mirror of https://github.com/ginuerzh/gost
1 changed files with 425 additions and 0 deletions
@ -0,0 +1,425 @@ |
|||||
|
package gost |
||||
|
|
||||
|
import ( |
||||
|
"crypto/rand" |
||||
|
"fmt" |
||||
|
"net/http/httptest" |
||||
|
"net/url" |
||||
|
"testing" |
||||
|
) |
||||
|
|
||||
|
func init() { |
||||
|
// ss.Debug = true
|
||||
|
} |
||||
|
|
||||
|
var ss2Tests = []struct { |
||||
|
clientCipher *url.Userinfo |
||||
|
serverCipher *url.Userinfo |
||||
|
pass bool |
||||
|
}{ |
||||
|
{nil, nil, false}, |
||||
|
{&url.Userinfo{}, &url.Userinfo{}, false}, |
||||
|
{url.User("abc"), url.User("abc"), false}, |
||||
|
{url.UserPassword("abc", "def"), url.UserPassword("abc", "def"), false}, |
||||
|
|
||||
|
{url.User("aes-128-cfb"), url.User("aes-128-cfb"), true}, |
||||
|
{url.User("aes-128-cfb"), url.UserPassword("aes-128-cfb", "123456"), false}, |
||||
|
{url.UserPassword("aes-128-cfb", "123456"), url.User("aes-128-cfb"), false}, |
||||
|
{url.UserPassword("aes-128-cfb", "123456"), url.UserPassword("aes-128-cfb", "abc"), false}, |
||||
|
{url.UserPassword("aes-128-cfb", "123456"), url.UserPassword("aes-128-cfb", "123456"), true}, |
||||
|
|
||||
|
{url.User("aes-192-cfb"), url.User("aes-192-cfb"), true}, |
||||
|
{url.User("aes-192-cfb"), url.UserPassword("aes-192-cfb", "123456"), false}, |
||||
|
{url.UserPassword("aes-192-cfb", "123456"), url.User("aes-192-cfb"), false}, |
||||
|
{url.UserPassword("aes-192-cfb", "123456"), url.UserPassword("aes-192-cfb", "abc"), false}, |
||||
|
{url.UserPassword("aes-192-cfb", "123456"), url.UserPassword("aes-192-cfb", "123456"), true}, |
||||
|
|
||||
|
{url.User("aes-256-cfb"), url.User("aes-256-cfb"), true}, |
||||
|
{url.User("aes-256-cfb"), url.UserPassword("aes-256-cfb", "123456"), false}, |
||||
|
{url.UserPassword("aes-256-cfb", "123456"), url.User("aes-256-cfb"), false}, |
||||
|
{url.UserPassword("aes-256-cfb", "123456"), url.UserPassword("aes-256-cfb", "abc"), false}, |
||||
|
{url.UserPassword("aes-256-cfb", "123456"), url.UserPassword("aes-256-cfb", "123456"), true}, |
||||
|
|
||||
|
{url.User("aes-128-ctr"), url.User("aes-128-ctr"), true}, |
||||
|
{url.User("aes-128-ctr"), url.UserPassword("aes-128-ctr", "123456"), false}, |
||||
|
{url.UserPassword("aes-128-ctr", "123456"), url.User("aes-128-ctr"), false}, |
||||
|
{url.UserPassword("aes-128-ctr", "123456"), url.UserPassword("aes-128-ctr", "abc"), false}, |
||||
|
{url.UserPassword("aes-128-ctr", "123456"), url.UserPassword("aes-128-ctr", "123456"), true}, |
||||
|
|
||||
|
{url.User("aes-192-ctr"), url.User("aes-192-ctr"), true}, |
||||
|
{url.User("aes-192-ctr"), url.UserPassword("aes-192-ctr", "123456"), false}, |
||||
|
