Browse Source

Add packet tests

thegreathir 1 year ago
parent
commit
4f82474e5a
3 changed files with 50 additions and 2 deletions
  1. 2 0
      src/iface/interface/tests/ipv6.rs
  2. 4 0
      src/wire/ip.rs
  3. 44 2
      src/wire/ipsec_ah.rs

+ 2 - 0
src/iface/interface/tests/ipv6.rs

@@ -12,6 +12,8 @@ fn parse_ipv6(data: &[u8]) -> crate::wire::Result<IpPacket<'_>> {
         IpProtocol::Udp => todo!(),
         IpProtocol::Ipv6Route => todo!(),
         IpProtocol::Ipv6Frag => todo!(),
+        IpProtocol::Esp => todo!(),
+        IpProtocol::Ah => todo!(),
         IpProtocol::Icmpv6 => {
             let icmp = Icmpv6Repr::parse(
                 &ipv6.src_addr.into(),

+ 4 - 0
src/wire/ip.rs

@@ -55,6 +55,8 @@ enum_with_unknown! {
         Udp       = 0x11,
         Ipv6Route = 0x2b,
         Ipv6Frag  = 0x2c,
+        Esp       = 0x32,
+        Ah        = 0x33,
         Icmpv6    = 0x3a,
         Ipv6NoNxt = 0x3b,
         Ipv6Opts  = 0x3c
@@ -71,6 +73,8 @@ impl fmt::Display for Protocol {
             Protocol::Udp => write!(f, "UDP"),
             Protocol::Ipv6Route => write!(f, "IPv6-Route"),
             Protocol::Ipv6Frag => write!(f, "IPv6-Frag"),
+            Protocol::Esp => write!(f, "ESP"),
+            Protocol::Ah => write!(f, "AH"),
             Protocol::Icmpv6 => write!(f, "ICMPv6"),
             Protocol::Ipv6NoNxt => write!(f, "IPv6-NoNxt"),
             Protocol::Ipv6Opts => write!(f, "IPv6-Opts"),

+ 44 - 2
src/wire/ipsec_ah.rs

@@ -31,7 +31,7 @@ mod field {
     pub const PAYLOAD_LEN: usize = 1;
     pub const RESERVED: Field = 2..4;
     pub const SPI: Field = 4..8;
-    pub const SEQUENCE_NUMBER: Field = 8..16;
+    pub const SEQUENCE_NUMBER: Field = 8..12;
 
     pub const fn ICV(payload_len: u8) -> Field {
         let header_len = (payload_len as usize + 2) * 4;
@@ -200,4 +200,46 @@ impl<'a> Repr<'a> {
     }
 }
 
-// This sample can be used for test: https://www.cloudshark.org/captures/4d1561a5935f
+#[cfg(test)]
+mod test {
+    use super::*;
+
+    static PACKET_BYTES1: [u8; 24] = [
+        0x32, 0x04, 0x00, 0x00, 0x81, 0x79, 0xb7, 0x05, 0x00, 0x00, 0x00, 0x01, 0x27, 0xcf, 0xc0,
+        0xa5, 0xe4, 0x3d, 0x69, 0xb3, 0x72, 0x8e, 0xc5, 0xb0,
+    ];
+
+    static PACKET_BYTES2: [u8; 24] = [
+        0x32, 0x04, 0x00, 0x00, 0xba, 0x8b, 0xd0, 0x60, 0x00, 0x00, 0x00, 0x01, 0xaf, 0xd2, 0xe7,
+        0xa1, 0x73, 0xd3, 0x29, 0x0b, 0xfe, 0x6b, 0x63, 0x73,
+    ];
+
+    #[test]
+    fn test_deconstruct() {
+        let packet = Packet::new_unchecked(&PACKET_BYTES1[..]);
+        assert_eq!(packet.next_header(), IpProtocol::Esp);
+        assert_eq!(packet.payload_len(), 4);
+        assert_eq!(packet.security_parameters_index(), 0x8179b705);
+        assert_eq!(packet.sequence_number(), 1);
+        assert_eq!(
+            packet.integrity_check_value(),
+            &[0x27, 0xcf, 0xc0, 0xa5, 0xe4, 0x3d, 0x69, 0xb3, 0x72, 0x8e, 0xc5, 0xb0]
+        );
+    }
+
+    #[test]
+    fn test_construct() {
+        let mut bytes = vec![0xa5; 24];
+        let mut packet = Packet::new_unchecked(&mut bytes);
+        packet.set_next_header(IpProtocol::Esp);
+        packet.set_payload_len(4);
+        packet.clear_reserved();
+        packet.set_security_parameters_index(0xba8bd060);
+        packet.set_sequence_number(1);
+        const ICV: [u8; 12] = [
+            0xaf, 0xd2, 0xe7, 0xa1, 0x73, 0xd3, 0x29, 0x0b, 0xfe, 0x6b, 0x63, 0x73,
+        ];
+        packet.integrity_check_value_mut().copy_from_slice(&ICV);
+        assert_eq!(&*packet.into_inner(), &PACKET_BYTES2[..]);
+    }
+}