Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Add more Secure Session tests #376

Merged
merged 9 commits into from
Feb 12, 2019
Merged

Add more Secure Session tests #376

merged 9 commits into from
Feb 12, 2019

Conversation

ilammy
Copy link
Collaborator

@ilammy ilammy commented Feb 12, 2019

This PR updates the tests for Secure Session with new cases.

Now we check more happy and failure paths in Secure Session. We verify that errors are correctly forwarded from transport callbacks, and that this causes the whole session to fail. We also test the session change callback. Finally, we test a couple of edge cases with empty messages.

We also make a couple of other tweaks. There are more details in individual commit messages.

Unfortunately it is not possible to write tests for buffer size overflow handling as that will require the current implementation to actually allocate a buffer of 4 GB or larger which usually segfaults. Buffer sizes are completely under control of Secure Session user though.

@ilammy
Reorder method declarations in SecureSessionTransport
ee3e750 
Move the required method get_public_key_for_id() first in the trait
definition. This has no semantic meaning but it's important for IDE
autocomplete or example, rustdoc also uses this order, and this is
the order which is most likely to be used by users when defining
transport implementations.
@ilammy
Add Debug, Clone, Copy impls to SecureSessionState
626351b 
Every public struct or enum should have a Debug implementation for
logging whatnot, so add it. It is also sometimes useful to copy the
state in the state reporting callback, so add Clone and Copy impls.
This enum is likely to stay simple so copying is cheap.
@ilammy
Add MockTransport for testing Secure Session
1a22773 
Rust does not have an established popular mocking framework, and mock
objects are generally frowned upon in tests. However, sometimes they
are useful, and the current practice is to roll out your own mocks.

Introduce a simple implementation of SecureSessionTransport based on
closures. This allows to reimplement and change behavior at run-time.
@ilammy
Replace DummyTransport with MockTransport
b32482d 
Its functionality can be easily reimplemented with a simple utility
that sets the get_public_key_for_id callback to recognize a single
peer and return its public key.

Drop the comments about RSA keys. It is now impossible to pass RSA
keys instead of ECDSA to Secure Session.
@ilammy
Replace ChannelTransport with MockTransport
c88ce8d 
Again, we can easily reimplement ad-hoc ChannelTransport with a similar
ad-hoc function that sets up the same communication channel between two
Secure Sessions. The test code is now a bit easier to follow with this
change.
@ilammy
Test reporting connection state in state_changed callback
f3952a8 
Check that state changes are reported at correct moment. We use
channels to transport state reports out of a closure. It's a bit
tricky to do otherwise to satisfy the borrow checker.
@ilammy
Test failures in get_public_key_for_id
e627831 
Both Secure Sessions should fail at connection negotiation stage with
ErrorKind::SessionGetPublicKeyForIdError if any of them does not
recognize its peer by an ID.
@ilammy
Test failures in send/receive callbacks
6e5ac79 
Check that errors reported from send_data and receive_data callbacks
are correctly forwarded to the user (and that they actually cause
connection failure).

We use yet another tricky setup with channels to override the behavior
of MockTransport. The channels are used to pass one-shot closures that
describe the behavior of the next call to callback. The callbacks then
revert to their previous behavior if there are no pending 'behavior
overrides'. This can be used to test multiple failures in the future.
@ilammy
Test empty message handling
9e70949 
Secure Session cannot send or receive empty messages for security
reasons because empty message does not contain any authentication
information.

Verify that Secure Session reports errors when the user tries to send
and empty message or when the transport layer returns an empty message.
@ilammy ilammy added the W-RustThemis 🦀 Wrapper: Rust-Themis, Rust API, Cargo crates label Feb 12, 2019
@ilammy ilammy merged commit 8d47b40 into cossacklabs:master Feb 12, 2019
@ilammy ilammy deleted the ssession-tests branch February 19, 2019 19:02
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@vixentael vixentael vixentael approved these changes

@Lagovas Lagovas Lagovas approved these changes

@shadinua shadinua Awaiting requested review from shadinua

Assignees
No one assigned
Labels
W-RustThemis 🦀 Wrapper: Rust-Themis, Rust API, Cargo crates
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

None yet
3 participants
@ilammy @vixentael @Lagovas