def test_edit_attrib(sdk_pool_handle, sdk_user_wallet_a, sdk_wallet_endorser,
attributeData, looper, attributeName):
_, did_cl = sdk_user_wallet_a
sdk_add_attribute_and_check(looper, sdk_pool_handle, sdk_wallet_endorser,
attributeData, did_cl)
res1 = sdk_get_attribute_and_check(looper, sdk_pool_handle,
sdk_wallet_endorser, did_cl,
attributeName)
assert serialize_msg_for_signing(json.loads(
res1[0][1]['result']['data'])) == serialize_msg_for_signing(
json.loads(attributeData.replace(' ', '')))
data = json.loads(attributeData)
data[attributeName] = {'John': 'Snow'}
data = json.dumps(data)
sdk_add_attribute_and_check(looper, sdk_pool_handle, sdk_wallet_endorser,
data, did_cl)
res2 = sdk_get_attribute_and_check(looper, sdk_pool_handle,
sdk_wallet_endorser, did_cl,
attributeName)
assert serialize_msg_for_signing(json.loads(
res2[0][1]['result']['data'])) == serialize_msg_for_signing(
json.loads(data.replace(' ', '')))
def test_serialize_dicts_with_different_keys():
v1 = serialize_msg_for_signing(
{
1: 'a',
2: {
3: 'b',
4: {
5: {
6: 'c'
}
}
}
})
v2 = serialize_msg_for_signing(
{
1: 'a',
2: {
3: 'b',
},
4: {
5: {
6: 'c'
}
}
})
assert v1 == v2
def test_serialize_complex_ordered_dict():
assert b'1:a|2:3:b|4:c' == serialize_msg_for_signing(
OrderedDict([('1', 'a'), ('2', OrderedDict([
('3', 'b'),
('4', 'c'),
]))]))
assert b'1:a|2:3:b|4:c' == serialize_msg_for_signing(
OrderedDict([
('2', OrderedDict([
('4', 'c'),
('3', 'b'),
])),
('1', 'a'),
]))
def test_serialize_complex_dict():
assert b'1:a|2:3:b|2:4:5:6:c' == serialize_msg_for_signing(
{
1: 'a',
2: {
3: 'b',
4: {
5: {
6: 'c'
}
}
}
})
assert b'1:a|2:3:b|2:4:5:6:c' == serialize_msg_for_signing(
{
'1': 'a',
'2': {
'3': 'b',
'4': {
'5': {
'6': 'c'
}
}
}
})
v = serialize_msg_for_signing(
{
'1': 'a',
'2': 'b',
'3': {
'4': 'c',
'5': 'd',
'6': {
'7': {
'8': 'e',
'9': 'f'
},
'10': {
'11': 'g',
'12': 'h'
}
},
'13': {
'13': {
'13': 'i',
}
}
}
})
assert b'1:a|2:b|3:4:c|3:5:d|3:6:7:8:e|3:6:7:9:f|3:6:10:11:g|3:6:10:12:h|3:13:13:13:i' == v
def test_serialize_dicts_with_different_keys():
v1 = serialize_msg_for_signing({1: 'a', 2: {3: 'b', 4: {5: {6: 'c'}}}})
v2 = serialize_msg_for_signing({
1: 'a',
2: {
3: 'b',
},
4: {
5: {
6: 'c'
}
}
})
assert v1 == v2
def verify_signtures_on_payments(inputs, outputs, signatures, verifier,
*extra_fields_for_signing):
correct_sigs_from = []
for inp, sig in zip(inputs, signatures):
try:
sig = base58.b58decode(sig)
except Exception as ex:
raise InvalidSignatureFormat from ex
new_data = [inp, outputs]
new_data.extend(extra_fields_for_signing)
idr = inp[ADDRESS]
ser = serialize_msg_for_signing(new_data)
try:
verkey = address_to_verkey(idr)
except ValueError:
continue
vr = verifier(verkey)
if vr.verify(sig, ser):
correct_sigs_from.append(idr)
if len(correct_sigs_from) != len(inputs):
# All inputs should have signatures present
raise InsufficientCorrectSignatures(len(correct_sigs_from),
len(inputs))
return correct_sigs_from
def verifySignature(self, msg: Dict[str, str]):
signature = msg.get(f.SIG.nm)
identifier = msg.get(IDENTIFIER)
