github.com/liloew/wireguard-go@v0.0.0-20220224014633-9cd745e6f114/device/cookie_test.go (about)

     1  /* SPDX-License-Identifier: MIT
     2   *
     3   * Copyright (C) 2017-2021 WireGuard LLC. All Rights Reserved.
     4   */
     5  
     6  package device
     7  
     8  import (
     9  	"testing"
    10  )
    11  
    12  func TestCookieMAC1(t *testing.T) {
    13  	// setup generator / checker
    14  
    15  	var (
    16  		generator CookieGenerator
    17  		checker   CookieChecker
    18  	)
    19  
    20  	sk, err := newPrivateKey()
    21  	if err != nil {
    22  		t.Fatal(err)
    23  	}
    24  	pk := sk.publicKey()
    25  
    26  	generator.Init(pk)
    27  	checker.Init(pk)
    28  
    29  	// check mac1
    30  
    31  	src := []byte{192, 168, 13, 37, 10, 10, 10}
    32  
    33  	checkMAC1 := func(msg []byte) {
    34  		generator.AddMacs(msg)
    35  		if !checker.CheckMAC1(msg) {
    36  			t.Fatal("MAC1 generation/verification failed")
    37  		}
    38  		if checker.CheckMAC2(msg, src) {
    39  			t.Fatal("MAC2 generation/verification failed")
    40  		}
    41  	}
    42  
    43  	checkMAC1([]byte{
    44  		0x99, 0xbb, 0xa5, 0xfc, 0x99, 0xaa, 0x83, 0xbd,
    45  		0x7b, 0x00, 0xc5, 0x9a, 0x4c, 0xb9, 0xcf, 0x62,
    46  		0x40, 0x23, 0xf3, 0x8e, 0xd8, 0xd0, 0x62, 0x64,
    47  		0x5d, 0xb2, 0x80, 0x13, 0xda, 0xce, 0xc6, 0x91,
    48  		0x61, 0xd6, 0x30, 0xf1, 0x32, 0xb3, 0xa2, 0xf4,
    49  		0x7b, 0x43, 0xb5, 0xa7, 0xe2, 0xb1, 0xf5, 0x6c,
    50  		0x74, 0x6b, 0xb0, 0xcd, 0x1f, 0x94, 0x86, 0x7b,
    51  		0xc8, 0xfb, 0x92, 0xed, 0x54, 0x9b, 0x44, 0xf5,
    52  		0xc8, 0x7d, 0xb7, 0x8e, 0xff, 0x49, 0xc4, 0xe8,
    53  		0x39, 0x7c, 0x19, 0xe0, 0x60, 0x19, 0x51, 0xf8,
    54  		0xe4, 0x8e, 0x02, 0xf1, 0x7f, 0x1d, 0xcc, 0x8e,
    55  		0xb0, 0x07, 0xff, 0xf8, 0xaf, 0x7f, 0x66, 0x82,
    56  		0x83, 0xcc, 0x7c, 0xfa, 0x80, 0xdb, 0x81, 0x53,
    57  		0xad, 0xf7, 0xd8, 0x0c, 0x10, 0xe0, 0x20, 0xfd,
    58  		0xe8, 0x0b, 0x3f, 0x90, 0x15, 0xcd, 0x93, 0xad,
    59  		0x0b, 0xd5, 0x0c, 0xcc, 0x88, 0x56, 0xe4, 0x3f,
    60  	})
    61  
    62  	checkMAC1([]byte{
    63  		0x33, 0xe7, 0x2a, 0x84, 0x9f, 0xff, 0x57, 0x6c,
    64  		0x2d, 0xc3, 0x2d, 0xe1, 0xf5, 0x5c, 0x97, 0x56,
    65  		0xb8, 0x93, 0xc2, 0x7d, 0xd4, 0x41, 0xdd, 0x7a,
    66  		0x4a, 0x59, 0x3b, 0x50, 0xdd, 0x7a, 0x7a, 0x8c,
    67  		0x9b, 0x96, 0xaf, 0x55, 0x3c, 0xeb, 0x6d, 0x0b,
    68  		0x13, 0x0b, 0x97, 0x98, 0xb3, 0x40, 0xc3, 0xcc,
    69  		0xb8, 0x57, 0x33, 0x45, 0x6e, 0x8b, 0x09, 0x2b,
