| OLD | NEW |
|---|
| 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. | 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. |
| 2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
| 3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
| 4 | 4 |
| 5 #include "net/quic/test_tools/crypto_test_utils.h" | 5 #include "net/quic/test_tools/crypto_test_utils.h" |
| 6 | 6 |
| 7 #include <memory> | 7 #include <memory> |
| 8 | 8 |
| 9 #include "base/strings/string_util.h" | 9 #include "base/strings/string_util.h" |
| 10 #include "crypto/openssl_util.h" | 10 #include "crypto/openssl_util.h" |
| (...skipping 260 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 271 namespace { | 271 namespace { |
| 272 // This class is used by GenerateFullCHLO() to extract SCID and STK from | 272 // This class is used by GenerateFullCHLO() to extract SCID and STK from |
| 273 // REJ/SREJ and to construct a full CHLO with these fields and given inchoate | 273 // REJ/SREJ and to construct a full CHLO with these fields and given inchoate |
| 274 // CHLO. | 274 // CHLO. |
| 275 class FullChloGenerator { | 275 class FullChloGenerator { |
| 276 public: | 276 public: |
| 277 FullChloGenerator(QuicCryptoServerConfig* crypto_config, | 277 FullChloGenerator(QuicCryptoServerConfig* crypto_config, |
| 278 IPAddress server_ip, | 278 IPAddress server_ip, |
| 279 IPEndPoint client_addr, | 279 IPEndPoint client_addr, |
| 280 const QuicClock* clock, | 280 const QuicClock* clock, |
| 281 scoped_refptr<QuicCryptoProof> proof, | 281 scoped_refptr<QuicSignedServerConfig> signed_config, |
| 282 QuicCompressedCertsCache* compressed_certs_cache, | 282 QuicCompressedCertsCache* compressed_certs_cache, |
| 283 CryptoHandshakeMessage* out) | 283 CryptoHandshakeMessage* out) |
| 284 : crypto_config_(crypto_config), | 284 : crypto_config_(crypto_config), |
| 285 server_ip_(server_ip), | 285 server_ip_(server_ip), |
| 286 client_addr_(client_addr), | 286 client_addr_(client_addr), |
| 287 clock_(clock), | 287 clock_(clock), |
| 288 proof_(proof), | 288 signed_config_(signed_config), |
| 289 compressed_certs_cache_(compressed_certs_cache), | 289 compressed_certs_cache_(compressed_certs_cache), |
| 290 out_(out), | 290 out_(out), |
| 291 params_(new QuicCryptoNegotiatedParameters) {} | 291 params_(new QuicCryptoNegotiatedParameters) {} |
| 292 | 292 |
| 293 class ValidateClientHelloCallback : public ValidateClientHelloResultCallback { | 293 class ValidateClientHelloCallback : public ValidateClientHelloResultCallback { |
| 294 public: | 294 public: |
| 295 explicit ValidateClientHelloCallback(FullChloGenerator* generator) | 295 explicit ValidateClientHelloCallback(FullChloGenerator* generator) |
| 296 : generator_(generator) {} | 296 : generator_(generator) {} |
| 297 void Run(scoped_refptr<ValidateClientHelloResultCallback::Result> result, | 297 void Run(scoped_refptr<ValidateClientHelloResultCallback::Result> result, |
| 298 std::unique_ptr<ProofSource::Details> /* details */) override { | 298 std::unique_ptr<ProofSource::Details> /* details */) override { |
| (...skipping 12 matching lines...) Expand all Loading... |
| 311 | 311 |
| 312 private: | 312 private: |
| 313 void ValidateClientHelloDone( | 313 void ValidateClientHelloDone( |
| 314 scoped_refptr<ValidateClientHelloResultCallback::Result> result) { | 314 scoped_refptr<ValidateClientHelloResultCallback::Result> result) { |
| 315 result_ = result; | 315 result_ = result; |
| 316 crypto_config_->ProcessClientHello( | 316 crypto_config_->ProcessClientHello( |
| 317 result_, /*reject_only=*/false, /*connection_id=*/1, server_ip_, | 317 result_, /*reject_only=*/false, /*connection_id=*/1, server_ip_, |
| 318 client_addr_, AllSupportedVersions().front(), AllSupportedVersions(), | 318 client_addr_, AllSupportedVersions().front(), AllSupportedVersions(), |
| 319 /*use_stateless_rejects=*/true, /*server_designated_connection_id=*/0, | 319 /*use_stateless_rejects=*/true, /*server_designated_connection_id=*/0, |
