def test_account_full_auth_handshake(client):
u = db.user_with_pk(flask.g.db, U1.pk)
req1 = SignedMessage.sign(account.AuthReq(u.pk), SK1)
rv1 = client.post(
'/account/challenge/gen',
json=req1.to_dict(),
)
assert rv1.status_code == 200
echal = Message.from_dict(rv1.json)
assert isinstance(echal, EncryptedMessage)
schal = EncryptedMessage.dec(echal, server.ENCKEY)
assert schal.is_valid()
chal, pk_used = schal.unwrap()
assert isinstance(chal, account.AuthChallenge)
assert pk_used == server.IDKEY.pubkey
req2 = SignedMessage.sign(account.AuthChallengeResp(echal), SK1)
rv2 = client.post(
'/account/challenge/verify',
json=req2.to_dict(),
)
assert rv2.status_code == 200
resp = Message.from_dict(rv2.json)
assert resp.err is None
assert isinstance(resp.cred, EncryptedMessage)
scred = EncryptedMessage.dec(resp.cred, server.ENCKEY)
assert scred.is_valid()
cred, pk_used = scred.unwrap()
assert isinstance(cred, account.AccountCred)
assert pk_used == server.IDKEY.pubkey
def test_account_req_resp_malformed():
db_conn = get_db()
sk = crypto.Seckey((333).to_bytes(32, byteorder='big'))
# Supposed to be signing an AccountReq, but instead signing a junk message
req = SignedMessage.sign(Stub(420), sk)
resp = server.handle_account_request(db_conn, req)
assert resp.cred is None
assert resp.err == account.AuthRespErr.Malformed
def test_signedmessage_happy():
sm = SignedMessage.sign(Stub(420), SK)
assert sm.is_valid()
assert sm.msg == Stub(420)
assert sm.is_valid()
m, pk = sm.unwrap()
assert m == Stub(420)
assert pk == SK.pubkey
def test_signedmessage_malformed():
sm = SignedMessage.sign(Stub(420), SK)
sm.msg_bytes = b'fooooo'
assert not sm.is_valid()
with pytest.raises(AssertionError):
sm.unwrap()
with pytest.raises(AssertionError):
sm.msg
def test_account_req_resp_pubkeyexists():
db_conn = get_db()
# create user with a pubkey that is already in use by another user
u = user.User('Saul3', SK1.pubkey)
req = SignedMessage.sign(account.AccountReq(u.nick, u.pk), SK1)
resp = server.handle_account_request(db_conn, req)
assert resp.cred is None
assert resp.err == account.AuthRespErr.PubkeyExists
def test_getinfo_not_getinfo():
db_conn = get_db()
# not a GetInfo
gi = SignedMessage.sign(Stub(1), SK1)
gir = server.handle_getinfo(db_conn, gi)
assert isinstance(gir, getinfo.GetInfoResp)
assert not gir.ok
assert gir.err == getinfo.GetInfoRespErr.Malformed
def test_authchallengeresp_not_authreq():
db_conn = get_db()
# Sign something other than an AuthChallengeResp
smsg = SignedMessage.sign(Stub(1), SK1)
resp = server.handle_authchallengeresp(db_conn, smsg)
assert isinstance(resp, account.AuthResp)
assert resp.cred is None
assert resp.err == account.AuthRespErr.Malformed
def test_account_req_resp_db_inserted():
db_conn = get_db()
sk = crypto.Seckey((333).to_bytes(32, byteorder='big'))
req = SignedMessage.sign(account.AccountReq('Saul3', sk.pubkey), sk)
server.handle_account_request(db_conn, req)
u_out = db.user_with_pk(db_conn, sk.pubkey)
assert u_out.rowid
assert u_out.nick == 'Saul3'
assert u_out.pk == sk.pubkey
def test_getinfo_notimpl():
db_conn = get_db()
u = db.user_with_pk(db_conn, U1.pk)
ecred = get_cred(u)
gi = SignedMessage.sign(getinfo.GetInfo(U2.pk, ecred), SK1)
gir = server.handle_getinfo(db_conn, gi)
assert isinstance(gir, getinfo.GetInfoResp)
assert not gir.ok
assert gir.err == getinfo.GetInfoRespErr.NotImpl
def test_authreq_diff_pubkey():
db_conn = get_db()
# requesting to auth with user with pubkey from SK2, but signing message
# with SK1
smsg = SignedMessage.sign(account.AuthReq(SK2.pubkey), SK1)
resp = server.handle_authreq(db_conn, smsg)
assert isinstance(resp, account.AuthResp)
assert resp.cred is None
assert resp.err == account.AuthRespErr.WrongPubkey
def test_authchallengeresp_badscred_2():
db_conn = get_db()
u = db.user_with_pk(db_conn, U1.pk)
# echal is correct but contains a broken SignedMessage
echal = get_chal(u, scred_munge=True)
sacr = SignedMessage.sign(account.AuthChallengeResp(echal), SK1)
resp = server.handle_authchallengeresp(db_conn, sacr)
assert resp.cred is None
