diff --git a/crypto/NullAEAD_test.go b/crypto/NullAEAD_test.go index ca92775d..2210b5d5 100644 --- a/crypto/NullAEAD_test.go +++ b/crypto/NullAEAD_test.go @@ -1,10 +1,9 @@ -package crypto_test +package crypto import ( "bytes" "io/ioutil" - "github.com/lucas-clemente/quic-go/crypto" . "github.com/onsi/ginkgo" . "github.com/onsi/gomega" ) @@ -15,7 +14,7 @@ var _ = Describe("Crypto/NullAEAD", func() { plainText := []byte("They are endowed with reason and conscience and should act towards one another in a spirit of brotherhood.") hash := []byte{0x98, 0x9b, 0x33, 0x3f, 0xe8, 0xde, 0x32, 0x5c, 0xa6, 0x7f, 0x9c, 0xf7} cipherText := append(hash, plainText...) - aead := &crypto.NullAEAD{} + aead := &NullAEAD{} r, err := aead.Open(aad, bytes.NewReader(cipherText)) Expect(err).ToNot(HaveOccurred()) res, err := ioutil.ReadAll(r) @@ -28,7 +27,7 @@ var _ = Describe("Crypto/NullAEAD", func() { plainText := []byte("They are endowed with reason and conscience and should act towards one another in a spirit of brotherhood.") hash := []byte{0x98, 0x9b, 0x33, 0x3f, 0xe8, 0xde, 0x32, 0x5c, 0xa6, 0x7f, 0x9c, 0xf7} cipherText := append(hash, plainText...) - aead := &crypto.NullAEAD{} + aead := &NullAEAD{} _, err := aead.Open(aad, bytes.NewReader(cipherText)) Expect(err).To(HaveOccurred()) }) @@ -37,7 +36,7 @@ var _ = Describe("Crypto/NullAEAD", func() { aad := []byte("All human beings are born free and equal in dignity and rights.") plainText := []byte("They are endowed with reason and conscience and should act towards one another in a spirit of brotherhood.") b := &bytes.Buffer{} - aead := &crypto.NullAEAD{} + aead := &NullAEAD{} aead.Seal(b, aad, plainText) Expect(b.Bytes()).To(Equal(append([]byte{0x98, 0x9b, 0x33, 0x3f, 0xe8, 0xde, 0x32, 0x5c, 0xa6, 0x7f, 0x9c, 0xf7}, []byte("They are endowed with reason and conscience and should act towards one another in a spirit of brotherhood.")...))) }) diff --git a/crypto/crypto_suite_test.go b/crypto/crypto_suite_test.go index 4f123d8f..23989a3e 100644 --- a/crypto/crypto_suite_test.go +++ b/crypto/crypto_suite_test.go @@ -1,4 +1,4 @@ -package crypto_test +package crypto import ( . "github.com/onsi/ginkgo" diff --git a/crypto/fnv_test.go b/crypto/fnv_test.go index 0f6cfa2a..dcd68e16 100644 --- a/crypto/fnv_test.go +++ b/crypto/fnv_test.go @@ -1,22 +1,20 @@ -package crypto_test +package crypto import ( - "github.com/lucas-clemente/quic-go/crypto" - . "github.com/onsi/ginkgo" . "github.com/onsi/gomega" ) var _ = Describe("FNV", func() { It("gives proper null hash", func() { - hash := crypto.New128a() + hash := New128a() h, l := hash.Sum128() Expect(l).To(Equal(uint64(0x62b821756295c58d))) Expect(h).To(Equal(uint64(0x6c62272e07bb0142))) }) It("calculates hash", func() { - hash := crypto.New128a() + hash := New128a() _, err := hash.Write([]byte("foobar")) Expect(err).ToNot(HaveOccurred()) h, l := hash.Sum128() diff --git a/crypto/proof_rsa_test.go b/crypto/proof_rsa_test.go new file mode 100644 index 00000000..196fed24 --- /dev/null +++ b/crypto/proof_rsa_test.go @@ -0,0 +1,42 @@ +package crypto + +import ( + "bytes" + "compress/zlib" + "crypto" + "crypto/rsa" + "crypto/x509" + "os" + + . "github.com/onsi/ginkgo" + . "github.com/onsi/gomega" +) + +var _ = Describe("ProofRsa", func() { + It("gives correct cert", func() { + cert := []byte{0xde, 0xca, 0xfb, 0xad} + certZlib := &bytes.Buffer{} + z := zlib.NewWriter(certZlib) + z.Write([]byte{0x04, 0x00, 0x00, 0x00}) + z.Write(cert) + z.Close() + kd := &KeyData{cert: &x509.Certificate{Raw: cert}} + Expect(kd.GetCERTdata()).To(Equal(append([]byte{ + 0x01, 0x00, + 0x08, 0x00, 0x00, 0x00, + }, certZlib.Bytes()...))) + }) + + It("gives valid signatures", func() { + path := os.Getenv("GOPATH") + "/src/github.com/lucas-clemente/quic-go/example/" + keyData, err := LoadKeyData(path+"cert.der", path+"key.der") + Expect(err).ToNot(HaveOccurred()) + signature, err := keyData.SignServerProof([]byte{'C', 'H', 'L', 'O'}, []byte{'S', 'C', 'F', 'G'}) + Expect(err).ToNot(HaveOccurred()) + // Generated with: + // ruby -e 'require "digest"; p Digest::SHA256.digest("QUIC CHLO and server config signature\x00" + "\x20\x00\x00\x00" + Digest::SHA256.digest("CHLO") + "SCFG")' + data := []byte("W\xA6\xFC\xDE\xC7\xD2>c\xE6\xB5\xF6\tq\x9E|<~1\xA33\x01\xCA=\x19\xBD\xC1\xE4\xB0\xBA\x9B\x16%") + err = rsa.VerifyPSS(keyData.cert.PublicKey.(*rsa.PublicKey), crypto.SHA256, data, signature, &rsa.PSSOptions{SaltLength: 32}) + Expect(err).ToNot(HaveOccurred()) + }) +})