Gitiles
Code Review Sign In
gerrit.openfyde.cn / webrtc.googlesource.com / src / 10542f21c8e4e2d60b136fab45338f2b1e132dde / . / pc / srtp_session_unittest.cc
blob: dc0be624eb7a02d14690445619e58889ed2c42ef [file] [log] [blame]
zstein4dde3df2017-07-07 14:26:25 -0700[diff] [blame]1/*
2 * Copyright 2004 The WebRTC project authors. All Rights Reserved.
3 *
4 * Use of this source code is governed by a BSD-style license
5 * that can be found in the LICENSE file in the root of the source
6 * tree. An additional intellectual property rights grant can be found
7 * in the file PATENTS. All contributing project authors may
8 * be found in the AUTHORS file in the root of the source tree.
9 */
10
Steve Anton10542f22019-01-11 09:11:00 -0800[diff] [blame^]11#include "pc/srtp_session.h"
zstein4dde3df2017-07-07 14:26:25 -0700[diff] [blame]12
Yves Gerey3e707812018-11-28 16:47:49 +0100[diff] [blame]13#include <string.h>
zstein4dde3df2017-07-07 14:26:25 -0700[diff] [blame]14#include <string>
15
Steve Anton10542f22019-01-11 09:11:00 -0800[diff] [blame^]16#include "media/base/fake_rtp.h"
17#include "pc/test/srtp_test_util.h"
18#include "rtc_base/byte_order.h"
19#include "rtc_base/ssl_stream_adapter.h" // For rtc::SRTP_*
Mirko Bonadei17f48782018-09-28 08:51:10 +0200[diff] [blame]20#include "system_wrappers/include/metrics.h"
Yves Gerey3e707812018-11-28 16:47:49 +0100[diff] [blame]21#include "test/gtest.h"
Steve Antondb67ba12018-03-19 17:41:42 -0700[diff] [blame]22#include "third_party/libsrtp/include/srtp.h"
zstein4dde3df2017-07-07 14:26:25 -0700[diff] [blame]23
24namespace rtc {
25
Zhi Huangc99b6c72017-11-10 16:44:46 -0800[diff] [blame]26std::vector<int> kEncryptedHeaderExtensionIds;
27
zstein4dde3df2017-07-07 14:26:25 -0700[diff] [blame]28class SrtpSessionTest : public testing::Test {
Qingsi Wang7fc821d2018-07-12 12:54:53 -0700[diff] [blame]29 public:
30 SrtpSessionTest() { webrtc::metrics::Reset(); }
31
zstein4dde3df2017-07-07 14:26:25 -0700[diff] [blame]32 protected:
33 virtual void SetUp() {
34 rtp_len_ = sizeof(kPcmuFrame);
35 rtcp_len_ = sizeof(kRtcpReport);
36 memcpy(rtp_packet_, kPcmuFrame, rtp_len_);
37 memcpy(rtcp_packet_, kRtcpReport, rtcp_len_);
38 }
39 void TestProtectRtp(const std::string& cs) {
40 int out_len = 0;
41 EXPECT_TRUE(
42 s1_.ProtectRtp(rtp_packet_, rtp_len_, sizeof(rtp_packet_), &out_len));
43 EXPECT_EQ(out_len, rtp_len_ + rtp_auth_tag_len(cs));
44 EXPECT_NE(0, memcmp(rtp_packet_, kPcmuFrame, rtp_len_));
45 rtp_len_ = out_len;
46 }
47 void TestProtectRtcp(const std::string& cs) {
48 int out_len = 0;
