public void TestCloseConnection()
{
SecureTunnel t = new SecureTunnel(tunnelSocket);
byte[] privateKey, publicKey;
privateKey = new byte[0];
publicKey = new byte[0];
this.SetupTunnelComms(t, out privateKey, out publicKey);
tunnelSocket.InterceptOutgoingPacket(p =>
{
//we should recieve a close connection packet
EncryptedPacket packet = (EncryptedPacket)p;
packet.DecryptPacket(privateKey, publicKey);
var x = packet.RPCs.First;
Assert.IsTrue(x.SerializationTag == (byte)RPCType.ClosePipe);
});
DuplexPipe connection = new DuplexPipe(t, 100);
Assert.IsTrue(t.OpenPipe(connection));
Assert.IsTrue(t.PipeIDs.Contains((uint)100));
Assert.IsTrue(t.ClosePipe((uint)100));
Assert.IsFalse(t.PipeIDs.Contains((uint)100));
}
private void TcpCsSocketConnectToServer(SecureTunnel st)
{
Debug.Log("CsSocketTcp Creating XboxOneEndPoint...");
if (this.OurTcpCsSocketConnection.State != SecureTunnelState.Ready)
{
Debug.Log("CsSocketTcp Aborting - SecureTunnel is not Ready.");
return;
}
this.OurTcpCsSocketServerEndpoint = new XboxOneEndPoint(st);
this.TcpSendMessageToServer(this.OurTcpCsSocketServerEndpoint);
}
public void TestSendEncryptedPacket()
{
SecureTunnel t = new SecureTunnel(this.tunnelSocket);
bool triggered = false;
byte[] server_epk = new byte[0];
this.tunnelSocket.InterceptOutgoingPacket(p =>
{
Assert.IsNotNull(p.EuphemeralPublicKey);
Assert.IsTrue(p.EuphemeralPublicKey.Length == 32);
Assert.IsTrue(p.HasEPK);
triggered = true;
server_epk = p.EuphemeralPublicKey;
});
String messageText = "The quick brown fox jumps over the lazy dog";
//create an encryption key
KeyPair keyPair = Sodium.PublicKeyBox.GenerateKeyPair();
EncryptedPacket hello = new EncryptedPacket(1000, 0);
hello.EuphemeralPublicKey = keyPair.PublicKey;
t.HandleHelloPacket(hello);
Assert.IsTrue(triggered);
//these are just to ensure that the keys have been exchanged correctly.
//We may want the response to a hello to be an encrypted rpc just for added protection -- there is no
//need for the EPK to be transferred in the clear at this point.
Assert.That(keyPair.PublicKey.SequenceEqual(t.recipentEPK));
Assert.That(!keyPair.PublicKey.SequenceEqual(server_epk));
Assert.That(t.mKeyPair.PublicKey.SequenceEqual(server_epk));
triggered = false;
this.tunnelSocket.InterceptOutgoingPacket(p =>
{
EncryptedPacket packet = (EncryptedPacket)p;
Assert.IsNotNull(packet.ToBytes());
if (packet.DecryptPacket(keyPair.PrivateKey, server_epk))
{
String msg = System.Text.ASCIIEncoding.ASCII.GetString(packet.Payload);
System.Console.WriteLine(msg);
//Assert.IsTrue(msg.Equals (messageText));
triggered = true;
}
else
{
Assert.Fail("Decryption failed");
}
});
EncryptedPacket sentPacket = new EncryptedPacket(1000, 0);
sentPacket.SetPayload(messageText);
t.EncryptAndSendPacket(sentPacket);
Assert.IsTrue(triggered);
}
private void CreatedTcpCsSocketSecureTunnelToServer(SecureTunnel st, GetObjectAsyncOp <SecureTunnel> op)
{
if (op.Success)
{
Debug.Log("CsSocketTcp Secure Tunnel to server created!");
this.OurTcpCsSocketConnection = st;
this.OurTcpCsSocketConnection.OnStateChanged += this.StateChanged; // Notify us if the state of this connection changes
this.TcpCsSocketConnectToServer(st);
}
else
{
Debug.Log("CsSocketTcp Error creating Secure Tunnel to server: " + op.Result.ToString("X"));
}
}
public void TestOpenConnection()
{
SecureTunnel t = new SecureTunnel(tunnelSocket);
DuplexPipe connection = new DuplexPipe(t, 0);
Assert.IsFalse(t.OpenPipe(connection), "Shouldn't have been able to assign 0 to the abstract connection");
connection = new DuplexPipe(t, 100);
Assert.IsTrue(t.OpenPipe(connection), "Should've been able to assign a new connection with ID of 100");
Assert.IsTrue(t.PipeIDs.Contains((uint)100));
connection = new DuplexPipe(t, 100);
Assert.IsFalse(t.OpenPipe(connection), "Shouldn't have been able to create a duplicate connection with the same ID");
}
public void SendHelloTest()
{
bool trigger1 = false;
tunnelSocket.InterceptOutgoingPacket(p =>
{
trigger1 = true;
Assert.IsTrue(p.HasEPK);
});
SecureTunnel t = new SecureTunnel(tunnelSocket);
IPEndPoint endpoint = new IPEndPoint(IPAddress.Any, 5000);
t.CommunicateWith(endpoint);
Assert.IsTrue(trigger1);
}
public void TestClientServerRaw()
{
Assert.Ignore("This test is going to be ignored until we really need to support multiple tunnel socket types");
//TunnelSocketRaw raw1 = new TunnelSocketRaw(10000);
