| OLD | NEW |
|---|
| 1 // Copyright (c) 2013 The Chromium Authors. All rights reserved. | 1 // Copyright (c) 2013 The Chromium Authors. All rights reserved. |
| 2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
| 3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
| 4 | 4 |
| 5 #include <algorithm> | 5 #include <algorithm> |
| 6 #include <cstdint> | 6 #include <cstdint> |
| 7 #include <memory> | 7 #include <memory> |
| 8 #include <ostream> | 8 #include <ostream> |
| 9 #include <vector> | 9 #include <vector> |
| 10 | 10 |
| (...skipping 131 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 142 | 142 |
| 143 char public_value[32]; | 143 char public_value[32]; |
| 144 memset(public_value, 42, sizeof(public_value)); | 144 memset(public_value, 42, sizeof(public_value)); |
| 145 | 145 |
| 146 nonce_hex_ = "#" + QuicUtils::HexEncode(GenerateNonce()); | 146 nonce_hex_ = "#" + QuicUtils::HexEncode(GenerateNonce()); |
| 147 pub_hex_ = "#" + QuicUtils::HexEncode(public_value, sizeof(public_value)); | 147 pub_hex_ = "#" + QuicUtils::HexEncode(public_value, sizeof(public_value)); |
| 148 | 148 |
| 149 // clang-format off | 149 // clang-format off |
| 150 CryptoHandshakeMessage client_hello = CryptoTestUtils::Message( | 150 CryptoHandshakeMessage client_hello = CryptoTestUtils::Message( |
| 151 "CHLO", | 151 "CHLO", |
| 152 "PDMD", "X509", |
| 152 "AEAD", "AESG", | 153 "AEAD", "AESG", |
| 153 "KEXS", "C255", | 154 "KEXS", "C255", |
| 154 "PUBS", pub_hex_.c_str(), | 155 "PUBS", pub_hex_.c_str(), |
| 155 "NONC", nonce_hex_.c_str(), | 156 "NONC", nonce_hex_.c_str(), |
| 156 "CSCT", "", | 157 "CSCT", "", |
| 157 "VER\0", client_version_string_.c_str(), | 158 "VER\0", client_version_string_.c_str(), |
| 158 "$padding", static_cast<int>(kClientHelloMinimumSize), | 159 "$padding", static_cast<int>(kClientHelloMinimumSize), |
| 159 nullptr); | 160 nullptr); |
| 160 // clang-format on | 161 // clang-format on |
| 161 ShouldSucceed(client_hello); | 162 ShouldSucceed(client_hello); |
| (...skipping 230 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 392 "#ff00", | 393 "#ff00", |
| 393 "127.0.0.1", | 394 "127.0.0.1", |
| 394 "ffee::1", | 395 "ffee::1", |
| 395 }; | 396 }; |
| 396 // clang-format on | 397 // clang-format on |
| 397 | 398 |
| 398 for (size_t i = 0; i < arraysize(kBadSNIs); i++) { | 399 for (size_t i = 0; i < arraysize(kBadSNIs); i++) { |
| 399 // clang-format off | 400 // clang-format off |
| 400 CryptoHandshakeMessage msg = CryptoTestUtils::Message( | 401 CryptoHandshakeMessage msg = CryptoTestUtils::Message( |
| 401 "CHLO", | 402 "CHLO", |
| 403 "PDMD", "X509", |
| 402 "SNI", kBadSNIs[i], | 404 "SNI", kBadSNIs[i], |
| 403 "VER\0", client_version_string_.c_str(), | 405 "VER\0", client_version_string_.c_str(), |
| 404 "$padding", static_cast<int>(kClientHelloMinimumSize), | 406 "$padding", static_cast<int>(kClientHelloMinimumSize), |
| 405 nullptr); | 407 nullptr); |
| 406 // clang-format on | 408 // clang-format on |
| 407 ShouldFailMentioning("SNI", msg); | 409 ShouldFailMentioning("SNI", msg); |
| 408 const HandshakeFailureReason kRejectReasons[] = { | 410 const HandshakeFailureReason kRejectReasons[] = { |
| 409 SERVER_CONFIG_INCHOATE_HELLO_FAILURE}; | 411 SERVER_CONFIG_INCHOATE_HELLO_FAILURE}; |
| 410 CheckRejectReasons(kRejectReasons, arraysize(kRejectReasons)); | 412 CheckRejectReasons(kRejectReasons, arraysize(kRejectReasons)); |
| 411 } | 413 } |
| (...skipping 29 matching lines...) Expand all Loading... |
| 441 CheckRejectReasons(kRejectReasons, arraysize(kRejectReasons)); | 443 CheckRejectReasons(kRejectReasons, arraysize(kRejectReasons)); |
| 442 EXPECT_EQ(client_version_ > QUIC_VERSION_29, cert_sct.size() > 0); | 444 EXPECT_EQ(client_version_ > QUIC_VERSION_29, cert_sct.size() > 0); |
| 443 } | 445 } |
| 444 | 446 |
| 445 TEST_P(CryptoServerTest, RejectTooLarge) { | 447 TEST_P(CryptoServerTest, RejectTooLarge) { |
| 446 // Check that the server replies with no certificate when a CHLO is | 448 // Check that the server replies with no certificate when a CHLO is |
| 447 // constructed with a PDMD but no SKT when the REJ would be too large. | 449 // constructed with a PDMD but no SKT when the REJ would be too large. |
| 448 // clang-format off | 450 // clang-format off |
| 449 CryptoHandshakeMessage msg = CryptoTestUtils::Message( | 451 CryptoHandshakeMessage msg = CryptoTestUtils::Message( |
| 450 "CHLO", | 452 "CHLO", |
| 453 "PDMD", "X509", |
| 451 "AEAD", "AESG", | 454 "AEAD", "AESG", |
| 452 "KEXS", "C255", | 455 "KEXS", "C255", |
| 453 "PUBS", pub_hex_.c_str(), | 456 "PUBS", pub_hex_.c_str(), |
| 454 "NONC", nonce_hex_.c_str(), | 457 "NONC", nonce_hex_.c_str(), |
| 455 "PDMD", "X509", | 458 "PDMD", "X509", |
| 456 "VER\0", client_version_string_.c_str(), | 459 "VER\0", client_version_string_.c_str(), |
| 457 "$padding", static_cast<int>(kClientHelloMinimumSize), | 460 "$padding", static_cast<int>(kClientHelloMinimumSize), |
