Beispiel #1
0
def insert_many_locs(db_conn, user):
    def rand_time():
        return 1 + random.random()

    count = 0
    for lat in [0, 20, 40, 60, 80]:
        for long in [0, 45, 90, 135]:
            loc = loca.Location(user, loca.Coords(lat, long), rand_time())
            db.insert_location(db_conn, loc)
            loc = loca.Location(user, loca.Coords(-lat, long), rand_time())
            db.insert_location(db_conn, loc)
            loc = loca.Location(user, loca.Coords(lat, -long), rand_time())
            db.insert_location(db_conn, loc)
            loc = loca.Location(user, loca.Coords(-lat, -long), rand_time())
            db.insert_location(db_conn, loc)
            count += 4
    return count
Beispiel #2
0
def test_location_update_badecred_1():
    db_conn = get_db()
    u = db.user_with_pk(db_conn, U1.pk)
    loc = location.Location(u, loca.Coords(42, 69), time.time())
    # use a Stub instead of encrypted signed AccountCred
    lu = location.LocationUpdate(loc, Stub(90210))
    slu = SignedMessage.sign(lu, SK1)
    resp = server.handle_location_update(db_conn, slu)
    assert not resp.ok
    assert resp.cred is None  # TODO
    assert resp.err == location.LocationUpdateRespErr.Malformed
Beispiel #3
0
def test_location_update_wrong_user():
    db_conn = get_db()
    u = db.user_with_pk(db_conn, U1.pk)
    # credential is for a user other than the one who signed the message
    ecred = get_cred(u, cred_wrong_user=True)
    loc = location.Location(u, loca.Coords(42, 69), time.time())
    lu = location.LocationUpdate(loc, ecred)
    slu = SignedMessage.sign(lu, SK1)
    resp = server.handle_location_update(db_conn, slu)
    assert not resp.ok
    assert resp.cred is None  # TODO
    assert resp.err == CredChalErr.WrongUser
Beispiel #4
0
def test_location_update_expired_cred():
    db_conn = get_db()
    u = db.user_with_pk(db_conn, U1.pk)
    # cred is expired
    ecred = get_cred(u, cred_expired=True)
    loc = location.Location(u, loca.Coords(42, 69), time.time())
    lu = location.LocationUpdate(loc, ecred)
    slu = SignedMessage.sign(lu, SK1)
    resp = server.handle_location_update(db_conn, slu)
    assert not resp.ok
    assert resp.cred is None  # TODO
    assert resp.err == CredChalErr.BadCred
Beispiel #5
0
def test_location_update_badscred_2():
    db_conn = get_db()
    u = db.user_with_pk(db_conn, U1.pk)
    # ecred is correct but contains a broken SignedMessage
    ecred = get_cred(u, scred_munge=True)
    loc = location.Location(u, loca.Coords(42, 69), time.time())
    lu = location.LocationUpdate(loc, ecred)
    slu = SignedMessage.sign(lu, SK1)
    resp = server.handle_location_update(db_conn, slu)
    assert not resp.ok
    assert resp.cred is None  # TODO
    assert resp.err == CredChalErr.Malformed
Beispiel #6
0
def test_location_update_unknown_user():
    db_conn = get_db()
    u = db.user_with_pk(db_conn, U1.pk)
    ecred = get_cred(u)
    loc = location.Location(u, loca.Coords(42, 69), time.time())
    lu = location.LocationUpdate(loc, ecred)
    # user who signed this message is not even in the db
    fake_sk = crypto.Seckey((1).to_bytes(32, byteorder='big'))
    slu = SignedMessage.sign(lu, fake_sk)
    resp = server.handle_location_update(db_conn, slu)
    assert not resp.ok
    assert resp.cred is None  # TODO
    assert resp.err == SignedMessageErr.UnknownUser
Beispiel #7
0
def test_location_update_badcred_2():
    db_conn = get_db()
    u = db.user_with_pk(db_conn, U1.pk)
    # ecred is correct and contains good SignedMessage, but the SignedMessage
    # is signed by the wrong key
    ecred = get_cred(u, cred_wrong_key=True)
    loc = location.Location(u, loca.Coords(42, 69), time.time())
    lu = location.LocationUpdate(loc, ecred)
    slu = SignedMessage.sign(lu, SK1)