49 EXPECT_TRUE(s1_.ProtectRtcp(rtcp_packet_, rtcp_len_, sizeof(rtcp_packet_),
50 &out_len));
51 EXPECT_EQ(out_len, rtcp_len_ + 4 + rtcp_auth_tag_len(cs)); // NOLINT
52 EXPECT_NE(0, memcmp(rtcp_packet_, kRtcpReport, rtcp_len_));
53 rtcp_len_ = out_len;
54 }
55 void TestUnprotectRtp(const std::string& cs) {
56 int out_len = 0, expected_len = sizeof(kPcmuFrame);
57 EXPECT_TRUE(s2_.UnprotectRtp(rtp_packet_, rtp_len_, &out_len));
58 EXPECT_EQ(expected_len, out_len);
59 EXPECT_EQ(0, memcmp(rtp_packet_, kPcmuFrame, out_len));
60 }
61 void TestUnprotectRtcp(const std::string& cs) {
62 int out_len = 0, expected_len = sizeof(kRtcpReport);
63 EXPECT_TRUE(s2_.UnprotectRtcp(rtcp_packet_, rtcp_len_, &out_len));
64 EXPECT_EQ(expected_len, out_len);
65 EXPECT_EQ(0, memcmp(rtcp_packet_, kRtcpReport, out_len));
66 }
67 cricket::SrtpSession s1_;
68 cricket::SrtpSession s2_;
69 char rtp_packet_[sizeof(kPcmuFrame) + 10];
70 char rtcp_packet_[sizeof(kRtcpReport) + 4 + 10];
71 int rtp_len_;
72 int rtcp_len_;
73};
74
75// Test that we can set up the session and keys properly.
76TEST_F(SrtpSessionTest, TestGoodSetup) {
Zhi Huangc99b6c72017-11-10 16:44:46 -0800[diff] [blame]77 EXPECT_TRUE(s1_.SetSend(SRTP_AES128_CM_SHA1_80, kTestKey1, kTestKeyLen,
78 kEncryptedHeaderExtensionIds));
79 EXPECT_TRUE(s2_.SetRecv(SRTP_AES128_CM_SHA1_80, kTestKey1, kTestKeyLen,
80 kEncryptedHeaderExtensionIds));
zstein4dde3df2017-07-07 14:26:25 -0700[diff] [blame]81}
82
83// Test that we can't change the keys once set.
84TEST_F(SrtpSessionTest, TestBadSetup) {
Zhi Huangc99b6c72017-11-10 16:44:46 -0800[diff] [blame]85 EXPECT_TRUE(s1_.SetSend(SRTP_AES128_CM_SHA1_80, kTestKey1, kTestKeyLen,
86 kEncryptedHeaderExtensionIds));
87 EXPECT_TRUE(s2_.SetRecv(SRTP_AES128_CM_SHA1_80, kTestKey1, kTestKeyLen,
88 kEncryptedHeaderExtensionIds));
89 EXPECT_FALSE(s1_.SetSend(SRTP_AES128_CM_SHA1_80, kTestKey2, kTestKeyLen,
90 kEncryptedHeaderExtensionIds));
91 EXPECT_FALSE(s2_.SetRecv(SRTP_AES128_CM_SHA1_80, kTestKey2, kTestKeyLen,
92 kEncryptedHeaderExtensionIds));
zstein4dde3df2017-07-07 14:26:25 -0700[diff] [blame]93}
94
95// Test that we fail keys of the wrong length.
96TEST_F(SrtpSessionTest, TestKeysTooShort) {
Zhi Huangc99b6c72017-11-10 16:44:46 -0800[diff] [blame]97 EXPECT_FALSE(s1_.SetSend(SRTP_AES128_CM_SHA1_80, kTestKey1, 1,
98 kEncryptedHeaderExtensionIds));
99 EXPECT_FALSE(s2_.SetRecv(SRTP_AES128_CM_SHA1_80, kTestKey1, 1,
100 kEncryptedHeaderExtensionIds));
zstein4dde3df2017-07-07 14:26:25 -0700[diff] [blame]101}
102
103// Test that we can encrypt and decrypt RTP/RTCP using AES_CM_128_HMAC_SHA1_80.
