tkchin@webrtc.org | c569a49 | 2014-09-23 05:56:44 | [diff] [blame] | 1 | /* |
| 2 | * Copyright 2014 The WebRTC Project Authors. All rights reserved. |
| 3 | * |
| 4 | * Use of this source code is governed by a BSD-style license |
| 5 | * that can be found in the LICENSE file in the root of the source |
| 6 | * tree. An additional intellectual property rights grant can be found |
| 7 | * in the file PATENTS. All contributing project authors may |
| 8 | * be found in the AUTHORS file in the root of the source tree. |
| 9 | */ |
| 10 | |
Ali Tofigh | 7fa9057 | 2022-03-17 14:47:49 | [diff] [blame] | 11 | #include "rtc_base/ssl_adapter.h" |
| 12 | |
jbauch | 555604a | 2016-04-26 10:13:22 | [diff] [blame] | 13 | #include <memory> |
tkchin@webrtc.org | c569a49 | 2014-09-23 05:56:44 | [diff] [blame] | 14 | #include <string> |
Benjamin Wright | 6e9c3df | 2018-05-22 23:11:56 | [diff] [blame] | 15 | #include <utility> |
tkchin@webrtc.org | c569a49 | 2014-09-23 05:56:44 | [diff] [blame] | 16 | |
Harald Alvestrand | 8515d5a | 2020-03-20 21:51:32 | [diff] [blame] | 17 | #include "absl/memory/memory.h" |
Ali Tofigh | 7fa9057 | 2022-03-17 14:47:49 | [diff] [blame] | 18 | #include "absl/strings/string_view.h" |
Mirko Bonadei | 92ea95e | 2017-09-15 04:47:31 | [diff] [blame] | 19 | #include "rtc_base/gunit.h" |
Steve Anton | 10542f2 | 2019-01-11 17:11:00 | [diff] [blame] | 20 | #include "rtc_base/ip_address.h" |
| 21 | #include "rtc_base/message_digest.h" |
| 22 | #include "rtc_base/socket_stream.h" |
Steve Anton | 10542f2 | 2019-01-11 17:11:00 | [diff] [blame] | 23 | #include "rtc_base/ssl_identity.h" |
| 24 | #include "rtc_base/ssl_stream_adapter.h" |
Mirko Bonadei | 92ea95e | 2017-09-15 04:47:31 | [diff] [blame] | 25 | #include "rtc_base/stream.h" |
Steve Anton | 10542f2 | 2019-01-11 17:11:00 | [diff] [blame] | 26 | #include "rtc_base/string_encode.h" |
| 27 | #include "rtc_base/virtual_socket_server.h" |
Benjamin Wright | 6e9c3df | 2018-05-22 23:11:56 | [diff] [blame] | 28 | #include "test/gmock.h" |
| 29 | |
| 30 | using ::testing::_; |
| 31 | using ::testing::Return; |
tkchin@webrtc.org | c569a49 | 2014-09-23 05:56:44 | [diff] [blame] | 32 | |
| 33 | static const int kTimeout = 5000; |
| 34 | |
Niels Möller | d0b8879 | 2021-08-12 08:32:30 | [diff] [blame] | 35 | static rtc::Socket* CreateSocket(const rtc::SSLMode& ssl_mode) { |
tkchin@webrtc.org | c569a49 | 2014-09-23 05:56:44 | [diff] [blame] | 36 | rtc::SocketAddress address(rtc::IPAddress(INADDR_ANY), 0); |
| 37 | |
Niels Möller | d0b8879 | 2021-08-12 08:32:30 | [diff] [blame] | 38 | rtc::Socket* socket = rtc::Thread::Current()->socketserver()->CreateSocket( |
| 39 | address.family(), |
| 40 | (ssl_mode == rtc::SSL_MODE_DTLS) ? SOCK_DGRAM : SOCK_STREAM); |
tkchin@webrtc.org | c569a49 | 2014-09-23 05:56:44 | [diff] [blame] | 41 | socket->Bind(address); |
| 42 | |
| 43 | return socket; |
| 44 | } |
| 45 | |
| 46 | static std::string GetSSLProtocolName(const rtc::SSLMode& ssl_mode) { |
| 47 | return (ssl_mode == rtc::SSL_MODE_DTLS) ? "DTLS" : "TLS"; |
| 48 | } |
| 49 | |
Benjamin Wright | 6e9c3df | 2018-05-22 23:11:56 | [diff] [blame] | 50 | // Simple mock for the certificate verifier. |
| 51 | class MockCertVerifier : public rtc::SSLCertificateVerifier { |
| 52 | public: |
| 53 | virtual ~MockCertVerifier() = default; |
Danil Chapovalov | 42748d8 | 2020-05-14 18:42:41 | [diff] [blame] | 54 | MOCK_METHOD(bool, Verify, (const rtc::SSLCertificate&), (override)); |
Benjamin Wright | 6e9c3df | 2018-05-22 23:11:56 | [diff] [blame] | 55 | }; |
| 56 | |
Mirko Bonadei | c84f661 | 2019-01-31 11:20:57 | [diff] [blame] | 57 | // TODO(benwright) - Move to using INSTANTIATE_TEST_SUITE_P instead of using |
Benjamin Wright | 6e9c3df | 2018-05-22 23:11:56 | [diff] [blame] | 58 | // duplicate test cases for simple parameter changes. |
tkchin@webrtc.org | c569a49 | 2014-09-23 05:56:44 | [diff] [blame] | 59 | class SSLAdapterTestDummyClient : public sigslot::has_slots<> { |
| 60 | public: |
| 61 | explicit SSLAdapterTestDummyClient(const rtc::SSLMode& ssl_mode) |
| 62 | : ssl_mode_(ssl_mode) { |
Niels Möller | d0b8879 | 2021-08-12 08:32:30 | [diff] [blame] | 63 | rtc::Socket* socket = CreateSocket(ssl_mode_); |
tkchin@webrtc.org | c569a49 | 2014-09-23 05:56:44 | [diff] [blame] | 64 | |
| 65 | ssl_adapter_.reset(rtc::SSLAdapter::Create(socket)); |
| 66 | |
pthatcher@webrtc.org | a9b1ec0 | 2014-12-29 23:00:14 | [diff] [blame] | 67 | ssl_adapter_->SetMode(ssl_mode_); |
| 68 | |
tkchin@webrtc.org | c569a49 | 2014-09-23 05:56:44 | [diff] [blame] | 69 | // Ignore any certificate errors for the purpose of testing. |
| 70 | // Note: We do this only because we don't have a real certificate. |
