mirror of
https://code.briarproject.org/briar/briar.git
synced 2026-02-18 05:39:53 +01:00
Moved stream crypto to crypto component.
This commit is contained in:
akwizgran
@@ -1,183 +0,0 @@
|
||||
package org.briarproject.transport;
|
||||
|
||||
import static org.briarproject.api.transport.TransportConstants.AAD_LENGTH;
|
||||
import static org.briarproject.api.transport.TransportConstants.HEADER_LENGTH;
|
||||
import static org.briarproject.api.transport.TransportConstants.IV_LENGTH;
|
||||
import static org.briarproject.api.transport.TransportConstants.MAC_LENGTH;
|
||||
|
||||
import java.io.ByteArrayInputStream;
|
||||
|
||||
import org.briarproject.BriarTestCase;
|
||||
import org.briarproject.TestLifecycleModule;
|
||||
import org.briarproject.TestSystemModule;
|
||||
import org.briarproject.api.FormatException;
|
||||
import org.briarproject.api.crypto.AuthenticatedCipher;
|
||||
import org.briarproject.api.crypto.CryptoComponent;
|
||||
import org.briarproject.api.crypto.SecretKey;
|
||||
import org.briarproject.crypto.CryptoModule;
|
||||
import org.junit.Test;
|
||||
|
||||
import com.google.inject.Guice;
|
||||
import com.google.inject.Injector;
|
||||
|
||||
public class IncomingEncryptionLayerTest extends BriarTestCase {
|
||||
|
||||
// FIXME: This is an integration test, not a unit test
|
||||
|
||||
private static final int FRAME_LENGTH = 1024;
|
||||
private static final int MAX_PAYLOAD_LENGTH =
|
||||
FRAME_LENGTH - HEADER_LENGTH - MAC_LENGTH;
|
||||
|
||||
private final CryptoComponent crypto;
|
||||
private final AuthenticatedCipher frameCipher;
|
||||
private final SecretKey frameKey;
|
||||
|
||||
public IncomingEncryptionLayerTest() {
|
||||
Injector i = Guice.createInjector(new CryptoModule(),
|
||||
new TestLifecycleModule(), new TestSystemModule());
|
||||
crypto = i.getInstance(CryptoComponent.class);
|
||||
frameCipher = crypto.getFrameCipher();
|
||||
frameKey = crypto.generateSecretKey();
|
||||
}
|
||||
|
||||
@Test
|
||||
public void testReadValidFrames() throws Exception {
|
||||
// Generate two valid frames
|
||||
byte[] frame = generateFrame(0, FRAME_LENGTH, 123, false, false);
|
||||
byte[] frame1 = generateFrame(1, FRAME_LENGTH, 123, false, false);
|
||||
// Concatenate the frames
|
||||
byte[] valid = new byte[FRAME_LENGTH * 2];
|
||||
System.arraycopy(frame, 0, valid, 0, FRAME_LENGTH);
|
||||
System.arraycopy(frame1, 0, valid, FRAME_LENGTH, FRAME_LENGTH);
|
||||
// Read the frames
|
||||
ByteArrayInputStream in = new ByteArrayInputStream(valid);
|
||||
IncomingEncryptionLayer i = new IncomingEncryptionLayer(in, frameCipher,
|
||||
frameKey, FRAME_LENGTH);
|
||||
byte[] buf = new byte[FRAME_LENGTH - MAC_LENGTH];
|
||||
assertEquals(123, i.readFrame(buf));
|
||||
assertEquals(123, i.readFrame(buf));
|
||||
}
|
||||
|
||||
@Test
|
||||
public void testTruncatedFrameThrowsException() throws Exception {
|
||||
// Generate a valid frame
|
||||
byte[] frame = generateFrame(0, FRAME_LENGTH, 123, false, false);
|
||||
// Chop off the last byte
|
||||
byte[] truncated = new byte[FRAME_LENGTH - 1];
|
||||
System.arraycopy(frame, 0, truncated, 0, FRAME_LENGTH - 1);
|
||||
// Try to read the frame, which should fail due to truncation
|
||||
ByteArrayInputStream in = new ByteArrayInputStream(truncated);
|
||||
IncomingEncryptionLayer i = new IncomingEncryptionLayer(in, frameCipher,
|
||||
frameKey, FRAME_LENGTH);
|
||||
try {
|
||||
i.readFrame(new byte[FRAME_LENGTH - MAC_LENGTH]);
|
||||
fail();
|
||||
} catch(FormatException expected) {}
|
||||
}
|
||||
|
||||
@Test
|
||||
public void testModifiedFrameThrowsException() throws Exception {
|
||||
// Generate a valid frame
|
||||
byte[] frame = generateFrame(0, FRAME_LENGTH, 123, false, false);
|
||||
// Modify a randomly chosen byte of the frame
|
||||
frame[(int) (Math.random() * FRAME_LENGTH)] ^= 1;
|
||||
// Try to read the frame, which should fail due to modification
|
||||
ByteArrayInputStream in = new ByteArrayInputStream(frame);
|
||||
IncomingEncryptionLayer i = new IncomingEncryptionLayer(in, frameCipher,
|
||||
frameKey, FRAME_LENGTH);
|
||||
try {
|
||||
i.readFrame(new byte[FRAME_LENGTH - MAC_LENGTH]);
|
||||
fail();
|
||||
} catch(FormatException expected) {}
|
||||
}
|
||||
|
||||
@Test
|
||||
public void testShortNonFinalFrameThrowsException() throws Exception {
|
||||
// Generate a short non-final frame
|
||||
