ei
/
mtg
mirror da https://github.com/9seconds/mtg
Segui 1
Vota 0
Forka 0
Codice Problemi 0 Rilasci 48 Wiki Attività
Highly-opinionated (ex-bullshit-free) MTPROTO proxy for Telegram. If you use v1.0 or upgrade broke you proxy, please read the chapter Version 2
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
952 Commit
4 Rami (Branch)
Albero (Tree): 6493688282
Rami (Branch) Tag
${ item.name }
Crea branch ${ searchTerm }
da '6493688282'
${ noResults }
mtg/mtglib/internal/tls/fake/server_side_test.go

server_side_test.go 3.5KB
Cronologia Originale

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132 
  1. package fake_test

  2. 

  3. import (

  4. 	"bytes"

  5. 	"crypto/hmac"

  6. 	"crypto/rand"

  7. 	"crypto/sha256"

  8. 	"testing"

  9. 

  10. 	"github.com/9seconds/mtg/v2/mtglib"

  11. 	"github.com/9seconds/mtg/v2/mtglib/internal/tls"

  12. 	"github.com/9seconds/mtg/v2/mtglib/internal/tls/fake"

  13. 	"github.com/stretchr/testify/suite"

  14. )

  15. 

  16. type SendServerHelloTestSuite struct {

  17. 	suite.Suite

  18. 

  19. 	hello  *fake.ClientHello

  20. 	buf    *bytes.Buffer

  21. 	secret mtglib.Secret

  22. }

  23. 

  24. func (suite *SendServerHelloTestSuite) SetupTest() {

  25. 	suite.hello = &fake.ClientHello{

  26. 		CipherSuite: 4867,

  27. 		SessionID:   make([]byte, 32),

  28. 	}

  29. 

  30. 	_, err := rand.Read(suite.hello.SessionID)

  31. 	suite.NoError(err)

  32. 

  33. 	_, err = rand.Read(suite.hello.Random[:])

  34. 	suite.NoError(err)

  35. 

  36. 	suite.buf = &bytes.Buffer{}

  37. 	suite.secret = mtglib.GenerateSecret("google.com")

  38. }

  39. 

  40. func (suite *SendServerHelloTestSuite) TestRecordStructure() {

  41. 	noise, err := fake.SendServerHello(suite.buf, suite.secret.Key[:], suite.hello)

  42. 	suite.NoError(err)

  43. 

  44. 	var rec bytes.Buffer

  45. 

  46. 	recordType, _, err := tls.ReadRecord(suite.buf, &rec)

  47. 	suite.NoError(err)

  48. 	suite.Equal(byte(tls.TypeHandshake), recordType)

  49. 

  50. 	rec.Reset()

  51. 

  52. 	recordType, _, err = tls.ReadRecord(suite.buf, &rec)

  53. 	suite.NoError(err)

  54. 	suite.Equal(byte(tls.TypeChangeCipherSpec), recordType)

  55. 

  56. 	suite.Empty(suite.buf.Bytes())

  57. 

  58. 	// noise is raw payload without TLS record header

  59. 	suite.Len(noise, 1369)

  60. }

  61. 

  62. func (suite *SendServerHelloTestSuite) TestHMAC() {

  63. 	noise, err := fake.SendServerHello(suite.buf, suite.secret.Key[:], suite.hello)

  64. 	suite.NoError(err)

  65. 

  66. 	packet := make([]byte, suite.buf.Len())

  67. 	copy(packet, suite.buf.Bytes())

  68. 

  69. 	random := make([]byte, fake.RandomLen)

  70. 	copy(random, packet[fake.RandomOffset:])

  71. 	copy(packet[fake.RandomOffset:], make([]byte, fake.RandomLen))

  72. 

  73. 	mac := hmac.New(sha256.New, suite.secret.Key[:])

  74. 	mac.Write(suite.hello.Random[:])

  75. 	mac.Write(packet)

  76. 

  77. 	// HMAC is computed over the full noise TLS record (with header),

  78. 	// but SendServerHello returns noise without the header,

  79. 	// so we reconstruct the full record.

  80. 	var fullNoise bytes.Buffer

  81. 	tls.WriteRecord(&fullNoise, noise) //nolint: errcheck

  82. 	mac.Write(fullNoise.Bytes())

  83. 

  84. 	suite.Equal(random, mac.Sum(nil))

  85. }

  86. 

  87. func (suite *SendServerHelloTestSuite) TestHandshakePayload() {

  88. 	_, err := fake.SendServerHello(suite.buf, suite.secret.Key[:], suite.hello)

  89. 	suite.NoError(err)

  90. 

  91. 	packet := suite.buf.Bytes()

  92. 

  93. 	// TLS record header: type(1) + version(2) + length(2)

  94. 	suite.Equal(byte(tls.TypeHandshake), packet[0])

  95. 	suite.Equal([]byte{3, 3}, packet[1:3])

  96. 

  97. 	// Handshake header: type(1) + uint24_length(3)

  98. 	suite.Equal(byte(fake.TypeHandshakeServer), packet[5])

  99. 

  100. 	// ServerHello version

  101. 	suite.Equal([]byte{3, 3}, packet[9:11])

  102. 

  103. 	// Session ID

  104. 	sessionIDOffset := fake.RandomOffset + fake.RandomLen

  105. 	suite.Equal(byte(len(suite.hello.SessionID)), packet[sessionIDOffset])

  106. 	suite.Equal(suite.hello.SessionID, packet[sessionIDOffset+1:sessionIDOffset+1+len(suite.hello.SessionID)])

  107. }

  108. 

  109. func (suite *SendServerHelloTestSuite) TestChangeCipherSpec() {

  110. 	_, err := fake.SendServerHello(suite.buf, suite.secret.Key[:], suite.hello)

  111. 	suite.NoError(err)

  112. 

  113. 	// Skip first record

  114. 	var rec bytes.Buffer

  115. 

  116. 	_, _, err = tls.ReadRecord(suite.buf, &rec)

  117. 	suite.NoError(err)

  118. 

  119. 	// Read ChangeCipherSpec record

  120. 	rec.Reset()

  121. 

  122. 	recordType, length, err := tls.ReadRecord(suite.buf, &rec)

  123. 	suite.NoError(err)

  124. 	suite.Equal(byte(tls.TypeChangeCipherSpec), recordType)

  125. 	suite.Equal(int64(1), length)

  126. 	suite.Equal([]byte{fake.ChangeCipherValue}, rec.Bytes())

  127. }

  128. 

  129. func TestSendServerHello(t *testing.T) {

  130. 	t.Parallel()

  131. 	suite.Run(t, &SendServerHelloTestSuite{})

  132. }