1package dns 2 3import ( 4 "encoding/binary" 5 "testing" 6 "time" 7) 8 9func newTsig(algo string) *Msg { 10 m := new(Msg) 11 m.SetQuestion("example.org.", TypeA) 12 m.SetTsig("example.", algo, 300, time.Now().Unix()) 13 return m 14} 15 16func TestTsig(t *testing.T) { 17 m := newTsig(HmacMD5) 18 buf, _, err := TsigGenerate(m, "pRZgBrBvI4NAHZYhxmhs/Q==", "", false) 19 if err != nil { 20 t.Fatal(err) 21 } 22 err = TsigVerify(buf, "pRZgBrBvI4NAHZYhxmhs/Q==", "", false) 23 if err != nil { 24 t.Fatal(err) 25 } 26 27 // TSIG accounts for ID substitution. This means if the message ID is 28 // changed by a forwarder, we should still be able to verify the TSIG. 29 m = newTsig(HmacMD5) 30 buf, _, err = TsigGenerate(m, "pRZgBrBvI4NAHZYhxmhs/Q==", "", false) 31 if err != nil { 32 t.Fatal(err) 33 } 34 35 binary.BigEndian.PutUint16(buf[0:2], 42) 36 err = TsigVerify(buf, "pRZgBrBvI4NAHZYhxmhs/Q==", "", false) 37 if err != nil { 38 t.Fatal(err) 39 } 40} 41 42func TestTsigCase(t *testing.T) { 43 m := newTsig("HmAc-mD5.sig-ALg.rEg.int.") // HmacMD5 44 buf, _, err := TsigGenerate(m, "pRZgBrBvI4NAHZYhxmhs/Q==", "", false) 45 if err != nil { 46 t.Fatal(err) 47 } 48 err = TsigVerify(buf, "pRZgBrBvI4NAHZYhxmhs/Q==", "", false) 49 if err != nil { 50 t.Fatal(err) 51 } 52} 53