1 /*
2 *
3 * Copyright 2018 gRPC authors.
4 *
5 * Licensed under the Apache License, Version 2.0 (the "License");
6 * you may not use this file except in compliance with the License.
7 * You may obtain a copy of the License at
8 *
9 * http://www.apache.org/licenses/LICENSE-2.0
10 *
11 * Unless required by applicable law or agreed to in writing, software
12 * distributed under the License is distributed on an "AS IS" BASIS,
13 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
14 * See the License for the specific language governing permissions and
15 * limitations under the License.
16 *
17 */
18
19 #include "src/core/tsi/alts/frame_protector/alts_frame_protector.h"
20
21 #include <stdbool.h>
22
23 #include <grpc/support/alloc.h>
24 #include <grpc/support/log.h>
25
26 #include "src/core/tsi/alts/crypt/gsec.h"
27 #include "src/core/tsi/transport_security_interface.h"
28 #include "test/core/tsi/alts/crypt/gsec_test_util.h"
29 #include "test/core/tsi/transport_security_test_lib.h"
30
31 const size_t kChannelSize = 32768;
32
alts_test_do_round_trip_check_frames(tsi_test_frame_protector_fixture * fixture,const uint8_t * key,const size_t key_size,bool rekey,const uint8_t * client_message,const size_t client_message_size,const uint8_t * client_expected_frames,const size_t client_frame_size,const uint8_t * server_message,const size_t server_message_size,const uint8_t * server_expected_frames,const size_t server_frame_size)33 static void alts_test_do_round_trip_check_frames(
34 tsi_test_frame_protector_fixture* fixture, const uint8_t* key,
35 const size_t key_size, bool rekey, const uint8_t* client_message,
36 const size_t client_message_size, const uint8_t* client_expected_frames,
37 const size_t client_frame_size, const uint8_t* server_message,
38 const size_t server_message_size, const uint8_t* server_expected_frames,
39 const size_t server_frame_size) {
40 GPR_ASSERT(fixture != nullptr);
41 GPR_ASSERT(fixture->config != nullptr);
42 tsi_frame_protector* client_frame_protector = nullptr;
43 tsi_frame_protector* server_frame_protector = nullptr;
44 tsi_test_frame_protector_config* config = fixture->config;
45 tsi_test_channel* channel = fixture->channel;
46 /* Create a client frame protector. */
47 size_t client_max_output_protected_frame_size =
48 config->client_max_output_protected_frame_size;
49 GPR_ASSERT(
50 alts_create_frame_protector(key, key_size, /*is_client=*/true, rekey,
51 client_max_output_protected_frame_size == 0
52 ? nullptr
53 : &client_max_output_protected_frame_size,
54 &client_frame_protector) == TSI_OK);
55 /* Create a server frame protector. */
56 size_t server_max_output_protected_frame_size =
57 config->server_max_output_protected_frame_size;
58 GPR_ASSERT(
59 alts_create_frame_protector(key, key_size, /*is_client=*/false, rekey,
60 server_max_output_protected_frame_size == 0
61 ? nullptr
62 : &server_max_output_protected_frame_size,
63 &server_frame_protector) == TSI_OK);
