liz/veilid
1
0
Fork 0
Code Pull Requests Packages Releases Activity

refactor rpc validation

Browse Source
This commit is contained in:
John Smith
2023-04-20 11:47:54 -04:00
parent b4a071170d
commit 7f909a06b9
52 changed files with 729 additions and 430 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
veilid-core/src/network_manager/mod.rs
View File

@@ -463,7 +463,7 @@ impl NetworkManager {
will_validate_dial_info: false,
};
};
let own_node_info = own_peer_info.signed_node_info.node_info();
let own_node_info = own_peer_info.signed_node_info().node_info();
let will_route = own_node_info.can_inbound_relay(); // xxx: eventually this may have more criteria added
let will_tunnel = own_node_info.can_inbound_relay(); // xxx: we may want to restrict by battery life and network bandwidth at some point
@@ -490,7 +490,7 @@ impl NetworkManager {
};
};
let own_node_info = own_peer_info.signed_node_info.node_info();
let own_node_info = own_peer_info.signed_node_info().node_info();
let will_relay = own_node_info.can_inbound_relay();
let will_validate_dial_info = own_node_info.can_validate_dial_info();

100
veilid-core/src/network_manager/tests/test_signed_node_info.rs
View File

@@ -34,50 +34,39 @@ pub async fn test_signed_node_info() {
node_info.clone(),
)
.unwrap();
let mut tks: TypedKeySet = TypedKey::new(ck, keypair.key).into();
let tks: TypedKeySet = TypedKey::new(ck, keypair.key).into();
let oldtkslen = tks.len();
let _ = SignedDirectNodeInfo::new(
crypto.clone(),
&mut tks,
let sdni = SignedDirectNodeInfo::new(
node_info.clone(),
sni.timestamp,
sni.signatures.clone(),
)
.unwrap();
assert_eq!(tks.len(), oldtkslen);
assert_eq!(tks.len(), sni.signatures.len());
sni.timestamp(),
sni.signatures().to_vec(),
);
let tks_validated = sdni.validate(&tks, crypto.clone()).unwrap();
assert_eq!(tks_validated.len(), oldtkslen);
assert_eq!(tks_validated.len(), sni.signatures().len());
// Test incorrect validation
let keypair1 = vcrypto.generate_keypair();
let mut tks1: TypedKeySet = TypedKey::new(ck, keypair1.key).into();
let tks1: TypedKeySet = TypedKey::new(ck, keypair1.key).into();
let oldtks1len = tks1.len();
let _ = SignedDirectNodeInfo::new(
crypto.clone(),
&mut tks1,
let sdni = SignedDirectNodeInfo::new(
node_info.clone(),
sni.timestamp,
sni.signatures.clone(),
)
.unwrap_err();
assert_eq!(tks1.len(), oldtks1len);
assert_eq!(tks1.len(), sni.signatures.len());
sni.timestamp(),
sni.signatures().to_vec(),
);
sdni.validate(&tks1, crypto.clone()).unwrap_err();
// Test unsupported cryptosystem validation
let fake_crypto_kind: CryptoKind = FourCC::from([0, 1, 2, 3]);
let mut tksfake: TypedKeySet = TypedKey::new(fake_crypto_kind, PublicKey::default()).into();
let mut sigsfake = sni.signatures.clone();
let mut sigsfake = sni.signatures().to_vec();
sigsfake.push(TypedSignature::new(fake_crypto_kind, Signature::default()));
tksfake.add(TypedKey::new(ck, keypair.key));
let sdnifake = SignedDirectNodeInfo::new(
crypto.clone(),
&mut tksfake,
node_info.clone(),
sni.timestamp,
sigsfake.clone(),
)
.unwrap();
assert_eq!(tksfake.len(), 1);
assert_eq!(sdnifake.signatures.len(), sigsfake.len());
let sdnifake =
SignedDirectNodeInfo::new(node_info.clone(), sni.timestamp(), sigsfake.clone());
let tksfake_validated = sdnifake.validate(&tksfake, crypto.clone()).unwrap();
assert_eq!(tksfake_validated.len(), 1);
assert_eq!(sdnifake.signatures().len(), sigsfake.len());
// Test relayed
let node_info2 = NodeInfo {
@@ -94,7 +83,7 @@ pub async fn test_signed_node_info() {
// Test correct validation
let keypair2 = vcrypto.generate_keypair();
let mut tks2: TypedKeySet = TypedKey::new(ck, keypair2.key).into();
let tks2: TypedKeySet = TypedKey::new(ck, keypair2.key).into();
let oldtks2len = tks2.len();
let sni2 = SignedRelayedNodeInfo::make_signatures(
@@ -105,58 +94,49 @@ pub async fn test_signed_node_info() {
sni.clone(),
)
.unwrap();
let _ = SignedRelayedNodeInfo::new(
crypto.clone(),
&mut tks2,
let srni = SignedRelayedNodeInfo::new(
node_info2.clone(),
tks.clone(),
sni.clone(),
sni2.timestamp,
sni2.signatures.clone(),
)
.unwrap();
sni2.timestamp(),
sni2.signatures().to_vec(),
);
let tks2_validated = srni.validate(&tks2, crypto.clone()).unwrap();
assert_eq!(tks2.len(), oldtks2len);
assert_eq!(tks2.len(), sni2.signatures.len());
assert_eq!(tks2_validated.len(), oldtks2len);
assert_eq!(tks2_validated.len(), sni2.signatures().len());
// Test incorrect validation
let keypair3 = vcrypto.generate_keypair();
let mut tks3: TypedKeySet = TypedKey::new(ck, keypair3.key).into();
let tks3: TypedKeySet = TypedKey::new(ck, keypair3.key).into();
let oldtks3len = tks3.len();
let _ = SignedRelayedNodeInfo::new(
crypto.clone(),
&mut tks3,
let srni = SignedRelayedNodeInfo::new(
node_info2.clone(),
tks.clone(),
sni.clone(),
sni2.timestamp,
sni2.signatures.clone(),
)
.unwrap_err();
assert_eq!(tks3.len(), oldtks3len);
assert_eq!(tks3.len(), sni2.signatures.len());
sni2.timestamp(),
sni2.signatures().to_vec(),
);
srni.validate(&tks3, crypto.clone()).unwrap_err();
// Test unsupported cryptosystem validation
let fake_crypto_kind: CryptoKind = FourCC::from([0, 1, 2, 3]);
let mut tksfake3: TypedKeySet =
TypedKey::new(fake_crypto_kind, PublicKey::default()).into();
let mut sigsfake3 = sni2.signatures.clone();
let mut sigsfake3 = sni2.signatures().to_vec();
sigsfake3.push(TypedSignature::new(fake_crypto_kind, Signature::default()));
tksfake3.add(TypedKey::new(ck, keypair2.key));
let srnifake = SignedRelayedNodeInfo::new(
crypto.clone(),
&mut tksfake3,
node_info2.clone(),
tks.clone(),
sni.clone(),
sni2.timestamp,
sni2.timestamp(),
sigsfake3.clone(),
)
.unwrap();
assert_eq!(tksfake3.len(), 1);
assert_eq!(srnifake.signatures.len(), sigsfake3.len());
);
let tksfake3_validated = srnifake.validate(&tksfake3, crypto.clone()).unwrap();
assert_eq!(tksfake3_validated.len(), 1);
assert_eq!(srnifake.signatures().len(), sigsfake3.len());
}
api.shutdown().await;