diff options
Diffstat (limited to 'src/macs_test.go')
-rw-r--r-- | src/macs_test.go | 113 |
1 files changed, 113 insertions, 0 deletions
diff --git a/src/macs_test.go b/src/macs_test.go new file mode 100644 index 0000000..a67ccfb --- /dev/null +++ b/src/macs_test.go @@ -0,0 +1,113 @@ +package main + +import ( + "bytes" + "net" + "testing" + "testing/quick" +) + +func TestMAC1(t *testing.T) { + dev1 := newDevice(t) + dev2 := newDevice(t) + + peer1 := dev2.NewPeer(dev1.privateKey.publicKey()) + peer2 := dev1.NewPeer(dev2.privateKey.publicKey()) + + assertEqual(t, peer1.mac.keyMac1[:], dev1.mac.keyMac1[:]) + assertEqual(t, peer2.mac.keyMac1[:], dev2.mac.keyMac1[:]) + + msg1 := make([]byte, 256) + copy(msg1, []byte("some content")) + peer1.mac.AddMacs(msg1) + if dev1.mac.CheckMAC1(msg1) == false { + t.Fatal("failed to verify mac1") + } +} + +func TestMACs(t *testing.T) { + assertion := func( + addr net.UDPAddr, + addrInvalid net.UDPAddr, + sk1 NoisePrivateKey, + sk2 NoisePrivateKey, + msg []byte, + receiver uint32, + ) bool { + var device1 Device + device1.Init() + device1.SetPrivateKey(sk1) + + var device2 Device + device2.Init() + device2.SetPrivateKey(sk2) + + peer1 := device2.NewPeer(device1.privateKey.publicKey()) + peer2 := device1.NewPeer(device2.privateKey.publicKey()) + + if addr.Port < 0 { + return true + } + addr.Port &= 0xffff + + if len(msg) < 32 { + return true + } + if bytes.Compare(peer1.mac.keyMac1[:], device1.mac.keyMac1[:]) != 0 { + return false + } + if bytes.Compare(peer2.mac.keyMac1[:], device2.mac.keyMac1[:]) != 0 { + return false + } + + device2.indices.Insert(receiver, IndexTableEntry{ + peer: peer1, + handshake: &peer1.handshake, + }) + + // test just MAC1 + + peer1.mac.AddMacs(msg) + if device1.mac.CheckMAC1(msg) == false { + return false + } + + // exchange cookie reply + + cr, err := device1.CreateMessageCookieReply(msg, receiver, &addr) + if err != nil { + return false + } + + if device2.ConsumeMessageCookieReply(cr) == false { + return false + } + + // test MAC1 + MAC2 + + peer1.mac.AddMacs(msg) + if device1.mac.CheckMAC1(msg) == false { + return false + } + if device1.mac.CheckMAC2(msg, &addr) == false { + return false + } + + // test invalid + + if device1.mac.CheckMAC2(msg, &addrInvalid) { + return false + } + msg[5] ^= 1 + if device1.mac.CheckMAC1(msg) { + return false + } + + return true + } + + err := quick.Check(assertion, nil) + if err != nil { + t.Error(err) + } +} |