Remove TlsHandshakerTest The single remaining test case in TlsHandshakerTest is equivalent to TlsServerHandshakerTest.ConnectedAfterTlsHandshake. TlsHandshakerTest ran with all QUIC versions that support TLS, so TlsServerHandshakerTest now runs with all those versions to maintain test coverage. PiperOrigin-RevId: 332101790 Change-Id: Iab9d0d670a1720751c58a54b35ee9468c8fddf9f
diff --git a/quic/core/tls_handshaker_test.cc b/quic/core/tls_handshaker_test.cc deleted file mode 100644 index caf9a9c..0000000 --- a/quic/core/tls_handshaker_test.cc +++ /dev/null
@@ -1,453 +0,0 @@ -// Copyright (c) 2017 The Chromium Authors. All rights reserved. -// Use of this source code is governed by a BSD-style license that can be -// found in the LICENSE file. - -#include <memory> -#include <string> -#include <utility> - -#include "net/third_party/quiche/src/quic/core/crypto/quic_crypto_server_config.h" -#include "net/third_party/quiche/src/quic/core/crypto/tls_client_connection.h" -#include "net/third_party/quiche/src/quic/core/crypto/tls_server_connection.h" -#include "net/third_party/quiche/src/quic/core/quic_utils.h" -#include "net/third_party/quiche/src/quic/core/tls_client_handshaker.h" -#include "net/third_party/quiche/src/quic/core/tls_server_handshaker.h" -#include "net/third_party/quiche/src/quic/platform/api/quic_test.h" -#include "net/third_party/quiche/src/quic/test_tools/crypto_test_utils.h" -#include "net/third_party/quiche/src/quic/test_tools/fake_proof_source.h" -#include "net/third_party/quiche/src/quic/test_tools/mock_quic_session_visitor.h" -#include "net/third_party/quiche/src/quic/test_tools/quic_test_utils.h" -#include "net/third_party/quiche/src/quic/tools/fake_proof_verifier.h" -#include "net/third_party/quiche/src/common/platform/api/quiche_arraysize.h" -#include "net/third_party/quiche/src/common/platform/api/quiche_string_piece.h" - -namespace quic { -namespace test { -namespace { - -using ::testing::_; -using ::testing::ElementsAreArray; -using ::testing::Return; - -class TestProofVerifier : public ProofVerifier { - public: - TestProofVerifier() - : verifier_(crypto_test_utils::ProofVerifierForTesting()) {} - - QuicAsyncStatus VerifyProof( - const std::string& hostname, - const uint16_t port, - const std::string& server_config, - QuicTransportVersion quic_version, - quiche::QuicheStringPiece chlo_hash, - const std::vector<std::string>& certs, - const std::string& cert_sct, - const std::string& signature, - const ProofVerifyContext* context, - std::string* error_details, - std::unique_ptr<ProofVerifyDetails>* details, - std::unique_ptr<ProofVerifierCallback> callback) override { - return verifier_->VerifyProof( - hostname, port, server_config, quic_version, chlo_hash, certs, cert_sct, - signature, context, error_details, details, std::move(callback)); - } - - QuicAsyncStatus VerifyCertChain( - const std::string& hostname, - const uint16_t port, - const std::vector<std::string>& certs, - const std::string& ocsp_response, - const std::string& cert_sct, - const ProofVerifyContext* context, - std::string* error_details, - std::unique_ptr<ProofVerifyDetails>* details, - std::unique_ptr<ProofVerifierCallback> callback) override { - if (!active_) { - return verifier_->VerifyCertChain(hostname, port, certs, ocsp_response, - cert_sct, context, error_details, - details, std::move(callback)); - } - pending_ops_.push_back(std::make_unique<VerifyChainPendingOp>( - hostname, port, certs, ocsp_response, cert_sct, context, error_details, - details, std::move(callback), verifier_.get())); - return QUIC_PENDING; - } - - std::unique_ptr<ProofVerifyContext> CreateDefaultContext() override { - return nullptr; - } - - void Activate() { active_ = true; } - - size_t