1*d9f75844SAndroid Build Coastguard Worker /*
2*d9f75844SAndroid Build Coastguard Worker * Copyright 2018 The WebRTC Project Authors. All rights reserved.
3*d9f75844SAndroid Build Coastguard Worker *
4*d9f75844SAndroid Build Coastguard Worker * Use of this source code is governed by a BSD-style license
5*d9f75844SAndroid Build Coastguard Worker * that can be found in the LICENSE file in the root of the source
6*d9f75844SAndroid Build Coastguard Worker * tree. An additional intellectual property rights grant can be found
7*d9f75844SAndroid Build Coastguard Worker * in the file PATENTS. All contributing project authors may
8*d9f75844SAndroid Build Coastguard Worker * be found in the AUTHORS file in the root of the source tree.
9*d9f75844SAndroid Build Coastguard Worker */
10*d9f75844SAndroid Build Coastguard Worker
11*d9f75844SAndroid Build Coastguard Worker #include "pc/jsep_transport.h"
12*d9f75844SAndroid Build Coastguard Worker
13*d9f75844SAndroid Build Coastguard Worker #include <stdint.h>
14*d9f75844SAndroid Build Coastguard Worker #include <string.h>
15*d9f75844SAndroid Build Coastguard Worker
16*d9f75844SAndroid Build Coastguard Worker #include <ostream>
17*d9f75844SAndroid Build Coastguard Worker #include <string>
18*d9f75844SAndroid Build Coastguard Worker #include <tuple>
19*d9f75844SAndroid Build Coastguard Worker #include <utility>
20*d9f75844SAndroid Build Coastguard Worker
21*d9f75844SAndroid Build Coastguard Worker #include "api/candidate.h"
22*d9f75844SAndroid Build Coastguard Worker #include "media/base/fake_rtp.h"
23*d9f75844SAndroid Build Coastguard Worker #include "p2p/base/fake_dtls_transport.h"
24*d9f75844SAndroid Build Coastguard Worker #include "p2p/base/fake_ice_transport.h"
25*d9f75844SAndroid Build Coastguard Worker #include "p2p/base/p2p_constants.h"
26*d9f75844SAndroid Build Coastguard Worker #include "p2p/base/packet_transport_internal.h"
27*d9f75844SAndroid Build Coastguard Worker #include "rtc_base/async_packet_socket.h"
28*d9f75844SAndroid Build Coastguard Worker #include "rtc_base/buffer.h"
29*d9f75844SAndroid Build Coastguard Worker #include "rtc_base/byte_order.h"
30*d9f75844SAndroid Build Coastguard Worker #include "rtc_base/copy_on_write_buffer.h"
31*d9f75844SAndroid Build Coastguard Worker #include "rtc_base/helpers.h"
32*d9f75844SAndroid Build Coastguard Worker #include "rtc_base/logging.h"
33*d9f75844SAndroid Build Coastguard Worker #include "rtc_base/net_helper.h"
34*d9f75844SAndroid Build Coastguard Worker #include "rtc_base/socket_address.h"
35*d9f75844SAndroid Build Coastguard Worker #include "rtc_base/ssl_certificate.h"
36*d9f75844SAndroid Build Coastguard Worker #include "rtc_base/ssl_identity.h"
37*d9f75844SAndroid Build Coastguard Worker #include "rtc_base/third_party/sigslot/sigslot.h"
38*d9f75844SAndroid Build Coastguard Worker #include "test/gtest.h"
39*d9f75844SAndroid Build Coastguard Worker #include "test/scoped_key_value_config.h"
40*d9f75844SAndroid Build Coastguard Worker
41*d9f75844SAndroid Build Coastguard Worker namespace cricket {
42*d9f75844SAndroid Build Coastguard Worker namespace {
43*d9f75844SAndroid Build Coastguard Worker using webrtc::SdpType;
44*d9f75844SAndroid Build Coastguard Worker
45*d9f75844SAndroid Build Coastguard Worker static const char kIceUfrag1[] = "U001";
46*d9f75844SAndroid Build Coastguard Worker static const char kIcePwd1[] = "TESTICEPWD00000000000001";
47*d9f75844SAndroid Build Coastguard Worker static const char kIceUfrag2[] = "U002";
48*d9f75844SAndroid Build Coastguard Worker static const char kIcePwd2[] = "TESTIEPWD00000000000002";
49*d9f75844SAndroid Build Coastguard Worker static const char kTransportName[] = "Test Transport";
50*d9f75844SAndroid Build Coastguard Worker
51*d9f75844SAndroid Build Coastguard Worker enum class SrtpMode {
52*d9f75844SAndroid Build Coastguard Worker kSdes,
53*d9f75844SAndroid Build Coastguard Worker kDtlsSrtp,
54*d9f75844SAndroid Build Coastguard Worker };
55*d9f75844SAndroid Build Coastguard Worker
56*d9f75844SAndroid Build Coastguard Worker struct NegotiateRoleParams {
57*d9f75844SAndroid Build Coastguard Worker ConnectionRole local_role;
58*d9f75844SAndroid Build Coastguard Worker ConnectionRole remote_role;
59*d9f75844SAndroid Build Coastguard Worker SdpType local_type;
60*d9f75844SAndroid Build Coastguard Worker SdpType remote_type;
61*d9f75844SAndroid Build Coastguard Worker };
62*d9f75844SAndroid Build Coastguard Worker
operator <<(std::ostream & os,const ConnectionRole & role)63*d9f75844SAndroid Build Coastguard Worker std::ostream& operator<<(std::ostream& os, const ConnectionRole& role) {
64*d9f75844SAndroid Build Coastguard Worker std::string str = "invalid";
65*d9f75844SAndroid Build Coastguard Worker ConnectionRoleToString(role, &str);
66*d9f75844SAndroid Build Coastguard Worker os << str;
67*d9f75844SAndroid Build Coastguard Worker return os;
68*d9f75844SAndroid Build Coastguard Worker }
69*d9f75844SAndroid Build Coastguard Worker
operator <<(std::ostream & os,const NegotiateRoleParams & param)70*d9f75844SAndroid Build Coastguard Worker std::ostream& operator<<(std::ostream& os, const NegotiateRoleParams& param) {
71*d9f75844SAndroid Build Coastguard Worker os << "[Local role " << param.local_role << " Remote role "
72*d9f75844SAndroid Build Coastguard Worker << param.remote_role << " LocalType " << SdpTypeToString(param.local_type)
73*d9f75844SAndroid Build Coastguard Worker << " RemoteType " << SdpTypeToString(param.remote_type) << "]";
74*d9f75844SAndroid Build Coastguard Worker return os;
75*d9f75844SAndroid Build Coastguard Worker }
76*d9f75844SAndroid Build Coastguard Worker
CreateIceTransport(std::unique_ptr<FakeIceTransport> internal)77*d9f75844SAndroid Build Coastguard Worker rtc::scoped_refptr<webrtc::IceTransportInterface> CreateIceTransport(
78*d9f75844SAndroid Build Coastguard Worker std::unique_ptr<FakeIceTransport> internal) {
79*d9f75844SAndroid Build Coastguard Worker if (!internal) {
80*d9f75844SAndroid Build Coastguard Worker return nullptr;
81*d9f75844SAndroid Build Coastguard Worker }
82*d9f75844SAndroid Build Coastguard Worker
83*d9f75844SAndroid Build Coastguard Worker return rtc::make_ref_counted<FakeIceTransportWrapper>(std::move(internal));
84*d9f75844SAndroid Build Coastguard Worker }
85*d9f75844SAndroid Build Coastguard Worker
86*d9f75844SAndroid Build Coastguard Worker class JsepTransport2Test : public ::testing::Test, public sigslot::has_slots<> {
87*d9f75844SAndroid Build Coastguard Worker protected:
CreateSdesTransport(rtc::PacketTransportInternal * rtp_packet_transport,rtc::PacketTransportInternal * rtcp_packet_transport)88*d9f75844SAndroid Build Coastguard Worker std::unique_ptr<webrtc::SrtpTransport> CreateSdesTransport(
89*d9f75844SAndroid Build Coastguard Worker rtc::PacketTransportInternal* rtp_packet_transport,
90*d9f75844SAndroid Build Coastguard Worker rtc::PacketTransportInternal* rtcp_packet_transport) {
91*d9f75844SAndroid Build Coastguard Worker auto srtp_transport = std::make_unique<webrtc::SrtpTransport>(
92*d9f75844SAndroid Build Coastguard Worker rtcp_packet_transport == nullptr, field_trials_);
93*d9f75844SAndroid Build Coastguard Worker
94*d9f75844SAndroid Build Coastguard Worker srtp_transport->SetRtpPacketTransport(rtp_packet_transport);
95*d9f75844SAndroid Build Coastguard Worker if (rtcp_packet_transport) {
96*d9f75844SAndroid Build Coastguard Worker srtp_transport->SetRtcpPacketTransport(rtp_packet_transport);
97*d9f75844SAndroid Build Coastguard Worker }
98*d9f75844SAndroid Build Coastguard Worker return srtp_transport;
99*d9f75844SAndroid Build Coastguard Worker }
100*d9f75844SAndroid Build Coastguard Worker
CreateDtlsSrtpTransport(cricket::DtlsTransportInternal * rtp_dtls_transport,cricket::DtlsTransportInternal * rtcp_dtls_transport)101*d9f75844SAndroid Build Coastguard Worker std::unique_ptr<webrtc::DtlsSrtpTransport> CreateDtlsSrtpTransport(
102*d9f75844SAndroid Build Coastguard Worker cricket::DtlsTransportInternal* rtp_dtls_transport,
103*d9f75844SAndroid Build Coastguard Worker cricket::DtlsTransportInternal* rtcp_dtls_transport) {
104*d9f75844SAndroid Build Coastguard Worker auto dtls_srtp_transport = std::make_unique<webrtc::DtlsSrtpTransport>(
105*d9f75844SAndroid Build Coastguard Worker rtcp_dtls_transport == nullptr, field_trials_);
106*d9f75844SAndroid Build Coastguard Worker dtls_srtp_transport->SetDtlsTransports(rtp_dtls_transport,
107*d9f75844SAndroid Build Coastguard Worker rtcp_dtls_transport);
108*d9f75844SAndroid Build Coastguard Worker return dtls_srtp_transport;
109*d9f75844SAndroid Build Coastguard Worker }
110*d9f75844SAndroid Build Coastguard Worker
111*d9f75844SAndroid Build Coastguard Worker // Create a new JsepTransport with a FakeDtlsTransport and a
112*d9f75844SAndroid Build Coastguard Worker // FakeIceTransport.
CreateJsepTransport2(bool rtcp_mux_enabled,SrtpMode srtp_mode)113*d9f75844SAndroid Build Coastguard Worker std::unique_ptr<JsepTransport> CreateJsepTransport2(bool rtcp_mux_enabled,
114*d9f75844SAndroid Build Coastguard Worker SrtpMode srtp_mode) {
115*d9f75844SAndroid Build Coastguard Worker auto ice_internal = std::make_unique<FakeIceTransport>(
116*d9f75844SAndroid Build Coastguard Worker kTransportName, ICE_CANDIDATE_COMPONENT_RTP);
117*d9f75844SAndroid Build Coastguard Worker auto rtp_dtls_transport =
118*d9f75844SAndroid Build Coastguard Worker std::make_unique<FakeDtlsTransport>(ice_internal.get());
119*d9f75844SAndroid Build Coastguard Worker auto ice = CreateIceTransport(std::move(ice_internal));
120*d9f75844SAndroid Build Coastguard Worker
121*d9f75844SAndroid Build Coastguard Worker std::unique_ptr<FakeIceTransport> rtcp_ice_internal;
122*d9f75844SAndroid Build Coastguard Worker std::unique_ptr<FakeDtlsTransport> rtcp_dtls_transport;
123*d9f75844SAndroid Build Coastguard Worker if (!rtcp_mux_enabled) {
124*d9f75844SAndroid Build Coastguard Worker rtcp_ice_internal = std::make_unique<FakeIceTransport>(
125*d9f75844SAndroid Build Coastguard Worker kTransportName, ICE_CANDIDATE_COMPONENT_RTCP);
126*d9f75844SAndroid Build Coastguard Worker rtcp_dtls_transport =
127*d9f75844SAndroid Build Coastguard Worker std::make_unique<FakeDtlsTransport>(rtcp_ice_internal.get());
128*d9f75844SAndroid Build Coastguard Worker }
129*d9f75844SAndroid Build Coastguard Worker auto rtcp_ice = CreateIceTransport(std::move(rtcp_ice_internal));
130*d9f75844SAndroid Build Coastguard Worker
131*d9f75844SAndroid Build Coastguard Worker std::unique_ptr<webrtc::RtpTransport> unencrypted_rtp_transport;
132*d9f75844SAndroid Build Coastguard Worker std::unique_ptr<webrtc::SrtpTransport> sdes_transport;
133*d9f75844SAndroid Build Coastguard Worker std::unique_ptr<webrtc::DtlsSrtpTransport> dtls_srtp_transport;
134*d9f75844SAndroid Build Coastguard Worker switch (srtp_mode) {
135*d9f75844SAndroid Build Coastguard Worker case SrtpMode::kSdes:
136*d9f75844SAndroid Build Coastguard Worker sdes_transport = CreateSdesTransport(rtp_dtls_transport.get(),
137*d9f75844SAndroid Build Coastguard Worker rtcp_dtls_transport.get());
138*d9f75844SAndroid Build Coastguard Worker sdes_transport_ = sdes_transport.get();
139*d9f75844SAndroid Build Coastguard Worker break;
140*d9f75844SAndroid Build Coastguard Worker case SrtpMode::kDtlsSrtp:
141*d9f75844SAndroid Build Coastguard Worker dtls_srtp_transport = CreateDtlsSrtpTransport(
142*d9f75844SAndroid Build Coastguard Worker rtp_dtls_transport.get(), rtcp_dtls_transport.get());
143*d9f75844SAndroid Build Coastguard Worker break;
144*d9f75844SAndroid Build Coastguard Worker default:
145*d9f75844SAndroid Build Coastguard Worker RTC_DCHECK_NOTREACHED();
146*d9f75844SAndroid Build Coastguard Worker }
147*d9f75844SAndroid Build Coastguard Worker
148*d9f75844SAndroid Build Coastguard Worker auto jsep_transport = std::make_unique<JsepTransport>(
149*d9f75844SAndroid Build Coastguard Worker kTransportName, /*local_certificate=*/nullptr, std::move(ice),
150*d9f75844SAndroid Build Coastguard Worker std::move(rtcp_ice), std::move(unencrypted_rtp_transport),
151*d9f75844SAndroid Build Coastguard Worker std::move(sdes_transport), std::move(dtls_srtp_transport),
152*d9f75844SAndroid Build Coastguard Worker std::move(rtp_dtls_transport), std::move(rtcp_dtls_transport),
153*d9f75844SAndroid Build Coastguard Worker /*sctp_transport=*/nullptr,
154*d9f75844SAndroid Build Coastguard Worker /*rtcp_mux_active_callback=*/[&]() { OnRtcpMuxActive(); });
155*d9f75844SAndroid Build Coastguard Worker
156*d9f75844SAndroid Build Coastguard Worker signal_rtcp_mux_active_received_ = false;
157*d9f75844SAndroid Build Coastguard Worker return jsep_transport;
158*d9f75844SAndroid Build Coastguard Worker }
159*d9f75844SAndroid Build Coastguard Worker
MakeJsepTransportDescription(bool rtcp_mux_enabled,const char * ufrag,const char * pwd,const rtc::scoped_refptr<rtc::RTCCertificate> & cert,ConnectionRole role=CONNECTIONROLE_NONE)160*d9f75844SAndroid Build Coastguard Worker JsepTransportDescription MakeJsepTransportDescription(
161*d9f75844SAndroid Build Coastguard Worker bool rtcp_mux_enabled,
162*d9f75844SAndroid Build Coastguard Worker const char* ufrag,
163*d9f75844SAndroid Build Coastguard Worker const char* pwd,
164*d9f75844SAndroid Build Coastguard Worker const rtc::scoped_refptr<rtc::RTCCertificate>& cert,
165*d9f75844SAndroid Build Coastguard Worker ConnectionRole role = CONNECTIONROLE_NONE) {
166*d9f75844SAndroid Build Coastguard Worker JsepTransportDescription jsep_description;
167*d9f75844SAndroid Build Coastguard Worker jsep_description.rtcp_mux_enabled = rtcp_mux_enabled;
168*d9f75844SAndroid Build Coastguard Worker
169*d9f75844SAndroid Build Coastguard Worker std::unique_ptr<rtc::SSLFingerprint> fingerprint;
170*d9f75844SAndroid Build Coastguard Worker if (cert) {
171*d9f75844SAndroid Build Coastguard Worker fingerprint = rtc::SSLFingerprint::CreateFromCertificate(*cert);
172*d9f75844SAndroid Build Coastguard Worker }
173*d9f75844SAndroid Build Coastguard Worker jsep_description.transport_desc =
174*d9f75844SAndroid Build Coastguard Worker TransportDescription(std::vector<std::string>(), ufrag, pwd,
175*d9f75844SAndroid Build Coastguard Worker ICEMODE_FULL, role, fingerprint.get());
176*d9f75844SAndroid Build Coastguard Worker return jsep_description;
177*d9f75844SAndroid Build Coastguard Worker }
178*d9f75844SAndroid Build Coastguard Worker
CreateCandidate(int component)179*d9f75844SAndroid Build Coastguard Worker Candidate CreateCandidate(int component) {
180*d9f75844SAndroid Build Coastguard Worker Candidate c;
181*d9f75844SAndroid Build Coastguard Worker c.set_address(rtc::SocketAddress("192.168.1.1", 8000));
182*d9f75844SAndroid Build Coastguard Worker c.set_component(component);
183*d9f75844SAndroid Build Coastguard Worker c.set_protocol(UDP_PROTOCOL_NAME);
184*d9f75844SAndroid Build Coastguard Worker c.set_priority(1);
185*d9f75844SAndroid Build Coastguard Worker return c;
186*d9f75844SAndroid Build Coastguard Worker }
187*d9f75844SAndroid Build Coastguard Worker
OnRtcpMuxActive()188*d9f75844SAndroid Build Coastguard Worker void OnRtcpMuxActive() { signal_rtcp_mux_active_received_ = true; }
189*d9f75844SAndroid Build Coastguard Worker
190*d9f75844SAndroid Build Coastguard Worker rtc::AutoThread main_thread_;
191*d9f75844SAndroid Build Coastguard Worker std::unique_ptr<JsepTransport> jsep_transport_;
192*d9f75844SAndroid Build Coastguard Worker bool signal_rtcp_mux_active_received_ = false;
193*d9f75844SAndroid Build Coastguard Worker // The SrtpTransport is owned by `jsep_transport_`. Keep a raw pointer here
194*d9f75844SAndroid Build Coastguard Worker // for testing.