byte[] frame = generateFrame(0, FRAME_LENGTH - 1, 123, false, false);
|
||||
// Try to read the frame, which should fail due to invalid length
|
||||
ByteArrayInputStream in = new ByteArrayInputStream(frame);
|
||||
IncomingEncryptionLayer i = new IncomingEncryptionLayer(in, frameCipher,
|
||||
frameKey, FRAME_LENGTH);
|
||||
try {
|
||||
i.readFrame(new byte[FRAME_LENGTH - MAC_LENGTH]);
|
||||
fail();
|
||||
} catch(FormatException expected) {}
|
||||
}
|
||||
|
||||
@Test
|
||||
public void testShortFinalFrameDoesNotThrowException() throws Exception {
|
||||
// Generate a short final frame
|
||||
byte[] frame = generateFrame(0, FRAME_LENGTH - 1, 123, true, false);
|
||||
// Read the frame
|
||||
ByteArrayInputStream in = new ByteArrayInputStream(frame);
|
||||
IncomingEncryptionLayer i = new IncomingEncryptionLayer(in, frameCipher,
|
||||
frameKey, FRAME_LENGTH);
|
||||
int length = i.readFrame(new byte[FRAME_LENGTH - MAC_LENGTH]);
|
||||
assertEquals(123, length);
|
||||
}
|
||||
|
||||
@Test
|
||||
public void testInvalidPayloadLengthThrowsException() throws Exception {
|
||||
// Generate a frame with an invalid payload length
|
||||
byte[] frame = generateFrame(0, FRAME_LENGTH, MAX_PAYLOAD_LENGTH + 1,
|
||||
false, false);
|
||||
// Try to read the frame, which should fail due to invalid length
|
||||
ByteArrayInputStream in = new ByteArrayInputStream(frame);
|
||||
IncomingEncryptionLayer i = new IncomingEncryptionLayer(in, frameCipher,
|
||||
frameKey, FRAME_LENGTH);
|
||||
try {
|
||||
i.readFrame(new byte[FRAME_LENGTH - MAC_LENGTH]);
|
||||
fail();
|
||||
} catch(FormatException expected) {}
|
||||
}
|
||||
|
||||
@Test
|
||||
public void testNonZeroPaddingThrowsException() throws Exception {
|
||||
// Generate a frame with bad padding
|
||||
byte[] frame = generateFrame(0, FRAME_LENGTH, 123, false, true);
|
||||
// Try to read the frame, which should fail due to bad padding
|
||||
ByteArrayInputStream in = new ByteArrayInputStream(frame);
|
||||
IncomingEncryptionLayer i = new IncomingEncryptionLayer(in, frameCipher,
|
||||
frameKey, FRAME_LENGTH);
|
||||
try {
|
||||
i.readFrame(new byte[FRAME_LENGTH - MAC_LENGTH]);
|
||||
fail();
|
||||
} catch(FormatException expected) {}
|
||||
}
|
||||
|
||||
@Test
|
||||
public void testCannotReadBeyondFinalFrame() throws Exception {
|
||||
// Generate a valid final frame and another valid final frame after it
|
||||
byte[] frame = generateFrame(0, FRAME_LENGTH, MAX_PAYLOAD_LENGTH, true,
|
||||
false);
|
||||
byte[] frame1 = generateFrame(1, FRAME_LENGTH, 123, true, false);
|
||||
// Concatenate the frames
|
||||
byte[] extraFrame = new byte[FRAME_LENGTH * 2];
|
||||
System.arraycopy(frame, 0, extraFrame, 0, FRAME_LENGTH);
|
||||
System.arraycopy(frame1, 0, extraFrame, FRAME_LENGTH, FRAME_LENGTH);
|
||||
// Read the final frame, which should first read the tag
|
||||
ByteArrayInputStream in = new ByteArrayInputStream(extraFrame);
|
||||
IncomingEncryptionLayer i = new IncomingEncryptionLayer(in, frameCipher,
|
||||
frameKey, FRAME_LENGTH);
|
||||
byte[] buf = new byte[FRAME_LENGTH - MAC_LENGTH];
|
||||
assertEquals(MAX_PAYLOAD_LENGTH, i.readFrame(buf));
|
||||
// The frame after the final frame should not be read
|
||||
assertEquals(-1, i.readFrame(buf));
|
||||
}
|
||||
|
||||
private byte[] generateFrame(long frameNumber, int frameLength,
|
||||
int payloadLength, boolean finalFrame, boolean badPadding)
|
||||
throws Exception {
|
||||
byte[] iv = new byte[IV_LENGTH], aad = new byte[AAD_LENGTH];
|
||||
byte[] plaintext = new byte[frameLength - MAC_LENGTH];
|
||||
byte[] ciphertext = new byte[frameLength];
|
||||
FrameEncoder.encodeIv(iv, frameNumber);
|
||||
FrameEncoder.encodeAad(aad, frameNumber, plaintext.length);
|
||||
frameCipher.init(true, frameKey, iv, aad);
|
||||
FrameEncoder.encodeHeader(plaintext, finalFrame, payloadLength);
|
||||
if(badPadding) plaintext[HEADER_LENGTH + payloadLength] = 1;
|
||||
frameCipher.doFinal(plaintext, 0, plaintext.length, ciphertext, 0);
|
||||
return ciphertext;
|
||||
}
|
||||
}
|
||||
@@ -1,104 +0,0 @@
|
||||
package org.briarproject.transport;
|
||||
|
||||
import static org.briarproject.api.transport.TransportConstants.AAD_LENGTH;
|
||||
import static org.briarproject.api.transport.TransportConstants.HEADER_LENGTH;
|
||||
import static org.briarproject.api.transport.TransportConstants.IV_LENGTH;
|
||||
