From bae501100092074f118912d55a0cba6bba27e83f Mon Sep 17 00:00:00 2001 From: Evgeny Poberezkin <2769109+epoberezkin@users.noreply.github.com> Date: Thu, 8 Dec 2022 17:03:00 +0000 Subject: [PATCH 1/3] agent: api to get hash of ratchet associated data for connection verification --- src/Simplex/Messaging/Agent.hs | 12 +++++++++++- tests/AgentTests/FunctionalAPITests.hs | 14 ++++++++++++++ 2 files changed, 25 insertions(+), 1 deletion(-) diff --git a/src/Simplex/Messaging/Agent.hs b/src/Simplex/Messaging/Agent.hs index fe9925a362..63167fdac5 100644 --- a/src/Simplex/Messaging/Agent.hs +++ b/src/Simplex/Messaging/Agent.hs @@ -62,6 +62,7 @@ module Simplex.Messaging.Agent suspendConnection, deleteConnection, getConnectionServers, + getConnectionRatchetAdHash, setSMPServers, testSMPServerConnection, setNtfServers, @@ -116,7 +117,7 @@ import Simplex.Messaging.Client (ProtocolClient (..), ServerTransmission) import qualified Simplex.Messaging.Crypto as C import qualified Simplex.Messaging.Crypto.Ratchet as CR import Simplex.Messaging.Encoding -import Simplex.Messaging.Encoding.String (StrEncoding (..)) +import Simplex.Messaging.Encoding.String import Simplex.Messaging.Notifications.Protocol (DeviceToken, NtfRegCode (NtfRegCode), NtfTknStatus (..), NtfTokenId) import Simplex.Messaging.Notifications.Server.Push.APNS (PNMessageData (..)) import Simplex.Messaging.Notifications.Types @@ -248,6 +249,10 @@ deleteConnection c = withAgentEnv c . deleteConnection' c getConnectionServers :: AgentErrorMonad m => AgentClient -> ConnId -> m ConnectionStats getConnectionServers c = withAgentEnv c . getConnectionServers' c +-- | get connection ratchet associated data for connection verification (should match AD of the peer) +getConnectionRatchetAdHash :: AgentErrorMonad m => AgentClient -> ConnId -> m ByteString +getConnectionRatchetAdHash c = withAgentEnv c . getConnectionRatchetAdHash' c + -- | Change servers to be used for creating new queues setSMPServers :: AgentErrorMonad m => AgentClient -> NonEmpty SMPServerWithAuth -> m () setSMPServers c = withAgentEnv c . setSMPServers' c @@ -1187,6 +1192,11 @@ getConnectionServers' c connId = do SomeConn _ conn <- withStore c (`getConn` connId) pure $ connectionStats conn +getConnectionRatchetAdHash' :: AgentMonad m => AgentClient -> ConnId -> m ByteString +getConnectionRatchetAdHash' c connId = do + CR.Ratchet {rcAD = Str rcAD} <- withStore c (`getRatchet` connId) + pure $ C.sha256Hash rcAD + connectionStats :: Connection c -> ConnectionStats connectionStats = \case RcvConnection _ rq -> ConnectionStats {rcvServers = [qServer rq], sndServers = []} diff --git a/tests/AgentTests/FunctionalAPITests.hs b/tests/AgentTests/FunctionalAPITests.hs index e8350fd381..54e35a90c8 100644 --- a/tests/AgentTests/FunctionalAPITests.hs +++ b/tests/AgentTests/FunctionalAPITests.hs @@ -169,6 +169,9 @@ functionalAPITests t = do it "should pass with correct password" $ testSMPServerConnectionTest t auth (srv auth) `shouldReturn` Nothing it "should fail without password" $ testSMPServerConnectionTest t auth (srv Nothing) `shouldReturn` authErr it "should fail with incorrect password" $ testSMPServerConnectionTest t auth (srv $ Just "wrong") `shouldReturn` authErr + fdescribe "getRatchetAdHash" $ + it "should return the same data for both peers" $ + withSmpServer t testRatchetAdHash testBasicAuth :: ATransport -> Bool -> (Maybe BasicAuth, Version) -> (Maybe BasicAuth, Version) -> (Maybe BasicAuth, Version) -> IO Int testBasicAuth t allowNewQueues srv@(srvAuth, srvVersion) clnt1 clnt2 = do @@ -834,6 +837,17 @@ testSMPServerConnectionTest t newQueueBasicAuth srv = Right r <- runExceptT $ testSMPServerConnection a srv pure r +testRatchetAdHash :: IO () +testRatchetAdHash = do + a <- getSMPAgentClient agentCfg initAgentServers + b <- getSMPAgentClient agentCfg {database = testDB2} initAgentServers + Right () <- runExceptT $ do + (aId, bId) <- makeConnection a b + ad1 <- getConnectionRatchetAdHash a bId + ad2 <- getConnectionRatchetAdHash b aId + liftIO $ ad1 `shouldBe` ad2 + pure () + exchangeGreetings :: AgentClient -> ConnId -> AgentClient -> ConnId -> ExceptT AgentErrorType IO () exchangeGreetings = exchangeGreetingsMsgId 4 From 0aafdbbcba37f1d463289ac7c67a2900f8a73b9d Mon Sep 17 00:00:00 2001 From: Evgeny Poberezkin <2769109+epoberezkin@users.noreply.github.com> Date: Thu, 8 Dec 2022 17:04:36 +0000 Subject: [PATCH 2/3] enable all tests --- tests/AgentTests/FunctionalAPITests.hs | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/tests/AgentTests/FunctionalAPITests.hs b/tests/AgentTests/FunctionalAPITests.hs index 54e35a90c8..7f69070c69 100644 --- a/tests/AgentTests/FunctionalAPITests.hs +++ b/tests/AgentTests/FunctionalAPITests.hs @@ -169,7 +169,7 @@ functionalAPITests t = do it "should pass with correct password" $ testSMPServerConnectionTest t auth (srv auth) `shouldReturn` Nothing it "should fail without password" $ testSMPServerConnectionTest t auth (srv Nothing) `shouldReturn` authErr it "should fail with incorrect password" $ testSMPServerConnectionTest t auth (srv $ Just "wrong") `shouldReturn` authErr - fdescribe "getRatchetAdHash" $ + describe "getRatchetAdHash" $ it "should return the same data for both peers" $ withSmpServer t testRatchetAdHash From 9d1417306278ac619466b2f307162d6f5f9ee626 Mon Sep 17 00:00:00 2001 From: Evgeny Poberezkin <2769109+epoberezkin@users.noreply.github.com> Date: Fri, 9 Dec 2022 09:41:04 +0000 Subject: [PATCH 3/3] correction Co-authored-by: JRoberts <8711996+jr-simplex@users.noreply.github.com> --- src/Simplex/Messaging/Agent.hs | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/src/Simplex/Messaging/Agent.hs b/src/Simplex/Messaging/Agent.hs index 63167fdac5..37cfe94664 100644 --- a/src/Simplex/Messaging/Agent.hs +++ b/src/Simplex/Messaging/Agent.hs @@ -249,7 +249,7 @@ deleteConnection c = withAgentEnv c . deleteConnection' c getConnectionServers :: AgentErrorMonad m => AgentClient -> ConnId -> m ConnectionStats getConnectionServers c = withAgentEnv c . getConnectionServers' c --- | get connection ratchet associated data for connection verification (should match AD of the peer) +-- | get connection ratchet associated data hash for verification (should match peer AD hash) getConnectionRatchetAdHash :: AgentErrorMonad m => AgentClient -> ConnId -> m ByteString getConnectionRatchetAdHash c = withAgentEnv c . getConnectionRatchetAdHash' c