Gitiles
Code Review Sign In
gerrit.openfyde.cn / webrtc.googlesource.com / src / c99b6c793653b57cdf462e37109b1ed4d3addeea / . / pc / srtpsession_unittest.cc
blob: dc325739e823b5e29579417844fa6ef60f9bf769 [file] [log] [blame]
zstein4dde3df2017-07-07 14:26:25 -0700[diff] [blame]1/*
2 * Copyright 2004 The WebRTC project authors. All Rights Reserved.
3 *
4 * Use of this source code is governed by a BSD-style license
5 * that can be found in the LICENSE file in the root of the source
6 * tree. An additional intellectual property rights grant can be found
7 * in the file PATENTS. All contributing project authors may
8 * be found in the AUTHORS file in the root of the source tree.
9 */
10
Mirko Bonadei92ea95e2017-09-15 06:47:31 +0200[diff] [blame]11#include "pc/srtpsession.h"
zstein4dde3df2017-07-07 14:26:25 -0700[diff] [blame]12
13#include <string>
14
Mirko Bonadei92ea95e2017-09-15 06:47:31 +0200[diff] [blame]15#include "media/base/fakertp.h"
16#include "pc/srtptestutil.h"
17#include "rtc_base/gunit.h"
18#include "rtc_base/sslstreamadapter.h" // For rtc::SRTP_*
zstein4dde3df2017-07-07 14:26:25 -0700[diff] [blame]19
20namespace rtc {
21
Zhi Huangc99b6c72017-11-10 16:44:46 -0800[diff] [blame^]22std::vector<int> kEncryptedHeaderExtensionIds;
23
zstein4dde3df2017-07-07 14:26:25 -0700[diff] [blame]24class SrtpSessionTest : public testing::Test {
25 protected:
26 virtual void SetUp() {
27 rtp_len_ = sizeof(kPcmuFrame);
28 rtcp_len_ = sizeof(kRtcpReport);
29 memcpy(rtp_packet_, kPcmuFrame, rtp_len_);
30 memcpy(rtcp_packet_, kRtcpReport, rtcp_len_);
31 }
32 void TestProtectRtp(const std::string& cs) {
33 int out_len = 0;
34 EXPECT_TRUE(
35 s1_.ProtectRtp(rtp_packet_, rtp_len_, sizeof(rtp_packet_), &out_len));
36 EXPECT_EQ(out_len, rtp_len_ + rtp_auth_tag_len(cs));
37 EXPECT_NE(0, memcmp(rtp_packet_, kPcmuFrame, rtp_len_));
38 rtp_len_ = out_len;
39 }
40 void TestProtectRtcp(const std::string& cs) {
41 int out_len = 0;
42 EXPECT_TRUE(s1_.ProtectRtcp(rtcp_packet_, rtcp_len_, sizeof(rtcp_packet_),
43 &out_len));
44 EXPECT_EQ(out_len, rtcp_len_ + 4 + rtcp_auth_tag_len(cs)); // NOLINT
45 EXPECT_NE(0, memcmp(rtcp_packet_, kRtcpReport, rtcp_len_));
46 rtcp_len_ = out_len;
47 }
48 void TestUnprotectRtp(const std::string& cs) {
49 int out_len = 0, expected_len = sizeof(kPcmuFrame);
50 EXPECT_TRUE(s2_.UnprotectRtp(rtp_packet_, rtp_len_, &out_len));
51 EXPECT_EQ(expected_len, out_len);
52 EXPECT_EQ(0, memcmp(rtp_packet_, kPcmuFrame, out_len));
53 }
54 void TestUnprotectRtcp(const std::string& cs) {
55 int out_len = 0, expected_len = sizeof(kRtcpReport);
56 EXPECT_TRUE(s2_.UnprotectRtcp(rtcp_packet_, rtcp_len_, &out_len));
57 EXPECT_EQ(expected_len, out_len);
58 EXPECT_EQ(0, memcmp(rtcp_packet_, kRtcpReport, out_len));
59 }
60 cricket::SrtpSession s1_;
61 cricket::SrtpSession s2_;
62 char rtp_packet_[sizeof(kPcmuFrame) + 10];
63 char rtcp_packet_[sizeof(kRtcpReport) + 4 + 10];
64 int rtp_len_;
65 int rtcp_len_;
66};
67
68// Test that we can set up the session and keys properly.
