1 /*
2  *
3  * Copyright 2018 gRPC authors.
4  *
5  * Licensed under the Apache License, Version 2.0 (the "License");
6  * you may not use this file except in compliance with the License.
7  * You may obtain a copy of the License at
8  *
9  *     http://www.apache.org/licenses/LICENSE-2.0
10  *
11  * Unless required by applicable law or agreed to in writing, software
12  * distributed under the License is distributed on an "AS IS" BASIS,
13  * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
14  * See the License for the specific language governing permissions and
15  * limitations under the License.
16  *
17  */
18 
19 #include <grpc/support/alloc.h>
20 #include <grpc/support/log.h>
21 
22 #include <stdbool.h>
23 
24 #include "src/core/tsi/alts/crypt/gsec.h"
25 #include "src/core/tsi/alts/frame_protector/alts_frame_protector.h"
26 #include "src/core/tsi/transport_security_interface.h"
27 #include "test/core/tsi/alts/crypt/gsec_test_util.h"
28 #include "test/core/tsi/transport_security_test_lib.h"
29 
30 const size_t kChannelSize = 32768;
31 
alts_test_do_round_trip_check_frames(tsi_test_frame_protector_fixture * fixture,const uint8_t * key,const size_t key_size,bool rekey,const uint8_t * client_message,const size_t client_message_size,const uint8_t * client_expected_frames,const size_t client_frame_size,const uint8_t * server_message,const size_t server_message_size,const uint8_t * server_expected_frames,const size_t server_frame_size)32 static void alts_test_do_round_trip_check_frames(
33     tsi_test_frame_protector_fixture* fixture, const uint8_t* key,
34     const size_t key_size, bool rekey, const uint8_t* client_message,
35     const size_t client_message_size, const uint8_t* client_expected_frames,
36     const size_t client_frame_size, const uint8_t* server_message,
37     const size_t server_message_size, const uint8_t* server_expected_frames,
38     const size_t server_frame_size) {
39   GPR_ASSERT(fixture != nullptr);
40   GPR_ASSERT(fixture->config != nullptr);
41   tsi_frame_protector* client_frame_protector = nullptr;
42   tsi_frame_protector* server_frame_protector = nullptr;
43   tsi_test_frame_protector_config* config = fixture->config;
44   tsi_test_channel* channel = fixture->channel;
45   /* Create a client frame protector. */
46   size_t client_max_output_protected_frame_size =
47       config->client_max_output_protected_frame_size;
48   GPR_ASSERT(
49       alts_create_frame_protector(key, key_size, /*is_client=*/true, rekey,
50                                   client_max_output_protected_frame_size == 0
51                                       ? nullptr
52                                       : &client_max_output_protected_frame_size,
53                                   &client_frame_protector) == TSI_OK);
54   /* Create a server frame protector. */
55   size_t server_max_output_protected_frame_size =
56       config->server_max_output_protected_frame_size;
57   GPR_ASSERT(
58       alts_create_frame_protector(key, key_size, /*is_client=*/false, rekey,
59                                   server_max_output_protected_frame_size == 0
60                                       ? nullptr
61                                       : &server_max_output_protected_frame_size,
62                                   &server_frame_protector) == TSI_OK);
