Gitiles
Code Review Sign In
gerrit.openfyde.cn / webrtc.googlesource.com / src / 7fc821d42dcdd27494907df10884149373b21ade / . / pc / srtpsession_unittest.cc
blob: b1bc9f067602d41c2b8243b4331b331dd55c220b [file] [log] [blame]
zstein4dde3df2017-07-07 14:26:25 -0700[diff] [blame]1/*
2 * Copyright 2004 The WebRTC project authors. All Rights Reserved.
3 *
4 * Use of this source code is governed by a BSD-style license
5 * that can be found in the LICENSE file in the root of the source
6 * tree. An additional intellectual property rights grant can be found
7 * in the file PATENTS. All contributing project authors may
8 * be found in the AUTHORS file in the root of the source tree.
9 */
10
Mirko Bonadei92ea95e2017-09-15 06:47:31 +0200[diff] [blame]11#include "pc/srtpsession.h"
zstein4dde3df2017-07-07 14:26:25 -0700[diff] [blame]12
13#include <string>
14
Karl Wiberg918f50c2018-07-05 11:40:33 +0200[diff] [blame]15#include "absl/memory/memory.h"
Mirko Bonadei92ea95e2017-09-15 06:47:31 +0200[diff] [blame]16#include "media/base/fakertp.h"
17#include "pc/srtptestutil.h"
18#include "rtc_base/gunit.h"
19#include "rtc_base/sslstreamadapter.h" // For rtc::SRTP_*
Qingsi Wang7fc821d2018-07-12 12:54:53 -0700[diff] [blame^]20#include "system_wrappers/include/metrics_default.h"
Steve Antondb67ba12018-03-19 17:41:42 -0700[diff] [blame]21#include "third_party/libsrtp/include/srtp.h"
zstein4dde3df2017-07-07 14:26:25 -0700[diff] [blame]22
23namespace rtc {
24
Zhi Huangc99b6c72017-11-10 16:44:46 -0800[diff] [blame]25std::vector<int> kEncryptedHeaderExtensionIds;
26
zstein4dde3df2017-07-07 14:26:25 -0700[diff] [blame]27class SrtpSessionTest : public testing::Test {
Qingsi Wang7fc821d2018-07-12 12:54:53 -0700[diff] [blame^]28 public:
29 SrtpSessionTest() { webrtc::metrics::Reset(); }
30
zstein4dde3df2017-07-07 14:26:25 -0700[diff] [blame]31 protected:
32 virtual void SetUp() {
33 rtp_len_ = sizeof(kPcmuFrame);
34 rtcp_len_ = sizeof(kRtcpReport);
35 memcpy(rtp_packet_, kPcmuFrame, rtp_len_);
36 memcpy(rtcp_packet_, kRtcpReport, rtcp_len_);
37 }
38 void TestProtectRtp(const std::string& cs) {
39 int out_len = 0;
40 EXPECT_TRUE(
41 s1_.ProtectRtp(rtp_packet_, rtp_len_, sizeof(rtp_packet_), &out_len));
42 EXPECT_EQ(out_len, rtp_len_ + rtp_auth_tag_len(cs));
43 EXPECT_NE(0, memcmp(rtp_packet_, kPcmuFrame, rtp_len_));
44 rtp_len_ = out_len;
45 }
46 void TestProtectRtcp(const std::string& cs) {
47 int out_len = 0;
48 EXPECT_TRUE(s1_.ProtectRtcp(rtcp_packet_, rtcp_len_, sizeof(rtcp_packet_),
49 &out_len));
50 EXPECT_EQ(out_len, rtcp_len_ + 4 + rtcp_auth_tag_len(cs)); // NOLINT
51 EXPECT_NE(0, memcmp(rtcp_packet_, kRtcpReport, rtcp_len_));
52 rtcp_len_ = out_len;
53 }
54 void TestUnprotectRtp(const std::string& cs) {
55 int out_len = 0, expected_len = sizeof(kPcmuFrame);
56 EXPECT_TRUE(s2_.UnprotectRtp(rtp_packet_, rtp_len_, &out_len));
57 EXPECT_EQ(expected_len, out_len);
58 EXPECT_EQ(0, memcmp(rtp_packet_, kPcmuFrame, out_len));
59 }
60 void TestUnprotectRtcp(const std::string& cs) {
61 int out_len = 0, expected_len = sizeof(kRtcpReport);
62 EXPECT_TRUE(s2_.UnprotectRtcp(rtcp_packet_, rtcp_len_, &out_len));
63 EXPECT_EQ(expected_len, out_len);
64 EXPECT_EQ(0, memcmp(rtcp_packet_, kRtcpReport, out_len));
65 }
66 cricket::SrtpSession s1_;
67 cricket::SrtpSession s2_;
68 char rtp_packet_[sizeof(kPcmuFrame) + 10];
69 char rtcp_packet_[sizeof(kRtcpReport) + 4 + 10];
70 int rtp_len_;
71 int rtcp_len_;
72};
73
74// Test that we can set up the session and keys properly.
