func genServerIdentity(name string) (abstract.Scalar, *ServerIdentity) {
kp := config.NewKeyPair(Suite)
return kp.Secret, &ServerIdentity{
Public: kp.Public,
Addresses: []string{name},
}
}
func TestProcessor_GetReply(t *testing.T) {
defer log.AfterTest(t)
p := NewServiceProcessor(nil)
log.ErrFatal(p.RegisterMessage(procMsg))
pair := config.NewKeyPair(network.Suite)
e := network.NewServerIdentity(pair.Public, "")
rep := p.GetReply(e, mkClientRequest(&testMsg{11}))
val, ok := rep.(*testMsg)
if !ok {
t.Fatalf("Couldn't cast reply to testMsg: %+v", rep)
}
if val.I != 11 {
t.Fatal("Value got lost - should be 11")
}
rep = p.GetReply(e, mkClientRequest(&testMsg{42}))
errMsg, ok := rep.(*StatusRet)
if !ok {
t.Fatal("42 should return an error")
}
if errMsg.Status == "" {
t.Fatal("The error should be non-empty")
}
}
func TestIdentity_ConfigNewPropose(t *testing.T) {
l := onet.NewTCPTest()
hosts, el, _ := l.GenTree(2, true)
services := l.GetServices(hosts, identityService)
defer l.CloseAll()
c1 := NewTestIdentity(el, 50, "one", l)
log.ErrFatal(c1.CreateIdentity())
conf2 := c1.Config.Copy()
kp2 := config.NewKeyPair(network.Suite)
conf2.Device["two"] = &Device{kp2.Public}
log.ErrFatal(c1.ProposeSend(conf2))
for _, s := range services {
is := s.(*Service)
id1 := is.getIdentityStorage(c1.ID)
id1.Lock()
if id1 == nil {
t.Fatal("Didn't find")
}
assert.NotNil(t, id1.Proposed)
if len(id1.Proposed.Device) != 2 {
t.Fatal("The proposed config should have 2 entries now")
}
id1.Unlock()
}
}
func TestIdentity_ConfigNewCheck(t *testing.T) {
l := onet.NewTCPTest()
_, el, _ := l.GenTree(5, true)
defer l.CloseAll()
c1 := NewIdentity(el, 50, "one")
log.ErrFatal(c1.CreateIdentity())
conf2 := c1.Config.Copy()
kp2 := config.NewKeyPair(network.Suite)
conf2.Device["two"] = &Device{kp2.Public}
conf2.Data["two"] = "public2"
log.ErrFatal(c1.ProposeSend(conf2))
log.ErrFatal(c1.ProposeUpdate())
al := c1.Proposed
assert.NotNil(t, al)
o2, ok := al.Device["two"]
assert.True(t, ok)
assert.True(t, kp2.Public.Equal(o2.Point))
pub2, ok := al.Data["two"]
assert.True(t, ok)
assert.Equal(t, "public2", pub2)
}
func genKeyPair(nb int) []*config.KeyPair {
var kps []*config.KeyPair
for i := 0; i < nb; i++ {
kps = append(kps, config.NewKeyPair(testSuite))
}
return kps
}
func (jv *JVSS) initSecret(sid SID) error {
// Initialise shared secret of given type if necessary
if _, ok := jv.secrets[sid]; !ok {
log.Lvl2(fmt.Sprintf("Node %d: Initialising %s shared secret", jv.Index(), sid))
sec := &Secret{
receiver: poly.NewReceiver(jv.keyPair.Suite, jv.info, jv.keyPair),
deals: make(map[int]*poly.Deal),
sigs: make(map[int]*poly.SchnorrPartialSig),
numConfs: 0,
}
jv.secrets[sid] = sec
}
secret := jv.secrets[sid]
// Initialise and broadcast our deal if necessary
if len(secret.deals) == 0 {
kp := config.NewKeyPair(jv.keyPair.Suite)
deal := new(poly.Deal).ConstructDeal(kp, jv.keyPair, jv.info.T, jv.info.R, jv.pubKeys)
log.Lvl2(fmt.Sprintf("Node %d: Initialising %v deal", jv.Index(), sid))
secret.deals[jv.Index()] = deal
db, _ := deal.MarshalBinary()
msg := &SecInitMsg{
Src: jv.Index(),
SID: sid,
Deal: db,
}
if err := jv.Broadcast(msg); err != nil {
return err
}
}
return nil
}
// CreateRoster creates an Roster with the host-names in 'addresses'.
