| Index: webrtc/pc/srtpfilter_unittest.cc
|
| diff --git a/webrtc/pc/srtpfilter_unittest.cc b/webrtc/pc/srtpfilter_unittest.cc
|
| index 3f6f008a119e4683c568ca81449ecac1d53c69b8..494f86ad6a48eeb5ab6c5f11ba252c83d703662d 100644
|
| --- a/webrtc/pc/srtpfilter_unittest.cc
|
| +++ b/webrtc/pc/srtpfilter_unittest.cc
|
| @@ -13,14 +13,7 @@
|
| #include "webrtc/pc/srtpfilter.h"
|
|
|
| #include "webrtc/media/base/cryptoparams.h"
|
| -#include "webrtc/media/base/fakertp.h"
|
| -#include "webrtc/p2p/base/sessiondescription.h"
|
| -#include "webrtc/pc/srtptestutil.h"
|
| -#include "webrtc/rtc_base/buffer.h"
|
| -#include "webrtc/rtc_base/byteorder.h"
|
| -#include "webrtc/rtc_base/constructormagic.h"
|
| #include "webrtc/rtc_base/gunit.h"
|
| -#include "webrtc/rtc_base/thread.h"
|
|
|
| using cricket::CryptoParams;
|
| using cricket::CS_LOCAL;
|
| @@ -28,14 +21,6 @@ using cricket::CS_REMOTE;
|
|
|
| namespace rtc {
|
|
|
| -static const uint8_t kTestKeyGcm128_1[] = "ABCDEFGHIJKLMNOPQRSTUVWXYZ12";
|
| -static const uint8_t kTestKeyGcm128_2[] = "21ZYXWVUTSRQPONMLKJIHGFEDCBA";
|
| -static const int kTestKeyGcm128Len = 28; // 128 bits key + 96 bits salt.
|
| -static const uint8_t kTestKeyGcm256_1[] =
|
| - "ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqr";
|
| -static const uint8_t kTestKeyGcm256_2[] =
|
| - "rqponmlkjihgfedcbaZYXWVUTSRQPONMLKJIHGFEDCBA";
|
| -static const int kTestKeyGcm256Len = 44; // 256 bits key + 96 bits salt.
|
| static const std::string kTestKeyParams1 =
|
| "inline:WVNfX19zZW1jdGwgKCkgewkyMjA7fQp9CnVubGVz";
|
| static const std::string kTestKeyParams2 =
|
| @@ -67,15 +52,13 @@ static const cricket::CryptoParams kTestCryptoParamsGcm4(
|
|
|
| class SrtpFilterTest : public testing::Test {
|
| protected:
|
| - SrtpFilterTest()
|
| - // Need to initialize |sequence_number_|, the value does not matter.
|
| - : sequence_number_(1) {
|
| - }
|
| + SrtpFilterTest() {}
|
| static std::vector<CryptoParams> MakeVector(const CryptoParams& params) {
|
| std::vector<CryptoParams> vec;
|
| vec.push_back(params);
|
| return vec;
|
| }
|
| +
|
| void TestSetParams(const std::vector<CryptoParams>& params1,
|
| const std::vector<CryptoParams>& params2) {
|
| EXPECT_TRUE(f1_.SetOffer(params1, CS_LOCAL));
|
| @@ -87,184 +70,16 @@ class SrtpFilterTest : public testing::Test {
|
| EXPECT_TRUE(f1_.IsActive());
|
| EXPECT_TRUE(f2_.IsActive());
|
| }
|
| - void TestRtpAuthParams(cricket::SrtpFilter* filter, const std::string& cs) {
|
| - int overhead;
|
| - EXPECT_TRUE(filter->GetSrtpOverhead(&overhead));
|
| - switch (SrtpCryptoSuiteFromName(cs)) {
|
| - case SRTP_AES128_CM_SHA1_32:
|
| - EXPECT_EQ(32/8, overhead); // 32-bit tag.
|
| - break;
|
| - case SRTP_AES128_CM_SHA1_80:
|
| - EXPECT_EQ(80/8, overhead); // 80-bit tag.
