net/quic/quic_crypto_client_stream_test.cc

   1 // Copyright (c) 2012 The Chromium Authors. All rights reserved.
   2 // Use of this source code is governed by a BSD-style license that can be
   3 // found in the LICENSE file.
   4
   5 #include "net/quic/quic_crypto_client_stream.h"
   6
   7 #include "base/memory/scoped_ptr.h"
   8 #include "net/quic/crypto/aes_128_gcm_12_encrypter.h"
   9 #include "net/quic/crypto/quic_decrypter.h"
  10 #include "net/quic/crypto/quic_encrypter.h"
  11 #include "net/quic/quic_flags.h"
  12 #include "net/quic/quic_protocol.h"
  13 #include "net/quic/quic_server_id.h"
  14 #include "net/quic/quic_utils.h"
  15 #include "net/quic/test_tools/crypto_test_utils.h"
  16 #include "net/quic/test_tools/quic_test_utils.h"
  17 #include "net/quic/test_tools/simple_quic_framer.h"
  18 #include "testing/gmock/include/gmock/gmock.h"
  19 #include "testing/gtest/include/gtest/gtest.h"
  20
  21 using std::string;
  22
  23 namespace net {
  24 namespace test {
  25 namespace {
  26
  27 const char kServerHostname[] = "example.com";
  28 const uint16 kServerPort = 80;
  29
  30 class QuicCryptoClientStreamTest : public ::testing::Test {
  31  public:
  32   QuicCryptoClientStreamTest()
  33       : connection_(new PacketSavingConnection(Perspective::IS_CLIENT)),
  34         session_(new TestClientSession(connection_, DefaultQuicConfig())),
  35         server_id_(kServerHostname, kServerPort, false, PRIVACY_MODE_DISABLED),
  36         stream_(new QuicCryptoClientStream(server_id_,
  37                                            session_.get(),
  38                                            nullptr,
  39                                            &crypto_config_)) {
  40     session_->SetCryptoStream(stream_.get());
  41     // Advance the time, because timers do not like uninitialized times.
  42     connection_->AdvanceTime(QuicTime::Delta::FromSeconds(1));
  43   }
  44
  45   void CompleteCryptoHandshake() {
  46     stream_->CryptoConnect();
  47     CryptoTestUtils::HandshakeWithFakeServer(connection_, stream_.get());
  48   }
  49
  50   void ConstructHandshakeMessage() {
  51     CryptoFramer framer;
  52     message_data_.reset(framer.ConstructHandshakeMessage(message_));
  53   }
  54
  55   PacketSavingConnection* connection_;
  56   scoped_ptr<TestClientSession> session_;
  57   QuicServerId server_id_;
  58   scoped_ptr<QuicCryptoClientStream> stream_;
  59   CryptoHandshakeMessage message_;
  60   scoped_ptr<QuicData> message_data_;
  61   QuicCryptoClientConfig crypto_config_;
  62 };
  63
  64 TEST_F(QuicCryptoClientStreamTest, NotInitiallyConected) {
  65   EXPECT_FALSE(stream_->encryption_established());
  66   EXPECT_FALSE(stream_->handshake_confirmed());
  67 }
  68
  69 TEST_F(QuicCryptoClientStreamTest, ConnectedAfterSHLO) {
  70   CompleteCryptoHandshake();
  71   EXPECT_TRUE(stream_->encryption_established());
  72   EXPECT_TRUE(stream_->handshake_confirmed());
  73 }
  74
  75 TEST_F(QuicCryptoClientStreamTest, MessageAfterHandshake) {
  76   CompleteCryptoHandshake();
  77
  78   EXPECT_CALL(*connection_, SendConnectionClose(
  79       QUIC_CRYPTO_MESSAGE_AFTER_HANDSHAKE_COMPLETE));
  80   message_.set_tag(kCHLO);
  81   ConstructHandshakeMessage();
  82   stream_->ProcessRawData(message_data_->data(), message_data_->length());
  83 }
  84
  85 TEST_F(QuicCryptoClientStreamTest, BadMessageType) {
  86   stream_->CryptoConnect();
  87
  88   message_.set_tag(kCHLO);
  89   ConstructHandshakeMessage();
  90
  91   EXPECT_CALL(*connection_, SendConnectionCloseWithDetails(
  92         QUIC_INVALID_CRYPTO_MESSAGE_TYPE, "Expected REJ"));
  93   stream_->ProcessRawData(message_data_->data(), message_data_->length());
  94 }
  95
  96 TEST_F(QuicCryptoClientStreamTest, NegotiatedParameters) {
  97   CompleteCryptoHandshake();
  98
  99   const QuicConfig* config = session_->config();
 100   EXPECT_EQ(kMaximumIdleTimeoutSecs,
 101             config->IdleConnectionStateLifetime().ToSeconds());
 102   EXPECT_EQ(kDefaultMaxStreamsPerConnection,
 103             config->MaxStreamsPerConnection());
 104
 105   const QuicCryptoNegotiatedParameters& crypto_params(
 106       stream_->crypto_negotiated_params());
 107   EXPECT_EQ(crypto_config_.aead[0], crypto_params.aead);
 108   EXPECT_EQ(crypto_config_.kexs[0], crypto_params.key_exchange);
 109 }
 110
 111 TEST_F(QuicCryptoClientStreamTest, InvalidHostname) {
 112   QuicServerId server_id("invalid", 80, false, PRIVACY_MODE_DISABLED);
 113   stream_.reset(new QuicCryptoClientStream(server_id, session_.get(), nullptr,
 114                                            &crypto_config_));
 115   session_->SetCryptoStream(stream_.get());
 116
 117   CompleteCryptoHandshake();
 118   EXPECT_TRUE(stream_->encryption_established());
 119   EXPECT_TRUE(stream_->handshake_confirmed());
 120 }
 121
 122 TEST_F(QuicCryptoClientStreamTest, ExpiredServerConfig) {
 123   // Seed the config with a cached server config.
