Add packet session key identifiers
This commit is contained in:
@@ -50,10 +50,33 @@ fn encrypted_packet_round_trips() {
|
||||
let decoded = protocol::decode(&packet).unwrap();
|
||||
assert_eq!(decoded.header.kind, PacketKind::Input);
|
||||
assert_eq!(decoded.header.conn_id, conn_id);
|
||||
assert_eq!(
|
||||
decoded.header.session_key_id,
|
||||
protocol::session_key_id(&key)
|
||||
);
|
||||
let plain = protocol::decrypt_body(&decoded, &key, CLIENT_TO_SERVER).unwrap();
|
||||
assert_eq!(plain, b"hello");
|
||||
}
|
||||
|
||||
#[test]
|
||||
fn encrypted_packet_rejects_wrong_session_key_id_before_decrypt() {
|
||||
let key = crypto::random_32();
|
||||
let wrong_key = crypto::random_32();
|
||||
let packet = protocol::encode_encrypted(
|
||||
PacketKind::Input,
|
||||
crypto::random_16(),
|
||||
1,
|
||||
0,
|
||||
&key,
|
||||
CLIENT_TO_SERVER,
|
||||
b"hello",
|
||||
)
|
||||
.unwrap();
|
||||
let decoded = protocol::decode(&packet).unwrap();
|
||||
let err = protocol::decrypt_body(&decoded, &wrong_key, CLIENT_TO_SERVER).unwrap_err();
|
||||
assert!(err.to_string().contains("session key id"));
|
||||
}
|
||||
|
||||
#[test]
|
||||
fn attach_ticket_is_sealed_and_verifies_scope() {
|
||||
let dir = tempfile::tempdir().unwrap();
|
||||
|
||||
Reference in New Issue
Block a user