|
| - break;
|
| - default:
|
| - RTC_NOTREACHED();
|
| - break;
|
| - }
|
| -
|
| - uint8_t* auth_key = nullptr;
|
| - int key_len = 0;
|
| - int tag_len = 0;
|
| - EXPECT_TRUE(filter->GetRtpAuthParams(&auth_key, &key_len, &tag_len));
|
| - EXPECT_NE(nullptr, auth_key);
|
| - EXPECT_EQ(160/8, key_len); // Length of SHA-1 is 160 bits.
|
| - EXPECT_EQ(overhead, tag_len);
|
| - }
|
| - void TestProtectUnprotect(const std::string& cs1, const std::string& cs2) {
|
| - Buffer rtp_buffer(sizeof(kPcmuFrame) + rtp_auth_tag_len(cs1));
|
| - char* rtp_packet = rtp_buffer.data<char>();
|
| - char original_rtp_packet[sizeof(kPcmuFrame)];
|
| - Buffer rtcp_buffer(sizeof(kRtcpReport) + 4 + rtcp_auth_tag_len(cs2));
|
| - char* rtcp_packet = rtcp_buffer.data<char>();
|
| - int rtp_len = sizeof(kPcmuFrame), rtcp_len = sizeof(kRtcpReport), out_len;
|
| - memcpy(rtp_packet, kPcmuFrame, rtp_len);
|
| - // In order to be able to run this test function multiple times we can not
|
| - // use the same sequence number twice. Increase the sequence number by one.
|
| - SetBE16(reinterpret_cast<uint8_t*>(rtp_packet) + 2, ++sequence_number_);
|
| - memcpy(original_rtp_packet, rtp_packet, rtp_len);
|
| - memcpy(rtcp_packet, kRtcpReport, rtcp_len);
|
| -
|
| - EXPECT_TRUE(f1_.ProtectRtp(rtp_packet, rtp_len,
|
| - static_cast<int>(rtp_buffer.size()),
|
| - &out_len));
|
| - EXPECT_EQ(out_len, rtp_len + rtp_auth_tag_len(cs1));
|
| - EXPECT_NE(0, memcmp(rtp_packet, original_rtp_packet, rtp_len));
|
| - if (!f1_.IsExternalAuthActive()) {
|
| - EXPECT_TRUE(f2_.UnprotectRtp(rtp_packet, out_len, &out_len));
|
| - EXPECT_EQ(rtp_len, out_len);
|
| - EXPECT_EQ(0, memcmp(rtp_packet, original_rtp_packet, rtp_len));
|
| - } else {
|
| - // With external auth enabled, SRTP doesn't write the auth tag and
|
| - // unprotect would fail. Check accessing the information about the
|
| - // tag instead, similar to what the actual code would do that relies
|
| - // on external auth.
|
| - TestRtpAuthParams(&f1_, cs1);
|
| - }
|
| -
|
| - EXPECT_TRUE(f2_.ProtectRtp(rtp_packet, rtp_len,
|
| - static_cast<int>(rtp_buffer.size()),
|
| - &out_len));
|
| - EXPECT_EQ(out_len, rtp_len + rtp_auth_tag_len(cs2));
|
| - EXPECT_NE(0, memcmp(rtp_packet, original_rtp_packet, rtp_len));
|
| - if (!f2_.IsExternalAuthActive()) {
|
| - EXPECT_TRUE(f1_.UnprotectRtp(rtp_packet, out_len, &out_len));
|
| - EXPECT_EQ(rtp_len, out_len);
|
| - EXPECT_EQ(0, memcmp(rtp_packet, original_rtp_packet, rtp_len));
|
| - } else {
|
| - TestRtpAuthParams(&f2_, cs2);
|
| - }
|
| -
|
| - EXPECT_TRUE(f1_.ProtectRtcp(rtcp_packet, rtcp_len,
|
| - static_cast<int>(rtcp_buffer.size()),
|
| - &out_len));
|
| - EXPECT_EQ(out_len, rtcp_len + 4 + rtcp_auth_tag_len(cs1)); // NOLINT
|
| - EXPECT_NE(0, memcmp(rtcp_packet, kRtcpReport, rtcp_len));
|