 124   CompleteCryptoHandshake();
 125
 126   connection_ = new PacketSavingConnection(Perspective::IS_CLIENT);
 127   session_.reset(new TestClientSession(connection_, DefaultQuicConfig()));
 128   stream_.reset(new QuicCryptoClientStream(server_id_, session_.get(), nullptr,
 129                                            &crypto_config_));
 130
 131   session_->SetCryptoStream(stream_.get());
 132
 133   // Advance time 5 years to ensure that we pass the expiry time of the cached
 134   // server config.
 135   connection_->AdvanceTime(
 136       QuicTime::Delta::FromSeconds(60 * 60 * 24 * 365 * 5));
 137
 138   stream_->CryptoConnect();
 139   // Check that a client hello was sent.
 140   ASSERT_EQ(1u, connection_->encrypted_packets_.size());
 141 }
 142
 143 TEST_F(QuicCryptoClientStreamTest, ServerConfigUpdate) {
 144   // Test that the crypto client stream can receive server config updates after
 145   // the connection has been established.
 146   CompleteCryptoHandshake();
 147
 148   QuicCryptoClientConfig::CachedState* state =
 149       crypto_config_.LookupOrCreate(server_id_);
 150
 151   // Ensure cached STK is different to what we send in the handshake.
 152   EXPECT_NE("xstk", state->source_address_token());
 153
 154   // Initialize using {...} syntax to avoid trailing \0 if converting from
 155   // string.
 156   unsigned char stk[] = { 'x', 's', 't', 'k' };
 157
 158   // Minimum SCFG that passes config validation checks.
 159   unsigned char scfg[] = {
 160     // SCFG
 161     0x53, 0x43, 0x46, 0x47,
 162     // num entries
 163     0x01, 0x00,
 164     // padding
 165     0x00, 0x00,
 166     // EXPY
 167     0x45, 0x58, 0x50, 0x59,
 168     // EXPY end offset
 169     0x08, 0x00, 0x00, 0x00,
 170     // Value
 171     '1',  '2',  '3',  '4',
 172     '5',  '6',  '7',  '8'
 173   };
 174
 175   CryptoHandshakeMessage server_config_update;
 176   server_config_update.set_tag(kSCUP);
 177   server_config_update.SetValue(kSourceAddressTokenTag, stk);
 178   server_config_update.SetValue(kSCFG, scfg);
 179
 180   scoped_ptr<QuicData> data(
 181       CryptoFramer::ConstructHandshakeMessage(server_config_update));
 182   stream_->ProcessRawData(data->data(), data->length());
 183
 184   // Make sure that the STK and SCFG are cached correctly.
 185   EXPECT_EQ("xstk", state->source_address_token());
 186
 187   string cached_scfg = state->server_config();
 188   test::CompareCharArraysWithHexError(
 189       "scfg", cached_scfg.data(), cached_scfg.length(),
 190       QuicUtils::AsChars(scfg), arraysize(scfg));
 191 }
 192
 193 TEST_F(QuicCryptoClientStreamTest, ServerConfigUpdateBeforeHandshake) {
 194   EXPECT_CALL(*connection_, SendConnectionClose(
 195       QUIC_CRYPTO_UPDATE_BEFORE_HANDSHAKE_COMPLETE));
 196   CryptoHandshakeMessage server_config_update;
 197   server_config_update.set_tag(kSCUP);
 198   scoped_ptr<QuicData> data(
 199       CryptoFramer::ConstructHandshakeMessage(server_config_update));
 200   stream_->ProcessRawData(data->data(), data->length());
 201 }
 202
 203 }  // namespace
 204 }  // namespace test
 205 }  // namespace net