Ejemplo n.º 1
0
def testGeneratedRequestSequencing(tdir_for_func):
    """
    Request ids must be generated in an increasing order
    """
    with TestNodeSet(count=4, tmpdir=tdir_for_func) as nodeSet:
        w = Wallet("test")
        w.addIdentifier()

        operation = randomOperation()

        request = w.signOp(operation)
        assert request.reqId == 1

        request = w.signOp(operation)
        assert request.reqId == 2

        request = w.signOp(randomOperation())
        assert request.reqId == 3

        idr, _ = w.addIdentifier()

        request = w.signOp(randomOperation(), idr)
        assert request.reqId == 1

        request = w.signOp(randomOperation())
        assert request.reqId == 4
Ejemplo n.º 2
0
def testGeneratedRequestSequencing(tdir_for_func):
    """
    Request ids must be generated in an increasing order
    """
    with TestNodeSet(count=4, tmpdir=tdir_for_func) as nodeSet:
        w = Wallet("test")
        w.addIdentifier()

        operation = randomOperation()

        request = w.signOp(operation)
        assert request.reqId == 1

        request = w.signOp(operation)
        assert request.reqId == 2

        request = w.signOp(randomOperation())
        assert request.reqId == 3

        idr, _ = w.addIdentifier()

        request = w.signOp(randomOperation(), idr)
        assert request.reqId == 1

        request = w.signOp(randomOperation())
        assert request.reqId == 4
Ejemplo n.º 3
0
def test_wallet_multisig():
    wallet = Wallet()
    idr1, signer1 = wallet.addIdentifier()
    idr2, signer2 = wallet.addIdentifier()
    idr3, signer3 = wallet.addIdentifier()
    authnr = CoreAuthNr()
    for idr, signer in [(idr1, signer1), (idr2, signer2), (idr3, signer3)]:
        authnr.addIdr(idr, signer.verkey)

    def serz(req):
        return {k: v for k, v in req.as_dict.items()
                if k not in authnr.excluded_from_signing}

    op = randomOperation()
    req = wallet.sign_using_multi_sig(op=op, identifier=idr1)
    assert len(req.signatures) == 1
    req_data = serz(req)
    assert set(authnr.authenticate_multi(req_data, req.signatures, 1)) == {idr1, }
    with pytest.raises(InsufficientSignatures):
        authnr.authenticate_multi(req_data, req.signatures, 2)

    req = wallet.sign_using_multi_sig(request=req, identifier=idr2)
    assert len(req.signatures) == 2
    req_data = serz(req)
    assert set(authnr.authenticate_multi(req_data, req.signatures, 2)) == {idr1,
                                                                           idr2}
    with pytest.raises(InsufficientSignatures):
        authnr.authenticate_multi(req_data, req.signatures, 3)

    wallet.do_multi_sig_on_req(req, identifier=idr3)
    assert len(req.signatures) == 3
    req_data = serz(req)
    assert set(authnr.authenticate_multi(req_data, req.signatures, 3)) == {idr1,
                                                                           idr2,
                                                                           idr3}
Ejemplo n.º 4
0
def test_make_result_no_protocol_version(looper, txnPoolNodeSet):
    request = SafeRequest(identifier="1" * 16,
                          reqId=1,
                          operation=randomOperation(),
                          signature="signature")
    request.protocolVersion = False
    check_result(txnPoolNodeSet, request, False)
def build_req_multi_signed_by_non_author_only(author_role, non_author_role):
    return Request(
        identifier=get_idr_by_role_author(author_role),
        reqId=1,
        operation=randomOperation(),
        signatures={get_idr_by_role_endorser(non_author_role): "sig"},
        protocolVersion=CURRENT_PROTOCOL_VERSION)
def build_req_signed_by_author_only(author_role):
    idr = get_idr_by_role_author(author_role)
    return Request(identifier=idr,
                   reqId=1,
                   operation=randomOperation(),
                   signature="sig2",
                   protocolVersion=CURRENT_PROTOCOL_VERSION)
Ejemplo n.º 7
0
def build_req_and_action(action: Action):
    sig = None
    sigs = None
    identifier = IDENTIFIERS[action.author][0]
    endorser_did = None

    # if there is only 1 sig from the Author - use `signature` instead of `signatures`
    if len(action.sigs) == 1 and next(iter(action.sigs.values())) == 1 and next(
            iter(action.sigs.keys())) == action.author:
        sig = 'signature'
    else:
        sigs = {IDENTIFIERS[role][i]: 'signature' for role, sig_count in action.sigs.items() for i in
                range(sig_count)}

    if action.endorser is not None:
        endorser_did = IDENTIFIERS[action.endorser][0]

    operation = randomOperation()
    if action.amount is not None:
        operation[PLUGIN_FIELD] = action.amount

    req = Request(identifier=identifier,
                  operation=operation,
                  signature=sig,
                  signatures=sigs,
                  endorser=endorser_did)
    action = AuthActionAdd(txn_type=req.operation[TYPE],
                           field='some_field',
                           value='new_value',
                           is_owner=action.is_owner)

    return req, [action]
Ejemplo n.º 8
0
def test_make_result_no_protocol_version_in_request_by_default(
        looper, txnPoolNodeSet, client1, client1Connected, wallet1):
    request = SafeRequest(identifier="1" * 16,
                          reqId=1,
                          operation=randomOperation(),
                          signature="signature")
    check_result(txnPoolNodeSet, request, client1, False)
Ejemplo n.º 9
0
    async def go(ctx):
        client1, wallet = genTestClient(ctx.nodeset, tmpdir=ctx.tmpdir)

