| OLD | NEW |
|---|
| 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. | 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. |
| 2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
| 3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
| 4 | 4 |
| 5 #include "net/quic/test_tools/crypto_test_utils.h" | 5 #include "net/quic/test_tools/crypto_test_utils.h" |
| 6 | 6 |
| 7 #include <openssl/bn.h> | 7 #include <openssl/bn.h> |
| 8 #include <openssl/ec.h> | 8 #include <openssl/ec.h> |
| 9 #include <openssl/ecdsa.h> | 9 #include <openssl/ecdsa.h> |
| 10 #include <openssl/evp.h> | 10 #include <openssl/evp.h> |
| (...skipping 251 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 262 } // anonymous namespace | 262 } // anonymous namespace |
| 263 | 263 |
| 264 CryptoTestUtils::FakeServerOptions::FakeServerOptions() | 264 CryptoTestUtils::FakeServerOptions::FakeServerOptions() |
| 265 : token_binding_enabled(false) {} | 265 : token_binding_enabled(false) {} |
| 266 | 266 |
| 267 CryptoTestUtils::FakeClientOptions::FakeClientOptions() | 267 CryptoTestUtils::FakeClientOptions::FakeClientOptions() |
| 268 : channel_id_enabled(false), | 268 : channel_id_enabled(false), |
| 269 channel_id_source_async(false), | 269 channel_id_source_async(false), |
| 270 token_binding_enabled(false) {} | 270 token_binding_enabled(false) {} |
| 271 | 271 |
| 272 namespace { |
| 273 // This class is used by GenerateFullCHLO() to extract SCID and STK from |
| 274 // REJ/SREJ and to construct a full CHLO with these fields and given inchoate |
| 275 // CHLO. |
| 276 class FullChloGenerator : public ValidateClientHelloResultCallback { |
| 277 public: |
| 278 FullChloGenerator(QuicCryptoServerConfig* crypto_config, |
| 279 IPAddress server_ip, |
| 280 IPEndPoint client_addr, |
| 281 const QuicClock* clock, |
| 282 QuicCryptoProof* proof, |
| 283 QuicCompressedCertsCache* compressed_certs_cache, |
| 284 CryptoHandshakeMessage* out) |
| 285 : crypto_config_(crypto_config), |
| 286 server_ip_(server_ip), |
| 287 client_addr_(client_addr), |
| 288 clock_(clock), |
| 289 proof_(proof), |
| 290 compressed_certs_cache_(compressed_certs_cache), |
| 291 out_(out) {} |
| 292 |
| 293 void RunImpl( |
| 294 const CryptoHandshakeMessage& client_hello, |
| 295 const ValidateClientHelloResultCallback::Result& result) override { |
| 296 QuicCryptoNegotiatedParameters params; |
| 297 string error_details; |
| 298 DiversificationNonce diversification_nonce; |
| 299 CryptoHandshakeMessage rej; |
| 300 crypto_config_->ProcessClientHello( |
| 301 result, /*reject_only=*/false, /*connection_id=*/1, server_ip_, |
| 302 client_addr_, QuicSupportedVersions().front(), QuicSupportedVersions(), |
| 303 /*use_stateless_rejects=*/true, /*server_designated_connection_id=*/0, |
| 304 clock_, QuicRandom::GetInstance(), compressed_certs_cache_, ¶ms, |
| 305 proof_, &rej, &diversification_nonce, &error_details); |
| 306 // Verify output is a REJ or SREJ. |
| 307 EXPECT_THAT(rej.tag(), |
| 308 testing::AnyOf(testing::Eq(kSREJ), testing::Eq(kREJ))); |
| 309 |
| 310 VLOG(1) << "Extract valid STK and SCID from\n" << rej.DebugString(); |
| 311 StringPiece srct; |
| 312 ASSERT_TRUE(rej.GetStringPiece(kSourceAddressTokenTag, &srct)); |
| 313 |
| 314 StringPiece scfg; |
| 315 ASSERT_TRUE(rej.GetStringPiece(kSCFG, &scfg)); |
