| Index: net/quic/core/crypto/crypto_server_test.cc
|
| diff --git a/net/quic/core/crypto/crypto_server_test.cc b/net/quic/core/crypto/crypto_server_test.cc
|
| index befd5c673415bbc9675c3cb23ccf0af7b22b0ca9..67cd077a9197baf60098379e40ffb67dcde1432b 100644
|
| --- a/net/quic/core/crypto/crypto_server_test.cc
|
| +++ b/net/quic/core/crypto/crypto_server_test.cc
|
| @@ -149,19 +149,15 @@ class CryptoServerTest : public ::testing::TestWithParam<TestParams> {
|
| pub_hex_ =
|
| "#" + QuicTextUtils::HexEncode(public_value, sizeof(public_value));
|
|
|
| - // clang-format off
|
| - CryptoHandshakeMessage client_hello = crypto_test_utils::Message(
|
| - "CHLO",
|
| - "PDMD", "X509",
|
| - "AEAD", "AESG",
|
| - "KEXS", "C255",
|
| - "PUBS", pub_hex_.c_str(),
|
| - "NONC", nonce_hex_.c_str(),
|
| - "CSCT", "",
|
| - "VER\0", client_version_string_.c_str(),
|
| - "$padding", static_cast<int>(kClientHelloMinimumSize),
|
| - nullptr);
|
| - // clang-format on
|
| + CryptoHandshakeMessage client_hello =
|
| + crypto_test_utils::CreateCHLO({{"PDMD", "X509"},
|
| + {"AEAD", "AESG"},
|
| + {"KEXS", "C255"},
|
| + {"PUBS", pub_hex_},
|
| + {"NONC", nonce_hex_},
|
| + {"CSCT", ""},
|
| + {"VER\0", client_version_string_}},
|
| + kClientHelloMinimumSize);
|
| ShouldSucceed(client_hello);
|
| // The message should be rejected because the source-address token is
|
| // missing.
|
| @@ -434,15 +430,11 @@ TEST_P(CryptoServerTest, BadSNI) {
|
| // clang-format on
|
|
|
| for (size_t i = 0; i < arraysize(kBadSNIs); i++) {
|
| - // clang-format off
|
| - CryptoHandshakeMessage msg = crypto_test_utils::Message(
|
| - "CHLO",
|
| - "PDMD", "X509",
|
| - "SNI", kBadSNIs[i],
|
| - "VER\0", client_version_string_.c_str(),
|
| - "$padding", static_cast<int>(kClientHelloMinimumSize),
|
| - nullptr);
|
| - // clang-format on
|
| + CryptoHandshakeMessage msg =
|
| + crypto_test_utils::CreateCHLO({{"PDMD", "X509"},
|
| + {"SNI", kBadSNIs[i]},
|
| + {"VER\0", client_version_string_}},
|
| + kClientHelloMinimumSize);
|
| ShouldFailMentioning("SNI", msg);
|
| const HandshakeFailureReason kRejectReasons[] = {
|
| SERVER_CONFIG_INCHOATE_HELLO_FAILURE};
|
| @@ -454,18 +446,14 @@ TEST_P(CryptoServerTest, DefaultCert) {
|
| // Check that the server replies with a default certificate when no SNI is
|
| // specified. The CHLO is constructed to generate a REJ with certs, so must
|
| // not contain a valid STK, and must include PDMD.
|
| - // clang-format off
|
| - CryptoHandshakeMessage msg = crypto_test_utils::Message(
|
| - "CHLO",
|
| - "AEAD", "AESG",
|
| - "KEXS", "C255",
|
| - "PUBS", pub_hex_.c_str(),
|
| - "NONC", nonce_hex_.c_str(),
|
| - "PDMD", "X509",
|
| - "VER\0", client_version_string_.c_str(),
|
| - "$padding", static_cast<int>(kClientHelloMinimumSize),
|
| - nullptr);
|
| - // clang-format on
|
| + CryptoHandshakeMessage msg =
|
| + crypto_test_utils::CreateCHLO({{"AEAD", "AESG"},
|
| + {"KEXS", "C255"},
|
| + {"PUBS", pub_hex_},
|
| + {"NONC", nonce_hex_},
|
| + {"PDMD", "X509"},
|
| + {"VER\0", client_version_string_}},
|
| + kClientHelloMinimumSize);
|
|
|
| ShouldSucceed(msg);
|
| StringPiece cert, proof, cert_sct;
|
| @@ -483,19 +471,15 @@ TEST_P(CryptoServerTest, DefaultCert) {
|
| TEST_P(CryptoServerTest, RejectTooLarge) {
|
| // Check that the server replies with no certificate when a CHLO is
|
| // constructed with a PDMD but no SKT when the REJ would be too large.
