| OLD | NEW |
|---|
| 1 // Copyright 2013 The Chromium Authors. All rights reserved. | 1 // Copyright 2013 The Chromium Authors. All rights reserved. |
| 2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
| 3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
| 4 | 4 |
| 5 #include "net/quic/crypto/quic_crypto_server_config.h" | 5 #include "net/quic/crypto/quic_crypto_server_config.h" |
| 6 | 6 |
| 7 #include <stdarg.h> | 7 #include <stdarg.h> |
| 8 | 8 |
| 9 #include "base/stl_util.h" | 9 #include "base/stl_util.h" |
| 10 #include "net/quic/crypto/aes_128_gcm_12_encrypter.h" | 10 #include "net/quic/crypto/aes_128_gcm_12_encrypter.h" |
| 11 #include "net/quic/crypto/cert_compressor.h" |
| 11 #include "net/quic/crypto/crypto_handshake_message.h" | 12 #include "net/quic/crypto/crypto_handshake_message.h" |
| 12 #include "net/quic/crypto/crypto_secret_boxer.h" | 13 #include "net/quic/crypto/crypto_secret_boxer.h" |
| 13 #include "net/quic/crypto/crypto_server_config_protobuf.h" | 14 #include "net/quic/crypto/crypto_server_config_protobuf.h" |
| 14 #include "net/quic/crypto/quic_random.h" | 15 #include "net/quic/crypto/quic_random.h" |
| 15 #include "net/quic/crypto/strike_register_client.h" | 16 #include "net/quic/crypto/strike_register_client.h" |
| 16 #include "net/quic/quic_flags.h" | 17 #include "net/quic/quic_flags.h" |
| 17 #include "net/quic/quic_time.h" | 18 #include "net/quic/quic_time.h" |
| 18 #include "net/quic/test_tools/crypto_test_utils.h" | 19 #include "net/quic/test_tools/crypto_test_utils.h" |
| 19 #include "net/quic/test_tools/mock_clock.h" | 20 #include "net/quic/test_tools/mock_clock.h" |
| 20 #include "net/quic/test_tools/quic_test_utils.h" | 21 #include "net/quic/test_tools/quic_test_utils.h" |
| (...skipping 153 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 174 | 175 |
| 175 return s; | 176 return s; |
| 176 } | 177 } |
| 177 | 178 |
| 178 void SelectNewPrimaryConfig(int seconds) { | 179 void SelectNewPrimaryConfig(int seconds) { |
| 179 base::AutoLock locked(server_config_->configs_lock_); | 180 base::AutoLock locked(server_config_->configs_lock_); |
| 180 server_config_->SelectNewPrimaryConfig( | 181 server_config_->SelectNewPrimaryConfig( |
| 181 QuicWallTime::FromUNIXSeconds(seconds)); | 182 QuicWallTime::FromUNIXSeconds(seconds)); |
| 182 } | 183 } |
| 183 | 184 |
| 185 const string CompressChain(QuicCompressedCertsCache* compressed_certs_cache, |
| 186 const scoped_refptr<ProofSource::Chain>& chain, |
| 187 const string& client_common_set_hashes, |
| 188 const string& client_cached_cert_hashes, |
| 189 const CommonCertSets* common_sets) { |
| 190 return server_config_->CompressChain( |
| 191 compressed_certs_cache, chain, client_common_set_hashes, |
| 192 client_cached_cert_hashes, common_sets); |
| 193 } |
| 194 |
| 184 private: | 195 private: |
| 185 const QuicCryptoServerConfig* server_config_; | 196 const QuicCryptoServerConfig* server_config_; |
| 186 }; | 197 }; |
| 187 | 198 |
| 188 class TestStrikeRegisterClient : public StrikeRegisterClient { | 199 class TestStrikeRegisterClient : public StrikeRegisterClient { |
| 189 public: | 200 public: |
| 190 explicit TestStrikeRegisterClient(QuicCryptoServerConfig* config) | 201 explicit TestStrikeRegisterClient(QuicCryptoServerConfig* config) |
| 191 : config_(config), is_known_orbit_called_(false) {} | 202 : config_(config), is_known_orbit_called_(false) {} |
| 192 | 203 |
| 193 bool IsKnownOrbit(StringPiece orbit) const override { | 204 bool IsKnownOrbit(StringPiece orbit) const override { |
