2015-01-19 01:24:09 +00:00
|
|
|
package p2p
|
|
|
|
|
|
|
|
import (
|
2015-01-19 04:53:48 +00:00
|
|
|
"bytes"
|
2015-01-19 01:24:09 +00:00
|
|
|
"fmt"
|
|
|
|
"testing"
|
|
|
|
|
|
|
|
"github.com/ethereum/go-ethereum/crypto"
|
|
|
|
)
|
|
|
|
|
|
|
|
func TestCryptoHandshake(t *testing.T) {
|
|
|
|
var err error
|
|
|
|
var sessionToken []byte
|
2015-01-19 23:42:13 +00:00
|
|
|
prv0, _ := crypto.GenerateKey()
|
|
|
|
pub0 := &prv0.PublicKey
|
|
|
|
prv1, _ := crypto.GenerateKey()
|
|
|
|
pub1 := &prv1.PublicKey
|
2015-01-19 01:24:09 +00:00
|
|
|
|
2015-01-19 23:42:13 +00:00
|
|
|
var initiator, receiver *cryptoId
|
|
|
|
if initiator, err = newCryptoId(&peerId{crypto.FromECDSA(prv0), crypto.FromECDSAPub(pub0)}); err != nil {
|
2015-01-19 01:24:09 +00:00
|
|
|
return
|
|
|
|
}
|
2015-01-19 23:42:13 +00:00
|
|
|
if receiver, err = newCryptoId(&peerId{crypto.FromECDSA(prv1), crypto.FromECDSAPub(pub1)}); err != nil {
|
2015-01-19 01:24:09 +00:00
|
|
|
return
|
|
|
|
}
|
|
|
|
|
2015-01-19 23:42:13 +00:00
|
|
|
// simulate handshake by feeding output to input
|
2015-01-20 00:23:10 +00:00
|
|
|
// initiator sends handshake 'auth'
|
2015-01-19 23:42:13 +00:00
|
|
|
auth, initNonce, randomPrivKey, _, _ := initiator.startHandshake(receiver.pubKeyDER, sessionToken)
|
2015-01-20 00:23:10 +00:00
|
|
|
// receiver reads auth and responds with response
|
2015-01-19 23:42:13 +00:00
|
|
|
response, remoteRecNonce, remoteInitNonce, remoteRandomPrivKey, _ := receiver.respondToHandshake(auth, crypto.FromECDSAPub(pub0), sessionToken)
|
2015-01-20 00:23:10 +00:00
|
|
|
// initiator reads receiver's response and the key exchange completes
|
2015-01-19 23:42:13 +00:00
|
|
|
recNonce, remoteRandomPubKey, _, _ := initiator.completeHandshake(response)
|
2015-01-19 04:53:48 +00:00
|
|
|
|
2015-01-20 00:23:10 +00:00
|
|
|
// now both parties should have the same session parameters
|
2015-01-19 23:42:13 +00:00
|
|
|
initSessionToken, initSecretRW, _ := initiator.newSession(initNonce, recNonce, auth, randomPrivKey, remoteRandomPubKey)
|
|
|
|
recSessionToken, recSecretRW, _ := receiver.newSession(remoteInitNonce, remoteRecNonce, auth, remoteRandomPrivKey, &randomPrivKey.PublicKey)
|
2015-01-19 04:53:48 +00:00
|
|
|
|
2015-01-19 23:42:13 +00:00
|
|
|
fmt.Printf("%x\n%x\n%x\n%x\n%x\n%x\n%x\n%x\n%x\n%x\n", auth, initNonce, response, remoteRecNonce, remoteInitNonce, remoteRandomPubKey, recNonce, &randomPrivKey.PublicKey, initSessionToken, initSecretRW)
|
2015-01-19 04:53:48 +00:00
|
|
|
|
2015-01-19 23:42:13 +00:00
|
|
|
if !bytes.Equal(initSessionToken, recSessionToken) {
|
2015-01-19 04:53:48 +00:00
|
|
|
t.Errorf("session tokens do not match")
|
|
|
|
}
|
|
|
|
// aesSecret, macSecret, egressMac, ingressMac
|
2015-01-19 23:42:13 +00:00
|
|
|
if !bytes.Equal(initSecretRW.aesSecret, recSecretRW.aesSecret) {
|
2015-01-19 04:53:48 +00:00
|
|
|
t.Errorf("AES secrets do not match")
|
|
|
|
}
|
2015-01-19 23:42:13 +00:00
|
|
|
if !bytes.Equal(initSecretRW.macSecret, recSecretRW.macSecret) {
|
2015-01-19 04:53:48 +00:00
|
|
|
t.Errorf("macSecrets do not match")
|
|
|
|
}
|
2015-01-19 23:42:13 +00:00
|
|
|
if !bytes.Equal(initSecretRW.egressMac, recSecretRW.egressMac) {
|
2015-01-19 04:53:48 +00:00
|
|
|
t.Errorf("egressMacs do not match")
|
|
|
|
}
|
2015-01-19 23:42:13 +00:00
|
|
|
if !bytes.Equal(initSecretRW.ingressMac, recSecretRW.ingressMac) {
|
2015-01-19 04:53:48 +00:00
|
|
|
t.Errorf("ingressMacs do not match")
|
|
|
|
}
|
2015-01-19 01:24:09 +00:00
|
|
|
|
|
|
|
}
|