1 /*
2 * Copyright 2011 The WebRTC Project Authors. All rights reserved.
3 *
4 * Use of this source code is governed by a BSD-style license
5 * that can be found in the LICENSE file in the root of the source
6 * tree. An additional intellectual property rights grant can be found
7 * in the file PATENTS. All contributing project authors may
8 * be found in the AUTHORS file in the root of the source tree.
9 */
10
11
12 #include <algorithm>
13 #include <set>
14 #include <string>
15
16 #include "webrtc/base/gunit.h"
17 #include "webrtc/base/helpers.h"
18 #include "webrtc/base/scoped_ptr.h"
19 #include "webrtc/base/ssladapter.h"
20 #include "webrtc/base/sslconfig.h"
21 #include "webrtc/base/sslidentity.h"
22 #include "webrtc/base/sslstreamadapter.h"
23 #include "webrtc/base/stream.h"
24 #include "webrtc/test/testsupport/gtest_disable.h"
25
26 static const int kBlockSize = 4096;
27 static const char kAES_CM_HMAC_SHA1_80[] = "AES_CM_128_HMAC_SHA1_80";
28 static const char kAES_CM_HMAC_SHA1_32[] = "AES_CM_128_HMAC_SHA1_32";
29 static const char kExporterLabel[] = "label";
30 static const unsigned char kExporterContext[] = "context";
31 static int kExporterContextLen = sizeof(kExporterContext);
32
33 static const char kRSA_PRIVATE_KEY_PEM[] =
34 "-----BEGIN RSA PRIVATE KEY-----\n"
35 "MIICdwIBADANBgkqhkiG9w0BAQEFAASCAmEwggJdAgEAAoGBAMYRkbhmI7kVA/rM\n"
36 "czsZ+6JDhDvnkF+vn6yCAGuRPV03zuRqZtDy4N4to7PZu9PjqrRl7nDMXrG3YG9y\n"
37 "rlIAZ72KjcKKFAJxQyAKLCIdawKRyp8RdK3LEySWEZb0AV58IadqPZDTNHHRX8dz\n"
38 "5aTSMsbbkZ+C/OzTnbiMqLL/vg6jAgMBAAECgYAvgOs4FJcgvp+TuREx7YtiYVsH\n"
39 "mwQPTum2z/8VzWGwR8BBHBvIpVe1MbD/Y4seyI2aco/7UaisatSgJhsU46/9Y4fq\n"
40 "2TwXH9QANf4at4d9n/R6rzwpAJOpgwZgKvdQjkfrKTtgLV+/dawvpxUYkRH4JZM1\n"
41 "CVGukMfKNrSVH4Ap4QJBAOJmGV1ASPnB4r4nc99at7JuIJmd7fmuVUwUgYi4XgaR\n"
42 "WhScBsgYwZ/JoywdyZJgnbcrTDuVcWG56B3vXbhdpMsCQQDf9zeJrjnPZ3Cqm79y\n"
43 "kdqANep0uwZciiNiWxsQrCHztywOvbFhdp8iYVFG9EK8DMY41Y5TxUwsHD+67zao\n"
44 "ZNqJAkEA1suLUP/GvL8IwuRneQd2tWDqqRQ/Td3qq03hP7e77XtF/buya3Ghclo5\n"
45 "54czUR89QyVfJEC6278nzA7n2h1uVQJAcG6mztNL6ja/dKZjYZye2CY44QjSlLo0\n"
46 "MTgTSjdfg/28fFn2Jjtqf9Pi/X+50LWI/RcYMC2no606wRk9kyOuIQJBAK6VSAim\n"
47 "1pOEjsYQn0X5KEIrz1G3bfCbB848Ime3U2/FWlCHMr6ch8kCZ5d1WUeJD3LbwMNG\n"
48 "UCXiYxSsu20QNVw=\n"
49 "-----END RSA PRIVATE KEY-----\n";
50
51 static const char kCERT_PEM[] =
52 "-----BEGIN CERTIFICATE-----\n"
53 "MIIBmTCCAQKgAwIBAgIEbzBSAjANBgkqhkiG9w0BAQsFADARMQ8wDQYDVQQDEwZX\n"
54 "ZWJSVEMwHhcNMTQwMTAyMTgyNDQ3WhcNMTQwMjAxMTgyNDQ3WjARMQ8wDQYDVQQD\n"
55 "EwZXZWJSVEMwgZ8wDQYJKoZIhvcNAQEBBQADgY0AMIGJAoGBAMYRkbhmI7kVA/rM\n"
56 "czsZ+6JDhDvnkF+vn6yCAGuRPV03zuRqZtDy4N4to7PZu9PjqrRl7nDMXrG3YG9y\n"
57 "rlIAZ72KjcKKFAJxQyAKLCIdawKRyp8RdK3LEySWEZb0AV58IadqPZDTNHHRX8dz\n"
58 "5aTSMsbbkZ+C/OzTnbiMqLL/vg6jAgMBAAEwDQYJKoZIhvcNAQELBQADgYEAUflI\n"
59 "VUe5Krqf5RVa5C3u/UTAOAUJBiDS3VANTCLBxjuMsvqOG0WvaYWP3HYPgrz0jXK2\n"
60 "LJE/mGw3MyFHEqi81jh95J+ypl6xKW6Rm8jKLR87gUvCaVYn/Z4/P3AqcQTB7wOv\n"
61 "UD0A8qfhfDM+LK6rPAnCsVN0NRDY3jvd6rzix9M=\n"
62 "-----END CERTIFICATE-----\n";
63
64 #define MAYBE_SKIP_TEST(feature) \
65 if (!(rtc::SSLStreamAdapter::feature())) { \
66 LOG(LS_INFO) << "Feature disabled... skipping"; \
67 return; \
68 }
69
70 class SSLStreamAdapterTestBase;
71
72 class SSLDummyStream : public rtc::StreamInterface,
73 public sigslot::has_slots<> {
74 public:
SSLDummyStream(SSLStreamAdapterTestBase * test,const std::string & side,rtc::FifoBuffer * in,rtc::FifoBuffer * out)75 explicit SSLDummyStream(SSLStreamAdapterTestBase *test,
76 const std::string &side,
77 rtc::FifoBuffer *in,
78 rtc::FifoBuffer *out) :
79 test_(test),
80 side_(side),
81 in_(in),
82 out_(out),
83 first_packet_(true) {
84 in_->SignalEvent.connect(this, &SSLDummyStream::OnEventIn);
85 out_->SignalEvent.connect(this, &SSLDummyStream::OnEventOut);
86 }
87