// It creates 's.Hosts' entries, starting from 'port' for each round through
// 'addresses'
func (s *SimulationBFTree) CreateRoster(sc *SimulationConfig, addresses []string, port int) {
start := time.Now()
nbrAddr := len(addresses)
if sc.PrivateKeys == nil {
sc.PrivateKeys = make(map[string]abstract.Scalar)
}
hosts := s.Hosts
if s.SingleHost {
// If we want to work with a single host, we only make one
// host per server
log.Fatal("Not supported yet")
hosts = nbrAddr
if hosts > s.Hosts {
hosts = s.Hosts
}
}
localhosts := false
listeners := make([]net.Listener, hosts)
if strings.Contains(addresses[0], "localhost") {
localhosts = true
}
entities := make([]*network.ServerIdentity, hosts)
log.Lvl3("Doing", hosts, "hosts")
key := config.NewKeyPair(network.Suite)
for c := 0; c < hosts; c++ {
key.Secret.Add(key.Secret,
key.Suite.Scalar().One())
key.Public.Add(key.Public,
key.Suite.Point().Base())
address := addresses[c%nbrAddr] + ":"
if localhosts {
// If we have localhosts, we have to search for an empty port
var err error
listeners[c], err = net.Listen("tcp", ":0")
if err != nil {
log.Fatal("Couldn't search for empty port:", err)
}
_, p, _ := net.SplitHostPort(listeners[c].Addr().String())
address += p
log.Lvl4("Found free port", address)
} else {
address += strconv.Itoa(port + c/nbrAddr)
}
entities[c] = network.NewServerIdentity(key.Public, address)
sc.PrivateKeys[entities[c].Addresses[0]] = key.Secret
}
// And close all our listeners
if localhosts {
for _, l := range listeners {
err := l.Close()
if err != nil {
log.Fatal("Couldn't close port:", l, err)
}
}
}
sc.Roster = NewRoster(entities)
log.Lvl3("Creating entity List took: " + time.Now().Sub(start).String())
}
func TestNewKeyPair(t *testing.T) {
suite := edwards.NewAES128SHA256Ed25519(false)
keypair := config.NewKeyPair(suite)
pub := suite.Point().Mul(nil, keypair.Secret)
if !pub.Equal(keypair.Public) {
t.Fatal("Public and private-key don't match")
}
}
// Testing exchange of entity
func TestSecureTcp(t *testing.T) {
defer log.AfterTest(t)
log.TestOutput(testing.Verbose(), 4)
opened := make(chan bool)
fn := func(s SecureConn) {
log.Lvl3("Getting connection from", s)
opened <- true
}
kp1 := config.NewKeyPair(Suite)
entity1 := NewServerIdentity(kp1.Public, "localhost:2000")
kp2 := config.NewKeyPair(Suite)
entity2 := NewServerIdentity(kp2.Public, "localhost:2001")
host1 := NewSecureTCPHost(kp1.Secret, entity1)
host2 := NewSecureTCPHost(kp1.Secret, entity2)
done := make(chan bool)
go func() {
err := host1.Listen(fn)
if err != nil {
t.Fatal("Couldn't listen:", err)
}
done <- true
}()
conn, err := host2.Open(entity1)
if err != nil {
t.Fatal("Couldn't connect to host1:", err)
}
if !conn.ServerIdentity().Public.Equal(kp1.Public) {
t.Fatal("Connection-id is not from host1")
}
if !<-opened {
t.Fatal("Lazy programmers - no select")
}
log.Lvl4("Closing connections")
if err := host1.Close(); err != nil {
t.Fatal("Couldn't close host", host1)
}
if err := host2.Close(); err != nil {
t.Fatal("Couldn't close host", host2)
}
<-done
}
func genKeyPair(nb int) ([]*config.KeyPair, []abstract.Point) {
var kps []*config.KeyPair
var publics []abstract.Point
for i := 0; i < nb; i++ {
kp := config.NewKeyPair(testSuite)
kps = append(kps, kp)
publics = append(publics, kp.Public)
}
return kps, publics
}
// NewIdentity starts a new identity that can contain multiple managers with
// different accounts
func NewIdentity(cothority *onet.Roster, threshold int, owner string) *Identity {
client := onet.NewClient(ServiceName)
kp := config.NewKeyPair(network.Suite)
return &Identity{
Client: client,
Data: Data{
Private: kp.Secret,
Public: kp.Public,
Config: NewConfig(threshold, kp.Public, owner),
