core
/
e3pf
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

more tests

This commit is contained in:
c0repwn3r 2023-05-03 21:02:25 -04:00
parent 79c31c29d8
commit 5a2fd78754
Signed by: core
GPG Key ID: FDBF740DADDCEECF
7 changed files with 284 additions and 6 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

105
Cargo.lock generated
View File

@ -61,6 +61,12 @@ version = "1.6.0"
source = "registry+https://github.com/rust-lang/crates.io-index" source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "8c3c1a368f70d6cf7302d78f8f7093da241fb8e8807c05cc9e51a125895a6d5b" checksum = "8c3c1a368f70d6cf7302d78f8f7093da241fb8e8807c05cc9e51a125895a6d5b"
[[package]]
name = "bitflags"
version = "1.3.2"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "bef38d45163c2f1dde094a7dfd33ccf595c92905c8f8f4fdc18d06fb1037718a"
[[package]] [[package]]
name = "block-buffer" name = "block-buffer"
version = "0.10.4" version = "0.10.4"
@ -262,6 +268,19 @@ dependencies = [
"syn 2.0.15", "syn 2.0.15",
] ]
[[package]]
name = "dashmap"
version = "5.4.0"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "907076dfda823b0b36d2a1bb5f90c96660a5bbcd7729e10727f07858f22c4edc"
dependencies = [
"cfg-if",
"hashbrown",
"lock_api",
"once_cell",
"parking_lot_core",
]
[[package]] [[package]]
name = "der" name = "der"
version = "0.7.5" version = "0.7.5"
@ -422,6 +441,12 @@ dependencies = [
"wasi 0.11.0+wasi-snapshot-preview1", "wasi 0.11.0+wasi-snapshot-preview1",
] ]
[[package]]
name = "hashbrown"
version = "0.12.3"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "8a9ee70c43aaf417c914396645a0fa852624801b24ebb7ae78fe8272889ac888"
[[package]] [[package]]
name = "hermit-abi" name = "hermit-abi"
version = "0.1.19" version = "0.1.19"
@ -529,6 +554,7 @@ dependencies = [
"rmp-serde", "rmp-serde",
"serde", "serde",
"serde_arrays", "serde_arrays",
"serial_test",
"sha2", "sha2",
"simple_logger", "simple_logger",
"tcp-test", "tcp-test",
@ -551,6 +577,16 @@ dependencies = [
"cc", "cc",
] ]
[[package]]
name = "lock_api"
version = "0.4.9"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "435011366fe56583b16cf956f9df0095b405b82d76425bc8981c0e22e60ec4df"
dependencies = [
"autocfg",
"scopeguard",
]
[[package]] [[package]]
name = "log" name = "log"
version = "0.4.17" version = "0.4.17"
@ -638,6 +674,29 @@ dependencies = [
"libm", "libm",
] ]
[[package]]
name = "parking_lot"
version = "0.12.1"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "3742b2c103b9f06bc9fff0a37ff4912935851bee6d36f3c02bcc755bcfec228f"
dependencies = [
"lock_api",
"parking_lot_core",
]
[[package]]
name = "parking_lot_core"
version = "0.9.7"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "9069cbb9f99e3a5083476ccb29ceb1de18b9118cafa53e90c9551235de2b9521"
dependencies = [
"cfg-if",
"libc",
"redox_syscall",
"smallvec",
"windows-sys 0.45.0",
]
[[package]] [[package]]
name = "paste" name = "paste"
version = "1.0.12" version = "1.0.12"
@ -747,6 +806,15 @@ dependencies = [
"getrandom", "getrandom",
] ]
[[package]]
name = "redox_syscall"
version = "0.2.16"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "fb5a58c1855b4b6819d59012155603f0b22ad30cad752600aadfcb695265519a"
dependencies = [
"bitflags",
]
[[package]] [[package]]
name = "rmp" name = "rmp"
version = "0.8.11" version = "0.8.11"
@ -769,6 +837,12 @@ dependencies = [
"serde", "serde",
] ]
[[package]]
name = "scopeguard"
version = "1.1.0"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "d29ab0c6d3fc0ee92fe66e2d99f700eab17a8d57d1c1d3b748380fb20baa78cd"
[[package]] [[package]]
name = "scratch" name = "scratch"
version = "1.0.5" version = "1.0.5"
@ -804,6 +878,31 @@ dependencies = [
"syn 2.0.15", "syn 2.0.15",
] ]
[[package]]
name = "serial_test"
version = "2.0.0"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "0e56dd856803e253c8f298af3f4d7eb0ae5e23a737252cd90bb4f3b435033b2d"
dependencies = [
"dashmap",
"futures",
"lazy_static",
"log",
"parking_lot",
"serial_test_derive",
]
[[package]]
name = "serial_test_derive"
version = "2.0.0"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "91d129178576168c589c9ec973feedf7d3126c01ac2bf08795109aa35b69fb8f"
dependencies = [
"proc-macro2",
"quote",
"syn 2.0.15",
]
[[package]] [[package]]
name = "sha2" name = "sha2"
version = "0.10.6" version = "0.10.6"
@ -843,6 +942,12 @@ dependencies = [
"autocfg", "autocfg",
] ]
[[package]]
name = "smallvec"
version = "1.10.0"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "a507befe795404456341dfab10cef66ead4c041f62b8b11bbb92bffe5d0953e0"
[[package]] [[package]]
name = "socket2" name = "socket2"
version = "0.4.9" version = "0.4.9"

