Adjusted trust signatures to sign the wot command
This commit is contained in:
parent
5bb43326e7
commit
05e04ef557
@ -7,12 +7,12 @@ import msgpack
|
||||
if TYPE_CHECKING:
|
||||
from onionrblocks import Block
|
||||
|
||||
from .exceptions import InvalidWotBlock
|
||||
from exceptions import InvalidWotBlock
|
||||
|
||||
|
||||
class WotCommand(IntEnum):
|
||||
TRUST = 1
|
||||
UNTRUST = auto()
|
||||
REVOKE_TRUST = auto()
|
||||
ANNOUNCE = auto()
|
||||
REVOKE = auto()
|
||||
|
||||
|
@ -4,22 +4,27 @@ import logger
|
||||
from nacl.signing import VerifyKey
|
||||
|
||||
from getbykey import get_identity_by_key
|
||||
from blockprocessingevent import WotCommand
|
||||
|
||||
|
||||
def process_trust_signature(sig_payload: bytes):
|
||||
if len(sig_payload) != 128:
|
||||
if len(sig_payload) != 129:
|
||||
logger.warn(
|
||||
f'Signature size is invalid for a signed identity')
|
||||
|
||||
# verify that this is a signature for a trust command
|
||||
if sig_payload[0] != WotCommand.TRUST:
|
||||
logger.warn(
|
||||
f'Invalid command in signature')
|
||||
# signer is first 32 bytes
|
||||
signer = VerifyKey(sig_payload[:32])
|
||||
signer = VerifyKey(sig_payload[1:33])
|
||||
# signed is next 32 bytes
|
||||
signed = sig_payload[32:64]
|
||||
signed = sig_payload[33:65]
|
||||
# signature is last 64 bytes
|
||||
signature = sig_payload[64:]
|
||||
signature = sig_payload[65:]
|
||||
|
||||
# If bad signature, it raises nacl.exceptions.BadSignatureError
|
||||
signer.verify(signed, signature)
|
||||
signer.verify(int.to_bytes(sig_payload[0], 1, 'big') + signed, signature)
|
||||
|
||||
# if good signature
|
||||
try:
|
||||
|
@ -4,6 +4,7 @@ from time import sleep
|
||||
from nacl.signing import SigningKey, VerifyKey
|
||||
import nacl
|
||||
import secrets
|
||||
from enum import IntEnum, auto
|
||||
import onionrblocks
|
||||
|
||||
|
||||
@ -20,8 +21,14 @@ import identity
|
||||
from identityset import identities
|
||||
|
||||
|
||||
class TrustSignatureProcessing(unittest.TestCase):
|
||||
class WotCommand(IntEnum):
|
||||
TRUST = 1
|
||||
REVOKE_TRUST = auto()
|
||||
ANNOUNCE = auto()
|
||||
REVOKE = auto()
|
||||
|
||||
|
||||
class TrustSignatureProcessing(unittest.TestCase):
|
||||
def test_processing_trust_payload_without_announced_identity(self):
|
||||
# reset identity set
|
||||
identities.clear()
|
||||
@ -31,8 +38,11 @@ class TrustSignatureProcessing(unittest.TestCase):
|
||||
|
||||
identities.add(identity.Identity(signing_key.verify_key, "test"))
|
||||
|
||||
trust_signature = signing_key.sign(fake_pubkey)
|
||||
trust_signature_payload = bytes(signing_key.verify_key) + fake_pubkey + \
|
||||
wot_cmd = int(WotCommand.TRUST).to_bytes(1, 'big')
|
||||
|
||||
trust_signature = signing_key.sign(wot_cmd + fake_pubkey)
|
||||
trust_signature_payload = wot_cmd + \
|
||||
bytes(signing_key.verify_key) + fake_pubkey + \
|
||||
trust_signature.signature
|
||||
|
||||
for iden in identities:
|
||||
@ -54,13 +64,15 @@ class TrustSignatureProcessing(unittest.TestCase):
|
||||
identities.add(identity.Identity(signing_key.verify_key, "test"))
|
||||
identities.add(identity.Identity(VerifyKey(fake_pubkey), "test2"))
|
||||
|
||||
trust_signature = signing_key.sign(fake_pubkey)
|
||||
trust_signature_payload = bytes(signing_key.verify_key) + fake_pubkey + \
|
||||
trust_signature.signature
|
||||
trust_signature_payload = bytearray(trust_signature_payload)
|
||||
trust_signature_payload[64] = 0
|
||||
trust_signature_payload = bytes(trust_signature_payload)
|
||||
wot_cmd = int(WotCommand.TRUST).to_bytes(1, 'big')
|
||||
|
||||
trust_signature = signing_key.sign(wot_cmd + fake_pubkey)
|
||||
|
||||
trust_signature = bytearray(trust_signature.signature)
|
||||
trust_signature[34] = 0
|
||||
trust_signature = bytes(trust_signature)
|
||||
trust_signature_payload = wot_cmd + bytes(signing_key.verify_key) + fake_pubkey + \
|
||||
trust_signature
|
||||
|
||||
self.assertRaises(
|
||||
nacl.exceptions.BadSignatureError, identity.process_trust_signature, trust_signature_payload)
|
||||
@ -84,9 +96,10 @@ class TrustSignatureProcessing(unittest.TestCase):
|
||||
identities.add(identity.Identity(signing_key.verify_key, "test"))
|
||||
identities.add(identity.Identity(VerifyKey(fake_pubkey), "test2"))
|
||||
|
||||
wot_cmd = int(WotCommand.TRUST).to_bytes(1, 'big')
|
||||
|
||||
trust_signature = signing_key.sign(fake_pubkey)
|
||||
trust_signature_payload = bytes(signing_key.verify_key) + fake_pubkey + \
|
||||
trust_signature = signing_key.sign(wot_cmd + fake_pubkey)
|
||||
trust_signature_payload = wot_cmd + bytes(signing_key.verify_key) + fake_pubkey + \
|
||||
trust_signature.signature
|
||||
|
||||
identity.process_trust_signature(trust_signature_payload)
|
||||
@ -104,7 +117,6 @@ class TrustSignatureProcessing(unittest.TestCase):
|
||||
raise AssertionError("Signing identity not found")
|
||||
|
||||
|
||||
|
||||
unittest.main()
|
||||
|
||||
|
||||
|
Loading…
Reference in New Issue
Block a user