| 320 clock_, QuicRandom::GetInstance(), compressed_certs_cache_, params_, | 320 clock_, QuicRandom::GetInstance(), compressed_certs_cache_, params_, |
| 321 proof_, /*total_framing_overhead=*/50, kDefaultMaxPacketSize, | 321 signed_config_, /*total_framing_overhead=*/50, kDefaultMaxPacketSize, |
| 322 GetProcessClientHelloCallback()); | 322 GetProcessClientHelloCallback()); |
| 323 } | 323 } |
| 324 | 324 |
| 325 class ProcessClientHelloCallback : public ProcessClientHelloResultCallback { | 325 class ProcessClientHelloCallback : public ProcessClientHelloResultCallback { |
| 326 public: | 326 public: |
| 327 explicit ProcessClientHelloCallback(FullChloGenerator* generator) | 327 explicit ProcessClientHelloCallback(FullChloGenerator* generator) |
| 328 : generator_(generator) {} | 328 : generator_(generator) {} |
| 329 void Run( | 329 void Run( |
| 330 QuicErrorCode error, | 330 QuicErrorCode error, |
| 331 const string& error_details, | 331 const string& error_details, |
| (...skipping 34 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 366 out_->SetStringPiece(kSourceAddressTokenTag, srct); | 366 out_->SetStringPiece(kSourceAddressTokenTag, srct); |
| 367 uint64_t xlct = CryptoTestUtils::LeafCertHashForTesting(); | 367 uint64_t xlct = CryptoTestUtils::LeafCertHashForTesting(); |
| 368 out_->SetValue(kXLCT, xlct); | 368 out_->SetValue(kXLCT, xlct); |
| 369 } | 369 } |
| 370 | 370 |
| 371 protected: | 371 protected: |
| 372 QuicCryptoServerConfig* crypto_config_; | 372 QuicCryptoServerConfig* crypto_config_; |
| 373 IPAddress server_ip_; | 373 IPAddress server_ip_; |
| 374 IPEndPoint client_addr_; | 374 IPEndPoint client_addr_; |
| 375 const QuicClock* clock_; | 375 const QuicClock* clock_; |
| 376 scoped_refptr<QuicCryptoProof> proof_; | 376 scoped_refptr<QuicSignedServerConfig> signed_config_; |
| 377 QuicCompressedCertsCache* compressed_certs_cache_; | 377 QuicCompressedCertsCache* compressed_certs_cache_; |
| 378 CryptoHandshakeMessage* out_; | 378 CryptoHandshakeMessage* out_; |
| 379 | 379 |
| 380 scoped_refptr<QuicCryptoNegotiatedParameters> params_; | 380 scoped_refptr<QuicCryptoNegotiatedParameters> params_; |
| 381 scoped_refptr<ValidateClientHelloResultCallback::Result> result_; | 381 scoped_refptr<ValidateClientHelloResultCallback::Result> result_; |
| 382 }; | 382 }; |
| 383 | 383 |
| 384 } // namespace | 384 } // namespace |
| 385 | 385 |
| 386 // static | 386 // static |
| (...skipping 173 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 560 QuicTagValueMap::const_iterator it = message.tag_value_map().find(tag); | 560 QuicTagValueMap::const_iterator it = message.tag_value_map().find(tag); |
| 561 if (it == message.tag_value_map().end()) { | 561 if (it == message.tag_value_map().end()) { |
| 562 return string(); | 562 return string(); |
| 563 } | 563 } |
| 564 return it->second; | 564 return it->second; |
| 565 } | 565 } |
| 566 | 566 |
| 567 uint64_t CryptoTestUtils::LeafCertHashForTesting() { | 567 uint64_t CryptoTestUtils::LeafCertHashForTesting() { |
| 568 scoped_refptr<ProofSource::Chain> chain; | 568 scoped_refptr<ProofSource::Chain> chain; |
| 569 IPAddress server_ip; | 569 IPAddress server_ip; |
| 570 string sig; | 570 QuicCryptoProof proof; |
| 571 string cert_sct; | |
| 572 std::unique_ptr<ProofSource> proof_source( | 571 std::unique_ptr<ProofSource> proof_source( |
| 573 CryptoTestUtils::ProofSourceForTesting()); | 572 CryptoTestUtils::ProofSourceForTesting()); |
| 574 if (!proof_source->GetProof(server_ip, "", "", AllSupportedVersions().front(), | 573 if (!proof_source->GetProof(server_ip, "", "", AllSupportedVersions().front(), |
| 575 "", QuicTagVector(), &chain, &sig, &cert_sct) || | 574 "", QuicTagVector(), &chain, &proof) || |
| 576 chain->certs.empty()) { | 575 chain->certs.empty()) { |
| 577 DCHECK(false) << "Proof generation failed"; | 576 DCHECK(false) << "Proof generation failed"; |
