github.com/noisysockets/noisysockets@v0.21.2-0.20240515114641-7f467e651c90/internal/transport/cookie_test.go (about)

     1  // SPDX-License-Identifier: MPL-2.0
     2  /*
     3   * Copyright (C) 2024 The Noisy Sockets Authors.
     4   *
     5   * This Source Code Form is subject to the terms of the Mozilla Public
     6   * License, v. 2.0. If a copy of the MPL was not distributed with this
     7   * file, You can obtain one at http://mozilla.org/MPL/2.0/.
     8   *
     9   * Portions of this file are based on code originally from wireguard-go,
    10   *
    11   * Copyright (C) 2017-2023 WireGuard LLC. All Rights Reserved.
    12   *
    13   * Permission is hereby granted, free of charge, to any person obtaining a copy of
    14   * this software and associated documentation files (the "Software"), to deal in
    15   * the Software without restriction, including without limitation the rights to
    16   * use, copy, modify, merge, publish, distribute, sublicense, and/or sell copies
    17   * of the Software, and to permit persons to whom the Software is furnished to do
    18   * so, subject to the following conditions:
    19   *
    20   * The above copyright notice and this permission notice shall be included in all
    21   * copies or substantial portions of the Software.
    22   *
    23   * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
    24   * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
    25   * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
    26   * AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
    27   * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
    28   * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
    29   * SOFTWARE.
    30   */
    31  
    32  package transport
    33  
    34  import (
    35  	"testing"
    36  
    37  	"github.com/noisysockets/noisysockets/types"
    38  )
    39  
    40  func TestCookieMAC1(t *testing.T) {
    41  	// setup generator / checker
    42  
    43  	var (
    44  		generator CookieGenerator
    45  		checker   CookieChecker
    46  	)
    47  
    48  	sk, err := types.NewPrivateKey()
    49  	if err != nil {
    50  		t.Fatal(err)
    51  	}
    52  	pk := sk.Public()
    53  
    54  	generator.Init(pk)
    55  	checker.Init(pk)
    56  
    57  	// check mac1
    58  
    59  	src := []byte{192, 168, 13, 37, 10, 10, 10}
    60  
    61  	checkMAC1 := func(msg []byte) {
    62  		generator.AddMacs(msg)
    63  		if !checker.CheckMAC1(msg) {
    64  			t.Fatal("MAC1 generation/verification failed")
    65  		}
    66  		if checker.CheckMAC2(msg, src) {
    67  			t.Fatal("MAC2 generation/verification failed")
    68  		}
    69  	}
    70  
    71  	checkMAC1([]byte{
    72  		0x99, 0xbb, 0xa5, 0xfc, 0x99, 0xaa, 0x83, 0xbd,
    73  		0x7b, 0x00, 0xc5, 0x9a, 0x4c, 0xb9, 0xcf, 0x62,
    74  		0x40, 0x23, 0xf3, 0x8e, 0xd8, 0xd0, 0x62, 0x64,
    75  		0x5d, 0xb2, 0x80, 0x13, 0xda, 0xce, 0xc6, 0x91,
    76  		0x61, 0xd6, 0x30, 0xf1, 0x32, 0xb3, 0xa2, 0xf4,
    77  		0x7b, 0x43, 0xb5, 0xa7, 0xe2, 0xb1, 0xf5, 0x6c,
