Gitiles
Code Review Sign In
gerrit.openfyde.cn / webrtc.googlesource.com / src / 80e9339e3922d91e23114af4f4082edbd3ec15ee / . / pc / jseptransport2_unittest.cc
blob: fc098ae9b65570bf102beeaba04f50da63024c5b [file] [log] [blame]
Zhi Huange818b6e2018-02-22 15:26:27 -0800[diff] [blame]1/*
2 * Copyright 2018 The WebRTC Project Authors. All rights reserved.
3 *
4 * Use of this source code is governed by a BSD-style license
5 * that can be found in the LICENSE file in the root of the source
6 * tree. An additional intellectual property rights grant can be found
7 * in the file PATENTS. All contributing project authors may
8 * be found in the AUTHORS file in the root of the source tree.
9 */
10
11#include <memory>
12#include <utility>
13
14#include "p2p/base/fakedtlstransport.h"
15#include "p2p/base/fakeicetransport.h"
16#include "pc/jseptransport2.h"
17#include "rtc_base/gunit.h"
18
19namespace cricket {
20using webrtc::SdpType;
21
22static const char kIceUfrag1[] = "U001";
23static const char kIcePwd1[] = "TESTICEPWD00000000000001";
24static const char kIceUfrag2[] = "U002";
25static const char kIcePwd2[] = "TESTIEPWD00000000000002";
26static const char kTransportName[] = "Test Transport";
27
28enum class SrtpMode {
29 kSdes,
30 kDtlsSrtp,
31};
32
33struct NegotiateRoleParams {
34 ConnectionRole local_role;
35 ConnectionRole remote_role;
36 SdpType local_type;
37 SdpType remote_type;
38};
39
40class JsepTransport2Test : public testing::Test, public sigslot::has_slots<> {
41 protected:
42 std::unique_ptr<webrtc::SrtpTransport> CreateSdesTransport(
43 const std::string& transport_name,
44 rtc::PacketTransportInternal* rtp_packet_transport,
45 rtc::PacketTransportInternal* rtcp_packet_transport) {
Zhi Huang95e7dbb2018-03-29 00:08:03 +0000[diff] [blame]46 bool rtcp_mux_enabled = (rtcp_packet_transport == nullptr);
47 auto srtp_transport =
48 rtc::MakeUnique<webrtc::SrtpTransport>(rtcp_mux_enabled);
Zhi Huange818b6e2018-02-22 15:26:27 -0800[diff] [blame]49
50 srtp_transport->SetRtpPacketTransport(rtp_packet_transport);
51 if (rtcp_packet_transport) {
52 srtp_transport->SetRtcpPacketTransport(rtp_packet_transport);
53 }
54 return srtp_transport;
55 }
56
57 std::unique_ptr<webrtc::DtlsSrtpTransport> CreateDtlsSrtpTransport(
58 const std::string& transport_name,
59 cricket::DtlsTransportInternal* rtp_dtls_transport,
60 cricket::DtlsTransportInternal* rtcp_dtls_transport) {
Zhi Huang95e7dbb2018-03-29 00:08:03 +0000[diff] [blame]61 bool rtcp_mux_enabled = (rtcp_dtls_transport == nullptr);
62 auto srtp_transport =
63 rtc::MakeUnique<webrtc::SrtpTransport>(rtcp_mux_enabled);
64 auto dtls_srtp_transport =
65 rtc::MakeUnique<webrtc::DtlsSrtpTransport>(std::move(srtp_transport));
Zhi Huange818b6e2018-02-22 15:26:27 -0800[diff] [blame]66
67 dtls_srtp_transport->SetDtlsTransports(rtp_dtls_transport,
68 rtcp_dtls_transport);
69 return dtls_srtp_transport;
70 }
71
72 // Create a new JsepTransport2 with a FakeDtlsTransport and a
73 // FakeIceTransport.
74 void CreateJsepTransport2(bool rtcp_mux_enabled, SrtpMode srtp_mode) {
75 auto ice = rtc::MakeUnique<FakeIceTransport>(kTransportName,
76 ICE_CANDIDATE_COMPONENT_RTP);
77 auto rtp_dtls_transport =
78 rtc::MakeUnique<FakeDtlsTransport>(std::move(ice));
79
80 std::unique_ptr<FakeDtlsTransport> rtcp_dtls_transport;
81 if (!rtcp_mux_enabled) {
82 ice = rtc::MakeUnique<FakeIceTransport>(kTransportName,
83 ICE_CANDIDATE_COMPONENT_RTCP);
84 rtcp_dtls_transport = rtc::MakeUnique<FakeDtlsTransport>(std::move(ice));
85 }
86
87 std::unique_ptr<webrtc::RtpTransport> unencrypted_rtp_transport;
88 std::unique_ptr<webrtc::SrtpTransport> sdes_transport;
89 std::unique_ptr<webrtc::DtlsSrtpTransport> dtls_srtp_transport;
90 switch (srtp_mode) {
91 case SrtpMode::kSdes:
92 sdes_transport =
93 CreateSdesTransport(kTransportName, rtp_dtls_transport.get(),
94 rtcp_dtls_transport.get());
95 sdes_transport_ = sdes_transport.get();
96 break;
97 case SrtpMode::kDtlsSrtp:
98 dtls_srtp_transport =
99 CreateDtlsSrtpTransport(kTransportName, rtp_dtls_transport.get(),
100 rtcp_dtls_transport.get());
101 break;
102 default:
103 RTC_NOTREACHED();
104 }
105
106 jsep_transport_ = rtc::MakeUnique<JsepTransport2>(
107 kTransportName, /*local_certificate=*/nullptr,
108 std::move(unencrypted_rtp_transport), std::move(sdes_transport),
109 std::move(dtls_srtp_transport), std::move(rtp_dtls_transport),
110 std::move(rtcp_dtls_transport));
111
112 signal_rtcp_mux_active_received_ = false;
113 jsep_transport_->SignalRtcpMuxActive.connect(
114 this, &JsepTransport2Test::OnRtcpMuxActive);
115 }
116
117 JsepTransportDescription MakeJsepTransportDescription(
118 bool rtcp_mux_enabled,
119 const char* ufrag,
120 const char* pwd,
121 const rtc::scoped_refptr<rtc::RTCCertificate>& cert,
122 ConnectionRole role = CONNECTIONROLE_NONE) {
123 JsepTransportDescription jsep_description;
124 jsep_description.rtcp_mux_enabled = rtcp_mux_enabled;
125
126 std::unique_ptr<rtc::SSLFingerprint> fingerprint;
127 if (cert) {
128 fingerprint.reset(rtc::SSLFingerprint::CreateFromCertificate(cert));
129 }
130 jsep_description.transport_desc =
131 TransportDescription(std::vector<std::string>(), ufrag, pwd,
132 ICEMODE_FULL, role, fingerprint.get());
133 return jsep_description;
134 }
135
136 Candidate CreateCandidate(int component) {
137 Candidate c;
138 c.set_address(rtc::SocketAddress("192.168.1.1", 8000));
139 c.set_component(component);
140 c.set_protocol(UDP_PROTOCOL_NAME);
141 c.set_priority(1);
142 return c;
143 }
144
145 void OnRtcpMuxActive() { signal_rtcp_mux_active_received_ = true; }
146
147 std::unique_ptr<JsepTransport2> jsep_transport_;
148 bool signal_rtcp_mux_active_received_ = false;
149 // The SrtpTransport is owned by |jsep_transport_|. Keep a raw pointer here
150 // for testing.