|
| - // clang-format off
|
| - CryptoHandshakeMessage msg = crypto_test_utils::Message(
|
| - "CHLO",
|
| - "PDMD", "X509",
|
| - "AEAD", "AESG",
|
| - "KEXS", "C255",
|
| - "PUBS", pub_hex_.c_str(),
|
| - "NONC", nonce_hex_.c_str(),
|
| - "PDMD", "X509",
|
| - "VER\0", client_version_string_.c_str(),
|
| - "$padding", static_cast<int>(kClientHelloMinimumSize),
|
| - nullptr);
|
| - // clang-format on
|
| + CryptoHandshakeMessage msg =
|
| + crypto_test_utils::CreateCHLO({{"PDMD", "X509"},
|
| + {"AEAD", "AESG"},
|
| + {"KEXS", "C255"},
|
| + {"PUBS", pub_hex_},
|
| + {"NONC", nonce_hex_},
|
| + {"PDMD", "X509"},
|
| + {"VER\0", client_version_string_}},
|
| + kClientHelloMinimumSize);
|
|
|
| // The REJ will be larger than the CHLO so no PROF or CRT will be sent.
|
| config_.set_chlo_multiplier(1);
|
| @@ -514,19 +498,15 @@ TEST_P(CryptoServerTest, RejectNotTooLarge) {
|
| // When the CHLO packet is large enough, ensure that a full REJ is sent.
|
| chlo_packet_size_ *= 2;
|
|
|
| - // clang-format off
|
| - CryptoHandshakeMessage msg = crypto_test_utils::Message(
|
| - "CHLO",
|
| - "PDMD", "X509",
|
| - "AEAD", "AESG",
|
| - "KEXS", "C255",
|
| - "PUBS", pub_hex_.c_str(),
|
| - "NONC", nonce_hex_.c_str(),
|
| - "PDMD", "X509",
|
| - "VER\0", client_version_string_.c_str(),
|
| - "$padding", static_cast<int>(kClientHelloMinimumSize),
|
| - nullptr);
|
| - // clang-format on
|
| + CryptoHandshakeMessage msg =
|
| + crypto_test_utils::CreateCHLO({{"PDMD", "X509"},
|
| + {"AEAD", "AESG"},
|
| + {"KEXS", "C255"},
|
| + {"PUBS", pub_hex_},
|
| + {"NONC", nonce_hex_},
|
| + {"PDMD", "X509"},
|
| + {"VER\0", client_version_string_}},
|
| + kClientHelloMinimumSize);
|
|
|
| // The REJ will be larger than the CHLO so no PROF or CRT will be sent.
|
| config_.set_chlo_multiplier(1);
|
| @@ -544,20 +524,16 @@ TEST_P(CryptoServerTest, RejectNotTooLarge) {
|
| TEST_P(CryptoServerTest, RejectTooLargeButValidSTK) {
|
| // Check that the server replies with no certificate when a CHLO is
|
| // constructed with a PDMD but no SKT when the REJ would be too large.
|
| - // clang-format off
|
| - CryptoHandshakeMessage msg = crypto_test_utils::Message(
|
| - "CHLO",
|
| - "PDMD", "X509",
|
| - "AEAD", "AESG",
|
| - "KEXS", "C255",
|
| - "PUBS", pub_hex_.c_str(),
|
| - "NONC", nonce_hex_.c_str(),
|
| - "#004b5453", srct_hex_.c_str(),
|
| - "PDMD", "X509",
|
| - "VER\0", client_version_string_.c_str(),
|
| - "$padding", static_cast<int>(kClientHelloMinimumSize),
|
| - nullptr);
|
| - // clang-format on
|
| + CryptoHandshakeMessage msg =
|
| + crypto_test_utils::CreateCHLO({{"PDMD", "X509"},
|
| + {"AEAD", "AESG"},
|
| + {"KEXS", "C255"},
|
| + {"PUBS", pub_hex_},
|
| + {"NONC", nonce_hex_},
|
| + {"#004b5453", srct_hex_},
|
| + {"PDMD", "X509"},
|
| + {"VER\0", client_version_string_}},
|
| + kClientHelloMinimumSize);
|
|
|
| // The REJ will be larger than the CHLO so no PROF or CRT will be sent.
