net/quic/quic_crypto_client_stream_test.cc

   1 // Copyright (c) 2012 The Chromium Authors. All rights reserved.
   2 // Use of this source code is governed by a BSD-style license that can be
   3 // found in the LICENSE file.
   4
   5 #include "net/quic/quic_crypto_client_stream.h"
   6
   7 #include "base/memory/scoped_ptr.h"
   8 #include "net/quic/crypto/aes_128_gcm_12_encrypter.h"
   9 #include "net/quic/crypto/quic_decrypter.h"
  10 #include "net/quic/crypto/quic_encrypter.h"
  11 #include "net/quic/quic_flags.h"
  12 #include "net/quic/quic_protocol.h"
  13 #include "net/quic/quic_server_id.h"
  14 #include "net/quic/quic_utils.h"
  15 #include "net/quic/test_tools/crypto_test_utils.h"
  16 #include "net/quic/test_tools/quic_test_utils.h"
  17 #include "net/quic/test_tools/simple_quic_framer.h"
  18 #include "testing/gmock/include/gmock/gmock.h"
  19 #include "testing/gtest/include/gtest/gtest.h"
  20
  21 namespace net {
  22 namespace test {
  23 namespace {
  24
  25 const char kServerHostname[] = "example.com";
  26 const uint16 kServerPort = 80;
  27
  28 class QuicCryptoClientStreamTest : public ::testing::Test {
  29  public:
  30   QuicCryptoClientStreamTest()
  31       : connection_(new PacketSavingConnection(false)),
  32         session_(new TestClientSession(connection_, DefaultQuicConfig())),
  33         server_id_(kServerHostname, kServerPort, false, PRIVACY_MODE_DISABLED),
  34         stream_(new QuicCryptoClientStream(
  35             server_id_, session_.get(), NULL, &crypto_config_)) {
  36     session_->SetCryptoStream(stream_.get());
  37     session_->config()->SetDefaults();
  38     crypto_config_.SetDefaults();
  39   }
  40
  41   void CompleteCryptoHandshake() {
  42     EXPECT_TRUE(stream_->CryptoConnect());
  43     CryptoTestUtils::HandshakeWithFakeServer(connection_, stream_.get());
  44   }
  45
  46   void ConstructHandshakeMessage() {
  47     CryptoFramer framer;
  48     message_data_.reset(framer.ConstructHandshakeMessage(message_));
  49   }
  50
  51   PacketSavingConnection* connection_;
  52   scoped_ptr<TestClientSession> session_;
  53   QuicServerId server_id_;
  54   scoped_ptr<QuicCryptoClientStream> stream_;
  55   CryptoHandshakeMessage message_;
  56   scoped_ptr<QuicData> message_data_;
  57   QuicCryptoClientConfig crypto_config_;
  58 };
  59
  60 TEST_F(QuicCryptoClientStreamTest, NotInitiallyConected) {
  61   EXPECT_FALSE(stream_->encryption_established());
  62   EXPECT_FALSE(stream_->handshake_confirmed());
  63 }
  64
  65 TEST_F(QuicCryptoClientStreamTest, ConnectedAfterSHLO) {
  66   CompleteCryptoHandshake();
  67   EXPECT_TRUE(stream_->encryption_established());
  68   EXPECT_TRUE(stream_->handshake_confirmed());
  69 }
  70
  71 TEST_F(QuicCryptoClientStreamTest, MessageAfterHandshake) {
  72   CompleteCryptoHandshake();
  73
  74   EXPECT_CALL(*connection_, SendConnectionClose(
  75       QUIC_CRYPTO_MESSAGE_AFTER_HANDSHAKE_COMPLETE));
  76   message_.set_tag(kCHLO);
  77   ConstructHandshakeMessage();
  78   stream_->ProcessRawData(message_data_->data(), message_data_->length());
  79 }
  80
  81 TEST_F(QuicCryptoClientStreamTest, BadMessageType) {
  82   EXPECT_TRUE(stream_->CryptoConnect());
  83
  84   message_.set_tag(kCHLO);
  85   ConstructHandshakeMessage();
  86
  87   EXPECT_CALL(*connection_, SendConnectionCloseWithDetails(
  88         QUIC_INVALID_CRYPTO_MESSAGE_TYPE, "Expected REJ"));
  89   stream_->ProcessRawData(message_data_->data(), message_data_->length());
  90 }
  91
  92 TEST_F(QuicCryptoClientStreamTest, NegotiatedParameters) {
  93   CompleteCryptoHandshake();
  94
  95   const QuicConfig* config = session_->config();
  96   EXPECT_EQ(kQBIC, config->CongestionFeedback());
  97   EXPECT_EQ(kMaximumIdleTimeoutSecs,
  98             config->IdleConnectionStateLifetime().ToSeconds());
  99   EXPECT_EQ(kDefaultMaxStreamsPerConnection,
 100             config->MaxStreamsPerConnection());
 101   EXPECT_EQ(0, config->KeepaliveTimeout().ToSeconds());
 102
 103   const QuicCryptoNegotiatedParameters& crypto_params(
 104       stream_->crypto_negotiated_params());
 105   EXPECT_EQ(crypto_config_.aead[0], crypto_params.aead);
 106   EXPECT_EQ(crypto_config_.kexs[0], crypto_params.key_exchange);
 107 }
 108
 109 TEST_F(QuicCryptoClientStreamTest, InvalidHostname) {
 110   QuicServerId server_id("invalid", 80, false, PRIVACY_MODE_DISABLED);
 111   stream_.reset(new QuicCryptoClientStream(server_id, session_.get(), NULL,
 112                                            &crypto_config_));
 113   session_->SetCryptoStream(stream_.get());
 114
 115   CompleteCryptoHandshake();
 116   EXPECT_TRUE(stream_->encryption_established());
 117   EXPECT_TRUE(stream_->handshake_confirmed());
 118 }
 119
 120 TEST_F(QuicCryptoClientStreamTest, ExpiredServerConfig) {
 121   // Seed the config with a cached server config.
