external-tests: update to latest
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
This commit is contained in:
parent
f3a1f15186
commit
09c726a72f
3 changed files with 50 additions and 28 deletions
|
@ -61,9 +61,12 @@ func main() {
|
||||||
tai64n := make([]byte, 12)
|
tai64n := make([]byte, 12)
|
||||||
binary.BigEndian.PutUint64(tai64n[:], 4611686018427387914+uint64(now.Unix()))
|
binary.BigEndian.PutUint64(tai64n[:], 4611686018427387914+uint64(now.Unix()))
|
||||||
binary.BigEndian.PutUint32(tai64n[8:], uint32(now.UnixNano()))
|
binary.BigEndian.PutUint32(tai64n[8:], uint32(now.UnixNano()))
|
||||||
initiationPacket := make([]byte, 5)
|
initiationPacket := make([]byte, 8)
|
||||||
initiationPacket[0] = 1 // Type: Initiation
|
initiationPacket[0] = 1 // Type: Initiation
|
||||||
binary.LittleEndian.PutUint32(initiationPacket[1:], 28) // Sender index: 28 (arbitrary)
|
initiationPacket[1] = 0 // Reserved
|
||||||
|
initiationPacket[2] = 0 // Reserved
|
||||||
|
initiationPacket[3] = 0 // Reserved
|
||||||
|
binary.LittleEndian.PutUint32(initiationPacket[4:], 28) // Sender index: 28 (arbitrary)
|
||||||
initiationPacket, _, _ = hs.WriteMessage(initiationPacket, tai64n)
|
initiationPacket, _, _ = hs.WriteMessage(initiationPacket, tai64n)
|
||||||
hasher, _ := blake2s.New(&blake2s.Config{Size: 16, Key: preshared})
|
hasher, _ := blake2s.New(&blake2s.Config{Size: 16, Key: preshared})
|
||||||
hasher.Write(theirPublic)
|
hasher.Write(theirPublic)
|
||||||
|
@ -75,7 +78,7 @@ func main() {
|
||||||
}
|
}
|
||||||
|
|
||||||
// read handshake response packet
|
// read handshake response packet
|
||||||
responsePacket := make([]byte, 89)
|
responsePacket := make([]byte, 92)
|
||||||
n, err := conn.Read(responsePacket)
|
n, err := conn.Read(responsePacket)
|
||||||
if err != nil {
|
if err != nil {
|
||||||
log.Fatalf("error reading response packet: %s", err)
|
log.Fatalf("error reading response packet: %s", err)
|
||||||
|
@ -86,12 +89,15 @@ func main() {
|
||||||
if responsePacket[0] != 2 { // Type: Response
|
if responsePacket[0] != 2 { // Type: Response
|
||||||
log.Fatalf("response packet type wrong: want %d, got %d", 2, responsePacket[0])
|
log.Fatalf("response packet type wrong: want %d, got %d", 2, responsePacket[0])
|
||||||
}
|
}
|
||||||
theirIndex := binary.LittleEndian.Uint32(responsePacket[1:])
|
if responsePacket[1] != 0 || responsePacket[2] != 0 || responsePacket[3] != 0 {
|
||||||
ourIndex := binary.LittleEndian.Uint32(responsePacket[5:])
|
log.Fatalf("response packet has non-zero reserved fields")
|
||||||
|
}
|
||||||
|
theirIndex := binary.LittleEndian.Uint32(responsePacket[4:])
|
||||||
|
ourIndex := binary.LittleEndian.Uint32(responsePacket[8:])
|
||||||
if ourIndex != 28 {
|
if ourIndex != 28 {
|
||||||
log.Fatalf("response packet index wrong: want %d, got %d", 28, ourIndex)
|
log.Fatalf("response packet index wrong: want %d, got %d", 28, ourIndex)
|
||||||
}
|
}
|
||||||
payload, sendCipher, receiveCipher, err := hs.ReadMessage(nil, responsePacket[9:57])
|
payload, sendCipher, receiveCipher, err := hs.ReadMessage(nil, responsePacket[12:60])
|
||||||
if err != nil {
|
if err != nil {
|
||||||
log.Fatalf("error reading handshake message: %s", err)
|
log.Fatalf("error reading handshake message: %s", err)
|
||||||
}
|
}
|
||||||
|
@ -120,10 +126,13 @@ func main() {
|
||||||
binary.BigEndian.PutUint16(pingHeader[2:], uint16(ipv4.HeaderLen+len(pingMessage))) // fix the length endianness on BSDs
|
binary.BigEndian.PutUint16(pingHeader[2:], uint16(ipv4.HeaderLen+len(pingMessage))) // fix the length endianness on BSDs
|
||||||
pingData := append(pingHeader, pingMessage...)
|
pingData := append(pingHeader, pingMessage...)