| - EXPECT_TRUE(f2_.UnprotectRtcp(rtcp_packet, out_len, &out_len));
|
| - EXPECT_EQ(rtcp_len, out_len);
|
| - EXPECT_EQ(0, memcmp(rtcp_packet, kRtcpReport, rtcp_len));
|
| -
|
| - EXPECT_TRUE(f2_.ProtectRtcp(rtcp_packet, rtcp_len,
|
| - static_cast<int>(rtcp_buffer.size()),
|
| - &out_len));
|
| - EXPECT_EQ(out_len, rtcp_len + 4 + rtcp_auth_tag_len(cs2)); // NOLINT
|
| - EXPECT_NE(0, memcmp(rtcp_packet, kRtcpReport, rtcp_len));
|
| - EXPECT_TRUE(f1_.UnprotectRtcp(rtcp_packet, out_len, &out_len));
|
| - EXPECT_EQ(rtcp_len, out_len);
|
| - EXPECT_EQ(0, memcmp(rtcp_packet, kRtcpReport, rtcp_len));
|
| - }
|
| - void TestProtectUnprotectHeaderEncryption(const std::string& cs1,
|
| - const std::string& cs2,
|
| - const std::vector<int>& encrypted_header_ids) {
|
| - Buffer rtp_buffer(sizeof(kPcmuFrameWithExtensions) + rtp_auth_tag_len(cs1));
|
| - char* rtp_packet = rtp_buffer.data<char>();
|
| - size_t rtp_packet_size = rtp_buffer.size();
|
| - char original_rtp_packet[sizeof(kPcmuFrameWithExtensions)];
|
| - size_t original_rtp_packet_size = sizeof(original_rtp_packet);
|
| - int rtp_len = sizeof(kPcmuFrameWithExtensions), out_len;
|
| - memcpy(rtp_packet, kPcmuFrameWithExtensions, rtp_len);
|
| - // In order to be able to run this test function multiple times we can not
|
| - // use the same sequence number twice. Increase the sequence number by one.
|
| - SetBE16(reinterpret_cast<uint8_t*>(rtp_packet) + 2, ++sequence_number_);
|
| - memcpy(original_rtp_packet, rtp_packet, rtp_len);
|
| -
|
| - EXPECT_TRUE(f1_.ProtectRtp(rtp_packet, rtp_len,
|
| - static_cast<int>(rtp_buffer.size()),
|
| - &out_len));
|
| - EXPECT_EQ(out_len, rtp_len + rtp_auth_tag_len(cs1));
|
| - EXPECT_NE(0, memcmp(rtp_packet, original_rtp_packet, rtp_len));
|
| - CompareHeaderExtensions(rtp_packet, rtp_packet_size,
|
| - original_rtp_packet, original_rtp_packet_size,
|
| - encrypted_header_ids, false);
|
| - EXPECT_TRUE(f2_.UnprotectRtp(rtp_packet, out_len, &out_len));
|
| - EXPECT_EQ(rtp_len, out_len);
|
| - EXPECT_EQ(0, memcmp(rtp_packet, original_rtp_packet, rtp_len));
|
| - CompareHeaderExtensions(rtp_packet, rtp_packet_size,
|
| - original_rtp_packet, original_rtp_packet_size,
|
| - encrypted_header_ids, true);
|
| -
|
| - EXPECT_TRUE(f2_.ProtectRtp(rtp_packet, rtp_len,
|
| - static_cast<int>(rtp_buffer.size()),
|
| - &out_len));
|
| - EXPECT_EQ(out_len, rtp_len + rtp_auth_tag_len(cs2));
|
| - EXPECT_NE(0, memcmp(rtp_packet, original_rtp_packet, rtp_len));
|
| - CompareHeaderExtensions(rtp_packet, rtp_packet_size,
|
| - original_rtp_packet, original_rtp_packet_size,
|
| - encrypted_header_ids, false);
|
| - EXPECT_TRUE(f1_.UnprotectRtp(rtp_packet, out_len, &out_len));
|
| - EXPECT_EQ(rtp_len, out_len);
|
| - EXPECT_EQ(0, memcmp(rtp_packet, original_rtp_packet, rtp_len));
|
| - CompareHeaderExtensions(rtp_packet, rtp_packet_size,
