|  | /* | 
|  | *  Copyright 2011 The WebRTC Project Authors. All rights reserved. | 
|  | * | 
|  | *  Use of this source code is governed by a BSD-style license | 
|  | *  that can be found in the LICENSE file in the root of the source | 
|  | *  tree. An additional intellectual property rights grant can be found | 
|  | *  in the file PATENTS.  All contributing project authors may | 
|  | *  be found in the AUTHORS file in the root of the source tree. | 
|  | */ | 
|  |  | 
|  | #include "rtc_base/ssl_stream_adapter.h" | 
|  |  | 
|  | #include <openssl/evp.h> | 
|  | #include <openssl/sha.h> | 
|  |  | 
|  | #include <cstddef> | 
|  | #include <cstdint> | 
|  | #include <cstring> | 
|  | #include <ctime> | 
|  | #include <memory> | 
|  | #include <set> | 
|  | #include <string> | 
|  | #include <utility> | 
|  | #include <vector> | 
|  |  | 
|  | #include "absl/memory/memory.h" | 
|  | #include "absl/strings/string_view.h" | 
|  | #include "api/array_view.h" | 
|  | #include "api/sequence_checker.h" | 
|  | #include "api/task_queue/pending_task_safety_flag.h" | 
|  | #include "api/units/time_delta.h" | 
|  | #include "rtc_base/buffer_queue.h" | 
|  | #include "rtc_base/callback_list.h" | 
|  | #include "rtc_base/checks.h" | 
|  | #include "rtc_base/crypto_random.h" | 
|  | #include "rtc_base/fake_clock.h" | 
|  | #include "rtc_base/gunit.h" | 
|  | #include "rtc_base/logging.h" | 
|  | #include "rtc_base/memory/fifo_buffer.h" | 
|  | #include "rtc_base/memory_stream.h" | 
|  | #include "rtc_base/message_digest.h" | 
|  | #include "rtc_base/openssl_stream_adapter.h" | 
|  | #include "rtc_base/ssl_identity.h" | 
|  | #include "rtc_base/stream.h" | 
|  | #include "rtc_base/third_party/sigslot/sigslot.h" | 
|  | #include "rtc_base/thread.h" | 
|  | #include "rtc_base/time_utils.h" | 
|  | #include "test/field_trial.h" | 
|  | #include "test/gmock.h" | 
|  | #include "test/gtest.h" | 
|  |  | 
|  | using ::testing::Combine; | 
|  | using ::testing::NotNull; | 
|  | using ::testing::tuple; | 
|  | using ::testing::Values; | 
|  | using ::testing::WithParamInterface; | 
|  | using ::webrtc::SafeTask; | 
|  |  | 
|  | static const char kExporterLabel[] = "label"; | 
|  | static const unsigned char kExporterContext[] = "context"; | 
|  | static int kExporterContextLen = sizeof(kExporterContext); | 
|  |  | 
|  | // A private key used for testing, broken into pieces in order to avoid | 
|  | // issues with Git's checks for private keys in repos. | 
|  | // Generated using `openssl genrsa -out key.pem 2048` | 
|  | #define RSA_PRIVATE_KEY_HEADER "-----BEGIN RSA PRIVATE KEY-----\n" | 
|  |  | 
|  | static const char kRSA_PRIVATE_KEY_PEM[] = RSA_PRIVATE_KEY_HEADER | 
|  | "MIIEvgIBADANBgkqhkiG9w0BAQEFAASCBKgwggSkAgEAAoIBAQC4XOJ6agj673j+\n" | 
|  | "O8sEnPmhVkjDOd858shAa07kVdeRePlE+wU4GUTY0i5JdXF8cUQLTSdKfqsR7f8L\n" | 
|  | "jtxhehZk7+OQs5P1VsSQeotr2L0WFBNQZ+cSswLBHt4DjG9vyDJMELwPYkLO/EZw\n" | 
|  | "Q1HBgrSSHUHE9mRak2JQzxEqdnj2ssUs+K9kTkYLnzq86dMRGc+TA4TiVA4U065M\n" | 
|  | "lwSe95QMJ5OqYBwbNsVF6BTvdnkkNyizunfoGWB8m9gqYIdlmo3uT21OEnF40Pei\n" | 
|  | "K5CjvB29IpO6cPmNDR7+vwCy/IeGkXwzvICq/ZrocFNBR5Z4tSm003HX6BbIHtnj\n" | 
|  | "tvxVaIeFAgMBAAECggEADxQ3yOPh0qZiCsc4smqlZzr/rgoOdjajhtNQC1BzFnii\n" | 
|  | "yK/QTDeS4DoGo6b5roA0HMmFcGweUVPaM6eOYmGiMcTGI9hwPlWHs7p2K065nnPr\n" | 
|  | "ZXzuEyM1kzaTWY5zsdyZsot+2jJC/Rt4pmd3KSDn5HiEn9e4OwlJdgsNoB+7ApBW\n" | 
|  | "G8UmI9IUYic+xgS0IADJIYFx99bVmjLi7zshQAHVemn15v9GcBTCA7uojxX+FLmR\n" | 
|  | "i8nuqUcTqGemE6PaQiX9MahgHU7NJ/gLs9dEeX4tD+8KVkrH/RRbg43eEATkRo8D\n" | 
|  | "bO3JZ6MBwVNL6BU4hr+BViXEkHqBa9adoImIWHaLGQKBgQC4zlmHrDm9Ftb6fgsc\n" | 
|  | "KXbEphPF/fuw4FJrPXP+0kRvF8AGbGqesBksX/JJCo46jfehNNGHmKFZ7oKMsHbS\n" | 
|  | "yZp1/YZlg020ZLJkJz4GGPF1HgaxdV1L6TvIlofKWKKUEyi3RpMhq6w8hb/+mz/C\n" | 
|  | "KverTah0EkZjZWwSZa4lQjwCaQKBgQD/YtL6WXiduF94pfVz7MmEoBa00C0rPFaC\n" | 
|  | "5TOMVH+W2RbcGyVoPoLmwf1H2lN9v+wzaTRaPeHWs5MwQ4HDUbACXtGQ+I+6VNvo\n" | 
|  | "iEo23jIK0hYzFgRGSMK7E0Uj8oBuPdJjkpCM4qqr0p8UHrktUOD8kB3DjdJrbqLm\n" | 
|  | "q+9qAWzAvQKBgQCGR5EwDojphuXvnpPuA4bDvjSR4Uj3LRdVypI07o1A903UnQQf\n" | 
|  | "h67S2mhOgDf1/d+XJ6yzTMi4cqAzH6lG4au03eDAc9aLI7unIAhmH8uaIJYWbUO7\n" | 
|  | "+50v04iZEywWUZF9Ee+oQHfmhfyKQD3klJnew4+Jvxmb8T7EY1NUyTqXOQKBgQDM\n" | 
|  | "EpsGZBJm7dqUXQE7Zh5NtWMPjz5YyzlSFXbQjwD5eHW04phMqY8OeDs9fG+1D3Te\n" | 
|  | "TBYCemqJlytpqLf7bL4Z1szdbFHlkkO7l5S+LWWNkf0dS12VEDVTKf3Y0MHh1dLV\n" | 
|  | "sFuDyOiaro5hlH9if7uY9kxiZGSdZmYTr5Z7fbH6fQKBgF+NKzivaJKz0a7ZCFhR\n" | 
|  | "UfjvWrldeRzvyOiq+6nohTy3WNUZ+jSjwXZ7B4HGbHeaTBbsaNeO7aPGNe+Rt3Sr\n" | 
|  | "rj6EzpBKk60ukkg49c+X/Rski/RmRosovJv4YUHtafafjAzeMhfU/tdKvjM00p9x\n" | 
|  | "yf5MmWCNPsPfGsRZJpnYGvg3\n" | 
|  | "-----END RSA PRIVATE KEY-----\n"; | 
|  | #undef RSA_PRIVATE_KEY_HEADER | 
|  |  | 
|  | // Generated using | 
|  | // `openssl req -new -x509 -key key.pem -out cert.pem -days 365` | 
|  | // after setting the machine date to something that will ensure the | 
|  | // certificate is expired. | 
|  | static const char kCERT_PEM[] = | 
|  | "-----BEGIN CERTIFICATE-----\n" | 
|  | "MIIDjTCCAnWgAwIBAgIUTkCy4o8+4W/86RYmgWc8FEhWTzYwDQYJKoZIhvcNAQEL\n" | 
|  | "BQAwVjELMAkGA1UEBhMCQVUxEzARBgNVBAgMClNvbWUtU3RhdGUxITAfBgNVBAoM\n" | 
|  | "GEludGVybmV0IFdpZGdpdHMgUHR5IEx0ZDEPMA0GA1UEAwwGV2ViUlRDMB4XDTI0\n" | 
|  | "MDkwMzAwNTk0NloXDTI1MDkwMzAwNTk0NlowVjELMAkGA1UEBhMCQVUxEzARBgNV\n" | 
|  | "BAgMClNvbWUtU3RhdGUxITAfBgNVBAoMGEludGVybmV0IFdpZGdpdHMgUHR5IEx0\n" | 
|  | "ZDEPMA0GA1UEAwwGV2ViUlRDMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC\n" | 
|  | "AQEAuFziemoI+u94/jvLBJz5oVZIwznfOfLIQGtO5FXXkXj5RPsFOBlE2NIuSXVx\n" | 
|  | "fHFEC00nSn6rEe3/C47cYXoWZO/jkLOT9VbEkHqLa9i9FhQTUGfnErMCwR7eA4xv\n" | 
|  | "b8gyTBC8D2JCzvxGcENRwYK0kh1BxPZkWpNiUM8RKnZ49rLFLPivZE5GC586vOnT\n" | 
|  | "ERnPkwOE4lQOFNOuTJcEnveUDCeTqmAcGzbFRegU73Z5JDcos7p36BlgfJvYKmCH\n" | 
|  | "ZZqN7k9tThJxeND3oiuQo7wdvSKTunD5jQ0e/r8AsvyHhpF8M7yAqv2a6HBTQUeW\n" | 
|  | "eLUptNNx1+gWyB7Z47b8VWiHhQIDAQABo1MwUTAdBgNVHQ4EFgQUlZmkvo2n5ZEa\n" | 
|  | "B/GCnl8SMQr8G04wHwYDVR0jBBgwFoAUlZmkvo2n5ZEaB/GCnl8SMQr8G04wDwYD\n" | 
|  | "VR0TAQH/BAUwAwEB/zANBgkqhkiG9w0BAQsFAAOCAQEAnHDEEEOdPaujj3jVWDnk\n" | 
|  | "bxQYQXuymHr5oqIbGSNZaDiK1ZDwui6fywiUjQUgFipC4Gt3EvpEv8b/M9G4Kr3d\n" | 
|  | "ET1loApfl6dMRyRym8HydsF4rWs/KmUMpHEcgQzz6ehsX5kqQtStdsAxtTE2QkoY\n" | 
|  | "5YbQgTKQ0yrwsagKX8pWv0UmXQASJUa26h5H9YpNNfwHy5PZvQya0719qFd8r2EH\n" | 
|  | "JW67EJElwG5qE2N8DStPUjvVsydfbJflvRBjnf9IRuY9rGogeIOTkkkHAOyNWj3V\n" | 
|  | "3tZ0r8lKDpUSH6Z5fALuwfEQsWj1qZkZn2ysv1GzEJS2jhS/xPfzOqs8eLVi91lx\n" | 
|  | "1A==\n" | 
|  | "-----END CERTIFICATE-----\n"; | 
|  |  | 
|  | // Google GTS CA 1C3 certificate. Obtained from https://www.webrtc.org | 
|  | static const char kIntCert1[] = | 
|  | "-----BEGIN CERTIFICATE-----\n" | 
|  | "MIIFljCCA36gAwIBAgINAgO8U1lrNMcY9QFQZjANBgkqhkiG9w0BAQsFADBHMQsw\n" | 
|  | "CQYDVQQGEwJVUzEiMCAGA1UEChMZR29vZ2xlIFRydXN0IFNlcnZpY2VzIExMQzEU\n" | 
|  | "MBIGA1UEAxMLR1RTIFJvb3QgUjEwHhcNMjAwODEzMDAwMDQyWhcNMjcwOTMwMDAw\n" | 
|  | "MDQyWjBGMQswCQYDVQQGEwJVUzEiMCAGA1UEChMZR29vZ2xlIFRydXN0IFNlcnZp\n" | 
|  | "Y2VzIExMQzETMBEGA1UEAxMKR1RTIENBIDFDMzCCASIwDQYJKoZIhvcNAQEBBQAD\n" | 
|  | "ggEPADCCAQoCggEBAPWI3+dijB43+DdCkH9sh9D7ZYIl/ejLa6T/belaI+KZ9hzp\n" | 
|  | "kgOZE3wJCor6QtZeViSqejOEH9Hpabu5dOxXTGZok3c3VVP+ORBNtzS7XyV3NzsX\n" | 
|  | "lOo85Z3VvMO0Q+sup0fvsEQRY9i0QYXdQTBIkxu/t/bgRQIh4JZCF8/ZK2VWNAcm\n" | 
|  | "BA2o/X3KLu/qSHw3TT8An4Pf73WELnlXXPxXbhqW//yMmqaZviXZf5YsBvcRKgKA\n" | 
|  | "gOtjGDxQSYflispfGStZloEAoPtR28p3CwvJlk/vcEnHXG0g/Zm0tOLKLnf9LdwL\n" | 
|  | "tmsTDIwZKxeWmLnwi/agJ7u2441Rj72ux5uxiZ0CAwEAAaOCAYAwggF8MA4GA1Ud\n" | 
|  | "DwEB/wQEAwIBhjAdBgNVHSUEFjAUBggrBgEFBQcDAQYIKwYBBQUHAwIwEgYDVR0T\n" | 
|  | "AQH/BAgwBgEB/wIBADAdBgNVHQ4EFgQUinR/r4XN7pXNPZzQ4kYU83E1HScwHwYD\n" | 
|  | "VR0jBBgwFoAU5K8rJnEaK0gnhS9SZizv8IkTcT4waAYIKwYBBQUHAQEEXDBaMCYG\n" | 
|  | "CCsGAQUFBzABhhpodHRwOi8vb2NzcC5wa2kuZ29vZy9ndHNyMTAwBggrBgEFBQcw\n" | 