assert resp.err == CredChalErr.Malformed
def test_authchallengeresp_expired_cred():
db_conn = get_db()
u = db.user_with_pk(db_conn, U1.pk)
# echal is expired
echal = get_chal(u, cred_expired=True)
sacr = SignedMessage.sign(account.AuthChallengeResp(echal), SK1)
resp = server.handle_authchallengeresp(db_conn, sacr)
assert resp.cred is None
assert resp.err == CredChalErr.BadCred
def test_authchallengeresp_wrong_user():
db_conn = get_db()
u = db.user_with_pk(db_conn, U1.pk)
# challenge is for a user other than the one who signed the message
echal = get_chal(u, cred_wrong_user=True)
sacr = SignedMessage.sign(account.AuthChallengeResp(echal), SK1)
resp = server.handle_authchallengeresp(db_conn, sacr)
assert resp.cred is None
assert resp.err == CredChalErr.WrongUser
def test_authreq_no_user():
db_conn = get_db()
# use an unknown sk to sign the AuthReq
sk_unknown = crypto.Seckey((98345).to_bytes(32, byteorder='big'))
smsg = SignedMessage.sign(account.AuthReq(sk_unknown.pubkey), sk_unknown)
resp = server.handle_authreq(db_conn, smsg)
assert isinstance(resp, account.AuthResp)
assert resp.cred is None
assert resp.err == SignedMessageErr.UnknownUser
def test_authchallengeresp_bad_sig():
db_conn = get_db()
pk = crypto.Pubkey((2398).to_bytes(32, byteorder='big'))
smsg = SignedMessage.sign(account.AuthReq(pk), SK1)
# munge the signature data
smsg.msg_bytes = b'fooooo'
resp = server.handle_authchallengeresp(db_conn, smsg)
assert isinstance(resp, account.AuthResp)
assert resp.cred is None
assert resp.err == SignedMessageErr.BadSig
def test_account_req_resp_badsig():
db_conn = get_db()
sk = crypto.Seckey((333).to_bytes(32, byteorder='big'))
u = user.User('Saul3', sk.pubkey)
req = SignedMessage.sign(account.AccountReq(u.nick, u.pk), sk)
# change message after it has been signed so that it won't verify
req.msg_bytes = b'foo'
resp = server.handle_account_request(db_conn, req)
assert resp.cred is None
assert resp.err is account.AuthRespErr.BadSig
def test_authchallengeresp_badcred_2():
db_conn = get_db()
u = db.user_with_pk(db_conn, U1.pk)
# echal is correct and contains good SignedMessage, but the SignedMessage
# is signed by the wrong key
echal = get_chal(u, cred_wrong_key=True)
sacr = SignedMessage.sign(account.AuthChallengeResp(echal), SK1)
resp = server.handle_authchallengeresp(db_conn, sacr)
assert resp.cred is None
assert resp.err == CredChalErr.BadCred
def test_authchallengeresp_badcred_1():
db_conn = get_db()
u = db.user_with_pk(db_conn, U1.pk)
# echal is correct and contains good SignedMessage, but the SignedMessage
# contains a Stub
echal = get_chal(u, cred_stub=True)
sacr = SignedMessage.sign(account.AuthChallengeResp(echal), SK1)
resp = server.handle_authchallengeresp(db_conn, sacr)
assert resp.cred is None
assert resp.err == CredChalErr.Malformed
def test_getinfo_badsig():
db_conn = get_db()
u = db.user_with_pk(db_conn, U1.pk)
ecred = get_cred(u)
gi = SignedMessage.sign(getinfo.GetInfo(u.pk, ecred), SK1)
# munge the signed message so it doesn't verify
gi.msg_bytes = b'nnnnnnnnnnnnnnnnnnnnnnnnaaaaaaaaaaaa'
gir = server.handle_getinfo(db_conn, gi)
assert isinstance(gir, getinfo.GetInfoResp)
assert not gir.ok
assert gir.err == SignedMessageErr.BadSig
def test_getinfo_badcred():
db_conn = get_db()
u = db.user_with_pk(db_conn, U1.pk)
ecred = get_cred(u)
# munge the cred so it isn't valid
ecred.ctext_nonce = b'0000000000000000000000000'
gi = SignedMessage.sign(getinfo.GetInfo(u.pk, ecred), SK1)
gir = server.handle_getinfo(db_conn, gi)
assert isinstance(gir, getinfo.GetInfoResp)
assert not gir.ok
assert gir.err == CredChalErr.Malformed
def test_getinfo_unknown_user_in_req():
db_conn = get_db()
# ask about a user with a pubkey that doesn't exist
fake_pk = crypto.Pubkey((98345).to_bytes(32, byteorder='big'))
u = db.user_with_pk(db_conn, U1.pk)
ecred = get_cred(u)
gi = SignedMessage.sign(getinfo.GetInfo(fake_pk, ecred), SK1)
gir = server.handle_getinfo(db_conn, gi)
assert isinstance(gir, getinfo.GetInfoResp)
assert not gir.ok
assert gir.err == getinfo.GetInfoRespErr.NoSuchUser