| 71 | // NEVER USE THIS IN PRODUCTION CODE! |
Sergey Silkin | 9c147dd | 2018-09-12 10:45:38 | [diff] [blame] | 72 | ssl_adapter_->SetIgnoreBadCert(true); |
tkchin@webrtc.org | c569a49 | 2014-09-23 05:56:44 | [diff] [blame] | 73 | |
Yves Gerey | 665174f | 2018-06-19 13:03:05 | [diff] [blame] | 74 | ssl_adapter_->SignalReadEvent.connect( |
| 75 | this, &SSLAdapterTestDummyClient::OnSSLAdapterReadEvent); |
| 76 | ssl_adapter_->SignalCloseEvent.connect( |
| 77 | this, &SSLAdapterTestDummyClient::OnSSLAdapterCloseEvent); |
tkchin@webrtc.org | c569a49 | 2014-09-23 05:56:44 | [diff] [blame] | 78 | } |
| 79 | |
Sergey Silkin | 9c147dd | 2018-09-12 10:45:38 | [diff] [blame] | 80 | void SetIgnoreBadCert(bool ignore_bad_cert) { |
| 81 | ssl_adapter_->SetIgnoreBadCert(ignore_bad_cert); |
Benjamin Wright | 6e9c3df | 2018-05-22 23:11:56 | [diff] [blame] | 82 | } |
| 83 | |
| 84 | void SetCertVerifier(rtc::SSLCertificateVerifier* ssl_cert_verifier) { |
| 85 | ssl_adapter_->SetCertVerifier(ssl_cert_verifier); |
| 86 | } |
| 87 | |
Sergey Silkin | 9c147dd | 2018-09-12 10:45:38 | [diff] [blame] | 88 | void SetAlpnProtocols(const std::vector<std::string>& protos) { |
| 89 | ssl_adapter_->SetAlpnProtocols(protos); |
| 90 | } |
| 91 | |
| 92 | void SetEllipticCurves(const std::vector<std::string>& curves) { |
| 93 | ssl_adapter_->SetEllipticCurves(curves); |
| 94 | } |
| 95 | |
pthatcher@webrtc.org | a9b1ec0 | 2014-12-29 23:00:14 | [diff] [blame] | 96 | rtc::SocketAddress GetAddress() const { |
| 97 | return ssl_adapter_->GetLocalAddress(); |
| 98 | } |
| 99 | |
Niels Möller | d0b8879 | 2021-08-12 08:32:30 | [diff] [blame] | 100 | rtc::Socket::ConnState GetState() const { return ssl_adapter_->GetState(); } |
tkchin@webrtc.org | c569a49 | 2014-09-23 05:56:44 | [diff] [blame] | 101 | |
Yves Gerey | 665174f | 2018-06-19 13:03:05 | [diff] [blame] | 102 | const std::string& GetReceivedData() const { return data_; } |
tkchin@webrtc.org | c569a49 | 2014-09-23 05:56:44 | [diff] [blame] | 103 | |
Ali Tofigh | 7fa9057 | 2022-03-17 14:47:49 | [diff] [blame] | 104 | int Connect(absl::string_view hostname, const rtc::SocketAddress& address) { |
Jonas Olsson | abbe841 | 2018-04-03 11:40:05 | [diff] [blame] | 105 | RTC_LOG(LS_INFO) << "Initiating connection with " << address.ToString(); |
tkchin@webrtc.org | c569a49 | 2014-09-23 05:56:44 | [diff] [blame] | 106 | |
pthatcher@webrtc.org | a9b1ec0 | 2014-12-29 23:00:14 | [diff] [blame] | 107 | int rv = ssl_adapter_->Connect(address); |
| 108 | |
| 109 | if (rv == 0) { |
Mirko Bonadei | 675513b | 2017-11-09 10:09:25 | [diff] [blame] | 110 | RTC_LOG(LS_INFO) << "Starting " << GetSSLProtocolName(ssl_mode_) |
| 111 | << " handshake with " << hostname; |
pthatcher@webrtc.org | a9b1ec0 | 2014-12-29 23:00:14 | [diff] [blame] | 112 | |
Ali Tofigh | 2ab914c | 2022-04-13 10:55:15 | [diff] [blame] | 113 | if (ssl_adapter_->StartSSL(hostname) != 0) { |
pthatcher@webrtc.org | a9b1ec0 | 2014-12-29 23:00:14 | [diff] [blame] | 114 | return -1; |
| 115 | } |
| 116 | } |
| 117 | |
| 118 | return rv; |
tkchin@webrtc.org | c569a49 | 2014-09-23 05:56:44 | [diff] [blame] | 119 | } |
| 120 | |
Yves Gerey | 665174f | 2018-06-19 13:03:05 | [diff] [blame] | 121 | int Close() { return ssl_adapter_->Close(); } |
tkchin@webrtc.org | c569a49 | 2014-09-23 05:56:44 | [diff] [blame] | 122 | |
Ali Tofigh | 7fa9057 | 2022-03-17 14:47:49 | [diff] [blame] | 123 | int Send(absl::string_view message) { |
Mirko Bonadei | 675513b | 2017-11-09 10:09:25 | [diff] [blame] | 124 | RTC_LOG(LS_INFO) << "Client sending '" << message << "'"; |
tkchin@webrtc.org | c569a49 | 2014-09-23 05:56:44 | [diff] [blame] | 125 | |
| 126 | return ssl_adapter_->Send(message.data(), message.length()); |
| 127 | } |
| 128 | |
Niels Möller | d0b8879 | 2021-08-12 08:32:30 | [diff] [blame] | 129 | void OnSSLAdapterReadEvent(rtc::Socket* socket) { |
tkchin@webrtc.org | c569a49 | 2014-09-23 05:56:44 | [diff] [blame] | 130 | char buffer[4096] = ""; |
| 131 | |
| 132 | // Read data received from the server and store it in our internal buffer. |
Stefan Holmer | 9131efd | 2016-05-23 16:19:26 | [diff] [blame] | 133 | int read = socket->Recv(buffer, sizeof(buffer) - 1, nullptr); |
tkchin@webrtc.org | c569a49 | 2014-09-23 05:56:44 | [diff] [blame] | 134 | if (read != -1) { |
| 135 | buffer[read] = '\0'; |
| 136 | |
Mirko Bonadei | 675513b | 2017-11-09 10:09:25 | [diff] [blame] | 137 | RTC_LOG(LS_INFO) << "Client received '" << buffer << "'"; |
tkchin@webrtc.org | c569a49 | 2014-09-23 05:56:44 | [diff] [blame] | 138 | |
| 139 | data_ += buffer; |
| 140 | } |
| 141 | } |
| 142 | |
Niels Möller | d0b8879 | 2021-08-12 08:32:30 | [diff] [blame] | 143 | void OnSSLAdapterCloseEvent(rtc::Socket* socket, int error) { |
