shadow_integration_tests/

e2e_flow.rs

//! Full end-to-end message flow tests

use shadow_core::PeerId;

/// Full E2E: create message → encrypt → stego embed → stego extract → decrypt → verify
pub fn test_full_e2e_flow() -> Result<(), String> {
    let alice_sk = crypto::SigningKey::generate();
    let alice_id = PeerId::random();
    let bob_sk = crypto::SigningKey::generate();
    let bob_id = PeerId::random();
    let alice_vk = alice_sk.verify_key();
    let bob_vk = bob_sk.verify_key();

    // 1. Key exchange
    let (a_state, a_pub) = messaging::SecureChannel::initiate(alice_sk, alice_id);
    let (b_state, b_pub) = messaging::SecureChannel::initiate(bob_sk, bob_id);
    let a_chan = messaging::SecureChannel::complete(a_state, &b_pub, bob_vk)
        .map_err(|e| format!("Channel setup failed: {}", e))?;
    let b_chan = messaging::SecureChannel::complete(b_state, &a_pub, alice_vk)
        .map_err(|e| format!("Channel setup failed: {}", e))?;

    // 2. Create message
    let msg = messaging::Message::text(
        alice_id,
        messaging::MessageTarget::Direct(bob_id),
        "E2E integration test: full pipeline",
    );

    // 3. Encrypt message
    let envelope = a_chan
        .encrypt_message(&msg)
        .map_err(|e| format!("Encrypt: {}", e))?;
    let env_bytes = envelope
        .to_bytes()
        .map_err(|e| format!("Env serialize: {}", e))?;

    // 4. Stego embed
    let stego_config = stego_transport::StegoChannelConfig::default();
    let stego_chan = stego_transport::StegoChannel::new(stego_config);
    let stego_image = stego_chan
        .encode(&env_bytes)
        .map_err(|e| format!("Stego encode: {}", e))?;

    // 5. Stego extract
    let extracted = stego_chan
        .decode(&stego_image)
        .map_err(|e| format!("Stego decode: {}", e))?;
    let extracted_env_bytes = &extracted[..env_bytes.len()];

    // 6. Decrypt
    let received_env = messaging::EncryptedEnvelope::from_bytes(extracted_env_bytes)
        .map_err(|e| format!("Env deserialize: {}", e))?;
    let received_msg = b_chan
        .decrypt_message(&received_env)
        .map_err(|e| format!("Decrypt: {}", e))?;

    // 7. Verify
    if received_msg.sender != alice_id {
        return Err("Sender mismatch".into());
    }

    Ok(())
}

/// Group messaging E2E test
pub fn test_group_messaging_e2e() -> Result<(), String> {
    let mut group_mgr = messaging::GroupManager::new();
    let owner = PeerId::random();
    let member1 = PeerId::random();
    let member2 = PeerId::random();

    // Create group
    let gid = group_mgr.create_group("test-e2e-group", owner);
    group_mgr.join_group(&gid, member1);
    group_mgr.join_group(&gid, member2);

    // Get group
    let group = group_mgr.get_group(&gid).ok_or("Group not found")?;
    if group.member_count() != 3 {
        return Err(format!("Expected 3 members, got {}", group.member_count()));
    }

    // Create group message
    let msg = messaging::Message::text(
        owner,
        messaging::MessageTarget::Group(gid),
        "Hello group!",
    );

    let serialized = msg.to_bytes().map_err(|e| format!("Serialize: {}", e))?;
    if serialized.is_empty() {
        return Err("Empty serialized message".into());
    }

    Ok(())
}

/// Offline queue delivery test
pub fn test_offline_queue_delivery() -> Result<(), String> {
    let alice_sk = crypto::SigningKey::generate();
    let alice_id = PeerId::random();
    let bob_sk = crypto::SigningKey::generate();
    let bob_id = PeerId::random();
    let alice_vk = alice_sk.verify_key();
    let bob_vk = bob_sk.verify_key();

    let (a_state, a_pub) = messaging::SecureChannel::initiate(alice_sk, alice_id);
    let (b_state, b_pub) = messaging::SecureChannel::initiate(bob_sk, bob_id);
    let a_chan = messaging::SecureChannel::complete(a_state, &b_pub, bob_vk)
        .map_err(|e| format!("Channel: {}", e))?;
    let b_chan = messaging::SecureChannel::complete(b_state, &a_pub, alice_vk)
        .map_err(|e| format!("Channel: {}", e))?;

    // Bob is offline — queue messages
    let mut queue = messaging::OfflineQueue::new();

    for i in 0..10 {
        let msg = messaging::Message::text(
            alice_id,
            messaging::MessageTarget::Direct(bob_id),
            format!("Queued message #{}", i),
        );
        let env = a_chan
            .encrypt_message(&msg)
            .map_err(|e| format!("Encrypt: {}", e))?;
        queue.enqueue(bob_id, env, messaging::QueuePriority::Normal);
    }

    if queue.count_for(&bob_id) != 10 {
        return Err(format!(
            "Expected 10 queued, got {}",
            queue.count_for(&bob_id)
        ));
    }

    // Bob comes online — dequeue all
    let messages = queue.dequeue_for(&bob_id);
    if messages.len() != 10 {
        return Err(format!("Expected 10 dequeued, got {}", messages.len()));
    }

    // Decrypt each
    for (i, qm) in messages.iter().enumerate() {
        let decrypted = b_chan
            .decrypt_message(&qm.envelope)
            .map_err(|e| format!("Decrypt msg {}: {}", i, e))?;
        // Verify it's from Alice
        if decrypted.sender != alice_id {
            return Err(format!("Message {} sender mismatch", i));
        }
    }

    Ok(())
}

#[cfg(test)]
mod tests {
    use super::*;

    #[test]
    fn test_e2e() {
        test_full_e2e_flow().unwrap();
    }

    #[test]
    fn test_group_e2e() {
        test_group_messaging_e2e().unwrap();
    }

    #[test]
    fn test_offline() {
        test_offline_queue_delivery().unwrap();
    }

    #[test]
    fn test_bidirectional_e2e() {
        let a_sk = crypto::SigningKey::generate();
        let a_id = PeerId::random();
        let b_sk = crypto::SigningKey::generate();
        let b_id = PeerId::random();
        let a_vk = a_sk.verify_key();
        let b_vk = b_sk.verify_key();

        let (a_state, a_pub) = messaging::SecureChannel::initiate(a_sk, a_id);
        let (b_state, b_pub) = messaging::SecureChannel::initiate(b_sk, b_id);
        let a_chan = messaging::SecureChannel::complete(a_state, &b_pub, b_vk).unwrap();
        let b_chan = messaging::SecureChannel::complete(b_state, &a_pub, a_vk).unwrap();

        // Alice → Bob
        let msg1 = messaging::Message::text(a_id, messaging::MessageTarget::Direct(b_id), "Hello Bob");
        let env1 = a_chan.encrypt_message(&msg1).unwrap();
        let dec1 = b_chan.decrypt_message(&env1).unwrap();
        assert_eq!(dec1.sender, a_id);

        // Bob → Alice
        let msg2 = messaging::Message::text(b_id, messaging::MessageTarget::Direct(a_id), "Hello Alice");
        let env2 = b_chan.encrypt_message(&msg2).unwrap();
        let dec2 = a_chan.decrypt_message(&env2).unwrap();
        assert_eq!(dec2.sender, b_id);
    }
}