151 webrtc::SrtpTransport* sdes_transport_ = nullptr;
152};
153
154// The parameterized tests cover both cases when RTCP mux is enable and
155// disabled.
156class JsepTransport2WithRtcpMux : public JsepTransport2Test,
157 public testing::WithParamInterface<bool> {};
158
159// This test verifies the ICE parameters are properly applied to the transports.
160TEST_P(JsepTransport2WithRtcpMux, SetIceParameters) {
161 bool rtcp_mux_enabled = GetParam();
162 CreateJsepTransport2(rtcp_mux_enabled, SrtpMode::kDtlsSrtp);
163
164 JsepTransportDescription jsep_description;
165 jsep_description.transport_desc = TransportDescription(kIceUfrag1, kIcePwd1);
166 jsep_description.rtcp_mux_enabled = rtcp_mux_enabled;
167 ASSERT_TRUE(
168 jsep_transport_
169 ->SetLocalJsepTransportDescription(jsep_description, SdpType::kOffer)
170 .ok());
171 auto fake_ice_transport = static_cast<FakeIceTransport*>(
172 jsep_transport_->rtp_dtls_transport()->ice_transport());
173 EXPECT_EQ(ICEMODE_FULL, fake_ice_transport->remote_ice_mode());
174 EXPECT_EQ(kIceUfrag1, fake_ice_transport->ice_ufrag());
175 EXPECT_EQ(kIcePwd1, fake_ice_transport->ice_pwd());
176 if (!rtcp_mux_enabled) {
177 fake_ice_transport = static_cast<FakeIceTransport*>(
178 jsep_transport_->rtcp_dtls_transport()->ice_transport());
179 ASSERT_TRUE(fake_ice_transport);
180 EXPECT_EQ(ICEMODE_FULL, fake_ice_transport->remote_ice_mode());
181 EXPECT_EQ(kIceUfrag1, fake_ice_transport->ice_ufrag());
182 EXPECT_EQ(kIcePwd1, fake_ice_transport->ice_pwd());
183 }
184
185 jsep_description.transport_desc = TransportDescription(kIceUfrag2, kIcePwd2);
186 ASSERT_TRUE(jsep_transport_
187 ->SetRemoteJsepTransportDescription(jsep_description,
188 SdpType::kAnswer)
189 .ok());
190 fake_ice_transport = static_cast<FakeIceTransport*>(
191 jsep_transport_->rtp_dtls_transport()->ice_transport());
192 EXPECT_EQ(ICEMODE_FULL, fake_ice_transport->remote_ice_mode());
193 EXPECT_EQ(kIceUfrag2, fake_ice_transport->remote_ice_ufrag());
194 EXPECT_EQ(kIcePwd2, fake_ice_transport->remote_ice_pwd());
195 if (!rtcp_mux_enabled) {
196 fake_ice_transport = static_cast<FakeIceTransport*>(
197 jsep_transport_->rtcp_dtls_transport()->ice_transport());
198 ASSERT_TRUE(fake_ice_transport);
199 EXPECT_EQ(ICEMODE_FULL, fake_ice_transport->remote_ice_mode());
200 EXPECT_EQ(kIceUfrag2, fake_ice_transport->remote_ice_ufrag());
201 EXPECT_EQ(kIcePwd2, fake_ice_transport->remote_ice_pwd());
202 }
203}
204
205// Similarly, test DTLS parameters are properly applied to the transports.
206TEST_P(JsepTransport2WithRtcpMux, SetDtlsParameters) {
207 bool rtcp_mux_enabled = GetParam();
208 CreateJsepTransport2(rtcp_mux_enabled, SrtpMode::kDtlsSrtp);
209
210 // Create certificates.
211 rtc::scoped_refptr<rtc::RTCCertificate> local_cert =
212 rtc::RTCCertificate::Create(std::unique_ptr<rtc::SSLIdentity>(
213 rtc::SSLIdentity::Generate("local", rtc::KT_DEFAULT)));
214 rtc::scoped_refptr<rtc::RTCCertificate> remote_cert =
215 rtc::RTCCertificate::Create(std::unique_ptr<rtc::SSLIdentity>(
216 rtc::SSLIdentity::Generate("remote", rtc::KT_DEFAULT)));
217 jsep_transport_->SetLocalCertificate(local_cert);
218
219 // Apply offer.
220 JsepTransportDescription local_description =
221 MakeJsepTransportDescription(rtcp_mux_enabled, kIceUfrag1, kIcePwd1,
222 local_cert, CONNECTIONROLE_ACTPASS);
223 ASSERT_TRUE(
224 jsep_transport_
225 ->SetLocalJsepTransportDescription(local_description, SdpType::kOffer)
226 .ok());
227 // Apply Answer.
228 JsepTransportDescription remote_description =
229 MakeJsepTransportDescription(rtcp_mux_enabled, kIceUfrag2, kIcePwd2,
230 remote_cert, CONNECTIONROLE_ACTIVE);
231 ASSERT_TRUE(jsep_transport_
232 ->SetRemoteJsepTransportDescription(remote_description,
233 SdpType::kAnswer)
234 .ok());
235
236 // Verify that SSL role and remote fingerprint were set correctly based on
237 // transport descriptions.
238 auto role = jsep_transport_->GetDtlsRole();
239 ASSERT_TRUE(role);
240 EXPECT_EQ(rtc::SSL_SERVER, role); // Because remote description was "active".
241 auto fake_dtls =
242 static_cast<FakeDtlsTransport*>(jsep_transport_->rtp_dtls_transport());
243 EXPECT_EQ(remote_description.transport_desc.identity_fingerprint->ToString(),
244 fake_dtls->dtls_fingerprint().ToString());
245
246 if (!rtcp_mux_enabled) {
247 auto fake_rtcp_dtls =
248 static_cast<FakeDtlsTransport*>(jsep_transport_->rtcp_dtls_transport());
249 EXPECT_EQ(
250 remote_description.transport_desc.identity_fingerprint->ToString(),
251 fake_rtcp_dtls->dtls_fingerprint().ToString());
252 }
253}
254
255// Same as above test, but with remote transport description using
256// CONNECTIONROLE_PASSIVE, expecting SSL_CLIENT role.