195*d9f75844SAndroid Build Coastguard Worker webrtc::SrtpTransport* sdes_transport_ = nullptr;
196*d9f75844SAndroid Build Coastguard Worker
197*d9f75844SAndroid Build Coastguard Worker webrtc::test::ScopedKeyValueConfig field_trials_;
198*d9f75844SAndroid Build Coastguard Worker };
199*d9f75844SAndroid Build Coastguard Worker
200*d9f75844SAndroid Build Coastguard Worker // The parameterized tests cover both cases when RTCP mux is enable and
201*d9f75844SAndroid Build Coastguard Worker // disabled.
202*d9f75844SAndroid Build Coastguard Worker class JsepTransport2WithRtcpMux : public JsepTransport2Test,
203*d9f75844SAndroid Build Coastguard Worker public ::testing::WithParamInterface<bool> {};
204*d9f75844SAndroid Build Coastguard Worker
205*d9f75844SAndroid Build Coastguard Worker // This test verifies the ICE parameters are properly applied to the transports.
TEST_P(JsepTransport2WithRtcpMux,SetIceParameters)206*d9f75844SAndroid Build Coastguard Worker TEST_P(JsepTransport2WithRtcpMux, SetIceParameters) {
207*d9f75844SAndroid Build Coastguard Worker bool rtcp_mux_enabled = GetParam();
208*d9f75844SAndroid Build Coastguard Worker jsep_transport_ = CreateJsepTransport2(rtcp_mux_enabled, SrtpMode::kDtlsSrtp);
209*d9f75844SAndroid Build Coastguard Worker
210*d9f75844SAndroid Build Coastguard Worker JsepTransportDescription jsep_description;
211*d9f75844SAndroid Build Coastguard Worker jsep_description.transport_desc = TransportDescription(kIceUfrag1, kIcePwd1);
212*d9f75844SAndroid Build Coastguard Worker jsep_description.rtcp_mux_enabled = rtcp_mux_enabled;
213*d9f75844SAndroid Build Coastguard Worker ASSERT_TRUE(
214*d9f75844SAndroid Build Coastguard Worker jsep_transport_
215*d9f75844SAndroid Build Coastguard Worker ->SetLocalJsepTransportDescription(jsep_description, SdpType::kOffer)
216*d9f75844SAndroid Build Coastguard Worker .ok());
217*d9f75844SAndroid Build Coastguard Worker auto fake_ice_transport = static_cast<FakeIceTransport*>(
218*d9f75844SAndroid Build Coastguard Worker jsep_transport_->rtp_dtls_transport()->ice_transport());
219*d9f75844SAndroid Build Coastguard Worker EXPECT_EQ(ICEMODE_FULL, fake_ice_transport->remote_ice_mode());
220*d9f75844SAndroid Build Coastguard Worker EXPECT_EQ(kIceUfrag1, fake_ice_transport->ice_ufrag());
221*d9f75844SAndroid Build Coastguard Worker EXPECT_EQ(kIcePwd1, fake_ice_transport->ice_pwd());
222*d9f75844SAndroid Build Coastguard Worker if (!rtcp_mux_enabled) {
223*d9f75844SAndroid Build Coastguard Worker fake_ice_transport = static_cast<FakeIceTransport*>(
224*d9f75844SAndroid Build Coastguard Worker jsep_transport_->rtcp_dtls_transport()->ice_transport());
225*d9f75844SAndroid Build Coastguard Worker ASSERT_TRUE(fake_ice_transport);
226*d9f75844SAndroid Build Coastguard Worker EXPECT_EQ(ICEMODE_FULL, fake_ice_transport->remote_ice_mode());
227*d9f75844SAndroid Build Coastguard Worker EXPECT_EQ(kIceUfrag1, fake_ice_transport->ice_ufrag());
228*d9f75844SAndroid Build Coastguard Worker EXPECT_EQ(kIcePwd1, fake_ice_transport->ice_pwd());
229*d9f75844SAndroid Build Coastguard Worker }
230*d9f75844SAndroid Build Coastguard Worker
231*d9f75844SAndroid Build Coastguard Worker jsep_description.transport_desc = TransportDescription(kIceUfrag2, kIcePwd2);
232*d9f75844SAndroid Build Coastguard Worker ASSERT_TRUE(jsep_transport_
233*d9f75844SAndroid Build Coastguard Worker ->SetRemoteJsepTransportDescription(jsep_description,
234*d9f75844SAndroid Build Coastguard Worker SdpType::kAnswer)
235*d9f75844SAndroid Build Coastguard Worker .ok());
236*d9f75844SAndroid Build Coastguard Worker fake_ice_transport = static_cast<FakeIceTransport*>(
237*d9f75844SAndroid Build Coastguard Worker jsep_transport_->rtp_dtls_transport()->ice_transport());
238*d9f75844SAndroid Build Coastguard Worker EXPECT_EQ(ICEMODE_FULL, fake_ice_transport->remote_ice_mode());
239*d9f75844SAndroid Build Coastguard Worker EXPECT_EQ(kIceUfrag2, fake_ice_transport->remote_ice_ufrag());
240*d9f75844SAndroid Build Coastguard Worker EXPECT_EQ(kIcePwd2, fake_ice_transport->remote_ice_pwd());
241*d9f75844SAndroid Build Coastguard Worker if (!rtcp_mux_enabled) {
242*d9f75844SAndroid Build Coastguard Worker fake_ice_transport = static_cast<FakeIceTransport*>(
243*d9f75844SAndroid Build Coastguard Worker jsep_transport_->rtcp_dtls_transport()->ice_transport());
244*d9f75844SAndroid Build Coastguard Worker ASSERT_TRUE(fake_ice_transport);
245*d9f75844SAndroid Build Coastguard Worker EXPECT_EQ(ICEMODE_FULL, fake_ice_transport->remote_ice_mode());
246*d9f75844SAndroid Build Coastguard Worker EXPECT_EQ(kIceUfrag2, fake_ice_transport->remote_ice_ufrag());
247*d9f75844SAndroid Build Coastguard Worker EXPECT_EQ(kIcePwd2, fake_ice_transport->remote_ice_pwd());
248*d9f75844SAndroid Build Coastguard Worker }
249*d9f75844SAndroid Build Coastguard Worker }
250*d9f75844SAndroid Build Coastguard Worker
251*d9f75844SAndroid Build Coastguard Worker // Similarly, test DTLS parameters are properly applied to the transports.
TEST_P(JsepTransport2WithRtcpMux,SetDtlsParameters)252*d9f75844SAndroid Build Coastguard Worker TEST_P(JsepTransport2WithRtcpMux, SetDtlsParameters) {
253*d9f75844SAndroid Build Coastguard Worker bool rtcp_mux_enabled = GetParam();
254*d9f75844SAndroid Build Coastguard Worker jsep_transport_ = CreateJsepTransport2(rtcp_mux_enabled, SrtpMode::kDtlsSrtp);
255*d9f75844SAndroid Build Coastguard Worker
256*d9f75844SAndroid Build Coastguard Worker // Create certificates.
257*d9f75844SAndroid Build Coastguard Worker rtc::scoped_refptr<rtc::RTCCertificate> local_cert =
258*d9f75844SAndroid Build Coastguard Worker rtc::RTCCertificate::Create(
259*d9f75844SAndroid Build Coastguard Worker rtc::SSLIdentity::Create("local", rtc::KT_DEFAULT));
260*d9f75844SAndroid Build Coastguard Worker rtc::scoped_refptr<rtc::RTCCertificate> remote_cert =
261*d9f75844SAndroid Build Coastguard Worker rtc::RTCCertificate::Create(
262*d9f75844SAndroid Build Coastguard Worker rtc::SSLIdentity::Create("remote", rtc::KT_DEFAULT));
263*d9f75844SAndroid Build Coastguard Worker jsep_transport_->SetLocalCertificate(local_cert);
264*d9f75844SAndroid Build Coastguard Worker
265*d9f75844SAndroid Build Coastguard Worker // Apply offer.
266*d9f75844SAndroid Build Coastguard Worker JsepTransportDescription local_description =
267*d9f75844SAndroid Build Coastguard Worker MakeJsepTransportDescription(rtcp_mux_enabled, kIceUfrag1, kIcePwd1,
268*d9f75844SAndroid Build Coastguard Worker local_cert, CONNECTIONROLE_ACTPASS);
269*d9f75844SAndroid Build Coastguard Worker ASSERT_TRUE(
270*d9f75844SAndroid Build Coastguard Worker jsep_transport_
271*d9f75844SAndroid Build Coastguard Worker ->SetLocalJsepTransportDescription(local_description, SdpType::kOffer)
272*d9f75844SAndroid Build Coastguard Worker .ok());
273*d9f75844SAndroid Build Coastguard Worker // Apply Answer.
274*d9f75844SAndroid Build Coastguard Worker JsepTransportDescription remote_description =
275*d9f75844SAndroid Build Coastguard Worker MakeJsepTransportDescription(rtcp_mux_enabled, kIceUfrag2, kIcePwd2,
276*d9f75844SAndroid Build Coastguard Worker remote_cert, CONNECTIONROLE_ACTIVE);
277*d9f75844SAndroid Build Coastguard Worker ASSERT_TRUE(jsep_transport_
278*d9f75844SAndroid Build Coastguard Worker ->SetRemoteJsepTransportDescription(remote_description,
279*d9f75844SAndroid Build Coastguard Worker SdpType::kAnswer)
280*d9f75844SAndroid Build Coastguard Worker .ok());
281*d9f75844SAndroid Build Coastguard Worker
282*d9f75844SAndroid Build Coastguard Worker // Verify that SSL role and remote fingerprint were set correctly based on
283*d9f75844SAndroid Build Coastguard Worker // transport descriptions.
284*d9f75844SAndroid Build Coastguard Worker auto role = jsep_transport_->GetDtlsRole();
285*d9f75844SAndroid Build Coastguard Worker ASSERT_TRUE(role);
286*d9f75844SAndroid Build Coastguard Worker EXPECT_EQ(rtc::SSL_SERVER, role); // Because remote description was "active".
287*d9f75844SAndroid Build Coastguard Worker auto fake_dtls =
288*d9f75844SAndroid Build Coastguard Worker static_cast<FakeDtlsTransport*>(jsep_transport_->rtp_dtls_transport());
289*d9f75844SAndroid Build Coastguard Worker EXPECT_EQ(remote_description.transport_desc.identity_fingerprint->ToString(),
290*d9f75844SAndroid Build Coastguard Worker fake_dtls->dtls_fingerprint().ToString());
291*d9f75844SAndroid Build Coastguard Worker
292*d9f75844SAndroid Build Coastguard Worker if (!rtcp_mux_enabled) {
293*d9f75844SAndroid Build Coastguard Worker auto fake_rtcp_dtls =
294*d9f75844SAndroid Build Coastguard Worker static_cast<FakeDtlsTransport*>(jsep_transport_->rtcp_dtls_transport());
295*d9f75844SAndroid Build Coastguard Worker EXPECT_EQ(
296*d9f75844SAndroid Build Coastguard Worker remote_description.transport_desc.identity_fingerprint->ToString(),
297*d9f75844SAndroid Build Coastguard Worker fake_rtcp_dtls->dtls_fingerprint().ToString());
298*d9f75844SAndroid Build Coastguard Worker }
299*d9f75844SAndroid Build Coastguard Worker }
300*d9f75844SAndroid Build Coastguard Worker
301*d9f75844SAndroid Build Coastguard Worker // Same as above test, but with remote transport description using
302*d9f75844SAndroid Build Coastguard Worker // CONNECTIONROLE_PASSIVE, expecting SSL_CLIENT role.
TEST_P(JsepTransport2WithRtcpMux,SetDtlsParametersWithPassiveAnswer)303*d9f75844SAndroid Build Coastguard Worker TEST_P(JsepTransport2WithRtcpMux, SetDtlsParametersWithPassiveAnswer) {
304*d9f75844SAndroid Build Coastguard Worker bool rtcp_mux_enabled = GetParam();
305*d9f75844SAndroid Build Coastguard Worker jsep_transport_ = CreateJsepTransport2(rtcp_mux_enabled, SrtpMode::kDtlsSrtp);
306*d9f75844SAndroid Build Coastguard Worker
307*d9f75844SAndroid Build Coastguard Worker // Create certificates.
308*d9f75844SAndroid Build Coastguard Worker rtc::scoped_refptr<rtc::RTCCertificate> local_cert =
309*d9f75844SAndroid Build Coastguard Worker rtc::RTCCertificate::Create(
310*d9f75844SAndroid Build Coastguard Worker rtc::SSLIdentity::Create("local", rtc::KT_DEFAULT));
311*d9f75844SAndroid Build Coastguard Worker rtc::scoped_refptr<rtc::RTCCertificate> remote_cert =
312*d9f75844SAndroid Build Coastguard Worker rtc::RTCCertificate::Create(
313*d9f75844SAndroid Build Coastguard Worker rtc::SSLIdentity::Create("remote", rtc::KT_DEFAULT));
314*d9f75844SAndroid Build Coastguard Worker jsep_transport_->SetLocalCertificate(local_cert);
315*d9f75844SAndroid Build Coastguard Worker
316*d9f75844SAndroid Build Coastguard Worker // Apply offer.
317*d9f75844SAndroid Build Coastguard Worker JsepTransportDescription local_description =
318*d9f75844SAndroid Build Coastguard Worker MakeJsepTransportDescription(rtcp_mux_enabled, kIceUfrag1, kIcePwd1,
319*d9f75844SAndroid Build Coastguard Worker local_cert, CONNECTIONROLE_ACTPASS);
320*d9f75844SAndroid Build Coastguard Worker ASSERT_TRUE(
321*d9f75844SAndroid Build Coastguard Worker jsep_transport_
322*d9f75844SAndroid Build Coastguard Worker ->SetLocalJsepTransportDescription(local_description, SdpType::kOffer)
323*d9f75844SAndroid Build Coastguard Worker .ok());
324*d9f75844SAndroid Build Coastguard Worker // Apply Answer.
325*d9f75844SAndroid Build Coastguard Worker JsepTransportDescription remote_description =
326*d9f75844SAndroid Build Coastguard Worker MakeJsepTransportDescription(rtcp_mux_enabled, kIceUfrag2, kIcePwd2,
327*d9f75844SAndroid Build Coastguard Worker remote_cert, CONNECTIONROLE_PASSIVE);
328*d9f75844SAndroid Build Coastguard Worker ASSERT_TRUE(jsep_transport_
329*d9f75844SAndroid Build Coastguard Worker ->SetRemoteJsepTransportDescription(remote_description,
330*d9f75844SAndroid Build Coastguard Worker SdpType::kAnswer)
331*d9f75844SAndroid Build Coastguard Worker .ok());
332*d9f75844SAndroid Build Coastguard Worker
333*d9f75844SAndroid Build Coastguard Worker // Verify that SSL role and remote fingerprint were set correctly based on
334*d9f75844SAndroid Build Coastguard Worker // transport descriptions.
335*d9f75844SAndroid Build Coastguard Worker auto role = jsep_transport_->GetDtlsRole();
336*d9f75844SAndroid Build Coastguard Worker ASSERT_TRUE(role);
337*d9f75844SAndroid Build Coastguard Worker EXPECT_EQ(rtc::SSL_CLIENT,
338*d9f75844SAndroid Build Coastguard Worker role); // Because remote description was "passive".
339*d9f75844SAndroid Build Coastguard Worker auto fake_dtls =
340*d9f75844SAndroid Build Coastguard Worker static_cast<FakeDtlsTransport*>(jsep_transport_->rtp_dtls_transport());
341*d9f75844SAndroid Build Coastguard Worker EXPECT_EQ(remote_description.transport_desc.identity_fingerprint->ToString(),
342*d9f75844SAndroid Build Coastguard Worker fake_dtls->dtls_fingerprint().ToString());
343*d9f75844SAndroid Build Coastguard Worker
344*d9f75844SAndroid Build Coastguard Worker if (!rtcp_mux_enabled) {
345*d9f75844SAndroid Build Coastguard Worker auto fake_rtcp_dtls =
346*d9f75844SAndroid Build Coastguard Worker static_cast<FakeDtlsTransport*>(jsep_transport_->rtcp_dtls_transport());
347*d9f75844SAndroid Build Coastguard Worker EXPECT_EQ(
348*d9f75844SAndroid Build Coastguard Worker remote_description.transport_desc.identity_fingerprint->ToString(),
349*d9f75844SAndroid Build Coastguard Worker fake_rtcp_dtls->dtls_fingerprint().ToString());
350*d9f75844SAndroid Build Coastguard Worker }
351*d9f75844SAndroid Build Coastguard Worker }
352*d9f75844SAndroid Build Coastguard Worker
353*d9f75844SAndroid Build Coastguard Worker // Tests SetNeedsIceRestartFlag and need_ice_restart, ensuring needs_ice_restart
354*d9f75844SAndroid Build Coastguard Worker // only starts returning "false" once an ICE restart has been initiated.
