Merge pull request #264 from ralexstokes/remove-simple-security
Removes the SimpleSecurityTransport
This commit is contained in:
commit
9a74797068
|
@ -1,74 +0,0 @@
|
|||
import asyncio
|
||||
|
||||
from libp2p.crypto.keys import KeyPair
|
||||
from libp2p.network.connection.raw_connection_interface import IRawConnection
|
||||
from libp2p.peer.id import ID
|
||||
from libp2p.security.base_transport import BaseSecureTransport
|
||||
from libp2p.security.insecure.transport import InsecureSession
|
||||
from libp2p.security.secure_conn_interface import ISecureConn
|
||||
from libp2p.transport.exceptions import SecurityUpgradeFailure
|
||||
from libp2p.utils import encode_fixedint_prefixed, read_fixedint_prefixed
|
||||
|
||||
|
||||
class SimpleSecurityTransport(BaseSecureTransport):
|
||||
key_phrase: str
|
||||
|
||||
def __init__(self, local_key_pair: KeyPair, key_phrase: str) -> None:
|
||||
super().__init__(local_key_pair)
|
||||
self.key_phrase = key_phrase
|
||||
|
||||
async def secure_inbound(self, conn: IRawConnection) -> ISecureConn:
|
||||
"""
|
||||
Secure the connection, either locally or by communicating with opposing node via conn,
|
||||
for an inbound connection (i.e. we are not the initiator)
|
||||
:return: secure connection object (that implements secure_conn_interface)
|
||||
"""
|
||||
await conn.write(encode_fixedint_prefixed(self.key_phrase.encode()))
|
||||
incoming = (await read_fixedint_prefixed(conn)).decode()
|
||||
|
||||
if incoming != self.key_phrase:
|
||||
raise SecurityUpgradeFailure(
|
||||
"Key phrase differed between nodes. Expected " + self.key_phrase
|
||||
)
|
||||
|
||||
session = InsecureSession(self, conn, ID(b""))
|
||||
# NOTE: Here we calls `run_handshake` for both sides to exchange their public keys and
|
||||
# peer ids, otherwise tests fail. However, it seems pretty weird that
|
||||
# `SimpleSecurityTransport` sends peer id through `Insecure`.
|
||||
await session.run_handshake()
|
||||
# NOTE: this is abusing the abstraction we have here
|
||||
# but this code may be deprecated soon and this exists
|
||||
# mainly to satisfy a test that will go along w/ it
|
||||
# FIXME: Enable type check back when we can deprecate the simple transport.
|
||||
session.key_phrase = self.key_phrase # type: ignore
|
||||
return session
|
||||
|
||||
async def secure_outbound(self, conn: IRawConnection, peer_id: ID) -> ISecureConn:
|
||||
"""
|
||||
Secure the connection, either locally or by communicating with opposing node via conn,
|
||||
for an inbound connection (i.e. we are the initiator)
|
||||
:return: secure connection object (that implements secure_conn_interface)
|
||||
"""
|
||||
await conn.write(encode_fixedint_prefixed(self.key_phrase.encode()))
|
||||
incoming = (await read_fixedint_prefixed(conn)).decode()
|
||||
|
||||
# Force context switch, as this security transport is built for testing locally
|
||||
# in a single event loop
|
||||
await asyncio.sleep(0)
|
||||
|
||||
if incoming != self.key_phrase:
|
||||
raise SecurityUpgradeFailure(
|
||||
"Key phrase differed between nodes. Expected " + self.key_phrase
|
||||
)
|
||||
|
||||
session = InsecureSession(self, conn, peer_id)
|
||||
# NOTE: Here we calls `run_handshake` for both sides to exchange their public keys and
|
||||
# peer ids, otherwise tests fail. However, it seems pretty weird that
|
||||
# `SimpleSecurityTransport` sends peer id through `Insecure`.
|
||||
await session.run_handshake()