GetState() const88 virtual rtc::StreamState GetState() const { return rtc::SS_OPEN; }
89
Read(void * buffer,size_t buffer_len,size_t * read,int * error)90 virtual rtc::StreamResult Read(void* buffer, size_t buffer_len,
91 size_t* read, int* error) {
92 rtc::StreamResult r;
93
94 r = in_->Read(buffer, buffer_len, read, error);
95 if (r == rtc::SR_BLOCK)
96 return rtc::SR_BLOCK;
97 if (r == rtc::SR_EOS)
98 return rtc::SR_EOS;
99
100 if (r != rtc::SR_SUCCESS) {
101 ADD_FAILURE();
102 return rtc::SR_ERROR;
103 }
104
105 return rtc::SR_SUCCESS;
106 }
107
108 // Catch readability events on in and pass them up.
OnEventIn(rtc::StreamInterface * stream,int sig,int err)109 virtual void OnEventIn(rtc::StreamInterface *stream, int sig,
110 int err) {
111 int mask = (rtc::SE_READ | rtc::SE_CLOSE);
112
113 if (sig & mask) {
114 LOG(LS_INFO) << "SSLDummyStream::OnEvent side=" << side_ << " sig="
115 << sig << " forwarding upward";
116 PostEvent(sig & mask, 0);
117 }
118 }
119
120 // Catch writeability events on out and pass them up.
OnEventOut(rtc::StreamInterface * stream,int sig,int err)121 virtual void OnEventOut(rtc::StreamInterface *stream, int sig,
122 int err) {
123 if (sig & rtc::SE_WRITE) {
124 LOG(LS_INFO) << "SSLDummyStream::OnEvent side=" << side_ << " sig="
125 << sig << " forwarding upward";
126
127 PostEvent(sig & rtc::SE_WRITE, 0);
128 }
129 }
130
131 // Write to the outgoing FifoBuffer
WriteData(const void * data,size_t data_len,size_t * written,int * error)132 rtc::StreamResult WriteData(const void* data, size_t data_len,
133 size_t* written, int* error) {
134 return out_->Write(data, data_len, written, error);
135 }
136
137 // Defined later
138 virtual rtc::StreamResult Write(const void* data, size_t data_len,
139 size_t* written, int* error);
140
Close()141 virtual void Close() {
142 LOG(LS_INFO) << "Closing outbound stream";
143 out_->Close();
144 }
145
146 private:
147 SSLStreamAdapterTestBase *test_;
148 const std::string side_;
149 rtc::FifoBuffer *in_;
150 rtc::FifoBuffer *out_;
151 bool first_packet_;
152 };
153
154 static const int kFifoBufferSize = 4096;
155
156 class SSLStreamAdapterTestBase : public testing::Test,
157 public sigslot::has_slots<> {
158 public:
SSLStreamAdapterTestBase(const std::string & client_cert_pem,const std::string & client_private_key_pem,bool dtls)159 SSLStreamAdapterTestBase(const std::string& client_cert_pem,
160 const std::string& client_private_key_pem,
161 bool dtls) :
162 client_buffer_(kFifoBufferSize), server_buffer_(kFifoBufferSize),
163 client_stream_(
164 new SSLDummyStream(this, "c2s", &client_buffer_, &server_buffer_)),
165 server_stream_(
166 new SSLDummyStream(this, "s2c", &server_buffer_, &client_buffer_)),
167 client_ssl_(rtc::SSLStreamAdapter::Create(client_stream_)),
168 server_ssl_(rtc::SSLStreamAdapter::Create(server_stream_)),
169 client_identity_(NULL), server_identity_(NULL),
170 delay_(0), mtu_(1460), loss_(0), lose_first_packet_(false),
171 damage_(false), dtls_(dtls),
172 handshake_wait_(5000), identities_set_(false) {
173 // Set use of the test RNG to get predictable loss patterns.
174 rtc::SetRandomTestMode(true);
175
176 // Set up the slots
177 client_ssl_->SignalEvent.connect(this, &SSLStreamAdapterTestBase::OnEvent);
178 server_ssl_->SignalEvent.connect(this, &SSLStreamAdapterTestBase::OnEvent);
179
180 if (!client_cert_pem.empty() && !client_private_key_pem.empty()) {
181 client_identity_ = rtc::SSLIdentity::FromPEMStrings(
182 client_private_key_pem, client_cert_pem);
183 } else {
184 client_identity_ = rtc::SSLIdentity::Generate("client");
185 }
186 server_identity_ = rtc::SSLIdentity::Generate("server");
187
188 client_ssl_->SetIdentity(client_identity_);
189 server_ssl_->SetIdentity(server_identity_);
190 }
191
~SSLStreamAdapterTestBase()192 ~SSLStreamAdapterTestBase() {
193 // Put it back for the next test.