69TEST_F(SrtpSessionTest, TestGoodSetup) {
Zhi Huangc99b6c72017-11-10 16:44:46 -0800[diff] [blame^]70 EXPECT_TRUE(s1_.SetSend(SRTP_AES128_CM_SHA1_80, kTestKey1, kTestKeyLen,
71 kEncryptedHeaderExtensionIds));
72 EXPECT_TRUE(s2_.SetRecv(SRTP_AES128_CM_SHA1_80, kTestKey1, kTestKeyLen,
73 kEncryptedHeaderExtensionIds));
zstein4dde3df2017-07-07 14:26:25 -0700[diff] [blame]74}
75
76// Test that we can't change the keys once set.
77TEST_F(SrtpSessionTest, TestBadSetup) {
Zhi Huangc99b6c72017-11-10 16:44:46 -0800[diff] [blame^]78 EXPECT_TRUE(s1_.SetSend(SRTP_AES128_CM_SHA1_80, kTestKey1, kTestKeyLen,
79 kEncryptedHeaderExtensionIds));
80 EXPECT_TRUE(s2_.SetRecv(SRTP_AES128_CM_SHA1_80, kTestKey1, kTestKeyLen,
81 kEncryptedHeaderExtensionIds));
82 EXPECT_FALSE(s1_.SetSend(SRTP_AES128_CM_SHA1_80, kTestKey2, kTestKeyLen,
83 kEncryptedHeaderExtensionIds));
84 EXPECT_FALSE(s2_.SetRecv(SRTP_AES128_CM_SHA1_80, kTestKey2, kTestKeyLen,
85 kEncryptedHeaderExtensionIds));
zstein4dde3df2017-07-07 14:26:25 -0700[diff] [blame]86}
87
88// Test that we fail keys of the wrong length.
89TEST_F(SrtpSessionTest, TestKeysTooShort) {
Zhi Huangc99b6c72017-11-10 16:44:46 -0800[diff] [blame^]90 EXPECT_FALSE(s1_.SetSend(SRTP_AES128_CM_SHA1_80, kTestKey1, 1,
91 kEncryptedHeaderExtensionIds));
92 EXPECT_FALSE(s2_.SetRecv(SRTP_AES128_CM_SHA1_80, kTestKey1, 1,
93 kEncryptedHeaderExtensionIds));
zstein4dde3df2017-07-07 14:26:25 -0700[diff] [blame]94}
95
96// Test that we can encrypt and decrypt RTP/RTCP using AES_CM_128_HMAC_SHA1_80.
97TEST_F(SrtpSessionTest, TestProtect_AES_CM_128_HMAC_SHA1_80) {
Zhi Huangc99b6c72017-11-10 16:44:46 -0800[diff] [blame^]98 EXPECT_TRUE(s1_.SetSend(SRTP_AES128_CM_SHA1_80, kTestKey1, kTestKeyLen,
99 kEncryptedHeaderExtensionIds));
100 EXPECT_TRUE(s2_.SetRecv(SRTP_AES128_CM_SHA1_80, kTestKey1, kTestKeyLen,
101 kEncryptedHeaderExtensionIds));
zstein4dde3df2017-07-07 14:26:25 -0700[diff] [blame]102 TestProtectRtp(CS_AES_CM_128_HMAC_SHA1_80);
103 TestProtectRtcp(CS_AES_CM_128_HMAC_SHA1_80);
104 TestUnprotectRtp(CS_AES_CM_128_HMAC_SHA1_80);
105 TestUnprotectRtcp(CS_AES_CM_128_HMAC_SHA1_80);
106}
107
108// Test that we can encrypt and decrypt RTP/RTCP using AES_CM_128_HMAC_SHA1_32.
