Gitiles
Code Review Sign In
gerrit.openfyde.cn / webrtc.googlesource.com / src / a857698d549df4977d38555af220e7839e484cfc / . / pc / srtp_session_unittest.cc
blob: 8ca5997f7a1694f5b671aeac7f854600a9cda56b [file] [log] [blame]
zstein4dde3df2017-07-07 14:26:25 -0700[diff] [blame]1/*
2 * Copyright 2004 The WebRTC project authors. All Rights Reserved.
3 *
4 * Use of this source code is governed by a BSD-style license
5 * that can be found in the LICENSE file in the root of the source
6 * tree. An additional intellectual property rights grant can be found
7 * in the file PATENTS. All contributing project authors may
8 * be found in the AUTHORS file in the root of the source tree.
9 */
10
Steve Anton10542f22019-01-11 09:11:00 -0800[diff] [blame]11#include "pc/srtp_session.h"
zstein4dde3df2017-07-07 14:26:25 -0700[diff] [blame]12
Yves Gerey3e707812018-11-28 16:47:49 +0100[diff] [blame]13#include <string.h>
zstein4dde3df2017-07-07 14:26:25 -0700[diff] [blame]14#include <string>
15
Steve Anton10542f22019-01-11 09:11:00 -0800[diff] [blame]16#include "media/base/fake_rtp.h"
17#include "pc/test/srtp_test_util.h"
18#include "rtc_base/byte_order.h"
19#include "rtc_base/ssl_stream_adapter.h" // For rtc::SRTP_*
Mirko Bonadei17f48782018-09-28 08:51:10 +0200[diff] [blame]20#include "system_wrappers/include/metrics.h"
Steve Antonb443dfe2019-03-05 14:09:49 -0800[diff] [blame]21#include "test/gmock.h"
Yves Gerey3e707812018-11-28 16:47:49 +0100[diff] [blame]22#include "test/gtest.h"
Steve Antondb67ba12018-03-19 17:41:42 -0700[diff] [blame]23#include "third_party/libsrtp/include/srtp.h"
zstein4dde3df2017-07-07 14:26:25 -0700[diff] [blame]24
Steve Antonb443dfe2019-03-05 14:09:49 -0800[diff] [blame]25using ::testing::ElementsAre;
26using ::testing::Pair;
27
zstein4dde3df2017-07-07 14:26:25 -0700[diff] [blame]28namespace rtc {
29
Zhi Huangc99b6c72017-11-10 16:44:46 -0800[diff] [blame]30std::vector<int> kEncryptedHeaderExtensionIds;
31
zstein4dde3df2017-07-07 14:26:25 -0700[diff] [blame]32class SrtpSessionTest : public testing::Test {
Qingsi Wang7fc821d2018-07-12 12:54:53 -0700[diff] [blame]33 public:
34 SrtpSessionTest() { webrtc::metrics::Reset(); }
35
zstein4dde3df2017-07-07 14:26:25 -0700[diff] [blame]36 protected:
37 virtual void SetUp() {
38 rtp_len_ = sizeof(kPcmuFrame);
39 rtcp_len_ = sizeof(kRtcpReport);
40 memcpy(rtp_packet_, kPcmuFrame, rtp_len_);
41 memcpy(rtcp_packet_, kRtcpReport, rtcp_len_);
42 }
43 void TestProtectRtp(const std::string& cs) {
44 int out_len = 0;
45 EXPECT_TRUE(
46 s1_.ProtectRtp(rtp_packet_, rtp_len_, sizeof(rtp_packet_), &out_len));
47 EXPECT_EQ(out_len, rtp_len_ + rtp_auth_tag_len(cs));
48 EXPECT_NE(0, memcmp(rtp_packet_, kPcmuFrame, rtp_len_));
