Skip to content

Commit

Permalink
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
tests: expanding tests for root keypair changing
Browse files Browse the repository at this point in the history
Added some tests to check that a root keyPair change propagates properly. Also added tests for the change for existing and new node connections.

#317
tegefaulkes committed Jun 10, 2022
1 parent c8a1ff1 commit 7d6c9db
Showing 2 changed files with 436 additions and 0 deletions.
74 changes: 74 additions & 0 deletions tests/PolykeyAgent.test.ts
Original file line number Diff line number Diff line change
@@ -1,4 +1,5 @@
import type { StateVersion } from '@/schema/types';
import type { KeyManagerChangeData } from '@/keys/types';
import os from 'os';
import path from 'path';
import fs from 'fs';
@@ -9,6 +10,7 @@ import { Status } from '@/status';
import { Schema } from '@/schema';
import * as errors from '@/errors';
import config from '@/config';
import { promise } from '@/utils/index';
import * as testUtils from './utils';

describe('PolykeyAgent', () => {
@@ -175,4 +177,76 @@ describe('PolykeyAgent', () => {
}),
).rejects.toThrow(errors.ErrorSchemaVersionTooOld);
});
test('renewRootKeyPair change event propagates', async () => {
const nodePath = `${dataDir}/polykey`;
let pkAgent: PolykeyAgent | undefined;
try {
pkAgent = await PolykeyAgent.createPolykeyAgent({
password,
nodePath,
logger,
});
const prom = promise<KeyManagerChangeData>();
pkAgent.events.on(
PolykeyAgent.eventSymbols.KeyManager,
async (data: KeyManagerChangeData) => {
prom.resolveP(data);
},
);
await pkAgent.keyManager.renewRootKeyPair(password);

await expect(prom.p).resolves.toBeDefined();
} finally {
await pkAgent?.stop();
await pkAgent?.destroy();
}
});
test('resetRootKeyPair change event propagates', async () => {
const nodePath = `${dataDir}/polykey`;
let pkAgent: PolykeyAgent | undefined;
try {
pkAgent = await PolykeyAgent.createPolykeyAgent({
password,
nodePath,
logger,
});
const prom = promise<KeyManagerChangeData>();
pkAgent.events.on(
PolykeyAgent.eventSymbols.KeyManager,
async (data: KeyManagerChangeData) => {
prom.resolveP(data);
},
);
await pkAgent.keyManager.resetRootKeyPair(password);

await expect(prom.p).resolves.toBeDefined();
} finally {
await pkAgent?.stop();
await pkAgent?.destroy();
}
});
test('resetRootCert change event propagates', async () => {
const nodePath = `${dataDir}/polykey`;
let pkAgent: PolykeyAgent | undefined;
try {
pkAgent = await PolykeyAgent.createPolykeyAgent({
password,
nodePath,
logger,
});
const prom = promise<KeyManagerChangeData>();
pkAgent.events.on(
PolykeyAgent.eventSymbols.KeyManager,
async (data: KeyManagerChangeData) => {
prom.resolveP(data);
},
);
await pkAgent.keyManager.resetRootCert();

await expect(prom.p).resolves.toBeDefined();
} finally {
await pkAgent?.stop();
await pkAgent?.destroy();
}
});
});
362 changes: 362 additions & 0 deletions tests/nodes/NodeConnection.test.ts
Original file line number Diff line number Diff line change
@@ -174,6 +174,13 @@ describe(`${NodeConnection.name} test`, () => {
};
}

const newTlsConfig = async (keyManager: KeyManager): Promise<TLSConfig> => {
return {
keyPrivatePem: keyManager.getRootKeyPairPem().privateKey,
certChainPem: await keyManager.getRootCertChainPem(),
};
};

beforeEach(async () => {
// Server setup
serverDataDir = await fs.promises.mkdtemp(
@@ -852,4 +859,359 @@ describe(`${NodeConnection.name} test`, () => {
},
global.defaultTimeout * 2,
);