257TEST_P(JsepTransport2WithRtcpMux, SetDtlsParametersWithPassiveAnswer) {
258 bool rtcp_mux_enabled = GetParam();
259 CreateJsepTransport2(rtcp_mux_enabled, SrtpMode::kDtlsSrtp);
260
261 // Create certificates.
262 rtc::scoped_refptr<rtc::RTCCertificate> local_cert =
263 rtc::RTCCertificate::Create(std::unique_ptr<rtc::SSLIdentity>(
264 rtc::SSLIdentity::Generate("local", rtc::KT_DEFAULT)));
265 rtc::scoped_refptr<rtc::RTCCertificate> remote_cert =
266 rtc::RTCCertificate::Create(std::unique_ptr<rtc::SSLIdentity>(
267 rtc::SSLIdentity::Generate("remote", rtc::KT_DEFAULT)));
268 jsep_transport_->SetLocalCertificate(local_cert);
269
270 // Apply offer.
271 JsepTransportDescription local_description =
272 MakeJsepTransportDescription(rtcp_mux_enabled, kIceUfrag1, kIcePwd1,
273 local_cert, CONNECTIONROLE_ACTPASS);
274 ASSERT_TRUE(
275 jsep_transport_
276 ->SetLocalJsepTransportDescription(local_description, SdpType::kOffer)
277 .ok());
278 // Apply Answer.
279 JsepTransportDescription remote_description =
280 MakeJsepTransportDescription(rtcp_mux_enabled, kIceUfrag2, kIcePwd2,
281 remote_cert, CONNECTIONROLE_PASSIVE);
282 ASSERT_TRUE(jsep_transport_
283 ->SetRemoteJsepTransportDescription(remote_description,
284 SdpType::kAnswer)
285 .ok());
286
287 // Verify that SSL role and remote fingerprint were set correctly based on
288 // transport descriptions.
289 auto role = jsep_transport_->GetDtlsRole();
290 ASSERT_TRUE(role);
291 EXPECT_EQ(rtc::SSL_CLIENT,
292 role); // Because remote description was "passive".
293 auto fake_dtls =
294 static_cast<FakeDtlsTransport*>(jsep_transport_->rtp_dtls_transport());
295 EXPECT_EQ(remote_description.transport_desc.identity_fingerprint->ToString(),
296 fake_dtls->dtls_fingerprint().ToString());
297
298 if (!rtcp_mux_enabled) {
299 auto fake_rtcp_dtls =
300 static_cast<FakeDtlsTransport*>(jsep_transport_->rtcp_dtls_transport());
301 EXPECT_EQ(
302 remote_description.transport_desc.identity_fingerprint->ToString(),
303 fake_rtcp_dtls->dtls_fingerprint().ToString());
304 }
305}
306
307// Tests SetNeedsIceRestartFlag and need_ice_restart, ensuring needs_ice_restart
308// only starts returning "false" once an ICE restart has been initiated.
309TEST_P(JsepTransport2WithRtcpMux, NeedsIceRestart) {
310 bool rtcp_mux_enabled = GetParam();
311 CreateJsepTransport2(rtcp_mux_enabled, SrtpMode::kDtlsSrtp);
312
313 // Use the same JsepTransportDescription for both offer and answer.
314 JsepTransportDescription description;
315 description.transport_desc = TransportDescription(kIceUfrag1, kIcePwd1);
316 ASSERT_TRUE(
317 jsep_transport_
318 ->SetLocalJsepTransportDescription(description, SdpType::kOffer)
319 .ok());
320 ASSERT_TRUE(
321 jsep_transport_
322 ->SetRemoteJsepTransportDescription(description, SdpType::kAnswer)
323 .ok());
324 // Flag initially should be false.
325 EXPECT_FALSE(jsep_transport_->needs_ice_restart());
326
327 // After setting flag, it should be true.
328 jsep_transport_->SetNeedsIceRestartFlag();
329 EXPECT_TRUE(jsep_transport_->needs_ice_restart());
330
331 ASSERT_TRUE(
332 jsep_transport_
333 ->SetLocalJsepTransportDescription(description, SdpType::kOffer)
334 .ok());
335 ASSERT_TRUE(
336 jsep_transport_
337 ->SetRemoteJsepTransportDescription(description, SdpType::kAnswer)
338 .ok());
339 EXPECT_TRUE(jsep_transport_->needs_ice_restart());
340
341 // Doing an offer/answer that restarts ICE should clear the flag.
342 description.transport_desc = TransportDescription(kIceUfrag2, kIcePwd2);
343 ASSERT_TRUE(
344 jsep_transport_
345 ->SetLocalJsepTransportDescription(description, SdpType::kOffer)
346 .ok());
347 ASSERT_TRUE(
348 jsep_transport_
349 ->SetRemoteJsepTransportDescription(description, SdpType::kAnswer)
350 .ok());
351 EXPECT_FALSE(jsep_transport_->needs_ice_restart());
352}
353
354TEST_P(JsepTransport2WithRtcpMux, GetStats) {
355 bool rtcp_mux_enabled = GetParam();
356 CreateJsepTransport2(rtcp_mux_enabled, SrtpMode::kDtlsSrtp);
357
358 size_t expected_stats_size = rtcp_mux_enabled ? 1u : 2u;
359 TransportStats stats;
360 EXPECT_TRUE(jsep_transport_->GetStats(&stats));
361 EXPECT_EQ(expected_stats_size, stats.channel_stats.size());
362 EXPECT_EQ(ICE_CANDIDATE_COMPONENT_RTP, stats.channel_stats[0].component);
363 if (!rtcp_mux_enabled) {
364 EXPECT_EQ(ICE_CANDIDATE_COMPONENT_RTCP, stats.channel_stats[1].component);
365 }
366}
367
368// Tests that VerifyCertificateFingerprint only returns true when the
369// certificate matches the fingerprint.
