-
Notifications
You must be signed in to change notification settings - Fork 15
/
Copy pathencrypted_query_test.go
57 lines (44 loc) · 1.38 KB
/
encrypted_query_test.go
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
package dnscrypt
import (
"bytes"
"crypto/rand"
"testing"
"github.com/stretchr/testify/require"
)
func TestDNSCryptQueryEncryptDecryptXSalsa20Poly1305(t *testing.T) {
testDNSCryptQueryEncryptDecrypt(t, XSalsa20Poly1305)
}
func TestDNSCryptQueryEncryptDecryptXChacha20Poly1305(t *testing.T) {
testDNSCryptQueryEncryptDecrypt(t, XChacha20Poly1305)
}
func testDNSCryptQueryEncryptDecrypt(t *testing.T, esVersion CryptoConstruction) {
// Generate the secret/public pairs
clientSecretKey, clientPublicKey := generateRandomKeyPair()
serverSecretKey, serverPublicKey := generateRandomKeyPair()
// Generate client shared key
clientSharedKey, err := computeSharedKey(esVersion, &clientSecretKey, &serverPublicKey)
require.NoError(t, err)
clientMagic := [clientMagicSize]byte{}
_, _ = rand.Read(clientMagic[:])
q1 := EncryptedQuery{
EsVersion: esVersion,
ClientPk: clientPublicKey,
ClientMagic: clientMagic,
}
// Generate random packet
packet := make([]byte, 100)
_, _ = rand.Read(packet[:])
// Encrypt it
encrypted, err := q1.Encrypt(packet, clientSharedKey)
require.NoError(t, err)
// Now let's try decrypting it
q2 := EncryptedQuery{
EsVersion: esVersion,
ClientMagic: clientMagic,
}
// Decrypt it
decrypted, err := q2.Decrypt(encrypted, serverSecretKey)
require.NoError(t, err)
// Check that packet is the same
require.True(t, bytes.Equal(packet, decrypted))
}