NumPendingCallbacks() const { return pending_ops_.size(); } - - void InvokePendingCallback(size_t n) { - CHECK(NumPendingCallbacks() > n); - pending_ops_[n]->Run(); - auto it = pending_ops_.begin() + n; - pending_ops_.erase(it); - } - - private: - // Implementation of ProofVerifierCallback that fails if the callback is ever - // run. - class FailingProofVerifierCallback : public ProofVerifierCallback { - public: - void Run(bool /*ok*/, - const std::string& /*error_details*/, - std::unique_ptr<ProofVerifyDetails>* /*details*/) override { - FAIL(); - } - }; - - class VerifyChainPendingOp { - public: - VerifyChainPendingOp(const std::string& hostname, - const uint16_t port, - const std::vector<std::string>& certs, - const std::string& ocsp_response, - const std::string& cert_sct, - const ProofVerifyContext* context, - std::string* error_details, - std::unique_ptr<ProofVerifyDetails>* details, - std::unique_ptr<ProofVerifierCallback> callback, - ProofVerifier* delegate) - : hostname_(hostname), - port_(port), - certs_(certs), - ocsp_response_(ocsp_response), - cert_sct_(cert_sct), - context_(context), - error_details_(error_details), - details_(details), - callback_(std::move(callback)), - delegate_(delegate) {} - - void Run() { - // TestProofVerifier depends on crypto_test_utils::ProofVerifierForTesting - // running synchronously. It passes a FailingProofVerifierCallback and - // runs the original callback after asserting that the verification ran - // synchronously. - QuicAsyncStatus status = delegate_->VerifyCertChain( - hostname_, port_, certs_, ocsp_response_, cert_sct_, context_, - error_details_, details_, - std::make_unique<FailingProofVerifierCallback>()); - ASSERT_NE(status, QUIC_PENDING); - callback_->Run(status == QUIC_SUCCESS, *error_details_, details_); - } - - private: - std::string hostname_; - const uint16_t port_; - std::vector<std::string> certs_; - std::string ocsp_response_; - std::string cert_sct_; - const ProofVerifyContext* context_; - std::string* error_details_; - std::unique_ptr<ProofVerifyDetails>* details_; - std::unique_ptr<ProofVerifierCallback> callback_; - ProofVerifier* delegate_; - }; - - std::unique_ptr<ProofVerifier> verifier_; - bool active_ = false; - std::vector<std::unique_ptr<VerifyChainPendingOp>> pending_ops_; -}; - -class TestQuicCryptoStream : public QuicCryptoStream { - public: - explicit TestQuicCryptoStream(QuicSession* session) - : QuicCryptoStream(session) {} - - ~TestQuicCryptoStream() override = default; - - virtual TlsHandshaker* handshaker() const = 0; - - bool encryption_established() const override { - return handshaker()->encryption_established(); - } - - bool one_rtt_keys_available() const override { - return handshaker()->one_rtt_keys_available(); - } - - const QuicCryptoNegotiatedParameters& crypto_negotiated_params() - const override { - return handshaker()->crypto_negotiated_params(); - } - - CryptoMessageParser* crypto_message_parser() override { - return handshaker()->crypto_message_parser(); - } - - void WriteCryptoData(EncryptionLevel level, - quiche::QuicheStringPiece data) override { - pending_writes_.push_back(std::make_pair(std::string(data), level)); - } - - void OnPacketDecrypted(EncryptionLevel /*level*/) override {} - void OnOneRttPacketAcknowledged() override {} - void OnHandshakePacketSent() override {} - - HandshakeState GetHandshakeState() const override { - return handshaker()->GetHandshakeState(); - } - void SetServerApplicationStateForResumption( - std::unique_ptr<ApplicationState> /*application_state*/) override {} - - const std::vector<std::pair<std::string, EncryptionLevel>>& pending_writes() { - return pending_writes_; - } - - // Sends the pending frames to |stream| and clears the array