 * that can be found in the LICENSE file in the root of the source | 5 * that can be found in the LICENSE file in the root of the source |
6 * tree. An additional intellectual property rights grant can be found | 6 * tree. An additional intellectual property rights grant can be found |
7 * in the file PATENTS. All contributing project authors may | 7 * in the file PATENTS. All contributing project authors may |
8 * be found in the AUTHORS file in the root of the source tree. | 8 * be found in the AUTHORS file in the root of the source tree. |
9 */ | 9 */ |
10 | 10 |
11 #include "webrtc/pc/srtptransport.h" | 11 #include "webrtc/pc/srtptransport.h" |
12 | 12 |
| 13 #include "webrtc/media/base/fakertp.h" |
| 14 #include "webrtc/p2p/base/dtlstransportinternal.h" |
| 15 #include "webrtc/p2p/base/fakepackettransport.h" |
13 #include "webrtc/pc/rtptransport.h" | 16 #include "webrtc/pc/rtptransport.h" |
14 #include "webrtc/pc/rtptransporttestutil.h" | 17 #include "webrtc/pc/rtptransporttestutil.h" |
| 18 #include "webrtc/pc/srtptestutil.h" |
15 #include "webrtc/rtc_base/asyncpacketsocket.h" | 19 #include "webrtc/rtc_base/asyncpacketsocket.h" |
16 #include "webrtc/rtc_base/gunit.h" | 20 #include "webrtc/rtc_base/gunit.h" |
17 #include "webrtc/rtc_base/ptr_util.h" | 21 #include "webrtc/rtc_base/ptr_util.h" |
18 #include "webrtc/test/gmock.h" | 22 #include "webrtc/rtc_base/sslstreamadapter.h" |
| 23 |
| 24 using rtc::kTestKey1; |
| 25 using rtc::kTestKey2; |
| 26 using rtc::kTestKeyLen; |
| 27 using rtc::SRTP_AEAD_AES_128_GCM; |
19 | 28 |
20 namespace webrtc { | 29 namespace webrtc { |
21 | 30 static const uint8_t kTestKeyGcm128_1[] = "ABCDEFGHIJKLMNOPQRSTUVWXYZ12"; |
22 using testing::_; | 31 static const uint8_t kTestKeyGcm128_2[] = "21ZYXWVUTSRQPONMLKJIHGFEDCBA"; |
23 using testing::Return; | 32 static const int kTestKeyGcm128Len = 28; // 128 bits key + 96 bits salt. |
24 | 33 static const uint8_t kTestKeyGcm256_1[] = |
25 class MockRtpTransport : public RtpTransport { | 34 "ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqr"; |
26 public: | 35 static const uint8_t kTestKeyGcm256_2[] = |
27 MockRtpTransport() : RtpTransport(true) {} | 36 "rqponmlkjihgfedcbaZYXWVUTSRQPONMLKJIHGFEDCBA"; |
28 | 37 static const int kTestKeyGcm256Len = 44; // 256 bits key + 96 bits salt. |
29 MOCK_METHOD4(SendPacket, | 38 |
30 bool(bool rtcp, | 39 class SrtpTransportTest : public testing::Test, public sigslot::has_slots<> { |
31 rtc::CopyOnWriteBuffer* packet, | 40 protected: |
32 const rtc::PacketOptions& options, | 41 SrtpTransportTest() { |
33 int flags)); | 42 bool rtcp_mux_enabled = true; |
34 | 43 auto rtp_transport1 = rtc::MakeUnique<RtpTransport>(rtcp_mux_enabled); |
35 void PretendReceivedPacket() { | 44 auto rtp_transport2 = rtc::MakeUnique<RtpTransport>(rtcp_mux_enabled); |
36 bool rtcp = false; | 45 |
37 rtc::CopyOnWriteBuffer buffer; | 46 rtp_packet_transport1_ = |
38 rtc::PacketTime time; | 47 rtc::MakeUnique<rtc::FakePacketTransport>("fake_packet_transport1"); |
39 SignalPacketReceived(rtcp, &buffer, time); | 48 rtp_packet_transport2_ = |
