Progress on PSKs and Tests

citadel-internal-service/src/kernel/requests/peer/register.rs

@@ -50,7 +50,7 @@ pub async fn handle<T: IOInterface>(
                                         udp_mode: Default::default(),
                                         session_security_settings,
                                         request_id,
-                                        peer_session_password
+                                        peer_session_password,
                                     };
 
                                     return handle_request(this, uuid, connect_command).await;

citadel-internal-service/tests/common/mod.rs

@@ -33,12 +33,13 @@ pub fn setup_log() {
     }));
 }
 
-pub struct RegisterAndConnectItems<T: Into<String>, R: Into<String>, S: Into<SecBuffer>> {
+pub struct RegisterAndConnectItems<T: Into<String>, S: Into<SecBuffer>, R: Into<PreSharedKey>> {
     pub internal_service_addr: SocketAddr,
     pub server_addr: SocketAddr,
     pub full_name: T,
-    pub username: R,
+    pub username: T,
     pub password: S,
+    pub pre_shared_key: Option<R>,
 }
 
 pub type InternalServicesFutures =
@@ -69,10 +70,10 @@ pub fn generic_error<T: ToString>(msg: T) -> Box<dyn Error> {
 
 pub async fn register_and_connect_to_server<
     T: Into<String>,
-    R: Into<String>,
     S: Into<SecBuffer>,
+    R: Into<PreSharedKey>,
 >(
-    services_to_create: Vec<RegisterAndConnectItems<T, R, S>>,
+    services_to_create: Vec<RegisterAndConnectItems<T, S, R>>,
 ) -> Result<
     Vec<(
         UnboundedSender<InternalServiceRequest>,
@@ -96,6 +97,7 @@ pub async fn register_and_connect_to_server<
         let username = item.username.into();
         let full_name = item.full_name.into();
         let password = item.password.into();
+        let server_password = item.pre_shared_key;
         let session_security_settings = SessionSecuritySettingsBuilder::default().build().unwrap();
 
         info!(target = "citadel", "Sending Register Request");
@@ -107,6 +109,7 @@ pub async fn register_and_connect_to_server<
             proposed_password: password.clone(),
             session_security_settings,
             connect_after_register: false,
+            server_password: server_password.clone(),
         };
         send(&mut sink, register_command).await.unwrap();
 
@@ -129,6 +132,7 @@ pub async fn register_and_connect_to_server<
                 keep_alive_timeout: None,
                 session_security_settings,
                 request_id: Uuid::new_v4(),
+                server_password,
             };
 
             send(&mut sink, command).await.unwrap();
@@ -182,9 +186,16 @@ pub async fn register_and_connect_to_server<
 
 pub async fn register_and_connect_to_server_then_peers(
     int_svc_addrs: Vec<SocketAddr>,
+    server_session_password: Option<PreSharedKey>,
+    peer_session_password: Option<PreSharedKey>,
 ) -> Result<Vec<PeerReturnHandle>, Box<dyn Error>> {
     // TCP client (GUI, CLI) -> internal service -> empty kernel server(s)
-    let (server, server_bind_address) = server_info_skip_cert_verification();
+    let (server, server_bind_address) =
+        if let Some(server_session_password) = server_session_password {
+            server_info_skip_cert_verification_with_password(server_session_password.clone())
+        } else {
+            server_info_skip_cert_verification()
+        };
     tokio::task::spawn(server);
     let mut internal_services: Vec<InternalServicesFutures> = Vec::new();
 
@@ -216,7 +227,7 @@ pub async fn register_and_connect_to_server_then_peers(
     tokio::time::sleep(Duration::from_millis(2000)).await;
 
     // Set Info for Vector of Peers
-    let mut to_spawn: Vec<RegisterAndConnectItems<String, String, Vec<u8>>> = Vec::new();
+    let mut to_spawn: Vec<RegisterAndConnectItems<String, Vec<u8>, PreSharedKey>> = Vec::new();
     for (peer_number, int_svc_addr_iter) in int_svc_addrs.clone().iter().enumerate() {
         let bind_address_internal_service = *int_svc_addr_iter;
         to_spawn.push(RegisterAndConnectItems {
@@ -225,6 +236,7 @@ pub async fn register_and_connect_to_server_then_peers(
             full_name: format!("Peer {}", peer_number),
             username: format!("peer.{}", peer_number),
             password: format!("secret_{}", peer_number).into_bytes().to_owned(),
+            pre_shared_key: server_session_password.clone(),
         });
     }
 