tkchin@webrtc.org | c569a49 | 2014-09-23 05:56:44 | [diff] [blame] | 144 | // OpenSSLAdapter signals handshake failure with a close event, but without |
| 145 | // closing the socket! Let's close the socket here. This way GetState() can |
| 146 | // return CS_CLOSED after failure. |
Niels Möller | d0b8879 | 2021-08-12 08:32:30 | [diff] [blame] | 147 | if (socket->GetState() != rtc::Socket::CS_CLOSED) { |
tkchin@webrtc.org | c569a49 | 2014-09-23 05:56:44 | [diff] [blame] | 148 | socket->Close(); |
| 149 | } |
| 150 | } |
| 151 | |
| 152 | private: |
| 153 | const rtc::SSLMode ssl_mode_; |
| 154 | |
jbauch | 555604a | 2016-04-26 10:13:22 | [diff] [blame] | 155 | std::unique_ptr<rtc::SSLAdapter> ssl_adapter_; |
tkchin@webrtc.org | c569a49 | 2014-09-23 05:56:44 | [diff] [blame] | 156 | |
| 157 | std::string data_; |
| 158 | }; |
| 159 | |
| 160 | class SSLAdapterTestDummyServer : public sigslot::has_slots<> { |
| 161 | public: |
Torbjorn Granlund | b6d4ec4 | 2015-08-17 12:08:59 | [diff] [blame] | 162 | explicit SSLAdapterTestDummyServer(const rtc::SSLMode& ssl_mode, |
torbjorng | 4e57247 | 2015-10-08 16:42:49 | [diff] [blame] | 163 | const rtc::KeyParams& key_params) |
tkchin@webrtc.org | c569a49 | 2014-09-23 05:56:44 | [diff] [blame] | 164 | : ssl_mode_(ssl_mode) { |
| 165 | // Generate a key pair and a certificate for this host. |
Harald Alvestrand | 8515d5a | 2020-03-20 21:51:32 | [diff] [blame] | 166 | ssl_identity_ = rtc::SSLIdentity::Create(GetHostname(), key_params); |
tkchin@webrtc.org | c569a49 | 2014-09-23 05:56:44 | [diff] [blame] | 167 | |
| 168 | server_socket_.reset(CreateSocket(ssl_mode_)); |
| 169 | |
pthatcher@webrtc.org | a9b1ec0 | 2014-12-29 23:00:14 | [diff] [blame] | 170 | if (ssl_mode_ == rtc::SSL_MODE_TLS) { |
Yves Gerey | 665174f | 2018-06-19 13:03:05 | [diff] [blame] | 171 | server_socket_->SignalReadEvent.connect( |
| 172 | this, &SSLAdapterTestDummyServer::OnServerSocketReadEvent); |
tkchin@webrtc.org | c569a49 | 2014-09-23 05:56:44 | [diff] [blame] | 173 | |
pthatcher@webrtc.org | a9b1ec0 | 2014-12-29 23:00:14 | [diff] [blame] | 174 | server_socket_->Listen(1); |
| 175 | } |
tkchin@webrtc.org | c569a49 | 2014-09-23 05:56:44 | [diff] [blame] | 176 | |
Mirko Bonadei | 675513b | 2017-11-09 10:09:25 | [diff] [blame] | 177 | RTC_LOG(LS_INFO) << ((ssl_mode_ == rtc::SSL_MODE_DTLS) ? "UDP" : "TCP") |
| 178 | << " server listening on " |
Jonas Olsson | abbe841 | 2018-04-03 11:40:05 | [diff] [blame] | 179 | << server_socket_->GetLocalAddress().ToString(); |
tkchin@webrtc.org | c569a49 | 2014-09-23 05:56:44 | [diff] [blame] | 180 | } |
| 181 | |
| 182 | rtc::SocketAddress GetAddress() const { |
| 183 | return server_socket_->GetLocalAddress(); |
| 184 | } |
| 185 | |
| 186 | std::string GetHostname() const { |
| 187 | // Since we don't have a real certificate anyway, the value here doesn't |
| 188 | // really matter. |
| 189 | return "example.com"; |
| 190 | } |
| 191 | |
Yves Gerey | 665174f | 2018-06-19 13:03:05 | [diff] [blame] | 192 | const std::string& GetReceivedData() const { return data_; } |
tkchin@webrtc.org | c569a49 | 2014-09-23 05:56:44 | [diff] [blame] | 193 | |
Ali Tofigh | 7fa9057 | 2022-03-17 14:47:49 | [diff] [blame] | 194 | int Send(absl::string_view message) { |
deadbeef | 37f5ecf | 2017-02-27 22:06:41 | [diff] [blame] | 195 | if (ssl_stream_adapter_ == nullptr || |
| 196 | ssl_stream_adapter_->GetState() != rtc::SS_OPEN) { |
tkchin@webrtc.org | c569a49 | 2014-09-23 05:56:44 | [diff] [blame] | 197 | // No connection yet. |
| 198 | return -1; |
| 199 | } |
| 200 | |
Mirko Bonadei | 675513b | 2017-11-09 10:09:25 | [diff] [blame] | 201 | RTC_LOG(LS_INFO) << "Server sending '" << message << "'"; |
tkchin@webrtc.org | c569a49 | 2014-09-23 05:56:44 | [diff] [blame] | 202 | |
| 203 | size_t written; |
| 204 | int error; |
| 205 | |
Yves Gerey | 665174f | 2018-06-19 13:03:05 | [diff] [blame] | 206 | rtc::StreamResult r = ssl_stream_adapter_->Write( |
| 207 | message.data(), message.length(), &written, &error); |
tkchin@webrtc.org | c569a49 | 2014-09-23 05:56:44 | [diff] [blame] | 208 | if (r == rtc::SR_SUCCESS) { |
| 209 | return written; |
| 210 | } else { |
| 211 | return -1; |
| 212 | } |
| 213 | } |
| 214 | |
pthatcher@webrtc.org | a9b1ec0 | 2014-12-29 23:00:14 | [diff] [blame] | 215 | void AcceptConnection(const rtc::SocketAddress& address) { |
| 216 | // Only a single connection is supported. |
deadbeef | 37f5ecf | 2017-02-27 22:06:41 | [diff] [blame] | 217 | ASSERT_TRUE(ssl_stream_adapter_ == nullptr); |
pthatcher@webrtc.org | a9b1ec0 | 2014-12-29 23:00:14 | [diff] [blame] | 218 | |
| 219 | // This is only for DTLS. |
| 220 | ASSERT_EQ(rtc::SSL_MODE_DTLS, ssl_mode_); |