msgWithoutSig = {k: v for k, v in msg.items() if k != f.SIG.nm}
# TODO This assumes the current key is the cryptonym. This is a BAD
# ASSUMPTION!!! Indy needs to provide the current key.
ser = serialize_msg_for_signing(msgWithoutSig)
signature = b58decode(signature.encode())
typ = msg.get(TYPE)
# TODO: Maybe keeping ACCEPT_INVITE open is a better option than keeping
# an if condition here?
if typ == ACCEPT_INVITE:
verkey = msg.get(VERKEY)
else:
try:
link = self.getLinkForMsg(msg)
verkey = self.getVerkeyForLink(link)
except (ConnectionNotFound, VerkeyNotFound):
# This is for verification of `NOTIFY` events
link = self.wallet.getConnectionBy(remote=identifier)
# TODO: If verkey is None, it should be fetched from Indy.
# Assuming CID for now.
verkey = link.remoteVerkey
v = DidVerifier(verkey, identifier=identifier)
if not v.verify(signature, ser):
raise SignatureRejected
else:
if typ == ACCEPT_INVITE:
self.logger.info('Signature accepted.')
return True
def verifySig(identifier, signature, msg) -> bool:
key = cryptonymToHex(identifier) if not isHex(identifier) else identifier
ser = serialize_msg_for_signing(msg)
b64sig = signature.encode('utf-8')
sig = b58decode(b64sig)
vr = Verifier(key)
return vr.verify(sig, ser)
def verifySignature(self, msg: Dict[str, str]):
signature = msg.get(f.SIG.nm)
identifier = msg.get(IDENTIFIER)
msgWithoutSig = {k: v for k, v in msg.items() if k != f.SIG.nm}
# TODO This assumes the current key is the cryptonym. This is a BAD
# ASSUMPTION!!! Indy needs to provide the current key.
ser = serialize_msg_for_signing(msgWithoutSig)
signature = b58decode(signature.encode())
typ = msg.get(TYPE)
# TODO: Maybe keeping ACCEPT_INVITE open is a better option than keeping
# an if condition here?
if typ == ACCEPT_INVITE:
verkey = msg.get(VERKEY)
else:
try:
link = self.getLinkForMsg(msg)
verkey = self.getVerkeyForLink(link)
except (ConnectionNotFound, VerkeyNotFound):
# This is for verification of `NOTIFY` events
link = self.wallet.getConnectionBy(remote=identifier)
# TODO: If verkey is None, it should be fetched from Indy.
# Assuming CID for now.
verkey = link.remoteVerkey
v = DidVerifier(verkey, identifier=identifier)
if not v.verify(signature, ser):
raise SignatureRejected
else:
if typ == ACCEPT_INVITE:
self.logger.info('Signature accepted.')
return True
def test_serialize_complex_dict():
assert b'1:a|2:3:b|2:4:5:6:c' == serialize_msg_for_signing({
1: 'a',
2: {
3: 'b',
4: {
5: {
6: 'c'
}
}
}
})
assert b'1:a|2:3:b|2:4:5:6:c' == serialize_msg_for_signing({
'1': 'a',
'2': {
'3': 'b',
'4': {
'5': {
'6': 'c'
}
}
}
})
v = serialize_msg_for_signing({
'1': 'a',
'2': 'b',
'3': {
'4': 'c',
'5': 'd',
'6': {
'7': {
'8': 'e',
'9': 'f'
},
'10': {
'11': 'g',
'12': 'h'
}
},
'13': {
'13': {
'13': 'i',
}
}
}
})
assert b'1:a|2:b|3:4:c|3:5:d|3:6:7:8:e|3:6:7:9:f|3:6:10:11:g|3:6:10:12:h|3:13:13:13:i' == v
def sign(self, msg: Dict) -> Dict:
"""
Return a signature for the given message.