64 tsi_test_frame_protector_fixture_init(fixture, client_frame_protector,
65 server_frame_protector);
66 /* Client sends a message to server. */
67 uint8_t* saved_client_message = config->client_message;
68 config->client_message = const_cast<uint8_t*>(client_message);
69 config->client_message_size = client_message_size;
70 tsi_test_frame_protector_send_message_to_peer(config, channel,
71 client_frame_protector,
72 /*is_client=*/true);
73 /* Verify if the generated frame is the same as the expected. */
74 GPR_ASSERT(channel->bytes_written_to_server_channel == client_frame_size);
75 GPR_ASSERT(memcmp(client_expected_frames, channel->server_channel,
76 client_frame_size) == 0);
77 unsigned char* server_received_message =
78 static_cast<unsigned char*>(gpr_malloc(kChannelSize));
79 size_t server_received_message_size = 0;
80 tsi_test_frame_protector_receive_message_from_peer(
81 config, channel, server_frame_protector, server_received_message,
82 &server_received_message_size, /*is_client=*/false);
83 GPR_ASSERT(config->client_message_size == server_received_message_size);
84 GPR_ASSERT(memcmp(config->client_message, server_received_message,
85 server_received_message_size) == 0);
86 /* Server sends a message to client. */
87 uint8_t* saved_server_message = config->server_message;
88 config->server_message = const_cast<uint8_t*>(server_message);
89 config->server_message_size = server_message_size;
90 tsi_test_frame_protector_send_message_to_peer(config, channel,
91 server_frame_protector,
92 /*is_client=*/false);
93 /* Verify if the generated frame is the same as the expected. */
94 GPR_ASSERT(channel->bytes_written_to_client_channel == server_frame_size);
95 GPR_ASSERT(memcmp(server_expected_frames, channel->client_channel,
96 server_frame_size) == 0);
97 unsigned char* client_received_message =
98 static_cast<unsigned char*>(gpr_malloc(kChannelSize));
99 size_t client_received_message_size = 0;
100 tsi_test_frame_protector_receive_message_from_peer(
101 config, channel, client_frame_protector, client_received_message,
102 &client_received_message_size,
103 /*is_client=*/true);
104 GPR_ASSERT(config->server_message_size == client_received_message_size);
105 GPR_ASSERT(memcmp(config->server_message, client_received_message,
106 client_received_message_size) == 0);
107 config->client_message = saved_client_message;
108 config->server_message = saved_server_message;
109 /* Destroy server and client frame protectors. */
110 gpr_free(server_received_message);
111 gpr_free(client_received_message);
112 }
113
alts_test_do_round_trip_vector_tests()114 static void alts_test_do_round_trip_vector_tests() {
115 const uint8_t key[] = {0xfe, 0xff, 0xe9, 0x92, 0x86, 0x65, 0x73, 0x1c,
116 0x6d, 0x6a, 0x8f, 0x94, 0x67, 0x30, 0x83, 0x08};
117 const char small_message[] = {'C', 'h', 'a', 'p', 'i', ' ',
118 'C', 'h', 'a', 'p', 'o'};
119 const uint8_t large_message[] = {
120 0xd9, 0x31, 0x32, 0x25, 0xf8, 0x84, 0x06, 0xe5, 0xa5, 0x59, 0x09, 0xc5,
