1 //
2 //
3 // Copyright 2018 gRPC authors.
4 //
5 // Licensed under the Apache License, Version 2.0 (the "License");
6 // you may not use this file except in compliance with the License.
7 // You may obtain a copy of the License at
8 //
9 // http://www.apache.org/licenses/LICENSE-2.0
10 //
11 // Unless required by applicable law or agreed to in writing, software
12 // distributed under the License is distributed on an "AS IS" BASIS,
13 // WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
14 // See the License for the specific language governing permissions and
15 // limitations under the License.
16 //
17 //
18
19 #include "src/core/tsi/alts/frame_protector/alts_frame_protector.h"
20
21 #include <stdbool.h>
22
23 #include <gtest/gtest.h>
24
25 #include <grpc/support/alloc.h>
26 #include <grpc/support/log.h>
27
28 #include "src/core/lib/gprpp/crash.h"
29 #include "src/core/tsi/alts/crypt/gsec.h"
30 #include "src/core/tsi/transport_security_interface.h"
31 #include "test/core/tsi/alts/crypt/gsec_test_util.h"
32 #include "test/core/tsi/transport_security_test_lib.h"
33
34 const size_t kChannelSize = 32768;
35
alts_test_do_round_trip_check_frames(tsi_test_frame_protector_fixture * fixture,const uint8_t * key,const size_t key_size,bool rekey,const uint8_t * client_message,const size_t client_message_size,const uint8_t * client_expected_frames,const size_t client_frame_size,const uint8_t * server_message,const size_t server_message_size,const uint8_t * server_expected_frames,const size_t server_frame_size)36 static void alts_test_do_round_trip_check_frames(
37 tsi_test_frame_protector_fixture* fixture, const uint8_t* key,
38 const size_t key_size, bool rekey, const uint8_t* client_message,
39 const size_t client_message_size, const uint8_t* client_expected_frames,
40 const size_t client_frame_size, const uint8_t* server_message,
41 const size_t server_message_size, const uint8_t* server_expected_frames,
42 const size_t server_frame_size) {
43 ASSERT_NE(fixture, nullptr);
44 ASSERT_NE(fixture->config, nullptr);
45 tsi_frame_protector* client_frame_protector = nullptr;
46 tsi_frame_protector* server_frame_protector = nullptr;
47 tsi_test_frame_protector_config* config = fixture->config;
48 tsi_test_channel* channel = fixture->channel;
49 // Create a client frame protector.
50 size_t client_max_output_protected_frame_size =
51 config->client_max_output_protected_frame_size;
52 ASSERT_EQ(
53 alts_create_frame_protector(key, key_size, /*is_client=*/true, rekey,
54 client_max_output_protected_frame_size == 0
55 ? nullptr
56 : &client_max_output_protected_frame_size,
57 &client_frame_protector),
58 TSI_OK); // Create a server frame protector.
59 size_t server_max_output_protected_frame_size =
60 config->server_max_output_protected_frame_size;
61 ASSERT_EQ(
62 alts_create_frame_protector(key, key_size, /*is_client=*/false, rekey,
63 server_max_output_protected_frame_size == 0
64 ? nullptr
65 : &server_max_output_protected_frame_size,
66 &server_frame_protector),
67 TSI_OK);
68 tsi_test_frame_protector_fixture_init(fixture, client_frame_protector,
69 server_frame_protector);
70 // Client sends a message to server.
71 uint8_t* saved_client_message = config->client_message;
72 config->client_message = const_cast<uint8_t*>(client_message);
73 config->client_message_size = client_message_size;
74 tsi_test_frame_protector_send_message_to_peer(config, channel,
75 client_frame_protector,
76 /*is_client=*/true);
77 // Verify if the generated frame is the same as the expected.
78 ASSERT_EQ(channel->bytes_written_to_server_channel, client_frame_size);
79 ASSERT_EQ(memcmp(client_expected_frames, channel->server_channel,
80 client_frame_size),
81 0);
82 unsigned char* server_received_message =
83 static_cast<unsigned char*>(gpr_malloc(kChannelSize));
84 size_t server_received_message_size = 0;
85 tsi_test_frame_protector_receive_message_from_peer(
86 config, channel, server_frame_protector, server_received_message,
87 &server_received_message_size, /*is_client=*/false);
88 ASSERT_EQ(config->client_message_size, server_received_message_size);
89 ASSERT_EQ(memcmp(config->client_message, server_received_message,
90 server_received_message_size),
91 0);
92 // Server sends a message to client.