49 rtp_len_ = out_len;
50 }
51 void TestProtectRtcp(const std::string& cs) {
52 int out_len = 0;
53 EXPECT_TRUE(s1_.ProtectRtcp(rtcp_packet_, rtcp_len_, sizeof(rtcp_packet_),
54 &out_len));
55 EXPECT_EQ(out_len, rtcp_len_ + 4 + rtcp_auth_tag_len(cs)); // NOLINT
56 EXPECT_NE(0, memcmp(rtcp_packet_, kRtcpReport, rtcp_len_));
57 rtcp_len_ = out_len;
58 }
59 void TestUnprotectRtp(const std::string& cs) {
60 int out_len = 0, expected_len = sizeof(kPcmuFrame);
61 EXPECT_TRUE(s2_.UnprotectRtp(rtp_packet_, rtp_len_, &out_len));
62 EXPECT_EQ(expected_len, out_len);
63 EXPECT_EQ(0, memcmp(rtp_packet_, kPcmuFrame, out_len));
64 }
65 void TestUnprotectRtcp(const std::string& cs) {
66 int out_len = 0, expected_len = sizeof(kRtcpReport);
67 EXPECT_TRUE(s2_.UnprotectRtcp(rtcp_packet_, rtcp_len_, &out_len));
68 EXPECT_EQ(expected_len, out_len);
69 EXPECT_EQ(0, memcmp(rtcp_packet_, kRtcpReport, out_len));
70 }
71 cricket::SrtpSession s1_;
72 cricket::SrtpSession s2_;
73 char rtp_packet_[sizeof(kPcmuFrame) + 10];
74 char rtcp_packet_[sizeof(kRtcpReport) + 4 + 10];
75 int rtp_len_;
76 int rtcp_len_;
77};
78
79// Test that we can set up the session and keys properly.
80TEST_F(SrtpSessionTest, TestGoodSetup) {
Zhi Huangc99b6c72017-11-10 16:44:46 -0800[diff] [blame]81 EXPECT_TRUE(s1_.SetSend(SRTP_AES128_CM_SHA1_80, kTestKey1, kTestKeyLen,
82 kEncryptedHeaderExtensionIds));
83 EXPECT_TRUE(s2_.SetRecv(SRTP_AES128_CM_SHA1_80, kTestKey1, kTestKeyLen,
84 kEncryptedHeaderExtensionIds));
zstein4dde3df2017-07-07 14:26:25 -0700[diff] [blame]85}
86
87// Test that we can't change the keys once set.
88TEST_F(SrtpSessionTest, TestBadSetup) {
Zhi Huangc99b6c72017-11-10 16:44:46 -0800[diff] [blame]89 EXPECT_TRUE(s1_.SetSend(SRTP_AES128_CM_SHA1_80, kTestKey1, kTestKeyLen,
90 kEncryptedHeaderExtensionIds));
91 EXPECT_TRUE(s2_.SetRecv(SRTP_AES128_CM_SHA1_80, kTestKey1, kTestKeyLen,
92 kEncryptedHeaderExtensionIds));
93 EXPECT_FALSE(s1_.SetSend(SRTP_AES128_CM_SHA1_80, kTestKey2, kTestKeyLen,
94 kEncryptedHeaderExtensionIds));
95 EXPECT_FALSE(s2_.SetRecv(SRTP_AES128_CM_SHA1_80, kTestKey2, kTestKeyLen,
96 kEncryptedHeaderExtensionIds));
zstein4dde3df2017-07-07 14:26:25 -0700[diff] [blame]97}
98
99// Test that we fail keys of the wrong length.
100TEST_F(SrtpSessionTest, TestKeysTooShort) {
Zhi Huangc99b6c72017-11-10 16:44:46 -0800[diff] [blame]101 EXPECT_FALSE(s1_.SetSend(SRTP_AES128_CM_SHA1_80, kTestKey1, 1,
102 kEncryptedHeaderExtensionIds));
103 EXPECT_FALSE(s2_.SetRecv(SRTP_AES128_CM_SHA1_80, kTestKey1, 1,
104 kEncryptedHeaderExtensionIds));
zstein4dde3df2017-07-07 14:26:25 -0700[diff] [blame]105}
106
107// Test that we can encrypt and decrypt RTP/RTCP using AES_CM_128_HMAC_SHA1_80.
