aboutsummaryrefslogtreecommitdiffstats
path: root/src/macs_test.go
diff options
context:
space:
mode:
Diffstat (limited to 'src/macs_test.go')
-rw-r--r--src/macs_test.go113
1 files changed, 113 insertions, 0 deletions
diff --git a/src/macs_test.go b/src/macs_test.go
new file mode 100644
index 0000000..a67ccfb
--- /dev/null
+++ b/src/macs_test.go
@@ -0,0 +1,113 @@
+package main
+
+import (
+ "bytes"
+ "net"
+ "testing"
+ "testing/quick"
+)
+
+func TestMAC1(t *testing.T) {
+ dev1 := newDevice(t)
+ dev2 := newDevice(t)
+
+ peer1 := dev2.NewPeer(dev1.privateKey.publicKey())
+ peer2 := dev1.NewPeer(dev2.privateKey.publicKey())
+
+ assertEqual(t, peer1.mac.keyMac1[:], dev1.mac.keyMac1[:])
+ assertEqual(t, peer2.mac.keyMac1[:], dev2.mac.keyMac1[:])
+
+ msg1 := make([]byte, 256)
+ copy(msg1, []byte("some content"))
+ peer1.mac.AddMacs(msg1)
+ if dev1.mac.CheckMAC1(msg1) == false {
+ t.Fatal("failed to verify mac1")
+ }
+}
+
+func TestMACs(t *testing.T) {
+ assertion := func(
+ addr net.UDPAddr,
+ addrInvalid net.UDPAddr,
+ sk1 NoisePrivateKey,
+ sk2 NoisePrivateKey,
+ msg []byte,
+ receiver uint32,
+ ) bool {
+ var device1 Device
+ device1.Init()
+ device1.SetPrivateKey(sk1)
+
+ var device2 Device
+ device2.Init()
+ device2.SetPrivateKey(sk2)
+
+ peer1 := device2.NewPeer(device1.privateKey.publicKey())
+ peer2 := device1.NewPeer(device2.privateKey.publicKey())
+
+ if addr.Port < 0 {
+ return true
+ }
+ addr.Port &= 0xffff
+
+ if len(msg) < 32 {
+ return true
+ }
+ if bytes.Compare(peer1.mac.keyMac1[:], device1.mac.keyMac1[:]) != 0 {
+ return false
+ }
+ if bytes.Compare(peer2.mac.keyMac1[:], device2.mac.keyMac1[:]) != 0 {
+ return false
+ }
+
+ device2.indices.Insert(receiver, IndexTableEntry{
+ peer: peer1,
+ handshake: &peer1.handshake,
+ })
+
+ // test just MAC1
+
+ peer1.mac.AddMacs(msg)
+ if device1.mac.CheckMAC1(msg) == false {
+ return false
+ }
+
+ // exchange cookie reply
+
+ cr, err := device1.CreateMessageCookieReply(msg, receiver, &addr)
+ if err != nil {
+ return false
+ }
+
+ if device2.ConsumeMessageCookieReply(cr) == false {
+ return false
+ }
+
+ // test MAC1 + MAC2
+
+ peer1.mac.AddMacs(msg)
+ if device1.mac.CheckMAC1(msg) == false {
+ return false
+ }
+ if device1.mac.CheckMAC2(msg, &addr) == false {
+ return false
+ }
+
+ // test invalid
+
+ if device1.mac.CheckMAC2(msg, &addrInvalid) {
+ return false
+ }
+ msg[5] ^= 1
+ if device1.mac.CheckMAC1(msg) {
+ return false
+ }
+
+ return true
+ }
+
+ err := quick.Check(assertion, nil)
+ if err != nil {
+ t.Error(err)
+ }
+}
Copyright © 1996 – 2023 Jason A. Donenfeld. All Rights Reverse Engineered.