test('existing connection handles a resetRootKeyPair on sending side', async () => {
let conn: NodeConnection<GRPCClientAgent> | undefined;
try {
conn = await NodeConnection.createNodeConnection({
targetNodeId: targetNodeId,
targetHost: localHost,
targetPort: targetPort,
proxy: clientProxy,
keyManager: clientKeyManager,
nodeConnectionManager: dummyNodeConnectionManager,
destroyCallback,
logger: logger,
clientFactory: async (args) =>
GRPCClientAgent.createGRPCClientAgent(args),
timer: timerStart(2000),
});
const client = conn.getClient();
await client.echo(new utilsPB.EchoMessage().setChallenge('hello!'));

// Simulate key change
await clientKeyManager.resetRootKeyPair(password);
clientProxy.setTLSConfig(await newTlsConfig(clientKeyManager));

// Try again
await client.echo(new utilsPB.EchoMessage().setChallenge('hello!'));
} finally {
await conn?.destroy();
}
});
test('existing connection handles a renewRootKeyPair on sending side', async () => {
let conn: NodeConnection<GRPCClientAgent> | undefined;
try {
conn = await NodeConnection.createNodeConnection({
targetNodeId: targetNodeId,
targetHost: localHost,
targetPort: targetPort,
proxy: clientProxy,
keyManager: clientKeyManager,
nodeConnectionManager: dummyNodeConnectionManager,
destroyCallback,
logger: logger,
clientFactory: async (args) =>
GRPCClientAgent.createGRPCClientAgent(args),
timer: timerStart(2000),
});
const client = conn.getClient();
await client.echo(new utilsPB.EchoMessage().setChallenge('hello!'));

// Simulate key change
await clientKeyManager.renewRootKeyPair(password);
clientProxy.setTLSConfig(await newTlsConfig(clientKeyManager));

// Try again
await client.echo(new utilsPB.EchoMessage().setChallenge('hello!'));
} finally {
await conn?.destroy();
}
});
test('existing connection handles a resetRootCert on sending side', async () => {
let conn: NodeConnection<GRPCClientAgent> | undefined;
try {
conn = await NodeConnection.createNodeConnection({
targetNodeId: targetNodeId,
targetHost: localHost,
targetPort: targetPort,
proxy: clientProxy,
keyManager: clientKeyManager,
nodeConnectionManager: dummyNodeConnectionManager,
destroyCallback,
logger: logger,
clientFactory: async (args) =>
GRPCClientAgent.createGRPCClientAgent(args),
timer: timerStart(2000),
});
const client = conn.getClient();
await client.echo(new utilsPB.EchoMessage().setChallenge('hello!'));

// Simulate key change
await clientKeyManager.resetRootCert();
clientProxy.setTLSConfig(await newTlsConfig(clientKeyManager));

// Try again
await client.echo(new utilsPB.EchoMessage().setChallenge('hello!'));
} finally {
await conn?.destroy();
}
});
test('existing connection handles a resetRootKeyPair on receiving side', async () => {
let conn: NodeConnection<GRPCClientAgent> | undefined;
try {
conn = await NodeConnection.createNodeConnection({
targetNodeId: targetNodeId,
targetHost: localHost,
targetPort: targetPort,
proxy: clientProxy,
keyManager: clientKeyManager,
nodeConnectionManager: dummyNodeConnectionManager,
destroyCallback,
logger: logger,
clientFactory: async (args) =>
GRPCClientAgent.createGRPCClientAgent(args),
timer: timerStart(2000),
});
const client = conn.getClient();
await client.echo(new utilsPB.EchoMessage().setChallenge('hello!'));

// Simulate key change
await serverKeyManager.resetRootKeyPair(password);
serverProxy.setTLSConfig(await newTlsConfig(serverKeyManager));