93 uint8_t* saved_server_message = config->server_message;
94 config->server_message = const_cast<uint8_t*>(server_message);
95 config->server_message_size = server_message_size;
96 tsi_test_frame_protector_send_message_to_peer(config, channel,
97 server_frame_protector,
98 /*is_client=*/false);
99 // Verify if the generated frame is the same as the expected.
100 ASSERT_EQ(channel->bytes_written_to_client_channel, server_frame_size);
101 ASSERT_EQ(memcmp(server_expected_frames, channel->client_channel,
102 server_frame_size),
103 0);
104 unsigned char* client_received_message =
105 static_cast<unsigned char*>(gpr_malloc(kChannelSize));
106 size_t client_received_message_size = 0;
107 tsi_test_frame_protector_receive_message_from_peer(
108 config, channel, client_frame_protector, client_received_message,
109 &client_received_message_size,
110 /*is_client=*/true);
111 ASSERT_EQ(config->server_message_size, client_received_message_size);
112 ASSERT_EQ(memcmp(config->server_message, client_received_message,
113 client_received_message_size),
114 0);
115 config->client_message = saved_client_message;
116 config->server_message = saved_server_message;
117 // Destroy server and client frame protectors.
118 gpr_free(server_received_message);
119 gpr_free(client_received_message);
120 }
121
alts_test_do_round_trip_vector_tests()122 static void alts_test_do_round_trip_vector_tests() {
123 const uint8_t key[] = {0xfe, 0xff, 0xe9, 0x92, 0x86, 0x65, 0x73, 0x1c,
124 0x6d, 0x6a, 0x8f, 0x94, 0x67, 0x30, 0x83, 0x08};
125 const char small_message[] = {'C', 'h', 'a', 'p', 'i', ' ',
126 'C', 'h', 'a', 'p', 'o'};
127 const uint8_t large_message[] = {
128 0xd9, 0x31, 0x32, 0x25, 0xf8, 0x84, 0x06, 0xe5, 0xa5, 0x59, 0x09, 0xc5,
129 0xaf, 0xf5, 0x26, 0x9a, 0x86, 0xa7, 0xa9, 0x53, 0x15, 0x34, 0xf7, 0xda,
130 0x2e, 0x4c, 0x30, 0x3d, 0x8a, 0x31, 0x8a, 0x72, 0x1c, 0x3c, 0x0c, 0x95,
131 0x95, 0x68, 0x09, 0x53, 0x2f, 0xcf, 0x0e, 0x24, 0x49, 0xa6, 0xb5, 0x25,
132 0xb1, 0x6a, 0xed, 0xf5, 0xaa, 0x0d, 0xe6, 0x57, 0xba, 0x63, 0x7b, 0x39,
133 0x1a, 0xaf, 0xd2, 0x55, 0xd6, 0x09, 0xb1, 0xf0, 0x56, 0x63, 0x7a, 0x0d,
134 0x46, 0xdf, 0x99, 0x8d, 0x88, 0xe5, 0x22, 0x2a, 0xb2, 0xc2, 0x84, 0x65,
135 0x12, 0x15, 0x35, 0x24, 0xc0, 0x89, 0x5e, 0x81, 0x08, 0x06, 0x0f, 0x10,
136 0x11, 0x12, 0x13, 0x14, 0x15, 0x16, 0x17, 0x18, 0x19, 0x1a, 0x1b, 0x1c,
137 0x1d, 0x1e, 0x1f, 0x20, 0x21, 0x22, 0x23, 0x24, 0x25, 0x26, 0x27, 0x28,
138 0x29, 0x2a, 0x2b, 0x2c, 0x2d, 0x2e, 0x2f, 0x30};
139 const size_t small_message_size = sizeof(small_message) / sizeof(uint8_t);
140 const size_t large_message_size = sizeof(large_message) / sizeof(uint8_t);
141 // Test small client message and large server message.