| 221 | |
| 222 | // Transfer ownership of the socket to the SSLStreamAdapter object. |
Niels Möller | d0b8879 | 2021-08-12 08:32:30 | [diff] [blame] | 223 | rtc::Socket* socket = server_socket_.release(); |
pthatcher@webrtc.org | a9b1ec0 | 2014-12-29 23:00:14 | [diff] [blame] | 224 | |
| 225 | socket->Connect(address); |
| 226 | |
| 227 | DoHandshake(socket); |
| 228 | } |
| 229 | |
Niels Möller | d0b8879 | 2021-08-12 08:32:30 | [diff] [blame] | 230 | void OnServerSocketReadEvent(rtc::Socket* socket) { |
pthatcher@webrtc.org | a9b1ec0 | 2014-12-29 23:00:14 | [diff] [blame] | 231 | // Only a single connection is supported. |
deadbeef | 37f5ecf | 2017-02-27 22:06:41 | [diff] [blame] | 232 | ASSERT_TRUE(ssl_stream_adapter_ == nullptr); |
tkchin@webrtc.org | c569a49 | 2014-09-23 05:56:44 | [diff] [blame] | 233 | |
deadbeef | 37f5ecf | 2017-02-27 22:06:41 | [diff] [blame] | 234 | DoHandshake(server_socket_->Accept(nullptr)); |
tkchin@webrtc.org | c569a49 | 2014-09-23 05:56:44 | [diff] [blame] | 235 | } |
| 236 | |
| 237 | void OnSSLStreamAdapterEvent(rtc::StreamInterface* stream, int sig, int err) { |
| 238 | if (sig & rtc::SE_READ) { |
| 239 | char buffer[4096] = ""; |
tkchin@webrtc.org | c569a49 | 2014-09-23 05:56:44 | [diff] [blame] | 240 | size_t read; |
| 241 | int error; |
| 242 | |
| 243 | // Read data received from the client and store it in our internal |
| 244 | // buffer. |
deadbeef | ed3b986 | 2017-06-02 17:33:16 | [diff] [blame] | 245 | rtc::StreamResult r = |
| 246 | stream->Read(buffer, sizeof(buffer) - 1, &read, &error); |
tkchin@webrtc.org | c569a49 | 2014-09-23 05:56:44 | [diff] [blame] | 247 | if (r == rtc::SR_SUCCESS) { |
| 248 | buffer[read] = '\0'; |
Mirko Bonadei | 675513b | 2017-11-09 10:09:25 | [diff] [blame] | 249 | RTC_LOG(LS_INFO) << "Server received '" << buffer << "'"; |
tkchin@webrtc.org | c569a49 | 2014-09-23 05:56:44 | [diff] [blame] | 250 | data_ += buffer; |
| 251 | } |
| 252 | } |
| 253 | } |
| 254 | |
| 255 | private: |
Niels Möller | d0b8879 | 2021-08-12 08:32:30 | [diff] [blame] | 256 | void DoHandshake(rtc::Socket* socket) { |
Harald Alvestrand | 8515d5a | 2020-03-20 21:51:32 | [diff] [blame] | 257 | ssl_stream_adapter_ = rtc::SSLStreamAdapter::Create( |
| 258 | std::make_unique<rtc::SocketStream>(socket)); |
pthatcher@webrtc.org | a9b1ec0 | 2014-12-29 23:00:14 | [diff] [blame] | 259 | |
| 260 | ssl_stream_adapter_->SetMode(ssl_mode_); |
| 261 | ssl_stream_adapter_->SetServerRole(); |
| 262 | |
| 263 | // SSLStreamAdapter is normally used for peer-to-peer communication, but |
| 264 | // here we're testing communication between a client and a server |
| 265 | // (e.g. a WebRTC-based application and an RFC 5766 TURN server), where |
| 266 | // clients are not required to provide a certificate during handshake. |
| 267 | // Accordingly, we must disable client authentication here. |
Benjamin Wright | b19b497 | 2018-10-25 17:46:49 | [diff] [blame] | 268 | ssl_stream_adapter_->SetClientAuthEnabledForTesting(false); |
pthatcher@webrtc.org | a9b1ec0 | 2014-12-29 23:00:14 | [diff] [blame] | 269 | |
Harald Alvestrand | 8515d5a | 2020-03-20 21:51:32 | [diff] [blame] | 270 | ssl_stream_adapter_->SetIdentity(ssl_identity_->Clone()); |
pthatcher@webrtc.org | a9b1ec0 | 2014-12-29 23:00:14 | [diff] [blame] | 271 | |
| 272 | // Set a bogus peer certificate digest. |
| 273 | unsigned char digest[20]; |
| 274 | size_t digest_len = sizeof(digest); |
| 275 | ssl_stream_adapter_->SetPeerCertificateDigest(rtc::DIGEST_SHA_1, digest, |
Yves Gerey | 665174f | 2018-06-19 13:03:05 | [diff] [blame] | 276 | digest_len); |
pthatcher@webrtc.org | a9b1ec0 | 2014-12-29 23:00:14 | [diff] [blame] | 277 | |
Taylor Brandstetter | c8762a8 | 2016-08-11 19:01:49 | [diff] [blame] | 278 | ssl_stream_adapter_->StartSSL(); |
pthatcher@webrtc.org | a9b1ec0 | 2014-12-29 23:00:14 | [diff] [blame] | 279 | |
Yves Gerey | 665174f | 2018-06-19 13:03:05 | [diff] [blame] | 280 | ssl_stream_adapter_->SignalEvent.connect( |
| 281 | this, &SSLAdapterTestDummyServer::OnSSLStreamAdapterEvent); |
pthatcher@webrtc.org | a9b1ec0 | 2014-12-29 23:00:14 | [diff] [blame] | 282 | } |
| 283 | |
tkchin@webrtc.org | c569a49 | 2014-09-23 05:56:44 | [diff] [blame] | 284 | const rtc::SSLMode ssl_mode_; |
| 285 | |
Niels Möller | d0b8879 | 2021-08-12 08:32:30 | [diff] [blame] | 286 | std::unique_ptr<rtc::Socket> server_socket_; |
jbauch | 555604a | 2016-04-26 10:13:22 | [diff] [blame] | 287 | std::unique_ptr<rtc::SSLStreamAdapter> ssl_stream_adapter_; |
tkchin@webrtc.org | c569a49 | 2014-09-23 05:56:44 | [diff] [blame] | 288 | |
jbauch | 555604a | 2016-04-26 10:13:22 | [diff] [blame] | 289 | std::unique_ptr<rtc::SSLIdentity> ssl_identity_; |