|  | "AoYkaHR0cDovL3BraS5nb29nL3JlcG8vY2VydHMvZ3RzcjEuZGVyMDQGA1UdHwQt\n" | 
|  | "MCswKaAnoCWGI2h0dHA6Ly9jcmwucGtpLmdvb2cvZ3RzcjEvZ3RzcjEuY3JsMFcG\n" | 
|  | "A1UdIARQME4wOAYKKwYBBAHWeQIFAzAqMCgGCCsGAQUFBwIBFhxodHRwczovL3Br\n" | 
|  | "aS5nb29nL3JlcG9zaXRvcnkvMAgGBmeBDAECATAIBgZngQwBAgIwDQYJKoZIhvcN\n" | 
|  | "AQELBQADggIBAIl9rCBcDDy+mqhXlRu0rvqrpXJxtDaV/d9AEQNMwkYUuxQkq/BQ\n" | 
|  | "cSLbrcRuf8/xam/IgxvYzolfh2yHuKkMo5uhYpSTld9brmYZCwKWnvy15xBpPnrL\n" | 
|  | "RklfRuFBsdeYTWU0AIAaP0+fbH9JAIFTQaSSIYKCGvGjRFsqUBITTcFTNvNCCK9U\n" | 
|  | "+o53UxtkOCcXCb1YyRt8OS1b887U7ZfbFAO/CVMkH8IMBHmYJvJh8VNS/UKMG2Yr\n" | 
|  | "PxWhu//2m+OBmgEGcYk1KCTd4b3rGS3hSMs9WYNRtHTGnXzGsYZbr8w0xNPM1IER\n" | 
|  | "lQCh9BIiAfq0g3GvjLeMcySsN1PCAJA/Ef5c7TaUEDu9Ka7ixzpiO2xj2YC/WXGs\n" | 
|  | "Yye5TBeg2vZzFb8q3o/zpWwygTMD0IZRcZk0upONXbVRWPeyk+gB9lm+cZv9TSjO\n" | 
|  | "z23HFtz30dZGm6fKa+l3D/2gthsjgx0QGtkJAITgRNOidSOzNIb2ILCkXhAd4FJG\n" | 
|  | "AJ2xDx8hcFH1mt0G/FX0Kw4zd8NLQsLxdxP8c4CU6x+7Nz/OAipmsHMdMqUybDKw\n" | 
|  | "juDEI/9bfU1lcKwrmz3O2+BtjjKAvpafkmO8l7tdufThcV4q5O8DIrGKZTqPwJNl\n" | 
|  | "1IXNDw9bg1kWRxYtnCQ6yICmJhSFm/Y3m6xv+cXDBlHz4n/FsRC6UfTd\n" | 
|  | "-----END CERTIFICATE-----\n"; | 
|  |  | 
|  | // Google GTS Root R1 certificate. Obtained from https://www.webrtc.org | 
|  | static const char kCACert[] = | 
|  | "-----BEGIN CERTIFICATE-----\n" | 
|  | "MIIFWjCCA0KgAwIBAgIQbkepxUtHDA3sM9CJuRz04TANBgkqhkiG9w0BAQwFADBH\n" | 
|  | "MQswCQYDVQQGEwJVUzEiMCAGA1UEChMZR29vZ2xlIFRydXN0IFNlcnZpY2VzIExM\n" | 
|  | "QzEUMBIGA1UEAxMLR1RTIFJvb3QgUjEwHhcNMTYwNjIyMDAwMDAwWhcNMzYwNjIy\n" | 
|  | "MDAwMDAwWjBHMQswCQYDVQQGEwJVUzEiMCAGA1UEChMZR29vZ2xlIFRydXN0IFNl\n" | 
|  | "cnZpY2VzIExMQzEUMBIGA1UEAxMLR1RTIFJvb3QgUjEwggIiMA0GCSqGSIb3DQEB\n" | 
|  | "AQUAA4ICDwAwggIKAoICAQC2EQKLHuOhd5s73L+UPreVp0A8of2C+X0yBoJx9vaM\n" | 
|  | "f/vo27xqLpeXo4xL+Sv2sfnOhB2x+cWX3u+58qPpvBKJXqeqUqv4IyfLpLGcY9vX\n" | 
|  | "mX7wCl7raKb0xlpHDU0QM+NOsROjyBhsS+z8CZDfnWQpJSMHobTSPS5g4M/SCYe7\n" | 
|  | "zUjwTcLCeoiKu7rPWRnWr4+wB7CeMfGCwcDfLqZtbBkOtdh+JhpFAz2weaSUKK0P\n" | 
|  | "fyblqAj+lug8aJRT7oM6iCsVlgmy4HqMLnXWnOunVmSPlk9orj2XwoSPwLxAwAtc\n" | 
|  | "vfaHszVsrBhQf4TgTM2S0yDpM7xSma8ytSmzJSq0SPly4cpk9+aCEI3oncKKiPo4\n" | 
|  | "Zor8Y/kB+Xj9e1x3+naH+uzfsQ55lVe0vSbv1gHR6xYKu44LtcXFilWr06zqkUsp\n" | 
|  | "zBmkMiVOKvFlRNACzqrOSbTqn3yDsEB750Orp2yjj32JgfpMpf/VjsPOS+C12LOO\n" | 
|  | "Rc92wO1AK/1TD7Cn1TsNsYqiA94xrcx36m97PtbfkSIS5r762DL8EGMUUXLeXdYW\n" | 
|  | "k70paDPvOmbsB4om3xPXV2V4J95eSRQAogB/mqghtqmxlbCluQ0WEdrHbEg8QOB+\n" | 
|  | "DVrNVjzRlwW5y0vtOUucxD/SVRNuJLDWcfr0wbrM7Rv1/oFB2ACYPTrIrnqYNxgF\n" | 
|  | "lQIDAQABo0IwQDAOBgNVHQ8BAf8EBAMCAQYwDwYDVR0TAQH/BAUwAwEB/zAdBgNV\n" | 
|  | "HQ4EFgQU5K8rJnEaK0gnhS9SZizv8IkTcT4wDQYJKoZIhvcNAQEMBQADggIBADiW\n" | 
|  | "Cu49tJYeX++dnAsznyvgyv3SjgofQXSlfKqE1OXyHuY3UjKcC9FhHb8owbZEKTV1\n" | 
|  | "d5iyfNm9dKyKaOOpMQkpAWBz40d8U6iQSifvS9efk+eCNs6aaAyC58/UEBZvXw6Z\n" | 
|  | "XPYfcX3v73svfuo21pdwCxXu11xWajOl40k4DLh9+42FpLFZXvRq4d2h9mREruZR\n" | 
|  | "gyFmxhE+885H7pwoHyXa/6xmld01D1zvICxi/ZG6qcz8WpyTgYMpl0p8WnK0OdC3\n" | 
|  | "d8t5/Wk6kjftbjhlRn7pYL15iJdfOBL07q9bgsiG1eGZbYwE8na6SfZu6W0eX6Dv\n" | 
|  | "J4J2QPim01hcDyxC2kLGe4g0x8HYRZvBPsVhHdljUEn2NIVq4BjFbkerQUIpm/Zg\n" | 
|  | "DdIx02OYI5NaAIFItO/Nis3Jz5nu2Z6qNuFoS3FJFDYoOj0dzpqPJeaAcWErtXvM\n" | 
|  | "+SUWgeExX6GjfhaknBZqlxi9dnKlC54dNuYvoS++cJEPqOba+MSSQGwlfnuzCdyy\n" | 
|  | "F62ARPBopY+Udf90WuioAnwMCeKpSwughQtiue+hMZL77/ZRBIls6Kl0obsXs7X9\n" | 
|  | "SQ98POyDGCBDTtWTurQ0sR8WNh8M5mQ5Fkzc4P4dyKliPUDqysU0ArSuiYgzNdws\n" | 
|  | "E3PYJ/HQcu51OyLemGhmW/HGY0dVHLqlCFF1pkgl\n" | 
|  | "-----END CERTIFICATE-----\n"; | 
|  |  | 
|  | class SSLStreamAdapterTestBase; | 
|  |  | 
|  | // StreamWrapper is a middle layer between `stream`, which supports a single | 
|  | // event callback, and test classes in this file that need that event forwarded | 
|  | // to them. I.e. this class wraps a `stream` object that it delegates all calls | 
|  | // to, but for the event callback, `StreamWrapper` additionally provides support | 
|  | // for forwarding event notifications to test classes that call | 
|  | // `SubscribeStreamEvent()`. | 
|  | // | 
|  | // This is needed because in this file, tests connect both client and server | 
|  | // streams (SSLDummyStream) to the same underlying `stream` objects | 
|  | // (see CreateClientStream() and CreateServerStream()). | 
|  | class StreamWrapper : public rtc::StreamInterface { | 
|  | public: | 
|  | explicit StreamWrapper(std::unique_ptr<rtc::StreamInterface> stream) | 
|  | : stream_(std::move(stream)) { | 
|  | stream_->SetEventCallback([this](int events, int err) { | 
|  | RTC_DCHECK_RUN_ON(&callback_sequence_); | 
|  | callbacks_.Send(events, err); | 
|  | FireEvent(events, err); | 
|  | }); | 
|  | } | 
|  |  | 
|  | template <typename F> | 
|  | void SubscribeStreamEvent(const void* removal_tag, F&& callback) { | 
|  | callbacks_.AddReceiver(removal_tag, std::forward<F>(callback)); | 
|  | } | 
|  |  | 
|  | void UnsubscribeStreamEvent(const void* removal_tag) { | 
|  | callbacks_.RemoveReceivers(removal_tag); | 
|  | } | 
|  |  | 
|  | rtc::StreamState GetState() const override { return stream_->GetState(); } | 
|  |  | 
|  | void Close() override { stream_->Close(); } | 
|  |  | 
|  | rtc::StreamResult Read(rtc::ArrayView<uint8_t> buffer, | 
|  | size_t& read, | 
|  | int& error) override { | 
|  | return stream_->Read(buffer, read, error); | 
|  | } | 
|  |  | 
|  | rtc::StreamResult Write(rtc::ArrayView<const uint8_t> data, | 
|  | size_t& written, | 
|  | int& error) override { | 
|  | return stream_->Write(data, written, error); | 
|  | } | 
|  |  | 
|  | private: | 
|  | const std::unique_ptr<rtc::StreamInterface> stream_; | 
|  | webrtc::CallbackList<int, int> callbacks_; | 
|  | }; | 
|  |  | 
|  | class SSLDummyStream final : public rtc::StreamInterface { | 
|  | public: | 
|  | SSLDummyStream(SSLStreamAdapterTestBase* test, | 
|  | absl::string_view side, | 
|  | StreamWrapper* in, | 
|  | StreamWrapper* out) | 
|  | : test_base_(test), side_(side), in_(in), out_(out), first_packet_(true) { | 
|  | RTC_CHECK(thread_); | 
|  | RTC_CHECK_NE(in, out); | 
|  | in_->SubscribeStreamEvent( | 
|  | this, [this](int events, int err) { OnEventIn(events, err); }); | 
|  | out_->SubscribeStreamEvent( | 
|  | this, [this](int events, int err) { OnEventOut(events, err); }); | 
|  | } | 
|  |  | 
|  | ~SSLDummyStream() override { | 
|  | in_->UnsubscribeStreamEvent(this); | 
|  | out_->UnsubscribeStreamEvent(this); | 
|  | } | 
|  |  | 
|  | rtc::StreamState GetState() const override { return rtc::SS_OPEN; } | 
|  |  | 
|  | rtc::StreamResult Read(rtc::ArrayView<uint8_t> buffer, | 
|  | size_t& read, | 
|  | int& error) override { | 
|  | rtc::StreamResult r; | 
|  |  | 
|  | r = in_->Read(buffer, read, error); | 
|  | if (r == rtc::SR_BLOCK) | 
|  | return rtc::SR_BLOCK; | 
|  | if (r == rtc::SR_EOS) | 
|  | return rtc::SR_EOS; | 
|  |  | 
|  | if (r != rtc::SR_SUCCESS) { | 
|  | ADD_FAILURE(); | 
|  | return rtc::SR_ERROR; | 
|  | } | 
|  |  | 
|  | return rtc::SR_SUCCESS; | 
|  | } | 
|  |  | 
|  | // Catch readability events on in and pass them up. | 
|  | void OnEventIn(int sig, int err) { | 
|  | int mask = (rtc::SE_READ | rtc::SE_CLOSE); | 
|  |  | 
|  | if (sig & mask) { | 
|  | RTC_LOG(LS_VERBOSE) << "SSLDummyStream::OnEventIn side=" << side_ | 
|  | << " sig=" << sig << " forwarding upward"; | 
|  | PostEvent(sig & mask, 0); | 
|  | } | 
|  | } | 
|  |  | 
|  | // Catch writeability events on out and pass them up. | 
|  | void OnEventOut(int sig, int err) { | 
|  | if (sig & rtc::SE_WRITE) { | 
|  | RTC_LOG(LS_VERBOSE) << "SSLDummyStream::OnEventOut side=" << side_ | 
|  | << " sig=" << sig << " forwarding upward"; | 
|  |  | 
|  | PostEvent(sig & rtc::SE_WRITE, 0); | 
|  | } | 
|  | } | 
|  |  | 
|  | // Write to the outgoing FifoBuffer | 
|  | rtc::StreamResult WriteData(rtc::ArrayView<const uint8_t> data, | 
|  | size_t& written, | 
