1 /* 2 * libjingle 3 * Copyright 2004 Google Inc. 4 * 5 * Redistribution and use in source and binary forms, with or without 6 * modification, are permitted provided that the following conditions are met: 7 * 8 * 1. Redistributions of source code must retain the above copyright notice, 9 * this list of conditions and the following disclaimer. 10 * 2. Redistributions in binary form must reproduce the above copyright notice, 11 * this list of conditions and the following disclaimer in the documentation 12 * and/or other materials provided with the distribution. 13 * 3. The name of the author may not be used to endorse or promote products 14 * derived from this software without specific prior written permission. 15 * 16 * THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR IMPLIED 17 * WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF 18 * MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO 19 * EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, 20 * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, 21 * PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; 22 * OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, 23 * WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR 24 * OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF 25 * ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. 26 */ 27 28 #include "talk/media/base/cryptoparams.h" 29 #include "talk/media/base/fakertp.h" 30 #include "webrtc/p2p/base/sessiondescription.h" 31 #include "talk/session/media/srtpfilter.h" 32 #include "webrtc/base/byteorder.h" 33 #include "webrtc/base/gunit.h" 34 #include "webrtc/base/thread.h" 35 extern "C" { 36 #ifdef SRTP_RELATIVE_PATH 37 #include "crypto/include/err.h" 38 #else 39 #include "third_party/libsrtp/srtp/crypto/include/err.h" 40 #endif 41 } 42 43 using rtc::CS_AES_CM_128_HMAC_SHA1_80; 44 using rtc::CS_AES_CM_128_HMAC_SHA1_32; 45 using cricket::CryptoParams; 46 using cricket::CS_LOCAL; 47 using cricket::CS_REMOTE; 48 49 static const uint8_t kTestKey1[] = "ABCDEFGHIJKLMNOPQRSTUVWXYZ1234"; 50 static const uint8_t kTestKey2[] = "4321ZYXWVUTSRQPONMLKJIHGFEDCBA"; 51 static const int kTestKeyLen = 30; 52 static const std::string kTestKeyParams1 = 53 "inline:WVNfX19zZW1jdGwgKCkgewkyMjA7fQp9CnVubGVz"; 54 static const std::string kTestKeyParams2 = 55 "inline:PS1uQCVeeCFCanVmcjkpPywjNWhcYD0mXXtxaVBR"; 56 static const std::string kTestKeyParams3 = 57 "inline:1234X19zZW1jdGwgKCkgewkyMjA7fQp9CnVubGVz"; 58 static const std::string kTestKeyParams4 = 59 "inline:4567QCVeeCFCanVmcjkpPywjNWhcYD0mXXtxaVBR"; 60 static const cricket::CryptoParams kTestCryptoParams1( 61 1, "AES_CM_128_HMAC_SHA1_80", kTestKeyParams1, ""); 62 static const cricket::CryptoParams kTestCryptoParams2( 63 1, "AES_CM_128_HMAC_SHA1_80", kTestKeyParams2, ""); 64 65 static int rtp_auth_tag_len(const std::string& cs) { 66 return (cs == CS_AES_CM_128_HMAC_SHA1_32) ? 4 : 10; 67 } 68 static int rtcp_auth_tag_len(const std::string& cs) { 69 return 10; 70 } 71 72 class SrtpFilterTest : public testing::Test { 73 protected: 74 SrtpFilterTest() 75 // Need to initialize |sequence_number_|, the value does not matter. 76 : sequence_number_(1) { 77 } 78 static std::vector<CryptoParams> MakeVector(const CryptoParams& params) { 79 std::vector<CryptoParams> vec; 80 vec.push_back(params); 81 return vec; 82 } 83 void TestSetParams(const std::vector<CryptoParams>& params1, 84 const std::vector<CryptoParams>& params2) { 85 EXPECT_TRUE(f1_.SetOffer(params1, CS_LOCAL)); 86 EXPECT_TRUE(f2_.SetOffer(params1, CS_REMOTE)); 87 EXPECT_FALSE(f1_.IsActive()); 88 EXPECT_FALSE(f2_.IsActive()); 89 EXPECT_TRUE(f2_.SetAnswer(params2, CS_LOCAL)); 90 EXPECT_TRUE(f1_.SetAnswer(params2, CS_REMOTE)); 91 EXPECT_TRUE(f1_.IsActive()); 92 EXPECT_TRUE(f2_.IsActive()); 93 } 94 void TestProtectUnprotect(const std::string& cs1, const std::string& cs2) { 95 char rtp_packet[sizeof(kPcmuFrame) + 10]; 96 char original_rtp_packet[sizeof(kPcmuFrame)]; 97 char rtcp_packet[sizeof(kRtcpReport) + 4 + 10]; 98 int rtp_len = sizeof(kPcmuFrame), rtcp_len = sizeof(kRtcpReport), out_len; 99 memcpy(rtp_packet, kPcmuFrame, rtp_len); 100 // In order to be able to run this test function multiple times we can not 101 // use the same sequence number twice. Increase the sequence number by one. 102 rtc::SetBE16(reinterpret_cast<uint8_t*>(rtp_packet) + 2, 103 ++sequence_number_); 104 memcpy(original_rtp_packet, rtp_packet, rtp_len); 105 memcpy(rtcp_packet, kRtcpReport, rtcp_len); 106 107 EXPECT_TRUE(f1_.ProtectRtp(rtp_packet, rtp_len, 108 sizeof(rtp_packet), &out_len)); 109 EXPECT_EQ(out_len, rtp_len + rtp_auth_tag_len(cs1)); 110 EXPECT_NE(0, memcmp(rtp_packet, original_rtp_packet, rtp_len)); 111 EXPECT_TRUE(f2_.UnprotectRtp(rtp_packet, out_len, &out_len)); 112 EXPECT_EQ(rtp_len, out_len); 113 EXPECT_EQ(0, memcmp(rtp_packet, original_rtp_packet, rtp_len)); 114 115 EXPECT_TRUE(f2_.ProtectRtp(rtp_packet, rtp_len, 116 sizeof(rtp_packet), &out_len)); 117 