    78  		0x74, 0x6b, 0xb0, 0xcd, 0x1f, 0x94, 0x86, 0x7b,
    79  		0xc8, 0xfb, 0x92, 0xed, 0x54, 0x9b, 0x44, 0xf5,
    80  		0xc8, 0x7d, 0xb7, 0x8e, 0xff, 0x49, 0xc4, 0xe8,
    81  		0x39, 0x7c, 0x19, 0xe0, 0x60, 0x19, 0x51, 0xf8,
    82  		0xe4, 0x8e, 0x02, 0xf1, 0x7f, 0x1d, 0xcc, 0x8e,
    83  		0xb0, 0x07, 0xff, 0xf8, 0xaf, 0x7f, 0x66, 0x82,
    84  		0x83, 0xcc, 0x7c, 0xfa, 0x80, 0xdb, 0x81, 0x53,
    85  		0xad, 0xf7, 0xd8, 0x0c, 0x10, 0xe0, 0x20, 0xfd,
    86  		0xe8, 0x0b, 0x3f, 0x90, 0x15, 0xcd, 0x93, 0xad,
    87  		0x0b, 0xd5, 0x0c, 0xcc, 0x88, 0x56, 0xe4, 0x3f,
    88  	})
    89  
    90  	checkMAC1([]byte{
    91  		0x33, 0xe7, 0x2a, 0x84, 0x9f, 0xff, 0x57, 0x6c,
    92  		0x2d, 0xc3, 0x2d, 0xe1, 0xf5, 0x5c, 0x97, 0x56,
    93  		0xb8, 0x93, 0xc2, 0x7d, 0xd4, 0x41, 0xdd, 0x7a,
    94  		0x4a, 0x59, 0x3b, 0x50, 0xdd, 0x7a, 0x7a, 0x8c,
    95  		0x9b, 0x96, 0xaf, 0x55, 0x3c, 0xeb, 0x6d, 0x0b,
    96  		0x13, 0x0b, 0x97, 0x98, 0xb3, 0x40, 0xc3, 0xcc,
    97  		0xb8, 0x57, 0x33, 0x45, 0x6e, 0x8b, 0x09, 0x2b,
    98  		0x81, 0x2e, 0xd2, 0xb9, 0x66, 0x0b, 0x93, 0x05,
    99  	})
   100  
   101  	checkMAC1([]byte{
   102  		0x9b, 0x96, 0xaf, 0x55, 0x3c, 0xeb, 0x6d, 0x0b,
   103  		0x13, 0x0b, 0x97, 0x98, 0xb3, 0x40, 0xc3, 0xcc,
   104  		0xb8, 0x57, 0x33, 0x45, 0x6e, 0x8b, 0x09, 0x2b,
   105  		0x81, 0x2e, 0xd2, 0xb9, 0x66, 0x0b, 0x93, 0x05,
   106  	})
   107  
   108  	// exchange cookie reply
   109  
   110  	func() {
   111  		msg := []byte{
   112  			0x6d, 0xd7, 0xc3, 0x2e, 0xb0, 0x76, 0xd8, 0xdf,
   113  			0x30, 0x65, 0x7d, 0x62, 0x3e, 0xf8, 0x9a, 0xe8,
   114  			0xe7, 0x3c, 0x64, 0xa3, 0x78, 0x48, 0xda, 0xf5,
   115  			0x25, 0x61, 0x28, 0x53, 0x79, 0x32, 0x86, 0x9f,
   116  			0xa0, 0x27, 0x95, 0x69, 0xb6, 0xba, 0xd0, 0xa2,
   117  			0xf8, 0x68, 0xea, 0xa8, 0x62, 0xf2, 0xfd, 0x1b,
   118  			0xe0, 0xb4, 0x80, 0xe5, 0x6b, 0x3a, 0x16, 0x9e,
   119  			0x35, 0xf6, 0xa8, 0xf2, 0x4f, 0x9a, 0x7b, 0xe9,
   120  			0x77, 0x0b, 0xc2, 0xb4, 0xed, 0xba, 0xf9, 0x22,
   121  			0xc3, 0x03, 0x97, 0x42, 0x9f, 0x79, 0x74, 0x27,
   122  			0xfe, 0xf9, 0x06, 0x6e, 0x97, 0x3a, 0xa6, 0x8f,
   123  			0xc9, 0x57, 0x0a, 0x54, 0x4c, 0x64, 0x4a, 0xe2,
   124  			0x4f, 0xa1, 0xce, 0x95, 0x9b, 0x23, 0xa9, 0x2b,
   125  			0x85, 0x93, 0x42, 0xb0, 0xa5, 0x53, 0xed, 0xeb,
   126  			0x63, 0x2a, 0xf1, 0x6d, 0x46, 0xcb, 0x2f, 0x61,
   127  			0x8c, 0xe1, 0xe8, 0xfa, 0x67, 0x20, 0x80, 0x6d,
   128  		}
   129  		generator.AddMacs(msg)
   130  		reply, err := checker.CreateReply(msg, 1377, src)
   131  		if err != nil {
   132  			t.Fatal("Failed to create cookie reply:", err)
   133  		}
   134  		if !generator.ConsumeReply(reply) {
   135  			t.Fatal("Failed to consume cookie reply")
   136  		}
   137  	}()
   138  
   139  	// check mac2
   140  
   141  	checkMAC2 := func(msg []byte) {
   142  		generator.AddMacs(msg)
   143  
   144  		if !checker.CheckMAC1(msg) {
   145  			t.Fatal("MAC1 generation/verification failed")
   146  		}
   147  		if !checker.CheckMAC2(msg, src) {
   148  			t.Fatal("MAC2 generation/verification failed")
   149  		}