75TEST_F(SrtpSessionTest, TestGoodSetup) {
Zhi Huangc99b6c72017-11-10 16:44:46 -0800[diff] [blame]76 EXPECT_TRUE(s1_.SetSend(SRTP_AES128_CM_SHA1_80, kTestKey1, kTestKeyLen,
77 kEncryptedHeaderExtensionIds));
78 EXPECT_TRUE(s2_.SetRecv(SRTP_AES128_CM_SHA1_80, kTestKey1, kTestKeyLen,
79 kEncryptedHeaderExtensionIds));
zstein4dde3df2017-07-07 14:26:25 -0700[diff] [blame]80}
81
82// Test that we can't change the keys once set.
83TEST_F(SrtpSessionTest, TestBadSetup) {
Zhi Huangc99b6c72017-11-10 16:44:46 -0800[diff] [blame]84 EXPECT_TRUE(s1_.SetSend(SRTP_AES128_CM_SHA1_80, kTestKey1, kTestKeyLen,
85 kEncryptedHeaderExtensionIds));
86 EXPECT_TRUE(s2_.SetRecv(SRTP_AES128_CM_SHA1_80, kTestKey1, kTestKeyLen,
87 kEncryptedHeaderExtensionIds));
88 EXPECT_FALSE(s1_.SetSend(SRTP_AES128_CM_SHA1_80, kTestKey2, kTestKeyLen,
89 kEncryptedHeaderExtensionIds));
90 EXPECT_FALSE(s2_.SetRecv(SRTP_AES128_CM_SHA1_80, kTestKey2, kTestKeyLen,
91 kEncryptedHeaderExtensionIds));
zstein4dde3df2017-07-07 14:26:25 -0700[diff] [blame]92}
93
94// Test that we fail keys of the wrong length.
95TEST_F(SrtpSessionTest, TestKeysTooShort) {
Zhi Huangc99b6c72017-11-10 16:44:46 -0800[diff] [blame]96 EXPECT_FALSE(s1_.SetSend(SRTP_AES128_CM_SHA1_80, kTestKey1, 1,
97 kEncryptedHeaderExtensionIds));
98 EXPECT_FALSE(s2_.SetRecv(SRTP_AES128_CM_SHA1_80, kTestKey1, 1,
99 kEncryptedHeaderExtensionIds));
zstein4dde3df2017-07-07 14:26:25 -0700[diff] [blame]100}
101
102// Test that we can encrypt and decrypt RTP/RTCP using AES_CM_128_HMAC_SHA1_80.