1
libepf/Cargo.toml
View File

@ -27,3 +27,4 @@ tcp-test = "0.1"
futures = "0.3" futures = "0.3"
simple_logger = "4.1" simple_logger = "4.1"
hex-literal = "0.4.1" hex-literal = "0.4.1"
serial_test = "2.0.0"

11
libepf/src/ca_pool.rs
View File

@ -50,6 +50,7 @@ impl Display for EpfCaPoolLoaderError {
impl Error for EpfCaPoolLoaderError {} impl Error for EpfCaPoolLoaderError {}
#[cfg(unix)] #[cfg(unix)]
#[cfg(not(tarpaulin))]
pub fn load_ca_pool() -> Result<EpfCaPool, Box<dyn Error>> { pub fn load_ca_pool() -> Result<EpfCaPool, Box<dyn Error>> {
let mut cert_strings = vec![]; let mut cert_strings = vec![];
@ -68,3 +69,13 @@ pub fn load_ca_pool() -> Result<EpfCaPool, Box<dyn Error>> {
Ok(ca_pool) Ok(ca_pool)
} }
#[cfg(test)]
mod tests {
use crate::ca_pool::EpfCaPoolLoaderError;
#[test]
pub fn ca_pool_error_display_test() {
println!("{}", EpfCaPoolLoaderError::CertDirDoesNotExist("".to_string()));
}
}

16
libepf/src/error.rs
View File

@ -28,3 +28,19 @@ impl Display for EpfHandshakeError {
} }
} }
impl Error for EpfHandshakeError {} impl Error for EpfHandshakeError {}
#[cfg(test)]
mod tests {
use crate::error::EpfHandshakeError;
use crate::pki::EpfPkiCertificateValidationError;
#[test]
pub fn error_display_test() {
println!("{}", EpfHandshakeError::AlreadyTunnelled);
println!("{}", EpfHandshakeError::UnsupportedProtocolVersion(0));
println!("{}", EpfHandshakeError::InvalidCertificate(EpfPkiCertificateValidationError::ValidAfterSigner));
println!("{}", EpfHandshakeError::UntrustedCertificate);
println!("{}", EpfHandshakeError::EncryptionError);
println!("{}", EpfHandshakeError::MissingKeyProof);
}
}