| 458 nullptr); | 461 nullptr); |
| 459 // clang-format on | 462 // clang-format on |
| 460 | 463 |
| 461 // The REJ will be larger than the CHLO so no PROF or CRT will be sent. | 464 // The REJ will be larger than the CHLO so no PROF or CRT will be sent. |
| 462 config_.set_chlo_multiplier(1); | 465 config_.set_chlo_multiplier(1); |
| 463 | 466 |
| 464 ShouldSucceed(msg); | 467 ShouldSucceed(msg); |
| 465 StringPiece cert, proof, cert_sct; | 468 StringPiece cert, proof, cert_sct; |
| 466 EXPECT_FALSE(out_.GetStringPiece(kCertificateTag, &cert)); | 469 EXPECT_FALSE(out_.GetStringPiece(kCertificateTag, &cert)); |
| 467 EXPECT_FALSE(out_.GetStringPiece(kPROF, &proof)); | 470 EXPECT_FALSE(out_.GetStringPiece(kPROF, &proof)); |
| 468 EXPECT_FALSE(out_.GetStringPiece(kCertificateSCTTag, &cert_sct)); | 471 EXPECT_FALSE(out_.GetStringPiece(kCertificateSCTTag, &cert_sct)); |
| 469 const HandshakeFailureReason kRejectReasons[] = { | 472 const HandshakeFailureReason kRejectReasons[] = { |
| 470 SERVER_CONFIG_INCHOATE_HELLO_FAILURE}; | 473 SERVER_CONFIG_INCHOATE_HELLO_FAILURE}; |
| 471 CheckRejectReasons(kRejectReasons, arraysize(kRejectReasons)); | 474 CheckRejectReasons(kRejectReasons, arraysize(kRejectReasons)); |
| 472 } | 475 } |
| 473 | 476 |
| 474 TEST_P(CryptoServerTest, RejectTooLargeButValidSTK) { | 477 TEST_P(CryptoServerTest, RejectTooLargeButValidSTK) { |
| 475 // Check that the server replies with no certificate when a CHLO is | 478 // Check that the server replies with no certificate when a CHLO is |
| 476 // constructed with a PDMD but no SKT when the REJ would be too large. | 479 // constructed with a PDMD but no SKT when the REJ would be too large. |
| 477 // clang-format off | 480 // clang-format off |
| 478 CryptoHandshakeMessage msg = CryptoTestUtils::Message( | 481 CryptoHandshakeMessage msg = CryptoTestUtils::Message( |
| 479 "CHLO", | 482 "CHLO", |
| 483 "PDMD", "X509", |
| 480 "AEAD", "AESG", | 484 "AEAD", "AESG", |
| 481 "KEXS", "C255", | 485 "KEXS", "C255", |
| 482 "PUBS", pub_hex_.c_str(), | 486 "PUBS", pub_hex_.c_str(), |
| 483 "NONC", nonce_hex_.c_str(), | 487 "NONC", nonce_hex_.c_str(), |
| 484 "#004b5453", srct_hex_.c_str(), | 488 "#004b5453", srct_hex_.c_str(), |
| 485 "PDMD", "X509", | 489 "PDMD", "X509", |
| 486 "VER\0", client_version_string_.c_str(), | 490 "VER\0", client_version_string_.c_str(), |
| 487 "$padding", static_cast<int>(kClientHelloMinimumSize), | 491 "$padding", static_cast<int>(kClientHelloMinimumSize), |
| 488 nullptr); | 492 nullptr); |
| 489 // clang-format on | 493 // clang-format on |
| (...skipping 11 matching lines...) Expand all Loading... |
| 501 EXPECT_NE(0u, proof.size()); | 505 EXPECT_NE(0u, proof.size()); |
| 502 const HandshakeFailureReason kRejectReasons[] = { | 506 const HandshakeFailureReason kRejectReasons[] = { |
| 503 SERVER_CONFIG_INCHOATE_HELLO_FAILURE}; | 507 SERVER_CONFIG_INCHOATE_HELLO_FAILURE}; |
| 504 CheckRejectReasons(kRejectReasons, arraysize(kRejectReasons)); | 508 CheckRejectReasons(kRejectReasons, arraysize(kRejectReasons)); |
| 505 } | 509 } |
| 506 | 510 |
| 507 TEST_P(CryptoServerTest, TooSmall) { | 511 TEST_P(CryptoServerTest, TooSmall) { |
| 508 // clang-format off | 512 // clang-format off |
| 509 ShouldFailMentioning("too small", CryptoTestUtils::Message( | 513 ShouldFailMentioning("too small", CryptoTestUtils::Message( |
| 510 "CHLO", | 514 "CHLO", |
| 515 "PDMD", "X509", |
| 511 "VER\0", client_version_string_.c_str(), | 516 "VER\0", client_version_string_.c_str(), |
| 512 nullptr)); | 517 nullptr)); |
| 513 // clang-format on | 518 // clang-format on |
| 514 const HandshakeFailureReason kRejectReasons[] = { | 519 const HandshakeFailureReason kRejectReasons[] = { |
| 515 SERVER_CONFIG_INCHOATE_HELLO_FAILURE}; | 520 SERVER_CONFIG_INCHOATE_HELLO_FAILURE}; |
| 516 CheckRejectReasons(kRejectReasons, arraysize(kRejectReasons)); | 521 CheckRejectReasons(kRejectReasons, arraysize(kRejectReasons)); |
| 517 } | 522 } |
| 518 | 523 |
| 519 TEST_P(CryptoServerTest, BadSourceAddressToken) { | 524 TEST_P(CryptoServerTest, BadSourceAddressToken) { |
| 520 // Invalid source-address tokens should be ignored. | 525 // Invalid source-address tokens should be ignored. |
| 521 // clang-format off | 526 // clang-format off |
| 522 static const char* const kBadSourceAddressTokens[] = { | 527 static const char* const kBadSourceAddressTokens[] = { |
| 523 "", | 528 "", |
| 524 "foo", | 529 "foo", |
| 525 "#0000", | 530 "#0000", |
| 526 "#0000000000000000000000000000000000000000", | 531 "#0000000000000000000000000000000000000000", |
| 527 }; | 532 }; |
| 528 // clang-format on | 533 // clang-format on |
| 529 | 534 |
| 530 for (size_t i = 0; i < arraysize(kBadSourceAddressTokens); i++) { | 535 for (size_t i = 0; i < arraysize(kBadSourceAddressTokens); i++) { |
| 531 // clang-format off | 536 // clang-format off |