63   tsi_test_frame_protector_fixture_init(fixture, client_frame_protector,
64                                         server_frame_protector);
65   /* Client sends a message to server. */
66   uint8_t* saved_client_message = config->client_message;
67   config->client_message = const_cast<uint8_t*>(client_message);
68   config->client_message_size = client_message_size;
69   tsi_test_frame_protector_send_message_to_peer(config, channel,
70                                                 client_frame_protector,
71                                                 /*is_client=*/true);
72   /* Verify if the generated frame is the same as the expected. */
73   GPR_ASSERT(channel->bytes_written_to_server_channel == client_frame_size);
74   GPR_ASSERT(memcmp(client_expected_frames, channel->server_channel,
75                     client_frame_size) == 0);
76   unsigned char* server_received_message =
77       static_cast<unsigned char*>(gpr_malloc(kChannelSize));
78   size_t server_received_message_size = 0;
79   tsi_test_frame_protector_receive_message_from_peer(
80       config, channel, server_frame_protector, server_received_message,
81       &server_received_message_size, /*is_client=*/false);
82   GPR_ASSERT(config->client_message_size == server_received_message_size);
83   GPR_ASSERT(memcmp(config->client_message, server_received_message,
84                     server_received_message_size) == 0);
85   /* Server sends a message to client. */
86   uint8_t* saved_server_message = config->server_message;
87   config->server_message = const_cast<uint8_t*>(server_message);
88   config->server_message_size = server_message_size;
89   tsi_test_frame_protector_send_message_to_peer(config, channel,
90                                                 server_frame_protector,
91                                                 /*is_client=*/false);
92   /* Verify if the generated frame is the same as the expected. */
93   GPR_ASSERT(channel->bytes_written_to_client_channel == server_frame_size);
94   GPR_ASSERT(memcmp(server_expected_frames, channel->client_channel,
95                     server_frame_size) == 0);
96   unsigned char* client_received_message =
97       static_cast<unsigned char*>(gpr_malloc(kChannelSize));
98   size_t client_received_message_size = 0;
99   tsi_test_frame_protector_receive_message_from_peer(
100       config, channel, client_frame_protector, client_received_message,
101       &client_received_message_size,
102       /*is_client=*/true);
103   GPR_ASSERT(config->server_message_size == client_received_message_size);
104   GPR_ASSERT(memcmp(config->server_message, client_received_message,
105                     client_received_message_size) == 0);
106   config->client_message = saved_client_message;
107   config->server_message = saved_server_message;
108   /* Destroy server and client frame protectors. */
109   gpr_free(server_received_message);
110   gpr_free(client_received_message);
111 }
112 
alts_test_do_round_trip_vector_tests()113 static void alts_test_do_round_trip_vector_tests() {
114   const uint8_t key[] = {0xfe, 0xff, 0xe9, 0x92, 0x86, 0x65, 0x73, 0x1c,
115                          0x6d, 0x6a, 0x8f, 0x94, 0x67, 0x30, 0x83, 0x08};
116   const char small_message[] = {'C', 'h', 'a', 'p', 'i', ' ',
117                                 'C', 'h', 'a', 'p', 'o'};