40 } | 49 rtc::MakeUnique<rtc::FakePacketTransport>("fake_packet_transport2"); |
| 50 |
| 51 bool asymmetric = false; |
| 52 rtp_packet_transport1_->SetDestination(rtp_packet_transport2_.get(), |
| 53 asymmetric); |
| 54 |
| 55 rtp_transport1->SetRtpPacketTransport(rtp_packet_transport1_.get()); |
| 56 rtp_transport2->SetRtpPacketTransport(rtp_packet_transport2_.get()); |
| 57 |
| 58 // Add payload type for RTP packet and RTCP packet. |
| 59 rtp_transport1->AddHandledPayloadType(0x00); |
| 60 rtp_transport2->AddHandledPayloadType(0x00); |
| 61 rtp_transport1->AddHandledPayloadType(0xc9); |
| 62 rtp_transport2->AddHandledPayloadType(0xc9); |
| 63 |
| 64 srtp_transport1_ = |
| 65 rtc::MakeUnique<SrtpTransport>(std::move(rtp_transport1), "content"); |
| 66 srtp_transport2_ = |
| 67 rtc::MakeUnique<SrtpTransport>(std::move(rtp_transport2), "content"); |
| 68 |
| 69 srtp_transport1_->SignalPacketReceived.connect( |
| 70 this, &SrtpTransportTest::OnPacketReceived1); |
| 71 srtp_transport2_->SignalPacketReceived.connect( |
| 72 this, &SrtpTransportTest::OnPacketReceived2); |
| 73 } |
| 74 |
| 75 void OnPacketReceived1(bool rtcp, |
| 76 rtc::CopyOnWriteBuffer* packet, |
| 77 const rtc::PacketTime& packet_time) { |
| 78 LOG(LS_INFO) << "SrtpTransport1 Received a packet."; |
| 79 last_recv_packet1_ = *packet; |
| 80 } |
| 81 |
| 82 void OnPacketReceived2(bool rtcp, |
| 83 rtc::CopyOnWriteBuffer* packet, |
| 84 const rtc::PacketTime& packet_time) { |
| 85 LOG(LS_INFO) << "SrtpTransport2 Received a packet."; |
| 86 last_recv_packet2_ = *packet; |
| 87 } |
| 88 |
| 89 // With external auth enabled, SRTP doesn't write the auth tag and |
| 90 // unprotect would fail. Check accessing the information about the |
| 91 // tag instead, similar to what the actual code would do that relies |
| 92 // on external auth. |
| 93 void TestRtpAuthParams(SrtpTransport* transport, const std::string& cs) { |
| 94 int overhead; |
| 95 EXPECT_TRUE(transport->GetSrtpOverhead(&overhead)); |
| 96 switch (rtc::SrtpCryptoSuiteFromName(cs)) { |
| 97 case rtc::SRTP_AES128_CM_SHA1_32: |
| 98 EXPECT_EQ(32 / 8, overhead); // 32-bit tag. |
| 99 break; |
| 100 case rtc::SRTP_AES128_CM_SHA1_80: |
| 101 EXPECT_EQ(80 / 8, overhead); // 80-bit tag. |
| 102 break; |
| 103 default: |
| 104 RTC_NOTREACHED(); |
| 105 break; |
| 106 } |
| 107 |
| 108 uint8_t* auth_key = nullptr; |
| 109 int key_len = 0; |
| 110 int tag_len = 0; |
| 111 EXPECT_TRUE(transport->GetRtpAuthParams(&auth_key, &key_len, &tag_len)); |
| 112 EXPECT_NE(nullptr, auth_key); |
| 113 EXPECT_EQ(160 / 8, key_len); // Length of SHA-1 is 160 bits. |
| 114 EXPECT_EQ(overhead, tag_len); |
| 115 } |
| 116 |
| 117 void TestSendRecvRtpPacket(const std::string& cipher_suite_name) { |
| 118 size_t rtp_len = sizeof(kPcmuFrame); |
| 119 size_t packet_size = rtp_len + rtc::rtp_auth_tag_len(cipher_suite_name); |
| 120 rtc::Buffer rtp_packet_buffer(packet_size); |
| 121 char* rtp_packet_data = rtp_packet_buffer.data<char>(); |
| 122 memcpy(rtp_packet_data, kPcmuFrame, rtp_len); |
| 123 // In order to be able to run this test function multiple times we can not |
