1/* 2 * Copyright 2011 The WebRTC Project Authors. All rights reserved. 3 * 4 * Use of this source code is governed by a BSD-style license 5 * that can be found in the LICENSE file in the root of the source 6 * tree. An additional intellectual property rights grant can be found 7 * in the file PATENTS. All contributing project authors may 8 * be found in the AUTHORS file in the root of the source tree. 9 */ 10 11 12#include <algorithm> 13#include <set> 14#include <string> 15 16#include "webrtc/base/gunit.h" 17#include "webrtc/base/helpers.h" 18#include "webrtc/base/scoped_ptr.h" 19#include "webrtc/base/ssladapter.h" 20#include "webrtc/base/sslconfig.h" 21#include "webrtc/base/sslidentity.h" 22#include "webrtc/base/sslstreamadapter.h" 23#include "webrtc/base/stream.h" 24 25static const int kBlockSize = 4096; 26static const char kAES_CM_HMAC_SHA1_80[] = "AES_CM_128_HMAC_SHA1_80"; 27static const char kAES_CM_HMAC_SHA1_32[] = "AES_CM_128_HMAC_SHA1_32"; 28static const char kExporterLabel[] = "label"; 29static const unsigned char kExporterContext[] = "context"; 30static int kExporterContextLen = sizeof(kExporterContext); 31 32static const char kRSA_PRIVATE_KEY_PEM[] = 33 "-----BEGIN RSA PRIVATE KEY-----\n" 34 "MIICdwIBADANBgkqhkiG9w0BAQEFAASCAmEwggJdAgEAAoGBAMYRkbhmI7kVA/rM\n" 35 "czsZ+6JDhDvnkF+vn6yCAGuRPV03zuRqZtDy4N4to7PZu9PjqrRl7nDMXrG3YG9y\n" 36 "rlIAZ72KjcKKFAJxQyAKLCIdawKRyp8RdK3LEySWEZb0AV58IadqPZDTNHHRX8dz\n" 37 "5aTSMsbbkZ+C/OzTnbiMqLL/vg6jAgMBAAECgYAvgOs4FJcgvp+TuREx7YtiYVsH\n" 38 "mwQPTum2z/8VzWGwR8BBHBvIpVe1MbD/Y4seyI2aco/7UaisatSgJhsU46/9Y4fq\n" 39 "2TwXH9QANf4at4d9n/R6rzwpAJOpgwZgKvdQjkfrKTtgLV+/dawvpxUYkRH4JZM1\n" 40 "CVGukMfKNrSVH4Ap4QJBAOJmGV1ASPnB4r4nc99at7JuIJmd7fmuVUwUgYi4XgaR\n" 41 "WhScBsgYwZ/JoywdyZJgnbcrTDuVcWG56B3vXbhdpMsCQQDf9zeJrjnPZ3Cqm79y\n" 42 "kdqANep0uwZciiNiWxsQrCHztywOvbFhdp8iYVFG9EK8DMY41Y5TxUwsHD+67zao\n" 43 "ZNqJAkEA1suLUP/GvL8IwuRneQd2tWDqqRQ/Td3qq03hP7e77XtF/buya3Ghclo5\n" 44 "54czUR89QyVfJEC6278nzA7n2h1uVQJAcG6mztNL6ja/dKZjYZye2CY44QjSlLo0\n" 45 "MTgTSjdfg/28fFn2Jjtqf9Pi/X+50LWI/RcYMC2no606wRk9kyOuIQJBAK6VSAim\n" 46 "1pOEjsYQn0X5KEIrz1G3bfCbB848Ime3U2/FWlCHMr6ch8kCZ5d1WUeJD3LbwMNG\n" 47 "UCXiYxSsu20QNVw=\n" 48 "-----END RSA PRIVATE KEY-----\n"; 49 50static const char kCERT_PEM[] = 51 "-----BEGIN CERTIFICATE-----\n" 52 "MIIBmTCCAQKgAwIBAgIEbzBSAjANBgkqhkiG9w0BAQsFADARMQ8wDQYDVQQDEwZX\n" 53 "ZWJSVEMwHhcNMTQwMTAyMTgyNDQ3WhcNMTQwMjAxMTgyNDQ3WjARMQ8wDQYDVQQD\n" 54 "EwZXZWJSVEMwgZ8wDQYJKoZIhvcNAQEBBQADgY0AMIGJAoGBAMYRkbhmI7kVA/rM\n" 55 "czsZ+6JDhDvnkF+vn6yCAGuRPV03zuRqZtDy4N4to7PZu9PjqrRl7nDMXrG3YG9y\n" 56 "rlIAZ72KjcKKFAJxQyAKLCIdawKRyp8RdK3LEySWEZb0AV58IadqPZDTNHHRX8dz\n" 57 "5aTSMsbbkZ+C/OzTnbiMqLL/vg6jAgMBAAEwDQYJKoZIhvcNAQELBQADgYEAUflI\n" 58 "VUe5Krqf5RVa5C3u/UTAOAUJBiDS3VANTCLBxjuMsvqOG0WvaYWP3HYPgrz0jXK2\n" 59 "LJE/mGw3MyFHEqi81jh95J+ypl6xKW6Rm8jKLR87gUvCaVYn/Z4/P3AqcQTB7wOv\n" 60 "UD0A8qfhfDM+LK6rPAnCsVN0NRDY3jvd6rzix9M=\n" 61 "-----END CERTIFICATE-----\n"; 62 63#define MAYBE_SKIP_TEST(feature) \ 64 if (!(rtc::SSLStreamAdapter::feature())) { \ 65 LOG(LS_INFO) << "Feature disabled... skipping"; \ 66 return; \ 67 } 68 69class SSLStreamAdapterTestBase; 70 71class SSLDummyStream : public rtc::StreamInterface, 72 public sigslot::has_slots<> { 73 public: 74 explicit SSLDummyStream(SSLStreamAdapterTestBase *test, 75 const std::string &side, 76 rtc::FifoBuffer *in, 77 rtc::FifoBuffer *out) : 78 test_(test), 79 side_(side), 80 in_(in), 81 out_(out), 82 first_packet_(true) { 83 in_->SignalEvent.connect(this, &SSLDummyStream::OnEventIn); 84 out_->SignalEvent.connect(this, &SSLDummyStream::OnEventOut); 85 } 86 87 