aboutsummaryrefslogtreecommitdiffstatshomepage
path: root/contrib
diff options
context:
space:
mode:
Diffstat (limited to 'contrib')
-rwxr-xr-xcontrib/examples/json/wg-json6
-rw-r--r--contrib/external-tests/go/main.go9
-rw-r--r--contrib/external-tests/haskell/src/Main.hs6
-rw-r--r--contrib/external-tests/rust/src/main.rs15
4 files changed, 21 insertions, 15 deletions
diff --git a/contrib/examples/json/wg-json b/contrib/examples/json/wg-json
index 90544e2..1b9a570 100755
--- a/contrib/examples/json/wg-json
+++ b/contrib/examples/json/wg-json
@@ -9,20 +9,20 @@ while read -r -d $'\t' device; do
if [[ $device != "$last_device" ]]; then
[[ -z $last_device ]] && printf '\n' || printf '%s,\n' "$end"
last_device="$device"
- read -r private_key public_key preshared_key listen_port fwmark
+ read -r private_key public_key listen_port fwmark
printf '\t"%s": {' "$device"
delim=$'\n'
[[ $private_key == "(none)" ]] || { printf '%s\t\t"privateKey": "%s"' "$delim" "$private_key"; delim=$',\n'; }
[[ $public_key == "(none)" ]] || { printf '%s\t\t"publicKey": "%s"' "$delim" "$public_key"; delim=$',\n'; }
- [[ $preshared_key == "(none)" ]] || { printf '%s\t\t"presharedKey": "%s"' "$delim" "$preshared_key"; delim=$',\n'; }
[[ $listen_port == "0" ]] || { printf '%s\t\t"listenPort": %u' "$delim" $(( $listen_port )); delim=$',\n'; }
[[ $fwmark == "off" ]] || { printf '%s\t\t"fwmark": %u' "$delim" $(( $fwmark )); delim=$',\n'; }
printf '%s\t\t"peers": {' "$delim"; end=$'\n\t\t}\n\t}'
delim=$'\n'
else
- read -r public_key endpoint allowed_ips latest_handshake transfer_rx transfer_tx persistent_keepalive
+ read -r public_key preshared_key endpoint allowed_ips latest_handshake transfer_rx transfer_tx persistent_keepalive
printf '%s\t\t\t"%s": {' "$delim" "$public_key"
delim=$'\n'
+ [[ $preshared_key == "(none)" ]] || { printf '%s\t\t\t\t"presharedKey": "%s"' "$delim" "$preshared_key"; delim=$',\n'; }
[[ $endpoint == "(none)" ]] || { printf '%s\t\t\t\t"endpoint": "%s"' "$delim" "$endpoint"; delim=$',\n'; }
[[ $latest_handshake == "0" ]] || { printf '%s\t\t\t\t"latestHandshake": %u' "$delim" $(( $latest_handshake )); delim=$',\n'; }
[[ $transfer_rx == "0" ]] || { printf '%s\t\t\t\t"transferRx": %u' "$delim" $(( $transfer_rx )); delim=$',\n'; }
diff --git a/contrib/external-tests/go/main.go b/contrib/external-tests/go/main.go
index 11c2f86..4b58891 100644
--- a/contrib/external-tests/go/main.go
+++ b/contrib/external-tests/go/main.go
@@ -37,16 +37,17 @@ func ipChecksum(buf []byte) uint16 {
func main() {
ourPrivate, _ := base64.StdEncoding.DecodeString("WAmgVYXkbT2bCtdcDwolI88/iVi/aV3/PHcUBTQSYmo=")
ourPublic, _ := base64.StdEncoding.DecodeString("K5sF9yESrSBsOXPd6TcpKNgqoy1Ik3ZFKl4FolzrRyI=")
- preshared, _ := base64.StdEncoding.DecodeString("FpCyhws9cxwWoV4xELtfJvjJN+zQVRPISllRWgeopVE=")
theirPublic, _ := base64.StdEncoding.DecodeString("qRCwZSKInrMAq5sepfCdaCsRJaoLe5jhtzfiw7CjbwM=")
+ preshared, _ := base64.StdEncoding.DecodeString("FpCyhws9cxwWoV4xELtfJvjJN+zQVRPISllRWgeopVE=")
cs := noise.NewCipherSuite(noise.DH25519, noise.CipherChaChaPoly, noise.HashBLAKE2s)
hs := noise.NewHandshakeState(noise.Config{
CipherSuite: cs,
Random: rand.Reader,
Pattern: noise.HandshakeIK,
Initiator: true,
- Prologue: []byte("WireGuard v0 zx2c4 Jason@zx2c4.com"),
+ Prologue: []byte("WireGuard v1 zx2c4 Jason@zx2c4.com"),
PresharedKey: preshared,
+ PresharedKeyPlacement: 2,
StaticKeypair: noise.DHKey{Private: ourPrivate, Public: ourPublic},
PeerStatic: theirPublic,
})
@@ -68,8 +69,10 @@ func main() {
initiationPacket[3] = 0 // Reserved
binary.LittleEndian.PutUint32(initiationPacket[4:], 28) // Sender index: 28 (arbitrary)
initiationPacket, _, _ = hs.WriteMessage(initiationPacket, tai64n)
- hasher, _ := blake2s.New(&blake2s.Config{Size: 16, Key: preshared})
+ hasher, _ := blake2s.New(&blake2s.Config{Size: 32})
+ hasher.Write([]byte("mac1----"))
hasher.Write(theirPublic)
+ hasher, _ = blake2s.New(&blake2s.Config{Size: 16, Key: hasher.Sum(nil)})
hasher.Write(initiationPacket)
initiationPacket = append(initiationPacket, hasher.Sum(nil)[:16]...)