103TEST_F(SrtpSessionTest, TestProtect_AES_CM_128_HMAC_SHA1_80) {
Zhi Huangc99b6c72017-11-10 16:44:46 -0800[diff] [blame]104 EXPECT_TRUE(s1_.SetSend(SRTP_AES128_CM_SHA1_80, kTestKey1, kTestKeyLen,
105 kEncryptedHeaderExtensionIds));
106 EXPECT_TRUE(s2_.SetRecv(SRTP_AES128_CM_SHA1_80, kTestKey1, kTestKeyLen,
107 kEncryptedHeaderExtensionIds));
zstein4dde3df2017-07-07 14:26:25 -0700[diff] [blame]108 TestProtectRtp(CS_AES_CM_128_HMAC_SHA1_80);
109 TestProtectRtcp(CS_AES_CM_128_HMAC_SHA1_80);
110 TestUnprotectRtp(CS_AES_CM_128_HMAC_SHA1_80);
111 TestUnprotectRtcp(CS_AES_CM_128_HMAC_SHA1_80);
112}
113
114// Test that we can encrypt and decrypt RTP/RTCP using AES_CM_128_HMAC_SHA1_32.
115TEST_F(SrtpSessionTest, TestProtect_AES_CM_128_HMAC_SHA1_32) {
Zhi Huangc99b6c72017-11-10 16:44:46 -0800[diff] [blame]116 EXPECT_TRUE(s1_.SetSend(SRTP_AES128_CM_SHA1_32, kTestKey1, kTestKeyLen,
117 kEncryptedHeaderExtensionIds));
118 EXPECT_TRUE(s2_.SetRecv(SRTP_AES128_CM_SHA1_32, kTestKey1, kTestKeyLen,
119 kEncryptedHeaderExtensionIds));
zstein4dde3df2017-07-07 14:26:25 -0700[diff] [blame]120 TestProtectRtp(CS_AES_CM_128_HMAC_SHA1_32);
121 TestProtectRtcp(CS_AES_CM_128_HMAC_SHA1_32);
122 TestUnprotectRtp(CS_AES_CM_128_HMAC_SHA1_32);
123 TestUnprotectRtcp(CS_AES_CM_128_HMAC_SHA1_32);
124}
125
126TEST_F(SrtpSessionTest, TestGetSendStreamPacketIndex) {
Zhi Huangc99b6c72017-11-10 16:44:46 -0800[diff] [blame]127 EXPECT_TRUE(s1_.SetSend(SRTP_AES128_CM_SHA1_32, kTestKey1, kTestKeyLen,
128 kEncryptedHeaderExtensionIds));
zstein4dde3df2017-07-07 14:26:25 -0700[diff] [blame]129 int64_t index;
130 int out_len = 0;
131 EXPECT_TRUE(s1_.ProtectRtp(rtp_packet_, rtp_len_, sizeof(rtp_packet_),
132 &out_len, &index));
133 // |index| will be shifted by 16.
134 int64_t be64_index = static_cast<int64_t>(NetworkToHost64(1 << 16));
135 EXPECT_EQ(be64_index, index);
136}
137
138// Test that we fail to unprotect if someone tampers with the RTP/RTCP paylaods.