virtual rtc::StreamState GetState() const { return rtc::SS_OPEN; } 88 89 virtual rtc::StreamResult Read(void* buffer, size_t buffer_len, 90 size_t* read, int* error) { 91 rtc::StreamResult r; 92 93 r = in_->Read(buffer, buffer_len, read, error); 94 if (r == rtc::SR_BLOCK) 95 return rtc::SR_BLOCK; 96 if (r == rtc::SR_EOS) 97 return rtc::SR_EOS; 98 99 if (r != rtc::SR_SUCCESS) { 100 ADD_FAILURE(); 101 return rtc::SR_ERROR; 102 } 103 104 return rtc::SR_SUCCESS; 105 } 106 107 // Catch readability events on in and pass them up. 108 virtual void OnEventIn(rtc::StreamInterface *stream, int sig, 109 int err) { 110 int mask = (rtc::SE_READ | rtc::SE_CLOSE); 111 112 if (sig & mask) { 113 LOG(LS_INFO) << "SSLDummyStream::OnEvent side=" << side_ << " sig=" 114 << sig << " forwarding upward"; 115 PostEvent(sig & mask, 0); 116 } 117 } 118 119 // Catch writeability events on out and pass them up. 120 virtual void OnEventOut(rtc::StreamInterface *stream, int sig, 121 int err) { 122 if (sig & rtc::SE_WRITE) { 123 LOG(LS_INFO) << "SSLDummyStream::OnEvent side=" << side_ << " sig=" 124 << sig << " forwarding upward"; 125 126 PostEvent(sig & rtc::SE_WRITE, 0); 127 } 128 } 129 130 // Write to the outgoing FifoBuffer 131 rtc::StreamResult WriteData(const void* data, size_t data_len, 132 size_t* written, int* error) { 133 return out_->Write(data, data_len, written, error); 134 } 135 136 // Defined later 137 virtual rtc::StreamResult Write(const void* data, size_t data_len, 138 size_t* written, int* error); 139 140 virtual void Close() { 141 LOG(LS_INFO) << "Closing outbound stream"; 142 out_->Close(); 143 } 144 145 private: 146 SSLStreamAdapterTestBase *test_; 147 const std::string side_; 148 rtc::FifoBuffer *in_; 149 rtc::FifoBuffer *out_; 150 bool first_packet_; 151}; 152 153static const int kFifoBufferSize = 4096; 154 155class SSLStreamAdapterTestBase : public testing::Test, 156 public sigslot::has_slots<> { 157 public: 158 SSLStreamAdapterTestBase(const std::string& client_cert_pem, 159 const std::string& client_private_key_pem, 160 bool dtls) : 161 client_buffer_(kFifoBufferSize), server_buffer_(kFifoBufferSize), 162 client_stream_( 163 new SSLDummyStream(this, "c2s", &client_buffer_, &server_buffer_)), 164 server_stream_( 165 new SSLDummyStream(this, "s2c", &server_buffer_, &client_buffer_)), 166 client_ssl_(rtc::SSLStreamAdapter::Create(client_stream_)), 167 server_ssl_(rtc::SSLStreamAdapter::Create(server_stream_)), 168 client_identity_(NULL), server_identity_(NULL), 169 delay_(0), mtu_(1460), loss_(0), lose_first_packet_(false), 170 damage_(false), dtls_(dtls), 171 handshake_wait_(5000), identities_set_(false) { 172 // Set use of the test RNG to get predictable loss patterns. 173 rtc::SetRandomTestMode(true); 174 175 // Set up the slots 176 client_ssl_->SignalEvent.connect(this, &SSLStreamAdapterTestBase::OnEvent); 177 server_ssl_->SignalEvent.connect(this, &SSLStreamAdapterTestBase::OnEvent); 178 179 if (!client_cert_pem.empty() && !client_private_key_pem.empty()) { 180 client_identity_ = rtc::SSLIdentity::FromPEMStrings( 181 client_private_key_pem, client_cert_pem); 182 } else { 183 client_identity_ = rtc::SSLIdentity::Generate("client"); 184 } 185 server_identity_ = rtc::SSLIdentity::Generate("server"); 186 187 client_ssl_->SetIdentity(client_identity_); 188 server_ssl_->SetIdentity(server_identity_); 189 } 190 191 ~SSLStreamAdapterTestBase() { 192 // Put it back for the next test. 193 rtc::SetRandomTestMode(false); 194 } 195 196 static void SetUpTestCase() { 197 rtc::InitializeSSL(); 198 } 199 200 static void TearDownTestCase() { 201 rtc::CleanupSSL(); 202 } 203 204 // Recreate the client/server identities with the specified validity period. 