tkchin@webrtc.org | c569a49 | 2014-09-23 05:56:44 | [diff] [blame] | 290 | |
| 291 | std::string data_; |
| 292 | }; |
| 293 | |
Mirko Bonadei | 6a489f2 | 2019-04-09 13:11:12 | [diff] [blame] | 294 | class SSLAdapterTestBase : public ::testing::Test, public sigslot::has_slots<> { |
tkchin@webrtc.org | c569a49 | 2014-09-23 05:56:44 | [diff] [blame] | 295 | public: |
Torbjorn Granlund | b6d4ec4 | 2015-08-17 12:08:59 | [diff] [blame] | 296 | explicit SSLAdapterTestBase(const rtc::SSLMode& ssl_mode, |
torbjorng | 4e57247 | 2015-10-08 16:42:49 | [diff] [blame] | 297 | const rtc::KeyParams& key_params) |
tkchin@webrtc.org | c569a49 | 2014-09-23 05:56:44 | [diff] [blame] | 298 | : ssl_mode_(ssl_mode), |
deadbeef | 98e186c | 2017-05-17 01:00:06 | [diff] [blame] | 299 | vss_(new rtc::VirtualSocketServer()), |
nisse | 7eaa4ea | 2017-05-08 12:25:41 | [diff] [blame] | 300 | thread_(vss_.get()), |
torbjorng | 4e57247 | 2015-10-08 16:42:49 | [diff] [blame] | 301 | server_(new SSLAdapterTestDummyServer(ssl_mode_, key_params)), |
tkchin@webrtc.org | c569a49 | 2014-09-23 05:56:44 | [diff] [blame] | 302 | client_(new SSLAdapterTestDummyClient(ssl_mode_)), |
Torbjorn Granlund | b6d4ec4 | 2015-08-17 12:08:59 | [diff] [blame] | 303 | handshake_wait_(kTimeout) {} |
tkchin@webrtc.org | c569a49 | 2014-09-23 05:56:44 | [diff] [blame] | 304 | |
Yves Gerey | 665174f | 2018-06-19 13:03:05 | [diff] [blame] | 305 | void SetHandshakeWait(int wait) { handshake_wait_ = wait; } |
tkchin@webrtc.org | c569a49 | 2014-09-23 05:56:44 | [diff] [blame] | 306 | |
Sergey Silkin | 9c147dd | 2018-09-12 10:45:38 | [diff] [blame] | 307 | void SetIgnoreBadCert(bool ignore_bad_cert) { |
| 308 | client_->SetIgnoreBadCert(ignore_bad_cert); |
Benjamin Wright | 6e9c3df | 2018-05-22 23:11:56 | [diff] [blame] | 309 | } |
| 310 | |
| 311 | void SetCertVerifier(rtc::SSLCertificateVerifier* ssl_cert_verifier) { |
| 312 | client_->SetCertVerifier(ssl_cert_verifier); |
| 313 | } |
| 314 | |
Sergey Silkin | 9c147dd | 2018-09-12 10:45:38 | [diff] [blame] | 315 | void SetAlpnProtocols(const std::vector<std::string>& protos) { |
| 316 | client_->SetAlpnProtocols(protos); |
| 317 | } |
| 318 | |
| 319 | void SetEllipticCurves(const std::vector<std::string>& curves) { |
| 320 | client_->SetEllipticCurves(curves); |
| 321 | } |
| 322 | |
Benjamin Wright | 6e9c3df | 2018-05-22 23:11:56 | [diff] [blame] | 323 | void SetMockCertVerifier(bool return_value) { |
Mirko Bonadei | 317a1f0 | 2019-09-17 15:06:18 | [diff] [blame] | 324 | auto mock_verifier = std::make_unique<MockCertVerifier>(); |
Benjamin Wright | 6e9c3df | 2018-05-22 23:11:56 | [diff] [blame] | 325 | EXPECT_CALL(*mock_verifier, Verify(_)).WillRepeatedly(Return(return_value)); |
| 326 | cert_verifier_ = |
| 327 | std::unique_ptr<rtc::SSLCertificateVerifier>(std::move(mock_verifier)); |
| 328 | |
Sergey Silkin | 9c147dd | 2018-09-12 10:45:38 | [diff] [blame] | 329 | SetIgnoreBadCert(false); |
Benjamin Wright | 6e9c3df | 2018-05-22 23:11:56 | [diff] [blame] | 330 | SetCertVerifier(cert_verifier_.get()); |
| 331 | } |
| 332 | |
tkchin@webrtc.org | c569a49 | 2014-09-23 05:56:44 | [diff] [blame] | 333 | void TestHandshake(bool expect_success) { |
| 334 | int rv; |
| 335 | |
| 336 | // The initial state is CS_CLOSED |
Niels Möller | d0b8879 | 2021-08-12 08:32:30 | [diff] [blame] | 337 | ASSERT_EQ(rtc::Socket::CS_CLOSED, client_->GetState()); |
tkchin@webrtc.org | c569a49 | 2014-09-23 05:56:44 | [diff] [blame] | 338 | |
| 339 | rv = client_->Connect(server_->GetHostname(), server_->GetAddress()); |
| 340 | ASSERT_EQ(0, rv); |
| 341 | |
| 342 | // Now the state should be CS_CONNECTING |
Niels Möller | d0b8879 | 2021-08-12 08:32:30 | [diff] [blame] | 343 | ASSERT_EQ(rtc::Socket::CS_CONNECTING, client_->GetState()); |
tkchin@webrtc.org | c569a49 | 2014-09-23 05:56:44 | [diff] [blame] | 344 | |
pthatcher@webrtc.org | a9b1ec0 | 2014-12-29 23:00:14 | [diff] [blame] | 345 | if (ssl_mode_ == rtc::SSL_MODE_DTLS) { |
| 346 | // For DTLS, call AcceptConnection() with the client's address. |
| 347 | server_->AcceptConnection(client_->GetAddress()); |
| 348 | } |
| 349 | |
tkchin@webrtc.org | c569a49 | 2014-09-23 05:56:44 | [diff] [blame] | 350 | if (expect_success) { |
| 351 | // If expecting success, the client should end up in the CS_CONNECTED |
| 352 | // state after handshake. |
Niels Möller | d0b8879 | 2021-08-12 08:32:30 | [diff] [blame] | 353 | EXPECT_EQ_WAIT(rtc::Socket::CS_CONNECTED, client_->GetState(), |
Yves Gerey | 665174f | 2018-06-19 13:03:05 | [diff] [blame] | 354 | handshake_wait_); |
tkchin@webrtc.org | c569a49 | 2014-09-23 05:56:44 | [diff] [blame] | 355 | |
Mirko Bonadei | 675513b | 2017-11-09 10:09:25 | [diff] [blame] | 356 | RTC_LOG(LS_INFO) << GetSSLProtocolName(ssl_mode_) |