142 const uint8_t client_expected_frame1[] = {
143 0x1f, 0x00, 0x00, 0x00, 0x06, 0x00, 0x00, 0x00, 0x09, 0xd8, 0xd5, 0x92,
144 0x4d, 0x50, 0x32, 0xb7, 0x1f, 0xb8, 0xf2, 0xbb, 0x43, 0xc7, 0xe2, 0x94,
145 0x3d, 0x3e, 0x9a, 0x78, 0x76, 0xaa, 0x0a, 0x6b, 0xfa, 0x98, 0x3a};
146 const uint8_t server_expected_frame1[] = {
147 0x94, 0x00, 0x00, 0x00, 0x06, 0x00, 0x00, 0x00, 0xa9, 0x4b, 0xf8, 0xc8,
148 0xe7, 0x8f, 0x1a, 0x26, 0x37, 0x44, 0xa2, 0x5c, 0x55, 0x94, 0x30, 0x4e,
149 0x3e, 0x16, 0xe7, 0x9e, 0x96, 0xe8, 0x1b, 0xc0, 0xdd, 0x52, 0x30, 0x06,
150 0xc2, 0x72, 0x9a, 0xa1, 0x0b, 0xdb, 0xdc, 0x19, 0x8c, 0x93, 0x5e, 0x84,
151 0x1f, 0x4b, 0x97, 0x26, 0xf0, 0x73, 0x85, 0x59, 0x00, 0x95, 0xc1, 0xc5,
152 0x22, 0x2f, 0x70, 0x85, 0x68, 0x2c, 0x4f, 0xfe, 0x30, 0x26, 0x91, 0xde,
153 0x62, 0x55, 0x1d, 0x35, 0x01, 0x96, 0x1c, 0xe7, 0xa2, 0x8b, 0x14, 0x8a,
154 0x5e, 0x1b, 0x4a, 0x3b, 0x4f, 0x65, 0x0f, 0xca, 0x79, 0x10, 0xb4, 0xdd,
155 0xf7, 0xa4, 0x8b, 0x64, 0x2f, 0x00, 0x39, 0x60, 0x03, 0xfc, 0xe1, 0x8b,
156 0x5c, 0x19, 0xba, 0xcc, 0x46, 0xba, 0x88, 0xdd, 0x40, 0x42, 0x27, 0x4f,
157 0xe4, 0x1a, 0x6a, 0x31, 0x6c, 0x1c, 0xb0, 0xb6, 0x5c, 0x3e, 0xca, 0x84,
158 0x9b, 0x5f, 0x04, 0x84, 0x11, 0xa9, 0xf8, 0x39, 0xe7, 0xe7, 0xc5, 0xc4,
159 0x33, 0x9f, 0x63, 0x21, 0x9a, 0x7c, 0x9c, 0x64};
160 const size_t client_frame_size1 =
161 sizeof(client_expected_frame1) / sizeof(uint8_t);
162 const size_t server_frame_size1 =
163 sizeof(server_expected_frame1) / sizeof(uint8_t);
164 tsi_test_frame_protector_fixture* fixture =
165 tsi_test_frame_protector_fixture_create();
166 alts_test_do_round_trip_check_frames(
167 fixture, key, kAes128GcmKeyLength, /*rekey=*/false,
168 reinterpret_cast<const uint8_t*>(small_message), small_message_size,
169 client_expected_frame1, client_frame_size1, large_message,
170 large_message_size, server_expected_frame1, server_frame_size1);
171 tsi_test_frame_protector_fixture_destroy(fixture);
172 ///
173 /// Test large client message, small server message, and small
174 /// message_buffer_allocated_size.