|
| - original_rtp_packet, original_rtp_packet_size,
|
| - encrypted_header_ids, true);
|
| - }
|
| - void TestProtectSetParamsDirect(bool enable_external_auth, int cs,
|
| - const uint8_t* key1, int key1_len, const uint8_t* key2, int key2_len,
|
| - const std::string& cs_name) {
|
| - EXPECT_EQ(key1_len, key2_len);
|
| - EXPECT_EQ(cs_name, SrtpCryptoSuiteToName(cs));
|
| - if (enable_external_auth) {
|
| - f1_.EnableExternalAuth();
|
| - f2_.EnableExternalAuth();
|
| - }
|
| - EXPECT_TRUE(f1_.SetRtpParams(cs, key1, key1_len, cs, key2, key2_len));
|
| - EXPECT_TRUE(f2_.SetRtpParams(cs, key2, key2_len, cs, key1, key1_len));
|
| - EXPECT_TRUE(f1_.SetRtcpParams(cs, key1, key1_len, cs, key2, key2_len));
|
| - EXPECT_TRUE(f2_.SetRtcpParams(cs, key2, key2_len, cs, key1, key1_len));
|
| - EXPECT_TRUE(f1_.IsActive());
|
| - EXPECT_TRUE(f2_.IsActive());
|
| - if (IsGcmCryptoSuite(cs)) {
|
| - EXPECT_FALSE(f1_.IsExternalAuthActive());
|
| - EXPECT_FALSE(f2_.IsExternalAuthActive());
|
| - } else if (enable_external_auth) {
|
| - EXPECT_TRUE(f1_.IsExternalAuthActive());
|
| - EXPECT_TRUE(f2_.IsExternalAuthActive());
|
| - }
|
| - TestProtectUnprotect(cs_name, cs_name);
|
| - }
|
| - void TestProtectSetParamsDirectHeaderEncryption(int cs,
|
| - const uint8_t* key1, int key1_len, const uint8_t* key2, int key2_len,
|
| - const std::string& cs_name) {
|
| - std::vector<int> encrypted_headers;
|
| - encrypted_headers.push_back(1);
|
| - // Don't encrypt header ids 2 and 3.
|
| - encrypted_headers.push_back(4);
|
| - EXPECT_EQ(key1_len, key2_len);
|
| - EXPECT_EQ(cs_name, SrtpCryptoSuiteToName(cs));
|
| - f1_.SetEncryptedHeaderExtensionIds(CS_LOCAL, encrypted_headers);
|
| - f1_.SetEncryptedHeaderExtensionIds(CS_REMOTE, encrypted_headers);
|
| - f2_.SetEncryptedHeaderExtensionIds(CS_LOCAL, encrypted_headers);
|
| - f2_.SetEncryptedHeaderExtensionIds(CS_REMOTE, encrypted_headers);
|
| - EXPECT_TRUE(f1_.SetRtpParams(cs, key1, key1_len, cs, key2, key2_len));
|
| - EXPECT_TRUE(f2_.SetRtpParams(cs, key2, key2_len, cs, key1, key1_len));
|
| - EXPECT_TRUE(f1_.IsActive());
|
| - EXPECT_TRUE(f2_.IsActive());
|
| - EXPECT_FALSE(f1_.IsExternalAuthActive());
|
| - EXPECT_FALSE(f2_.IsExternalAuthActive());
|
| - TestProtectUnprotectHeaderEncryption(cs_name, cs_name, encrypted_headers);
|
| +
|
| + void VerifyCryptoParamsMatch(const std::string& cs1, const std::string& cs2) {
|
| + EXPECT_EQ(rtc::SrtpCryptoSuiteFromName(cs1), f1_.send_cipher_suite());
|
| + EXPECT_EQ(rtc::SrtpCryptoSuiteFromName(cs2), f2_.send_cipher_suite());
|
| + EXPECT_TRUE(*f1_.send_key() == *f2_.recv_key());
|
| + EXPECT_TRUE(*f2_.send_key() == *f1_.recv_key());
|
| }
|
| +
|
| cricket::SrtpFilter f1_;
|
| cricket::SrtpFilter f2_;
|
| - int sequence_number_;
|
| };
|
|
|
| // Test that we can set up the session and keys properly.
