-
Notifications
You must be signed in to change notification settings - Fork 392
/
Copy pathWgKeyRotationTests.swift
117 lines (99 loc) · 3.85 KB
/
WgKeyRotationTests.swift
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
//
// WgKeyRotationTests.swift
// MullvadVPNTests
//
// Created by pronebird on 30/05/2023.
// Copyright © 2023 Mullvad VPN AB. All rights reserved.
//
import MullvadSettings
import MullvadTypes
@testable import MullvadVPN
import WireGuardKitTypes
import XCTest
final class WgKeyRotationTests: XCTestCase {
func testKeyRotationLifecycle() {
let data = StoredDeviceData.mock(
keyData: StoredWgKeyData(
creationDate: Date(),
privateKey: PrivateKey()
)
)
var keyRotation = WgKeyRotation(data: data)
let nextPubKey = keyRotation.beginAttempt()
let nextKey = keyRotation.data.wgKeyData.nextPrivateKey
let lastRotationDate = keyRotation.data.wgKeyData.lastRotationAttemptDate
XCTAssertNotNil(nextKey)
XCTAssertNotNil(lastRotationDate)
XCTAssertEqual(nextPubKey, nextKey?.publicKey)
XCTAssertTrue(keyRotation.setCompleted(with: Device.mock(privateKey: nextKey!)))
XCTAssertNil(keyRotation.data.wgKeyData.lastRotationAttemptDate)
XCTAssertNil(keyRotation.data.wgKeyData.nextPrivateKey)
XCTAssertEqual(keyRotation.data.wgKeyData.privateKey, nextKey)
}
func testHandlesMultipleKeyRotationAttempts() {
let currentKey = PrivateKey()
let nextKey = PrivateKey()
let data = StoredDeviceData.mock(
keyData: StoredWgKeyData(
creationDate: Date(),
lastRotationAttemptDate: Date(),
privateKey: currentKey,
nextPrivateKey: nextKey
)
)
var keyRotation = WgKeyRotation(data: data)
let pubKey = keyRotation.beginAttempt()
let lastAttemptDate = keyRotation.data.wgKeyData.lastRotationAttemptDate
let samePubKey = keyRotation.beginAttempt()
let anotherAttemptDate = keyRotation.data.wgKeyData.lastRotationAttemptDate
XCTAssertEqual(pubKey, nextKey.publicKey)
XCTAssertEqual(pubKey, samePubKey)
XCTAssertNotEqual(lastAttemptDate, anotherAttemptDate)
XCTAssertEqual(keyRotation.data.wgKeyData.privateKey, currentKey)
XCTAssertEqual(keyRotation.data.wgKeyData.nextPrivateKey, nextKey)
}
func testHandlesMultipleKeyRotationCompletions() {
let currentKey = PrivateKey()
let nextKey = PrivateKey()
let data = StoredDeviceData.mock(
keyData: StoredWgKeyData(
creationDate: Date(),
lastRotationAttemptDate: Date(),
privateKey: currentKey,
nextPrivateKey: nextKey
)
)
var keyRotation = WgKeyRotation(data: data)
XCTAssertTrue(keyRotation.setCompleted(with: Device.mock(privateKey: nextKey)))
XCTAssertFalse(keyRotation.setCompleted(with: Device.mock(privateKey: nextKey)))
XCTAssertEqual(keyRotation.data.wgKeyData.privateKey, nextKey)
XCTAssertNil(keyRotation.data.wgKeyData.nextPrivateKey)
XCTAssertNil(keyRotation.data.wgKeyData.lastRotationAttemptDate)
}
}
private extension StoredDeviceData {
static func mock(keyData: StoredWgKeyData) -> StoredDeviceData {
StoredDeviceData(
creationDate: Date(),
identifier: "device-id",
name: "device-name",
hijackDNS: false,
ipv4Address: IPAddressRange(from: "127.0.0.1/32")!,
ipv6Address: IPAddressRange(from: "::ff/64")!,
wgKeyData: keyData
)
}
}
private extension Device {
static func mock(privateKey: PrivateKey) -> Device {
Device(
id: "device-id",
name: "device-name",
pubkey: privateKey.publicKey,
hijackDNS: false,
created: Date(),
ipv4Address: IPAddressRange(from: "127.0.0.1/32")!,
ipv6Address: IPAddressRange(from: "::ff/64")!
)
}
}