|  | int& error) { | 
|  | return out_->Write(data, written, error); | 
|  | } | 
|  |  | 
|  | rtc::StreamResult Write(rtc::ArrayView<const uint8_t> data, | 
|  | size_t& written, | 
|  | int& error) override; | 
|  |  | 
|  | void Close() override { | 
|  | RTC_LOG(LS_INFO) << "Closing outbound stream"; | 
|  | out_->Close(); | 
|  | } | 
|  |  | 
|  | private: | 
|  | void PostEvent(int events, int err) { | 
|  | thread_->PostTask(SafeTask(task_safety_.flag(), [this, events, err]() { | 
|  | RTC_DCHECK_RUN_ON(&callback_sequence_); | 
|  | FireEvent(events, err); | 
|  | })); | 
|  | } | 
|  |  | 
|  | webrtc::ScopedTaskSafety task_safety_; | 
|  | rtc::Thread* const thread_ = rtc::Thread::Current(); | 
|  | SSLStreamAdapterTestBase* test_base_; | 
|  | const std::string side_; | 
|  | StreamWrapper* const in_; | 
|  | StreamWrapper* const out_; | 
|  | bool first_packet_; | 
|  | }; | 
|  |  | 
|  | class BufferQueueStream : public rtc::StreamInterface { | 
|  | public: | 
|  | BufferQueueStream(size_t capacity, size_t default_size) | 
|  | : buffer_(capacity, default_size) {} | 
|  |  | 
|  | // Implementation of abstract StreamInterface methods. | 
|  |  | 
|  | // A buffer queue stream is always "open". | 
|  | rtc::StreamState GetState() const override { return rtc::SS_OPEN; } | 
|  |  | 
|  | // Reading a buffer queue stream will either succeed or block. | 
|  | rtc::StreamResult Read(rtc::ArrayView<uint8_t> buffer, | 
|  | size_t& read, | 
|  | int& error) override { | 
|  | const bool was_writable = buffer_.is_writable(); | 
|  | if (!buffer_.ReadFront(buffer.data(), buffer.size(), &read)) | 
|  | return rtc::SR_BLOCK; | 
|  |  | 
|  | if (!was_writable) | 
|  | NotifyWritableForTest(); | 
|  |  | 
|  | return rtc::SR_SUCCESS; | 
|  | } | 
|  |  | 
|  | // Writing to a buffer queue stream will either succeed or block. | 
|  | rtc::StreamResult Write(rtc::ArrayView<const uint8_t> data, | 
|  | size_t& written, | 
|  | int& error) override { | 
|  | const bool was_readable = buffer_.is_readable(); | 
|  | if (!buffer_.WriteBack(data.data(), data.size(), &written)) | 
|  | return rtc::SR_BLOCK; | 
|  |  | 
|  | if (!was_readable) | 
|  | NotifyReadableForTest(); | 
|  |  | 
|  | return rtc::SR_SUCCESS; | 
|  | } | 
|  |  | 
|  | // A buffer queue stream can not be closed. | 
|  | void Close() override {} | 
|  |  | 
|  | protected: | 
|  | void NotifyReadableForTest() { PostEvent(rtc::SE_READ, 0); } | 
|  | void NotifyWritableForTest() { PostEvent(rtc::SE_WRITE, 0); } | 
|  |  | 
|  | private: | 
|  | void PostEvent(int events, int err) { | 
|  | thread_->PostTask(SafeTask(task_safety_.flag(), [this, events, err]() { | 
|  | RTC_DCHECK_RUN_ON(&callback_sequence_); | 
|  | FireEvent(events, err); | 
|  | })); | 
|  | } | 
|  |  | 
|  | rtc::Thread* const thread_ = rtc::Thread::Current(); | 
|  | webrtc::ScopedTaskSafety task_safety_; | 
|  | rtc::BufferQueue buffer_; | 
|  | }; | 
|  |  | 
|  | static const int kBufferCapacity = 1; | 
|  | static const size_t kDefaultBufferSize = 2048; | 
|  |  | 
|  | class SSLStreamAdapterTestBase : public ::testing::Test, | 
|  | public sigslot::has_slots<> { | 
|  | public: | 
|  | SSLStreamAdapterTestBase( | 
|  | absl::string_view client_cert_pem, | 
|  | absl::string_view client_private_key_pem, | 
|  | bool dtls, | 
|  | rtc::KeyParams client_key_type = rtc::KeyParams(rtc::KT_DEFAULT), | 
|  | rtc::KeyParams server_key_type = rtc::KeyParams(rtc::KT_DEFAULT), | 
|  | std::pair<std::string, size_t> digest = | 
|  | std::make_pair(rtc::DIGEST_SHA_256, SHA256_DIGEST_LENGTH)) | 
|  | : client_cert_pem_(client_cert_pem), | 
|  | client_private_key_pem_(client_private_key_pem), | 
|  | client_key_type_(client_key_type), | 
|  | server_key_type_(server_key_type), | 
|  | digest_algorithm_(digest.first), | 
|  | digest_length_(digest.second), | 
|  | delay_(0), | 
|  | mtu_(1460), | 
|  | loss_(0), | 
|  | lose_first_packet_(false), | 
|  | damage_(false), | 
|  | dtls_(dtls), | 
|  | handshake_wait_(5000), | 
|  | identities_set_(false) { | 
|  | // Set use of the test RNG to get predictable loss patterns. | 
|  | rtc::SetRandomTestMode(true); | 
|  | } | 
|  |  | 
|  | ~SSLStreamAdapterTestBase() override { | 
|  | // Put it back for the next test. | 
|  | rtc::SetRandomTestMode(false); | 
|  | } | 
|  |  | 
|  | void SetUp() override { | 
|  | InitializeClientAndServerStreams(); | 
|  |  | 
|  | std::unique_ptr<rtc::SSLIdentity> client_identity; | 
|  | if (!client_cert_pem_.empty() && !client_private_key_pem_.empty()) { | 
|  | client_identity = rtc::SSLIdentity::CreateFromPEMStrings( | 
|  | client_private_key_pem_, client_cert_pem_); | 
|  | } else { | 
|  | client_identity = rtc::SSLIdentity::Create("client", client_key_type_); | 
|  | } | 
|  | auto server_identity = rtc::SSLIdentity::Create("server", server_key_type_); | 
|  |  | 
|  | client_ssl_->SetIdentity(std::move(client_identity)); | 
|  | server_ssl_->SetIdentity(std::move(server_identity)); | 
|  | } | 
|  |  | 
|  | void TearDown() override { | 
|  | client_ssl_.reset(nullptr); | 
|  | server_ssl_.reset(nullptr); | 
|  | } | 
|  |  | 
|  | virtual std::unique_ptr<rtc::StreamInterface> CreateClientStream() = 0; | 
|  | virtual std::unique_ptr<rtc::StreamInterface> CreateServerStream() = 0; | 
|  |  | 
|  | void InitializeClientAndServerStreams( | 
|  | absl::string_view client_experiment = "", | 
|  | absl::string_view server_experiment = "") { | 
|  | // Note: `client_ssl_` and `server_ssl_` may be non-nullptr. | 
|  |  | 
|  | // The legacy TLS protocols flag is read when the OpenSSLStreamAdapter is | 
|  | // initialized, so we set the field trials while constructing the adapters. | 
|  | using webrtc::test::ScopedFieldTrials; | 
|  | { | 
|  | std::unique_ptr<ScopedFieldTrials> trial( | 
|  | client_experiment.empty() ? nullptr | 
|  | : new ScopedFieldTrials(client_experiment)); | 
|  | client_ssl_ = rtc::SSLStreamAdapter::Create(CreateClientStream()); | 
|  | } | 
|  | { | 
|  | std::unique_ptr<ScopedFieldTrials> trial( | 
|  | server_experiment.empty() ? nullptr | 
|  | : new ScopedFieldTrials(server_experiment)); | 
|  | server_ssl_ = rtc::SSLStreamAdapter::Create(CreateServerStream()); | 
|  | } | 
|  | client_ssl_->SetEventCallback( | 
|  | [this](int events, int err) { OnClientEvent(events, err); }); | 
|  | server_ssl_->SetEventCallback( | 
|  | [this](int events, int err) { OnServerEvent(events, err); }); | 
|  | } | 
|  |  | 
|  | // Recreate the client/server identities with the specified validity period. | 
|  | // `not_before` and `not_after` are offsets from the current time in number | 
|  | // of seconds. | 
|  | void ResetIdentitiesWithValidity(int not_before, int not_after) { | 
|  | InitializeClientAndServerStreams(); | 
|  |  | 
|  | time_t now = time(nullptr); | 
|  |  | 
|  | rtc::SSLIdentityParams client_params; | 
|  | client_params.key_params = rtc::KeyParams(rtc::KT_DEFAULT); | 
|  | client_params.common_name = "client"; | 
|  | client_params.not_before = now + not_before; | 
|  | client_params.not_after = now + not_after; | 
|  | auto client_identity = rtc::SSLIdentity::CreateForTest(client_params); | 
|  |  | 
|  | rtc::SSLIdentityParams server_params; | 
|  | server_params.key_params = rtc::KeyParams(rtc::KT_DEFAULT); | 
|  | server_params.common_name = "server"; | 
|  | server_params.not_before = now + not_before; | 
|  | server_params.not_after = now + not_after; | 
|  | auto server_identity = rtc::SSLIdentity::CreateForTest(server_params); | 
|  |  | 
|  | client_ssl_->SetIdentity(std::move(client_identity)); | 
|  | server_ssl_->SetIdentity(std::move(server_identity)); | 
|  | } | 
|  |  | 
|  | void SetPeerIdentitiesByDigest(bool correct, bool expect_success) { | 
|  | unsigned char server_digest[EVP_MAX_MD_SIZE]; | 
|  | size_t server_digest_len; | 
|  | unsigned char client_digest[EVP_MAX_MD_SIZE]; | 
