key transition validation test, more accurate key transition testing

teserakt-io · Nov 19, 2019 · 13f509c · 13f509c
1 parent f1e81d0
commit 13f509c
Show file tree

Hide file tree

Showing 3 changed files with 25 additions and 1 deletion.
diff --git a/client.go b/client.go
@@ -375,7 +375,7 @@ func (c *client) Unprotect(protected []byte, topic string) ([]byte, error) {
 	hashOfHash := hex.EncodeToString(e4crypto.HashTopic(string(topicHash)))
 	topicKeyTs, ok := c.TopicKeys[hashOfHash]
 	if !ok {
-		return nil, err
+		return nil, miscreant.ErrNotAuthentic
 	}
 	if len(topicKeyTs) != e4crypto.KeyLen+e4crypto.TimestampLen {
 		return nil, errors.New("invalid old topic key length")

diff --git a/client_test.go b/client_test.go
@@ -10,6 +10,7 @@ import (
 	"time"
 
 	"github.com/agl/ed25519/extra25519"
+	miscreant "github.com/miscreant/miscreant.go"
 	"golang.org/x/crypto/ed25519"
 
 	e4crypto "github.com/teserakt-io/e4go/crypto"
@@ -238,6 +239,9 @@ func TestKeyTransition(t *testing.T) {
 	// should fail, first key no longer available
 	if _, err := c.Unprotect(protected, topic); err == nil {
 		t.Fatal("Unprotect unexpectedly passed")
+		if err != miscreant.ErrNotAuthentic {
+			t.Fatalf("Unprotect return unexpected error type: got %v, wanted %v", err, miscreant.ErrNotAuthentic)
+		}
 	}
 }
 

diff --git a/crypto/validators_test.go b/crypto/validators_test.go
@@ -232,6 +232,26 @@ func TestValidateTimestamp(t *testing.T) {
 	}
 }
 
+func TestValidateTimestampKey(t *testing.T) {
+	futureTimestamp := make([]byte, TimestampLen)
+	binary.LittleEndian.PutUint64(futureTimestamp, uint64(time.Now().Add(1*time.Second).Unix()))
+	if err := ValidateTimestamp(futureTimestamp); err == nil {
+		t.Fatalf("Expected timestamp in future to not be valid")
+	}
+
+	pastTimestamp := make([]byte, TimestampLen)
+	binary.LittleEndian.PutUint64(pastTimestamp, uint64(time.Now().Add(-(MaxDelayKeyTransition + 1)).Unix()))
+	if err := ValidateTimestamp(pastTimestamp); err == nil {
+		t.Fatalf("Expected timestamp too far in past to not be valid")
+	}
+
+	validTimestamp := make([]byte, TimestampLen)
+	binary.LittleEndian.PutUint64(validTimestamp, uint64(time.Now().Unix()))
+	if err := ValidateTimestamp(validTimestamp); err != nil {
+		t.Fatalf("Got error %v when validating timestamp %v, wanted no error", err, validTimestamp)
+	}
+}
+
 func TestValidateCurve25519PubKey(t *testing.T) {
 	t.Run("Invalid public keys return an error", func(t *testing.T) {
 		allZeroKey := make([]byte, 32)