DeviceName: owner,
Cothority: cothority,
},
}
}
func TestSchnorrSignature(t *testing.T) {
msg := []byte("Hello Schnorr")
suite := ed25519.NewAES128SHA256Ed25519(false)
kp := config.NewKeyPair(suite)
s, err := SignSchnorr(suite, kp.Secret, msg)
if err != nil {
t.Fatalf("Couldn't sign msg: %s: %v", msg, err)
}
err = VerifySchnorr(suite, kp.Public, msg, s)
if err != nil {
t.Fatalf("Couldn't verify signature: \n%+v\nfor msg:'%s'. Error:\n%v", s, msg, err)
}
}
func TestService_CreateIdentity2(t *testing.T) {
local := onet.NewTCPTest()
defer local.CloseAll()
_, el, s := local.MakeHELS(5, identityService)
service := s.(*Service)
keypair := config.NewKeyPair(network.Suite)
il := NewConfig(50, keypair.Public, "one")
msg, cerr := service.CreateIdentity(&CreateIdentity{il, el})
log.ErrFatal(cerr)
air := msg.(*CreateIdentityReply)
data := air.Data
id, ok := service.Identities[string(data.Hash)]
assert.True(t, ok)
assert.NotNil(t, id)
}
func (jv *JVSS) initSecret(sid SID) error {
if sid.IsLTSS() && jv.ltssInit {
return errors.New("Only one longterm secret allowed per JVSS instance")
}
// Initialise shared secret of given type if necessary
if sec, err := jv.secrets.secret(sid); sec == nil && err != nil {
log.Lvlf4("Node %d: Initialising %s shared secret", jv.Index(),
sid)
sec := &secret{
receiver: poly.NewReceiver(jv.keyPair.Suite, jv.info, jv.keyPair),
deals: make(map[int]*poly.Deal),
sigs: make(map[int]*poly.SchnorrPartialSig),
numLongtermConfs: 0,
}
jv.secrets.addSecret(sid, sec)
}
secret, err := jv.secrets.secret(sid)
if err != nil { // this should never happen here
log.Error(err)
return err
}
// Initialise and broadcast our deal if necessary
if len(secret.deals) == 0 {
kp := config.NewKeyPair(jv.keyPair.Suite)
deal := new(poly.Deal).ConstructDeal(kp, jv.keyPair, jv.info.T, jv.info.R, jv.pubKeys)
log.Lvlf4("Node %d: Initialising %v deal", jv.Index(), sid)
secret.deals[jv.Index()] = deal
db, _ := deal.MarshalBinary()
msg := &SecInitMsg{
Src: jv.Index(),
SID: sid,
Deal: db,
}
if err := jv.Broadcast(msg); err != nil {
log.Print(jv.Name(), "Error broadcast secInit:", err)
return err
}
}
return nil
}
func (rh *RandHound) handleI2(i2 WI2) error {
// If we are not a leaf, forward i2 to children
if !rh.IsLeaf() {
if err := rh.SendToChildren(&i2.I2); err != nil {
return err
}
}
// Verify session ID
if !bytes.Equal(rh.SID, i2.I2.SID) {
return fmt.Errorf("I2: peer %d received message with incorrect session ID", rh.index())
}
rh.Peer.i2 = &i2.I2
// Construct deal
longPair := &config.KeyPair{
Suite: rh.Suite(),
Public: rh.Public(),
Secret: rh.Private(),
}
secretPair := config.NewKeyPair(rh.Suite())
_, trustees := rh.chooseTrustees(rh.Peer.i2.Rc, rh.Peer.rs)
deal := &poly.Deal{}
deal.ConstructDeal(secretPair, longPair, int(rh.Group.T), int(rh.Group.R), trustees)
db, err := deal.MarshalBinary()
if err != nil {
return err
}
rh.Peer.r2 = &R2{
Src: rh.index(),
HI2: rh.hash(
rh.SID,
rh.Peer.i2.Rc),
Rs: rh.Peer.rs,
Deal: db,
}
return rh.SendToParent(rh.Peer.r2)
}
func TestIdentity_ProposeVote(t *testing.T) {
l := onet.NewTCPTest()
hosts, el, _ := l.GenTree(5, true)
services := l.GetServices(hosts, identityService)
defer l.CloseAll()
for _, s := range services {
log.Lvl3(s.(*Service).Identities)
}
c1 := NewTestIdentity(el, 50, "one1", l)
log.ErrFatal(c1.CreateIdentity())
conf2 := c1.Config.Copy()
kp2 := config.NewKeyPair(network.Suite)
conf2.Device["two2"] = &Device{kp2.Public}
conf2.Data["two2"] = "public2"
log.ErrFatal(c1.ProposeSend(conf2))
log.ErrFatal(c1.ProposeUpdate())
log.ErrFatal(c1.ProposeVote(true))
if len(c1.Config.Device) != 2 {
t.Fatal("Should have two owners now")
}
}
// Test closing and opening of SecureHost on same address
