1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
|
<!DOCTYPE html>
<html>
<head>
<title>DTLS fingerprint validation</title>
<script src="/resources/testharness.js"></script>
<script src="/resources/testharnessreport.js"></script>
<script src="../RTCPeerConnection-helper.js"></script>
</head>
<body>
<script>
function makeZeroFingerprint(algorithm) {
const length = algorithm === 'sha-1' ? 160 : parseInt(algorithm.split('-')[1], 10);
let zeros = [];
for (let i = 0; i < length; i += 8) {
zeros.push('00');
}
return 'a=fingerprint:' + algorithm + ' ' + zeros.join(':');
}
// Tests that an invalid fingerprint leads to a connectionState 'failed'.
promise_test(async t => {
const pc1 = new RTCPeerConnection();
t.add_cleanup(() => pc1.close());
const pc2 = new RTCPeerConnection();
t.add_cleanup(() => pc2.close());
pc1.createDataChannel('datachannel');
exchangeIceCandidates(pc1, pc2);
await pc1.setLocalDescription();
await pc2.setRemoteDescription(pc1.localDescription);
const answer = await pc2.createAnswer();
await pc1.setRemoteDescription({
type: answer.type,
sdp: answer.sdp.replace(/a=fingerprint:sha-256 .*/g, makeZeroFingerprint('sha-256')),
});
await pc2.setLocalDescription(answer);
await waitForConnectionStateChange(pc1, ['failed']);
await waitForConnectionStateChange(pc2, ['failed']);
}, 'Connection fails if one side provides a wrong DTLS fingerprint');
['sha-1', 'sha-256', 'sha-384', 'sha-512'].forEach(hashFunc => {
promise_test(async t => {
const pc1 = new RTCPeerConnection();
t.add_cleanup(() => pc1.close());
const pc2 = new RTCPeerConnection();
t.add_cleanup(() => pc2.close());
pc1.createDataChannel('datachannel');
await pc1.setLocalDescription();
await pc2.setRemoteDescription(pc1.localDescription);
const answer = await pc2.createAnswer();
await pc1.setRemoteDescription({
type: answer.type,
sdp: answer.sdp.replace(/a=fingerprint:sha-256 .*/g, makeZeroFingerprint(hashFunc)),
});
await pc2.setLocalDescription(answer);
}, 'SDP negotiation with a ' + hashFunc + ' fingerprint succeds');
});
</script>
</body>
</html>
|