   150  
   151  		msg[5] ^= 0x20
   152  
   153  		if checker.CheckMAC1(msg) {
   154  			t.Fatal("MAC1 generation/verification failed")
   155  		}
   156  		if checker.CheckMAC2(msg, src) {
   157  			t.Fatal("MAC2 generation/verification failed")
   158  		}
   159  
   160  		msg[5] ^= 0x20
   161  
   162  		srcBad1 := []byte{192, 168, 13, 37, 40, 1}
   163  		if checker.CheckMAC2(msg, srcBad1) {
   164  			t.Fatal("MAC2 generation/verification failed")
   165  		}
   166  
   167  		srcBad2 := []byte{192, 168, 13, 38, 40, 1}
   168  		if checker.CheckMAC2(msg, srcBad2) {
   169  			t.Fatal("MAC2 generation/verification failed")
   170  		}
   171  	}
   172  
   173  	checkMAC2([]byte{
   174  		0x03, 0x31, 0xb9, 0x9e, 0xb0, 0x2a, 0x54, 0xa3,
   175  		0xc1, 0x3f, 0xb4, 0x96, 0x16, 0xb9, 0x25, 0x15,
   176  		0x3d, 0x3a, 0x82, 0xf9, 0x58, 0x36, 0x86, 0x3f,
   177  		0x13, 0x2f, 0xfe, 0xb2, 0x53, 0x20, 0x8c, 0x3f,
   178  		0xba, 0xeb, 0xfb, 0x4b, 0x1b, 0x22, 0x02, 0x69,
   179  		0x2c, 0x90, 0xbc, 0xdc, 0xcf, 0xcf, 0x85, 0xeb,
   180  		0x62, 0x66, 0x6f, 0xe8, 0xe1, 0xa6, 0xa8, 0x4c,
   181  		0xa0, 0x04, 0x23, 0x15, 0x42, 0xac, 0xfa, 0x38,
   182  	})
   183  
   184  	checkMAC2([]byte{
   185  		0x0e, 0x2f, 0x0e, 0xa9, 0x29, 0x03, 0xe1, 0xf3,
   186  		0x24, 0x01, 0x75, 0xad, 0x16, 0xa5, 0x66, 0x85,
   187  		0xca, 0x66, 0xe0, 0xbd, 0xc6, 0x34, 0xd8, 0x84,
   188  		0x09, 0x9a, 0x58, 0x14, 0xfb, 0x05, 0xda, 0xf5,
   189  		0x90, 0xf5, 0x0c, 0x4e, 0x22, 0x10, 0xc9, 0x85,
   190  		0x0f, 0xe3, 0x77, 0x35, 0xe9, 0x6b, 0xc2, 0x55,
   191  		0x32, 0x46, 0xae, 0x25, 0xe0, 0xe3, 0x37, 0x7a,
   192  		0x4b, 0x71, 0xcc, 0xfc, 0x91, 0xdf, 0xd6, 0xca,
   193  		0xfe, 0xee, 0xce, 0x3f, 0x77, 0xa2, 0xfd, 0x59,
   194  		0x8e, 0x73, 0x0a, 0x8d, 0x5c, 0x24, 0x14, 0xca,
   195  		0x38, 0x91, 0xb8, 0x2c, 0x8c, 0xa2, 0x65, 0x7b,
   196  		0xbc, 0x49, 0xbc, 0xb5, 0x58, 0xfc, 0xe3, 0xd7,
   197  		0x02, 0xcf, 0xf7, 0x4c, 0x60, 0x91, 0xed, 0x55,
   198  		0xe9, 0xf9, 0xfe, 0xd1, 0x44, 0x2c, 0x75, 0xf2,
   199  		0xb3, 0x5d, 0x7b, 0x27, 0x56, 0xc0, 0x48, 0x4f,
   200  		0xb0, 0xba, 0xe4, 0x7d, 0xd0, 0xaa, 0xcd, 0x3d,
   201  		0xe3, 0x50, 0xd2, 0xcf, 0xb9, 0xfa, 0x4b, 0x2d,
   202  		0xc6, 0xdf, 0x3b, 0x32, 0x98, 0x45, 0xe6, 0x8f,
   203  		0x1c, 0x5c, 0xa2, 0x20, 0x7d, 0x1c, 0x28, 0xc2,
   204  		0xd4, 0xa1, 0xe0, 0x21, 0x52, 0x8f, 0x1c, 0xd0,
   205  		0x62, 0x97, 0x48, 0xbb, 0xf4, 0xa9, 0xcb, 0x35,
   206  		0xf2, 0x07, 0xd3, 0x50, 0xd8, 0xa9, 0xc5, 0x9a,
   207  		0x0f, 0xbd, 0x37, 0xaf, 0xe1, 0x45, 0x19, 0xee,
   208  		0x41, 0xf3, 0xf7, 0xe5, 0xe0, 0x30, 0x3f, 0xbe,
   209  		0x3d, 0x39, 0x64, 0x00, 0x7a, 0x1a, 0x51, 0x5e,
   210  		0xe1, 0x70, 0x0b, 0xb9, 0x77, 0x5a, 0xf0, 0xc4,
   211  		0x8a, 0xa1, 0x3a, 0x77, 0x1a, 0xe0, 0xc2, 0x06,
   212  		0x91, 0xd5, 0xe9, 0x1c, 0xd3, 0xfe, 0xab, 0x93,
   213  		0x1a, 0x0a, 0x4c, 0xbb, 0xf0, 0xff, 0xdc, 0xaa,
   214  		0x61, 0x73, 0xcb, 0x03, 0x4b, 0x71, 0x68, 0x64,
   215  		0x3d, 0x82, 0x31, 0x41, 0xd7, 0x8b, 0x22, 0x7b,
   216  		0x7d, 0xa1, 0xd5, 0x85, 0x6d, 0xf0, 0x1b, 0xaa,
   217  	})
   218  }