    resp = server.handle_location_update(db_conn, slu)
    assert not resp.ok
    assert resp.cred is None  # TODO
    assert resp.err == CredChalErr.BadCred
Beispiel #8
0
def test_location_update_badecred_3():
    db_conn = get_db()
    u = db.user_with_pk(db_conn, U1.pk)
    ecred = get_cred(u)
    # munge the enc part of the encrypted signed account cred
    ecred.ctext_nonce = b'fooooo'
    loc = location.Location(u, loca.Coords(42, 69), time.time())
    lu = location.LocationUpdate(loc, ecred)
    slu = SignedMessage.sign(lu, SK1)
    resp = server.handle_location_update(db_conn, slu)
    assert not resp.ok
    assert resp.cred is None  # TODO
    assert resp.err == CredChalErr.Malformed
Beispiel #9
0
def test_location_update_db_inserted():
    db_conn = get_db()
    u = db.user_with_pk(db_conn, U1.pk)
    ecred = get_cred(u)
    loc = location.Location(u, loca.Coords(42, 69), time.time())
    lu = location.LocationUpdate(loc, ecred)
    slu = SignedMessage.sign(lu, SK1)
    server.handle_location_update(db_conn, slu)
    db_locs = list(db.locations_for_user(db_conn, u))
    assert len(db_locs) == 1
    assert loc.rowid is None
    loc.rowid = db_locs[0].rowid
    assert db_locs[0] == loc
Beispiel #10
0
def test_location_update_badsig():
    db_conn = get_db()
    u = db.user_with_pk(db_conn, U1.pk)
    ecred = get_cred(u)
    loc = location.Location(u, loca.Coords(42, 69), time.time())
    lu = location.LocationUpdate(loc, ecred)
    slu = SignedMessage.sign(lu, SK1)
    # ruin the sig in the signed location update
    slu.msg_bytes = b'foo'
    resp = server.handle_location_update(db_conn, slu)
    assert type(resp) == location.LocationUpdateResp
    assert not resp.ok
    assert resp.cred is None  # TODO
    assert resp.err == SignedMessageErr.BadSig
Beispiel #11
0
def test_location_update_happy(client):
    u = db.user_with_pk(flask.g.db, U1.pk)
    ecred = get_cred(u)
    loc = loca.Location(u, loca.Coords(12, 34), time.time())
    lu = location.LocationUpdate(loc, ecred)
    req = SignedMessage.sign(lu, SK1)
    rv = client.post(
        '/location/update',
        json=req.to_dict(),
    )
    assert rv.status_code == 200
    resp = Message.from_dict(rv.json)
    assert isinstance(resp, location.LocationUpdateResp)
    assert resp.err is None
    valid_cred, _ = server.validate_credchal(resp.cred, u)
    assert valid_cred
Beispiel #12
0
def test_location_update_happy():
    db_conn = get_db()
    u = db.user_with_pk(db_conn, U1.pk)
    ecred = get_cred(u)
    original_expire = expire_from_ecred(ecred, server.ENCKEY,
                                        server.IDKEY.pubkey)
    loc = location.Location(u, loca.Coords(42, 69), time.time())
    lu = location.LocationUpdate(loc, ecred)
    slu = SignedMessage.sign(lu, SK1)
    resp = server.handle_location_update(db_conn, slu)
    assert resp.ok
    assert isinstance(resp.cred, EncryptedMessage)
    scred = EncryptedMessage.dec(resp.cred, server.ENCKEY)
    cred, pk_used = SignedMessage.unwrap(scred)
    assert pk_used == server.IDKEY.pubkey
    assert cred.expire > original_expire
    assert resp.err is None
Beispiel #13
0
def test_getinfo_location(client):
    u_us = db.user_with_pk(flask.g.db, U1.pk)
    u_them = db.user_with_pk(flask.g.db, U2.pk)
    ecred = get_cred(u_us)
    loc = loca.Location(u_them, loca.Coords(12, 34), time.time())
    db.insert_location(flask.g.db, loc)
    gil = getinfo.GetInfoLocation(u_them.pk, ecred, count=1)
    req = SignedMessage.sign(gil, SK1)
    rv = client.post(
        '/getinfo/location',
        json=req.to_dict(),
    )
    assert rv.status_code == 200
    resp = Message.from_dict(rv.json)
    assert isinstance(resp, getinfo.GetInfoRespLocation)
    assert resp.ok
    assert resp.err is None
    assert len(resp.locs) == 1
    assert resp.locs[0] == loc