def test_account_req_resp_wrongpubkey():
db_conn = get_db()
sk_wrong = crypto.Seckey((420).to_bytes(32, byteorder='big'))
sk = crypto.Seckey((333).to_bytes(32, byteorder='big'))
u = user.User('Saul3', sk.pubkey)
# sign the request with the wrong seckey so it can't verify with the
# correct pubkey
req = SignedMessage.sign(account.AccountReq(u.nick, u.pk), sk_wrong)
resp = server.handle_account_request(db_conn, req)
assert resp.cred is None
assert resp.err == account.AuthRespErr.WrongPubkey
def test_authchallengeresp_bad_chal():
db_conn = get_db()
u = db.user_with_pk(db_conn, U1.pk)
echal = get_chal(u)
# use an unknown sk to sign the AuthChallengeResp
sk_unknown = crypto.Seckey((98345).to_bytes(32, byteorder='big'))
smsg = SignedMessage.sign(account.AuthChallengeResp(echal), sk_unknown)
resp = server.handle_authchallengeresp(db_conn, smsg)
assert isinstance(resp, account.AuthResp)
assert resp.cred is None
assert resp.err == SignedMessageErr.UnknownUser
def test_location_update_malformed():
db_conn = get_db()
u = db.user_with_pk(db_conn, U1.pk)
_ = get_cred(u)
# Sign a Stub instead of a LocationUpate
slu = SignedMessage.sign(Stub(90210), SK1)
resp = server.handle_location_update(db_conn, slu)
assert type(resp) == location.LocationUpdateResp
assert not resp.ok
assert resp.cred is None # TODO
assert resp.err == location.LocationUpdateRespErr.Malformed
def test_getinfo_unknown_user():
db_conn = get_db()
u = db.user_with_pk(db_conn, U1.pk)
ecred = get_cred(u)
# user who signed this message is not even in the db
fake_sk = crypto.Seckey((1).to_bytes(32, byteorder='big'))
gi = SignedMessage.sign(getinfo.GetInfo(u.pk, ecred), fake_sk)
gir = server.handle_getinfo(db_conn, gi)
assert isinstance(gir, getinfo.GetInfoResp)
assert not gir.ok
assert gir.err == SignedMessageErr.UnknownUser
def test_getinfoloc_happy_default():
db_conn = get_db()
u_me = db.user_with_pk(db_conn, U1.pk)
u_other = db.user_with_pk(db_conn, U2.pk)
insert_many_locs(db_conn, u_other)
ecred = get_cred(u_me)
gi = SignedMessage.sign(getinfo.GetInfoLocation(u_other.pk, ecred), SK1)
gir = server.handle_getinfo(db_conn, gi)
assert gir.ok
assert gir.err is None
assert len(gir.locs) == 1
def test_location_update_badecred_1():
db_conn = get_db()
u = db.user_with_pk(db_conn, U1.pk)
loc = location.Location(u, loca.Coords(42, 69), time.time())
# use a Stub instead of encrypted signed AccountCred
lu = location.LocationUpdate(loc, Stub(90210))
slu = SignedMessage.sign(lu, SK1)
resp = server.handle_location_update(db_conn, slu)
assert not resp.ok
assert resp.cred is None # TODO
assert resp.err == location.LocationUpdateRespErr.Malformed
def test_account_req_resp_happy():
db_conn = get_db()
sk = crypto.Seckey((333).to_bytes(32, byteorder='big'))
req = SignedMessage.sign(account.AccountReq('Saul3', sk.pubkey), sk)
resp = server.handle_account_request(db_conn, req)
assert resp.err is None
assert isinstance(resp.cred, EncryptedMessage)
assert isinstance(resp.cred.dec(server.ENCKEY), SignedMessage)
cred, pk_used = resp.cred.dec(server.ENCKEY).unwrap()
assert isinstance(cred, account.AccountCred)
assert pk_used == server.IDKEY.pubkey
def test_getinfoloc_multiple_count_correct_3():
db_conn = get_db()
u_me = db.user_with_pk(db_conn, U1.pk)
u_other = db.user_with_pk(db_conn, U2.pk)
num_locs = insert_many_locs(db_conn, u_other)
ecred = get_cred(u_me)
gi = SignedMessage.sign(
getinfo.GetInfoLocation(u_other.pk, ecred, count=num_locs + 10), SK1)
gir = server.handle_getinfo(db_conn, gi)
assert gir.ok
assert gir.err is None
assert len(gir.locs) == num_locs
def test_authchallengeresp_happy():
db_conn = get_db()
u = db.user_with_pk(db_conn, U1.pk)
echal = get_chal(u)
sacr = SignedMessage.sign(account.AuthChallengeResp(echal), SK1)
resp = server.handle_authchallengeresp(db_conn, sacr)
assert resp.err is None
assert isinstance(resp.cred, EncryptedMessage)
scred = EncryptedMessage.dec(resp.cred, server.ENCKEY)
cred, pk_used = SignedMessage.unwrap(scred)
assert pk_used == server.IDKEY.pubkey
assert cred.expire > time.time()