|
| 1 | +package dtls |
| 2 | + |
| 3 | +import ( |
| 4 | + "context" |
| 5 | + "testing" |
| 6 | + "time" |
| 7 | + |
| 8 | + "github.com/pion/dtls/v2/internal/ciphersuite" |
| 9 | + "github.com/pion/dtls/v2/pkg/protocol/alert" |
| 10 | + "github.com/pion/dtls/v2/pkg/protocol/handshake" |
| 11 | + "github.com/pion/transport/test" |
| 12 | +) |
| 13 | + |
| 14 | +type flight4TestMockFlightConn struct{} |
| 15 | + |
| 16 | +func (f *flight4TestMockFlightConn) notify(ctx context.Context, level alert.Level, desc alert.Description) error { |
| 17 | + return nil |
| 18 | +} |
| 19 | +func (f *flight4TestMockFlightConn) writePackets(context.Context, []*packet) error { return nil } |
| 20 | +func (f *flight4TestMockFlightConn) recvHandshake() <-chan chan struct{} { return nil } |
| 21 | +func (f *flight4TestMockFlightConn) setLocalEpoch(epoch uint16) {} |
| 22 | +func (f *flight4TestMockFlightConn) handleQueuedPackets(context.Context) error { return nil } |
| 23 | +func (f *flight4TestMockFlightConn) sessionKey() []byte { return nil } |
| 24 | + |
| 25 | +type flight4TestMockCipherSuite struct { |
| 26 | + ciphersuite.TLSEcdheEcdsaWithAes128GcmSha256 |
| 27 | + |
| 28 | + t *testing.T |
| 29 | +} |
| 30 | + |
| 31 | +func (f *flight4TestMockCipherSuite) IsInitialized() bool { |
| 32 | + f.t.Fatal("IsInitialized called with Certificate but not CertificateVerify") |
| 33 | + return true |
| 34 | +} |
| 35 | + |
| 36 | +// Assert that if a Client sends a certificate they |
| 37 | +// must also send a CertificateVerify message. |
| 38 | +// The flight4handler must not interact with the CipherSuite |
| 39 | +// if the CertificateVerify is missing |
| 40 | +func TestFlight4_Process_CertificateVerify(t *testing.T) { |
| 41 | + // Limit runtime in case of deadlocks |
| 42 | + lim := test.TimeOut(5 * time.Second) |
| 43 | + defer lim.Stop() |
| 44 | + |
| 45 | + // Check for leaking routines |
| 46 | + report := test.CheckRoutines(t) |
| 47 | + defer report() |
| 48 | + |
| 49 | + mockConn := &flight4TestMockFlightConn{} |
| 50 | + state := &State{ |
| 51 | + cipherSuite: &flight4TestMockCipherSuite{t: t}, |
| 52 | + } |
| 53 | + cache := newHandshakeCache() |
| 54 | + cfg := &handshakeConfig{} |
| 55 | + |
| 56 | + rawCertificate := []byte{ |
| 57 | + 0x0b, 0x00, 0x01, 0x9b, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, |
| 58 | + 0x01, 0x9b, 0x00, 0x01, 0x98, 0x00, 0x01, 0x95, 0x30, 0x82, |
| 59 | + 0x01, 0x91, 0x30, 0x82, 0x01, 0x38, 0xa0, 0x03, 0x02, 0x01, |
| 60 | + 0x02, 0x02, 0x11, 0x01, 0x65, 0x03, 0x3f, 0x4d, 0x0b, 0x9a, |
| 61 | + 0x62, 0x91, 0xdb, 0x4d, 0x28, 0x2c, 0x1f, 0xd6, 0x73, 0x32, |
| 62 | + 0x30, 0x0a, 0x06, 0x08, 0x2a, 0x86, 0x48, 0xce, 0x3d, 0x04, |
| 63 | + 0x03, 0x02, 0x30, 0x00, 0x30, 0x1e, 0x17, 0x0d, 0x32, 0x32, |
| 64 | + 0x30, 0x35, 0x31, 0x35, 0x31, 0x38, 0x34, 0x33, 0x35, 0x35, |
| 65 | + 0x5a, 0x17, 0x0d, 0x32, 0x32, 0x30, 0x36, 0x31, 0x35, 0x31, |
| 66 | + 0x38, 0x34, 0x33, 0x35, 0x35, 0x5a, 0x30, 0x00, 0x30, 0x59, |
| 67 | + 0x30, 0x13, 0x06, 0x07, 0x2a, 0x86, 0x48, 0xce, 0x3d, 0x02, |