121 0xaf, 0xf5, 0x26, 0x9a, 0x86, 0xa7, 0xa9, 0x53, 0x15, 0x34, 0xf7, 0xda,
122 0x2e, 0x4c, 0x30, 0x3d, 0x8a, 0x31, 0x8a, 0x72, 0x1c, 0x3c, 0x0c, 0x95,
123 0x95, 0x68, 0x09, 0x53, 0x2f, 0xcf, 0x0e, 0x24, 0x49, 0xa6, 0xb5, 0x25,
124 0xb1, 0x6a, 0xed, 0xf5, 0xaa, 0x0d, 0xe6, 0x57, 0xba, 0x63, 0x7b, 0x39,
125 0x1a, 0xaf, 0xd2, 0x55, 0xd6, 0x09, 0xb1, 0xf0, 0x56, 0x63, 0x7a, 0x0d,
126 0x46, 0xdf, 0x99, 0x8d, 0x88, 0xe5, 0x22, 0x2a, 0xb2, 0xc2, 0x84, 0x65,
127 0x12, 0x15, 0x35, 0x24, 0xc0, 0x89, 0x5e, 0x81, 0x08, 0x06, 0x0f, 0x10,
128 0x11, 0x12, 0x13, 0x14, 0x15, 0x16, 0x17, 0x18, 0x19, 0x1a, 0x1b, 0x1c,
129 0x1d, 0x1e, 0x1f, 0x20, 0x21, 0x22, 0x23, 0x24, 0x25, 0x26, 0x27, 0x28,
130 0x29, 0x2a, 0x2b, 0x2c, 0x2d, 0x2e, 0x2f, 0x30};
131 const size_t small_message_size = sizeof(small_message) / sizeof(uint8_t);
132 const size_t large_message_size = sizeof(large_message) / sizeof(uint8_t);
133 /* Test small client message and large server message. */
134 const uint8_t client_expected_frame1[] = {
135 0x1f, 0x00, 0x00, 0x00, 0x06, 0x00, 0x00, 0x00, 0x09, 0xd8, 0xd5, 0x92,
136 0x4d, 0x50, 0x32, 0xb7, 0x1f, 0xb8, 0xf2, 0xbb, 0x43, 0xc7, 0xe2, 0x94,
137 0x3d, 0x3e, 0x9a, 0x78, 0x76, 0xaa, 0x0a, 0x6b, 0xfa, 0x98, 0x3a};
138 const uint8_t server_expected_frame1[] = {
139 0x94, 0x00, 0x00, 0x00, 0x06, 0x00, 0x00, 0x00, 0xa9, 0x4b, 0xf8, 0xc8,
140 0xe7, 0x8f, 0x1a, 0x26, 0x37, 0x44, 0xa2, 0x5c, 0x55, 0x94, 0x30, 0x4e,
141 0x3e, 0x16, 0xe7, 0x9e, 0x96, 0xe8, 0x1b, 0xc0, 0xdd, 0x52, 0x30, 0x06,
142 0xc2, 0x72, 0x9a, 0xa1, 0x0b, 0xdb, 0xdc, 0x19, 0x8c, 0x93, 0x5e, 0x84,
143 0x1f, 0x4b, 0x97, 0x26, 0xf0, 0x73, 0x85, 0x59, 0x00, 0x95, 0xc1, 0xc5,
144 0x22, 0x2f, 0x70, 0x85, 0x68, 0x2c, 0x4f, 0xfe, 0x30, 0x26, 0x91, 0xde,
145 0x62, 0x55, 0x1d, 0x35, 0x01, 0x96, 0x1c, 0xe7, 0xa2, 0x8b, 0x14, 0x8a,
146 0x5e, 0x1b, 0x4a, 0x3b, 0x4f, 0x65, 0x0f, 0xca, 0x79, 0x10, 0xb4, 0xdd,
147 0xf7, 0xa4, 0x8b, 0x64, 0x2f, 0x00, 0x39, 0x60, 0x03, 0xfc, 0xe1, 0x8b,
148 0x5c, 0x19, 0xba, 0xcc, 0x46, 0xba, 0x88, 0xdd, 0x40, 0x42, 0x27, 0x4f,
149 0xe4, 0x1a, 0x6a, 0x31, 0x6c, 0x1c, 0xb0, 0xb6, 0x5c, 0x3e, 0xca, 0x84,
150 0x9b, 0x5f, 0x04, 0x84, 0x11, 0xa9, 0xf8, 0x39, 0xe7, 0xe7, 0xc5, 0xc4,
151 0x33, 0x9f, 0x63, 0x21, 0x9a, 0x7c, 0x9c, 0x64};
152 const size_t client_frame_size1 =
153 sizeof(client_expected_frame1) / sizeof(uint8_t);
154 const size_t server_frame_size1 =
155 sizeof(server_expected_frame1) / sizeof(uint8_t);
156 tsi_test_frame_protector_fixture* fixture =
157 tsi_test_frame_protector_fixture_create();
158 alts_test_do_round_trip_check_frames(
159 fixture, key, kAes128GcmKeyLength, /*rekey=*/false,
160 reinterpret_cast<const uint8_t*>(small_message), small_message_size,
161 client_expected_frame1, client_frame_size1, large_message,
162 large_message_size, server_expected_frame1, server_frame_size1);
163 tsi_test_frame_protector_fixture_destroy(fixture);
164 /**
165 * Test large client message, small server message, and small
166 * message_buffer_allocated_size.
