def test_authorization_trust_request(self): """ Test the AuthorizationTrustRequestHandler returns an AuthorizationTrustResponse if the AuthorizationTrustRequest should be approved. """ auth_trust_request = AuthorizationTrustRequest( roles=[RoleType.Value("NETWORK")], public_key="public_key") roles = {"network": AuthorizationType.TRUST} network = MockNetwork(roles, connection_status={ "connection_id": ConnectionStatus.CONNECTION_REQUEST }) permission_verifer = MockPermissionVerifier() gossip = MockGossip() handler = AuthorizationTrustRequestHandler(network, permission_verifer, gossip) handler_status = handler.handle("connection_id", auth_trust_request.SerializeToString()) self.assertEqual(handler_status.status, HandlerStatus.RETURN) self.assertEqual(handler_status.message_type, validator_pb2.Message.AUTHORIZATION_TRUST_RESPONSE)
def test_authorization_trust_request_bad_last_message(self): """ Test the AuthorizationTrustRequestHandler returns an AuthorizationViolation and closes the connection if the last message was not a ConnectionRequest. """ auth_trust_request = AuthorizationTrustRequest( roles=[RoleType.Value("NETWORK")], public_key="public_key") roles = {"network": AuthorizationType.TRUST} network = MockNetwork( roles, connection_status={"connection_id": "other"}) permission_verifer = MockPermissionVerifier() gossip = MockGossip() handler = AuthorizationTrustRequestHandler( network, permission_verifer, gossip) handler_status = handler.handle( "connection_id", auth_trust_request.SerializeToString()) self.assertEqual(handler_status.status, HandlerStatus.RETURN_AND_CLOSE) self.assertEqual( handler_status.message_type, validator_pb2.Message.AUTHORIZATION_VIOLATION)
def do_authorization_challenge_submit(): """ Test the AuthorizationChallengeSubmitHandler returns an AuthorizationChallengeResult. """ context = create_context('secp256k1') private_key = context.new_random_private_key() crypto_factory = CryptoFactory(context) signer = crypto_factory.new_signer(private_key) payload = os.urandom(10) signature = signer.sign(payload) auth_challenge_submit = AuthorizationChallengeSubmit( public_key=signer.get_public_key().as_hex(), signature=signature, roles=[RoleType.Value("NETWORK")]) roles = {"network": AuthorizationType.TRUST} network = MockNetwork(roles, connection_status={ "connection_id": ConnectionStatus.AUTH_CHALLENGE_REQUEST }) permission_verifer = MockPermissionVerifier() gossip = MockGossip() handler = AuthorizationChallengeSubmitHandler(network, permission_verifer, gossip, {"connection_id": payload}) handler_status = handler.handle("connection_id", auth_challenge_submit.SerializeToString()) return handler_status
def test_authorization_challenge_submit(self): """ Test the AuthorizationChallengeSubmitHandler returns an AuthorizationViolation and closes the connection if the permission verifier does not permit the public_key. """ private_key = signing.generate_private_key() public_key = signing.generate_public_key(private_key) payload = os.urandom(10) signature = signing.sign(payload, private_key) auth_challenge_submit = AuthorizationChallengeSubmit( public_key=public_key, payload=payload, signature=signature, roles=[RoleType.Value("NETWORK")]) roles = {"network": AuthorizationType.TRUST} network = MockNetwork(roles, connection_status={ "connection_id": ConnectionStatus.AUTH_CHALLENGE_REQUEST }) permission_verifer = MockPermissionVerifier(allow=False) gossip = MockGossip() handler = AuthorizationChallengeSubmitHandler(network, permission_verifer, gossip) handler_status = handler.handle( "connection_id", auth_challenge_submit.SerializeToString()) self.assertEqual(handler_status.status, HandlerStatus.RETURN_AND_CLOSE) self.assertEqual(handler_status.message_type, validator_pb2.Message.AUTHORIZATION_VIOLATION)
