Adjusted trust signatures to sign the wot command

This commit is contained in:
Kevin F 2022-09-15 01:27:46 -05:00
parent 5bb43326e7
commit 05e04ef557
3 changed files with 36 additions and 19 deletions

View File

@ -7,12 +7,12 @@ import msgpack
if TYPE_CHECKING:
from onionrblocks import Block
from .exceptions import InvalidWotBlock
from exceptions import InvalidWotBlock
class WotCommand(IntEnum):
TRUST = 1
UNTRUST = auto()
REVOKE_TRUST = auto()
ANNOUNCE = auto()
REVOKE = auto()

View File

@ -4,22 +4,27 @@ import logger
from nacl.signing import VerifyKey
from getbykey import get_identity_by_key
from blockprocessingevent import WotCommand
def process_trust_signature(sig_payload: bytes):
if len(sig_payload) != 128:
if len(sig_payload) != 129:
logger.warn(
f'Signature size is invalid for a signed identity')
# verify that this is a signature for a trust command
if sig_payload[0] != WotCommand.TRUST:
logger.warn(
f'Invalid command in signature')
# signer is first 32 bytes
signer = VerifyKey(sig_payload[:32])
signer = VerifyKey(sig_payload[1:33])
# signed is next 32 bytes
signed = sig_payload[32:64]
signed = sig_payload[33:65]
# signature is last 64 bytes
signature = sig_payload[64:]
signature = sig_payload[65:]
# If bad signature, it raises nacl.exceptions.BadSignatureError
signer.verify(signed, signature)
signer.verify(int.to_bytes(sig_payload[0], 1, 'big') + signed, signature)
# if good signature
try:

View File

@ -4,6 +4,7 @@ from time import sleep
from nacl.signing import SigningKey, VerifyKey
import nacl
import secrets
from enum import IntEnum, auto
import onionrblocks
@ -20,8 +21,14 @@ import identity
from identityset import identities
class TrustSignatureProcessing(unittest.TestCase):
class WotCommand(IntEnum):
TRUST = 1
REVOKE_TRUST = auto()
ANNOUNCE = auto()
REVOKE = auto()
class TrustSignatureProcessing(unittest.TestCase):
def test_processing_trust_payload_without_announced_identity(self):
# reset identity set
identities.clear()
@ -31,8 +38,11 @@ class TrustSignatureProcessing(unittest.TestCase):
identities.add(identity.Identity(signing_key.verify_key, "test"))
trust_signature = signing_key.sign(fake_pubkey)
trust_signature_payload = bytes(signing_key.verify_key) + fake_pubkey + \
wot_cmd = int(WotCommand.TRUST).to_bytes(1, 'big')
trust_signature = signing_key.sign(wot_cmd + fake_pubkey)
trust_signature_payload = wot_cmd + \
bytes(signing_key.verify_key) + fake_pubkey + \
trust_signature.signature
for iden in identities:
@ -54,13 +64,15 @@ class TrustSignatureProcessing(unittest.TestCase):
identities.add(identity.Identity(signing_key.verify_key, "test"))
identities.add(identity.Identity(VerifyKey(fake_pubkey), "test2"))
trust_signature = signing_key.sign(fake_pubkey)
trust_signature_payload = bytes(signing_key.verify_key) + fake_pubkey + \
trust_signature.signature
trust_signature_payload = bytearray(trust_signature_payload)
trust_signature_payload[64] = 0
trust_signature_payload = bytes(trust_signature_payload)
wot_cmd = int(WotCommand.TRUST).to_bytes(1, 'big')
trust_signature = signing_key.sign(wot_cmd + fake_pubkey)
trust_signature = bytearray(trust_signature.signature)
trust_signature[34] = 0
trust_signature = bytes(trust_signature)
trust_signature_payload = wot_cmd + bytes(signing_key.verify_key) + fake_pubkey + \
trust_signature
self.assertRaises(
nacl.exceptions.BadSignatureError, identity.process_trust_signature, trust_signature_payload)
@ -84,9 +96,10 @@ class TrustSignatureProcessing(unittest.TestCase):
identities.add(identity.Identity(signing_key.verify_key, "test"))
identities.add(identity.Identity(VerifyKey(fake_pubkey), "test2"))
wot_cmd = int(WotCommand.TRUST).to_bytes(1, 'big')
trust_signature = signing_key.sign(fake_pubkey)
trust_signature_payload = bytes(signing_key.verify_key) + fake_pubkey + \
trust_signature = signing_key.sign(wot_cmd + fake_pubkey)
trust_signature_payload = wot_cmd + bytes(signing_key.verify_key) + fake_pubkey + \
trust_signature.signature
identity.process_trust_signature(trust_signature_payload)
@ -104,7 +117,6 @@ class TrustSignatureProcessing(unittest.TestCase):
raise AssertionError("Signing identity not found")
unittest.main()