mike
/
chronoscope
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Save cookies

This commit is contained in:
Mike Cifelli 2024-03-17 14:24:12 -04:00
parent e8b08c53c7
commit d16eb53bc0
Signed by: mike
GPG Key ID: 6B08C6BE47D08E4C
3 changed files with 36 additions and 35 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

5
lib/chronoscope/nts/key_establishment.ex
View File

@ -25,10 +25,7 @@ defmodule Chronoscope.NTS.KeyEstablishment do
end end
def parse_response(response) do def parse_response(response) do
response {:ok, do_parse_response(response, %{})}
|> do_parse_response(%{})
|> Map.update(:cookies, 0, &length/1)
|> then(&{:ok, &1})
end end
defp do_parse_response([], acc) do defp do_parse_response([], acc) do

12
lib/chronoscope_web/controllers/api/v1/nts/key_establishment_controller.ex
View File

@ -13,16 +13,16 @@ defmodule ChronoscopeWeb.API.V1.NTS.KeyEstablishmentController do
case NTS.key_establishment(host, port) do case NTS.key_establishment(host, port) do
{:ok, configuration} -> {:ok, configuration} ->
ok_response(conn, %{status: :ok, configuration: configuration}) json(conn, %{status: :ok, configuration: format_configuration(configuration)})
{:error, error} -> {:error, error} ->
ok_response(conn, %{status: :error, reason: to_string(error)}) json(conn, %{status: :error, reason: to_string(error)})
end end
end end
defp ok_response(conn, body) do defp format_configuration(configuration) do
conn configuration
|> Plug.Conn.put_resp_content_type("application/json") |> Map.take([:aead_algorithms, :cookie_length, :cookies, :next_protocols, :port, :server])
|> Plug.Conn.send_resp(:ok, Jason.encode!(body)) |> Map.update(:cookies, 0, &length/1)
end end
end end