func TestSecureMultiClose(t *testing.T) {
defer log.AfterTest(t)
log.TestOutput(testing.Verbose(), 4)
receiverStarted := make(chan bool)
fn := func(s SecureConn) {
log.Lvl3("Getting connection from", s.ServerIdentity().First())
close(receiverStarted)
}
kp1 := config.NewKeyPair(Suite)
entity1 := NewServerIdentity(kp1.Public, "localhost:2000")
//entity3 := NewServerIdentity(kp1.Public, "localhost:2000")
kp2 := config.NewKeyPair(Suite)
entity2 := NewServerIdentity(kp2.Public, "localhost:2001")
h1 := NewSecureTCPHost(kp1.Secret, entity1)
h2 := NewSecureTCPHost(kp2.Secret, entity2)
done := make(chan bool)
go func() {
err := h1.Listen(fn)
if err != nil {
t.Fatal("Listening failed for h1:", err)
}
done <- true
}()
_, err := h2.Open(entity1)
if err != nil {
t.Fatal("Couldn't open h2:", err)
}
<-receiverStarted
err = h1.Close()
if err != nil {
t.Fatal("Couldn't close:", err)
}
err = h2.Close()
if err != nil {
t.Fatal("Couldn't close:", err)
}
<-done
log.Lvl3("Finished first connection, starting 2nd")
receiverStarted2 := make(chan bool)
fn2 := func(s SecureConn) {
log.Lvl3("Getting connection from", s.ServerIdentity().First())
receiverStarted2 <- true
}
done2 := make(chan bool)
go func() {
err := h1.Listen(fn2)
if err != nil {
t.Fatal("Couldn't re-open listener:", err)
}
done2 <- true
}()
_, err = h2.Open(h1.entity)
if err != nil {
t.Fatal(err)
}
<-receiverStarted2
err = h1.Close()
if err != nil {
t.Fatal("Couldn't close h1:", err)
}
<-done2
}
func genCosi() *Cosi {
kp := config.NewKeyPair(testSuite)
return NewCosi(testSuite, kp.Secret)
}
// genCommit generates a random secret vi and computes it's individual commit
// Vi = G^vi
func (c *Cosi) genCommit() {
kp := config.NewKeyPair(c.suite)
c.random = kp.Secret
c.commitment = kp.Public
}
// PrivPub creates a private/public key pair.
func PrivPub() (abstract.Scalar, abstract.Point) {
keypair := config.NewKeyPair(network.Suite)
return keypair.Secret, keypair.Public
}
func newHostMock(s abstract.Suite, address string) *Host {
kp := config.NewKeyPair(s)
en := network.NewServerIdentity(kp.Public, address)
return NewHost(en, kp.Secret)
}
// Send opens the connection to 'dst' and sends the message 'req'. The
// reply is returned, or an error if the timeout of 10 seconds is reached.
func (c *Client) Send(dst *network.ServerIdentity, msg network.Body) (*network.Packet, error) {
c.Lock()
defer c.Unlock()
if c.host == nil {
kp := config.NewKeyPair(network.Suite)
c.host = network.NewSecureTCPHost(kp.Secret,
network.NewServerIdentity(kp.Public, ""))
}
// Connect to the root
log.Lvl4("Opening connection to", dst)
con, err := c.host.Open(dst)
defer c.host.Close()
if err != nil {
return nil, err
}
m, err := network.NewNetworkMessage(msg)
if err != nil {
return nil, err
}
b, err := m.MarshalBinary()
if err != nil {
return nil, err
}
serviceReq := &ClientRequest{
Service: c.ServiceID,
Data: b,
}
pchan := make(chan network.Packet)
go func() {
// send the request
log.Lvlf4("Sending request %x", serviceReq.Service)
if err := con.Send(context.TODO(), serviceReq); err != nil {
close(pchan)
return
}
log.Lvl4("Waiting for the response from", reflect.ValueOf(con).Pointer())
// wait for the response
packet, err := con.Receive(context.TODO())
if err != nil {
packet.Msg = StatusRet{err.Error()}
packet.MsgType = network.TypeFromData(&StatusRet{})
}
pchan <- packet
}()
select {
case response := <-pchan:
log.Lvlf5("Response: %+v %+v", response, response.Msg)
// Catch an eventual error
err := ErrMsg(&response, nil)
if err != nil {
return nil, err
}
return &response, nil
case <-time.After(time.Second * 10):
return &network.Packet{}, errors.New("Timeout on sending message")
}
}