Landing Recent QUIC changes until 4AM, Aug 7, 2016 UTC-4

net/quic/test_tools/crypto_test_utils.cc

 // Copyright (c) 2012 The Chromium Authors. All rights reserved.
 // Use of this source code is governed by a BSD-style license that can be
 // found in the LICENSE file.
 
 #include "net/quic/test_tools/crypto_test_utils.h"
 
 #include <openssl/bn.h>
 #include <openssl/ec.h>
 #include <openssl/ecdsa.h>
 #include <openssl/evp.h>
 #include <openssl/obj_mac.h>
 #include <openssl/sha.h>
 
 #include <memory>
 
 #include "base/strings/string_util.h"
 #include "crypto/openssl_util.h"
 #include "crypto/scoped_openssl_types.h"
 #include "crypto/secure_hash.h"
 #include "net/quic/core/crypto/channel_id.h"
 #include "net/quic/core/crypto/common_cert_set.h"
 #include "net/quic/core/crypto/crypto_handshake.h"
+#include "net/quic/core/crypto/crypto_server_config_protobuf.h"
 #include "net/quic/core/crypto/quic_crypto_server_config.h"
 #include "net/quic/core/crypto/quic_decrypter.h"
 #include "net/quic/core/crypto/quic_encrypter.h"
 #include "net/quic/core/crypto/quic_random.h"
 #include "net/quic/core/quic_clock.h"
 #include "net/quic/core/quic_crypto_client_stream.h"
 #include "net/quic/core/quic_crypto_server_stream.h"
 #include "net/quic/core/quic_crypto_stream.h"
 #include "net/quic/core/quic_server_id.h"
 #include "net/quic/core/quic_utils.h"
@@ skipping 259 matching lines @@
 
   void RunImpl(const CryptoHandshakeMessage& client_hello,
                const ValidateClientHelloResultCallback::Result& result,
                std::unique_ptr<ProofSource::Details> /* details */) override {
     QuicCryptoNegotiatedParameters params;
     string error_details;
     DiversificationNonce diversification_nonce;
     CryptoHandshakeMessage rej;
     crypto_config_->ProcessClientHello(
         result, /*reject_only=*/false, /*connection_id=*/1, server_ip_,
-        client_addr_, QuicSupportedVersions().front(), QuicSupportedVersions(),
+        client_addr_, AllSupportedVersions().front(), AllSupportedVersions(),
         /*use_stateless_rejects=*/true, /*server_designated_connection_id=*/0,
         clock_, QuicRandom::GetInstance(), compressed_certs_cache_, &params,
-        proof_, &rej, &diversification_nonce, &error_details);
+        proof_, /*total_framing_overhead=*/50, kDefaultMaxPacketSize, &rej,
+        &diversification_nonce, &error_details);
     // Verify output is a REJ or SREJ.
     EXPECT_THAT(rej.tag(),
                 testing::AnyOf(testing::Eq(kSREJ), testing::Eq(kREJ)));
 
     VLOG(1) << "Extract valid STK and SCID from\n" << rej.DebugString();
     StringPiece srct;
     ASSERT_TRUE(rej.GetStringPiece(kSourceAddressTokenTag, &srct));
 
     StringPiece scfg;
     ASSERT_TRUE(rej.GetStringPiece(kSCFG, &scfg));
@@ skipping 200 matching lines @@
   return it->second;
 }
 
 uint64_t CryptoTestUtils::LeafCertHashForTesting() {
   scoped_refptr<ProofSource::Chain> chain;
   IPAddress server_ip;
   string sig;
   string cert_sct;
   std::unique_ptr<ProofSource> proof_source(
       CryptoTestUtils::ProofSourceForTesting());
-  if (!proof_source->GetProof(server_ip, "", "",
-                              QuicSupportedVersions().front(), "", &chain, &sig,
-                              &cert_sct) ||
+  if (!proof_source->GetProof(server_ip, "", "", AllSupportedVersions().front(),
+                              "", &chain, &sig, &cert_sct) ||
       chain->certs.empty()) {
     DCHECK(false) << "Proof generation failed";
     return 0;
   }
 
   return QuicUtils::FNV1a_64_Hash(chain->certs.at(0).c_str(),
                                   chain->certs.at(0).length());
 }
 
 class MockCommonCertSets : public CommonCertSets {
@@ skipping 337 matching lines @@
       // The framer will be unable to decrypt forward-secure packets sent after
       // the handshake is complete. Don't treat them as handshake packets.
       break;
     }
 
     for (const QuicStreamFrame* stream_frame : framer.stream_frames()) {
       ASSERT_TRUE(crypto_framer.ProcessInput(
           StringPiece(stream_frame->data_buffer, stream_frame->data_length)));
       ASSERT_FALSE(crypto_visitor.error());
     }
+    QuicConnectionPeer::SetCurrentPacket(
+        dest_conn, source_conn->encrypted_packets_[index]->AsStringPiece());
   }
   *inout_packet_index = index;
 