| 124 // use the same sequence number twice. Increase the sequence number by one. |
| 125 rtc::SetBE16(reinterpret_cast<uint8_t*>(rtp_packet_data) + 2, |
| 126 ++sequence_number_); |
| 127 rtc::CopyOnWriteBuffer rtp_packet1to2(rtp_packet_data, rtp_len, |
| 128 packet_size); |
| 129 rtc::CopyOnWriteBuffer rtp_packet2to1(rtp_packet_data, rtp_len, |
| 130 packet_size); |
| 131 |
| 132 char original_rtp_data[sizeof(kPcmuFrame)]; |
| 133 memcpy(original_rtp_data, rtp_packet_data, rtp_len); |
| 134 |
| 135 rtc::PacketOptions options; |
| 136 // Send a packet from |srtp_transport1_| to |srtp_transport2_| and verify |
| 137 // that the packet can be successfully received and decrypted. |
| 138 ASSERT_TRUE(srtp_transport1_->SendRtpPacket(&rtp_packet1to2, options, |
| 139 cricket::PF_SRTP_BYPASS)); |
| 140 if (srtp_transport1_->IsExternalAuthActive()) { |
| 141 TestRtpAuthParams(srtp_transport1_.get(), cipher_suite_name); |
| 142 } else { |
| 143 ASSERT_TRUE(last_recv_packet2_.data()); |
| 144 EXPECT_TRUE( |
| 145 memcmp(last_recv_packet2_.data(), original_rtp_data, rtp_len) == 0); |
| 146 // Get the encrypted packet from underneath packet transport and verify |
| 147 // the data is actually encrypted. |
| 148 auto fake_rtp_packet_transport = static_cast<rtc::FakePacketTransport*>( |
| 149 srtp_transport1_->rtp_packet_transport()); |
| 150 EXPECT_FALSE(memcmp(fake_rtp_packet_transport->last_sent_packet()->data(), |
| 151 original_rtp_data, rtp_len) == 0); |
| 152 } |
| 153 |
| 154 // Do the same thing in the opposite direction; |
| 155 ASSERT_TRUE(srtp_transport2_->SendRtpPacket(&rtp_packet2to1, options, |
| 156 cricket::PF_SRTP_BYPASS)); |
| 157 if (srtp_transport2_->IsExternalAuthActive()) { |
| 158 TestRtpAuthParams(srtp_transport2_.get(), cipher_suite_name); |
| 159 } else { |
| 160 ASSERT_TRUE(last_recv_packet1_.data()); |
| 161 EXPECT_TRUE( |
| 162 memcmp(last_recv_packet1_.data(), original_rtp_data, rtp_len) == 0); |
| 163 auto fake_rtp_packet_transport = static_cast<rtc::FakePacketTransport*>( |
| 164 srtp_transport2_->rtp_packet_transport()); |
| 165 EXPECT_FALSE(memcmp(fake_rtp_packet_transport->last_sent_packet()->data(), |
| 166 original_rtp_data, rtp_len) == 0); |
| 167 } |
| 168 } |
| 169 |
| 170 void TestSendRecvRtcpPacket(const std::string& cipher_suite_name) { |
| 171 size_t rtcp_len = sizeof(kRtcpReport); |
| 172 size_t packet_size = |
| 173 rtcp_len + 4 + rtc::rtcp_auth_tag_len(cipher_suite_name); |
| 174 rtc::Buffer rtcp_packet_buffer(packet_size); |
| 175 char* rtcp_packet_data = rtcp_packet_buffer.data<char>(); |
| 176 memcpy(rtcp_packet_data, kRtcpReport, rtcp_len); |
| 177 |
| 178 rtc::CopyOnWriteBuffer rtcp_packet1to2(rtcp_packet_data, rtcp_len, |
| 179 packet_size); |
| 180 rtc::CopyOnWriteBuffer rtcp_packet2to1(rtcp_packet_data, rtcp_len, |
| 181 packet_size); |
| 182 |
| 183 rtc::PacketOptions options; |
| 184 // Send a packet from |srtp_transport1_| to |srtp_transport2_| and verify |
| 185 // that the packet can be successfully received and decrypted. |
