Home | History | Annotate | Download | only in tls 
      1 // Copyright 2009 The Go Authors. All rights reserved.
      2 // Use of this source code is governed by a BSD-style
      3 // license that can be found in the LICENSE file.
      4 
      5 package tls
      6 
      7 import (
      8 	"encoding/hex"
      9 	"testing"
     10 )
     11 
     12 type testSplitPreMasterSecretTest struct {
     13 	in, out1, out2 string
     14 }
     15 
     16 var testSplitPreMasterSecretTests = []testSplitPreMasterSecretTest{
     17 	{"", "", ""},
     18 	{"00", "00", "00"},
     19 	{"0011", "00", "11"},
     20 	{"001122", "0011", "1122"},
     21 	{"00112233", "0011", "2233"},
     22 }
     23 
     24 func TestSplitPreMasterSecret(t *testing.T) {
     25 	for i, test := range testSplitPreMasterSecretTests {
     26 		in, _ := hex.DecodeString(test.in)
     27 		out1, out2 := splitPreMasterSecret(in)
     28 		s1 := hex.EncodeToString(out1)
     29 		s2 := hex.EncodeToString(out2)
     30 		if s1 != test.out1 || s2 != test.out2 {
     31 			t.Errorf("#%d: got: (%s, %s) want: (%s, %s)", i, s1, s2, test.out1, test.out2)
     32 		}
     33 	}
     34 }
     35 
     36 type testKeysFromTest struct {
     37 	version                    uint16
     38 	suite                      *cipherSuite
     39 	preMasterSecret            string
     40 	clientRandom, serverRandom string
     41 	masterSecret               string
     42 	clientMAC, serverMAC       string
     43 	clientKey, serverKey       string
     44 	macLen, keyLen             int
     45 }
     46 
     47 func TestKeysFromPreMasterSecret(t *testing.T) {
     48 	for i, test := range testKeysFromTests {
     49 		in, _ := hex.DecodeString(test.preMasterSecret)
     50 		clientRandom, _ := hex.DecodeString(test.clientRandom)
     51 		serverRandom, _ := hex.DecodeString(test.serverRandom)
     52 
     53 		masterSecret := masterFromPreMasterSecret(test.version, test.suite, in, clientRandom, serverRandom)
     54 		if s := hex.EncodeToString(masterSecret); s != test.masterSecret {
     55 			t.Errorf("#%d: bad master secret %s, want %s", i, s, test.masterSecret)
     56 			continue
     57 		}
     58 
     59 		clientMAC, serverMAC, clientKey, serverKey, _, _ := keysFromMasterSecret(test.version, test.suite, masterSecret, clientRandom, serverRandom, test.macLen, test.keyLen, 0)
     60 		clientMACString := hex.EncodeToString(clientMAC)
     61 		serverMACString := hex.EncodeToString(serverMAC)
     62 		clientKeyString := hex.EncodeToString(clientKey)
     63 		serverKeyString := hex.EncodeToString(serverKey)
     64 		if clientMACString != test.clientMAC ||
     65 			serverMACString != test.serverMAC ||
     66 			clientKeyString != test.clientKey ||
     67 			serverKeyString != test.serverKey {
     68 			t.Errorf("#%d: got: (%s, %s, %s, %s) want: (%s, %s, %s, %s)", i, clientMACString, serverMACString, clientKeyString, serverKeyString, test.clientMAC, test.serverMAC, test.clientKey, test.serverKey)
     69 		}
     70 	}
     71 }
     72 
     73 func cipherSuiteById(id uint16) *cipherSuite {
     74 	for _, cipherSuite := range cipherSuites {
     75 		if cipherSuite.id == id {
     76 			return cipherSuite
     77 		}
     78 	}
     79 	panic("ciphersuite not found")
     80 }