|  | size_t client_digest_len; | 
|  | bool rv; | 
|  | rtc::SSLPeerCertificateDigestError err; | 
|  | rtc::SSLPeerCertificateDigestError expected_err = | 
|  | expect_success | 
|  | ? rtc::SSLPeerCertificateDigestError::NONE | 
|  | : rtc::SSLPeerCertificateDigestError::VERIFICATION_FAILED; | 
|  |  | 
|  | RTC_LOG(LS_INFO) << "Setting peer identities by digest"; | 
|  | RTC_DCHECK(server_identity()); | 
|  | RTC_DCHECK(client_identity()); | 
|  |  | 
|  | rv = server_identity()->certificate().ComputeDigest( | 
|  | digest_algorithm_, server_digest, digest_length_, &server_digest_len); | 
|  | ASSERT_TRUE(rv); | 
|  | rv = client_identity()->certificate().ComputeDigest( | 
|  | digest_algorithm_, client_digest, digest_length_, &client_digest_len); | 
|  | ASSERT_TRUE(rv); | 
|  |  | 
|  | if (!correct) { | 
|  | RTC_LOG(LS_INFO) << "Setting bogus digest for server cert"; | 
|  | server_digest[0]++; | 
|  | } | 
|  | rv = client_ssl_->SetPeerCertificateDigest(digest_algorithm_, server_digest, | 
|  | server_digest_len, &err); | 
|  | EXPECT_EQ(expected_err, err); | 
|  | EXPECT_EQ(expect_success, rv); | 
|  |  | 
|  | if (!correct) { | 
|  | RTC_LOG(LS_INFO) << "Setting bogus digest for client cert"; | 
|  | client_digest[0]++; | 
|  | } | 
|  | rv = server_ssl_->SetPeerCertificateDigest(digest_algorithm_, client_digest, | 
|  | client_digest_len, &err); | 
|  | EXPECT_EQ(expected_err, err); | 
|  | EXPECT_EQ(expect_success, rv); | 
|  |  | 
|  | identities_set_ = true; | 
|  | } | 
|  |  | 
|  | void SetupProtocolVersions(rtc::SSLProtocolVersion server_version, | 
|  | rtc::SSLProtocolVersion client_version) { | 
|  | server_ssl_->SetMaxProtocolVersion(server_version); | 
|  | client_ssl_->SetMaxProtocolVersion(client_version); | 
|  | } | 
|  |  | 
|  | void TestHandshake(bool expect_success = true) { | 
|  |  | 
|  | if (!dtls_) { | 
|  | // Make sure we simulate a reliable network for TLS. | 
|  | // This is just a check to make sure that people don't write wrong | 
|  | // tests. | 
|  | RTC_CHECK_EQ(1460, mtu_); | 
|  | RTC_CHECK(!loss_); | 
|  | RTC_CHECK(!lose_first_packet_); | 
|  | } | 
|  |  | 
|  | if (!identities_set_) | 
|  | SetPeerIdentitiesByDigest(true, true); | 
|  |  | 
|  | // Start the handshake | 
|  | int rv; | 
|  |  | 
|  | server_ssl_->SetServerRole(); | 
|  | rv = server_ssl_->StartSSL(); | 
|  | ASSERT_EQ(0, rv); | 
|  |  | 
|  | rv = client_ssl_->StartSSL(); | 
|  | ASSERT_EQ(0, rv); | 
|  |  | 
|  | // Now run the handshake | 
|  | if (expect_success) { | 
|  | EXPECT_TRUE_WAIT((client_ssl_->GetState() == rtc::SS_OPEN) && | 
|  | (server_ssl_->GetState() == rtc::SS_OPEN), | 
|  | handshake_wait_); | 
|  | } else { | 
|  | EXPECT_TRUE_WAIT(client_ssl_->GetState() == rtc::SS_CLOSED, | 
|  | handshake_wait_); | 
|  | } | 
|  | } | 
|  |  | 
|  | // This tests that we give up after 12 DTLS resends. | 
|  | // Only works for BoringSSL which allows advancing the fake clock. | 
|  | void TestHandshakeTimeout() { | 
|  | rtc::ScopedFakeClock clock; | 
|  | int64_t time_start = clock.TimeNanos(); | 
|  | webrtc::TimeDelta time_increment = webrtc::TimeDelta::Millis(1000); | 
|  |  | 
|  | if (!dtls_) { | 
|  | // Make sure we simulate a reliable network for TLS. | 
|  | // This is just a check to make sure that people don't write wrong | 
|  | // tests. | 
|  | RTC_CHECK_EQ(1460, mtu_); | 
|  | RTC_CHECK(!loss_); | 
|  | RTC_CHECK(!lose_first_packet_); | 
|  | } | 
|  |  | 
|  | if (!identities_set_) | 
|  | SetPeerIdentitiesByDigest(true, true); | 
|  |  | 
|  | // Start the handshake | 
|  | int rv; | 
|  |  | 
|  | server_ssl_->SetServerRole(); | 
|  | rv = server_ssl_->StartSSL(); | 
|  | ASSERT_EQ(0, rv); | 
|  |  | 
|  | rv = client_ssl_->StartSSL(); | 
|  | ASSERT_EQ(0, rv); | 
|  |  | 
|  | // Now wait for the handshake to timeout (or fail after an hour of simulated | 
|  | // time). | 
|  | while (client_ssl_->GetState() == rtc::SS_OPENING && | 
|  | (rtc::TimeDiff(clock.TimeNanos(), time_start) < | 
|  | 3600 * rtc::kNumNanosecsPerSec)) { | 
|  | EXPECT_TRUE_WAIT(!((client_ssl_->GetState() == rtc::SS_OPEN) && | 
|  | (server_ssl_->GetState() == rtc::SS_OPEN)), | 
|  | 1000); | 
|  | clock.AdvanceTime(time_increment); | 
|  | } | 
|  | EXPECT_EQ(client_ssl_->GetState(), rtc::SS_CLOSED); | 
|  | } | 
|  |  | 
|  | // This tests that the handshake can complete before the identity is verified, | 
|  | // and the identity will be verified after the fact. It also verifies that | 
|  | // packets can't be read or written before the identity has been verified. | 
|  | void TestHandshakeWithDelayedIdentity(bool valid_identity) { | 
|  | if (!dtls_) { | 
|  | // Make sure we simulate a reliable network for TLS. | 
|  | // This is just a check to make sure that people don't write wrong | 
|  | // tests. | 
|  | RTC_CHECK_EQ(1460, mtu_); | 
|  | RTC_CHECK(!loss_); | 
|  | RTC_CHECK(!lose_first_packet_); | 
|  | } | 
|  |  | 
|  | // Start the handshake | 
|  | server_ssl_->SetServerRole(); | 
|  | ASSERT_EQ(0, server_ssl_->StartSSL()); | 
|  | ASSERT_EQ(0, client_ssl_->StartSSL()); | 
|  |  | 
|  | // Now run the handshake. | 
|  | EXPECT_TRUE_WAIT( | 
|  | client_ssl_->IsTlsConnected() && server_ssl_->IsTlsConnected(), | 
|  | handshake_wait_); | 
|  |  | 
|  | // Until the identity has been verified, the state should still be | 
|  | // SS_OPENING and writes should return SR_BLOCK. | 
|  | EXPECT_EQ(rtc::SS_OPENING, client_ssl_->GetState()); | 
|  | EXPECT_EQ(rtc::SS_OPENING, server_ssl_->GetState()); | 
|  | uint8_t packet[1]; | 
|  | size_t sent; | 
|  | int error; | 
|  | EXPECT_EQ(rtc::SR_BLOCK, client_ssl_->Write(packet, sent, error)); | 
|  | EXPECT_EQ(rtc::SR_BLOCK, server_ssl_->Write(packet, sent, error)); | 
|  |  | 
|  | // Collect both of the certificate digests; needs to be done before calling | 
|  | // SetPeerCertificateDigest as that may reset the identity. | 
|  | unsigned char server_digest[EVP_MAX_MD_SIZE]; | 
|  | size_t server_digest_len; | 
|  | unsigned char client_digest[EVP_MAX_MD_SIZE]; | 
|  | size_t client_digest_len; | 
|  | bool rv; | 
|  |  | 
|  | ASSERT_THAT(server_identity(), NotNull()); | 
|  | rv = server_identity()->certificate().ComputeDigest( | 
|  | digest_algorithm_, server_digest, digest_length_, &server_digest_len); | 
|  | ASSERT_TRUE(rv); | 
|  |  | 
|  | ASSERT_THAT(client_identity(), NotNull()); | 
|  | rv = client_identity()->certificate().ComputeDigest( | 
|  | digest_algorithm_, client_digest, digest_length_, &client_digest_len); | 
|  | ASSERT_TRUE(rv); | 
|  |  | 
|  | if (!valid_identity) { | 
|  | RTC_LOG(LS_INFO) << "Setting bogus digest for client/server certs"; | 
|  | client_digest[0]++; | 
|  | server_digest[0]++; | 
|  | } | 
|  |  | 
|  | // Set the peer certificate digest for the client. | 
|  | rtc::SSLPeerCertificateDigestError err; | 
|  | rtc::SSLPeerCertificateDigestError expected_err = | 
|  | valid_identity | 
|  | ? rtc::SSLPeerCertificateDigestError::NONE | 
|  | : rtc::SSLPeerCertificateDigestError::VERIFICATION_FAILED; | 
|  | rv = client_ssl_->SetPeerCertificateDigest(digest_algorithm_, server_digest, | 
|  | server_digest_len, &err); | 
|  | EXPECT_EQ(expected_err, err); | 
|  | EXPECT_EQ(valid_identity, rv); | 
|  | // State should then transition to SS_OPEN or SS_CLOSED based on validation | 
|  | // of the identity. | 
|  | if (valid_identity) { | 
|  | EXPECT_EQ(rtc::SS_OPEN, client_ssl_->GetState()); | 
|  | // If the client sends a packet while the server still hasn't verified the | 
|  | // client identity, the server should continue to return SR_BLOCK. | 
|  | int error; | 
|  | EXPECT_EQ(rtc::SR_SUCCESS, client_ssl_->Write(packet, sent, error)); | 
|  | size_t read; | 
|  | EXPECT_EQ(rtc::SR_BLOCK, server_ssl_->Read(packet, read, error)); | 
|  | } else { | 
|  | EXPECT_EQ(rtc::SS_CLOSED, client_ssl_->GetState()); | 
|  | } | 
|  |  | 
|  | // Set the peer certificate digest for the server. | 
