grin-wallet/tests/owner_v3_init_secure.rs
Yeastplume 41c0058e84
API Lifecycle Implementation, Pt. 1 (#211)
* allow owner api to start up without a wallet, begin to add lifecycle functions

* rustfmt

* test and typos fix

* updated with lifecycle functions

* rustfmt

* updates to allow owner api tests to be executed against local wallet proxy

* rustfmt

* fix for windows test

* add ability to pass configuration to , begin to add documentation and doctests

* add ability to pass configuration to , begin to add documentation and doctests

* doctests for lifecycle functions

* rustfmt

* ensure foreign API also has mask updated when being run along owner api, add more tests to lifecycle

* rustfmt

* documentation for lifecycle methods + init_secure_api

* rustfmt

* failing doctest
2019-09-02 16:03:35 +01:00

227 lines
7 KiB
Rust

// Copyright 2019 The Grin Developers
// Licensed under the Apache License, Version 2.0 (the "License");
// you may not use this file except in compliance with the License.
// You may obtain a copy of the License at
//
// http://www.apache.org/licenses/LICENSE-2.0
//
// Unless required by applicable law or agreed to in writing, software
// distributed under the License is distributed on an "AS IS" BASIS,
// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
// See the License for the specific language governing permissions and
// limitations under the License.
#[macro_use]
extern crate clap;
#[macro_use]
extern crate log;
extern crate grin_wallet;
use grin_wallet_api::ECDHPubkey;
use grin_wallet_impls::test_framework::{self, LocalWalletClient, WalletProxy};
use clap::App;
use std::thread;
use std::time::Duration;
use grin_wallet_impls::DefaultLCProvider;
use grin_wallet_util::grin_keychain::ExtKeychain;
use grin_wallet_util::grin_util::secp::key::SecretKey;
use grin_wallet_util::grin_util::{from_hex, static_secp_instance};
use serde_json;
#[macro_use]
mod common;
use common::{
clean_output_dir, derive_ecdh_key, execute_command, initial_setup_wallet, instantiate_wallet,
send_request, send_request_enc, setup, RetrieveSummaryInfoResp,
};
#[test]
fn owner_v3_init_secure() -> Result<(), grin_wallet_controller::Error> {
let test_dir = "target/test_output/owner_v3_init_secure";
setup(test_dir);
// Create a new proxy to simulate server and wallet responses
setup_proxy!(test_dir, chain, wallet1, client1, mask1, wallet2, client2, _mask2);
// add some blocks manually
let bh = 2u64;
let _ =
test_framework::award_blocks_to_wallet(&chain, wallet1.clone(), mask1, bh as usize, false);
// run a wallet owner listener
let arg_vec = vec!["grin-wallet", "-p", "password", "owner_api", "-l", "33420"];
thread::spawn(move || {
let yml = load_yaml!("../src/bin/grin-wallet.yml");
let app = App::from_yaml(yml);
execute_command(&app, test_dir, "wallet1", &client1, arg_vec.clone()).unwrap();
});
thread::sleep(Duration::from_millis(200));
// use in all tests
let sec_key_str = "e00dcc4a009e3427c6b1e1a550c538179d46f3827a13ed74c759c860761caf1e";
let _pub_key_str = "03b3c18c9a38783d105e238953b1638b021ba7456d87a5c085b3bdb75777b4c490";
let sec_key_bytes = from_hex(sec_key_str.to_owned()).unwrap();
let sec_key = {
let secp_inst = static_secp_instance();
let secp = secp_inst.lock();
SecretKey::from_slice(&secp, &sec_key_bytes).unwrap()
};
// 1) Attempt to send an encrypted request before calling `init_secure_api`
let req = include_str!("data/v3_reqs/retrieve_info.req.json");
let res = send_request_enc::<String>(1, 1, "http://127.0.0.1:33420/v3/owner", &req, &sec_key)?;
println!("RES 1: {:?}", res);
assert!(res.is_err());
assert_eq!(res.unwrap_err().code, -32001);
// 2) Call any function on the V3 api without calling 'init_secure_api` first
let res = send_request::<String>(1, "http://127.0.0.1:33420/v3/owner", &req)?;
println!("RES 2: {:?}", res);
assert!(res.is_err());
assert_eq!(res.unwrap_err().code, -32001);