TEST_P(JsepTransport2WithRtcpMux,NeedsIceRestart)355*d9f75844SAndroid Build Coastguard Worker TEST_P(JsepTransport2WithRtcpMux, NeedsIceRestart) {
356*d9f75844SAndroid Build Coastguard Worker bool rtcp_mux_enabled = GetParam();
357*d9f75844SAndroid Build Coastguard Worker jsep_transport_ = CreateJsepTransport2(rtcp_mux_enabled, SrtpMode::kDtlsSrtp);
358*d9f75844SAndroid Build Coastguard Worker
359*d9f75844SAndroid Build Coastguard Worker // Use the same JsepTransportDescription for both offer and answer.
360*d9f75844SAndroid Build Coastguard Worker JsepTransportDescription description;
361*d9f75844SAndroid Build Coastguard Worker description.transport_desc = TransportDescription(kIceUfrag1, kIcePwd1);
362*d9f75844SAndroid Build Coastguard Worker ASSERT_TRUE(
363*d9f75844SAndroid Build Coastguard Worker jsep_transport_
364*d9f75844SAndroid Build Coastguard Worker ->SetLocalJsepTransportDescription(description, SdpType::kOffer)
365*d9f75844SAndroid Build Coastguard Worker .ok());
366*d9f75844SAndroid Build Coastguard Worker ASSERT_TRUE(
367*d9f75844SAndroid Build Coastguard Worker jsep_transport_
368*d9f75844SAndroid Build Coastguard Worker ->SetRemoteJsepTransportDescription(description, SdpType::kAnswer)
369*d9f75844SAndroid Build Coastguard Worker .ok());
370*d9f75844SAndroid Build Coastguard Worker // Flag initially should be false.
371*d9f75844SAndroid Build Coastguard Worker EXPECT_FALSE(jsep_transport_->needs_ice_restart());
372*d9f75844SAndroid Build Coastguard Worker
373*d9f75844SAndroid Build Coastguard Worker // After setting flag, it should be true.
374*d9f75844SAndroid Build Coastguard Worker jsep_transport_->SetNeedsIceRestartFlag();
375*d9f75844SAndroid Build Coastguard Worker EXPECT_TRUE(jsep_transport_->needs_ice_restart());
376*d9f75844SAndroid Build Coastguard Worker
377*d9f75844SAndroid Build Coastguard Worker ASSERT_TRUE(
378*d9f75844SAndroid Build Coastguard Worker jsep_transport_
379*d9f75844SAndroid Build Coastguard Worker ->SetLocalJsepTransportDescription(description, SdpType::kOffer)
380*d9f75844SAndroid Build Coastguard Worker .ok());
381*d9f75844SAndroid Build Coastguard Worker ASSERT_TRUE(
382*d9f75844SAndroid Build Coastguard Worker jsep_transport_
383*d9f75844SAndroid Build Coastguard Worker ->SetRemoteJsepTransportDescription(description, SdpType::kAnswer)
384*d9f75844SAndroid Build Coastguard Worker .ok());
385*d9f75844SAndroid Build Coastguard Worker EXPECT_TRUE(jsep_transport_->needs_ice_restart());
386*d9f75844SAndroid Build Coastguard Worker
387*d9f75844SAndroid Build Coastguard Worker // Doing an offer/answer that restarts ICE should clear the flag.
388*d9f75844SAndroid Build Coastguard Worker description.transport_desc = TransportDescription(kIceUfrag2, kIcePwd2);
389*d9f75844SAndroid Build Coastguard Worker ASSERT_TRUE(
390*d9f75844SAndroid Build Coastguard Worker jsep_transport_
391*d9f75844SAndroid Build Coastguard Worker ->SetLocalJsepTransportDescription(description, SdpType::kOffer)
392*d9f75844SAndroid Build Coastguard Worker .ok());
393*d9f75844SAndroid Build Coastguard Worker ASSERT_TRUE(
394*d9f75844SAndroid Build Coastguard Worker jsep_transport_
395*d9f75844SAndroid Build Coastguard Worker ->SetRemoteJsepTransportDescription(description, SdpType::kAnswer)
396*d9f75844SAndroid Build Coastguard Worker .ok());
397*d9f75844SAndroid Build Coastguard Worker EXPECT_FALSE(jsep_transport_->needs_ice_restart());
398*d9f75844SAndroid Build Coastguard Worker }
399*d9f75844SAndroid Build Coastguard Worker
TEST_P(JsepTransport2WithRtcpMux,GetStats)400*d9f75844SAndroid Build Coastguard Worker TEST_P(JsepTransport2WithRtcpMux, GetStats) {
401*d9f75844SAndroid Build Coastguard Worker bool rtcp_mux_enabled = GetParam();
402*d9f75844SAndroid Build Coastguard Worker jsep_transport_ = CreateJsepTransport2(rtcp_mux_enabled, SrtpMode::kDtlsSrtp);
403*d9f75844SAndroid Build Coastguard Worker
404*d9f75844SAndroid Build Coastguard Worker size_t expected_stats_size = rtcp_mux_enabled ? 1u : 2u;
405*d9f75844SAndroid Build Coastguard Worker TransportStats stats;
406*d9f75844SAndroid Build Coastguard Worker EXPECT_TRUE(jsep_transport_->GetStats(&stats));
407*d9f75844SAndroid Build Coastguard Worker EXPECT_EQ(expected_stats_size, stats.channel_stats.size());
408*d9f75844SAndroid Build Coastguard Worker EXPECT_EQ(ICE_CANDIDATE_COMPONENT_RTP, stats.channel_stats[0].component);
409*d9f75844SAndroid Build Coastguard Worker if (!rtcp_mux_enabled) {
410*d9f75844SAndroid Build Coastguard Worker EXPECT_EQ(ICE_CANDIDATE_COMPONENT_RTCP, stats.channel_stats[1].component);
411*d9f75844SAndroid Build Coastguard Worker }
412*d9f75844SAndroid Build Coastguard Worker }
413*d9f75844SAndroid Build Coastguard Worker
414*d9f75844SAndroid Build Coastguard Worker // Tests that VerifyCertificateFingerprint only returns true when the
415*d9f75844SAndroid Build Coastguard Worker // certificate matches the fingerprint.
TEST_P(JsepTransport2WithRtcpMux,VerifyCertificateFingerprint)416*d9f75844SAndroid Build Coastguard Worker TEST_P(JsepTransport2WithRtcpMux, VerifyCertificateFingerprint) {
417*d9f75844SAndroid Build Coastguard Worker bool rtcp_mux_enabled = GetParam();
418*d9f75844SAndroid Build Coastguard Worker jsep_transport_ = CreateJsepTransport2(rtcp_mux_enabled, SrtpMode::kDtlsSrtp);
419*d9f75844SAndroid Build Coastguard Worker
420*d9f75844SAndroid Build Coastguard Worker EXPECT_FALSE(
421*d9f75844SAndroid Build Coastguard Worker jsep_transport_->VerifyCertificateFingerprint(nullptr, nullptr).ok());
422*d9f75844SAndroid Build Coastguard Worker rtc::KeyType key_types[] = {rtc::KT_RSA, rtc::KT_ECDSA};
423*d9f75844SAndroid Build Coastguard Worker
424*d9f75844SAndroid Build Coastguard Worker for (auto& key_type : key_types) {
425*d9f75844SAndroid Build Coastguard Worker rtc::scoped_refptr<rtc::RTCCertificate> certificate =
426*d9f75844SAndroid Build Coastguard Worker rtc::RTCCertificate::Create(
427*d9f75844SAndroid Build Coastguard Worker rtc::SSLIdentity::Create("testing", key_type));
428*d9f75844SAndroid Build Coastguard Worker ASSERT_NE(nullptr, certificate);
429*d9f75844SAndroid Build Coastguard Worker
430*d9f75844SAndroid Build Coastguard Worker std::string digest_algorithm;
431*d9f75844SAndroid Build Coastguard Worker ASSERT_TRUE(certificate->GetSSLCertificate().GetSignatureDigestAlgorithm(
432*d9f75844SAndroid Build Coastguard Worker &digest_algorithm));
433*d9f75844SAndroid Build Coastguard Worker ASSERT_FALSE(digest_algorithm.empty());
434*d9f75844SAndroid Build Coastguard Worker std::unique_ptr<rtc::SSLFingerprint> good_fingerprint =
435*d9f75844SAndroid Build Coastguard Worker rtc::SSLFingerprint::CreateUnique(digest_algorithm,
436*d9f75844SAndroid Build Coastguard Worker *certificate->identity());
437*d9f75844SAndroid Build Coastguard Worker ASSERT_NE(nullptr, good_fingerprint);
438*d9f75844SAndroid Build Coastguard Worker
439*d9f75844SAndroid Build Coastguard Worker EXPECT_TRUE(jsep_transport_
440*d9f75844SAndroid Build Coastguard Worker ->VerifyCertificateFingerprint(certificate.get(),
441*d9f75844SAndroid Build Coastguard Worker good_fingerprint.get())
442*d9f75844SAndroid Build Coastguard Worker .ok());
443*d9f75844SAndroid Build Coastguard Worker EXPECT_FALSE(jsep_transport_
444*d9f75844SAndroid Build Coastguard Worker ->VerifyCertificateFingerprint(certificate.get(), nullptr)
445*d9f75844SAndroid Build Coastguard Worker .ok());
446*d9f75844SAndroid Build Coastguard Worker EXPECT_FALSE(
447*d9f75844SAndroid Build Coastguard Worker jsep_transport_
448*d9f75844SAndroid Build Coastguard Worker ->VerifyCertificateFingerprint(nullptr, good_fingerprint.get())
449*d9f75844SAndroid Build Coastguard Worker .ok());
450*d9f75844SAndroid Build Coastguard Worker
451*d9f75844SAndroid Build Coastguard Worker rtc::SSLFingerprint bad_fingerprint = *good_fingerprint;
452*d9f75844SAndroid Build Coastguard Worker bad_fingerprint.digest.AppendData("0", 1);
453*d9f75844SAndroid Build Coastguard Worker EXPECT_FALSE(
454*d9f75844SAndroid Build Coastguard Worker jsep_transport_
455*d9f75844SAndroid Build Coastguard Worker ->VerifyCertificateFingerprint(certificate.get(), &bad_fingerprint)
456*d9f75844SAndroid Build Coastguard Worker .ok());
457*d9f75844SAndroid Build Coastguard Worker }
458*d9f75844SAndroid Build Coastguard Worker }
459*d9f75844SAndroid Build Coastguard Worker
460*d9f75844SAndroid Build Coastguard Worker // Tests the logic of DTLS role negotiation for an initial offer/answer.
TEST_P(JsepTransport2WithRtcpMux,ValidDtlsRoleNegotiation)461*d9f75844SAndroid Build Coastguard Worker TEST_P(JsepTransport2WithRtcpMux, ValidDtlsRoleNegotiation) {
462*d9f75844SAndroid Build Coastguard Worker bool rtcp_mux_enabled = GetParam();
463*d9f75844SAndroid Build Coastguard Worker // Just use the same certificate for both sides; doesn't really matter in a
464*d9f75844SAndroid Build Coastguard Worker // non end-to-end test.
465*d9f75844SAndroid Build Coastguard Worker rtc::scoped_refptr<rtc::RTCCertificate> certificate =
466*d9f75844SAndroid Build Coastguard Worker rtc::RTCCertificate::Create(
467*d9f75844SAndroid Build Coastguard Worker rtc::SSLIdentity::Create("testing", rtc::KT_ECDSA));
468*d9f75844SAndroid Build Coastguard Worker
469*d9f75844SAndroid Build Coastguard Worker JsepTransportDescription local_description = MakeJsepTransportDescription(
470*d9f75844SAndroid Build Coastguard Worker rtcp_mux_enabled, kIceUfrag1, kIcePwd1, certificate);
471*d9f75844SAndroid Build Coastguard Worker JsepTransportDescription remote_description = MakeJsepTransportDescription(
472*d9f75844SAndroid Build Coastguard Worker rtcp_mux_enabled, kIceUfrag2, kIcePwd2, certificate);
473*d9f75844SAndroid Build Coastguard Worker
474*d9f75844SAndroid Build Coastguard Worker // Parameters which set the SSL role to SSL_CLIENT.
475*d9f75844SAndroid Build Coastguard Worker NegotiateRoleParams valid_client_params[] = {
476*d9f75844SAndroid Build Coastguard Worker {CONNECTIONROLE_ACTIVE, CONNECTIONROLE_ACTPASS, SdpType::kAnswer,
477*d9f75844SAndroid Build Coastguard Worker SdpType::kOffer},
478*d9f75844SAndroid Build Coastguard Worker {CONNECTIONROLE_ACTIVE, CONNECTIONROLE_ACTPASS, SdpType::kPrAnswer,
479*d9f75844SAndroid Build Coastguard Worker SdpType::kOffer},
480*d9f75844SAndroid Build Coastguard Worker {CONNECTIONROLE_ACTPASS, CONNECTIONROLE_PASSIVE, SdpType::kOffer,
481*d9f75844SAndroid Build Coastguard Worker SdpType::kAnswer},
482*d9f75844SAndroid Build Coastguard Worker {CONNECTIONROLE_ACTPASS, CONNECTIONROLE_PASSIVE, SdpType::kOffer,
483*d9f75844SAndroid Build Coastguard Worker SdpType::kPrAnswer},
484*d9f75844SAndroid Build Coastguard Worker // Combinations permitted by RFC 8842 section 5.3
485*d9f75844SAndroid Build Coastguard Worker {CONNECTIONROLE_ACTIVE, CONNECTIONROLE_PASSIVE, SdpType::kAnswer,
486*d9f75844SAndroid Build Coastguard Worker SdpType::kOffer},
487*d9f75844SAndroid Build Coastguard Worker {CONNECTIONROLE_ACTIVE, CONNECTIONROLE_PASSIVE, SdpType::kPrAnswer,
488*d9f75844SAndroid Build Coastguard Worker SdpType::kOffer},
489*d9f75844SAndroid Build Coastguard Worker };
490*d9f75844SAndroid Build Coastguard Worker
491*d9f75844SAndroid Build Coastguard Worker for (auto& param : valid_client_params) {
492*d9f75844SAndroid Build Coastguard Worker jsep_transport_ =
493*d9f75844SAndroid Build Coastguard Worker CreateJsepTransport2(rtcp_mux_enabled, SrtpMode::kDtlsSrtp);
494*d9f75844SAndroid Build Coastguard Worker jsep_transport_->SetLocalCertificate(certificate);
495*d9f75844SAndroid Build Coastguard Worker
496*d9f75844SAndroid Build Coastguard Worker local_description.transport_desc.connection_role = param.local_role;
497*d9f75844SAndroid Build Coastguard Worker remote_description.transport_desc.connection_role = param.remote_role;
498*d9f75844SAndroid Build Coastguard Worker
499*d9f75844SAndroid Build Coastguard Worker // Set the offer first.
500*d9f75844SAndroid Build Coastguard Worker if (param.local_type == SdpType::kOffer) {
501*d9f75844SAndroid Build Coastguard Worker EXPECT_TRUE(jsep_transport_
502*d9f75844SAndroid Build Coastguard Worker ->SetLocalJsepTransportDescription(local_description,
503*d9f75844SAndroid Build Coastguard Worker param.local_type)
504*d9f75844SAndroid Build Coastguard Worker .ok());
505*d9f75844SAndroid Build Coastguard Worker EXPECT_TRUE(jsep_transport_
506*d9f75844SAndroid Build Coastguard Worker ->SetRemoteJsepTransportDescription(remote_description,
507*d9f75844SAndroid Build Coastguard Worker param.remote_type)
508*d9f75844SAndroid Build Coastguard Worker .ok());
509*d9f75844SAndroid Build Coastguard Worker } else {
510*d9f75844SAndroid Build Coastguard Worker EXPECT_TRUE(jsep_transport_
511*d9f75844SAndroid Build Coastguard Worker ->SetRemoteJsepTransportDescription(remote_description,
512*d9f75844SAndroid Build Coastguard Worker param.remote_type)
513*d9f75844SAndroid Build Coastguard Worker .ok());
514*d9f75844SAndroid Build Coastguard Worker EXPECT_TRUE(jsep_transport_
515*d9f75844SAndroid Build Coastguard Worker ->SetLocalJsepTransportDescription(local_description,
516*d9f75844SAndroid Build Coastguard Worker param.local_type)
517*d9f75844SAndroid Build Coastguard Worker .ok());
518*d9f75844SAndroid Build Coastguard Worker }
519*d9f75844SAndroid Build Coastguard Worker EXPECT_EQ(rtc::SSL_CLIENT, *jsep_transport_->GetDtlsRole());
520*d9f75844SAndroid Build Coastguard Worker }
521*d9f75844SAndroid Build Coastguard Worker
522*d9f75844SAndroid Build Coastguard Worker // Parameters which set the SSL role to SSL_SERVER.