def test_authorization_challenge_submit_bad_last_message(self): """ Test the AuthorizationChallengeSubmitHandler returns an AuthorizationViolation and closes the connection if the last message was not AuthorizaitonChallengeRequest. """ context = create_context('secp256k1') private_key = context.new_random_private_key() crypto_factory = CryptoFactory(context) signer = crypto_factory.new_signer(private_key) payload = os.urandom(10) signature = signer.sign(payload) auth_challenge_submit = AuthorizationChallengeSubmit( public_key=signer.get_public_key().as_hex(), signature=signature, roles=[RoleType.Value("NETWORK")]) roles = {"network": AuthorizationType.TRUST} network = MockNetwork(roles, connection_status={"connection_id": "other"}) permission_verifer = MockPermissionVerifier() gossip = MockGossip() handler = AuthorizationChallengeSubmitHandler( network, permission_verifer, gossip, {"connection_id": payload}) handler_status = handler.handle( "connection_id", auth_challenge_submit.SerializeToString()) self.assertEqual(handler_status.status, HandlerStatus.RETURN_AND_CLOSE) self.assertEqual(handler_status.message_type, validator_pb2.Message.AUTHORIZATION_VIOLATION)
def test_authorization_trust_request_not_permitted(self): """ Test the AuthorizationTrustRequestHandler returns an AuthorizationViolation and closes the connection if the permission verifier does not permit the connections public key. """ auth_trust_request = AuthorizationTrustRequest( roles=[RoleType.Value("NETWORK")], public_key="public_key") roles = {"network": AuthorizationType.TRUST} network = MockNetwork(roles, connection_status={ "connection_id": ConnectionStatus.CONNECTION_REQUEST }) # say that connection is not permitted permission_verifer = MockPermissionVerifier(allow=False) gossip = MockGossip() handler = AuthorizationTrustRequestHandler(network, permission_verifer, gossip) handler_status = handler.handle("connection_id", auth_trust_request.SerializeToString()) self.assertEqual(handler_status.status, HandlerStatus.RETURN_AND_CLOSE) self.assertEqual(handler_status.message_type, validator_pb2.Message.AUTHORIZATION_VIOLATION)
def test_ping_handler(self): """ Test the PingHandler allows a ping from a connection who has not finished authorization and returns a NetworkAck. Also test that if that connection sends another ping in a short time period, the connection is deemed malicious, an AuthorizationViolation is returned, and the connection is closed. """ ping = PingRequest() network = MockNetwork({}, connection_status={"connection_id": None}) handler = PingHandler(network) handler_status = handler.handle("connection_id", ping.SerializeToString()) self.assertEqual(handler_status.status, HandlerStatus.RETURN) self.assertEqual( handler_status.message_type, validator_pb2.Message.PING_RESPONSE) handler_status = handler.handle("connection_id", ping.SerializeToString()) self.assertEqual(handler_status.status, HandlerStatus.RETURN_AND_CLOSE) self.assertEqual( handler_status.message_type, validator_pb2.Message.AUTHORIZATION_VIOLATION)
def do_connect(): connect_message = ConnectionRequest(endpoint="endpoint") roles = {"network": AuthorizationType.TRUST} network = MockNetwork(roles) handler = ConnectHandler(network) handler_status = handler.handle("connection_id", connect_message.SerializeToString()) return handler_status
def do_ping_handler(): """ Test the PingHandler returns a NetworkAck if the connection has has finished authorization. """ ping = PingRequest() network = MockNetwork( {}, connection_status={"connection_id": ConnectionStatus.CONNECTED}) handler = PingHandler(network) handler_status = handler.handle("connection_id", ping.SerializeToString()) return handler_status
def test_connect_bad_endpoint(self): """ Test the ConnectHandler correctly responds to a ConnectionRequest. """ connect_message = ConnectionRequest(endpoint="tcp://0.0.0.0:8800") roles = {"network": AuthorizationType.TRUST} network = MockNetwork(roles) handler = ConnectHandler(network) handler_status = handler.handle("connection_id", connect_message.SerializeToString()) self.assertEqual(handler_status.status, HandlerStatus.RETURN_AND_CLOSE) self.assertEqual( handler_status.message_type, validator_pb2.Message.AUTHORIZATION_CONNECTION_RESPONSE)
def test_ping_handler(self): """ Test the PingHandler returns a NetworkAck if the connection has has finished authorization. """ ping = PingRequest() network = MockNetwork( {}, connection_status={"connection_id": ConnectionStatus.CONNECTED}) handler = PingHandler(network) handler_status = handler.handle("connection_id", ping.SerializeToString()) self.assertEqual(handler_status.status, HandlerStatus.RETURN) self.assertEqual(handler_status.message_type, validator_pb2.Message.PING_RESPONSE)