EXPECT_EQ(out_len, rtp_len + rtp_auth_tag_len(cs2)); 118 EXPECT_NE(0, memcmp(rtp_packet, original_rtp_packet, rtp_len)); 119 EXPECT_TRUE(f1_.UnprotectRtp(rtp_packet, out_len, &out_len)); 120 EXPECT_EQ(rtp_len, out_len); 121 EXPECT_EQ(0, memcmp(rtp_packet, original_rtp_packet, rtp_len)); 122 123 EXPECT_TRUE(f1_.ProtectRtcp(rtcp_packet, rtcp_len, 124 sizeof(rtcp_packet), &out_len)); 125 EXPECT_EQ(out_len, rtcp_len + 4 + rtcp_auth_tag_len(cs1)); // NOLINT 126 EXPECT_NE(0, memcmp(rtcp_packet, kRtcpReport, rtcp_len)); 127 EXPECT_TRUE(f2_.UnprotectRtcp(rtcp_packet, out_len, &out_len)); 128 EXPECT_EQ(rtcp_len, out_len); 129 EXPECT_EQ(0, memcmp(rtcp_packet, kRtcpReport, rtcp_len)); 130 131 EXPECT_TRUE(f2_.ProtectRtcp(rtcp_packet, rtcp_len, 132 sizeof(rtcp_packet), &out_len)); 133 EXPECT_EQ(out_len, rtcp_len + 4 + rtcp_auth_tag_len(cs2)); // NOLINT 134 EXPECT_NE(0, memcmp(rtcp_packet, kRtcpReport, rtcp_len)); 135 EXPECT_TRUE(f1_.UnprotectRtcp(rtcp_packet, out_len, &out_len)); 136 EXPECT_EQ(rtcp_len, out_len); 137 EXPECT_EQ(0, memcmp(rtcp_packet, kRtcpReport, rtcp_len)); 138 } 139 cricket::SrtpFilter f1_; 140 cricket::SrtpFilter f2_; 141 int sequence_number_; 142 }; 143 144 // Test that we can set up the session and keys properly. 145 TEST_F(SrtpFilterTest, TestGoodSetupOneCipherSuite) { 146 EXPECT_TRUE(f1_.SetOffer(MakeVector(kTestCryptoParams1), CS_LOCAL)); 147 EXPECT_FALSE(f1_.IsActive()); 148 EXPECT_TRUE(f1_.SetAnswer(MakeVector(kTestCryptoParams2), CS_REMOTE)); 149 EXPECT_TRUE(f1_.IsActive()); 150 } 151 152 // Test that we can set up things with multiple params. 153 TEST_F(SrtpFilterTest, TestGoodSetupMultipleCipherSuites) { 154 std::vector<CryptoParams> offer(MakeVector(kTestCryptoParams1)); 155 std::vector<CryptoParams> answer(MakeVector(kTestCryptoParams2)); 156 offer.push_back(kTestCryptoParams1); 157 offer[1].tag = 2; 158 offer[1].cipher_suite = CS_AES_CM_128_HMAC_SHA1_32; 159 answer[0].tag = 2; 160 answer[0].cipher_suite = CS_AES_CM_128_HMAC_SHA1_32; 161 EXPECT_TRUE(f1_.SetOffer(offer, CS_LOCAL)); 162 EXPECT_FALSE(f1_.IsActive()); 163 EXPECT_TRUE(f1_.SetAnswer(answer, CS_REMOTE)); 164 EXPECT_TRUE(f1_.IsActive()); 165 } 166 167 // Test that we handle the cases where crypto is not desired. 168 TEST_F(SrtpFilterTest, TestGoodSetupNoCipherSuites) { 169 std::vector<CryptoParams> offer, answer; 170 EXPECT_TRUE(f1_.SetOffer(offer, CS_LOCAL)); 171 EXPECT_TRUE(f1_.SetAnswer(answer, CS_REMOTE)); 172 EXPECT_FALSE(f1_.IsActive()); 173 } 174 175 // Test that we handle the cases where crypto is not desired by the remote side. 176 TEST_F(SrtpFilterTest, TestGoodSetupNoAnswerCipherSuites) { 177 std::vector<CryptoParams> answer; 178 EXPECT_TRUE(f1_.SetOffer(MakeVector(kTestCryptoParams1), CS_LOCAL)); 179 EXPECT_TRUE(f1_.SetAnswer(answer, CS_REMOTE)); 180 EXPECT_FALSE(f1_.IsActive()); 181 } 182 183 // Test that we fail if we call the functions the wrong way. 184 TEST_F(SrtpFilterTest, TestBadSetup) { 185 std::vector<CryptoParams> offer(MakeVector(kTestCryptoParams1)); 186 std::vector<CryptoParams> answer(MakeVector(kTestCryptoParams2)); 187 EXPECT_FALSE(f1_.SetAnswer(answer, CS_LOCAL)); 188 EXPECT_FALSE(f1_.SetAnswer(answer, CS_REMOTE)); 189 EXPECT_TRUE(f1_.SetOffer(offer, CS_LOCAL)); 190 EXPECT_FALSE(f1_.SetAnswer(answer, CS_LOCAL)); 191 EXPECT_FALSE(f1_.IsActive()); 192 } 193 194 // Test that we can set offer multiple times from the same source. 195 TEST_F(SrtpFilterTest, TestGoodSetupMultipleOffers) { 196 EXPECT_TRUE(f1_.SetOffer(MakeVector(kTestCryptoParams1), CS_LOCAL)); 197 EXPECT_TRUE(f1_.SetOffer(MakeVector(kTestCryptoParams2), CS_LOCAL)); 198 EXPECT_FALSE(f1_.IsActive()); 199 EXPECT_TRUE(f1_.SetAnswer(MakeVector(kTestCryptoParams2), CS_REMOTE)); 200 EXPECT_TRUE(f1_.IsActive()); 201 EXPECT_TRUE(f1_.SetOffer(MakeVector(kTestCryptoParams1), CS_LOCAL)); 202 EXPECT_TRUE(f1_.SetOffer(MakeVector(kTestCryptoParams2), CS_LOCAL)); 203 EXPECT_TRUE(f1_.SetAnswer(MakeVector(kTestCryptoParams2), CS_REMOTE)); 204 205 EXPECT_TRUE(f2_.SetOffer(MakeVector(kTestCryptoParams1), CS_REMOTE)); 206 EXPECT_TRUE(f2_.SetOffer(MakeVector(kTestCryptoParams2), CS_REMOTE)); 207 EXPECT_FALSE(f2_.IsActive()); 208 EXPECT_TRUE(f2_.SetAnswer(MakeVector(kTestCryptoParams2), CS_LOCAL)); 209 EXPECT_TRUE(f2_.IsActive()); 210 EXPECT_TRUE(f2_.SetOffer(MakeVector(kTestCryptoParams1), CS_REMOTE)); 211 EXPECT_TRUE(f2_.SetOffer(MakeVector(kTestCryptoParams2), CS_REMOTE)); 212 EXPECT_TRUE(f2_.SetAnswer(MakeVector(kTestCryptoParams2), CS_LOCAL)); 213 } 214 // Test that we can't set offer multiple times from different sources. 