|
|
@@ -57,11 +57,11 @@ muCMZProtocol! { migration,
|
|
|
}
|
|
|
|
|
|
pub fn request(
|
|
|
+ rng: &mut (impl CryptoRng + RngCore),
|
|
|
L: Lox,
|
|
|
M: Migration,
|
|
|
pubkeys: CMZPubkey<G>,
|
|
|
) -> Result<(migration::Request, migration::ClientState), CredentialError> {
|
|
|
- let mut rng = rand::thread_rng();
|
|
|
cmz_group_init(G::hash_from_bytes::<Sha512>(b"CMZ Generator A"));
|
|
|
|
|
|
// Ensure that the credenials can be correctly shown; that is, the
|
|
|
@@ -85,9 +85,14 @@ pub fn request(
|
|
|
}
|
|
|
|
|
|
let mut N = Lox::using_pubkey(&pubkeys);
|
|
|
+ N.id = Some(Scalar::random(rng));
|
|
|
+ N.bucket = M.to_bucket;
|
|
|
N.trust_level = Some(Scalar::ONE);
|
|
|
+ N.level_since = Some(Scalar::ZERO);
|
|
|
+ N.invites_remaining = Some(Scalar::ZERO);
|
|
|
+ N.blockages = Some(Scalar::ZERO);
|
|
|
|
|
|
- match migration::prepare(&mut rng, SESSION_ID, &L, &M, N) {
|
|
|
+ match migration::prepare(rng, SESSION_ID, &L, &M, N) {
|
|
|
Ok(req_state) => Ok(req_state),
|
|
|
Err(e) => Err(CredentialError::CMZError(e)),
|
|
|
}
|
|
|
@@ -156,3 +161,82 @@ pub fn handle_response(
|
|
|
Err(_e) => Err(CMZError::Unknown),
|
|
|
}
|
|
|
}
|
|
|
+
|
|
|
+#[cfg(all(test, feature = "bridgeauth"))]
|
|
|
+mod tests {
|
|
|
+ use super::*;
|
|
|
+ use crate::mock_auth::TestHarness;
|
|
|
+ use crate::proto::{
|
|
|
+ migration, open_invite,
|
|
|
+ trust_promotion::{self, UNTRUSTED_INTERVAL},
|
|
|
+ };
|
|
|
+
|
|
|
+ #[test]
|
|
|
+ fn test_trust_migration() {
|
|
|
+ let mut th = TestHarness::new();
|
|
|
+ let rng = &mut rand::thread_rng();
|
|
|
+ let open_invitation_request = open_invite::request(rng, th.ba.lox_pub.clone());
|
|
|
+ assert!(
|
|
|
+ open_invitation_request.is_ok(),
|
|
|
+ "Open invitation request should succeed"
|
|
|
+ );
|
|
|
+ let (request, client_state) = open_invitation_request.unwrap();
|
|
|
+ let invite = th.bdb.invite();
|
|
|
+ let open_invitation_response = th.ba.open_invitation(request, &invite.unwrap());
|
|
|
+ assert!(
|
|
|
+ open_invitation_response.is_ok(),
|
|
|
+ "Open invitation response from server should succeed"
|
|
|
+ );
|
|
|
+ let (response, _) = open_invitation_response.unwrap();
|
|
|
+ let creds = open_invite::handle_response(client_state, response);
|
|
|
+ println!("{}", th.ba.today());
|
|
|
+ assert!(creds.is_ok(), "Handle response should succeed");
|
|
|
+ th.advance_days((UNTRUSTED_INTERVAL + 1).try_into().unwrap());
|
|
|
+ println!("{}", th.ba.today());
|
|
|
+ let lox_cred = creds.unwrap();
|
|
|
+ let trust_promo_request = trust_promotion::request(
|
|
|
+ rng,
|
|
|
+ lox_cred.clone(),
|
|
|
+ th.ba.migrationkey_pub.clone(),
|
|
|
+ th.ba.today(),
|
|
|
+ );
|
|
|
+ assert!(
|
|
|
+ trust_promo_request.is_ok(),
|
|
|
+ "Trust Promotion request should succeed"
|
|
|
+ );
|
|
|
+ let (tp_request, tp_client_state) = trust_promo_request.unwrap();
|
|
|
+ let trust_promo_response = th.ba.handle_trust_promotion(tp_request);
|
|
|
+ assert!(
|
|
|
+ trust_promo_response.is_ok(),
|
|
|
+ "Trust promotion response from server should succeed"
|
|
|
+ );
|
|
|
+ let (response, enc) = trust_promo_response.unwrap();
|
|
|
+ let mig_cred = trust_promotion::handle_response(
|
|
|
+ th.ba.migration_pub.clone(),
|
|
|
+ tp_client_state,
|
|
|
+ response,
|
|
|
+ enc,
|
|
|
+ );
|
|
|
+ assert!(mig_cred.is_ok(), "Handle response should succeed");
|
|
|
+ let migration_request = migration::request(
|
|
|
+ rng,
|
|
|
+ lox_cred.clone(),
|
|
|
+ mig_cred.unwrap(),
|
|
|
+ th.ba.lox_pub.clone(),
|
|
|
+ );
|
|
|
+ assert!(
|
|
|
+ migration_request.is_ok(),
|
|
|
+ "Migration request should succeed"
|
|
|
+ );
|
|
|
+ let (mig_request, mig_client_state) = migration_request.unwrap();
|
|
|
+ let migration_response = th.ba.handle_migration(mig_request);
|
|
|
+ assert!(
|
|
|
+ migration_response.is_ok(),
|
|
|
+ "Migration response from server should succeed"
|
|
|
+ );
|
|
|
+ let response = migration_response.unwrap();
|
|
|
+ let cred = migration::handle_response(mig_client_state, response);
|
|
|
+ assert!(cred.is_ok(), "Handle response should succeed");
|
|
|
+ th.verify_lox(&cred.unwrap());
|
|
|
+ }
|
|
|
+}
|