// 3) Call 'init_secure_api' and negotiate shared key
let req = include_str!("data/v3_reqs/init_secure_api.req.json");
let res = send_request(1, "http://127.0.0.1:33420/v3/owner", req)?;
println!("RES 3: {:?}", res);
assert!(res.is_ok());
let value: ECDHPubkey = res.unwrap();
let shared_key = derive_ecdh_key(sec_key_str, &value.ecdh_pubkey);
// 4) A normal request, correct key
let req = include_str!("data/v3_reqs/retrieve_info.req.json");
let res = send_request_enc::<RetrieveSummaryInfoResp>(
1,
1,
"http://127.0.0.1:33420/v3/owner",
&req,
&shared_key,
)?;
println!("RES 4: {:?}", res);
assert!(res.is_ok());
// 5) A normal request, incorrect key
let mut bad_key = shared_key.clone();
bad_key.0[0] = 0;
let req = include_str!("data/v3_reqs/retrieve_info.req.json");
let res = send_request_enc::<RetrieveSummaryInfoResp>(
1,
1,
"http://127.0.0.1:33420/v3/owner",
&req,
&bad_key,
)?;
println!("RES 5: {:?}", res);
assert!(res.is_err());
assert_eq!(res.unwrap_err().code, -32002);
// 6) A malformed encrypted json request (missing nonce)
let req = serde_json::json!({
"jsonrpc": "2.0",
"id": 1,
"method": "encrypted_request_v3",
"params": {
"body_enc:": "thisiswrong",
}
});
let res = send_request::<String>(1, "http://127.0.0.1:33420/v3/owner", &req.to_string())?;
println!("RES 6: {:?}", res);
assert!(res.is_err());
assert_eq!(res.unwrap_err().code, -32002);
// 7) A malformed encrypted json request (garbage encrypted content)
let req = serde_json::json!({
"jsonrpc": "2.0",
"id": 1,
"method": "encrypted_request_v3",
"params": {
"nonce": "32",
"body_enc": "thisiswrong",
}
});
let res = send_request::<String>(1, "http://127.0.0.1:33420/v3/owner", &req.to_string())?;
println!("RES 7: {:?}", res);
assert!(res.is_err());
assert_eq!(res.unwrap_err().code, -32002);
// 8) Encrypted call to `init_secure_api`, followed by re-deriving key
let req = include_str!("data/v3_reqs/init_secure_api.req.json");
let res = send_request_enc(
1,
1,
"http://127.0.0.1:33420/v3/owner",
&req.to_string(),
&shared_key,
)?;
println!("RES 8: {:?}", res);
assert!(res.is_ok());
let value: ECDHPubkey = res.unwrap();
let shared_key = derive_ecdh_key(sec_key_str, &value.ecdh_pubkey);
// 9) A normal request, with new correct key
let req = include_str!("data/v3_reqs/retrieve_info.req.json");
let res = send_request_enc::<RetrieveSummaryInfoResp>(
9,
1,
"http://127.0.0.1:33420/v3/owner",
&req,
&shared_key,
)?;
println!("RES 9: {:?}", res);
assert!(res.is_ok());
// 10) Call 'init_secure_api' unencrypted (which we can do) and negotiate new shared key
let req = include_str!("data/v3_reqs/init_secure_api.req.json");
let res = send_request(1, "http://127.0.0.1:33420/v3/owner", req)?;
println!("RES 10: {:?}", res);
assert!(res.is_ok());
let value: ECDHPubkey = res.unwrap();
let shared_key = derive_ecdh_key(sec_key_str, &value.ecdh_pubkey);
// 11) A normal request, correct key
let req = include_str!("data/v3_reqs/retrieve_info.req.json");
let res = send_request_enc::<RetrieveSummaryInfoResp>(
11,
1,
"http://127.0.0.1:33420/v3/owner",
&req,
&shared_key,
)?;
println!("RES 11: {:?}", res);
assert!(res.is_ok());
// 12) A request which triggers an API error (not an encryption error)
let req = serde_json::json!({
"jsonrpc": "2.0",
"id": 1,
"method": "method_dun_exist",
"params": {
"nope": "nope",
}
})
.to_string();
let res =
send_request_enc::<String>(12, 1, "http://127.0.0.1:33420/v3/owner", &req, &shared_key)?;
println!("RES 12: {:?}", res);
assert!(res.is_err());
assert_eq!(res.unwrap_err().code, -32601);
// 13) A request which triggers an internal API error (not enough funds)
let req = include_str!("data/v3_reqs/init_send_tx.req.json");
let res =
send_request_enc::<String>(13, 1, "http://127.0.0.1:33420/v3/owner", &req, &shared_key)?;
println!("RES 13: {:?}", res);
assert!(res.is_err());
assert_eq!(res.unwrap_err().code, -32099);
clean_output_dir(test_dir);
Ok(())
}