215 TEST_F(SrtpFilterTest, TestBadSetupMultipleOffers) { 216 EXPECT_TRUE(f1_.SetOffer(MakeVector(kTestCryptoParams1), CS_LOCAL)); 217 EXPECT_FALSE(f1_.SetOffer(MakeVector(kTestCryptoParams2), CS_REMOTE)); 218 EXPECT_FALSE(f1_.IsActive()); 219 EXPECT_TRUE(f1_.SetAnswer(MakeVector(kTestCryptoParams1), CS_REMOTE)); 220 EXPECT_TRUE(f1_.IsActive()); 221 EXPECT_TRUE(f1_.SetOffer(MakeVector(kTestCryptoParams2), CS_LOCAL)); 222 EXPECT_FALSE(f1_.SetOffer(MakeVector(kTestCryptoParams1), CS_REMOTE)); 223 EXPECT_TRUE(f1_.SetAnswer(MakeVector(kTestCryptoParams2), CS_REMOTE)); 224 225 EXPECT_TRUE(f2_.SetOffer(MakeVector(kTestCryptoParams2), CS_REMOTE)); 226 EXPECT_FALSE(f2_.SetOffer(MakeVector(kTestCryptoParams1), CS_LOCAL)); 227 EXPECT_FALSE(f2_.IsActive()); 228 EXPECT_TRUE(f2_.SetAnswer(MakeVector(kTestCryptoParams2), CS_LOCAL)); 229 EXPECT_TRUE(f2_.IsActive()); 230 EXPECT_TRUE(f2_.SetOffer(MakeVector(kTestCryptoParams2), CS_REMOTE)); 231 EXPECT_FALSE(f2_.SetOffer(MakeVector(kTestCryptoParams1), CS_LOCAL)); 232 EXPECT_TRUE(f2_.SetAnswer(MakeVector(kTestCryptoParams2), CS_LOCAL)); 233 } 234 235 // Test that we fail if we have params in the answer when none were offered. 236 TEST_F(SrtpFilterTest, TestNoAnswerCipherSuites) { 237 std::vector<CryptoParams> offer; 238 EXPECT_TRUE(f1_.SetOffer(offer, CS_LOCAL)); 239 EXPECT_FALSE(f1_.SetAnswer(MakeVector(kTestCryptoParams2), CS_REMOTE)); 240 EXPECT_FALSE(f1_.IsActive()); 241 } 242 243 // Test that we fail if we have too many params in our answer. 244 TEST_F(SrtpFilterTest, TestMultipleAnswerCipherSuites) { 245 std::vector<CryptoParams> answer(MakeVector(kTestCryptoParams2)); 246 answer.push_back(kTestCryptoParams2); 247 answer[1].tag = 2; 248 answer[1].cipher_suite = CS_AES_CM_128_HMAC_SHA1_32; 249 EXPECT_TRUE(f1_.SetOffer(MakeVector(kTestCryptoParams1), CS_LOCAL)); 250 EXPECT_FALSE(f1_.SetAnswer(answer, CS_REMOTE)); 251 EXPECT_FALSE(f1_.IsActive()); 252 } 253 254 // Test that we fail if we don't support the cipher-suite. 255 TEST_F(SrtpFilterTest, TestInvalidCipherSuite) { 256 std::vector<CryptoParams> offer(MakeVector(kTestCryptoParams1)); 257 std::vector<CryptoParams> answer(MakeVector(kTestCryptoParams2)); 258 offer[0].cipher_suite = answer[0].cipher_suite = "FOO"; 259 EXPECT_TRUE(f1_.SetOffer(offer, CS_LOCAL)); 260 EXPECT_FALSE(f1_.SetAnswer(answer, CS_REMOTE)); 261 EXPECT_FALSE(f1_.IsActive()); 262 } 263 264 // Test that we fail if we can't agree on a tag. 265 TEST_F(SrtpFilterTest, TestNoMatchingTag) { 266 std::vector<CryptoParams> offer(MakeVector(kTestCryptoParams1)); 267 std::vector<CryptoParams> answer(MakeVector(kTestCryptoParams2)); 268 answer[0].tag = 99; 269 EXPECT_TRUE(f1_.SetOffer(offer, CS_LOCAL)); 270 EXPECT_FALSE(f1_.SetAnswer(answer, CS_REMOTE)); 271 EXPECT_FALSE(f1_.IsActive()); 272 } 273 274 // Test that we fail if we can't agree on a cipher-suite. 275 TEST_F(SrtpFilterTest, TestNoMatchingCipherSuite) { 276 std::vector<CryptoParams> offer(MakeVector(kTestCryptoParams1)); 277 std::vector<CryptoParams> answer(MakeVector(kTestCryptoParams2)); 278 answer[0].tag = 2; 279 answer[0].cipher_suite = "FOO"; 280 EXPECT_TRUE(f1_.SetOffer(offer, CS_LOCAL)); 281 EXPECT_FALSE(f1_.SetAnswer(answer, CS_REMOTE)); 282 EXPECT_FALSE(f1_.IsActive()); 283 } 284 285 // Test that we fail keys with bad base64 content. 286 TEST_F(SrtpFilterTest, TestInvalidKeyData) { 287 std::vector<CryptoParams> offer(MakeVector(kTestCryptoParams1)); 288 std::vector<CryptoParams> answer(MakeVector(kTestCryptoParams2)); 289 answer[0].key_params = "inline:!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!"; 290 EXPECT_TRUE(f1_.SetOffer(offer, CS_LOCAL)); 291 EXPECT_FALSE(f1_.SetAnswer(answer, CS_REMOTE)); 292 EXPECT_FALSE(f1_.IsActive()); 293 } 294 295 // Test that we fail keys with the wrong key-method. 296 TEST_F(SrtpFilterTest, TestWrongKeyMethod) { 297 std::vector<CryptoParams> offer(MakeVector(kTestCryptoParams1)); 298 std::vector<CryptoParams> answer(MakeVector(kTestCryptoParams2)); 299 answer[0].key_params = "outline:PS1uQCVeeCFCanVmcjkpPywjNWhcYD0mXXtxaVBR"; 300 EXPECT_TRUE(f1_.SetOffer(offer, CS_LOCAL)); 301 EXPECT_FALSE(f1_.SetAnswer(answer, CS_REMOTE)); 302 EXPECT_FALSE(f1_.IsActive()); 303 } 304 305 // Test that we fail keys of the wrong length. 306 TEST_F(SrtpFilterTest, TestKeyTooShort) { 307 std::vector<CryptoParams> offer(MakeVector(kTestCryptoParams1)); 308 std::vector<CryptoParams> answer(MakeVector(kTestCryptoParams2)); 309 answer[0].key_params = "inline:PS1uQCVeeCFCanVmcjkpPywjNWhcYD0mXXtx"; 310 EXPECT_TRUE(f1_.SetOffer(offer, CS_LOCAL)); 311 EXPECT_FALSE(f1_.SetAnswer(answer, CS_REMOTE)); 312 EXPECT_FALSE(f1_.IsActive()); 313 } 314 315 // Test that we fail keys of the wrong length. 