Add QUIC 31 in which the server's proof covers both the static server config as well as a hash of t…

net/quic/crypto/crypto_server_test.cc

 // Copyright (c) 2013 The Chromium Authors. All rights reserved.
 // Use of this source code is governed by a BSD-style license that can be
 // found in the LICENSE file.
 
 #include <ostream>
 #include <vector>
 
 #include "base/strings/string_number_conversions.h"
 #include "crypto/secure_hash.h"
 #include "net/quic/crypto/cert_compressor.h"
@@ skipping 181 matching lines @@
     ASSERT_TRUE(out_.GetStringPiece(kSourceAddressTokenTag, &srct));
     srct_hex_ = "#" + base::HexEncode(srct.data(), srct.size());
 
     StringPiece scfg;
     ASSERT_TRUE(out_.GetStringPiece(kSCFG, &scfg));
     server_config_.reset(CryptoFramer::ParseMessage(scfg));
 
     StringPiece scid;
     ASSERT_TRUE(server_config_->GetStringPiece(kSCID, &scid));
     scid_hex_ = "#" + base::HexEncode(scid.data(), scid.size());
+    crypto_proof_ = QuicCryptoProof();
+    DCHECK(crypto_proof_.chain.get() == nullptr);
   }
 
   // Helper used to accept the result of ValidateClientHello and pass
   // it on to ProcessClientHello.
   class ValidateCallback : public ValidateClientHelloResultCallback {
    public:
     ValidateCallback(CryptoServerTest* test,
                      bool should_succeed,
                      const char* error_substr,
                      bool* called)
@@ skipping 158 matching lines @@
            GetParam().use_stateless_rejects;
   }
 
   string XlctHexString() {
     scoped_refptr<ProofSource::Chain> chain;
     IPAddress server_ip;
     string sig;
     string cert_sct;
     scoped_ptr<ProofSource> proof_source(
         CryptoTestUtils::ProofSourceForTesting());
-    if (!proof_source->GetProof(server_ip, "", "", false, &chain, &sig,
-                                &cert_sct) ||
+    if (!proof_source->GetProof(server_ip, "", "", client_version_, "", false,
+                                &chain, &sig, &cert_sct) ||
         chain->certs.empty()) {
       return "#0100000000000000";
     }
 
     std::ostringstream xlct_stream;
     uint64_t xlct = QuicUtils::FNV1a_64_Hash(chain->certs.at(0).c_str(),
                                              chain->certs.at(0).length());
 
     return "#" + base::HexEncode(reinterpret_cast<char*>(&xlct), sizeof(xlct));
   }
@@ skipping 338 matching lines @@
   // This test corrupts client nonce, server nonce and source address token.
   // clang-format off
   CryptoHandshakeMessage msg = CryptoTestUtils::Message(
       "CHLO",
       "AEAD", "AESG",
       "KEXS", "C255",
       "SCID", scid_hex_.c_str(),
       "#004b5453", (string(1, 'X') + srct_hex_).c_str(),
       "PUBS", pub_hex_.c_str(),
       "NONC", (string(1, 'X') + nonce_hex_).c_str(),
+      "NONP", (string(1, 'X') + nonce_hex_).c_str(),
       "SNO\0", (string(1, 'X') + nonce_hex_).c_str(),
       "XLCT", XlctHexString().c_str(),
       "VER\0", client_version_string_.c_str(),
       "$padding", static_cast<int>(kClientHelloMinimumSize),
       nullptr);
   // clang-format on
   ShouldSucceed(msg);
   CheckRejectTag();
 