|  | rv = server_ssl_->SetPeerCertificateDigest(digest_algorithm_, client_digest, | 
|  | client_digest_len, &err); | 
|  | EXPECT_EQ(expected_err, err); | 
|  | EXPECT_EQ(valid_identity, rv); | 
|  | if (valid_identity) { | 
|  | EXPECT_EQ(rtc::SS_OPEN, server_ssl_->GetState()); | 
|  | } else { | 
|  | EXPECT_EQ(rtc::SS_CLOSED, server_ssl_->GetState()); | 
|  | } | 
|  | } | 
|  |  | 
|  | rtc::StreamResult DataWritten(SSLDummyStream* from, | 
|  | const void* data, | 
|  | size_t data_len, | 
|  | size_t& written, | 
|  | int& error) { | 
|  | // Randomly drop loss_ percent of packets | 
|  | if (rtc::CreateRandomId() % 100 < static_cast<uint32_t>(loss_)) { | 
|  | RTC_LOG(LS_VERBOSE) << "Randomly dropping packet, size=" << data_len; | 
|  | written = data_len; | 
|  | return rtc::SR_SUCCESS; | 
|  | } | 
|  | if (dtls_ && (data_len > mtu_)) { | 
|  | RTC_LOG(LS_VERBOSE) << "Dropping packet > mtu, size=" << data_len; | 
|  | written = data_len; | 
|  | return rtc::SR_SUCCESS; | 
|  | } | 
|  |  | 
|  | // Optionally damage application data (type 23). Note that we don't damage | 
|  | // handshake packets and we damage the last byte to keep the header | 
|  | // intact but break the MAC. | 
|  | if (damage_ && (*static_cast<const unsigned char*>(data) == 23)) { | 
|  | std::vector<uint8_t> buf(data_len); | 
|  |  | 
|  | RTC_LOG(LS_VERBOSE) << "Damaging packet"; | 
|  |  | 
|  | memcpy(&buf[0], data, data_len); | 
|  | buf[data_len - 1]++; | 
|  | return from->WriteData(rtc::MakeArrayView(&buf[0], data_len), written, | 
|  | error); | 
|  | } | 
|  |  | 
|  | return from->WriteData( | 
|  | rtc::MakeArrayView(reinterpret_cast<const uint8_t*>(data), data_len), | 
|  | written, error); | 
|  | } | 
|  |  | 
|  | void SetDelay(int delay) { delay_ = delay; } | 
|  | int GetDelay() { return delay_; } | 
|  |  | 
|  | void SetLoseFirstPacket(bool lose) { lose_first_packet_ = lose; } | 
|  | bool GetLoseFirstPacket() { return lose_first_packet_; } | 
|  |  | 
|  | void SetLoss(int percent) { loss_ = percent; } | 
|  |  | 
|  | void SetDamage() { damage_ = true; } | 
|  |  | 
|  | void SetMtu(size_t mtu) { mtu_ = mtu; } | 
|  |  | 
|  | void SetHandshakeWait(int wait) { handshake_wait_ = wait; } | 
|  |  | 
|  | void SetDtlsSrtpCryptoSuites(const std::vector<int>& ciphers, bool client) { | 
|  | if (client) | 
|  | client_ssl_->SetDtlsSrtpCryptoSuites(ciphers); | 
|  | else | 
|  | server_ssl_->SetDtlsSrtpCryptoSuites(ciphers); | 
|  | } | 
|  |  | 
|  | bool GetDtlsSrtpCryptoSuite(bool client, int* retval) { | 
|  | if (client) | 
|  | return client_ssl_->GetDtlsSrtpCryptoSuite(retval); | 
|  | else | 
|  | return server_ssl_->GetDtlsSrtpCryptoSuite(retval); | 
|  | } | 
|  |  | 
|  | std::unique_ptr<rtc::SSLCertificate> GetPeerCertificate(bool client) { | 
|  | std::unique_ptr<rtc::SSLCertChain> chain; | 
|  | if (client) | 
|  | chain = client_ssl_->GetPeerSSLCertChain(); | 
|  | else | 
|  | chain = server_ssl_->GetPeerSSLCertChain(); | 
|  | return (chain && chain->GetSize()) ? chain->Get(0).Clone() : nullptr; | 
|  | } | 
|  |  | 
|  | bool GetSslCipherSuite(bool client, int* retval) { | 
|  | if (client) | 
|  | return client_ssl_->GetSslCipherSuite(retval); | 
|  | else | 
|  | return server_ssl_->GetSslCipherSuite(retval); | 
|  | } | 
|  |  | 
|  | bool GetSslVersionBytes(bool client, int* version) { | 
|  | if (client) | 
|  | return client_ssl_->GetSslVersionBytes(version); | 
|  | else | 
|  | return server_ssl_->GetSslVersionBytes(version); | 
|  | } | 
|  |  | 
|  | bool ExportKeyingMaterial(absl::string_view label, | 
|  | const unsigned char* context, | 
|  | size_t context_len, | 
|  | bool use_context, | 
|  | bool client, | 
|  | unsigned char* result, | 
|  | size_t result_len) { | 
|  | if (client) | 
|  | return client_ssl_->ExportKeyingMaterial(label, context, context_len, | 
|  | use_context, result, result_len); | 
|  | else | 
|  | return server_ssl_->ExportKeyingMaterial(label, context, context_len, | 
|  | use_context, result, result_len); | 
|  | } | 
|  |  | 
|  | // To be implemented by subclasses. | 
|  | virtual void WriteData() = 0; | 
|  | virtual void ReadData(rtc::StreamInterface* stream) = 0; | 
|  | virtual void TestTransfer(int size) = 0; | 
|  |  | 
|  | private: | 
|  | void OnClientEvent(int sig, int err) { | 
|  | RTC_LOG(LS_VERBOSE) << "SSLStreamAdapterTestBase::OnClientEvent sig=" | 
|  | << sig; | 
|  |  | 
|  | if (sig & rtc::SE_READ) { | 
|  | ReadData(client_ssl_.get()); | 
|  | } | 
|  |  | 
|  | if (sig & rtc::SE_WRITE) { | 
|  | WriteData(); | 
|  | } | 
|  | } | 
|  |  | 
|  | void OnServerEvent(int sig, int err) { | 
|  | RTC_LOG(LS_VERBOSE) << "SSLStreamAdapterTestBase::OnServerEvent sig=" | 
|  | << sig; | 
|  | if (sig & rtc::SE_READ) { | 
|  | ReadData(server_ssl_.get()); | 
|  | } | 
|  | } | 
|  |  | 
|  | protected: | 
|  | rtc::SSLIdentity* client_identity() const { | 
|  | if (!client_ssl_) { | 
|  | return nullptr; | 
|  | } | 
|  | return client_ssl_->GetIdentityForTesting(); | 
|  | } | 
|  | rtc::SSLIdentity* server_identity() const { | 
|  | if (!server_ssl_) { | 
|  | return nullptr; | 
|  | } | 
|  | return server_ssl_->GetIdentityForTesting(); | 
|  | } | 
|  |  | 
|  | rtc::AutoThread main_thread_; | 
|  | std::string client_cert_pem_; | 
|  | std::string client_private_key_pem_; | 
|  | rtc::KeyParams client_key_type_; | 
|  | rtc::KeyParams server_key_type_; | 
|  | std::string digest_algorithm_; | 
|  | size_t digest_length_; | 
|  | std::unique_ptr<rtc::SSLStreamAdapter> client_ssl_; | 
|  | std::unique_ptr<rtc::SSLStreamAdapter> server_ssl_; | 
|  | int delay_; | 
|  | size_t mtu_; | 
|  | int loss_; | 
|  | bool lose_first_packet_; | 
|  | bool damage_; | 
|  | bool dtls_; | 
|  | int handshake_wait_; | 
|  | bool identities_set_; | 
|  | }; | 
|  |  | 
|  | class SSLStreamAdapterTestDTLSBase : public SSLStreamAdapterTestBase { | 
|  | public: | 
|  | SSLStreamAdapterTestDTLSBase(rtc::KeyParams param1, | 
|  | rtc::KeyParams param2, | 
|  | std::pair<std::string, size_t> digest) | 
|  | : SSLStreamAdapterTestBase("", "", true, param1, param2, digest), | 
|  | packet_size_(1000), | 
|  | count_(0), | 
|  | sent_(0) {} | 
|  |  | 
|  | SSLStreamAdapterTestDTLSBase(absl::string_view cert_pem, | 
|  | absl::string_view private_key_pem) | 
|  | : SSLStreamAdapterTestBase(cert_pem, private_key_pem, true), | 
|  | packet_size_(1000), | 
|  | count_(0), | 
|  | sent_(0) {} | 
|  |  | 
|  | std::unique_ptr<rtc::StreamInterface> CreateClientStream() override final { | 
|  | return absl::WrapUnique( | 
|  | new SSLDummyStream(this, "c2s", &client_buffer_, &server_buffer_)); | 
|  | } | 
|  |  | 
|  | std::unique_ptr<rtc::StreamInterface> CreateServerStream() override final { | 
|  | return absl::WrapUnique( | 
|  | new SSLDummyStream(this, "s2c", &server_buffer_, &client_buffer_)); | 
|  | } | 
|  |  | 
|  | void WriteData() override { | 
|  | uint8_t* packet = new uint8_t[1600]; | 
|  |  | 
|  | while (sent_ < count_) { | 
|  | unsigned int rand_state = sent_; | 
|  | packet[0] = sent_; | 
|  | for (size_t i = 1; i < packet_size_; i++) { | 
|  | // This is a simple LC PRNG.  Keep in synch with identical code below. | 
|  | rand_state = (rand_state * 251 + 19937) >> 7; | 
|  | packet[i] = rand_state & 0xff; | 
|  | } | 
|  |  | 
|  | size_t sent; | 
|  | int error; | 
|  | rtc::StreamResult rv = client_ssl_->Write( | 
|  | rtc::MakeArrayView(packet, packet_size_), sent, error); | 
|  | if (rv == rtc::SR_SUCCESS) { | 
|  | RTC_LOG(LS_VERBOSE) << "Sent: " << sent_; | 
|  | sent_++; | 
|  | } else if (rv == rtc::SR_BLOCK) { | 
|  | RTC_LOG(LS_VERBOSE) << "Blocked..."; | 
|  | break; | 
|  | } else { | 
|  | ADD_FAILURE(); | 
|  | break; | 
|  | } | 
|  | } | 
|  |  | 
|  | delete[] packet; | 
|  | } | 
|  |  | 
|  | void ReadData(rtc::StreamInterface* stream) override final { | 
|  | uint8_t buffer[2000]; | 
