Add TSI test library and SSL and fake TSI tests

1 files changed, 165 insertions, 0 deletions

diff --git a/test/core/tsi/transport_security_test_lib.h b/test/core/tsi/transport_security_test_lib.h
new file mode 100644
index 0000000000..8ae2024ee4
--- /dev/null
+++ b/test/core/tsi/transport_security_test_lib.h
@@ -0,0 +1,165 @@
+/*
+ *
+ * Copyright 2017 gRPC authors.
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ *
+ */
+
+#ifndef GRPC_TEST_CORE_TSI_TRANSPORT_SECURITY_TEST_LIB_H_
+#define GRPC_TEST_CORE_TSI_TRANSPORT_SECURITY_TEST_LIB_H_
+
+#include "src/core/tsi/transport_security_interface.h"
+
+#define TSI_TEST_TINY_HANDSHAKE_BUFFER_SIZE 32
+#define TSI_TEST_SMALL_HANDSHAKE_BUFFER_SIZE 128
+#define TSI_TEST_SMALL_READ_BUFFER_ALLOCATED_SIZE 41
+#define TSI_TEST_SMALL_PROTECTED_BUFFER_SIZE 37
+#define TSI_TEST_SMALL_MESSAGE_BUFFER_ALLOCATED_SIZE 42
+#define TSI_TEST_SMALL_CLIENT_MAX_OUTPUT_PROTECTED_FRAME_SIZE 39
+#define TSI_TEST_SMALL_SERVER_MAX_OUTPUT_PROTECTED_FRAME_SIZE 43
+#define TSI_TEST_DEFAULT_BUFFER_SIZE 4096
+#define TSI_TEST_DEFAULT_PROTECTED_BUFFER_SIZE 16384
+#define TSI_TEST_DEFAULT_CHANNEL_SIZE 32768
+#define TSI_TEST_BIG_MESSAGE_SIZE 17000
+#define TSI_TEST_SMALL_MESSAGE_SIZE 10
+#define TSI_TEST_NUM_OF_ARGUMENTS 8
+#define TSI_TEST_NUM_OF_COMBINATIONS 256
+#define TSI_TEST_UNUSED_BYTES "HELLO GOOGLE"
+
+/* ---  tsi_test_fixture object ---
+  The tests for specific TSI implementations should create their own
+  custom "subclass" of this fixture, which wraps all information
+  that will be used to test correctness of TSI handshakes and frame
+  protect/unprotect operations with respect to TSI implementations. */
+typedef struct tsi_test_fixture tsi_test_fixture;
+
+/* ---  tsi_test_frame_protector_config object ---
+
+  This object is used to configure different parameters of TSI frame protector
+  APIs. */
+typedef struct tsi_test_frame_protector_config tsi_test_frame_protector_config;
+
+/* V-table for tsi_test_fixture operations that are implemented differently in
+   different TSI implementations. */
+typedef struct tsi_test_fixture_vtable {
+  void (*setup_handshakers)(tsi_test_fixture *fixture);
+  void (*check_handshaker_peers)(tsi_test_fixture *fixture);
+  void (*destruct)(tsi_test_fixture *fixture);
+} tranport_security_test_vtable;
+
+struct tsi_test_fixture {
+  const struct tsi_test_fixture_vtable *vtable;
+  /* client/server TSI handshaker used to perform TSI handshakes, and will get
+     instantiated during the call to setup_handshakers. */
+  tsi_handshaker *client_handshaker;
+  tsi_handshaker *server_handshaker;
+  /* client/server TSI handshaker results used to store the result of TSI
+     handshake. If the handshake fails, the result will store NULL upon
+     finishing the handshake. */
+  tsi_handshaker_result *client_result;
+  tsi_handshaker_result *server_result;
+  /* size of buffer used to store data received from the peer. */
+  size_t handshake_buffer_size;
+  /* simulated channels between client and server. If the server (client)
+     wants to send data to the client (server), he will write data to
+     client_channel (server_channel), which will be read by client (server). */
+  uint8_t *client_channel;
+  uint8_t *server_channel;
+  /* size of data written to the client/server channel. */
+  size_t bytes_written_to_client_channel;
+  size_t bytes_written_to_server_channel;
+  /* size of data read from the client/server channel */
+  size_t bytes_read_from_client_channel;
+  size_t bytes_read_from_server_channel;
+  /* tsi_test_frame_protector_config instance */
+  tsi_test_frame_protector_config *config;
+  /* a flag indicating if client has finished TSI handshake first (i.e., before
+     server).