194 rtc::SetRandomTestMode(false);
195 }
196
197 // Recreate the client/server identities with the specified validity period.
198 // |not_before| and |not_after| are offsets from the current time in number
199 // of seconds.
ResetIdentitiesWithValidity(int not_before,int not_after)200 void ResetIdentitiesWithValidity(int not_before, int not_after) {
201 client_stream_ =
202 new SSLDummyStream(this, "c2s", &client_buffer_, &server_buffer_);
203 server_stream_ =
204 new SSLDummyStream(this, "s2c", &server_buffer_, &client_buffer_);
205
206 client_ssl_.reset(rtc::SSLStreamAdapter::Create(client_stream_));
207 server_ssl_.reset(rtc::SSLStreamAdapter::Create(server_stream_));
208
209 client_ssl_->SignalEvent.connect(this, &SSLStreamAdapterTestBase::OnEvent);
210 server_ssl_->SignalEvent.connect(this, &SSLStreamAdapterTestBase::OnEvent);
211
212 rtc::SSLIdentityParams client_params;
213 client_params.common_name = "client";
214 client_params.not_before = not_before;
215 client_params.not_after = not_after;
216 client_identity_ = rtc::SSLIdentity::GenerateForTest(client_params);
217
218 rtc::SSLIdentityParams server_params;
219 server_params.common_name = "server";
220 server_params.not_before = not_before;
221 server_params.not_after = not_after;
222 server_identity_ = rtc::SSLIdentity::GenerateForTest(server_params);
223
224 client_ssl_->SetIdentity(client_identity_);
225 server_ssl_->SetIdentity(server_identity_);
226 }
227
OnEvent(rtc::StreamInterface * stream,int sig,int err)228 virtual void OnEvent(rtc::StreamInterface *stream, int sig, int err) {
229 LOG(LS_INFO) << "SSLStreamAdapterTestBase::OnEvent sig=" << sig;
230
231 if (sig & rtc::SE_READ) {
232 ReadData(stream);
233 }
234
235 if ((stream == client_ssl_.get()) && (sig & rtc::SE_WRITE)) {
236 WriteData();
237 }
238 }
239
SetPeerIdentitiesByDigest(bool correct)240 void SetPeerIdentitiesByDigest(bool correct) {
241 unsigned char digest[20];
242 size_t digest_len;
243 bool rv;
244
245 LOG(LS_INFO) << "Setting peer identities by digest";
246
247 rv = server_identity_->certificate().ComputeDigest(rtc::DIGEST_SHA_1,
248 digest, 20,
249 &digest_len);
250 ASSERT_TRUE(rv);
251 if (!correct) {
252 LOG(LS_INFO) << "Setting bogus digest for server cert";
253 digest[0]++;
254 }
255 rv = client_ssl_->SetPeerCertificateDigest(rtc::DIGEST_SHA_1, digest,
256 digest_len);
257 ASSERT_TRUE(rv);
258
259
260 rv = client_identity_->certificate().ComputeDigest(rtc::DIGEST_SHA_1,
261 digest, 20, &digest_len);
262 ASSERT_TRUE(rv);
263 if (!correct) {
264 LOG(LS_INFO) << "Setting bogus digest for client cert";
265 digest[0]++;
266 }
267 rv = server_ssl_->SetPeerCertificateDigest(rtc::DIGEST_SHA_1, digest,
268 digest_len);
269 ASSERT_TRUE(rv);
270
271 identities_set_ = true;
272 }
273
TestHandshake(bool expect_success=true)274 void TestHandshake(bool expect_success = true) {
275 server_ssl_->SetMode(dtls_ ? rtc::SSL_MODE_DTLS :
276 rtc::SSL_MODE_TLS);
277 client_ssl_->SetMode(dtls_ ? rtc::SSL_MODE_DTLS :
278 rtc::SSL_MODE_TLS);
279
280 if (!dtls_) {
281 // Make sure we simulate a reliable network for TLS.
282 // This is just a check to make sure that people don't write wrong
283 // tests.
284 ASSERT((mtu_ == 1460) && (loss_ == 0) && (lose_first_packet_ == 0));
285 }
286
287 if (!identities_set_)
288 SetPeerIdentitiesByDigest(true);
289
290 // Start the handshake
291 int rv;
292
293 server_ssl_->SetServerRole();
294 rv = server_ssl_->StartSSLWithPeer();
295 ASSERT_EQ(0, rv);
296
297 rv = client_ssl_->StartSSLWithPeer();
298 ASSERT_EQ(0, rv);
299
300 // Now run the handshake
301 if (expect_success) {
302 EXPECT_TRUE_WAIT((client_ssl_->GetState() == rtc::SS_OPEN)
303 && (server_ssl_->GetState() == rtc::SS_OPEN),
304 handshake_wait_);
305 } else {
306 EXPECT_TRUE_WAIT(client_ssl_->GetState() == rtc::SS_CLOSED,
307 handshake_wait_);
308 }
309 }
310
DataWritten(SSLDummyStream * from,const void * data,size_t data_len,size_t * written,int * error)311 rtc::StreamResult DataWritten(SSLDummyStream *from, const void *data,
312 size_t data_len, size_t *written,
313 int *error) {
314 // Randomly drop loss_ percent of packets
315 if (rtc::CreateRandomId() % 100 < static_cast<uint32>(loss_)) {
316 LOG(LS_INFO) << "Randomly dropping packet, size=" << data_len;
317 *written = data_len;
318 return rtc::SR_SUCCESS;
319 }
320 if (dtls_ && (data_len > mtu_)) {
321 LOG(LS_INFO) << "Dropping packet > mtu, size=" << data_len;
322 *written = data_len;
323 return rtc::SR_SUCCESS;
324 }
325
326 // Optionally damage application data (type 23). Note that we don't damage
327 // handshake packets and we damage the last byte to keep the header
328 // intact but break the MAC.