{url.UserPassword("aes-192-ctr", "123456"), url.User("aes-192-ctr"), false}, |
||||
|
{url.UserPassword("aes-192-ctr", "123456"), url.UserPassword("aes-192-ctr", "abc"), false}, |
||||
|
{url.UserPassword("aes-192-ctr", "123456"), url.UserPassword("aes-192-ctr", "123456"), true}, |
||||
|
|
||||
|
{url.User("aes-256-ctr"), url.User("aes-256-ctr"), true}, |
||||
|
{url.User("aes-256-ctr"), url.UserPassword("aes-256-ctr", "123456"), false}, |
||||
|
{url.UserPassword("aes-256-ctr", "123456"), url.User("aes-256-ctr"), false}, |
||||
|
{url.UserPassword("aes-256-ctr", "123456"), url.UserPassword("aes-256-ctr", "abc"), false}, |
||||
|
{url.UserPassword("aes-256-ctr", "123456"), url.UserPassword("aes-256-ctr", "123456"), true}, |
||||
|
|
||||
|
{url.User("chacha20-ietf"), url.User("chacha20-ietf"), true}, |
||||
|
{url.User("chacha20-ietf"), url.UserPassword("chacha20-ietf", "123456"), false}, |
||||
|
{url.UserPassword("chacha20-ietf", "123456"), url.User("chacha20-ietf"), false}, |
||||
|
{url.UserPassword("chacha20-ietf", "123456"), url.UserPassword("chacha20-ietf", "abc"), false}, |
||||
|
{url.UserPassword("chacha20-ietf", "123456"), url.UserPassword("chacha20-ietf", "123456"), true}, |
||||
|
|
||||
|
{url.User("xchacha20"), url.User("xchacha20"), true}, |
||||
|
{url.User("xchacha20"), url.UserPassword("xchacha20", "123456"), false}, |
||||
|
{url.UserPassword("xchacha20", "123456"), url.User("xchacha20"), false}, |
||||
|
{url.UserPassword("xchacha20", "123456"), url.UserPassword("xchacha20", "abc"), false}, |
||||
|
{url.UserPassword("xchacha20", "123456"), url.UserPassword("xchacha20", "123456"), true}, |
||||
|
|
||||
|
{url.User("AEAD_AES_128_GCM"), url.User("AEAD_AES_128_GCM"), true}, |
||||
|
{url.User("AEAD_AES_128_GCM"), url.UserPassword("AEAD_AES_128_GCM", "123456"), false}, |
||||
|
{url.UserPassword("AEAD_AES_128_GCM", "123456"), url.User("AEAD_AES_128_GCM"), false}, |
||||
|
{url.UserPassword("AEAD_AES_128_GCM", "123456"), url.UserPassword("AEAD_AES_128_GCM", "abc"), false}, |
||||
|
{url.UserPassword("AEAD_AES_128_GCM", "123456"), url.UserPassword("AEAD_AES_128_GCM", "123456"), true}, |
||||
|
|
||||
|
{url.User("AEAD_AES_192_GCM"), url.User("AEAD_AES_192_GCM"), true}, |
||||
|
{url.User("AEAD_AES_192_GCM"), url.UserPassword("AEAD_AES_192_GCM", "123456"), false}, |
||||
|
{url.UserPassword("AEAD_AES_192_GCM", "123456"), url.User("AEAD_AES_192_GCM"), false}, |
||||
|
{url.UserPassword("AEAD_AES_192_GCM", "123456"), url.UserPassword("AEAD_AES_192_GCM", "abc"), false}, |
||||
|
{url.UserPassword("AEAD_AES_192_GCM", "123456"), url.UserPassword("AEAD_AES_192_GCM", "123456"), true}, |
||||
|
|
||||
|
{url.User("AEAD_AES_256_GCM"), url.User("AEAD_AES_256_GCM"), true}, |
||||
|