108TEST_F(SrtpSessionTest, TestProtect_AES_CM_128_HMAC_SHA1_80) {
Zhi Huangc99b6c72017-11-10 16:44:46 -0800[diff] [blame]109 EXPECT_TRUE(s1_.SetSend(SRTP_AES128_CM_SHA1_80, kTestKey1, kTestKeyLen,
110 kEncryptedHeaderExtensionIds));
111 EXPECT_TRUE(s2_.SetRecv(SRTP_AES128_CM_SHA1_80, kTestKey1, kTestKeyLen,
112 kEncryptedHeaderExtensionIds));
zstein4dde3df2017-07-07 14:26:25 -0700[diff] [blame]113 TestProtectRtp(CS_AES_CM_128_HMAC_SHA1_80);
114 TestProtectRtcp(CS_AES_CM_128_HMAC_SHA1_80);
115 TestUnprotectRtp(CS_AES_CM_128_HMAC_SHA1_80);
116 TestUnprotectRtcp(CS_AES_CM_128_HMAC_SHA1_80);
117}
118
119// Test that we can encrypt and decrypt RTP/RTCP using AES_CM_128_HMAC_SHA1_32.
120TEST_F(SrtpSessionTest, TestProtect_AES_CM_128_HMAC_SHA1_32) {
Zhi Huangc99b6c72017-11-10 16:44:46 -0800[diff] [blame]121 EXPECT_TRUE(s1_.SetSend(SRTP_AES128_CM_SHA1_32, kTestKey1, kTestKeyLen,
122 kEncryptedHeaderExtensionIds));
123 EXPECT_TRUE(s2_.SetRecv(SRTP_AES128_CM_SHA1_32, kTestKey1, kTestKeyLen,
124 kEncryptedHeaderExtensionIds));
zstein4dde3df2017-07-07 14:26:25 -0700[diff] [blame]125 TestProtectRtp(CS_AES_CM_128_HMAC_SHA1_32);
126 TestProtectRtcp(CS_AES_CM_128_HMAC_SHA1_32);
127 TestUnprotectRtp(CS_AES_CM_128_HMAC_SHA1_32);
128 TestUnprotectRtcp(CS_AES_CM_128_HMAC_SHA1_32);
129}
130
131TEST_F(SrtpSessionTest, TestGetSendStreamPacketIndex) {
Zhi Huangc99b6c72017-11-10 16:44:46 -0800[diff] [blame]132 EXPECT_TRUE(s1_.SetSend(SRTP_AES128_CM_SHA1_32, kTestKey1, kTestKeyLen,
133 kEncryptedHeaderExtensionIds));
zstein4dde3df2017-07-07 14:26:25 -0700[diff] [blame]134 int64_t index;
135 int out_len = 0;
136 EXPECT_TRUE(s1_.ProtectRtp(rtp_packet_, rtp_len_, sizeof(rtp_packet_),
137 &out_len, &index));
138 // |index| will be shifted by 16.
139 int64_t be64_index = static_cast<int64_t>(NetworkToHost64(1 << 16));
140 EXPECT_EQ(be64_index, index);
141}
142
143// Test that we fail to unprotect if someone tampers with the RTP/RTCP paylaods.
