1 // Copyright 2011 The Go Authors. All rights reserved.
2 // Use of this source code is governed by a BSD-style
3 // license that can be found in the LICENSE file.
15 func TestDefaultCiphersExist(t *testing.T) {
16 for _, cipherAlgo := range supportedCiphers {
17 if _, ok := cipherModes[cipherAlgo]; !ok {
18 t.Errorf("default cipher %q is unknown", cipherAlgo)
23 func TestPacketCiphers(t *testing.T) {
24 // Still test aes128cbc cipher although it's commented out.
25 cipherModes[aes128cbcID] = &streamCipherMode{16, aes.BlockSize, 0, nil}
26 defer delete(cipherModes, aes128cbcID)
28 for cipher := range cipherModes {
29 for mac := range macModes {
30 kr := &kexResult{Hash: crypto.SHA1}
31 algs := directionAlgorithms{
36 client, err := newPacketCipher(clientKeys, algs, kr)
38 t.Errorf("newPacketCipher(client, %q, %q): %v", cipher, mac, err)
41 server, err := newPacketCipher(clientKeys, algs, kr)
43 t.Errorf("newPacketCipher(client, %q, %q): %v", cipher, mac, err)
49 buf := &bytes.Buffer{}
50 if err := client.writePacket(0, buf, rand.Reader, input); err != nil {
51 t.Errorf("writePacket(%q, %q): %v", cipher, mac, err)
55 packet, err := server.readPacket(0, buf)
57 t.Errorf("readPacket(%q, %q): %v", cipher, mac, err)
61 if string(packet) != want {
62 t.Errorf("roundtrip(%q, %q): got %q, want %q", cipher, mac, packet, want)
68 func TestCBCOracleCounterMeasure(t *testing.T) {
69 cipherModes[aes128cbcID] = &streamCipherMode{16, aes.BlockSize, 0, nil}
70 defer delete(cipherModes, aes128cbcID)
72 kr := &kexResult{Hash: crypto.SHA1}
73 algs := directionAlgorithms{
78 client, err := newPacketCipher(clientKeys, algs, kr)
80 t.Fatalf("newPacketCipher(client): %v", err)
85 buf := &bytes.Buffer{}
86 if err := client.writePacket(0, buf, rand.Reader, input); err != nil {
87 t.Errorf("writePacket: %v", err)
90 packetSize := buf.Len()
91 buf.Write(make([]byte, 2*maxPacket))
93 // We corrupt each byte, but this usually will only test the
94 // 'packet too large' or 'MAC failure' cases.
96 for i := 0; i < packetSize; i++ {
97 server, err := newPacketCipher(clientKeys, algs, kr)
99 t.Fatalf("newPacketCipher(client): %v", err)
102 fresh := &bytes.Buffer{}
103 fresh.Write(buf.Bytes())
104 fresh.Bytes()[i] ^= 0x01
106 before := fresh.Len()
107 _, err = server.readPacket(0, fresh)
109 t.Errorf("corrupt byte %d: readPacket succeeded ", i)
112 if _, ok := err.(cbcError); !ok {
113 t.Errorf("corrupt byte %d: got %v (%T), want cbcError", i, err, err)
118 bytesRead := before - after
119 if bytesRead < maxPacket {
120 t.Errorf("corrupt byte %d: read %d bytes, want more than %d", i, bytesRead, maxPacket)
124 if i > 0 && bytesRead != lastRead {
125 t.Errorf("corrupt byte %d: read %d bytes, want %d bytes read", i, bytesRead, lastRead)