proxygen
CookieCipherTest.cpp
Go to the documentation of this file.
1 /*
2  * Copyright (c) 2018-present, Facebook, Inc.
3  * All rights reserved.
4  *
5  * This source code is licensed under the BSD-style license found in the
6  * LICENSE file in the root directory of this source tree.
7  */
8 
9 #include <gmock/gmock.h>
10 #include <gtest/gtest.h>
11 
12 #include <fizz/server/CookieCipher.h>
13 
14 #include <fizz/protocol/test/Mocks.h>
15 #include <fizz/protocol/test/TestMessages.h>
16 
17 using namespace fizz::test;
18 using namespace folly;
19 using namespace testing;
20 
21 static constexpr StringPiece statelessHrr{
22  "020000380303cf21ad74e59a6111be1d8c021e65b891c2a211167abb8c5e079e09e2c8a8339c001301000010002b00020304002c0006000474657374"};
23 
24 static constexpr StringPiece statelessHrrGroup{
25  "0200003e0303cf21ad74e59a6111be1d8c021e65b891c2a211167abb8c5e079e09e2c8a8339c001301000016002b0002030400330002001d002c0006000474657374"};
26 
27 namespace fizz {
28 namespace server {
29 namespace test {
30 
31 TEST(GetStatelessHrrTest, NoGroup) {
32  auto hrr = getStatelessHelloRetryRequest(
33  ProtocolVersion::tls_1_3,
34  CipherSuite::TLS_AES_128_GCM_SHA256,
35  none,
36  IOBuf::copyBuffer("test"));
37  EXPECT_EQ(hexlify(hrr->coalesce()), statelessHrr);
38 }
39 
40 TEST(GetStatelessHrrTest, Group) {
41  auto hrr = getStatelessHelloRetryRequest(
42  ProtocolVersion::tls_1_3,
43  CipherSuite::TLS_AES_128_GCM_SHA256,
44  NamedGroup::x25519,
45  IOBuf::copyBuffer("test"));
46  EXPECT_EQ(hexlify(hrr->coalesce()), statelessHrrGroup);
47 }
48 
49 class GetCookieStateTest : public Test {
50  public:
51  void SetUp() override {
52  factory_.setDefaults();
53  }
54 
55  protected:
56  MockFactory factory_;
57 };
58 
59 TEST_F(GetCookieStateTest, TestBasic) {
60  auto mockHandshakeContext = new MockHandshakeContext();
61  Sequence seq;
62  EXPECT_CALL(
63  factory_, makeHandshakeContext(CipherSuite::TLS_AES_128_GCM_SHA256))
64  .InSequence(seq)
65  .WillOnce(InvokeWithoutArgs([=]() {
66  return std::unique_ptr<HandshakeContext>(mockHandshakeContext);
67  }));
68  EXPECT_CALL(
69  *mockHandshakeContext,
70  appendToTranscript(BufMatches("clienthelloencoding")))
71  .InSequence(seq);
72  EXPECT_CALL(*mockHandshakeContext, getHandshakeContext())
73  .WillOnce(Invoke([]() { return IOBuf::copyBuffer("context"); }));
74  auto state = getCookieState(
75  factory_,
76  {TestProtocolVersion},
77  {{CipherSuite::TLS_AES_128_GCM_SHA256}},
78  {NamedGroup::x25519},
79  TestMessages::clientHello(),
80  IOBuf::copyBuffer("token"));
81  EXPECT_EQ(state.version, TestProtocolVersion);
82  EXPECT_EQ(state.cipher, CipherSuite::TLS_AES_128_GCM_SHA256);
83  EXPECT_FALSE(state.group.hasValue());
84  EXPECT_TRUE(IOBufEqualTo()(state.chloHash, IOBuf::copyBuffer("context")));
85  EXPECT_TRUE(IOBufEqualTo()(state.appToken, IOBuf::copyBuffer("token")));
86 }
87 
88 TEST_F(GetCookieStateTest, TestNoVersion) {
89  auto chlo = TestMessages::clientHello();
90  TestMessages::removeExtension(chlo, ExtensionType::supported_versions);
91  EXPECT_THROW(
92  getCookieState(
93  factory_,
