mirror of
https://github.com/rosenpass/rosenpass.git
synced 2026-02-28 14:33:37 -08:00
dev(rosenpass): add support for the shake256 hash function in the rosenpass crate
This commit is contained in:
David Niehues
@@ -26,7 +26,7 @@ use rosenpass_util::{
|
||||
use std::os::fd::{AsFd, AsRawFd};
|
||||
use tempfile::TempDir;
|
||||
use zerocopy::AsBytes;
|
||||
|
||||
use rosenpass::config::ProtocolVersion;
|
||||
use rosenpass::protocol::SymKey;
|
||||
|
||||
struct KillChild(std::process::Child);
|
||||
@@ -48,7 +48,16 @@ impl Drop for KillChild {
|
||||
}
|
||||
|
||||
#[test]
|
||||
fn api_integration_api_setup() -> anyhow::Result<()> {
|
||||
fn api_integration_api_setup_v02() -> anyhow::Result<()> {
|
||||
api_integration_api_setup(ProtocolVersion::V02)
|
||||
}
|
||||
|
||||
#[test]
|
||||
fn api_integration_api_setup_v03() -> anyhow::Result<()> {
|
||||
api_integration_api_setup(ProtocolVersion::V03)
|
||||
}
|
||||
|
||||
fn api_integration_api_setup(protocol_version: ProtocolVersion) -> anyhow::Result<()> {
|
||||
rosenpass_secret_memory::policy::secret_policy_use_only_malloc_secrets();
|
||||
|
||||
let dir = TempDir::with_prefix("rosenpass-api-integration-test")?;
|
||||
@@ -96,6 +105,7 @@ fn api_integration_api_setup() -> anyhow::Result<()> {
|
||||
peer: format!("{}", peer_b_wg_peer_id.fmt_b64::<8129>()),
|
||||
extra_params: vec![],
|
||||
}),
|
||||
protocol_version: protocol_version.clone(),
|
||||
}],
|
||||
};
|
||||
|
||||
@@ -116,6 +126,7 @@ fn api_integration_api_setup() -> anyhow::Result<()> {
|
||||
endpoint: Some(peer_a_endpoint.to_owned()),
|
||||
pre_shared_key: None,
|
||||
wg: None,
|
||||
protocol_version: protocol_version.clone(),
|
||||
}],
|
||||
};
|
||||
|
||||
|
||||
@@ -17,6 +17,7 @@ use tempfile::TempDir;
|
||||
use zerocopy::AsBytes;
|
||||
|
||||
use rosenpass::protocol::SymKey;
|
||||
use rosenpass::config::ProtocolVersion;
|
||||
|
||||
struct KillChild(std::process::Child);
|
||||
|
||||
@@ -37,7 +38,16 @@ impl Drop for KillChild {
|
||||
}
|
||||
|
||||
#[test]
|
||||
fn api_integration_test() -> anyhow::Result<()> {
|
||||
fn api_integration_test_v02() -> anyhow::Result<()> {
|
||||
api_integration_test(ProtocolVersion::V02)
|
||||
}
|
||||
|
||||
fn api_integration_test_v03() -> anyhow::Result<()> {
|
||||
api_integration_test(ProtocolVersion::V03)
|
||||
}
|
||||
|
||||
|
||||
fn api_integration_test(protocol_version: ProtocolVersion) -> anyhow::Result<()> {
|
||||
rosenpass_secret_memory::policy::secret_policy_use_only_malloc_secrets();
|
||||
|
||||
let dir = TempDir::with_prefix("rosenpass-api-integration-test")?;
|
||||
@@ -73,6 +83,7 @@ fn api_integration_test() -> anyhow::Result<()> {
|
||||
endpoint: None,
|
||||
pre_shared_key: None,
|
||||
wg: None,
|
||||
protocol_version: protocol_version.clone(),
|
||||
}],
|
||||
};
|
||||
|
||||
@@ -93,6 +104,7 @@ fn api_integration_test() -> anyhow::Result<()> {
|
||||
endpoint: Some(peer_a_endpoint.to_owned()),
|
||||
pre_shared_key: None,
|
||||
wg: None,
|
||||
protocol_version: protocol_version.clone(),
|
||||
}],
|
||||
};
|
||||
|
||||
|
||||