|
| @@ -478,22 +293,6 @@ TEST_F(SrtpFilterTest, TestUnsupportedOptions) {
|
| EXPECT_FALSE(f1_.IsActive());
|
| }
|
|
|
| -// Test that we can encrypt/decrypt after setting the same CryptoParams again on
|
| -// one side.
|
| -TEST_F(SrtpFilterTest, TestSettingSameKeyOnOneSide) {
|
| - std::vector<CryptoParams> offer(MakeVector(kTestCryptoParams1));
|
| - std::vector<CryptoParams> answer(MakeVector(kTestCryptoParams2));
|
| - TestSetParams(offer, answer);
|
| -
|
| - TestProtectUnprotect(CS_AES_CM_128_HMAC_SHA1_80,
|
| - CS_AES_CM_128_HMAC_SHA1_80);
|
| -
|
| - // Re-applying the same keys on one end and it should not reset the ROC.
|
| - EXPECT_TRUE(f2_.SetOffer(offer, CS_REMOTE));
|
| - EXPECT_TRUE(f2_.SetAnswer(answer, CS_LOCAL));
|
| - TestProtectUnprotect(CS_AES_CM_128_HMAC_SHA1_80, CS_AES_CM_128_HMAC_SHA1_80);
|
| -}
|
| -
|
| // Test that we can encrypt/decrypt after negotiating AES_CM_128_HMAC_SHA1_80.
|
| TEST_F(SrtpFilterTest, TestProtect_AES_CM_128_HMAC_SHA1_80) {
|
| std::vector<CryptoParams> offer(MakeVector(kTestCryptoParams1));
|
| @@ -502,7 +301,8 @@ TEST_F(SrtpFilterTest, TestProtect_AES_CM_128_HMAC_SHA1_80) {
|
| offer[1].tag = 2;
|
| offer[1].cipher_suite = CS_AES_CM_128_HMAC_SHA1_32;
|
| TestSetParams(offer, answer);
|
| - TestProtectUnprotect(CS_AES_CM_128_HMAC_SHA1_80, CS_AES_CM_128_HMAC_SHA1_80);
|
| + VerifyCryptoParamsMatch(CS_AES_CM_128_HMAC_SHA1_80,
|
| + CS_AES_CM_128_HMAC_SHA1_80);
|
| }
|
|
|
| // Test that we can encrypt/decrypt after negotiating AES_CM_128_HMAC_SHA1_32.
|
| @@ -515,7 +315,8 @@ TEST_F(SrtpFilterTest, TestProtect_AES_CM_128_HMAC_SHA1_32) {
|
| answer[0].tag = 2;
|
| answer[0].cipher_suite = CS_AES_CM_128_HMAC_SHA1_32;
|
| TestSetParams(offer, answer);
|
| - TestProtectUnprotect(CS_AES_CM_128_HMAC_SHA1_32, CS_AES_CM_128_HMAC_SHA1_32);
|
| + VerifyCryptoParamsMatch(CS_AES_CM_128_HMAC_SHA1_32,
|
| + CS_AES_CM_128_HMAC_SHA1_32);
|
| }
|
|
|
| // Test that we can change encryption parameters.