| 186 ASSERT_TRUE(srtp_transport1_->SendRtcpPacket(&rtcp_packet1to2, options, |
| 187 cricket::PF_SRTP_BYPASS)); |
| 188 ASSERT_TRUE(last_recv_packet2_.data()); |
| 189 EXPECT_TRUE(memcmp(last_recv_packet2_.data(), rtcp_packet_data, rtcp_len) == |
| 190 0); |
| 191 // Get the encrypted packet from underneath packet transport and verify the |
| 192 // data is actually encrypted. |
| 193 auto fake_rtp_packet_transport = static_cast<rtc::FakePacketTransport*>( |
| 194 srtp_transport1_->rtp_packet_transport()); |
| 195 EXPECT_FALSE(memcmp(fake_rtp_packet_transport->last_sent_packet()->data(), |
| 196 rtcp_packet_data, rtcp_len) == 0); |
| 197 |
| 198 // Do the same thing in the opposite direction; |
| 199 ASSERT_TRUE(srtp_transport2_->SendRtcpPacket(&rtcp_packet2to1, options, |
| 200 cricket::PF_SRTP_BYPASS)); |
| 201 ASSERT_TRUE(last_recv_packet1_.data()); |
| 202 EXPECT_TRUE(memcmp(last_recv_packet1_.data(), rtcp_packet_data, rtcp_len) == |
| 203 0); |
| 204 fake_rtp_packet_transport = static_cast<rtc::FakePacketTransport*>( |
| 205 srtp_transport2_->rtp_packet_transport()); |
| 206 EXPECT_FALSE(memcmp(fake_rtp_packet_transport->last_sent_packet()->data(), |
| 207 rtcp_packet_data, rtcp_len) == 0); |
| 208 } |
| 209 |
| 210 void TestSendRecvPacket(bool enable_external_auth, |
| 211 int cs, |
| 212 const uint8_t* key1, |
| 213 int key1_len, |
| 214 const uint8_t* key2, |
| 215 int key2_len, |
| 216 const std::string& cipher_suite_name) { |
| 217 EXPECT_EQ(key1_len, key2_len); |
| 218 EXPECT_EQ(cipher_suite_name, rtc::SrtpCryptoSuiteToName(cs)); |
| 219 if (enable_external_auth) { |
| 220 srtp_transport1_->EnableExternalAuth(); |
| 221 srtp_transport2_->EnableExternalAuth(); |
| 222 } |
| 223 EXPECT_TRUE( |
| 224 srtp_transport1_->SetRtpParams(cs, key1, key1_len, cs, key2, key2_len)); |
| 225 EXPECT_TRUE( |
| 226 srtp_transport2_->SetRtpParams(cs, key2, key2_len, cs, key1, key1_len)); |
| 227 EXPECT_TRUE(srtp_transport1_->SetRtcpParams(cs, key1, key1_len, cs, key2, |
| 228 key2_len)); |
| 229 EXPECT_TRUE(srtp_transport2_->SetRtcpParams(cs, key2, key2_len, cs, key1, |
| 230 key1_len)); |
| 231 EXPECT_TRUE(srtp_transport1_->IsActive()); |
| 232 EXPECT_TRUE(srtp_transport2_->IsActive()); |
| 233 if (rtc::IsGcmCryptoSuite(cs)) { |
| 234 EXPECT_FALSE(srtp_transport1_->IsExternalAuthActive()); |
| 235 EXPECT_FALSE(srtp_transport2_->IsExternalAuthActive()); |
| 236 } else if (enable_external_auth) { |
| 237 EXPECT_TRUE(srtp_transport1_->IsExternalAuthActive()); |
| 238 EXPECT_TRUE(srtp_transport2_->IsExternalAuthActive()); |
| 239 } |
| 240 TestSendRecvRtpPacket(cipher_suite_name); |
| 241 TestSendRecvRtcpPacket(cipher_suite_name); |
| 242 } |
| 243 |
| 244 void TestSendRecvPacketWithEncryptedHeaderExtension( |
| 245 const std::string& cs, |
| 246 const std::vector<int>& encrypted_header_ids) { |
| 247 size_t rtp_len = sizeof(kPcmuFrameWithExtensions); |
| 248 size_t packet_size = rtp_len + rtc::rtp_auth_tag_len(cs); |
| 249 rtc::Buffer rtp_packet_buffer(packet_size); |
| 250 char* rtp_packet_data = rtp_packet_buffer.data<char>(); |