|
| config_.set_chlo_multiplier(1);
|
| @@ -575,13 +551,11 @@ TEST_P(CryptoServerTest, RejectTooLargeButValidSTK) {
|
| }
|
|
|
| TEST_P(CryptoServerTest, TooSmall) {
|
| - // clang-format off
|
| - ShouldFailMentioning("too small", crypto_test_utils::Message(
|
| - "CHLO",
|
| - "PDMD", "X509",
|
| - "VER\0", client_version_string_.c_str(),
|
| - nullptr));
|
| - // clang-format on
|
| + ShouldFailMentioning(
|
| + "too small",
|
| + crypto_test_utils::CreateCHLO(
|
| + {{"PDMD", "X509"}, {"VER\0", client_version_string_.c_str()}}));
|
| +
|
| const HandshakeFailureReason kRejectReasons[] = {
|
| SERVER_CONFIG_INCHOATE_HELLO_FAILURE};
|
| CheckRejectReasons(kRejectReasons, arraysize(kRejectReasons));
|
| @@ -599,14 +573,11 @@ TEST_P(CryptoServerTest, BadSourceAddressToken) {
|
| // clang-format on
|
|
|
| for (size_t i = 0; i < arraysize(kBadSourceAddressTokens); i++) {
|
| - // clang-format off
|
| - CryptoHandshakeMessage msg = crypto_test_utils::Message(
|
| - "CHLO",
|
| - "PDMD", "X509",
|
| - "STK", kBadSourceAddressTokens[i],
|
| - "VER\0", client_version_string_.c_str(),
|
| - "$padding", static_cast<int>(kClientHelloMinimumSize), nullptr);
|
| - // clang-format on
|
| + CryptoHandshakeMessage msg =
|
| + crypto_test_utils::CreateCHLO({{"PDMD", "X509"},
|
| + {"STK", kBadSourceAddressTokens[i]},
|
| + {"VER\0", client_version_string_}},
|
| + kClientHelloMinimumSize);
|
| ShouldSucceed(msg);
|
| const HandshakeFailureReason kRejectReasons[] = {
|
| SERVER_CONFIG_INCHOATE_HELLO_FAILURE};
|
| @@ -625,37 +596,31 @@ TEST_P(CryptoServerTest, BadClientNonce) {
|
|
|
| for (size_t i = 0; i < arraysize(kBadNonces); i++) {
|
| // Invalid nonces should be ignored, in an inchoate CHLO.
|
| - // clang-format off
|
| - CryptoHandshakeMessage msg = crypto_test_utils::Message(
|
| - "CHLO",
|
| - "PDMD", "X509",
|
| - "NONC", kBadNonces[i],
|
| - "VER\0", client_version_string_.c_str(),
|
| - "$padding", static_cast<int>(kClientHelloMinimumSize),
|
| - nullptr);
|
| - // clang-format on
|
| +
|
| + CryptoHandshakeMessage msg =
|
| + crypto_test_utils::CreateCHLO({{"PDMD", "X509"},
|
| + {"NONC", kBadNonces[i]},
|
| + {"VER\0", client_version_string_}},
|
| + kClientHelloMinimumSize);
|
| +
|
| ShouldSucceed(msg);
|
| const HandshakeFailureReason kRejectReasons[] = {
|
| SERVER_CONFIG_INCHOATE_HELLO_FAILURE};
|
| CheckRejectReasons(kRejectReasons, arraysize(kRejectReasons));
|
|
|
| // Invalid nonces should result in CLIENT_NONCE_INVALID_FAILURE.
|
| - // clang-format off
|
| - CryptoHandshakeMessage msg1 = crypto_test_utils::Message(
|
| - "CHLO",
|
| - "PDMD", "X509",
|
| - "AEAD", "AESG",
|
| - "KEXS", "C255",
|
| - "SCID", scid_hex_.c_str(),
|
| - "#004b5453", srct_hex_.c_str(),
|
| - "PUBS", pub_hex_.c_str(),
|
| - "NONC", kBadNonces[i],
|
| - "NONP", kBadNonces[i],
|
| - "XLCT", XlctHexString().c_str(),
|
| - "VER\0", client_version_string_.c_str(),
|
| - "$padding", static_cast<int>(kClientHelloMinimumSize),
|
| - nullptr);
|
| - // clang-format on
|
| + CryptoHandshakeMessage msg1 =
|
| + crypto_test_utils::CreateCHLO({{"PDMD", "X509"},
|
| + {"AEAD", "AESG"},
|
| + {"KEXS", "C255"},
|
| + {"SCID", scid_hex_},
|
| + {"#004b5453", srct_hex_},
|
| + {"PUBS", pub_hex_},
|
| + {"NONC", kBadNonces[i]},
|
| + {"NONP", kBadNonces[i]},
|
| + {"XLCT", XlctHexString()},
|
| + {"VER\0", client_version_string_}},
|
| + kClientHelloMinimumSize);
|
|
|
| ShouldSucceed(msg1);
|
|
|
| @@ -668,34 +633,26 @@ TEST_P(CryptoServerTest, BadClientNonce) {
|
|
|
| TEST_P(CryptoServerTest, NoClientNonce) {
|
| // No client nonces should result in INCHOATE_HELLO_FAILURE.
