external-tests: update to latest

Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>

diff --git a/contrib/external-tests/go/main.go b/contrib/external-tests/go/main.go
index b259212fc629cc1c4845adef0e7e872ea16d5756..0f65ec4f907287df38c47bf6a72b8422eae1c44c 100644 (file)
--- a/contrib/external-tests/go/main.go
+++ b/contrib/external-tests/go/main.go
@@ -61,9 +61,12 @@ func main() {
        tai64n := make([]byte, 12)
        binary.BigEndian.PutUint64(tai64n[:], 4611686018427387914+uint64(now.Unix()))
        binary.BigEndian.PutUint32(tai64n[8:], uint32(now.UnixNano()))
-       initiationPacket := make([]byte, 5)
-       initiationPacket[0] = 1                                 // Type: Initiation
-       binary.LittleEndian.PutUint32(initiationPacket[1:], 28) // Sender index: 28 (arbitrary)
+       initiationPacket := make([]byte, 8)
+       initiationPacket[0] = 1 // Type: Initiation
+       initiationPacket[1] = 0 // Reserved
+       initiationPacket[2] = 0 // Reserved
+       initiationPacket[3] = 0 // Reserved
+       binary.LittleEndian.PutUint32(initiationPacket[4:], 28) // Sender index: 28 (arbitrary)
        initiationPacket, _, _ = hs.WriteMessage(initiationPacket, tai64n)
        hasher, _ := blake2s.New(&blake2s.Config{Size: 16, Key: preshared})
        hasher.Write(theirPublic)
@@ -75,7 +78,7 @@ func main() {
        }
 
        // read handshake response packet
-       responsePacket := make([]byte, 89)
+       responsePacket := make([]byte, 92)
        n, err := conn.Read(responsePacket)
        if err != nil {
                log.Fatalf("error reading response packet: %s", err)
@@ -86,12 +89,15 @@ func main() {
        if responsePacket[0] != 2 { // Type: Response
                log.Fatalf("response packet type wrong: want %d, got %d", 2, responsePacket[0])
        }
-       theirIndex := binary.LittleEndian.Uint32(responsePacket[1:])
-       ourIndex := binary.LittleEndian.Uint32(responsePacket[5:])
+       if responsePacket[1] != 0 || responsePacket[2] != 0 || responsePacket[3] != 0 {
+               log.Fatalf("response packet has non-zero reserved fields")
+       }
+       theirIndex := binary.LittleEndian.Uint32(responsePacket[4:])
+       ourIndex := binary.LittleEndian.Uint32(responsePacket[8:])
        if ourIndex != 28 {
                log.Fatalf("response packet index wrong: want %d, got %d", 28, ourIndex)
        }
-       payload, sendCipher, receiveCipher, err := hs.ReadMessage(nil, responsePacket[9:57])
+       payload, sendCipher, receiveCipher, err := hs.ReadMessage(nil, responsePacket[12:60])
        if err != nil {
                log.Fatalf("error reading handshake message: %s", err)
        }
@@ -120,10 +126,13 @@ func main() {
        binary.BigEndian.PutUint16(pingHeader[2:], uint16(ipv4.HeaderLen+len(pingMessage))) // fix the length endianness on BSDs
        pingData := append(pingHeader, pingMessage...)
        binary.BigEndian.PutUint16(pingData[10:], ipChecksum(pingData))
-       pingPacket := make([]byte, 13)
+       pingPacket := make([]byte, 16)
        pingPacket[0] = 4 // Type: Data
-       binary.LittleEndian.PutUint32(pingPacket[1:], theirIndex)
-       binary.LittleEndian.PutUint64(pingPacket[5:], 0) // Nonce
+       pingPacket[1] = 0 // Reserved
+       pingPacket[2] = 0 // Reserved
+       pingPacket[3] = 0 // Reserved
+       binary.LittleEndian.PutUint32(pingPacket[4:], theirIndex)
+       binary.LittleEndian.PutUint64(pingPacket[8:], 0) // Nonce
        pingPacket = sendCipher.Encrypt(pingPacket, nil, pingData)
        if _, err := conn.Write(pingPacket); err != nil {
                log.Fatalf("error writing ping message: %s", err)
@@ -139,7 +148,10 @@ func main() {
        if replyPacket[0] != 4 { // Type: Data
                log.Fatalf("unexpected reply packet type: %d", replyPacket[0])
        }
-       replyPacket, err = receiveCipher.Decrypt(nil, nil, replyPacket[13:])
+       if replyPacket[1] != 0 || replyPacket[2] != 0 || replyPacket[3] != 0 {
+               log.Fatalf("reply packet has non-zero reserved fields")
+       }
+       replyPacket, err = receiveCipher.Decrypt(nil, nil, replyPacket[16:])
        if err != nil {
                log.Fatalf("error decrypting reply packet: %s", err)
        }

diff --git a/contrib/external-tests/haskell/src/Main.hs b/contrib/external-tests/haskell/src/Main.hs
index 20aeb2ea7d58fa32b5d71dc5ca354644858c24ad..820e2f18e60549a97ac055f9faafbf1cf166dfb4 100644 (file)
--- a/contrib/external-tests/haskell/src/Main.hs
+++ b/contrib/external-tests/haskell/src/Main.hs
@@ -33,7 +33,7 @@ w :: PublicKey Curve25519
   -> ByteString
   -> IO ()
 w theirPub (Plaintext myPSK) sock addr msg = do
-  let x      = "\x01\x00\x00" `mappend` msg
+  let x      = "\x01\x00\x00\x00\x00\x00" `mappend` msg
       mac    = hash 16 myPSK (sbToBS' (curvePubToBytes theirPub) `mappend` sbToBS' x)
   void $ NBS.sendTo sock (x `mappend` mac `mappend` replicate 16 '\0') addr
 
