Switch to Ed25519 signature + XChaCha20
also add infoq nodeinfo
This commit is contained in:
John Smith
@@ -21,8 +21,8 @@ async fn shutdown(api: VeilidAPI) {
|
||||
trace!("test_table_store: finished");
|
||||
}
|
||||
|
||||
pub async fn test_enc_dec() {
|
||||
trace!("test_enc_dec");
|
||||
pub async fn test_aead() {
|
||||
trace!("test_aead");
|
||||
|
||||
let n1 = Crypto::get_random_nonce();
|
||||
let n2 = loop {
|
||||
@@ -44,52 +44,101 @@ pub async fn test_enc_dec() {
|
||||
let body2 = body.clone();
|
||||
let size_before_encrypt = body.len();
|
||||
assert!(
|
||||
Crypto::encrypt_in_place(&mut body, &n1, &ss1, None).is_ok(),
|
||||
Crypto::encrypt_in_place_aead(&mut body, &n1, &ss1, None).is_ok(),
|
||||
"encrypt should succeed"
|
||||
);
|
||||
let size_after_encrypt = body.len();
|
||||
assert!(
|
||||
size_after_encrypt - size_before_encrypt == ENCRYPTION_OVERHEAD,
|
||||
size_after_encrypt - size_before_encrypt == AEAD_OVERHEAD,
|
||||
"overhead should match"
|
||||
);
|
||||
let mut body3 = body.clone();
|
||||
let mut body4 = body.clone();
|
||||
let mut body5 = body.clone();
|
||||
assert!(
|
||||
Crypto::decrypt_in_place(&mut body, &n1, &ss1, None).is_ok(),
|
||||
Crypto::decrypt_in_place_aead(&mut body, &n1, &ss1, None).is_ok(),
|
||||
"decrypt should succeed"
|
||||
);
|
||||
assert_eq!(body, body2, "results should be the same");
|
||||
|
||||
assert!(
|
||||
Crypto::decrypt_in_place(&mut body3, &n2, &ss1, None).is_err(),
|
||||
Crypto::decrypt_in_place_aead(&mut body3, &n2, &ss1, None).is_err(),
|
||||
"decrypt with wrong nonce should fail"
|
||||
);
|
||||
assert_ne!(body3, body, "failure changes data");
|
||||
|
||||
assert!(
|
||||
Crypto::decrypt_in_place(&mut body4, &n1, &ss2, None).is_err(),
|
||||
Crypto::decrypt_in_place_aead(&mut body4, &n1, &ss2, None).is_err(),
|
||||
"decrypt with wrong secret should fail"
|
||||
);
|
||||
assert_ne!(body4, body, "failure changes data");
|
||||
|
||||
assert!(
|
||||
Crypto::decrypt_in_place(&mut body5, &n1, &ss2, Some(b"foobar")).is_err(),
|
||||
Crypto::decrypt_in_place_aead(&mut body5, &n1, &ss2, Some(b"foobar")).is_err(),
|
||||
"decrypt with wrong associated data should fail"
|
||||
);
|
||||
assert_ne!(body5, body, "failure changes data");
|
||||
|
||||
assert!(
|
||||
Crypto::decrypt(LOREM_IPSUM, &n1, &ss1, None).is_err(),
|
||||
Crypto::decrypt_aead(LOREM_IPSUM, &n1, &ss1, None).is_err(),
|
||||
"should fail authentication"
|
||||
);
|
||||
|
||||
let body5 = Crypto::encrypt(LOREM_IPSUM, &n1, &ss1, None).unwrap();
|
||||
let body6 = Crypto::decrypt(&body5, &n1, &ss1, None).unwrap();
|
||||
let body7 = Crypto::encrypt(LOREM_IPSUM, &n1, &ss1, None).unwrap();
|
||||
let body5 = Crypto::encrypt_aead(LOREM_IPSUM, &n1, &ss1, None).unwrap();
|
||||
let body6 = Crypto::decrypt_aead(&body5, &n1, &ss1, None).unwrap();
|
||||
let body7 = Crypto::encrypt_aead(LOREM_IPSUM, &n1, &ss1, None).unwrap();
|
||||
assert_eq!(body6, LOREM_IPSUM);
|
||||
assert_eq!(body5, body7);
|
||||
}
|
||||
|
||||
pub async fn test_no_auth() {
|
||||
trace!("test_no_auth");
|
||||
|
||||
let n1 = Crypto::get_random_nonce();
|
||||
let n2 = loop {
|
||||
let n = Crypto::get_random_nonce();
|
||||
if n != n1 {
|
||||
break n;
|
||||
}
|
||||
};
|
||||
|
||||
let ss1 = Crypto::get_random_secret();
|
||||
let ss2 = loop {
|
||||
let ss = Crypto::get_random_secret();
|
||||
if ss != ss1 {
|
||||
break ss;
|
||||
}
|
||||
};
|
||||
|
||||
let mut body = LOREM_IPSUM.to_vec();
|
||||
let body2 = body.clone();
|
||||
let size_before_encrypt = body.len();
|
||||
Crypto::crypt_in_place_no_auth(&mut body, &n1, &ss1);
|
||||
|
||||
let size_after_encrypt = body.len();
|
||||
assert_eq!(
|
||||
size_after_encrypt, size_before_encrypt,
|
||||
"overhead should match"
|
||||
);
|
||||
let mut body3 = body.clone();
|
||||
let mut body4 = body.clone();
|
||||
|
||||
Crypto::crypt_in_place_no_auth(&mut body, &n1, &ss1);
|
||||
assert_eq!(body, body2, "result after decrypt should be the same");
|
||||
|
||||
Crypto::crypt_in_place_no_auth(&mut body3, &n2, &ss1);
|
||||
assert_ne!(body3, body, "decrypt should not be equal with wrong nonce");
|
||||
|
||||
Crypto::crypt_in_place_no_auth(&mut body4, &n1, &ss2);
|
||||
assert_ne!(body4, body, "decrypt should not be equal with wrong secret");
|
||||
|
||||
let body5 = Crypto::crypt_no_auth(LOREM_IPSUM, &n1, &ss1);
|
||||
let body6 = Crypto::crypt_no_auth(&body5, &n1, &ss1);
|
||||
let body7 = Crypto::crypt_no_auth(LOREM_IPSUM, &n1, &ss1);
|
||||
assert_eq!(body6, LOREM_IPSUM);
|
||||
assert_eq!(body5, body7);
|
||||
}
|
||||
|
||||
pub async fn test_dh(crypto: Crypto) {
|
||||
trace!("test_dh");
|
||||
let (dht_key, dht_key_secret) = key::generate_secret();
|
||||
@@ -119,7 +168,8 @@ pub async fn test_dh(crypto: Crypto) {
|
||||
pub async fn test_all() {
|
||||
let api = startup().await;
|
||||
let crypto = api.crypto().unwrap();
|
||||
test_enc_dec().await;
|
||||
test_aead().await;
|
||||
test_no_auth().await;
|
||||
test_dh(crypto).await;
|
||||
shutdown(api.clone()).await;
|
||||
assert!(api.is_shutdown());
|
||||
|
||||
Reference in New Issue
Block a user