54
test/chronoscope/nts/key_establishment_test.exs
View File

@ -9,96 +9,99 @@ defmodule Chronoscope.NTS.KeyEstablishmentTest do
end end
test "handles empty response" do test "handles empty response" do
assert KeyEstablishment.parse_response([]) == {:ok, %{cookies: 0}} assert KeyEstablishment.parse_response([]) == {:ok, %{}}
end
test "ignores unkown record" do
assert KeyEstablishment.parse_response([0x80, 0x21, 0x00, 0x04, 0x00, 0x01, 0x02, 0x03]) == {:ok, %{}}
end end
test "handles end of message record" do test "handles end of message record" do
assert KeyEstablishment.parse_response([0x80, 0x00, 0x00, 0x00]) == {:ok, %{cookies: 0}} assert KeyEstablishment.parse_response([0x80, 0x00, 0x00, 0x00]) == {:ok, %{}}
end end
test "handles next protocol negotiation record" do test "handles next protocol negotiation record" do
assert KeyEstablishment.parse_response([0x80, 0x01, 0x00, 0x02, 0x00, 0x00]) == assert KeyEstablishment.parse_response([0x80, 0x01, 0x00, 0x02, 0x00, 0x00]) == {:ok, %{next_protocols: ["NTPv4"]}}
{:ok, %{cookies: 0, next_protocols: ["NTPv4"]}}
end end
test "does not handle next protocol negotiation record without critical bit" do test "does not handle next protocol negotiation record without critical bit" do
assert KeyEstablishment.parse_response([0x00, 0x01, 0x00, 0x02, 0x00, 0x00]) == {:ok, %{cookies: 0}} assert KeyEstablishment.parse_response([0x00, 0x01, 0x00, 0x02, 0x00, 0x00]) == {:ok, %{}}
end end
test "handles empty next protocols" do test "handles empty next protocols" do
assert KeyEstablishment.parse_response([0x80, 0x01, 0x00, 0x00]) == {:ok, %{cookies: 0, next_protocols: []}} assert KeyEstablishment.parse_response([0x80, 0x01, 0x00, 0x00]) == {:ok, %{next_protocols: []}}
end end
test "handles multiple next protocols" do test "handles multiple next protocols" do
assert KeyEstablishment.parse_response([0x80, 0x01, 0x00, 0x06, 0x00, 0x00, 0x00, 0x01, 0x00, 0x00]) == assert KeyEstablishment.parse_response([0x80, 0x01, 0x00, 0x06, 0x00, 0x00, 0x00, 0x01, 0x00, 0x00]) ==
{:ok, %{cookies: 0, next_protocols: ["NTPv4", "UNASSIGNED", "NTPv4"]}} {:ok, %{next_protocols: ["NTPv4", "UNASSIGNED", "NTPv4"]}}
end end
test "handles aead algorithm negotiation record" do test "handles aead algorithm negotiation record" do
assert KeyEstablishment.parse_response([0x80, 0x04, 0x00, 0x02, 0x00, 0x0F]) == assert KeyEstablishment.parse_response([0x80, 0x04, 0x00, 0x02, 0x00, 0x0F]) ==
{:ok, %{cookies: 0, aead_algorithms: ["AEAD_AES_SIV_CMAC_256"]}} {:ok, %{aead_algorithms: ["AEAD_AES_SIV_CMAC_256"]}}
end end
test "handles aead algorithm negotiation record without critical bit" do test "handles aead algorithm negotiation record without critical bit" do
assert KeyEstablishment.parse_response([0x00, 0x04, 0x00, 0x02, 0x00, 0x1E]) == assert KeyEstablishment.parse_response([0x00, 0x04, 0x00, 0x02, 0x00, 0x1E]) ==
{:ok, %{cookies: 0, aead_algorithms: ["AEAD_AES_128_GCM_SIV"]}} {:ok, %{aead_algorithms: ["AEAD_AES_128_GCM_SIV"]}}
end end
test "handles empty aead algorithms" do test "handles empty aead algorithms" do
assert KeyEstablishment.parse_response([0x80, 0x04, 0x00, 0x00]) == {:ok, %{cookies: 0, aead_algorithms: []}} assert KeyEstablishment.parse_response([0x80, 0x04, 0x00, 0x00]) == {:ok, %{aead_algorithms: []}}
