Harden terminal reconnect packet handling
This commit is contained in:
@@ -58,6 +58,19 @@ fn encrypted_packet_round_trips() {
|
||||
assert_eq!(plain, b"hello");
|
||||
}
|
||||
|
||||
#[test]
|
||||
fn plaintext_packet_never_decrypts_as_authenticated_body() {
|
||||
let key = crypto::random_32();
|
||||
let mut decoded = protocol::decode(
|
||||
&protocol::encode_plain(PacketKind::Input, crypto::random_16(), 1, 0, b"hello").unwrap(),
|
||||
)
|
||||
.unwrap();
|
||||
decoded.header.session_key_id = protocol::session_key_id(&key);
|
||||
|
||||
let err = protocol::decrypt_body(&decoded, &key, CLIENT_TO_SERVER).unwrap_err();
|
||||
assert!(err.to_string().contains("not encrypted"));
|
||||
}
|
||||
|
||||
#[test]
|
||||
fn encrypted_packet_rejects_wrong_session_key_id_before_decrypt() {
|
||||
let key = crypto::random_32();
|
||||
|
||||
Reference in New Issue
Block a user