109TEST_F(SrtpSessionTest, TestProtect_AES_CM_128_HMAC_SHA1_32) {
Zhi Huangc99b6c72017-11-10 16:44:46 -0800[diff] [blame^]110 EXPECT_TRUE(s1_.SetSend(SRTP_AES128_CM_SHA1_32, kTestKey1, kTestKeyLen,
111 kEncryptedHeaderExtensionIds));
112 EXPECT_TRUE(s2_.SetRecv(SRTP_AES128_CM_SHA1_32, kTestKey1, kTestKeyLen,
113 kEncryptedHeaderExtensionIds));
zstein4dde3df2017-07-07 14:26:25 -0700[diff] [blame]114 TestProtectRtp(CS_AES_CM_128_HMAC_SHA1_32);
115 TestProtectRtcp(CS_AES_CM_128_HMAC_SHA1_32);
116 TestUnprotectRtp(CS_AES_CM_128_HMAC_SHA1_32);
117 TestUnprotectRtcp(CS_AES_CM_128_HMAC_SHA1_32);
118}
119
120TEST_F(SrtpSessionTest, TestGetSendStreamPacketIndex) {
Zhi Huangc99b6c72017-11-10 16:44:46 -0800[diff] [blame^]121 EXPECT_TRUE(s1_.SetSend(SRTP_AES128_CM_SHA1_32, kTestKey1, kTestKeyLen,
122 kEncryptedHeaderExtensionIds));
zstein4dde3df2017-07-07 14:26:25 -0700[diff] [blame]123 int64_t index;
124 int out_len = 0;
125 EXPECT_TRUE(s1_.ProtectRtp(rtp_packet_, rtp_len_, sizeof(rtp_packet_),
126 &out_len, &index));
127 // |index| will be shifted by 16.
128 int64_t be64_index = static_cast<int64_t>(NetworkToHost64(1 << 16));
129 EXPECT_EQ(be64_index, index);
130}
131
132// Test that we fail to unprotect if someone tampers with the RTP/RTCP paylaods.
133TEST_F(SrtpSessionTest, TestTamperReject) {
134 int out_len;
Zhi Huangc99b6c72017-11-10 16:44:46 -0800[diff] [blame^]135 EXPECT_TRUE(s1_.SetSend(SRTP_AES128_CM_SHA1_80, kTestKey1, kTestKeyLen,
136 kEncryptedHeaderExtensionIds));
137 EXPECT_TRUE(s2_.SetRecv(SRTP_AES128_CM_SHA1_80, kTestKey1, kTestKeyLen,
138 kEncryptedHeaderExtensionIds));
zstein4dde3df2017-07-07 14:26:25 -0700[diff] [blame]139 TestProtectRtp(CS_AES_CM_128_HMAC_SHA1_80);
140 TestProtectRtcp(CS_AES_CM_128_HMAC_SHA1_80);
141 rtp_packet_[0] = 0x12;
142 rtcp_packet_[1] = 0x34;
143 EXPECT_FALSE(s2_.UnprotectRtp(rtp_packet_, rtp_len_, &out_len));
144 EXPECT_FALSE(s2_.UnprotectRtcp(rtcp_packet_, rtcp_len_, &out_len));
145}
146
147// Test that we fail to unprotect if the payloads are not authenticated.
148TEST_F(SrtpSessionTest, TestUnencryptReject) {
149 int out_len;
Zhi Huangc99b6c72017-11-10 16:44:46 -0800[diff] [blame^]150 EXPECT_TRUE(s1_.SetSend(SRTP_AES128_CM_SHA1_80, kTestKey1, kTestKeyLen,
151 kEncryptedHeaderExtensionIds));
152 EXPECT_TRUE(s2_.SetRecv(SRTP_AES128_CM_SHA1_80, kTestKey1, kTestKeyLen,
153 kEncryptedHeaderExtensionIds));
zstein4dde3df2017-07-07 14:26:25 -0700[diff] [blame]154 EXPECT_FALSE(s2_.UnprotectRtp(rtp_packet_, rtp_len_, &out_len));
155 EXPECT_FALSE(s2_.UnprotectRtcp(rtcp_packet_, rtcp_len_, &out_len));
156}
157
158// Test that we fail when using buffers that are too small.