-  if (client_version_ <= QUIC_VERSION_30) {
+  if (client_version_ <= QUIC_VERSION_31) {
     const HandshakeFailureReason kRejectReasons[] = {
         SOURCE_ADDRESS_TOKEN_DECRYPTION_FAILURE, CLIENT_NONCE_INVALID_FAILURE,
         SERVER_NONCE_DECRYPTION_FAILURE};
     CheckRejectReasons(kRejectReasons, arraysize(kRejectReasons));
   } else {
     const HandshakeFailureReason kRejectReasons[] = {
         SOURCE_ADDRESS_TOKEN_DECRYPTION_FAILURE, CLIENT_NONCE_INVALID_FAILURE};
     CheckRejectReasons(kRejectReasons, arraysize(kRejectReasons));
   };
 }
@@ skipping 46 matching lines @@
   // the CHLO should be rejected.
   // clang-format off
   CryptoHandshakeMessage msg = CryptoTestUtils::Message(
       "CHLO",
       "AEAD", "AESG",
       "KEXS", "C255",
       "SCID", scid_hex_.c_str(),
       "#004b5453", srct_hex_.c_str(),
       "PUBS", pub_hex_.c_str(),
       "NONC", nonce_hex_.c_str(),
+      "NONP", nonce_hex_.c_str(),
       "XLCT", XlctHexString().c_str(),
       "VER\0", client_version_string_.c_str(),
       "$padding", static_cast<int>(kClientHelloMinimumSize),
       nullptr);
   // clang-format on
 
   ShouldSucceed(msg);
 
   CheckRejectTag();
   const HandshakeFailureReason kRejectReasons[] = {
       SERVER_NONCE_REQUIRED_FAILURE};
   CheckRejectReasons(kRejectReasons, arraysize(kRejectReasons));
 }
 
 TEST_P(CryptoServerTest, ProofForSuppliedServerConfig) {
   client_address_ = IPEndPoint(Loopback6(), 1234);
   // clang-format off
   CryptoHandshakeMessage msg = CryptoTestUtils::Message(
       "CHLO",
       "AEAD", "AESG",
       "KEXS", "C255",
       "PDMD", "X509",
       "SCID", kOldConfigId,
       "#004b5453", srct_hex_.c_str(),
       "PUBS", pub_hex_.c_str(),
       "NONC", nonce_hex_.c_str(),
+      "NONP", "123456789012345678901234567890",
       "VER\0", client_version_string_.c_str(),
       "XLCT", XlctHexString().c_str(),
       "$padding", static_cast<int>(kClientHelloMinimumSize),
       nullptr);
   // clang-format on
   ShouldSucceed(msg);
   // The message should be rejected because the source-address token is no
   // longer valid.
   CheckRejectTag();
   const HandshakeFailureReason kRejectReasons[] = {
@@ skipping 18 matching lines @@
                                               common_cert_sets, &certs));
 
   // Check that the proof in the REJ message is valid.
   scoped_ptr<ProofVerifier> proof_verifier(
       CryptoTestUtils::ProofVerifierForTesting());
   scoped_ptr<ProofVerifyContext> verify_context(
       CryptoTestUtils::ProofVerifyContextForTesting());
   scoped_ptr<ProofVerifyDetails> details;
   string error_details;
   DummyProofVerifierCallback callback;
-  EXPECT_EQ(QUIC_SUCCESS, proof_verifier->VerifyProof(
-                              "test.example.com", scfg_str.as_string(), certs,
-                              "", proof.as_string(), verify_context.get(),
-                              &error_details, &details, &callback));
+  string chlo_hash;
+  CryptoUtils::HashHandshakeMessage(msg, &chlo_hash);
+  EXPECT_EQ(QUIC_SUCCESS,
+            proof_verifier->VerifyProof(
+                "test.example.com", scfg_str.as_string(), client_version_,
+                chlo_hash, certs, "", proof.as_string(), verify_context.get(),
+                &error_details, &details, &callback));
 }
 
 TEST_P(CryptoServerTest, RejectInvalidXlct) {
   if (client_version_ <= QUIC_VERSION_25) {
     // XLCT tag introduced in QUIC_VERSION_26.
     return;
   }
   // clang-format off
   CryptoHandshakeMessage msg = CryptoTestUtils::Message(
       "CHLO",
@@ skipping 298 matching lines @@
 
   strike_register_client_->RunPendingVerifications();
   ASSERT_TRUE(called);
   EXPECT_EQ(0, strike_register_client_->PendingVerifications());
   // The message should be rejected now.
   CheckRejectTag();
 }
 
 }  // namespace test
 }  // namespace net