|
| @@ -524,7 +325,8 @@ TEST_F(SrtpFilterTest, TestChangeParameters) {
|
| std::vector<CryptoParams> answer(MakeVector(kTestCryptoParams2));
|
|
|
| TestSetParams(offer, answer);
|
| - TestProtectUnprotect(CS_AES_CM_128_HMAC_SHA1_80, CS_AES_CM_128_HMAC_SHA1_80);
|
| + VerifyCryptoParamsMatch(CS_AES_CM_128_HMAC_SHA1_80,
|
| + CS_AES_CM_128_HMAC_SHA1_80);
|
|
|
| // Change the key parameters and cipher_suite.
|
| offer[0].key_params = kTestKeyParams3;
|
| @@ -538,13 +340,15 @@ TEST_F(SrtpFilterTest, TestChangeParameters) {
|
| EXPECT_TRUE(f1_.IsActive());
|
|
|
| // Test that the old keys are valid until the negotiation is complete.
|
| - TestProtectUnprotect(CS_AES_CM_128_HMAC_SHA1_80, CS_AES_CM_128_HMAC_SHA1_80);
|
| + VerifyCryptoParamsMatch(CS_AES_CM_128_HMAC_SHA1_80,
|
| + CS_AES_CM_128_HMAC_SHA1_80);
|
|
|
| // Complete the negotiation and test that we can still understand each other.
|
| EXPECT_TRUE(f2_.SetAnswer(answer, CS_LOCAL));
|
| EXPECT_TRUE(f1_.SetAnswer(answer, CS_REMOTE));
|
|
|
| - TestProtectUnprotect(CS_AES_CM_128_HMAC_SHA1_32, CS_AES_CM_128_HMAC_SHA1_32);
|
| + VerifyCryptoParamsMatch(CS_AES_CM_128_HMAC_SHA1_32,
|
| + CS_AES_CM_128_HMAC_SHA1_32);
|
| }
|
|
|
| // Test that we can send and receive provisional answers with crypto enabled.
|
| @@ -564,7 +368,8 @@ TEST_F(SrtpFilterTest, TestProvisionalAnswer) {
|
| EXPECT_TRUE(f1_.SetProvisionalAnswer(answer, CS_REMOTE));
|
| EXPECT_TRUE(f1_.IsActive());
|
| EXPECT_TRUE(f2_.IsActive());
|
| - TestProtectUnprotect(CS_AES_CM_128_HMAC_SHA1_80, CS_AES_CM_128_HMAC_SHA1_80);
|
| + VerifyCryptoParamsMatch(CS_AES_CM_128_HMAC_SHA1_80,
|
| + CS_AES_CM_128_HMAC_SHA1_80);
|
|
|
| answer[0].key_params = kTestKeyParams4;
|
| answer[0].tag = 2;
|
| @@ -573,7 +378,8 @@ TEST_F(SrtpFilterTest, TestProvisionalAnswer) {
|
| EXPECT_TRUE(f1_.SetAnswer(answer, CS_REMOTE));
|
| EXPECT_TRUE(f1_.IsActive());
|
| EXPECT_TRUE(f2_.IsActive());
|
| - TestProtectUnprotect(CS_AES_CM_128_HMAC_SHA1_32, CS_AES_CM_128_HMAC_SHA1_32);
|
| + VerifyCryptoParamsMatch(CS_AES_CM_128_HMAC_SHA1_32,
|
| + CS_AES_CM_128_HMAC_SHA1_32);
|
| }
|
|
|
| // Test that a provisional answer doesn't need to contain a crypto.
|
| @@ -595,7 +401,8 @@ TEST_F(SrtpFilterTest, TestProvisionalAnswerWithoutCrypto) {
|
| EXPECT_TRUE(f1_.SetAnswer(answer, CS_REMOTE));
|
| EXPECT_TRUE(f1_.IsActive());
|
| EXPECT_TRUE(f2_.IsActive());
|
| - TestProtectUnprotect(CS_AES_CM_128_HMAC_SHA1_80, CS_AES_CM_128_HMAC_SHA1_80);
|
| + VerifyCryptoParamsMatch(CS_AES_CM_128_HMAC_SHA1_80,
|
| + CS_AES_CM_128_HMAC_SHA1_80);
|
| }
|
|
|
| // Test that if we get a new local offer after a provisional answer
|
| @@ -622,7 +429,8 @@ TEST_F(SrtpFilterTest, TestLocalOfferAfterProvisionalAnswerWithoutCrypto) {
|
| EXPECT_TRUE(f1_.SetAnswer(answer, CS_REMOTE));
|
| EXPECT_TRUE(f1_.IsActive());
|
| EXPECT_TRUE(f2_.IsActive());
|
| - TestProtectUnprotect(CS_AES_CM_128_HMAC_SHA1_80, CS_AES_CM_128_HMAC_SHA1_80);
|
| + VerifyCryptoParamsMatch(CS_AES_CM_128_HMAC_SHA1_80,
|
| + CS_AES_CM_128_HMAC_SHA1_80);
|
| }
|
|
|
| // Test that we can disable encryption.