   QuicConnectionPeer::SwapCrypters(dest_conn, framer.framer());
 
   ASSERT_EQ(0u, crypto_framer.InputBytesRemaining());
 
   for (const CryptoHandshakeMessage& message : crypto_visitor.messages()) {
     dest_stream->OnHandshakeMessage(message);
   }
+  QuicConnectionPeer::SetCurrentPacket(dest_conn, StringPiece(nullptr, 0));
+}
+
+CryptoHandshakeMessage CryptoTestUtils::GenerateDefaultInchoateCHLO(
+    const QuicClock* clock,
+    QuicVersion version,
+    QuicCryptoServerConfig* crypto_config) {
+  // clang-format off
+  return CryptoTestUtils::Message(
+      "CHLO",
+      "PDMD", "X509",
+      "AEAD", "AESG",
+      "KEXS", "C255",
+      "PUBS", CryptoTestUtils::GenerateClientPublicValuesHex().c_str(),
+      "NONC", CryptoTestUtils::GenerateClientNonceHex(clock,
+                                                      crypto_config).c_str(),
+      "VER\0", QuicUtils::TagToString(
+          QuicVersionToQuicTag(version)).c_str(),
+      "$padding", static_cast<int>(kClientHelloMinimumSize),
+      nullptr);
+  // clang-format on
+}
+
+string CryptoTestUtils::GenerateClientNonceHex(
+    const QuicClock* clock,
+    QuicCryptoServerConfig* crypto_config) {
+  net::QuicCryptoServerConfig::ConfigOptions old_config_options;
+  net::QuicCryptoServerConfig::ConfigOptions new_config_options;
+  old_config_options.id = "old-config-id";
+  delete crypto_config->AddDefaultConfig(net::QuicRandom::GetInstance(), clock,
+                                         old_config_options);
+  std::unique_ptr<QuicServerConfigProtobuf> primary_config(
+      crypto_config->GenerateConfig(net::QuicRandom::GetInstance(), clock,
+                                    new_config_options));
+  primary_config->set_primary_time(clock->WallNow().ToUNIXSeconds());
+  std::unique_ptr<net::CryptoHandshakeMessage> msg(
+      crypto_config->AddConfig(primary_config.get(), clock->WallNow()));
+  StringPiece orbit;
+  CHECK(msg->GetStringPiece(net::kORBT, &orbit));
+  string nonce;
+  net::CryptoUtils::GenerateNonce(
+      clock->WallNow(), net::QuicRandom::GetInstance(),
+      StringPiece(reinterpret_cast<const char*>(orbit.data()),
+                  sizeof(orbit.size())),
+      &nonce);
+  return ("#" + net::QuicUtils::HexEncode(nonce));
+}
+
+string CryptoTestUtils::GenerateClientPublicValuesHex() {
+  char public_value[32];
+  memset(public_value, 42, sizeof(public_value));
+  return ("#" + net::QuicUtils::HexEncode(public_value, sizeof(public_value)));
 }
 
 // static
 void CryptoTestUtils::GenerateFullCHLO(
     const CryptoHandshakeMessage& inchoate_chlo,
     QuicCryptoServerConfig* crypto_config,
     IPAddress server_ip,
     IPEndPoint client_addr,
     QuicVersion version,
     const QuicClock* clock,
     QuicCryptoProof* proof,
     QuicCompressedCertsCache* compressed_certs_cache,
     CryptoHandshakeMessage* out) {
   // Pass a inchoate CHLO.
   crypto_config->ValidateClientHello(
       inchoate_chlo, client_addr.address(), server_ip, version, clock, proof,
       new FullChloGenerator(crypto_config, server_ip, client_addr, clock, proof,
                             compressed_certs_cache, out));
 }
 
 }  // namespace test
 }  // namespace net