329 if (damage_ && (*static_cast<const unsigned char *>(data) == 23)) {
330 std::vector<char> buf(data_len);
331
332 LOG(LS_INFO) << "Damaging packet";
333
334 memcpy(&buf[0], data, data_len);
335 buf[data_len - 1]++;
336
337 return from->WriteData(&buf[0], data_len, written, error);
338 }
339
340 return from->WriteData(data, data_len, written, error);
341 }
342
SetDelay(int delay)343 void SetDelay(int delay) {
344 delay_ = delay;
345 }
GetDelay()346 int GetDelay() { return delay_; }
347
SetLoseFirstPacket(bool lose)348 void SetLoseFirstPacket(bool lose) {
349 lose_first_packet_ = lose;
350 }
GetLoseFirstPacket()351 bool GetLoseFirstPacket() { return lose_first_packet_; }
352
SetLoss(int percent)353 void SetLoss(int percent) {
354 loss_ = percent;
355 }
356
SetDamage()357 void SetDamage() {
358 damage_ = true;
359 }
360
SetMtu(size_t mtu)361 void SetMtu(size_t mtu) {
362 mtu_ = mtu;
363 }
364
SetHandshakeWait(int wait)365 void SetHandshakeWait(int wait) {
366 handshake_wait_ = wait;
367 }
368
SetDtlsSrtpCiphers(const std::vector<std::string> & ciphers,bool client)369 void SetDtlsSrtpCiphers(const std::vector<std::string> &ciphers,
370 bool client) {
371 if (client)
372 client_ssl_->SetDtlsSrtpCiphers(ciphers);
373 else
374 server_ssl_->SetDtlsSrtpCiphers(ciphers);
375 }
376
GetDtlsSrtpCipher(bool client,std::string * retval)377 bool GetDtlsSrtpCipher(bool client, std::string *retval) {
378 if (client)
379 return client_ssl_->GetDtlsSrtpCipher(retval);
380 else
381 return server_ssl_->GetDtlsSrtpCipher(retval);
382 }
383
GetPeerCertificate(bool client,rtc::SSLCertificate ** cert)384 bool GetPeerCertificate(bool client, rtc::SSLCertificate** cert) {
385 if (client)
386 return client_ssl_->GetPeerCertificate(cert);
387 else
388 return server_ssl_->GetPeerCertificate(cert);
389 }
390
GetSslCipher(bool client,std::string * retval)391 bool GetSslCipher(bool client, std::string *retval) {
392 if (client)
393 return client_ssl_->GetSslCipher(retval);
394 else
395 return server_ssl_->GetSslCipher(retval);
396 }
397
ExportKeyingMaterial(const char * label,const unsigned char * context,size_t context_len,bool use_context,bool client,unsigned char * result,size_t result_len)398 bool ExportKeyingMaterial(const char *label,
399 const unsigned char *context,
400 size_t context_len,
401 bool use_context,
402 bool client,
403 unsigned char *result,
404 size_t result_len) {
405 if (client)
406 return client_ssl_->ExportKeyingMaterial(label,
407 context, context_len,
408 use_context,
409 result, result_len);
410 else
411 return server_ssl_->ExportKeyingMaterial(label,
412 context, context_len,
413 use_context,
414 result, result_len);
415 }
416
417 // To be implemented by subclasses.
418 virtual void WriteData() = 0;
419 virtual void ReadData(rtc::StreamInterface *stream) = 0;
420 virtual void TestTransfer(int size) = 0;
421
422 protected:
423 rtc::FifoBuffer client_buffer_;
424 rtc::FifoBuffer server_buffer_;
425 SSLDummyStream *client_stream_; // freed by client_ssl_ destructor
426 SSLDummyStream *server_stream_; // freed by server_ssl_ destructor
427 rtc::scoped_ptr<rtc::SSLStreamAdapter> client_ssl_;
428 rtc::scoped_ptr<rtc::SSLStreamAdapter> server_ssl_;
429 rtc::SSLIdentity *client_identity_; // freed by client_ssl_ destructor
430 rtc::SSLIdentity *server_identity_; // freed by server_ssl_ destructor
431 int delay_;
432 size_t mtu_;
433 int loss_;
434 bool lose_first_packet_;
435 bool damage_;
436 bool dtls_;
437 int handshake_wait_;
438 bool identities_set_;
439 };
440
441 class SSLStreamAdapterTestTLS : public SSLStreamAdapterTestBase {
442 public:
SSLStreamAdapterTestTLS()443 SSLStreamAdapterTestTLS() :
444 SSLStreamAdapterTestBase("", "", false) {
445 };
446
447 // Test data transfer for TLS
TestTransfer(int size)448 virtual void TestTransfer(int size) {
449 LOG(LS_INFO) << "Starting transfer test with " << size << " bytes";
450 // Create some dummy data to send.
451 size_t received;
452
453 send_stream_.ReserveSize(size);
454 for (int i = 0; i < size; ++i) {
455 char ch = static_cast<char>(i);
456 send_stream_.Write(&ch, 1, NULL, NULL);
457 }
458 send_stream_.Rewind();
459
460 // Prepare the receive stream.