167 */
168 const uint8_t client_expected_frame2[] = {
169 0x94, 0x00, 0x00, 0x00, 0x06, 0x00, 0x00, 0x00, 0x93, 0x81, 0x86, 0xc7,
170 0xdc, 0xf4, 0x77, 0x3a, 0xdb, 0x91, 0x94, 0x61, 0xba, 0xed, 0xd5, 0x37,
171 0x47, 0x53, 0x0c, 0xe1, 0xbf, 0x59, 0x23, 0x20, 0xde, 0x8b, 0x25, 0x13,
172 0x72, 0xe7, 0x8a, 0x4f, 0x32, 0x61, 0xc6, 0xda, 0xc3, 0xe9, 0xff, 0x31,
173 0x33, 0x53, 0x4a, 0xf8, 0xc9, 0x98, 0xe4, 0x19, 0x71, 0x9c, 0x5e, 0x72,
174 0xc7, 0x35, 0x97, 0x78, 0x30, 0xf2, 0xc4, 0xd1, 0x53, 0xd5, 0x6e, 0x8f,
175 0x4f, 0xd9, 0x28, 0x5a, 0xfd, 0x22, 0x57, 0x7f, 0x95, 0xb4, 0x8a, 0x5e,
176 0x7c, 0x47, 0xa8, 0xcf, 0x64, 0x3d, 0x83, 0xa5, 0xcf, 0xc3, 0xfe, 0x54,
177 0xc2, 0x6a, 0x40, 0xc4, 0xfb, 0x8e, 0x07, 0x77, 0x70, 0x8f, 0x99, 0x94,
178 0xb1, 0xd5, 0xa7, 0xf9, 0x0d, 0xc7, 0x11, 0xc5, 0x6f, 0x4a, 0x4f, 0x56,
179 0xd5, 0xe2, 0x9c, 0xbb, 0x95, 0x7a, 0xd0, 0x9f, 0x30, 0x54, 0xca, 0x6d,
180 0x5c, 0x8e, 0x83, 0xa0, 0x04, 0x5e, 0xd0, 0x22, 0x8c, 0x2a, 0x7f, 0xdb,
181 0xfe, 0xb3, 0x2e, 0xae, 0x22, 0xe6, 0xf4, 0xb7};
182 const uint8_t server_expected_frame2[] = {
183 0x1f, 0x00, 0x00, 0x00, 0x06, 0x00, 0x00, 0x00, 0x33, 0x12, 0xab, 0x9d,
184 0x76, 0x2b, 0x5f, 0xab, 0xf3, 0x6d, 0xc4, 0xaa, 0xe5, 0x1e, 0x63, 0xc1,
185 0x7b, 0x7b, 0x10, 0xd5, 0x63, 0x0f, 0x29, 0xad, 0x17, 0x33, 0x73};
186 const size_t client_frame_size2 =
187 sizeof(client_expected_frame2) / sizeof(uint8_t);
188 const size_t server_frame_size2 =
189 sizeof(server_expected_frame2) / sizeof(uint8_t);
190 fixture = tsi_test_frame_protector_fixture_create();
191 alts_test_do_round_trip_check_frames(
192 fixture, key, kAes128GcmKeyLength, /*rekey=*/false, large_message,
193 large_message_size, client_expected_frame2, client_frame_size2,
194 reinterpret_cast<const uint8_t*>(small_message), small_message_size,
195 server_expected_frame2, server_frame_size2);
196 tsi_test_frame_protector_fixture_destroy(fixture);
197 /**
198 * Test large client message, small server message, and small
199 * protected_buffer_size.