| 532 CryptoHandshakeMessage msg = CryptoTestUtils::Message( | 537 CryptoHandshakeMessage msg = CryptoTestUtils::Message( |
| 533 "CHLO", | 538 "CHLO", |
| 539 "PDMD", "X509", |
| 534 "STK", kBadSourceAddressTokens[i], | 540 "STK", kBadSourceAddressTokens[i], |
| 535 "VER\0", client_version_string_.c_str(), | 541 "VER\0", client_version_string_.c_str(), |
| 536 "$padding", static_cast<int>(kClientHelloMinimumSize), nullptr); | 542 "$padding", static_cast<int>(kClientHelloMinimumSize), nullptr); |
| 537 // clang-format on | 543 // clang-format on |
| 538 ShouldSucceed(msg); | 544 ShouldSucceed(msg); |
| 539 const HandshakeFailureReason kRejectReasons[] = { | 545 const HandshakeFailureReason kRejectReasons[] = { |
| 540 SERVER_CONFIG_INCHOATE_HELLO_FAILURE}; | 546 SERVER_CONFIG_INCHOATE_HELLO_FAILURE}; |
| 541 CheckRejectReasons(kRejectReasons, arraysize(kRejectReasons)); | 547 CheckRejectReasons(kRejectReasons, arraysize(kRejectReasons)); |
| 542 } | 548 } |
| 543 } | 549 } |
| 544 | 550 |
| 545 TEST_P(CryptoServerTest, BadClientNonce) { | 551 TEST_P(CryptoServerTest, BadClientNonce) { |
| 546 // clang-format off | 552 // clang-format off |
| 547 static const char* const kBadNonces[] = { | 553 static const char* const kBadNonces[] = { |
| 548 "", | 554 "", |
| 549 "#0000", | 555 "#0000", |
| 550 "#0000000000000000000000000000000000000000", | 556 "#0000000000000000000000000000000000000000", |
| 551 }; | 557 }; |
| 552 // clang-format on | 558 // clang-format on |
| 553 | 559 |
| 554 for (size_t i = 0; i < arraysize(kBadNonces); i++) { | 560 for (size_t i = 0; i < arraysize(kBadNonces); i++) { |
| 555 // Invalid nonces should be ignored, in an inchoate CHLO. | 561 // Invalid nonces should be ignored, in an inchoate CHLO. |
| 556 // clang-format off | 562 // clang-format off |
| 557 CryptoHandshakeMessage msg = CryptoTestUtils::Message( | 563 CryptoHandshakeMessage msg = CryptoTestUtils::Message( |
| 558 "CHLO", | 564 "CHLO", |
| 565 "PDMD", "X509", |
| 559 "NONC", kBadNonces[i], | 566 "NONC", kBadNonces[i], |
| 560 "VER\0", client_version_string_.c_str(), | 567 "VER\0", client_version_string_.c_str(), |
| 561 "$padding", static_cast<int>(kClientHelloMinimumSize), | 568 "$padding", static_cast<int>(kClientHelloMinimumSize), |
| 562 nullptr); | 569 nullptr); |
| 563 // clang-format on | 570 // clang-format on |
| 564 ShouldSucceed(msg); | 571 ShouldSucceed(msg); |
| 565 const HandshakeFailureReason kRejectReasons[] = { | 572 const HandshakeFailureReason kRejectReasons[] = { |
| 566 SERVER_CONFIG_INCHOATE_HELLO_FAILURE}; | 573 SERVER_CONFIG_INCHOATE_HELLO_FAILURE}; |
| 567 CheckRejectReasons(kRejectReasons, arraysize(kRejectReasons)); | 574 CheckRejectReasons(kRejectReasons, arraysize(kRejectReasons)); |
| 568 | 575 |
| 569 // Invalid nonces should result in CLIENT_NONCE_INVALID_FAILURE. | 576 // Invalid nonces should result in CLIENT_NONCE_INVALID_FAILURE. |
| 570 // clang-format off | 577 // clang-format off |
| 571 CryptoHandshakeMessage msg1 = CryptoTestUtils::Message( | 578 CryptoHandshakeMessage msg1 = CryptoTestUtils::Message( |
| 572 "CHLO", | 579 "CHLO", |
| 580 "PDMD", "X509", |
| 573 "AEAD", "AESG", | 581 "AEAD", "AESG", |
| 574 "KEXS", "C255", | 582 "KEXS", "C255", |
| 575 "SCID", scid_hex_.c_str(), | 583 "SCID", scid_hex_.c_str(), |
| 576 "#004b5453", srct_hex_.c_str(), | 584 "#004b5453", srct_hex_.c_str(), |
| 577 "PUBS", pub_hex_.c_str(), | 585 "PUBS", pub_hex_.c_str(), |
| 578 "NONC", kBadNonces[i], | 586 "NONC", kBadNonces[i], |
| 579 "NONP", kBadNonces[i], | 587 "NONP", kBadNonces[i], |
| 580 "XLCT", XlctHexString().c_str(), | 588 "XLCT", XlctHexString().c_str(), |
| 581 "VER\0", client_version_string_.c_str(), | 589 "VER\0", client_version_string_.c_str(), |
| 582 "$padding", static_cast<int>(kClientHelloMinimumSize), | 590 "$padding", static_cast<int>(kClientHelloMinimumSize), |
| 583 nullptr); | 591 nullptr); |
| 584 // clang-format on | 592 // clang-format on |
| 585 | 593 |
| 586 ShouldSucceed(msg1); | 594 ShouldSucceed(msg1); |
| 587 | 595 |
| 588 CheckRejectTag(); | 596 CheckRejectTag(); |
| 589 const HandshakeFailureReason kRejectReasons1[] = { | 597 const HandshakeFailureReason kRejectReasons1[] = { |
| 590 CLIENT_NONCE_INVALID_FAILURE}; | 598 CLIENT_NONCE_INVALID_FAILURE}; |
| 591 CheckRejectReasons(kRejectReasons1, arraysize(kRejectReasons1)); | 599 CheckRejectReasons(kRejectReasons1, arraysize(kRejectReasons1)); |
| 592 } | 600 } |
| 593 } | 601 } |
| 594 | 602 |
| 595 TEST_P(CryptoServerTest, NoClientNonce) { | 603 TEST_P(CryptoServerTest, NoClientNonce) { |
| 596 // No client nonces should result in INCHOATE_HELLO_FAILURE. | 604 // No client nonces should result in INCHOATE_HELLO_FAILURE. |
| 597 // clang-format off | 605 // clang-format off |
| 598 CryptoHandshakeMessage msg = CryptoTestUtils::Message( | 606 CryptoHandshakeMessage msg = CryptoTestUtils::Message( |
| 599 "CHLO", | 607 "CHLO", |
| 608 "PDMD", "X509", |