of pending - // writes. - void SendCryptoMessagesToPeer(QuicCryptoStream* stream) { - QUIC_LOG(INFO) << "Sending " << pending_writes_.size() << " frames"; - // This is a minimal re-implementation of QuicCryptoStream::OnDataAvailable. - // It doesn't work to call QuicStream::OnStreamFrame because - // QuicCryptoStream::OnDataAvailable currently (as an implementation detail) - // relies on the QuicConnection to know the EncryptionLevel to pass into - // CryptoMessageParser::ProcessInput. Since the crypto messages in this test - // never reach the framer or connection and never get encrypted/decrypted, - // QuicCryptoStream::OnDataAvailable isn't able to call ProcessInput with - // the correct EncryptionLevel. Instead, that can be short-circuited by - // directly calling ProcessInput here. - for (size_t i = 0; i < pending_writes_.size(); ++i) { - if (!stream->crypto_message_parser()->ProcessInput( - pending_writes_[i].first, pending_writes_[i].second)) { - OnUnrecoverableError(stream->crypto_message_parser()->error(), - stream->crypto_message_parser()->error_detail()); - break; - } - } - pending_writes_.clear(); - } - - private: - std::vector<std::pair<std::string, EncryptionLevel>> pending_writes_; -}; - -class MockProofHandler : public QuicCryptoClientStream::ProofHandler { - public: - MockProofHandler() = default; - ~MockProofHandler() override {} - - MOCK_METHOD( // NOLINT(build/deprecated) - void, - OnProofValid, - (const QuicCryptoClientConfig::CachedState&), - (override)); - MOCK_METHOD( // NOLINT(build/deprecated) - void, - OnProofVerifyDetailsAvailable, - (const ProofVerifyDetails&), - (override)); -}; - -class TestQuicCryptoClientStream : public TestQuicCryptoStream { - public: - explicit TestQuicCryptoClientStream(QuicSession* session) - : TestQuicCryptoClientStream(session, - QuicServerId("test.example.com", 443), - std::make_unique<TestProofVerifier>()) {} - - TestQuicCryptoClientStream(QuicSession* session, - const QuicServerId& server_id, - std::unique_ptr<ProofVerifier> proof_verifier) - : TestQuicCryptoStream(session), - crypto_config_(std::move(proof_verifier), - /*session_cache*/ nullptr), - handshaker_(new TlsClientHandshaker( - server_id, - this, - session, - crypto_test_utils::ProofVerifyContextForTesting(), - &crypto_config_, - &proof_handler_, - /*has_application_state = */ false)) {} - - ~TestQuicCryptoClientStream() override = default; - - TlsHandshaker* handshaker() const override { return handshaker_.get(); } - TlsClientHandshaker* client_handshaker() const { return handshaker_.get(); } - const MockProofHandler& proof_handler() { return proof_handler_; } - void OnHandshakeDoneReceived() override {} - - bool CryptoConnect() { return handshaker_->CryptoConnect(); } - - TestProofVerifier* GetTestProofVerifier() const { - return static_cast<TestProofVerifier*>(crypto_config_.proof_verifier()); - } - - private: - MockProofHandler proof_handler_; - QuicCryptoClientConfig crypto_config_; - std::unique_ptr<TlsClientHandshaker> handshaker_; -}; - -class TestTlsServerHandshaker : public TlsServerHandshaker { - public: - TestTlsServerHandshaker(QuicSession* session, - const QuicCryptoServerConfig& crypto_config, - TestQuicCryptoStream* test_stream) - : TlsServerHandshaker(session, crypto_config), - test_stream_(test_stream) {} - - void WriteCryptoData(EncryptionLevel level, - quiche::QuicheStringPiece data) override { - test_stream_->WriteCryptoData(level, data); - } - - private: - TestQuicCryptoStream* test_stream_; -}; - -class TestQuicCryptoServerStream : public TestQuicCryptoStream { - public: - TestQuicCryptoServerStream(QuicSession* session) - : TestQuicCryptoStream(session), - crypto_config_(QuicCryptoServerConfig::TESTING, - QuicRandom::GetInstance(), - std::make_unique<FakeProofSource>(), - KeyExchangeSource::Default()), - handshaker_( - new