mirror of
https://gitlab.com/veilid/veilid.git
synced 2025-10-11 18:10:44 -04:00
improve route selection and add generate_shared_secret
This commit is contained in:
Christien Rioux
parent
d49e78d931
commit
800348451e
18 changed files with 317 additions and 6 deletions
|
|
@ -44,3 +44,26 @@ async def test_hash_and_verify_password(api_connection: veilid.VeilidAPI):
|
|||
# Password mismatch
|
||||
phash2 = await cs.hash_password(b"abc1234", salt)
|
||||
assert not await cs.verify_password(b"abc12345", phash)
|
||||
|
||||
|
||||
@pytest.mark.asyncio
|
||||
async def test_generate_shared_secret(api_connection: veilid.VeilidAPI):
|
||||
cs = await api_connection.best_crypto_system()
|
||||
async with cs:
|
||||
kp1 = await cs.generate_key_pair()
|
||||
kp2 = await cs.generate_key_pair()
|
||||
kp3 = await cs.generate_key_pair()
|
||||
|
||||
ssA = await cs.generate_shared_secret(kp1.key(), kp2.secret(), b"abc123")
|
||||
ssB = await cs.generate_shared_secret(kp2.key(), kp1.secret(), b"abc123")
|
||||
|
||||
assert ssA == ssB
|
||||
|
||||
ssC = await cs.generate_shared_secret(kp2.key(), kp1.secret(), b"abc1234")
|
||||
|
||||
assert ssA != ssC
|
||||
|
||||
ssD = await cs.generate_shared_secret(kp3.key(), kp1.secret(), b"abc123")
|
||||
|
||||
assert ssA != ssD
|
||||
|
||||
|
|
|
|||
|
|
@ -65,7 +65,9 @@ async def test_routing_context_app_message_loopback():
|
|||
await api.debug("purge routes")
|
||||
|
||||
# make a routing context that uses a safety route
|
||||
rc = await api.new_routing_context()
|
||||
rc = await (await api.new_routing_context()).with_sequencing(
|
||||
veilid.Sequencing.ENSURE_ORDERED
|
||||
)
|
||||
async with rc:
|
||||
# make a new local private route
|
||||
prl, blob = await api.new_private_route()
|
||||
|
|
@ -113,7 +115,9 @@ async def test_routing_context_app_call_loopback():
|
|||
await api.debug("purge routes")
|
||||
|
||||
# make a routing context
|
||||
rc = await api.new_routing_context()
|
||||
rc = await (await api.new_routing_context()).with_sequencing(
|
||||
veilid.Sequencing.ENSURE_ORDERED
|
||||
)
|
||||
async with rc:
|
||||
# make a new local private route
|
||||
prl, blob = await api.new_private_route()
|
||||
|
|
@ -174,7 +178,9 @@ async def test_routing_context_app_message_loopback_big_packets():
|
|||
await api.debug("purge routes")
|
||||
|
||||
# make a routing context that uses a safety route
|
||||
rc = await api.new_routing_context()
|
||||
rc = await (await api.new_routing_context()).with_sequencing(
|
||||
veilid.Sequencing.ENSURE_ORDERED
|
||||
)
|
||||
async with rc:
|
||||
# make a new local private route
|
||||
prl, blob = await api.new_private_route()
|
||||
|
|
@ -291,7 +297,9 @@ async def test_routing_context_app_message_loopback_bandwidth():
|
|||
await api.debug("purge routes")
|
||||
|
||||
# make a routing context that uses a safety route
|
||||
rc = await api.new_routing_context()
|
||||
rc = await (await api.new_routing_context()).with_sequencing(