import static org.briarproject.api.transport.TransportConstants.MAC_LENGTH;
|
||||
import static org.briarproject.api.transport.TransportConstants.TAG_LENGTH;
|
||||
|
||||
import java.io.ByteArrayOutputStream;
|
||||
import java.util.Random;
|
||||
|
||||
import org.briarproject.BriarTestCase;
|
||||
import org.briarproject.TestLifecycleModule;
|
||||
import org.briarproject.TestSystemModule;
|
||||
import org.briarproject.api.crypto.AuthenticatedCipher;
|
||||
import org.briarproject.api.crypto.CryptoComponent;
|
||||
import org.briarproject.api.crypto.SecretKey;
|
||||
import org.briarproject.crypto.CryptoModule;
|
||||
import org.junit.Test;
|
||||
|
||||
import com.google.inject.Guice;
|
||||
import com.google.inject.Injector;
|
||||
|
||||
public class OutgoingEncryptionLayerTest extends BriarTestCase {
|
||||
|
||||
// FIXME: This is an integration test, not a unit test
|
||||
|
||||
private static final int FRAME_LENGTH = 1024;
|
||||
|
||||
private final CryptoComponent crypto;
|
||||
private final AuthenticatedCipher frameCipher;
|
||||
|
||||
public OutgoingEncryptionLayerTest() {
|
||||
Injector i = Guice.createInjector(new CryptoModule(),
|
||||
new TestLifecycleModule(), new TestSystemModule());
|
||||
crypto = i.getInstance(CryptoComponent.class);
|
||||
frameCipher = crypto.getFrameCipher();
|
||||
}
|
||||
|
||||
@Test
|
||||
public void testEncryptionWithoutTag() throws Exception {
|
||||
int payloadLength = 123;
|
||||
byte[] iv = new byte[IV_LENGTH], aad = new byte[AAD_LENGTH];
|
||||
byte[] plaintext = new byte[FRAME_LENGTH - MAC_LENGTH];
|
||||
byte[] ciphertext = new byte[FRAME_LENGTH];
|
||||
SecretKey frameKey = crypto.generateSecretKey();
|
||||
// Calculate the expected ciphertext
|
||||
FrameEncoder.encodeIv(iv, 0);
|
||||
FrameEncoder.encodeAad(aad, 0, plaintext.length);
|
||||
frameCipher.init(true, frameKey, iv, aad);
|
||||
FrameEncoder.encodeHeader(plaintext, false, payloadLength);
|
||||
frameCipher.doFinal(plaintext, 0, plaintext.length, ciphertext, 0);
|
||||
// Check that the actual ciphertext matches what's expected
|
||||
ByteArrayOutputStream out = new ByteArrayOutputStream();
|
||||
OutgoingEncryptionLayer o = new OutgoingEncryptionLayer(out,
|
||||
frameCipher, frameKey, FRAME_LENGTH, null);
|
||||
o.writeFrame(new byte[FRAME_LENGTH - MAC_LENGTH], payloadLength, false);
|
||||
byte[] actual = out.toByteArray();
|
||||
assertEquals(FRAME_LENGTH, actual.length);
|
||||
for(int i = 0; i < FRAME_LENGTH; i++)
|
||||
assertEquals(ciphertext[i], actual[i]);
|
||||
}
|
||||
|
||||
@Test
|
||||
public void testEncryptionWithTag() throws Exception {
|
||||
byte[] tag = new byte[TAG_LENGTH];
|
||||
new Random().nextBytes(tag);
|
||||
int payloadLength = 123;
|
||||
byte[] iv = new byte[IV_LENGTH], aad = new byte[AAD_LENGTH];
|
||||
byte[] plaintext = new byte[FRAME_LENGTH - MAC_LENGTH];
|
||||
byte[] ciphertext = new byte[FRAME_LENGTH];
|
||||
SecretKey frameKey = crypto.generateSecretKey();
|
||||
// Calculate the expected ciphertext
|
||||
FrameEncoder.encodeIv(iv, 0);
|
||||
FrameEncoder.encodeAad(aad, 0, plaintext.length);
|
||||
frameCipher.init(true, frameKey, iv, aad);
|
||||
FrameEncoder.encodeHeader(plaintext, false, payloadLength);
|
||||
frameCipher.doFinal(plaintext, 0, plaintext.length, ciphertext, 0);
|
||||
// Check that the actual tag and ciphertext match what's expected
|
||||
ByteArrayOutputStream out = new ByteArrayOutputStream();
|
||||
OutgoingEncryptionLayer o = new OutgoingEncryptionLayer(out,
|
||||
frameCipher, frameKey, FRAME_LENGTH, tag);
|
||||
o.writeFrame(new byte[FRAME_LENGTH - MAC_LENGTH], payloadLength, false);
|
||||
byte[] actual = out.toByteArray();
|
||||
assertEquals(TAG_LENGTH + FRAME_LENGTH, actual.length);
|
||||
for(int i = 0; i < TAG_LENGTH; i++) assertEquals(tag[i], actual[i]);
|
||||
for(int i = 0; i < FRAME_LENGTH; i++)
|
||||
assertEquals(ciphertext[i], actual[TAG_LENGTH + i]);
|
||||
}
|
||||
|
||||
@Test
|
||||
public void testCloseConnectionWithoutWriting() throws Exception {
|
||||
byte[] tag = new byte[TAG_LENGTH];
|
||||
new Random().nextBytes(tag);
|
||||
ByteArrayOutputStream out = new ByteArrayOutputStream();
|
||||
// Initiator's constructor
|
||||
OutgoingEncryptionLayer o = new OutgoingEncryptionLayer(out,
|
||||
frameCipher, crypto.generateSecretKey(), FRAME_LENGTH, tag);
|
||||
