diff options
author | Christian Pointner <equinox@anytun.org> | 2017-10-14 17:46:16 +0200 |
---|---|---|
committer | Christian Pointner <equinox@anytun.org> | 2017-10-14 17:46:16 +0200 |
commit | 0c1fb5d0cdeef7998ca64e4a9ffa159f8ec897b0 (patch) | |
tree | 45b82f98ce587bbddc63c5c41197babae465d415 /satp | |
parent | role is now part of kd (diff) |
added text marshaler for role
Diffstat (limited to 'satp')
-rw-r--r-- | satp/crypto-kd.go | 49 | ||||
-rw-r--r-- | satp/crypto-kd_test.go | 76 |
2 files changed, 112 insertions, 13 deletions
diff --git a/satp/crypto-kd.go b/satp/crypto-kd.go index db52f77..73d2faa 100644 --- a/satp/crypto-kd.go +++ b/satp/crypto-kd.go @@ -30,6 +30,11 @@ package satp +import ( + "errors" + "strings" +) + type KDRole int type KeyUsage int type Label uint32 @@ -38,11 +43,6 @@ const ( RoleLeft KDRole = iota RoleRight - RoleServer = RoleLeft - RoleClient = RoleRight - RoleAlice = RoleLeft - RoleBob = RoleRight - UsageEncryptKey KeyUsage = iota UsageEncryptSalt UsageAuthKey @@ -55,6 +55,45 @@ const ( LabelRightAuthKey = 0xC1DFD96E ) +func (r KDRole) String() string { + switch r { + case RoleLeft: + return "left" + case RoleRight: + return "right" + } + return "unknown" +} + +func (r *KDRole) FromString(str string) (err error) { + switch strings.ToLower(str) { + case "server": + fallthrough + case "alice": + fallthrough + case "left": + *r = RoleLeft + case "client": + fallthrough + case "bob": + fallthrough + case "right": + *r = RoleRight + default: + return errors.New("invalid role: '" + str + "'") + } + return +} + +func (r KDRole) MarshalText() (data []byte, err error) { + data = []byte(r.String()) + return +} + +func (r *KDRole) UnmarshalText(data []byte) (err error) { + return r.FromString(string(data)) +} + type KeyDerivation interface { Generate(dir Direction, usage KeyUsage, sequenceNumber uint32, out []byte) error } diff --git a/satp/crypto-kd_test.go b/satp/crypto-kd_test.go index 1c01fc9..d0db750 100644 --- a/satp/crypto-kd_test.go +++ b/satp/crypto-kd_test.go @@ -31,9 +31,69 @@ package satp import ( + "bytes" "testing" ) +func TestKDRoleMarshalText(t *testing.T) { + testvectors := []struct { + role KDRole + out []byte + }{ + {RoleLeft, []byte("left")}, + {RoleRight, []byte("right")}, + {17, []byte("unknown")}, + } + + for _, vector := range testvectors { + out, err := vector.role.MarshalText() + if err != nil { + t.Fatal("unexpected error:", err) + } + if !bytes.Equal(out, vector.out) { + t.Fatalf("role name should be %q but is %q", string(vector.out), string(out)) + } + } +} + +func TestKDRoleUnmarshalText(t *testing.T) { + testvectors := []struct { + role KDRole + in []byte + valid bool + }{ + {RoleLeft, []byte(""), false}, + {RoleRight, []byte("foo"), false}, + {RoleLeft, []byte("left-ish"), false}, + {RoleLeft, []byte("servers"), false}, + {RoleRight, []byte("eve"), false}, + + {RoleLeft, []byte("left"), true}, + {RoleRight, []byte("right"), true}, + {RoleLeft, []byte("server"), true}, + {RoleRight, []byte("client"), true}, + {RoleLeft, []byte("alice"), true}, + {RoleRight, []byte("bob"), true}, + } + + for _, vector := range testvectors { + var r KDRole + err := r.UnmarshalText(vector.in) + if vector.valid { + if err != nil { + t.Fatal("unexpected error:", err) + } + if r != vector.role { + t.Fatalf("unmarshalling %q returned %s but should be %s", string(vector.in), r, vector.role) + } + } else { + if err == nil { + t.Fatalf("unmarshalling %q should give and error", string(vector.in)) + } + } + } +} + func TestKDGetLabel(t *testing.T) { testvectors := []struct { role KDRole @@ -43,15 +103,15 @@ func TestKDGetLabel(t *testing.T) { }{ {RoleLeft, Outbound, UsageEncryptKey, 0x356A192B}, {RoleRight, Outbound, UsageEncryptKey, 0xDA4B9237}, - {RoleAlice, Outbound, UsageEncryptSalt, 0x77DE68DA}, - {RoleBob, Outbound, UsageEncryptSalt, 0x1B645389}, - {RoleServer, Outbound, UsageAuthKey, 0xAC3478D6}, - {RoleClient, Outbound, UsageAuthKey, 0xC1DFD96E}, + {RoleLeft, Outbound, UsageEncryptSalt, 0x77DE68DA}, + {RoleRight, Outbound, UsageEncryptSalt, 0x1B645389}, + {RoleLeft, Outbound, UsageAuthKey, 0xAC3478D6}, + {RoleRight, Outbound, UsageAuthKey, 0xC1DFD96E}, - {RoleAlice, Inbound, UsageEncryptKey, 0xDA4B9237}, - {RoleBob, Inbound, UsageEncryptKey, 0x356A192B}, - {RoleServer, Inbound, UsageEncryptSalt, 0x1B645389}, - {RoleClient, Inbound, UsageEncryptSalt, 0x77DE68DA}, + {RoleLeft, Inbound, UsageEncryptKey, 0xDA4B9237}, + {RoleRight, Inbound, UsageEncryptKey, 0x356A192B}, + {RoleLeft, Inbound, UsageEncryptSalt, 0x1B645389}, + {RoleRight, Inbound, UsageEncryptSalt, 0x77DE68DA}, {RoleLeft, Inbound, UsageAuthKey, 0xC1DFD96E}, {RoleRight, Inbound, UsageAuthKey, 0xAC3478D6}, } |