118   const uint8_t large_message[] = {
119       0xd9, 0x31, 0x32, 0x25, 0xf8, 0x84, 0x06, 0xe5, 0xa5, 0x59, 0x09, 0xc5,
120       0xaf, 0xf5, 0x26, 0x9a, 0x86, 0xa7, 0xa9, 0x53, 0x15, 0x34, 0xf7, 0xda,
121       0x2e, 0x4c, 0x30, 0x3d, 0x8a, 0x31, 0x8a, 0x72, 0x1c, 0x3c, 0x0c, 0x95,
122       0x95, 0x68, 0x09, 0x53, 0x2f, 0xcf, 0x0e, 0x24, 0x49, 0xa6, 0xb5, 0x25,
123       0xb1, 0x6a, 0xed, 0xf5, 0xaa, 0x0d, 0xe6, 0x57, 0xba, 0x63, 0x7b, 0x39,
124       0x1a, 0xaf, 0xd2, 0x55, 0xd6, 0x09, 0xb1, 0xf0, 0x56, 0x63, 0x7a, 0x0d,
125       0x46, 0xdf, 0x99, 0x8d, 0x88, 0xe5, 0x22, 0x2a, 0xb2, 0xc2, 0x84, 0x65,
126       0x12, 0x15, 0x35, 0x24, 0xc0, 0x89, 0x5e, 0x81, 0x08, 0x06, 0x0f, 0x10,
127       0x11, 0x12, 0x13, 0x14, 0x15, 0x16, 0x17, 0x18, 0x19, 0x1a, 0x1b, 0x1c,
128       0x1d, 0x1e, 0x1f, 0x20, 0x21, 0x22, 0x23, 0x24, 0x25, 0x26, 0x27, 0x28,
129       0x29, 0x2a, 0x2b, 0x2c, 0x2d, 0x2e, 0x2f, 0x30};
130   const size_t small_message_size = sizeof(small_message) / sizeof(uint8_t);
131   const size_t large_message_size = sizeof(large_message) / sizeof(uint8_t);
132   /* Test small client message and large server message. */
133   const uint8_t client_expected_frame1[] = {
134       0x1f, 0x00, 0x00, 0x00, 0x06, 0x00, 0x00, 0x00, 0x09, 0xd8, 0xd5, 0x92,
135       0x4d, 0x50, 0x32, 0xb7, 0x1f, 0xb8, 0xf2, 0xbb, 0x43, 0xc7, 0xe2, 0x94,
136       0x3d, 0x3e, 0x9a, 0x78, 0x76, 0xaa, 0x0a, 0x6b, 0xfa, 0x98, 0x3a};
137   const uint8_t server_expected_frame1[] = {
138       0x94, 0x00, 0x00, 0x00, 0x06, 0x00, 0x00, 0x00, 0xa9, 0x4b, 0xf8, 0xc8,
139       0xe7, 0x8f, 0x1a, 0x26, 0x37, 0x44, 0xa2, 0x5c, 0x55, 0x94, 0x30, 0x4e,
140       0x3e, 0x16, 0xe7, 0x9e, 0x96, 0xe8, 0x1b, 0xc0, 0xdd, 0x52, 0x30, 0x06,
141       0xc2, 0x72, 0x9a, 0xa1, 0x0b, 0xdb, 0xdc, 0x19, 0x8c, 0x93, 0x5e, 0x84,
142       0x1f, 0x4b, 0x97, 0x26, 0xf0, 0x73, 0x85, 0x59, 0x00, 0x95, 0xc1, 0xc5,
143       0x22, 0x2f, 0x70, 0x85, 0x68, 0x2c, 0x4f, 0xfe, 0x30, 0x26, 0x91, 0xde,
144       0x62, 0x55, 0x1d, 0x35, 0x01, 0x96, 0x1c, 0xe7, 0xa2, 0x8b, 0x14, 0x8a,
145       0x5e, 0x1b, 0x4a, 0x3b, 0x4f, 0x65, 0x0f, 0xca, 0x79, 0x10, 0xb4, 0xdd,
146       0xf7, 0xa4, 0x8b, 0x64, 0x2f, 0x00, 0x39, 0x60, 0x03, 0xfc, 0xe1, 0x8b,
147       0x5c, 0x19, 0xba, 0xcc, 0x46, 0xba, 0x88, 0xdd, 0x40, 0x42, 0x27, 0x4f,
148       0xe4, 0x1a, 0x6a, 0x31, 0x6c, 0x1c, 0xb0, 0xb6, 0x5c, 0x3e, 0xca, 0x84,
149       0x9b, 0x5f, 0x04, 0x84, 0x11, 0xa9, 0xf8, 0x39, 0xe7, 0xe7, 0xc5, 0xc4,
150       0x33, 0x9f, 0x63, 0x21, 0x9a, 0x7c, 0x9c, 0x64};
151   const size_t client_frame_size1 =
152       sizeof(client_expected_frame1) / sizeof(uint8_t);
153   const size_t server_frame_size1 =
154       sizeof(server_expected_frame1) / sizeof(uint8_t);
155   tsi_test_frame_protector_fixture* fixture =
156       tsi_test_frame_protector_fixture_create();
157   alts_test_do_round_trip_check_frames(
158       fixture, key, kAes128GcmKeyLength, /*rekey=*/false,
159       reinterpret_cast<const uint8_t*>(small_message), small_message_size,
160       client_expected_frame1, client_frame_size1, large_message,
161       large_message_size, server_expected_frame1, server_frame_size1);
162   tsi_test_frame_protector_fixture_destroy(fixture);
163   /**
164    * Test large client message, small server message, and small
165    * message_buffer_allocated_size.
