mirror of
https://github.com/SamTherapy/dnscrypt.git
synced 2024-07-05 06:46:07 +00:00
Graceful shutdown of the DNSCrypt server This PR implements Server.Shutdown(ctx context.Context) method that allows to shut down the DNSCrypt server gracefully. Some additional changes that were inadvertently made while doing that: 1. Added benchmark tests 2. Started using dns.ReadFromSessionUDP / dns.WriteToSessionUDP instead of implementing it by ourselves 3. Generally improved tests 4. Added depguard 5. Improved comments overall in the code
58 lines
1.4 KiB
Go
58 lines
1.4 KiB
Go
package dnscrypt
|
|
|
|
import (
|
|
"bytes"
|
|
"crypto/rand"
|
|
"testing"
|
|
|
|
"github.com/stretchr/testify/assert"
|
|
)
|
|
|
|
func TestDNSCryptQueryEncryptDecryptXSalsa20Poly1305(t *testing.T) {
|
|
testDNSCryptQueryEncryptDecrypt(t, XSalsa20Poly1305)
|
|
}
|
|
|
|
func TestDNSCryptQueryEncryptDecryptXChacha20Poly1305(t *testing.T) {
|
|
testDNSCryptQueryEncryptDecrypt(t, XChacha20Poly1305)
|
|
}
|
|
|
|
func testDNSCryptQueryEncryptDecrypt(t *testing.T, esVersion CryptoConstruction) {
|
|
// Generate the secret/public pairs
|
|
clientSecretKey, clientPublicKey := generateRandomKeyPair()
|
|
serverSecretKey, serverPublicKey := generateRandomKeyPair()
|
|
|
|
// Generate client shared key
|
|
clientSharedKey, err := computeSharedKey(esVersion, &clientSecretKey, &serverPublicKey)
|
|
assert.NoError(t, err)
|
|
|
|
clientMagic := [clientMagicSize]byte{}
|
|
_, _ = rand.Read(clientMagic[:])
|
|
|
|
q1 := EncryptedQuery{
|
|
EsVersion: esVersion,
|
|
ClientPk: clientPublicKey,
|
|
ClientMagic: clientMagic,
|
|
}
|
|
|
|
// Generate random packet
|
|
packet := make([]byte, 100)
|
|
_, _ = rand.Read(packet[:])
|
|
|
|
// Encrypt it
|
|
encrypted, err := q1.Encrypt(packet, clientSharedKey)
|
|
assert.NoError(t, err)
|
|
|
|
// Now let's try decrypting it
|
|
q2 := EncryptedQuery{
|
|
EsVersion: esVersion,
|
|
ClientMagic: clientMagic,
|
|
}
|
|
|
|
// Decrypt it
|
|
decrypted, err := q2.Decrypt(encrypted, serverSecretKey)
|
|
assert.NoError(t, err)
|
|
|
|
// Check that packet is the same
|
|
assert.True(t, bytes.Equal(packet, decrypted))
|
|
}
|