Parse static key from file

This commit is contained in:
Davide De Rosa 2018-09-11 13:56:17 +02:00
parent fcd25608af
commit fbd3f977d5
3 changed files with 143 additions and 0 deletions

View File

@ -9,6 +9,7 @@
/* Begin PBXBuildFile section */ /* Begin PBXBuildFile section */
0E041D092152E6FE0025FE3C /* SessionProxy+TLSWrap.swift in Sources */ = {isa = PBXBuildFile; fileRef = 0E041D082152E6FE0025FE3C /* SessionProxy+TLSWrap.swift */; }; 0E041D092152E6FE0025FE3C /* SessionProxy+TLSWrap.swift in Sources */ = {isa = PBXBuildFile; fileRef = 0E041D082152E6FE0025FE3C /* SessionProxy+TLSWrap.swift */; };
0E041D0A2152E6FE0025FE3C /* SessionProxy+TLSWrap.swift in Sources */ = {isa = PBXBuildFile; fileRef = 0E041D082152E6FE0025FE3C /* SessionProxy+TLSWrap.swift */; }; 0E041D0A2152E6FE0025FE3C /* SessionProxy+TLSWrap.swift in Sources */ = {isa = PBXBuildFile; fileRef = 0E041D082152E6FE0025FE3C /* SessionProxy+TLSWrap.swift */; };
0E041D0C2152E80A0025FE3C /* StaticKeyTests.swift in Sources */ = {isa = PBXBuildFile; fileRef = 0E041D0B2152E80A0025FE3C /* StaticKeyTests.swift */; };
0E07595F20EF6D1400F38FD8 /* CryptoCBC.m in Sources */ = {isa = PBXBuildFile; fileRef = 0E07595C20EF6D1400F38FD8 /* CryptoCBC.m */; }; 0E07595F20EF6D1400F38FD8 /* CryptoCBC.m in Sources */ = {isa = PBXBuildFile; fileRef = 0E07595C20EF6D1400F38FD8 /* CryptoCBC.m */; };
0E07596020EF6D1400F38FD8 /* CryptoCBC.m in Sources */ = {isa = PBXBuildFile; fileRef = 0E07595C20EF6D1400F38FD8 /* CryptoCBC.m */; }; 0E07596020EF6D1400F38FD8 /* CryptoCBC.m in Sources */ = {isa = PBXBuildFile; fileRef = 0E07595C20EF6D1400F38FD8 /* CryptoCBC.m */; };
0E07596320EF733F00F38FD8 /* CryptoMacros.h in Headers */ = {isa = PBXBuildFile; fileRef = 0E07596120EF733F00F38FD8 /* CryptoMacros.h */; }; 0E07596320EF733F00F38FD8 /* CryptoMacros.h in Headers */ = {isa = PBXBuildFile; fileRef = 0E07596120EF733F00F38FD8 /* CryptoMacros.h */; };
@ -196,6 +197,7 @@
/* Begin PBXFileReference section */ /* Begin PBXFileReference section */
0E041D082152E6FE0025FE3C /* SessionProxy+TLSWrap.swift */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.swift; path = "SessionProxy+TLSWrap.swift"; sourceTree = "<group>"; }; 0E041D082152E6FE0025FE3C /* SessionProxy+TLSWrap.swift */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.swift; path = "SessionProxy+TLSWrap.swift"; sourceTree = "<group>"; };
0E041D0B2152E80A0025FE3C /* StaticKeyTests.swift */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.swift; path = StaticKeyTests.swift; sourceTree = "<group>"; };
0E07595C20EF6D1400F38FD8 /* CryptoCBC.m */ = {isa = PBXFileReference; lastKnownFileType = sourcecode.c.objc; path = CryptoCBC.m; sourceTree = "<group>"; }; 0E07595C20EF6D1400F38FD8 /* CryptoCBC.m */ = {isa = PBXFileReference; lastKnownFileType = sourcecode.c.objc; path = CryptoCBC.m; sourceTree = "<group>"; };
0E07596120EF733F00F38FD8 /* CryptoMacros.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; path = CryptoMacros.h; sourceTree = "<group>"; }; 0E07596120EF733F00F38FD8 /* CryptoMacros.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; path = CryptoMacros.h; sourceTree = "<group>"; };
0E07596A20EF79AB00F38FD8 /* Crypto.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; path = Crypto.h; sourceTree = "<group>"; }; 0E07596A20EF79AB00F38FD8 /* Crypto.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; path = Crypto.h; sourceTree = "<group>"; };
@ -359,6 +361,7 @@
0E245D682135972800B012A2 /* PushTests.swift */, 0E245D682135972800B012A2 /* PushTests.swift */,
0EB2B45620F0BD16004233D7 /* RandomTests.swift */, 0EB2B45620F0BD16004233D7 /* RandomTests.swift */,
0EB2B45C20F0BF41004233D7 /* RawPerformanceTests.swift */, 0EB2B45C20F0BF41004233D7 /* RawPerformanceTests.swift */,
0E041D0B2152E80A0025FE3C /* StaticKeyTests.swift */,
0EB2B45A20F0BE4C004233D7 /* TestUtils.swift */, 0EB2B45A20F0BE4C004233D7 /* TestUtils.swift */,
0E749F612178911C00BB2701 /* pia-2048.pem */, 0E749F612178911C00BB2701 /* pia-2048.pem */,
); );
@ -867,6 +870,7 @@
0EB2B45B20F0BE4C004233D7 /* TestUtils.swift in Sources */, 0EB2B45B20F0BE4C004233D7 /* TestUtils.swift in Sources */,
0E58F1302138AC2F00A49F27 /* DNSTests.swift in Sources */, 0E58F1302138AC2F00A49F27 /* DNSTests.swift in Sources */,
0E12B2A32145341B00B4BAE9 /* PacketTests.swift in Sources */, 0E12B2A32145341B00B4BAE9 /* PacketTests.swift in Sources */,
0E041D0C2152E80A0025FE3C /* StaticKeyTests.swift in Sources */,
0E245D692135972800B012A2 /* PushTests.swift in Sources */, 0E245D692135972800B012A2 /* PushTests.swift in Sources */,
0EB2B46120F0C0A4004233D7 /* DataPathPerformanceTests.swift in Sources */, 0EB2B46120F0C0A4004233D7 /* DataPathPerformanceTests.swift in Sources */,
0EB2B45F20F0C098004233D7 /* EncryptionPerformanceTests.swift in Sources */, 0EB2B45F20F0C098004233D7 /* EncryptionPerformanceTests.swift in Sources */,