461 recv_stream_.ReserveSize(size);
462
463 // Start sending
464 WriteData();
465
466 // Wait for the client to close
467 EXPECT_TRUE_WAIT(server_ssl_->GetState() == rtc::SS_CLOSED, 10000);
468
469 // Now check the data
470 recv_stream_.GetSize(&received);
471
472 EXPECT_EQ(static_cast<size_t>(size), received);
473 EXPECT_EQ(0, memcmp(send_stream_.GetBuffer(),
474 recv_stream_.GetBuffer(), size));
475 }
476
WriteData()477 void WriteData() {
478 size_t position, tosend, size;
479 rtc::StreamResult rv;
480 size_t sent;
481 char block[kBlockSize];
482
483 send_stream_.GetSize(&size);
484 if (!size)
485 return;
486
487 for (;;) {
488 send_stream_.GetPosition(&position);
489 if (send_stream_.Read(block, sizeof(block), &tosend, NULL) !=
490 rtc::SR_EOS) {
491 rv = client_ssl_->Write(block, tosend, &sent, 0);
492
493 if (rv == rtc::SR_SUCCESS) {
494 send_stream_.SetPosition(position + sent);
495 LOG(LS_VERBOSE) << "Sent: " << position + sent;
496 } else if (rv == rtc::SR_BLOCK) {
497 LOG(LS_VERBOSE) << "Blocked...";
498 send_stream_.SetPosition(position);
499 break;
500 } else {
501 ADD_FAILURE();
502 break;
503 }
504 } else {
505 // Now close
506 LOG(LS_INFO) << "Wrote " << position << " bytes. Closing";
507 client_ssl_->Close();
508 break;
509 }
510 }
511 };
512
ReadData(rtc::StreamInterface * stream)513 virtual void ReadData(rtc::StreamInterface *stream) {
514 char buffer[1600];
515 size_t bread;
516 int err2;
517 rtc::StreamResult r;
518
519 for (;;) {
520 r = stream->Read(buffer, sizeof(buffer), &bread, &err2);
521
522 if (r == rtc::SR_ERROR || r == rtc::SR_EOS) {
523 // Unfortunately, errors are the way that the stream adapter
524 // signals close in OpenSSL
525 stream->Close();
526 return;
527 }
528
529 if (r == rtc::SR_BLOCK)
530 break;
531
532 ASSERT_EQ(rtc::SR_SUCCESS, r);
533 LOG(LS_INFO) << "Read " << bread;
534
535 recv_stream_.Write(buffer, bread, NULL, NULL);
536 }
537 }
538
539 private:
540 rtc::MemoryStream send_stream_;
541 rtc::MemoryStream recv_stream_;
542 };
543
544 class SSLStreamAdapterTestDTLS : public SSLStreamAdapterTestBase {
545 public:
SSLStreamAdapterTestDTLS()546 SSLStreamAdapterTestDTLS() :
547 SSLStreamAdapterTestBase("", "", true),
548 packet_size_(1000), count_(0), sent_(0) {
549 }
550
SSLStreamAdapterTestDTLS(const std::string & cert_pem,const std::string & private_key_pem)551 SSLStreamAdapterTestDTLS(const std::string& cert_pem,
552 const std::string& private_key_pem) :
553 SSLStreamAdapterTestBase(cert_pem, private_key_pem, true),
554 packet_size_(1000), count_(0), sent_(0) {
555 }
556
WriteData()557 virtual void WriteData() {
558 unsigned char *packet = new unsigned char[1600];
559
560 do {
561 memset(packet, sent_ & 0xff, packet_size_);
562 *(reinterpret_cast<uint32_t *>(packet)) = sent_;
563
564 size_t sent;
565 int rv = client_ssl_->Write(packet, packet_size_, &sent, 0);
566 if (rv == rtc::SR_SUCCESS) {
567 LOG(LS_VERBOSE) << "Sent: " << sent_;
568 sent_++;
569 } else if (rv == rtc::SR_BLOCK) {
570 LOG(LS_VERBOSE) << "Blocked...";
571 break;
572 } else {
573 ADD_FAILURE();
574 break;
575 }
576 } while (sent_ < count_);
577
578 delete [] packet;
579 }
580
ReadData(rtc::StreamInterface * stream)581 virtual void ReadData(rtc::StreamInterface *stream) {
582 unsigned char buffer[2000];
583 size_t bread;
584 int err2;
585 rtc::StreamResult r;
586
587 for (;;) {
588 r = stream->Read(buffer, 2000, &bread, &err2);
589
590 if (r == rtc::SR_ERROR) {
591 // Unfortunately, errors are the way that the stream adapter
592 // signals close right now
593 stream->Close();
594 return;
595 }
596
597 if (r == rtc::SR_BLOCK)
598 break;
599
600 ASSERT_EQ(rtc::SR_SUCCESS, r);