// Write an empty final frame without having written any other frames
|
||||
o.writeFrame(new byte[FRAME_LENGTH - MAC_LENGTH], 0, true);
|
||||
// The tag and the empty frame should be written to the output stream
|
||||
assertEquals(TAG_LENGTH + HEADER_LENGTH + MAC_LENGTH, out.size());
|
||||
}
|
||||
}
|
||||
@@ -4,6 +4,7 @@ import static org.briarproject.api.transport.TransportConstants.HEADER_LENGTH;
|
||||
import static org.briarproject.api.transport.TransportConstants.MAC_LENGTH;
|
||||
|
||||
import org.briarproject.BriarTestCase;
|
||||
import org.briarproject.api.crypto.StreamDecrypter;
|
||||
import org.jmock.Expectations;
|
||||
import org.jmock.Mockery;
|
||||
import org.junit.Test;
|
||||
@@ -17,18 +18,18 @@ public class StreamReaderImplTest extends BriarTestCase {
|
||||
@Test
|
||||
public void testEmptyFramesAreSkipped() throws Exception {
|
||||
Mockery context = new Mockery();
|
||||
final FrameReader reader = context.mock(FrameReader.class);
|
||||
final StreamDecrypter decrypter = context.mock(StreamDecrypter.class);
|
||||
context.checking(new Expectations() {{
|
||||
oneOf(reader).readFrame(with(any(byte[].class)));
|
||||
oneOf(decrypter).readFrame(with(any(byte[].class)));
|
||||
will(returnValue(0)); // Empty frame
|
||||
oneOf(reader).readFrame(with(any(byte[].class)));
|
||||
oneOf(decrypter).readFrame(with(any(byte[].class)));
|
||||
will(returnValue(2)); // Non-empty frame with two payload bytes
|
||||
oneOf(reader).readFrame(with(any(byte[].class)));
|
||||
oneOf(decrypter).readFrame(with(any(byte[].class)));
|
||||
will(returnValue(0)); // Empty frame
|
||||
oneOf(reader).readFrame(with(any(byte[].class)));
|
||||
oneOf(decrypter).readFrame(with(any(byte[].class)));
|
||||
will(returnValue(-1)); // No more frames
|
||||
}});
|
||||
StreamReaderImpl r = new StreamReaderImpl(reader, FRAME_LENGTH);
|
||||
StreamReaderImpl r = new StreamReaderImpl(decrypter, FRAME_LENGTH);
|
||||
assertEquals(0, r.read()); // Skip the first empty frame, read a byte
|
||||
assertEquals(0, r.read()); // Read another byte
|
||||
assertEquals(-1, r.read()); // Skip the second empty frame, reach EOF
|
||||
@@ -40,18 +41,18 @@ public class StreamReaderImplTest extends BriarTestCase {
|
||||
@Test
|
||||
public void testEmptyFramesAreSkippedWithBuffer() throws Exception {
|
||||
Mockery context = new Mockery();
|
||||
final FrameReader reader = context.mock(FrameReader.class);
|
||||
final StreamDecrypter decrypter = context.mock(StreamDecrypter.class);
|
||||
context.checking(new Expectations() {{
|
||||
oneOf(reader).readFrame(with(any(byte[].class)));
|
||||
oneOf(decrypter).readFrame(with(any(byte[].class)));
|
||||
will(returnValue(0)); // Empty frame
|
||||
oneOf(reader).readFrame(with(any(byte[].class)));
|
||||
oneOf(decrypter).readFrame(with(any(byte[].class)));
|
||||
will(returnValue(2)); // Non-empty frame with two payload bytes
|
||||
oneOf(reader).readFrame(with(any(byte[].class)));
|
||||
oneOf(decrypter).readFrame(with(any(byte[].class)));
|
||||
will(returnValue(0)); // Empty frame
|
||||
oneOf(reader).readFrame(with(any(byte[].class)));
|
||||
oneOf(decrypter).readFrame(with(any(byte[].class)));
|
||||
will(returnValue(-1)); // No more frames
|
||||
}});
|
||||
StreamReaderImpl r = new StreamReaderImpl(reader, FRAME_LENGTH);
|
||||
StreamReaderImpl r = new StreamReaderImpl(decrypter, FRAME_LENGTH);
|
||||
byte[] buf = new byte[MAX_PAYLOAD_LENGTH];
|
||||
// Skip the first empty frame, read the two payload bytes
|
||||
assertEquals(2, r.read(buf));
|
||||
@@ -66,14 +67,14 @@ public class StreamReaderImplTest extends BriarTestCase {
|
||||
@Test
|
||||
public void testMultipleReadsPerFrame() throws Exception {
|
||||
Mockery context = new Mockery();
|
||||
final FrameReader reader = context.mock(FrameReader.class);
|
||||
final StreamDecrypter decrypter = context.mock(StreamDecrypter.class);
|
||||
context.checking(new Expectations() {{
|
||||
oneOf(reader).readFrame(with(any(byte[].class)));
|
||||
oneOf(decrypter).readFrame(with(any(byte[].class)));
|
||||
will(returnValue(MAX_PAYLOAD_LENGTH)); // Nice long frame
|
||||
oneOf(reader).readFrame(with(any(byte[].class)));
|
||||
oneOf(decrypter).readFrame(with(any(byte[].class)));
|
||||
will(returnValue(-1)); // No more frames
|
||||
}});
|
||||
StreamReaderImpl r = new StreamReaderImpl(reader, FRAME_LENGTH);
|
||||
StreamReaderImpl r = new StreamReaderImpl(decrypter, FRAME_LENGTH);