SecureTunnel st = new SecureTunnel(10000);
st.ID = 1;
TunnelSocket ts = new TunnelSocketRaw(10001); //this should create a tunnel
ts.Start();
//to act as a server
st.CommunicateWith(ts.LocalEndPoint);
Thread.Sleep(350);
UInt32 cid = 1000;
DuplexPipe c = (DuplexPipe)st.ControlPipe.OpenNewPipe(PipeType.Duplex, cid);
Thread.Sleep(350);
IList <UInt64> ids = ts.mTunnelDirectory.GetIDs();
Assert.IsTrue(ids.Count > 0);
Assert.IsTrue(st.ID == ids.First());
TunnelBase createdTunnel;
Assert.True(ts.mTunnelDirectory.Get(ids.First(), out createdTunnel));
Assert.True(createdTunnel.PipeIDs.Contains(cid), "Tunnel should've had a duplex connection created");
String testMsg = "This is a basic message of greater the 50 charachters length to test the " +
"the splitting and reforming of a message.";
PipeBase c2;
Assert.IsTrue(createdTunnel.Connections.Find(ref cid, out c2));
Assert.IsNotNull(c2);
bool trigger1 = false;
c.DataReceived += (sender, args) =>
{
var ret = System.Text.Encoding.ASCII.GetString(args.Data);
Assert.AreEqual(testMsg, ret);
trigger1 = true;
};
((DuplexPipe)c2).Send(testMsg);
Thread.Sleep(350);
Assert.IsTrue(trigger1, "Message never received");
}
private void SetupTunnelComms(SecureTunnel tunnel, out byte[] privateKey, out byte[] publicKey)
{
byte[] server_epk = new byte[0];
this.tunnelSocket.InterceptOutgoingPacket(p =>
{
Assert.IsNotNull(p.EuphemeralPublicKey);
Assert.IsTrue(p.EuphemeralPublicKey.Length == 32);
Assert.IsTrue(p.HasEPK);
server_epk = p.EuphemeralPublicKey;
});
String messageText = "The quick brown fox jumps over the lazy dog";
//create an encryption key
KeyPair keyPair = Sodium.PublicKeyBox.GenerateKeyPair();
EncryptedPacket hello = new EncryptedPacket(1000, 0);
hello.EuphemeralPublicKey = keyPair.PublicKey;
tunnel.HandleHelloPacket(hello);
privateKey = keyPair.PrivateKey;
publicKey = tunnel.mKeyPair.PublicKey;
}
public void TestOpenNewTunnelRequest()
{
//this actually needs to be done by the tunnel socket itself
//if an EPK is recieved on a TID that doesn't exist, we should
//respond by creating a tunnel to receive it
TunnelSocketSendIntercept sendIntercept = new TunnelSocketSendIntercept();
SecureTunnel t = new SecureTunnel(sendIntercept);
t.ID = 1;
UInt64 _id = t.ID;
bool triggered = false;
EncryptedPacket hello = t.MakeHelloPacket();
hello.TID = hello.TID |= Common.PUBLIC_KEY_FLAG; //this should be done during packing
sendIntercept.SetSendInterceptor(p =>
{
//socket.HandlePacket ((EncryptedPacket)p);
Assert.IsTrue(t.ID == (p.TID & ~Common.TID_FLAGS), String.Format("Key was: {0} but was supposed to be {1}", p.TID, t.ID));
TunnelBase ta;
Assert.IsFalse(socket.mTunnelDirectory.Get(t.ID, out ta), "Tunnel ID couldn't be found");
triggered = true;
});
IPEndPoint ep = new IPEndPoint(IPAddress.Any, 5000);
sendIntercept.HandlePacket(hello);
//t.CommunicateWith (ep);
//t.CommunicateWith (ep);
Assert.IsTrue(triggered);
triggered = false;
//TODO: When a decryption fails due to a packet
//being sent with an incorrect key we should
//add that ip address to a "caution" list. If there
//are repeated attepts at opening tunnels or
//adding tunnels then we should challenge with a puzzle
//or blacklist the user altogether.
}
private void DetectTcpCsSocketIncomingConnection(uint hresult, SecureTunnelListener listener, SecureTunnel tunnel)
{
if (this.TcpCsSocketIncomingTunnels.Contains(tunnel))
{
return;
}
if (hresult != 0)
{
Debug.Log("CsSocketTcp Incoming Connection Exception HResult: " + hresult);
return;
}
Debug.Log("CsSocketTcp Incoming Connection to our port " + tunnel.LocalPort + ": " + tunnel.State + "," + tunnel.RemoteHostName.CanonicalName + ":" + tunnel.RemotePort);
tunnel.OnStateChanged += StateChanged; // Notify us if the state of this connection changes
this.TcpCsSocketIncomingTunnels.Add(tunnel);
}
private void StateChanged(SecureTunnel secureTunnel, SecureTunnelState oldState, SecureTunnelState newState)
{
Debug.Log("Connection State Changed from " + oldState.ToString() + " to " + newState.ToString());
}
/// <summary>
/// Initializes a new instance of the <see cref="Tunnel.ControlPipe"/> class
/// locally with the specified port.
/// </summary>
/// <param name="port">Port.</param>
public ControlPipe(short port)
: base(0)
{
mTunnel = new SecureTunnel(TunnelRuntime.GetOrCreateTunnelSocket(port));
}
public void CreateTunnelTest()
{
SecureTunnel t = new SecureTunnel(tunnelSocket);
Assert.IsNotNull(t);
}