166    */
167   const uint8_t client_expected_frame2[] = {
168       0x94, 0x00, 0x00, 0x00, 0x06, 0x00, 0x00, 0x00, 0x93, 0x81, 0x86, 0xc7,
169       0xdc, 0xf4, 0x77, 0x3a, 0xdb, 0x91, 0x94, 0x61, 0xba, 0xed, 0xd5, 0x37,
170       0x47, 0x53, 0x0c, 0xe1, 0xbf, 0x59, 0x23, 0x20, 0xde, 0x8b, 0x25, 0x13,
171       0x72, 0xe7, 0x8a, 0x4f, 0x32, 0x61, 0xc6, 0xda, 0xc3, 0xe9, 0xff, 0x31,
172       0x33, 0x53, 0x4a, 0xf8, 0xc9, 0x98, 0xe4, 0x19, 0x71, 0x9c, 0x5e, 0x72,
173       0xc7, 0x35, 0x97, 0x78, 0x30, 0xf2, 0xc4, 0xd1, 0x53, 0xd5, 0x6e, 0x8f,
174       0x4f, 0xd9, 0x28, 0x5a, 0xfd, 0x22, 0x57, 0x7f, 0x95, 0xb4, 0x8a, 0x5e,
175       0x7c, 0x47, 0xa8, 0xcf, 0x64, 0x3d, 0x83, 0xa5, 0xcf, 0xc3, 0xfe, 0x54,
176       0xc2, 0x6a, 0x40, 0xc4, 0xfb, 0x8e, 0x07, 0x77, 0x70, 0x8f, 0x99, 0x94,
177       0xb1, 0xd5, 0xa7, 0xf9, 0x0d, 0xc7, 0x11, 0xc5, 0x6f, 0x4a, 0x4f, 0x56,
178       0xd5, 0xe2, 0x9c, 0xbb, 0x95, 0x7a, 0xd0, 0x9f, 0x30, 0x54, 0xca, 0x6d,
179       0x5c, 0x8e, 0x83, 0xa0, 0x04, 0x5e, 0xd0, 0x22, 0x8c, 0x2a, 0x7f, 0xdb,
180       0xfe, 0xb3, 0x2e, 0xae, 0x22, 0xe6, 0xf4, 0xb7};
181   const uint8_t server_expected_frame2[] = {
182       0x1f, 0x00, 0x00, 0x00, 0x06, 0x00, 0x00, 0x00, 0x33, 0x12, 0xab, 0x9d,
183       0x76, 0x2b, 0x5f, 0xab, 0xf3, 0x6d, 0xc4, 0xaa, 0xe5, 0x1e, 0x63, 0xc1,
184       0x7b, 0x7b, 0x10, 0xd5, 0x63, 0x0f, 0x29, 0xad, 0x17, 0x33, 0x73};
185   const size_t client_frame_size2 =
186       sizeof(client_expected_frame2) / sizeof(uint8_t);
187   const size_t server_frame_size2 =
188       sizeof(server_expected_frame2) / sizeof(uint8_t);
189   fixture = tsi_test_frame_protector_fixture_create();
190   alts_test_do_round_trip_check_frames(
191       fixture, key, kAes128GcmKeyLength, /*rekey=*/false, large_message,
192       large_message_size, client_expected_frame2, client_frame_size2,
193       reinterpret_cast<const uint8_t*>(small_message), small_message_size,
194       server_expected_frame2, server_frame_size2);
195   tsi_test_frame_protector_fixture_destroy(fixture);
196   /**
197    * Test large client message, small server message, and small
198    * protected_buffer_size.