@@ -13,13 +13,23 @@ use rosenpass::{
|
||||
app_server::{ipv4_any_binding, ipv6_any_binding, AppServer, AppServerTest, MAX_B64_KEY_SIZE},
|
||||
protocol::{SPk, SSk, SymKey},
|
||||
};
|
||||
use rosenpass::config::ProtocolVersion;
|
||||
use rosenpass_cipher_traits::Kem;
|
||||
use rosenpass_ciphers::kem::StaticKem;
|
||||
use rosenpass_secret_memory::Secret;
|
||||
use rosenpass_util::{file::LoadValueB64, functional::run, mem::DiscardResultExt, result::OkExt};
|
||||
|
||||
#[test]
|
||||
fn key_exchange_with_app_server() -> anyhow::Result<()> {
|
||||
fn key_exchange_with_app_server_v02() -> anyhow::Result<()> {
|
||||
key_exchange_with_app_server(ProtocolVersion::V02)
|
||||
}
|
||||
|
||||
#[test]
|
||||
fn key_exchange_with_app_server_v03() -> anyhow::Result<()> {
|
||||
key_exchange_with_app_server(ProtocolVersion::V03)
|
||||
}
|
||||
|
||||
fn key_exchange_with_app_server(protocol_version: ProtocolVersion) -> anyhow::Result<()> {
|
||||
let tmpdir = tempfile::tempdir()?;
|
||||
let outfile_a = tmpdir.path().join("osk_a");
|
||||
let outfile_b = tmpdir.path().join("osk_b");
|
||||
@@ -57,7 +67,7 @@ fn key_exchange_with_app_server() -> anyhow::Result<()> {
|
||||
let port = otr_port;
|
||||
let hostname = is_client.then(|| format!("[::1]:{port}"));
|
||||
srv.app_srv
|
||||
.add_peer(psk, pk, outfile, broker_peer, hostname)?;
|
||||
.add_peer(psk, pk, outfile, broker_peer, hostname, protocol_version.clone())?;
|
||||
|
||||
srv.app_srv.event_loop()
|
||||
})
|
||||
|
||||
@@ -251,7 +251,7 @@ fn check_exchange_under_normal() {
|
||||
fs::remove_dir_all(&tmpdir).unwrap();
|
||||
}
|
||||
|
||||
// check that we can trigger a DoS condition and we can exchange keys under DoS
|
||||
// check that we can trigger a DoS condition, and we can exchange keys under DoS
|
||||
// This test creates a responder (server) with the feature flag "integration_test_always_under_load" to always be under load condition for the test.
|
||||
#[test]
|
||||
#[serial]
|
||||
|
||||
@@ -9,20 +9,26 @@ use rosenpass_cipher_traits::Kem;
|
||||
use rosenpass_ciphers::kem::StaticKem;
|
||||
use rosenpass_util::result::OkExt;
|
||||
|
||||
use rosenpass::protocol::{
|
||||
testutils::time_travel_forward, CryptoServer, HostIdentification, MsgBuf, PeerPtr, PollResult,
|
||||
SPk, SSk, SymKey, Timing, UNENDING,
|
||||
};
|
||||
use rosenpass::protocol::{testutils::time_travel_forward, CryptoServer, HostIdentification, MsgBuf, PeerPtr, PollResult, ProtocolVersion, SPk, SSk, SymKey, Timing, UNENDING};
|
||||
|
||||
// TODO: Most of the utility functions in here should probably be moved to
|
||||
// rosenpass::protocol::testutils;
|
||||
|
||||
#[test]
|
||||
fn test_successful_exchange_with_poll() -> anyhow::Result<()> {
|
||||
fn test_successful_exchange_with_poll_v02() -> anyhow::Result<()> {
|
||||
test_successful_exchange_with_poll(ProtocolVersion::V02)
|
||||
}
|
||||
|
||||
#[test]
|
||||
fn test_successful_exchange_with_poll_v03() -> anyhow::Result<()> {
|
||||
test_successful_exchange_with_poll(ProtocolVersion::V03)
|
||||
}
|
||||
|
||||