| (...skipping 70 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 264 TestStrikeRegisterClient* strike_register = | 275 TestStrikeRegisterClient* strike_register = |
| 265 new TestStrikeRegisterClient(&server); | 276 new TestStrikeRegisterClient(&server); |
| 266 server.SetStrikeRegisterClient(strike_register); | 277 server.SetStrikeRegisterClient(strike_register); |
| 267 | 278 |
| 268 QuicCryptoServerConfig::ConfigOptions options; | 279 QuicCryptoServerConfig::ConfigOptions options; |
| 269 scoped_ptr<CryptoHandshakeMessage> message( | 280 scoped_ptr<CryptoHandshakeMessage> message( |
| 270 server.AddDefaultConfig(rand, &clock, options)); | 281 server.AddDefaultConfig(rand, &clock, options)); |
| 271 EXPECT_TRUE(strike_register->is_known_orbit_called()); | 282 EXPECT_TRUE(strike_register->is_known_orbit_called()); |
| 272 } | 283 } |
| 273 | 284 |
| 285 TEST(QuicCryptoServerConfigTest, CompressCerts) { |
| 286 QuicCompressedCertsCache compressed_certs_cache( |
| 287 QuicCompressedCertsCache::kQuicCompressedCertsCacheSize); |
| 288 |
| 289 QuicRandom* rand = QuicRandom::GetInstance(); |
| 290 QuicCryptoServerConfig server(QuicCryptoServerConfig::TESTING, rand, |
| 291 CryptoTestUtils::ProofSourceForTesting()); |
| 292 QuicCryptoServerConfigPeer peer(&server); |
| 293 |
| 294 vector<string> certs = {"testcert"}; |
| 295 scoped_refptr<ProofSource::Chain> chain(new ProofSource::Chain(certs)); |
| 296 |
| 297 string compressed = |
| 298 peer.CompressChain(&compressed_certs_cache, chain, "", "", nullptr); |
| 299 |
| 300 if (FLAGS_quic_use_cached_compressed_certs) { |
| 301 EXPECT_EQ(compressed_certs_cache.Size(), 1u); |
| 302 } else { |
| 303 EXPECT_EQ(compressed_certs_cache.Size(), 0u); |
| 304 } |
| 305 } |
| 306 |
| 307 TEST(QuicCryptoServerConfigTest, CompressSameCertsTwice) { |
| 308 QuicCompressedCertsCache compressed_certs_cache( |
| 309 QuicCompressedCertsCache::kQuicCompressedCertsCacheSize); |
| 310 |
| 311 QuicRandom* rand = QuicRandom::GetInstance(); |
| 312 QuicCryptoServerConfig server(QuicCryptoServerConfig::TESTING, rand, |
| 313 CryptoTestUtils::ProofSourceForTesting()); |
| 314 QuicCryptoServerConfigPeer peer(&server); |
| 315 |
| 316 // Compress the certs for the first time. |
| 317 vector<string> certs = {"testcert"}; |
| 318 scoped_refptr<ProofSource::Chain> chain(new ProofSource::Chain(certs)); |
| 319 string common_certs = ""; |
| 320 string cached_certs = ""; |
| 321 |
| 322 string compressed = peer.CompressChain(&compressed_certs_cache, chain, |
| 323 common_certs, cached_certs, nullptr); |
| 324 if (FLAGS_quic_use_cached_compressed_certs) { |
| 325 EXPECT_EQ(compressed_certs_cache.Size(), 1u); |
| 326 } |
| 327 |
| 328 // Compress the same certs, should use cache if available. |
| 329 string compressed2 = peer.CompressChain(&compressed_certs_cache, chain, |
| 330 common_certs, cached_certs, nullptr); |
| 331 EXPECT_EQ(compressed, compressed2); |
| 332 if (FLAGS_quic_use_cached_compressed_certs) { |
| 333 EXPECT_EQ(compressed_certs_cache.Size(), 1u); |
| 334 } |
| 335 } |
| 336 |
| 337 TEST(QuicCryptoServerConfigTest, CompressDifferentCerts) { |
| 338 // This test compresses a set of similar but not identical certs. Cache if |
| 339 // used should return cache miss and add all the compressed certs. |
| 340 QuicCompressedCertsCache compressed_certs_cache( |
| 341 QuicCompressedCertsCache::kQuicCompressedCertsCacheSize); |
| 342 |
| 343 QuicRandom* rand = QuicRandom::GetInstance(); |
| 344 QuicCryptoServerConfig server(QuicCryptoServerConfig::TESTING, rand, |