205 // |not_before| and |not_after| are offsets from the current time in number 206 // of seconds. 207 void ResetIdentitiesWithValidity(int not_before, int not_after) { 208 client_stream_ = 209 new SSLDummyStream(this, "c2s", &client_buffer_, &server_buffer_); 210 server_stream_ = 211 new SSLDummyStream(this, "s2c", &server_buffer_, &client_buffer_); 212 213 client_ssl_.reset(rtc::SSLStreamAdapter::Create(client_stream_)); 214 server_ssl_.reset(rtc::SSLStreamAdapter::Create(server_stream_)); 215 216 client_ssl_->SignalEvent.connect(this, &SSLStreamAdapterTestBase::OnEvent); 217 server_ssl_->SignalEvent.connect(this, &SSLStreamAdapterTestBase::OnEvent); 218 219 rtc::SSLIdentityParams client_params; 220 client_params.common_name = "client"; 221 client_params.not_before = not_before; 222 client_params.not_after = not_after; 223 client_identity_ = rtc::SSLIdentity::GenerateForTest(client_params); 224 225 rtc::SSLIdentityParams server_params; 226 server_params.common_name = "server"; 227 server_params.not_before = not_before; 228 server_params.not_after = not_after; 229 server_identity_ = rtc::SSLIdentity::GenerateForTest(server_params); 230 231 client_ssl_->SetIdentity(client_identity_); 232 server_ssl_->SetIdentity(server_identity_); 233 } 234 235 virtual void OnEvent(rtc::StreamInterface *stream, int sig, int err) { 236 LOG(LS_INFO) << "SSLStreamAdapterTestBase::OnEvent sig=" << sig; 237 238 if (sig & rtc::SE_READ) { 239 ReadData(stream); 240 } 241 242 if ((stream == client_ssl_.get()) && (sig & rtc::SE_WRITE)) { 243 WriteData(); 244 } 245 } 246 247 void SetPeerIdentitiesByDigest(bool correct) { 248 unsigned char digest[20]; 249 size_t digest_len; 250 bool rv; 251 252 LOG(LS_INFO) << "Setting peer identities by digest"; 253 254 rv = server_identity_->certificate().ComputeDigest(rtc::DIGEST_SHA_1, 255 digest, 20, 256 &digest_len); 257 ASSERT_TRUE(rv); 258 if (!correct) { 259 LOG(LS_INFO) << "Setting bogus digest for server cert"; 260 digest[0]++; 261 } 262 rv = client_ssl_->SetPeerCertificateDigest(rtc::DIGEST_SHA_1, digest, 263 digest_len); 264 ASSERT_TRUE(rv); 265 266 267 rv = client_identity_->certificate().ComputeDigest(rtc::DIGEST_SHA_1, 268 digest, 20, &digest_len); 269 ASSERT_TRUE(rv); 270 if (!correct) { 271 LOG(LS_INFO) << "Setting bogus digest for client cert"; 272 digest[0]++; 273 } 274 rv = server_ssl_->SetPeerCertificateDigest(rtc::DIGEST_SHA_1, digest, 275 digest_len); 276 ASSERT_TRUE(rv); 277 278 identities_set_ = true; 279 } 280 281 void TestHandshake(bool expect_success = true) { 282 server_ssl_->SetMode(dtls_ ? rtc::SSL_MODE_DTLS : 283 rtc::SSL_MODE_TLS); 284 client_ssl_->SetMode(dtls_ ? rtc::SSL_MODE_DTLS : 285 rtc::SSL_MODE_TLS); 286 287 if (!dtls_) { 288 // Make sure we simulate a reliable network for TLS. 289 // This is just a check to make sure that people don't write wrong 290 // tests. 291 ASSERT((mtu_ == 1460) && (loss_ == 0) && (lose_first_packet_ == 0)); 292 } 293 294 if (!identities_set_) 295 SetPeerIdentitiesByDigest(true); 296 297 // Start the handshake 298 int rv; 299 300 server_ssl_->SetServerRole(); 301 rv = server_ssl_->StartSSLWithPeer(); 302 ASSERT_EQ(0, rv); 303 304 rv = client_ssl_->StartSSLWithPeer(); 305 ASSERT_EQ(0, rv); 306 307 // Now run the handshake 308 if (expect_success) { 309 EXPECT_TRUE_WAIT((client_ssl_->GetState() == rtc::SS_OPEN) 310 && (server_ssl_->GetState() == rtc::SS_OPEN), 311 handshake_wait_); 312 } else { 313 EXPECT_TRUE_WAIT(client_ssl_->GetState() == rtc::SS_CLOSED, 314 handshake_wait_); 315 } 316 } 317 318 rtc::StreamResult DataWritten(SSLDummyStream *from, const void *data, 319 size_t data_len, size_t *written, 320 int *error) { 321 // Randomly drop loss_ percent of packets 322 if (rtc::CreateRandomId() % 100 < static_cast<uint32>(loss_)) { 323 LOG(LS_INFO) << "Randomly dropping packet, size=" << data_len; 324 *written = data_len; 325 return rtc::SR_SUCCESS; 326 } 327 if (dtls_ && (data_len > mtu_)) { 328 LOG(LS_INFO) << "Dropping packet > mtu, size=" << data_len; 329 *written = data_len; 330 return rtc::SR_SUCCESS; 331 } 332 333 // Optionally damage application data (type 23). Note that we don't damage 334 // handshake packets and we damage the last byte to keep the header 335 // intact but break the MAC. 336 if (damage_ && (*static_cast<const unsigned char *>(data) == 23)) { 337 std::vector<char> buf(data_len); 338 339 LOG(LS_INFO) << "Damaging packet"; 340 341 memcpy(&buf[0], data, data_len); 342 buf[data_len - 1]++; 343 344 return from->WriteData(&buf[0], data_len, written, error); 345 } 346 347 return from->WriteData(data, data_len, written, error); 348 } 349 350 void SetDelay(int delay) { 351 delay_ = delay; 352 } 353 int GetDelay() { return delay_; } 354 355 void SetLoseFirstPacket(bool lose) { 356 lose_first_packet_ = lose; 357 } 358 bool GetLoseFirstPacket() { return lose_first_packet_; } 359 360 void SetLoss(int percent) { 361 loss_ = percent; 362 } 363 364 void SetDamage() { 365 damage_ = true; 366 } 367 368 void SetMtu(size_t mtu) { 369 mtu_ = mtu; 370 } 371 372 void SetHandshakeWait(int wait) { 373 handshake_wait_ = wait; 374 } 375 376 void SetDtlsSrtpCiphers(const std::vector<std::string> &ciphers, 377 bool client) { 378 if (client) 379 client_ssl_->SetDtlsSrtpCiphers(ciphers); 380 else 381 server_ssl_->SetDtlsSrtpCiphers(ciphers); 382 } 383 384 bool GetDtlsSrtpCipher(bool client, std::string *retval) { 385 if (client) 386 return client_ssl_->GetDtlsSrtpCipher(retval); 387 else 388 return server_ssl_->GetDtlsSrtpCipher(retval); 389 } 390 391 bool GetPeerCertificate(bool client, rtc::SSLCertificate** cert) { 392 if (client) 393 return client_ssl_->GetPeerCertificate(cert); 394 else 395 return server_ssl_->GetPeerCertificate(cert); 396 } 397 398 bool ExportKeyingMaterial(const char *label, 399 const unsigned char *context, 400 size_t context_len, 401 bool use_context, 402 bool client, 403 unsigned char *result, 404 size_t result_len) { 405 if (client) 406 return client_ssl_->ExportKeyingMaterial(label, 407 context, context_len, 408 use_context, 409 result, result_len); 410 else 411 return server_ssl_->ExportKeyingMaterial(label, 412 context, context_len, 413 use_context, 414 result, result_len); 415 } 416 417 // To be implemented by subclasses. 418 virtual void WriteData() = 0; 419 virtual void ReadData(rtc::StreamInterface *stream) = 0; 420 virtual void TestTransfer(int size) = 0; 421 422 protected: 423 rtc::FifoBuffer client_buffer_; 424 rtc::FifoBuffer server_buffer_; 425 SSLDummyStream *client_stream_; // freed by client_ssl_ destructor 426 SSLDummyStream *server_stream_; // freed by server_ssl_ destructor 427 rtc::scoped_ptr<rtc::SSLStreamAdapter> client_ssl_; 428 rtc::scoped_ptr<rtc::SSLStreamAdapter> server_ssl_; 429 rtc::SSLIdentity *client_identity_; // freed by client_ssl_ destructor 430 rtc::SSLIdentity *server_identity_; // freed by server_ssl_ destructor 431 int delay_; 432 size_t mtu_; 433 int loss_; 434 bool lose_first_packet_; 435 bool damage_; 436 bool dtls_; 437 int handshake_wait_; 438 bool identities_set_; 439}; 440 441class SSLStreamAdapterTestTLS : public SSLStreamAdapterTestBase { 442 public: 443 SSLStreamAdapterTestTLS() : 444 SSLStreamAdapterTestBase("", "", false) { 445 }; 446 447 // Test data transfer for TLS 448 virtual void TestTransfer(int size) { 449 LOG(LS_INFO) << "Starting transfer test with " << size << " bytes"; 450 // Create some dummy data to send. 451 size_t received; 452 453 send_stream_.ReserveSize(size); 454 for (int i = 0; i < size; ++i) { 455 char ch = static_cast<char>(i); 456 send_stream_.Write(&ch, 1, NULL, NULL); 457 } 458 send_stream_.Rewind(); 459 460 // Prepare the receive stream. 