53 lines
1.2 KiB
Go
53 lines
1.2 KiB
Go
|
package dns
|
||
|
|
||
|
import (
|
||
|
"encoding/binary"
|
||
|
"testing"
|
||
|
"time"
|
||
|
)
|
||
|
|
||
|
func newTsig(algo string) *Msg {
|
||
|
m := new(Msg)
|
||
|
m.SetQuestion("example.org.", TypeA)
|
||
|
m.SetTsig("example.", algo, 300, time.Now().Unix())
|
||
|
return m
|
||
|
}
|
||
|
|
||
|
func TestTsig(t *testing.T) {
|
||
|
m := newTsig(HmacMD5)
|
||
|
buf, _, err := TsigGenerate(m, "pRZgBrBvI4NAHZYhxmhs/Q==", "", false)
|
||
|
if err != nil {
|
||
|
t.Fatal(err)
|
||
|
}
|
||
|
err = TsigVerify(buf, "pRZgBrBvI4NAHZYhxmhs/Q==", "", false)
|
||
|
if err != nil {
|
||
|
t.Fatal(err)
|
||
|
}
|
||
|
|
||
|
// TSIG accounts for ID substitution. This means if the message ID is
|
||
|
// changed by a forwarder, we should still be able to verify the TSIG.
|
||
|
m = newTsig(HmacMD5)
|
||
|
buf, _, err = TsigGenerate(m, "pRZgBrBvI4NAHZYhxmhs/Q==", "", false)
|
||
|
if err != nil {
|
||
|
t.Fatal(err)
|
||
|
}
|
||
|
|
||
|
binary.BigEndian.PutUint16(buf[0:2], uint16(42))
|
||
|
err = TsigVerify(buf, "pRZgBrBvI4NAHZYhxmhs/Q==", "", false)
|
||
|
if err != nil {
|
||
|
t.Fatal(err)
|
||
|
}
|
||
|
}
|
||
|
|
||
|
func TestTsigCase(t *testing.T) {
|
||
|
m := newTsig("HmAc-mD5.sig-ALg.rEg.int.") // HmacMD5
|
||
|
buf, _, err := TsigGenerate(m, "pRZgBrBvI4NAHZYhxmhs/Q==", "", false)
|
||
|
if err != nil {
|
||
|
t.Fatal(err)
|
||
|
}
|
||
|
err = TsigVerify(buf, "pRZgBrBvI4NAHZYhxmhs/Q==", "", false)
|
||
|
if err != nil {
|
||
|
t.Fatal(err)
|
||
|
}
|
||
|
}
|