From 127fad47ddcc4a8b31e11954f3532d6103ff04ef Mon Sep 17 00:00:00 2001 From: Matt Joiner Date: Thu, 17 Dec 2015 23:36:57 +1100 Subject: [PATCH] dht: Move security tests into separate file --- dht/dht_test.go | 51 ------------------------------------- dht/security_test.go | 60 ++++++++++++++++++++++++++++++++++++++++++++ 2 files changed, 60 insertions(+), 51 deletions(-) create mode 100644 dht/security_test.go diff --git a/dht/dht_test.go b/dht/dht_test.go index affeba83..e08c210d 100644 --- a/dht/dht_test.go +++ b/dht/dht_test.go @@ -8,7 +8,6 @@ import ( "testing" "time" - "github.com/anacrolix/missinggo" "github.com/stretchr/testify/assert" "github.com/stretchr/testify/require" ) @@ -135,56 +134,6 @@ func TestPing(t *testing.T) { } } -func TestDHTSec(t *testing.T) { - for _, case_ := range []struct { - ipStr string - nodeIDHex string - valid bool - }{ - // These 5 are from the spec example. They are all valid. - {"124.31.75.21", "5fbfbff10c5d6a4ec8a88e4c6ab4c28b95eee401", true}, - {"21.75.31.124", "5a3ce9c14e7a08645677bbd1cfe7d8f956d53256", true}, - {"65.23.51.170", "a5d43220bc8f112a3d426c84764f8c2a1150e616", true}, - {"84.124.73.14", "1b0321dd1bb1fe518101ceef99462b947a01ff41", true}, - {"43.213.53.83", "e56f6cbf5b7c4be0237986d5243b87aa6d51305a", true}, - // spec[0] with one of the rand() bytes changed. Valid. - {"124.31.75.21", "5fbfbff10c5d7a4ec8a88e4c6ab4c28b95eee401", true}, - // spec[1] with the 21st leading bit changed. Not Valid. - {"21.75.31.124", "5a3ce1c14e7a08645677bbd1cfe7d8f956d53256", false}, - // spec[2] with the 22nd leading bit changed. Valid. - {"65.23.51.170", "a5d43620bc8f112a3d426c84764f8c2a1150e616", true}, - // spec[3] with the 4th last bit changed. Valid. - {"84.124.73.14", "1b0321dd1bb1fe518101ceef99462b947a01fe01", true}, - // spec[4] with the 3rd last bit changed. Not valid. - {"43.213.53.83", "e56f6cbf5b7c4be0237986d5243b87aa6d51303e", false}, - } { - ip := net.ParseIP(case_.ipStr) - id, err := hex.DecodeString(case_.nodeIDHex) - require.NoError(t, err) - secure := NodeIdSecure(string(id), ip) - if secure != case_.valid { - t.Fatalf("case failed: %v", case_) - } - if !secure { - SecureNodeId(id, ip) - if !NodeIdSecure(string(id), ip) { - t.Fatal("failed to secure node id") - } - } - } -} - -func TestServerDefaultNodeIdSecure(t *testing.T) { - s, err := NewServer(&ServerConfig{ - NoDefaultBootstrap: true, - }) - require.NoError(t, err) - defer s.Close() - if !NodeIdSecure(s.ID(), missinggo.AddrIP(s.Addr())) { - t.Fatal("not secure") - } -} - func TestServerCustomNodeId(t *testing.T) { customId := "5a3ce1c14e7a08645677bbd1cfe7d8f956d53256" id, err := hex.DecodeString(customId) diff --git a/dht/security_test.go b/dht/security_test.go new file mode 100644 index 00000000..81ce0be2 --- /dev/null +++ b/dht/security_test.go @@ -0,0 +1,60 @@ +package dht + +import ( + "encoding/hex" + "net" + "testing" + + "github.com/anacrolix/missinggo" + "github.com/stretchr/testify/require" +) + +func TestDHTSec(t *testing.T) { + for _, case_ := range []struct { + ipStr string + nodeIDHex string + valid bool + }{ + // These 5 are from the spec example. They are all valid. + {"124.31.75.21", "5fbfbff10c5d6a4ec8a88e4c6ab4c28b95eee401", true}, + {"21.75.31.124", "5a3ce9c14e7a08645677bbd1cfe7d8f956d53256", true}, + {"65.23.51.170", "a5d43220bc8f112a3d426c84764f8c2a1150e616", true}, + {"84.124.73.14", "1b0321dd1bb1fe518101ceef99462b947a01ff41", true}, + {"43.213.53.83", "e56f6cbf5b7c4be0237986d5243b87aa6d51305a", true}, + // spec[0] with one of the rand() bytes changed. Valid. + {"124.31.75.21", "5fbfbff10c5d7a4ec8a88e4c6ab4c28b95eee401", true}, + // spec[1] with the 21st leading bit changed. Not Valid. + {"21.75.31.124", "5a3ce1c14e7a08645677bbd1cfe7d8f956d53256", false}, + // spec[2] with the 22nd leading bit changed. Valid. + {"65.23.51.170", "a5d43620bc8f112a3d426c84764f8c2a1150e616", true}, + // spec[3] with the 4th last bit changed. Valid. + {"84.124.73.14", "1b0321dd1bb1fe518101ceef99462b947a01fe01", true}, + // spec[4] with the 3rd last bit changed. Not valid. + {"43.213.53.83", "e56f6cbf5b7c4be0237986d5243b87aa6d51303e", false}, + } { + ip := net.ParseIP(case_.ipStr) + id, err := hex.DecodeString(case_.nodeIDHex) + require.NoError(t, err) + secure := NodeIdSecure(string(id), ip) + if secure != case_.valid { + t.Fatalf("case failed: %v", case_) + } + if !secure { + SecureNodeId(id, ip) + if !NodeIdSecure(string(id), ip) { + t.Fatal("failed to secure node id") + } + } + } +} + +func TestServerDefaultNodeIdSecure(t *testing.T) { + s, err := NewServer(&ServerConfig{ + NoDefaultBootstrap: true, + }) + require.NoError(t, err) + defer s.Close() + if !NodeIdSecure(s.ID(), missinggo.AddrIP(s.Addr())) { + t.Fatal("not secure") + } +} -- 2.48.1