@@ -41,7 +41,7 @@ r :: MVar ByteString -> Socket -> IO ByteString
 r smv sock = do
   (r, _) <- NBS.recvFrom sock 1024
   putMVar smv $ (take 2 . drop 1) r
-  return . take 48 . drop 5 $ r
+  return . take 48 . drop 8 $ r
 
 payload :: IO Plaintext
 payload = do
@@ -78,4 +78,4 @@ main = do
 
   let (keepAlive, encryption') = encryptPayload "" encryption
   senderindex <- takeMVar senderindexmv
-  void $ NBS.sendTo sock ("\x04" `mappend` senderindex `mappend` replicate 8 '\0' `mappend` keepAlive) addr
+  void $ NBS.sendTo sock ("\x04\x00\x00\x00" `mappend` senderindex `mappend` replicate 8 '\0' `mappend` keepAlive) addr

diff --git a/contrib/external-tests/rust/src/main.rs b/contrib/external-tests/rust/src/main.rs
index c5a78fe67275e6b58868de189fbd553aef64e747..c75cdede77644ab0d6f483c610077d8c1744c7b2 100644 (file)
--- a/contrib/external-tests/rust/src/main.rs
+++ b/contrib/external-tests/rust/src/main.rs
@@ -1,4 +1,5 @@
 /* Copyright (C) 2015-2016 Jason A. Donenfeld <Jason@zx2c4.com>. All Rights Reserved. */
+
 extern crate screech;
 extern crate crypto;
 extern crate time;
@@ -44,31 +45,40 @@ fn main() {
        let mut tai64n = [0; 12];
        BigEndian::write_i64(&mut tai64n[0..], 4611686018427387914ULL + now.sec);
        BigEndian::write_i32(&mut tai64n[8..], now.nsec);
-       let mut initiation_packet = [0; 145];
+       let mut initiation_packet = [0; 148];
        initiation_packet[0] = 1; /* Type: Initiation */
-       LittleEndian::write_u32(&mut initiation_packet[1..], 28); /* Sender index: 28 (arbitrary) */
-       handshake.write_message(&tai64n, &mut initiation_packet[5..]);
-       let mut mac_material = [0; 143];
+       initiation_packet[1] = 0; /* Reserved */
+       initiation_packet[2] = 0; /* Reserved */
+       initiation_packet[3] = 0; /* Reserved */
+       LittleEndian::write_u32(&mut initiation_packet[4..], 28); /* Sender index: 28 (arbitrary) */
+       handshake.write_message(&tai64n, &mut initiation_packet[8..]);
+       let mut mac_material = [0; 148];
        memcpy(&mut mac_material, &their_public);
-       memcpy(&mut mac_material[32..], &initiation_packet[0..113]);
+       memcpy(&mut mac_material[32..], &initiation_packet[0..116]);
        let mut mac = [0; 16];
        Blake2s::blake2s(&mut mac, &mac_material, &my_preshared);
-       memcpy(&mut initiation_packet[113..], &mac);
+       memcpy(&mut initiation_packet[116..], &mac);
        socket.send_to(&initiation_packet, &send_addr).unwrap();
 
-       let mut response_packet = [0; 89];
+       let mut response_packet = [0; 92];
        socket.recv_from(&mut response_packet).unwrap();
        assert!(response_packet[0] == 2 /* Type: Response */);
-       let their_index = LittleEndian::read_u32(&response_packet[1..]);
-       let our_index = LittleEndian::read_u32(&response_packet[5..]);
+       assert!(response_packet[1] == 0 /* Reserved */);
+       assert!(response_packet[2] == 0 /* Reserved */);
+       assert!(response_packet[3] == 0 /* Reserved */);
+       let their_index = LittleEndian::read_u32(&response_packet[4..]);
+       let our_index = LittleEndian::read_u32(&response_packet[8..]);
        assert!(our_index == 28);
-       let (payload_len, last) = handshake.read_message(&response_packet[9..57], &mut empty_payload).unwrap();
+       let (payload_len, last) = handshake.read_message(&response_packet[12..60], &mut empty_payload).unwrap();
        assert!(payload_len == 0 && last);
 
-       let mut keepalive_packet = [0; 29];
+       let mut keepalive_packet = [0; 32];
        keepalive_packet[0] = 4; /* Type: Data */
-       LittleEndian::write_u32(&mut keepalive_packet[1..], their_index);
-       LittleEndian::write_u64(&mut keepalive_packet[5..], cipherstate1.n);
-       cipherstate1.encrypt(&empty_payload, &mut keepalive_packet[13..]); /* Empty payload means keepalive */
+       keepalive_packet[1] = 0; /* Reserved */
+       keepalive_packet[2] = 0; /* Reserved */
+       keepalive_packet[3] = 0; /* Reserved */
+       LittleEndian::write_u32(&mut keepalive_packet[4..], their_index);
+       LittleEndian::write_u64(&mut keepalive_packet[8..], cipherstate1.n);
+       cipherstate1.encrypt(&empty_payload, &mut keepalive_packet[16..]); /* Empty payload means keepalive */
        socket.send_to(&keepalive_packet, &send_addr).unwrap();
 }