104TEST_F(SrtpSessionTest, TestProtect_AES_CM_128_HMAC_SHA1_80) {
Zhi Huangc99b6c72017-11-10 16:44:46 -0800[diff] [blame]105 EXPECT_TRUE(s1_.SetSend(SRTP_AES128_CM_SHA1_80, kTestKey1, kTestKeyLen,
106 kEncryptedHeaderExtensionIds));
107 EXPECT_TRUE(s2_.SetRecv(SRTP_AES128_CM_SHA1_80, kTestKey1, kTestKeyLen,
108 kEncryptedHeaderExtensionIds));
zstein4dde3df2017-07-07 14:26:25 -0700[diff] [blame]109 TestProtectRtp(CS_AES_CM_128_HMAC_SHA1_80);
110 TestProtectRtcp(CS_AES_CM_128_HMAC_SHA1_80);
111 TestUnprotectRtp(CS_AES_CM_128_HMAC_SHA1_80);
112 TestUnprotectRtcp(CS_AES_CM_128_HMAC_SHA1_80);
113}
114
115// Test that we can encrypt and decrypt RTP/RTCP using AES_CM_128_HMAC_SHA1_32.
116TEST_F(SrtpSessionTest, TestProtect_AES_CM_128_HMAC_SHA1_32) {
Zhi Huangc99b6c72017-11-10 16:44:46 -0800[diff] [blame]117 EXPECT_TRUE(s1_.SetSend(SRTP_AES128_CM_SHA1_32, kTestKey1, kTestKeyLen,
118 kEncryptedHeaderExtensionIds));
119 EXPECT_TRUE(s2_.SetRecv(SRTP_AES128_CM_SHA1_32, kTestKey1, kTestKeyLen,
120 kEncryptedHeaderExtensionIds));
zstein4dde3df2017-07-07 14:26:25 -0700[diff] [blame]121 TestProtectRtp(CS_AES_CM_128_HMAC_SHA1_32);
122 TestProtectRtcp(CS_AES_CM_128_HMAC_SHA1_32);
123 TestUnprotectRtp(CS_AES_CM_128_HMAC_SHA1_32);
124 TestUnprotectRtcp(CS_AES_CM_128_HMAC_SHA1_32);
125}
126
127TEST_F(SrtpSessionTest, TestGetSendStreamPacketIndex) {
Zhi Huangc99b6c72017-11-10 16:44:46 -0800[diff] [blame]128 EXPECT_TRUE(s1_.SetSend(SRTP_AES128_CM_SHA1_32, kTestKey1, kTestKeyLen,
129 kEncryptedHeaderExtensionIds));
zstein4dde3df2017-07-07 14:26:25 -0700[diff] [blame]130 int64_t index;
131 int out_len = 0;
132 EXPECT_TRUE(s1_.ProtectRtp(rtp_packet_, rtp_len_, sizeof(rtp_packet_),
133 &out_len, &index));
134 // |index| will be shifted by 16.
135 int64_t be64_index = static_cast<int64_t>(NetworkToHost64(1 << 16));
136 EXPECT_EQ(be64_index, index);
137}
138
139// Test that we fail to unprotect if someone tampers with the RTP/RTCP paylaods.