316 TEST_F(SrtpFilterTest, TestKeyTooLong) { 317 std::vector<CryptoParams> offer(MakeVector(kTestCryptoParams1)); 318 std::vector<CryptoParams> answer(MakeVector(kTestCryptoParams2)); 319 answer[0].key_params = "inline:PS1uQCVeeCFCanVmcjkpPywjNWhcYD0mXXtxaVBRABCD"; 320 EXPECT_TRUE(f1_.SetOffer(offer, CS_LOCAL)); 321 EXPECT_FALSE(f1_.SetAnswer(answer, CS_REMOTE)); 322 EXPECT_FALSE(f1_.IsActive()); 323 } 324 325 // Test that we fail keys with lifetime or MKI set (since we don't support) 326 TEST_F(SrtpFilterTest, TestUnsupportedOptions) { 327 std::vector<CryptoParams> offer(MakeVector(kTestCryptoParams1)); 328 std::vector<CryptoParams> answer(MakeVector(kTestCryptoParams2)); 329 answer[0].key_params = 330 "inline:PS1uQCVeeCFCanVmcjkpPywjNWhcYD0mXXtxaVBR|2^20|1:4"; 331 EXPECT_TRUE(f1_.SetOffer(offer, CS_LOCAL)); 332 EXPECT_FALSE(f1_.SetAnswer(answer, CS_REMOTE)); 333 EXPECT_FALSE(f1_.IsActive()); 334 } 335 336 // Test that we can encrypt/decrypt after setting the same CryptoParams again on 337 // one side. 338 TEST_F(SrtpFilterTest, TestSettingSameKeyOnOneSide) { 339 std::vector<CryptoParams> offer(MakeVector(kTestCryptoParams1)); 340 std::vector<CryptoParams> answer(MakeVector(kTestCryptoParams2)); 341 TestSetParams(offer, answer); 342 343 TestProtectUnprotect(CS_AES_CM_128_HMAC_SHA1_80, 344 CS_AES_CM_128_HMAC_SHA1_80); 345 346 // Re-applying the same keys on one end and it should not reset the ROC. 347 EXPECT_TRUE(f2_.SetOffer(offer, CS_REMOTE)); 348 EXPECT_TRUE(f2_.SetAnswer(answer, CS_LOCAL)); 349 TestProtectUnprotect(CS_AES_CM_128_HMAC_SHA1_80, CS_AES_CM_128_HMAC_SHA1_80); 350 } 351 352 // Test that we can encrypt/decrypt after negotiating AES_CM_128_HMAC_SHA1_80. 353 TEST_F(SrtpFilterTest, TestProtect_AES_CM_128_HMAC_SHA1_80) { 354 std::vector<CryptoParams> offer(MakeVector(kTestCryptoParams1)); 355 std::vector<CryptoParams> answer(MakeVector(kTestCryptoParams2)); 356 offer.push_back(kTestCryptoParams1); 357 offer[1].tag = 2; 358 offer[1].cipher_suite = CS_AES_CM_128_HMAC_SHA1_32; 359 TestSetParams(offer, answer); 360 TestProtectUnprotect(CS_AES_CM_128_HMAC_SHA1_80, CS_AES_CM_128_HMAC_SHA1_80); 361 } 362 363 // Test that we can encrypt/decrypt after negotiating AES_CM_128_HMAC_SHA1_32. 364 TEST_F(SrtpFilterTest, TestProtect_AES_CM_128_HMAC_SHA1_32) { 365 std::vector<CryptoParams> offer(MakeVector(kTestCryptoParams1)); 366 std::vector<CryptoParams> answer(MakeVector(kTestCryptoParams2)); 367 offer.push_back(kTestCryptoParams1); 368 offer[1].tag = 2; 369 offer[1].cipher_suite = CS_AES_CM_128_HMAC_SHA1_32; 370 answer[0].tag = 2; 371 answer[0].cipher_suite = CS_AES_CM_128_HMAC_SHA1_32; 372 TestSetParams(offer, answer); 373 TestProtectUnprotect(CS_AES_CM_128_HMAC_SHA1_32, CS_AES_CM_128_HMAC_SHA1_32); 374 } 375 376 // Test that we can change encryption parameters. 377 TEST_F(SrtpFilterTest, TestChangeParameters) { 378 std::vector<CryptoParams> offer(MakeVector(kTestCryptoParams1)); 379 std::vector<CryptoParams> answer(MakeVector(kTestCryptoParams2)); 380 381 TestSetParams(offer, answer); 382 TestProtectUnprotect(CS_AES_CM_128_HMAC_SHA1_80, CS_AES_CM_128_HMAC_SHA1_80); 383 384 // Change the key parameters and cipher_suite. 385 offer[0].key_params = kTestKeyParams3; 386 offer[0].cipher_suite = CS_AES_CM_128_HMAC_SHA1_32; 387 answer[0].key_params = kTestKeyParams4; 388 answer[0].cipher_suite = CS_AES_CM_128_HMAC_SHA1_32; 389 390 EXPECT_TRUE(f1_.SetOffer(offer, CS_LOCAL)); 391 EXPECT_TRUE(f2_.SetOffer(offer, CS_REMOTE)); 392 EXPECT_TRUE(f1_.IsActive()); 393 EXPECT_TRUE(f1_.IsActive()); 394 395 // Test that the old keys are valid until the negotiation is complete. 396 TestProtectUnprotect(CS_AES_CM_128_HMAC_SHA1_80, CS_AES_CM_128_HMAC_SHA1_80); 397 398 // Complete the negotiation and test that we can still understand each other. 399 EXPECT_TRUE(f2_.SetAnswer(answer, CS_LOCAL)); 400 EXPECT_TRUE(f1_.SetAnswer(answer, CS_REMOTE)); 401 402 TestProtectUnprotect(CS_AES_CM_128_HMAC_SHA1_32, CS_AES_CM_128_HMAC_SHA1_32); 403 } 404 405 // Test that we can send and receive provisional answers with crypto enabled. 406 // Also test that we can change the crypto. 407 TEST_F(SrtpFilterTest, TestProvisionalAnswer) { 408 std::vector<CryptoParams> offer(MakeVector(kTestCryptoParams1)); 409 offer.push_back(kTestCryptoParams1); 410 offer[1].tag = 2; 411 offer[1].cipher_suite = CS_AES_CM_128_HMAC_SHA1_32; 412 std::vector<CryptoParams> answer(MakeVector(kTestCryptoParams2)); 413 414 EXPECT_TRUE(f1_.SetOffer(offer, CS_LOCAL)); 415 EXPECT_TRUE(f2_.SetOffer(offer, CS_REMOTE)); 416 EXPECT_FALSE(f1_.IsActive()); 417 EXPECT_FALSE(f2_.IsActive()); 418 EXPECT_TRUE(f2_.SetProvisionalAnswer(answer, CS_LOCAL)); 419 EXPECT_TRUE(f1_.SetProvisionalAnswer(answer, CS_REMOTE)); 420 EXPECT_TRUE(f1_.IsActive()); 421 EXPECT_TRUE(f2_.IsActive()); 422 TestProtectUnprotect(CS_AES_CM_128_HMAC_SHA1_80, CS_AES_CM_128_HMAC_SHA1_80); 423 424 answer[0].key_params = kTestKeyParams4; 425 answer[0].tag = 2; 426 answer[0].cipher_suite = CS_AES_CM_128_HMAC_SHA1_32; 427 EXPECT_TRUE(f2_.SetAnswer(answer, CS_LOCAL)); 428 EXPECT_TRUE(f1_.SetAnswer(answer, CS_REMOTE)); 429 EXPECT_TRUE(f1_.IsActive()); 430 EXPECT_TRUE(f2_.IsActive()); 431 TestProtectUnprotect(CS_AES_CM_128_HMAC_SHA1_32, CS_AES_CM_128_HMAC_SHA1_32); 432 } 433 434 // Test that a provisional answer doesn't need to contain a crypto. 