{url.User("AEAD_AES_256_GCM"), url.UserPassword("AEAD_AES_256_GCM", "123456"), false}, |
||||
|
{url.UserPassword("AEAD_AES_256_GCM", "123456"), url.User("AEAD_AES_256_GCM"), false}, |
||||
|
{url.UserPassword("AEAD_AES_256_GCM", "123456"), url.UserPassword("AEAD_AES_256_GCM", "abc"), false}, |
||||
|
{url.UserPassword("AEAD_AES_256_GCM", "123456"), url.UserPassword("AEAD_AES_256_GCM", "123456"), true}, |
||||
|
|
||||
|
{url.User("AEAD_CHACHA20_POLY1305"), url.User("AEAD_CHACHA20_POLY1305"), true}, |
||||
|
{url.User("AEAD_CHACHA20_POLY1305"), url.UserPassword("AEAD_CHACHA20_POLY1305", "123456"), false}, |
||||
|
{url.UserPassword("AEAD_CHACHA20_POLY1305", "123456"), url.User("AEAD_CHACHA20_POLY1305"), false}, |
||||
|
{url.UserPassword("AEAD_CHACHA20_POLY1305", "123456"), url.UserPassword("AEAD_CHACHA20_POLY1305", "abc"), false}, |
||||
|
{url.UserPassword("AEAD_CHACHA20_POLY1305", "123456"), url.UserPassword("AEAD_CHACHA20_POLY1305", "123456"), true}, |
||||
|
} |
||||
|
|
||||
|
var ss2ProxyTests = []struct { |
||||
|
clientCipher *url.Userinfo |
||||
|
serverCipher *url.Userinfo |
||||
|
pass bool |
||||
|
}{ |
||||
|
{nil, nil, false}, |
||||
|
{&url.Userinfo{}, &url.Userinfo{}, false}, |
||||
|
{url.User("abc"), url.User("abc"), false}, |
||||
|
{url.UserPassword("abc", "def"), url.UserPassword("abc", "def"), false}, |
||||
|
|
||||
|
{url.User("aes-128-cfb"), url.User("aes-128-cfb"), false}, |
||||
|
{url.User("aes-128-cfb"), url.UserPassword("aes-128-cfb", "123456"), false}, |
||||
|
{url.UserPassword("aes-128-cfb", "123456"), url.User("aes-128-cfb"), false}, |
||||
|
// {url.UserPassword("aes-128-cfb", "123456"), url.UserPassword("aes-128-cfb", "abc"), false},
|
||||
|
{url.UserPassword("aes-128-cfb", "123456"), url.UserPassword("aes-128-cfb", "123456"), true}, |
||||
|
} |
||||
|
|
||||
|
func ss2ProxyRoundtrip(targetURL string, data []byte, clientInfo *url.Userinfo, serverInfo *url.Userinfo) error { |
||||
|
ln, err := TCPListener("") |
||||
|
if err != nil { |
||||
|
return err |
||||
|
} |
||||
|
|
||||
|
client := &Client{ |
||||
|
Connector: Shadow2Connector(clientInfo), |
||||
|
Transporter: TCPTransporter(), |
||||
|
} |
||||
|
|
||||
|
server := &Server{ |
||||
|
Handler: Shadow2Handler(UsersHandlerOption(serverInfo)), |
||||
|
Listener: ln, |
||||
|
} |
||||
|
|
||||
|
go server.Run() |
||||
|
defer server.Close() |
||||
|
|
||||
|
return proxyRoundtrip(client, server, targetURL, data) |
||||
|
} |
||||
|
|
||||
|
func TestSS2Proxy(t *testing.T) { |
||||
|
httpSrv := httptest.NewServer(httpTestHandler) |
||||
|
defer httpSrv.Close() |
||||
|
|
||||
|
sendData := make([]byte, 128) |
||||
|
rand.Read(sendData) |
||||
|
|
||||
|
for i, tc := range ss2Tests { |
||||
|