175 ///
176 const uint8_t client_expected_frame2[] = {
177 0x94, 0x00, 0x00, 0x00, 0x06, 0x00, 0x00, 0x00, 0x93, 0x81, 0x86, 0xc7,
178 0xdc, 0xf4, 0x77, 0x3a, 0xdb, 0x91, 0x94, 0x61, 0xba, 0xed, 0xd5, 0x37,
179 0x47, 0x53, 0x0c, 0xe1, 0xbf, 0x59, 0x23, 0x20, 0xde, 0x8b, 0x25, 0x13,
180 0x72, 0xe7, 0x8a, 0x4f, 0x32, 0x61, 0xc6, 0xda, 0xc3, 0xe9, 0xff, 0x31,
181 0x33, 0x53, 0x4a, 0xf8, 0xc9, 0x98, 0xe4, 0x19, 0x71, 0x9c, 0x5e, 0x72,
182 0xc7, 0x35, 0x97, 0x78, 0x30, 0xf2, 0xc4, 0xd1, 0x53, 0xd5, 0x6e, 0x8f,
183 0x4f, 0xd9, 0x28, 0x5a, 0xfd, 0x22, 0x57, 0x7f, 0x95, 0xb4, 0x8a, 0x5e,
184 0x7c, 0x47, 0xa8, 0xcf, 0x64, 0x3d, 0x83, 0xa5, 0xcf, 0xc3, 0xfe, 0x54,
185 0xc2, 0x6a, 0x40, 0xc4, 0xfb, 0x8e, 0x07, 0x77, 0x70, 0x8f, 0x99, 0x94,
186 0xb1, 0xd5, 0xa7, 0xf9, 0x0d, 0xc7, 0x11, 0xc5, 0x6f, 0x4a, 0x4f, 0x56,
187 0xd5, 0xe2, 0x9c, 0xbb, 0x95, 0x7a, 0xd0, 0x9f, 0x30, 0x54, 0xca, 0x6d,
188 0x5c, 0x8e, 0x83, 0xa0, 0x04, 0x5e, 0xd0, 0x22, 0x8c, 0x2a, 0x7f, 0xdb,
189 0xfe, 0xb3, 0x2e, 0xae, 0x22, 0xe6, 0xf4, 0xb7};
190 const uint8_t server_expected_frame2[] = {
191 0x1f, 0x00, 0x00, 0x00, 0x06, 0x00, 0x00, 0x00, 0x33, 0x12, 0xab, 0x9d,
192 0x76, 0x2b, 0x5f, 0xab, 0xf3, 0x6d, 0xc4, 0xaa, 0xe5, 0x1e, 0x63, 0xc1,
193 0x7b, 0x7b, 0x10, 0xd5, 0x63, 0x0f, 0x29, 0xad, 0x17, 0x33, 0x73};
194 const size_t client_frame_size2 =
195 sizeof(client_expected_frame2) / sizeof(uint8_t);
196 const size_t server_frame_size2 =
197 sizeof(server_expected_frame2) / sizeof(uint8_t);
198 fixture = tsi_test_frame_protector_fixture_create();
199 alts_test_do_round_trip_check_frames(
200 fixture, key, kAes128GcmKeyLength, /*rekey=*/false, large_message,
201 large_message_size, client_expected_frame2, client_frame_size2,
202 reinterpret_cast<const uint8_t*>(small_message), small_message_size,
203 server_expected_frame2, server_frame_size2);
204 tsi_test_frame_protector_fixture_destroy(fixture);
205 ///
206 /// Test large client message, small server message, and small
207 /// protected_buffer_size.