@@ -256,6 +268,7 @@ pub async fn register_and_connect_to_server_then_peers(
                 from_service_b,
                 *cid_b,
                 session_security_settings,
+                Some(peer_session_password.clone()),
             )
             .await?;
 
@@ -267,6 +280,7 @@ pub async fn register_and_connect_to_server_then_peers(
                 from_service_b,
                 *cid_b,
                 session_security_settings,
+                Some(peer_session_password.clone()),
             )
             .await?;
         }
@@ -282,6 +296,7 @@ pub async fn register_p2p(
     from_service_b: &mut UnboundedReceiver<InternalServiceResponse>,
     cid_b: u64,
     session_security_settings: SessionSecuritySettings,
+    session_password: Some(PreSharedKey),
 ) -> Result<(), Box<dyn Error>> {
     // Service A Requests to Register with Service B
     to_service_a
@@ -291,6 +306,7 @@ pub async fn register_p2p(
             peer_cid: cid_b,
             session_security_settings,
             connect_after_register: false,
+            peer_session_password: Some(session_password.clone()),
         })
         .unwrap();
 
@@ -321,6 +337,7 @@ pub async fn register_p2p(
             peer_cid: cid_a,
             session_security_settings,
             connect_after_register: false,
+            peer_session_password: Some(session_password),
         })
         .unwrap();
 
@@ -354,6 +371,7 @@ pub async fn connect_p2p(
     from_service_b: &mut UnboundedReceiver<InternalServiceResponse>,
     cid_b: u64,
     session_security_settings: SessionSecuritySettings,
+    session_password: Some(PreSharedKey),
 ) -> Result<(), Box<dyn Error>> {
     // Service A Requests To Connect
     to_service_a
@@ -363,6 +381,7 @@ pub async fn connect_p2p(
             peer_cid: cid_b,
             udp_mode: Default::default(),
             session_security_settings,
+            peer_session_password: Some(session_password.clone()),
         })
         .unwrap();
 
@@ -392,6 +411,7 @@ pub async fn connect_p2p(
             peer_cid: cid_a,
             udp_mode: Default::default(),
             session_security_settings,
+            peer_session_password: Some(session_password),
         })
         .unwrap();
 
@@ -458,10 +478,37 @@ pub fn server_test_node_skip_cert_verification<'a, K: NetKernel + 'a>(
     (builder.build(kernel).unwrap(), bind_addr)
 }
 
+pub fn server_test_node_skip_cert_verification_with_password<'a, K: NetKernel + 'a>(
+    kernel: K,
+    server_password: PreSharedKey,
+    opts: impl FnOnce(&mut NodeBuilder),
+) -> (NodeFuture<'a, K>, SocketAddr) {
+    let mut builder = NodeBuilder::default();
+    let tcp_listener = std::net::TcpListener::bind("127.0.0.1:0").unwrap();
+    let bind_addr = tcp_listener.local_addr().unwrap();
+    let builder = builder
+        .with_node_type(NodeType::Server(bind_addr))
+        .with_server_password(server_password)
+        .with_insecure_skip_cert_verification()
+        .with_underlying_protocol(
+            ServerUnderlyingProtocol::from_tcp_listener(tcp_listener).unwrap(),
+        );
+
+    (opts)(builder);
+
+    (builder.build(kernel).unwrap(), bind_addr)
+}
+
 pub fn server_info_skip_cert_verification<'a>() -> (NodeFuture<'a, EmptyKernel>, SocketAddr) {
     server_test_node_skip_cert_verification(EmptyKernel, |_| {})
 }
 
