search:
summary | log | graphiclog1 | graphiclog2 | commit | commitdiff | tree | refs | edit | fork
blame | history | raw | HEAD
MacViews: Get c/b/ui/views/tabs to build on Mac
[chromium-blink-merge.git] / net / quic / quic_crypto_server_stream_test.cc
blob38b4a57a932608f1f95daafbbe64e7b5488309b4
1 // Copyright (c) 2012 The Chromium Authors. All rights reserved.
2 // Use of this source code is governed by a BSD-style license that can be
3 // found in the LICENSE file.
4
5 #include "net/quic/quic_crypto_server_stream.h"
6
7 #include <map>
8 #include <vector>
9
10 #include "base/memory/scoped_ptr.h"
11 #include "net/quic/crypto/aes_128_gcm_12_encrypter.h"
12 #include "net/quic/crypto/crypto_framer.h"
13 #include "net/quic/crypto/crypto_handshake.h"
14 #include "net/quic/crypto/crypto_protocol.h"
15 #include "net/quic/crypto/crypto_utils.h"
16 #include "net/quic/crypto/quic_crypto_server_config.h"
17 #include "net/quic/crypto/quic_decrypter.h"
18 #include "net/quic/crypto/quic_encrypter.h"
19 #include "net/quic/crypto/quic_random.h"
20 #include "net/quic/quic_crypto_client_stream.h"
21 #include "net/quic/quic_protocol.h"
22 #include "net/quic/quic_session.h"
23 #include "net/quic/test_tools/crypto_test_utils.h"
24 #include "net/quic/test_tools/delayed_verify_strike_register_client.h"
25 #include "net/quic/test_tools/quic_test_utils.h"
26 #include "testing/gmock/include/gmock/gmock.h"
27 #include "testing/gtest/include/gtest/gtest.h"
28
29 namespace net {
30 class QuicConnection;
31 class ReliableQuicStream;
32 } // namespace net
33
34 using std::pair;
35 using testing::_;
36
37 namespace net {
38 namespace test {
39
40 class QuicCryptoServerConfigPeer {
41 public:
42 static string GetPrimaryOrbit(const QuicCryptoServerConfig& config) {
43 base::AutoLock lock(config.configs_lock_);
44 CHECK(config.primary_config_.get() != nullptr);
45 return string(reinterpret_cast<const char*>(config.primary_config_->orbit),
46 kOrbitSize);
47 }
48 };
49
50 namespace {
51
52 const char kServerHostname[] = "test.example.com";
53 const uint16 kServerPort = 80;
54
55 class QuicCryptoServerStreamTest : public ::testing::TestWithParam<bool> {
56 public:
57 QuicCryptoServerStreamTest()
58 : connection_(new PacketSavingConnection(true)),
59 session_(connection_, DefaultQuicConfig()),
60 crypto_config_(QuicCryptoServerConfig::TESTING,
61 QuicRandom::GetInstance()),
62 stream_(crypto_config_, &session_),
63 strike_register_client_(nullptr) {
64 session_.SetCryptoStream(&stream_);
65 // We advance the clock initially because the default time is zero and the
66 // strike register worries that we've just overflowed a uint32 time.
67 connection_->AdvanceTime(QuicTime::Delta::FromSeconds(100000));
68 // TODO(wtc): replace this with ProofSourceForTesting() when Chromium has
69 // a working ProofSourceForTesting().