461 recv_stream_.ReserveSize(size); 462 463 // Start sending 464 WriteData(); 465 466 // Wait for the client to close 467 EXPECT_TRUE_WAIT(server_ssl_->GetState() == rtc::SS_CLOSED, 10000); 468 469 // Now check the data 470 recv_stream_.GetSize(&received); 471 472 EXPECT_EQ(static_cast<size_t>(size), received); 473 EXPECT_EQ(0, memcmp(send_stream_.GetBuffer(), 474 recv_stream_.GetBuffer(), size)); 475 } 476 477 void WriteData() { 478 size_t position, tosend, size; 479 rtc::StreamResult rv; 480 size_t sent; 481 char block[kBlockSize]; 482 483 send_stream_.GetSize(&size); 484 if (!size) 485 return; 486 487 for (;;) { 488 send_stream_.GetPosition(&position); 489 if (send_stream_.Read(block, sizeof(block), &tosend, NULL) != 490 rtc::SR_EOS) { 491 rv = client_ssl_->Write(block, tosend, &sent, 0); 492 493 if (rv == rtc::SR_SUCCESS) { 494 send_stream_.SetPosition(position + sent); 495 LOG(LS_VERBOSE) << "Sent: " << position + sent; 496 } else if (rv == rtc::SR_BLOCK) { 497 LOG(LS_VERBOSE) << "Blocked..."; 498 send_stream_.SetPosition(position); 499 break; 500 } else { 501 ADD_FAILURE(); 502 break; 503 } 504 } else { 505 // Now close 506 LOG(LS_INFO) << "Wrote " << position << " bytes. Closing"; 507 client_ssl_->Close(); 508 break; 509 } 510 } 511 }; 512 513 virtual void ReadData(rtc::StreamInterface *stream) { 514 char buffer[1600]; 515 size_t bread; 516 int err2; 517 rtc::StreamResult r; 518 519 for (;;) { 520 r = stream->Read(buffer, sizeof(buffer), &bread, &err2); 521 522 if (r == rtc::SR_ERROR || r == rtc::SR_EOS) { 523 // Unfortunately, errors are the way that the stream adapter 524 // signals close in OpenSSL 525 stream->Close(); 526 return; 527 } 528 529 if (r == rtc::SR_BLOCK) 530 break; 531 532 ASSERT_EQ(rtc::SR_SUCCESS, r); 533 LOG(LS_INFO) << "Read " << bread; 534 535 recv_stream_.Write(buffer, bread, NULL, NULL); 536 } 537 } 538 539 private: 540 rtc::MemoryStream send_stream_; 541 rtc::MemoryStream recv_stream_; 542}; 543 544class SSLStreamAdapterTestDTLS : public SSLStreamAdapterTestBase { 545 public: 546 SSLStreamAdapterTestDTLS() : 547 SSLStreamAdapterTestBase("", "", true), 548 packet_size_(1000), count_(0), sent_(0) { 549 } 550 551 SSLStreamAdapterTestDTLS(const std::string& cert_pem, 552 const std::string& private_key_pem) : 553 SSLStreamAdapterTestBase(cert_pem, private_key_pem, true), 554 packet_size_(1000), count_(0), sent_(0) { 555 } 556 557 virtual void WriteData() { 558 unsigned char *packet = new unsigned char[1600]; 559 560 do { 561 memset(packet, sent_ & 0xff, packet_size_); 562 *(reinterpret_cast<uint32_t *>(packet)) = sent_; 563 564 size_t sent; 565 int rv = client_ssl_->Write(packet, packet_size_, &sent, 0); 566 if (rv == rtc::SR_SUCCESS) { 567 LOG(LS_VERBOSE) << "Sent: " << sent_; 568 sent_++; 569 } else if (rv == rtc::SR_BLOCK) { 570 LOG(LS_VERBOSE) << "Blocked..."; 571 break; 572 } else { 573 ADD_FAILURE(); 574 break; 575 } 576 } while (sent_ < count_); 577 578 delete [] packet; 579 } 580 581 virtual void ReadData(rtc::StreamInterface *stream) { 582 unsigned char buffer[2000]; 583 size_t bread; 