    70  		0x81, 0x2e, 0xd2, 0xb9, 0x66, 0x0b, 0x93, 0x05,
    71  	})
    72  
    73  	checkMAC1([]byte{
    74  		0x9b, 0x96, 0xaf, 0x55, 0x3c, 0xeb, 0x6d, 0x0b,
    75  		0x13, 0x0b, 0x97, 0x98, 0xb3, 0x40, 0xc3, 0xcc,
    76  		0xb8, 0x57, 0x33, 0x45, 0x6e, 0x8b, 0x09, 0x2b,
    77  		0x81, 0x2e, 0xd2, 0xb9, 0x66, 0x0b, 0x93, 0x05,
    78  	})
    79  
    80  	// exchange cookie reply
    81  
    82  	func() {
    83  		msg := []byte{
    84  			0x6d, 0xd7, 0xc3, 0x2e, 0xb0, 0x76, 0xd8, 0xdf,
    85  			0x30, 0x65, 0x7d, 0x62, 0x3e, 0xf8, 0x9a, 0xe8,
    86  			0xe7, 0x3c, 0x64, 0xa3, 0x78, 0x48, 0xda, 0xf5,
    87  			0x25, 0x61, 0x28, 0x53, 0x79, 0x32, 0x86, 0x9f,
    88  			0xa0, 0x27, 0x95, 0x69, 0xb6, 0xba, 0xd0, 0xa2,
    89  			0xf8, 0x68, 0xea, 0xa8, 0x62, 0xf2, 0xfd, 0x1b,
    90  			0xe0, 0xb4, 0x80, 0xe5, 0x6b, 0x3a, 0x16, 0x9e,
    91  			0x35, 0xf6, 0xa8, 0xf2, 0x4f, 0x9a, 0x7b, 0xe9,
    92  			0x77, 0x0b, 0xc2, 0xb4, 0xed, 0xba, 0xf9, 0x22,
    93  			0xc3, 0x03, 0x97, 0x42, 0x9f, 0x79, 0x74, 0x27,
    94  			0xfe, 0xf9, 0x06, 0x6e, 0x97, 0x3a, 0xa6, 0x8f,
    95  			0xc9, 0x57, 0x0a, 0x54, 0x4c, 0x64, 0x4a, 0xe2,
    96  			0x4f, 0xa1, 0xce, 0x95, 0x9b, 0x23, 0xa9, 0x2b,
    97  			0x85, 0x93, 0x42, 0xb0, 0xa5, 0x53, 0xed, 0xeb,
    98  			0x63, 0x2a, 0xf1, 0x6d, 0x46, 0xcb, 0x2f, 0x61,
    99  			0x8c, 0xe1, 0xe8, 0xfa, 0x67, 0x20, 0x80, 0x6d,
   100  		}
   101  		generator.AddMacs(msg)
   102  		reply, err := checker.CreateReply(msg, 1377, src)
   103  		if err != nil {
   104  			t.Fatal("Failed to create cookie reply:", err)
   105  		}
   106  		if !generator.ConsumeReply(reply) {
   107  			t.Fatal("Failed to consume cookie reply")
   108  		}
   109  	}()
   110  
   111  	// check mac2
   112  
   113  	checkMAC2 := func(msg []byte) {
   114  		generator.AddMacs(msg)
   115  
   116  		if !checker.CheckMAC1(msg) {
   117  			t.Fatal("MAC1 generation/verification failed")
   118  		}
   119  		if !checker.CheckMAC2(msg, src) {
   120  			t.Fatal("MAC2 generation/verification failed")
   121  		}
   122  
   123  		msg[5] ^= 0x20
   124  
   125  		if checker.CheckMAC1(msg) {
   126  			t.Fatal("MAC1 generation/verification failed")
   127  		}
   128  		if checker.CheckMAC2(msg, src) {
   129  			t.Fatal("MAC2 generation/verification failed")
   130  		}
   131  
   132  		msg[5] ^= 0x20
   133  
   134  		srcBad1 := []byte{192, 168, 13, 37, 40, 1}
   135  		if checker.CheckMAC2(msg, srcBad1) {
   136  			t.Fatal("MAC2 generation/verification failed")
   137  		}
   138  
   139  		srcBad2 := []byte{192, 168, 13, 38, 40, 1}
