github.com/mikelsr/quic-go@v0.36.1-0.20230701132136-1d9415b66898/internal/handshake/token_protector_test.go (about) 1 package handshake 2 3 import ( 4 "crypto/rand" 5 6 . "github.com/onsi/ginkgo/v2" 7 . "github.com/onsi/gomega" 8 ) 9 10 type zeroReader struct{} 11 12 func (r *zeroReader) Read(b []byte) (int, error) { 13 for i := range b { 14 b[i] = 0 15 } 16 return len(b), nil 17 } 18 19 var _ = Describe("Token Protector", func() { 20 var tp tokenProtector 21 22 BeforeEach(func() { 23 var err error 24 tp, err = newTokenProtector(rand.Reader) 25 Expect(err).ToNot(HaveOccurred()) 26 }) 27 28 It("uses the random source", func() { 29 tp1, err := newTokenProtector(&zeroReader{}) 30 Expect(err).ToNot(HaveOccurred()) 31 tp2, err := newTokenProtector(&zeroReader{}) 32 Expect(err).ToNot(HaveOccurred()) 33 t1, err := tp1.NewToken([]byte("foo")) 34 Expect(err).ToNot(HaveOccurred()) 35 t2, err := tp2.NewToken([]byte("foo")) 36 Expect(err).ToNot(HaveOccurred()) 37 Expect(t1).To(Equal(t2)) 38 tp3, err := newTokenProtector(rand.Reader) 39 Expect(err).ToNot(HaveOccurred()) 40 t3, err := tp3.NewToken([]byte("foo")) 41 Expect(err).ToNot(HaveOccurred()) 42 Expect(t3).ToNot(Equal(t1)) 43 }) 44 45 It("encodes and decodes tokens", func() { 46 token, err := tp.NewToken([]byte("foobar")) 47 Expect(err).ToNot(HaveOccurred()) 48 Expect(token).ToNot(ContainSubstring("foobar")) 49 decoded, err := tp.DecodeToken(token) 50 Expect(err).ToNot(HaveOccurred()) 51 Expect(decoded).To(Equal([]byte("foobar"))) 52 }) 53 54 It("fails deconding invalid tokens", func() { 55 token, err := tp.NewToken([]byte("foobar")) 56 Expect(err).ToNot(HaveOccurred()) 57 token = token[1:] // remove the first byte 58 _, err = tp.DecodeToken(token) 59 Expect(err).To(HaveOccurred()) 60 Expect(err.Error()).To(ContainSubstring("message authentication failed")) 61 }) 62 63 It("errors when decoding too short tokens", func() { 64 _, err := tp.DecodeToken([]byte("foobar")) 65 Expect(err).To(MatchError("token too short: 6")) 66 }) 67 })