Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(357)

Issues Search
    My Issues | Starred     Open | Closed | All

Side by Side Diff: net/quic/crypto/crypto_server_test.cc

Issue 1404053002: relnote: Disables strike register lookups when talking QUIC_VERSION_27 (Closed) Base URL: https://chromium.googlesource.com/chromium/src.git@Remove_unused_supported_versions_103964623
Patch Set: Use a smaller cert and delete the TODO Created 5 years, 2 months ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View unified diff | Download patch
« no previous file with comments | « no previous file | net/quic/crypto/quic_crypto_server_config.cc » ('j') | no next file with comments »
Toggle Intra-line Diffs ('i') | Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
OLDNEW
1 // Copyright (c) 2013 The Chromium Authors. All rights reserved. 1 // Copyright (c) 2013 The Chromium Authors. All rights reserved.
2 // Use of this source code is governed by a BSD-style license that can be 2 // Use of this source code is governed by a BSD-style license that can be
3 // found in the LICENSE file. 3 // found in the LICENSE file.
4 4
5 #include <ostream> 5 #include <ostream>
6 #include <vector> 6 #include <vector>
7 7
8 #include "base/basictypes.h" 8 #include "base/basictypes.h"
9 #include "base/strings/string_number_conversions.h" 9 #include "base/strings/string_number_conversions.h"
10 #include "crypto/secure_hash.h" 10 #include "crypto/secure_hash.h"
(...skipping 382 matching lines...) Expand 10 before | Expand all | Expand 10 after
393 "$padding", static_cast<int>(kClientHelloMinimumSize), 393 "$padding", static_cast<int>(kClientHelloMinimumSize),
394 nullptr); 394 nullptr);
395 // clang-format on 395 // clang-format on
396 ShouldFailMentioning("SNI", msg); 396 ShouldFailMentioning("SNI", msg);
397 const HandshakeFailureReason kRejectReasons[] = { 397 const HandshakeFailureReason kRejectReasons[] = {
398 SERVER_CONFIG_INCHOATE_HELLO_FAILURE}; 398 SERVER_CONFIG_INCHOATE_HELLO_FAILURE};
399 CheckRejectReasons(kRejectReasons, arraysize(kRejectReasons)); 399 CheckRejectReasons(kRejectReasons, arraysize(kRejectReasons));
400 } 400 }
401 } 401 }
402 402
403 // TODO(rtenneti): Enable the DefaultCert test after implementing ProofSource.
404 // See http://crbug.com/514472.
405 TEST_P(CryptoServerTest, DefaultCert) { 403 TEST_P(CryptoServerTest, DefaultCert) {
406 // Check that the server replies with a default certificate when no SNI is 404 // Check that the server replies with a default certificate when no SNI is
407 // specified. 405 // specified. The CHLO is constructed to generate a REJ with certs, so must
406 // not contain a valid STK, and must include PDMD.
408 // clang-format off 407 // clang-format off
409 CryptoHandshakeMessage msg = CryptoTestUtils::Message( 408 CryptoHandshakeMessage msg = CryptoTestUtils::Message(
410 "CHLO", 409 "CHLO",
411 "AEAD", "AESG", 410 "AEAD", "AESG",
412 "KEXS", "C255", 411 "KEXS", "C255",
413 "SCID", scid_hex_.c_str(),
414 "#004b5453", srct_hex_.c_str(),
415 "PUBS", pub_hex_.c_str(), 412 "PUBS", pub_hex_.c_str(),
416 "NONC", nonce_hex_.c_str(), 413 "NONC", nonce_hex_.c_str(),
417 "PDMD", "X509", 414 "PDMD", "X509",
418 "XLCT", XlctHexString().c_str(),
419 "VER\0", client_version_string_.c_str(), 415 "VER\0", client_version_string_.c_str(),
420 "$padding", static_cast<int>(kClientHelloMinimumSize), 416 "$padding", static_cast<int>(kClientHelloMinimumSize),
421 nullptr); 417 nullptr);
422 // clang-format on 418 // clang-format on
423 419
424 ShouldSucceed(msg); 420 ShouldSucceed(msg);
425 StringPiece cert, proof; 421 StringPiece cert, proof;
426 EXPECT_TRUE(out_.GetStringPiece(kCertificateTag, &cert)); 422 EXPECT_TRUE(out_.GetStringPiece(kCertificateTag, &cert));
427 EXPECT_TRUE(out_.GetStringPiece(kPROF, &proof)); 423 EXPECT_TRUE(out_.GetStringPiece(kPROF, &proof));
428 EXPECT_NE(0u, cert.size()); 424 EXPECT_NE(0u, cert.size());
429 EXPECT_NE(0u, proof.size()); 425 EXPECT_NE(0u, proof.size());
430 const HandshakeFailureReason kRejectReasons[] = { 426 if (client_version_ <= QUIC_VERSION_26) {
431 CLIENT_NONCE_INVALID_TIME_FAILURE}; 427 const HandshakeFailureReason kRejectReasons[] = {