TestTlsServerHandshaker(session, crypto_config_, this)) {} - - ~TestQuicCryptoServerStream() override = default; - - void CancelOutstandingCallbacks() { - handshaker_->CancelOutstandingCallbacks(); - } - - void OnPacketDecrypted(EncryptionLevel level) override { - handshaker_->OnPacketDecrypted(level); - } - void OnHandshakeDoneReceived() override { DCHECK(false); } - - TlsHandshaker* handshaker() const override { return handshaker_.get(); } - - FakeProofSource* GetFakeProofSource() const { - return static_cast<FakeProofSource*>(crypto_config_.proof_source()); - } - - private: - QuicCryptoServerConfig crypto_config_; - std::unique_ptr<TlsServerHandshaker> handshaker_; -}; - -void ExchangeHandshakeMessages(TestQuicCryptoStream* client, - TestQuicCryptoServerStream* server) { - while (!client->pending_writes().empty() || - !server->pending_writes().empty()) { - client->SendCryptoMessagesToPeer(server); - server->SendCryptoMessagesToPeer(client); - } -} - -class TlsHandshakerTest : public QuicTestWithParam<ParsedQuicVersion> { - public: - TlsHandshakerTest() - : version_(GetParam()), - client_conn_(new MockQuicConnection(&conn_helper_, - &alarm_factory_, - Perspective::IS_CLIENT, - {version_})), - server_conn_(new MockQuicConnection(&conn_helper_, - &alarm_factory_, - Perspective::IS_SERVER, - {version_})), - client_session_(client_conn_, /*create_mock_crypto_stream=*/false), - server_session_(server_conn_, /*create_mock_crypto_stream=*/false) { - client_stream_ = new TestQuicCryptoClientStream(&client_session_); - client_session_.SetCryptoStream(client_stream_); - server_stream_ = new TestQuicCryptoServerStream(&server_session_); - server_session_.SetCryptoStream(server_stream_); - client_session_.Initialize(); - server_session_.Initialize(); - EXPECT_FALSE(client_stream_->encryption_established()); - EXPECT_FALSE(client_stream_->one_rtt_keys_available()); - EXPECT_FALSE(server_stream_->encryption_established()); - EXPECT_FALSE(server_stream_->one_rtt_keys_available()); - const std::string default_alpn = - AlpnForVersion(client_session_.connection()->version()); - ON_CALL(client_session_, GetAlpnsToOffer()) - .WillByDefault(Return(std::vector<std::string>({default_alpn}))); - ON_CALL(server_session_, SelectAlpn(_)) - .WillByDefault( - [default_alpn]( - const std::vector<quiche::QuicheStringPiece>& alpns) { - return std::find(alpns.begin(), alpns.end(), default_alpn); - }); - } - - void ExpectHandshakeSuccessful() { - EXPECT_TRUE(client_stream_->one_rtt_keys_available()); - EXPECT_TRUE(client_stream_->encryption_established()); - EXPECT_TRUE(server_stream_->one_rtt_keys_available()); - EXPECT_TRUE(server_stream_->encryption_established()); - EXPECT_EQ(HANDSHAKE_COMPLETE, client_stream_->GetHandshakeState()); - EXPECT_EQ(HANDSHAKE_CONFIRMED, server_stream_->GetHandshakeState()); - - const auto& client_crypto_params = - client_stream_->crypto_negotiated_params(); - const auto& server_crypto_params = - server_stream_->crypto_negotiated_params(); - // The TLS params should be filled in on the client. - EXPECT_NE(0, client_crypto_params.cipher_suite); - EXPECT_NE(0, client_crypto_params.key_exchange_group); - EXPECT_NE(0, client_crypto_params.peer_signature_algorithm); - - // The cipher suite and key exchange group should match on the client and - // server. - EXPECT_EQ(client_crypto_params.cipher_suite, - server_crypto_params.cipher_suite); - EXPECT_EQ(client_crypto_params.key_exchange_group, - server_crypto_params.key_exchange_group); - // We don't support client certs on the server (yet), so the server - // shouldn't have a peer signature algorithm to