94  {TestProtocolVersion},
95  {{CipherSuite::TLS_AES_128_GCM_SHA256}},
96  {NamedGroup::x25519},
97  chlo,
98  IOBuf::copyBuffer("token")),
99  std::runtime_error);
100 }
101 
102 TEST_F(GetCookieStateTest, TestVersionMismatch) {
103  EXPECT_THROW(
104  getCookieState(
105  factory_,
106  {ProtocolVersion::tls_1_2},
107  {{CipherSuite::TLS_AES_128_GCM_SHA256}},
108  {NamedGroup::x25519},
109  TestMessages::clientHello(),
110  IOBuf::copyBuffer("token")),
111  std::runtime_error);
112 }
113 
114 TEST_F(GetCookieStateTest, TestCipherNegotiate) {
115  EXPECT_CALL(
116  factory_, makeHandshakeContext(CipherSuite::TLS_AES_256_GCM_SHA384))
117  .WillOnce(InvokeWithoutArgs([=]() {
118  auto ret = std::make_unique<MockHandshakeContext>();
119  ret->setDefaults();
120  return ret;
121  }));
122  auto state = getCookieState(
123  factory_,
124  {TestProtocolVersion},
125  {{CipherSuite::TLS_AES_256_GCM_SHA384},
126  {CipherSuite::TLS_AES_128_GCM_SHA256}},
127  {NamedGroup::x25519},
128  TestMessages::clientHello(),
129  IOBuf::copyBuffer("token"));
130  EXPECT_EQ(state.cipher, CipherSuite::TLS_AES_256_GCM_SHA384);
131 }
132 
133 TEST_F(GetCookieStateTest, TestCipherNegotiateTie) {
134  EXPECT_CALL(
135  factory_, makeHandshakeContext(CipherSuite::TLS_AES_128_GCM_SHA256))
136  .WillOnce(InvokeWithoutArgs([=]() {
137  auto ret = std::make_unique<MockHandshakeContext>();
138  ret->setDefaults();
139  return ret;
140  }));
141  auto state = getCookieState(
142  factory_,
143  {TestProtocolVersion},
144  {{CipherSuite::TLS_AES_256_GCM_SHA384,
145  CipherSuite::TLS_AES_128_GCM_SHA256}},
146  {NamedGroup::x25519},
147  TestMessages::clientHello(),
148  IOBuf::copyBuffer("token"));
149  EXPECT_EQ(state.cipher, CipherSuite::TLS_AES_128_GCM_SHA256);
150 }
151 
152 TEST_F(GetCookieStateTest, TestCipherMismatch) {
153  EXPECT_THROW(
154  getCookieState(
155  factory_,
156  {TestProtocolVersion},
157  {{}},
158  {NamedGroup::x25519},
159  TestMessages::clientHello(),
160  IOBuf::copyBuffer("token")),
161  std::runtime_error);
162 }
163 
164 TEST_F(GetCookieStateTest, TestGroupNotSent) {
165  auto state = getCookieState(
166  factory_,
167  {TestProtocolVersion},
168  {{CipherSuite::TLS_AES_128_GCM_SHA256}},
169  {NamedGroup::secp256r1},
170  TestMessages::clientHello(),
171  IOBuf::copyBuffer("token"));
172  EXPECT_EQ(*state.group, NamedGroup::secp256r1);
173 }
174 
175 TEST_F(GetCookieStateTest, TestNoGroups) {
176  auto chlo = TestMessages::clientHello();
177  TestMessages::removeExtension(chlo, ExtensionType::supported_groups);
178  TestMessages::removeExtension(chlo, ExtensionType::key_share);
179  auto state = getCookieState(
180  factory_,
181  {TestProtocolVersion},
182  {{CipherSuite::TLS_AES_128_GCM_SHA256}},
183  {NamedGroup::x25519},
184  chlo,
185  IOBuf::copyBuffer("token"));
186  EXPECT_FALSE(state.group.hasValue());
187 }
188 
189 TEST_F(GetCookieStateTest, TestNoKeyShare) {
190  auto chlo = TestMessages::clientHello();
191  TestMessages::removeExtension(chlo, ExtensionType::key_share);
192  EXPECT_THROW(
193  getCookieState(
194  factory_,
195  {TestProtocolVersion},