208 ///
209 const uint8_t client_expected_frame3[] = {
210 0x94, 0x00, 0x00, 0x00, 0x06, 0x00, 0x00, 0x00, 0x93, 0x81, 0x86, 0xc7,
211 0xdc, 0xf4, 0x77, 0x3a, 0xdb, 0x91, 0x94, 0x61, 0xba, 0xed, 0xd5, 0x37,
212 0x47, 0x53, 0x0c, 0xe1, 0xbf, 0x59, 0x23, 0x20, 0xde, 0x8b, 0x25, 0x13,
213 0x72, 0xe7, 0x8a, 0x4f, 0x32, 0x61, 0xc6, 0xda, 0xc3, 0xe9, 0xff, 0x31,
214 0x33, 0x53, 0x4a, 0xf8, 0xc9, 0x98, 0xe4, 0x19, 0x71, 0x9c, 0x5e, 0x72,
215 0xc7, 0x35, 0x97, 0x78, 0x30, 0xf2, 0xc4, 0xd1, 0x53, 0xd5, 0x6e, 0x8f,
216 0x4f, 0xd9, 0x28, 0x5a, 0xfd, 0x22, 0x57, 0x7f, 0x95, 0xb4, 0x8a, 0x5e,
217 0x7c, 0x47, 0xa8, 0xcf, 0x64, 0x3d, 0x83, 0xa5, 0xcf, 0xc3, 0xfe, 0x54,
218 0xc2, 0x6a, 0x40, 0xc4, 0xfb, 0x8e, 0x07, 0x77, 0x70, 0x8f, 0x99, 0x94,
219 0xb1, 0xd5, 0xa7, 0xf9, 0x0d, 0xc7, 0x11, 0xc5, 0x6f, 0x4a, 0x4f, 0x56,
220 0xd5, 0xe2, 0x9c, 0xbb, 0x95, 0x7a, 0xd0, 0x9f, 0x30, 0x54, 0xca, 0x6d,
221 0x5c, 0x8e, 0x83, 0xa0, 0x04, 0x5e, 0xd0, 0x22, 0x8c, 0x2a, 0x7f, 0xdb,
222 0xfe, 0xb3, 0x2e, 0xae, 0x22, 0xe6, 0xf4, 0xb7};
223 const uint8_t server_expected_frame3[] = {
224 0x1f, 0x00, 0x00, 0x00, 0x06, 0x00, 0x00, 0x00, 0x33, 0x12, 0xab, 0x9d,
225 0x76, 0x2b, 0x5f, 0xab, 0xf3, 0x6d, 0xc4, 0xaa, 0xe5, 0x1e, 0x63, 0xc1,
226 0x7b, 0x7b, 0x10, 0xd5, 0x63, 0x0f, 0x29, 0xad, 0x17, 0x33, 0x73};
227 const size_t client_frame_size3 =
228 sizeof(client_expected_frame3) / sizeof(uint8_t);
229 const size_t server_frame_size3 =
230 sizeof(server_expected_frame3) / sizeof(uint8_t);
231 fixture = tsi_test_frame_protector_fixture_create();
232 alts_test_do_round_trip_check_frames(
233 fixture, key, kAes128GcmKeyLength, /*rekey=*/false, large_message,
234 large_message_size, client_expected_frame3, client_frame_size3,
235 reinterpret_cast<const uint8_t*>(small_message), small_message_size,
236 server_expected_frame3, server_frame_size3);
237 tsi_test_frame_protector_fixture_destroy(fixture);
238 ///
239 /// Test large client message, small server message, and small
240 /// read_buffer_allocated_size.
241 ///
242 const uint8_t client_expected_frame4[] = {
243 0x94, 0x00, 0x00, 0x00, 0x06, 0x00, 0x00, 0x00, 0x93, 0x81, 0x86, 0xc7,
244 0xdc, 0xf4, 0x77, 0x3a, 0xdb, 0x91, 0x94, 0x61, 0xba, 0xed, 0xd5, 0x37,
245 0x47, 0x53, 0x0c, 0xe1, 0xbf, 0x59, 0x23, 0x20, 0xde, 0x8b, 0x25, 0x13,
246 0x72, 0xe7, 0x8a, 0x4f, 0x32, 0x61, 0xc6, 0xda, 0xc3, 0xe9, 0xff, 0x31,
247 0x33, 0x53, 0x4a, 0xf8, 0xc9, 0x98, 0xe4, 0x19, 0x71, 0x9c, 0x5e, 0x72,
248 0xc7, 0x35, 0x97, 0x78, 0x30, 0xf2, 0xc4, 0xd1, 0x53, 0xd5, 0x6e, 0x8f,
249 0x4f, 0xd9, 0x28, 0x5a, 0xfd, 0x22, 0x57, 0x7f, 0x95, 0xb4, 0x8a, 0x5e,
250 0x7c, 0x47, 0xa8, 0xcf, 0x64, 0x3d, 0x83, 0xa5, 0xcf, 0xc3, 0xfe, 0x54,
251 0xc2, 0x6a, 0x40, 0xc4, 0xfb, 0x8e, 0x07, 0x77, 0x70, 0x8f, 0x99, 0x94,
252 0xb1, 0xd5, 0xa7, 0xf9, 0x0d, 0xc7, 0x11, 0xc5, 0x6f, 0x4a, 0x4f, 0x56,
253 0xd5, 0xe2, 0x9c, 0xbb, 0x95, 0x7a, 0xd0, 0x9f, 0x30, 0x54, 0xca, 0x6d,
254 0x5c, 0x8e, 0x83, 0xa0, 0x04, 0x5e, 0xd0, 0x22, 0x8c, 0x2a, 0x7f, 0xdb,
255 0xfe, 0xb3, 0x2e, 0xae, 0x22, 0xe6, 0xf4, 0xb7};