|  | size_t bread; | 
|  | int err2; | 
|  | rtc::StreamResult r; | 
|  |  | 
|  | for (;;) { | 
|  | r = stream->Read(buffer, bread, err2); | 
|  |  | 
|  | if (r == rtc::SR_ERROR) { | 
|  | // Unfortunately, errors are the way that the stream adapter | 
|  | // signals close right now | 
|  | stream->Close(); | 
|  | return; | 
|  | } | 
|  |  | 
|  | if (r == rtc::SR_BLOCK) | 
|  | break; | 
|  |  | 
|  | ASSERT_EQ(rtc::SR_SUCCESS, r); | 
|  | RTC_LOG(LS_VERBOSE) << "Read " << bread; | 
|  |  | 
|  | // Now parse the datagram | 
|  | ASSERT_EQ(packet_size_, bread); | 
|  | unsigned char packet_num = buffer[0]; | 
|  |  | 
|  | unsigned int rand_state = packet_num; | 
|  | for (size_t i = 1; i < packet_size_; i++) { | 
|  | // This is a simple LC PRNG.  Keep in synch with identical code above. | 
|  | rand_state = (rand_state * 251 + 19937) >> 7; | 
|  | ASSERT_EQ(rand_state & 0xff, buffer[i]); | 
|  | } | 
|  | received_.insert(packet_num); | 
|  | } | 
|  | } | 
|  |  | 
|  | void TestTransfer(int count) override { | 
|  | count_ = count; | 
|  |  | 
|  | WriteData(); | 
|  |  | 
|  | EXPECT_TRUE_WAIT(sent_ == count_, 10000); | 
|  | RTC_LOG(LS_INFO) << "sent_ == " << sent_; | 
|  |  | 
|  | if (damage_) { | 
|  | WAIT(false, 2000); | 
|  | EXPECT_EQ(0U, received_.size()); | 
|  | } else if (loss_ == 0) { | 
|  | EXPECT_EQ_WAIT(static_cast<size_t>(sent_), received_.size(), 1000); | 
|  | } else { | 
|  | RTC_LOG(LS_INFO) << "Sent " << sent_ << " packets; received " | 
|  | << received_.size(); | 
|  | } | 
|  | } | 
|  |  | 
|  | protected: | 
|  | StreamWrapper client_buffer_{ | 
|  | std::make_unique<BufferQueueStream>(kBufferCapacity, kDefaultBufferSize)}; | 
|  | StreamWrapper server_buffer_{ | 
|  | std::make_unique<BufferQueueStream>(kBufferCapacity, kDefaultBufferSize)}; | 
|  |  | 
|  | private: | 
|  | size_t packet_size_; | 
|  | int count_; | 
|  | int sent_; | 
|  | std::set<int> received_; | 
|  | }; | 
|  |  | 
|  | rtc::StreamResult SSLDummyStream::Write(rtc::ArrayView<const uint8_t> data, | 
|  | size_t& written, | 
|  | int& error) { | 
|  | RTC_LOG(LS_VERBOSE) << "Writing to loopback " << data.size(); | 
|  |  | 
|  | if (first_packet_) { | 
|  | first_packet_ = false; | 
|  | if (test_base_->GetLoseFirstPacket()) { | 
|  | RTC_LOG(LS_INFO) << "Losing initial packet of length " << data.size(); | 
|  | written = data.size();  // Fake successful writing also to writer. | 
|  | return rtc::SR_SUCCESS; | 
|  | } | 
|  | } | 
|  |  | 
|  | return test_base_->DataWritten(this, data.data(), data.size(), written, | 
|  | error); | 
|  | } | 
|  |  | 
|  | // Test fixture for certificate chaining. Server will push more than one | 
|  | // certificate. Note: these tests use RSA keys and SHA1 digests. | 
|  | class SSLStreamAdapterTestDTLSCertChain : public SSLStreamAdapterTestDTLSBase { | 
|  | public: | 
|  | SSLStreamAdapterTestDTLSCertChain() : SSLStreamAdapterTestDTLSBase("", "") {} | 
|  | void SetUp() override { | 
|  | InitializeClientAndServerStreams(); | 
|  | // These tests apparently need a longer DTLS timeout due to the larger | 
|  | // handshake. If the client triggers a resend before the handshake is | 
|  | // complete, the handshake fails. | 
|  | client_ssl_->SetInitialRetransmissionTimeout(/*timeout_ms=*/1000); | 
|  | server_ssl_->SetInitialRetransmissionTimeout(/*timeout_ms=*/1000); | 
|  |  | 
|  | std::unique_ptr<rtc::SSLIdentity> client_identity; | 
|  | if (!client_cert_pem_.empty() && !client_private_key_pem_.empty()) { | 
|  | client_identity = rtc::SSLIdentity::CreateFromPEMStrings( | 
|  | client_private_key_pem_, client_cert_pem_); | 
|  | } else { | 
|  | client_identity = rtc::SSLIdentity::Create("client", client_key_type_); | 
|  | } | 
|  |  | 
|  | client_ssl_->SetIdentity(std::move(client_identity)); | 
|  | } | 
|  | }; | 
|  |  | 
|  | TEST_F(SSLStreamAdapterTestDTLSCertChain, TwoCertHandshake) { | 
|  | auto server_identity = rtc::SSLIdentity::CreateFromPEMChainStrings( | 
|  | kRSA_PRIVATE_KEY_PEM, std::string(kCERT_PEM) + kCACert); | 
|  | server_ssl_->SetIdentity(std::move(server_identity)); | 
|  | TestHandshake(); | 
|  | std::unique_ptr<rtc::SSLCertChain> peer_cert_chain = | 
|  | client_ssl_->GetPeerSSLCertChain(); | 
|  | ASSERT_NE(nullptr, peer_cert_chain); | 
|  | EXPECT_EQ(kCERT_PEM, peer_cert_chain->Get(0).ToPEMString()); | 
|  | // TODO(bugs.webrtc.org/15153): Fix peer_cert_chain to return multiple | 
|  | // certificates under OpenSSL. Today it only works with BoringSSL. | 
|  | #ifdef OPENSSL_IS_BORINGSSL | 
|  | ASSERT_EQ(2u, peer_cert_chain->GetSize()); | 
|  | EXPECT_EQ(kCACert, peer_cert_chain->Get(1).ToPEMString()); | 
|  | #endif | 
|  | } | 
|  |  | 
|  | TEST_F(SSLStreamAdapterTestDTLSCertChain, TwoCertHandshakeWithCopy) { | 
|  | server_ssl_->SetIdentity(rtc::SSLIdentity::CreateFromPEMChainStrings( | 
|  | kRSA_PRIVATE_KEY_PEM, std::string(kCERT_PEM) + kCACert)); | 
|  | TestHandshake(); | 
|  | std::unique_ptr<rtc::SSLCertChain> peer_cert_chain = | 
|  | client_ssl_->GetPeerSSLCertChain(); | 
|  | ASSERT_NE(nullptr, peer_cert_chain); | 
|  | EXPECT_EQ(kCERT_PEM, peer_cert_chain->Get(0).ToPEMString()); | 
|  | // TODO(bugs.webrtc.org/15153): Fix peer_cert_chain to return multiple | 
|  | // certificates under OpenSSL. Today it only works with BoringSSL. | 
|  | #ifdef OPENSSL_IS_BORINGSSL | 
|  | ASSERT_EQ(2u, peer_cert_chain->GetSize()); | 
|  | EXPECT_EQ(kCACert, peer_cert_chain->Get(1).ToPEMString()); | 
|  | #endif | 
|  | } | 
|  |  | 
|  | TEST_F(SSLStreamAdapterTestDTLSCertChain, ThreeCertHandshake) { | 
|  | server_ssl_->SetIdentity(rtc::SSLIdentity::CreateFromPEMChainStrings( | 
|  | kRSA_PRIVATE_KEY_PEM, std::string(kCERT_PEM) + kIntCert1 + kCACert)); | 
|  | TestHandshake(); | 
|  | std::unique_ptr<rtc::SSLCertChain> peer_cert_chain = | 
|  | client_ssl_->GetPeerSSLCertChain(); | 
|  | ASSERT_NE(nullptr, peer_cert_chain); | 
|  | EXPECT_EQ(kCERT_PEM, peer_cert_chain->Get(0).ToPEMString()); | 
|  | // TODO(bugs.webrtc.org/15153): Fix peer_cert_chain to return multiple | 
|  | // certificates under OpenSSL. Today it only works with BoringSSL. | 
|  | #ifdef OPENSSL_IS_BORINGSSL | 
|  | ASSERT_EQ(3u, peer_cert_chain->GetSize()); | 
|  | EXPECT_EQ(kIntCert1, peer_cert_chain->Get(1).ToPEMString()); | 
|  | EXPECT_EQ(kCACert, peer_cert_chain->Get(2).ToPEMString()); | 
|  | #endif | 
|  | } | 
|  |  | 
|  | class SSLStreamAdapterTestDTLSHandshake | 
|  | : public SSLStreamAdapterTestDTLSBase, | 
|  | public WithParamInterface<tuple<rtc::KeyParams, | 
|  | rtc::KeyParams, | 
|  | std::pair<std::string, size_t>>> { | 
|  | public: | 
|  | SSLStreamAdapterTestDTLSHandshake() | 
|  | : SSLStreamAdapterTestDTLSBase(::testing::get<0>(GetParam()), | 
|  | ::testing::get<1>(GetParam()), | 
|  | ::testing::get<2>(GetParam())) {} | 
|  | }; | 
|  |  | 
|  | // Test that we can make a handshake work with different parameters. | 
|  | TEST_P(SSLStreamAdapterTestDTLSHandshake, TestDTLSConnect) { | 
|  | TestHandshake(); | 
|  | } | 
|  |  | 
|  | // Test getting the used DTLS ciphers. | 
|  | // DTLS 1.2 is max version for client and server. | 
|  | TEST_P(SSLStreamAdapterTestDTLSHandshake, TestGetSslCipherSuite) { | 
|  | SetupProtocolVersions(rtc::SSL_PROTOCOL_DTLS_12, rtc::SSL_PROTOCOL_DTLS_12); | 
|  | TestHandshake(); | 
|  |  | 
|  | int client_cipher; | 
|  | ASSERT_TRUE(GetSslCipherSuite(true, &client_cipher)); | 
|  | int server_cipher; | 
|  | ASSERT_TRUE(GetSslCipherSuite(false, &server_cipher)); | 
|  |  | 
|  | ASSERT_EQ(client_cipher, server_cipher); | 
|  | ASSERT_TRUE(rtc::SSLStreamAdapter::IsAcceptableCipher( | 
|  | server_cipher, ::testing::get<1>(GetParam()).type())); | 
|  | } | 
|  |  | 
|  | // Test different key sizes with SHA-256, then different signature algorithms | 
|  | // with ECDSA. | 
|  | INSTANTIATE_TEST_SUITE_P( | 
|  | SSLStreamAdapterTestDTLSHandshakeKeyParameters, | 