// Try again
await client.echo(new utilsPB.EchoMessage().setChallenge('hello!'));
} finally {
await conn?.destroy();
}
});
test('existing connection handles a renewRootKeyPair on receiving side', async () => {
let conn: NodeConnection<GRPCClientAgent> | undefined;
try {
conn = await NodeConnection.createNodeConnection({
targetNodeId: targetNodeId,
targetHost: localHost,
targetPort: targetPort,
proxy: clientProxy,
keyManager: clientKeyManager,
nodeConnectionManager: dummyNodeConnectionManager,
destroyCallback,
logger: logger,
clientFactory: async (args) =>
GRPCClientAgent.createGRPCClientAgent(args),
timer: timerStart(2000),
});
const client = conn.getClient();
await client.echo(new utilsPB.EchoMessage().setChallenge('hello!'));

// Simulate key change
await serverKeyManager.renewRootKeyPair(password);
serverProxy.setTLSConfig(await newTlsConfig(serverKeyManager));

// Try again
await client.echo(new utilsPB.EchoMessage().setChallenge('hello!'));
} finally {
await conn?.destroy();
}
});
test('existing connection handles a resetRootCert on receiving side', async () => {
let conn: NodeConnection<GRPCClientAgent> | undefined;
try {
conn = await NodeConnection.createNodeConnection({
targetNodeId: targetNodeId,
targetHost: localHost,
targetPort: targetPort,
proxy: clientProxy,
keyManager: clientKeyManager,
nodeConnectionManager: dummyNodeConnectionManager,
destroyCallback,
logger: logger,
clientFactory: async (args) =>
GRPCClientAgent.createGRPCClientAgent(args),
timer: timerStart(2000),
});
const client = conn.getClient();
await client.echo(new utilsPB.EchoMessage().setChallenge('hello!'));

// Simulate key change
await serverKeyManager.resetRootCert();
serverProxy.setTLSConfig(await newTlsConfig(serverKeyManager));

// Try again
await client.echo(new utilsPB.EchoMessage().setChallenge('hello!'));
} finally {
await conn?.destroy();
}
});
test('new connection handles a resetRootKeyPair on sending side', async () => {
let conn: NodeConnection<GRPCClientAgent> | undefined;
try {
// Simulate key change
await clientKeyManager.resetRootKeyPair(password);
clientProxy.setTLSConfig(await newTlsConfig(clientKeyManager));

conn = await NodeConnection.createNodeConnection({
targetNodeId: targetNodeId,
targetHost: localHost,
targetPort: targetPort,
proxy: clientProxy,
keyManager: clientKeyManager,
nodeConnectionManager: dummyNodeConnectionManager,
destroyCallback,
logger: logger,
clientFactory: async (args) =>
GRPCClientAgent.createGRPCClientAgent(args),
timer: timerStart(2000),
});

const client = conn.getClient();
await client.echo(new utilsPB.EchoMessage().setChallenge('hello!'));
} finally {
await conn?.destroy();
}
});
test('new connection handles a renewRootKeyPair on sending side', async () => {
let conn: NodeConnection<GRPCClientAgent> | undefined;
try {
// Simulate key change
await clientKeyManager.renewRootKeyPair(password);
clientProxy.setTLSConfig(await newTlsConfig(clientKeyManager));

conn = await NodeConnection.createNodeConnection({
targetNodeId: targetNodeId,
targetHost: localHost,
targetPort: targetPort,
proxy: clientProxy,
keyManager: clientKeyManager,
nodeConnectionManager: dummyNodeConnectionManager,
destroyCallback,
logger: logger,
clientFactory: async (args) =>
GRPCClientAgent.createGRPCClientAgent(args),
timer: timerStart(2000),
});

const client = conn.getClient();
await client.echo(new utilsPB.EchoMessage().setChallenge('hello!'));
} finally {
await conn?.destroy();
}
});
test('new connection handles a resetRootCert on sending side', async () => {
let conn: NodeConnection<GRPCClientAgent> | undefined;
try {
// Simulate key change
await clientKeyManager.resetRootCert();
clientProxy.setTLSConfig(await newTlsConfig(clientKeyManager));