70 crypto_config_.SetProofSource(CryptoTestUtils::FakeProofSourceForTesting());
71 crypto_config_.set_strike_register_no_startup_period();
72
73 CryptoTestUtils::SetupCryptoServerConfigForTest(
74 connection_->clock(), connection_->random_generator(),
75 session_.config(), &crypto_config_);
76
77 if (AsyncStrikeRegisterVerification()) {
78 string orbit =
79 QuicCryptoServerConfigPeer::GetPrimaryOrbit(crypto_config_);
80 strike_register_client_ = new DelayedVerifyStrikeRegisterClient(
81 10000, // strike_register_max_entries
82 static_cast<uint32>(connection_->clock()->WallNow().ToUNIXSeconds()),
83 60, // strike_register_window_secs
84 reinterpret_cast<const uint8 *>(orbit.data()),
85 StrikeRegister::NO_STARTUP_PERIOD_NEEDED);
86 strike_register_client_->StartDelayingVerification();
87 crypto_config_.SetStrikeRegisterClient(strike_register_client_);
88 }
89 }
90
91 bool AsyncStrikeRegisterVerification() {
92 return GetParam();
93 }
94
95 void ConstructHandshakeMessage() {
96 CryptoFramer framer;
97 message_data_.reset(framer.ConstructHandshakeMessage(message_));
98 }
99
100 int CompleteCryptoHandshake() {
101 return CryptoTestUtils::HandshakeWithFakeClient(connection_, &stream_,
102 client_options_);
103 }
104
105 protected:
106 PacketSavingConnection* connection_;
107 TestClientSession session_;
108 QuicConfig config_;
109 QuicCryptoServerConfig crypto_config_;
110 QuicCryptoServerStream stream_;
111 CryptoHandshakeMessage message_;
112 scoped_ptr<QuicData> message_data_;
113 CryptoTestUtils::FakeClientOptions client_options_;
114 DelayedVerifyStrikeRegisterClient* strike_register_client_;
115 };
116
117 INSTANTIATE_TEST_CASE_P(Tests, QuicCryptoServerStreamTest, testing::Bool());
118
119 TEST_P(QuicCryptoServerStreamTest, NotInitiallyConected) {
120 EXPECT_FALSE(stream_.encryption_established());
121 EXPECT_FALSE(stream_.handshake_confirmed());
122 }
123
124 TEST_P(QuicCryptoServerStreamTest, ConnectedAfterCHLO) {
125 // CompleteCryptoHandshake returns the number of client hellos sent. This
126 // test should send:
127 // * One to get a source-address token and certificates.
128 // * One to complete the handshake.
129 EXPECT_EQ(2, CompleteCryptoHandshake());
130 EXPECT_TRUE(stream_.encryption_established());
131 EXPECT_TRUE(stream_.handshake_confirmed());
132 EXPECT_EQ(1, stream_.num_server_config_update_messages_sent());
133 }
134
135 TEST_P(QuicCryptoServerStreamTest, ZeroRTT) {
136 PacketSavingConnection* client_conn = new PacketSavingConnection(false);
137 PacketSavingConnection* server_conn = new PacketSavingConnection(false);
138 client_conn->AdvanceTime(QuicTime::Delta::FromSeconds(100000));
139 server_conn->AdvanceTime(QuicTime::Delta::FromSeconds(100000));
140
141 QuicConfig client_config;
142 scoped_ptr<TestClientSession> client_session(
143 new TestClientSession(client_conn, client_config));
144 QuicCryptoClientConfig client_crypto_config;
145
146 QuicServerId server_id(kServerHostname, kServerPort, false,
147 PRIVACY_MODE_DISABLED);
148 scoped_ptr<QuicCryptoClientStream> client(new QuicCryptoClientStream(
149 server_id, client_session.get(), nullptr, &client_crypto_config));
150 client_session->SetCryptoStream(client.get());
151
152 // Do a first handshake in order to prime the client config with the server's
153 // information.
154 CHECK(client->CryptoConnect());
155 CHECK_EQ(1u, client_conn->packets_.size());
156
157 scoped_ptr<TestSession> server_session(new TestSession(server_conn, config_));
158 scoped_ptr<QuicCryptoServerStream> server(
159 new QuicCryptoServerStream(crypto_config_, server_session.get()));
160 server_session->SetCryptoStream(server.get());
161
162 CryptoTestUtils::CommunicateHandshakeMessages(
163 client_conn, client.get(), server_conn, server.get());
164 EXPECT_EQ(2, client->num_sent_client_hellos());
165
166 // Now do another handshake, hopefully in 0-RTT.
167 LOG(INFO) << "Resetting for 0-RTT handshake attempt";
168
169 client_conn = new PacketSavingConnection(false);
170 server_conn = new PacketSavingConnection(false);
171 // We need to advance time past the strike-server window so that it's
172 // authoritative in this time span.
173 client_conn->AdvanceTime(QuicTime::Delta::FromSeconds(102000));
174 server_conn->AdvanceTime(QuicTime::Delta::FromSeconds(102000));
175
176 // This causes the client's nonce to be different and thus stops the
177 // strike-register from rejecting the repeated nonce.
178 reinterpret_cast<MockRandom*>(client_conn->random_generator())->ChangeValue();
179 client_session.reset(new TestClientSession(client_conn, client_config));
180 server_session.reset(new TestSession(server_conn, config_));
181 client.reset(new QuicCryptoClientStream(server_id, client_session.get(),
182 nullptr, &client_crypto_config));
183 client_session->SetCryptoStream(client.get());
184
185 server.reset(new QuicCryptoServerStream(crypto_config_,
186 server_session.get()));
187 server_session->SetCryptoStream(server.get());
188
189 CHECK(client->CryptoConnect());
190
191 if (AsyncStrikeRegisterVerification()) {
192 EXPECT_FALSE(client->handshake_confirmed());
193 EXPECT_FALSE(server->handshake_confirmed());
194
195 // Advance the handshake. Expect that the server will be stuck
196 // waiting for client nonce verification to complete.