|
||||||
binary.BigEndian.PutUint16(pingData[10:], ipChecksum(pingData))
|
binary.BigEndian.PutUint16(pingData[10:], ipChecksum(pingData))
|
||||||
pingPacket := make([]byte, 13)
|
pingPacket := make([]byte, 16)
|
||||||
pingPacket[0] = 4 // Type: Data
|
pingPacket[0] = 4 // Type: Data
|
||||||
binary.LittleEndian.PutUint32(pingPacket[1:], theirIndex)
|
pingPacket[1] = 0 // Reserved
|
||||||
binary.LittleEndian.PutUint64(pingPacket[5:], 0) // Nonce
|
pingPacket[2] = 0 // Reserved
|
||||||
|
pingPacket[3] = 0 // Reserved
|
||||||
|
binary.LittleEndian.PutUint32(pingPacket[4:], theirIndex)
|
||||||
|
binary.LittleEndian.PutUint64(pingPacket[8:], 0) // Nonce
|
||||||
pingPacket = sendCipher.Encrypt(pingPacket, nil, pingData)
|
pingPacket = sendCipher.Encrypt(pingPacket, nil, pingData)
|
||||||
if _, err := conn.Write(pingPacket); err != nil {
|
if _, err := conn.Write(pingPacket); err != nil {
|
||||||
log.Fatalf("error writing ping message: %s", err)
|
log.Fatalf("error writing ping message: %s", err)
|
||||||
|
@ -139,7 +148,10 @@ func main() {
|
||||||
if replyPacket[0] != 4 { // Type: Data
|
if replyPacket[0] != 4 { // Type: Data
|
||||||
log.Fatalf("unexpected reply packet type: %d", replyPacket[0])
|
log.Fatalf("unexpected reply packet type: %d", replyPacket[0])
|
||||||
}
|
}
|
||||||
replyPacket, err = receiveCipher.Decrypt(nil, nil, replyPacket[13:])
|
if replyPacket[1] != 0 || replyPacket[2] != 0 || replyPacket[3] != 0 {
|
||||||
|
log.Fatalf("reply packet has non-zero reserved fields")
|
||||||
|
}
|
||||||
|
replyPacket, err = receiveCipher.Decrypt(nil, nil, replyPacket[16:])
|
||||||
if err != nil {
|
if err != nil {
|
||||||
log.Fatalf("error decrypting reply packet: %s", err)
|
log.Fatalf("error decrypting reply packet: %s", err)
|
||||||
}
|
}
|
||||||
|
|
|
@ -33,7 +33,7 @@ w :: PublicKey Curve25519
|
||||||
-> ByteString
|
-> ByteString
|
||||||
-> IO ()
|
-> IO ()
|
||||||
w theirPub (Plaintext myPSK) sock addr msg = do
|
w theirPub (Plaintext myPSK) sock addr msg = do
|
||||||
let x = "\x01\x00\x00" `mappend` msg
|
let x = "\x01\x00\x00\x00\x00\x00" `mappend` msg
|
||||||
mac = hash 16 myPSK (sbToBS' (curvePubToBytes theirPub) `mappend` sbToBS' x)
|
mac = hash 16 myPSK (sbToBS' (curvePubToBytes theirPub) `mappend` sbToBS' x)
|
||||||
void $ NBS.sendTo sock (x `mappend` mac `mappend` replicate 16 '\0') addr
|
void $ NBS.sendTo sock (x `mappend` mac `mappend` replicate 16 '\0') addr
|
||||||
|
|
||||||
|
@ -41,7 +41,7 @@ r :: MVar ByteString -> Socket -> IO ByteString
|
||||||
r smv sock = do
|
r smv sock = do
|
||||||
(r, _) <- NBS.recvFrom sock 1024
|
(r, _) <- NBS.recvFrom sock 1024
|
||||||
putMVar smv $ (take 2 . drop 1) r
|
putMVar smv $ (take 2 . drop 1) r
|
||||||
return . take 48 . drop 5 $ r
|
return . take 48 . drop 8 $ r
|
||||||
|
|
||||||
payload :: IO Plaintext
|
payload :: IO Plaintext
|
||||||
payload = do
|
payload = do
|
||||||
|
@ -78,4 +78,4 @@ main = do
|
||||||
|
|
||||||
let (keepAlive, encryption') = encryptPayload "" encryption
|
let (keepAlive, encryption') = encryptPayload "" encryption
|
||||||
senderindex <- takeMVar senderindexmv
|
senderindex <- takeMVar senderindexmv
|
||||||
void $ NBS.sendTo sock ("\x04" `mappend` senderindex `mappend` replicate 8 '\0' `mappend` keepAlive) addr
|
void $ NBS.sendTo sock ("\x04\x00\x00\x00" `mappend` senderindex `mappend` replicate 8 '\0' `mappend` keepAlive) addr
|
||||||
|
|
|
@ -1,4 +1,5 @@
|
||||||
/* Copyright (C) 2015-2016 Jason A. Donenfeld <Jason@zx2c4.com>. All Rights Reserved. */
|
/* Copyright (C) 2015-2016 Jason A. Donenfeld <Jason@zx2c4.com>. All Rights Reserved. */
|
||||||
|
|
||||||
extern crate screech;
|
extern crate screech;
|
||||||
extern crate crypto;
|
extern crate crypto;
|
||||||
extern crate time;
|
extern crate time;
|
||||||
|
@ -44,31 +45,40 @@ fn main() {
|
||||||
let mut tai64n = [0; 12];
|
