| OLD | NEW |
|---|
| 1 // Copyright 2013 The Chromium Authors. All rights reserved. | 1 // Copyright 2013 The Chromium Authors. All rights reserved. |
| 2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
| 3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
| 4 | 4 |
| 5 #include "net/quic/crypto/quic_crypto_client_config.h" | 5 #include "net/quic/crypto/quic_crypto_client_config.h" |
| 6 | 6 |
| 7 #include "net/quic/crypto/proof_verifier.h" | 7 #include "net/quic/crypto/proof_verifier.h" |
| 8 #include "net/quic/quic_server_id.h" | 8 #include "net/quic/quic_server_id.h" |
| 9 #include "net/quic/test_tools/crypto_test_utils.h" | 9 #include "net/quic/test_tools/crypto_test_utils.h" |
| 10 #include "net/quic/test_tools/mock_random.h" | 10 #include "net/quic/test_tools/mock_random.h" |
| (...skipping 327 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 338 EXPECT_TRUE(config.LookupOrCreate(canonical_id2)->IsEmpty()); | 338 EXPECT_TRUE(config.LookupOrCreate(canonical_id2)->IsEmpty()); |
| 339 } | 339 } |
| 340 | 340 |
| 341 TEST(QuicCryptoClientConfigTest, ClearCachedStates) { | 341 TEST(QuicCryptoClientConfigTest, ClearCachedStates) { |
| 342 QuicCryptoClientConfig config(CryptoTestUtils::ProofVerifierForTesting()); | 342 QuicCryptoClientConfig config(CryptoTestUtils::ProofVerifierForTesting()); |
| 343 QuicServerId server_id("www.google.com", 80, PRIVACY_MODE_DISABLED); | 343 QuicServerId server_id("www.google.com", 80, PRIVACY_MODE_DISABLED); |
| 344 QuicCryptoClientConfig::CachedState* state = config.LookupOrCreate(server_id); | 344 QuicCryptoClientConfig::CachedState* state = config.LookupOrCreate(server_id); |
| 345 // TODO(rch): Populate other fields of |state|. | 345 // TODO(rch): Populate other fields of |state|. |
| 346 vector<string> certs(1); | 346 vector<string> certs(1); |
| 347 certs[0] = "Hello Cert"; | 347 certs[0] = "Hello Cert"; |
| 348 state->SetProof(certs, "cert_sct", "signature"); | 348 state->SetProof(certs, "cert_sct", "chlo_hash", "signature"); |
| 349 state->set_source_address_token("TOKEN"); | 349 state->set_source_address_token("TOKEN"); |
| 350 state->SetProofValid(); | 350 state->SetProofValid(); |
| 351 EXPECT_EQ(1u, state->generation_counter()); | 351 EXPECT_EQ(1u, state->generation_counter()); |
| 352 | 352 |
| 353 // Verify LookupOrCreate returns the same data. | 353 // Verify LookupOrCreate returns the same data. |
| 354 QuicCryptoClientConfig::CachedState* other = config.LookupOrCreate(server_id); | 354 QuicCryptoClientConfig::CachedState* other = config.LookupOrCreate(server_id); |
| 355 | 355 |
| 356 EXPECT_EQ(state, other); | 356 EXPECT_EQ(state, other); |
| 357 EXPECT_EQ(1u, other->generation_counter()); | 357 EXPECT_EQ(1u, other->generation_counter()); |
| 358 | 358 |
| (...skipping 17 matching lines...) Expand all Loading... |
| 376 CryptoHandshakeMessage rej; | 376 CryptoHandshakeMessage rej; |
| 377 CryptoTestUtils::FillInDummyReject(&rej, /* stateless */ false); | 377 CryptoTestUtils::FillInDummyReject(&rej, /* stateless */ false); |
| 378 | 378 |
| 379 // Now process the rejection. | 379 // Now process the rejection. |
| 380 QuicCryptoClientConfig::CachedState cached; | 380 QuicCryptoClientConfig::CachedState cached; |