140TEST_F(SrtpSessionTest, TestTamperReject) {
141 int out_len;
Zhi Huangc99b6c72017-11-10 16:44:46 -0800[diff] [blame]142 EXPECT_TRUE(s1_.SetSend(SRTP_AES128_CM_SHA1_80, kTestKey1, kTestKeyLen,
143 kEncryptedHeaderExtensionIds));
144 EXPECT_TRUE(s2_.SetRecv(SRTP_AES128_CM_SHA1_80, kTestKey1, kTestKeyLen,
145 kEncryptedHeaderExtensionIds));
zstein4dde3df2017-07-07 14:26:25 -0700[diff] [blame]146 TestProtectRtp(CS_AES_CM_128_HMAC_SHA1_80);
147 TestProtectRtcp(CS_AES_CM_128_HMAC_SHA1_80);
148 rtp_packet_[0] = 0x12;
149 rtcp_packet_[1] = 0x34;
150 EXPECT_FALSE(s2_.UnprotectRtp(rtp_packet_, rtp_len_, &out_len));
Qingsi Wang7fc821d2018-07-12 12:54:53 -0700[diff] [blame]151 EXPECT_EQ(1, webrtc::metrics::NumSamples(
152 "WebRTC.PeerConnection.SrtpUnprotectError"));
153 EXPECT_EQ(
154 1, webrtc::metrics::NumEvents("WebRTC.PeerConnection.SrtpUnprotectError",
155 srtp_err_status_bad_param));
zstein4dde3df2017-07-07 14:26:25 -0700[diff] [blame]156 EXPECT_FALSE(s2_.UnprotectRtcp(rtcp_packet_, rtcp_len_, &out_len));
Qingsi Wang7fc821d2018-07-12 12:54:53 -0700[diff] [blame]157 EXPECT_EQ(1, webrtc::metrics::NumSamples(
158 "WebRTC.PeerConnection.SrtcpUnprotectError"));
159 EXPECT_EQ(
160 1, webrtc::metrics::NumEvents("WebRTC.PeerConnection.SrtcpUnprotectError",
161 srtp_err_status_auth_fail));
zstein4dde3df2017-07-07 14:26:25 -0700[diff] [blame]162}
163
164// Test that we fail to unprotect if the payloads are not authenticated.
165TEST_F(SrtpSessionTest, TestUnencryptReject) {
166 int out_len;
Zhi Huangc99b6c72017-11-10 16:44:46 -0800[diff] [blame]167 EXPECT_TRUE(s1_.SetSend(SRTP_AES128_CM_SHA1_80, kTestKey1, kTestKeyLen,
168 kEncryptedHeaderExtensionIds));
169 EXPECT_TRUE(s2_.SetRecv(SRTP_AES128_CM_SHA1_80, kTestKey1, kTestKeyLen,
170 kEncryptedHeaderExtensionIds));
zstein4dde3df2017-07-07 14:26:25 -0700[diff] [blame]171 EXPECT_FALSE(s2_.UnprotectRtp(rtp_packet_, rtp_len_, &out_len));
Qingsi Wang7fc821d2018-07-12 12:54:53 -0700[diff] [blame]172 EXPECT_EQ(1, webrtc::metrics::NumSamples(
173 "WebRTC.PeerConnection.SrtpUnprotectError"));
174 EXPECT_EQ(
175 1, webrtc::metrics::NumEvents("WebRTC.PeerConnection.SrtpUnprotectError",
176 srtp_err_status_auth_fail));
zstein4dde3df2017-07-07 14:26:25 -0700[diff] [blame]177 EXPECT_FALSE(s2_.UnprotectRtcp(rtcp_packet_, rtcp_len_, &out_len));
Qingsi Wang7fc821d2018-07-12 12:54:53 -0700[diff] [blame]178 EXPECT_EQ(1, webrtc::metrics::NumSamples(
179 "WebRTC.PeerConnection.SrtcpUnprotectError"));
180 EXPECT_EQ(
181 1, webrtc::metrics::NumEvents("WebRTC.PeerConnection.SrtcpUnprotectError",
182 srtp_err_status_cant_check));
zstein4dde3df2017-07-07 14:26:25 -0700[diff] [blame]183}
184
185// Test that we fail when using buffers that are too small.