| 357 | << " handshake complete."; |
tkchin@webrtc.org | c569a49 | 2014-09-23 05:56:44 | [diff] [blame] | 358 | |
| 359 | } else { |
| 360 | // On handshake failure the client should end up in the CS_CLOSED state. |
Niels Möller | d0b8879 | 2021-08-12 08:32:30 | [diff] [blame] | 361 | EXPECT_EQ_WAIT(rtc::Socket::CS_CLOSED, client_->GetState(), |
Yves Gerey | 665174f | 2018-06-19 13:03:05 | [diff] [blame] | 362 | handshake_wait_); |
tkchin@webrtc.org | c569a49 | 2014-09-23 05:56:44 | [diff] [blame] | 363 | |
Mirko Bonadei | 675513b | 2017-11-09 10:09:25 | [diff] [blame] | 364 | RTC_LOG(LS_INFO) << GetSSLProtocolName(ssl_mode_) << " handshake failed."; |
tkchin@webrtc.org | c569a49 | 2014-09-23 05:56:44 | [diff] [blame] | 365 | } |
| 366 | } |
| 367 | |
Ali Tofigh | 7fa9057 | 2022-03-17 14:47:49 | [diff] [blame] | 368 | void TestTransfer(absl::string_view message) { |
tkchin@webrtc.org | c569a49 | 2014-09-23 05:56:44 | [diff] [blame] | 369 | int rv; |
| 370 | |
| 371 | rv = client_->Send(message); |
| 372 | ASSERT_EQ(static_cast<int>(message.length()), rv); |
| 373 | |
| 374 | // The server should have received the client's message. |
| 375 | EXPECT_EQ_WAIT(message, server_->GetReceivedData(), kTimeout); |
| 376 | |
| 377 | rv = server_->Send(message); |
| 378 | ASSERT_EQ(static_cast<int>(message.length()), rv); |
| 379 | |
| 380 | // The client should have received the server's message. |
| 381 | EXPECT_EQ_WAIT(message, client_->GetReceivedData(), kTimeout); |
| 382 | |
Mirko Bonadei | 675513b | 2017-11-09 10:09:25 | [diff] [blame] | 383 | RTC_LOG(LS_INFO) << "Transfer complete."; |
tkchin@webrtc.org | c569a49 | 2014-09-23 05:56:44 | [diff] [blame] | 384 | } |
| 385 | |
deadbeef | ed3b986 | 2017-06-02 17:33:16 | [diff] [blame] | 386 | protected: |
tkchin@webrtc.org | c569a49 | 2014-09-23 05:56:44 | [diff] [blame] | 387 | const rtc::SSLMode ssl_mode_; |
| 388 | |
nisse | 7eaa4ea | 2017-05-08 12:25:41 | [diff] [blame] | 389 | std::unique_ptr<rtc::VirtualSocketServer> vss_; |
| 390 | rtc::AutoSocketServerThread thread_; |
jbauch | 555604a | 2016-04-26 10:13:22 | [diff] [blame] | 391 | std::unique_ptr<SSLAdapterTestDummyServer> server_; |
| 392 | std::unique_ptr<SSLAdapterTestDummyClient> client_; |
Benjamin Wright | 6e9c3df | 2018-05-22 23:11:56 | [diff] [blame] | 393 | std::unique_ptr<rtc::SSLCertificateVerifier> cert_verifier_; |
tkchin@webrtc.org | c569a49 | 2014-09-23 05:56:44 | [diff] [blame] | 394 | |
| 395 | int handshake_wait_; |
| 396 | }; |
| 397 | |
Torbjorn Granlund | b6d4ec4 | 2015-08-17 12:08:59 | [diff] [blame] | 398 | class SSLAdapterTestTLS_RSA : public SSLAdapterTestBase { |
tkchin@webrtc.org | c569a49 | 2014-09-23 05:56:44 | [diff] [blame] | 399 | public: |
Torbjorn Granlund | b6d4ec4 | 2015-08-17 12:08:59 | [diff] [blame] | 400 | SSLAdapterTestTLS_RSA() |
torbjorng | 4e57247 | 2015-10-08 16:42:49 | [diff] [blame] | 401 | : SSLAdapterTestBase(rtc::SSL_MODE_TLS, rtc::KeyParams::RSA()) {} |
tkchin@webrtc.org | c569a49 | 2014-09-23 05:56:44 | [diff] [blame] | 402 | }; |
| 403 | |
Torbjorn Granlund | b6d4ec4 | 2015-08-17 12:08:59 | [diff] [blame] | 404 | class SSLAdapterTestTLS_ECDSA : public SSLAdapterTestBase { |
pthatcher@webrtc.org | a9b1ec0 | 2014-12-29 23:00:14 | [diff] [blame] | 405 | public: |
Torbjorn Granlund | b6d4ec4 | 2015-08-17 12:08:59 | [diff] [blame] | 406 | SSLAdapterTestTLS_ECDSA() |
torbjorng | 4e57247 | 2015-10-08 16:42:49 | [diff] [blame] | 407 | : SSLAdapterTestBase(rtc::SSL_MODE_TLS, rtc::KeyParams::ECDSA()) {} |
Torbjorn Granlund | b6d4ec4 | 2015-08-17 12:08:59 | [diff] [blame] | 408 | }; |
| 409 | |
| 410 | class SSLAdapterTestDTLS_RSA : public SSLAdapterTestBase { |
| 411 | public: |
| 412 | SSLAdapterTestDTLS_RSA() |
torbjorng | 4e57247 | 2015-10-08 16:42:49 | [diff] [blame] | 413 | : SSLAdapterTestBase(rtc::SSL_MODE_DTLS, rtc::KeyParams::RSA()) {} |
Torbjorn Granlund | b6d4ec4 | 2015-08-17 12:08:59 | [diff] [blame] | 414 | }; |
| 415 | |
| 416 | class SSLAdapterTestDTLS_ECDSA : public SSLAdapterTestBase { |
| 417 | public: |
| 418 | SSLAdapterTestDTLS_ECDSA() |
torbjorng | 4e57247 | 2015-10-08 16:42:49 | [diff] [blame] | 419 | : SSLAdapterTestBase(rtc::SSL_MODE_DTLS, rtc::KeyParams::ECDSA()) {} |
pthatcher@webrtc.org | a9b1ec0 | 2014-12-29 23:00:14 | [diff] [blame] | 420 | }; |
tkchin@webrtc.org | c569a49 | 2014-09-23 05:56:44 | [diff] [blame] | 421 | |
tkchin@webrtc.org | c569a49 | 2014-09-23 05:56:44 | [diff] [blame] | 422 | // Basic tests: TLS |
| 423 | |
Torbjorn Granlund | b6d4ec4 | 2015-08-17 12:08:59 | [diff] [blame] | 424 | // Test that handshake works, using RSA |
| 425 | TEST_F(SSLAdapterTestTLS_RSA, TestTLSConnect) { |