conn = await NodeConnection.createNodeConnection({
targetNodeId: targetNodeId,
targetHost: localHost,
targetPort: targetPort,
proxy: clientProxy,
keyManager: clientKeyManager,
nodeConnectionManager: dummyNodeConnectionManager,
destroyCallback,
logger: logger,
clientFactory: async (args) =>
GRPCClientAgent.createGRPCClientAgent(args),
timer: timerStart(2000),
});

const client = conn.getClient();
await client.echo(new utilsPB.EchoMessage().setChallenge('hello!'));
} finally {
await conn?.destroy();
}
});
test('new connection handles a resetRootKeyPair on receiving side', async () => {
// Simulate key change
await serverKeyManager.resetRootKeyPair(password);
serverProxy.setTLSConfig(await newTlsConfig(serverKeyManager));

const connProm = NodeConnection.createNodeConnection({
targetNodeId: targetNodeId,
targetHost: localHost,
targetPort: targetPort,
proxy: clientProxy,
keyManager: clientKeyManager,
nodeConnectionManager: dummyNodeConnectionManager,
destroyCallback,
logger: logger,
clientFactory: async (args) =>
GRPCClientAgent.createGRPCClientAgent(args),
timer: timerStart(2000),
});

await expect(connProm).rejects.toThrow(
nodesErrors.ErrorNodeConnectionTimeout,
);

// Connect with the new NodeId
let conn: NodeConnection<GRPCClientAgent> | undefined;
try {
conn = await NodeConnection.createNodeConnection({
targetNodeId: serverKeyManager.getNodeId(),
targetHost: localHost,
targetPort: targetPort,
proxy: clientProxy,
keyManager: clientKeyManager,
nodeConnectionManager: dummyNodeConnectionManager,
destroyCallback,
logger: logger,
clientFactory: async (args) =>
GRPCClientAgent.createGRPCClientAgent(args),
timer: timerStart(2000),
});
const client = conn.getClient();
await client.echo(new utilsPB.EchoMessage().setChallenge('hello!'));
} finally {
await conn?.destroy();
}
});
test('new connection handles a renewRootKeyPair on receiving side', async () => {
let conn: NodeConnection<GRPCClientAgent> | undefined;
try {
// Simulate key change
await serverKeyManager.renewRootKeyPair(password);
serverProxy.setTLSConfig(await newTlsConfig(serverKeyManager));

conn = await NodeConnection.createNodeConnection({
targetNodeId: targetNodeId,
targetHost: localHost,
targetPort: targetPort,
proxy: clientProxy,
keyManager: clientKeyManager,
nodeConnectionManager: dummyNodeConnectionManager,
destroyCallback,
logger: logger,
clientFactory: async (args) =>
GRPCClientAgent.createGRPCClientAgent(args),
timer: timerStart(2000),
});

const client = conn.getClient();
await client.echo(new utilsPB.EchoMessage().setChallenge('hello!'));
} finally {
await conn?.destroy();
}
});
test('new connection handles a resetRootCert on receiving side', async () => {
let conn: NodeConnection<GRPCClientAgent> | undefined;
try {
// Simulate key change
await serverKeyManager.resetRootCert();
serverProxy.setTLSConfig(await newTlsConfig(serverKeyManager));

conn = await NodeConnection.createNodeConnection({
targetNodeId: targetNodeId,
targetHost: localHost,
targetPort: targetPort,
proxy: clientProxy,
keyManager: clientKeyManager,
nodeConnectionManager: dummyNodeConnectionManager,
destroyCallback,
logger: logger,
clientFactory: async (args) =>
GRPCClientAgent.createGRPCClientAgent(args),
timer: timerStart(2000),
});

const client = conn.getClient();
await client.echo(new utilsPB.EchoMessage().setChallenge('hello!'));
} finally {
await conn?.destroy();
}
});
});

0 comments on commit 7d6c9db

Please sign in to comment.