| 381 QuicCryptoNegotiatedParameters out_params; | 381 QuicCryptoNegotiatedParameters out_params; |
| 382 string error; | 382 string error; |
| 383 QuicCryptoClientConfig config(CryptoTestUtils::ProofVerifierForTesting()); | 383 QuicCryptoClientConfig config(CryptoTestUtils::ProofVerifierForTesting()); |
| 384 EXPECT_EQ(QUIC_NO_ERROR, | 384 EXPECT_EQ(QUIC_NO_ERROR, |
| 385 config.ProcessRejection(rej, QuicWallTime::FromUNIXSeconds(0), | 385 config.ProcessRejection(rej, QuicWallTime::FromUNIXSeconds(0), |
| 386 QuicSupportedVersions().front(), &cached, | 386 QuicSupportedVersions().front(), "", |
| 387 &out_params, &error)); | 387 &cached, &out_params, &error)); |
| 388 EXPECT_FALSE(cached.has_server_designated_connection_id()); | 388 EXPECT_FALSE(cached.has_server_designated_connection_id()); |
| 389 EXPECT_FALSE(cached.has_server_nonce()); | 389 EXPECT_FALSE(cached.has_server_nonce()); |
| 390 } | 390 } |
| 391 | 391 |
| 392 TEST(QuicCryptoClientConfigTest, ProcessStatelessReject) { | 392 TEST(QuicCryptoClientConfigTest, ProcessStatelessReject) { |
| 393 // Create a dummy reject message and mark it as stateless. | 393 // Create a dummy reject message and mark it as stateless. |
| 394 CryptoHandshakeMessage rej; | 394 CryptoHandshakeMessage rej; |
| 395 CryptoTestUtils::FillInDummyReject(&rej, /* stateless */ true); | 395 CryptoTestUtils::FillInDummyReject(&rej, /* stateless */ true); |
| 396 const QuicConnectionId kConnectionId = 0xdeadbeef; | 396 const QuicConnectionId kConnectionId = 0xdeadbeef; |
| 397 const string server_nonce = "SERVER_NONCE"; | 397 const string server_nonce = "SERVER_NONCE"; |
| 398 rej.SetValue(kRCID, kConnectionId); | 398 rej.SetValue(kRCID, kConnectionId); |
| 399 rej.SetStringPiece(kServerNonceTag, server_nonce); | 399 rej.SetStringPiece(kServerNonceTag, server_nonce); |
| 400 | 400 |
| 401 // Now process the rejection. | 401 // Now process the rejection. |
| 402 QuicCryptoClientConfig::CachedState cached; | 402 QuicCryptoClientConfig::CachedState cached; |
| 403 QuicCryptoNegotiatedParameters out_params; | 403 QuicCryptoNegotiatedParameters out_params; |
| 404 string error; | 404 string error; |
| 405 QuicCryptoClientConfig config(CryptoTestUtils::ProofVerifierForTesting()); | 405 QuicCryptoClientConfig config(CryptoTestUtils::ProofVerifierForTesting()); |
| 406 EXPECT_EQ(QUIC_NO_ERROR, | 406 EXPECT_EQ(QUIC_NO_ERROR, |
| 407 config.ProcessRejection(rej, QuicWallTime::FromUNIXSeconds(0), | 407 config.ProcessRejection(rej, QuicWallTime::FromUNIXSeconds(0), |
| 408 QuicSupportedVersions().front(), &cached, | 408 QuicSupportedVersions().front(), "", |
| 409 &out_params, &error)); | 409 &cached, &out_params, &error)); |
| 410 EXPECT_TRUE(cached.has_server_designated_connection_id()); | 410 EXPECT_TRUE(cached.has_server_designated_connection_id()); |
| 411 EXPECT_EQ(kConnectionId, cached.GetNextServerDesignatedConnectionId()); | 411 EXPECT_EQ(kConnectionId, cached.GetNextServerDesignatedConnectionId()); |
| 412 EXPECT_EQ(server_nonce, cached.GetNextServerNonce()); | 412 EXPECT_EQ(server_nonce, cached.GetNextServerNonce()); |
| 413 } | 413 } |
| 414 | 414 |
| 415 TEST(QuicCryptoClientConfigTest, BadlyFormattedStatelessReject) { | 415 TEST(QuicCryptoClientConfigTest, BadlyFormattedStatelessReject) { |