     81 
     82 // These test vectors were generated from GnuTLS using `gnutls-cli --insecure -d 9 `
     83 var testKeysFromTests = []testKeysFromTest{
     84 	{
     85 		VersionTLS10,
     86 		cipherSuiteById(TLS_RSA_WITH_RC4_128_SHA),
     87 		"0302cac83ad4b1db3b9ab49ad05957de2a504a634a386fc600889321e1a971f57479466830ac3e6f468e87f5385fa0c5",
     88 		"4ae66303755184a3917fcb44880605fcc53baa01912b22ed94473fc69cebd558",
     89 		"4ae663020ec16e6bb5130be918cfcafd4d765979a3136a5d50c593446e4e44db",
     90 		"3d851bab6e5556e959a16bc36d66cfae32f672bfa9ecdef6096cbb1b23472df1da63dbbd9827606413221d149ed08ceb",
     91 		"805aaa19b3d2c0a0759a4b6c9959890e08480119",
     92 		"2d22f9fe519c075c16448305ceee209fc24ad109",
     93 		"d50b5771244f850cd8117a9ccafe2cf1",
     94 		"e076e33206b30507a85c32855acd0919",
     95 		20,
     96 		16,
     97 	},
     98 	{
     99 		VersionTLS10,
    100 		cipherSuiteById(TLS_RSA_WITH_RC4_128_SHA),
    101 		"03023f7527316bc12cbcd69e4b9e8275d62c028f27e65c745cfcddc7ce01bd3570a111378b63848127f1c36e5f9e4890",
    102 		"4ae66364b5ea56b20ce4e25555aed2d7e67f42788dd03f3fee4adae0459ab106",
    103 		"4ae66363ab815cbf6a248b87d6b556184e945e9b97fbdf247858b0bdafacfa1c",
    104 		"7d64be7c80c59b740200b4b9c26d0baaa1c5ae56705acbcf2307fe62beb4728c19392c83f20483801cce022c77645460",
    105 		"97742ed60a0554ca13f04f97ee193177b971e3b0",
    106 		"37068751700400e03a8477a5c7eec0813ab9e0dc",
    107 		"207cddbc600d2a200abac6502053ee5c",
    108 		"df3f94f6e1eacc753b815fe16055cd43",
    109 		20,
    110 		16,
    111 	},
    112 	{
    113 		VersionTLS10,
    114 		cipherSuiteById(TLS_RSA_WITH_RC4_128_SHA),
    115 		"832d515f1d61eebb2be56ba0ef79879efb9b527504abb386fb4310ed5d0e3b1f220d3bb6b455033a2773e6d8bdf951d278a187482b400d45deb88a5d5a6bb7d6a7a1decc04eb9ef0642876cd4a82d374d3b6ff35f0351dc5d411104de431375355addc39bfb1f6329fb163b0bc298d658338930d07d313cd980a7e3d9196cac1",
    116 		"4ae663b2ee389c0de147c509d8f18f5052afc4aaf9699efe8cb05ece883d3a5e",
    117 		"4ae664d503fd4cff50cfc1fb8fc606580f87b0fcdac9554ba0e01d785bdf278e",
    118 		"1aff2e7a2c4279d0126f57a65a77a8d9d0087cf2733366699bec27eb53d5740705a8574bb1acc2abbe90e44f0dd28d6c",
    119 		"3c7647c93c1379a31a609542aa44e7f117a70085",
    120 		"0d73102994be74a575a3ead8532590ca32a526d4",
    121 		"ac7581b0b6c10d85bbd905ffbf36c65e",
    122 		"ff07edde49682b45466bd2e39464b306",
    123 		20,
    124 		16,
    125 	},
    126 	{
    127 		VersionSSL30,
    128 		cipherSuiteById(TLS_RSA_WITH_RC4_128_SHA),
    129 		"832d515f1d61eebb2be56ba0ef79879efb9b527504abb386fb4310ed5d0e3b1f220d3bb6b455033a2773e6d8bdf951d278a187482b400d45deb88a5d5a6bb7d6a7a1decc04eb9ef0642876cd4a82d374d3b6ff35f0351dc5d411104de431375355addc39bfb1f6329fb163b0bc298d658338930d07d313cd980a7e3d9196cac1",
    130 		"4ae663b2ee389c0de147c509d8f18f5052afc4aaf9699efe8cb05ece883d3a5e",
    131 		"4ae664d503fd4cff50cfc1fb8fc606580f87b0fcdac9554ba0e01d785bdf278e",
    132 		"a614863e56299dcffeea2938f22c2ba023768dbe4b3f6877bc9c346c6ae529b51d9cb87ff9695ea4d01f2205584405b2",
    133 		"2c450d5b6f6e2013ac6bea6a0b32200d4e1ffb94",
    134 		"7a7a7438769536f2fb1ae49a61f0703b79b2dc53",
    135 		"f8f6b26c10f12855c9aafb1e0e839ccf",
    136 		"2b9d4b4a60cb7f396780ebff50650419",
    137 		20,
    138 		16,
    139 	},
    140 }
    141