tordam

A library for peer discovery inside the Tor network
git clone https://git.parazyd.org/tordam
Log | Files | Refs | README | LICENSE

commit 758bc307b2fc755904e4d91d3c5255c9891daaf3
parent e39b6426503ba3ebaa838f2c96d87a96eba88b93
Author: parazyd <parazyd@dyne.org>
Date:   Mon, 11 Dec 2017 17:20:27 +0100

More tests. Shameful how bad they are.

Diffstat:
Mcmd/dam-dir/main_test.go | 160+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
1 file changed, 160 insertions(+), 0 deletions(-)

diff --git a/cmd/dam-dir/main_test.go b/cmd/dam-dir/main_test.go @@ -8,6 +8,7 @@ import ( "net/http" "os" "os/exec" + "strings" "syscall" "testing" "time" @@ -77,6 +78,63 @@ func TestValidFirstHandshake(t *testing.T) { t.Log("Server replied:", m.Secret) } +func TestValidSecondHandshake(t *testing.T) { + // Valid 2/2 handshake request + req := map[string]string{ + "nodetype": "node", + "address": "22mobp7vrb7a4gt2.onion", + "message": "I am a DAM node!", + "signature": "BuB/Dv8E44CLzUX88K2Ab0lUNS9A0GSkHPtrFNNWZMihPMWN0ORhwMZBRnMJ8woPO3wSONBvEvaCXA2hvsVrUJTa+hnevQNyQXCRhdTVVuVXEpjyFzkMamxb6InrGqbsGGkEUqGMSr9aaQ85N02MMrM6T6JuyqSSssFg2xuO+P4=", + "secret": "", + } + resp, err := postReq(req) + if err != nil { + t.Error(err) + } + m, err := getRespText(resp) + if err != nil { + t.Error(err) + } + + decodedSecret, err := base64.StdEncoding.DecodeString(m.Secret) + if err != nil { + t.Error(err) + } + + privkey, err := lib.LoadRsaKeyFromFile("dam-private.key") + if err != nil { + t.Error(err) + } + + decrypted, err := lib.DecryptMsgRsa([]byte(decodedSecret), privkey) + if err != nil { + t.Error(err) + } + + decryptedEncode := base64.StdEncoding.EncodeToString(decrypted) + sig, err := lib.SignMsgRsa([]byte(decryptedEncode), privkey) + if err != nil { + t.Error(err) + } + encodedSig := base64.StdEncoding.EncodeToString(sig) + + req["message"] = decryptedEncode + req["secret"] = decryptedEncode + req["signature"] = encodedSig + resp, err = postReq(req) + if err != nil { + t.Error(err) + } + m, err = getRespText(resp) + if err != nil { + t.Error(err) + } else if m.Secret == "Welcome to the DAM network!" { + t.Log("Server replied:", m.Secret) + } else { + t.Error("Server replied:", m.Secret) + } +} + func TestInvalidFirstHandshake(t *testing.T) { // Invalid 1/2 handshake request var req map[string]string @@ -165,6 +223,108 @@ func TestInvalidFirstHandshake(t *testing.T) { } } +func TestInvalidSecondHandshake(t *testing.T) { + // Valid 2/2 handshake request + req := map[string]string{ + "nodetype": "node", + "address": "22mobp7vrb7a4gt2.onion", + "message": "I am a DAM node!", + "signature": "BuB/Dv8E44CLzUX88K2Ab0lUNS9A0GSkHPtrFNNWZMihPMWN0ORhwMZBRnMJ8woPO3wSONBvEvaCXA2hvsVrUJTa+hnevQNyQXCRhdTVVuVXEpjyFzkMamxb6InrGqbsGGkEUqGMSr9aaQ85N02MMrM6T6JuyqSSssFg2xuO+P4=", + "secret": "", + } + resp, err := postReq(req) + if err != nil { + t.Error(err) + } + m, err := getRespText(resp) + if err != nil { + t.Error(err) + } + + decodedSecret, err := base64.StdEncoding.DecodeString(m.Secret) + if err != nil { + t.Error(err) + } + + privkey, err := lib.LoadRsaKeyFromFile("dam-private.key") + if err != nil { + t.Error(err) + } + + decrypted, err := lib.DecryptMsgRsa([]byte(decodedSecret), privkey) + if err != nil { + t.Error(err) + } + + decryptedEncode := base64.StdEncoding.EncodeToString(decrypted) + sig, err := lib.SignMsgRsa([]byte(decryptedEncode), privkey) + if err != nil { + t.Error(err) + } + encodedSig := base64.StdEncoding.EncodeToString(sig) + + // The initial valid request. + oldreq := req + + // Message and secret are different + req["message"] = decryptedEncode + req["secret"] = strings.ToLower(decryptedEncode) + req["signature"] = encodedSig + resp, err = postReq(req) + if err != nil { + t.Error(err) + } + m, err = getRespText(resp) + if err != nil { + t.Error(err) + } else if m.Secret == "Verification failed. Bye." { + t.Log("Server replied:", m.Secret) + } else { + t.Error("Server replied:", m.Secret) + } + + // Signature is an invalid format + req["message"] = oldreq["message"] + req["secret"] = oldreq["secret"] + req["signature"] = "Thisisnotbase64" + resp, err = postReq(req) + if err != nil { + t.Error(err) + } + m, err = getRespText(resp) + if err != nil { + t.Error(err) + } else if strings.HasPrefix(m.Secret, "illegal base64 data at input byte") { + t.Log("Server replied:", m.Secret) + } else { + t.Error("Server replied:", m.Secret) + } + + /* + // Secret is not the one we should be sending. + req["message"] = "a2V1Mzg3NTY0N0BAMTM0NTZ5Z2huZmJndXNpPz8/Ly8vcztwZlsndF1bb2U4NTg3Xnloc25tZ2V5ZGtsZTExCg==" + req["secret"] = "a2V1Mzg3NTY0N0BAMTM0NTZ5Z2huZmJndXNpPz8/Ly8vcztwZlsndF1bb2U4NTg3Xnloc25tZ2V5ZGtsZTExCg==" + sig, err = lib.SignMsgRsa([]byte(req["secret"]), privkey) + if err != nil { + t.Error(err) + } + encodedSig = base64.StdEncoding.EncodeToString(sig) + req["signature"] = encodedSig + resp, err = postReq(req) + if err != nil { + t.Error(err) + } + m, err = getRespText(resp) + if err != nil { + t.Error(err) + } else if strings.HasPrefix(m.Secret, "illegal base64 data at input byte") { + t.Log("Server replied:", m.Secret) + } else { + t.Error("Server replied:", m.Secret) + } + */ +} + func TestMain(m *testing.M) { cmd := exec.Command("./dam-dir") cmd.SysProcAttr = &syscall.SysProcAttr{Setpgid: true}