report. - EXPECT_EQ(0, server_crypto_params.peer_signature_algorithm); - } - - ParsedQuicVersion version_; - MockQuicConnectionHelper conn_helper_; - MockAlarmFactory alarm_factory_; - MockQuicConnection* client_conn_; - MockQuicConnection* server_conn_; - MockQuicSession client_session_; - MockQuicSession server_session_; - - TestQuicCryptoClientStream* client_stream_; - TestQuicCryptoServerStream* server_stream_; -}; - -std::vector<ParsedQuicVersion> AllSupportedTlsVersions() { - std::vector<ParsedQuicVersion> tls_versions; - for (const ParsedQuicVersion& version : AllSupportedVersions()) { - if (version.handshake_protocol == PROTOCOL_TLS1_3) { - tls_versions.push_back(version); - } - } - return tls_versions; -} - -INSTANTIATE_TEST_SUITE_P(TlsHandshakerTests, - TlsHandshakerTest, - ::testing::ValuesIn(AllSupportedTlsVersions()), - ::testing::PrintToStringParamName()); - -TEST_P(TlsHandshakerTest, CryptoHandshake) { - EXPECT_FALSE(client_conn_->IsHandshakeComplete()); - EXPECT_FALSE(server_conn_->IsHandshakeComplete()); - - EXPECT_CALL(*client_conn_, CloseConnection(_, _, _)).Times(0); - EXPECT_CALL(*server_conn_, CloseConnection(_, _, _)).Times(0); - EXPECT_CALL(client_stream_->proof_handler(), OnProofVerifyDetailsAvailable); - client_stream_->CryptoConnect(); - ExchangeHandshakeMessages(client_stream_, server_stream_); - - ExpectHandshakeSuccessful(); -} - -} // namespace -} // namespace test -} // namespace quic
diff --git a/quic/core/tls_server_handshaker_test.cc b/quic/core/tls_server_handshaker_test.cc index 05b7d68..8668b6a 100644 --- a/quic/core/tls_server_handshaker_test.cc +++ b/quic/core/tls_server_handshaker_test.cc
@@ -42,12 +42,13 @@ const char kServerHostname[] = "test.example.com"; const uint16_t kServerPort = 443; -class TlsServerHandshakerTest : public QuicTest { +class TlsServerHandshakerTest : public QuicTestWithParam<ParsedQuicVersion> { public: TlsServerHandshakerTest() : server_compressed_certs_cache_( QuicCompressedCertsCache::kQuicCompressedCertsCacheSize), - server_id_(kServerHostname, kServerPort, false) { + server_id_(kServerHostname, kServerPort, false), + supported_versions_({GetParam()}) { SetQuicRestartFlag(quic_enable_tls_resumption_v4, true); SetQuicRestartFlag(quic_enable_zero_rtt_for_tls_v2, true); client_crypto_config_ = std::make_unique<QuicCryptoClientConfig>( @@ -223,21 +224,26 @@ std::pair<size_t, size_t> moved_messages_counts_ = {0, 0}; // Which QUIC versions the client and server support. - ParsedQuicVersionVector supported_versions_ = AllSupportedVersionsWithTls(); + ParsedQuicVersionVector supported_versions_; }; -TEST_F(TlsServerHandshakerTest, NotInitiallyConected) { +INSTANTIATE_TEST_SUITE_P(TlsServerHandshakerTests, + TlsServerHandshakerTest, + ::testing::ValuesIn(AllSupportedVersionsWithTls()), + ::testing::PrintToStringParamName()); + +TEST_P(TlsServerHandshakerTest, NotInitiallyConected) { EXPECT_FALSE(server_stream()->encryption_established()); EXPECT_FALSE(server_stream()->one_rtt_keys_available()); } -TEST_F(TlsServerHandshakerTest, ConnectedAfterTlsHandshake) { +TEST_P(TlsServerHandshakerTest, ConnectedAfterTlsHandshake) { CompleteCryptoHandshake(); EXPECT_EQ(PROTOCOL_TLS1_3, server_stream()->handshake_protocol()); ExpectHandshakeSuccessful(); } -TEST_F(TlsServerHandshakerTest, HandshakeWithAsyncProofSource) { +TEST_P(TlsServerHandshakerTest, HandshakeWithAsyncProofSource) { EXPECT_CALL(*client_connection_, CloseConnection(_, _, _)).Times(0); EXPECT_CALL(*server_connection_, CloseConnection(_, _, _)).Times(0); // Enable FakeProofSource to capture call to ComputeTlsSignature and run it @@ -255,7 +261,7 @@ ExpectHandshakeSuccessful(); } -TEST_F(TlsServerHandshakerTest, CancelPendingProofSource) { +TEST_P(TlsServerHandshakerTest, CancelPendingProofSource) { EXPECT_CALL(*client_connection_, CloseConnection(_, _, _)).Times(0); EXPECT_CALL(*server_connection_, CloseConnection(_, _, _)).Times(0); // Enable FakeProofSource to capture call to ComputeTlsSignature and run it @@ -271,7 +277,7 @@ proof_source_->InvokePendingCallback(0); } -TEST_F(TlsServerHandshakerTest, ExtractSNI) { +TEST_P(TlsServerHandshakerTest, ExtractSNI) { CompleteCryptoHandshake(); ExpectHandshakeSuccessful(); @@ -279,7 +285,7 @@ "test.example.com"); } -TEST_F(TlsServerHandshakerTest, ConnectionClosedOnTlsError) { +TEST_P(TlsServerHandshakerTest, ConnectionClosedOnTlsError) { EXPECT_CALL(*server_connection_, CloseConnection(QUIC_HANDSHAKE_FAILED, _, _)); @@ -297,7 +303,7 @@ EXPECT_FALSE(server_stream()->one_rtt_keys_available()); } -TEST_F(TlsServerHandshakerTest, ClientSendingBadALPN) { +TEST_P(TlsServerHandshakerTest, ClientSendingBadALPN) { const std::string kTestBadClientAlpn = "bad-client-alpn"; EXPECT_CALL(*client_session_, GetAlpnsToOffer()) .WillOnce(Return(std::vector<std::string>({kTestBadClientAlpn}))); @@ -333,7 +339,7 @@ #endif // BORINGSSL_API_VERSION } -TEST_F(TlsServerHandshakerTest, CustomALPNNegotiation) { +TEST_P(TlsServerHandshakerTest, CustomALPNNegotiation) { EXPECT_CALL(*client_connection_, CloseConnection(_, _, _)).Times(0); EXPECT_CALL(*server_connection_, CloseConnection(_, _, _)).Times(0); @@ -357,7 +363,7 @@ ExpectHandshakeSuccessful(); } -TEST_F(TlsServerHandshakerTest, RejectInvalidSNI) { +TEST_P(TlsServerHandshakerTest, RejectInvalidSNI) { server_id_ = QuicServerId("invalid!.example.com", kServerPort, false); InitializeFakeClient(); static_cast<TlsClientHandshaker*>( @@ -370,7 +376,7 @@ EXPECT_FALSE(server_stream()->one_rtt_keys_available()); } -TEST_F(TlsServerHandshakerTest, Resumption) { +TEST_P(TlsServerHandshakerTest, Resumption) { // Do the first handshake InitializeFakeClient(); CompleteCryptoHandshake(); @@ -389,7 +395,7 @@ EXPECT_TRUE(server_stream()->ResumptionAttempted()); } -TEST_F(TlsServerHandshakerTest, ResumptionWithAsyncDecryptCallback) { +TEST_P(TlsServerHandshakerTest, ResumptionWithAsyncDecryptCallback) { // Do the first handshake InitializeFakeClient(); CompleteCryptoHandshake(); @@ -412,7 +418,7 @@ EXPECT_TRUE(server_stream()->ResumptionAttempted()); } -TEST_F(TlsServerHandshakerTest, ResumptionWithFailingDecryptCallback) { +TEST_P(TlsServerHandshakerTest, ResumptionWithFailingDecryptCallback) { // Do the first handshake InitializeFakeClient(); CompleteCryptoHandshake(); @@ -429,7 +435,7 @@ EXPECT_TRUE(server_stream()->ResumptionAttempted()); } -TEST_F(TlsServerHandshakerTest, ResumptionWithFailingAsyncDecryptCallback) { +TEST_P(TlsServerHandshakerTest, ResumptionWithFailingAsyncDecryptCallback) { // Do the first handshake InitializeFakeClient(); CompleteCryptoHandshake(); @@ -453,7 +459,7 @@ EXPECT_TRUE(server_stream()->ResumptionAttempted()); } -TEST_F(TlsServerHandshakerTest, HandshakeFailsWithFailingProofSource) { +TEST_P(TlsServerHandshakerTest, HandshakeFailsWithFailingProofSource) { InitializeServerConfigWithFailingProofSource(); InitializeServer(); InitializeFakeClient(); @@ -465,7 +471,7 @@ EXPECT_EQ(moved_messages_counts_.second, 0u); } -TEST_F(TlsServerHandshakerTest, ZeroRttResumption) { +TEST_P(TlsServerHandshakerTest, ZeroRttResumption) { std::vector<uint8_t> application_state = {0, 1, 2, 3}; // Do the first handshake @@ -488,7 +494,7 @@ EXPECT_TRUE(server_stream()->IsZeroRtt()); } -TEST_F(TlsServerHandshakerTest, ZeroRttRejectOnApplicationStateChange) { +TEST_P(TlsServerHandshakerTest, ZeroRttRejectOnApplicationStateChange) { std::vector<uint8_t> original_application_state = {1, 2}; std::vector<uint8_t> new_application_state = {3, 4};