256 const uint8_t server_expected_frame4[] = {
257 0x1f, 0x00, 0x00, 0x00, 0x06, 0x00, 0x00, 0x00, 0x33, 0x12, 0xab, 0x9d,
258 0x76, 0x2b, 0x5f, 0xab, 0xf3, 0x6d, 0xc4, 0xaa, 0xe5, 0x1e, 0x63, 0xc1,
259 0x7b, 0x7b, 0x10, 0xd5, 0x63, 0x0f, 0x29, 0xad, 0x17, 0x33, 0x73};
260 const size_t client_frame_size4 =
261 sizeof(client_expected_frame4) / sizeof(uint8_t);
262 const size_t server_frame_size4 =
263 sizeof(server_expected_frame4) / sizeof(uint8_t);
264 fixture = tsi_test_frame_protector_fixture_create();
265 alts_test_do_round_trip_check_frames(
266 fixture, key, kAes128GcmKeyLength, /*rekey=*/false, large_message,
267 large_message_size, client_expected_frame4, client_frame_size4,
268 reinterpret_cast<const uint8_t*>(small_message), small_message_size,
269 server_expected_frame4, server_frame_size4);
270 tsi_test_frame_protector_fixture_destroy(fixture);
271 ///
272 /// Test large client message, small server message, and small
273 /// client_max_output_protected_frame_size.
274 ///
275 const uint8_t client_expected_frame5[] = {
276 0x94, 0x00, 0x00, 0x00, 0x06, 0x00, 0x00, 0x00, 0x93, 0x81, 0x86, 0xc7,
277 0xdc, 0xf4, 0x77, 0x3a, 0xdb, 0x91, 0x94, 0x61, 0xba, 0xed, 0xd5, 0x37,
278 0x47, 0x53, 0x0c, 0xe1, 0xbf, 0x59, 0x23, 0x20, 0xde, 0x8b, 0x25, 0x13,
279 0x72, 0xe7, 0x8a, 0x4f, 0x32, 0x61, 0xc6, 0xda, 0xc3, 0xe9, 0xff, 0x31,
280 0x33, 0x53, 0x4a, 0xf8, 0xc9, 0x98, 0xe4, 0x19, 0x71, 0x9c, 0x5e, 0x72,
281 0xc7, 0x35, 0x97, 0x78, 0x30, 0xf2, 0xc4, 0xd1, 0x53, 0xd5, 0x6e, 0x8f,
282 0x4f, 0xd9, 0x28, 0x5a, 0xfd, 0x22, 0x57, 0x7f, 0x95, 0xb4, 0x8a, 0x5e,
283 0x7c, 0x47, 0xa8, 0xcf, 0x64, 0x3d, 0x83, 0xa5, 0xcf, 0xc3, 0xfe, 0x54,
284 0xc2, 0x6a, 0x40, 0xc4, 0xfb, 0x8e, 0x07, 0x77, 0x70, 0x8f, 0x99, 0x94,
285 0xb1, 0xd5, 0xa7, 0xf9, 0x0d, 0xc7, 0x11, 0xc5, 0x6f, 0x4a, 0x4f, 0x56,
286 0xd5, 0xe2, 0x9c, 0xbb, 0x95, 0x7a, 0xd0, 0x9f, 0x30, 0x54, 0xca, 0x6d,
287 0x5c, 0x8e, 0x83, 0xa0, 0x04, 0x5e, 0xd0, 0x22, 0x8c, 0x2a, 0x7f, 0xdb,
288 0xfe, 0xb3, 0x2e, 0xae, 0x22, 0xe6, 0xf4, 0xb7};
289 const uint8_t server_expected_frame5[] = {
290 0x1f, 0x00, 0x00, 0x00, 0x06, 0x00, 0x00, 0x00, 0x33, 0x12, 0xab, 0x9d,
291 0x76, 0x2b, 0x5f, 0xab, 0xf3, 0x6d, 0xc4, 0xaa, 0xe5, 0x1e, 0x63, 0xc1,
292 0x7b, 0x7b, 0x10, 0xd5, 0x63, 0x0f, 0x29, 0xad, 0x17, 0x33, 0x73};
293 const size_t client_frame_size5 =
294 sizeof(client_expected_frame5) / sizeof(uint8_t);
295 const size_t server_frame_size5 =
296 sizeof(server_expected_frame5) / sizeof(uint8_t);
297 fixture = tsi_test_frame_protector_fixture_create();
298 alts_test_do_round_trip_check_frames(
299 fixture, key, kAes128GcmKeyLength, /*rekey=*/false, large_message,
300 large_message_size, client_expected_frame5, client_frame_size5,
301 reinterpret_cast<const uint8_t*>(small_message), small_message_size,
302 server_expected_frame5, server_frame_size5);
303 tsi_test_frame_protector_fixture_destroy(fixture);
304 ///
305 /// Test small client message, large server message, and small
306 /// server_max_output_protected_frame_size.
