diff options
author | Yan Yan <evitayan@google.com> | 2019-01-12 00:20:55 +0000 |
---|---|---|
committer | Gerrit Code Review <noreply-gerritcodereview@google.com> | 2019-01-12 00:20:55 +0000 |
commit | c27461b2758263b2ed18d2f155be4eeb0f88132b (patch) | |
tree | 764f207ea61c61b52fbb26737ceeb3db53e4611b /tests/iketests/src | |
parent | f5c70b0c5b1000d6cb7cec6c72e60f2ef852c3cd (diff) | |
parent | bc37416647e6fdb3a2139de944f0eb0e9aa492c6 (diff) | |
download | ike-c27461b2758263b2ed18d2f155be4eeb0f88132b.tar.gz |
Merge "Add method for signing value with PRF for IKE Auth"
Diffstat (limited to 'tests/iketests/src')
-rw-r--r-- | tests/iketests/src/java/com/android/ike/ikev2/message/IkeAuthPayloadTest.java | 38 |
1 files changed, 31 insertions, 7 deletions
diff --git a/tests/iketests/src/java/com/android/ike/ikev2/message/IkeAuthPayloadTest.java b/tests/iketests/src/java/com/android/ike/ikev2/message/IkeAuthPayloadTest.java index f999b2ae..ba0277ef 100644 --- a/tests/iketests/src/java/com/android/ike/ikev2/message/IkeAuthPayloadTest.java +++ b/tests/iketests/src/java/com/android/ike/ikev2/message/IkeAuthPayloadTest.java @@ -23,30 +23,38 @@ import static org.junit.Assert.fail; import org.junit.Test; +import javax.crypto.Mac; + public final class IkeAuthPayloadTest { - private static final String AUTH_PAYLOAD_PSK_HEX_STRING = - "02000000a04554c4d5b98572556b5542d767666c"; - private static final String AUTH_PAYLOAD_PSK_SIGNATRUE_HEX_STRING = - "a04554c4d5b98572556b5542d767666c"; + private static final String PSK_AUTH_PAYLOAD_HEX_STRING = + "02000000df7c038aefaaa32d3f44b228b52a332744dfb2c1"; + private static final String PSK_AUTH_PAYLOAD_SIGNATRUE_HEX_STRING = + "df7c038aefaaa32d3f44b228b52a332744dfb2c1"; + private static final String PSK_ID_PAYLOAD_HEX_STRING = "010000000a50500d"; + private static final String PSK_SKP_HEX_STRING = "094787780EE466E2CB049FA327B43908BC57E485"; + private static final String PSK_SIGNED_OCTETS_APPENDIX_HEX_STRING = + "D83B20CC6A0932B2A7CEF26E4020ABAAB64F0C6A"; private static final int AUTH_METHOD_POSITION = 0; + private static final String PRF_HMAC_SHA1_ALGO_NAME = "HmacSHA1"; + @Test public void testDecodeIkeAuthPayload() throws Exception { - byte[] inputPacket = TestUtils.hexStringToByteArray(AUTH_PAYLOAD_PSK_HEX_STRING); + byte[] inputPacket = TestUtils.hexStringToByteArray(PSK_AUTH_PAYLOAD_HEX_STRING); IkeAuthPayload payload = IkeAuthPayload.getIkeAuthPayload(false, inputPacket); assertEquals(IkeAuthPayload.AUTH_METHOD_PRE_SHARED_KEY, payload.authMethod); assertTrue(payload instanceof IkeAuthPskPayload); byte[] expectedSignature = - TestUtils.hexStringToByteArray(AUTH_PAYLOAD_PSK_SIGNATRUE_HEX_STRING); + TestUtils.hexStringToByteArray(PSK_AUTH_PAYLOAD_SIGNATRUE_HEX_STRING); assertArrayEquals(expectedSignature, ((IkeAuthPskPayload) payload).signature); } @Test public void testDecodeIkeAuthPayloadWithUnsupportedMethod() throws Exception { - byte[] inputPacket = TestUtils.hexStringToByteArray(AUTH_PAYLOAD_PSK_HEX_STRING); + byte[] inputPacket = TestUtils.hexStringToByteArray(PSK_AUTH_PAYLOAD_HEX_STRING); inputPacket[AUTH_METHOD_POSITION] = 0; try { IkeAuthPayload payload = IkeAuthPayload.getIkeAuthPayload(false, inputPacket); @@ -55,4 +63,20 @@ public final class IkeAuthPayloadTest { // TODO: Catch AuthenticationFailedException after it is implemented. } } + + @Test + public void testSignWithPrf() throws Exception { + byte[] inputPacket = TestUtils.hexStringToByteArray(PSK_AUTH_PAYLOAD_HEX_STRING); + + IkeAuthPayload payload = IkeAuthPayload.getIkeAuthPayload(false, inputPacket); + + Mac prfMac = Mac.getInstance(PRF_HMAC_SHA1_ALGO_NAME, IkeMessage.getSecurityProvider()); + byte[] skpBytes = TestUtils.hexStringToByteArray(PSK_SKP_HEX_STRING); + byte[] idBytes = TestUtils.hexStringToByteArray(PSK_ID_PAYLOAD_HEX_STRING); + byte[] calculatedBytes = payload.signWithPrf(prfMac, skpBytes, idBytes); + + byte[] expectedBytes = + TestUtils.hexStringToByteArray(PSK_SIGNED_OECTETS_APPENDIX_HEX_STRING); + assertArrayEquals(expectedBytes, calculatedBytes); + } } |