|
||||
# NOTE: this is abusing the abstraction we have here
|
||||
# but this code may be deprecated soon and this exists
|
||||
# mainly to satisfy a test that will go along w/ it
|
||||
# FIXME: Enable type check back when we can deprecate the simple transport.
|
||||
session.key_phrase = self.key_phrase # type: ignore
|
||||
return session
|
|
@ -4,9 +4,7 @@ import pytest
|
|||
|
||||
from libp2p import new_node
|
||||
from libp2p.crypto.rsa import create_new_key_pair
|
||||
from libp2p.network.exceptions import SwarmException
|
||||
from libp2p.security.insecure.transport import InsecureSession, InsecureTransport
|
||||
from libp2p.security.simple.transport import SimpleSecurityTransport
|
||||
from tests.configs import LISTEN_MADDR
|
||||
from tests.utils import cleanup, connect
|
||||
|
||||
|
@ -75,100 +73,6 @@ async def test_single_insecure_security_transport_succeeds():
|
|||
)
|
||||
|
||||
|
||||
@pytest.mark.asyncio
|
||||
async def test_single_simple_test_security_transport_succeeds():
|
||||
transports_for_initiator = {
|
||||
"tacos": SimpleSecurityTransport(initiator_key_pair, "tacos")
|
||||
}
|
||||
transports_for_noninitiator = {
|
||||
"tacos": SimpleSecurityTransport(noninitiator_key_pair, "tacos")
|
||||
}
|
||||
|
||||
def assertion_func(conn):
|
||||
assert conn.key_phrase == "tacos"
|
||||
|
||||
await perform_simple_test(
|
||||
assertion_func, transports_for_initiator, transports_for_noninitiator
|
||||
)
|
||||
|
||||
|
||||
@pytest.mark.asyncio
|
||||
async def test_two_simple_test_security_transport_for_initiator_succeeds():
|
||||
transports_for_initiator = {
|
||||
"tacos": SimpleSecurityTransport(initiator_key_pair, "tacos"),
|
||||
"shleep": SimpleSecurityTransport(initiator_key_pair, "shleep"),
|
||||
}
|
||||
transports_for_noninitiator = {
|
||||
"shleep": SimpleSecurityTransport(noninitiator_key_pair, "shleep")
|
||||
}
|
||||
|
||||
def assertion_func(conn):
|
||||
assert conn.key_phrase == "shleep"
|
||||
|
||||
await perform_simple_test(
|
||||
assertion_func, transports_for_initiator, transports_for_noninitiator
|
||||
)
|
||||
|
||||
|
||||
@pytest.mark.asyncio
|
||||
async def test_two_simple_test_security_transport_for_noninitiator_succeeds():
|
||||
transports_for_initiator = {
|
||||
"tacos": SimpleSecurityTransport(initiator_key_pair, "tacos")
|
||||
}
|
||||
transports_for_noninitiator = {
|
||||
"shleep": SimpleSecurityTransport(noninitiator_key_pair, "shleep"),
|
||||
"tacos": SimpleSecurityTransport(noninitiator_key_pair, "tacos"),
|
||||
}
|
||||
|
||||
def assertion_func(conn):
|
||||
assert conn.key_phrase == "tacos"
|
||||
|
||||
await perform_simple_test(
|
||||
assertion_func, transports_for_initiator, transports_for_noninitiator
|
||||
)
|
||||
|
||||
|
||||
@pytest.mark.asyncio
|
||||
async def test_two_simple_test_security_transport_for_both_succeeds():
|
||||
transports_for_initiator = {
|
||||
"a": SimpleSecurityTransport(initiator_key_pair, "a"),
|
||||
"b": SimpleSecurityTransport(initiator_key_pair, "b"),
|
||||
}
|
||||
transports_for_noninitiator = {
|
||||
"b": SimpleSecurityTransport(noninitiator_key_pair, "b"),
|
||||
"c": SimpleSecurityTransport(noninitiator_key_pair, "c"),
|
||||
}
|
||||
|
||||
def assertion_func(conn):
|
||||
assert conn.key_phrase == "b"
|
||||
|
||||
await perform_simple_test(
|
||||
assertion_func, transports_for_initiator, transports_for_noninitiator
|
||||
)
|
||||
|
||||
|
||||
@pytest.mark.asyncio
|
||||
async def test_multiple_security_none_the_same_fails():
|
||||
transports_for_initiator = {
|
||||
"a": SimpleSecurityTransport(initiator_key_pair, "a"),
|
||||
"b": SimpleSecurityTransport(initiator_key_pair, "b"),
|
||||
}
|
||||
transports_for_noninitiator = {
|
||||
"d": SimpleSecurityTransport(noninitiator_key_pair, "d"),
|
||||
"c": SimpleSecurityTransport(noninitiator_key_pair, "c"),
|
||||
}
|
||||
|
||||
def assertion_func(_):
|
||||
assert False
|
||||
|
||||
with pytest.raises(SwarmException):
|
||||
await perform_simple_test(
|
||||
assertion_func, transports_for_initiator, transports_for_noninitiator
|
||||
)
|
||||
|
||||
await cleanup()
|
||||
|
||||
|
||||
@pytest.mark.asyncio
|
||||
async def test_default_insecure_security():
|
||||
transports_for_initiator = None
|
||||
|
|
Loading…
Reference in New Issue
Block a user