|
||||
byte[] buf = new byte[MAX_PAYLOAD_LENGTH / 2];
|
||||
// Read the first half of the payload
|
||||
assertEquals(MAX_PAYLOAD_LENGTH / 2, r.read(buf));
|
||||
@@ -88,14 +89,14 @@ public class StreamReaderImplTest extends BriarTestCase {
|
||||
@Test
|
||||
public void testMultipleReadsPerFrameWithOffsets() throws Exception {
|
||||
Mockery context = new Mockery();
|
||||
final FrameReader reader = context.mock(FrameReader.class);
|
||||
final StreamDecrypter decrypter = context.mock(StreamDecrypter.class);
|
||||
context.checking(new Expectations() {{
|
||||
oneOf(reader).readFrame(with(any(byte[].class)));
|
||||
oneOf(decrypter).readFrame(with(any(byte[].class)));
|
||||
will(returnValue(MAX_PAYLOAD_LENGTH)); // Nice long frame
|
||||
oneOf(reader).readFrame(with(any(byte[].class)));
|
||||
oneOf(decrypter).readFrame(with(any(byte[].class)));
|
||||
will(returnValue(-1)); // No more frames
|
||||
}});
|
||||
StreamReaderImpl r = new StreamReaderImpl(reader, FRAME_LENGTH);
|
||||
StreamReaderImpl r = new StreamReaderImpl(decrypter, FRAME_LENGTH);
|
||||
byte[] buf = new byte[MAX_PAYLOAD_LENGTH];
|
||||
// Read the first half of the payload
|
||||
assertEquals(MAX_PAYLOAD_LENGTH / 2, r.read(buf, MAX_PAYLOAD_LENGTH / 2,
|
||||
|
||||
@@ -4,6 +4,7 @@ import static org.briarproject.api.transport.TransportConstants.HEADER_LENGTH;
|
||||
import static org.briarproject.api.transport.TransportConstants.MAC_LENGTH;
|
||||
|
||||
import org.briarproject.BriarTestCase;
|
||||
import org.briarproject.api.crypto.StreamEncrypter;
|
||||
import org.jmock.Expectations;
|
||||
import org.jmock.Mockery;
|
||||
import org.junit.Test;
|
||||
@@ -17,15 +18,15 @@ public class StreamWriterImplTest extends BriarTestCase {
|
||||
@Test
|
||||
public void testCloseWithoutWritingWritesFinalFrame() throws Exception {
|
||||
Mockery context = new Mockery();
|
||||
final FrameWriter writer = context.mock(FrameWriter.class);
|
||||
final StreamEncrypter encrypter = context.mock(StreamEncrypter.class);
|
||||
context.checking(new Expectations() {{
|
||||
// Write an empty final frame
|
||||
oneOf(writer).writeFrame(with(any(byte[].class)), with(0),
|
||||
oneOf(encrypter).writeFrame(with(any(byte[].class)), with(0),
|
||||
with(true));
|
||||
// Flush the stream
|
||||
oneOf(writer).flush();
|
||||
oneOf(encrypter).flush();
|
||||
}});
|
||||
StreamWriterImpl w = new StreamWriterImpl(writer, FRAME_LENGTH);
|
||||
StreamWriterImpl w = new StreamWriterImpl(encrypter, FRAME_LENGTH);
|
||||
w.close();
|
||||
context.assertIsSatisfied();
|
||||
}
|
||||
@@ -34,14 +35,14 @@ public class StreamWriterImplTest extends BriarTestCase {
|
||||
public void testFlushWithoutBufferedDataWritesFrameAndFlushes()
|
||||
throws Exception {
|
||||
Mockery context = new Mockery();
|
||||
final FrameWriter writer = context.mock(FrameWriter.class);
|
||||
StreamWriterImpl w = new StreamWriterImpl(writer, FRAME_LENGTH);
|
||||
final StreamEncrypter encrypter = context.mock(StreamEncrypter.class);
|
||||
StreamWriterImpl w = new StreamWriterImpl(encrypter, FRAME_LENGTH);
|
||||
context.checking(new Expectations() {{
|
||||
// Write a non-final frame with an empty payload
|
||||
oneOf(writer).writeFrame(with(any(byte[].class)), with(0),
|
||||
oneOf(encrypter).writeFrame(with(any(byte[].class)), with(0),
|
||||
with(false));
|
||||
// Flush the stream
|
||||
oneOf(writer).flush();
|
||||
oneOf(encrypter).flush();
|
||||
}});
|
||||
w.flush();
|
||||
context.assertIsSatisfied();
|
||||
@@ -49,9 +50,9 @@ public class StreamWriterImplTest extends BriarTestCase {
|
||||
// Clean up
|
||||
context.checking(new Expectations() {{
|
||||
// Closing the writer writes a final frame and flushes again
|
||||
oneOf(writer).writeFrame(with(any(byte[].class)), with(0),
|
||||
oneOf(encrypter).writeFrame(with(any(byte[].class)), with(0),
|
||||
with(true));
|
||||
oneOf(writer).flush();
|
||||
oneOf(encrypter).flush();
|
||||
}});
|
||||
w.close();
|
||||
context.assertIsSatisfied();
|
||||
@@ -61,14 +62,14 @@ public class StreamWriterImplTest extends BriarTestCase {
|
||||
public void testFlushWithBufferedDataWritesFrameAndFlushes()
|
||||
throws Exception {
|
||||
Mockery context = new Mockery();
|
||||
final FrameWriter writer = context.mock(FrameWriter.class);
|
||||
StreamWriterImpl w = new StreamWriterImpl(writer, FRAME_LENGTH);
|
||||