370TEST_P(JsepTransport2WithRtcpMux, VerifyCertificateFingerprint) {
371 bool rtcp_mux_enabled = GetParam();
372 CreateJsepTransport2(rtcp_mux_enabled, SrtpMode::kDtlsSrtp);
373
374 EXPECT_FALSE(
375 jsep_transport_->VerifyCertificateFingerprint(nullptr, nullptr).ok());
376 rtc::KeyType key_types[] = {rtc::KT_RSA, rtc::KT_ECDSA};
377
378 for (auto& key_type : key_types) {
379 rtc::scoped_refptr<rtc::RTCCertificate> certificate =
380 rtc::RTCCertificate::Create(std::unique_ptr<rtc::SSLIdentity>(
381 rtc::SSLIdentity::Generate("testing", key_type)));
382 ASSERT_NE(nullptr, certificate);
383
384 std::string digest_algorithm;
385 ASSERT_TRUE(certificate->ssl_certificate().GetSignatureDigestAlgorithm(
386 &digest_algorithm));
387 ASSERT_FALSE(digest_algorithm.empty());
388 std::unique_ptr<rtc::SSLFingerprint> good_fingerprint(
389 rtc::SSLFingerprint::Create(digest_algorithm, certificate->identity()));
390 ASSERT_NE(nullptr, good_fingerprint);
391
392 EXPECT_TRUE(jsep_transport_
393 ->VerifyCertificateFingerprint(certificate.get(),
394 good_fingerprint.get())
395 .ok());
396 EXPECT_FALSE(jsep_transport_
397 ->VerifyCertificateFingerprint(certificate.get(), nullptr)
398 .ok());
399 EXPECT_FALSE(
400 jsep_transport_
401 ->VerifyCertificateFingerprint(nullptr, good_fingerprint.get())
402 .ok());
403
404 rtc::SSLFingerprint bad_fingerprint = *good_fingerprint;
405 bad_fingerprint.digest.AppendData("0", 1);
406 EXPECT_FALSE(
407 jsep_transport_
408 ->VerifyCertificateFingerprint(certificate.get(), &bad_fingerprint)
409 .ok());
410 }
411}
412
413// Tests the logic of DTLS role negotiation for an initial offer/answer.
414TEST_P(JsepTransport2WithRtcpMux, ValidDtlsRoleNegotiation) {
415 bool rtcp_mux_enabled = GetParam();
416 // Just use the same certificate for both sides; doesn't really matter in a
417 // non end-to-end test.
418 rtc::scoped_refptr<rtc::RTCCertificate> certificate =
419 rtc::RTCCertificate::Create(std::unique_ptr<rtc::SSLIdentity>(
420 rtc::SSLIdentity::Generate("testing", rtc::KT_ECDSA)));
421
422 JsepTransportDescription local_description = MakeJsepTransportDescription(
423 rtcp_mux_enabled, kIceUfrag1, kIcePwd1, certificate);
424 JsepTransportDescription remote_description = MakeJsepTransportDescription(
425 rtcp_mux_enabled, kIceUfrag2, kIcePwd2, certificate);
426
427 // Parameters which set the SSL role to SSL_CLIENT.
428 NegotiateRoleParams valid_client_params[] = {
429 {CONNECTIONROLE_ACTIVE, CONNECTIONROLE_ACTPASS, SdpType::kAnswer,
430 SdpType::kOffer},
431 {CONNECTIONROLE_ACTIVE, CONNECTIONROLE_ACTPASS, SdpType::kPrAnswer,
432 SdpType::kOffer},
433 {CONNECTIONROLE_ACTPASS, CONNECTIONROLE_PASSIVE, SdpType::kOffer,
434 SdpType::kAnswer},
435 {CONNECTIONROLE_ACTPASS, CONNECTIONROLE_PASSIVE, SdpType::kOffer,
436 SdpType::kPrAnswer}};
437
438 for (auto& param : valid_client_params) {
439 CreateJsepTransport2(rtcp_mux_enabled, SrtpMode::kDtlsSrtp);
440 jsep_transport_->SetLocalCertificate(certificate);
441
442 local_description.transport_desc.connection_role = param.local_role;
443 remote_description.transport_desc.connection_role = param.remote_role;
444
445 // Set the offer first.
446 if (param.local_type == SdpType::kOffer) {
447 EXPECT_TRUE(jsep_transport_
448 ->SetLocalJsepTransportDescription(local_description,
449 param.local_type)
450 .ok());
451 EXPECT_TRUE(jsep_transport_
452 ->SetRemoteJsepTransportDescription(remote_description,
453 param.remote_type)
454 .ok());
455 } else {
456 EXPECT_TRUE(jsep_transport_
457 ->SetRemoteJsepTransportDescription(remote_description,
458 param.remote_type)
459 .ok());
460 EXPECT_TRUE(jsep_transport_
461 ->SetLocalJsepTransportDescription(local_description,
462 param.local_type)
463 .ok());
464 }
465 EXPECT_EQ(rtc::SSL_CLIENT, *jsep_transport_->GetDtlsRole());
466 }
467
468 // Parameters which set the SSL role to SSL_SERVER.
469 NegotiateRoleParams valid_server_params[] = {
470 {CONNECTIONROLE_PASSIVE, CONNECTIONROLE_ACTPASS, SdpType::kAnswer,
471 SdpType::kOffer},
472 {CONNECTIONROLE_PASSIVE, CONNECTIONROLE_ACTPASS, SdpType::kPrAnswer,
473 SdpType::kOffer},
474 {CONNECTIONROLE_ACTPASS, CONNECTIONROLE_ACTIVE, SdpType::kOffer,
475 SdpType::kAnswer},
476 {CONNECTIONROLE_ACTPASS, CONNECTIONROLE_ACTIVE, SdpType::kOffer,
477 SdpType::kPrAnswer}};
478
479 for (auto& param : valid_server_params) {
480 CreateJsepTransport2(rtcp_mux_enabled, SrtpMode::kDtlsSrtp);
481 jsep_transport_->SetLocalCertificate(certificate);
482
483 local_description.transport_desc.connection_role = param.local_role;
484 remote_description.transport_desc.connection_role = param.remote_role;
485
486 // Set the offer first.
487 if (param.local_type == SdpType::kOffer) {
488 EXPECT_TRUE(jsep_transport_
489 ->SetLocalJsepTransportDescription(local_description,
490 param.local_type)
491 .ok());
492 EXPECT_TRUE(jsep_transport_
493 ->SetRemoteJsepTransportDescription(remote_description,
494 param.remote_type)
495 .ok());
496 } else {
497 EXPECT_TRUE(jsep_transport_
498 ->SetRemoteJsepTransportDescription(remote_description,
499 param.remote_type)
500 .ok());
501 EXPECT_TRUE(jsep_transport_
502 ->SetLocalJsepTransportDescription(local_description,
503 param.local_type)
504 .ok());
505 }
506 EXPECT_EQ(rtc::SSL_SERVER, *jsep_transport_->GetDtlsRole());
507 }
508}
509
510// Tests the logic of DTLS role negotiation for an initial offer/answer.