523*d9f75844SAndroid Build Coastguard Worker NegotiateRoleParams valid_server_params[] = {
524*d9f75844SAndroid Build Coastguard Worker {CONNECTIONROLE_PASSIVE, CONNECTIONROLE_ACTPASS, SdpType::kAnswer,
525*d9f75844SAndroid Build Coastguard Worker SdpType::kOffer},
526*d9f75844SAndroid Build Coastguard Worker {CONNECTIONROLE_PASSIVE, CONNECTIONROLE_ACTPASS, SdpType::kPrAnswer,
527*d9f75844SAndroid Build Coastguard Worker SdpType::kOffer},
528*d9f75844SAndroid Build Coastguard Worker {CONNECTIONROLE_ACTPASS, CONNECTIONROLE_ACTIVE, SdpType::kOffer,
529*d9f75844SAndroid Build Coastguard Worker SdpType::kAnswer},
530*d9f75844SAndroid Build Coastguard Worker {CONNECTIONROLE_ACTPASS, CONNECTIONROLE_ACTIVE, SdpType::kOffer,
531*d9f75844SAndroid Build Coastguard Worker SdpType::kPrAnswer},
532*d9f75844SAndroid Build Coastguard Worker // Combinations permitted by RFC 8842 section 5.3
533*d9f75844SAndroid Build Coastguard Worker {CONNECTIONROLE_PASSIVE, CONNECTIONROLE_ACTIVE, SdpType::kPrAnswer,
534*d9f75844SAndroid Build Coastguard Worker SdpType::kOffer},
535*d9f75844SAndroid Build Coastguard Worker };
536*d9f75844SAndroid Build Coastguard Worker
537*d9f75844SAndroid Build Coastguard Worker for (auto& param : valid_server_params) {
538*d9f75844SAndroid Build Coastguard Worker jsep_transport_ =
539*d9f75844SAndroid Build Coastguard Worker CreateJsepTransport2(rtcp_mux_enabled, SrtpMode::kDtlsSrtp);
540*d9f75844SAndroid Build Coastguard Worker jsep_transport_->SetLocalCertificate(certificate);
541*d9f75844SAndroid Build Coastguard Worker
542*d9f75844SAndroid Build Coastguard Worker local_description.transport_desc.connection_role = param.local_role;
543*d9f75844SAndroid Build Coastguard Worker remote_description.transport_desc.connection_role = param.remote_role;
544*d9f75844SAndroid Build Coastguard Worker
545*d9f75844SAndroid Build Coastguard Worker // Set the offer first.
546*d9f75844SAndroid Build Coastguard Worker if (param.local_type == SdpType::kOffer) {
547*d9f75844SAndroid Build Coastguard Worker EXPECT_TRUE(jsep_transport_
548*d9f75844SAndroid Build Coastguard Worker ->SetLocalJsepTransportDescription(local_description,
549*d9f75844SAndroid Build Coastguard Worker param.local_type)
550*d9f75844SAndroid Build Coastguard Worker .ok());
551*d9f75844SAndroid Build Coastguard Worker EXPECT_TRUE(jsep_transport_
552*d9f75844SAndroid Build Coastguard Worker ->SetRemoteJsepTransportDescription(remote_description,
553*d9f75844SAndroid Build Coastguard Worker param.remote_type)
554*d9f75844SAndroid Build Coastguard Worker .ok());
555*d9f75844SAndroid Build Coastguard Worker } else {
556*d9f75844SAndroid Build Coastguard Worker EXPECT_TRUE(jsep_transport_
557*d9f75844SAndroid Build Coastguard Worker ->SetRemoteJsepTransportDescription(remote_description,
558*d9f75844SAndroid Build Coastguard Worker param.remote_type)
559*d9f75844SAndroid Build Coastguard Worker .ok());
560*d9f75844SAndroid Build Coastguard Worker EXPECT_TRUE(jsep_transport_
561*d9f75844SAndroid Build Coastguard Worker ->SetLocalJsepTransportDescription(local_description,
562*d9f75844SAndroid Build Coastguard Worker param.local_type)
563*d9f75844SAndroid Build Coastguard Worker .ok());
564*d9f75844SAndroid Build Coastguard Worker }
565*d9f75844SAndroid Build Coastguard Worker EXPECT_EQ(rtc::SSL_SERVER, *jsep_transport_->GetDtlsRole());
566*d9f75844SAndroid Build Coastguard Worker }
567*d9f75844SAndroid Build Coastguard Worker }
568*d9f75844SAndroid Build Coastguard Worker
569*d9f75844SAndroid Build Coastguard Worker // Tests the logic of DTLS role negotiation for an initial offer/answer.
TEST_P(JsepTransport2WithRtcpMux,InvalidDtlsRoleNegotiation)570*d9f75844SAndroid Build Coastguard Worker TEST_P(JsepTransport2WithRtcpMux, InvalidDtlsRoleNegotiation) {
571*d9f75844SAndroid Build Coastguard Worker bool rtcp_mux_enabled = GetParam();
572*d9f75844SAndroid Build Coastguard Worker // Just use the same certificate for both sides; doesn't really matter in a
573*d9f75844SAndroid Build Coastguard Worker // non end-to-end test.
574*d9f75844SAndroid Build Coastguard Worker rtc::scoped_refptr<rtc::RTCCertificate> certificate =
575*d9f75844SAndroid Build Coastguard Worker rtc::RTCCertificate::Create(
576*d9f75844SAndroid Build Coastguard Worker rtc::SSLIdentity::Create("testing", rtc::KT_ECDSA));
577*d9f75844SAndroid Build Coastguard Worker
578*d9f75844SAndroid Build Coastguard Worker JsepTransportDescription local_description = MakeJsepTransportDescription(
579*d9f75844SAndroid Build Coastguard Worker rtcp_mux_enabled, kIceUfrag1, kIcePwd1, certificate);
580*d9f75844SAndroid Build Coastguard Worker JsepTransportDescription remote_description = MakeJsepTransportDescription(
581*d9f75844SAndroid Build Coastguard Worker rtcp_mux_enabled, kIceUfrag2, kIcePwd2, certificate);
582*d9f75844SAndroid Build Coastguard Worker
583*d9f75844SAndroid Build Coastguard Worker NegotiateRoleParams duplicate_params[] = {
584*d9f75844SAndroid Build Coastguard Worker {CONNECTIONROLE_ACTIVE, CONNECTIONROLE_ACTIVE, SdpType::kAnswer,
585*d9f75844SAndroid Build Coastguard Worker SdpType::kOffer},
586*d9f75844SAndroid Build Coastguard Worker {CONNECTIONROLE_ACTPASS, CONNECTIONROLE_ACTPASS, SdpType::kAnswer,
587*d9f75844SAndroid Build Coastguard Worker SdpType::kOffer},
588*d9f75844SAndroid Build Coastguard Worker {CONNECTIONROLE_PASSIVE, CONNECTIONROLE_PASSIVE, SdpType::kAnswer,
589*d9f75844SAndroid Build Coastguard Worker SdpType::kOffer},
590*d9f75844SAndroid Build Coastguard Worker {CONNECTIONROLE_ACTIVE, CONNECTIONROLE_ACTIVE, SdpType::kPrAnswer,
591*d9f75844SAndroid Build Coastguard Worker SdpType::kOffer},
592*d9f75844SAndroid Build Coastguard Worker {CONNECTIONROLE_ACTPASS, CONNECTIONROLE_ACTPASS, SdpType::kPrAnswer,
593*d9f75844SAndroid Build Coastguard Worker SdpType::kOffer},
594*d9f75844SAndroid Build Coastguard Worker {CONNECTIONROLE_PASSIVE, CONNECTIONROLE_PASSIVE, SdpType::kPrAnswer,
595*d9f75844SAndroid Build Coastguard Worker SdpType::kOffer},
596*d9f75844SAndroid Build Coastguard Worker {CONNECTIONROLE_ACTIVE, CONNECTIONROLE_ACTIVE, SdpType::kOffer,
597*d9f75844SAndroid Build Coastguard Worker SdpType::kAnswer},
598*d9f75844SAndroid Build Coastguard Worker {CONNECTIONROLE_ACTPASS, CONNECTIONROLE_ACTPASS, SdpType::kOffer,
599*d9f75844SAndroid Build Coastguard Worker SdpType::kAnswer},
600*d9f75844SAndroid Build Coastguard Worker {CONNECTIONROLE_PASSIVE, CONNECTIONROLE_PASSIVE, SdpType::kOffer,
601*d9f75844SAndroid Build Coastguard Worker SdpType::kAnswer},
602*d9f75844SAndroid Build Coastguard Worker {CONNECTIONROLE_ACTIVE, CONNECTIONROLE_ACTIVE, SdpType::kOffer,
603*d9f75844SAndroid Build Coastguard Worker SdpType::kPrAnswer},
604*d9f75844SAndroid Build Coastguard Worker {CONNECTIONROLE_ACTPASS, CONNECTIONROLE_ACTPASS, SdpType::kOffer,
605*d9f75844SAndroid Build Coastguard Worker SdpType::kPrAnswer},
606*d9f75844SAndroid Build Coastguard Worker {CONNECTIONROLE_PASSIVE, CONNECTIONROLE_PASSIVE, SdpType::kOffer,
607*d9f75844SAndroid Build Coastguard Worker SdpType::kPrAnswer}};
608*d9f75844SAndroid Build Coastguard Worker
609*d9f75844SAndroid Build Coastguard Worker for (auto& param : duplicate_params) {
610*d9f75844SAndroid Build Coastguard Worker jsep_transport_ =
611*d9f75844SAndroid Build Coastguard Worker CreateJsepTransport2(rtcp_mux_enabled, SrtpMode::kDtlsSrtp);
612*d9f75844SAndroid Build Coastguard Worker jsep_transport_->SetLocalCertificate(certificate);
613*d9f75844SAndroid Build Coastguard Worker
614*d9f75844SAndroid Build Coastguard Worker local_description.transport_desc.connection_role = param.local_role;
615*d9f75844SAndroid Build Coastguard Worker remote_description.transport_desc.connection_role = param.remote_role;
616*d9f75844SAndroid Build Coastguard Worker
617*d9f75844SAndroid Build Coastguard Worker if (param.local_type == SdpType::kOffer) {
618*d9f75844SAndroid Build Coastguard Worker EXPECT_TRUE(jsep_transport_
619*d9f75844SAndroid Build Coastguard Worker ->SetLocalJsepTransportDescription(local_description,
620*d9f75844SAndroid Build Coastguard Worker param.local_type)
621*d9f75844SAndroid Build Coastguard Worker .ok());
622*d9f75844SAndroid Build Coastguard Worker EXPECT_FALSE(jsep_transport_
623*d9f75844SAndroid Build Coastguard Worker ->SetRemoteJsepTransportDescription(remote_description,
624*d9f75844SAndroid Build Coastguard Worker param.remote_type)
625*d9f75844SAndroid Build Coastguard Worker .ok());
626*d9f75844SAndroid Build Coastguard Worker } else {
627*d9f75844SAndroid Build Coastguard Worker EXPECT_TRUE(jsep_transport_
628*d9f75844SAndroid Build Coastguard Worker ->SetRemoteJsepTransportDescription(remote_description,
629*d9f75844SAndroid Build Coastguard Worker param.remote_type)
630*d9f75844SAndroid Build Coastguard Worker .ok());
631*d9f75844SAndroid Build Coastguard Worker EXPECT_FALSE(jsep_transport_
632*d9f75844SAndroid Build Coastguard Worker ->SetLocalJsepTransportDescription(local_description,
633*d9f75844SAndroid Build Coastguard Worker param.local_type)
634*d9f75844SAndroid Build Coastguard Worker .ok());
635*d9f75844SAndroid Build Coastguard Worker }
636*d9f75844SAndroid Build Coastguard Worker }
637*d9f75844SAndroid Build Coastguard Worker
638*d9f75844SAndroid Build Coastguard Worker // Invalid parameters due to the offerer not using a role consistent with the
639*d9f75844SAndroid Build Coastguard Worker // state
640*d9f75844SAndroid Build Coastguard Worker NegotiateRoleParams offerer_without_actpass_params[] = {
641*d9f75844SAndroid Build Coastguard Worker // Cannot use ACTPASS in an answer
642*d9f75844SAndroid Build Coastguard Worker {CONNECTIONROLE_ACTPASS, CONNECTIONROLE_PASSIVE, SdpType::kAnswer,
643*d9f75844SAndroid Build Coastguard Worker SdpType::kOffer},
644*d9f75844SAndroid Build Coastguard Worker {CONNECTIONROLE_ACTPASS, CONNECTIONROLE_PASSIVE, SdpType::kPrAnswer,
645*d9f75844SAndroid Build Coastguard Worker SdpType::kOffer},
646*d9f75844SAndroid Build Coastguard Worker // Cannot send ACTIVE or PASSIVE in an offer (must handle, must not send)
647*d9f75844SAndroid Build Coastguard Worker {CONNECTIONROLE_ACTIVE, CONNECTIONROLE_PASSIVE, SdpType::kOffer,
648*d9f75844SAndroid Build Coastguard Worker SdpType::kAnswer},
649*d9f75844SAndroid Build Coastguard Worker {CONNECTIONROLE_PASSIVE, CONNECTIONROLE_ACTIVE, SdpType::kOffer,
650*d9f75844SAndroid Build Coastguard Worker SdpType::kAnswer},
651*d9f75844SAndroid Build Coastguard Worker {CONNECTIONROLE_PASSIVE, CONNECTIONROLE_ACTPASS, SdpType::kOffer,
652*d9f75844SAndroid Build Coastguard Worker SdpType::kAnswer},
653*d9f75844SAndroid Build Coastguard Worker {CONNECTIONROLE_ACTIVE, CONNECTIONROLE_PASSIVE, SdpType::kOffer,
654*d9f75844SAndroid Build Coastguard Worker SdpType::kPrAnswer},
655*d9f75844SAndroid Build Coastguard Worker {CONNECTIONROLE_PASSIVE, CONNECTIONROLE_ACTIVE, SdpType::kOffer,
656*d9f75844SAndroid Build Coastguard Worker SdpType::kPrAnswer},
657*d9f75844SAndroid Build Coastguard Worker {CONNECTIONROLE_PASSIVE, CONNECTIONROLE_ACTPASS, SdpType::kOffer,
658*d9f75844SAndroid Build Coastguard Worker SdpType::kPrAnswer}};
659*d9f75844SAndroid Build Coastguard Worker
660*d9f75844SAndroid Build Coastguard Worker for (auto& param : offerer_without_actpass_params) {
661*d9f75844SAndroid Build Coastguard Worker jsep_transport_ =
662*d9f75844SAndroid Build Coastguard Worker CreateJsepTransport2(rtcp_mux_enabled, SrtpMode::kDtlsSrtp);
663*d9f75844SAndroid Build Coastguard Worker jsep_transport_->SetLocalCertificate(certificate);
664*d9f75844SAndroid Build Coastguard Worker
665*d9f75844SAndroid Build Coastguard Worker local_description.transport_desc.connection_role = param.local_role;
666*d9f75844SAndroid Build Coastguard Worker remote_description.transport_desc.connection_role = param.remote_role;
667*d9f75844SAndroid Build Coastguard Worker
668*d9f75844SAndroid Build Coastguard Worker if (param.local_type == SdpType::kOffer) {
669*d9f75844SAndroid Build Coastguard Worker EXPECT_TRUE(jsep_transport_
670*d9f75844SAndroid Build Coastguard Worker ->SetLocalJsepTransportDescription(local_description,
671*d9f75844SAndroid Build Coastguard Worker param.local_type)
672*d9f75844SAndroid Build Coastguard Worker .ok())
673*d9f75844SAndroid Build Coastguard Worker << param;
674*d9f75844SAndroid Build Coastguard Worker EXPECT_FALSE(jsep_transport_
675*d9f75844SAndroid Build Coastguard Worker ->SetRemoteJsepTransportDescription(remote_description,
676*d9f75844SAndroid Build Coastguard Worker param.remote_type)
677*d9f75844SAndroid Build Coastguard Worker .ok())
678*d9f75844SAndroid Build Coastguard Worker << param;
679*d9f75844SAndroid Build Coastguard Worker } else {
680*d9f75844SAndroid Build Coastguard Worker EXPECT_TRUE(jsep_transport_
681*d9f75844SAndroid Build Coastguard Worker ->SetRemoteJsepTransportDescription(remote_description,
682*d9f75844SAndroid Build Coastguard Worker param.remote_type)
683*d9f75844SAndroid Build Coastguard Worker .ok())
684*d9f75844SAndroid Build Coastguard Worker << param;
685*d9f75844SAndroid Build Coastguard Worker EXPECT_FALSE(jsep_transport_
686*d9f75844SAndroid Build Coastguard Worker ->SetLocalJsepTransportDescription(local_description,
687*d9f75844SAndroid Build Coastguard Worker param.local_type)
688*d9f75844SAndroid Build Coastguard Worker .ok())
689*d9f75844SAndroid Build Coastguard Worker << param;
690*d9f75844SAndroid Build Coastguard Worker }
691*d9f75844SAndroid Build Coastguard Worker }
692*d9f75844SAndroid Build Coastguard Worker }
693*d9f75844SAndroid Build Coastguard Worker
694*d9f75844SAndroid Build Coastguard Worker INSTANTIATE_TEST_SUITE_P(JsepTransport2Test,
695*d9f75844SAndroid Build Coastguard Worker JsepTransport2WithRtcpMux,
696*d9f75844SAndroid Build Coastguard Worker ::testing::Bool());
697*d9f75844SAndroid Build Coastguard Worker
698*d9f75844SAndroid Build Coastguard Worker // Test that a reoffer in the opposite direction is successful as long as the
699*d9f75844SAndroid Build Coastguard Worker // role isn't changing. Doesn't test every possible combination like the test
700*d9f75844SAndroid Build Coastguard Worker // above.