final StreamEncrypter encrypter = context.mock(StreamEncrypter.class);
|
||||
StreamWriterImpl w = new StreamWriterImpl(encrypter, FRAME_LENGTH);
|
||||
context.checking(new Expectations() {{
|
||||
// Write a non-final frame with one payload byte
|
||||
oneOf(writer).writeFrame(with(any(byte[].class)), with(1),
|
||||
oneOf(encrypter).writeFrame(with(any(byte[].class)), with(1),
|
||||
with(false));
|
||||
// Flush the stream
|
||||
oneOf(writer).flush();
|
||||
oneOf(encrypter).flush();
|
||||
}});
|
||||
w.write(0);
|
||||
w.flush();
|
||||
@@ -77,9 +78,9 @@ public class StreamWriterImplTest extends BriarTestCase {
|
||||
// Clean up
|
||||
context.checking(new Expectations() {{
|
||||
// Closing the writer writes a final frame and flushes again
|
||||
oneOf(writer).writeFrame(with(any(byte[].class)), with(0),
|
||||
oneOf(encrypter).writeFrame(with(any(byte[].class)), with(0),
|
||||
with(true));
|
||||
oneOf(writer).flush();
|
||||
oneOf(encrypter).flush();
|
||||
}});
|
||||
w.close();
|
||||
context.assertIsSatisfied();
|
||||
@@ -88,11 +89,11 @@ public class StreamWriterImplTest extends BriarTestCase {
|
||||
@Test
|
||||
public void testSingleByteWritesWriteFullFrame() throws Exception {
|
||||
Mockery context = new Mockery();
|
||||
final FrameWriter writer = context.mock(FrameWriter.class);
|
||||
StreamWriterImpl w = new StreamWriterImpl(writer, FRAME_LENGTH);
|
||||
final StreamEncrypter encrypter = context.mock(StreamEncrypter.class);
|
||||
StreamWriterImpl w = new StreamWriterImpl(encrypter, FRAME_LENGTH);
|
||||
context.checking(new Expectations() {{
|
||||
// Write a full non-final frame
|
||||
oneOf(writer).writeFrame(with(any(byte[].class)),
|
||||
oneOf(encrypter).writeFrame(with(any(byte[].class)),
|
||||
with(MAX_PAYLOAD_LENGTH), with(false));
|
||||
}});
|
||||
for(int i = 0; i < MAX_PAYLOAD_LENGTH; i++) {
|
||||
@@ -103,9 +104,9 @@ public class StreamWriterImplTest extends BriarTestCase {
|
||||
// Clean up
|
||||
context.checking(new Expectations() {{
|
||||
// Closing the writer writes a final frame and flushes again
|
||||
oneOf(writer).writeFrame(with(any(byte[].class)), with(0),
|
||||
oneOf(encrypter).writeFrame(with(any(byte[].class)), with(0),
|
||||
with(true));
|
||||
oneOf(writer).flush();
|
||||
oneOf(encrypter).flush();
|
||||
}});
|
||||
w.close();
|
||||
context.assertIsSatisfied();
|
||||
@@ -114,11 +115,11 @@ public class StreamWriterImplTest extends BriarTestCase {
|
||||
@Test
|
||||
public void testMultiByteWritesWriteFullFrames() throws Exception {
|
||||
Mockery context = new Mockery();
|
||||
final FrameWriter writer = context.mock(FrameWriter.class);
|
||||
StreamWriterImpl w = new StreamWriterImpl(writer, FRAME_LENGTH);
|
||||
final StreamEncrypter encrypter = context.mock(StreamEncrypter.class);
|
||||
StreamWriterImpl w = new StreamWriterImpl(encrypter, FRAME_LENGTH);
|
||||
context.checking(new Expectations() {{
|
||||
// Write two full non-final frames
|
||||
exactly(2).of(writer).writeFrame(with(any(byte[].class)),
|
||||
exactly(2).of(encrypter).writeFrame(with(any(byte[].class)),
|
||||
with(MAX_PAYLOAD_LENGTH), with(false));
|
||||
}});
|
||||
// Sanity check
|
||||
@@ -134,9 +135,9 @@ public class StreamWriterImplTest extends BriarTestCase {
|
||||
// Clean up
|
||||
context.checking(new Expectations() {{
|
||||
// Closing the writer writes a final frame and flushes again
|
||||
oneOf(writer).writeFrame(with(any(byte[].class)), with(0),
|
||||
oneOf(encrypter).writeFrame(with(any(byte[].class)), with(0),
|
||||
with(true));
|
||||
oneOf(writer).flush();
|
||||
oneOf(encrypter).flush();
|
||||
}});
|
||||
w.close();
|
||||
context.assertIsSatisfied();
|
||||
@@ -145,17 +146,17 @@ public class StreamWriterImplTest extends BriarTestCase {
|
||||
@Test
|
||||
public void testLargeMultiByteWriteWritesFullFrames() throws Exception {
|
||||
Mockery context = new Mockery();
|
||||
final FrameWriter writer = context.mock(FrameWriter.class);
|
||||
StreamWriterImpl w = new StreamWriterImpl(writer, FRAME_LENGTH);
|
||||
final StreamEncrypter encrypter = context.mock(StreamEncrypter.class);
|
||||
StreamWriterImpl w = new StreamWriterImpl(encrypter, FRAME_LENGTH);
|
||||
context.checking(new Expectations() {{
|
||||
// Write two full non-final frames
|
||||
exactly(2).of(writer).writeFrame(with(any(byte[].class)),
|
||||
