-
Notifications
You must be signed in to change notification settings - Fork 186
Expand file tree
/
Copy pathccm_test.go
More file actions
106 lines (85 loc) · 2.51 KB
/
ccm_test.go
File metadata and controls
106 lines (85 loc) · 2.51 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
// SPDX-FileCopyrightText: 2023 The Pion community <https://pion.ly>
// SPDX-License-Identifier: MIT
package ciphersuite
import (
"crypto/aes"
"encoding/binary"
"testing"
"github.com/pion/dtls/v3/pkg/protocol"
"github.com/pion/dtls/v3/pkg/protocol/recordlayer"
"github.com/stretchr/testify/assert"
)
func FuzzCCM_EncryptDecrypt_RoundTrip(f *testing.F) {
f.Add(byte(8), []byte{1, 2, 3, 4, 5}, uint16(0), uint64(0))
f.Add(byte(16), []byte{}, uint16(1), uint64(7))
f.Add(byte(8), make([]byte, 64), uint16(3), uint64(42))
f.Fuzz(func(t *testing.T, tagLenByte byte, payload []byte, epoch uint16, seq uint64) {
tag := CCMTagLength8
if tagLenByte%2 == 0 {
tag = CCMTagLength
}
key := make([]byte, 16)
for i := range key {
var b byte
if i < len(payload) {
b = payload[i]
} else {
b = byte(i*31 + 7)
}
key[i] = b
}
var tmp8 [8]byte
x := seq ^ 0xA5A5A5A5A5A5A5A5
binary.BigEndian.PutUint64(tmp8[:], x)
iv := append([]byte(nil), tmp8[4:]...)
ccm, err := NewCCM(tag, key, iv, key, iv)
assert.NoError(t, err)
rl := &recordlayer.RecordLayer{
Header: recordlayer.Header{
ContentType: protocol.ContentTypeApplicationData,
Version: protocol.Version1_2,
Epoch: epoch,
SequenceNumber: seq,
},
Content: &protocol.ApplicationData{
Data: append([]byte(nil), payload...),
},
}
raw, err := rl.Marshal()
assert.NoError(t, err)
enc, err := ccm.Encrypt(rl, raw)
assert.NoError(t, err)
var hdr recordlayer.Header
dec, err := ccm.Decrypt(hdr, enc)
assert.NoError(t, err)
var out recordlayer.RecordLayer
assert.NoError(t, out.Unmarshal(dec))
app, ok := out.Content.(*protocol.ApplicationData)
assert.True(t, ok)
assert.Equal(t, payload, app.Data)
})
}
func FuzzCCM_Decrypt(f *testing.F) {
f.Add([]byte{1, 2, 3})
f.Add([]byte{})
f.Fuzz(func(t *testing.T, body []byte) {
recordLayer := &recordlayer.RecordLayer{
Header: recordlayer.Header{
ContentType: protocol.ContentTypeChangeCipherSpec,
Version: protocol.Version1_2,
},
Content: &protocol.ChangeCipherSpec{},
}
raw, err := recordLayer.Marshal()
assert.NoError(t, err)
raw = append(raw, body...) // arbitrary body after the header for fuzzing
key := make([]byte, 16)
_, err = aes.NewCipher(key)
assert.NoError(t, err)
ccmAEAD, err := NewCCM(CCMTagLength8, key, []byte{0, 0, 0, 0}, key, []byte{0, 0, 0, 0})
assert.NoError(t, err)
out, err := ccmAEAD.Decrypt(recordlayer.Header{}, raw)
assert.NoError(t, err)
assert.Equal(t, raw, out)
})
}