|
| - // clang-format off
|
| - CryptoHandshakeMessage msg = crypto_test_utils::Message(
|
| - "CHLO",
|
| - "PDMD", "X509",
|
| - "VER\0", client_version_string_.c_str(),
|
| - "$padding", static_cast<int>(kClientHelloMinimumSize),
|
| - nullptr);
|
| - // clang-format on
|
| +
|
| + CryptoHandshakeMessage msg = crypto_test_utils::CreateCHLO(
|
| + {{"PDMD", "X509"}, {"VER\0", client_version_string_}},
|
| + kClientHelloMinimumSize);
|
|
|
| ShouldSucceed(msg);
|
| const HandshakeFailureReason kRejectReasons[] = {
|
| SERVER_CONFIG_INCHOATE_HELLO_FAILURE};
|
| CheckRejectReasons(kRejectReasons, arraysize(kRejectReasons));
|
|
|
| - // clang-format off
|
| - CryptoHandshakeMessage msg1 = crypto_test_utils::Message(
|
| - "CHLO",
|
| - "PDMD", "X509",
|
| - "AEAD", "AESG",
|
| - "KEXS", "C255",
|
| - "SCID", scid_hex_.c_str(),
|
| - "#004b5453", srct_hex_.c_str(),
|
| - "PUBS", pub_hex_.c_str(),
|
| - "XLCT", XlctHexString().c_str(),
|
| - "VER\0", client_version_string_.c_str(),
|
| - "$padding", static_cast<int>(kClientHelloMinimumSize),
|
| - nullptr);
|
| - // clang-format on
|
| + CryptoHandshakeMessage msg1 =
|
| + crypto_test_utils::CreateCHLO({{"PDMD", "X509"},
|
| + {"AEAD", "AESG"},
|
| + {"KEXS", "C255"},
|
| + {"SCID", scid_hex_},
|
| + {"#004b5453", srct_hex_},
|
| + {"PUBS", pub_hex_},
|
| + {"XLCT", XlctHexString()},
|
| + {"VER\0", client_version_string_}},
|
| + kClientHelloMinimumSize);
|
|
|
| ShouldSucceed(msg1);
|
| CheckRejectTag();
|
| @@ -714,14 +671,9 @@ TEST_P(CryptoServerTest, DowngradeAttack) {
|
| string bad_version =
|
| QuicTagToString(QuicVersionToQuicTag(supported_versions_.back()));
|
|
|
| - // clang-format off
|
| - CryptoHandshakeMessage msg = crypto_test_utils::Message(
|
| - "CHLO",
|
| - "PDMD", "X509",
|
| - "VER\0", bad_version.c_str(),
|
| - "$padding", static_cast<int>(kClientHelloMinimumSize),
|
| - nullptr);
|
| - // clang-format on
|
| + CryptoHandshakeMessage msg = crypto_test_utils::CreateCHLO(
|
| + {{"PDMD", "X509"}, {"VER\0", bad_version}}, kClientHelloMinimumSize);
|
| +
|
| ShouldFailMentioning("Downgrade", msg);
|
| const HandshakeFailureReason kRejectReasons[] = {
|
| SERVER_CONFIG_INCHOATE_HELLO_FAILURE};
|
| @@ -730,20 +682,17 @@ TEST_P(CryptoServerTest, DowngradeAttack) {
|
|
|
| TEST_P(CryptoServerTest, CorruptServerConfig) {
|
| // This tests corrupted server config.
|
| - // clang-format off
|
| - CryptoHandshakeMessage msg = crypto_test_utils::Message(
|
| - "CHLO",
|
| - "PDMD", "X509",
|
| - "AEAD", "AESG",
|
| - "KEXS", "C255",
|
| - "SCID", (string(1, 'X') + scid_hex_).c_str(),
|
| - "#004b5453", srct_hex_.c_str(),
|
| - "PUBS", pub_hex_.c_str(),
|
| - "NONC", nonce_hex_.c_str(),
|
| - "VER\0", client_version_string_.c_str(),
|
| - "$padding", static_cast<int>(kClientHelloMinimumSize),
|
| - nullptr);
|
| - // clang-format on
|
| + CryptoHandshakeMessage msg =
|
| + crypto_test_utils::CreateCHLO({{"PDMD", "X509"},
|
| + {"AEAD", "AESG"},
|
| + {"KEXS", "C255"},
|
| + {"SCID", (string(1, 'X') + scid_hex_)},
|
| + {"#004b5453", srct_hex_},
|
| + {"PUBS", pub_hex_},
|
| + {"NONC", nonce_hex_},
|
| + {"VER\0", client_version_string_}},
|
| + kClientHelloMinimumSize);
|
| +
|
| ShouldSucceed(msg);
|
| CheckRejectTag();
|
| const HandshakeFailureReason kRejectReasons[] = {
|
| @@ -753,21 +702,18 @@ TEST_P(CryptoServerTest, CorruptServerConfig) {
|
|
|
| TEST_P(CryptoServerTest, CorruptSourceAddressToken) {
|
| // This tests corrupted source address token.