199    */
200   const uint8_t client_expected_frame3[] = {
201       0x94, 0x00, 0x00, 0x00, 0x06, 0x00, 0x00, 0x00, 0x93, 0x81, 0x86, 0xc7,
202       0xdc, 0xf4, 0x77, 0x3a, 0xdb, 0x91, 0x94, 0x61, 0xba, 0xed, 0xd5, 0x37,
203       0x47, 0x53, 0x0c, 0xe1, 0xbf, 0x59, 0x23, 0x20, 0xde, 0x8b, 0x25, 0x13,
204       0x72, 0xe7, 0x8a, 0x4f, 0x32, 0x61, 0xc6, 0xda, 0xc3, 0xe9, 0xff, 0x31,
205       0x33, 0x53, 0x4a, 0xf8, 0xc9, 0x98, 0xe4, 0x19, 0x71, 0x9c, 0x5e, 0x72,
206       0xc7, 0x35, 0x97, 0x78, 0x30, 0xf2, 0xc4, 0xd1, 0x53, 0xd5, 0x6e, 0x8f,
207       0x4f, 0xd9, 0x28, 0x5a, 0xfd, 0x22, 0x57, 0x7f, 0x95, 0xb4, 0x8a, 0x5e,
208       0x7c, 0x47, 0xa8, 0xcf, 0x64, 0x3d, 0x83, 0xa5, 0xcf, 0xc3, 0xfe, 0x54,
209       0xc2, 0x6a, 0x40, 0xc4, 0xfb, 0x8e, 0x07, 0x77, 0x70, 0x8f, 0x99, 0x94,
210       0xb1, 0xd5, 0xa7, 0xf9, 0x0d, 0xc7, 0x11, 0xc5, 0x6f, 0x4a, 0x4f, 0x56,
211       0xd5, 0xe2, 0x9c, 0xbb, 0x95, 0x7a, 0xd0, 0x9f, 0x30, 0x54, 0xca, 0x6d,
212       0x5c, 0x8e, 0x83, 0xa0, 0x04, 0x5e, 0xd0, 0x22, 0x8c, 0x2a, 0x7f, 0xdb,
213       0xfe, 0xb3, 0x2e, 0xae, 0x22, 0xe6, 0xf4, 0xb7};
214   const uint8_t server_expected_frame3[] = {
215       0x1f, 0x00, 0x00, 0x00, 0x06, 0x00, 0x00, 0x00, 0x33, 0x12, 0xab, 0x9d,
216       0x76, 0x2b, 0x5f, 0xab, 0xf3, 0x6d, 0xc4, 0xaa, 0xe5, 0x1e, 0x63, 0xc1,
217       0x7b, 0x7b, 0x10, 0xd5, 0x63, 0x0f, 0x29, 0xad, 0x17, 0x33, 0x73};
218   const size_t client_frame_size3 =
219       sizeof(client_expected_frame3) / sizeof(uint8_t);
220   const size_t server_frame_size3 =
221       sizeof(server_expected_frame3) / sizeof(uint8_t);
222   fixture = tsi_test_frame_protector_fixture_create();
223   alts_test_do_round_trip_check_frames(
224       fixture, key, kAes128GcmKeyLength, /*rekey=*/false, large_message,
225       large_message_size, client_expected_frame3, client_frame_size3,
226       reinterpret_cast<const uint8_t*>(small_message), small_message_size,
227       server_expected_frame3, server_frame_size3);
228   tsi_test_frame_protector_fixture_destroy(fixture);
229   /**
230    * Test large client message, small server message, and small
231    * read_buffer_allocated_size.
232    */
233   const uint8_t client_expected_frame4[] = {
234       0x94, 0x00, 0x00, 0x00, 0x06, 0x00, 0x00, 0x00, 0x93, 0x81, 0x86, 0xc7,
235       0xdc, 0xf4, 0x77, 0x3a, 0xdb, 0x91, 0x94, 0x61, 0xba, 0xed, 0xd5, 0x37,
236       0x47, 0x53, 0x0c, 0xe1, 0xbf, 0x59, 0x23, 0x20, 0xde, 0x8b, 0x25, 0x13,
237       0x72, 0xe7, 0x8a, 0x4f, 0x32, 0x61, 0xc6, 0xda, 0xc3, 0xe9, 0xff, 0x31,
238       0x33, 0x53, 0x4a, 0xf8, 0xc9, 0x98, 0xe4, 0x19, 0x71, 0x9c, 0x5e, 0x72,
239       0xc7, 0x35, 0x97, 0x78, 0x30, 0xf2, 0xc4, 0xd1, 0x53, 0xd5, 0x6e, 0x8f,
240       0x4f, 0xd9, 0x28, 0x5a, 0xfd, 0x22, 0x57, 0x7f, 0x95, 0xb4, 0x8a, 0x5e,
241       0x7c, 0x47, 0xa8, 0xcf, 0x64, 0x3d, 0x83, 0xa5, 0xcf, 0xc3, 0xfe, 0x54,
242       0xc2, 0x6a, 0x40, 0xc4, 0xfb, 0x8e, 0x07, 0x77, 0x70, 0x8f, 0x99, 0x94,
243       0xb1, 0xd5, 0xa7, 0xf9, 0x0d, 0xc7, 0x11, 0xc5, 0x6f, 0x4a, 0x4f, 0x56,
244       0xd5, 0xe2, 0x9c, 0xbb, 0x95, 0x7a, 0xd0, 0x9f, 0x30, 0x54, 0xca, 0x6d,
245       0x5c, 0x8e, 0x83, 0xa0, 0x04, 0x5e, 0xd0, 0x22, 0x8c, 0x2a, 0x7f, 0xdb,
246       0xfe, 0xb3, 0x2e, 0xae, 0x22, 0xe6, 0xf4, 0xb7};