511TEST_P(JsepTransport2WithRtcpMux, InvalidDtlsRoleNegotiation) {
512 bool rtcp_mux_enabled = GetParam();
513 // Just use the same certificate for both sides; doesn't really matter in a
514 // non end-to-end test.
515 rtc::scoped_refptr<rtc::RTCCertificate> certificate =
516 rtc::RTCCertificate::Create(std::unique_ptr<rtc::SSLIdentity>(
517 rtc::SSLIdentity::Generate("testing", rtc::KT_ECDSA)));
518
519 JsepTransportDescription local_description = MakeJsepTransportDescription(
520 rtcp_mux_enabled, kIceUfrag1, kIcePwd1, certificate);
521 JsepTransportDescription remote_description = MakeJsepTransportDescription(
522 rtcp_mux_enabled, kIceUfrag2, kIcePwd2, certificate);
523
524 NegotiateRoleParams duplicate_params[] = {
525 {CONNECTIONROLE_ACTIVE, CONNECTIONROLE_ACTIVE, SdpType::kAnswer,
526 SdpType::kOffer},
527 {CONNECTIONROLE_ACTPASS, CONNECTIONROLE_ACTPASS, SdpType::kAnswer,
528 SdpType::kOffer},
529 {CONNECTIONROLE_PASSIVE, CONNECTIONROLE_PASSIVE, SdpType::kAnswer,
530 SdpType::kOffer},
531 {CONNECTIONROLE_ACTIVE, CONNECTIONROLE_ACTIVE, SdpType::kPrAnswer,
532 SdpType::kOffer},
533 {CONNECTIONROLE_ACTPASS, CONNECTIONROLE_ACTPASS, SdpType::kPrAnswer,
534 SdpType::kOffer},
535 {CONNECTIONROLE_PASSIVE, CONNECTIONROLE_PASSIVE, SdpType::kPrAnswer,
536 SdpType::kOffer},
537 {CONNECTIONROLE_ACTIVE, CONNECTIONROLE_ACTIVE, SdpType::kOffer,
538 SdpType::kAnswer},
539 {CONNECTIONROLE_ACTPASS, CONNECTIONROLE_ACTPASS, SdpType::kOffer,
540 SdpType::kAnswer},
541 {CONNECTIONROLE_PASSIVE, CONNECTIONROLE_PASSIVE, SdpType::kOffer,
542 SdpType::kAnswer},
543 {CONNECTIONROLE_ACTIVE, CONNECTIONROLE_ACTIVE, SdpType::kOffer,
544 SdpType::kPrAnswer},
545 {CONNECTIONROLE_ACTPASS, CONNECTIONROLE_ACTPASS, SdpType::kOffer,
546 SdpType::kPrAnswer},
547 {CONNECTIONROLE_PASSIVE, CONNECTIONROLE_PASSIVE, SdpType::kOffer,
548 SdpType::kPrAnswer}};
549
550 for (auto& param : duplicate_params) {
551 CreateJsepTransport2(rtcp_mux_enabled, SrtpMode::kDtlsSrtp);
552 jsep_transport_->SetLocalCertificate(certificate);
553
554 local_description.transport_desc.connection_role = param.local_role;
555 remote_description.transport_desc.connection_role = param.remote_role;
556
557 if (param.local_type == SdpType::kOffer) {
558 EXPECT_TRUE(jsep_transport_
559 ->SetLocalJsepTransportDescription(local_description,
560 param.local_type)
561 .ok());
562 EXPECT_FALSE(jsep_transport_
563 ->SetRemoteJsepTransportDescription(remote_description,
564 param.remote_type)
565 .ok());
566 } else {
567 EXPECT_TRUE(jsep_transport_
568 ->SetRemoteJsepTransportDescription(remote_description,
569 param.remote_type)
570 .ok());
571 EXPECT_FALSE(jsep_transport_
572 ->SetLocalJsepTransportDescription(local_description,
573 param.local_type)
574 .ok());
575 }
576 }
577
578 // Invalid parameters due to the offerer not using ACTPASS.
579 NegotiateRoleParams offerer_without_actpass_params[] = {
580 {CONNECTIONROLE_ACTIVE, CONNECTIONROLE_PASSIVE, SdpType::kAnswer,
581 SdpType::kOffer},
582 {CONNECTIONROLE_PASSIVE, CONNECTIONROLE_ACTIVE, SdpType::kAnswer,
583 SdpType::kOffer},
584 {CONNECTIONROLE_ACTPASS, CONNECTIONROLE_PASSIVE, SdpType::kAnswer,
585 SdpType::kOffer},
586 {CONNECTIONROLE_ACTIVE, CONNECTIONROLE_PASSIVE, SdpType::kPrAnswer,
587 SdpType::kOffer},
588 {CONNECTIONROLE_PASSIVE, CONNECTIONROLE_ACTIVE, SdpType::kPrAnswer,
589 SdpType::kOffer},
590 {CONNECTIONROLE_ACTPASS, CONNECTIONROLE_PASSIVE, SdpType::kPrAnswer,
591 SdpType::kOffer},
592 {CONNECTIONROLE_ACTIVE, CONNECTIONROLE_PASSIVE, SdpType::kOffer,
593 SdpType::kAnswer},
594 {CONNECTIONROLE_PASSIVE, CONNECTIONROLE_ACTIVE, SdpType::kOffer,
595 SdpType::kAnswer},
596 {CONNECTIONROLE_PASSIVE, CONNECTIONROLE_ACTPASS, SdpType::kOffer,
597 SdpType::kAnswer},
598 {CONNECTIONROLE_ACTIVE, CONNECTIONROLE_PASSIVE, SdpType::kOffer,
599 SdpType::kPrAnswer},
600 {CONNECTIONROLE_PASSIVE, CONNECTIONROLE_ACTIVE, SdpType::kOffer,
601 SdpType::kPrAnswer},
602 {CONNECTIONROLE_PASSIVE, CONNECTIONROLE_ACTPASS, SdpType::kOffer,
603 SdpType::kPrAnswer}};
604
605 for (auto& param : offerer_without_actpass_params) {
606 CreateJsepTransport2(rtcp_mux_enabled, SrtpMode::kDtlsSrtp);
607 jsep_transport_->SetLocalCertificate(certificate);
608
609 local_description.transport_desc.connection_role = param.local_role;
610 remote_description.transport_desc.connection_role = param.remote_role;
611
612 if (param.local_type == SdpType::kOffer) {
613 EXPECT_TRUE(jsep_transport_
614 ->SetLocalJsepTransportDescription(local_description,
615 param.local_type)
616 .ok());
617 EXPECT_FALSE(jsep_transport_
618 ->SetRemoteJsepTransportDescription(remote_description,
619 param.remote_type)
620 .ok());
621 } else {
622 EXPECT_TRUE(jsep_transport_
623 ->SetRemoteJsepTransportDescription(remote_description,
624 param.remote_type)
625 .ok());
626 EXPECT_FALSE(jsep_transport_
627 ->SetLocalJsepTransportDescription(local_description,
628 param.local_type)
629 .ok());
630 }
631 }
632}
633
634INSTANTIATE_TEST_CASE_P(JsepTransport2Test,
635 JsepTransport2WithRtcpMux,
636 testing::Bool());
637
638// Test that a reoffer in the opposite direction is successful as long as the
639// role isn't changing. Doesn't test every possible combination like the test
640// above.
