Merge pull request #422 from perun-network/421_exchange_addrs_auth

fix(wire/net): remove test backend signature from authMsg of exchange address protocol

Author: NhoxxKienn

wire/account.go

@@ -40,8 +40,6 @@ type Account interface {
 	Sign(msg []byte) ([]byte, error)
 }
 
-const testBackendID = 0
-
 var _ Msg = (*AuthResponseMsg)(nil)
 
 // AuthResponseMsg is the response message in the peer authentication protocol.
@@ -84,7 +82,7 @@ func (m *AuthResponseMsg) Decode(r io.Reader) (err error) {
 }
 
 // NewAuthResponseMsg creates an authentication response message.
-func NewAuthResponseMsg(acc map[wallet.BackendID]Account) (Msg, error) {
+func NewAuthResponseMsg(acc map[wallet.BackendID]Account, backendID wallet.BackendID) (Msg, error) {
 	addressMap := make(map[wallet.BackendID]Address)
 	for id, a := range acc {
 		addressMap[id] = a.Address()
@@ -98,7 +96,7 @@ func NewAuthResponseMsg(acc map[wallet.BackendID]Account) (Msg, error) {
 		}
 		addressBytes = append(addressBytes, addrBytes...)
 	}
-	signature, err := acc[testBackendID].Sign(addressBytes)
+	signature, err := acc[backendID].Sign(addressBytes)
 	if err != nil {
 		return nil, fmt.Errorf("failed to sign address: %w", err)
 	}

wire/net/exchange_addr.go

@@ -63,33 +63,35 @@ func IsAuthenticationError(err error) bool {
 func ExchangeAddrsActive(ctx context.Context, id map[wallet.BackendID]wire.Account, peer map[wallet.BackendID]wire.Address, conn Conn) error {
 	var err error
 	ok := pkg.TerminatesCtx(ctx, func() {
-		authMsg, err2 := wire.NewAuthResponseMsg(id)
-		if err2 != nil {
-			err = errors.WithMessage(err2, "creating auth message")
-			return
-		}
-		err = conn.Send(&wire.Envelope{
-			Sender:    wire.AddressMapfromAccountMap(id),
-			Recipient: peer,
-			Msg:       authMsg,
-		})
-		if err != nil {
-			err = errors.WithMessage(err, "sending message")
-			return
-		}
+		for bid := range id {
+			authMsg, err2 := wire.NewAuthResponseMsg(id, bid)
+			if err2 != nil {
+				err = errors.WithMessage(err2, "creating auth message")
+				return
+			}
+			err = conn.Send(&wire.Envelope{
+				Sender:    wire.AddressMapfromAccountMap(id),
+				Recipient: peer,
+				Msg:       authMsg,
+			})
+			if err != nil {
+				err = errors.WithMessage(err, "sending message")
+				return
+			}
 
-		var e *wire.Envelope
-		if e, err = conn.Recv(); err != nil {
-			err = errors.WithMessage(err, "receiving message")
-		} else if _, ok := e.Msg.(*wire.AuthResponseMsg); !ok {
-			err = errors.Errorf("expected AuthResponse wire msg, got %v", e.Msg.Type())
-		} else if msg, ok := e.Msg.(*wire.AuthResponseMsg); ok {
-			if check := VerifyAddressSignature(peer, msg.Signature); check != nil {
-				err = errors.WithMessage(check, "verifying peer address's signature")
+			var e *wire.Envelope
+			if e, err = conn.Recv(); err != nil {
+				err = errors.WithMessage(err, "receiving message")
+			} else if _, ok := e.Msg.(*wire.AuthResponseMsg); !ok {
+				err = errors.Errorf("expected AuthResponse wire msg, got %v", e.Msg.Type())
+			} else if msg, ok := e.Msg.(*wire.AuthResponseMsg); ok {
+				if check := VerifyAddressSignature(peer, msg.Signature); check != nil {
+					err = errors.WithMessage(check, "verifying peer address's signature")
+				}
+			} else if !channel.EqualWireMaps(e.Recipient, wire.AddressMapfromAccountMap(id)) &&
+				!channel.EqualWireMaps(e.Sender, peer) {
+				err = NewAuthenticationError(e.Sender, e.Recipient, wire.AddressMapfromAccountMap(id), "unmatched response sender or recipient")
 			}
-		} else if !channel.EqualWireMaps(e.Recipient, wire.AddressMapfromAccountMap(id)) &&
-			!channel.EqualWireMaps(e.Sender, peer) {
-			err = NewAuthenticationError(e.Sender, e.Recipient, wire.AddressMapfromAccountMap(id), "unmatched response sender or recipient")
 		}
 	})
 
@@ -108,33 +110,35 @@ func ExchangeAddrsPassive(ctx context.Context, id map[wallet.BackendID]wire.Acco
 	var err error
 	addrs := wire.AddressMapfromAccountMap(id)
 	ok := pkg.TerminatesCtx(ctx, func() {
-		var e *wire.Envelope
-		if e, err = conn.Recv(); err != nil {
-			err = errors.WithMessage(err, "receiving auth message")
-		} else if _, ok := e.Msg.(*wire.AuthResponseMsg); !ok {
-			err = errors.Errorf("expected AuthResponse wire msg, got %v", e.Msg.Type())
-		} else if !channel.EqualWireMaps(e.Recipient, addrs) {
-			err = NewAuthenticationError(e.Sender, e.Recipient, wire.AddressMapfromAccountMap(id), "unmatched response sender or recipient")
-		} else if msg, ok := e.Msg.(*wire.AuthResponseMsg); ok {
-			if err = VerifyAddressSignature(e.Sender, msg.Signature); err != nil {
-				err = errors.WithMessage(err, "verifying peer address's signature")
+		for bid := range id {
+			var e *wire.Envelope
+			if e, err = conn.Recv(); err != nil {
+				err = errors.WithMessage(err, "receiving auth message")
+			} else if _, ok := e.Msg.(*wire.AuthResponseMsg); !ok {
+				err = errors.Errorf("expected AuthResponse wire msg, got %v", e.Msg.Type())
+			} else if !channel.EqualWireMaps(e.Recipient, addrs) {
+				err = NewAuthenticationError(e.Sender, e.Recipient, wire.AddressMapfromAccountMap(id), "unmatched response sender or recipient")
+			} else if msg, ok := e.Msg.(*wire.AuthResponseMsg); ok {
+				if err = VerifyAddressSignature(e.Sender, msg.Signature); err != nil {
+					err = errors.WithMessage(err, "verifying peer address's signature")
+				}
 			}
-		}
 