307 ///
308 const uint8_t client_expected_frame6[] = {
309 0x1f, 0x00, 0x00, 0x00, 0x06, 0x00, 0x00, 0x00, 0x09, 0xd8, 0xd5, 0x92,
310 0x4d, 0x50, 0x32, 0xb7, 0x1f, 0xb8, 0xf2, 0xbb, 0x43, 0xc7, 0xe2, 0x94,
311 0x3d, 0x3e, 0x9a, 0x78, 0x76, 0xaa, 0x0a, 0x6b, 0xfa, 0x98, 0x3a};
312 const uint8_t server_expected_frame6[] = {
313 0x94, 0x00, 0x00, 0x00, 0x06, 0x00, 0x00, 0x00, 0xa9, 0x4b, 0xf8, 0xc8,
314 0xe7, 0x8f, 0x1a, 0x26, 0x37, 0x44, 0xa2, 0x5c, 0x55, 0x94, 0x30, 0x4e,
315 0x3e, 0x16, 0xe7, 0x9e, 0x96, 0xe8, 0x1b, 0xc0, 0xdd, 0x52, 0x30, 0x06,
316 0xc2, 0x72, 0x9a, 0xa1, 0x0b, 0xdb, 0xdc, 0x19, 0x8c, 0x93, 0x5e, 0x84,
317 0x1f, 0x4b, 0x97, 0x26, 0xf0, 0x73, 0x85, 0x59, 0x00, 0x95, 0xc1, 0xc5,
318 0x22, 0x2f, 0x70, 0x85, 0x68, 0x2c, 0x4f, 0xfe, 0x30, 0x26, 0x91, 0xde,
319 0x62, 0x55, 0x1d, 0x35, 0x01, 0x96, 0x1c, 0xe7, 0xa2, 0x8b, 0x14, 0x8a,
320 0x5e, 0x1b, 0x4a, 0x3b, 0x4f, 0x65, 0x0f, 0xca, 0x79, 0x10, 0xb4, 0xdd,
321 0xf7, 0xa4, 0x8b, 0x64, 0x2f, 0x00, 0x39, 0x60, 0x03, 0xfc, 0xe1, 0x8b,
322 0x5c, 0x19, 0xba, 0xcc, 0x46, 0xba, 0x88, 0xdd, 0x40, 0x42, 0x27, 0x4f,
323 0xe4, 0x1a, 0x6a, 0x31, 0x6c, 0x1c, 0xb0, 0xb6, 0x5c, 0x3e, 0xca, 0x84,
324 0x9b, 0x5f, 0x04, 0x84, 0x11, 0xa9, 0xf8, 0x39, 0xe7, 0xe7, 0xc5, 0xc4,
325 0x33, 0x9f, 0x63, 0x21, 0x9a, 0x7c, 0x9c, 0x64};
326 const size_t client_frame_size6 =
327 sizeof(client_expected_frame6) / sizeof(uint8_t);
328 const size_t server_frame_size6 =
329 sizeof(server_expected_frame6) / sizeof(uint8_t);
330 fixture = tsi_test_frame_protector_fixture_create();
331 alts_test_do_round_trip_check_frames(
332 fixture, key, kAes128GcmKeyLength, /*rekey=*/false,
333 reinterpret_cast<const uint8_t*>(small_message), small_message_size,
334 client_expected_frame6, client_frame_size6, large_message,
335 large_message_size, server_expected_frame6, server_frame_size6);
336 tsi_test_frame_protector_fixture_destroy(fixture);
337 }
338
alts_test_do_round_trip(tsi_test_frame_protector_fixture * fixture,bool rekey)339 static void alts_test_do_round_trip(tsi_test_frame_protector_fixture* fixture,
340 bool rekey) {
341 ASSERT_NE(fixture, nullptr);
342 ASSERT_NE(fixture->config, nullptr);
343 tsi_frame_protector* client_frame_protector = nullptr;
344 tsi_frame_protector* server_frame_protector = nullptr;
345 tsi_test_frame_protector_config* config = fixture->config;
346 // Create a key to be used by both client and server.