| 578 return 0; | 577 return 0; |
| 579 } | 578 } |
| 580 | 579 |
| 581 return QuicUtils::FNV1a_64_Hash(chain->certs.at(0).c_str(), | 580 return QuicUtils::FNV1a_64_Hash(chain->certs.at(0).c_str(), |
| 582 chain->certs.at(0).length()); | 581 chain->certs.at(0).length()); |
| 583 } | 582 } |
| 584 | 583 |
| 585 class MockCommonCertSets : public CommonCertSets { | 584 class MockCommonCertSets : public CommonCertSets { |
| (...skipping 367 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 953 QuicCryptoServerConfig* crypto_config) { | 952 QuicCryptoServerConfig* crypto_config) { |
| 954 // clang-format off | 953 // clang-format off |
| 955 return CryptoTestUtils::Message( | 954 return CryptoTestUtils::Message( |
| 956 "CHLO", | 955 "CHLO", |
| 957 "PDMD", "X509", | 956 "PDMD", "X509", |
| 958 "AEAD", "AESG", | 957 "AEAD", "AESG", |
| 959 "KEXS", "C255", | 958 "KEXS", "C255", |
| 960 "PUBS", CryptoTestUtils::GenerateClientPublicValuesHex().c_str(), | 959 "PUBS", CryptoTestUtils::GenerateClientPublicValuesHex().c_str(), |
| 961 "NONC", CryptoTestUtils::GenerateClientNonceHex(clock, | 960 "NONC", CryptoTestUtils::GenerateClientNonceHex(clock, |
| 962 crypto_config).c_str(), | 961 crypto_config).c_str(), |
| 963 "VER\0", QuicUtils::TagToString( | 962 "VER\0", QuicTagToString( |
| 964 QuicVersionToQuicTag(version)).c_str(), | 963 QuicVersionToQuicTag(version)).c_str(), |
| 965 "$padding", static_cast<int>(kClientHelloMinimumSize), | 964 "$padding", static_cast<int>(kClientHelloMinimumSize), |
| 966 nullptr); | 965 nullptr); |
| 967 // clang-format on | 966 // clang-format on |
| 968 } | 967 } |
| 969 | 968 |
| 970 string CryptoTestUtils::GenerateClientNonceHex( | 969 string CryptoTestUtils::GenerateClientNonceHex( |
| 971 const QuicClock* clock, | 970 const QuicClock* clock, |
| 972 QuicCryptoServerConfig* crypto_config) { | 971 QuicCryptoServerConfig* crypto_config) { |
| 973 net::QuicCryptoServerConfig::ConfigOptions old_config_options; | 972 net::QuicCryptoServerConfig::ConfigOptions old_config_options; |
| (...skipping 25 matching lines...) Expand all Loading... |
| 999 } | 998 } |
| 1000 | 999 |
| 1001 // static | 1000 // static |
| 1002 void CryptoTestUtils::GenerateFullCHLO( | 1001 void CryptoTestUtils::GenerateFullCHLO( |
| 1003 const CryptoHandshakeMessage& inchoate_chlo, | 1002 const CryptoHandshakeMessage& inchoate_chlo, |
| 1004 QuicCryptoServerConfig* crypto_config, | 1003 QuicCryptoServerConfig* crypto_config, |
| 1005 IPAddress server_ip, | 1004 IPAddress server_ip, |
| 1006 IPEndPoint client_addr, | 1005 IPEndPoint client_addr, |
| 1007 QuicVersion version, | 1006 QuicVersion version, |
| 1008 const QuicClock* clock, | 1007 const QuicClock* clock, |
| 1009 scoped_refptr<QuicCryptoProof> proof, | 1008 scoped_refptr<QuicSignedServerConfig> proof, |
| 1010 QuicCompressedCertsCache* compressed_certs_cache, | 1009 QuicCompressedCertsCache* compressed_certs_cache, |
| 1011 CryptoHandshakeMessage* out) { | 1010 CryptoHandshakeMessage* out) { |
| 1012 // Pass a inchoate CHLO. | 1011 // Pass a inchoate CHLO. |
| 1013 FullChloGenerator generator(crypto_config, server_ip, client_addr, clock, | 1012 FullChloGenerator generator(crypto_config, server_ip, client_addr, clock, |
| 1014 proof, compressed_certs_cache, out); | 1013 proof, compressed_certs_cache, out); |
| 1015 crypto_config->ValidateClientHello( | 1014 crypto_config->ValidateClientHello( |
| 1016 inchoate_chlo, client_addr.address(), server_ip, version, clock, proof, | 1015 inchoate_chlo, client_addr.address(), server_ip, version, clock, proof, |
| 1017 generator.GetValidateClientHelloCallback()); | 1016 generator.GetValidateClientHelloCallback()); |
| 1018 } | 1017 } |
| 1019 | 1018 |
| 1020 } // namespace test | 1019 } // namespace test |
| 1021 } // namespace net | 1020 } // namespace net |
| OLD | NEW |
|---|
Chromium Code Reviews
Issue 2516033003:
Landing Recent QUIC changes until Mon Nov 14 04:43:50 2016 +0000 (Closed)