584 int err2; 585 rtc::StreamResult r; 586 587 for (;;) { 588 r = stream->Read(buffer, 2000, &bread, &err2); 589 590 if (r == rtc::SR_ERROR) { 591 // Unfortunately, errors are the way that the stream adapter 592 // signals close right now 593 stream->Close(); 594 return; 595 } 596 597 if (r == rtc::SR_BLOCK) 598 break; 599 600 ASSERT_EQ(rtc::SR_SUCCESS, r); 601 LOG(LS_INFO) << "Read " << bread; 602 603 // Now parse the datagram 604 ASSERT_EQ(packet_size_, bread); 605 unsigned char* ptr_to_buffer = buffer; 606 uint32_t packet_num = *(reinterpret_cast<uint32_t *>(ptr_to_buffer)); 607 608 for (size_t i = 4; i < packet_size_; i++) { 609 ASSERT_EQ((packet_num & 0xff), buffer[i]); 610 } 611 received_.insert(packet_num); 612 } 613 } 614 615 virtual void TestTransfer(int count) { 616 count_ = count; 617 618 WriteData(); 619 620 EXPECT_TRUE_WAIT(sent_ == count_, 10000); 621 LOG(LS_INFO) << "sent_ == " << sent_; 622 623 if (damage_) { 624 WAIT(false, 2000); 625 EXPECT_EQ(0U, received_.size()); 626 } else if (loss_ == 0) { 627 EXPECT_EQ_WAIT(static_cast<size_t>(sent_), received_.size(), 1000); 628 } else { 629 LOG(LS_INFO) << "Sent " << sent_ << " packets; received " << 630 received_.size(); 631 } 632 }; 633 634 private: 635 size_t packet_size_; 636 int count_; 637 int sent_; 638 std::set<int> received_; 639}; 640 641 642rtc::StreamResult SSLDummyStream::Write(const void* data, size_t data_len, 643 size_t* written, int* error) { 644 *written = data_len; 645 646 LOG(LS_INFO) << "Writing to loopback " << data_len; 647 648 if (first_packet_) { 649 first_packet_ = false; 650 if (test_->GetLoseFirstPacket()) { 651 LOG(LS_INFO) << "Losing initial packet of length " << data_len; 652 return rtc::SR_SUCCESS; 653 } 654 } 655 656 return test_->DataWritten(this, data, data_len, written, error); 657 658 return rtc::SR_SUCCESS; 659}; 660 661class SSLStreamAdapterTestDTLSFromPEMStrings : public SSLStreamAdapterTestDTLS { 662 public: 663 SSLStreamAdapterTestDTLSFromPEMStrings() : 664 SSLStreamAdapterTestDTLS(kCERT_PEM, kRSA_PRIVATE_KEY_PEM) { 665 } 666}; 667 668// Basic tests: TLS 669 670// Test that we cannot read/write if we have not yet handshaked. 671// This test only applies to NSS because OpenSSL has passthrough 672// semantics for I/O before the handshake is started. 673#if SSL_USE_NSS 674TEST_F(SSLStreamAdapterTestTLS, TestNoReadWriteBeforeConnect) { 675 rtc::StreamResult rv; 676 char block[kBlockSize]; 677 size_t dummy; 678 679 rv = client_ssl_->Write(block, sizeof(block), &dummy, NULL); 680 ASSERT_EQ(rtc::SR_BLOCK, rv); 681 682 rv = client_ssl_->Read(block, sizeof(block), &dummy, NULL); 683 ASSERT_EQ(rtc::SR_BLOCK, rv); 684} 685#endif 686 687 688// Test that we can make a handshake work 689TEST_F(SSLStreamAdapterTestTLS, TestTLSConnect) { 690 TestHandshake(); 691}; 692 693// Test transfer -- trivial 694TEST_F(SSLStreamAdapterTestTLS, TestTLSTransfer) { 695 TestHandshake(); 696 TestTransfer(100000); 697}; 698 699// Test read-write after close. 700TEST_F(SSLStreamAdapterTestTLS, ReadWriteAfterClose) { 701 TestHandshake(); 702 TestTransfer(100000); 703 client_ssl_->Close(); 704 705 rtc::StreamResult rv; 706 char block[kBlockSize]; 707 size_t dummy; 708 709 // It's an error to write after closed. 