200 */
201 const uint8_t client_expected_frame3[] = {
202 0x94, 0x00, 0x00, 0x00, 0x06, 0x00, 0x00, 0x00, 0x93, 0x81, 0x86, 0xc7,
203 0xdc, 0xf4, 0x77, 0x3a, 0xdb, 0x91, 0x94, 0x61, 0xba, 0xed, 0xd5, 0x37,
204 0x47, 0x53, 0x0c, 0xe1, 0xbf, 0x59, 0x23, 0x20, 0xde, 0x8b, 0x25, 0x13,
205 0x72, 0xe7, 0x8a, 0x4f, 0x32, 0x61, 0xc6, 0xda, 0xc3, 0xe9, 0xff, 0x31,
206 0x33, 0x53, 0x4a, 0xf8, 0xc9, 0x98, 0xe4, 0x19, 0x71, 0x9c, 0x5e, 0x72,
207 0xc7, 0x35, 0x97, 0x78, 0x30, 0xf2, 0xc4, 0xd1, 0x53, 0xd5, 0x6e, 0x8f,
208 0x4f, 0xd9, 0x28, 0x5a, 0xfd, 0x22, 0x57, 0x7f, 0x95, 0xb4, 0x8a, 0x5e,
209 0x7c, 0x47, 0xa8, 0xcf, 0x64, 0x3d, 0x83, 0xa5, 0xcf, 0xc3, 0xfe, 0x54,
210 0xc2, 0x6a, 0x40, 0xc4, 0xfb, 0x8e, 0x07, 0x77, 0x70, 0x8f, 0x99, 0x94,
211 0xb1, 0xd5, 0xa7, 0xf9, 0x0d, 0xc7, 0x11, 0xc5, 0x6f, 0x4a, 0x4f, 0x56,
212 0xd5, 0xe2, 0x9c, 0xbb, 0x95, 0x7a, 0xd0, 0x9f, 0x30, 0x54, 0xca, 0x6d,
213 0x5c, 0x8e, 0x83, 0xa0, 0x04, 0x5e, 0xd0, 0x22, 0x8c, 0x2a, 0x7f, 0xdb,
214 0xfe, 0xb3, 0x2e, 0xae, 0x22, 0xe6, 0xf4, 0xb7};
215 const uint8_t server_expected_frame3[] = {
216 0x1f, 0x00, 0x00, 0x00, 0x06, 0x00, 0x00, 0x00, 0x33, 0x12, 0xab, 0x9d,
217 0x76, 0x2b, 0x5f, 0xab, 0xf3, 0x6d, 0xc4, 0xaa, 0xe5, 0x1e, 0x63, 0xc1,
218 0x7b, 0x7b, 0x10, 0xd5, 0x63, 0x0f, 0x29, 0xad, 0x17, 0x33, 0x73};
219 const size_t client_frame_size3 =
220 sizeof(client_expected_frame3) / sizeof(uint8_t);
221 const size_t server_frame_size3 =
222 sizeof(server_expected_frame3) / sizeof(uint8_t);
223 fixture = tsi_test_frame_protector_fixture_create();
224 alts_test_do_round_trip_check_frames(
225 fixture, key, kAes128GcmKeyLength, /*rekey=*/false, large_message,
226 large_message_size, client_expected_frame3, client_frame_size3,
227 reinterpret_cast<const uint8_t*>(small_message), small_message_size,
228 server_expected_frame3, server_frame_size3);
229 tsi_test_frame_protector_fixture_destroy(fixture);
230 /**
231 * Test large client message, small server message, and small
232 * read_buffer_allocated_size.
233 */
234 const uint8_t client_expected_frame4[] = {
235 0x94, 0x00, 0x00, 0x00, 0x06, 0x00, 0x00, 0x00, 0x93, 0x81, 0x86, 0xc7,
236 0xdc, 0xf4, 0x77, 0x3a, 0xdb, 0x91, 0x94, 0x61, 0xba, 0xed, 0xd5, 0x37,
237 0x47, 0x53, 0x0c, 0xe1, 0xbf, 0x59, 0x23, 0x20, 0xde, 0x8b, 0x25, 0x13,
238 0x72, 0xe7, 0x8a, 0x4f, 0x32, 0x61, 0xc6, 0xda, 0xc3, 0xe9, 0xff, 0x31,
239 0x33, 0x53, 0x4a, 0xf8, 0xc9, 0x98, 0xe4, 0x19, 0x71, 0x9c, 0x5e, 0x72,
240 0xc7, 0x35, 0x97, 0x78, 0x30, 0xf2, 0xc4, 0xd1, 0x53, 0xd5, 0x6e, 0x8f,
241 0x4f, 0xd9, 0x28, 0x5a, 0xfd, 0x22, 0x57, 0x7f, 0x95, 0xb4, 0x8a, 0x5e,
242 0x7c, 0x47, 0xa8, 0xcf, 0x64, 0x3d, 0x83, 0xa5, 0xcf, 0xc3, 0xfe, 0x54,
243 0xc2, 0x6a, 0x40, 0xc4, 0xfb, 0x8e, 0x07, 0x77, 0x70, 0x8f, 0x99, 0x94,