144TEST_F(SrtpSessionTest, TestTamperReject) {
145 int out_len;
Zhi Huangc99b6c72017-11-10 16:44:46 -0800[diff] [blame]146 EXPECT_TRUE(s1_.SetSend(SRTP_AES128_CM_SHA1_80, kTestKey1, kTestKeyLen,
147 kEncryptedHeaderExtensionIds));
148 EXPECT_TRUE(s2_.SetRecv(SRTP_AES128_CM_SHA1_80, kTestKey1, kTestKeyLen,
149 kEncryptedHeaderExtensionIds));
zstein4dde3df2017-07-07 14:26:25 -0700[diff] [blame]150 TestProtectRtp(CS_AES_CM_128_HMAC_SHA1_80);
151 TestProtectRtcp(CS_AES_CM_128_HMAC_SHA1_80);
152 rtp_packet_[0] = 0x12;
153 rtcp_packet_[1] = 0x34;
154 EXPECT_FALSE(s2_.UnprotectRtp(rtp_packet_, rtp_len_, &out_len));
Steve Antonb443dfe2019-03-05 14:09:49 -0800[diff] [blame]155 EXPECT_THAT(
156 webrtc::metrics::Samples("WebRTC.PeerConnection.SrtpUnprotectError"),
157 ElementsAre(Pair(srtp_err_status_bad_param, 1)));
zstein4dde3df2017-07-07 14:26:25 -0700[diff] [blame]158 EXPECT_FALSE(s2_.UnprotectRtcp(rtcp_packet_, rtcp_len_, &out_len));
Steve Antonb443dfe2019-03-05 14:09:49 -0800[diff] [blame]159 EXPECT_THAT(
160 webrtc::metrics::Samples("WebRTC.PeerConnection.SrtcpUnprotectError"),
161 ElementsAre(Pair(srtp_err_status_auth_fail, 1)));
zstein4dde3df2017-07-07 14:26:25 -0700[diff] [blame]162}
163
164// Test that we fail to unprotect if the payloads are not authenticated.
165TEST_F(SrtpSessionTest, TestUnencryptReject) {
166 int out_len;
Zhi Huangc99b6c72017-11-10 16:44:46 -0800[diff] [blame]167 EXPECT_TRUE(s1_.SetSend(SRTP_AES128_CM_SHA1_80, kTestKey1, kTestKeyLen,
168 kEncryptedHeaderExtensionIds));
169 EXPECT_TRUE(s2_.SetRecv(SRTP_AES128_CM_SHA1_80, kTestKey1, kTestKeyLen,
170 kEncryptedHeaderExtensionIds));
zstein4dde3df2017-07-07 14:26:25 -0700[diff] [blame]171 EXPECT_FALSE(s2_.UnprotectRtp(rtp_packet_, rtp_len_, &out_len));
Steve Antonb443dfe2019-03-05 14:09:49 -0800[diff] [blame]172 EXPECT_THAT(
173 webrtc::metrics::Samples("WebRTC.PeerConnection.SrtpUnprotectError"),
174 ElementsAre(Pair(srtp_err_status_auth_fail, 1)));
zstein4dde3df2017-07-07 14:26:25 -0700[diff] [blame]175 EXPECT_FALSE(s2_.UnprotectRtcp(rtcp_packet_, rtcp_len_, &out_len));
Steve Antonb443dfe2019-03-05 14:09:49 -0800[diff] [blame]176 EXPECT_THAT(
177 webrtc::metrics::Samples("WebRTC.PeerConnection.SrtcpUnprotectError"),
178 ElementsAre(Pair(srtp_err_status_cant_check, 1)));
zstein4dde3df2017-07-07 14:26:25 -0700[diff] [blame]179}
180
181// Test that we fail when using buffers that are too small.