435 TEST_F(SrtpFilterTest, TestProvisionalAnswerWithoutCrypto) { 436 std::vector<CryptoParams> offer(MakeVector(kTestCryptoParams1)); 437 std::vector<CryptoParams> answer; 438 439 EXPECT_TRUE(f1_.SetOffer(offer, CS_LOCAL)); 440 EXPECT_TRUE(f2_.SetOffer(offer, CS_REMOTE)); 441 EXPECT_FALSE(f1_.IsActive()); 442 EXPECT_FALSE(f2_.IsActive()); 443 EXPECT_TRUE(f2_.SetProvisionalAnswer(answer, CS_LOCAL)); 444 EXPECT_TRUE(f1_.SetProvisionalAnswer(answer, CS_REMOTE)); 445 EXPECT_FALSE(f1_.IsActive()); 446 EXPECT_FALSE(f2_.IsActive()); 447 448 answer.push_back(kTestCryptoParams2); 449 EXPECT_TRUE(f2_.SetAnswer(answer, CS_LOCAL)); 450 EXPECT_TRUE(f1_.SetAnswer(answer, CS_REMOTE)); 451 EXPECT_TRUE(f1_.IsActive()); 452 EXPECT_TRUE(f2_.IsActive()); 453 TestProtectUnprotect(CS_AES_CM_128_HMAC_SHA1_80, CS_AES_CM_128_HMAC_SHA1_80); 454 } 455 456 // Test that if we get a new local offer after a provisional answer 457 // with no crypto, that we are in an inactive state. 458 TEST_F(SrtpFilterTest, TestLocalOfferAfterProvisionalAnswerWithoutCrypto) { 459 std::vector<CryptoParams> offer(MakeVector(kTestCryptoParams1)); 460 std::vector<CryptoParams> answer; 461 462 EXPECT_TRUE(f1_.SetOffer(offer, CS_LOCAL)); 463 EXPECT_TRUE(f2_.SetOffer(offer, CS_REMOTE)); 464 EXPECT_TRUE(f1_.SetProvisionalAnswer(answer, CS_REMOTE)); 465 EXPECT_TRUE(f2_.SetProvisionalAnswer(answer, CS_LOCAL)); 466 EXPECT_FALSE(f1_.IsActive()); 467 EXPECT_FALSE(f2_.IsActive()); 468 // The calls to set an offer after a provisional answer fail, so the 469 // state doesn't change. 470 EXPECT_FALSE(f1_.SetOffer(offer, CS_LOCAL)); 471 EXPECT_FALSE(f2_.SetOffer(offer, CS_REMOTE)); 472 EXPECT_FALSE(f1_.IsActive()); 473 EXPECT_FALSE(f2_.IsActive()); 474 475 answer.push_back(kTestCryptoParams2); 476 EXPECT_TRUE(f2_.SetAnswer(answer, CS_LOCAL)); 477 EXPECT_TRUE(f1_.SetAnswer(answer, CS_REMOTE)); 478 EXPECT_TRUE(f1_.IsActive()); 479 EXPECT_TRUE(f2_.IsActive()); 480 TestProtectUnprotect(CS_AES_CM_128_HMAC_SHA1_80, CS_AES_CM_128_HMAC_SHA1_80); 481 } 482 483 // Test that we can disable encryption. 484 TEST_F(SrtpFilterTest, TestDisableEncryption) { 485 std::vector<CryptoParams> offer(MakeVector(kTestCryptoParams1)); 486 std::vector<CryptoParams> answer(MakeVector(kTestCryptoParams2)); 487 488 TestSetParams(offer, answer); 489 TestProtectUnprotect(CS_AES_CM_128_HMAC_SHA1_80, CS_AES_CM_128_HMAC_SHA1_80); 490 491 offer.clear(); 492 answer.clear(); 493 EXPECT_TRUE(f1_.SetOffer(offer, CS_LOCAL)); 494 EXPECT_TRUE(f2_.SetOffer(offer, CS_REMOTE)); 495 EXPECT_TRUE(f1_.IsActive()); 496 EXPECT_TRUE(f2_.IsActive()); 497 498 // Test that the old keys are valid until the negotiation is complete. 499 TestProtectUnprotect(CS_AES_CM_128_HMAC_SHA1_80, CS_AES_CM_128_HMAC_SHA1_80); 500 501 // Complete the negotiation. 502 EXPECT_TRUE(f2_.SetAnswer(answer, CS_LOCAL)); 503 EXPECT_TRUE(f1_.SetAnswer(answer, CS_REMOTE)); 504 505 EXPECT_FALSE(f1_.IsActive()); 506 EXPECT_FALSE(f2_.IsActive()); 507 } 508 509 // Test directly setting the params with AES_CM_128_HMAC_SHA1_80 510 TEST_F(SrtpFilterTest, TestProtect_SetParamsDirect_AES_CM_128_HMAC_SHA1_80) { 511 EXPECT_TRUE(f1_.SetRtpParams(rtc::SRTP_AES128_CM_SHA1_80, kTestKey1, 512 kTestKeyLen, rtc::SRTP_AES128_CM_SHA1_80, 513 kTestKey2, kTestKeyLen)); 514 EXPECT_TRUE(f2_.SetRtpParams(rtc::SRTP_AES128_CM_SHA1_80, kTestKey2, 515 kTestKeyLen, rtc::SRTP_AES128_CM_SHA1_80, 516 kTestKey1, kTestKeyLen)); 517 EXPECT_TRUE(f1_.SetRtcpParams(rtc::SRTP_AES128_CM_SHA1_80, kTestKey1, 518 kTestKeyLen, rtc::SRTP_AES128_CM_SHA1_80, 519 kTestKey2, kTestKeyLen)); 520 EXPECT_TRUE(f2_.SetRtcpParams(rtc::SRTP_AES128_CM_SHA1_80, kTestKey2, 521 kTestKeyLen, rtc::SRTP_AES128_CM_SHA1_80, 522 kTestKey1, kTestKeyLen)); 523 EXPECT_TRUE(f1_.IsActive()); 524 EXPECT_TRUE(f2_.IsActive()); 525 TestProtectUnprotect(CS_AES_CM_128_HMAC_SHA1_80, CS_AES_CM_128_HMAC_SHA1_80); 526 } 527 528 // Test directly setting the params with AES_CM_128_HMAC_SHA1_32 529 TEST_F(SrtpFilterTest, TestProtect_SetParamsDirect_AES_CM_128_HMAC_SHA1_32) { 530 EXPECT_TRUE(f1_.SetRtpParams(rtc::SRTP_AES128_CM_SHA1_32, kTestKey1, 531 kTestKeyLen, rtc::SRTP_AES128_CM_SHA1_32, 532 kTestKey2, kTestKeyLen)); 533 EXPECT_TRUE(f2_.SetRtpParams(rtc::SRTP_AES128_CM_SHA1_32, kTestKey2, 534 kTestKeyLen, rtc::SRTP_AES128_CM_SHA1_32, 535 kTestKey1, kTestKeyLen)); 536 EXPECT_TRUE(f1_.SetRtcpParams(rtc::SRTP_AES128_CM_SHA1_32, kTestKey1, 537 kTestKeyLen, rtc::SRTP_AES128_CM_SHA1_32, 538 kTestKey2, kTestKeyLen)); 539 EXPECT_TRUE(f2_.SetRtcpParams(rtc::SRTP_AES128_CM_SHA1_32, kTestKey2, 540 kTestKeyLen, rtc::SRTP_AES128_CM_SHA1_32, 541 kTestKey1, kTestKeyLen)); 542 EXPECT_TRUE(f1_.IsActive()); 543 EXPECT_TRUE(f2_.IsActive()); 544 TestProtectUnprotect(CS_AES_CM_128_HMAC_SHA1_32, CS_AES_CM_128_HMAC_SHA1_32); 545 } 546 547 // Test directly setting the params with bogus keys 548 TEST_F(SrtpFilterTest, TestSetParamsKeyTooShort) { 549 EXPECT_FALSE(f1_.SetRtpParams(rtc::SRTP_AES128_CM_SHA1_80, kTestKey1, 550 kTestKeyLen - 1, rtc::SRTP_AES128_CM_SHA1_80, 551 kTestKey1, kTestKeyLen - 1)); 552 EXPECT_FALSE(f1_.SetRtcpParams(rtc::SRTP_AES128_CM_SHA1_80, kTestKey1, 553 kTestKeyLen - 1, rtc::SRTP_AES128_CM_SHA1_80, 554 kTestKey1, kTestKeyLen - 1)); 555 } 556 557 #if