| 600 "VER\0", client_version_string_.c_str(), | 609 "VER\0", client_version_string_.c_str(), |
| 601 "$padding", static_cast<int>(kClientHelloMinimumSize), | 610 "$padding", static_cast<int>(kClientHelloMinimumSize), |
| 602 nullptr); | 611 nullptr); |
| 603 // clang-format on | 612 // clang-format on |
| 604 | 613 |
| 605 ShouldSucceed(msg); | 614 ShouldSucceed(msg); |
| 606 const HandshakeFailureReason kRejectReasons[] = { | 615 const HandshakeFailureReason kRejectReasons[] = { |
| 607 SERVER_CONFIG_INCHOATE_HELLO_FAILURE}; | 616 SERVER_CONFIG_INCHOATE_HELLO_FAILURE}; |
| 608 CheckRejectReasons(kRejectReasons, arraysize(kRejectReasons)); | 617 CheckRejectReasons(kRejectReasons, arraysize(kRejectReasons)); |
| 609 | 618 |
| 610 // clang-format off | 619 // clang-format off |
| 611 CryptoHandshakeMessage msg1 = CryptoTestUtils::Message( | 620 CryptoHandshakeMessage msg1 = CryptoTestUtils::Message( |
| 612 "CHLO", | 621 "CHLO", |
| 622 "PDMD", "X509", |
| 613 "AEAD", "AESG", | 623 "AEAD", "AESG", |
| 614 "KEXS", "C255", | 624 "KEXS", "C255", |
| 615 "SCID", scid_hex_.c_str(), | 625 "SCID", scid_hex_.c_str(), |
| 616 "#004b5453", srct_hex_.c_str(), | 626 "#004b5453", srct_hex_.c_str(), |
| 617 "PUBS", pub_hex_.c_str(), | 627 "PUBS", pub_hex_.c_str(), |
| 618 "XLCT", XlctHexString().c_str(), | 628 "XLCT", XlctHexString().c_str(), |
| 619 "VER\0", client_version_string_.c_str(), | 629 "VER\0", client_version_string_.c_str(), |
| 620 "$padding", static_cast<int>(kClientHelloMinimumSize), | 630 "$padding", static_cast<int>(kClientHelloMinimumSize), |
| 621 nullptr); | 631 nullptr); |
| 622 // clang-format on | 632 // clang-format on |
| (...skipping 11 matching lines...) Expand all Loading... |
| 634 return; | 644 return; |
| 635 } | 645 } |
| 636 // Set the client's preferred version to a supported version that | 646 // Set the client's preferred version to a supported version that |
| 637 // is not the "current" version (supported_versions_.front()). | 647 // is not the "current" version (supported_versions_.front()). |
| 638 string bad_version = | 648 string bad_version = |
| 639 QuicUtils::TagToString(QuicVersionToQuicTag(supported_versions_.back())); | 649 QuicUtils::TagToString(QuicVersionToQuicTag(supported_versions_.back())); |
| 640 | 650 |
| 641 // clang-format off | 651 // clang-format off |
| 642 CryptoHandshakeMessage msg = CryptoTestUtils::Message( | 652 CryptoHandshakeMessage msg = CryptoTestUtils::Message( |
| 643 "CHLO", | 653 "CHLO", |
| 654 "PDMD", "X509", |
| 644 "VER\0", bad_version.c_str(), | 655 "VER\0", bad_version.c_str(), |
| 645 "$padding", static_cast<int>(kClientHelloMinimumSize), | 656 "$padding", static_cast<int>(kClientHelloMinimumSize), |
| 646 nullptr); | 657 nullptr); |
| 647 // clang-format on | 658 // clang-format on |
| 648 ShouldFailMentioning("Downgrade", msg); | 659 ShouldFailMentioning("Downgrade", msg); |
| 649 const HandshakeFailureReason kRejectReasons[] = { | 660 const HandshakeFailureReason kRejectReasons[] = { |
| 650 SERVER_CONFIG_INCHOATE_HELLO_FAILURE}; | 661 SERVER_CONFIG_INCHOATE_HELLO_FAILURE}; |
| 651 CheckRejectReasons(kRejectReasons, arraysize(kRejectReasons)); | 662 CheckRejectReasons(kRejectReasons, arraysize(kRejectReasons)); |
| 652 } | 663 } |
| 653 | 664 |
| 654 TEST_P(CryptoServerTest, CorruptServerConfig) { | 665 TEST_P(CryptoServerTest, CorruptServerConfig) { |
| 655 // This tests corrupted server config. | 666 // This tests corrupted server config. |
| 656 // clang-format off | 667 // clang-format off |
| 657 CryptoHandshakeMessage msg = CryptoTestUtils::Message( | 668 CryptoHandshakeMessage msg = CryptoTestUtils::Message( |
| 658 "CHLO", | 669 "CHLO", |
| 670 "PDMD", "X509", |
| 659 "AEAD", "AESG", | 671 "AEAD", "AESG", |
| 660 "KEXS", "C255", | 672 "KEXS", "C255", |
| 661 "SCID", (string(1, 'X') + scid_hex_).c_str(), | 673 "SCID", (string(1, 'X') + scid_hex_).c_str(), |
| 662 "#004b5453", srct_hex_.c_str(), | 674 "#004b5453", srct_hex_.c_str(), |
| 663 "PUBS", pub_hex_.c_str(), | 675 "PUBS", pub_hex_.c_str(), |
| 664 "NONC", nonce_hex_.c_str(), | 676 "NONC", nonce_hex_.c_str(), |
| 665 "VER\0", client_version_string_.c_str(), | 677 "VER\0", client_version_string_.c_str(), |
| 666 "$padding", static_cast<int>(kClientHelloMinimumSize), | 678 "$padding", static_cast<int>(kClientHelloMinimumSize), |
| 667 nullptr); | 679 nullptr); |
| 668 // clang-format on | 680 // clang-format on |
| 669 ShouldSucceed(msg); | 681 ShouldSucceed(msg); |
| 670 CheckRejectTag(); | 682 CheckRejectTag(); |
| 671 const HandshakeFailureReason kRejectReasons[] = { | 683 const HandshakeFailureReason kRejectReasons[] = { |
| 672 SERVER_CONFIG_UNKNOWN_CONFIG_FAILURE}; | 684 SERVER_CONFIG_UNKNOWN_CONFIG_FAILURE}; |
| 673 CheckRejectReasons(kRejectReasons, arraysize(kRejectReasons)); | 685 CheckRejectReasons(kRejectReasons, arraysize(kRejectReasons)); |
| 674 } | 686 } |
| 675 | 687 |
