Merge pull request #264 from ralexstokes/remove-simple-security

Removes the SimpleSecurityTransport
This commit is contained in:
Alex Stokes 2019-08-24 21:49:29 +02:00 committed by GitHub
commit 9a74797068
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
3 changed files with 0 additions and 170 deletions

View File

@ -1,74 +0,0 @@
import asyncio
from libp2p.crypto.keys import KeyPair
from libp2p.network.connection.raw_connection_interface import IRawConnection
from libp2p.peer.id import ID
from libp2p.security.base_transport import BaseSecureTransport
from libp2p.security.insecure.transport import InsecureSession
from libp2p.security.secure_conn_interface import ISecureConn
from libp2p.transport.exceptions import SecurityUpgradeFailure
from libp2p.utils import encode_fixedint_prefixed, read_fixedint_prefixed
class SimpleSecurityTransport(BaseSecureTransport):
key_phrase: str
def __init__(self, local_key_pair: KeyPair, key_phrase: str) -> None:
super().__init__(local_key_pair)
self.key_phrase = key_phrase
async def secure_inbound(self, conn: IRawConnection) -> ISecureConn:
"""
Secure the connection, either locally or by communicating with opposing node via conn,
for an inbound connection (i.e. we are not the initiator)
:return: secure connection object (that implements secure_conn_interface)
"""
await conn.write(encode_fixedint_prefixed(self.key_phrase.encode()))
incoming = (await read_fixedint_prefixed(conn)).decode()
if incoming != self.key_phrase:
raise SecurityUpgradeFailure(
"Key phrase differed between nodes. Expected " + self.key_phrase
)
session = InsecureSession(self, conn, ID(b""))
# NOTE: Here we calls `run_handshake` for both sides to exchange their public keys and
# peer ids, otherwise tests fail. However, it seems pretty weird that
# `SimpleSecurityTransport` sends peer id through `Insecure`.
await session.run_handshake()
# NOTE: this is abusing the abstraction we have here
# but this code may be deprecated soon and this exists
# mainly to satisfy a test that will go along w/ it
# FIXME: Enable type check back when we can deprecate the simple transport.
session.key_phrase = self.key_phrase # type: ignore
return session
async def secure_outbound(self, conn: IRawConnection, peer_id: ID) -> ISecureConn:
"""
Secure the connection, either locally or by communicating with opposing node via conn,
for an inbound connection (i.e. we are the initiator)
:return: secure connection object (that implements secure_conn_interface)
"""
await conn.write(encode_fixedint_prefixed(self.key_phrase.encode()))
incoming = (await read_fixedint_prefixed(conn)).decode()
# Force context switch, as this security transport is built for testing locally
# in a single event loop
await asyncio.sleep(0)
if incoming != self.key_phrase:
raise SecurityUpgradeFailure(
"Key phrase differed between nodes. Expected " + self.key_phrase
)
session = InsecureSession(self, conn, peer_id)
# NOTE: Here we calls `run_handshake` for both sides to exchange their public keys and
# peer ids, otherwise tests fail. However, it seems pretty weird that
# `SimpleSecurityTransport` sends peer id through `Insecure`.
await session.run_handshake()
# NOTE: this is abusing the abstraction we have here
# but this code may be deprecated soon and this exists
# mainly to satisfy a test that will go along w/ it
# FIXME: Enable type check back when we can deprecate the simple transport.
session.key_phrase = self.key_phrase # type: ignore
return session

View File

@ -4,9 +4,7 @@ import pytest
from libp2p import new_node from libp2p import new_node
from libp2p.crypto.rsa import create_new_key_pair from libp2p.crypto.rsa import create_new_key_pair
from libp2p.network.exceptions import SwarmException
from libp2p.security.insecure.transport import InsecureSession, InsecureTransport from libp2p.security.insecure.transport import InsecureSession, InsecureTransport
from libp2p.security.simple.transport import SimpleSecurityTransport
from tests.configs import LISTEN_MADDR from tests.configs import LISTEN_MADDR
from tests.utils import cleanup, connect from tests.utils import cleanup, connect
@ -75,100 +73,6 @@ async def test_single_insecure_security_transport_succeeds():
) )
@pytest.mark.asyncio
async def test_single_simple_test_security_transport_succeeds():
transports_for_initiator = {
"tacos": SimpleSecurityTransport(initiator_key_pair, "tacos")
}
transports_for_noninitiator = {
"tacos": SimpleSecurityTransport(noninitiator_key_pair, "tacos")
}
def assertion_func(conn):
assert conn.key_phrase == "tacos"
await perform_simple_test(
assertion_func, transports_for_initiator, transports_for_noninitiator
)
@pytest.mark.asyncio
async def test_two_simple_test_security_transport_for_initiator_succeeds():
transports_for_initiator = {
"tacos": SimpleSecurityTransport(initiator_key_pair, "tacos"),
"shleep": SimpleSecurityTransport(initiator_key_pair, "shleep"),
}
transports_for_noninitiator = {
"shleep": SimpleSecurityTransport(noninitiator_key_pair, "shleep")
}
def assertion_func(conn):
assert conn.key_phrase == "shleep"
await perform_simple_test(
assertion_func, transports_for_initiator, transports_for_noninitiator
)
@pytest.mark.asyncio
async def test_two_simple_test_security_transport_for_noninitiator_succeeds():
transports_for_initiator = {
"tacos": SimpleSecurityTransport(initiator_key_pair, "tacos")
}
transports_for_noninitiator = {
"shleep": SimpleSecurityTransport(noninitiator_key_pair, "shleep"),
"tacos": SimpleSecurityTransport(noninitiator_key_pair, "tacos"),
}
def assertion_func(conn):
assert conn.key_phrase == "tacos"
await perform_simple_test(
assertion_func, transports_for_initiator, transports_for_noninitiator
)
@pytest.mark.asyncio
async def test_two_simple_test_security_transport_for_both_succeeds():
transports_for_initiator = {
"a": SimpleSecurityTransport(initiator_key_pair, "a"),
"b": SimpleSecurityTransport(initiator_key_pair, "b"),
}
transports_for_noninitiator = {
"b": SimpleSecurityTransport(noninitiator_key_pair, "b"),
"c": SimpleSecurityTransport(noninitiator_key_pair, "c"),
}
def assertion_func(conn):
assert conn.key_phrase == "b"
await perform_simple_test(
assertion_func, transports_for_initiator, transports_for_noninitiator
)
@pytest.mark.asyncio
async def test_multiple_security_none_the_same_fails():
transports_for_initiator = {
"a": SimpleSecurityTransport(initiator_key_pair, "a"),
"b": SimpleSecurityTransport(initiator_key_pair, "b"),
}
transports_for_noninitiator = {
"d": SimpleSecurityTransport(noninitiator_key_pair, "d"),
"c": SimpleSecurityTransport(noninitiator_key_pair, "c"),
}
def assertion_func(_):
assert False
with pytest.raises(SwarmException):
await perform_simple_test(
assertion_func, transports_for_initiator, transports_for_noninitiator
)
await cleanup()
@pytest.mark.asyncio @pytest.mark.asyncio
async def test_default_insecure_security(): async def test_default_insecure_security():
transports_for_initiator = None transports_for_initiator = None