|
| - // clang-format off
|
| - CryptoHandshakeMessage msg = crypto_test_utils::Message(
|
| - "CHLO",
|
| - "PDMD", "X509",
|
| - "AEAD", "AESG",
|
| - "KEXS", "C255",
|
| - "SCID", scid_hex_.c_str(),
|
| - "#004b5453", (string(1, 'X') + srct_hex_).c_str(),
|
| - "PUBS", pub_hex_.c_str(),
|
| - "NONC", nonce_hex_.c_str(),
|
| - "XLCT", XlctHexString().c_str(),
|
| - "VER\0", client_version_string_.c_str(),
|
| - "$padding", static_cast<int>(kClientHelloMinimumSize),
|
| - nullptr);
|
| - // clang-format on
|
| + CryptoHandshakeMessage msg = crypto_test_utils::CreateCHLO(
|
| + {{"PDMD", "X509"},
|
| + {"AEAD", "AESG"},
|
| + {"KEXS", "C255"},
|
| + {"SCID", scid_hex_},
|
| + {"#004b5453", (string(1, 'X') + srct_hex_)},
|
| + {"PUBS", pub_hex_},
|
| + {"NONC", nonce_hex_},
|
| + {"XLCT", XlctHexString()},
|
| + {"VER\0", client_version_string_}},
|
| + kClientHelloMinimumSize);
|
| +
|
| ShouldSucceed(msg);
|
| CheckRejectTag();
|
| const HandshakeFailureReason kRejectReasons[] = {
|
| @@ -777,21 +723,18 @@ TEST_P(CryptoServerTest, CorruptSourceAddressToken) {
|
|
|
| TEST_P(CryptoServerTest, CorruptClientNonceAndSourceAddressToken) {
|
| // This test corrupts client nonce and source address token.
|
| - // clang-format off
|
| - CryptoHandshakeMessage msg = crypto_test_utils::Message(
|
| - "CHLO",
|
| - "PDMD", "X509",
|
| - "AEAD", "AESG",
|
| - "KEXS", "C255",
|
| - "SCID", scid_hex_.c_str(),
|
| - "#004b5453", (string(1, 'X') + srct_hex_).c_str(),
|
| - "PUBS", pub_hex_.c_str(),
|
| - "NONC", (string(1, 'X') + nonce_hex_).c_str(),
|
| - "XLCT", XlctHexString().c_str(),
|
| - "VER\0", client_version_string_.c_str(),
|
| - "$padding", static_cast<int>(kClientHelloMinimumSize),
|
| - nullptr);
|
| - // clang-format on
|
| + CryptoHandshakeMessage msg = crypto_test_utils::CreateCHLO(
|
| + {{"PDMD", "X509"},
|
| + {"AEAD", "AESG"},
|
| + {"KEXS", "C255"},
|
| + {"SCID", scid_hex_},
|
| + {"#004b5453", (string(1, 'X') + srct_hex_)},
|
| + {"PUBS", pub_hex_},
|
| + {"NONC", (string(1, 'X') + nonce_hex_)},
|
| + {"XLCT", XlctHexString()},
|
| + {"VER\0", client_version_string_}},
|
| + kClientHelloMinimumSize);
|
| +
|
| ShouldSucceed(msg);
|
| CheckRejectTag();
|
| const HandshakeFailureReason kRejectReasons[] = {
|
| @@ -801,23 +744,20 @@ TEST_P(CryptoServerTest, CorruptClientNonceAndSourceAddressToken) {
|
|
|
| TEST_P(CryptoServerTest, CorruptMultipleTags) {
|
| // This test corrupts client nonce, server nonce and source address token.
|
| - // clang-format off
|
| - CryptoHandshakeMessage msg = crypto_test_utils::Message(
|
| - "CHLO",
|
| - "PDMD", "X509",
|
| - "AEAD", "AESG",
|
| - "KEXS", "C255",
|
| - "SCID", scid_hex_.c_str(),
|
| - "#004b5453", (string(1, 'X') + srct_hex_).c_str(),
|
| - "PUBS", pub_hex_.c_str(),
|
| - "NONC", (string(1, 'X') + nonce_hex_).c_str(),
|
| - "NONP", (string(1, 'X') + nonce_hex_).c_str(),
|
| - "SNO\0", (string(1, 'X') + nonce_hex_).c_str(),
|
| - "XLCT", XlctHexString().c_str(),
|
| - "VER\0", client_version_string_.c_str(),
|
| - "$padding", static_cast<int>(kClientHelloMinimumSize),
|
| - nullptr);
|
| - // clang-format on
|
| + CryptoHandshakeMessage msg = crypto_test_utils::CreateCHLO(
|
| + {{"PDMD", "X509"},
|
| + {"AEAD", "AESG"},
|
| + {"KEXS", "C255"},
|
| + {"SCID", scid_hex_},
|
| + {"#004b5453", (string(1, 'X') + srct_hex_)},
|
| + {"PUBS", pub_hex_},
|
| + {"NONC", (string(1, 'X') + nonce_hex_)},
|
| + {"NONP", (string(1, 'X') + nonce_hex_)},
|
| + {"SNO\0", (string(1, 'X') + nonce_hex_)},
|
| + {"XLCT", XlctHexString()},
|
| + {"VER\0", client_version_string_}},
|
| + kClientHelloMinimumSize);
|
| +
|
| ShouldSucceed(msg);
|
| CheckRejectTag();
|
|
|
| @@ -829,22 +769,18 @@ TEST_P(CryptoServerTest, CorruptMultipleTags) {
|
| TEST_P(CryptoServerTest, NoServerNonce) {
|
| // When no server nonce is present and no strike register is configured,
|
| // the CHLO should be rejected.