710 rv = client_ssl_->Write(block, sizeof(block), &dummy, NULL); 711 ASSERT_EQ(rtc::SR_ERROR, rv); 712 713 // But after closed read gives you EOS. 714 rv = client_ssl_->Read(block, sizeof(block), &dummy, NULL); 715 ASSERT_EQ(rtc::SR_EOS, rv); 716}; 717 718// Test a handshake with a bogus peer digest 719TEST_F(SSLStreamAdapterTestTLS, TestTLSBogusDigest) { 720 SetPeerIdentitiesByDigest(false); 721 TestHandshake(false); 722}; 723 724// Test moving a bunch of data 725 726// Basic tests: DTLS 727// Test that we can make a handshake work 728TEST_F(SSLStreamAdapterTestDTLS, TestDTLSConnect) { 729 MAYBE_SKIP_TEST(HaveDtls); 730 TestHandshake(); 731}; 732 733// Test that we can make a handshake work if the first packet in 734// each direction is lost. This gives us predictable loss 735// rather than having to tune random 736TEST_F(SSLStreamAdapterTestDTLS, TestDTLSConnectWithLostFirstPacket) { 737 MAYBE_SKIP_TEST(HaveDtls); 738 SetLoseFirstPacket(true); 739 TestHandshake(); 740}; 741 742// Test a handshake with loss and delay 743TEST_F(SSLStreamAdapterTestDTLS, 744 TestDTLSConnectWithLostFirstPacketDelay2s) { 745 MAYBE_SKIP_TEST(HaveDtls); 746 SetLoseFirstPacket(true); 747 SetDelay(2000); 748 SetHandshakeWait(20000); 749 TestHandshake(); 750}; 751 752// Test a handshake with small MTU 753TEST_F(SSLStreamAdapterTestDTLS, TestDTLSConnectWithSmallMtu) { 754 MAYBE_SKIP_TEST(HaveDtls); 755 SetMtu(700); 756 SetHandshakeWait(20000); 757 TestHandshake(); 758}; 759 760// Test transfer -- trivial 761TEST_F(SSLStreamAdapterTestDTLS, TestDTLSTransfer) { 762 MAYBE_SKIP_TEST(HaveDtls); 763 TestHandshake(); 764 TestTransfer(100); 765}; 766 767TEST_F(SSLStreamAdapterTestDTLS, TestDTLSTransferWithLoss) { 768 MAYBE_SKIP_TEST(HaveDtls); 769 TestHandshake(); 770 SetLoss(10); 771 TestTransfer(100); 772}; 773 774TEST_F(SSLStreamAdapterTestDTLS, TestDTLSTransferWithDamage) { 775 MAYBE_SKIP_TEST(HaveDtls); 776 SetDamage(); // Must be called first because first packet 777 // write happens at end of handshake. 778 TestHandshake(); 779 TestTransfer(100); 780}; 781 782// Test DTLS-SRTP with all high ciphers 783TEST_F(SSLStreamAdapterTestDTLS, TestDTLSSrtpHigh) { 784 MAYBE_SKIP_TEST(HaveDtlsSrtp); 785 std::vector<std::string> high; 786 high.push_back(kAES_CM_HMAC_SHA1_80); 787 SetDtlsSrtpCiphers(high, true); 788 SetDtlsSrtpCiphers(high, false); 789 TestHandshake(); 790 791 std::string client_cipher; 792 ASSERT_TRUE(GetDtlsSrtpCipher(true, &client_cipher)); 793 std::string server_cipher; 794 ASSERT_TRUE(GetDtlsSrtpCipher(false, &server_cipher)); 795 796 ASSERT_EQ(client_cipher, server_cipher); 797 ASSERT_EQ(client_cipher, kAES_CM_HMAC_SHA1_80); 798}; 799 800// Test DTLS-SRTP with all low ciphers 801TEST_F(SSLStreamAdapterTestDTLS, TestDTLSSrtpLow) { 802 MAYBE_SKIP_TEST(HaveDtlsSrtp); 803 std::vector<std::string> low; 804 low.push_back(kAES_CM_HMAC_SHA1_32); 805 SetDtlsSrtpCiphers(low, true); 806 SetDtlsSrtpCiphers(low, false); 807 TestHandshake(); 808 809 std::string client_cipher; 810 ASSERT_TRUE(GetDtlsSrtpCipher(true, &client_cipher)); 811 std::string server_cipher; 812 ASSERT_TRUE(GetDtlsSrtpCipher(false, &server_cipher)); 813 814 ASSERT_EQ(client_cipher, server_cipher); 815 ASSERT_EQ(client_cipher, kAES_CM_HMAC_SHA1_32); 816}; 817 818 819// Test DTLS-SRTP with a mismatch -- should not converge 820TEST_F(SSLStreamAdapterTestDTLS, TestDTLSSrtpHighLow) { 821 MAYBE_SKIP_TEST(HaveDtlsSrtp); 822 std::vector<std::string> high; 823 high.push_back(kAES_CM_HMAC_SHA1_80); 824 std::vector<std::string> low; 825 low.push_back(kAES_CM_HMAC_SHA1_32); 826 SetDtlsSrtpCiphers(high, true); 827 SetDtlsSrtpCiphers(low, false); 828 TestHandshake(); 829 830 std::string client_cipher; 831 ASSERT_FALSE(GetDtlsSrtpCipher(true, &client_cipher)); 832 std::string server_cipher; 833 ASSERT_FALSE(GetDtlsSrtpCipher(false, &server_cipher)); 834}; 835 836// Test DTLS-SRTP with each side being mixed -- should select high 837TEST_F(SSLStreamAdapterTestDTLS, TestDTLSSrtpMixed) { 