+     The flag should be referred if and only if TSI handshake finishes
+     successfully. */
+  bool has_client_finished_first;
+  /* a flag indicating whether to test tsi_handshaker_result_get_unused_bytes()
+     for TSI implementation. This field is true by default, and false
+     for SSL TSI implementation due to grpc issue #12164
+     (https://github.com/grpc/grpc/issues/12164).
+  */
+  bool test_unused_bytes;
+};
+
+struct tsi_test_frame_protector_config {
+  /* size of buffer used to store protected frames to be unprotected. */
+  size_t read_buffer_allocated_size;
+  /* size of buffer used to store bytes resulted from unprotect operations. */
+  size_t message_buffer_allocated_size;
+  /* size of buffer used to store frames resulted from protect operations. */
+  size_t protected_buffer_size;
+  /* size of client/server maximum frame size. */
+  size_t client_max_output_protected_frame_size;
+  size_t server_max_output_protected_frame_size;
+  /* pointer that points to client/server message to be protected. */
+  uint8_t *client_message;
+  uint8_t *server_message;
+  /* size of client/server message. */
+  size_t client_message_size;
+  size_t server_message_size;
+};
+
+/* This method creates a tsi_test_frame_protector_config instance. Each
+   parameter of this function is a boolean value indicating whether to set the
+   corresponding parameter with a default value or not. If it's false, it will
+   be set with a specific value which is usually much smaller than the default.
+   Both values are defined with #define directive. */
+tsi_test_frame_protector_config *tsi_test_frame_protector_config_create(
+    bool use_default_read_buffer_allocated_size,
+    bool use_default_message_buffer_allocated_size,
+    bool use_default_protected_buffer_size, bool use_default_client_message,
+    bool use_default_server_message,
+    bool use_default_client_max_output_protected_frame_size,
+    bool use_default_server_max_output_protected_frame_size,
+    bool use_default_handshake_buffer_size);
+
+/* This method sets different buffer and frame sizes of a
+   tsi_test_frame_protector_config instance with user provided values. */
+void tsi_test_frame_protector_config_set_buffer_size(
+    tsi_test_frame_protector_config *config, size_t read_buffer_allocated_size,
+    size_t message_buffer_allocated_size, size_t protected_buffer_size,
+    size_t client_max_output_protected_frame_size,
+    size_t server_max_output_protected_frame_size);
+
+/* This method destroys a tsi_test_frame_protector_config instance. */
+void tsi_test_frame_protector_config_destroy(
+    tsi_test_frame_protector_config *config);
+
+/* This method initializes members of tsi_test_fixture instance.
+   Note that the struct instance should be allocated before making
+   this call. */
+void tsi_test_fixture_init(tsi_test_fixture *fixture);
+
+/* This method destroys a tsi_test_fixture instance. Note that the
+   fixture intance must be dynamically allocated and will be freed by
+   this function. */
+void tsi_test_fixture_destroy(tsi_test_fixture *fixture);
+
+/* This method performs a full TSI handshake between a client and a server.
+   Note that the test library will implement the new TSI handshaker API to
+   perform handshakes. */
+void tsi_test_do_handshake(tsi_test_fixture *fixture);
+
+/* This method performs a round trip test between the client and the server.
+   That is, the client sends a protected message to a server who receives the
+   message, and unprotects it. The same operation is triggered again with
+   the client and server switching its role. */
+void tsi_test_do_round_trip(tsi_test_fixture *fixture);
+
+#endif  // GRPC_TEST_CORE_TSI_TRANSPORT_SECURITY_TEST_LIB_H_