fix(RAMF): Encrypt Cargo Collection Requests inside CCAs (#205)

* fix(RAMF): Encrypt Cargo Collection Requests inside CCAs

* delete UnencryptedRAMFMessage

src/main/kotlin/tech/relaycorp/relaynet/messages/CargoCollectionAuthorization.kt

@@ -2,11 +2,11 @@ package tech.relaycorp.relaynet.messages
 
 import java.io.InputStream
 import java.time.ZonedDateTime
-import tech.relaycorp.relaynet.messages.payloads.EmptyPayload
+import tech.relaycorp.relaynet.messages.payloads.CargoCollectionRequest
+import tech.relaycorp.relaynet.ramf.EncryptedRAMFMessage
 import tech.relaycorp.relaynet.ramf.RAMFException
 import tech.relaycorp.relaynet.ramf.RAMFMessageCompanion
 import tech.relaycorp.relaynet.ramf.RAMFSerializer
-import tech.relaycorp.relaynet.ramf.UnencryptedRAMFMessage
 import tech.relaycorp.relaynet.wrappers.x509.Certificate
 
 private val SERIALIZER = RAMFSerializer(0x44, 0x00)
@@ -22,7 +22,7 @@ class CargoCollectionAuthorization(
     creationDate: ZonedDateTime? = null,
     ttl: Int? = null,
     senderCertificateChain: Set<Certificate>? = null
-) : UnencryptedRAMFMessage<EmptyPayload>(
+) : EncryptedRAMFMessage<CargoCollectionRequest>(
     SERIALIZER,
     recipientAddress,
     payload,
@@ -32,7 +32,8 @@ class CargoCollectionAuthorization(
     ttl,
     senderCertificateChain
 ) {
-    override fun deserializePayload() = EmptyPayload.deserialize(payload)
+    override fun deserializePayload(payloadPlaintext: ByteArray) =
+        CargoCollectionRequest.deserialize(payloadPlaintext)
 
     companion object : RAMFMessageCompanion<CargoCollectionAuthorization> {
         /**

src/test/kotlin/tech/relaycorp/relaynet/messages/CargoCollectionAuthorizationTest.kt

@@ -1,10 +1,19 @@
 package tech.relaycorp.relaynet.messages
 
 import kotlin.test.Test
+import kotlin.test.assertEquals
+import kotlinx.coroutines.ExperimentalCoroutinesApi
+import kotlinx.coroutines.test.runBlockingTest
+import org.junit.jupiter.api.BeforeEach
+import tech.relaycorp.relaynet.SessionKeyPair
+import tech.relaycorp.relaynet.messages.payloads.CargoCollectionRequest
 import tech.relaycorp.relaynet.ramf.RAMFSpecializationTestCase
+import tech.relaycorp.relaynet.utils.CDACertPath
 import tech.relaycorp.relaynet.utils.ID_CERTIFICATE
+import tech.relaycorp.relaynet.utils.MockPrivateKeyStore
 import tech.relaycorp.relaynet.wrappers.x509.Certificate
 
+@OptIn(ExperimentalCoroutinesApi::class)
 internal class CargoCollectionAuthorizationTest :
     RAMFSpecializationTestCase<CargoCollectionAuthorization>(
         ::CargoCollectionAuthorization,
@@ -13,12 +22,36 @@ internal class CargoCollectionAuthorizationTest :
         0x00,
         CargoCollectionAuthorization.Companion
     ) {
-    @Test
-    fun `Payload deserialization should be delegated to EmptyPayload`() {
-        val cca = CargoCollectionAuthorization(
-            "https://gb.relaycorp.tech", "".toByteArray(), ID_CERTIFICATE
-        )
+    private val recipientSessionKeyPair = SessionKeyPair.generate()
+    private val senderSessionKeyPair = SessionKeyPair.generate()
 
-        cca.deserializePayload()
+    private val privateKeyStore = MockPrivateKeyStore()
+
+    @BeforeEach
+    fun registerSessionKey() = runBlockingTest {
+        privateKeyStore.saveSessionKey(
+            recipientSessionKeyPair.privateKey,
+            recipientSessionKeyPair.sessionKey.keyId,
+            CDACertPath.PRIVATE_GW.subjectPrivateAddress,
+            CDACertPath.PUBLIC_GW.subjectPrivateAddress,
+        )
     }
+
+    @Test
+    fun `Payload deserialization should be delegated to CargoCollectionRequest`() =
+        runBlockingTest {
+            val ccr = CargoCollectionRequest(CDACertPath.PUBLIC_GW)
+            val cca = CargoCollectionAuthorization(
+                CDACertPath.PUBLIC_GW.subjectPrivateAddress,
+                ccr.encrypt(recipientSessionKeyPair.sessionKey, senderSessionKeyPair),
+                ID_CERTIFICATE
+            )
+
+            val (payloadDeserialized) = cca.unwrapPayload(recipientSessionKeyPair.privateKey)
+
+            assertEquals(
+                ccr.cargoDeliveryAuthorization,
+                payloadDeserialized.cargoDeliveryAuthorization
+            )
+        }
 }