| 676 TEST_P(CryptoServerTest, CorruptSourceAddressToken) { | 688 TEST_P(CryptoServerTest, CorruptSourceAddressToken) { |
| 677 // This tests corrupted source address token. | 689 // This tests corrupted source address token. |
| 678 // clang-format off | 690 // clang-format off |
| 679 CryptoHandshakeMessage msg = CryptoTestUtils::Message( | 691 CryptoHandshakeMessage msg = CryptoTestUtils::Message( |
| 680 "CHLO", | 692 "CHLO", |
| 693 "PDMD", "X509", |
| 681 "AEAD", "AESG", | 694 "AEAD", "AESG", |
| 682 "KEXS", "C255", | 695 "KEXS", "C255", |
| 683 "SCID", scid_hex_.c_str(), | 696 "SCID", scid_hex_.c_str(), |
| 684 "#004b5453", (string(1, 'X') + srct_hex_).c_str(), | 697 "#004b5453", (string(1, 'X') + srct_hex_).c_str(), |
| 685 "PUBS", pub_hex_.c_str(), | 698 "PUBS", pub_hex_.c_str(), |
| 686 "NONC", nonce_hex_.c_str(), | 699 "NONC", nonce_hex_.c_str(), |
| 687 "XLCT", XlctHexString().c_str(), | 700 "XLCT", XlctHexString().c_str(), |
| 688 "VER\0", client_version_string_.c_str(), | 701 "VER\0", client_version_string_.c_str(), |
| 689 "$padding", static_cast<int>(kClientHelloMinimumSize), | 702 "$padding", static_cast<int>(kClientHelloMinimumSize), |
| 690 nullptr); | 703 nullptr); |
| 691 // clang-format on | 704 // clang-format on |
| 692 ShouldSucceed(msg); | 705 ShouldSucceed(msg); |
| 693 CheckRejectTag(); | 706 CheckRejectTag(); |
| 694 const HandshakeFailureReason kRejectReasons[] = { | 707 const HandshakeFailureReason kRejectReasons[] = { |
| 695 SOURCE_ADDRESS_TOKEN_DECRYPTION_FAILURE}; | 708 SOURCE_ADDRESS_TOKEN_DECRYPTION_FAILURE}; |
| 696 CheckRejectReasons(kRejectReasons, arraysize(kRejectReasons)); | 709 CheckRejectReasons(kRejectReasons, arraysize(kRejectReasons)); |
| 697 } | 710 } |
| 698 | 711 |
| 699 TEST_P(CryptoServerTest, CorruptClientNonceAndSourceAddressToken) { | 712 TEST_P(CryptoServerTest, CorruptClientNonceAndSourceAddressToken) { |
| 700 // This test corrupts client nonce and source address token. | 713 // This test corrupts client nonce and source address token. |
| 701 // clang-format off | 714 // clang-format off |
| 702 CryptoHandshakeMessage msg = CryptoTestUtils::Message( | 715 CryptoHandshakeMessage msg = CryptoTestUtils::Message( |
| 703 "CHLO", | 716 "CHLO", |
| 717 "PDMD", "X509", |
| 704 "AEAD", "AESG", | 718 "AEAD", "AESG", |
| 705 "KEXS", "C255", | 719 "KEXS", "C255", |
| 706 "SCID", scid_hex_.c_str(), | 720 "SCID", scid_hex_.c_str(), |
| 707 "#004b5453", (string(1, 'X') + srct_hex_).c_str(), | 721 "#004b5453", (string(1, 'X') + srct_hex_).c_str(), |
| 708 "PUBS", pub_hex_.c_str(), | 722 "PUBS", pub_hex_.c_str(), |
| 709 "NONC", (string(1, 'X') + nonce_hex_).c_str(), | 723 "NONC", (string(1, 'X') + nonce_hex_).c_str(), |
| 710 "XLCT", XlctHexString().c_str(), | 724 "XLCT", XlctHexString().c_str(), |
| 711 "VER\0", client_version_string_.c_str(), | 725 "VER\0", client_version_string_.c_str(), |
| 712 "$padding", static_cast<int>(kClientHelloMinimumSize), | 726 "$padding", static_cast<int>(kClientHelloMinimumSize), |
| 713 nullptr); | 727 nullptr); |
| 714 // clang-format on | 728 // clang-format on |
| 715 ShouldSucceed(msg); | 729 ShouldSucceed(msg); |
| 716 CheckRejectTag(); | 730 CheckRejectTag(); |
| 717 const HandshakeFailureReason kRejectReasons[] = { | 731 const HandshakeFailureReason kRejectReasons[] = { |
| 718 SOURCE_ADDRESS_TOKEN_DECRYPTION_FAILURE, CLIENT_NONCE_INVALID_FAILURE}; | 732 SOURCE_ADDRESS_TOKEN_DECRYPTION_FAILURE, CLIENT_NONCE_INVALID_FAILURE}; |
| 719 CheckRejectReasons(kRejectReasons, arraysize(kRejectReasons)); | 733 CheckRejectReasons(kRejectReasons, arraysize(kRejectReasons)); |
| 720 } | 734 } |
| 721 | 735 |
| 722 TEST_P(CryptoServerTest, CorruptMultipleTags) { | 736 TEST_P(CryptoServerTest, CorruptMultipleTags) { |
| 723 // This test corrupts client nonce, server nonce and source address token. | 737 // This test corrupts client nonce, server nonce and source address token. |
| 724 // clang-format off | 738 // clang-format off |
| 725 CryptoHandshakeMessage msg = CryptoTestUtils::Message( | 739 CryptoHandshakeMessage msg = CryptoTestUtils::Message( |
| 726 "CHLO", | 740 "CHLO", |
| 741 "PDMD", "X509", |
| 727 "AEAD", "AESG", | 742 "AEAD", "AESG", |
| 728 "KEXS", "C255", | 743 "KEXS", "C255", |
| 729 "SCID", scid_hex_.c_str(), | 744 "SCID", scid_hex_.c_str(), |
| 730 "#004b5453", (string(1, 'X') + srct_hex_).c_str(), | 745 "#004b5453", (string(1, 'X') + srct_hex_).c_str(), |
| 731 "PUBS", pub_hex_.c_str(), | 746 "PUBS", pub_hex_.c_str(), |
| 732 "NONC", (string(1, 'X') + nonce_hex_).c_str(), | 747 "NONC", (string(1, 'X') + nonce_hex_).c_str(), |
| 733 "NONP", (string(1, 'X') + nonce_hex_).c_str(), | 748 "NONP", (string(1, 'X') + nonce_hex_).c_str(), |
| 734 "SNO\0", (string(1, 'X') + nonce_hex_).c_str(), | 749 "SNO\0", (string(1, 'X') + nonce_hex_).c_str(), |
| 735 "XLCT", XlctHexString().c_str(), | 750 "XLCT", XlctHexString().c_str(), |
| 736 "VER\0", client_version_string_.c_str(), | 751 "VER\0", client_version_string_.c_str(), |