641TEST_F(JsepTransport2Test, ValidDtlsReofferFromAnswerer) {
642 // Just use the same certificate for both sides; doesn't really matter in a
643 // non end-to-end test.
644 rtc::scoped_refptr<rtc::RTCCertificate> certificate =
645 rtc::RTCCertificate::Create(std::unique_ptr<rtc::SSLIdentity>(
646 rtc::SSLIdentity::Generate("testing", rtc::KT_ECDSA)));
647 bool rtcp_mux_enabled = true;
648 CreateJsepTransport2(rtcp_mux_enabled, SrtpMode::kDtlsSrtp);
649 jsep_transport_->SetLocalCertificate(certificate);
650
651 JsepTransportDescription local_offer =
652 MakeJsepTransportDescription(rtcp_mux_enabled, kIceUfrag1, kIcePwd1,
653 certificate, CONNECTIONROLE_ACTPASS);
654 JsepTransportDescription remote_answer =
655 MakeJsepTransportDescription(rtcp_mux_enabled, kIceUfrag2, kIcePwd2,
656 certificate, CONNECTIONROLE_ACTIVE);
657
658 EXPECT_TRUE(
659 jsep_transport_
660 ->SetLocalJsepTransportDescription(local_offer, SdpType::kOffer)
661 .ok());
662 EXPECT_TRUE(
663 jsep_transport_
664 ->SetRemoteJsepTransportDescription(remote_answer, SdpType::kAnswer)
665 .ok());
666
667 // We were actpass->active previously, now in the other direction it's
668 // actpass->passive.
669 JsepTransportDescription remote_offer =
670 MakeJsepTransportDescription(rtcp_mux_enabled, kIceUfrag2, kIcePwd2,
671 certificate, CONNECTIONROLE_ACTPASS);
672 JsepTransportDescription local_answer =
673 MakeJsepTransportDescription(rtcp_mux_enabled, kIceUfrag1, kIcePwd1,
674 certificate, CONNECTIONROLE_PASSIVE);
675
676 EXPECT_TRUE(
677 jsep_transport_
678 ->SetRemoteJsepTransportDescription(remote_offer, SdpType::kOffer)
679 .ok());
680 EXPECT_TRUE(
681 jsep_transport_
682 ->SetLocalJsepTransportDescription(local_answer, SdpType::kAnswer)
683 .ok());
684}
685
686// Test that a reoffer in the opposite direction fails if the role changes.
687// Inverse of test above.
688TEST_F(JsepTransport2Test, InvalidDtlsReofferFromAnswerer) {
689 // Just use the same certificate for both sides; doesn't really matter in a
690 // non end-to-end test.
691 rtc::scoped_refptr<rtc::RTCCertificate> certificate =
692 rtc::RTCCertificate::Create(std::unique_ptr<rtc::SSLIdentity>(
693 rtc::SSLIdentity::Generate("testing", rtc::KT_ECDSA)));
694 bool rtcp_mux_enabled = true;
695 CreateJsepTransport2(rtcp_mux_enabled, SrtpMode::kDtlsSrtp);
696 jsep_transport_->SetLocalCertificate(certificate);
697
698 JsepTransportDescription local_offer =
699 MakeJsepTransportDescription(rtcp_mux_enabled, kIceUfrag1, kIcePwd1,
700 certificate, CONNECTIONROLE_ACTPASS);
701 JsepTransportDescription remote_answer =
702 MakeJsepTransportDescription(rtcp_mux_enabled, kIceUfrag2, kIcePwd2,
703 certificate, CONNECTIONROLE_ACTIVE);
704
705 EXPECT_TRUE(
706 jsep_transport_
707 ->SetLocalJsepTransportDescription(local_offer, SdpType::kOffer)
708 .ok());
709 EXPECT_TRUE(
710 jsep_transport_
711 ->SetRemoteJsepTransportDescription(remote_answer, SdpType::kAnswer)
712 .ok());
713
714 // Changing role to passive here isn't allowed. Though for some reason this
715 // only fails in SetLocalTransportDescription.
716 JsepTransportDescription remote_offer =
717 MakeJsepTransportDescription(rtcp_mux_enabled, kIceUfrag2, kIcePwd2,
718 certificate, CONNECTIONROLE_PASSIVE);
719 JsepTransportDescription local_answer =
720 MakeJsepTransportDescription(rtcp_mux_enabled, kIceUfrag1, kIcePwd1,
721 certificate, CONNECTIONROLE_ACTIVE);
722
723 EXPECT_TRUE(
724 jsep_transport_
725 ->SetRemoteJsepTransportDescription(remote_offer, SdpType::kOffer)
726 .ok());
727 EXPECT_FALSE(
728 jsep_transport_
729 ->SetLocalJsepTransportDescription(local_answer, SdpType::kAnswer)
730 .ok());
731}
732
733// Test that a remote offer with the current negotiated role can be accepted.
734// This is allowed by dtls-sdp, though we'll never generate such an offer,
735// since JSEP requires generating "actpass".
736TEST_F(JsepTransport2Test, RemoteOfferWithCurrentNegotiatedDtlsRole) {
737 rtc::scoped_refptr<rtc::RTCCertificate> certificate =
738 rtc::RTCCertificate::Create(std::unique_ptr<rtc::SSLIdentity>(
739 rtc::SSLIdentity::Generate("testing", rtc::KT_ECDSA)));
740 bool rtcp_mux_enabled = true;
741 CreateJsepTransport2(rtcp_mux_enabled, SrtpMode::kDtlsSrtp);
742 jsep_transport_->SetLocalCertificate(certificate);
743
744 JsepTransportDescription remote_desc =
745 MakeJsepTransportDescription(rtcp_mux_enabled, kIceUfrag1, kIcePwd1,
746 certificate, CONNECTIONROLE_ACTPASS);
747 JsepTransportDescription local_desc =
748 MakeJsepTransportDescription(rtcp_mux_enabled, kIceUfrag2, kIcePwd2,
749 certificate, CONNECTIONROLE_ACTIVE);
750
751 // Normal initial offer/answer with "actpass" in the offer and "active" in
752 // the answer.
