go-libp2p/p2p/security/insecure/insecure_test.go at e73513e96b30f8b93aafddde830867e8358c6c54 · libp2p/go-libp2p · GitHub

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
package insecure

import (
	"context"
	"io"
	"net"
	"testing"

	"github.com/libp2p/go-libp2p/core/crypto"
	"github.com/libp2p/go-libp2p/core/peer"
	"github.com/libp2p/go-libp2p/core/sec"

	"github.com/stretchr/testify/require"
)

// Run a set of sessions through the session setup and verification.
func TestConnections(t *testing.T) {
	clientTpt := newTestTransport(t, crypto.RSA, 2048)
	serverTpt := newTestTransport(t, crypto.Ed25519, 1024)

	clientConn, serverConn, clientErr, serverErr := connect(t, clientTpt, serverTpt, serverTpt.LocalPeer(), "")
	require.NoError(t, clientErr)
	require.NoError(t, serverErr)
	testIDs(t, clientTpt, serverTpt, clientConn, serverConn)
	testKeys(t, clientTpt, serverTpt, clientConn, serverConn)
	testReadWrite(t, clientConn, serverConn)
}

func TestPeerIdMatchInbound(t *testing.T) {
	clientTpt := newTestTransport(t, crypto.RSA, 2048)
	serverTpt := newTestTransport(t, crypto.Ed25519, 1024)

	clientConn, serverConn, clientErr, serverErr := connect(t, clientTpt, serverTpt, serverTpt.LocalPeer(), clientTpt.LocalPeer())
	require.NoError(t, clientErr)
	require.NoError(t, serverErr)
	testIDs(t, clientTpt, serverTpt, clientConn, serverConn)
	testKeys(t, clientTpt, serverTpt, clientConn, serverConn)
	testReadWrite(t, clientConn, serverConn)
}

func TestPeerIDMismatchInbound(t *testing.T) {
	clientTpt := newTestTransport(t, crypto.RSA, 2048)
	serverTpt := newTestTransport(t, crypto.Ed25519, 1024)

	_, _, _, serverErr := connect(t, clientTpt, serverTpt, serverTpt.LocalPeer(), "a-random-peer")
	require.Error(t, serverErr)
	require.Contains(t, serverErr.Error(), "remote peer sent unexpected peer ID")
}

func TestPeerIDMismatchOutbound(t *testing.T) {
	clientTpt := newTestTransport(t, crypto.RSA, 2048)
	serverTpt := newTestTransport(t, crypto.Ed25519, 1024)

	_, _, clientErr, _ := connect(t, clientTpt, serverTpt, "a random peer", "")
	require.Error(t, clientErr)
	require.Contains(t, clientErr.Error(), "remote peer sent unexpected peer ID")
}

func newTestTransport(t *testing.T, typ, bits int) *Transport {
	priv, pub, err := crypto.GenerateKeyPair(typ, bits)
	require.NoError(t, err)
	id, err := peer.IDFromPublicKey(pub)
	require.NoError(t, err)
	return NewWithIdentity("/test/1.0.0", id, priv)
}

// Create a new pair of connected TCP sockets.
func newConnPair(t *testing.T) (net.Conn, net.Conn) {
	lstnr, err := net.Listen("tcp", "localhost:0")
	require.NoError(t, err, "failed to listen")

	var clientErr error
	var client net.Conn
	done := make(chan struct{})

	go func() {
		defer close(done)
		addr := lstnr.Addr()
		client, clientErr = net.Dial(addr.Network(), addr.String())
	}()

	server, err := lstnr.Accept()
	require.NoError(t, err, "failed to accept")

	<-done
	lstnr.Close()
	require.NoError(t, clientErr, "failed to connect")
	return client, server
}

func connect(t *testing.T, clientTpt, serverTpt *Transport, clientExpectsID, serverExpectsID peer.ID) (clientConn sec.SecureConn, serverConn sec.SecureConn, clientErr, serverErr error) {
	client, server := newConnPair(t)

	done := make(chan struct{})
	go func() {
		defer close(done)
		clientConn, clientErr = clientTpt.SecureOutbound(context.TODO(), client, clientExpectsID)
	}()
	serverConn, serverErr = serverTpt.SecureInbound(context.TODO(), server, serverExpectsID)
	<-done
	return
}

// Check the peer IDs
func testIDs(t *testing.T, clientTpt, serverTpt *Transport, clientConn, serverConn sec.SecureConn) {
	t.Helper()
	require.Equal(t, clientConn.LocalPeer(), clientTpt.LocalPeer(), "Client Local Peer ID mismatch.")
	require.Equal(t, clientConn.RemotePeer(), serverTpt.LocalPeer(), "Client Remote Peer ID mismatch.")
	require.Equal(t, clientConn.LocalPeer(), serverConn.RemotePeer(), "Server Local Peer ID mismatch.")
}

// Check the keys
func testKeys(t *testing.T, clientTpt, serverTpt *Transport, clientConn, serverConn sec.SecureConn) {
	t.Helper()
	require.True(t, clientConn.RemotePublicKey().Equals(serverTpt.key.GetPublic()), "client conn key mismatch")
	require.True(t, serverConn.RemotePublicKey().Equals(clientTpt.key.GetPublic()), "server conn key mismatch")
}

// Check sending and receiving messages
func testReadWrite(t *testing.T, clientConn, serverConn sec.SecureConn) {
	before := []byte("hello world")
	_, err := clientConn.Write(before)
	require.NoError(t, err)

	after := make([]byte, len(before))
	_, err = io.ReadFull(serverConn, after)
	require.NoError(t, err)
	require.Equal(t, before, after, "message mismatch")
}