defined(ENABLE_EXTERNAL_AUTH) 558 TEST_F(SrtpFilterTest, TestGetSendAuthParams) { 559 EXPECT_TRUE(f1_.SetRtpParams(rtc::SRTP_AES128_CM_SHA1_32, kTestKey1, 560 kTestKeyLen, rtc::SRTP_AES128_CM_SHA1_32, 561 kTestKey2, kTestKeyLen)); 562 EXPECT_TRUE(f1_.SetRtcpParams(rtc::SRTP_AES128_CM_SHA1_32, kTestKey1, 563 kTestKeyLen, rtc::SRTP_AES128_CM_SHA1_32, 564 kTestKey2, kTestKeyLen)); 565 uint8_t* auth_key = NULL; 566 int auth_key_len = 0, auth_tag_len = 0; 567 EXPECT_TRUE(f1_.GetRtpAuthParams(&auth_key, &auth_key_len, &auth_tag_len)); 568 EXPECT_TRUE(auth_key != NULL); 569 EXPECT_EQ(20, auth_key_len); 570 EXPECT_EQ(4, auth_tag_len); 571 } 572 #endif 573 574 class SrtpSessionTest : public testing::Test { 575 protected: 576 virtual void SetUp() { 577 rtp_len_ = sizeof(kPcmuFrame); 578 rtcp_len_ = sizeof(kRtcpReport); 579 memcpy(rtp_packet_, kPcmuFrame, rtp_len_); 580 memcpy(rtcp_packet_, kRtcpReport, rtcp_len_); 581 } 582 void TestProtectRtp(const std::string& cs) { 583 int out_len = 0; 584 EXPECT_TRUE(s1_.ProtectRtp(rtp_packet_, rtp_len_, 585 sizeof(rtp_packet_), &out_len)); 586 EXPECT_EQ(out_len, rtp_len_ + rtp_auth_tag_len(cs)); 587 EXPECT_NE(0, memcmp(rtp_packet_, kPcmuFrame, rtp_len_)); 588 rtp_len_ = out_len; 589 } 590 void TestProtectRtcp(const std::string& cs) { 591 int out_len = 0; 592 EXPECT_TRUE(s1_.ProtectRtcp(rtcp_packet_, rtcp_len_, 593 sizeof(rtcp_packet_), &out_len)); 594 EXPECT_EQ(out_len, rtcp_len_ + 4 + rtcp_auth_tag_len(cs)); // NOLINT 595 EXPECT_NE(0, memcmp(rtcp_packet_, kRtcpReport, rtcp_len_)); 596 rtcp_len_ = out_len; 597 } 598 void TestUnprotectRtp(const std::string& cs) { 599 int out_len = 0, expected_len = sizeof(kPcmuFrame); 600 EXPECT_TRUE(s2_.UnprotectRtp(rtp_packet_, rtp_len_, &out_len)); 601 EXPECT_EQ(expected_len, out_len); 602 EXPECT_EQ(0, memcmp(rtp_packet_, kPcmuFrame, out_len)); 603 } 604 void TestUnprotectRtcp(const std::string& cs) { 605 int out_len = 0, expected_len = sizeof(kRtcpReport); 606 EXPECT_TRUE(s2_.UnprotectRtcp(rtcp_packet_, rtcp_len_, &out_len)); 607 EXPECT_EQ(expected_len, out_len); 608 EXPECT_EQ(0, memcmp(rtcp_packet_, kRtcpReport, out_len)); 609 } 610 cricket::SrtpSession s1_; 611 cricket::SrtpSession s2_; 612 char rtp_packet_[sizeof(kPcmuFrame) + 10]; 613 char rtcp_packet_[sizeof(kRtcpReport) + 4 + 10]; 614 int rtp_len_; 615 int rtcp_len_; 616 }; 617 618 // Test that we can set up the session and keys properly. 619 TEST_F(SrtpSessionTest, TestGoodSetup) { 620 EXPECT_TRUE(s1_.SetSend(rtc::SRTP_AES128_CM_SHA1_80, kTestKey1, kTestKeyLen)); 621 EXPECT_TRUE(s2_.SetRecv(rtc::SRTP_AES128_CM_SHA1_80, kTestKey1, kTestKeyLen)); 622 } 623 624 // Test that we can't change the keys once set. 625 TEST_F(SrtpSessionTest, TestBadSetup) { 626 EXPECT_TRUE(s1_.SetSend(rtc::SRTP_AES128_CM_SHA1_80, kTestKey1, kTestKeyLen)); 627 EXPECT_TRUE(s2_.SetRecv(rtc::SRTP_AES128_CM_SHA1_80, kTestKey1, kTestKeyLen)); 628 EXPECT_FALSE( 629 s1_.SetSend(rtc::SRTP_AES128_CM_SHA1_80, kTestKey2, kTestKeyLen)); 630 EXPECT_FALSE( 631 s2_.SetRecv(rtc::SRTP_AES128_CM_SHA1_80, kTestKey2, kTestKeyLen)); 632 } 633 634 // Test that we fail keys of the wrong length. 635 TEST_F(SrtpSessionTest, TestKeysTooShort) { 636 EXPECT_FALSE(s1_.SetSend(rtc::SRTP_AES128_CM_SHA1_80, kTestKey1, 1)); 637 EXPECT_FALSE(s2_.SetRecv(rtc::SRTP_AES128_CM_SHA1_80, kTestKey1, 1)); 638 } 639 640 // Test that we can encrypt and decrypt RTP/RTCP using AES_CM_128_HMAC_SHA1_80. 641 TEST_F(SrtpSessionTest, TestProtect_AES_CM_128_HMAC_SHA1_80) { 642 EXPECT_TRUE(s1_.SetSend(rtc::SRTP_AES128_CM_SHA1_80, kTestKey1, kTestKeyLen)); 643 EXPECT_TRUE(s2_.SetRecv(rtc::SRTP_AES128_CM_SHA1_80, kTestKey1, kTestKeyLen)); 644 TestProtectRtp(CS_AES_CM_128_HMAC_SHA1_80); 645 TestProtectRtcp(CS_AES_CM_128_HMAC_SHA1_80); 646 TestUnprotectRtp(CS_AES_CM_128_HMAC_SHA1_80); 647 TestUnprotectRtcp(CS_AES_CM_128_HMAC_SHA1_80); 648 } 649 650 // Test that we can encrypt and decrypt RTP/RTCP using AES_CM_128_HMAC_SHA1_32. 651 TEST_F(SrtpSessionTest, TestProtect_AES_CM_128_HMAC_SHA1_32) { 652 EXPECT_TRUE(s1_.SetSend(rtc::SRTP_AES128_CM_SHA1_32, kTestKey1, kTestKeyLen)); 653 EXPECT_TRUE(s2_.SetRecv(rtc::SRTP_AES128_CM_SHA1_32, kTestKey1, kTestKeyLen)); 654 TestProtectRtp(CS_AES_CM_128_HMAC_SHA1_32); 655 TestProtectRtcp(CS_AES_CM_128_HMAC_SHA1_32); 656 TestUnprotectRtp(CS_AES_CM_128_HMAC_SHA1_32); 657 TestUnprotectRtcp(CS_AES_CM_128_HMAC_SHA1_32); 658 } 659 660 TEST_F(SrtpSessionTest, TestGetSendStreamPacketIndex) { 661 EXPECT_TRUE(s1_.SetSend(rtc::SRTP_AES128_CM_SHA1_32, kTestKey1, kTestKeyLen)); 662 int64_t index; 663 int out_len = 0; 664 EXPECT_TRUE(s1_.ProtectRtp(rtp_packet_, rtp_len_, 665 sizeof(rtp_packet_), &out_len, &index)); 666 // |index| will be shifted by 16. 667 int64_t be64_index = static_cast<int64_t>(rtc::NetworkToHost64(1 << 16)); 668 EXPECT_EQ(be64_index, index); 669 } 670 671 // Test that we fail to unprotect if someone tampers with the RTP/RTCP paylaods. 