TEST_F(JsepTransport2Test,ValidDtlsReofferFromAnswerer)701*d9f75844SAndroid Build Coastguard Worker TEST_F(JsepTransport2Test, ValidDtlsReofferFromAnswerer) {
702*d9f75844SAndroid Build Coastguard Worker // Just use the same certificate for both sides; doesn't really matter in a
703*d9f75844SAndroid Build Coastguard Worker // non end-to-end test.
704*d9f75844SAndroid Build Coastguard Worker rtc::scoped_refptr<rtc::RTCCertificate> certificate =
705*d9f75844SAndroid Build Coastguard Worker rtc::RTCCertificate::Create(
706*d9f75844SAndroid Build Coastguard Worker rtc::SSLIdentity::Create("testing", rtc::KT_ECDSA));
707*d9f75844SAndroid Build Coastguard Worker bool rtcp_mux_enabled = true;
708*d9f75844SAndroid Build Coastguard Worker jsep_transport_ = CreateJsepTransport2(rtcp_mux_enabled, SrtpMode::kDtlsSrtp);
709*d9f75844SAndroid Build Coastguard Worker jsep_transport_->SetLocalCertificate(certificate);
710*d9f75844SAndroid Build Coastguard Worker
711*d9f75844SAndroid Build Coastguard Worker JsepTransportDescription local_offer =
712*d9f75844SAndroid Build Coastguard Worker MakeJsepTransportDescription(rtcp_mux_enabled, kIceUfrag1, kIcePwd1,
713*d9f75844SAndroid Build Coastguard Worker certificate, CONNECTIONROLE_ACTPASS);
714*d9f75844SAndroid Build Coastguard Worker JsepTransportDescription remote_answer =
715*d9f75844SAndroid Build Coastguard Worker MakeJsepTransportDescription(rtcp_mux_enabled, kIceUfrag2, kIcePwd2,
716*d9f75844SAndroid Build Coastguard Worker certificate, CONNECTIONROLE_ACTIVE);
717*d9f75844SAndroid Build Coastguard Worker
718*d9f75844SAndroid Build Coastguard Worker EXPECT_TRUE(
719*d9f75844SAndroid Build Coastguard Worker jsep_transport_
720*d9f75844SAndroid Build Coastguard Worker ->SetLocalJsepTransportDescription(local_offer, SdpType::kOffer)
721*d9f75844SAndroid Build Coastguard Worker .ok());
722*d9f75844SAndroid Build Coastguard Worker EXPECT_TRUE(
723*d9f75844SAndroid Build Coastguard Worker jsep_transport_
724*d9f75844SAndroid Build Coastguard Worker ->SetRemoteJsepTransportDescription(remote_answer, SdpType::kAnswer)
725*d9f75844SAndroid Build Coastguard Worker .ok());
726*d9f75844SAndroid Build Coastguard Worker
727*d9f75844SAndroid Build Coastguard Worker // We were actpass->active previously, now in the other direction it's
728*d9f75844SAndroid Build Coastguard Worker // actpass->passive.
729*d9f75844SAndroid Build Coastguard Worker JsepTransportDescription remote_offer =
730*d9f75844SAndroid Build Coastguard Worker MakeJsepTransportDescription(rtcp_mux_enabled, kIceUfrag2, kIcePwd2,
731*d9f75844SAndroid Build Coastguard Worker certificate, CONNECTIONROLE_ACTPASS);
732*d9f75844SAndroid Build Coastguard Worker JsepTransportDescription local_answer =
733*d9f75844SAndroid Build Coastguard Worker MakeJsepTransportDescription(rtcp_mux_enabled, kIceUfrag1, kIcePwd1,
734*d9f75844SAndroid Build Coastguard Worker certificate, CONNECTIONROLE_PASSIVE);
735*d9f75844SAndroid Build Coastguard Worker
736*d9f75844SAndroid Build Coastguard Worker EXPECT_TRUE(
737*d9f75844SAndroid Build Coastguard Worker jsep_transport_
738*d9f75844SAndroid Build Coastguard Worker ->SetRemoteJsepTransportDescription(remote_offer, SdpType::kOffer)
739*d9f75844SAndroid Build Coastguard Worker .ok());
740*d9f75844SAndroid Build Coastguard Worker EXPECT_TRUE(
741*d9f75844SAndroid Build Coastguard Worker jsep_transport_
742*d9f75844SAndroid Build Coastguard Worker ->SetLocalJsepTransportDescription(local_answer, SdpType::kAnswer)
743*d9f75844SAndroid Build Coastguard Worker .ok());
744*d9f75844SAndroid Build Coastguard Worker }
745*d9f75844SAndroid Build Coastguard Worker
746*d9f75844SAndroid Build Coastguard Worker // Test that a reoffer in the opposite direction fails if the role changes.
747*d9f75844SAndroid Build Coastguard Worker // Inverse of test above.
TEST_F(JsepTransport2Test,InvalidDtlsReofferFromAnswerer)748*d9f75844SAndroid Build Coastguard Worker TEST_F(JsepTransport2Test, InvalidDtlsReofferFromAnswerer) {
749*d9f75844SAndroid Build Coastguard Worker // Just use the same certificate for both sides; doesn't really matter in a
750*d9f75844SAndroid Build Coastguard Worker // non end-to-end test.
751*d9f75844SAndroid Build Coastguard Worker rtc::scoped_refptr<rtc::RTCCertificate> certificate =
752*d9f75844SAndroid Build Coastguard Worker rtc::RTCCertificate::Create(
753*d9f75844SAndroid Build Coastguard Worker rtc::SSLIdentity::Create("testing", rtc::KT_ECDSA));
754*d9f75844SAndroid Build Coastguard Worker bool rtcp_mux_enabled = true;
755*d9f75844SAndroid Build Coastguard Worker jsep_transport_ = CreateJsepTransport2(rtcp_mux_enabled, SrtpMode::kDtlsSrtp);
756*d9f75844SAndroid Build Coastguard Worker jsep_transport_->SetLocalCertificate(certificate);
757*d9f75844SAndroid Build Coastguard Worker
758*d9f75844SAndroid Build Coastguard Worker JsepTransportDescription local_offer =
759*d9f75844SAndroid Build Coastguard Worker MakeJsepTransportDescription(rtcp_mux_enabled, kIceUfrag1, kIcePwd1,
760*d9f75844SAndroid Build Coastguard Worker certificate, CONNECTIONROLE_ACTPASS);
761*d9f75844SAndroid Build Coastguard Worker JsepTransportDescription remote_answer =
762*d9f75844SAndroid Build Coastguard Worker MakeJsepTransportDescription(rtcp_mux_enabled, kIceUfrag2, kIcePwd2,
763*d9f75844SAndroid Build Coastguard Worker certificate, CONNECTIONROLE_ACTIVE);
764*d9f75844SAndroid Build Coastguard Worker
765*d9f75844SAndroid Build Coastguard Worker EXPECT_TRUE(
766*d9f75844SAndroid Build Coastguard Worker jsep_transport_
767*d9f75844SAndroid Build Coastguard Worker ->SetLocalJsepTransportDescription(local_offer, SdpType::kOffer)
768*d9f75844SAndroid Build Coastguard Worker .ok());
769*d9f75844SAndroid Build Coastguard Worker EXPECT_TRUE(
770*d9f75844SAndroid Build Coastguard Worker jsep_transport_
771*d9f75844SAndroid Build Coastguard Worker ->SetRemoteJsepTransportDescription(remote_answer, SdpType::kAnswer)
772*d9f75844SAndroid Build Coastguard Worker .ok());
773*d9f75844SAndroid Build Coastguard Worker
774*d9f75844SAndroid Build Coastguard Worker // Changing role to passive here isn't allowed. Though for some reason this
775*d9f75844SAndroid Build Coastguard Worker // only fails in SetLocalTransportDescription.
776*d9f75844SAndroid Build Coastguard Worker JsepTransportDescription remote_offer =
777*d9f75844SAndroid Build Coastguard Worker MakeJsepTransportDescription(rtcp_mux_enabled, kIceUfrag2, kIcePwd2,
778*d9f75844SAndroid Build Coastguard Worker certificate, CONNECTIONROLE_PASSIVE);
779*d9f75844SAndroid Build Coastguard Worker JsepTransportDescription local_answer =
780*d9f75844SAndroid Build Coastguard Worker MakeJsepTransportDescription(rtcp_mux_enabled, kIceUfrag1, kIcePwd1,
781*d9f75844SAndroid Build Coastguard Worker certificate, CONNECTIONROLE_ACTIVE);
782*d9f75844SAndroid Build Coastguard Worker
783*d9f75844SAndroid Build Coastguard Worker EXPECT_TRUE(
784*d9f75844SAndroid Build Coastguard Worker jsep_transport_
785*d9f75844SAndroid Build Coastguard Worker ->SetRemoteJsepTransportDescription(remote_offer, SdpType::kOffer)
786*d9f75844SAndroid Build Coastguard Worker .ok());
787*d9f75844SAndroid Build Coastguard Worker EXPECT_FALSE(
788*d9f75844SAndroid Build Coastguard Worker jsep_transport_
789*d9f75844SAndroid Build Coastguard Worker ->SetLocalJsepTransportDescription(local_answer, SdpType::kAnswer)
790*d9f75844SAndroid Build Coastguard Worker .ok());
791*d9f75844SAndroid Build Coastguard Worker }
792*d9f75844SAndroid Build Coastguard Worker
793*d9f75844SAndroid Build Coastguard Worker // Test that a remote offer with the current negotiated role can be accepted.
794*d9f75844SAndroid Build Coastguard Worker // This is allowed by dtls-sdp, though we'll never generate such an offer,
795*d9f75844SAndroid Build Coastguard Worker // since JSEP requires generating "actpass".
TEST_F(JsepTransport2Test,RemoteOfferWithCurrentNegotiatedDtlsRole)796*d9f75844SAndroid Build Coastguard Worker TEST_F(JsepTransport2Test, RemoteOfferWithCurrentNegotiatedDtlsRole) {
797*d9f75844SAndroid Build Coastguard Worker rtc::scoped_refptr<rtc::RTCCertificate> certificate =
798*d9f75844SAndroid Build Coastguard Worker rtc::RTCCertificate::Create(
799*d9f75844SAndroid Build Coastguard Worker rtc::SSLIdentity::Create("testing", rtc::KT_ECDSA));
800*d9f75844SAndroid Build Coastguard Worker bool rtcp_mux_enabled = true;
801*d9f75844SAndroid Build Coastguard Worker jsep_transport_ = CreateJsepTransport2(rtcp_mux_enabled, SrtpMode::kDtlsSrtp);
802*d9f75844SAndroid Build Coastguard Worker jsep_transport_->SetLocalCertificate(certificate);
803*d9f75844SAndroid Build Coastguard Worker
804*d9f75844SAndroid Build Coastguard Worker JsepTransportDescription remote_desc =
805*d9f75844SAndroid Build Coastguard Worker MakeJsepTransportDescription(rtcp_mux_enabled, kIceUfrag1, kIcePwd1,
806*d9f75844SAndroid Build Coastguard Worker certificate, CONNECTIONROLE_ACTPASS);
807*d9f75844SAndroid Build Coastguard Worker JsepTransportDescription local_desc =
808*d9f75844SAndroid Build Coastguard Worker MakeJsepTransportDescription(rtcp_mux_enabled, kIceUfrag2, kIcePwd2,
809*d9f75844SAndroid Build Coastguard Worker certificate, CONNECTIONROLE_ACTIVE);
810*d9f75844SAndroid Build Coastguard Worker
811*d9f75844SAndroid Build Coastguard Worker // Normal initial offer/answer with "actpass" in the offer and "active" in
812*d9f75844SAndroid Build Coastguard Worker // the answer.
813*d9f75844SAndroid Build Coastguard Worker ASSERT_TRUE(
814*d9f75844SAndroid Build Coastguard Worker jsep_transport_
815*d9f75844SAndroid Build Coastguard Worker ->SetRemoteJsepTransportDescription(remote_desc, SdpType::kOffer)
816*d9f75844SAndroid Build Coastguard Worker .ok());
817*d9f75844SAndroid Build Coastguard Worker ASSERT_TRUE(
818*d9f75844SAndroid Build Coastguard Worker jsep_transport_
819*d9f75844SAndroid Build Coastguard Worker ->SetLocalJsepTransportDescription(local_desc, SdpType::kAnswer)
820*d9f75844SAndroid Build Coastguard Worker .ok());
821*d9f75844SAndroid Build Coastguard Worker
822*d9f75844SAndroid Build Coastguard Worker // Sanity check that role was actually negotiated.
823*d9f75844SAndroid Build Coastguard Worker absl::optional<rtc::SSLRole> role = jsep_transport_->GetDtlsRole();
824*d9f75844SAndroid Build Coastguard Worker ASSERT_TRUE(role);
825*d9f75844SAndroid Build Coastguard Worker EXPECT_EQ(rtc::SSL_CLIENT, *role);
826*d9f75844SAndroid Build Coastguard Worker
827*d9f75844SAndroid Build Coastguard Worker // Subsequent offer with current negotiated role of "passive".
828*d9f75844SAndroid Build Coastguard Worker remote_desc.transport_desc.connection_role = CONNECTIONROLE_PASSIVE;
829*d9f75844SAndroid Build Coastguard Worker EXPECT_TRUE(
830*d9f75844SAndroid Build Coastguard Worker jsep_transport_
831*d9f75844SAndroid Build Coastguard Worker ->SetRemoteJsepTransportDescription(remote_desc, SdpType::kOffer)
832*d9f75844SAndroid Build Coastguard Worker .ok());
833*d9f75844SAndroid Build Coastguard Worker EXPECT_TRUE(
834*d9f75844SAndroid Build Coastguard Worker jsep_transport_
835*d9f75844SAndroid Build Coastguard Worker ->SetLocalJsepTransportDescription(local_desc, SdpType::kAnswer)
836*d9f75844SAndroid Build Coastguard Worker .ok());
837*d9f75844SAndroid Build Coastguard Worker }
838*d9f75844SAndroid Build Coastguard Worker
839*d9f75844SAndroid Build Coastguard Worker // Test that a remote offer with the inverse of the current negotiated DTLS
840*d9f75844SAndroid Build Coastguard Worker // role is rejected.
TEST_F(JsepTransport2Test,RemoteOfferThatChangesNegotiatedDtlsRole)841*d9f75844SAndroid Build Coastguard Worker TEST_F(JsepTransport2Test, RemoteOfferThatChangesNegotiatedDtlsRole) {
842*d9f75844SAndroid Build Coastguard Worker rtc::scoped_refptr<rtc::RTCCertificate> certificate =
843*d9f75844SAndroid Build Coastguard Worker rtc::RTCCertificate::Create(
844*d9f75844SAndroid Build Coastguard Worker rtc::SSLIdentity::Create("testing", rtc::KT_ECDSA));
845*d9f75844SAndroid Build Coastguard Worker bool rtcp_mux_enabled = true;
846*d9f75844SAndroid Build Coastguard Worker jsep_transport_ = CreateJsepTransport2(rtcp_mux_enabled, SrtpMode::kDtlsSrtp);
847*d9f75844SAndroid Build Coastguard Worker jsep_transport_->SetLocalCertificate(certificate);
848*d9f75844SAndroid Build Coastguard Worker
849*d9f75844SAndroid Build Coastguard Worker JsepTransportDescription remote_desc =
850*d9f75844SAndroid Build Coastguard Worker MakeJsepTransportDescription(rtcp_mux_enabled, kIceUfrag1, kIcePwd1,
851*d9f75844SAndroid Build Coastguard Worker certificate, CONNECTIONROLE_ACTPASS);
852*d9f75844SAndroid Build Coastguard Worker JsepTransportDescription local_desc =
853*d9f75844SAndroid Build Coastguard Worker MakeJsepTransportDescription(rtcp_mux_enabled, kIceUfrag2, kIcePwd2,
854*d9f75844SAndroid Build Coastguard Worker certificate, CONNECTIONROLE_ACTIVE);
855*d9f75844SAndroid Build Coastguard Worker
856*d9f75844SAndroid Build Coastguard Worker // Normal initial offer/answer with "actpass" in the offer and "active" in
857*d9f75844SAndroid Build Coastguard Worker // the answer.
858*d9f75844SAndroid Build Coastguard Worker ASSERT_TRUE(
859*d9f75844SAndroid Build Coastguard Worker jsep_transport_
860*d9f75844SAndroid Build Coastguard Worker ->SetRemoteJsepTransportDescription(remote_desc, SdpType::kOffer)
861*d9f75844SAndroid Build Coastguard Worker .ok());
862*d9f75844SAndroid Build Coastguard Worker ASSERT_TRUE(
863*d9f75844SAndroid Build Coastguard Worker jsep_transport_
864*d9f75844SAndroid Build Coastguard Worker ->SetLocalJsepTransportDescription(local_desc, SdpType::kAnswer)
865*d9f75844SAndroid Build Coastguard Worker .ok());
866*d9f75844SAndroid Build Coastguard Worker
867*d9f75844SAndroid Build Coastguard Worker // Sanity check that role was actually negotiated.
868*d9f75844SAndroid Build Coastguard Worker absl::optional<rtc::SSLRole> role = jsep_transport_->GetDtlsRole();
869*d9f75844SAndroid Build Coastguard Worker ASSERT_TRUE(role);
870*d9f75844SAndroid Build Coastguard Worker EXPECT_EQ(rtc::SSL_CLIENT, *role);
871*d9f75844SAndroid Build Coastguard Worker
872*d9f75844SAndroid Build Coastguard Worker // Subsequent offer with current negotiated role of "passive".