244 0xb1, 0xd5, 0xa7, 0xf9, 0x0d, 0xc7, 0x11, 0xc5, 0x6f, 0x4a, 0x4f, 0x56,
245 0xd5, 0xe2, 0x9c, 0xbb, 0x95, 0x7a, 0xd0, 0x9f, 0x30, 0x54, 0xca, 0x6d,
246 0x5c, 0x8e, 0x83, 0xa0, 0x04, 0x5e, 0xd0, 0x22, 0x8c, 0x2a, 0x7f, 0xdb,
247 0xfe, 0xb3, 0x2e, 0xae, 0x22, 0xe6, 0xf4, 0xb7};
248 const uint8_t server_expected_frame4[] = {
249 0x1f, 0x00, 0x00, 0x00, 0x06, 0x00, 0x00, 0x00, 0x33, 0x12, 0xab, 0x9d,
250 0x76, 0x2b, 0x5f, 0xab, 0xf3, 0x6d, 0xc4, 0xaa, 0xe5, 0x1e, 0x63, 0xc1,
251 0x7b, 0x7b, 0x10, 0xd5, 0x63, 0x0f, 0x29, 0xad, 0x17, 0x33, 0x73};
252 const size_t client_frame_size4 =
253 sizeof(client_expected_frame4) / sizeof(uint8_t);
254 const size_t server_frame_size4 =
255 sizeof(server_expected_frame4) / sizeof(uint8_t);
256 fixture = tsi_test_frame_protector_fixture_create();
257 alts_test_do_round_trip_check_frames(
258 fixture, key, kAes128GcmKeyLength, /*rekey=*/false, large_message,
259 large_message_size, client_expected_frame4, client_frame_size4,
260 reinterpret_cast<const uint8_t*>(small_message), small_message_size,
261 server_expected_frame4, server_frame_size4);
262 tsi_test_frame_protector_fixture_destroy(fixture);
263 /**
264 * Test large client message, small server message, and small
265 * client_max_output_protected_frame_size.
266 */
267 const uint8_t client_expected_frame5[] = {
268 0x94, 0x00, 0x00, 0x00, 0x06, 0x00, 0x00, 0x00, 0x93, 0x81, 0x86, 0xc7,
269 0xdc, 0xf4, 0x77, 0x3a, 0xdb, 0x91, 0x94, 0x61, 0xba, 0xed, 0xd5, 0x37,
270 0x47, 0x53, 0x0c, 0xe1, 0xbf, 0x59, 0x23, 0x20, 0xde, 0x8b, 0x25, 0x13,
271 0x72, 0xe7, 0x8a, 0x4f, 0x32, 0x61, 0xc6, 0xda, 0xc3, 0xe9, 0xff, 0x31,
272 0x33, 0x53, 0x4a, 0xf8, 0xc9, 0x98, 0xe4, 0x19, 0x71, 0x9c, 0x5e, 0x72,
273 0xc7, 0x35, 0x97, 0x78, 0x30, 0xf2, 0xc4, 0xd1, 0x53, 0xd5, 0x6e, 0x8f,
274 0x4f, 0xd9, 0x28, 0x5a, 0xfd, 0x22, 0x57, 0x7f, 0x95, 0xb4, 0x8a, 0x5e,
275 0x7c, 0x47, 0xa8, 0xcf, 0x64, 0x3d, 0x83, 0xa5, 0xcf, 0xc3, 0xfe, 0x54,
276 0xc2, 0x6a, 0x40, 0xc4, 0xfb, 0x8e, 0x07, 0x77, 0x70, 0x8f, 0x99, 0x94,
277 0xb1, 0xd5, 0xa7, 0xf9, 0x0d, 0xc7, 0x11, 0xc5, 0x6f, 0x4a, 0x4f, 0x56,
278 0xd5, 0xe2, 0x9c, 0xbb, 0x95, 0x7a, 0xd0, 0x9f, 0x30, 0x54, 0xca, 0x6d,
279 0x5c, 0x8e, 0x83, 0xa0, 0x04, 0x5e, 0xd0, 0x22, 0x8c, 0x2a, 0x7f, 0xdb,
280 0xfe, 0xb3, 0x2e, 0xae, 0x22, 0xe6, 0xf4, 0xb7};
281 const uint8_t server_expected_frame5[] = {
282 0x1f, 0x00, 0x00, 0x00, 0x06, 0x00, 0x00, 0x00, 0x33, 0x12, 0xab, 0x9d,
283 0x76, 0x2b, 0x5f, 0xab, 0xf3, 0x6d, 0xc4, 0xaa, 0xe5, 0x1e, 0x63, 0xc1,
284 0x7b, 0x7b, 0x10, 0xd5, 0x63, 0x0f, 0x29, 0xad, 0x17, 0x33, 0x73};
285 const size_t client_frame_size5 =
286 sizeof(client_expected_frame5) / sizeof(uint8_t);
287 const size_t server_frame_size5 =