672 TEST_F(SrtpSessionTest, TestTamperReject) { 673 int out_len; 674 EXPECT_TRUE(s1_.SetSend(rtc::SRTP_AES128_CM_SHA1_80, kTestKey1, kTestKeyLen)); 675 EXPECT_TRUE(s2_.SetRecv(rtc::SRTP_AES128_CM_SHA1_80, kTestKey1, kTestKeyLen)); 676 TestProtectRtp(CS_AES_CM_128_HMAC_SHA1_80); 677 TestProtectRtcp(CS_AES_CM_128_HMAC_SHA1_80); 678 rtp_packet_[0] = 0x12; 679 rtcp_packet_[1] = 0x34; 680 EXPECT_FALSE(s2_.UnprotectRtp(rtp_packet_, rtp_len_, &out_len)); 681 EXPECT_FALSE(s2_.UnprotectRtcp(rtcp_packet_, rtcp_len_, &out_len)); 682 } 683 684 // Test that we fail to unprotect if the payloads are not authenticated. 685 TEST_F(SrtpSessionTest, TestUnencryptReject) { 686 int out_len; 687 EXPECT_TRUE(s1_.SetSend(rtc::SRTP_AES128_CM_SHA1_80, kTestKey1, kTestKeyLen)); 688 EXPECT_TRUE(s2_.SetRecv(rtc::SRTP_AES128_CM_SHA1_80, kTestKey1, kTestKeyLen)); 689 EXPECT_FALSE(s2_.UnprotectRtp(rtp_packet_, rtp_len_, &out_len)); 690 EXPECT_FALSE(s2_.UnprotectRtcp(rtcp_packet_, rtcp_len_, &out_len)); 691 } 692 693 // Test that we fail when using buffers that are too small. 694 TEST_F(SrtpSessionTest, TestBuffersTooSmall) { 695 int out_len; 696 EXPECT_TRUE(s1_.SetSend(rtc::SRTP_AES128_CM_SHA1_80, kTestKey1, kTestKeyLen)); 697 EXPECT_FALSE(s1_.ProtectRtp(rtp_packet_, rtp_len_, 698 sizeof(rtp_packet_) - 10, &out_len)); 699 EXPECT_FALSE(s1_.ProtectRtcp(rtcp_packet_, rtcp_len_, 700 sizeof(rtcp_packet_) - 14, &out_len)); 701 } 702 703 TEST_F(SrtpSessionTest, TestReplay) { 704 static const uint16_t kMaxSeqnum = static_cast<uint16_t>(-1); 705 static const uint16_t seqnum_big = 62275; 706 static const uint16_t seqnum_small = 10; 707 static const uint16_t replay_window = 1024; 708 int out_len; 709 710 EXPECT_TRUE(s1_.SetSend(rtc::SRTP_AES128_CM_SHA1_80, kTestKey1, kTestKeyLen)); 711 EXPECT_TRUE(s2_.SetRecv(rtc::SRTP_AES128_CM_SHA1_80, kTestKey1, kTestKeyLen)); 712 713 // Initial sequence number. 714 rtc::SetBE16(reinterpret_cast<uint8_t*>(rtp_packet_) + 2, seqnum_big); 715 EXPECT_TRUE(s1_.ProtectRtp(rtp_packet_, rtp_len_, sizeof(rtp_packet_), 716 &out_len)); 717 718 // Replay within the 1024 window should succeed. 719 rtc::SetBE16(reinterpret_cast<uint8_t*>(rtp_packet_) + 2, 720 seqnum_big - replay_window + 1); 721 EXPECT_TRUE(s1_.ProtectRtp(rtp_packet_, rtp_len_, sizeof(rtp_packet_), 722 &out_len)); 723 724 // Replay out side of the 1024 window should fail. 725 rtc::SetBE16(reinterpret_cast<uint8_t*>(rtp_packet_) + 2, 726 seqnum_big - replay_window - 1); 727 EXPECT_FALSE(s1_.ProtectRtp(rtp_packet_, rtp_len_, sizeof(rtp_packet_), 728 &out_len)); 729 730 // Increment sequence number to a small number. 731 rtc::SetBE16(reinterpret_cast<uint8_t*>(rtp_packet_) + 2, seqnum_small); 732 EXPECT_TRUE(s1_.ProtectRtp(rtp_packet_, rtp_len_, sizeof(rtp_packet_), 733 &out_len)); 734 735 // Replay around 0 but out side of the 1024 window should fail. 736 rtc::SetBE16(reinterpret_cast<uint8_t*>(rtp_packet_) + 2, 737 kMaxSeqnum + seqnum_small - replay_window - 1); 738 EXPECT_FALSE(s1_.ProtectRtp(rtp_packet_, rtp_len_, sizeof(rtp_packet_), 739 &out_len)); 740 741 // Replay around 0 but within the 1024 window should succeed. 742 for (uint16_t seqnum = 65000; seqnum < 65003; ++seqnum) { 743 rtc::SetBE16(reinterpret_cast<uint8_t*>(rtp_packet_) + 2, seqnum); 744 EXPECT_TRUE(s1_.ProtectRtp(rtp_packet_, rtp_len_, sizeof(rtp_packet_), 745 &out_len)); 746 } 747 748 // Go back to normal sequence nubmer. 749 // NOTE: without the fix in libsrtp, this would fail. This is because 750 // without the fix, the loop above would keep incrementing local sequence 751 // number in libsrtp, eventually the new sequence number would go out side 752 // of the window. 753 rtc::SetBE16(reinterpret_cast<uint8_t*>(rtp_packet_) + 2, seqnum_small + 1); 754 EXPECT_TRUE(s1_.ProtectRtp(rtp_packet_, rtp_len_, sizeof(rtp_packet_), 755 &out_len)); 756 } 757 758 class SrtpStatTest 759 : public testing::Test, 760 public sigslot::has_slots<> { 761 public: 762 SrtpStatTest() 763 : ssrc_(0U), 764 mode_(-1), 765 error_(cricket::SrtpFilter::ERROR_NONE) { 766 srtp_stat_.SignalSrtpError.connect(this, &SrtpStatTest::OnSrtpError); 767 srtp_stat_.set_signal_silent_time(200); 768 } 769 770 protected: 771 void OnSrtpError(uint32_t ssrc, 772 cricket::SrtpFilter::Mode mode, 773 cricket::SrtpFilter::Error error) { 774 ssrc_ = ssrc; 775 mode_ = mode; 776 error_ = error; 777 } 778 void Reset() { 779 ssrc_ = 0U; 780 mode_ = -1; 781 error_ = cricket::SrtpFilter::ERROR_NONE; 782 } 783 784 cricket::SrtpStat srtp_stat_; 785 uint32_t ssrc_; 786 int mode_; 787 cricket::SrtpFilter::Error error_; 788 789 private: 790 RTC_DISALLOW_COPY_AND_ASSIGN(SrtpStatTest); 791 }; 792 793 TEST_F(SrtpStatTest, TestProtectRtpError) { 794 Reset(); 795 srtp_stat_.AddProtectRtpResult(1, err_status_ok); 796 EXPECT_EQ(0U, ssrc_); 797 EXPECT_EQ(-1, mode_); 798 EXPECT_EQ(cricket::SrtpFilter::ERROR_NONE, error_); 799 Reset(); 800 srtp_stat_.AddProtectRtpResult(1, err_status_auth_fail); 801 EXPECT_EQ(1U, ssrc_); 802 EXPECT_EQ(cricket::SrtpFilter::PROTECT, mode_); 803 EXPECT_EQ(cricket::SrtpFilter::ERROR_AUTH, error_); 804 Reset(); 805 srtp_stat_.AddProtectRtpResult(1, err_status_fail); 806 EXPECT_EQ(1U, ssrc_); 807 EXPECT_EQ(cricket::SrtpFilter::PROTECT, mode_); 808 EXPECT_EQ(cricket::SrtpFilter::ERROR_FAIL, error_); 809 // Within 200ms, the error will not be triggered. 