end end
test "handles multiple aead algorithms" do test "handles multiple aead algorithms" do
assert KeyEstablishment.parse_response([0x80, 0x04, 0x00, 0x06, 0x00, 0x1E, 0x00, 0x01, 0x00, 0x0F]) == assert KeyEstablishment.parse_response([0x80, 0x04, 0x00, 0x06, 0x00, 0x1E, 0x00, 0x01, 0x00, 0x0F]) ==
{:ok, %{cookies: 0, aead_algorithms: ["AEAD_AES_SIV_CMAC_256", "UNKNOWN", "AEAD_AES_128_GCM_SIV"]}} {:ok, %{aead_algorithms: ["AEAD_AES_SIV_CMAC_256", "UNKNOWN", "AEAD_AES_128_GCM_SIV"]}}
end end
test "handles error record" do test "handles error record" do
assert KeyEstablishment.parse_response([0x80, 0x02, 0x00, 0x02, 0x00, 0x01]) == {:ok, %{cookies: 0, error: "Bad Request"}} assert KeyEstablishment.parse_response([0x80, 0x02, 0x00, 0x02, 0x00, 0x01]) == {:ok, %{error: "Bad Request"}}
end end
test "handles unknown error record" do test "handles unknown error record" do
assert KeyEstablishment.parse_response([0x80, 0x02, 0x00, 0x02, 0x00, 0x99]) == {:ok, %{cookies: 0, error: "153"}} assert KeyEstablishment.parse_response([0x80, 0x02, 0x00, 0x02, 0x00, 0x99]) == {:ok, %{error: "153"}}
end end
test "does not handle error record without critical bit" do test "does not handle error record without critical bit" do
assert KeyEstablishment.parse_response([0x00, 0x02, 0x00, 0x02, 0x00, 0x01]) == {:ok, %{cookies: 0}} assert KeyEstablishment.parse_response([0x00, 0x02, 0x00, 0x02, 0x00, 0x01]) == {:ok, %{}}
end end
test "handles warning record" do test "handles warning record" do
assert KeyEstablishment.parse_response([0x80, 0x03, 0x00, 0x02, 0x00, 0x01]) == {:ok, %{cookies: 0, warning: "1"}} assert KeyEstablishment.parse_response([0x80, 0x03, 0x00, 0x02, 0x00, 0x01]) == {:ok, %{warning: "1"}}
end end
test "does not handle warning record without critical bit" do test "does not handle warning record without critical bit" do
assert KeyEstablishment.parse_response([0x00, 0x03, 0x00, 0x02, 0x00, 0x01]) == {:ok, %{cookies: 0}} assert KeyEstablishment.parse_response([0x00, 0x03, 0x00, 0x02, 0x00, 0x01]) == {:ok, %{}}
end end
test "handles server record" do test "handles server record" do
assert KeyEstablishment.parse_response([0x80, 0x06, 0x00, 0x09, ?1, ?2, ?7, ?., ?0, ?., ?0, ?., ?1]) == assert KeyEstablishment.parse_response([0x80, 0x06, 0x00, 0x09, ?1, ?2, ?7, ?., ?0, ?., ?0, ?., ?1]) ==
{:ok, %{cookies: 0, server: "127.0.0.1"}} {:ok, %{server: "127.0.0.1"}}
end end
test "handles server record without critical bit" do test "handles server record without critical bit" do
assert KeyEstablishment.parse_response([0x00, 0x06, 0x00, 0x09, ?1, ?2, ?7, ?., ?0, ?., ?0, ?., ?1]) == assert KeyEstablishment.parse_response([0x00, 0x06, 0x00, 0x09, ?1, ?2, ?7, ?., ?0, ?., ?0, ?., ?1]) ==
{:ok, %{cookies: 0, server: "127.0.0.1"}} {:ok, %{server: "127.0.0.1"}}
end end
test "handles port record" do test "handles port record" do
assert KeyEstablishment.parse_response([0x80, 0x07, 0x00, 0x02, 0x04, 0xCE]) == {:ok, %{cookies: 0, port: 1230}} assert KeyEstablishment.parse_response([0x80, 0x07, 0x00, 0x02, 0x04, 0xCE]) == {:ok, %{port: 1230}}
end end
test "handles port record without critical bit" do test "handles port record without critical bit" do