288 sizeof(server_expected_frame5) / sizeof(uint8_t);
289 fixture = tsi_test_frame_protector_fixture_create();
290 alts_test_do_round_trip_check_frames(
291 fixture, key, kAes128GcmKeyLength, /*rekey=*/false, large_message,
292 large_message_size, client_expected_frame5, client_frame_size5,
293 reinterpret_cast<const uint8_t*>(small_message), small_message_size,
294 server_expected_frame5, server_frame_size5);
295 tsi_test_frame_protector_fixture_destroy(fixture);
296 /**
297 * Test small client message, large server message, and small
298 * server_max_output_protected_frame_size.
299 */
300 const uint8_t client_expected_frame6[] = {
301 0x1f, 0x00, 0x00, 0x00, 0x06, 0x00, 0x00, 0x00, 0x09, 0xd8, 0xd5, 0x92,
302 0x4d, 0x50, 0x32, 0xb7, 0x1f, 0xb8, 0xf2, 0xbb, 0x43, 0xc7, 0xe2, 0x94,
303 0x3d, 0x3e, 0x9a, 0x78, 0x76, 0xaa, 0x0a, 0x6b, 0xfa, 0x98, 0x3a};
304 const uint8_t server_expected_frame6[] = {
305 0x94, 0x00, 0x00, 0x00, 0x06, 0x00, 0x00, 0x00, 0xa9, 0x4b, 0xf8, 0xc8,
306 0xe7, 0x8f, 0x1a, 0x26, 0x37, 0x44, 0xa2, 0x5c, 0x55, 0x94, 0x30, 0x4e,
307 0x3e, 0x16, 0xe7, 0x9e, 0x96, 0xe8, 0x1b, 0xc0, 0xdd, 0x52, 0x30, 0x06,
308 0xc2, 0x72, 0x9a, 0xa1, 0x0b, 0xdb, 0xdc, 0x19, 0x8c, 0x93, 0x5e, 0x84,
309 0x1f, 0x4b, 0x97, 0x26, 0xf0, 0x73, 0x85, 0x59, 0x00, 0x95, 0xc1, 0xc5,
310 0x22, 0x2f, 0x70, 0x85, 0x68, 0x2c, 0x4f, 0xfe, 0x30, 0x26, 0x91, 0xde,
311 0x62, 0x55, 0x1d, 0x35, 0x01, 0x96, 0x1c, 0xe7, 0xa2, 0x8b, 0x14, 0x8a,
312 0x5e, 0x1b, 0x4a, 0x3b, 0x4f, 0x65, 0x0f, 0xca, 0x79, 0x10, 0xb4, 0xdd,
313 0xf7, 0xa4, 0x8b, 0x64, 0x2f, 0x00, 0x39, 0x60, 0x03, 0xfc, 0xe1, 0x8b,
314 0x5c, 0x19, 0xba, 0xcc, 0x46, 0xba, 0x88, 0xdd, 0x40, 0x42, 0x27, 0x4f,
315 0xe4, 0x1a, 0x6a, 0x31, 0x6c, 0x1c, 0xb0, 0xb6, 0x5c, 0x3e, 0xca, 0x84,
316 0x9b, 0x5f, 0x04, 0x84, 0x11, 0xa9, 0xf8, 0x39, 0xe7, 0xe7, 0xc5, 0xc4,
317 0x33, 0x9f, 0x63, 0x21, 0x9a, 0x7c, 0x9c, 0x64};
318 const size_t client_frame_size6 =
319 sizeof(client_expected_frame6) / sizeof(uint8_t);
320 const size_t server_frame_size6 =
321 sizeof(server_expected_frame6) / sizeof(uint8_t);
322 fixture = tsi_test_frame_protector_fixture_create();
323 alts_test_do_round_trip_check_frames(
324 fixture, key, kAes128GcmKeyLength, /*rekey=*/false,
325 reinterpret_cast<const uint8_t*>(small_message), small_message_size,
326 client_expected_frame6, client_frame_size6, large_message,
327 large_message_size, server_expected_frame6, server_frame_size6);
328 tsi_test_frame_protector_fixture_destroy(fixture);
329 }
330
alts_test_do_round_trip(tsi_test_frame_protector_fixture * fixture,bool rekey)331 static void alts_test_do_round_trip(tsi_test_frame_protector_fixture* fixture,
332 bool rekey) {
333 GPR_ASSERT(fixture != nullptr);