838 MAYBE_SKIP_TEST(HaveDtlsSrtp); 839 std::vector<std::string> mixed; 840 mixed.push_back(kAES_CM_HMAC_SHA1_80); 841 mixed.push_back(kAES_CM_HMAC_SHA1_32); 842 SetDtlsSrtpCiphers(mixed, true); 843 SetDtlsSrtpCiphers(mixed, false); 844 TestHandshake(); 845 846 std::string client_cipher; 847 ASSERT_TRUE(GetDtlsSrtpCipher(true, &client_cipher)); 848 std::string server_cipher; 849 ASSERT_TRUE(GetDtlsSrtpCipher(false, &server_cipher)); 850 851 ASSERT_EQ(client_cipher, server_cipher); 852 ASSERT_EQ(client_cipher, kAES_CM_HMAC_SHA1_80); 853}; 854 855// Test an exporter 856TEST_F(SSLStreamAdapterTestDTLS, TestDTLSExporter) { 857 MAYBE_SKIP_TEST(HaveExporter); 858 TestHandshake(); 859 unsigned char client_out[20]; 860 unsigned char server_out[20]; 861 862 bool result; 863 result = ExportKeyingMaterial(kExporterLabel, 864 kExporterContext, kExporterContextLen, 865 true, true, 866 client_out, sizeof(client_out)); 867 ASSERT_TRUE(result); 868 869 result = ExportKeyingMaterial(kExporterLabel, 870 kExporterContext, kExporterContextLen, 871 true, false, 872 server_out, sizeof(server_out)); 873 ASSERT_TRUE(result); 874 875 ASSERT_TRUE(!memcmp(client_out, server_out, sizeof(client_out))); 876} 877 878// Test not yet valid certificates are not rejected. 879TEST_F(SSLStreamAdapterTestDTLS, TestCertNotYetValid) { 880 MAYBE_SKIP_TEST(HaveDtls); 881 long one_day = 60 * 60 * 24; 882 // Make the certificates not valid until one day later. 883 ResetIdentitiesWithValidity(one_day, one_day); 884 TestHandshake(); 885} 886 887// Test expired certificates are not rejected. 888TEST_F(SSLStreamAdapterTestDTLS, TestCertExpired) { 889 MAYBE_SKIP_TEST(HaveDtls); 890 long one_day = 60 * 60 * 24; 891 // Make the certificates already expired. 892 ResetIdentitiesWithValidity(-one_day, -one_day); 893 TestHandshake(); 894} 895 896// Test data transfer using certs created from strings. 897TEST_F(SSLStreamAdapterTestDTLSFromPEMStrings, TestTransfer) { 898 MAYBE_SKIP_TEST(HaveDtls); 899 TestHandshake(); 900 TestTransfer(100); 901} 902 903// Test getting the remote certificate. 904TEST_F(SSLStreamAdapterTestDTLSFromPEMStrings, TestDTLSGetPeerCertificate) { 905 MAYBE_SKIP_TEST(HaveDtls); 906 907 // Peer certificates haven't been received yet. 908 rtc::scoped_ptr<rtc::SSLCertificate> client_peer_cert; 909 ASSERT_FALSE(GetPeerCertificate(true, client_peer_cert.accept())); 910 ASSERT_FALSE(client_peer_cert != NULL); 911 912 rtc::scoped_ptr<rtc::SSLCertificate> server_peer_cert; 913 ASSERT_FALSE(GetPeerCertificate(false, server_peer_cert.accept())); 914 ASSERT_FALSE(server_peer_cert != NULL); 915 916 TestHandshake(); 917 918 // The client should have a peer certificate after the handshake. 919 ASSERT_TRUE(GetPeerCertificate(true, client_peer_cert.accept())); 920 ASSERT_TRUE(client_peer_cert != NULL); 921 922 // It's not kCERT_PEM. 923 std::string client_peer_string = client_peer_cert->ToPEMString(); 924 ASSERT_NE(kCERT_PEM, client_peer_string); 925 926 // It must not have a chain, because the test certs are self-signed. 927 rtc::SSLCertChain* client_peer_chain; 928 ASSERT_FALSE(client_peer_cert->GetChain(&client_peer_chain)); 929 930 // The server should have a peer certificate after the handshake. 931 ASSERT_TRUE(GetPeerCertificate(false, server_peer_cert.accept())); 932 ASSERT_TRUE(server_peer_cert != NULL); 933 934 // It's kCERT_PEM 935 ASSERT_EQ(kCERT_PEM, server_peer_cert->ToPEMString()); 936 937 // It must not have a chain, because the test certs are self-signed. 938 rtc::SSLCertChain* server_peer_chain; 939 ASSERT_FALSE(server_peer_cert->GetChain(&server_peer_chain)); 940} 941