View File

@ -50,6 +50,12 @@ public class StaticKey: Codable {
private static let keyLength = StaticKey.contentLength / StaticKey.keyCount private static let keyLength = StaticKey.contentLength / StaticKey.keyCount
private static let fileHead = "-----BEGIN OpenVPN Static key V1-----"
private static let fileFoot = "-----END OpenVPN Static key V1-----"
private static let nonHexCharset = CharacterSet(charactersIn: "0123456789abcdefABCDEF").inverted
private let secureData: ZeroingData private let secureData: ZeroingData
private let direction: Direction? private let direction: Direction?
@ -132,6 +138,57 @@ public class StaticKey: Codable {
self.direction = direction self.direction = direction
} }
/**
Initializes with file content and direction.
- Parameter file: The text file containing the key.
- Parameter direction: The key direction, or bidirectional if nil.
*/
public convenience init?(file: String, direction: Direction?) {
let lines = file.split(separator: "\n")
self.init(lines: lines, direction: direction)
}
/// :nodoc:
public convenience init?(lines: [Substring], direction: Direction?) {
var isHead = true
var hexLines: [Substring] = []
for l in lines {
if isHead {
guard !l.hasPrefix("#") else {
continue
}
guard l == StaticKey.fileHead else {
return nil
}
isHead = false
continue
}
guard let first = l.first else {
return nil
}
if first == "-" {
guard l == StaticKey.fileFoot else {
return nil
}
break
}
hexLines.append(l)
}
let hex = String(hexLines.joined())
guard hex.count == 2 * StaticKey.contentLength else {
return nil
}
if let _ = hex.rangeOfCharacter(from: StaticKey.nonHexCharset) {
return nil
}
let data = Data(hex: hex)
self.init(data: data, direction: direction)
}
/** /**
Initializes as bidirectional. Initializes as bidirectional.