186TEST_F(SrtpSessionTest, TestBuffersTooSmall) {
187 int out_len;
Zhi Huangc99b6c72017-11-10 16:44:46 -0800[diff] [blame]188 EXPECT_TRUE(s1_.SetSend(SRTP_AES128_CM_SHA1_80, kTestKey1, kTestKeyLen,
189 kEncryptedHeaderExtensionIds));
zstein4dde3df2017-07-07 14:26:25 -0700[diff] [blame]190 EXPECT_FALSE(s1_.ProtectRtp(rtp_packet_, rtp_len_, sizeof(rtp_packet_) - 10,
191 &out_len));
192 EXPECT_FALSE(s1_.ProtectRtcp(rtcp_packet_, rtcp_len_,
193 sizeof(rtcp_packet_) - 14, &out_len));
194}
195
196TEST_F(SrtpSessionTest, TestReplay) {
197 static const uint16_t kMaxSeqnum = static_cast<uint16_t>(-1);
198 static const uint16_t seqnum_big = 62275;
199 static const uint16_t seqnum_small = 10;
200 static const uint16_t replay_window = 1024;
201 int out_len;
202
Zhi Huangc99b6c72017-11-10 16:44:46 -0800[diff] [blame]203 EXPECT_TRUE(s1_.SetSend(SRTP_AES128_CM_SHA1_80, kTestKey1, kTestKeyLen,
204 kEncryptedHeaderExtensionIds));
205 EXPECT_TRUE(s2_.SetRecv(SRTP_AES128_CM_SHA1_80, kTestKey1, kTestKeyLen,
206 kEncryptedHeaderExtensionIds));
zstein4dde3df2017-07-07 14:26:25 -0700[diff] [blame]207
208 // Initial sequence number.
209 SetBE16(reinterpret_cast<uint8_t*>(rtp_packet_) + 2, seqnum_big);
210 EXPECT_TRUE(
211 s1_.ProtectRtp(rtp_packet_, rtp_len_, sizeof(rtp_packet_), &out_len));
212
213 // Replay within the 1024 window should succeed.
214 SetBE16(reinterpret_cast<uint8_t*>(rtp_packet_) + 2,
215 seqnum_big - replay_window + 1);
216 EXPECT_TRUE(
217 s1_.ProtectRtp(rtp_packet_, rtp_len_, sizeof(rtp_packet_), &out_len));
218
219 // Replay out side of the 1024 window should fail.
220 SetBE16(reinterpret_cast<uint8_t*>(rtp_packet_) + 2,
221 seqnum_big - replay_window - 1);
222 EXPECT_FALSE(
223 s1_.ProtectRtp(rtp_packet_, rtp_len_, sizeof(rtp_packet_), &out_len));
224
225 // Increment sequence number to a small number.
226 SetBE16(reinterpret_cast<uint8_t*>(rtp_packet_) + 2, seqnum_small);
227 EXPECT_TRUE(
228 s1_.ProtectRtp(rtp_packet_, rtp_len_, sizeof(rtp_packet_), &out_len));
229
230 // Replay around 0 but out side of the 1024 window should fail.
231 SetBE16(reinterpret_cast<uint8_t*>(rtp_packet_) + 2,
232 kMaxSeqnum + seqnum_small - replay_window - 1);
233 EXPECT_FALSE(
234 s1_.ProtectRtp(rtp_packet_, rtp_len_, sizeof(rtp_packet_), &out_len));
235
236 // Replay around 0 but within the 1024 window should succeed.
237 for (uint16_t seqnum = 65000; seqnum < 65003; ++seqnum) {
238 SetBE16(reinterpret_cast<uint8_t*>(rtp_packet_) + 2, seqnum);
239 EXPECT_TRUE(
240 s1_.ProtectRtp(rtp_packet_, rtp_len_, sizeof(rtp_packet_), &out_len));
241 }
242
243 // Go back to normal sequence nubmer.
244 // NOTE: without the fix in libsrtp, this would fail. This is because
245 // without the fix, the loop above would keep incrementing local sequence
246 // number in libsrtp, eventually the new sequence number would go out side
247 // of the window.
248 SetBE16(reinterpret_cast<uint8_t*>(rtp_packet_) + 2, seqnum_small + 1);
249 EXPECT_TRUE(
250 s1_.ProtectRtp(rtp_packet_, rtp_len_, sizeof(rtp_packet_), &out_len));
251}
252
253} // namespace rtc