 122   CompleteCryptoHandshake();
 123
 124   connection_ = new PacketSavingConnection(true);
 125   session_.reset(new TestClientSession(connection_, DefaultQuicConfig()));
 126   stream_.reset(new QuicCryptoClientStream(server_id_, session_.get(), NULL,
 127                                            &crypto_config_));
 128
 129   session_->SetCryptoStream(stream_.get());
 130   session_->config()->SetDefaults();
 131
 132   // Advance time 5 years to ensure that we pass the expiry time of the cached
 133   // server config.
 134   reinterpret_cast<MockClock*>(const_cast<QuicClock*>(connection_->clock()))
 135       ->AdvanceTime(QuicTime::Delta::FromSeconds(60 * 60 * 24 * 365 * 5));
 136
 137   // Check that a client hello was sent and that CryptoConnect doesn't fail
 138   // with an error.
 139   EXPECT_TRUE(stream_->CryptoConnect());
 140   ASSERT_EQ(1u, connection_->packets_.size());
 141 }
 142
 143 TEST_F(QuicCryptoClientStreamTest, ServerConfigUpdate) {
 144   // Test that the crypto client stream can receive server config updates after
 145   // the connection has been established.
 146   CompleteCryptoHandshake();
 147
 148   QuicCryptoClientConfig::CachedState* state =
 149       crypto_config_.LookupOrCreate(server_id_);
 150
 151   // Ensure cached STK is different to what we send in the handshake.
 152   EXPECT_NE("xstk", state->source_address_token());
 153
 154   // Initialize using {...} syntax to avoid trailing \0 if converting from
 155   // string.
 156   unsigned char stk[] = { 'x', 's', 't', 'k' };
 157
 158   // Minimum SCFG that passes config validation checks.
 159   unsigned char scfg[] = {
 160     // SCFG
 161     0x53, 0x43, 0x46, 0x47,
 162     // num entries
 163     0x01, 0x00,
 164     // padding
 165     0x00, 0x00,
 166     // EXPY
 167     0x45, 0x58, 0x50, 0x59,
 168     // EXPY end offset
 169     0x08, 0x00, 0x00, 0x00,
 170     // Value
 171     '1',  '2',  '3',  '4',
 172     '5',  '6',  '7',  '8'
 173   };
 174
 175   CryptoHandshakeMessage server_config_update;
 176   server_config_update.set_tag(kSCUP);
 177   server_config_update.SetValue(kSourceAddressTokenTag, stk);
 178   server_config_update.SetValue(kSCFG, scfg);
 179
 180   scoped_ptr<QuicData> data(
 181       CryptoFramer::ConstructHandshakeMessage(server_config_update));
 182   stream_->ProcessRawData(data->data(), data->length());
 183
 184   // Make sure that the STK and SCFG are cached correctly.
 185   EXPECT_EQ("xstk", state->source_address_token());
 186
 187   string cached_scfg = state->server_config();
 188   test::CompareCharArraysWithHexError(
 189       "scfg", cached_scfg.data(), cached_scfg.length(),
 190       QuicUtils::AsChars(scfg), arraysize(scfg));
 191 }
 192
 193 TEST_F(QuicCryptoClientStreamTest, ServerConfigUpdateBeforeHandshake) {
 194   EXPECT_CALL(*connection_, SendConnectionClose(
 195       QUIC_CRYPTO_UPDATE_BEFORE_HANDSHAKE_COMPLETE));
 196   CryptoHandshakeMessage server_config_update;
 197   server_config_update.set_tag(kSCUP);
 198   scoped_ptr<QuicData> data(
 199       CryptoFramer::ConstructHandshakeMessage(server_config_update));
 200   stream_->ProcessRawData(data->data(), data->length());
 201 }
 202
 203 }  // namespace
 204 }  // namespace test
 205 }  // namespace net