810 Reset(); 811 srtp_stat_.AddProtectRtpResult(1, err_status_fail); 812 EXPECT_EQ(0U, ssrc_); 813 EXPECT_EQ(-1, mode_); 814 EXPECT_EQ(cricket::SrtpFilter::ERROR_NONE, error_); 815 // Now the error will be triggered again. 816 Reset(); 817 rtc::Thread::Current()->SleepMs(210); 818 srtp_stat_.AddProtectRtpResult(1, err_status_fail); 819 EXPECT_EQ(1U, ssrc_); 820 EXPECT_EQ(cricket::SrtpFilter::PROTECT, mode_); 821 EXPECT_EQ(cricket::SrtpFilter::ERROR_FAIL, error_); 822 } 823 824 TEST_F(SrtpStatTest, TestUnprotectRtpError) { 825 Reset(); 826 srtp_stat_.AddUnprotectRtpResult(1, err_status_ok); 827 EXPECT_EQ(0U, ssrc_); 828 EXPECT_EQ(-1, mode_); 829 EXPECT_EQ(cricket::SrtpFilter::ERROR_NONE, error_); 830 Reset(); 831 srtp_stat_.AddUnprotectRtpResult(1, err_status_auth_fail); 832 EXPECT_EQ(1U, ssrc_); 833 EXPECT_EQ(cricket::SrtpFilter::UNPROTECT, mode_); 834 EXPECT_EQ(cricket::SrtpFilter::ERROR_AUTH, error_); 835 Reset(); 836 srtp_stat_.AddUnprotectRtpResult(1, err_status_replay_fail); 837 EXPECT_EQ(1U, ssrc_); 838 EXPECT_EQ(cricket::SrtpFilter::UNPROTECT, mode_); 839 EXPECT_EQ(cricket::SrtpFilter::ERROR_REPLAY, error_); 840 Reset(); 841 rtc::Thread::Current()->SleepMs(210); 842 srtp_stat_.AddUnprotectRtpResult(1, err_status_replay_old); 843 EXPECT_EQ(1U, ssrc_); 844 EXPECT_EQ(cricket::SrtpFilter::UNPROTECT, mode_); 845 EXPECT_EQ(cricket::SrtpFilter::ERROR_REPLAY, error_); 846 Reset(); 847 srtp_stat_.AddUnprotectRtpResult(1, err_status_fail); 848 EXPECT_EQ(1U, ssrc_); 849 EXPECT_EQ(cricket::SrtpFilter::UNPROTECT, mode_); 850 EXPECT_EQ(cricket::SrtpFilter::ERROR_FAIL, error_); 851 // Within 200ms, the error will not be triggered. 852 Reset(); 853 srtp_stat_.AddUnprotectRtpResult(1, err_status_fail); 854 EXPECT_EQ(0U, ssrc_); 855 EXPECT_EQ(-1, mode_); 856 EXPECT_EQ(cricket::SrtpFilter::ERROR_NONE, error_); 857 // Now the error will be triggered again. 858 Reset(); 859 rtc::Thread::Current()->SleepMs(210); 860 srtp_stat_.AddUnprotectRtpResult(1, err_status_fail); 861 EXPECT_EQ(1U, ssrc_); 862 EXPECT_EQ(cricket::SrtpFilter::UNPROTECT, mode_); 863 EXPECT_EQ(cricket::SrtpFilter::ERROR_FAIL, error_); 864 } 865 866 TEST_F(SrtpStatTest, TestProtectRtcpError) { 867 Reset(); 868 srtp_stat_.AddProtectRtcpResult(err_status_ok); 869 EXPECT_EQ(-1, mode_); 870 EXPECT_EQ(cricket::SrtpFilter::ERROR_NONE, error_); 871 Reset(); 872 srtp_stat_.AddProtectRtcpResult(err_status_auth_fail); 873 EXPECT_EQ(cricket::SrtpFilter::PROTECT, mode_); 874 EXPECT_EQ(cricket::SrtpFilter::ERROR_AUTH, error_); 875 Reset(); 876 srtp_stat_.AddProtectRtcpResult(err_status_fail); 877 EXPECT_EQ(cricket::SrtpFilter::PROTECT, mode_); 878 EXPECT_EQ(cricket::SrtpFilter::ERROR_FAIL, error_); 879 // Within 200ms, the error will not be triggered. 880 Reset(); 881 srtp_stat_.AddProtectRtcpResult(err_status_fail); 882 EXPECT_EQ(-1, mode_); 883 EXPECT_EQ(cricket::SrtpFilter::ERROR_NONE, error_); 884 // Now the error will be triggered again. 885 Reset(); 886 rtc::Thread::Current()->SleepMs(210); 887 srtp_stat_.AddProtectRtcpResult(err_status_fail); 888 EXPECT_EQ(cricket::SrtpFilter::PROTECT, mode_); 889 EXPECT_EQ(cricket::SrtpFilter::ERROR_FAIL, error_); 890 } 891 892 TEST_F(SrtpStatTest, TestUnprotectRtcpError) { 893 Reset(); 894 srtp_stat_.AddUnprotectRtcpResult(err_status_ok); 895 EXPECT_EQ(-1, mode_); 896 EXPECT_EQ(cricket::SrtpFilter::ERROR_NONE, error_); 897 Reset(); 898 srtp_stat_.AddUnprotectRtcpResult(err_status_auth_fail); 899 EXPECT_EQ(cricket::SrtpFilter::UNPROTECT, mode_); 900 EXPECT_EQ(cricket::SrtpFilter::ERROR_AUTH, error_); 901 Reset(); 902 srtp_stat_.AddUnprotectRtcpResult(err_status_replay_fail); 903 EXPECT_EQ(cricket::SrtpFilter::UNPROTECT, mode_); 904 EXPECT_EQ(cricket::SrtpFilter::ERROR_REPLAY, error_); 905 Reset(); 906 rtc::Thread::Current()->SleepMs(210); 907 srtp_stat_.AddUnprotectRtcpResult(err_status_replay_fail); 908 EXPECT_EQ(cricket::SrtpFilter::UNPROTECT, mode_); 909 EXPECT_EQ(cricket::SrtpFilter::ERROR_REPLAY, error_); 910 Reset(); 911 srtp_stat_.AddUnprotectRtcpResult(err_status_fail); 912 EXPECT_EQ(cricket::SrtpFilter::UNPROTECT, mode_); 913 EXPECT_EQ(cricket::SrtpFilter::ERROR_FAIL, error_); 914 // Within 200ms, the error will not be triggered. 915 Reset(); 916 srtp_stat_.AddUnprotectRtcpResult(err_status_fail); 917 EXPECT_EQ(-1, mode_); 918 EXPECT_EQ(cricket::SrtpFilter::ERROR_NONE, error_); 919 // Now the error will be triggered again. 920 Reset(); 921 rtc::Thread::Current()->SleepMs(210); 922 srtp_stat_.AddUnprotectRtcpResult(err_status_fail); 923 EXPECT_EQ(cricket::SrtpFilter::UNPROTECT, mode_); 924 EXPECT_EQ(cricket::SrtpFilter::ERROR_FAIL, error_); 925 } 926