159TEST_F(SrtpSessionTest, TestBuffersTooSmall) {
160 int out_len;
Zhi Huangc99b6c72017-11-10 16:44:46 -0800[diff] [blame^]161 EXPECT_TRUE(s1_.SetSend(SRTP_AES128_CM_SHA1_80, kTestKey1, kTestKeyLen,
162 kEncryptedHeaderExtensionIds));
zstein4dde3df2017-07-07 14:26:25 -0700[diff] [blame]163 EXPECT_FALSE(s1_.ProtectRtp(rtp_packet_, rtp_len_, sizeof(rtp_packet_) - 10,
164 &out_len));
165 EXPECT_FALSE(s1_.ProtectRtcp(rtcp_packet_, rtcp_len_,
166 sizeof(rtcp_packet_) - 14, &out_len));
167}
168
169TEST_F(SrtpSessionTest, TestReplay) {
170 static const uint16_t kMaxSeqnum = static_cast<uint16_t>(-1);
171 static const uint16_t seqnum_big = 62275;
172 static const uint16_t seqnum_small = 10;
173 static const uint16_t replay_window = 1024;
174 int out_len;
175
Zhi Huangc99b6c72017-11-10 16:44:46 -0800[diff] [blame^]176 EXPECT_TRUE(s1_.SetSend(SRTP_AES128_CM_SHA1_80, kTestKey1, kTestKeyLen,
177 kEncryptedHeaderExtensionIds));
178 EXPECT_TRUE(s2_.SetRecv(SRTP_AES128_CM_SHA1_80, kTestKey1, kTestKeyLen,
179 kEncryptedHeaderExtensionIds));
zstein4dde3df2017-07-07 14:26:25 -0700[diff] [blame]180
181 // Initial sequence number.
182 SetBE16(reinterpret_cast<uint8_t*>(rtp_packet_) + 2, seqnum_big);
183 EXPECT_TRUE(
184 s1_.ProtectRtp(rtp_packet_, rtp_len_, sizeof(rtp_packet_), &out_len));
185
186 // Replay within the 1024 window should succeed.
187 SetBE16(reinterpret_cast<uint8_t*>(rtp_packet_) + 2,
188 seqnum_big - replay_window + 1);
189 EXPECT_TRUE(
190 s1_.ProtectRtp(rtp_packet_, rtp_len_, sizeof(rtp_packet_), &out_len));
191
192 // Replay out side of the 1024 window should fail.
193 SetBE16(reinterpret_cast<uint8_t*>(rtp_packet_) + 2,
194 seqnum_big - replay_window - 1);
195 EXPECT_FALSE(
196 s1_.ProtectRtp(rtp_packet_, rtp_len_, sizeof(rtp_packet_), &out_len));
197
198 // Increment sequence number to a small number.
199 SetBE16(reinterpret_cast<uint8_t*>(rtp_packet_) + 2, seqnum_small);
200 EXPECT_TRUE(
201 s1_.ProtectRtp(rtp_packet_, rtp_len_, sizeof(rtp_packet_), &out_len));
202
203 // Replay around 0 but out side of the 1024 window should fail.
204 SetBE16(reinterpret_cast<uint8_t*>(rtp_packet_) + 2,
205 kMaxSeqnum + seqnum_small - replay_window - 1);
206 EXPECT_FALSE(
207 s1_.ProtectRtp(rtp_packet_, rtp_len_, sizeof(rtp_packet_), &out_len));
208
209 // Replay around 0 but within the 1024 window should succeed.
210 for (uint16_t seqnum = 65000; seqnum < 65003; ++seqnum) {
211 SetBE16(reinterpret_cast<uint8_t*>(rtp_packet_) + 2, seqnum);
212 EXPECT_TRUE(
213 s1_.ProtectRtp(rtp_packet_, rtp_len_, sizeof(rtp_packet_), &out_len));
214 }
215
216 // Go back to normal sequence nubmer.
217 // NOTE: without the fix in libsrtp, this would fail. This is because
218 // without the fix, the loop above would keep incrementing local sequence
219 // number in libsrtp, eventually the new sequence number would go out side
220 // of the window.
221 SetBE16(reinterpret_cast<uint8_t*>(rtp_packet_) + 2, seqnum_small + 1);
222 EXPECT_TRUE(
223 s1_.ProtectRtp(rtp_packet_, rtp_len_, sizeof(rtp_packet_), &out_len));
224}
225
226} // namespace rtc