exactly(2).of(encrypter).writeFrame(with(any(byte[].class)),
|
||||
with(MAX_PAYLOAD_LENGTH), with(false));
|
||||
// Write a final frame with a one-byte payload
|
||||
oneOf(writer).writeFrame(with(any(byte[].class)), with(1),
|
||||
oneOf(encrypter).writeFrame(with(any(byte[].class)), with(1),
|
||||
with(true));
|
||||
// Flush the stream
|
||||
oneOf(writer).flush();
|
||||
oneOf(encrypter).flush();
|
||||
}});
|
||||
// Write two full payloads using one large multi-byte write
|
||||
byte[] b = new byte[MAX_PAYLOAD_LENGTH * 2 + 1];
|
||||
|
||||
@@ -0,0 +1,44 @@
|
||||
package org.briarproject.transport;
|
||||
|
||||
import static org.briarproject.api.transport.TransportConstants.HEADER_LENGTH;
|
||||
import static org.briarproject.api.transport.TransportConstants.MAC_LENGTH;
|
||||
|
||||
import java.io.EOFException;
|
||||
import java.io.IOException;
|
||||
import java.io.InputStream;
|
||||
|
||||
import org.briarproject.api.FormatException;
|
||||
import org.briarproject.api.crypto.StreamDecrypter;
|
||||
import org.briarproject.util.ByteUtils;
|
||||
|
||||
class TestStreamDecrypter implements StreamDecrypter {
|
||||
|
||||
private final InputStream in;
|
||||
private final byte[] frame;
|
||||
|
||||
TestStreamDecrypter(InputStream in, int frameLength) {
|
||||
this.in = in;
|
||||
frame = new byte[frameLength];
|
||||
}
|
||||
|
||||
public int readFrame(byte[] payload) throws IOException {
|
||||
int offset = 0;
|
||||
while(offset < HEADER_LENGTH) {
|
||||
int read = in.read(frame, offset, HEADER_LENGTH - offset);
|
||||
if(read == -1) throw new EOFException();
|
||||
offset += read;
|
||||
}
|
||||
boolean finalFrame = (frame[0] & 0x80) == 0x80;
|
||||
int payloadLength = ByteUtils.readUint16(frame, 0) & 0x7FFF;
|
||||
while(offset < frame.length) {
|
||||
int read = in.read(frame, offset, frame.length - offset);
|
||||
if(read == -1) break;
|
||||
offset += read;
|
||||
}
|
||||
if(!finalFrame && offset < frame.length) throw new EOFException();
|
||||
if(offset < HEADER_LENGTH + payloadLength + MAC_LENGTH)
|
||||
throw new FormatException();
|
||||
System.arraycopy(frame, HEADER_LENGTH, payload, 0, payloadLength);
|
||||
return payloadLength;
|
||||
}
|
||||
}
|
||||
@@ -0,0 +1,44 @@
|
||||
package org.briarproject.transport;
|
||||
|
||||
import static org.briarproject.api.transport.TransportConstants.HEADER_LENGTH;
|
||||
import static org.briarproject.api.transport.TransportConstants.MAC_LENGTH;
|
||||
|
||||
import java.io.IOException;
|
||||
import java.io.OutputStream;
|
||||
|
||||
import org.briarproject.api.crypto.StreamEncrypter;
|
||||
import org.briarproject.util.ByteUtils;
|
||||
|
||||
class TestStreamEncrypter implements StreamEncrypter {
|
||||
|
||||
private final OutputStream out;
|
||||
private final byte[] tag, frame;
|
||||
|
||||
private boolean writeTag = true;
|
||||
|
||||
TestStreamEncrypter(OutputStream out, int frameLength, byte[] tag) {
|
||||
this.out = out;
|
||||
this.tag = tag;
|
||||
frame = new byte[frameLength];
|
||||
}
|
||||
|
||||
public void writeFrame(byte[] payload, int payloadLength,
|
||||
boolean finalFrame) throws IOException {
|
||||
if(writeTag) {
|
||||
out.write(tag);
|
||||
writeTag = false;
|
||||
}
|
||||
ByteUtils.writeUint16(payloadLength, frame, 0);
|
||||
if(finalFrame) frame[0] |= 0x80;
|
||||
System.arraycopy(payload, 0, frame, HEADER_LENGTH, payloadLength);
|
||||
for(int i = HEADER_LENGTH + payloadLength; i < frame.length; i++)
|
||||
frame[i] = 0;
|
||||
if(finalFrame)
|
||||
out.write(frame, 0, HEADER_LENGTH + payloadLength + MAC_LENGTH);
|
||||
else out.write(frame, 0, frame.length);
|
||||
}
|
||||
|
||||
public void flush() throws IOException {
|
||||
out.flush();
|
||||
}
|
||||
}
|
||||
@@ -11,48 +11,18 @@ import java.io.OutputStream;
|
||||
import java.util.Random;
|
||||
|
||||
import org.briarproject.BriarTestCase;
|
||||
import org.briarproject.TestLifecycleModule;
|
||||
import org.briarproject.TestSystemModule;
|
||||
import org.briarproject.api.crypto.AuthenticatedCipher;
|
||||
import org.briarproject.api.crypto.CryptoComponent;
|
||||
import org.briarproject.api.crypto.SecretKey;
|
||||
import org.briarproject.api.transport.StreamWriterFactory;
|
||||
import org.briarproject.crypto.CryptoModule;
|
||||
import org.briarproject.api.crypto.StreamDecrypter;
|
||||
import org.briarproject.api.crypto.StreamEncrypter;
|
||||
import org.junit.Test;
