diff options
author | Daniel Baumann <daniel.baumann@progress-linux.org> | 2024-04-19 00:47:55 +0000 |
---|---|---|
committer | Daniel Baumann <daniel.baumann@progress-linux.org> | 2024-04-19 00:47:55 +0000 |
commit | 26a029d407be480d791972afb5975cf62c9360a6 (patch) | |
tree | f435a8308119effd964b339f76abb83a57c29483 /testing/web-platform/tests/webrtc/protocol/crypto-suite.https.html | |
parent | Initial commit. (diff) | |
download | firefox-26a029d407be480d791972afb5975cf62c9360a6.tar.xz firefox-26a029d407be480d791972afb5975cf62c9360a6.zip |
Adding upstream version 124.0.1.upstream/124.0.1
Signed-off-by: Daniel Baumann <daniel.baumann@progress-linux.org>
Diffstat (limited to 'testing/web-platform/tests/webrtc/protocol/crypto-suite.https.html')
-rw-r--r-- | testing/web-platform/tests/webrtc/protocol/crypto-suite.https.html | 77 |
1 files changed, 77 insertions, 0 deletions
diff --git a/testing/web-platform/tests/webrtc/protocol/crypto-suite.https.html b/testing/web-platform/tests/webrtc/protocol/crypto-suite.https.html new file mode 100644 index 0000000000..c3941e409f --- /dev/null +++ b/testing/web-platform/tests/webrtc/protocol/crypto-suite.https.html @@ -0,0 +1,77 @@ +<!doctype html> +<meta charset=utf-8> +<title>RTCPeerConnection.prototype.createOffer</title> +<script src="/resources/testharness.js"></script> +<script src="/resources/testharnessreport.js"></script> +<script src="../RTCPeerConnection-helper.js"></script> +<script> +'use strict'; + +// draft-ietf-rtcweb-security-20 section 6.5 +// +// All Implementations MUST support DTLS 1.2 with the +// TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256 cipher suite and the P-256 +// curve [FIPS186]. +// ....... The DTLS-SRTP protection profile +// SRTP_AES128_CM_HMAC_SHA1_80 MUST be supported for SRTP. +// Implementations MUST favor cipher suites which support (Perfect +// Forward Secrecy) PFS over non-PFS cipher suites and SHOULD favor AEAD +// over non-AEAD cipher suites. + +const acceptableTlsVersions = new Set([ + 'FEFD', // DTLS 1.2 - RFC 6437 section 4.1 + '0304', // TLS 1.3 - RFC 8446 section 5.1 +]); + +const acceptableDtlsCiphersuites = new Set([ + 'TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256', +]); + +const acceptableSrtpCiphersuites = new Set([ + 'SRTP_AES128_CM_HMAC_SHA1_80', + 'AES_CM_128_HMAC_SHA1_80', +]); + +const acceptableValues = { + 'tlsVersion': acceptableTlsVersions, + 'dtlsCipher': acceptableDtlsCiphersuites, + 'srtpCipher': acceptableSrtpCiphersuites, +}; + +function verifyStat(name, transportStats) { + assert_not_equals(typeof transportStats, 'undefined'); + assert_true(name in transportStats, 'Value present:'); + assert_true(acceptableValues[name].has(transportStats[name])); +} + +for (const name of Object.keys(acceptableValues)) { + promise_test(async t => { + const pc1 = new RTCPeerConnection(); + const pc2 = new RTCPeerConnection(); + t.add_cleanup(() => pc1.close()); + t.add_cleanup(() => pc2.close()); + pc1.createDataChannel('foo'); + exchangeIceCandidates(pc1, pc2); + await exchangeOfferAnswer(pc1, pc2); + await waitForState(pc1.sctp.transport, 'connected'); + const statsReport = await pc1.getStats(); + const transportStats = [...statsReport.values()].find(({type}) => type === 'transport'); + verifyStat(name, transportStats); + }, name + ' is acceptable on data-only'); + + promise_test(async t => { + const pc1 = new RTCPeerConnection(); + const pc2 = new RTCPeerConnection(); + t.add_cleanup(() => pc1.close()); + t.add_cleanup(() => pc2.close()); + const transceiver = pc1.addTransceiver('video'); + + exchangeIceCandidates(pc1, pc2); + await exchangeOfferAnswer(pc1, pc2); + await waitForState(transceiver.sender.transport, 'connected'); + const statsReport = await pc1.getStats(); + const transportStats = [...statsReport.values()].find(({type}) => type === 'transport'); + verifyStat(name, transportStats); + }, name + ' is acceptable on video-only'); +} +</script> |