247   const uint8_t server_expected_frame4[] = {
248       0x1f, 0x00, 0x00, 0x00, 0x06, 0x00, 0x00, 0x00, 0x33, 0x12, 0xab, 0x9d,
249       0x76, 0x2b, 0x5f, 0xab, 0xf3, 0x6d, 0xc4, 0xaa, 0xe5, 0x1e, 0x63, 0xc1,
250       0x7b, 0x7b, 0x10, 0xd5, 0x63, 0x0f, 0x29, 0xad, 0x17, 0x33, 0x73};
251   const size_t client_frame_size4 =
252       sizeof(client_expected_frame4) / sizeof(uint8_t);
253   const size_t server_frame_size4 =
254       sizeof(server_expected_frame4) / sizeof(uint8_t);
255   fixture = tsi_test_frame_protector_fixture_create();
256   alts_test_do_round_trip_check_frames(
257       fixture, key, kAes128GcmKeyLength, /*rekey=*/false, large_message,
258       large_message_size, client_expected_frame4, client_frame_size4,
259       reinterpret_cast<const uint8_t*>(small_message), small_message_size,
260       server_expected_frame4, server_frame_size4);
261   tsi_test_frame_protector_fixture_destroy(fixture);
262   /**
263    * Test large client message, small server message, and small
264    * client_max_output_protected_frame_size.
265    */
266   const uint8_t client_expected_frame5[] = {
267       0x94, 0x00, 0x00, 0x00, 0x06, 0x00, 0x00, 0x00, 0x93, 0x81, 0x86, 0xc7,
268       0xdc, 0xf4, 0x77, 0x3a, 0xdb, 0x91, 0x94, 0x61, 0xba, 0xed, 0xd5, 0x37,
269       0x47, 0x53, 0x0c, 0xe1, 0xbf, 0x59, 0x23, 0x20, 0xde, 0x8b, 0x25, 0x13,
270       0x72, 0xe7, 0x8a, 0x4f, 0x32, 0x61, 0xc6, 0xda, 0xc3, 0xe9, 0xff, 0x31,
271       0x33, 0x53, 0x4a, 0xf8, 0xc9, 0x98, 0xe4, 0x19, 0x71, 0x9c, 0x5e, 0x72,
272       0xc7, 0x35, 0x97, 0x78, 0x30, 0xf2, 0xc4, 0xd1, 0x53, 0xd5, 0x6e, 0x8f,
273       0x4f, 0xd9, 0x28, 0x5a, 0xfd, 0x22, 0x57, 0x7f, 0x95, 0xb4, 0x8a, 0x5e,
274       0x7c, 0x47, 0xa8, 0xcf, 0x64, 0x3d, 0x83, 0xa5, 0xcf, 0xc3, 0xfe, 0x54,
275       0xc2, 0x6a, 0x40, 0xc4, 0xfb, 0x8e, 0x07, 0x77, 0x70, 0x8f, 0x99, 0x94,
276       0xb1, 0xd5, 0xa7, 0xf9, 0x0d, 0xc7, 0x11, 0xc5, 0x6f, 0x4a, 0x4f, 0x56,
277       0xd5, 0xe2, 0x9c, 0xbb, 0x95, 0x7a, 0xd0, 0x9f, 0x30, 0x54, 0xca, 0x6d,
278       0x5c, 0x8e, 0x83, 0xa0, 0x04, 0x5e, 0xd0, 0x22, 0x8c, 0x2a, 0x7f, 0xdb,
279       0xfe, 0xb3, 0x2e, 0xae, 0x22, 0xe6, 0xf4, 0xb7};
280   const uint8_t server_expected_frame5[] = {
281       0x1f, 0x00, 0x00, 0x00, 0x06, 0x00, 0x00, 0x00, 0x33, 0x12, 0xab, 0x9d,
282       0x76, 0x2b, 0x5f, 0xab, 0xf3, 0x6d, 0xc4, 0xaa, 0xe5, 0x1e, 0x63, 0xc1,
283       0x7b, 0x7b, 0x10, 0xd5, 0x63, 0x0f, 0x29, 0xad, 0x17, 0x33, 0x73};
284   const size_t client_frame_size5 =
285       sizeof(client_expected_frame5) / sizeof(uint8_t);
286   const size_t server_frame_size5 =
287       sizeof(server_expected_frame5) / sizeof(uint8_t);
288   fixture = tsi_test_frame_protector_fixture_create();
289   alts_test_do_round_trip_check_frames(
290       fixture, key, kAes128GcmKeyLength, /*rekey=*/false, large_message,
291       large_message_size, client_expected_frame5, client_frame_size5,
292       reinterpret_cast<const uint8_t*>(small_message), small_message_size,
293       server_expected_frame5, server_frame_size5);
294   tsi_test_frame_protector_fixture_destroy(fixture);
295   /**
296    * Test small client message, large server message, and small
297    * server_max_output_protected_frame_size.