601 LOG(LS_INFO) << "Read " << bread;
602
603 // Now parse the datagram
604 ASSERT_EQ(packet_size_, bread);
605 unsigned char* ptr_to_buffer = buffer;
606 uint32_t packet_num = *(reinterpret_cast<uint32_t *>(ptr_to_buffer));
607
608 for (size_t i = 4; i < packet_size_; i++) {
609 ASSERT_EQ((packet_num & 0xff), buffer[i]);
610 }
611 received_.insert(packet_num);
612 }
613 }
614
TestTransfer(int count)615 virtual void TestTransfer(int count) {
616 count_ = count;
617
618 WriteData();
619
620 EXPECT_TRUE_WAIT(sent_ == count_, 10000);
621 LOG(LS_INFO) << "sent_ == " << sent_;
622
623 if (damage_) {
624 WAIT(false, 2000);
625 EXPECT_EQ(0U, received_.size());
626 } else if (loss_ == 0) {
627 EXPECT_EQ_WAIT(static_cast<size_t>(sent_), received_.size(), 1000);
628 } else {
629 LOG(LS_INFO) << "Sent " << sent_ << " packets; received " <<
630 received_.size();
631 }
632 };
633
634 private:
635 size_t packet_size_;
636 int count_;
637 int sent_;
638 std::set<int> received_;
639 };
640
641
Write(const void * data,size_t data_len,size_t * written,int * error)642 rtc::StreamResult SSLDummyStream::Write(const void* data, size_t data_len,
643 size_t* written, int* error) {
644 *written = data_len;
645
646 LOG(LS_INFO) << "Writing to loopback " << data_len;
647
648 if (first_packet_) {
649 first_packet_ = false;
650 if (test_->GetLoseFirstPacket()) {
651 LOG(LS_INFO) << "Losing initial packet of length " << data_len;
652 return rtc::SR_SUCCESS;
653 }
654 }
655
656 return test_->DataWritten(this, data, data_len, written, error);
657
658 return rtc::SR_SUCCESS;
659 };
660
661 class SSLStreamAdapterTestDTLSFromPEMStrings : public SSLStreamAdapterTestDTLS {
662 public:
SSLStreamAdapterTestDTLSFromPEMStrings()663 SSLStreamAdapterTestDTLSFromPEMStrings() :
664 SSLStreamAdapterTestDTLS(kCERT_PEM, kRSA_PRIVATE_KEY_PEM) {
665 }
666 };
667
668 // Basic tests: TLS
669
670 // Test that we cannot read/write if we have not yet handshaked.
671 // This test only applies to NSS because OpenSSL has passthrough
672 // semantics for I/O before the handshake is started.
673 #if SSL_USE_NSS
TEST_F(SSLStreamAdapterTestTLS,TestNoReadWriteBeforeConnect)674 TEST_F(SSLStreamAdapterTestTLS, TestNoReadWriteBeforeConnect) {
675 rtc::StreamResult rv;
676 char block[kBlockSize];
677 size_t dummy;
678
679 rv = client_ssl_->Write(block, sizeof(block), &dummy, NULL);
680 ASSERT_EQ(rtc::SR_BLOCK, rv);
681
682 rv = client_ssl_->Read(block, sizeof(block), &dummy, NULL);
683 ASSERT_EQ(rtc::SR_BLOCK, rv);
684 }
685 #endif
686
687
688 // Test that we can make a handshake work
TEST_F(SSLStreamAdapterTestTLS,TestTLSConnect)689 TEST_F(SSLStreamAdapterTestTLS, TestTLSConnect) {
690 TestHandshake();
691 };
692
693 // Test that closing the connection on one side updates the other side.
TEST_F(SSLStreamAdapterTestTLS,TestTLSClose)694 TEST_F(SSLStreamAdapterTestTLS, TestTLSClose) {
695 TestHandshake();
696 client_ssl_->Close();
697 EXPECT_EQ_WAIT(rtc::SS_CLOSED, server_ssl_->GetState(), handshake_wait_);
698 };
699
700 // Test transfer -- trivial
TEST_F(SSLStreamAdapterTestTLS,TestTLSTransfer)701 TEST_F(SSLStreamAdapterTestTLS, TestTLSTransfer) {
702 TestHandshake();
703 TestTransfer(100000);
704 };
705
706 // Test read-write after close.
TEST_F(SSLStreamAdapterTestTLS,ReadWriteAfterClose)707 TEST_F(SSLStreamAdapterTestTLS, ReadWriteAfterClose) {
708 TestHandshake();
709 TestTransfer(100000);
710 client_ssl_->Close();
711
712 rtc::StreamResult rv;
713 char block[kBlockSize];
714 size_t dummy;
715
716 // It's an error to write after closed.
717 rv = client_ssl_->Write(block, sizeof(block), &dummy, NULL);
718 ASSERT_EQ(rtc::SR_ERROR, rv);
719
720 // But after closed read gives you EOS.