| 251 memcpy(rtp_packet_data, kPcmuFrameWithExtensions, rtp_len); |
| 252 // In order to be able to run this test function multiple times we can not |
| 253 // use the same sequence number twice. Increase the sequence number by one. |
| 254 rtc::SetBE16(reinterpret_cast<uint8_t*>(rtp_packet_data) + 2, |
| 255 ++sequence_number_); |
| 256 rtc::CopyOnWriteBuffer rtp_packet1to2(rtp_packet_data, rtp_len, |
| 257 packet_size); |
| 258 rtc::CopyOnWriteBuffer rtp_packet2to1(rtp_packet_data, rtp_len, |
| 259 packet_size); |
| 260 |
| 261 char original_rtp_data[sizeof(kPcmuFrameWithExtensions)]; |
| 262 memcpy(original_rtp_data, rtp_packet_data, rtp_len); |
| 263 |
| 264 rtc::PacketOptions options; |
| 265 // Send a packet from |srtp_transport1_| to |srtp_transport2_| and verify |
| 266 // that the packet can be successfully received and decrypted. |
| 267 ASSERT_TRUE(srtp_transport1_->SendRtpPacket(&rtp_packet1to2, options, |
| 268 cricket::PF_SRTP_BYPASS)); |
| 269 ASSERT_TRUE(last_recv_packet2_.data()); |
| 270 EXPECT_TRUE(memcmp(last_recv_packet2_.data(), original_rtp_data, rtp_len) == |
| 271 0); |
| 272 // Get the encrypted packet from underneath packet transport and verify the |
| 273 // data and header extension are actually encrypted. |
| 274 auto fake_rtp_packet_transport = static_cast<rtc::FakePacketTransport*>( |
| 275 srtp_transport1_->rtp_packet_transport()); |
| 276 EXPECT_FALSE(memcmp(fake_rtp_packet_transport->last_sent_packet()->data(), |
| 277 original_rtp_data, rtp_len) == 0); |
| 278 CompareHeaderExtensions( |
| 279 reinterpret_cast<const char*>( |
| 280 fake_rtp_packet_transport->last_sent_packet()->data()), |
| 281 fake_rtp_packet_transport->last_sent_packet()->size(), |
| 282 original_rtp_data, rtp_len, encrypted_header_ids, false); |
| 283 |
| 284 // Do the same thing in the opposite direction; |
| 285 ASSERT_TRUE(srtp_transport2_->SendRtpPacket(&rtp_packet2to1, options, |
| 286 cricket::PF_SRTP_BYPASS)); |
| 287 ASSERT_TRUE(last_recv_packet1_.data()); |
| 288 EXPECT_TRUE(memcmp(last_recv_packet1_.data(), original_rtp_data, rtp_len) == |
| 289 0); |
| 290 fake_rtp_packet_transport = static_cast<rtc::FakePacketTransport*>( |
| 291 srtp_transport2_->rtp_packet_transport()); |
| 292 EXPECT_FALSE(memcmp(fake_rtp_packet_transport->last_sent_packet()->data(), |
| 293 original_rtp_data, rtp_len) == 0); |
| 294 CompareHeaderExtensions( |
| 295 reinterpret_cast<const char*>( |
| 296 fake_rtp_packet_transport->last_sent_packet()->data()), |
| 297 fake_rtp_packet_transport->last_sent_packet()->size(), |
| 298 original_rtp_data, rtp_len, encrypted_header_ids, false); |
| 299 } |
| 300 |
| 301 void TestSendRecvEncryptedHeaderExtension(int cs, |
| 302 const uint8_t* key1, |
| 303 int key1_len, |
| 304 const uint8_t* key2, |
| 305 int key2_len, |
| 306 const std::string& cs_name) { |
| 307 std::vector<int> encrypted_headers; |
| 308 encrypted_headers.push_back(1); |
| 309 // Don't encrypt header ids 2 and 3. |
| 310 encrypted_headers.push_back(4); |
| 311 EXPECT_EQ(key1_len, key2_len); |
| 312 EXPECT_EQ(cs_name, rtc::SrtpCryptoSuiteToName(cs)); |