tc := tc |
||||
|
t.Run(fmt.Sprintf("#%d", i), func(t *testing.T) { |
||||
|
err := ss2ProxyRoundtrip(httpSrv.URL, sendData, |
||||
|
tc.clientCipher, |
||||
|
tc.serverCipher, |
||||
|
) |
||||
|
if err == nil { |
||||
|
if !tc.pass { |
||||
|
t.Errorf("#%d should failed", i) |
||||
|
} |
||||
|
} else { |
||||
|
// t.Logf("#%d %v", i, err)
|
||||
|
if tc.pass { |
||||
|
t.Errorf("#%d got error: %v", i, err) |
||||
|
} |
||||
|
} |
||||
|
}) |
||||
|
} |
||||
|
} |
||||
|
|
||||
|
func BenchmarkSS2Proxy_AES256(b *testing.B) { |
||||
|
httpSrv := httptest.NewServer(httpTestHandler) |
||||
|
defer httpSrv.Close() |
||||
|
|
||||
|
sendData := make([]byte, 128) |
||||
|
rand.Read(sendData) |
||||
|
|
||||
|
ln, err := TCPListener("") |
||||
|
if err != nil { |
||||
|
b.Error(err) |
||||
|
} |
||||
|
|
||||
|
client := &Client{ |
||||
|
Connector: Shadow2Connector(url.UserPassword("aes-256-cfb", "123456")), |
||||
|
Transporter: TCPTransporter(), |
||||
|
} |
||||
|
|
||||
|
server := &Server{ |
||||
|
Handler: Shadow2Handler(UsersHandlerOption(url.UserPassword("aes-256-cfb", "123456"))), |
||||
|
Listener: ln, |
||||
|
} |
||||
|
|
||||
|
go server.Run() |
||||
|
defer server.Close() |
||||
|
|
||||
|
for i := 0; i < b.N; i++ { |
||||
|
if err := proxyRoundtrip(client, server, httpSrv.URL, sendData); err != nil { |
||||
|
b.Error(err) |
||||
|
} |
||||
|
} |
||||
|
} |
||||
|
|
||||
|
func BenchmarkSS2Proxy_XChacha20(b *testing.B) { |
||||
|
httpSrv := httptest.NewServer(httpTestHandler) |
||||
|
defer httpSrv.Close() |
||||
|
|
||||
|
sendData := make([]byte, 128) |
||||
|
rand.Read(sendData) |
||||
|
|
||||
|
ln, err := TCPListener("") |
||||
|
if err != nil { |
||||
|
b.Error(err) |
||||
|
} |
||||
|
|
||||
|
client := &Client{ |
||||
|
Connector: Shadow2Connector(url.UserPassword("xchacha20", "123456")), |
||||
|
Transporter: TCPTransporter(), |
||||
|
} |
||||
|
|
||||
|
server := &Server{ |
||||
|
Handler: Shadow2Handler(UsersHandlerOption(url.UserPassword("xchacha20", "123456"))), |
||||
|
Listener: ln, |
||||
|
} |
||||
|
|
||||
|
go server.Run() |
||||
|
defer server.Close() |
||||
|
|
||||
|
for i := 0; i < b.N; i++ { |
||||
|
if err := proxyRoundtrip(client, server, httpSrv.URL, sendData); err != nil { |
||||
|
b.Error(err) |
||||
|
} |
||||
|
} |
||||
|
} |
||||
|
|
||||
|
func BenchmarkSS2Proxy_Chacha20_ietf(b *testing.B) { |
||||
|
httpSrv := httptest.NewServer(httpTestHandler) |
||||
|
defer httpSrv.Close() |
||||
|
|
||||
|
sendData := make([]byte, 128) |
||||
|
rand.Read(sendData) |
||||
|
|
||||
|
ln, err := TCPListener("") |
||||
|
if err != nil { |
||||
|
b.Error(err) |
||||
|
} |
||||
|
|
||||
|
client := &Client{ |
||||
|
