tests for SignedEnvelopes

This commit is contained in:
Yusef Napora 2019-11-07 12:01:00 -05:00
parent 38bf94611f
commit 10ff6fca32
2 changed files with 157 additions and 6 deletions

View File

@ -6,7 +6,6 @@ import (
"errors" "errors"
"github.com/golang/protobuf/proto" "github.com/golang/protobuf/proto"
pb "github.com/libp2p/go-libp2p-core/crypto/pb" pb "github.com/libp2p/go-libp2p-core/crypto/pb"
"github.com/libp2p/go-libp2p-core/peer"
) )
// SignedEnvelope contains an arbitrary []byte payload, signed by a libp2p peer. // SignedEnvelope contains an arbitrary []byte payload, signed by a libp2p peer.
@ -76,11 +75,6 @@ func UnmarshalEnvelope(serializedEnvelope []byte) (*SignedEnvelope, error) {
}, nil }, nil
} }
// SignerID returns the peer.ID of the peer who produced the SignedEnvelope.
func (e *SignedEnvelope) SignerID() (peer.ID, error) {
return peer.IDFromPublicKey(e.PublicKey)
}
// Validate returns true if the envelope signature is valid for the given 'domain', // Validate returns true if the envelope signature is valid for the given 'domain',
// or false if it is invalid. May return an error if signature validation fails. // or false if it is invalid. May return an error if signature validation fails.
func (e *SignedEnvelope) Validate(domain string) (bool, error) { func (e *SignedEnvelope) Validate(domain string) (bool, error) {
@ -118,6 +112,13 @@ func (e *SignedEnvelope) Open(domain string) ([]byte, error) {
return e.contents, nil return e.contents, nil
} }
func (e *SignedEnvelope) Equals(other *SignedEnvelope) bool {
return e.PublicKey.Equals(other.PublicKey) &&
bytes.Compare(e.TypeHint, other.TypeHint) == 0 &&
bytes.Compare(e.contents, other.contents) == 0 &&
bytes.Compare(e.signature, other.signature) == 0
}
// makeSigBuffer is a helper function that prepares a buffer to sign or verify. // makeSigBuffer is a helper function that prepares a buffer to sign or verify.
func makeSigBuffer(domain string, typeHint []byte, content []byte) []byte { func makeSigBuffer(domain string, typeHint []byte, content []byte) []byte {
b := bytes.Buffer{} b := bytes.Buffer{}

150
crypto/envelope_test.go Normal file
View File

@ -0,0 +1,150 @@
package crypto_test
import (
"bytes"
"github.com/gogo/protobuf/proto"
. "github.com/libp2p/go-libp2p-core/crypto"
pb "github.com/libp2p/go-libp2p-core/crypto/pb"
"github.com/libp2p/go-libp2p-core/test"
"testing"
)
// Make an envelope, verify & open it, marshal & unmarshal it
func TestEnvelopeHappyPath(t *testing.T) {
priv, pub, err := test.RandTestKeyPair(Ed25519, 256)
if err != nil {
t.Error(err)
}
contents := []byte("happy hacking")
domain := "libp2p-testing"
typeHint := []byte("/libp2p/testdata")
envelope, err := MakeEnvelope(priv, domain, typeHint, contents)
if err != nil {
t.Errorf("error constructing envelope: %v", err)
}
if !envelope.PublicKey.Equals(pub) {
t.Error("envelope has unexpected public key")
}
if bytes.Compare(typeHint, envelope.TypeHint) != 0 {
t.Error("TypeHint does not match typeHint used to construct envelope")
}
valid, err := envelope.Validate(domain)
if err != nil {
t.Errorf("error validating envelope: %v", err)
}
if !valid {
t.Error("envelope should be valid, but Valid returns false")
}
c, err := envelope.Open(domain)
if err != nil {
t.Errorf("error opening envelope: %v", err)
}
if bytes.Compare(c, contents) != 0 {
t.Error("contents of envelope do not match input")
}
serialized, err := envelope.Marshal()
if err != nil {
t.Errorf("error serializing envelope: %v", err)
}
deserialized, err := UnmarshalEnvelope(serialized)
if err != nil {
t.Errorf("error deserializing envelope: %v", err)
}
if !envelope.Equals(deserialized) {
t.Error("round-trip serde results in unequal envelope structures")
}
}
func TestEnvelopeValidateFailsForDifferentDomain(t *testing.T) {
priv, _, err := test.RandTestKeyPair(Ed25519, 256)
if err != nil {
t.Error(err)
}
contents := []byte("happy hacking")
domain := "libp2p-testing"
typeHint := []byte("/libp2p/testdata")
envelope, err := MakeEnvelope(priv, domain, typeHint, contents)
if err != nil {
t.Errorf("error constructing envelope: %v", err)
}
valid, err := envelope.Validate("other-domain")
if err != nil {
t.Errorf("error validating envelope: %v", err)
}
if valid {
t.Error("envelope should be invalid, but Valid returns true")
}
}
func TestEnvelopeValidateFailsIfTypeHintIsAltered(t *testing.T) {
priv, _, err := test.RandTestKeyPair(Ed25519, 256)
if err != nil {
t.Error(err)
}
contents := []byte("happy hacking")
domain := "libp2p-testing"
typeHint := []byte("/libp2p/testdata")
envelope, err := MakeEnvelope(priv, domain, typeHint, contents)
if err != nil {
t.Errorf("error constructing envelope: %v", err)
}
envelope.TypeHint = []byte("foo")
valid, err := envelope.Validate("other-domain")
if err != nil {
t.Errorf("error validating envelope: %v", err)
}
if valid {
t.Error("envelope should be invalid, but Valid returns true")
}
}
func TestEnvelopeValidateFailsIfContentsAreAltered(t *testing.T) {
priv, _, err := test.RandTestKeyPair(Ed25519, 256)
if err != nil {
t.Error(err)
}
contents := []byte("happy hacking")
domain := "libp2p-testing"
typeHint := []byte("/libp2p/testdata")
envelope, err := MakeEnvelope(priv, domain, typeHint, contents)
if err != nil {
t.Errorf("error constructing envelope: %v", err)
}
// since the contents field is private, we'll serialize and alter the
// serialized protobuf
serialized, err := envelope.Marshal()
if err != nil {
t.Errorf("error serializing envelope: %v", err)
}
msg := pb.SignedEnvelope{}
err = proto.Unmarshal(serialized, &msg)
if err != nil {
t.Errorf("error deserializing envelope: %v", err)
}
msg.Contents = []byte("totally legit, trust me")
serialized, err = proto.Marshal(&msg)
// unmarshal our altered envelope
deserialized, err := UnmarshalEnvelope(serialized)
if err != nil {
t.Errorf("error deserializing envelope: %v", err)
}
// verify that it's now invalid
valid, err := deserialized.Validate(domain)
if err != nil {
t.Errorf("error validating envelope: %v", err)
}
if valid {
t.Error("envelope should be invalid, but Valid returns true")
}
}