|
| - // clang-format off
|
| - CryptoHandshakeMessage msg = crypto_test_utils::Message(
|
| - "CHLO",
|
| - "PDMD", "X509",
|
| - "AEAD", "AESG",
|
| - "KEXS", "C255",
|
| - "SCID", scid_hex_.c_str(),
|
| - "#004b5453", srct_hex_.c_str(),
|
| - "PUBS", pub_hex_.c_str(),
|
| - "NONC", nonce_hex_.c_str(),
|
| - "NONP", nonce_hex_.c_str(),
|
| - "XLCT", XlctHexString().c_str(),
|
| - "VER\0", client_version_string_.c_str(),
|
| - "$padding", static_cast<int>(kClientHelloMinimumSize),
|
| - nullptr);
|
| - // clang-format on
|
| + CryptoHandshakeMessage msg =
|
| + crypto_test_utils::CreateCHLO({{"PDMD", "X509"},
|
| + {"AEAD", "AESG"},
|
| + {"KEXS", "C255"},
|
| + {"SCID", scid_hex_},
|
| + {"#004b5453", srct_hex_},
|
| + {"PUBS", pub_hex_},
|
| + {"NONC", nonce_hex_},
|
| + {"NONP", nonce_hex_},
|
| + {"XLCT", XlctHexString()},
|
| + {"VER\0", client_version_string_}},
|
| + kClientHelloMinimumSize);
|
|
|
| ShouldSucceed(msg);
|
|
|
| @@ -856,22 +792,20 @@ TEST_P(CryptoServerTest, NoServerNonce) {
|
|
|
| TEST_P(CryptoServerTest, ProofForSuppliedServerConfig) {
|
| client_address_ = QuicSocketAddress(QuicIpAddress::Loopback6(), 1234);
|
| - // clang-format off
|
| - CryptoHandshakeMessage msg = crypto_test_utils::Message(
|
| - "CHLO",
|
| - "AEAD", "AESG",
|
| - "KEXS", "C255",
|
| - "PDMD", "X509",
|
| - "SCID", kOldConfigId,
|
| - "#004b5453", srct_hex_.c_str(),
|
| - "PUBS", pub_hex_.c_str(),
|
| - "NONC", nonce_hex_.c_str(),
|
| - "NONP", "123456789012345678901234567890",
|
| - "VER\0", client_version_string_.c_str(),
|
| - "XLCT", XlctHexString().c_str(),
|
| - "$padding", static_cast<int>(kClientHelloMinimumSize),
|
| - nullptr);
|
| - // clang-format on
|
| +
|
| + CryptoHandshakeMessage msg =
|
| + crypto_test_utils::CreateCHLO({{"AEAD", "AESG"},
|
| + {"KEXS", "C255"},
|
| + {"PDMD", "X509"},
|
| + {"SCID", kOldConfigId},
|
| + {"#004b5453", srct_hex_},
|
| + {"PUBS", pub_hex_},
|
| + {"NONC", nonce_hex_},
|
| + {"NONP", "123456789012345678901234567890"},
|
| + {"VER\0", client_version_string_},
|
| + {"XLCT", XlctHexString()}},
|
| + kClientHelloMinimumSize);
|
| +
|
| ShouldSucceed(msg);
|
| // The message should be rejected because the source-address token is no
|
| // longer valid.
|
| @@ -917,51 +851,44 @@ TEST_P(CryptoServerTest, ProofForSuppliedServerConfig) {
|
| }
|
|
|
| TEST_P(CryptoServerTest, RejectInvalidXlct) {
|
| - // clang-format off
|
| - CryptoHandshakeMessage msg = crypto_test_utils::Message(
|
| - "CHLO",
|
| - "PDMD", "X509",
|
| - "AEAD", "AESG",
|
| - "KEXS", "C255",
|
| - "SCID", scid_hex_.c_str(),
|
| - "#004b5453", srct_hex_.c_str(),
|
| - "PUBS", pub_hex_.c_str(),
|
| - "NONC", nonce_hex_.c_str(),
|
| - "VER\0", client_version_string_.c_str(),
|
| - "XLCT", "#0102030405060708",
|
| - "$padding", static_cast<int>(kClientHelloMinimumSize),
|
| - nullptr);
|
| - // clang-format on
|
| + CryptoHandshakeMessage msg =
|
| + crypto_test_utils::CreateCHLO({{"PDMD", "X509"},
|
| + {"AEAD", "AESG"},
|
| + {"KEXS", "C255"},
|
| + {"SCID", scid_hex_},
|
| + {"#004b5453", srct_hex_},
|
| + {"PUBS", pub_hex_},
|
| + {"NONC", nonce_hex_},
|
| + {"VER\0", client_version_string_},
|
| + {"XLCT", "#0102030405060708"}},
|
| + kClientHelloMinimumSize);
|
| +
|
| // If replay protection isn't disabled, then
|
| // QuicCryptoServerConfig::EvaluateClientHello will leave info.unique as false
|
| // and cause ProcessClientHello to exit early (and generate a REJ message).