753 ASSERT_TRUE(
754 jsep_transport_
755 ->SetRemoteJsepTransportDescription(remote_desc, SdpType::kOffer)
756 .ok());
757 ASSERT_TRUE(
758 jsep_transport_
759 ->SetLocalJsepTransportDescription(local_desc, SdpType::kAnswer)
760 .ok());
761
762 // Sanity check that role was actually negotiated.
763 rtc::Optional<rtc::SSLRole> role = jsep_transport_->GetDtlsRole();
764 ASSERT_TRUE(role);
765 EXPECT_EQ(rtc::SSL_CLIENT, *role);
766
767 // Subsequent offer with current negotiated role of "passive".
768 remote_desc.transport_desc.connection_role = CONNECTIONROLE_PASSIVE;
769 EXPECT_TRUE(
770 jsep_transport_
771 ->SetRemoteJsepTransportDescription(remote_desc, SdpType::kOffer)
772 .ok());
773 EXPECT_TRUE(
774 jsep_transport_
775 ->SetLocalJsepTransportDescription(local_desc, SdpType::kAnswer)
776 .ok());
777}
778
779// Test that a remote offer with the inverse of the current negotiated DTLS
780// role is rejected.
781TEST_F(JsepTransport2Test, RemoteOfferThatChangesNegotiatedDtlsRole) {
782 rtc::scoped_refptr<rtc::RTCCertificate> certificate =
783 rtc::RTCCertificate::Create(std::unique_ptr<rtc::SSLIdentity>(
784 rtc::SSLIdentity::Generate("testing", rtc::KT_ECDSA)));
785 bool rtcp_mux_enabled = true;
786 CreateJsepTransport2(rtcp_mux_enabled, SrtpMode::kDtlsSrtp);
787 jsep_transport_->SetLocalCertificate(certificate);
788
789 JsepTransportDescription remote_desc =
790 MakeJsepTransportDescription(rtcp_mux_enabled, kIceUfrag1, kIcePwd1,
791 certificate, CONNECTIONROLE_ACTPASS);
792 JsepTransportDescription local_desc =
793 MakeJsepTransportDescription(rtcp_mux_enabled, kIceUfrag2, kIcePwd2,
794 certificate, CONNECTIONROLE_ACTIVE);
795
796 // Normal initial offer/answer with "actpass" in the offer and "active" in
797 // the answer.
798 ASSERT_TRUE(
799 jsep_transport_
800 ->SetRemoteJsepTransportDescription(remote_desc, SdpType::kOffer)
801 .ok());
802 ASSERT_TRUE(
803 jsep_transport_
804 ->SetLocalJsepTransportDescription(local_desc, SdpType::kAnswer)
805 .ok());
806
807 // Sanity check that role was actually negotiated.
808 rtc::Optional<rtc::SSLRole> role = jsep_transport_->GetDtlsRole();
809 ASSERT_TRUE(role);
810 EXPECT_EQ(rtc::SSL_CLIENT, *role);
811
812 // Subsequent offer with current negotiated role of "passive".
813 remote_desc.transport_desc.connection_role = CONNECTIONROLE_ACTIVE;
814 EXPECT_TRUE(
815 jsep_transport_
816 ->SetRemoteJsepTransportDescription(remote_desc, SdpType::kOffer)
817 .ok());
818 EXPECT_FALSE(
819 jsep_transport_
820 ->SetLocalJsepTransportDescription(local_desc, SdpType::kAnswer)
821 .ok());
822}
823
824// Testing that a legacy client that doesn't use the setup attribute will be
825// interpreted as having an active role.
826TEST_F(JsepTransport2Test, DtlsSetupWithLegacyAsAnswerer) {
827 rtc::scoped_refptr<rtc::RTCCertificate> certificate =
828 rtc::RTCCertificate::Create(std::unique_ptr<rtc::SSLIdentity>(
829 rtc::SSLIdentity::Generate("testing", rtc::KT_ECDSA)));
830 bool rtcp_mux_enabled = true;
831 CreateJsepTransport2(rtcp_mux_enabled, SrtpMode::kDtlsSrtp);
832 jsep_transport_->SetLocalCertificate(certificate);
833
834 JsepTransportDescription remote_desc =
835 MakeJsepTransportDescription(rtcp_mux_enabled, kIceUfrag1, kIcePwd1,
836 certificate, CONNECTIONROLE_ACTPASS);
837 JsepTransportDescription local_desc =
838 MakeJsepTransportDescription(rtcp_mux_enabled, kIceUfrag2, kIcePwd2,
839 certificate, CONNECTIONROLE_ACTIVE);
840
841 local_desc.transport_desc.connection_role = CONNECTIONROLE_ACTPASS;
842 ASSERT_TRUE(
843 jsep_transport_
844 ->SetLocalJsepTransportDescription(local_desc, SdpType::kOffer)
845 .ok());
846 // Use CONNECTIONROLE_NONE to simulate legacy endpoint.
847 remote_desc.transport_desc.connection_role = CONNECTIONROLE_NONE;
848 ASSERT_TRUE(
849 jsep_transport_
850 ->SetRemoteJsepTransportDescription(remote_desc, SdpType::kAnswer)
851 .ok());
852
853 rtc::Optional<rtc::SSLRole> role = jsep_transport_->GetDtlsRole();
854 ASSERT_TRUE(role);
855 // Since legacy answer ommitted setup atribute, and we offered actpass, we
856 // should act as passive (server).
857 EXPECT_EQ(rtc::SSL_SERVER, *role);
858}
859
860// Tests that when the RTCP mux is successfully negotiated, the RTCP transport
861// will be destroyed and the SignalRtpMuxActive will be fired.
862TEST_F(JsepTransport2Test, RtcpMuxNegotiation) {
863 CreateJsepTransport2(/*rtcp_mux_enabled=*/false, SrtpMode::kDtlsSrtp);
864 JsepTransportDescription local_desc;
865 local_desc.rtcp_mux_enabled = true;
866 EXPECT_NE(nullptr, jsep_transport_->rtcp_dtls_transport());
867 EXPECT_FALSE(signal_rtcp_mux_active_received_);
868
869 // The remote side supports RTCP-mux.