initiationPacket = append(initiationPacket, make([]byte, 16)...)
diff --git a/contrib/external-tests/haskell/src/Main.hs b/contrib/external-tests/haskell/src/Main.hs
index 820e2f1..8983e6c 100644
--- a/contrib/external-tests/haskell/src/Main.hs
+++ b/contrib/external-tests/haskell/src/Main.hs
@@ -34,7 +34,7 @@ w :: PublicKey Curve25519
-> IO ()
w theirPub (Plaintext myPSK) sock addr msg = do
let x = "\x01\x00\x00\x00\x00\x00" `mappend` msg
- mac = hash 16 myPSK (sbToBS' (curvePubToBytes theirPub) `mappend` sbToBS' x)
+ mac = hash 16 myPSK (sbToBS' (curvePubToBytes theirPub) `mappend` sbToBS' x) -- TODO: this should actually be blake2s(key=blake2s("mac1----" || theirPub), payload=blah)
void $ NBS.sendTo sock (x `mappend` mac `mappend` replicate 16 '\0') addr
r :: MVar ByteString -> Socket -> IO ByteString
@@ -63,8 +63,8 @@ main = do
serverkey' = curveBytesToPub . bsToSB' . either undefined id . B64.decode . pack $ serverkey :: PublicKey Curve25519
psk' = Plaintext . bsToSB' . either undefined id . B64.decode . pack $ psk
hs = handshakeState $ HandshakeStateParams
- noiseIK
- "WireGuard v0 zx2c4 Jason@zx2c4.com"
+ noiseIK -- TODO: specify psk2 mode
+ "WireGuard v1 zx2c4 Jason@zx2c4.com"
(Just psk')
(Just mykey')
Nothing
diff --git a/contrib/external-tests/rust/src/main.rs b/contrib/external-tests/rust/src/main.rs
index 232375c..ceb68b8 100644
--- a/contrib/external-tests/rust/src/main.rs
+++ b/contrib/external-tests/rust/src/main.rs
@@ -39,11 +39,12 @@ fn main() {
owner.set_rs(&their_public);
let mut cipherstate1 : CipherState<CipherChaChaPoly> = Default::default();
let mut cipherstate2 : CipherState<CipherChaChaPoly> = Default::default();
- let mut handshake = HandshakeState::new_from_owner(&mut owner, true, HandshakePattern::IK, "WireGuard v0 zx2c4 Jason@zx2c4.com".as_bytes(), Some(&my_preshared[..]), &mut cipherstate1, &mut cipherstate2);
+ //TODO: specify psk2 mode
+ let mut handshake = HandshakeState::new_from_owner(&mut owner, true, HandshakePattern::IK, "WireGuard v1 zx2c4 Jason@zx2c4.com".as_bytes(), Some(&my_preshared[..]), &mut cipherstate1, &mut cipherstate2);
let now = time::get_time();
let mut tai64n = [0; 12];
- BigEndian::write_i64(&mut tai64n[0..], 4611686018427387914ULL + now.sec);
+ BigEndian::write_i64(&mut tai64n[0..], 4611686018427387914 + now.sec);
BigEndian::write_i32(&mut tai64n[8..], now.nsec);
let mut initiation_packet = [0; 148];
initiation_packet[0] = 1; /* Type: Initiation */
@@ -52,11 +53,13 @@ fn main() {
initiation_packet[3] = 0; /* Reserved */
LittleEndian::write_u32(&mut initiation_packet[4..], 28); /* Sender index: 28 (arbitrary) */
handshake.write_message(&tai64n, &mut initiation_packet[8..]);
- let mut mac_material = [0; 148];
- memcpy(&mut mac_material, &their_public);
- memcpy(&mut mac_material[32..], &initiation_packet[0..116]);
+ let mut mac_key_input = [0; 40];
+ let mut mac_key = [0; 32];
+ memcpy(&mut mac_key_input, b"mac1----");
+ memcpy(&mut mac_key_input[8..], &their_public);
+ Blake2s::blake2s(&mut mac_key, &mac_key_input, &[0; 0]);
let mut mac = [0; 16];
- Blake2s::blake2s(&mut mac, &mac_material, &my_preshared);
+ Blake2s::blake2s(&mut mac, &initiation_packet[0..116], &mac_key);
memcpy(&mut initiation_packet[116..], &mac);
socket.send_to(&initiation_packet, &send_addr).unwrap();