View File

@ -0,0 +1,82 @@
//
// StaticKeyTests.swift
// TunnelKitTests
//
// Created by Davide De Rosa on 9/11/18.
// Copyright (c) 2018 Davide De Rosa. All rights reserved.
//
// https://github.com/keeshux
//
// This file is part of TunnelKit.
//
// TunnelKit is free software: you can redistribute it and/or modify
// it under the terms of the GNU General Public License as published by
// the Free Software Foundation, either version 3 of the License, or
// (at your option) any later version.
//
// TunnelKit is distributed in the hope that it will be useful,
// but WITHOUT ANY WARRANTY; without even the implied warranty of
// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
// GNU General Public License for more details.
//
// You should have received a copy of the GNU General Public License
// along with TunnelKit. If not, see <http://www.gnu.org/licenses/>.
//
import XCTest
@testable import TunnelKit
class StaticKeyTests: XCTestCase {
private let content = """
#
# 2048 bit OpenVPN static key
#
-----BEGIN OpenVPN Static key V1-----
48d9999bd71095b10649c7cb471c1051
b1afdece597cea06909b99303a18c674
01597b12c04a787e98cdb619ee960d90
a0165529dc650f3a5c6fbe77c91c137d
cf55d863fcbe314df5f0b45dbe974d9b
de33ef5b4803c3985531c6c23ca6906d
6cd028efc8585d1b9e71003566bd7891
b9cc9212bcba510109922eed87f5c8e6
6d8e59cbd82575261f02777372b2cd4c
a5214c4a6513ff26dd568f574fd40d6c
d450fc788160ff68434ce2bf6afb00e7
10a3198538f14c4d45d84ab42637872e
778a6b35a124e700920879f1d003ba93
dccdb953cdf32bea03f365760b0ed800
2098d4ce20d045b45a83a8432cc73767
7aed27125592a7148d25c87fdbe0a3f6
-----END OpenVPN Static key V1-----
"""
override func setUp() {
super.setUp()
// Put setup code here. This method is called before the invocation of each test method in the class.
}
override func tearDown() {
// Put teardown code here. This method is called after the invocation of each test method in the class.
super.tearDown()
}
func testFileBidirectional() {
let expected = Data(hex: "cf55d863fcbe314df5f0b45dbe974d9bde33ef5b4803c3985531c6c23ca6906d6cd028efc8585d1b9e71003566bd7891b9cc9212bcba510109922eed87f5c8e6")
let key = StaticKey(file: content, direction: nil)
XCTAssertNotNil(key)
XCTAssertEqual(key?.hmacSendKey.toData(), expected)
XCTAssertEqual(key?.hmacReceiveKey.toData(), expected)
}
func testFileDirection() {
let send = Data(hex: "778a6b35a124e700920879f1d003ba93dccdb953cdf32bea03f365760b0ed8002098d4ce20d045b45a83a8432cc737677aed27125592a7148d25c87fdbe0a3f6")
let receive = Data(hex: "cf55d863fcbe314df5f0b45dbe974d9bde33ef5b4803c3985531c6c23ca6906d6cd028efc8585d1b9e71003566bd7891b9cc9212bcba510109922eed87f5c8e6")
let key = StaticKey(file: content, direction: .client)
XCTAssertNotNil(key)
XCTAssertEqual(key?.hmacSendKey.toData(), send)
XCTAssertEqual(key?.hmacReceiveKey.toData(), receive)
}
}