|
| config_.set_replay_protection(false);
|
|
|
| ShouldSucceed(msg);
|
| - // clang-format off
|
| +
|
| const HandshakeFailureReason kRejectReasons[] = {
|
| - INVALID_EXPECTED_LEAF_CERTIFICATE
|
| - };
|
| - // clang-format on
|
| + INVALID_EXPECTED_LEAF_CERTIFICATE};
|
| +
|
| CheckRejectReasons(kRejectReasons, arraysize(kRejectReasons));
|
| }
|
|
|
| TEST_P(CryptoServerTest, ValidXlct) {
|
| - // clang-format off
|
| - CryptoHandshakeMessage msg = crypto_test_utils::Message(
|
| - "CHLO",
|
| - "PDMD", "X509",
|
| - "AEAD", "AESG",
|
| - "KEXS", "C255",
|
| - "SCID", scid_hex_.c_str(),
|
| - "#004b5453", srct_hex_.c_str(),
|
| - "PUBS", pub_hex_.c_str(),
|
| - "NONC", nonce_hex_.c_str(),
|
| - "VER\0", client_version_string_.c_str(),
|
| - "XLCT", XlctHexString().c_str(),
|
| - "$padding", static_cast<int>(kClientHelloMinimumSize),
|
| - nullptr);
|
| - // clang-format on
|
| + CryptoHandshakeMessage msg =
|
| + crypto_test_utils::CreateCHLO({{"PDMD", "X509"},
|
| + {"AEAD", "AESG"},
|
| + {"KEXS", "C255"},
|
| + {"SCID", scid_hex_},
|
| + {"#004b5453", srct_hex_},
|
| + {"PUBS", pub_hex_},
|
| + {"NONC", nonce_hex_},
|
| + {"VER\0", client_version_string_},
|
| + {"XLCT", XlctHexString()}},
|
| + kClientHelloMinimumSize);
|
| +
|
| // If replay protection isn't disabled, then
|
| // QuicCryptoServerConfig::EvaluateClientHello will leave info.unique as false
|
| // and cause ProcessClientHello to exit early (and generate a REJ message).
|
| @@ -972,21 +899,18 @@ TEST_P(CryptoServerTest, ValidXlct) {
|
| }
|
|
|
| TEST_P(CryptoServerTest, NonceInSHLO) {
|
| - // clang-format off
|
| - CryptoHandshakeMessage msg = crypto_test_utils::Message(
|
| - "CHLO",
|
| - "PDMD", "X509",
|
| - "AEAD", "AESG",
|
| - "KEXS", "C255",
|
| - "SCID", scid_hex_.c_str(),
|
| - "#004b5453", srct_hex_.c_str(),
|
| - "PUBS", pub_hex_.c_str(),
|
| - "NONC", nonce_hex_.c_str(),
|
| - "VER\0", client_version_string_.c_str(),
|
| - "XLCT", XlctHexString().c_str(),
|
| - "$padding", static_cast<int>(kClientHelloMinimumSize),
|
| - nullptr);
|
| - // clang-format on
|
| + CryptoHandshakeMessage msg =
|
| + crypto_test_utils::CreateCHLO({{"PDMD", "X509"},
|
| + {"AEAD", "AESG"},
|
| + {"KEXS", "C255"},
|
| + {"SCID", scid_hex_},
|
| + {"#004b5453", srct_hex_},
|
| + {"PUBS", pub_hex_},
|
| + {"NONC", nonce_hex_},
|
| + {"VER\0", client_version_string_},
|
| + {"XLCT", XlctHexString()}},
|
| + kClientHelloMinimumSize);
|
| +
|
| // If replay protection isn't disabled, then
|
| // QuicCryptoServerConfig::EvaluateClientHello will leave info.unique as false
|
| // and cause ProcessClientHello to exit early (and generate a REJ message).
|
| @@ -1003,19 +927,15 @@ TEST_P(CryptoServerTest, ProofSourceFailure) {
|
| // Install a ProofSource which will unconditionally fail
|
| peer_.ResetProofSource(std::unique_ptr<ProofSource>(new FailingProofSource));
|
|
|
| - // clang-format off
|
| - CryptoHandshakeMessage msg = crypto_test_utils::Message(
|
| - "CHLO",
|
| - "AEAD", "AESG",
|
| - "KEXS", "C255",
|
| - "SCID", scid_hex_.c_str(),
|
| - "PUBS", pub_hex_.c_str(),
|
| - "NONC", nonce_hex_.c_str(),
|
| - "PDMD", "X509",
|
| - "VER\0", client_version_string_.c_str(),
|
| - "$padding", static_cast<int>(kClientHelloMinimumSize),
|
| - nullptr);
|
| - // clang-format on
|
| + CryptoHandshakeMessage msg =
|
| + crypto_test_utils::CreateCHLO({{"AEAD", "AESG"},
|
| + {"KEXS", "C255"},
|
| + {"SCID", scid_hex_},
|
| + {"PUBS", pub_hex_},
|
| + {"NONC", nonce_hex_},
|
| + {"PDMD", "X509"},
|
| + {"VER\0", client_version_string_}},
|
| + kClientHelloMinimumSize);
|
|
|
| // Just ensure that we don't crash as occurred in b/33916924.