fn test_successful_exchange_with_poll(protocol_version: ProtocolVersion) -> anyhow::Result<()> {
|
||||
// Set security policy for storing secrets; choose the one that is faster for testing
|
||||
rosenpass_secret_memory::policy::secret_policy_use_only_malloc_secrets();
|
||||
|
||||
let mut sim = RosenpassSimulator::new()?;
|
||||
let mut sim = RosenpassSimulator::new(protocol_version)?;
|
||||
sim.poll_loop(150)?; // Poll 75 times
|
||||
let transcript = sim.transcript;
|
||||
|
||||
@@ -79,12 +85,21 @@ fn test_successful_exchange_with_poll() -> anyhow::Result<()> {
|
||||
}
|
||||
|
||||
#[test]
|
||||
fn test_successful_exchange_under_packet_loss() -> anyhow::Result<()> {
|
||||
fn test_successful_exchange_under_packet_loss_v02() -> anyhow::Result<()> {
|
||||
test_successful_exchange_under_packet_loss(ProtocolVersion::V02)
|
||||
}
|
||||
|
||||
#[test]
|
||||
fn test_successful_exchange_under_packet_loss_v03() -> anyhow::Result<()> {
|
||||
test_successful_exchange_under_packet_loss(ProtocolVersion::V03)
|
||||
}
|
||||
|
||||
fn test_successful_exchange_under_packet_loss(protocol_version: ProtocolVersion) -> anyhow::Result<()> {
|
||||
// Set security policy for storing secrets; choose the one that is faster for testing
|
||||
rosenpass_secret_memory::policy::secret_policy_use_only_malloc_secrets();
|
||||
|
||||
// Create the simulator
|
||||
let mut sim = RosenpassSimulator::new()?;
|
||||
let mut sim = RosenpassSimulator::new(protocol_version)?;
|
||||
|
||||
// Make sure the servers are set to under load condition
|
||||
sim.srv_a.under_load = true;
|
||||
@@ -272,7 +287,7 @@ struct SimulatorServer {
|
||||
|
||||
impl RosenpassSimulator {
|
||||
/// Set up the simulator
|
||||
fn new() -> anyhow::Result<Self> {
|
||||
fn new(protocol_version: ProtocolVersion) -> anyhow::Result<Self> {
|
||||
// Set up the first server
|
||||
let (mut peer_a_sk, mut peer_a_pk) = (SSk::zero(), SPk::zero());
|
||||
StaticKem::keygen(peer_a_sk.secret_mut(), peer_a_pk.deref_mut())?;
|
||||
@@ -285,8 +300,8 @@ impl RosenpassSimulator {
|
||||
|
||||
// Generate a PSK and introduce the Peers to each other.
|
||||
let psk = SymKey::random();
|
||||
let peer_a = srv_a.add_peer(Some(psk.clone()), peer_b_pk)?;
|
||||
let peer_b = srv_b.add_peer(Some(psk), peer_a_pk)?;
|
||||
let peer_a = srv_a.add_peer(Some(psk.clone()), peer_b_pk, protocol_version.clone())?;
|
||||
let peer_b = srv_b.add_peer(Some(psk), peer_a_pk, protocol_version.clone())?;
|
||||
|
||||
// Set up the individual server data structures
|
||||
let srv_a = SimulatorServer::new(srv_a, peer_b);
|
||||
@@ -314,8 +329,8 @@ impl RosenpassSimulator {
|
||||
Ok(())
|
||||
}
|
||||
|
||||
/// Every call to poll produces one [TranscriptEvent] and
|
||||
/// and implicitly adds it to [Self:::transcript]
|
||||
/// Every call to poll produces one [TranscriptEvent]
|
||||
/// and implicitly adds it to [Self::transcript]
|
||||
fn poll(&mut self) -> anyhow::Result<&TranscriptEvent> {
|
||||
let ev = TranscriptEvent::begin_poll()
|
||||
.try_fold_with(|| self.poll_focus.poll(self))?
|
||||
|
||||
Reference in New Issue
Block a user