873*d9f75844SAndroid Build Coastguard Worker remote_desc.transport_desc.connection_role = CONNECTIONROLE_ACTIVE;
874*d9f75844SAndroid Build Coastguard Worker EXPECT_TRUE(
875*d9f75844SAndroid Build Coastguard Worker jsep_transport_
876*d9f75844SAndroid Build Coastguard Worker ->SetRemoteJsepTransportDescription(remote_desc, SdpType::kOffer)
877*d9f75844SAndroid Build Coastguard Worker .ok());
878*d9f75844SAndroid Build Coastguard Worker EXPECT_FALSE(
879*d9f75844SAndroid Build Coastguard Worker jsep_transport_
880*d9f75844SAndroid Build Coastguard Worker ->SetLocalJsepTransportDescription(local_desc, SdpType::kAnswer)
881*d9f75844SAndroid Build Coastguard Worker .ok());
882*d9f75844SAndroid Build Coastguard Worker }
883*d9f75844SAndroid Build Coastguard Worker
884*d9f75844SAndroid Build Coastguard Worker // Test that a remote offer which changes both fingerprint and role is accepted.
TEST_F(JsepTransport2Test,RemoteOfferThatChangesFingerprintAndDtlsRole)885*d9f75844SAndroid Build Coastguard Worker TEST_F(JsepTransport2Test, RemoteOfferThatChangesFingerprintAndDtlsRole) {
886*d9f75844SAndroid Build Coastguard Worker rtc::scoped_refptr<rtc::RTCCertificate> certificate =
887*d9f75844SAndroid Build Coastguard Worker rtc::RTCCertificate::Create(
888*d9f75844SAndroid Build Coastguard Worker rtc::SSLIdentity::Create("testing1", rtc::KT_ECDSA));
889*d9f75844SAndroid Build Coastguard Worker rtc::scoped_refptr<rtc::RTCCertificate> certificate2 =
890*d9f75844SAndroid Build Coastguard Worker rtc::RTCCertificate::Create(
891*d9f75844SAndroid Build Coastguard Worker rtc::SSLIdentity::Create("testing2", rtc::KT_ECDSA));
892*d9f75844SAndroid Build Coastguard Worker bool rtcp_mux_enabled = true;
893*d9f75844SAndroid Build Coastguard Worker jsep_transport_ = CreateJsepTransport2(rtcp_mux_enabled, SrtpMode::kDtlsSrtp);
894*d9f75844SAndroid Build Coastguard Worker jsep_transport_->SetLocalCertificate(certificate);
895*d9f75844SAndroid Build Coastguard Worker
896*d9f75844SAndroid Build Coastguard Worker JsepTransportDescription remote_desc =
897*d9f75844SAndroid Build Coastguard Worker MakeJsepTransportDescription(rtcp_mux_enabled, kIceUfrag1, kIcePwd1,
898*d9f75844SAndroid Build Coastguard Worker certificate, CONNECTIONROLE_ACTPASS);
899*d9f75844SAndroid Build Coastguard Worker JsepTransportDescription remote_desc2 =
900*d9f75844SAndroid Build Coastguard Worker MakeJsepTransportDescription(rtcp_mux_enabled, kIceUfrag1, kIcePwd1,
901*d9f75844SAndroid Build Coastguard Worker certificate2, CONNECTIONROLE_ACTPASS);
902*d9f75844SAndroid Build Coastguard Worker
903*d9f75844SAndroid Build Coastguard Worker JsepTransportDescription local_desc =
904*d9f75844SAndroid Build Coastguard Worker MakeJsepTransportDescription(rtcp_mux_enabled, kIceUfrag2, kIcePwd2,
905*d9f75844SAndroid Build Coastguard Worker certificate, CONNECTIONROLE_ACTIVE);
906*d9f75844SAndroid Build Coastguard Worker
907*d9f75844SAndroid Build Coastguard Worker // Normal initial offer/answer with "actpass" in the offer and "active" in
908*d9f75844SAndroid Build Coastguard Worker // the answer.
909*d9f75844SAndroid Build Coastguard Worker ASSERT_TRUE(
910*d9f75844SAndroid Build Coastguard Worker jsep_transport_
911*d9f75844SAndroid Build Coastguard Worker ->SetRemoteJsepTransportDescription(remote_desc, SdpType::kOffer)
912*d9f75844SAndroid Build Coastguard Worker .ok());
913*d9f75844SAndroid Build Coastguard Worker ASSERT_TRUE(
914*d9f75844SAndroid Build Coastguard Worker jsep_transport_
915*d9f75844SAndroid Build Coastguard Worker ->SetLocalJsepTransportDescription(local_desc, SdpType::kAnswer)
916*d9f75844SAndroid Build Coastguard Worker .ok());
917*d9f75844SAndroid Build Coastguard Worker
918*d9f75844SAndroid Build Coastguard Worker // Sanity check that role was actually negotiated.
919*d9f75844SAndroid Build Coastguard Worker absl::optional<rtc::SSLRole> role = jsep_transport_->GetDtlsRole();
920*d9f75844SAndroid Build Coastguard Worker ASSERT_TRUE(role);
921*d9f75844SAndroid Build Coastguard Worker EXPECT_EQ(rtc::SSL_CLIENT, *role);
922*d9f75844SAndroid Build Coastguard Worker
923*d9f75844SAndroid Build Coastguard Worker // Subsequent exchange with new remote fingerprint and different role.
924*d9f75844SAndroid Build Coastguard Worker local_desc.transport_desc.connection_role = CONNECTIONROLE_PASSIVE;
925*d9f75844SAndroid Build Coastguard Worker EXPECT_TRUE(
926*d9f75844SAndroid Build Coastguard Worker jsep_transport_
927*d9f75844SAndroid Build Coastguard Worker ->SetRemoteJsepTransportDescription(remote_desc2, SdpType::kOffer)
928*d9f75844SAndroid Build Coastguard Worker .ok());
929*d9f75844SAndroid Build Coastguard Worker EXPECT_TRUE(
930*d9f75844SAndroid Build Coastguard Worker jsep_transport_
931*d9f75844SAndroid Build Coastguard Worker ->SetLocalJsepTransportDescription(local_desc, SdpType::kAnswer)
932*d9f75844SAndroid Build Coastguard Worker .ok());
933*d9f75844SAndroid Build Coastguard Worker
934*d9f75844SAndroid Build Coastguard Worker role = jsep_transport_->GetDtlsRole();
935*d9f75844SAndroid Build Coastguard Worker ASSERT_TRUE(role);
936*d9f75844SAndroid Build Coastguard Worker EXPECT_EQ(rtc::SSL_SERVER, *role);
937*d9f75844SAndroid Build Coastguard Worker }
938*d9f75844SAndroid Build Coastguard Worker
939*d9f75844SAndroid Build Coastguard Worker // Testing that a legacy client that doesn't use the setup attribute will be
940*d9f75844SAndroid Build Coastguard Worker // interpreted as having an active role.
TEST_F(JsepTransport2Test,DtlsSetupWithLegacyAsAnswerer)941*d9f75844SAndroid Build Coastguard Worker TEST_F(JsepTransport2Test, DtlsSetupWithLegacyAsAnswerer) {
942*d9f75844SAndroid Build Coastguard Worker rtc::scoped_refptr<rtc::RTCCertificate> certificate =
943*d9f75844SAndroid Build Coastguard Worker rtc::RTCCertificate::Create(
944*d9f75844SAndroid Build Coastguard Worker rtc::SSLIdentity::Create("testing", rtc::KT_ECDSA));
945*d9f75844SAndroid Build Coastguard Worker bool rtcp_mux_enabled = true;
946*d9f75844SAndroid Build Coastguard Worker jsep_transport_ = CreateJsepTransport2(rtcp_mux_enabled, SrtpMode::kDtlsSrtp);
947*d9f75844SAndroid Build Coastguard Worker jsep_transport_->SetLocalCertificate(certificate);
948*d9f75844SAndroid Build Coastguard Worker
949*d9f75844SAndroid Build Coastguard Worker JsepTransportDescription remote_desc =
950*d9f75844SAndroid Build Coastguard Worker MakeJsepTransportDescription(rtcp_mux_enabled, kIceUfrag1, kIcePwd1,
951*d9f75844SAndroid Build Coastguard Worker certificate, CONNECTIONROLE_ACTPASS);
952*d9f75844SAndroid Build Coastguard Worker JsepTransportDescription local_desc =
953*d9f75844SAndroid Build Coastguard Worker MakeJsepTransportDescription(rtcp_mux_enabled, kIceUfrag2, kIcePwd2,
954*d9f75844SAndroid Build Coastguard Worker certificate, CONNECTIONROLE_ACTIVE);
955*d9f75844SAndroid Build Coastguard Worker
956*d9f75844SAndroid Build Coastguard Worker local_desc.transport_desc.connection_role = CONNECTIONROLE_ACTPASS;
957*d9f75844SAndroid Build Coastguard Worker ASSERT_TRUE(
958*d9f75844SAndroid Build Coastguard Worker jsep_transport_
959*d9f75844SAndroid Build Coastguard Worker ->SetLocalJsepTransportDescription(local_desc, SdpType::kOffer)
960*d9f75844SAndroid Build Coastguard Worker .ok());
961*d9f75844SAndroid Build Coastguard Worker // Use CONNECTIONROLE_NONE to simulate legacy endpoint.
962*d9f75844SAndroid Build Coastguard Worker remote_desc.transport_desc.connection_role = CONNECTIONROLE_NONE;
963*d9f75844SAndroid Build Coastguard Worker ASSERT_TRUE(
964*d9f75844SAndroid Build Coastguard Worker jsep_transport_
965*d9f75844SAndroid Build Coastguard Worker ->SetRemoteJsepTransportDescription(remote_desc, SdpType::kAnswer)
966*d9f75844SAndroid Build Coastguard Worker .ok());
967*d9f75844SAndroid Build Coastguard Worker
968*d9f75844SAndroid Build Coastguard Worker absl::optional<rtc::SSLRole> role = jsep_transport_->GetDtlsRole();
969*d9f75844SAndroid Build Coastguard Worker ASSERT_TRUE(role);
970*d9f75844SAndroid Build Coastguard Worker // Since legacy answer omitted setup atribute, and we offered actpass, we
971*d9f75844SAndroid Build Coastguard Worker // should act as passive (server).
972*d9f75844SAndroid Build Coastguard Worker EXPECT_EQ(rtc::SSL_SERVER, *role);
973*d9f75844SAndroid Build Coastguard Worker }
974*d9f75844SAndroid Build Coastguard Worker
975*d9f75844SAndroid Build Coastguard Worker // Tests that when the RTCP mux is successfully negotiated, the RTCP transport
976*d9f75844SAndroid Build Coastguard Worker // will be destroyed and the SignalRtpMuxActive will be fired.
TEST_F(JsepTransport2Test,RtcpMuxNegotiation)977*d9f75844SAndroid Build Coastguard Worker TEST_F(JsepTransport2Test, RtcpMuxNegotiation) {
978*d9f75844SAndroid Build Coastguard Worker jsep_transport_ =
979*d9f75844SAndroid Build Coastguard Worker CreateJsepTransport2(/*rtcp_mux_enabled=*/false, SrtpMode::kDtlsSrtp);
980*d9f75844SAndroid Build Coastguard Worker JsepTransportDescription local_desc;
981*d9f75844SAndroid Build Coastguard Worker local_desc.rtcp_mux_enabled = true;
982*d9f75844SAndroid Build Coastguard Worker ASSERT_NE(nullptr, jsep_transport_->rtcp_dtls_transport());
983*d9f75844SAndroid Build Coastguard Worker EXPECT_FALSE(signal_rtcp_mux_active_received_);
984*d9f75844SAndroid Build Coastguard Worker
985*d9f75844SAndroid Build Coastguard Worker // The remote side supports RTCP-mux.
986*d9f75844SAndroid Build Coastguard Worker JsepTransportDescription remote_desc;
987*d9f75844SAndroid Build Coastguard Worker remote_desc.rtcp_mux_enabled = true;
988*d9f75844SAndroid Build Coastguard Worker ASSERT_TRUE(
989*d9f75844SAndroid Build Coastguard Worker jsep_transport_
990*d9f75844SAndroid Build Coastguard Worker ->SetLocalJsepTransportDescription(local_desc, SdpType::kOffer)
991*d9f75844SAndroid Build Coastguard Worker .ok());
992*d9f75844SAndroid Build Coastguard Worker ASSERT_TRUE(
993*d9f75844SAndroid Build Coastguard Worker jsep_transport_
994*d9f75844SAndroid Build Coastguard Worker ->SetRemoteJsepTransportDescription(remote_desc, SdpType::kAnswer)
995*d9f75844SAndroid Build Coastguard Worker .ok());
996*d9f75844SAndroid Build Coastguard Worker
997*d9f75844SAndroid Build Coastguard Worker EXPECT_EQ(nullptr, jsep_transport_->rtcp_dtls_transport());
998*d9f75844SAndroid Build Coastguard Worker EXPECT_TRUE(signal_rtcp_mux_active_received_);
999*d9f75844SAndroid Build Coastguard Worker
1000*d9f75844SAndroid Build Coastguard Worker // The remote side doesn't support RTCP-mux.
1001*d9f75844SAndroid Build Coastguard Worker jsep_transport_ =
1002*d9f75844SAndroid Build Coastguard Worker CreateJsepTransport2(/*rtcp_mux_enabled=*/false, SrtpMode::kDtlsSrtp);
1003*d9f75844SAndroid Build Coastguard Worker signal_rtcp_mux_active_received_ = false;
1004*d9f75844SAndroid Build Coastguard Worker remote_desc.rtcp_mux_enabled = false;
1005*d9f75844SAndroid Build Coastguard Worker ASSERT_TRUE(
1006*d9f75844SAndroid Build Coastguard Worker jsep_transport_
1007*d9f75844SAndroid Build Coastguard Worker ->SetLocalJsepTransportDescription(local_desc, SdpType::kOffer)
1008*d9f75844SAndroid Build Coastguard Worker .ok());
1009*d9f75844SAndroid Build Coastguard Worker ASSERT_TRUE(
1010*d9f75844SAndroid Build Coastguard Worker jsep_transport_
1011*d9f75844SAndroid Build Coastguard Worker ->SetRemoteJsepTransportDescription(remote_desc, SdpType::kAnswer)
1012*d9f75844SAndroid Build Coastguard Worker .ok());
1013*d9f75844SAndroid Build Coastguard Worker
1014*d9f75844SAndroid Build Coastguard Worker EXPECT_NE(nullptr, jsep_transport_->rtcp_dtls_transport());
1015*d9f75844SAndroid Build Coastguard Worker EXPECT_FALSE(signal_rtcp_mux_active_received_);
1016*d9f75844SAndroid Build Coastguard Worker }
1017*d9f75844SAndroid Build Coastguard Worker
TEST_F(JsepTransport2Test,SdesNegotiation)1018*d9f75844SAndroid Build Coastguard Worker TEST_F(JsepTransport2Test, SdesNegotiation) {
1019*d9f75844SAndroid Build Coastguard Worker jsep_transport_ =
1020*d9f75844SAndroid Build Coastguard Worker CreateJsepTransport2(/*rtcp_mux_enabled=*/true, SrtpMode::kSdes);
1021*d9f75844SAndroid Build Coastguard Worker ASSERT_TRUE(sdes_transport_);
1022*d9f75844SAndroid Build Coastguard Worker EXPECT_FALSE(sdes_transport_->IsSrtpActive());
1023*d9f75844SAndroid Build Coastguard Worker
1024*d9f75844SAndroid Build Coastguard Worker JsepTransportDescription offer_desc;
1025*d9f75844SAndroid Build Coastguard Worker offer_desc.cryptos.push_back(cricket::CryptoParams(
1026*d9f75844SAndroid Build Coastguard Worker 1, rtc::kCsAesCm128HmacSha1_32, "inline:" + rtc::CreateRandomString(40),
1027*d9f75844SAndroid Build Coastguard Worker std::string()));
1028*d9f75844SAndroid Build Coastguard Worker ASSERT_TRUE(
1029*d9f75844SAndroid Build Coastguard Worker jsep_transport_
1030*d9f75844SAndroid Build Coastguard Worker ->SetLocalJsepTransportDescription(offer_desc, SdpType::kOffer)
1031*d9f75844SAndroid Build Coastguard Worker .ok());
1032*d9f75844SAndroid Build Coastguard Worker
1033*d9f75844SAndroid Build Coastguard Worker JsepTransportDescription answer_desc;
1034*d9f75844SAndroid Build Coastguard Worker answer_desc.cryptos.push_back(cricket::CryptoParams(
1035*d9f75844SAndroid Build Coastguard Worker 1, rtc::kCsAesCm128HmacSha1_32, "inline:" + rtc::CreateRandomString(40),
1036*d9f75844SAndroid Build Coastguard Worker std::string()));
1037*d9f75844SAndroid Build Coastguard Worker ASSERT_TRUE(
1038*d9f75844SAndroid Build Coastguard Worker jsep_transport_
1039*d9f75844SAndroid Build Coastguard Worker ->SetRemoteJsepTransportDescription(answer_desc, SdpType::kAnswer)
1040*d9f75844SAndroid Build Coastguard Worker .ok());
1041*d9f75844SAndroid Build Coastguard Worker EXPECT_TRUE(sdes_transport_->IsSrtpActive());
1042*d9f75844SAndroid Build Coastguard Worker }
1043*d9f75844SAndroid Build Coastguard Worker
TEST_F(JsepTransport2Test,SdesNegotiationWithEmptyCryptosInAnswer)1044*d9f75844SAndroid Build Coastguard Worker TEST_F(JsepTransport2Test, SdesNegotiationWithEmptyCryptosInAnswer) {
1045*d9f75844SAndroid Build Coastguard Worker jsep_transport_ =
1046*d9f75844SAndroid Build Coastguard Worker CreateJsepTransport2(/*rtcp_mux_enabled=*/true, SrtpMode::kSdes);
1047*d9f75844SAndroid Build Coastguard Worker ASSERT_TRUE(sdes_transport_);
1048*d9f75844SAndroid Build Coastguard Worker EXPECT_FALSE(sdes_transport_->IsSrtpActive());
1049*d9f75844SAndroid Build Coastguard Worker
1050*d9f75844SAndroid Build Coastguard Worker JsepTransportDescription offer_desc;
1051*d9f75844SAndroid Build Coastguard Worker offer_desc.cryptos.push_back(cricket::CryptoParams(
1052*d9f75844SAndroid Build Coastguard Worker 1, rtc::kCsAesCm128HmacSha1_32, "inline:" + rtc::CreateRandomString(40),
1053*d9f75844SAndroid Build Coastguard Worker std::string()));
1054*d9f75844SAndroid Build Coastguard Worker ASSERT_TRUE(
1055*d9f75844SAndroid Build Coastguard Worker jsep_transport_
1056*d9f75844SAndroid Build Coastguard Worker ->SetLocalJsepTransportDescription(offer_desc, SdpType::kOffer)
1057*d9f75844SAndroid Build Coastguard Worker .ok());
1058*d9f75844SAndroid Build Coastguard Worker
1059*d9f75844SAndroid Build Coastguard Worker JsepTransportDescription answer_desc;
1060*d9f75844SAndroid Build Coastguard Worker ASSERT_TRUE(
1061*d9f75844SAndroid Build Coastguard Worker jsep_transport_
1062*d9f75844SAndroid Build Coastguard Worker ->SetRemoteJsepTransportDescription(answer_desc, SdpType::kAnswer)
1063*d9f75844SAndroid Build Coastguard Worker .ok());
1064*d9f75844SAndroid Build Coastguard Worker // SRTP is not active because the crypto parameter is answer is empty.