Connector: Shadow2Connector(url.UserPassword("chacha20-ietf", "123456")), |
||||
|
Transporter: TCPTransporter(), |
||||
|
} |
||||
|
|
||||
|
server := &Server{ |
||||
|
Handler: Shadow2Handler(UsersHandlerOption(url.UserPassword("chacha20-ietf", "123456"))), |
||||
|
Listener: ln, |
||||
|
} |
||||
|
|
||||
|
go server.Run() |
||||
|
defer server.Close() |
||||
|
|
||||
|
for i := 0; i < b.N; i++ { |
||||
|
if err := proxyRoundtrip(client, server, httpSrv.URL, sendData); err != nil { |
||||
|
b.Error(err) |
||||
|
} |
||||
|
} |
||||
|
} |
||||
|
|
||||
|
func BenchmarkSS2Proxy_CHACHA20_IETF_Parallel(b *testing.B) { |
||||
|
httpSrv := httptest.NewServer(httpTestHandler) |
||||
|
defer httpSrv.Close() |
||||
|
|
||||
|
sendData := make([]byte, 128) |
||||
|
rand.Read(sendData) |
||||
|
|
||||
|
ln, err := TCPListener("") |
||||
|
if err != nil { |
||||
|
b.Error(err) |
||||
|
} |
||||
|
|
||||
|
client := &Client{ |
||||
|
Connector: Shadow2Connector(url.UserPassword("chacha20-ietf", "123456")), |
||||
|
Transporter: TCPTransporter(), |
||||
|
} |
||||
|
|
||||
|
server := &Server{ |
||||
|
Handler: Shadow2Handler(UsersHandlerOption(url.UserPassword("chacha20-ietf", "123456"))), |
||||
|
Listener: ln, |
||||
|
} |
||||
|
|
||||
|
go server.Run() |
||||
|
defer server.Close() |
||||
|
|
||||
|
b.RunParallel(func(pb *testing.PB) { |
||||
|
for pb.Next() { |
||||
|
if err := proxyRoundtrip(client, server, httpSrv.URL, sendData); err != nil { |
||||
|
b.Error(err) |
||||
|
} |
||||
|
} |
||||
|
}) |
||||
|
} |
||||
|
|
||||
|
func BenchmarkSS2Proxy_AEAD_AES_256_GCM(b *testing.B) { |
||||
|
httpSrv := httptest.NewServer(httpTestHandler) |
||||
|
defer httpSrv.Close() |
||||
|
|
||||
|
sendData := make([]byte, 128) |
||||
|
rand.Read(sendData) |
||||
|
|
||||
|
ln, err := TCPListener("") |
||||
|
if err != nil { |
||||
|
b.Error(err) |
||||
|
} |
||||
|
|
||||
|
client := &Client{ |
||||
|
Connector: Shadow2Connector(url.UserPassword("AEAD_AES_256_GCM", "123456")), |
||||
|
Transporter: TCPTransporter(), |
||||
|
} |
||||
|
|
||||
|
server := &Server{ |
||||
|
Handler: Shadow2Handler(UsersHandlerOption(url.UserPassword("AEAD_AES_256_GCM", "123456"))), |
||||
|
Listener: ln, |
||||
|
} |
||||
|
|
||||
|
go server.Run() |
||||
|
defer server.Close() |
||||
|
|
||||
|
for i := 0; i < b.N; i++ { |
||||
|
if err := proxyRoundtrip(client, server, httpSrv.URL, sendData); err != nil { |
||||
|
b.Error(err) |
||||
|
} |
||||
|
} |
||||
|
} |
||||
|
|
||||
|
func BenchmarkSS2Proxy_AEAD_AES_256_GCM_Parallel(b *testing.B) { |
||||
|
httpSrv := httptest.NewServer(httpTestHandler) |
||||
|
defer httpSrv.Close() |
||||
|
|
||||
|
sendData := make([]byte, 128) |
||||
|
rand.Read(sendData) |
||||
|
|
||||
|
ln, err := TCPListener("") |