tkchin@webrtc.org | c569a49 | 2014-09-23 05:56:44 | [diff] [blame] | 426 | TestHandshake(true); |
| 427 | } |
| 428 | |
Benjamin Wright | 6e9c3df | 2018-05-22 23:11:56 | [diff] [blame] | 429 | // Test that handshake works with a custom verifier that returns true. RSA. |
| 430 | TEST_F(SSLAdapterTestTLS_RSA, TestTLSConnectCustomCertVerifierSucceeds) { |
| 431 | SetMockCertVerifier(/*return_value=*/true); |
| 432 | TestHandshake(/*expect_success=*/true); |
| 433 | } |
| 434 | |
| 435 | // Test that handshake fails with a custom verifier that returns false. RSA. |
| 436 | TEST_F(SSLAdapterTestTLS_RSA, TestTLSConnectCustomCertVerifierFails) { |
| 437 | SetMockCertVerifier(/*return_value=*/false); |
| 438 | TestHandshake(/*expect_success=*/false); |
| 439 | } |
| 440 | |
Torbjorn Granlund | b6d4ec4 | 2015-08-17 12:08:59 | [diff] [blame] | 441 | // Test that handshake works, using ECDSA |
| 442 | TEST_F(SSLAdapterTestTLS_ECDSA, TestTLSConnect) { |
Benjamin Wright | 6e9c3df | 2018-05-22 23:11:56 | [diff] [blame] | 443 | SetMockCertVerifier(/*return_value=*/true); |
| 444 | TestHandshake(/*expect_success=*/true); |
| 445 | } |
| 446 | |
| 447 | // Test that handshake works with a custom verifier that returns true. ECDSA. |
| 448 | TEST_F(SSLAdapterTestTLS_ECDSA, TestTLSConnectCustomCertVerifierSucceeds) { |
| 449 | SetMockCertVerifier(/*return_value=*/true); |
| 450 | TestHandshake(/*expect_success=*/true); |
| 451 | } |
| 452 | |
| 453 | // Test that handshake fails with a custom verifier that returns false. ECDSA. |
| 454 | TEST_F(SSLAdapterTestTLS_ECDSA, TestTLSConnectCustomCertVerifierFails) { |
| 455 | SetMockCertVerifier(/*return_value=*/false); |
| 456 | TestHandshake(/*expect_success=*/false); |
Torbjorn Granlund | b6d4ec4 | 2015-08-17 12:08:59 | [diff] [blame] | 457 | } |
| 458 | |
| 459 | // Test transfer between client and server, using RSA |
| 460 | TEST_F(SSLAdapterTestTLS_RSA, TestTLSTransfer) { |
| 461 | TestHandshake(true); |
| 462 | TestTransfer("Hello, world!"); |
| 463 | } |
| 464 | |
Benjamin Wright | 6e9c3df | 2018-05-22 23:11:56 | [diff] [blame] | 465 | // Test transfer between client and server, using RSA with custom cert verifier. |
| 466 | TEST_F(SSLAdapterTestTLS_RSA, TestTLSTransferCustomCertVerifier) { |
| 467 | SetMockCertVerifier(/*return_value=*/true); |
| 468 | TestHandshake(/*expect_success=*/true); |
| 469 | TestTransfer("Hello, world!"); |
| 470 | } |
| 471 | |
deadbeef | ed3b986 | 2017-06-02 17:33:16 | [diff] [blame] | 472 | TEST_F(SSLAdapterTestTLS_RSA, TestTLSTransferWithBlockedSocket) { |
| 473 | TestHandshake(true); |
| 474 | |
| 475 | // Tell the underlying socket to simulate being blocked. |
| 476 | vss_->SetSendingBlocked(true); |
| 477 | |
| 478 | std::string expected; |
| 479 | int rv; |
| 480 | // Send messages until the SSL socket adapter starts applying backpressure. |
| 481 | // Note that this may not occur immediately since there may be some amount of |
| 482 | // intermediate buffering (either in our code or in BoringSSL). |
| 483 | for (int i = 0; i < 1024; ++i) { |
| 484 | std::string message = "Hello, world: " + rtc::ToString(i); |
| 485 | rv = client_->Send(message); |
| 486 | if (rv != static_cast<int>(message.size())) { |
| 487 | // This test assumes either the whole message or none of it is sent. |
| 488 | ASSERT_EQ(-1, rv); |
| 489 | break; |
| 490 | } |
| 491 | expected += message; |
| 492 | } |
| 493 | // Assert that the loop above exited due to Send returning -1. |
| 494 | ASSERT_EQ(-1, rv); |
| 495 | |
| 496 | // Try sending another message while blocked. -1 should be returned again and |
| 497 | // it shouldn't end up received by the server later. |
| 498 | EXPECT_EQ(-1, client_->Send("Never sent")); |
| 499 | |
| 500 | // Unblock the underlying socket. All of the buffered messages should be sent |
| 501 | // without any further action. |
| 502 | vss_->SetSendingBlocked(false); |
| 503 | EXPECT_EQ_WAIT(expected, server_->GetReceivedData(), kTimeout); |
| 504 | |
| 505 | // Send another message. This previously wasn't working |
| 506 | std::string final_message = "Fin."; |
| 507 | expected += final_message; |
| 508 | EXPECT_EQ(static_cast<int>(final_message.size()), |
| 509 | client_->Send(final_message)); |
| 510 | EXPECT_EQ_WAIT(expected, server_->GetReceivedData(), kTimeout); |
| 511 | } |
| 512 | |
Torbjorn Granlund | b6d4ec4 | 2015-08-17 12:08:59 | [diff] [blame] | 513 | // Test transfer between client and server, using ECDSA |
| 514 | TEST_F(SSLAdapterTestTLS_ECDSA, TestTLSTransfer) { |
tkchin@webrtc.org | c569a49 | 2014-09-23 05:56:44 | [diff] [blame] | 515 | TestHandshake(true); |
| 516 | TestTransfer("Hello, world!"); |
| 517 | } |
| 518 | |