|  | SSLStreamAdapterTestDTLSHandshake, | 
|  | Combine(Values(rtc::KeyParams::RSA(rtc::kRsaDefaultModSize, | 
|  | rtc::kRsaDefaultExponent), | 
|  | rtc::KeyParams::RSA(2 * 1152, rtc::kRsaDefaultExponent), | 
|  | rtc::KeyParams::ECDSA(rtc::EC_NIST_P256)), | 
|  | Values(rtc::KeyParams::RSA(rtc::kRsaDefaultModSize, | 
|  | rtc::kRsaDefaultExponent), | 
|  | rtc::KeyParams::RSA(2 * 1152, rtc::kRsaDefaultExponent), | 
|  | rtc::KeyParams::ECDSA(rtc::EC_NIST_P256)), | 
|  | Values(std::make_pair(rtc::DIGEST_SHA_256, SHA256_DIGEST_LENGTH)))); | 
|  |  | 
|  | INSTANTIATE_TEST_SUITE_P( | 
|  | SSLStreamAdapterTestDTLSHandshakeSignatureAlgorithms, | 
|  | SSLStreamAdapterTestDTLSHandshake, | 
|  | Combine(Values(rtc::KeyParams::ECDSA(rtc::EC_NIST_P256)), | 
|  | Values(rtc::KeyParams::ECDSA(rtc::EC_NIST_P256)), | 
|  | Values(std::make_pair(rtc::DIGEST_SHA_1, SHA_DIGEST_LENGTH), | 
|  | std::make_pair(rtc::DIGEST_SHA_224, SHA224_DIGEST_LENGTH), | 
|  | std::make_pair(rtc::DIGEST_SHA_256, SHA256_DIGEST_LENGTH), | 
|  | std::make_pair(rtc::DIGEST_SHA_384, SHA384_DIGEST_LENGTH), | 
|  | std::make_pair(rtc::DIGEST_SHA_512, SHA512_DIGEST_LENGTH)))); | 
|  |  | 
|  | // Basic tests done with ECDSA certificates and SHA-256. | 
|  | class SSLStreamAdapterTestDTLS : public SSLStreamAdapterTestDTLSBase { | 
|  | public: | 
|  | SSLStreamAdapterTestDTLS() | 
|  | : SSLStreamAdapterTestDTLSBase( | 
|  | rtc::KeyParams::ECDSA(rtc::EC_NIST_P256), | 
|  | rtc::KeyParams::ECDSA(rtc::EC_NIST_P256), | 
|  | std::make_pair(rtc::DIGEST_SHA_256, SHA256_DIGEST_LENGTH)) {} | 
|  | }; | 
|  |  | 
|  | // Test that we can make a handshake work if the first packet in | 
|  | // each direction is lost. This gives us predictable loss | 
|  | // rather than having to tune random | 
|  | TEST_F(SSLStreamAdapterTestDTLS, TestDTLSConnectWithLostFirstPacket) { | 
|  | SetLoseFirstPacket(true); | 
|  | TestHandshake(); | 
|  | } | 
|  |  | 
|  | // Test a handshake with loss and delay | 
|  | TEST_F(SSLStreamAdapterTestDTLS, TestDTLSConnectWithLostFirstPacketDelay2s) { | 
|  | SetLoseFirstPacket(true); | 
|  | SetDelay(2000); | 
|  | SetHandshakeWait(20000); | 
|  | TestHandshake(); | 
|  | } | 
|  |  | 
|  | // Test a handshake with small MTU | 
|  | // Disabled due to https://code.google.com/p/webrtc/issues/detail?id=3910 | 
|  | TEST_F(SSLStreamAdapterTestDTLS, DISABLED_TestDTLSConnectWithSmallMtu) { | 
|  | SetMtu(700); | 
|  | SetHandshakeWait(20000); | 
|  | TestHandshake(); | 
|  | } | 
|  |  | 
|  | // Test a handshake with total loss and timing out. | 
|  | // Only works in BoringSSL. | 
|  | #ifdef OPENSSL_IS_BORINGSSL | 
|  | #define MAYBE_TestDTLSConnectTimeout TestDTLSConnectTimeout | 
|  | #else | 
|  | #define MAYBE_TestDTLSConnectTimeout DISABLED_TestDTLSConnectTimeout | 
|  | #endif | 
|  | TEST_F(SSLStreamAdapterTestDTLS, MAYBE_TestDTLSConnectTimeout) { | 
|  | SetLoss(100); | 
|  | TestHandshakeTimeout(); | 
|  | } | 
|  |  | 
|  | // Test transfer -- trivial | 
|  | TEST_F(SSLStreamAdapterTestDTLS, TestDTLSTransfer) { | 
|  | TestHandshake(); | 
|  | TestTransfer(100); | 
|  | } | 
|  |  | 
|  | TEST_F(SSLStreamAdapterTestDTLS, TestDTLSTransferWithLoss) { | 
|  | TestHandshake(); | 
|  | SetLoss(10); | 
|  | TestTransfer(100); | 
|  | } | 
|  |  | 
|  | TEST_F(SSLStreamAdapterTestDTLS, TestDTLSTransferWithDamage) { | 
|  | SetDamage();  // Must be called first because first packet | 
|  | // write happens at end of handshake. | 
|  | TestHandshake(); | 
|  | TestTransfer(100); | 
|  | } | 
|  |  | 
|  | TEST_F(SSLStreamAdapterTestDTLS, TestDTLSDelayedIdentity) { | 
|  | TestHandshakeWithDelayedIdentity(true); | 
|  | } | 
|  |  | 
|  | TEST_F(SSLStreamAdapterTestDTLS, TestDTLSDelayedIdentityWithBogusDigest) { | 
|  | TestHandshakeWithDelayedIdentity(false); | 
|  | } | 
|  |  | 
|  | // Test DTLS-SRTP with SrtpAes128CmSha1_80 | 
|  | TEST_F(SSLStreamAdapterTestDTLS, TestDTLSSrtpAes128CmSha1_80) { | 
|  | const std::vector<int> crypto_suites = {rtc::kSrtpAes128CmSha1_80}; | 
|  | SetDtlsSrtpCryptoSuites(crypto_suites, true); | 
|  | SetDtlsSrtpCryptoSuites(crypto_suites, false); | 
|  | TestHandshake(); | 
|  |  | 
|  | int client_cipher; | 
|  | ASSERT_TRUE(GetDtlsSrtpCryptoSuite(true, &client_cipher)); | 
|  | int server_cipher; | 
|  | ASSERT_TRUE(GetDtlsSrtpCryptoSuite(false, &server_cipher)); | 
|  |  | 
|  | ASSERT_EQ(client_cipher, server_cipher); | 
|  | ASSERT_EQ(client_cipher, rtc::kSrtpAes128CmSha1_80); | 
|  | } | 
|  |  | 
|  | // Test DTLS-SRTP with SrtpAes128CmSha1_32 | 
|  | TEST_F(SSLStreamAdapterTestDTLS, TestDTLSSrtpAes128CmSha1_32) { | 
|  | const std::vector<int> crypto_suites = {rtc::kSrtpAes128CmSha1_32}; | 
|  | SetDtlsSrtpCryptoSuites(crypto_suites, true); | 
|  | SetDtlsSrtpCryptoSuites(crypto_suites, false); | 
|  | TestHandshake(); | 
|  |  | 
|  | int client_cipher; | 
|  | ASSERT_TRUE(GetDtlsSrtpCryptoSuite(true, &client_cipher)); | 
|  | int server_cipher; | 
|  | ASSERT_TRUE(GetDtlsSrtpCryptoSuite(false, &server_cipher)); | 
|  |  | 
|  | ASSERT_EQ(client_cipher, server_cipher); | 
|  | ASSERT_EQ(client_cipher, rtc::kSrtpAes128CmSha1_32); | 
|  | } | 
|  |  | 
|  | // Test DTLS-SRTP with incompatible cipher suites -- should not converge. | 
|  | TEST_F(SSLStreamAdapterTestDTLS, TestDTLSSrtpIncompatibleCipherSuites) { | 
|  | SetDtlsSrtpCryptoSuites({rtc::kSrtpAes128CmSha1_80}, true); | 
|  | SetDtlsSrtpCryptoSuites({rtc::kSrtpAes128CmSha1_32}, false); | 
|  | TestHandshake(); | 
|  |  | 
|  | int client_cipher; | 
|  | ASSERT_FALSE(GetDtlsSrtpCryptoSuite(true, &client_cipher)); | 
|  | int server_cipher; | 
|  | ASSERT_FALSE(GetDtlsSrtpCryptoSuite(false, &server_cipher)); | 
|  | } | 
|  |  | 
|  | // Test DTLS-SRTP with each side being mixed -- should select the stronger | 
|  | // cipher. | 
|  | TEST_F(SSLStreamAdapterTestDTLS, TestDTLSSrtpMixed) { | 
|  | const std::vector<int> crypto_suites = {rtc::kSrtpAes128CmSha1_80, | 
|  | rtc::kSrtpAes128CmSha1_32}; | 
|  | SetDtlsSrtpCryptoSuites(crypto_suites, true); | 
|  | SetDtlsSrtpCryptoSuites(crypto_suites, false); | 
|  | TestHandshake(); | 
|  |  | 
|  | int client_cipher; | 
|  | ASSERT_TRUE(GetDtlsSrtpCryptoSuite(true, &client_cipher)); | 
|  | int server_cipher; | 
|  | ASSERT_TRUE(GetDtlsSrtpCryptoSuite(false, &server_cipher)); | 
|  |  | 
|  | ASSERT_EQ(client_cipher, server_cipher); | 
|  | ASSERT_EQ(client_cipher, rtc::kSrtpAes128CmSha1_80); | 
|  | } | 
|  |  | 
|  | // Test DTLS-SRTP with SrtpAeadAes128Gcm. | 
|  | TEST_F(SSLStreamAdapterTestDTLS, TestDTLSSrtpAeadAes128Gcm) { | 
|  | std::vector<int> crypto_suites = {rtc::kSrtpAeadAes128Gcm}; | 
|  | SetDtlsSrtpCryptoSuites(crypto_suites, true); | 
|  | SetDtlsSrtpCryptoSuites(crypto_suites, false); | 
|  | TestHandshake(); | 
|  |  | 
|  | int client_cipher; | 
|  | ASSERT_TRUE(GetDtlsSrtpCryptoSuite(true, &client_cipher)); | 
|  | int server_cipher; | 
|  | ASSERT_TRUE(GetDtlsSrtpCryptoSuite(false, &server_cipher)); | 
|  |  | 
|  | ASSERT_EQ(client_cipher, server_cipher); | 
|  | ASSERT_EQ(client_cipher, rtc::kSrtpAeadAes128Gcm); | 
|  | } | 
|  |  | 
|  | // Test DTLS-SRTP with all GCM-256 ciphers. | 
|  | TEST_F(SSLStreamAdapterTestDTLS, TestDTLSSrtpGCM256) { | 
|  | std::vector<int> crypto_suites = {rtc::kSrtpAeadAes256Gcm}; | 
|  | SetDtlsSrtpCryptoSuites(crypto_suites, true); | 
|  | SetDtlsSrtpCryptoSuites(crypto_suites, false); | 
|  | TestHandshake(); | 
|  |  | 
|  | int client_cipher; | 
|  | ASSERT_TRUE(GetDtlsSrtpCryptoSuite(true, &client_cipher)); | 
|  | int server_cipher; | 
|  | ASSERT_TRUE(GetDtlsSrtpCryptoSuite(false, &server_cipher)); | 
|  |  | 
|  | ASSERT_EQ(client_cipher, server_cipher); | 
|  | ASSERT_EQ(client_cipher, rtc::kSrtpAeadAes256Gcm); | 
|  | } | 
|  |  | 
|  | // Test DTLS-SRTP with incompatbile GCM-128/-256 ciphers -- should not converge. | 
|  | TEST_F(SSLStreamAdapterTestDTLS, TestDTLSSrtpIncompatibleGcmCipherSuites) { | 