||||
|
if err != nil { |
||||
|
b.Error(err) |
||||
|
} |
||||
|
|
||||
|
client := &Client{ |
||||
|
Connector: Shadow2Connector(url.UserPassword("AEAD_AES_256_GCM", "123456")), |
||||
|
Transporter: TCPTransporter(), |
||||
|
} |
||||
|
|
||||
|
server := &Server{ |
||||
|
Handler: Shadow2Handler(UsersHandlerOption(url.UserPassword("AEAD_AES_256_GCM", "123456"))), |
||||
|
Listener: ln, |
||||
|
} |
||||
|
|
||||
|
go server.Run() |
||||
|
defer server.Close() |
||||
|
|
||||
|
b.RunParallel(func(pb *testing.PB) { |
||||
|
for pb.Next() { |
||||
|
if err := proxyRoundtrip(client, server, httpSrv.URL, sendData); err != nil { |
||||
|
b.Error(err) |
||||
|
} |
||||
|
} |
||||
|
}) |
||||
|
} |
||||
|
|
||||
|
func BenchmarkSS2Proxy_AEAD_CHACHA20_POLY1305(b *testing.B) { |
||||
|
httpSrv := httptest.NewServer(httpTestHandler) |
||||
|
defer httpSrv.Close() |
||||
|
|
||||
|
sendData := make([]byte, 128) |
||||
|
rand.Read(sendData) |
||||
|
|
||||
|
ln, err := TCPListener("") |
||||
|
if err != nil { |
||||
|
b.Error(err) |
||||
|
} |
||||
|
|
||||
|
client := &Client{ |
||||
|
Connector: Shadow2Connector(url.UserPassword("AEAD_CHACHA20_POLY1305", "123456")), |
||||
|
Transporter: TCPTransporter(), |
||||
|
} |
||||
|
|
||||
|
server := &Server{ |
||||
|
Handler: Shadow2Handler(UsersHandlerOption(url.UserPassword("AEAD_CHACHA20_POLY1305", "123456"))), |
||||
|
Listener: ln, |
||||
|
} |
||||
|
|
||||
|
go server.Run() |
||||
|
defer server.Close() |
||||
|
|
||||
|
for i := 0; i < b.N; i++ { |
||||
|
if err := proxyRoundtrip(client, server, httpSrv.URL, sendData); err != nil { |
||||
|
b.Error(err) |
||||
|
} |
||||
|
} |
||||
|
} |
||||
|
|
||||
|
func BenchmarkSS2Proxy_AEAD_CHACHA20_POLY1305_Parallel(b *testing.B) { |
||||
|
httpSrv := httptest.NewServer(httpTestHandler) |
||||
|
defer httpSrv.Close() |
||||
|
|
||||
|
sendData := make([]byte, 128) |
||||
|
rand.Read(sendData) |
||||
|
|
||||
|
ln, err := TCPListener("") |
||||
|
if err != nil { |
||||
|
b.Error(err) |
||||
|
} |
||||
|
|
||||
|
client := &Client{ |
||||
|
Connector: Shadow2Connector(url.UserPassword("AEAD_CHACHA20_POLY1305", "123456")), |
||||
|
Transporter: TCPTransporter(), |
||||
|
} |
||||
|
|
||||
|
server := &Server{ |
||||
|
Handler: Shadow2Handler(UsersHandlerOption(url.UserPassword("AEAD_CHACHA20_POLY1305", "123456"))), |
||||
|
Listener: ln, |
||||
|
} |
||||
|
|
||||
|
go server.Run() |
||||
|
defer server.Close() |
||||
|
|
||||
|
b.RunParallel(func(pb *testing.PB) { |
||||
|
for pb.Next() { |
||||
|
if err := proxyRoundtrip(client, server, httpSrv.URL, sendData); err != nil { |
||||
|
b.Error(err) |
||||
|
} |
||||
|
} |
||||
|
}) |
||||
|
} |
||||
Loading…
Reference in new issue