-		if err != nil {
-			return
-		}
+			if err != nil {
+				return
+			}
 
-		authMsg, err2 := wire.NewAuthResponseMsg(id)
-		if err2 != nil {
-			err = errors.WithMessage(err2, "creating auth message")
-			return
+			authMsg, err2 := wire.NewAuthResponseMsg(id, bid)
+			if err2 != nil {
+				err = errors.WithMessage(err2, "creating auth message")
+				return
+			}
+			addr, err = e.Sender, conn.Send(&wire.Envelope{
+				Sender:    wire.AddressMapfromAccountMap(id),
+				Recipient: e.Sender,
+				Msg:       authMsg,
+			})
 		}
-		addr, err = e.Sender, conn.Send(&wire.Envelope{
-			Sender:    wire.AddressMapfromAccountMap(id),
-			Recipient: e.Sender,
-			Msg:       authMsg,
-		})
 	})
 
 	if !ok {

wire/net/simple/address.go

@@ -28,9 +28,6 @@ import (
 	"perun.network/go-perun/wire"
 )
 
-// testBackendID is the identifier for the simulated Backend.
-const testBackendID = 0
-
 // Address is a wire address.
 type Address struct {
 	Name      string
@@ -208,18 +205,22 @@ func NewRandomAddress(rng *rand.Rand) *Address {
 }
 
 // NewRandomAddresses returns a new random peer address.
-func NewRandomAddresses(rng *rand.Rand) map[wallet.BackendID]wire.Address {
+func NewRandomAddresses(rng *rand.Rand, backendID []wallet.BackendID) map[wallet.BackendID]wire.Address {
 	const addrLen = 32
 	l := rng.Intn(addrLen)
 	d := make([]byte, l)
 	if _, err := rng.Read(d); err != nil {
 		panic(err)
 	}
 
-	a := Address{
-		Name: string(d),
+	addresses := make(map[wallet.BackendID]wire.Address)
+	for _, id := range backendID {
+		a := Address{
+			Name: string(d),
+		}
+		addresses[id] = &a
 	}
-	return map[wallet.BackendID]wire.Address{testBackendID: &a}
+	return addresses
 }
 
 // Verify verifies a message signature.

wire/net/simple/dialer_internal_test.go

@@ -139,7 +139,7 @@ func TestDialer_Dial(t *testing.T) {
 	})
 
 	t.Run("unknown host", func(t *testing.T) {
-		noHostAddr := NewRandomAddresses(rng)
+		noHostAddr := NewRandomAddresses(rng, []wallet.BackendID{wiretest.TestBackendID})
 		d.Register(noHostAddr, "no such host")
 
 		ctxtest.AssertTerminates(t, timeout, func() {
@@ -151,7 +151,7 @@ func TestDialer_Dial(t *testing.T) {
 
 	t.Run("unknown address", func(t *testing.T) {
 		ctxtest.AssertTerminates(t, timeout, func() {
-			unkownAddr := NewRandomAddresses(rng)
+			unkownAddr := NewRandomAddresses(rng, []wallet.BackendID{wiretest.TestBackendID})
 			conn, err := d.Dial(context.Background(), unkownAddr, ser)
 			assert.Error(t, err)
 			assert.Nil(t, conn)

wire/net/simple/simple_exchange_addr_test.go

@@ -27,6 +27,7 @@ import (
 	"time"
 
 	"perun.network/go-perun/channel"
+	"perun.network/go-perun/wallet"
 
 	"github.com/stretchr/testify/assert"
 
@@ -107,8 +108,8 @@ func newPipeConnPair() (a wirenet.Conn, b wirenet.Conn) {
 // recipient generated using randomness from rng.
 func newRandomEnvelope(rng *rand.Rand, m wire.Msg) *wire.Envelope {
 	return &wire.Envelope{
-		Sender:    NewRandomAddresses(rng),
-		Recipient: NewRandomAddresses(rng),
+		Sender:    NewRandomAddresses(rng, []wallet.BackendID{wiretest.TestBackendID}),
+		Recipient: NewRandomAddresses(rng, []wallet.BackendID{wiretest.TestBackendID}),
 		Msg:       m,
 	}
 }

wire/test/msgstest.go

@@ -40,7 +40,7 @@ func AuthMsgsSerializationTest(t *testing.T, serializerTest func(t *testing.T, m
 	t.Helper()
 
 	rng := pkgtest.Prng(t)
-	testMsg, err := wire.NewAuthResponseMsg(NewRandomAccountMap(rng, TestBackendID))
+	testMsg, err := wire.NewAuthResponseMsg(NewRandomAccountMap(rng, TestBackendID), TestBackendID)
 	if err != nil {
 		t.Fatal(err)
 	}