1065*d9f75844SAndroid Build Coastguard Worker EXPECT_FALSE(sdes_transport_->IsSrtpActive());
1066*d9f75844SAndroid Build Coastguard Worker }
1067*d9f75844SAndroid Build Coastguard Worker
TEST_F(JsepTransport2Test,SdesNegotiationWithMismatchedCryptos)1068*d9f75844SAndroid Build Coastguard Worker TEST_F(JsepTransport2Test, SdesNegotiationWithMismatchedCryptos) {
1069*d9f75844SAndroid Build Coastguard Worker jsep_transport_ =
1070*d9f75844SAndroid Build Coastguard Worker CreateJsepTransport2(/*rtcp_mux_enabled=*/true, SrtpMode::kSdes);
1071*d9f75844SAndroid Build Coastguard Worker ASSERT_TRUE(sdes_transport_);
1072*d9f75844SAndroid Build Coastguard Worker EXPECT_FALSE(sdes_transport_->IsSrtpActive());
1073*d9f75844SAndroid Build Coastguard Worker
1074*d9f75844SAndroid Build Coastguard Worker JsepTransportDescription offer_desc;
1075*d9f75844SAndroid Build Coastguard Worker offer_desc.cryptos.push_back(cricket::CryptoParams(
1076*d9f75844SAndroid Build Coastguard Worker 1, rtc::kCsAesCm128HmacSha1_32, "inline:" + rtc::CreateRandomString(40),
1077*d9f75844SAndroid Build Coastguard Worker std::string()));
1078*d9f75844SAndroid Build Coastguard Worker ASSERT_TRUE(
1079*d9f75844SAndroid Build Coastguard Worker jsep_transport_
1080*d9f75844SAndroid Build Coastguard Worker ->SetLocalJsepTransportDescription(offer_desc, SdpType::kOffer)
1081*d9f75844SAndroid Build Coastguard Worker .ok());
1082*d9f75844SAndroid Build Coastguard Worker
1083*d9f75844SAndroid Build Coastguard Worker JsepTransportDescription answer_desc;
1084*d9f75844SAndroid Build Coastguard Worker answer_desc.cryptos.push_back(cricket::CryptoParams(
1085*d9f75844SAndroid Build Coastguard Worker 1, rtc::kCsAesCm128HmacSha1_80, "inline:" + rtc::CreateRandomString(40),
1086*d9f75844SAndroid Build Coastguard Worker std::string()));
1087*d9f75844SAndroid Build Coastguard Worker // Expected to fail because the crypto parameters don't match.
1088*d9f75844SAndroid Build Coastguard Worker ASSERT_FALSE(
1089*d9f75844SAndroid Build Coastguard Worker jsep_transport_
1090*d9f75844SAndroid Build Coastguard Worker ->SetRemoteJsepTransportDescription(answer_desc, SdpType::kAnswer)
1091*d9f75844SAndroid Build Coastguard Worker .ok());
1092*d9f75844SAndroid Build Coastguard Worker }
1093*d9f75844SAndroid Build Coastguard Worker
1094*d9f75844SAndroid Build Coastguard Worker // Tests that the remote candidates can be added to the transports after both
1095*d9f75844SAndroid Build Coastguard Worker // local and remote descriptions are set.
TEST_F(JsepTransport2Test,AddRemoteCandidates)1096*d9f75844SAndroid Build Coastguard Worker TEST_F(JsepTransport2Test, AddRemoteCandidates) {
1097*d9f75844SAndroid Build Coastguard Worker jsep_transport_ =
1098*d9f75844SAndroid Build Coastguard Worker CreateJsepTransport2(/*rtcp_mux_enabled=*/true, SrtpMode::kDtlsSrtp);
1099*d9f75844SAndroid Build Coastguard Worker auto fake_ice_transport = static_cast<FakeIceTransport*>(
1100*d9f75844SAndroid Build Coastguard Worker jsep_transport_->rtp_dtls_transport()->ice_transport());
1101*d9f75844SAndroid Build Coastguard Worker
1102*d9f75844SAndroid Build Coastguard Worker Candidates candidates;
1103*d9f75844SAndroid Build Coastguard Worker candidates.push_back(CreateCandidate(/*COMPONENT_RTP*/ 1));
1104*d9f75844SAndroid Build Coastguard Worker candidates.push_back(CreateCandidate(/*COMPONENT_RTP*/ 1));
1105*d9f75844SAndroid Build Coastguard Worker
1106*d9f75844SAndroid Build Coastguard Worker JsepTransportDescription desc;
1107*d9f75844SAndroid Build Coastguard Worker ASSERT_TRUE(
1108*d9f75844SAndroid Build Coastguard Worker jsep_transport_->SetLocalJsepTransportDescription(desc, SdpType::kOffer)
1109*d9f75844SAndroid Build Coastguard Worker .ok());
1110*d9f75844SAndroid Build Coastguard Worker // Expected to fail because the remote description is unset.
1111*d9f75844SAndroid Build Coastguard Worker EXPECT_FALSE(jsep_transport_->AddRemoteCandidates(candidates).ok());
1112*d9f75844SAndroid Build Coastguard Worker
1113*d9f75844SAndroid Build Coastguard Worker ASSERT_TRUE(
1114*d9f75844SAndroid Build Coastguard Worker jsep_transport_->SetRemoteJsepTransportDescription(desc, SdpType::kAnswer)
1115*d9f75844SAndroid Build Coastguard Worker .ok());
1116*d9f75844SAndroid Build Coastguard Worker EXPECT_EQ(0u, fake_ice_transport->remote_candidates().size());
1117*d9f75844SAndroid Build Coastguard Worker EXPECT_TRUE(jsep_transport_->AddRemoteCandidates(candidates).ok());
1118*d9f75844SAndroid Build Coastguard Worker EXPECT_EQ(candidates.size(), fake_ice_transport->remote_candidates().size());
1119*d9f75844SAndroid Build Coastguard Worker }
1120*d9f75844SAndroid Build Coastguard Worker
1121*d9f75844SAndroid Build Coastguard Worker enum class Scenario {
1122*d9f75844SAndroid Build Coastguard Worker kSdes,
1123*d9f75844SAndroid Build Coastguard Worker kDtlsBeforeCallerSendOffer,
1124*d9f75844SAndroid Build Coastguard Worker kDtlsBeforeCallerSetAnswer,
1125*d9f75844SAndroid Build Coastguard Worker kDtlsAfterCallerSetAnswer,
1126*d9f75844SAndroid Build Coastguard Worker };
1127*d9f75844SAndroid Build Coastguard Worker
1128*d9f75844SAndroid Build Coastguard Worker class JsepTransport2HeaderExtensionTest
1129*d9f75844SAndroid Build Coastguard Worker : public JsepTransport2Test,
1130*d9f75844SAndroid Build Coastguard Worker public ::testing::WithParamInterface<std::tuple<Scenario, bool>> {
1131*d9f75844SAndroid Build Coastguard Worker protected:
JsepTransport2HeaderExtensionTest()1132*d9f75844SAndroid Build Coastguard Worker JsepTransport2HeaderExtensionTest() {}
1133*d9f75844SAndroid Build Coastguard Worker
CreateJsepTransportPair(SrtpMode mode)1134*d9f75844SAndroid Build Coastguard Worker void CreateJsepTransportPair(SrtpMode mode) {
1135*d9f75844SAndroid Build Coastguard Worker jsep_transport1_ = CreateJsepTransport2(/*rtcp_mux_enabled=*/true, mode);
1136*d9f75844SAndroid Build Coastguard Worker jsep_transport2_ = CreateJsepTransport2(/*rtcp_mux_enabled=*/true, mode);
1137*d9f75844SAndroid Build Coastguard Worker
1138*d9f75844SAndroid Build Coastguard Worker auto fake_dtls1 =
1139*d9f75844SAndroid Build Coastguard Worker static_cast<FakeDtlsTransport*>(jsep_transport1_->rtp_dtls_transport());
1140*d9f75844SAndroid Build Coastguard Worker auto fake_dtls2 =
1141*d9f75844SAndroid Build Coastguard Worker static_cast<FakeDtlsTransport*>(jsep_transport2_->rtp_dtls_transport());
1142*d9f75844SAndroid Build Coastguard Worker
1143*d9f75844SAndroid Build Coastguard Worker fake_dtls1->fake_ice_transport()->SignalReadPacket.connect(
1144*d9f75844SAndroid Build Coastguard Worker this, &JsepTransport2HeaderExtensionTest::OnReadPacket1);
1145*d9f75844SAndroid Build Coastguard Worker fake_dtls2->fake_ice_transport()->SignalReadPacket.connect(
1146*d9f75844SAndroid Build Coastguard Worker this, &JsepTransport2HeaderExtensionTest::OnReadPacket2);
1147*d9f75844SAndroid Build Coastguard Worker
1148*d9f75844SAndroid Build Coastguard Worker if (mode == SrtpMode::kDtlsSrtp) {
1149*d9f75844SAndroid Build Coastguard Worker auto cert1 = rtc::RTCCertificate::Create(
1150*d9f75844SAndroid Build Coastguard Worker rtc::SSLIdentity::Create("session1", rtc::KT_DEFAULT));
1151*d9f75844SAndroid Build Coastguard Worker jsep_transport1_->rtp_dtls_transport()->SetLocalCertificate(cert1);
1152*d9f75844SAndroid Build Coastguard Worker auto cert2 = rtc::RTCCertificate::Create(
1153*d9f75844SAndroid Build Coastguard Worker rtc::SSLIdentity::Create("session1", rtc::KT_DEFAULT));
1154*d9f75844SAndroid Build Coastguard Worker jsep_transport2_->rtp_dtls_transport()->SetLocalCertificate(cert2);
1155*d9f75844SAndroid Build Coastguard Worker }
1156*d9f75844SAndroid Build Coastguard Worker }
1157*d9f75844SAndroid Build Coastguard Worker
OnReadPacket1(rtc::PacketTransportInternal * transport,const char * data,size_t size,const int64_t &,int flags)1158*d9f75844SAndroid Build Coastguard Worker void OnReadPacket1(rtc::PacketTransportInternal* transport,
1159*d9f75844SAndroid Build Coastguard Worker const char* data,
1160*d9f75844SAndroid Build Coastguard Worker size_t size,
1161*d9f75844SAndroid Build Coastguard Worker const int64_t& /* packet_time_us */,
1162*d9f75844SAndroid Build Coastguard Worker int flags) {
1163*d9f75844SAndroid Build Coastguard Worker RTC_LOG(LS_INFO) << "JsepTransport 1 Received a packet.";
1164*d9f75844SAndroid Build Coastguard Worker CompareHeaderExtensions(
1165*d9f75844SAndroid Build Coastguard Worker reinterpret_cast<const char*>(kPcmuFrameWithExtensions),
1166*d9f75844SAndroid Build Coastguard Worker sizeof(kPcmuFrameWithExtensions), data, size, recv_encrypted_headers1_,
1167*d9f75844SAndroid Build Coastguard Worker false);
1168*d9f75844SAndroid Build Coastguard Worker received_packet_count_++;
1169*d9f75844SAndroid Build Coastguard Worker }
1170*d9f75844SAndroid Build Coastguard Worker
OnReadPacket2(rtc::PacketTransportInternal * transport,const char * data,size_t size,const int64_t &,int flags)1171*d9f75844SAndroid Build Coastguard Worker void OnReadPacket2(rtc::PacketTransportInternal* transport,
1172*d9f75844SAndroid Build Coastguard Worker const char* data,
1173*d9f75844SAndroid Build Coastguard Worker size_t size,
1174*d9f75844SAndroid Build Coastguard Worker const int64_t& /* packet_time_us */,
1175*d9f75844SAndroid Build Coastguard Worker int flags) {
1176*d9f75844SAndroid Build Coastguard Worker RTC_LOG(LS_INFO) << "JsepTransport 2 Received a packet.";
1177*d9f75844SAndroid Build Coastguard Worker CompareHeaderExtensions(
1178*d9f75844SAndroid Build Coastguard Worker reinterpret_cast<const char*>(kPcmuFrameWithExtensions),
1179*d9f75844SAndroid Build Coastguard Worker sizeof(kPcmuFrameWithExtensions), data, size, recv_encrypted_headers2_,
1180*d9f75844SAndroid Build Coastguard Worker false);
1181*d9f75844SAndroid Build Coastguard Worker received_packet_count_++;
1182*d9f75844SAndroid Build Coastguard Worker }
1183*d9f75844SAndroid Build Coastguard Worker
ConnectTransport()1184*d9f75844SAndroid Build Coastguard Worker void ConnectTransport() {
1185*d9f75844SAndroid Build Coastguard Worker auto rtp_dtls_transport1 =
1186*d9f75844SAndroid Build Coastguard Worker static_cast<FakeDtlsTransport*>(jsep_transport1_->rtp_dtls_transport());
1187*d9f75844SAndroid Build Coastguard Worker auto rtp_dtls_transport2 =
1188*d9f75844SAndroid Build Coastguard Worker static_cast<FakeDtlsTransport*>(jsep_transport2_->rtp_dtls_transport());
1189*d9f75844SAndroid Build Coastguard Worker rtp_dtls_transport1->SetDestination(rtp_dtls_transport2);
1190*d9f75844SAndroid Build Coastguard Worker }
1191*d9f75844SAndroid Build Coastguard Worker
GetRtpAuthLen()1192*d9f75844SAndroid Build Coastguard Worker int GetRtpAuthLen() {
1193*d9f75844SAndroid Build Coastguard Worker bool use_gcm = std::get<1>(GetParam());
1194*d9f75844SAndroid Build Coastguard Worker if (use_gcm) {
1195*d9f75844SAndroid Build Coastguard Worker return 16;
1196*d9f75844SAndroid Build Coastguard Worker }
1197*d9f75844SAndroid Build Coastguard Worker return 10;
1198*d9f75844SAndroid Build Coastguard Worker }
1199*d9f75844SAndroid Build Coastguard Worker
TestSendRecvPacketWithEncryptedHeaderExtension()1200*d9f75844SAndroid Build Coastguard Worker void TestSendRecvPacketWithEncryptedHeaderExtension() {
1201*d9f75844SAndroid Build Coastguard Worker TestOneWaySendRecvPacketWithEncryptedHeaderExtension(
1202*d9f75844SAndroid Build Coastguard Worker jsep_transport1_.get());
1203*d9f75844SAndroid Build Coastguard Worker TestOneWaySendRecvPacketWithEncryptedHeaderExtension(
1204*d9f75844SAndroid Build Coastguard Worker jsep_transport2_.get());
1205*d9f75844SAndroid Build Coastguard Worker }
1206*d9f75844SAndroid Build Coastguard Worker
TestOneWaySendRecvPacketWithEncryptedHeaderExtension(JsepTransport * sender_transport)1207*d9f75844SAndroid Build Coastguard Worker void TestOneWaySendRecvPacketWithEncryptedHeaderExtension(
1208*d9f75844SAndroid Build Coastguard Worker JsepTransport* sender_transport) {
1209*d9f75844SAndroid Build Coastguard Worker size_t rtp_len = sizeof(kPcmuFrameWithExtensions);
1210*d9f75844SAndroid Build Coastguard Worker size_t packet_size = rtp_len + GetRtpAuthLen();
1211*d9f75844SAndroid Build Coastguard Worker rtc::Buffer rtp_packet_buffer(packet_size);
1212*d9f75844SAndroid Build Coastguard Worker char* rtp_packet_data = rtp_packet_buffer.data<char>();
1213*d9f75844SAndroid Build Coastguard Worker memcpy(rtp_packet_data, kPcmuFrameWithExtensions, rtp_len);
1214*d9f75844SAndroid Build Coastguard Worker // In order to be able to run this test function multiple times we can not
1215*d9f75844SAndroid Build Coastguard Worker // use the same sequence number twice. Increase the sequence number by one.
