1 use super::*; 2 use crate::key_derivation::*; 3 4 use util::Error; 5 6 const CIPHER_CONTEXT_ALGO: ProtectionProfile = PROTECTION_PROFILE_AES128CM_HMAC_SHA1_80; 7 const DEFAULT_SSRC: u32 = 0; 8 9 #[test] 10 fn test_context_roc() -> Result<(), Error> { 11 let key_len = CIPHER_CONTEXT_ALGO.key_len()?; 12 let salt_len = CIPHER_CONTEXT_ALGO.salt_len()?; 13 14 let mut c = Context::new( 15 &vec![0; key_len], 16 &vec![0; salt_len], 17 CIPHER_CONTEXT_ALGO, 18 None, 19 None, 20 )?; 21 22 let roc = c.get_roc(123); 23 assert!(roc.is_none(), "ROC must return None for unused SSRC"); 24 25 c.set_roc(123, 100); 26 let roc = c.get_roc(123); 27 if let Some(r) = roc { 28 assert_eq!(r, 100, "ROC is set to 100, but returned {}", r) 29 } else { 30 assert!(false, "ROC must return value for used SSRC"); 31 } 32 33 Ok(()) 34 } 35 36 #[test] 37 fn test_context_index() -> Result<(), Error> { 38 let key_len = CIPHER_CONTEXT_ALGO.key_len()?; 39 let salt_len = CIPHER_CONTEXT_ALGO.salt_len()?; 40 41 let mut c = Context::new( 42 &vec![0; key_len], 43 &vec![0; salt_len], 44 CIPHER_CONTEXT_ALGO, 45 None, 46 None, 47 )?; 48 49 let index = c.get_index(123); 50 assert!(index.is_none(), "Index must return None for unused SSRC"); 51 52 c.set_index(123, 100); 53 let index = c.get_index(123); 54 if let Some(i) = index { 55 assert_eq!(i, 100, "Index is set to 100, but returned {}", i); 56 } else { 57 assert!(false, "Index must return true for used SSRC") 58 } 59 60 Ok(()) 61 } 62 63 #[test] 64 fn test_key_len() -> Result<(), Error> { 65 let key_len = CIPHER_CONTEXT_ALGO.key_len()?; 66 let salt_len = CIPHER_CONTEXT_ALGO.salt_len()?; 67 68 let result = Context::new(&vec![], &vec![0; salt_len], CIPHER_CONTEXT_ALGO, None, None); 69 assert!(result.is_err(), "CreateContext accepted a 0 length key"); 70 71 let result = Context::new(&vec![0; key_len], &vec![], CIPHER_CONTEXT_ALGO, None, None); 72 assert!(result.is_err(), "CreateContext accepted a 0 length salt"); 73 74 let result = Context::new( 75 &vec![0; key_len], 76 &vec![0; salt_len], 77 CIPHER_CONTEXT_ALGO, 78 None, 79 None, 80 ); 81 assert!( 82 result.is_ok(), 83 "CreateContext failed with a valid length key and salt" 84 ); 85 86 Ok(()) 87 } 88 89 #[test] 90 fn test_valid_packet_counter() -> Result<(), Error> { 91 let master_key = vec![ 92 0x0d, 0xcd, 0x21, 0x3e, 0x4c, 0xbc, 0xf2, 0x8f, 0x01, 0x7f, 0x69, 0x94, 0x40, 0x1e, 0x28, 93 0x89, 94 ]; 95 let master_salt = vec![ 96 0x62, 0x77, 0x60, 0x38, 0xc0, 0x6d, 0xc9, 0x41, 0x9f, 0x6d, 0xd9, 0x43, 0x3e, 0x7c, 97 ]; 98 99 let srtp_session_salt = aes_cm_key_derivation( 100 LABEL_SRTP_SALT, 101 &master_key, 102 &master_salt, 103 0, 104 master_salt.len(), 105 )?; 106 107 let s = SrtpSsrcState { 108 ssrc: 4160032510, 109 ..Default::default() 110 }; 111 let expected_counter = vec![ 112 0xcf, 0x90, 0x1e, 0xa5, 0xda, 0xd3, 0x2c, 0x15, 0x00, 0xa2, 0x24, 0xae, 0xae, 0xaf, 0x00, 113 0x00, 114 ]; 115 let counter = generate_counter(32846, s.rollover_counter, s.ssrc, &srtp_session_salt)?; 116 assert_eq!( 117 counter, expected_counter, 118 "Session Key {:?} does not match expected {:?}", 119 counter, expected_counter, 120 ); 121 122 Ok(()) 123 } 124 125 #[test] 126 fn test_rollover_count() -> Result<(), Error> { 127 let mut s = SrtpSsrcState { 128 ssrc: DEFAULT_SSRC, 129 ..Default::default() 130 }; 131 132 // Set initial seqnum 133 let roc = s.next_rollover_count(65530); 134 assert_eq!(roc, 0, "Initial rolloverCounter must be 0"); 135 s.update_rollover_count(65530); 136 137 // Invalid packets never update ROC 138 s.next_rollover_count(0); 139 s.next_rollover_count(0x4000); 140 s.next_rollover_count(0x8000); 141 s.next_rollover_count(0xFFFF); 142 s.next_rollover_count(0); 143 144 // We rolled over to 0 145 let roc = s.next_rollover_count(0); 146 assert_eq!(roc, 1, "rolloverCounter was not updated after it crossed 0"); 147 s.update_rollover_count(0); 148 149 let roc = s.next_rollover_count(65530); 150 assert_eq!( 151 roc, 0, 152 "rolloverCounter was not updated when it rolled back, failed to handle out of order" 153 ); 154 s.update_rollover_count(65530); 155 156 let roc = s.next_rollover_count(5); 157 assert_eq!( 158 roc, 1, 159 "rolloverCounter was not updated when it rolled over initial, to handle out of order" 160 ); 161 s.update_rollover_count(5); 162 163 s.next_rollover_count(6); 164 s.update_rollover_count(6); 165 166 s.next_rollover_count(7); 167 s.update_rollover_count(7); 168 169 let roc = s.next_rollover_count(8); 170 assert_eq!( 171 roc, 1, 172 "rolloverCounter was improperly updated for non-significant packets" 173 ); 174 s.update_rollover_count(8); 175 176 // valid packets never update ROC 177 let roc = s.next_rollover_count(0x4000); 178 assert_eq!( 179 roc, 1, 180 "rolloverCounter was improperly updated for non-significant packets" 181 ); 182 s.update_rollover_count(0x4000); 183 184 let roc = s.next_rollover_count(0x8000); 185 assert_eq!( 186 roc, 1, 187 "rolloverCounter was improperly updated for non-significant packets" 188 ); 189 s.update_rollover_count(0x8000); 190 191 let roc = s.next_rollover_count(0xFFFF); 192 assert_eq!( 193 roc, 1, 194 "rolloverCounter was improperly updated for non-significant packets" 195 ); 196 s.update_rollover_count(0xFFFF); 197 198 let roc = s.next_rollover_count(0); 199 assert_eq!( 200 roc, 2, 201 "rolloverCounter must be incremented after wrapping, got {}", 202 roc 203 ); 204 205 Ok(()) 206 } 207