| 345 CryptoTestUtils::ProofSourceForTesting()); |
| 346 QuicCryptoServerConfigPeer peer(&server); |
| 347 |
| 348 vector<string> certs = {"testcert"}; |
| 349 scoped_refptr<ProofSource::Chain> chain(new ProofSource::Chain(certs)); |
| 350 string common_certs = ""; |
| 351 string cached_certs = ""; |
| 352 |
| 353 string compressed = peer.CompressChain(&compressed_certs_cache, chain, |
| 354 common_certs, cached_certs, nullptr); |
| 355 if (FLAGS_quic_use_cached_compressed_certs) { |
| 356 EXPECT_EQ(compressed_certs_cache.Size(), 1u); |
| 357 } |
| 358 |
| 359 // Compress a similar certs which only differs in the chain. |
| 360 scoped_refptr<ProofSource::Chain> chain2(new ProofSource::Chain(certs)); |
| 361 |
| 362 string compressed2 = peer.CompressChain(&compressed_certs_cache, chain2, |
| 363 common_certs, cached_certs, nullptr); |
| 364 if (FLAGS_quic_use_cached_compressed_certs) { |
| 365 EXPECT_EQ(compressed_certs_cache.Size(), 2u); |
| 366 } |
| 367 |
| 368 // Compress a similar certs which only differs in common certs field. |
| 369 static const uint64_t set_hash = 42; |
| 370 scoped_ptr<CommonCertSets> common_sets( |
| 371 CryptoTestUtils::MockCommonCertSets(certs[0], set_hash, 1)); |
| 372 StringPiece different_common_certs(reinterpret_cast<const char*>(&set_hash), |
| 373 sizeof(set_hash)); |
| 374 string compressed3 = peer.CompressChain(&compressed_certs_cache, chain, |
| 375 different_common_certs.as_string(), |
| 376 cached_certs, common_sets.get()); |
| 377 if (FLAGS_quic_use_cached_compressed_certs) { |
| 378 EXPECT_EQ(compressed_certs_cache.Size(), 3u); |
| 379 } |
| 380 } |
| 381 |
| 274 class SourceAddressTokenTest : public ::testing::Test { | 382 class SourceAddressTokenTest : public ::testing::Test { |
| 275 public: | 383 public: |
| 276 SourceAddressTokenTest() | 384 SourceAddressTokenTest() |
| 277 : ip4_(Loopback4()), | 385 : ip4_(Loopback4()), |
| 278 ip4_dual_(ConvertIPv4ToIPv4MappedIPv6(ip4_)), | 386 ip4_dual_(ConvertIPv4ToIPv4MappedIPv6(ip4_)), |
| 279 ip6_(Loopback6()), | 387 ip6_(Loopback6()), |
| 280 original_time_(QuicWallTime::Zero()), | 388 original_time_(QuicWallTime::Zero()), |
| 281 rand_(QuicRandom::GetInstance()), | 389 rand_(QuicRandom::GetInstance()), |
| 282 server_(QuicCryptoServerConfig::TESTING, | 390 server_(QuicCryptoServerConfig::TESTING, |
| 283 rand_, | 391 rand_, |
| (...skipping 377 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 661 TEST_F(CryptoServerConfigsTest, InvalidConfigs) { | 769 TEST_F(CryptoServerConfigsTest, InvalidConfigs) { |
| 662 // Ensure that invalid configs don't change anything. | 770 // Ensure that invalid configs don't change anything. |
| 663 SetConfigs("a", 800, 1, "b", 900, 1, "c", 1100, 1, nullptr); | 771 SetConfigs("a", 800, 1, "b", 900, 1, "c", 1100, 1, nullptr); |
| 664 test_peer_.CheckConfigs("a", false, "b", true, "c", false, nullptr); | 772 test_peer_.CheckConfigs("a", false, "b", true, "c", false, nullptr); |
| 665 SetConfigs("a", 800, 1, "c", 1100, 1, "INVALID1", 1000, 1, nullptr); | 773 SetConfigs("a", 800, 1, "c", 1100, 1, "INVALID1", 1000, 1, nullptr); |
| 666 test_peer_.CheckConfigs("a", false, "b", true, "c", false, nullptr); | 774 test_peer_.CheckConfigs("a", false, "b", true, "c", false, nullptr); |
| 667 } | 775 } |
| 668 | 776 |
| 669 } // namespace test | 777 } // namespace test |
| 670 } // namespace net | 778 } // namespace net |
| OLD | NEW |
|---|
Chromium Code Reviews
Issue 1811043002:
Landing Recent QUIC changes until 2016-03-15 16:26 UTC (Closed)
Base URL: https://chromium.googlesource.com/chromium/src.git@master