81
libepf/src/handshake_stream.rs
View File

@ -707,15 +707,16 @@ mod tests {
use std::net::SocketAddr; use std::net::SocketAddr;
use std::str::FromStr; use std::str::FromStr;
use std::time::{SystemTime, UNIX_EPOCH}; use std::time::{SystemTime, UNIX_EPOCH};
use serial_test::serial;
use tokio::io::{AsyncReadExt, AsyncWriteExt};
use tokio::join; use tokio::join;
use tokio::net::{TcpListener, TcpSocket, TcpStream}; use tokio::net::{TcpListener, TcpSocket, TcpStream};
use x25519_dalek::{PublicKey, StaticSecret}; use x25519_dalek::{PublicKey, StaticSecret};
#[tokio::test] #[tokio::test]
#[serial]
pub async fn stream_test() { pub async fn stream_test() {
simple_logger::init().unwrap(); //simple_logger::init().unwrap();
let tcp_listener = TcpListener::bind("0.0.0.0:36116").await.unwrap(); let tcp_listener = TcpListener::bind("0.0.0.0:36116").await.unwrap();
@ -787,6 +788,82 @@ mod tests {
let mut s: EpfServerUpgraded<TcpStream> = let mut s: EpfServerUpgraded<TcpStream> =
EpfServerUpgradable::upgrade(s, server_cert, server_private_key).await; EpfServerUpgradable::upgrade(s, server_cert, server_private_key).await;
let server_handshake_accept_task = tokio::spawn(async move {
trace!("starting server handshake listener");
s.handshake(cert_pool_2).await.unwrap();
let mut upgraded = s.upgrade().await;
assert_eq!(upgraded.read().await.unwrap(), vec![0x42, 0x42]);
upgraded.write(&[0x42, 0x42]).await.unwrap();
});
let client_handshake_send_task = tokio::spawn(async move {
trace!("starting client handshake sender");
c.handshake(cert_pool).await.unwrap();
let mut upgraded = EpfClientHandshaker::upgrade(c).await;
upgraded.write(&[0x42, 0x42]).await.unwrap();
assert_eq!(upgraded.read().await.unwrap(), vec![0x42, 0x42]);
});
let (a, b) = join![server_handshake_accept_task, client_handshake_send_task];
a.unwrap();
b.unwrap();
}
#[tokio::test]
#[serial]
pub async fn stream_test_ephemeral() {
//simple_logger::init().unwrap();
let tcp_listener = TcpListener::bind("0.0.0.0:36117").await.unwrap();
let tcp_client_future = TcpSocket::new_v4()
.unwrap()
.connect(SocketAddr::from_str("127.0.0.1:36117").unwrap());
let (a, b) = join![tcp_listener.accept(), tcp_client_future];
let (s, _) = a.unwrap();
let c = b.unwrap();
let server_private_key = SigningKey::from([1u8; 32]);
let mut server_cert = EPFCertificate {
details: EPFCertificateDetails {
name: "Testing Server Certificate".to_string(),
not_before: 0,
not_after: SystemTime::now()
.duration_since(UNIX_EPOCH)
.unwrap()
.as_secs()
+ 30,
public_key: server_private_key.verifying_key().to_bytes(),
issuer_public_key: [0u8; 32],
claims: Default::default(),
},
fingerprint: "".to_string(),
signature: [0u8; 64],
};
server_cert.sign(&server_private_key).unwrap();
debug!(
"{}",
hex::encode(server_private_key.verifying_key().to_bytes())
);
let mut cert_pool = EpfCaPool::new();
let mut cert_pool_2 = EpfCaPool::new();
cert_pool.insert(&server_cert);
cert_pool_2.insert(&server_cert);
let mut c: EpfClientUpgraded<TcpStream> = EpfClientUpgradable::upgrade(
c,
ClientAuthentication::Ephemeral,
)
.await;
let mut s: EpfServerUpgraded<TcpStream> =
EpfServerUpgradable::upgrade(s, server_cert, server_private_key).await;
let server_handshake_accept_task = tokio::spawn(async move { let server_handshake_accept_task = tokio::spawn(async move {
trace!("starting server handshake listener"); trace!("starting server handshake listener");
s.handshake(cert_pool_2).await.unwrap(); s.handshake(cert_pool_2).await.unwrap();

68
libepf/src/pki.rs
View File

@ -615,6 +615,74 @@ mod tests {
)) ))
} }
#[test]
pub fn certificate_verification_fingerprint_does_not_match() {
let private_key = SigningKey::generate(&mut OsRng);
let public_key = private_key.verifying_key();
let mut fingerprint_does_not_match_cert = EPFCertificate {
details: EPFCertificateDetails {
name: "Testing Certificate - Fingerprint Non Matching".to_string(),
not_before: SystemTime::now()
.duration_since(UNIX_EPOCH)
.unwrap()
.as_secs()
- 20,
not_after: SystemTime::now()
.duration_since(UNIX_EPOCH)
.unwrap()
.as_secs()
+ 30,
public_key: [0u8; 32],
issuer_public_key: *public_key.as_bytes(),
claims: Default::default(),
},
fingerprint: "".to_string(),
signature: [0u8; EPFPKI_SIGNATURE_LENGTH],
};
fingerprint_does_not_match_cert.sign(&private_key).unwrap();
fingerprint_does_not_match_cert.fingerprint = "0".to_string();
let ca_pool = EpfCaPool::new();
assert!(matches!(fingerprint_does_not_match_cert.verify(&ca_pool).unwrap_err(), EpfPkiCertificateValidationError::FingerprintDoesNotMatch { .. }));
}
#[test]
pub fn certificate_verification_invalid_signature() {
let private_key = SigningKey::generate(&mut OsRng);
let public_key = private_key.verifying_key();
let mut fingerprint_does_not_match_cert = EPFCertificate {
details: EPFCertificateDetails {
name: "Testing Certificate - Fingerprint Non Matching".to_string(),
not_before: SystemTime::now()
.duration_since(UNIX_EPOCH)
.unwrap()
.as_secs()
- 20,
not_after: SystemTime::now()
.duration_since(UNIX_EPOCH)
.unwrap()
.as_secs()
+ 30,
public_key: [0u8; 32],
issuer_public_key: *public_key.as_bytes(),
claims: Default::default(),
},
fingerprint: "".to_string(),
signature: [0u8; EPFPKI_SIGNATURE_LENGTH],
};
fingerprint_does_not_match_cert.sign(&private_key).unwrap();
fingerprint_does_not_match_cert.signature = [0u8; 64];
let ca_pool = EpfCaPool::new();
assert!(matches!(fingerprint_does_not_match_cert.verify(&ca_pool).unwrap_err(), EpfPkiCertificateValidationError::InvalidSignature { .. }));
}
#[test] #[test]
pub fn certificate_verification_not_valid_yet() { pub fn certificate_verification_not_valid_yet() {
let not_yet_valid_cert = EPFCertificate { let not_yet_valid_cert = EPFCertificate {

4
tarpaulin-report.html
View File

File diff suppressed because one or more lines are too long