+pub fn server_info_skip_cert_verification_with_password<'a>(
+    server_password: PreSharedKey,
+) -> (NodeFuture<'a, EmptyKernel>, SocketAddr) {
+    server_test_node_skip_cert_verification_with_password(EmptyKernel, server_password, |_| {})
+}
+
 pub fn server_info_reactive_skip_cert_verification<'a, F: 'a, Fut: 'a>(
     f: F,
     opts: impl FnOnce(&mut NodeBuilder),

citadel-internal-service/tests/file_transfer.rs

@@ -69,6 +69,7 @@ mod tests {
             full_name: "John Doe",
             username: "john.doe",
             password: "secret",
+            pre_shared_key: None,
         }];
         let returned_service_info = register_and_connect_to_server(to_spawn).await;
         let mut service_vec = returned_service_info.unwrap();
@@ -100,10 +101,14 @@ mod tests {
         // internal service for peer B
         let bind_address_internal_service_b: SocketAddr = "127.0.0.1:55537".parse().unwrap();
 
-        let mut peer_return_handle_vec = register_and_connect_to_server_then_peers(vec![
-            bind_address_internal_service_a,
-            bind_address_internal_service_b,
-        ])
+        let mut peer_return_handle_vec = register_and_connect_to_server_then_peers(
+            vec![
+                bind_address_internal_service_a,
+                bind_address_internal_service_b,
+            ],
+            None,
+            None,
+        )
         .await?;
 
         let (peer_one, peer_two) = peer_return_handle_vec.as_mut_slice().split_at_mut(1_usize);
@@ -218,6 +223,7 @@ mod tests {
             full_name: "John Doe",
             username: "john.doe",
             password: "secret",
+            pre_shared_key: None::<PreSharedKey>,
         }];
         let returned_service_info = register_and_connect_to_server(to_spawn).await;
         let mut service_vec = returned_service_info.unwrap();
@@ -314,10 +320,14 @@ mod tests {
         // internal service for peer B
         let bind_address_internal_service_b: SocketAddr = "127.0.0.1:55537".parse().unwrap();
 
-        let mut peer_return_handle_vec = register_and_connect_to_server_then_peers(vec![
-            bind_address_internal_service_a,
-            bind_address_internal_service_b,
-        ])
+        let mut peer_return_handle_vec = register_and_connect_to_server_then_peers(
+            vec![
+                bind_address_internal_service_a,
+                bind_address_internal_service_b,
+            ],
+            None,
+            None,
+        )
         .await?;
 
         let (peer_one, peer_two) = peer_return_handle_vec.as_mut_slice().split_at_mut(1_usize);

citadel-internal-service/tests/group_chat.rs

@@ -33,7 +33,7 @@ mod tests {
             bind_address_internal_service_a,
             bind_address_internal_service_b,
             bind_address_internal_service_c,
-        ])
+        ], None, None)
         .await?;
 
         let (to_service_a, mut from_service_a, cid_a) =
@@ -179,7 +179,7 @@ mod tests {
             bind_address_internal_service_a,
             bind_address_internal_service_b,
             bind_address_internal_service_c,
-        ])
+        ], None, None)
         .await?;
 
         let (to_service_a, mut from_service_a, cid_a) =
@@ -348,7 +348,7 @@ mod tests {
             bind_address_internal_service_a,
             bind_address_internal_service_b,
             bind_address_internal_service_c,
-        ])
+        ], None, None)
         .await?;
 
         let (to_service_a, mut from_service_a, cid_a) =
@@ -580,7 +580,7 @@ mod tests {
             bind_address_internal_service_a,
             bind_address_internal_service_b,
             bind_address_internal_service_c,
-        ])
+        ], None, None)
         .await?;
 
         let (to_service_a, mut from_service_a, cid_a) =
@@ -789,7 +789,7 @@ mod tests {
             bind_address_internal_service_a,
             bind_address_internal_service_b,
             bind_address_internal_service_c,
-        ])
+        ], None, None)
         .await?;
 
         let (to_service_a, mut from_service_a, cid_a) =
@@ -1009,7 +1009,7 @@ mod tests {
             bind_address_internal_service_a,
             bind_address_internal_service_b,
             bind_address_internal_service_c,
-        ])
+        ], None, None)
         .await?;
 
         let (to_service_a, mut from_service_a, cid_a) =