721 rv = client_ssl_->Read(block, sizeof(block), &dummy, NULL);
722 ASSERT_EQ(rtc::SR_EOS, rv);
723 };
724
725 // Test a handshake with a bogus peer digest
TEST_F(SSLStreamAdapterTestTLS,TestTLSBogusDigest)726 TEST_F(SSLStreamAdapterTestTLS, TestTLSBogusDigest) {
727 SetPeerIdentitiesByDigest(false);
728 TestHandshake(false);
729 };
730
731 // Test moving a bunch of data
732
733 // Basic tests: DTLS
734 // Test that we can make a handshake work
TEST_F(SSLStreamAdapterTestDTLS,TestDTLSConnect)735 TEST_F(SSLStreamAdapterTestDTLS, TestDTLSConnect) {
736 MAYBE_SKIP_TEST(HaveDtls);
737 TestHandshake();
738 };
739
740 // Test that we can make a handshake work if the first packet in
741 // each direction is lost. This gives us predictable loss
742 // rather than having to tune random
TEST_F(SSLStreamAdapterTestDTLS,TestDTLSConnectWithLostFirstPacket)743 TEST_F(SSLStreamAdapterTestDTLS, TestDTLSConnectWithLostFirstPacket) {
744 MAYBE_SKIP_TEST(HaveDtls);
745 SetLoseFirstPacket(true);
746 TestHandshake();
747 };
748
749 // Test a handshake with loss and delay
TEST_F(SSLStreamAdapterTestDTLS,TestDTLSConnectWithLostFirstPacketDelay2s)750 TEST_F(SSLStreamAdapterTestDTLS,
751 TestDTLSConnectWithLostFirstPacketDelay2s) {
752 MAYBE_SKIP_TEST(HaveDtls);
753 SetLoseFirstPacket(true);
754 SetDelay(2000);
755 SetHandshakeWait(20000);
756 TestHandshake();
757 };
758
759 // Test a handshake with small MTU
760 // Disabled due to https://code.google.com/p/webrtc/issues/detail?id=3910
TEST_F(SSLStreamAdapterTestDTLS,DISABLED_TestDTLSConnectWithSmallMtu)761 TEST_F(SSLStreamAdapterTestDTLS, DISABLED_TestDTLSConnectWithSmallMtu) {
762 MAYBE_SKIP_TEST(HaveDtls);
763 SetMtu(700);
764 SetHandshakeWait(20000);
765 TestHandshake();
766 };
767
768 // Test transfer -- trivial
TEST_F(SSLStreamAdapterTestDTLS,TestDTLSTransfer)769 TEST_F(SSLStreamAdapterTestDTLS, TestDTLSTransfer) {
770 MAYBE_SKIP_TEST(HaveDtls);
771 TestHandshake();
772 TestTransfer(100);
773 };
774
TEST_F(SSLStreamAdapterTestDTLS,TestDTLSTransferWithLoss)775 TEST_F(SSLStreamAdapterTestDTLS, TestDTLSTransferWithLoss) {
776 MAYBE_SKIP_TEST(HaveDtls);
777 TestHandshake();
778 SetLoss(10);
779 TestTransfer(100);
780 };
781
TEST_F(SSLStreamAdapterTestDTLS,TestDTLSTransferWithDamage)782 TEST_F(SSLStreamAdapterTestDTLS, TestDTLSTransferWithDamage) {
783 MAYBE_SKIP_TEST(HaveDtls);
784 SetDamage(); // Must be called first because first packet
785 // write happens at end of handshake.
786 TestHandshake();
787 TestTransfer(100);
788 };
789
790 // Test DTLS-SRTP with all high ciphers
TEST_F(SSLStreamAdapterTestDTLS,TestDTLSSrtpHigh)791 TEST_F(SSLStreamAdapterTestDTLS, TestDTLSSrtpHigh) {
792 MAYBE_SKIP_TEST(HaveDtlsSrtp);
793 std::vector<std::string> high;
794 high.push_back(kAES_CM_HMAC_SHA1_80);
795 SetDtlsSrtpCiphers(high, true);
796 SetDtlsSrtpCiphers(high, false);
797 TestHandshake();
798
799 std::string client_cipher;
800 ASSERT_TRUE(GetDtlsSrtpCipher(true, &client_cipher));
801 std::string server_cipher;
802 ASSERT_TRUE(GetDtlsSrtpCipher(false, &server_cipher));
803
804 ASSERT_EQ(client_cipher, server_cipher);
805 ASSERT_EQ(client_cipher, kAES_CM_HMAC_SHA1_80);
806 };
807
808 // Test DTLS-SRTP with all low ciphers
TEST_F(SSLStreamAdapterTestDTLS,TestDTLSSrtpLow)809 TEST_F(SSLStreamAdapterTestDTLS, TestDTLSSrtpLow) {
810 MAYBE_SKIP_TEST(HaveDtlsSrtp);
811 std::vector<std::string> low;
812 low.push_back(kAES_CM_HMAC_SHA1_32);
813 SetDtlsSrtpCiphers(low, true);
814 SetDtlsSrtpCiphers(low, false);
815 TestHandshake();
816
817 std::string client_cipher;
818 ASSERT_TRUE(GetDtlsSrtpCipher(true, &client_cipher));
819 std::string server_cipher;
820 ASSERT_TRUE(GetDtlsSrtpCipher(false, &server_cipher));
821
822 ASSERT_EQ(client_cipher, server_cipher);
823 ASSERT_EQ(client_cipher, kAES_CM_HMAC_SHA1_32);
824 };
825
826
827 // Test DTLS-SRTP with a mismatch -- should not converge
TEST_F(SSLStreamAdapterTestDTLS,TestDTLSSrtpHighLow)828 TEST_F(SSLStreamAdapterTestDTLS, TestDTLSSrtpHighLow) {
829 MAYBE_SKIP_TEST(HaveDtlsSrtp);
830 std::vector<std::string> high;
831 high.push_back(kAES_CM_HMAC_SHA1_80);
832 std::vector<std::string> low;
833 low.push_back(kAES_CM_HMAC_SHA1_32);
834 SetDtlsSrtpCiphers(high, true);
835 SetDtlsSrtpCiphers(low, false);
836 TestHandshake();
837
838 std::string client_cipher;
839 ASSERT_FALSE(GetDtlsSrtpCipher(true, &client_cipher));
840 std::string server_cipher;
841 ASSERT_FALSE(GetDtlsSrtpCipher(false, &server_cipher));
842 };
843
844 // Test DTLS-SRTP with each side being mixed -- should select high
TEST_F(SSLStreamAdapterTestDTLS,TestDTLSSrtpMixed)845 TEST_F(SSLStreamAdapterTestDTLS, TestDTLSSrtpMixed) {
846 MAYBE_SKIP_TEST(HaveDtlsSrtp);
847 std::vector<std::string> mixed;
848 mixed.push_back(kAES_CM_HMAC_SHA1_80);
849 mixed.push_back(kAES_CM_HMAC_SHA1_32);
850 SetDtlsSrtpCiphers(mixed, true);
851 SetDtlsSrtpCiphers(mixed, false);
852 TestHandshake();
853
854 std::string client_cipher;
855 ASSERT_TRUE(GetDtlsSrtpCipher(true, &client_cipher));
856 std::string server_cipher;
857 ASSERT_TRUE(GetDtlsSrtpCipher(false, &server_cipher));
858
859 ASSERT_EQ(client_cipher, server_cipher);
860 ASSERT_EQ(client_cipher, kAES_CM_HMAC_SHA1_80);
861 };
862
863 // Test an exporter
TEST_F(SSLStreamAdapterTestDTLS,TestDTLSExporter)864 TEST_F(SSLStreamAdapterTestDTLS, TestDTLSExporter) {
865 MAYBE_SKIP_TEST(HaveExporter);
866 TestHandshake();
867 unsigned char client_out[20];
868 unsigned char server_out[20];
869
870 bool result;
871 result = ExportKeyingMaterial(kExporterLabel,
872 kExporterContext, kExporterContextLen,
873 true, true,
874 client_out, sizeof(client_out));
875 ASSERT_TRUE(result);
876
877 result = ExportKeyingMaterial(kExporterLabel,
878 kExporterContext, kExporterContextLen,
879 true, false,
880 server_out, sizeof(server_out));
881 ASSERT_TRUE(result);
882
883 ASSERT_TRUE(!memcmp(client_out, server_out, sizeof(client_out)));
884 }
885
886 // Test not yet valid certificates are not rejected.