| 313 srtp_transport1_->SetEncryptedHeaderExtensionIds(cricket::CS_LOCAL, |
| 314 encrypted_headers); |
| 315 srtp_transport1_->SetEncryptedHeaderExtensionIds(cricket::CS_REMOTE, |
| 316 encrypted_headers); |
| 317 srtp_transport2_->SetEncryptedHeaderExtensionIds(cricket::CS_LOCAL, |
| 318 encrypted_headers); |
| 319 srtp_transport2_->SetEncryptedHeaderExtensionIds(cricket::CS_REMOTE, |
| 320 encrypted_headers); |
| 321 EXPECT_TRUE( |
| 322 srtp_transport1_->SetRtpParams(cs, key1, key1_len, cs, key2, key2_len)); |
| 323 EXPECT_TRUE( |
| 324 srtp_transport2_->SetRtpParams(cs, key2, key2_len, cs, key1, key1_len)); |
| 325 EXPECT_TRUE(srtp_transport1_->IsActive()); |
| 326 EXPECT_TRUE(srtp_transport2_->IsActive()); |
| 327 EXPECT_FALSE(srtp_transport1_->IsExternalAuthActive()); |
| 328 EXPECT_FALSE(srtp_transport2_->IsExternalAuthActive()); |
| 329 TestSendRecvPacketWithEncryptedHeaderExtension(cs_name, encrypted_headers); |
| 330 } |
| 331 |
| 332 std::unique_ptr<SrtpTransport> srtp_transport1_; |
| 333 std::unique_ptr<SrtpTransport> srtp_transport2_; |
| 334 |
| 335 std::unique_ptr<rtc::FakePacketTransport> rtp_packet_transport1_; |
| 336 std::unique_ptr<rtc::FakePacketTransport> rtp_packet_transport2_; |
| 337 |
| 338 rtc::CopyOnWriteBuffer last_recv_packet1_; |
| 339 rtc::CopyOnWriteBuffer last_recv_packet2_; |
| 340 int sequence_number_ = 0; |
41 }; | 341 }; |
42 | 342 |
43 TEST(SrtpTransportTest, SendPacket) { | 343 class SrtpTransportTestWithExternalAuth |
44 auto rtp_transport = rtc::MakeUnique<MockRtpTransport>(); | 344 : public SrtpTransportTest, |
45 EXPECT_CALL(*rtp_transport, SendPacket(_, _, _, _)).WillOnce(Return(true)); | 345 public testing::WithParamInterface<bool> {}; |
46 | 346 |
47 SrtpTransport srtp_transport(std::move(rtp_transport), "a"); | 347 TEST_P(SrtpTransportTestWithExternalAuth, |
48 | 348 SendAndRecvPacket_AES_CM_128_HMAC_SHA1_80) { |
49 const bool rtcp = false; | 349 bool enable_external_auth = GetParam(); |
50 rtc::CopyOnWriteBuffer packet; | 350 TestSendRecvPacket(enable_external_auth, rtc::SRTP_AES128_CM_SHA1_80, |
51 rtc::PacketOptions options; | 351 kTestKey1, kTestKeyLen, kTestKey2, kTestKeyLen, |
52 int flags = 0; | 352 rtc::CS_AES_CM_128_HMAC_SHA1_80); |
53 EXPECT_TRUE(srtp_transport.SendPacket(rtcp, &packet, options, flags)); | 353 } |
54 | 354 |
55 // TODO(zstein): Also verify that the packet received by RtpTransport has been | 355 TEST_F(SrtpTransportTest, |
56 // protected once SrtpTransport handles that. | 356 SendAndRecvPacketWithHeaderExtension_AES_CM_128_HMAC_SHA1_80) { |
57 } | 357 TestSendRecvEncryptedHeaderExtension(rtc::SRTP_AES128_CM_SHA1_80, kTestKey1, |
58 | 358 kTestKeyLen, kTestKey2, kTestKeyLen, |
59 // Test that SrtpTransport fires SignalPacketReceived when the underlying | 359 rtc::CS_AES_CM_128_HMAC_SHA1_80); |
60 // RtpTransport fires SignalPacketReceived. | 360 } |
61 TEST(SrtpTransportTest, SignalPacketReceived) { | 361 |
62 auto rtp_transport = rtc::MakeUnique<MockRtpTransport>(); | 362 TEST_P(SrtpTransportTestWithExternalAuth, |