347 uint8_t* key = nullptr;
348 size_t key_length = rekey ? kAes128GcmRekeyKeyLength : kAes128GcmKeyLength;
349 gsec_test_random_array(&key, key_length);
350 // Create a client frame protector.
351 size_t client_max_output_protected_frame_size =
352 config->client_max_output_protected_frame_size;
353 ASSERT_EQ(
354 alts_create_frame_protector(key, key_length, /*is_client=*/true, rekey,
355 client_max_output_protected_frame_size == 0
356 ? nullptr
357 : &client_max_output_protected_frame_size,
358 &client_frame_protector),
359 TSI_OK);
360 // Create a server frame protector.
361 size_t server_max_output_protected_frame_size =
362 config->server_max_output_protected_frame_size;
363 ASSERT_EQ(
364 alts_create_frame_protector(key, key_length, /*is_client=*/false, rekey,
365 server_max_output_protected_frame_size == 0
366 ? nullptr
367 : &server_max_output_protected_frame_size,
368 &server_frame_protector),
369 TSI_OK);
370 tsi_test_frame_protector_fixture_init(fixture, client_frame_protector,
371 server_frame_protector);
372 tsi_test_frame_protector_do_round_trip_no_handshake(fixture);
373 gpr_free(key);
374 }
375
376 // Run all combinations of different arguments of test config.
alts_test_do_round_trip_all(bool rekey)377 static void alts_test_do_round_trip_all(bool rekey) {
378 unsigned int* bit_array = static_cast<unsigned int*>(
379 gpr_malloc(sizeof(unsigned int) * TSI_TEST_NUM_OF_ARGUMENTS));
380 unsigned int mask = 1U << (TSI_TEST_NUM_OF_ARGUMENTS - 1);
381 unsigned int val = 0, ind = 0;
382 for (val = 0; val < TSI_TEST_NUM_OF_COMBINATIONS; val++) {
383 unsigned int v = val;
384 for (ind = 0; ind < TSI_TEST_NUM_OF_ARGUMENTS; ind++) {
385 bit_array[ind] = (v & mask) ? 1 : 0;
386 v <<= 1;
387 }
388 tsi_test_frame_protector_fixture* fixture =
389 tsi_test_frame_protector_fixture_create();
390 tsi_test_frame_protector_config_destroy(fixture->config);
391 fixture->config = tsi_test_frame_protector_config_create(
392 bit_array[0], bit_array[1], bit_array[2], bit_array[3], bit_array[4],
393 bit_array[5], bit_array[6]);
394 alts_test_do_round_trip(fixture, rekey);
395 tsi_test_frame_protector_fixture_destroy(fixture);
396 }
397 gpr_free(bit_array);
398 }
399
TEST(AltsFrameProtectorTest,MainTest)400 TEST(AltsFrameProtectorTest, MainTest) {
401 alts_test_do_round_trip_vector_tests();
402 alts_test_do_round_trip_all(/*rekey=*/false);
403 alts_test_do_round_trip_all(/*rekey=*/true);
404 }
405
main(int argc,char ** argv)406 int main(int argc, char** argv) {
407 ::testing::InitGoogleTest(&argc, argv);
408 return RUN_ALL_TESTS();
409 }
410