def test_connect_not_allowing_incoming_connections(self): """ Test the ConnectHandler closes a connection if we are not accepting incoming connections """ connect_message = ConnectionRequest(endpoint="endpoint") roles = {"network": AuthorizationType.TRUST} network = MockNetwork(roles, allow_inbound=False) handler = ConnectHandler(network) handler_status = handler.handle("connection_id", connect_message.SerializeToString()) self.assertEqual(handler_status.status, HandlerStatus.RETURN_AND_CLOSE) self.assertEqual( handler_status.message_type, validator_pb2.Message.AUTHORIZATION_CONNECTION_RESPONSE)
def test_connect_bad_role_type(self): """ Test the ConnectHandler closes the connection if the role has an unsupported role type. """ connect_message = ConnectionRequest(endpoint="endpoint") roles = {"network": "other"} network = MockNetwork(roles) handler = ConnectHandler(network) handler_status = handler.handle("connection_id", connect_message.SerializeToString()) self.assertEqual(handler_status.status, HandlerStatus.RETURN_AND_CLOSE) self.assertEqual( handler_status.message_type, validator_pb2.Message.AUTHORIZATION_CONNECTION_RESPONSE)
def test_connect_wrong_previous_message(self): """ Test the ConnectHandler closes a connection if any authorization message has been recieved before this connection request. """ connect_message = ConnectionRequest(endpoint="endpoint") roles = {"network": AuthorizationType.TRUST} network = MockNetwork(roles, connection_status={"connection_id": "other"}) handler = ConnectHandler(network) handler_status = handler.handle("connection_id", connect_message.SerializeToString()) self.assertEqual(handler_status.status, HandlerStatus.RETURN_AND_CLOSE) self.assertEqual( handler_status.message_type, validator_pb2.Message.AUTHORIZATION_CONNECTION_RESPONSE)
def test_authorization_challenge_request_bad_last_message(self): """ Test the AuthorizationChallengeRequestHandler returns an AuthorizationViolation and closes the connection if the last message was not a ConnectionRequst """ auth_challenge_request = AuthorizationChallengeRequest() roles = {"network": AuthorizationType.TRUST} network = MockNetwork(roles, connection_status={"connection_id": "other"}) handler = AuthorizationChallengeRequestHandler(network) handler_status = handler.handle( "connection_id", auth_challenge_request.SerializeToString()) self.assertEqual(handler_status.status, HandlerStatus.RETURN_AND_CLOSE) self.assertEqual(handler_status.message_type, validator_pb2.Message.AUTHORIZATION_VIOLATION)
def do_authorization_challenge_request(): """ Test the AuthorizationChallengeRequestHandler returns an AuthorizationChallengeResponse. """ auth_challenge_request = AuthorizationChallengeRequest() roles = {"network": AuthorizationType.TRUST} network = MockNetwork(roles, connection_status={ "connection_id": ConnectionStatus.CONNECTION_REQUEST }) handler = AuthorizationChallengeRequestHandler(network) handler_status = handler.handle("connection_id", auth_challenge_request.SerializeToString()) return handler_status
def test_authorization_challenge_request(self): """ Test the AuthorizationChallengeRequestHandler returns an AuthorizationChallengeResponse. """ auth_challenge_request = AuthorizationChallengeRequest() roles = {"network": AuthorizationType.TRUST} network = MockNetwork(roles, connection_status={ "connection_id": ConnectionStatus.CONNECTION_REQUEST }) handler = AuthorizationChallengeRequestHandler(network) handler_status = handler.handle( "connection_id", auth_challenge_request.SerializeToString()) self.assertEqual(handler_status.status, HandlerStatus.RETURN) self.assertEqual( handler_status.message_type, validator_pb2.Message.AUTHORIZATION_CHALLENGE_RESPONSE)
def do_authorization_trust_request(): """ Test the AuthorizationTrustRequestHandler returns an AuthorizationTrustResponse if the AuthorizationTrustRequest should be approved. """ auth_trust_request = AuthorizationTrustRequest( roles=[RoleType.Value("NETWORK")], public_key="public_key") roles = {"network": AuthorizationType.TRUST} network = MockNetwork(roles, connection_status={ "connection_id": ConnectionStatus.CONNECTION_REQUEST }) permission_verifer = MockPermissionVerifier() gossip = MockGossip() handler = AuthorizationTrustRequestHandler(network, permission_verifer, gossip) handler_status = handler.handle("connection_id", auth_trust_request.SerializeToString()) return handler_status