334 GPR_ASSERT(fixture->config != nullptr);
335 tsi_frame_protector* client_frame_protector = nullptr;
336 tsi_frame_protector* server_frame_protector = nullptr;
337 tsi_test_frame_protector_config* config = fixture->config;
338 /* Create a key to be used by both client and server. */
339 uint8_t* key = nullptr;
340 size_t key_length = rekey ? kAes128GcmRekeyKeyLength : kAes128GcmKeyLength;
341 gsec_test_random_array(&key, key_length);
342 /* Create a client frame protector. */
343 size_t client_max_output_protected_frame_size =
344 config->client_max_output_protected_frame_size;
345 GPR_ASSERT(
346 alts_create_frame_protector(key, key_length, /*is_client=*/true, rekey,
347 client_max_output_protected_frame_size == 0
348 ? nullptr
349 : &client_max_output_protected_frame_size,
350 &client_frame_protector) == TSI_OK);
351 /* Create a server frame protector. */
352 size_t server_max_output_protected_frame_size =
353 config->server_max_output_protected_frame_size;
354 GPR_ASSERT(
355 alts_create_frame_protector(key, key_length, /*is_client=*/false, rekey,
356 server_max_output_protected_frame_size == 0
357 ? nullptr
358 : &server_max_output_protected_frame_size,
359 &server_frame_protector) == TSI_OK);
360 tsi_test_frame_protector_fixture_init(fixture, client_frame_protector,
361 server_frame_protector);
362 tsi_test_frame_protector_do_round_trip_no_handshake(fixture);
363 gpr_free(key);
364 }
365
366 /* Run all combinations of different arguments of test config. */
alts_test_do_round_trip_all(bool rekey)367 static void alts_test_do_round_trip_all(bool rekey) {
368 unsigned int* bit_array = static_cast<unsigned int*>(
369 gpr_malloc(sizeof(unsigned int) * TSI_TEST_NUM_OF_ARGUMENTS));
370 unsigned int mask = 1U << (TSI_TEST_NUM_OF_ARGUMENTS - 1);
371 unsigned int val = 0, ind = 0;
372 for (val = 0; val < TSI_TEST_NUM_OF_COMBINATIONS; val++) {
373 unsigned int v = val;
374 for (ind = 0; ind < TSI_TEST_NUM_OF_ARGUMENTS; ind++) {
375 bit_array[ind] = (v & mask) ? 1 : 0;
376 v <<= 1;
377 }
378 tsi_test_frame_protector_fixture* fixture =
379 tsi_test_frame_protector_fixture_create();
380 tsi_test_frame_protector_config_destroy(fixture->config);
381 fixture->config = tsi_test_frame_protector_config_create(
382 bit_array[0], bit_array[1], bit_array[2], bit_array[3], bit_array[4],
383 bit_array[5], bit_array[6]);
384 alts_test_do_round_trip(fixture, rekey);
385 tsi_test_frame_protector_fixture_destroy(fixture);
386 }
387 gpr_free(bit_array);
388 }
389
main(int,char **)390 int main(int /*argc*/, char** /*argv*/) {
391 alts_test_do_round_trip_vector_tests();
392 alts_test_do_round_trip_all(/*rekey=*/false);
393 alts_test_do_round_trip_all(/*rekey=*/true);
394 return 0;
395 }
396