gr1ffon/quic-go
1
0
Fork 0
forked from quic-go/quic-go
Code Pull Requests Activity

added test to verify C255 KEXS's PUBs must not be the first thing in the public values

Browse Source
This commit is contained in:
Jan Rüth
2017-05-12 15:02:38 +02:00
parent 7465ee128d
commit 4983119be5
1 changed files with 14 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

15
handshake/server_config_client_test.go
View File

@@ -124,7 +124,7 @@ var _ = Describe("Server Config", func() {
It("rejects KEXS values other than C255", func() { It("rejects KEXS values other than C255", func() {
tagMap[TagKEXS] = []byte("P256") tagMap[TagKEXS] = []byte("P256")
err := scfg.parseValues(tagMap) err := scfg.parseValues(tagMap)
Expect(err).To(MatchError("CryptoNoSupport: KEXS")) Expect(err).To(MatchError("CryptoNoSupport: KEXS: Could not find C255, other key exchanges are not supported"))
}) })
It("errors if the KEXS is missing", func() { It("errors if the KEXS is missing", func() {
@@ -190,6 +190,19 @@ var _ = Describe("Server Config", func() {
Expect(err).To(MatchError("CryptoInvalidValueLength: PUBS")) Expect(err).To(MatchError("CryptoInvalidValueLength: PUBS"))
}) })
It("ensure that C255 Pubs must not be at the first index", func() {
serverKex, err := crypto.NewCurve25519KEX()
Expect(err).ToNot(HaveOccurred())
tagMap[TagKEXS] = []byte("P256C255") // have another KEXS before C255
// 3 byte len + 1 byte empty + C255
tagMap[TagPUBS] = append([]byte{0x01, 0x00, 0x00, 0x00}, append([]byte{0x20, 0x00, 0x00}, serverKex.PublicKey()...)...)
err = scfg.parseValues(tagMap)
Expect(err).ToNot(HaveOccurred())
sharedSecret, err := serverKex.CalculateSharedKey(scfg.kex.PublicKey())
Expect(err).ToNot(HaveOccurred())
Expect(scfg.sharedSecret).To(Equal(sharedSecret))
})
It("errors if the PUBS is missing", func() { It("errors if the PUBS is missing", func() {
delete(tagMap, TagPUBS) delete(tagMap, TagPUBS)
err := scfg.parseValues(tagMap) err := scfg.parseValues(tagMap)