197 pair<size_t, size_t> messages_moved = CryptoTestUtils::AdvanceHandshake(
198 client_conn, client.get(), 0, server_conn, server.get(), 0);
199 EXPECT_EQ(1u, messages_moved.first);
200 EXPECT_EQ(0u, messages_moved.second);
201 EXPECT_EQ(1, strike_register_client_->PendingVerifications());
202 EXPECT_FALSE(client->handshake_confirmed());
203 EXPECT_FALSE(server->handshake_confirmed());
204
205 // The server handshake completes once the nonce verification completes.
206 strike_register_client_->RunPendingVerifications();
207 EXPECT_FALSE(client->handshake_confirmed());
208 EXPECT_TRUE(server->handshake_confirmed());
209
210 messages_moved = CryptoTestUtils::AdvanceHandshake(
211 client_conn, client.get(), messages_moved.first,
212 server_conn, server.get(), messages_moved.second);
213 EXPECT_EQ(1u, messages_moved.first);
214 EXPECT_EQ(1u, messages_moved.second);
215 EXPECT_TRUE(client->handshake_confirmed());
216 EXPECT_TRUE(server->handshake_confirmed());
217 } else {
218 CryptoTestUtils::CommunicateHandshakeMessages(
219 client_conn, client.get(), server_conn, server.get());
220 }
221
222 EXPECT_EQ(1, client->num_sent_client_hellos());
223 EXPECT_EQ(1, server->num_server_config_update_messages_sent());
224 }
225
226 TEST_P(QuicCryptoServerStreamTest, MessageAfterHandshake) {
227 CompleteCryptoHandshake();
228 EXPECT_CALL(*connection_, SendConnectionClose(
229 QUIC_CRYPTO_MESSAGE_AFTER_HANDSHAKE_COMPLETE));
230 message_.set_tag(kCHLO);
231 ConstructHandshakeMessage();
232 stream_.ProcessRawData(message_data_->data(), message_data_->length());
233 }
234
235 TEST_P(QuicCryptoServerStreamTest, BadMessageType) {
236 message_.set_tag(kSHLO);
237 ConstructHandshakeMessage();
238 EXPECT_CALL(*connection_, SendConnectionClose(
239 QUIC_INVALID_CRYPTO_MESSAGE_TYPE));
240 stream_.ProcessRawData(message_data_->data(), message_data_->length());
241 }
242
243 TEST_P(QuicCryptoServerStreamTest, WithoutCertificates) {
244 crypto_config_.SetProofSource(nullptr);
245 client_options_.dont_verify_certs = true;
246
247 // Only 2 client hellos need to be sent in the no-certs case: one to get the
248 // source-address token and the second to finish.
249 EXPECT_EQ(2, CompleteCryptoHandshake());
250 EXPECT_TRUE(stream_.encryption_established());
251 EXPECT_TRUE(stream_.handshake_confirmed());
252 }
253
254 TEST_P(QuicCryptoServerStreamTest, ChannelID) {
255 client_options_.channel_id_enabled = true;
256 client_options_.channel_id_source_async = false;
257 // CompleteCryptoHandshake verifies
258 // stream_.crypto_negotiated_params().channel_id is correct.
259 EXPECT_EQ(2, CompleteCryptoHandshake());
260 EXPECT_TRUE(stream_.encryption_established());
261 EXPECT_TRUE(stream_.handshake_confirmed());
262 }
263
264 TEST_P(QuicCryptoServerStreamTest, ChannelIDAsync) {
265 client_options_.channel_id_enabled = true;
266 client_options_.channel_id_source_async = true;
267 // CompleteCryptoHandshake verifies
268 // stream_.crypto_negotiated_params().channel_id is correct.
269 EXPECT_EQ(2, CompleteCryptoHandshake());
270 EXPECT_TRUE(stream_.encryption_established());
271 EXPECT_TRUE(stream_.handshake_confirmed());
272 }
273
274 TEST_P(QuicCryptoServerStreamTest, OnlySendSCUPAfterHandshakeComplete) {
275 // An attempt to send a SCUP before completing handshake should fail.
276 stream_.SendServerConfigUpdate(nullptr, false);
277 EXPECT_EQ(0, stream_.num_server_config_update_messages_sent());
278 }
279
280 } // namespace
281 } // namespace test
282 } // namespace net