432 CheckRejectReasons(kRejectReasons, arraysize(kRejectReasons)); 428 CLIENT_NONCE_INVALID_TIME_FAILURE};
429 CheckRejectReasons(kRejectReasons, arraysize(kRejectReasons));
430 } else {
431 const HandshakeFailureReason kRejectReasons[] = {
432 SERVER_CONFIG_INCHOATE_HELLO_FAILURE};
433 CheckRejectReasons(kRejectReasons, arraysize(kRejectReasons));
434 }
433 } 435 }
434 436
435 TEST_P(CryptoServerTest, TooSmall) { 437 TEST_P(CryptoServerTest, TooSmall) {
436 // clang-format off 438 // clang-format off
437 ShouldFailMentioning("too small", CryptoTestUtils::Message( 439 ShouldFailMentioning("too small", CryptoTestUtils::Message(
438 "CHLO", 440 "CHLO",
439 "VER\0", client_version_string_.c_str(), 441 "VER\0", client_version_string_.c_str(),
440 nullptr)); 442 nullptr));
441 // clang-format on 443 // clang-format on
442 const HandshakeFailureReason kRejectReasons[] = { 444 const HandshakeFailureReason kRejectReasons[] = {
(...skipping 156 matching lines...) Expand 10 before | Expand all | Expand 10 after
599 "PUBS", pub_hex_.c_str(), 601 "PUBS", pub_hex_.c_str(),
600 "NONC", (string(1, 'X') + nonce_hex_).c_str(), 602 "NONC", (string(1, 'X') + nonce_hex_).c_str(),
601 "SNO\0", (string(1, 'X') + nonce_hex_).c_str(), 603 "SNO\0", (string(1, 'X') + nonce_hex_).c_str(),
602 "XLCT", XlctHexString().c_str(), 604 "XLCT", XlctHexString().c_str(),
603 "VER\0", client_version_string_.c_str(), 605 "VER\0", client_version_string_.c_str(),
604 "$padding", static_cast<int>(kClientHelloMinimumSize), 606 "$padding", static_cast<int>(kClientHelloMinimumSize),
605 nullptr); 607 nullptr);
606 // clang-format on 608 // clang-format on
607 ShouldSucceed(msg); 609 ShouldSucceed(msg);
608 CheckRejectTag(); 610 CheckRejectTag();
609 const HandshakeFailureReason kRejectReasons[] = { 611
610 SOURCE_ADDRESS_TOKEN_DECRYPTION_FAILURE, CLIENT_NONCE_INVALID_FAILURE, 612 if (client_version_ <= QUIC_VERSION_26) {
611 SERVER_NONCE_DECRYPTION_FAILURE, 613 const HandshakeFailureReason kRejectReasons[] = {
614 SOURCE_ADDRESS_TOKEN_DECRYPTION_FAILURE, CLIENT_NONCE_INVALID_FAILURE,
615 SERVER_NONCE_DECRYPTION_FAILURE};
616 CheckRejectReasons(kRejectReasons, arraysize(kRejectReasons));
617 } else {
618 const HandshakeFailureReason kRejectReasons[] = {
619 SOURCE_ADDRESS_TOKEN_DECRYPTION_FAILURE, CLIENT_NONCE_INVALID_FAILURE};
620 CheckRejectReasons(kRejectReasons, arraysize(kRejectReasons));
612 }; 621 };
613 CheckRejectReasons(kRejectReasons, arraysize(kRejectReasons));
614 } 622 }
615 623
616 TEST_P(CryptoServerTest, ReplayProtection) { 624 TEST_P(CryptoServerTest, ReplayProtection) {
625 if (client_version_ > QUIC_VERSION_26) {
626 return;
627 }
617 // This tests that disabling replay protection works. 628 // This tests that disabling replay protection works.
618 // clang-format off 629 // clang-format off
619 CryptoHandshakeMessage msg = CryptoTestUtils::Message( 630 CryptoHandshakeMessage msg = CryptoTestUtils::Message(
620 "CHLO", 631 "CHLO",
621 "AEAD", "AESG", 632 "AEAD", "AESG",
622 "KEXS", "C255", 633 "KEXS", "C255",
623 "SCID", scid_hex_.c_str(), 634 "SCID", scid_hex_.c_str(),
624 "#004b5453", srct_hex_.c_str(), 635 "#004b5453", srct_hex_.c_str(),
625 "PUBS", pub_hex_.c_str(), 636 "PUBS", pub_hex_.c_str(),
626 "NONC", nonce_hex_.c_str(), 637 "NONC", nonce_hex_.c_str(),
(...skipping 329 matching lines...) Expand 10 before | Expand all | Expand 10 after
956 967
957 strike_register_client_->RunPendingVerifications(); 968 strike_register_client_->RunPendingVerifications();
958 ASSERT_TRUE(called); 969 ASSERT_TRUE(called);
959 EXPECT_EQ(0, strike_register_client_->PendingVerifications()); 970 EXPECT_EQ(0, strike_register_client_->PendingVerifications());
960 // The message should be rejected now. 971 // The message should be rejected now.
961 CheckRejectTag(); 972 CheckRejectTag();
962 } 973 }
963 974
964 } // namespace test 975 } // namespace test
965 } // namespace net 976 } // namespace net
OLDNEW
« no previous file with comments | « no previous file | net/quic/crypto/quic_crypto_server_config.cc » ('j') | no next file with comments »

Powered by Google App Engine
This is Rietveld 408576698