182TEST_F(SrtpSessionTest, TestBuffersTooSmall) {
183 int out_len;
Zhi Huangc99b6c72017-11-10 16:44:46 -0800[diff] [blame]184 EXPECT_TRUE(s1_.SetSend(SRTP_AES128_CM_SHA1_80, kTestKey1, kTestKeyLen,
185 kEncryptedHeaderExtensionIds));
zstein4dde3df2017-07-07 14:26:25 -0700[diff] [blame]186 EXPECT_FALSE(s1_.ProtectRtp(rtp_packet_, rtp_len_, sizeof(rtp_packet_) - 10,
187 &out_len));
188 EXPECT_FALSE(s1_.ProtectRtcp(rtcp_packet_, rtcp_len_,
189 sizeof(rtcp_packet_) - 14, &out_len));
190}
191
192TEST_F(SrtpSessionTest, TestReplay) {
193 static const uint16_t kMaxSeqnum = static_cast<uint16_t>(-1);
194 static const uint16_t seqnum_big = 62275;
195 static const uint16_t seqnum_small = 10;
196 static const uint16_t replay_window = 1024;
197 int out_len;
198
Zhi Huangc99b6c72017-11-10 16:44:46 -0800[diff] [blame]199 EXPECT_TRUE(s1_.SetSend(SRTP_AES128_CM_SHA1_80, kTestKey1, kTestKeyLen,
200 kEncryptedHeaderExtensionIds));
201 EXPECT_TRUE(s2_.SetRecv(SRTP_AES128_CM_SHA1_80, kTestKey1, kTestKeyLen,
202 kEncryptedHeaderExtensionIds));
zstein4dde3df2017-07-07 14:26:25 -0700[diff] [blame]203
204 // Initial sequence number.
205 SetBE16(reinterpret_cast<uint8_t*>(rtp_packet_) + 2, seqnum_big);
206 EXPECT_TRUE(
207 s1_.ProtectRtp(rtp_packet_, rtp_len_, sizeof(rtp_packet_), &out_len));
208
209 // Replay within the 1024 window should succeed.
210 SetBE16(reinterpret_cast<uint8_t*>(rtp_packet_) + 2,
211 seqnum_big - replay_window + 1);
212 EXPECT_TRUE(
213 s1_.ProtectRtp(rtp_packet_, rtp_len_, sizeof(rtp_packet_), &out_len));
214
215 // Replay out side of the 1024 window should fail.
216 SetBE16(reinterpret_cast<uint8_t*>(rtp_packet_) + 2,
217 seqnum_big - replay_window - 1);
218 EXPECT_FALSE(
219 s1_.ProtectRtp(rtp_packet_, rtp_len_, sizeof(rtp_packet_), &out_len));
220
221 // Increment sequence number to a small number.
222 SetBE16(reinterpret_cast<uint8_t*>(rtp_packet_) + 2, seqnum_small);
223 EXPECT_TRUE(
224 s1_.ProtectRtp(rtp_packet_, rtp_len_, sizeof(rtp_packet_), &out_len));
225
226 // Replay around 0 but out side of the 1024 window should fail.
227 SetBE16(reinterpret_cast<uint8_t*>(rtp_packet_) + 2,
228 kMaxSeqnum + seqnum_small - replay_window - 1);
229 EXPECT_FALSE(
230 s1_.ProtectRtp(rtp_packet_, rtp_len_, sizeof(rtp_packet_), &out_len));
231
232 // Replay around 0 but within the 1024 window should succeed.
233 for (uint16_t seqnum = 65000; seqnum < 65003; ++seqnum) {
234 SetBE16(reinterpret_cast<uint8_t*>(rtp_packet_) + 2, seqnum);
235 EXPECT_TRUE(
236 s1_.ProtectRtp(rtp_packet_, rtp_len_, sizeof(rtp_packet_), &out_len));
237 }
238
239 // Go back to normal sequence nubmer.
240 // NOTE: without the fix in libsrtp, this would fail. This is because
241 // without the fix, the loop above would keep incrementing local sequence
242 // number in libsrtp, eventually the new sequence number would go out side
243 // of the window.
244 SetBE16(reinterpret_cast<uint8_t*>(rtp_packet_) + 2, seqnum_small + 1);
245 EXPECT_TRUE(
246 s1_.ProtectRtp(rtp_packet_, rtp_len_, sizeof(rtp_packet_), &out_len));
247}
248
249} // namespace rtc