1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
#![cfg_attr(not(feature = "std"), no_std)]
mod bytes;
mod error;
pub use error::HandshakeError;
mod crypto;
#[cfg(feature = "std")]
mod util;
#[cfg(feature = "std")]
#[path = ""]
mod std_stuff {
mod client;
pub use client::client_side;
mod server;
pub use server::server_side;
}
#[cfg(feature = "std")]
pub use std_stuff::*;
pub mod sync;
#[cfg(all(test, feature = "std"))]
mod tests {
use super::*;
use std::io::ErrorKind;
use futures::executor::block_on;
use futures::future::join;
extern crate async_ringbuffer;
use async_ringbuffer::Duplex;
use ssb_crypto::{Keypair, NetworkKey, PublicKey};
#[test]
fn basic() {
let (mut c_stream, mut s_stream) = Duplex::pair(1024);
let skey = Keypair::generate();
let ckey = Keypair::generate();
let net_key = NetworkKey::SSB_MAIN_NET;
let client_side = client_side(&mut c_stream, &net_key, &ckey, &skey.public);
let server_side = server_side(&mut s_stream, &net_key, &skey);
let (c_out, s_out) = block_on(async { join(client_side, server_side).await });
let c_out = c_out.unwrap();
let s_out = s_out.unwrap();
assert_eq!(c_out.write_key.0, s_out.read_key.0);
assert_eq!(c_out.read_key.0, s_out.write_key.0);
assert_eq!(c_out.write_starting_nonce.0, s_out.read_starting_nonce.0);
assert_eq!(c_out.read_starting_nonce.0, s_out.write_starting_nonce.0);
}
fn is_eof_err<T>(r: &Result<T, HandshakeError<std::io::Error>>) -> bool {
match r {
Err(HandshakeError::Io(e)) => e.kind() == ErrorKind::UnexpectedEof,
_ => false,
}
}
#[test]
fn server_rejects_wrong_netkey() {
let (mut c_stream, mut s_stream) = Duplex::pair(1024);
let skey = Keypair::generate();
let ckey = Keypair::generate();
let cnet = NetworkKey::generate();
let snet = NetworkKey::generate();
let client = client_side(&mut c_stream, &cnet, &ckey, &skey.public);
let server = server_side(&mut s_stream, &snet, &skey);
let (c_out, s_out) = block_on(async { join(client, server).await });
assert!(is_eof_err(&c_out));
match s_out {
Err(HandshakeError::ClientHelloVerifyFailed) => {}
_ => panic!(),
};
}
#[test]
fn server_rejects_wrong_pk() {
test_handshake_with_bad_server_pk(&PublicKey([0; 32]));
let key = Keypair::generate();
test_handshake_with_bad_server_pk(&key.public);
}
fn test_handshake_with_bad_server_pk(bad_pk: &PublicKey) {
let (mut c_stream, mut s_stream) = Duplex::pair(1024);
let skey = Keypair::generate();
let ckey = Keypair::generate();
let net_key = NetworkKey::SSB_MAIN_NET;
let client_side = client_side(&mut c_stream, &net_key, &ckey, &bad_pk);
let server_side = server_side(&mut s_stream, &net_key, &skey);
let (c_out, s_out) = block_on(async { join(client_side, server_side).await });
assert!(c_out.is_err());
assert!(s_out.is_err());
}
}