|
| ShouldFailMentioning("", msg);
|
| @@ -1102,14 +1022,10 @@ class CryptoServerTestNoConfig : public CryptoServerTest {
|
| };
|
|
|
| TEST_P(CryptoServerTestNoConfig, DontCrash) {
|
| - // clang-format off
|
| - CryptoHandshakeMessage msg = crypto_test_utils::Message(
|
| - "CHLO",
|
| - "PDMD", "X509",
|
| - "VER\0", client_version_string_.c_str(),
|
| - "$padding", static_cast<int>(kClientHelloMinimumSize),
|
| - nullptr);
|
| - // clang-format on
|
| + CryptoHandshakeMessage msg = crypto_test_utils::CreateCHLO(
|
| + {{"PDMD", "X509"}, {"VER\0", client_version_string_}},
|
| + kClientHelloMinimumSize);
|
| +
|
| ShouldFailMentioning("No config", msg);
|
|
|
| const HandshakeFailureReason kRejectReasons[] = {
|
| @@ -1128,21 +1044,18 @@ class CryptoServerTestOldVersion : public CryptoServerTest {
|
| };
|
|
|
| TEST_P(CryptoServerTestOldVersion, ServerIgnoresXlct) {
|
| - // clang-format off
|
| - CryptoHandshakeMessage msg = crypto_test_utils::Message(
|
| - "CHLO",
|
| - "PDMD", "X509",
|
| - "AEAD", "AESG",
|
| - "KEXS", "C255",
|
| - "SCID", scid_hex_.c_str(),
|
| - "#004b5453", srct_hex_.c_str(),
|
| - "PUBS", pub_hex_.c_str(),
|
| - "NONC", nonce_hex_.c_str(),
|
| - "VER\0", client_version_string_.c_str(),
|
| - "XLCT", "#0100000000000000",
|
| - "$padding", static_cast<int>(kClientHelloMinimumSize),
|
| - nullptr);
|
| - // clang-format on
|
| + CryptoHandshakeMessage msg =
|
| + crypto_test_utils::CreateCHLO({{"PDMD", "X509"},
|
| + {"AEAD", "AESG"},
|
| + {"KEXS", "C255"},
|
| + {"SCID", scid_hex_},
|
| + {"#004b5453", srct_hex_},
|
| + {"PUBS", pub_hex_},
|
| + {"NONC", nonce_hex_},
|
| + {"VER\0", client_version_string_},
|
| + {"XLCT", "#0100000000000000"}},
|
| + kClientHelloMinimumSize);
|
| +
|
| // If replay protection isn't disabled, then
|
| // QuicCryptoServerConfig::EvaluateClientHello will leave info.unique as false
|
| // and cause ProcessClientHello to exit early (and generate a REJ message).
|
| @@ -1153,20 +1066,17 @@ TEST_P(CryptoServerTestOldVersion, ServerIgnoresXlct) {
|
| }
|
|
|
| TEST_P(CryptoServerTestOldVersion, XlctNotRequired) {
|
| - // clang-format off
|
| - CryptoHandshakeMessage msg = crypto_test_utils::Message(
|
| - "CHLO",
|
| - "PDMD", "X509",
|
| - "AEAD", "AESG",
|
| - "KEXS", "C255",
|
| - "SCID", scid_hex_.c_str(),
|
| - "#004b5453", srct_hex_.c_str(),
|
| - "PUBS", pub_hex_.c_str(),
|
| - "NONC", nonce_hex_.c_str(),
|
| - "VER\0", client_version_string_.c_str(),
|
| - "$padding", static_cast<int>(kClientHelloMinimumSize),
|
| - nullptr);
|
| - // clang-format on
|
| + CryptoHandshakeMessage msg =
|
| + crypto_test_utils::CreateCHLO({{"PDMD", "X509"},
|
| + {"AEAD", "AESG"},
|
| + {"KEXS", "C255"},
|
| + {"SCID", scid_hex_},
|
| + {"#004b5453", srct_hex_},
|
| + {"PUBS", pub_hex_},
|
| + {"NONC", nonce_hex_},
|
| + {"VER\0", client_version_string_}},
|
| + kClientHelloMinimumSize);
|
| +
|
| // If replay protection isn't disabled, then
|
| // QuicCryptoServerConfig::EvaluateClientHello will leave info.unique as false
|
| // and cause ProcessClientHello to exit early (and generate a REJ message).
|
|
|
Chromium Code Reviews
Issue 2678973002:
Replace va_arg version of crypto_test_utils::Message with a more modern vector argument version. (Closed)