let mut tai64n = [0; 12];
|
||||||
BigEndian::write_i64(&mut tai64n[0..], 4611686018427387914ULL + now.sec);
|
BigEndian::write_i64(&mut tai64n[0..], 4611686018427387914ULL + now.sec);
|
||||||
BigEndian::write_i32(&mut tai64n[8..], now.nsec);
|
BigEndian::write_i32(&mut tai64n[8..], now.nsec);
|
||||||
let mut initiation_packet = [0; 145];
|
let mut initiation_packet = [0; 148];
|
||||||
initiation_packet[0] = 1; /* Type: Initiation */
|
initiation_packet[0] = 1; /* Type: Initiation */
|
||||||
LittleEndian::write_u32(&mut initiation_packet[1..], 28); /* Sender index: 28 (arbitrary) */
|
initiation_packet[1] = 0; /* Reserved */
|
||||||
handshake.write_message(&tai64n, &mut initiation_packet[5..]);
|
initiation_packet[2] = 0; /* Reserved */
|
||||||
let mut mac_material = [0; 143];
|
initiation_packet[3] = 0; /* Reserved */
|
||||||
|
LittleEndian::write_u32(&mut initiation_packet[4..], 28); /* Sender index: 28 (arbitrary) */
|
||||||
|
handshake.write_message(&tai64n, &mut initiation_packet[8..]);
|
||||||
|
let mut mac_material = [0; 148];
|
||||||
memcpy(&mut mac_material, &their_public);
|
memcpy(&mut mac_material, &their_public);
|
||||||
memcpy(&mut mac_material[32..], &initiation_packet[0..113]);
|
memcpy(&mut mac_material[32..], &initiation_packet[0..116]);
|
||||||
let mut mac = [0; 16];
|
let mut mac = [0; 16];
|
||||||
Blake2s::blake2s(&mut mac, &mac_material, &my_preshared);
|
Blake2s::blake2s(&mut mac, &mac_material, &my_preshared);
|
||||||
memcpy(&mut initiation_packet[113..], &mac);
|
memcpy(&mut initiation_packet[116..], &mac);
|
||||||
socket.send_to(&initiation_packet, &send_addr).unwrap();
|
socket.send_to(&initiation_packet, &send_addr).unwrap();
|
||||||
|
|
||||||
let mut response_packet = [0; 89];
|
let mut response_packet = [0; 92];
|
||||||
socket.recv_from(&mut response_packet).unwrap();
|
socket.recv_from(&mut response_packet).unwrap();
|
||||||
assert!(response_packet[0] == 2 /* Type: Response */);
|
assert!(response_packet[0] == 2 /* Type: Response */);
|
||||||
let their_index = LittleEndian::read_u32(&response_packet[1..]);
|
assert!(response_packet[1] == 0 /* Reserved */);
|
||||||
let our_index = LittleEndian::read_u32(&response_packet[5..]);
|
assert!(response_packet[2] == 0 /* Reserved */);
|
||||||
|
assert!(response_packet[3] == 0 /* Reserved */);
|
||||||
|
let their_index = LittleEndian::read_u32(&response_packet[4..]);
|
||||||
|
let our_index = LittleEndian::read_u32(&response_packet[8..]);
|
||||||
assert!(our_index == 28);
|
assert!(our_index == 28);
|
||||||
let (payload_len, last) = handshake.read_message(&response_packet[9..57], &mut empty_payload).unwrap();
|
let (payload_len, last) = handshake.read_message(&response_packet[12..60], &mut empty_payload).unwrap();
|
||||||
assert!(payload_len == 0 && last);
|
assert!(payload_len == 0 && last);
|
||||||
|
|
||||||
let mut keepalive_packet = [0; 29];
|
let mut keepalive_packet = [0; 32];
|
||||||
keepalive_packet[0] = 4; /* Type: Data */
|
keepalive_packet[0] = 4; /* Type: Data */
|
||||||
LittleEndian::write_u32(&mut keepalive_packet[1..], their_index);
|
keepalive_packet[1] = 0; /* Reserved */
|
||||||
LittleEndian::write_u64(&mut keepalive_packet[5..], cipherstate1.n);
|
keepalive_packet[2] = 0; /* Reserved */
|
||||||
cipherstate1.encrypt(&empty_payload, &mut keepalive_packet[13..]); /* Empty payload means keepalive */
|
keepalive_packet[3] = 0; /* Reserved */
|
||||||
|
LittleEndian::write_u32(&mut keepalive_packet[4..], their_index);
|
||||||
|
LittleEndian::write_u64(&mut keepalive_packet[8..], cipherstate1.n);
|
||||||
|
cipherstate1.encrypt(&empty_payload, &mut keepalive_packet[16..]); /* Empty payload means keepalive */
|
||||||
socket.send_to(&keepalive_packet, &send_addr).unwrap();
|
socket.send_to(&keepalive_packet, &send_addr).unwrap();
|
||||||
}
|
}
|
||||||
|
|
Loading…
Reference in a new issue