139TEST_F(SrtpSessionTest, TestTamperReject) {
140 int out_len;
Zhi Huangc99b6c72017-11-10 16:44:46 -0800[diff] [blame]141 EXPECT_TRUE(s1_.SetSend(SRTP_AES128_CM_SHA1_80, kTestKey1, kTestKeyLen,
142 kEncryptedHeaderExtensionIds));
143 EXPECT_TRUE(s2_.SetRecv(SRTP_AES128_CM_SHA1_80, kTestKey1, kTestKeyLen,
144 kEncryptedHeaderExtensionIds));
zstein4dde3df2017-07-07 14:26:25 -0700[diff] [blame]145 TestProtectRtp(CS_AES_CM_128_HMAC_SHA1_80);
146 TestProtectRtcp(CS_AES_CM_128_HMAC_SHA1_80);
147 rtp_packet_[0] = 0x12;
148 rtcp_packet_[1] = 0x34;
149 EXPECT_FALSE(s2_.UnprotectRtp(rtp_packet_, rtp_len_, &out_len));
Qingsi Wang7fc821d2018-07-12 12:54:53 -0700[diff] [blame^]150 EXPECT_EQ(1, webrtc::metrics::NumSamples(
151 "WebRTC.PeerConnection.SrtpUnprotectError"));
152 EXPECT_EQ(
153 1, webrtc::metrics::NumEvents("WebRTC.PeerConnection.SrtpUnprotectError",
154 srtp_err_status_bad_param));
zstein4dde3df2017-07-07 14:26:25 -0700[diff] [blame]155 EXPECT_FALSE(s2_.UnprotectRtcp(rtcp_packet_, rtcp_len_, &out_len));
Qingsi Wang7fc821d2018-07-12 12:54:53 -0700[diff] [blame^]156 EXPECT_EQ(1, webrtc::metrics::NumSamples(
157 "WebRTC.PeerConnection.SrtcpUnprotectError"));
158 EXPECT_EQ(
159 1, webrtc::metrics::NumEvents("WebRTC.PeerConnection.SrtcpUnprotectError",
160 srtp_err_status_auth_fail));
zstein4dde3df2017-07-07 14:26:25 -0700[diff] [blame]161}
162
163// Test that we fail to unprotect if the payloads are not authenticated.
164TEST_F(SrtpSessionTest, TestUnencryptReject) {
165 int out_len;
Zhi Huangc99b6c72017-11-10 16:44:46 -0800[diff] [blame]166 EXPECT_TRUE(s1_.SetSend(SRTP_AES128_CM_SHA1_80, kTestKey1, kTestKeyLen,
167 kEncryptedHeaderExtensionIds));
168 EXPECT_TRUE(s2_.SetRecv(SRTP_AES128_CM_SHA1_80, kTestKey1, kTestKeyLen,
169 kEncryptedHeaderExtensionIds));
zstein4dde3df2017-07-07 14:26:25 -0700[diff] [blame]170 EXPECT_FALSE(s2_.UnprotectRtp(rtp_packet_, rtp_len_, &out_len));
Qingsi Wang7fc821d2018-07-12 12:54:53 -0700[diff] [blame^]171 EXPECT_EQ(1, webrtc::metrics::NumSamples(
172 "WebRTC.PeerConnection.SrtpUnprotectError"));
173 EXPECT_EQ(
174 1, webrtc::metrics::NumEvents("WebRTC.PeerConnection.SrtpUnprotectError",
175 srtp_err_status_auth_fail));
zstein4dde3df2017-07-07 14:26:25 -0700[diff] [blame]176 EXPECT_FALSE(s2_.UnprotectRtcp(rtcp_packet_, rtcp_len_, &out_len));
Qingsi Wang7fc821d2018-07-12 12:54:53 -0700[diff] [blame^]177 EXPECT_EQ(1, webrtc::metrics::NumSamples(
178 "WebRTC.PeerConnection.SrtcpUnprotectError"));
179 EXPECT_EQ(
180 1, webrtc::metrics::NumEvents("WebRTC.PeerConnection.SrtcpUnprotectError",
181 srtp_err_status_cant_check));
zstein4dde3df2017-07-07 14:26:25 -0700[diff] [blame]182}
183
184// Test that we fail when using buffers that are too small.
