blob: fb7ec913e5bd1ccc1690952c2c28902870855fff [file] [log] [blame]
Henrik Boströmda3a1da2016-04-15 15:55:211/*
2 * Copyright 2016 The WebRTC project authors. All Rights Reserved.
3 *
4 * Use of this source code is governed by a BSD-style license
5 * that can be found in the LICENSE file in the root of the source
6 * tree. An additional intellectual property rights grant can be found
7 * in the file PATENTS. All contributing project authors may
8 * be found in the AUTHORS file in the root of the source tree.
9 */
10
Steve Anton10542f22019-01-11 17:11:0011#include "rtc_base/rtc_certificate_generator.h"
Henrik Boströmda3a1da2016-04-15 15:55:2112
jbauch555604a2016-04-26 10:13:2213#include <memory>
14
Danil Chapovalov0a1d1892018-06-21 09:48:2515#include "absl/types/optional.h"
Niels Möller105711e2022-06-14 13:48:2616#include "api/make_ref_counted.h"
Mirko Bonadei92ea95e2017-09-15 04:47:3117#include "rtc_base/checks.h"
18#include "rtc_base/gunit.h"
Mirko Bonadei92ea95e2017-09-15 04:47:3119#include "rtc_base/thread.h"
Yves Gerey3e707812018-11-28 15:47:4920#include "test/gtest.h"
Henrik Boströmda3a1da2016-04-15 15:55:2121
22namespace rtc {
23
Danil Chapovalovb7da8162022-08-22 14:39:3424class RTCCertificateGeneratorFixture {
Henrik Boströmda3a1da2016-04-15 15:55:2125 public:
26 RTCCertificateGeneratorFixture()
27 : signaling_thread_(Thread::Current()),
tommie7251592017-07-14 21:44:4628 worker_thread_(Thread::Create()),
Henrik Boströmda3a1da2016-04-15 15:55:2129 generate_async_completed_(false) {
30 RTC_CHECK(signaling_thread_);
31 RTC_CHECK(worker_thread_->Start());
32 generator_.reset(
Yves Gerey665174f2018-06-19 13:03:0533 new RTCCertificateGenerator(signaling_thread_, worker_thread_.get()));
Henrik Boströmda3a1da2016-04-15 15:55:2134 }
Henrik Boströmda3a1da2016-04-15 15:55:2135
36 RTCCertificateGenerator* generator() const { return generator_.get(); }
37 RTCCertificate* certificate() const { return certificate_.get(); }
38
Danil Chapovalovb7da8162022-08-22 14:39:3439 RTCCertificateGeneratorInterface::Callback OnGenerated() {
40 return [this](scoped_refptr<RTCCertificate> certificate) mutable {
41 RTC_CHECK(signaling_thread_->IsCurrent());
42 certificate_ = std::move(certificate);
43 generate_async_completed_ = true;
44 };
Henrik Boströmda3a1da2016-04-15 15:55:2145 }
46
47 bool GenerateAsyncCompleted() {
48 RTC_CHECK(signaling_thread_->IsCurrent());
49 if (generate_async_completed_) {
50 // Reset flag so that future generation requests are not considered done.
51 generate_async_completed_ = false;
52 return true;
53 }
54 return false;
55 }
56
57 protected:
58 Thread* const signaling_thread_;
jbauch555604a2016-04-26 10:13:2259 std::unique_ptr<Thread> worker_thread_;
60 std::unique_ptr<RTCCertificateGenerator> generator_;
Henrik Boströmda3a1da2016-04-15 15:55:2161 scoped_refptr<RTCCertificate> certificate_;
62 bool generate_async_completed_;
63};
64
Mirko Bonadei6a489f22019-04-09 13:11:1265class RTCCertificateGeneratorTest : public ::testing::Test {
Henrik Boströmda3a1da2016-04-15 15:55:2166 public:
Henrik Boströmda3a1da2016-04-15 15:55:2167 protected:
Mirko Bonadeif7f68702020-04-15 07:55:0368 static constexpr int kGenerationTimeoutMs = 10000;
Henrik Boströmda3a1da2016-04-15 15:55:2169
Niels Möller83830f32022-05-20 07:12:5770 rtc::AutoThread main_thread_;
Danil Chapovalovb7da8162022-08-22 14:39:3471 RTCCertificateGeneratorFixture fixture_;
Henrik Boströmda3a1da2016-04-15 15:55:2172};
73
74TEST_F(RTCCertificateGeneratorTest, GenerateECDSA) {
Danil Chapovalov0a1d1892018-06-21 09:48:2575 EXPECT_TRUE(RTCCertificateGenerator::GenerateCertificate(KeyParams::ECDSA(),
76 absl::nullopt));
Henrik Boströmda3a1da2016-04-15 15:55:2177}
78
79TEST_F(RTCCertificateGeneratorTest, GenerateRSA) {
Danil Chapovalov0a1d1892018-06-21 09:48:2580 EXPECT_TRUE(RTCCertificateGenerator::GenerateCertificate(KeyParams::RSA(),
81 absl::nullopt));
Henrik Boströmda3a1da2016-04-15 15:55:2182}
83
84TEST_F(RTCCertificateGeneratorTest, GenerateAsyncECDSA) {
Danil Chapovalovb7da8162022-08-22 14:39:3485 EXPECT_FALSE(fixture_.certificate());
86 fixture_.generator()->GenerateCertificateAsync(
87 KeyParams::ECDSA(), absl::nullopt, fixture_.OnGenerated());
Henrik Boströmda3a1da2016-04-15 15:55:2188 // Until generation has completed, the certificate is null. Since this is an
89 // async call, generation must not have completed until we process messages
Artem Titov96e3b992021-07-26 14:03:1490 // posted to this thread (which is done by `EXPECT_TRUE_WAIT`).