1216*d9f75844SAndroid Build Coastguard Worker rtc::SetBE16(reinterpret_cast<uint8_t*>(rtp_packet_data) + 2,
1217*d9f75844SAndroid Build Coastguard Worker ++sequence_number_);
1218*d9f75844SAndroid Build Coastguard Worker rtc::CopyOnWriteBuffer rtp_packet(rtp_packet_data, rtp_len, packet_size);
1219*d9f75844SAndroid Build Coastguard Worker
1220*d9f75844SAndroid Build Coastguard Worker int packet_count_before = received_packet_count_;
1221*d9f75844SAndroid Build Coastguard Worker rtc::PacketOptions options;
1222*d9f75844SAndroid Build Coastguard Worker // Send a packet and verify that the packet can be successfully received and
1223*d9f75844SAndroid Build Coastguard Worker // decrypted.
1224*d9f75844SAndroid Build Coastguard Worker ASSERT_TRUE(sender_transport->rtp_transport()->SendRtpPacket(
1225*d9f75844SAndroid Build Coastguard Worker &rtp_packet, options, cricket::PF_SRTP_BYPASS));
1226*d9f75844SAndroid Build Coastguard Worker EXPECT_EQ(packet_count_before + 1, received_packet_count_);
1227*d9f75844SAndroid Build Coastguard Worker }
1228*d9f75844SAndroid Build Coastguard Worker
1229*d9f75844SAndroid Build Coastguard Worker int sequence_number_ = 0;
1230*d9f75844SAndroid Build Coastguard Worker int received_packet_count_ = 0;
1231*d9f75844SAndroid Build Coastguard Worker std::unique_ptr<JsepTransport> jsep_transport1_;
1232*d9f75844SAndroid Build Coastguard Worker std::unique_ptr<JsepTransport> jsep_transport2_;
1233*d9f75844SAndroid Build Coastguard Worker std::vector<int> recv_encrypted_headers1_;
1234*d9f75844SAndroid Build Coastguard Worker std::vector<int> recv_encrypted_headers2_;
1235*d9f75844SAndroid Build Coastguard Worker };
1236*d9f75844SAndroid Build Coastguard Worker
1237*d9f75844SAndroid Build Coastguard Worker // Test that the encrypted header extension works and can be changed in
1238*d9f75844SAndroid Build Coastguard Worker // different scenarios.
TEST_P(JsepTransport2HeaderExtensionTest,EncryptedHeaderExtensionNegotiation)1239*d9f75844SAndroid Build Coastguard Worker TEST_P(JsepTransport2HeaderExtensionTest, EncryptedHeaderExtensionNegotiation) {
1240*d9f75844SAndroid Build Coastguard Worker Scenario scenario = std::get<0>(GetParam());
1241*d9f75844SAndroid Build Coastguard Worker bool use_gcm = std::get<1>(GetParam());
1242*d9f75844SAndroid Build Coastguard Worker SrtpMode mode = SrtpMode ::kDtlsSrtp;
1243*d9f75844SAndroid Build Coastguard Worker if (scenario == Scenario::kSdes) {
1244*d9f75844SAndroid Build Coastguard Worker mode = SrtpMode::kSdes;
1245*d9f75844SAndroid Build Coastguard Worker }
1246*d9f75844SAndroid Build Coastguard Worker CreateJsepTransportPair(mode);
1247*d9f75844SAndroid Build Coastguard Worker recv_encrypted_headers1_.push_back(kHeaderExtensionIDs[0]);
1248*d9f75844SAndroid Build Coastguard Worker recv_encrypted_headers2_.push_back(kHeaderExtensionIDs[1]);
1249*d9f75844SAndroid Build Coastguard Worker
1250*d9f75844SAndroid Build Coastguard Worker cricket::CryptoParams sdes_param(1, rtc::kCsAesCm128HmacSha1_80,
1251*d9f75844SAndroid Build Coastguard Worker "inline:" + rtc::CreateRandomString(40),
1252*d9f75844SAndroid Build Coastguard Worker std::string());
1253*d9f75844SAndroid Build Coastguard Worker if (use_gcm) {
1254*d9f75844SAndroid Build Coastguard Worker auto fake_dtls1 =
1255*d9f75844SAndroid Build Coastguard Worker static_cast<FakeDtlsTransport*>(jsep_transport1_->rtp_dtls_transport());
1256*d9f75844SAndroid Build Coastguard Worker auto fake_dtls2 =
1257*d9f75844SAndroid Build Coastguard Worker static_cast<FakeDtlsTransport*>(jsep_transport2_->rtp_dtls_transport());
1258*d9f75844SAndroid Build Coastguard Worker
1259*d9f75844SAndroid Build Coastguard Worker fake_dtls1->SetSrtpCryptoSuite(rtc::kSrtpAeadAes256Gcm);
1260*d9f75844SAndroid Build Coastguard Worker fake_dtls2->SetSrtpCryptoSuite(rtc::kSrtpAeadAes256Gcm);
1261*d9f75844SAndroid Build Coastguard Worker }
1262*d9f75844SAndroid Build Coastguard Worker
1263*d9f75844SAndroid Build Coastguard Worker if (scenario == Scenario::kDtlsBeforeCallerSendOffer) {
1264*d9f75844SAndroid Build Coastguard Worker ConnectTransport();
1265*d9f75844SAndroid Build Coastguard Worker }
1266*d9f75844SAndroid Build Coastguard Worker
1267*d9f75844SAndroid Build Coastguard Worker JsepTransportDescription offer_desc;
1268*d9f75844SAndroid Build Coastguard Worker offer_desc.encrypted_header_extension_ids = recv_encrypted_headers1_;
1269*d9f75844SAndroid Build Coastguard Worker if (scenario == Scenario::kSdes) {
1270*d9f75844SAndroid Build Coastguard Worker offer_desc.cryptos.push_back(sdes_param);
1271*d9f75844SAndroid Build Coastguard Worker }
1272*d9f75844SAndroid Build Coastguard Worker ASSERT_TRUE(
1273*d9f75844SAndroid Build Coastguard Worker jsep_transport1_
1274*d9f75844SAndroid Build Coastguard Worker ->SetLocalJsepTransportDescription(offer_desc, SdpType::kOffer)
1275*d9f75844SAndroid Build Coastguard Worker .ok());
1276*d9f75844SAndroid Build Coastguard Worker ASSERT_TRUE(
1277*d9f75844SAndroid Build Coastguard Worker jsep_transport2_
1278*d9f75844SAndroid Build Coastguard Worker ->SetRemoteJsepTransportDescription(offer_desc, SdpType::kOffer)
1279*d9f75844SAndroid Build Coastguard Worker .ok());
1280*d9f75844SAndroid Build Coastguard Worker
1281*d9f75844SAndroid Build Coastguard Worker JsepTransportDescription answer_desc;
1282*d9f75844SAndroid Build Coastguard Worker answer_desc.encrypted_header_extension_ids = recv_encrypted_headers2_;
1283*d9f75844SAndroid Build Coastguard Worker if (scenario == Scenario::kSdes) {
1284*d9f75844SAndroid Build Coastguard Worker answer_desc.cryptos.push_back(sdes_param);
1285*d9f75844SAndroid Build Coastguard Worker }
1286*d9f75844SAndroid Build Coastguard Worker ASSERT_TRUE(
1287*d9f75844SAndroid Build Coastguard Worker jsep_transport2_
1288*d9f75844SAndroid Build Coastguard Worker ->SetLocalJsepTransportDescription(answer_desc, SdpType::kAnswer)
1289*d9f75844SAndroid Build Coastguard Worker .ok());
1290*d9f75844SAndroid Build Coastguard Worker
1291*d9f75844SAndroid Build Coastguard Worker if (scenario == Scenario::kDtlsBeforeCallerSetAnswer) {
1292*d9f75844SAndroid Build Coastguard Worker ConnectTransport();
1293*d9f75844SAndroid Build Coastguard Worker // Sending packet from transport2 to transport1 should work when they are
1294*d9f75844SAndroid Build Coastguard Worker // partially configured.
1295*d9f75844SAndroid Build Coastguard Worker TestOneWaySendRecvPacketWithEncryptedHeaderExtension(
1296*d9f75844SAndroid Build Coastguard Worker /*sender_transport=*/jsep_transport2_.get());
1297*d9f75844SAndroid Build Coastguard Worker }
1298*d9f75844SAndroid Build Coastguard Worker
1299*d9f75844SAndroid Build Coastguard Worker ASSERT_TRUE(
1300*d9f75844SAndroid Build Coastguard Worker jsep_transport1_
1301*d9f75844SAndroid Build Coastguard Worker ->SetRemoteJsepTransportDescription(answer_desc, SdpType::kAnswer)
1302*d9f75844SAndroid Build Coastguard Worker .ok());
1303*d9f75844SAndroid Build Coastguard Worker
1304*d9f75844SAndroid Build Coastguard Worker if (scenario == Scenario::kDtlsAfterCallerSetAnswer ||
1305*d9f75844SAndroid Build Coastguard Worker scenario == Scenario::kSdes) {
1306*d9f75844SAndroid Build Coastguard Worker ConnectTransport();
1307*d9f75844SAndroid Build Coastguard Worker }
1308*d9f75844SAndroid Build Coastguard Worker EXPECT_TRUE(jsep_transport1_->rtp_transport()->IsSrtpActive());
1309*d9f75844SAndroid Build Coastguard Worker EXPECT_TRUE(jsep_transport2_->rtp_transport()->IsSrtpActive());
1310*d9f75844SAndroid Build Coastguard Worker TestSendRecvPacketWithEncryptedHeaderExtension();
1311*d9f75844SAndroid Build Coastguard Worker
1312*d9f75844SAndroid Build Coastguard Worker // Change the encrypted header extension in a new offer/answer exchange.
1313*d9f75844SAndroid Build Coastguard Worker recv_encrypted_headers1_.clear();
1314*d9f75844SAndroid Build Coastguard Worker recv_encrypted_headers2_.clear();
1315*d9f75844SAndroid Build Coastguard Worker recv_encrypted_headers1_.push_back(kHeaderExtensionIDs[1]);
1316*d9f75844SAndroid Build Coastguard Worker recv_encrypted_headers2_.push_back(kHeaderExtensionIDs[0]);
1317*d9f75844SAndroid Build Coastguard Worker offer_desc.encrypted_header_extension_ids = recv_encrypted_headers1_;
1318*d9f75844SAndroid Build Coastguard Worker answer_desc.encrypted_header_extension_ids = recv_encrypted_headers2_;
1319*d9f75844SAndroid Build Coastguard Worker ASSERT_TRUE(
1320*d9f75844SAndroid Build Coastguard Worker jsep_transport1_
1321*d9f75844SAndroid Build Coastguard Worker ->SetLocalJsepTransportDescription(offer_desc, SdpType::kOffer)
1322*d9f75844SAndroid Build Coastguard Worker .ok());
1323*d9f75844SAndroid Build Coastguard Worker ASSERT_TRUE(
1324*d9f75844SAndroid Build Coastguard Worker jsep_transport2_
1325*d9f75844SAndroid Build Coastguard Worker ->SetRemoteJsepTransportDescription(offer_desc, SdpType::kOffer)
1326*d9f75844SAndroid Build Coastguard Worker .ok());
1327*d9f75844SAndroid Build Coastguard Worker ASSERT_TRUE(
1328*d9f75844SAndroid Build Coastguard Worker jsep_transport2_
1329*d9f75844SAndroid Build Coastguard Worker ->SetLocalJsepTransportDescription(answer_desc, SdpType::kAnswer)
1330*d9f75844SAndroid Build Coastguard Worker .ok());
1331*d9f75844SAndroid Build Coastguard Worker ASSERT_TRUE(
1332*d9f75844SAndroid Build Coastguard Worker jsep_transport1_
1333*d9f75844SAndroid Build Coastguard Worker ->SetRemoteJsepTransportDescription(answer_desc, SdpType::kAnswer)
1334*d9f75844SAndroid Build Coastguard Worker .ok());
1335*d9f75844SAndroid Build Coastguard Worker EXPECT_TRUE(jsep_transport1_->rtp_transport()->IsSrtpActive());
1336*d9f75844SAndroid Build Coastguard Worker EXPECT_TRUE(jsep_transport2_->rtp_transport()->IsSrtpActive());
1337*d9f75844SAndroid Build Coastguard Worker TestSendRecvPacketWithEncryptedHeaderExtension();
1338*d9f75844SAndroid Build Coastguard Worker }
1339*d9f75844SAndroid Build Coastguard Worker
1340*d9f75844SAndroid Build Coastguard Worker INSTANTIATE_TEST_SUITE_P(
1341*d9f75844SAndroid Build Coastguard Worker JsepTransport2Test,
1342*d9f75844SAndroid Build Coastguard Worker JsepTransport2HeaderExtensionTest,
1343*d9f75844SAndroid Build Coastguard Worker ::testing::Values(
1344*d9f75844SAndroid Build Coastguard Worker std::make_tuple(Scenario::kSdes, false),
1345*d9f75844SAndroid Build Coastguard Worker std::make_tuple(Scenario::kDtlsBeforeCallerSendOffer, true),
1346*d9f75844SAndroid Build Coastguard Worker std::make_tuple(Scenario::kDtlsBeforeCallerSetAnswer, true),
1347*d9f75844SAndroid Build Coastguard Worker std::make_tuple(Scenario::kDtlsAfterCallerSetAnswer, true),
1348*d9f75844SAndroid Build Coastguard Worker std::make_tuple(Scenario::kDtlsBeforeCallerSendOffer, false),
1349*d9f75844SAndroid Build Coastguard Worker std::make_tuple(Scenario::kDtlsBeforeCallerSetAnswer, false),
1350*d9f75844SAndroid Build Coastguard Worker std::make_tuple(Scenario::kDtlsAfterCallerSetAnswer, false)));
1351*d9f75844SAndroid Build Coastguard Worker
1352*d9f75844SAndroid Build Coastguard Worker // This test verifies the ICE parameters are properly applied to the transports.
TEST_F(JsepTransport2Test,SetIceParametersWithRenomination)1353*d9f75844SAndroid Build Coastguard Worker TEST_F(JsepTransport2Test, SetIceParametersWithRenomination) {
1354*d9f75844SAndroid Build Coastguard Worker jsep_transport_ =
1355*d9f75844SAndroid Build Coastguard Worker CreateJsepTransport2(/* rtcp_mux_enabled= */ true, SrtpMode::kDtlsSrtp);
1356*d9f75844SAndroid Build Coastguard Worker
1357*d9f75844SAndroid Build Coastguard Worker JsepTransportDescription jsep_description;
1358*d9f75844SAndroid Build Coastguard Worker jsep_description.transport_desc = TransportDescription(kIceUfrag1, kIcePwd1);
1359*d9f75844SAndroid Build Coastguard Worker jsep_description.transport_desc.AddOption(ICE_OPTION_RENOMINATION);
1360*d9f75844SAndroid Build Coastguard Worker ASSERT_TRUE(
1361*d9f75844SAndroid Build Coastguard Worker jsep_transport_
1362*d9f75844SAndroid Build Coastguard Worker ->SetLocalJsepTransportDescription(jsep_description, SdpType::kOffer)
1363*d9f75844SAndroid Build Coastguard Worker .ok());
1364*d9f75844SAndroid Build Coastguard Worker auto fake_ice_transport = static_cast<FakeIceTransport*>(
1365*d9f75844SAndroid Build Coastguard Worker jsep_transport_->rtp_dtls_transport()->ice_transport());
1366*d9f75844SAndroid Build Coastguard Worker EXPECT_EQ(ICEMODE_FULL, fake_ice_transport->remote_ice_mode());
1367*d9f75844SAndroid Build Coastguard Worker EXPECT_EQ(kIceUfrag1, fake_ice_transport->ice_ufrag());
1368*d9f75844SAndroid Build Coastguard Worker EXPECT_EQ(kIcePwd1, fake_ice_transport->ice_pwd());
1369*d9f75844SAndroid Build Coastguard Worker EXPECT_TRUE(fake_ice_transport->ice_parameters().renomination);
1370*d9f75844SAndroid Build Coastguard Worker
1371*d9f75844SAndroid Build Coastguard Worker jsep_description.transport_desc = TransportDescription(kIceUfrag2, kIcePwd2);
1372*d9f75844SAndroid Build Coastguard Worker jsep_description.transport_desc.AddOption(ICE_OPTION_RENOMINATION);
1373*d9f75844SAndroid Build Coastguard Worker ASSERT_TRUE(jsep_transport_
1374*d9f75844SAndroid Build Coastguard Worker ->SetRemoteJsepTransportDescription(jsep_description,
1375*d9f75844SAndroid Build Coastguard Worker SdpType::kAnswer)
1376*d9f75844SAndroid Build Coastguard Worker .ok());
1377*d9f75844SAndroid Build Coastguard Worker fake_ice_transport = static_cast<FakeIceTransport*>(
1378*d9f75844SAndroid Build Coastguard Worker jsep_transport_->rtp_dtls_transport()->ice_transport());
1379*d9f75844SAndroid Build Coastguard Worker EXPECT_EQ(ICEMODE_FULL, fake_ice_transport->remote_ice_mode());
1380*d9f75844SAndroid Build Coastguard Worker EXPECT_EQ(kIceUfrag2, fake_ice_transport->remote_ice_ufrag());
1381*d9f75844SAndroid Build Coastguard Worker EXPECT_EQ(kIcePwd2, fake_ice_transport->remote_ice_pwd());
1382*d9f75844SAndroid Build Coastguard Worker EXPECT_TRUE(fake_ice_transport->remote_ice_parameters().renomination);
1383*d9f75844SAndroid Build Coastguard Worker }
1384*d9f75844SAndroid Build Coastguard Worker
1385*d9f75844SAndroid Build Coastguard Worker } // namespace
1386*d9f75844SAndroid Build Coastguard Worker } // namespace cricket
1387