298    */
299   const uint8_t client_expected_frame6[] = {
300       0x1f, 0x00, 0x00, 0x00, 0x06, 0x00, 0x00, 0x00, 0x09, 0xd8, 0xd5, 0x92,
301       0x4d, 0x50, 0x32, 0xb7, 0x1f, 0xb8, 0xf2, 0xbb, 0x43, 0xc7, 0xe2, 0x94,
302       0x3d, 0x3e, 0x9a, 0x78, 0x76, 0xaa, 0x0a, 0x6b, 0xfa, 0x98, 0x3a};
303   const uint8_t server_expected_frame6[] = {
304       0x94, 0x00, 0x00, 0x00, 0x06, 0x00, 0x00, 0x00, 0xa9, 0x4b, 0xf8, 0xc8,
305       0xe7, 0x8f, 0x1a, 0x26, 0x37, 0x44, 0xa2, 0x5c, 0x55, 0x94, 0x30, 0x4e,
306       0x3e, 0x16, 0xe7, 0x9e, 0x96, 0xe8, 0x1b, 0xc0, 0xdd, 0x52, 0x30, 0x06,
307       0xc2, 0x72, 0x9a, 0xa1, 0x0b, 0xdb, 0xdc, 0x19, 0x8c, 0x93, 0x5e, 0x84,
308       0x1f, 0x4b, 0x97, 0x26, 0xf0, 0x73, 0x85, 0x59, 0x00, 0x95, 0xc1, 0xc5,
309       0x22, 0x2f, 0x70, 0x85, 0x68, 0x2c, 0x4f, 0xfe, 0x30, 0x26, 0x91, 0xde,
310       0x62, 0x55, 0x1d, 0x35, 0x01, 0x96, 0x1c, 0xe7, 0xa2, 0x8b, 0x14, 0x8a,
311       0x5e, 0x1b, 0x4a, 0x3b, 0x4f, 0x65, 0x0f, 0xca, 0x79, 0x10, 0xb4, 0xdd,
312       0xf7, 0xa4, 0x8b, 0x64, 0x2f, 0x00, 0x39, 0x60, 0x03, 0xfc, 0xe1, 0x8b,
313       0x5c, 0x19, 0xba, 0xcc, 0x46, 0xba, 0x88, 0xdd, 0x40, 0x42, 0x27, 0x4f,
314       0xe4, 0x1a, 0x6a, 0x31, 0x6c, 0x1c, 0xb0, 0xb6, 0x5c, 0x3e, 0xca, 0x84,
315       0x9b, 0x5f, 0x04, 0x84, 0x11, 0xa9, 0xf8, 0x39, 0xe7, 0xe7, 0xc5, 0xc4,
316       0x33, 0x9f, 0x63, 0x21, 0x9a, 0x7c, 0x9c, 0x64};
317   const size_t client_frame_size6 =
318       sizeof(client_expected_frame6) / sizeof(uint8_t);
319   const size_t server_frame_size6 =
320       sizeof(server_expected_frame6) / sizeof(uint8_t);
321   fixture = tsi_test_frame_protector_fixture_create();
322   alts_test_do_round_trip_check_frames(
323       fixture, key, kAes128GcmKeyLength, /*rekey=*/false,
324       reinterpret_cast<const uint8_t*>(small_message), small_message_size,
325       client_expected_frame6, client_frame_size6, large_message,
326       large_message_size, server_expected_frame6, server_frame_size6);
327   tsi_test_frame_protector_fixture_destroy(fixture);
328 }
329 
alts_test_do_round_trip(tsi_test_frame_protector_fixture * fixture,bool rekey)330 static void alts_test_do_round_trip(tsi_test_frame_protector_fixture* fixture,
331                                     bool rekey) {
332   GPR_ASSERT(fixture != nullptr);
333   GPR_ASSERT(fixture->config != nullptr);
334   tsi_frame_protector* client_frame_protector = nullptr;
335   tsi_frame_protector* server_frame_protector = nullptr;
336   tsi_test_frame_protector_config* config = fixture->config;
337   /* Create a key to be used by both client and server. */
338   uint8_t* key = nullptr;
339   size_t key_length = rekey ? kAes128GcmRekeyKeyLength : kAes128GcmKeyLength;
340   gsec_test_random_array(&key, key_length);