Benjamin Wright | 6e9c3df | 2018-05-22 23:11:56 | [diff] [blame] | 519 | // Test transfer between client and server, using ECDSA with custom cert |
| 520 | // verifier. |
| 521 | TEST_F(SSLAdapterTestTLS_ECDSA, TestTLSTransferCustomCertVerifier) { |
| 522 | SetMockCertVerifier(/*return_value=*/true); |
| 523 | TestHandshake(/*expect_success=*/true); |
| 524 | TestTransfer("Hello, world!"); |
| 525 | } |
| 526 | |
Diogo Real | 1dca9d5 | 2017-08-29 19:18:32 | [diff] [blame] | 527 | // Test transfer using ALPN with protos as h2 and http/1.1 |
| 528 | TEST_F(SSLAdapterTestTLS_ECDSA, TestTLSALPN) { |
| 529 | std::vector<std::string> alpn_protos{"h2", "http/1.1"}; |
| 530 | SetAlpnProtocols(alpn_protos); |
| 531 | TestHandshake(true); |
| 532 | TestTransfer("Hello, world!"); |
| 533 | } |
| 534 | |
Diogo Real | 7bd1f1b | 2017-09-08 19:50:41 | [diff] [blame] | 535 | // Test transfer with TLS Elliptic curves set to "X25519:P-256:P-384:P-521" |
| 536 | TEST_F(SSLAdapterTestTLS_ECDSA, TestTLSEllipticCurves) { |
| 537 | std::vector<std::string> elliptic_curves{"X25519", "P-256", "P-384", "P-521"}; |
| 538 | SetEllipticCurves(elliptic_curves); |
| 539 | TestHandshake(true); |
| 540 | TestTransfer("Hello, world!"); |
| 541 | } |
| 542 | |
pthatcher@webrtc.org | a9b1ec0 | 2014-12-29 23:00:14 | [diff] [blame] | 543 | // Basic tests: DTLS |
| 544 | |
Torbjorn Granlund | b6d4ec4 | 2015-08-17 12:08:59 | [diff] [blame] | 545 | // Test that handshake works, using RSA |
| 546 | TEST_F(SSLAdapterTestDTLS_RSA, TestDTLSConnect) { |
pthatcher@webrtc.org | a9b1ec0 | 2014-12-29 23:00:14 | [diff] [blame] | 547 | TestHandshake(true); |
| 548 | } |
| 549 | |
Benjamin Wright | 6e9c3df | 2018-05-22 23:11:56 | [diff] [blame] | 550 | // Test that handshake works with a custom verifier that returns true. DTLS_RSA. |
| 551 | TEST_F(SSLAdapterTestDTLS_RSA, TestDTLSConnectCustomCertVerifierSucceeds) { |
| 552 | SetMockCertVerifier(/*return_value=*/true); |
| 553 | TestHandshake(/*expect_success=*/true); |
| 554 | } |
| 555 | |
| 556 | // Test that handshake fails with a custom verifier that returns false. |
| 557 | // DTLS_RSA. |
| 558 | TEST_F(SSLAdapterTestDTLS_RSA, TestTLSConnectCustomCertVerifierFails) { |
| 559 | SetMockCertVerifier(/*return_value=*/false); |
| 560 | TestHandshake(/*expect_success=*/false); |
| 561 | } |
| 562 | |
Torbjorn Granlund | b6d4ec4 | 2015-08-17 12:08:59 | [diff] [blame] | 563 | // Test that handshake works, using ECDSA |
| 564 | TEST_F(SSLAdapterTestDTLS_ECDSA, TestDTLSConnect) { |
| 565 | TestHandshake(true); |
| 566 | } |
| 567 | |
Benjamin Wright | 6e9c3df | 2018-05-22 23:11:56 | [diff] [blame] | 568 | // Test that handshake works with a custom verifier that returns true. |
| 569 | // DTLS_ECDSA. |
| 570 | TEST_F(SSLAdapterTestDTLS_ECDSA, TestDTLSConnectCustomCertVerifierSucceeds) { |
| 571 | SetMockCertVerifier(/*return_value=*/true); |
| 572 | TestHandshake(/*expect_success=*/true); |
| 573 | } |
| 574 | |
| 575 | // Test that handshake fails with a custom verifier that returns false. |
| 576 | // DTLS_ECDSA. |
| 577 | TEST_F(SSLAdapterTestDTLS_ECDSA, TestTLSConnectCustomCertVerifierFails) { |
| 578 | SetMockCertVerifier(/*return_value=*/false); |
| 579 | TestHandshake(/*expect_success=*/false); |
| 580 | } |
| 581 | |
Torbjorn Granlund | b6d4ec4 | 2015-08-17 12:08:59 | [diff] [blame] | 582 | // Test transfer between client and server, using RSA |
| 583 | TEST_F(SSLAdapterTestDTLS_RSA, TestDTLSTransfer) { |
| 584 | TestHandshake(true); |
| 585 | TestTransfer("Hello, world!"); |
| 586 | } |
| 587 | |
Benjamin Wright | 6e9c3df | 2018-05-22 23:11:56 | [diff] [blame] | 588 | // Test transfer between client and server, using RSA with custom cert verifier. |
| 589 | TEST_F(SSLAdapterTestDTLS_RSA, TestDTLSTransferCustomCertVerifier) { |
| 590 | SetMockCertVerifier(/*return_value=*/true); |
| 591 | TestHandshake(/*expect_success=*/true); |
| 592 | TestTransfer("Hello, world!"); |
| 593 | } |
| 594 | |
Torbjorn Granlund | b6d4ec4 | 2015-08-17 12:08:59 | [diff] [blame] | 595 | // Test transfer between client and server, using ECDSA |
| 596 | TEST_F(SSLAdapterTestDTLS_ECDSA, TestDTLSTransfer) { |
pthatcher@webrtc.org | a9b1ec0 | 2014-12-29 23:00:14 | [diff] [blame] | 597 | TestHandshake(true); |
| 598 | TestTransfer("Hello, world!"); |
| 599 | } |
Benjamin Wright | 6e9c3df | 2018-05-22 23:11:56 | [diff] [blame] | 600 | |
| 601 | // Test transfer between client and server, using ECDSA with custom cert |
| 602 | // verifier. |
| 603 | TEST_F(SSLAdapterTestDTLS_ECDSA, TestDTLSTransferCustomCertVerifier) { |
| 604 | SetMockCertVerifier(/*return_value=*/true); |
| 605 | TestHandshake(/*expect_success=*/true); |
| 606 | TestTransfer("Hello, world!"); |
| 607 | } |