TEST_F(SSLStreamAdapterTestDTLS,TestCertNotYetValid)887 TEST_F(SSLStreamAdapterTestDTLS, TestCertNotYetValid) {
888 MAYBE_SKIP_TEST(HaveDtls);
889 long one_day = 60 * 60 * 24;
890 // Make the certificates not valid until one day later.
891 ResetIdentitiesWithValidity(one_day, one_day);
892 TestHandshake();
893 }
894
895 // Test expired certificates are not rejected.
TEST_F(SSLStreamAdapterTestDTLS,TestCertExpired)896 TEST_F(SSLStreamAdapterTestDTLS, TestCertExpired) {
897 MAYBE_SKIP_TEST(HaveDtls);
898 long one_day = 60 * 60 * 24;
899 // Make the certificates already expired.
900 ResetIdentitiesWithValidity(-one_day, -one_day);
901 TestHandshake();
902 }
903
904 // Test data transfer using certs created from strings.
TEST_F(SSLStreamAdapterTestDTLSFromPEMStrings,TestTransfer)905 TEST_F(SSLStreamAdapterTestDTLSFromPEMStrings, TestTransfer) {
906 MAYBE_SKIP_TEST(HaveDtls);
907 TestHandshake();
908 TestTransfer(100);
909 }
910
911 // Test getting the remote certificate.
TEST_F(SSLStreamAdapterTestDTLSFromPEMStrings,TestDTLSGetPeerCertificate)912 TEST_F(SSLStreamAdapterTestDTLSFromPEMStrings, TestDTLSGetPeerCertificate) {
913 MAYBE_SKIP_TEST(HaveDtls);
914
915 // Peer certificates haven't been received yet.
916 rtc::scoped_ptr<rtc::SSLCertificate> client_peer_cert;
917 ASSERT_FALSE(GetPeerCertificate(true, client_peer_cert.accept()));
918 ASSERT_FALSE(client_peer_cert != NULL);
919
920 rtc::scoped_ptr<rtc::SSLCertificate> server_peer_cert;
921 ASSERT_FALSE(GetPeerCertificate(false, server_peer_cert.accept()));
922 ASSERT_FALSE(server_peer_cert != NULL);
923
924 TestHandshake();
925
926 // The client should have a peer certificate after the handshake.
927 ASSERT_TRUE(GetPeerCertificate(true, client_peer_cert.accept()));
928 ASSERT_TRUE(client_peer_cert != NULL);
929
930 // It's not kCERT_PEM.
931 std::string client_peer_string = client_peer_cert->ToPEMString();
932 ASSERT_NE(kCERT_PEM, client_peer_string);
933
934 // It must not have a chain, because the test certs are self-signed.
935 rtc::SSLCertChain* client_peer_chain;
936 ASSERT_FALSE(client_peer_cert->GetChain(&client_peer_chain));
937
938 // The server should have a peer certificate after the handshake.
939 ASSERT_TRUE(GetPeerCertificate(false, server_peer_cert.accept()));
940 ASSERT_TRUE(server_peer_cert != NULL);
941
942 // It's kCERT_PEM
943 ASSERT_EQ(kCERT_PEM, server_peer_cert->ToPEMString());
944
945 // It must not have a chain, because the test certs are self-signed.
946 rtc::SSLCertChain* server_peer_chain;
947 ASSERT_FALSE(server_peer_cert->GetChain(&server_peer_chain));
948 }
949
950 // Test getting the used DTLS ciphers.
TEST_F(SSLStreamAdapterTestDTLS,TestGetSslCipher)951 TEST_F(SSLStreamAdapterTestDTLS, TestGetSslCipher) {
952 MAYBE_SKIP_TEST(HaveDtls);
953 TestHandshake();
954
955 std::string client_cipher;
956 ASSERT_TRUE(GetSslCipher(true, &client_cipher));
957 std::string server_cipher;
958 ASSERT_TRUE(GetSslCipher(false, &server_cipher));
959
960 ASSERT_EQ(client_cipher, server_cipher);
961 ASSERT_EQ(rtc::SSLStreamAdapter::GetDefaultSslCipher(), client_cipher);
962 }
963