| 68 | + 0x01, 0x06, 0x08, 0x2a, 0x86, 0x48, 0xce, 0x3d, 0x03, 0x01, |
| 69 | + 0x07, 0x03, 0x42, 0x00, 0x04, 0xc3, 0xb7, 0x13, 0x1a, 0x0a, |
| 70 | + 0xfc, 0xd0, 0x82, 0xf8, 0x94, 0x5e, 0xc0, 0x77, 0x07, 0x81, |
| 71 | + 0x28, 0xc9, 0xcb, 0x08, 0x84, 0x50, 0x6b, 0xf0, 0x22, 0xe8, |
| 72 | + 0x79, 0xb9, 0x15, 0x33, 0xc4, 0x56, 0xa1, 0xd3, 0x1b, 0x24, |
| 73 | + 0xe3, 0x61, 0xbd, 0x4d, 0x65, 0x80, 0x6b, 0x5d, 0x96, 0x48, |
| 74 | + 0xa2, 0x44, 0x9e, 0xce, 0xe8, 0x65, 0xd6, 0x3c, 0xe0, 0x9b, |
| 75 | + 0x6b, 0xa1, 0x36, 0x34, 0xb2, 0x39, 0xe2, 0x03, 0x00, 0xa3, |
| 76 | + 0x81, 0x92, 0x30, 0x81, 0x8f, 0x30, 0x0e, 0x06, 0x03, 0x55, |
| 77 | + 0x1d, 0x0f, 0x01, 0x01, 0xff, 0x04, 0x04, 0x03, 0x02, 0x02, |
| 78 | + 0xa4, 0x30, 0x1d, 0x06, 0x03, 0x55, 0x1d, 0x25, 0x04, 0x16, |
| 79 | + 0x30, 0x14, 0x06, 0x08, 0x2b, 0x06, 0x01, 0x05, 0x05, 0x07, |
| 80 | + 0x03, 0x02, 0x06, 0x08, 0x2b, 0x06, 0x01, 0x05, 0x05, 0x07, |
| 81 | + 0x03, 0x01, 0x30, 0x0f, 0x06, 0x03, 0x55, 0x1d, 0x13, 0x01, |
| 82 | + 0x01, 0xff, 0x04, 0x05, 0x30, 0x03, 0x01, 0x01, 0xff, 0x30, |
| 83 | + 0x1d, 0x06, 0x03, 0x55, 0x1d, 0x0e, 0x04, 0x16, 0x04, 0x14, |
| 84 | + 0xb1, 0x1a, 0xe3, 0xeb, 0x6f, 0x7c, 0xc3, 0x8f, 0xba, 0x6f, |
| 85 | + 0x1c, 0xe8, 0xf0, 0x23, 0x08, 0x50, 0x8d, 0x3c, 0xea, 0x31, |
| 86 | + 0x30, 0x2e, 0x06, 0x03, 0x55, 0x1d, 0x11, 0x01, 0x01, 0xff, |
| 87 | + 0x04, 0x24, 0x30, 0x22, 0x82, 0x20, 0x30, 0x30, 0x30, 0x30, |
| 88 | + 0x30, 0x30, 0x30, 0x30, 0x30, 0x30, 0x30, 0x30, 0x30, 0x30, |
| 89 | + 0x30, 0x30, 0x30, 0x30, 0x30, 0x30, 0x30, 0x30, 0x30, 0x30, |
| 90 | + 0x30, 0x30, 0x30, 0x30, 0x30, 0x30, 0x30, 0x30, 0x30, 0x0a, |
| 91 | + 0x06, 0x08, 0x2a, 0x86, 0x48, 0xce, 0x3d, 0x04, 0x03, 0x02, |
| 92 | + 0x03, 0x47, 0x00, 0x30, 0x44, 0x02, 0x20, 0x06, 0x31, 0x43, |
| 93 | + 0xac, 0x03, 0x45, 0x79, 0x3c, 0xd7, 0x5f, 0x6e, 0x6a, 0xf8, |
| 94 | + 0x0e, 0xfd, 0x35, 0x49, 0xee, 0x1b, 0xbc, 0x47, 0xce, 0xe3, |
| 95 | + 0x39, 0xec, 0xe4, 0x62, 0xe1, 0x30, 0x1a, 0xa1, 0x89, 0x02, |
| 96 | + 0x20, 0x35, 0xcd, 0x7a, 0x15, 0x68, 0x09, 0x50, 0x49, 0x9e, |
| 97 | + 0x3e, 0x05, 0xd7, 0xc2, 0x69, 0x3f, 0x9c, 0x0c, 0x98, 0x92, |
| 98 | + 0x65, 0xec, 0xae, 0x44, 0xfe, 0xe5, 0x68, 0xb8, 0x09, 0x78, |
| 99 | + 0x7f, 0x6b, 0x77, |
| 100 | + } |
| 101 | + |
| 102 | + rawClientKeyExchange := []byte{ |
| 103 | + 0x10, 0x00, 0x00, 0x21, 0x00, 0x01, 0x00, 0x00, 0x00, 0x00, |
| 104 | + 0x00, 0x21, 0x20, 0x96, 0xed, 0x0c, 0xee, 0xf3, 0x11, 0xb1, |
| 105 | + 0x9d, 0x8b, 0x1c, 0x02, 0x7f, 0x06, 0x7c, 0x57, 0x7a, 0x14, |
| 106 | + 0xa6, 0x41, 0xde, 0x63, 0x57, 0x9e, 0xcd, 0x34, 0x54, 0xba, |
| 107 | + 0x37, 0x4d, 0x34, 0x15, 0x18, |
| 108 | + } |
| 109 | + |
| 110 | + cache.push(rawCertificate, 0, 0, handshake.TypeCertificate, true) |
| 111 | + cache.push(rawClientKeyExchange, 0, 1, handshake.TypeClientKeyExchange, true) |
| 112 | + |
| 113 | + if _, _, err := flight4Parse(context.TODO(), mockConn, state, cache, cfg); err != nil { |
| 114 | + t.Fatal(err) |
| 115 | + } |
| 116 | +} |
0 commit comments