63 MockRtpTransport* rtp_transport_raw = rtp_transport.get(); | 363 SendAndRecvPacket_AES_CM_128_HMAC_SHA1_32) { |
64 SrtpTransport srtp_transport(std::move(rtp_transport), "a"); | 364 bool enable_external_auth = GetParam(); |
65 | 365 TestSendRecvPacket(enable_external_auth, rtc::SRTP_AES128_CM_SHA1_32, |
66 SignalPacketReceivedCounter counter(&srtp_transport); | 366 kTestKey1, kTestKeyLen, kTestKey2, kTestKeyLen, |
67 | 367 rtc::CS_AES_CM_128_HMAC_SHA1_32); |
68 rtp_transport_raw->PretendReceivedPacket(); | 368 } |
69 | 369 |
70 EXPECT_EQ(1, counter.rtp_count()); | 370 TEST_F(SrtpTransportTest, |
71 | 371 SendAndRecvPacketWithHeaderExtension_AES_CM_128_HMAC_SHA1_32) { |
72 // TODO(zstein): Also verify that the packet is unprotected once SrtpTransport | 372 TestSendRecvEncryptedHeaderExtension(rtc::SRTP_AES128_CM_SHA1_32, kTestKey1, |
73 // handles that. | 373 kTestKeyLen, kTestKey2, kTestKeyLen, |
| 374 rtc::CS_AES_CM_128_HMAC_SHA1_32); |
| 375 } |
| 376 |
| 377 TEST_P(SrtpTransportTestWithExternalAuth, |
| 378 SendAndRecvPacket_SRTP_AEAD_AES_128_GCM) { |
| 379 bool enable_external_auth = GetParam(); |
| 380 TestSendRecvPacket(enable_external_auth, rtc::SRTP_AEAD_AES_128_GCM, |
| 381 kTestKeyGcm128_1, kTestKeyGcm128Len, kTestKeyGcm128_2, |
| 382 kTestKeyGcm128Len, rtc::CS_AEAD_AES_128_GCM); |
| 383 } |
| 384 |
| 385 TEST_F(SrtpTransportTest, |
| 386 SendAndRecvPacketWithHeaderExtension_SRTP_AEAD_AES_128_GCM) { |
| 387 TestSendRecvEncryptedHeaderExtension( |
| 388 rtc::SRTP_AEAD_AES_128_GCM, kTestKeyGcm128_1, kTestKeyGcm128Len, |
| 389 kTestKeyGcm128_2, kTestKeyGcm128Len, rtc::CS_AEAD_AES_128_GCM); |
| 390 } |
| 391 |
| 392 TEST_P(SrtpTransportTestWithExternalAuth, |
| 393 SendAndRecvPacket_SRTP_AEAD_AES_256_GCM) { |
| 394 bool enable_external_auth = GetParam(); |
| 395 TestSendRecvPacket(enable_external_auth, rtc::SRTP_AEAD_AES_256_GCM, |
| 396 kTestKeyGcm256_1, kTestKeyGcm256Len, kTestKeyGcm256_2, |
| 397 kTestKeyGcm256Len, rtc::CS_AEAD_AES_256_GCM); |
| 398 } |
| 399 |
| 400 TEST_F(SrtpTransportTest, |
| 401 SendAndRecvPacketWithHeaderExtension_SRTP_AEAD_AES_256_GCM) { |
| 402 TestSendRecvEncryptedHeaderExtension( |
| 403 rtc::SRTP_AEAD_AES_256_GCM, kTestKeyGcm256_1, kTestKeyGcm256Len, |
| 404 kTestKeyGcm256_2, kTestKeyGcm256Len, rtc::CS_AEAD_AES_256_GCM); |
| 405 } |
| 406 |
| 407 // Run all tests both with and without external auth enabled. |
| 408 INSTANTIATE_TEST_CASE_P(ExternalAuth, |
| 409 SrtpTransportTestWithExternalAuth, |
| 410 ::testing::Values(true, false)); |
| 411 |
| 412 // Test directly setting the params with bogus keys. |
| 413 TEST_F(SrtpTransportTest, TestSetParamsKeyTooShort) { |
| 414 EXPECT_FALSE(srtp_transport1_->SetRtpParams( |
| 415 rtc::SRTP_AES128_CM_SHA1_80, kTestKey1, kTestKeyLen - 1, |
| 416 rtc::SRTP_AES128_CM_SHA1_80, kTestKey1, kTestKeyLen - 1)); |
| 417 EXPECT_FALSE(srtp_transport1_->SetRtcpParams( |
| 418 rtc::SRTP_AES128_CM_SHA1_80, kTestKey1, kTestKeyLen - 1, |
| 419 rtc::SRTP_AES128_CM_SHA1_80, kTestKey1, kTestKeyLen - 1)); |
74 } | 420 } |
75 | 421 |
76 } // namespace webrtc | 422 } // namespace webrtc |
OLD | NEW |