196  {{CipherSuite::TLS_AES_128_GCM_SHA256}},
197  {NamedGroup::x25519},
198  chlo,
199  IOBuf::copyBuffer("token")),
200  std::runtime_error);
201 }
202 
203 TEST_F(GetCookieStateTest, TestGroupMismatch) {
204  auto state = getCookieState(
205  factory_,
206  {TestProtocolVersion},
207  {{CipherSuite::TLS_AES_128_GCM_SHA256}},
208  {},
209  TestMessages::clientHello(),
210  IOBuf::copyBuffer("token"));
211  EXPECT_FALSE(state.group.hasValue());
212 }
213 } // namespace test
214 } // namespace server
215 } // namespace fizz
fizz::server::getStatelessHelloRetryRequest
Buf getStatelessHelloRetryRequest(ProtocolVersion version, CipherSuite cipher, folly::Optional< NamedGroup > group, Buf cookie)
Definition: CookieCipher.cpp:18
EXPECT_THROW
#define EXPECT_THROW(statement, expected_exception)
Definition: gtest.h:1843
chlo
static const std::string chlo
Definition: HandshakeTypesTest.cpp:23
fizz::server::getCookieState
CookieState getCookieState(const Factory &factory, const std::vector< ProtocolVersion > &supportedVersions, const std::vector< std::vector< CipherSuite >> &supportedCiphers, const std::vector< NamedGroup > &supportedGroups, const ClientHello &chlo, Buf appToken)
Definition: CookieCipher.cpp:79
EXPECT_EQ
#define EXPECT_EQ(val1, val2)
Definition: gtest.h:1922
statelessHrrGroup
static constexpr StringPiece statelessHrrGroup
Definition: CookieCipherTest.cpp:24
folly::gen::seq
Gen seq(Value first, Value last)
Definition: Base.h:484
folly
—— Concurrent Priority Queue Implementation ——
Definition: AtomicBitSet.h:29
testing::InvokeWithoutArgs
PolymorphicAction< internal::InvokeWithoutArgsAction< FunctionImpl > > InvokeWithoutArgs(FunctionImpl function_impl)
Definition: gmock-actions.h:1168
fizz::test::TEST
TEST(IOBufUtilTest, TrimBytes)
Definition: IOBufUtilTest.cpp:19
testing::Invoke
PolymorphicAction< internal::InvokeAction< FunctionImpl > > Invoke(FunctionImpl function_impl)
Definition: gmock-more-actions.h:114
fizz
Definition: Actions.h:16
fizz::test::TestMessages::removeExtension
static void removeExtension(T &msg, ExtensionType ext)
Definition: TestMessages.h:21
EXPECT_TRUE
#define EXPECT_TRUE(condition)
Definition: gtest.h:1859
fizz::test::TEST_F
TEST_F(RSAPSSTest, TestSignVerify)
Definition: RSAPSSSignatureTest.cpp:38
EXPECT_CALL
#define EXPECT_CALL(obj, call)
Definition: gmock-spec-builders.h:1845
EXPECT_FALSE
#define EXPECT_FALSE(condition)
Definition: gtest.h:1862
folly::hexlify
bool hexlify(const InputString &input, OutputString &output, bool append_output)
Definition: String-inl.h:596
folly::IOBuf::copyBuffer
static std::unique_ptr< IOBuf > copyBuffer(const void *buf, std::size_t size, std::size_t headroom=0, std::size_t minTailroom=0)
Definition: IOBuf.h:1587
fizz::test::TestMessages::clientHello
static ClientHello clientHello()
Definition: TestMessages.h:26
fizz::test::TestProtocolVersion
constexpr ProtocolVersion TestProtocolVersion
Definition: ProtocolTest.h:22
state
state
Definition: http_parser.c:272
folly::none
constexpr None none
Definition: Optional.h:87
statelessHrr
static constexpr StringPiece statelessHrr
Definition: CookieCipherTest.cpp:21