|
| @@ -631,7 +439,8 @@ TEST_F(SrtpFilterTest, TestDisableEncryption) {
|
| std::vector<CryptoParams> answer(MakeVector(kTestCryptoParams2));
|
|
|
| TestSetParams(offer, answer);
|
| - TestProtectUnprotect(CS_AES_CM_128_HMAC_SHA1_80, CS_AES_CM_128_HMAC_SHA1_80);
|
| + VerifyCryptoParamsMatch(CS_AES_CM_128_HMAC_SHA1_80,
|
| + CS_AES_CM_128_HMAC_SHA1_80);
|
|
|
| offer.clear();
|
| answer.clear();
|
| @@ -641,7 +450,8 @@ TEST_F(SrtpFilterTest, TestDisableEncryption) {
|
| EXPECT_TRUE(f2_.IsActive());
|
|
|
| // Test that the old keys are valid until the negotiation is complete.
|
| - TestProtectUnprotect(CS_AES_CM_128_HMAC_SHA1_80, CS_AES_CM_128_HMAC_SHA1_80);
|
| + VerifyCryptoParamsMatch(CS_AES_CM_128_HMAC_SHA1_80,
|
| + CS_AES_CM_128_HMAC_SHA1_80);
|
|
|
| // Complete the negotiation.
|
| EXPECT_TRUE(f2_.SetAnswer(answer, CS_LOCAL));
|
| @@ -651,86 +461,4 @@ TEST_F(SrtpFilterTest, TestDisableEncryption) {
|
| EXPECT_FALSE(f2_.IsActive());
|
| }
|
|
|
| -class SrtpFilterProtectSetParamsDirectTest
|
| - : public SrtpFilterTest,
|
| - public testing::WithParamInterface<bool> {
|
| -};
|
| -
|
| -// Test directly setting the params with AES_CM_128_HMAC_SHA1_80.
|
| -TEST_P(SrtpFilterProtectSetParamsDirectTest, Test_AES_CM_128_HMAC_SHA1_80) {
|
| - bool enable_external_auth = GetParam();
|
| - TestProtectSetParamsDirect(enable_external_auth, SRTP_AES128_CM_SHA1_80,
|
| - kTestKey1, kTestKeyLen, kTestKey2, kTestKeyLen,
|
| - CS_AES_CM_128_HMAC_SHA1_80);
|
| -}
|
| -
|
| -TEST_F(SrtpFilterTest,
|
| - TestProtectSetParamsDirectHeaderEncryption_AES_CM_128_HMAC_SHA1_80) {
|
| - TestProtectSetParamsDirectHeaderEncryption(
|
| - SRTP_AES128_CM_SHA1_80, kTestKey1, kTestKeyLen, kTestKey2, kTestKeyLen,
|
| - CS_AES_CM_128_HMAC_SHA1_80);
|
| -}
|
| -
|
| -// Test directly setting the params with AES_CM_128_HMAC_SHA1_32.