Danil Chapovalovb7da8162022-08-22 14:39:3491 EXPECT_FALSE(fixture_.GenerateAsyncCompleted());
92 EXPECT_FALSE(fixture_.certificate());
93 EXPECT_TRUE_WAIT(fixture_.GenerateAsyncCompleted(), kGenerationTimeoutMs);
94 EXPECT_TRUE(fixture_.certificate());
Henrik Boströmda3a1da2016-04-15 15:55:2195}
96
97TEST_F(RTCCertificateGeneratorTest, GenerateWithExpires) {
98 // By generating two certificates with different expiration we can compare the
99 // two expiration times relative to each other without knowing the current
100 // time relative to epoch, 1970-01-01T00:00:00Z. This verifies that the
101 // expiration parameter is correctly used relative to the generator's clock,
102 // but does not verify that this clock is relative to epoch.
103
104 // Generate a certificate that expires immediately.
105 scoped_refptr<RTCCertificate> cert_a =
Danil Chapovalov0a1d1892018-06-21 09:48:25106 RTCCertificateGenerator::GenerateCertificate(KeyParams::ECDSA(), 0);
Henrik Boströmda3a1da2016-04-15 15:55:21107 EXPECT_TRUE(cert_a);
108
109 // Generate a certificate that expires in one minute.
110 const uint64_t kExpiresMs = 60000;
111 scoped_refptr<RTCCertificate> cert_b =
Danil Chapovalov0a1d1892018-06-21 09:48:25112 RTCCertificateGenerator::GenerateCertificate(KeyParams::ECDSA(),
113 kExpiresMs);
Henrik Boströmda3a1da2016-04-15 15:55:21114 EXPECT_TRUE(cert_b);
115
Artem Titov96e3b992021-07-26 14:03:14116 // Verify that `cert_b` expires approximately `kExpiresMs` after `cert_a`
Henrik Boströmda3a1da2016-04-15 15:55:21117 // (allowing a +/- 1 second plus maximum generation time difference).
118 EXPECT_GT(cert_b->Expires(), cert_a->Expires());
119 uint64_t expires_diff = cert_b->Expires() - cert_a->Expires();
120 EXPECT_GE(expires_diff, kExpiresMs);
Yves Gerey665174f2018-06-19 13:03:05121 EXPECT_LE(expires_diff, kExpiresMs + 2 * kGenerationTimeoutMs + 1000);
Henrik Boströmda3a1da2016-04-15 15:55:21122}
123
124TEST_F(RTCCertificateGeneratorTest, GenerateWithInvalidParamsShouldFail) {
125 KeyParams invalid_params = KeyParams::RSA(0, 0);
126 EXPECT_FALSE(invalid_params.IsValid());
127
Danil Chapovalov0a1d1892018-06-21 09:48:25128 EXPECT_FALSE(RTCCertificateGenerator::GenerateCertificate(invalid_params,
129 absl::nullopt));
Henrik Boströmda3a1da2016-04-15 15:55:21130
Danil Chapovalovb7da8162022-08-22 14:39:34131 fixture_.generator()->GenerateCertificateAsync(invalid_params, absl::nullopt,
132 fixture_.OnGenerated());
133 EXPECT_TRUE_WAIT(fixture_.GenerateAsyncCompleted(), kGenerationTimeoutMs);
134 EXPECT_FALSE(fixture_.certificate());
Henrik Boströmda3a1da2016-04-15 15:55:21135}
136
137} // namespace rtc