   140  		if checker.CheckMAC2(msg, srcBad2) {
   141  			t.Fatal("MAC2 generation/verification failed")
   142  		}
   143  	}
   144  
   145  	checkMAC2([]byte{
   146  		0x03, 0x31, 0xb9, 0x9e, 0xb0, 0x2a, 0x54, 0xa3,
   147  		0xc1, 0x3f, 0xb4, 0x96, 0x16, 0xb9, 0x25, 0x15,
   148  		0x3d, 0x3a, 0x82, 0xf9, 0x58, 0x36, 0x86, 0x3f,
   149  		0x13, 0x2f, 0xfe, 0xb2, 0x53, 0x20, 0x8c, 0x3f,
   150  		0xba, 0xeb, 0xfb, 0x4b, 0x1b, 0x22, 0x02, 0x69,
   151  		0x2c, 0x90, 0xbc, 0xdc, 0xcf, 0xcf, 0x85, 0xeb,
   152  		0x62, 0x66, 0x6f, 0xe8, 0xe1, 0xa6, 0xa8, 0x4c,
   153  		0xa0, 0x04, 0x23, 0x15, 0x42, 0xac, 0xfa, 0x38,
   154  	})
   155  
   156  	checkMAC2([]byte{
   157  		0x0e, 0x2f, 0x0e, 0xa9, 0x29, 0x03, 0xe1, 0xf3,
   158  		0x24, 0x01, 0x75, 0xad, 0x16, 0xa5, 0x66, 0x85,
   159  		0xca, 0x66, 0xe0, 0xbd, 0xc6, 0x34, 0xd8, 0x84,
   160  		0x09, 0x9a, 0x58, 0x14, 0xfb, 0x05, 0xda, 0xf5,
   161  		0x90, 0xf5, 0x0c, 0x4e, 0x22, 0x10, 0xc9, 0x85,
   162  		0x0f, 0xe3, 0x77, 0x35, 0xe9, 0x6b, 0xc2, 0x55,
   163  		0x32, 0x46, 0xae, 0x25, 0xe0, 0xe3, 0x37, 0x7a,
   164  		0x4b, 0x71, 0xcc, 0xfc, 0x91, 0xdf, 0xd6, 0xca,
   165  		0xfe, 0xee, 0xce, 0x3f, 0x77, 0xa2, 0xfd, 0x59,
   166  		0x8e, 0x73, 0x0a, 0x8d, 0x5c, 0x24, 0x14, 0xca,
   167  		0x38, 0x91, 0xb8, 0x2c, 0x8c, 0xa2, 0x65, 0x7b,
   168  		0xbc, 0x49, 0xbc, 0xb5, 0x58, 0xfc, 0xe3, 0xd7,
   169  		0x02, 0xcf, 0xf7, 0x4c, 0x60, 0x91, 0xed, 0x55,
   170  		0xe9, 0xf9, 0xfe, 0xd1, 0x44, 0x2c, 0x75, 0xf2,
   171  		0xb3, 0x5d, 0x7b, 0x27, 0x56, 0xc0, 0x48, 0x4f,
   172  		0xb0, 0xba, 0xe4, 0x7d, 0xd0, 0xaa, 0xcd, 0x3d,
   173  		0xe3, 0x50, 0xd2, 0xcf, 0xb9, 0xfa, 0x4b, 0x2d,
   174  		0xc6, 0xdf, 0x3b, 0x32, 0x98, 0x45, 0xe6, 0x8f,
   175  		0x1c, 0x5c, 0xa2, 0x20, 0x7d, 0x1c, 0x28, 0xc2,
   176  		0xd4, 0xa1, 0xe0, 0x21, 0x52, 0x8f, 0x1c, 0xd0,
   177  		0x62, 0x97, 0x48, 0xbb, 0xf4, 0xa9, 0xcb, 0x35,
   178  		0xf2, 0x07, 0xd3, 0x50, 0xd8, 0xa9, 0xc5, 0x9a,
   179  		0x0f, 0xbd, 0x37, 0xaf, 0xe1, 0x45, 0x19, 0xee,
   180  		0x41, 0xf3, 0xf7, 0xe5, 0xe0, 0x30, 0x3f, 0xbe,
   181  		0x3d, 0x39, 0x64, 0x00, 0x7a, 0x1a, 0x51, 0x5e,
   182  		0xe1, 0x70, 0x0b, 0xb9, 0x77, 0x5a, 0xf0, 0xc4,
   183  		0x8a, 0xa1, 0x3a, 0x77, 0x1a, 0xe0, 0xc2, 0x06,
   184  		0x91, 0xd5, 0xe9, 0x1c, 0xd3, 0xfe, 0xab, 0x93,
   185  		0x1a, 0x0a, 0x4c, 0xbb, 0xf0, 0xff, 0xdc, 0xaa,
   186  		0x61, 0x73, 0xcb, 0x03, 0x4b, 0x71, 0x68, 0x64,
   187  		0x3d, 0x82, 0x31, 0x41, 0xd7, 0x8b, 0x22, 0x7b,
   188  		0x7d, 0xa1, 0xd5, 0x85, 0x6d, 0xf0, 0x1b, 0xaa,
   189  	})
   190  }