assert KeyEstablishment.parse_response([0x00, 0x07, 0x00, 0x02, 0x04, 0xCE]) == {:ok, %{cookies: 0, port: 1230}} assert KeyEstablishment.parse_response([0x00, 0x07, 0x00, 0x02, 0x04, 0xCE]) == {:ok, %{port: 1230}}
end end
test "handles cookie record" do test "handles cookie record" do
assert KeyEstablishment.parse_response([0x80, 0x05, 0x00, 0x0E, ?c, ?h, ?o, ?c, ?o, ?l, ?a, ?t, ?e, ?_, ?c, ?h, ?i, ?p]) == assert KeyEstablishment.parse_response([0x80, 0x05, 0x00, 0x0E, ?c, ?h, ?o, ?c, ?o, ?l, ?a, ?t, ?e, ?_, ?c, ?h, ?i, ?p]) ==
{:ok, %{cookies: 1, cookie_length: 14}} {:ok, %{cookies: ['chocolate_chip'], cookie_length: 14}}
end end
test "handles cookie record without critical bit" do test "handles cookie record without critical bit" do
assert KeyEstablishment.parse_response([0x00, 0x05, 0x00, 0x0E, ?c, ?h, ?o, ?c, ?o, ?l, ?a, ?t, ?e, ?_, ?c, ?h, ?i, ?p]) == assert KeyEstablishment.parse_response([0x00, 0x05, 0x00, 0x0E, ?c, ?h, ?o, ?c, ?o, ?l, ?a, ?t, ?e, ?_, ?c, ?h, ?i, ?p]) ==
{:ok, %{cookies: 1, cookie_length: 14}} {:ok, %{cookies: ['chocolate_chip'], cookie_length: 14}}
end end
test "sets cookie length to longest cookie" do test "sets cookie length to longest cookie" do
@ -107,7 +110,7 @@ defmodule Chronoscope.NTS.KeyEstablishmentTest do
[0x80, 0x05, 0x00, 0x03, ?c, ?c, ?c] ++ [0x80, 0x05, 0x00, 0x03, ?c, ?c, ?c] ++
[0x80, 0x05, 0x00, 0x01, ?c] [0x80, 0x05, 0x00, 0x01, ?c]
) == ) ==
{:ok, %{cookies: 3, cookie_length: 3}} {:ok, %{cookies: ['c', 'ccc', 'c'], cookie_length: 3}}
end end
test "handles full response" do test "handles full response" do
@ -115,13 +118,14 @@ defmodule Chronoscope.NTS.KeyEstablishmentTest do
[0x80, 0x01, 0x00, 0x02, 0x00, 0x00] ++ [0x80, 0x01, 0x00, 0x02, 0x00, 0x00] ++
[0x80, 0x04, 0x00, 0x06, 0x00, 0x1E, 0x00, 0x01, 0x00, 0x0F] ++ [0x80, 0x04, 0x00, 0x06, 0x00, 0x1E, 0x00, 0x01, 0x00, 0x0F] ++
[0x80, 0x05, 0x00, 0x01, ?c] ++ [0x80, 0x05, 0x00, 0x01, ?c] ++
[0x00, 0x21, 0x00, 0x04, 0x00, 0x01, 0x02, 0x03] ++
[0x80, 0x06, 0x00, 0x09, ?1, ?2, ?7, ?., ?0, ?., ?0, ?., ?1] ++ [0x80, 0x06, 0x00, 0x09, ?1, ?2, ?7, ?., ?0, ?., ?0, ?., ?1] ++
[0x80, 0x07, 0x00, 0x02, 0x04, 0xCE] ++ [0x80, 0x07, 0x00, 0x02, 0x04, 0xCE] ++
[0x80, 0x00, 0x00, 0x00] [0x80, 0x00, 0x00, 0x00]
) == ) ==
{:ok, {:ok,
%{ %{
cookies: 1, cookies: ['c'],
aead_algorithms: ["AEAD_AES_SIV_CMAC_256", "UNKNOWN", "AEAD_AES_128_GCM_SIV"], aead_algorithms: ["AEAD_AES_SIV_CMAC_256", "UNKNOWN", "AEAD_AES_128_GCM_SIV"],
cookie_length: 1, cookie_length: 1,
next_protocols: ["NTPv4"], next_protocols: ["NTPv4"],
@ -133,6 +137,7 @@ defmodule Chronoscope.NTS.KeyEstablishmentTest do
test "doesn't read past end of message record" do test "doesn't read past end of message record" do
assert KeyEstablishment.parse_response( assert KeyEstablishment.parse_response(
[0x80, 0x01, 0x00, 0x02, 0x00, 0x00] ++ [0x80, 0x01, 0x00, 0x02, 0x00, 0x00] ++
[0x00, 0x21, 0x00, 0x04, 0x00, 0x01, 0x02, 0x03] ++
[0x80, 0x04, 0x00, 0x02, 0x00, 0x1E] ++ [0x80, 0x04, 0x00, 0x02, 0x00, 0x1E] ++
[0x80, 0x00, 0x00, 0x00] ++ [0x80, 0x00, 0x00, 0x00] ++
[0x80, 0x05, 0x00, 0x01, ?c] ++ [0x80, 0x05, 0x00, 0x01, ?c] ++
@ -141,7 +146,6 @@ defmodule Chronoscope.NTS.KeyEstablishmentTest do
) == ) ==
{:ok, {:ok,
%{ %{
cookies: 0,
aead_algorithms: ["AEAD_AES_128_GCM_SIV"], aead_algorithms: ["AEAD_AES_128_GCM_SIV"],
next_protocols: ["NTPv4"] next_protocols: ["NTPv4"]
}} }}