| (...skipping 14 matching lines...) Expand all Loading... |
| 751 CheckRejectReasons(kRejectReasons, arraysize(kRejectReasons)); | 766 CheckRejectReasons(kRejectReasons, arraysize(kRejectReasons)); |
| 752 }; | 767 }; |
| 753 } | 768 } |
| 754 | 769 |
| 755 TEST_P(CryptoServerTest, NoServerNonce) { | 770 TEST_P(CryptoServerTest, NoServerNonce) { |
| 756 // When no server nonce is present and no strike register is configured, | 771 // When no server nonce is present and no strike register is configured, |
| 757 // the CHLO should be rejected. | 772 // the CHLO should be rejected. |
| 758 // clang-format off | 773 // clang-format off |
| 759 CryptoHandshakeMessage msg = CryptoTestUtils::Message( | 774 CryptoHandshakeMessage msg = CryptoTestUtils::Message( |
| 760 "CHLO", | 775 "CHLO", |
| 776 "PDMD", "X509", |
| 761 "AEAD", "AESG", | 777 "AEAD", "AESG", |
| 762 "KEXS", "C255", | 778 "KEXS", "C255", |
| 763 "SCID", scid_hex_.c_str(), | 779 "SCID", scid_hex_.c_str(), |
| 764 "#004b5453", srct_hex_.c_str(), | 780 "#004b5453", srct_hex_.c_str(), |
| 765 "PUBS", pub_hex_.c_str(), | 781 "PUBS", pub_hex_.c_str(), |
| 766 "NONC", nonce_hex_.c_str(), | 782 "NONC", nonce_hex_.c_str(), |
| 767 "NONP", nonce_hex_.c_str(), | 783 "NONP", nonce_hex_.c_str(), |
| 768 "XLCT", XlctHexString().c_str(), | 784 "XLCT", XlctHexString().c_str(), |
| 769 "VER\0", client_version_string_.c_str(), | 785 "VER\0", client_version_string_.c_str(), |
| 770 "$padding", static_cast<int>(kClientHelloMinimumSize), | 786 "$padding", static_cast<int>(kClientHelloMinimumSize), |
| (...skipping 77 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 848 } | 864 } |
| 849 | 865 |
| 850 TEST_P(CryptoServerTest, RejectInvalidXlct) { | 866 TEST_P(CryptoServerTest, RejectInvalidXlct) { |
| 851 if (client_version_ <= QUIC_VERSION_25) { | 867 if (client_version_ <= QUIC_VERSION_25) { |
| 852 // XLCT tag introduced in QUIC_VERSION_26. | 868 // XLCT tag introduced in QUIC_VERSION_26. |
| 853 return; | 869 return; |
| 854 } | 870 } |
| 855 // clang-format off | 871 // clang-format off |
| 856 CryptoHandshakeMessage msg = CryptoTestUtils::Message( | 872 CryptoHandshakeMessage msg = CryptoTestUtils::Message( |
| 857 "CHLO", | 873 "CHLO", |
| 874 "PDMD", "X509", |
| 858 "AEAD", "AESG", | 875 "AEAD", "AESG", |
| 859 "KEXS", "C255", | 876 "KEXS", "C255", |
| 860 "SCID", scid_hex_.c_str(), | 877 "SCID", scid_hex_.c_str(), |
| 861 "#004b5453", srct_hex_.c_str(), | 878 "#004b5453", srct_hex_.c_str(), |
| 862 "PUBS", pub_hex_.c_str(), | 879 "PUBS", pub_hex_.c_str(), |
| 863 "NONC", nonce_hex_.c_str(), | 880 "NONC", nonce_hex_.c_str(), |
| 864 "VER\0", client_version_string_.c_str(), | 881 "VER\0", client_version_string_.c_str(), |
| 865 "XLCT", "#0102030405060708", | 882 "XLCT", "#0102030405060708", |
| 866 "$padding", static_cast<int>(kClientHelloMinimumSize), | 883 "$padding", static_cast<int>(kClientHelloMinimumSize), |
| 867 nullptr); | 884 nullptr); |
| 868 // clang-format on | 885 // clang-format on |
| 869 // If replay protection isn't disabled, then | 886 // If replay protection isn't disabled, then |
| 870 // QuicCryptoServerConfig::EvaluateClientHello will leave info.unique as false | 887 // QuicCryptoServerConfig::EvaluateClientHello will leave info.unique as false |
| 871 // and cause ProcessClientHello to exit early (and generate a REJ message). | 888 // and cause ProcessClientHello to exit early (and generate a REJ message). |
| 872 config_.set_replay_protection(false); | 889 config_.set_replay_protection(false); |
| 873 | 890 |
| 874 ShouldSucceed(msg); | 891 ShouldSucceed(msg); |
| 875 // clang-format off | 892 // clang-format off |
| 876 const HandshakeFailureReason kRejectReasons[] = { | 893 const HandshakeFailureReason kRejectReasons[] = { |
| 877 INVALID_EXPECTED_LEAF_CERTIFICATE | 894 INVALID_EXPECTED_LEAF_CERTIFICATE |
| 878 }; | 895 }; |
| 879 // clang-format on | 896 // clang-format on |
| 880 CheckRejectReasons(kRejectReasons, arraysize(kRejectReasons)); | 897 CheckRejectReasons(kRejectReasons, arraysize(kRejectReasons)); |
| 881 } | 898 } |
| 882 | 899 |
| 883 TEST_P(CryptoServerTest, ValidXlct) { | 900 TEST_P(CryptoServerTest, ValidXlct) { |
| 884 // clang-format off | 901 // clang-format off |
| 885 CryptoHandshakeMessage msg = CryptoTestUtils::Message( | 902 CryptoHandshakeMessage msg = CryptoTestUtils::Message( |
| 886 "CHLO", | 903 "CHLO", |
| 904 "PDMD", "X509", |
| 887 "AEAD", "AESG", | 905 "AEAD", "AESG", |
| 888 "KEXS", "C255", | 906 "KEXS", "C255", |
| 889 "SCID", scid_hex_.c_str(), | 907 "SCID", scid_hex_.c_str(), |
| 890 "#004b5453", srct_hex_.c_str(), | 908 "#004b5453", srct_hex_.c_str(), |
| 891 "PUBS", pub_hex_.c_str(), | 909 "PUBS", pub_hex_.c_str(), |
| 892 "NONC", nonce_hex_.c_str(), | 910 "NONC", nonce_hex_.c_str(), |
| 893 "NONP", "123456789012345678901234567890", | 911 "NONP", "123456789012345678901234567890", |