|
||||
veilid.Sequencing.ENSURE_ORDERED
|
||||
)
|
||||
async with rc:
|
||||
# make a new local private route
|
||||
prl, blob = await api.new_private_route()
|
||||
|
|
|
|||
|
|
@ -204,6 +204,12 @@ class CryptoSystem(ABC):
|
|||
) -> types.SharedSecret:
|
||||
pass
|
||||
|
||||
@abstractmethod
|
||||
async def generate_shared_secret(
|
||||
self, key: types.PublicKey, secret: types.SecretKey, domain: bytes
|
||||
) -> types.SharedSecret:
|
||||
pass
|
||||
|
||||
@abstractmethod
|
||||
async def random_bytes(self, len: int) -> bytes:
|
||||
pass
|
||||
|
|
|
|||
|
|
@ -977,6 +977,21 @@ class _JsonCryptoSystem(CryptoSystem):
|
|||
)
|
||||
)
|
||||
|
||||
async def generate_shared_secret(self, key: PublicKey, secret: SecretKey, domain: bytes) -> SharedSecret:
|
||||
return SharedSecret(
|
||||
raise_api_result(
|
||||
await self.api.send_ndjson_request(
|
||||
Operation.CRYPTO_SYSTEM,
|
||||
validate=validate_cs_op,
|
||||
cs_id=self.cs_id,
|
||||
cs_op=CryptoSystemOperation.GENERATE_SHARED_SECRET,
|
||||
key=key,
|
||||
secret=secret,
|
||||
domain=domain,
|
||||
)
|
||||
)
|
||||
)
|
||||
|
||||
async def random_bytes(self, len: int) -> bytes:
|
||||
return urlsafe_b64decode_no_pad(
|
||||
raise_api_result(
|
||||
|
|
|
|||
|
|
@ -75,6 +75,7 @@ class CryptoSystemOperation(StrEnum):
|
|||
RELEASE = "Release"
|
||||
CACHED_DH = "CachedDh"
|
||||
COMPUTE_DH = "ComputeDh"
|
||||
GENERATE_SHARED_SECRET = "GenerateSharedSecret"
|
||||
RANDOM_BYTES = "RandomBytes"
|
||||
DEFAULT_SALT_LENGTH = "DefaultSaltLength"
|
||||
HASH_PASSWORD = "HashPassword"
|
||||
|
|
|
|||
|
|
@ -1675,6 +1675,44 @@
|
|||
}
|
||||
}
|
||||
},
|
||||
{
|
||||
"type": "object",
|
||||
"anyOf": [
|
||||
{
|
||||
"type": "object",
|
||||
"required": [
|
||||
"value"
|
||||
],
|
||||
"properties": {
|
||||
"value": {
|
||||
"type": "string"
|
||||
}
|
||||
}
|
||||
},
|
||||
{
|
||||
"type": "object",
|
||||
"required": [
|
||||
"error"
|
||||
],
|
||||
"properties": {
|
||||
"error": {
|
||||
"$ref": "#/definitions/VeilidAPIError"
|
||||
}
|
||||
}
|
||||
}
|
||||
],
|
||||
"required": [
|
||||
"cs_op"
|
||||
],
|
||||
"properties": {
|
||||
"cs_op": {
|
||||
"type": "string",
|
||||
"enum": [
|
||||
"GenerateSharedSecret"
|
||||
]
|
||||
}
|
||||
}
|
||||
},
|
||||
{
|
||||
"type": "object",
|
||||
"required": [
|
||||
|
|
|
|||
|
|
@ -1007,6 +1007,32 @@
|
|||
}
|
||||
}
|
||||
},
|
||||
{
|
||||
"type": "object",
|
||||
"required": [
|
||||
"cs_op",
|
||||
"domain",
|
||||
"key",
|
||||
"secret"
|
||||
],
|
||||
"properties": {
|
||||
"cs_op": {
|
||||
"type": "string",
|
||||
"enum": [
|
||||
"GenerateSharedSecret"
|
||||
]
|
||||
},
|
||||
"domain": {
|
||||
"type": "string"
|
||||
},
|
||||
"key": {
|
||||
"type": "string"
|
||||
},
|
||||
"secret": {
|
||||
"type": "string"
|
||||
}
|
||||
}
|
||||
},
|
||||
{
|
||||
"type": "object",
|
||||
"required": [
|
||||
|
|
|
|||
Loading…
Add table
Add a link
Reference in a new issue