Skip to content

Commit

Permalink
Verify cargo bound for private gateways
Browse files Browse the repository at this point in the history
  • Loading branch information
@sdsantos
sdsantos committed Dec 28, 2023
1 parent cfe9f3c commit 12085d9
Show file tree
Hide file tree
Showing 2 changed files with 42 additions and 11 deletions.
17 changes: 16 additions & 1 deletion app/src/main/java/tech/relaycorp/courier/domain/StoreMessage.kt
View file
Original file line number Diff line number Diff line change
Expand Up @@ -11,6 +11,7 @@ import tech.relaycorp.courier.data.model.StoredMessage
import tech.relaycorp.relaynet.cogrpc.readBytesAndClose
import tech.relaycorp.relaynet.messages.Cargo
import tech.relaycorp.relaynet.messages.CargoCollectionAuthorization
import tech.relaycorp.relaynet.messages.InvalidMessageException
import tech.relaycorp.relaynet.ramf.RAMFException
import tech.relaycorp.relaynet.ramf.RAMFMessage
import java.io.InputStream
Expand Down Expand Up @@ -38,10 +39,24 @@ class StoreMessage
}

try {
cargo.validate(null)
cargo.validate(
when (recipientType) {
GatewayType.Internet -> null
GatewayType.Private ->
cargo.recipientCertificate
?.let { setOf(it) }
?: run {
logger.warning("Invalid cargo received with missing recipient certificate")
return Result.Error.Invalid
}
},
)
} catch (exc: RAMFException) {
logger.warning("Invalid cargo received: ${exc.message}")
return Result.Error.Invalid
} catch (exc: InvalidMessageException) {
logger.warning("Invalid cargo received: ${exc.message}")
return Result.Error.Invalid
}

return storeMessage(MessageType.Cargo, cargo, cargoBytes, recipientType)
Expand Down
36 changes: 26 additions & 10 deletions app/src/test/java/tech/relaycorp/courier/domain/StoreMessageTest.kt
View file
Original file line number Diff line number Diff line change
Expand Up @@ -11,7 +11,6 @@ import kotlinx.coroutines.test.runTest
import org.junit.jupiter.api.Assertions.assertEquals
import org.junit.jupiter.api.Assertions.assertTrue
import org.junit.jupiter.api.BeforeEach
import org.junit.jupiter.api.Disabled
import org.junit.jupiter.api.Nested
import org.junit.jupiter.api.Test
import tech.relaycorp.courier.data.database.StoredMessageDao
Expand All @@ -20,6 +19,7 @@ import tech.relaycorp.courier.data.model.GatewayType
import tech.relaycorp.courier.data.model.StorageSize
import tech.relaycorp.courier.data.model.StorageUsage
import tech.relaycorp.courier.data.model.StoredMessage
import tech.relaycorp.relaynet.issueDeliveryAuthorization
import tech.relaycorp.relaynet.messages.Cargo
import tech.relaycorp.relaynet.messages.CargoCollectionAuthorization
import tech.relaycorp.relaynet.messages.Recipient
Expand Down Expand Up @@ -145,7 +145,10 @@ class StoreMessageTest {
invalidCargo.serialize(KeyPairSet.PRIVATE_GW.private)

val result =
subject.storeCargo(invalidCargoSerialized.inputStream(), GatewayType.Internet)
subject.storeCargo(
invalidCargoSerialized.inputStream(),
GatewayType.Internet,
)

assertEquals(StoreMessage.Result.Error.Invalid, result)
verify(diskRepository, never()).writeMessage(any())
Expand All @@ -163,7 +166,8 @@ class StoreMessageTest {
)
val cargoSerialized = cargo.serialize(KeyPairSet.PRIVATE_GW.private)

val result = subject.storeCargo(cargoSerialized.inputStream(), GatewayType.Internet)
val result =
subject.storeCargo(cargoSerialized.inputStream(), GatewayType.Internet)

assertTrue(result is StoreMessage.Result.Success)
verify(diskRepository).writeMessage(any())
Expand All @@ -185,7 +189,8 @@ class StoreMessageTest {
)
val cargoSerialized = cargo.serialize(KeyPairSet.PRIVATE_GW.private)

val result = subject.storeCargo(cargoSerialized.inputStream(), GatewayType.Internet)
val result =
subject.storeCargo(cargoSerialized.inputStream(), GatewayType.Internet)

assertTrue(result is StoreMessage.Result.Success)
verify(diskRepository).writeMessage(any())
Expand All @@ -195,21 +200,30 @@ class StoreMessageTest {

@Nested
inner class BoundForPrivateGateway {
private val recipient = Recipient(KeyPairSet.PRIVATE_GW.public.nodeId)
private val recipient = Recipient(CDACertPath.PRIVATE_GW.subjectPublicKey.nodeId)
private val senderCertificate =
issueDeliveryAuthorization(
KeyPairSet.INTERNET_GW.public,
KeyPairSet.PRIVATE_GW.private,
ZonedDateTime.now().plusHours(1),
CDACertPath.PRIVATE_GW,
validityStartDate = ZonedDateTime.now().minusMinutes(1),
)

@Test
@Disabled // See https://github.com/relaycorp/relaynet-courier-android/issues/255
fun `Unauthorized cargo should be refused`() =
runTest {
val cargo =
Cargo(
recipient.copy(id = "${recipient.id}abc"),
"payload".toByteArray(),
CDACertPath.INTERNET_GW,
senderCertificate,
senderCertificateChain = setOf(CDACertPath.PRIVATE_GW),
)
val cargoSerialized = cargo.serialize(KeyPairSet.INTERNET_GW.private)

val result = subject.storeCargo(cargoSerialized.inputStream(), GatewayType.Private)
val result =
subject.storeCargo(cargoSerialized.inputStream(), GatewayType.Private)

assertEquals(StoreMessage.Result.Error.Invalid, result)
verify(diskRepository, never()).writeMessage(any())
Expand All @@ -223,11 +237,13 @@ class StoreMessageTest {
Cargo(
recipient,
"payload".toByteArray(),
CDACertPath.INTERNET_GW,
senderCertificate,
senderCertificateChain = setOf(CDACertPath.PRIVATE_GW),
)
val cargoSerialized = cargo.serialize(KeyPairSet.INTERNET_GW.private)

val result = subject.storeCargo(cargoSerialized.inputStream(), GatewayType.Private)
val result =
subject.storeCargo(cargoSerialized.inputStream(), GatewayType.Private)

assertTrue(result is StoreMessage.Result.Success)
verify(diskRepository).writeMessage(any())
Expand Down

0 comments on commit 12085d9

Please sign in to comment.