| 894 "VER\0", client_version_string_.c_str(), | 912 "VER\0", client_version_string_.c_str(), |
| 895 "XLCT", XlctHexString().c_str(), | 913 "XLCT", XlctHexString().c_str(), |
| 896 "$padding", static_cast<int>(kClientHelloMinimumSize), | 914 "$padding", static_cast<int>(kClientHelloMinimumSize), |
| 897 nullptr); | 915 nullptr); |
| 898 // clang-format on | 916 // clang-format on |
| 899 // If replay protection isn't disabled, then | 917 // If replay protection isn't disabled, then |
| 900 // QuicCryptoServerConfig::EvaluateClientHello will leave info.unique as false | 918 // QuicCryptoServerConfig::EvaluateClientHello will leave info.unique as false |
| 901 // and cause ProcessClientHello to exit early (and generate a REJ message). | 919 // and cause ProcessClientHello to exit early (and generate a REJ message). |
| 902 config_.set_replay_protection(false); | 920 config_.set_replay_protection(false); |
| 903 | 921 |
| 904 ShouldSucceed(msg); | 922 ShouldSucceed(msg); |
| 905 EXPECT_EQ(kSHLO, out_.tag()); | 923 EXPECT_EQ(kSHLO, out_.tag()); |
| 906 } | 924 } |
| 907 | 925 |
| 908 TEST_P(CryptoServerTest, NonceInSHLO) { | 926 TEST_P(CryptoServerTest, NonceInSHLO) { |
| 909 // After QUIC_VERSION_27, the SHLO should contain a nonce. | 927 // After QUIC_VERSION_27, the SHLO should contain a nonce. |
| 910 // clang-format off | 928 // clang-format off |
| 911 CryptoHandshakeMessage msg = CryptoTestUtils::Message( | 929 CryptoHandshakeMessage msg = CryptoTestUtils::Message( |
| 912 "CHLO", | 930 "CHLO", |
| 931 "PDMD", "X509", |
| 913 "AEAD", "AESG", | 932 "AEAD", "AESG", |
| 914 "KEXS", "C255", | 933 "KEXS", "C255", |
| 915 "SCID", scid_hex_.c_str(), | 934 "SCID", scid_hex_.c_str(), |
| 916 "#004b5453", srct_hex_.c_str(), | 935 "#004b5453", srct_hex_.c_str(), |
| 917 "PUBS", pub_hex_.c_str(), | 936 "PUBS", pub_hex_.c_str(), |
| 918 "NONC", nonce_hex_.c_str(), | 937 "NONC", nonce_hex_.c_str(), |
| 919 "VER\0", client_version_string_.c_str(), | 938 "VER\0", client_version_string_.c_str(), |
| 920 "XLCT", XlctHexString().c_str(), | 939 "XLCT", XlctHexString().c_str(), |
| 921 "$padding", static_cast<int>(kClientHelloMinimumSize), | 940 "$padding", static_cast<int>(kClientHelloMinimumSize), |
| 922 nullptr); | 941 nullptr); |
| (...skipping 92 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 1015 public: | 1034 public: |
| 1016 void SetUp() override { | 1035 void SetUp() override { |
| 1017 // Deliberately don't add a config so that we can test this situation. | 1036 // Deliberately don't add a config so that we can test this situation. |
| 1018 } | 1037 } |
| 1019 }; | 1038 }; |
| 1020 | 1039 |
| 1021 TEST_P(CryptoServerTestNoConfig, DontCrash) { | 1040 TEST_P(CryptoServerTestNoConfig, DontCrash) { |
| 1022 // clang-format off | 1041 // clang-format off |
| 1023 CryptoHandshakeMessage msg = CryptoTestUtils::Message( | 1042 CryptoHandshakeMessage msg = CryptoTestUtils::Message( |
| 1024 "CHLO", | 1043 "CHLO", |
| 1044 "PDMD", "X509", |
| 1025 "VER\0", client_version_string_.c_str(), | 1045 "VER\0", client_version_string_.c_str(), |
| 1026 "$padding", static_cast<int>(kClientHelloMinimumSize), | 1046 "$padding", static_cast<int>(kClientHelloMinimumSize), |
| 1027 nullptr); | 1047 nullptr); |
| 1028 // clang-format on | 1048 // clang-format on |
| 1029 ShouldFailMentioning("No config", msg); | 1049 ShouldFailMentioning("No config", msg); |
| 1030 | 1050 |
| 1031 const HandshakeFailureReason kRejectReasons[] = { | 1051 const HandshakeFailureReason kRejectReasons[] = { |
| 1032 SERVER_CONFIG_INCHOATE_HELLO_FAILURE}; | 1052 SERVER_CONFIG_INCHOATE_HELLO_FAILURE}; |
| 1033 CheckRejectReasons(kRejectReasons, arraysize(kRejectReasons)); | 1053 CheckRejectReasons(kRejectReasons, arraysize(kRejectReasons)); |
| 1034 } | 1054 } |
| 1035 | 1055 |
| 1036 class CryptoServerTestOldVersion : public CryptoServerTest { | 1056 class CryptoServerTestOldVersion : public CryptoServerTest { |
| 1037 public: | 1057 public: |
| 1038 void SetUp() override { | 1058 void SetUp() override { |
| 1039 client_version_ = supported_versions_.back(); | 1059 client_version_ = supported_versions_.back(); |
| 1040 client_version_string_ = | 1060 client_version_string_ = |
| 1041 QuicUtils::TagToString(QuicVersionToQuicTag(client_version_)); | 1061 QuicUtils::TagToString(QuicVersionToQuicTag(client_version_)); |
| 1042 CryptoServerTest::SetUp(); | 1062 CryptoServerTest::SetUp(); |
| 1043 } | 1063 } |
| 1044 }; | 1064 }; |
| 1045 | 1065 |
| 1046 TEST_P(CryptoServerTestOldVersion, ServerIgnoresXlct) { | 1066 TEST_P(CryptoServerTestOldVersion, ServerIgnoresXlct) { |
| 1047 // clang-format off | 1067 // clang-format off |
| 1048 CryptoHandshakeMessage msg = CryptoTestUtils::Message( | 1068 CryptoHandshakeMessage msg = CryptoTestUtils::Message( |
| 1049 "CHLO", | 1069 "CHLO", |
| 1070 "PDMD", "X509", |
| 1050 "AEAD", "AESG", | 1071 "AEAD", "AESG", |