|  | SetDtlsSrtpCryptoSuites({rtc::kSrtpAeadAes128Gcm}, true); | 
|  | SetDtlsSrtpCryptoSuites({rtc::kSrtpAeadAes256Gcm}, false); | 
|  | TestHandshake(); | 
|  |  | 
|  | int client_cipher; | 
|  | ASSERT_FALSE(GetDtlsSrtpCryptoSuite(true, &client_cipher)); | 
|  | int server_cipher; | 
|  | ASSERT_FALSE(GetDtlsSrtpCryptoSuite(false, &server_cipher)); | 
|  | } | 
|  |  | 
|  | // Test DTLS-SRTP with both GCM-128/-256 ciphers -- should select GCM-256. | 
|  | TEST_F(SSLStreamAdapterTestDTLS, TestDTLSSrtpGCMMixed) { | 
|  | std::vector<int> crypto_suites = {rtc::kSrtpAeadAes256Gcm, | 
|  | rtc::kSrtpAeadAes128Gcm}; | 
|  | SetDtlsSrtpCryptoSuites(crypto_suites, true); | 
|  | SetDtlsSrtpCryptoSuites(crypto_suites, false); | 
|  | TestHandshake(); | 
|  |  | 
|  | int client_cipher; | 
|  | ASSERT_TRUE(GetDtlsSrtpCryptoSuite(true, &client_cipher)); | 
|  | int server_cipher; | 
|  | ASSERT_TRUE(GetDtlsSrtpCryptoSuite(false, &server_cipher)); | 
|  |  | 
|  | ASSERT_EQ(client_cipher, server_cipher); | 
|  | ASSERT_EQ(client_cipher, rtc::kSrtpAeadAes256Gcm); | 
|  | } | 
|  |  | 
|  | // Test SRTP cipher suite lengths. | 
|  | TEST_F(SSLStreamAdapterTestDTLS, TestDTLSSrtpKeyAndSaltLengths) { | 
|  | int key_len; | 
|  | int salt_len; | 
|  |  | 
|  | ASSERT_FALSE(rtc::GetSrtpKeyAndSaltLengths(rtc::kSrtpInvalidCryptoSuite, | 
|  | &key_len, &salt_len)); | 
|  |  | 
|  | ASSERT_TRUE(rtc::GetSrtpKeyAndSaltLengths(rtc::kSrtpAes128CmSha1_32, &key_len, | 
|  | &salt_len)); | 
|  | ASSERT_EQ(128 / 8, key_len); | 
|  | ASSERT_EQ(112 / 8, salt_len); | 
|  |  | 
|  | ASSERT_TRUE(rtc::GetSrtpKeyAndSaltLengths(rtc::kSrtpAes128CmSha1_80, &key_len, | 
|  | &salt_len)); | 
|  | ASSERT_EQ(128 / 8, key_len); | 
|  | ASSERT_EQ(112 / 8, salt_len); | 
|  |  | 
|  | ASSERT_TRUE(rtc::GetSrtpKeyAndSaltLengths(rtc::kSrtpAeadAes128Gcm, &key_len, | 
|  | &salt_len)); | 
|  | ASSERT_EQ(128 / 8, key_len); | 
|  | ASSERT_EQ(96 / 8, salt_len); | 
|  |  | 
|  | ASSERT_TRUE(rtc::GetSrtpKeyAndSaltLengths(rtc::kSrtpAeadAes256Gcm, &key_len, | 
|  | &salt_len)); | 
|  | ASSERT_EQ(256 / 8, key_len); | 
|  | ASSERT_EQ(96 / 8, salt_len); | 
|  | } | 
|  |  | 
|  | // Test an exporter | 
|  | TEST_F(SSLStreamAdapterTestDTLS, TestDTLSExporter) { | 
|  | TestHandshake(); | 
|  | unsigned char client_out[EVP_MAX_MD_SIZE]; | 
|  | unsigned char server_out[EVP_MAX_MD_SIZE]; | 
|  |  | 
|  | bool result; | 
|  | result = ExportKeyingMaterial(kExporterLabel, kExporterContext, | 
|  | kExporterContextLen, true, true, client_out, | 
|  | sizeof(client_out)); | 
|  | ASSERT_TRUE(result); | 
|  |  | 
|  | result = ExportKeyingMaterial(kExporterLabel, kExporterContext, | 
|  | kExporterContextLen, true, false, server_out, | 
|  | sizeof(server_out)); | 
|  | ASSERT_TRUE(result); | 
|  |  | 
|  | ASSERT_TRUE(!memcmp(client_out, server_out, sizeof(client_out))); | 
|  | } | 
|  |  | 
|  | // Test not yet valid certificates are not rejected. | 
|  | TEST_F(SSLStreamAdapterTestDTLS, TestCertNotYetValid) { | 
|  | long one_day = 60 * 60 * 24; | 
|  | // Make the certificates not valid until one day later. | 
|  | ResetIdentitiesWithValidity(one_day, one_day); | 
|  | TestHandshake(); | 
|  | } | 
|  |  | 
|  | // Test expired certificates are not rejected. | 
|  | TEST_F(SSLStreamAdapterTestDTLS, TestCertExpired) { | 
|  | long one_day = 60 * 60 * 24; | 
|  | // Make the certificates already expired. | 
|  | ResetIdentitiesWithValidity(-one_day, -one_day); | 
|  | TestHandshake(); | 
|  | } | 
|  |  | 
|  | class SSLStreamAdapterTestDTLSFromPEMStrings | 
|  | : public SSLStreamAdapterTestDTLSBase { | 
|  | public: | 
|  | SSLStreamAdapterTestDTLSFromPEMStrings() | 
|  | : SSLStreamAdapterTestDTLSBase(kCERT_PEM, kRSA_PRIVATE_KEY_PEM) {} | 
|  | }; | 
|  |  | 
|  | // Test data transfer using certs created from strings. | 
|  | TEST_F(SSLStreamAdapterTestDTLSFromPEMStrings, TestTransfer) { | 
|  | TestHandshake(); | 
|  | TestTransfer(100); | 
|  | } | 
|  |  | 
|  | // Test getting the remote certificate. | 
|  | TEST_F(SSLStreamAdapterTestDTLSFromPEMStrings, TestDTLSGetPeerCertificate) { | 
|  | // Peer certificates haven't been received yet. | 
|  | ASSERT_FALSE(GetPeerCertificate(true)); | 
|  | ASSERT_FALSE(GetPeerCertificate(false)); | 
|  |  | 
|  | TestHandshake(); | 
|  |  | 
|  | // The client should have a peer certificate after the handshake. | 
|  | std::unique_ptr<rtc::SSLCertificate> client_peer_cert = | 
|  | GetPeerCertificate(true); | 
|  | ASSERT_TRUE(client_peer_cert); | 
|  |  | 
|  | // It's not kCERT_PEM. | 
|  | std::string client_peer_string = client_peer_cert->ToPEMString(); | 
|  | ASSERT_NE(kCERT_PEM, client_peer_string); | 
|  |  | 
|  | // The server should have a peer certificate after the handshake. | 
|  | std::unique_ptr<rtc::SSLCertificate> server_peer_cert = | 
|  | GetPeerCertificate(false); | 
|  | ASSERT_TRUE(server_peer_cert); | 
|  |  | 
|  | // It's kCERT_PEM | 
|  | ASSERT_EQ(kCERT_PEM, server_peer_cert->ToPEMString()); | 
|  | } | 
|  |  | 
|  | // Test getting the DTLS 1.2 version. | 
|  | TEST_F(SSLStreamAdapterTestDTLS, TestGetSslVersionBytes) { | 
|  | // https://datatracker.ietf.org/doc/html/rfc9147#section-5.3 | 
|  | const int kDtls1_2 = 0xFEFD; | 
|  | SetupProtocolVersions(rtc::SSL_PROTOCOL_DTLS_12, rtc::SSL_PROTOCOL_DTLS_12); | 
|  | TestHandshake(); | 
|  |  | 
|  | int client_version; | 
|  | ASSERT_TRUE(GetSslVersionBytes(true, &client_version)); | 
|  | EXPECT_EQ(client_version, kDtls1_2); | 
|  |  | 
|  | int server_version; | 
|  | ASSERT_TRUE(GetSslVersionBytes(false, &server_version)); | 
|  | EXPECT_EQ(server_version, kDtls1_2); | 
|  | } | 
|  |  | 
|  | // Tests for enabling the (D)TLS extension permutation which randomizes the | 
|  | // order of extensions in the client hello. | 
|  | // These tests are a no-op under OpenSSL. | 
|  | #ifdef OPENSSL_IS_BORINGSSL | 
|  | class SSLStreamAdapterTestDTLSExtensionPermutation | 
|  | : public SSLStreamAdapterTestDTLSBase { | 
|  | public: | 
|  | SSLStreamAdapterTestDTLSExtensionPermutation() | 
|  | : SSLStreamAdapterTestDTLSBase( | 
|  | rtc::KeyParams::ECDSA(rtc::EC_NIST_P256), | 
|  | rtc::KeyParams::ECDSA(rtc::EC_NIST_P256), | 
|  | std::make_pair(rtc::DIGEST_SHA_256, SHA256_DIGEST_LENGTH)) {} | 
|  |  | 
|  | void Initialize(absl::string_view client_experiment, | 
|  | absl::string_view server_experiment) { | 
|  | InitializeClientAndServerStreams(client_experiment, server_experiment); | 
|  | client_ssl_->SetIdentity( | 
|  | rtc::SSLIdentity::Create("client", client_key_type_)); | 
|  | server_ssl_->SetIdentity( | 
|  | rtc::SSLIdentity::Create("server", server_key_type_)); | 
|  | } | 
|  | }; | 
|  |  | 
|  | TEST_F(SSLStreamAdapterTestDTLSExtensionPermutation, | 
|  | ClientDefaultServerDefault) { | 
|  | Initialize("", ""); | 
|  | TestHandshake(); | 
|  | } | 
|  |  | 
|  | TEST_F(SSLStreamAdapterTestDTLSExtensionPermutation, | 
|  | ClientDisabledServerDisabled) { | 
|  | Initialize("WebRTC-PermuteTlsClientHello/Disabled/", | 
|  | "WebRTC-PermuteTlsClientHello/Disabled/"); | 
|  | TestHandshake(); | 
|  | } | 
|  |  | 
|  | TEST_F(SSLStreamAdapterTestDTLSExtensionPermutation, | 
|  | ClientDisabledServerPermute) { | 
|  | Initialize("WebRTC-PermuteTlsClientHello/Disabled/", | 
|  | "WebRTC-PermuteTlsClientHello/Enabled/"); | 
|  | TestHandshake(); | 
|  | } | 
|  |  | 
|  | TEST_F(SSLStreamAdapterTestDTLSExtensionPermutation, | 
|  | ClientPermuteServerDisabled) { | 
|  | Initialize("WebRTC-PermuteTlsClientHello/Enabled/", | 
|  | "WebRTC-PermuteTlsClientHello/Disabled/"); | 
|  | TestHandshake(); | 
|  | } | 
|  |  | 
|  | TEST_F(SSLStreamAdapterTestDTLSExtensionPermutation, | 
|  | ClientPermuteServerPermute) { | 
|  | Initialize("WebRTC-PermuteTlsClientHello/Enabled/", | 
|  | "WebRTC-PermuteTlsClientHello/Enabled/"); | 
|  | TestHandshake(); | 
|  | } | 
|  | #endif  // OPENSSL_IS_BORINGSSL |