| 316 std::unique_ptr<CryptoHandshakeMessage> server_config( |
| 317 CryptoFramer::ParseMessage(scfg)); |
| 318 |
| 319 StringPiece scid; |
| 320 ASSERT_TRUE(server_config->GetStringPiece(kSCID, &scid)); |
| 321 |
| 322 *out_ = client_hello; |
| 323 out_->SetStringPiece(kSCID, scid); |
| 324 out_->SetStringPiece(kSourceAddressTokenTag, srct); |
| 325 uint64_t xlct = CryptoTestUtils::LeafCertHashForTesting(); |
| 326 out_->SetValue(kXLCT, xlct); |
| 327 } |
| 328 |
| 329 protected: |
| 330 QuicCryptoServerConfig* crypto_config_; |
| 331 IPAddress server_ip_; |
| 332 IPEndPoint client_addr_; |
| 333 const QuicClock* clock_; |
| 334 QuicCryptoProof* proof_; |
| 335 QuicCompressedCertsCache* compressed_certs_cache_; |
| 336 CryptoHandshakeMessage* out_; |
| 337 }; |
| 338 } // namespace |
| 339 |
| 272 // static | 340 // static |
| 273 int CryptoTestUtils::HandshakeWithFakeServer( | 341 int CryptoTestUtils::HandshakeWithFakeServer( |
| 274 QuicConfig* server_quic_config, | 342 QuicConfig* server_quic_config, |
| 275 MockQuicConnectionHelper* helper, | 343 MockQuicConnectionHelper* helper, |
| 276 MockAlarmFactory* alarm_factory, | 344 MockAlarmFactory* alarm_factory, |
| 277 PacketSavingConnection* client_conn, | 345 PacketSavingConnection* client_conn, |
| 278 QuicCryptoClientStream* client, | 346 QuicCryptoClientStream* client, |
| 279 const FakeServerOptions& options) { | 347 const FakeServerOptions& options) { |
| 280 PacketSavingConnection* server_conn = | 348 PacketSavingConnection* server_conn = |
| 281 new PacketSavingConnection(helper, alarm_factory, Perspective::IS_SERVER, | 349 new PacketSavingConnection(helper, alarm_factory, Perspective::IS_SERVER, |
| (...skipping 538 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 820 | 888 |
| 821 QuicConnectionPeer::SwapCrypters(dest_conn, framer.framer()); | 889 QuicConnectionPeer::SwapCrypters(dest_conn, framer.framer()); |
| 822 | 890 |
| 823 ASSERT_EQ(0u, crypto_framer.InputBytesRemaining()); | 891 ASSERT_EQ(0u, crypto_framer.InputBytesRemaining()); |
| 824 | 892 |
| 825 for (const CryptoHandshakeMessage& message : crypto_visitor.messages()) { | 893 for (const CryptoHandshakeMessage& message : crypto_visitor.messages()) { |
| 826 dest_stream->OnHandshakeMessage(message); | 894 dest_stream->OnHandshakeMessage(message); |
| 827 } | 895 } |
| 828 } | 896 } |
| 829 | 897 |
| 898 // static |
| 899 void CryptoTestUtils::GenerateFullCHLO( |
| 900 const CryptoHandshakeMessage& inchoate_chlo, |
| 901 QuicCryptoServerConfig* crypto_config, |
| 902 IPAddress server_ip, |
| 903 IPEndPoint client_addr, |
| 904 QuicVersion version, |
| 905 const QuicClock* clock, |
| 906 QuicCryptoProof* proof, |
| 907 QuicCompressedCertsCache* compressed_certs_cache, |
| 908 CryptoHandshakeMessage* out) { |
| 909 // Pass a inchoate CHLO. |
| 910 crypto_config->ValidateClientHello( |
| 911 inchoate_chlo, client_addr.address(), server_ip, version, clock, proof, |
| 912 new FullChloGenerator(crypto_config, server_ip, client_addr, clock, proof, |
| 913 compressed_certs_cache, out)); |
| 914 } |
| 915 |
| 830 } // namespace test | 916 } // namespace test |
| 831 } // namespace net | 917 } // namespace net |
| OLD | NEW |
|---|
Chromium Code Reviews
Issue 2181773002:
Add a test helper method to construct a full CHLO. (Closed)
Base URL: https://chromium.googlesource.com/chromium/src.git@127821412