|
| -TEST_P(SrtpFilterProtectSetParamsDirectTest, Test_AES_CM_128_HMAC_SHA1_32) {
|
| - bool enable_external_auth = GetParam();
|
| - TestProtectSetParamsDirect(enable_external_auth, SRTP_AES128_CM_SHA1_32,
|
| - kTestKey1, kTestKeyLen, kTestKey2, kTestKeyLen,
|
| - CS_AES_CM_128_HMAC_SHA1_32);
|
| -}
|
| -
|
| -TEST_F(SrtpFilterTest,
|
| - TestProtectSetParamsDirectHeaderEncryption_AES_CM_128_HMAC_SHA1_32) {
|
| - TestProtectSetParamsDirectHeaderEncryption(
|
| - SRTP_AES128_CM_SHA1_32, kTestKey1, kTestKeyLen, kTestKey2, kTestKeyLen,
|
| - CS_AES_CM_128_HMAC_SHA1_32);
|
| -}
|
| -
|
| -// Test directly setting the params with SRTP_AEAD_AES_128_GCM.
|
| -TEST_P(SrtpFilterProtectSetParamsDirectTest, Test_SRTP_AEAD_AES_128_GCM) {
|
| - bool enable_external_auth = GetParam();
|
| - TestProtectSetParamsDirect(enable_external_auth, SRTP_AEAD_AES_128_GCM,
|
| - kTestKeyGcm128_1, kTestKeyGcm128Len,
|
| - kTestKeyGcm128_2, kTestKeyGcm128Len,
|
| - CS_AEAD_AES_128_GCM);
|
| -}
|
| -
|
| -TEST_F(SrtpFilterTest,
|
| - TestProtectSetParamsDirectHeaderEncryption_SRTP_AEAD_AES_128_GCM) {
|
| - TestProtectSetParamsDirectHeaderEncryption(
|
| - SRTP_AEAD_AES_128_GCM, kTestKeyGcm128_1, kTestKeyGcm128Len,
|
| - kTestKeyGcm128_2, kTestKeyGcm128Len, CS_AEAD_AES_128_GCM);
|
| -}
|
| -
|
| -// Test directly setting the params with SRTP_AEAD_AES_256_GCM.
|
| -TEST_P(SrtpFilterProtectSetParamsDirectTest, Test_SRTP_AEAD_AES_256_GCM) {
|
| - bool enable_external_auth = GetParam();
|
| - TestProtectSetParamsDirect(enable_external_auth, SRTP_AEAD_AES_256_GCM,
|
| - kTestKeyGcm256_1, kTestKeyGcm256Len,
|
| - kTestKeyGcm256_2, kTestKeyGcm256Len,
|
| - CS_AEAD_AES_256_GCM);
|
| -}
|
| -
|
| -TEST_F(SrtpFilterTest,
|
| - TestProtectSetParamsDirectHeaderEncryption_SRTP_AEAD_AES_256_GCM) {
|
| - TestProtectSetParamsDirectHeaderEncryption(
|
| - SRTP_AEAD_AES_256_GCM, kTestKeyGcm256_1, kTestKeyGcm256Len,
|
| - kTestKeyGcm256_2, kTestKeyGcm256Len, CS_AEAD_AES_256_GCM);
|
| -}
|
| -
|
| -// Run all tests both with and without external auth enabled.
|
| -INSTANTIATE_TEST_CASE_P(ExternalAuth,
|
| - SrtpFilterProtectSetParamsDirectTest,
|
| - ::testing::Values(true, false));
|
| -
|
| -// Test directly setting the params with bogus keys.
|
| -TEST_F(SrtpFilterTest, TestSetParamsKeyTooShort) {
|
| - EXPECT_FALSE(f1_.SetRtpParams(SRTP_AES128_CM_SHA1_80, kTestKey1,
|
| - kTestKeyLen - 1, SRTP_AES128_CM_SHA1_80,
|
| - kTestKey1, kTestKeyLen - 1));
|
| - EXPECT_FALSE(f1_.SetRtcpParams(SRTP_AES128_CM_SHA1_80, kTestKey1,
|
| - kTestKeyLen - 1, SRTP_AES128_CM_SHA1_80,
|
| - kTestKey1, kTestKeyLen - 1));
|
| -}
|
| -
|
| } // namespace rtc
|
|
|
Chromium Code Reviews
Issue 2997983002:
Completed the functionalities of SrtpTransport. (Closed)