"""
ser = serialize_msg_for_signing(msg, topLevelKeysToIgnore=[f.SIG.nm])
bsig = self.naclSigner.signature(ser)
sig = base58.b58encode(bsig).decode("utf-8")
return sig
def test_serialize_complex_ordered_dict():
assert b'1:a|2:3:b|4:c' == serialize_msg_for_signing(
OrderedDict([
('1', 'a'),
('2', OrderedDict([
('3', 'b'),
('4', 'c'),
]))
]))
assert b'1:a|2:3:b|4:c' == serialize_msg_for_signing(
OrderedDict([
('2', OrderedDict([
('4', 'c'),
('3', 'b'),
])),
('1', 'a'),
]))
def test_serialize_dict_with_array():
assert b"1:a|2:b|3:1,2:k" == serialize_msg_for_signing({
1: 'a',
2: 'b',
3: [1, {
2: 'k'
}]
})
assert b"1:a|2:b|3:1,2:k" == serialize_msg_for_signing({
'1':
'a',
'2':
'b',
'3': ['1', {
'2': 'k'
}]
})
def sign(self, msg: Dict) -> Dict:
"""
Return a signature for the given message.
"""
ser = serialize_msg_for_signing(msg, topLevelKeysToIgnore=[f.SIG.nm])
bsig = self.naclSigner.signature(ser)
sig = base58.b58encode(bsig)
return sig
def put_into_seq_no_db(txn):
# If there is no reqId, then it's genesis txn
if get_req_id(txn) is None:
return
txn_new = copy.deepcopy(txn)
operation = get_payload_data(txn_new)
operation[TXN_TYPE] = get_type(txn_new)
dct = {
f.IDENTIFIER.nm: get_from(txn_new),
f.REQ_ID.nm: get_req_id(txn_new),
OPERATION: operation,
}
if get_protocol_version(txn_new) is not None:
dct[f.PROTOCOL_VERSION.nm] = get_protocol_version(txn_new)
digest = sha256(serialize_msg_for_signing(dct)).hexdigest()
seq_no = get_seq_no(txn_new)
ledger_id = get_ledger_id_by_txn_type(operation[TXN_TYPE])
line_to_record = str(ledger_id) + ReqIdrToTxn.delimiter + str(seq_no)
dest_seq_no_db_storage.put(digest, line_to_record)
return digest
def put_into_seq_no_db(txn):
# If there is no reqId, then it's genesis txn
if get_req_id(txn) is None:
return
txn_new = copy.deepcopy(txn)
operation = get_payload_data(txn_new)
operation[TXN_TYPE] = get_type(txn_new)
dct = {
f.IDENTIFIER.nm: get_from(txn_new),
f.REQ_ID.nm: get_req_id(txn_new),
OPERATION: operation,
}
if get_protocol_version(txn_new) is not None:
dct[f.PROTOCOL_VERSION.nm] = get_protocol_version(txn_new)
digest = sha256(serialize_msg_for_signing(dct)).hexdigest().encode()
seq_no = get_seq_no(txn_new)
ledger_id = get_ledger_id_by_txn_type(operation[TXN_TYPE])
line_to_record = str(ledger_id) + ReqIdrToTxn.delimiter + str(seq_no)
dest_seq_no_db_storage.put(digest, line_to_record)
return digest
def _do_checkpoint(self, state, s, e, ledger_id, view_no):
# TODO CheckpointState/Checkpoint is not a namedtuple anymore
# 1. check if updateNamedTuple works for the new message type
# 2. choose another name
state = updateNamedTuple(state,
digest=sha256(
serialize_msg_for_signing(
state.digests)).hexdigest(),
digests=[])
self._checkpoint_state[s, e] = state
self._logger.info(
"{} sending Checkpoint {} view {} checkpointState digest {}. Ledger {} "
"txn root hash {}. Committed state root hash {} Uncommitted state root hash {}"
.format(
self, (s, e), view_no, state.digest, ledger_id,
self._db_manager.get_txn_root_hash(ledger_id),
self._db_manager.get_state_root_hash(ledger_id,
committed=True),
self._db_manager.get_state_root_hash(ledger_id,
committed=False)))
