From eaecac6af4feecd787cedb5b9ea6cbff4189b586 Mon Sep 17 00:00:00 2001
From: Piotr Lizonczyk <piotr.lizonczyk@gmail.com>
Date: Sun, 3 Sep 2017 01:03:41 +0200
Subject: [PATCH] Wireguard interoperability test script

This commit introduces an example of interoperability of this library
with Wireguard. The script is responsible for performing a Noise
handshake between localhost and Wireguard test server. Then, ICMP echo
request is sent and ICMP echo reply is retrieved. Lastly, Wireguard
keepalive packet is sent.

Example utilises Noise messages wrapped in Wireguard's packet
format.
---
 examples/wireguard/README.md        |  5 ++
 examples/wireguard/__init__.py      |  0
 examples/wireguard/main.py          | 89 +++++++++++++++++++++++++++++
 examples/wireguard/requirements.txt |  2 +
 4 files changed, 96 insertions(+)
 create mode 100644 examples/wireguard/README.md
 create mode 100644 examples/wireguard/__init__.py
 create mode 100644 examples/wireguard/main.py
 create mode 100644 examples/wireguard/requirements.txt

diff --git a/examples/wireguard/README.md b/examples/wireguard/README.md
new file mode 100644
index 0000000..c2ba71d
--- /dev/null
+++ b/examples/wireguard/README.md
@@ -0,0 +1,5 @@
+This example shows interoperability with Wireguard. 
+It connects to Wireguard service, does a handshake, sends and receives a ping.
+
+Run with noiseprotocol and scapy-python3 installed in your environment (python main.py) 
+or directly from here (PYTHONPATH=../../ python main.py) (you still need scapy-python3)
diff --git a/examples/wireguard/__init__.py b/examples/wireguard/__init__.py
new file mode 100644
index 0000000..e69de29
diff --git a/examples/wireguard/main.py b/examples/wireguard/main.py
new file mode 100644
index 0000000..a1c3f0e
--- /dev/null
+++ b/examples/wireguard/main.py
@@ -0,0 +1,89 @@
+import base64
+import datetime
+from hashlib import blake2s
+import socket
+import struct
+
+from scapy.layers.inet import IP, ICMP
+
+from noise.builder import NoiseBuilder, Keypair
+
+
+address = ('demo.wireguard.com', 12913)
+
+our_private = base64.b64decode('WAmgVYXkbT2bCtdcDwolI88/iVi/aV3/PHcUBTQSYmo=')
+their_public = base64.b64decode('qRCwZSKInrMAq5sepfCdaCsRJaoLe5jhtzfiw7CjbwM=')
+preshared = base64.b64decode('FpCyhws9cxwWoV4xELtfJvjJN+zQVRPISllRWgeopVE=')
+prologue = b'WireGuard v1 zx2c4 Jason@zx2c4.com'
+
+noise = NoiseBuilder.from_name(b'Noise_IKpsk2_25519_ChaChaPoly_BLAKE2s')
+noise.set_as_initiator()
+noise.set_keypair_from_private_bytes(Keypair.STATIC, our_private)
+noise.set_keypair_from_public_bytes(Keypair.REMOTE_STATIC, their_public)
+noise.set_psks(psk=preshared)
+noise.set_prologue(prologue)
+noise.start_handshake()
+
+sock = socket.socket(socket.AF_INET, socket.SOCK_DGRAM)
+
+
+# 1. Prepare and send handshake initiation packet
+now = datetime.datetime.now()
+tai = struct.pack('!qi', 4611686018427387914 + int(now.timestamp()), int(now.microsecond * 1e3))
+initiation_packet = b'\x01'  # Type: initiation
+initiation_packet += b'\x00' * 3  # Reserved
+initiation_packet += struct.pack('<i', 28)  # Sender index: 28 (arbitrary)
+initiation_packet += noise.write_message(payload=tai)
+mac_key = blake2s(b'mac1----' + their_public).digest()
+initiation_packet += blake2s(initiation_packet, digest_size=16, key=mac_key).digest()
+initiation_packet += b'\x00' * 16
+
+sock.sendto(initiation_packet, address)
+
+
+# 2. Receive response to finalize handshake
+response_packet = sock.recv(92)
+assert response_packet[0] == 2  # Type: response
+assert response_packet[1:4] == b'\x00' * 3  # Reserved
+their_index, our_index = struct.unpack('<ii', response_packet[4:12])
+assert our_index == 28
+payload = noise.read_message(response_packet[12:60])
+assert payload == b''
+assert noise.handshake_finished
+
+
+# 3. Prepare, encrypt and send ping packet
+icmp_packet = ICMP(type=8, id=921, seq=438)/b'WireGuard'
+ip_packet = IP(proto=1, ttl=20, src="10.189.129.2", dst="10.189.129.1", id=0)/icmp_packet
+ping_packet = b'\x04'  # Type: data
+ping_packet += b'\x00' * 3  # Reserved
+ping_packet += struct.pack('<iq', their_index, 0)
+ping_packet += noise.encrypt(bytes(ip_packet))
+
+sock.sendto(ping_packet, address)
+
+
+# 4. Retrieve ping response, decrypt and verify
+encrypted_response = sock.recv(80)
+assert encrypted_response[0] == 4  # Type: data
+assert encrypted_response[1:4] == b'\x00' * 3  # Reserved
+our_index, nonce = struct.unpack('<iq', encrypted_response[4:16])
+assert our_index == 28
+assert nonce == 0
+ip = IP(noise.decrypt(encrypted_response[16:]))
+icmp = ip[1]
+payload = ip[2]
+assert icmp.type == 0
+assert icmp.code == 0
+assert icmp.id == 921
+assert icmp.seq == 438
+assert payload.load == b'WireGuard'
+
+
+# 5. Send keepalive
+keepalive = b'\x04'  # Type: data
+keepalive += b'\x00' * 3  # Reserved
+keepalive += struct.pack('<iq', their_index, 1)
+keepalive += noise.encrypt(b'')
+
+sock.sendto(keepalive, address)
diff --git a/examples/wireguard/requirements.txt b/examples/wireguard/requirements.txt
new file mode 100644
index 0000000..e7e451c
--- /dev/null
+++ b/examples/wireguard/requirements.txt
@@ -0,0 +1,2 @@
+noiseprotocol
+scapy-python3