185TEST_F(SrtpSessionTest, TestBuffersTooSmall) {
186 int out_len;
Zhi Huangc99b6c72017-11-10 16:44:46 -0800[diff] [blame]187 EXPECT_TRUE(s1_.SetSend(SRTP_AES128_CM_SHA1_80, kTestKey1, kTestKeyLen,
188 kEncryptedHeaderExtensionIds));
zstein4dde3df2017-07-07 14:26:25 -0700[diff] [blame]189 EXPECT_FALSE(s1_.ProtectRtp(rtp_packet_, rtp_len_, sizeof(rtp_packet_) - 10,
190 &out_len));
191 EXPECT_FALSE(s1_.ProtectRtcp(rtcp_packet_, rtcp_len_,
192 sizeof(rtcp_packet_) - 14, &out_len));
193}
194
195TEST_F(SrtpSessionTest, TestReplay) {
196 static const uint16_t kMaxSeqnum = static_cast<uint16_t>(-1);
197 static const uint16_t seqnum_big = 62275;
198 static const uint16_t seqnum_small = 10;
199 static const uint16_t replay_window = 1024;
200 int out_len;
201
Zhi Huangc99b6c72017-11-10 16:44:46 -0800[diff] [blame]202 EXPECT_TRUE(s1_.SetSend(SRTP_AES128_CM_SHA1_80, kTestKey1, kTestKeyLen,
203 kEncryptedHeaderExtensionIds));
204 EXPECT_TRUE(s2_.SetRecv(SRTP_AES128_CM_SHA1_80, kTestKey1, kTestKeyLen,
205 kEncryptedHeaderExtensionIds));
zstein4dde3df2017-07-07 14:26:25 -0700[diff] [blame]206
207 // Initial sequence number.
208 SetBE16(reinterpret_cast<uint8_t*>(rtp_packet_) + 2, seqnum_big);
209 EXPECT_TRUE(
210 s1_.ProtectRtp(rtp_packet_, rtp_len_, sizeof(rtp_packet_), &out_len));
211
212 // Replay within the 1024 window should succeed.
213 SetBE16(reinterpret_cast<uint8_t*>(rtp_packet_) + 2,
214 seqnum_big - replay_window + 1);
215 EXPECT_TRUE(
216 s1_.ProtectRtp(rtp_packet_, rtp_len_, sizeof(rtp_packet_), &out_len));
217
218 // Replay out side of the 1024 window should fail.
219 SetBE16(reinterpret_cast<uint8_t*>(rtp_packet_) + 2,
220 seqnum_big - replay_window - 1);
221 EXPECT_FALSE(
222 s1_.ProtectRtp(rtp_packet_, rtp_len_, sizeof(rtp_packet_), &out_len));
223
224 // Increment sequence number to a small number.
225 SetBE16(reinterpret_cast<uint8_t*>(rtp_packet_) + 2, seqnum_small);
226 EXPECT_TRUE(
227 s1_.ProtectRtp(rtp_packet_, rtp_len_, sizeof(rtp_packet_), &out_len));
228
229 // Replay around 0 but out side of the 1024 window should fail.
230 SetBE16(reinterpret_cast<uint8_t*>(rtp_packet_) + 2,
231 kMaxSeqnum + seqnum_small - replay_window - 1);
232 EXPECT_FALSE(
233 s1_.ProtectRtp(rtp_packet_, rtp_len_, sizeof(rtp_packet_), &out_len));
234
235 // Replay around 0 but within the 1024 window should succeed.
236 for (uint16_t seqnum = 65000; seqnum < 65003; ++seqnum) {
237 SetBE16(reinterpret_cast<uint8_t*>(rtp_packet_) + 2, seqnum);
238 EXPECT_TRUE(
239 s1_.ProtectRtp(rtp_packet_, rtp_len_, sizeof(rtp_packet_), &out_len));
240 }
241
242 // Go back to normal sequence nubmer.
243 // NOTE: without the fix in libsrtp, this would fail. This is because
244 // without the fix, the loop above would keep incrementing local sequence
245 // number in libsrtp, eventually the new sequence number would go out side
246 // of the window.
247 SetBE16(reinterpret_cast<uint8_t*>(rtp_packet_) + 2, seqnum_small + 1);
248 EXPECT_TRUE(
249 s1_.ProtectRtp(rtp_packet_, rtp_len_, sizeof(rtp_packet_), &out_len));
250}
251
252} // namespace rtc