| 416 // Create a dummy reject message and mark it as stateless. Do not | 416 // Create a dummy reject message and mark it as stateless. Do not |
| 417 // add an server-designated connection-id. | 417 // add an server-designated connection-id. |
| 418 CryptoHandshakeMessage rej; | 418 CryptoHandshakeMessage rej; |
| 419 CryptoTestUtils::FillInDummyReject(&rej, /* stateless */ true); | 419 CryptoTestUtils::FillInDummyReject(&rej, /* stateless */ true); |
| 420 | 420 |
| 421 // Now process the rejection. | 421 // Now process the rejection. |
| 422 QuicCryptoClientConfig::CachedState cached; | 422 QuicCryptoClientConfig::CachedState cached; |
| 423 QuicCryptoNegotiatedParameters out_params; | 423 QuicCryptoNegotiatedParameters out_params; |
| 424 string error; | 424 string error; |
| 425 QuicCryptoClientConfig config(CryptoTestUtils::ProofVerifierForTesting()); | 425 QuicCryptoClientConfig config(CryptoTestUtils::ProofVerifierForTesting()); |
| 426 EXPECT_EQ(QUIC_CRYPTO_MESSAGE_PARAMETER_NOT_FOUND, | 426 EXPECT_EQ(QUIC_CRYPTO_MESSAGE_PARAMETER_NOT_FOUND, |
| 427 config.ProcessRejection(rej, QuicWallTime::FromUNIXSeconds(0), | 427 config.ProcessRejection(rej, QuicWallTime::FromUNIXSeconds(0), |
| 428 QuicSupportedVersions().front(), &cached, | 428 QuicSupportedVersions().front(), "", |
| 429 &out_params, &error)); | 429 &cached, &out_params, &error)); |
| 430 EXPECT_FALSE(cached.has_server_designated_connection_id()); | 430 EXPECT_FALSE(cached.has_server_designated_connection_id()); |
| 431 EXPECT_EQ("Missing kRCID", error); | 431 EXPECT_EQ("Missing kRCID", error); |
| 432 } | 432 } |
| 433 | 433 |
| 434 TEST(QuicCryptoClientConfigTest, ServerNonceinSHLO_BeforeQ027) { | 434 TEST(QuicCryptoClientConfigTest, ServerNonceinSHLO_BeforeQ027) { |
| 435 // Test that in QUIC_VERSION_26 and lower, the the server does not need to | 435 // Test that in QUIC_VERSION_26 and lower, the the server does not need to |
| 436 // include a nonce in the SHLO. | 436 // include a nonce in the SHLO. |
| 437 CryptoHandshakeMessage msg; | 437 CryptoHandshakeMessage msg; |
| 438 msg.set_tag(kSHLO); | 438 msg.set_tag(kSHLO); |
| 439 // Choose the lowest version. | 439 // Choose the lowest version. |
| (...skipping 33 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 473 QuicCryptoNegotiatedParameters out_params; | 473 QuicCryptoNegotiatedParameters out_params; |
| 474 string error_details; | 474 string error_details; |
| 475 EXPECT_EQ(QUIC_INVALID_CRYPTO_MESSAGE_PARAMETER, | 475 EXPECT_EQ(QUIC_INVALID_CRYPTO_MESSAGE_PARAMETER, |
| 476 config.ProcessServerHello(msg, 0, version, supported_versions, | 476 config.ProcessServerHello(msg, 0, version, supported_versions, |
| 477 &cached, &out_params, &error_details)); | 477 &cached, &out_params, &error_details)); |
| 478 EXPECT_EQ("server hello missing server nonce", error_details); | 478 EXPECT_EQ("server hello missing server nonce", error_details); |
| 479 } | 479 } |
| 480 | 480 |
| 481 } // namespace test | 481 } // namespace test |
| 482 } // namespace net | 482 } // namespace net |
| OLD | NEW |
|---|
Chromium Code Reviews
Issue 1765603002:
Add QUIC 31 in which the server's proof covers both the static server config as well as a hash of t… (Closed)
Base URL: https://chromium.googlesource.com/chromium/src.git@master