| 1051 "KEXS", "C255", | 1072 "KEXS", "C255", |
| 1052 "SCID", scid_hex_.c_str(), | 1073 "SCID", scid_hex_.c_str(), |
| 1053 "#004b5453", srct_hex_.c_str(), | 1074 "#004b5453", srct_hex_.c_str(), |
| 1054 "PUBS", pub_hex_.c_str(), | 1075 "PUBS", pub_hex_.c_str(), |
| 1055 "NONC", nonce_hex_.c_str(), | 1076 "NONC", nonce_hex_.c_str(), |
| 1056 "VER\0", client_version_string_.c_str(), | 1077 "VER\0", client_version_string_.c_str(), |
| 1057 "XLCT", "#0100000000000000", | 1078 "XLCT", "#0100000000000000", |
| 1058 "$padding", static_cast<int>(kClientHelloMinimumSize), | 1079 "$padding", static_cast<int>(kClientHelloMinimumSize), |
| 1059 nullptr); | 1080 nullptr); |
| 1060 // clang-format on | 1081 // clang-format on |
| 1061 // If replay protection isn't disabled, then | 1082 // If replay protection isn't disabled, then |
| 1062 // QuicCryptoServerConfig::EvaluateClientHello will leave info.unique as false | 1083 // QuicCryptoServerConfig::EvaluateClientHello will leave info.unique as false |
| 1063 // and cause ProcessClientHello to exit early (and generate a REJ message). | 1084 // and cause ProcessClientHello to exit early (and generate a REJ message). |
| 1064 config_.set_replay_protection(false); | 1085 config_.set_replay_protection(false); |
| 1065 | 1086 |
| 1066 ShouldSucceed(msg); | 1087 ShouldSucceed(msg); |
| 1067 EXPECT_EQ(kSHLO, out_.tag()); | 1088 EXPECT_EQ(kSHLO, out_.tag()); |
| 1068 } | 1089 } |
| 1069 | 1090 |
| 1070 TEST_P(CryptoServerTestOldVersion, XlctNotRequired) { | 1091 TEST_P(CryptoServerTestOldVersion, XlctNotRequired) { |
| 1071 // clang-format off | 1092 // clang-format off |
| 1072 CryptoHandshakeMessage msg = CryptoTestUtils::Message( | 1093 CryptoHandshakeMessage msg = CryptoTestUtils::Message( |
| 1073 "CHLO", | 1094 "CHLO", |
| 1095 "PDMD", "X509", |
| 1074 "AEAD", "AESG", | 1096 "AEAD", "AESG", |
| 1075 "KEXS", "C255", | 1097 "KEXS", "C255", |
| 1076 "SCID", scid_hex_.c_str(), | 1098 "SCID", scid_hex_.c_str(), |
| 1077 "#004b5453", srct_hex_.c_str(), | 1099 "#004b5453", srct_hex_.c_str(), |
| 1078 "PUBS", pub_hex_.c_str(), | 1100 "PUBS", pub_hex_.c_str(), |
| 1079 "NONC", nonce_hex_.c_str(), | 1101 "NONC", nonce_hex_.c_str(), |
| 1080 "VER\0", client_version_string_.c_str(), | 1102 "VER\0", client_version_string_.c_str(), |
| 1081 "$padding", static_cast<int>(kClientHelloMinimumSize), | 1103 "$padding", static_cast<int>(kClientHelloMinimumSize), |
| 1082 nullptr); | 1104 nullptr); |
| 1083 // clang-format on | 1105 // clang-format on |
| (...skipping 25 matching lines...) Expand all Loading... |
| 1109 } | 1131 } |
| 1110 | 1132 |
| 1111 DelayedVerifyStrikeRegisterClient* strike_register_client_; | 1133 DelayedVerifyStrikeRegisterClient* strike_register_client_; |
| 1112 }; | 1134 }; |
| 1113 | 1135 |
| 1114 TEST_P(AsyncStrikeServerVerificationTest, AsyncReplayProtection) { | 1136 TEST_P(AsyncStrikeServerVerificationTest, AsyncReplayProtection) { |
| 1115 // This tests async validation with a strike register works. | 1137 // This tests async validation with a strike register works. |
| 1116 // clang-format off | 1138 // clang-format off |
| 1117 CryptoHandshakeMessage msg = CryptoTestUtils::Message( | 1139 CryptoHandshakeMessage msg = CryptoTestUtils::Message( |
| 1118 "CHLO", | 1140 "CHLO", |
| 1141 "PDMD", "X509", |
| 1119 "AEAD", "AESG", | 1142 "AEAD", "AESG", |
| 1120 "KEXS", "C255", | 1143 "KEXS", "C255", |
| 1121 "SCID", scid_hex_.c_str(), | 1144 "SCID", scid_hex_.c_str(), |
| 1122 "#004b5453", srct_hex_.c_str(), | 1145 "#004b5453", srct_hex_.c_str(), |
| 1123 "PUBS", pub_hex_.c_str(), | 1146 "PUBS", pub_hex_.c_str(), |
| 1124 "NONC", nonce_hex_.c_str(), | 1147 "NONC", nonce_hex_.c_str(), |
| 1125 "VER\0", client_version_string_.c_str(), | 1148 "VER\0", client_version_string_.c_str(), |
| 1126 "$padding", static_cast<int>(kClientHelloMinimumSize), | 1149 "$padding", static_cast<int>(kClientHelloMinimumSize), |
| 1127 nullptr); | 1150 nullptr); |
| 1128 // clang-format on | 1151 // clang-format on |
| (...skipping 28 matching lines...) Expand all Loading... |
| 1157 | 1180 |
| 1158 strike_register_client_->RunPendingVerifications(); | 1181 strike_register_client_->RunPendingVerifications(); |
| 1159 ASSERT_TRUE(called); | 1182 ASSERT_TRUE(called); |
| 1160 EXPECT_EQ(0, strike_register_client_->PendingVerifications()); | 1183 EXPECT_EQ(0, strike_register_client_->PendingVerifications()); |
| 1161 // The message should be rejected now. | 1184 // The message should be rejected now. |
| 1162 CheckRejectTag(); | 1185 CheckRejectTag(); |
| 1163 } | 1186 } |
| 1164 | 1187 |
| 1165 } // namespace test | 1188 } // namespace test |
| 1166 } // namespace net | 1189 } // namespace net |
| OLD | NEW |
|---|
Chromium Code Reviews
Issue 2126053003:
Require support for X509 certificates in QUIC CHLO PDMDs. Protected by --quic_require_x509 (Closed)
Base URL: https://chromium.googlesource.com/chromium/src.git@126432842