870 JsepTransportDescription remote_desc;
871 remote_desc.rtcp_mux_enabled = true;
872 ASSERT_TRUE(
873 jsep_transport_
874 ->SetLocalJsepTransportDescription(local_desc, SdpType::kOffer)
875 .ok());
876 ASSERT_TRUE(
877 jsep_transport_
878 ->SetRemoteJsepTransportDescription(remote_desc, SdpType::kAnswer)
879 .ok());
880
881 EXPECT_EQ(nullptr, jsep_transport_->rtcp_dtls_transport());
882 EXPECT_TRUE(signal_rtcp_mux_active_received_);
883
884 // The remote side doesn't support RTCP-mux.
885 CreateJsepTransport2(/*rtcp_mux_enabled=*/false, SrtpMode::kDtlsSrtp);
886 signal_rtcp_mux_active_received_ = false;
887 remote_desc.rtcp_mux_enabled = false;
888 ASSERT_TRUE(
889 jsep_transport_
890 ->SetLocalJsepTransportDescription(local_desc, SdpType::kOffer)
891 .ok());
892 ASSERT_TRUE(
893 jsep_transport_
894 ->SetRemoteJsepTransportDescription(remote_desc, SdpType::kAnswer)
895 .ok());
896
897 EXPECT_NE(nullptr, jsep_transport_->rtcp_dtls_transport());
898 EXPECT_FALSE(signal_rtcp_mux_active_received_);
899}
900
901TEST_F(JsepTransport2Test, SdesNegotiation) {
902 CreateJsepTransport2(/*rtcp_mux_enabled=*/true, SrtpMode::kSdes);
903 ASSERT_TRUE(sdes_transport_);
904 EXPECT_FALSE(sdes_transport_->IsActive());
905
906 JsepTransportDescription offer_desc;
907 offer_desc.cryptos.push_back(cricket::CryptoParams(
908 1, rtc::CS_AES_CM_128_HMAC_SHA1_32,
909 "inline:" + rtc::CreateRandomString(40), std::string()));
910 ASSERT_TRUE(
911 jsep_transport_
912 ->SetLocalJsepTransportDescription(offer_desc, SdpType::kOffer)
913 .ok());
914
915 JsepTransportDescription answer_desc;
916 answer_desc.cryptos.push_back(cricket::CryptoParams(
917 1, rtc::CS_AES_CM_128_HMAC_SHA1_32,
918 "inline:" + rtc::CreateRandomString(40), std::string()));
919 ASSERT_TRUE(
920 jsep_transport_
921 ->SetRemoteJsepTransportDescription(answer_desc, SdpType::kAnswer)
922 .ok());
923 EXPECT_TRUE(sdes_transport_->IsActive());
924}
925
926TEST_F(JsepTransport2Test, SdesNegotiationWithEmptyCryptosInAnswer) {
927 CreateJsepTransport2(/*rtcp_mux_enabled=*/true, SrtpMode::kSdes);
928 ASSERT_TRUE(sdes_transport_);
929 EXPECT_FALSE(sdes_transport_->IsActive());
930
931 JsepTransportDescription offer_desc;
932 offer_desc.cryptos.push_back(cricket::CryptoParams(
933 1, rtc::CS_AES_CM_128_HMAC_SHA1_32,
934 "inline:" + rtc::CreateRandomString(40), std::string()));
935 ASSERT_TRUE(
936 jsep_transport_
937 ->SetLocalJsepTransportDescription(offer_desc, SdpType::kOffer)
938 .ok());
939
940 JsepTransportDescription answer_desc;
941 ASSERT_TRUE(
942 jsep_transport_
943 ->SetRemoteJsepTransportDescription(answer_desc, SdpType::kAnswer)
944 .ok());
945 // SRTP is not active because the crypto parameter is answer is empty.
946 EXPECT_FALSE(sdes_transport_->IsActive());
947}
948
949TEST_F(JsepTransport2Test, SdesNegotiationWithMismatchedCryptos) {
950 CreateJsepTransport2(/*rtcp_mux_enabled=*/true, SrtpMode::kSdes);
951 ASSERT_TRUE(sdes_transport_);
952 EXPECT_FALSE(sdes_transport_->IsActive());
953
954 JsepTransportDescription offer_desc;
955 offer_desc.cryptos.push_back(cricket::CryptoParams(
956 1, rtc::CS_AES_CM_128_HMAC_SHA1_32,
957 "inline:" + rtc::CreateRandomString(40), std::string()));
958 ASSERT_TRUE(
959 jsep_transport_
960 ->SetLocalJsepTransportDescription(offer_desc, SdpType::kOffer)
961 .ok());
962
963 JsepTransportDescription answer_desc;
964 answer_desc.cryptos.push_back(cricket::CryptoParams(
965 1, rtc::CS_AES_CM_128_HMAC_SHA1_80,
966 "inline:" + rtc::CreateRandomString(40), std::string()));
967 // Expected to fail because the crypto parameters don't match.
968 ASSERT_FALSE(
969 jsep_transport_
970 ->SetRemoteJsepTransportDescription(answer_desc, SdpType::kAnswer)
971 .ok());
972}
973
974// Tests that the remote candidates can be added to the transports after both
975// local and remote descriptions are set.
976TEST_F(JsepTransport2Test, AddRemoteCandidates) {
977 CreateJsepTransport2(/*rtcp_mux_enabled=*/true, SrtpMode::kDtlsSrtp);
978 auto fake_ice_transport = static_cast<FakeIceTransport*>(
979 jsep_transport_->rtp_dtls_transport()->ice_transport());
980
981 Candidates candidates;
982 candidates.push_back(CreateCandidate(/*COMPONENT_RTP*/ 1));
983 candidates.push_back(CreateCandidate(/*COMPONENT_RTP*/ 1));
984
985 JsepTransportDescription desc;
986 ASSERT_TRUE(
987 jsep_transport_->SetLocalJsepTransportDescription(desc, SdpType::kOffer)
988 .ok());
989 // Expected to fail because the remote description is unset.
990 EXPECT_FALSE(jsep_transport_->AddRemoteCandidates(candidates).ok());
991
992 ASSERT_TRUE(
993 jsep_transport_->SetRemoteJsepTransportDescription(desc, SdpType::kAnswer)
994 .ok());
995 EXPECT_EQ(0u, fake_ice_transport->remote_candidates().size());
996 EXPECT_TRUE(jsep_transport_->AddRemoteCandidates(candidates).ok());
997 EXPECT_EQ(candidates.size(), fake_ice_transport->remote_candidates().size());
998}
999
1000} // namespace cricket