|
||||
|
||||
import com.google.inject.AbstractModule;
|
||||
import com.google.inject.Guice;
|
||||
import com.google.inject.Injector;
|
||||
import com.google.inject.Module;
|
||||
|
||||
public class TransportIntegrationTest extends BriarTestCase {
|
||||
|
||||
private final int FRAME_LENGTH = 2048;
|
||||
|
||||
private final CryptoComponent crypto;
|
||||
private final AuthenticatedCipher frameCipher;
|
||||
private final Random random;
|
||||
private final byte[] secret;
|
||||
private final SecretKey tagKey, frameKey;
|
||||
|
||||
public TransportIntegrationTest() {
|
||||
Module testModule = new AbstractModule() {
|
||||
@Override
|
||||
public void configure() {
|
||||
bind(StreamWriterFactory.class).to(
|
||||
StreamWriterFactoryImpl.class);
|
||||
}
|
||||
};
|
||||
Injector i = Guice.createInjector(testModule, new CryptoModule(),
|
||||
new TestLifecycleModule(), new TestSystemModule());
|
||||
crypto = i.getInstance(CryptoComponent.class);
|
||||
frameCipher = crypto.getFrameCipher();
|
||||
random = new Random();
|
||||
// Since we're sending frames to ourselves, we only need outgoing keys
|
||||
secret = new byte[32];
|
||||
random.nextBytes(secret);
|
||||
tagKey = crypto.deriveTagKey(secret, true);
|
||||
frameKey = crypto.deriveFrameKey(secret, 0, true);
|
||||
}
|
||||
|
||||
@Test
|
||||
@@ -66,27 +36,24 @@ public class TransportIntegrationTest extends BriarTestCase {
|
||||
}
|
||||
|
||||
private void testWriteAndRead(boolean initiator) throws Exception {
|
||||
// Encode the tag
|
||||
// Generate a random tag
|
||||
byte[] tag = new byte[TAG_LENGTH];
|
||||
crypto.encodeTag(tag, tagKey, 0);
|
||||
// Generate two random frames
|
||||
byte[] frame = new byte[1234];
|
||||
random.nextBytes(frame);
|
||||
byte[] frame1 = new byte[321];
|
||||
random.nextBytes(frame1);
|
||||
// Copy the frame key - the copy will be erased
|
||||
SecretKey frameCopy = frameKey.copy();
|
||||
random.nextBytes(tag);
|
||||
// Generate two frames with random payloads
|
||||
byte[] payload1 = new byte[1234];
|
||||
random.nextBytes(payload1);
|
||||
byte[] payload2 = new byte[321];
|
||||
random.nextBytes(payload2);
|
||||
// Write the tag and the frames
|
||||
ByteArrayOutputStream out = new ByteArrayOutputStream();
|
||||
FrameWriter frameWriter = new OutgoingEncryptionLayer(out,
|
||||
frameCipher, frameCopy, FRAME_LENGTH, tag);
|
||||
StreamWriterImpl streamWriter = new StreamWriterImpl(frameWriter,
|
||||
StreamEncrypter encrypter = new TestStreamEncrypter(out, FRAME_LENGTH,
|
||||
tag);
|
||||
OutputStream streamWriter = new StreamWriterImpl(encrypter,
|
||||
FRAME_LENGTH);
|
||||
OutputStream out1 = streamWriter.getOutputStream();
|
||||
out1.write(frame);
|
||||
out1.flush();
|
||||
out1.write(frame1);
|
||||
out1.flush();
|
||||
streamWriter.write(payload1);
|
||||
streamWriter.flush();
|
||||
streamWriter.write(payload2);
|
||||
streamWriter.flush();
|
||||
byte[] output = out.toByteArray();
|
||||
assertEquals(TAG_LENGTH + FRAME_LENGTH * 2, output.length);
|
||||
// Read the tag back
|
||||
@@ -95,17 +62,15 @@ public class TransportIntegrationTest extends BriarTestCase {
|
||||
read(in, recoveredTag);
|
||||
assertArrayEquals(tag, recoveredTag);
|
||||
// Read the frames back
|
||||
FrameReader frameReader = new IncomingEncryptionLayer(in, frameCipher,
|
||||
frameKey, FRAME_LENGTH);
|
||||
StreamReaderImpl streamReader = new StreamReaderImpl(frameReader,
|
||||
StreamDecrypter decrypter = new TestStreamDecrypter(in, FRAME_LENGTH);
|
||||
InputStream streamReader = new StreamReaderImpl(decrypter,
|
||||
FRAME_LENGTH);
|
||||
InputStream in1 = streamReader.getInputStream();
|
||||
byte[] recoveredFrame = new byte[frame.length];
|
||||
read(in1, recoveredFrame);
|
||||
assertArrayEquals(frame, recoveredFrame);
|
||||
byte[] recoveredFrame1 = new byte[frame1.length];
|
||||
read(in1, recoveredFrame1);
|
||||
assertArrayEquals(frame1, recoveredFrame1);
|
||||
byte[] recoveredPayload1 = new byte[payload1.length];
|
||||
read(streamReader, recoveredPayload1);
|
||||
assertArrayEquals(payload1, recoveredPayload1);
|
||||
byte[] recoveredPayload2 = new byte[payload2.length];
|
||||
read(streamReader, recoveredPayload2);
|
||||
assertArrayEquals(payload2, recoveredPayload2);
|
||||
streamWriter.close();
|
||||
streamReader.close();
|
||||
}
|
||||
|
||||
Reference in New Issue
Block a user