checkpoint = Checkpoint(self._data.inst_id, view_no, s, e,
state.digest)
self._network.send(checkpoint)
self._data.checkpoints.append(checkpoint)
def verifyMsg(self, sig, msg: Dict):
ser = serialize_msg_for_signing(msg)
return self.verify(sig, ser)
def test_serialize_none():
assert b"" == serialize_msg_for_signing(None)
def test_serialize_int():
assert b"1" == serialize_msg_for_signing(1)
def serializeForSig(self, msg, identifier=None, topLevelKeysToIgnore=None):
if not msg.get(f.IDENTIFIER.nm):
msg = {**msg, f.IDENTIFIER.nm: identifier}
return serialize_msg_for_signing(
msg, topLevelKeysToIgnore=topLevelKeysToIgnore)
def test_serialize_int():
assert b"1" == serialize_msg_for_signing(1)
def serializeForSig(self, msg, identifier=None, topLevelKeysToIgnore=None):
return serialize_msg_for_signing(
msg, topLevelKeysToIgnore=topLevelKeysToIgnore)
def serialized(self):
return serialize_msg_for_signing(self.__getstate__())
def test_serialize_str():
assert b"aaa" == serialize_msg_for_signing("aaa")
def test_serialize_ordered_dict():
v1 = OrderedDict([('1', 'a'), ('2', 'b')])
v2 = OrderedDict([('2', 'b'), ('1', 'a')])
assert b"1:a|2:b" == serialize_msg_for_signing(v1)
assert b"1:a|2:b" == serialize_msg_for_signing(v2)
def getDigest(self):
return sha256(serialize_msg_for_signing(self.signingState)).hexdigest()
def test_serialize_ordered_dict():
v1 = OrderedDict([('1', 'a'), ('2', 'b')])
v2 = OrderedDict([('2', 'b'), ('1', 'a')])
assert b"1:a|2:b" == serialize_msg_for_signing(v1)
assert b"1:a|2:b" == serialize_msg_for_signing(v2)
def serialized(self):
return serialize_msg_for_signing(self.__getstate__())
def test_serialize_dict_with_array():
assert b"1:a|2:b|3:1,2:k" == serialize_msg_for_signing({1: 'a', 2: 'b', 3: [1, {2: 'k'}]})
assert b"1:a|2:b|3:1,2:k" == serialize_msg_for_signing({'1': 'a', '2': 'b', '3': ['1', {'2': 'k'}]})
def serializeForSig(self, msg, identifier=None, topLevelKeysToIgnore=None):
return serialize_msg_for_signing(
msg, topLevelKeysToIgnore=topLevelKeysToIgnore)
def test_serialize_simple_dict():
assert b"1:a|2:b" == serialize_msg_for_signing({1: 'a', 2: 'b'})
assert b"1:a|2:b" == serialize_msg_for_signing({"2": 'b', "1": 'a'})
def test_serialize_array():
assert b"1,5,3,4,2" == serialize_msg_for_signing([1, 5, 3, 4, 2])
def getPayloadDigest(self):
return sha256(serialize_msg_for_signing(self.signingPayloadState())).hexdigest()
def getDigest(self):
return sha256(serialize_msg_for_signing(self.signingState())).hexdigest()
def test_serialize_none():
assert b"" == serialize_msg_for_signing(None)
def test_serialize_simple_dict():
assert b"1:a|2:b" == serialize_msg_for_signing({1: 'a', 2: 'b'})
assert b"1:a|2:b" == serialize_msg_for_signing({"2": 'b', "1": 'a'})
def test_serialize_array():
assert b"1,5,3,4,2" == serialize_msg_for_signing([1, 5, 3, 4, 2])
def serializeForSig(self, msg, identifier=None, topLevelKeysToIgnore=None):
if not msg.get(f.IDENTIFIER.nm):
msg = {**msg, f.IDENTIFIER.nm: identifier}
return serialize_msg_for_signing(
msg, topLevelKeysToIgnore=topLevelKeysToIgnore)
def test_serialize_str():
assert b"aaa" == serialize_msg_for_signing("aaa")