341   /* Create a client frame protector. */
342   size_t client_max_output_protected_frame_size =
343       config->client_max_output_protected_frame_size;
344   GPR_ASSERT(
345       alts_create_frame_protector(key, key_length, /*is_client=*/true, rekey,
346                                   client_max_output_protected_frame_size == 0
347                                       ? nullptr
348                                       : &client_max_output_protected_frame_size,
349                                   &client_frame_protector) == TSI_OK);
350   /* Create a server frame protector. */
351   size_t server_max_output_protected_frame_size =
352       config->server_max_output_protected_frame_size;
353   GPR_ASSERT(
354       alts_create_frame_protector(key, key_length, /*is_client=*/false, rekey,
355                                   server_max_output_protected_frame_size == 0
356                                       ? nullptr
357                                       : &server_max_output_protected_frame_size,
358                                   &server_frame_protector) == TSI_OK);
359   tsi_test_frame_protector_fixture_init(fixture, client_frame_protector,
360                                         server_frame_protector);
361   tsi_test_frame_protector_do_round_trip_no_handshake(fixture);
362   gpr_free(key);
363 }
364 
365 /* Run all combinations of different arguments of test config. */
alts_test_do_round_trip_all(bool rekey)366 static void alts_test_do_round_trip_all(bool rekey) {
367   unsigned int* bit_array = static_cast<unsigned int*>(
368       gpr_malloc(sizeof(unsigned int) * TSI_TEST_NUM_OF_ARGUMENTS));
369   unsigned int mask = 1U << (TSI_TEST_NUM_OF_ARGUMENTS - 1);
370   unsigned int val = 0, ind = 0;
371   for (val = 0; val < TSI_TEST_NUM_OF_COMBINATIONS; val++) {
372     unsigned int v = val;
373     for (ind = 0; ind < TSI_TEST_NUM_OF_ARGUMENTS; ind++) {
374       bit_array[ind] = (v & mask) ? 1 : 0;
375       v <<= 1;
376     }
377     tsi_test_frame_protector_fixture* fixture =
378         tsi_test_frame_protector_fixture_create();
379     tsi_test_frame_protector_config_destroy(fixture->config);
380     fixture->config = tsi_test_frame_protector_config_create(
381         bit_array[0], bit_array[1], bit_array[2], bit_array[3], bit_array[4],
382         bit_array[5], bit_array[6]);
383     alts_test_do_round_trip(fixture, rekey);
384     tsi_test_frame_protector_fixture_destroy(fixture);
385   }
386   gpr_free(bit_array);
387 }
388 
main(int argc,char ** argv)389 int main(int argc, char** argv) {
390   alts_test_do_round_trip_vector_tests();
391   alts_test_do_round_trip_all(/*rekey=*/false);
392   alts_test_do_round_trip_all(/*rekey=*/true);
393   return 0;
394 }
395