        # remove the client's ability to sign
        assert wallet.defaultId

        ctx.looper.add(client1)
        await client1.ensureConnectedToNodes()

        request = wallet.signOp(op=randomOperation())
        request.signature = None
        request = client1.submitReqs(request)[0][0]
        timeout = waits.expectedClientRequestPropagationTime(nodeCount)

        with pytest.raises(AssertionError):
            for node in ctx.nodeset:
                await eventually(checkLastClientReqForNode,
                                 node,
                                 request,
                                 retryWait=1,
                                 timeout=timeout)

        for n in ctx.nodeset:
            params = n.spylog.getLastParams(Node.handleInvalidClientMsg)
            ex = params['ex']
            msg, _ = params['wrappedMsg']
            assert isinstance(ex, MissingSignature)
            assert msg.get(f.IDENTIFIER.nm) == request.identifier

            params = n.spylog.getLastParams(Node.discard)
            reason = params["reason"]
            (msg, frm) = params["msg"]
            assert msg == request.as_dict
            assert msg.get(f.IDENTIFIER.nm) == request.identifier
            assert "MissingSignature" in reason
Ejemplo n.º 10
0
    async def go(ctx):
        client1, wallet = genTestClient(ctx.nodeset, tmpdir=ctx.tmpdir)

        # remove the client's ability to sign
        assert wallet.defaultId

        ctx.looper.add(client1)
        await client1.ensureConnectedToNodes()

        request = wallet.signOp(op=randomOperation())
        request.signature = None
        request = client1.submitReqs(request)[0]
        with pytest.raises(AssertionError):
            for node in ctx.nodeset:
                await eventually(checkLastClientReqForNode,
                                 node,
                                 request,
                                 retryWait=1,
                                 timeout=10)

        for n in ctx.nodeset:
            params = n.spylog.getLastParams(Node.handleInvalidClientMsg)
            ex = params['ex']
            _, frm = params['wrappedMsg']
            assert isinstance(ex, EmptySignature)
            assert frm == client1.stackName

            params = n.spylog.getLastParams(Node.discard)
            reason = params["reason"]
            (msg, frm) = params["msg"]
            assert msg == request.__dict__
            assert frm == client1.stackName
            assert "EmptySignature" in reason
Ejemplo n.º 11
0
    async def go(ctx):
        client1 = genTestClient(ctx.nodeset, tmpdir=ctx.tmpdir)

        # remove the client's ability to sign
        assert client1.getSigner()
        client1.signers[client1.defaultIdentifier] = None
        assert not client1.getSigner()

        ctx.looper.add(client1)
        await client1.ensureConnectedToNodes()

        operation = randomOperation()
        request = client1.submit(operation)[0]

        with pytest.raises(AssertionError):
            for node in ctx.nodeset:
                await eventually(
                        checkLastClientReqForNode, node, request,
                        retryWait=1, timeout=10)

        for n in ctx.nodeset:
            params = n.spylog.getLastParams(Node.reportSuspiciousClient)
            frm = params['clientName']
            reason = params['reason']

            assert frm == client1.name
            assert isinstance(reason, EmptySignature)

            params = n.spylog.getLastParams(Node.discard)
            reason = params["reason"]
            (msg, frm) = params["msg"]
            assert msg == request.__dict__
            assert frm == client1.name
            assert isinstance(reason, EmptySignature)
Ejemplo n.º 12
0
def build_req_and_action(signatures, need_to_be_owner, amount=None):
    sig = None
    sigs = None
    identifier = None

    if signatures:
        role = next(iter(signatures.keys()))
        identifier = IDENTIFIERS[role][0]

    if len(signatures) == 1 and next(iter(signatures.values())) == 1:
        sig = 'signature'
    else:
        sigs = {
            IDENTIFIERS[role][i]: 'signature'
            for role, sig_count in signatures.items() for i in range(sig_count)
        }

    operation = randomOperation()
    if amount is not None:
        operation[PLUGIN_FIELD] = amount

    req = Request(identifier=identifier,
                  operation=operation,
                  signature=sig,
                  signatures=sigs)
    action = AuthActionAdd(txn_type=req.operation[TYPE],
                           field='some_field',
                           value='new_value',
                           is_owner=need_to_be_owner)

    return req, [action]
Ejemplo n.º 13
0
    async def go(ctx):
        client1, wallet = genTestClient(ctx.nodeset, tmpdir=ctx.tmpdir)

        # remove the client's ability to sign
        assert wallet.defaultId

        ctx.looper.add(client1)
        await client1.ensureConnectedToNodes()

        request = wallet.signOp(op=randomOperation())
        request.signature = None
        request = client1.submitReqs(request)[0]
        with pytest.raises(AssertionError):
            for node in ctx.nodeset:
                await eventually(
                        checkLastClientReqForNode, node, request,
                        retryWait=1, timeout=10)

        for n in ctx.nodeset:
            params = n.spylog.getLastParams(Node.handleInvalidClientMsg)
            ex = params['ex']
            _, frm = params['wrappedMsg']
            assert isinstance(ex, EmptySignature)
            assert frm == client1.stackName

            params = n.spylog.getLastParams(Node.discard)
            reason = params["reason"]
            (msg, frm) = params["msg"]
            assert msg == request.__dict__
            assert frm == client1.stackName
            assert "EmptySignature" in reason
Ejemplo n.º 14
0
def test_make_result_no_protocol_version(looper, txnPoolNodeSet):
    request = SafeRequest(identifier="1" * 16,
                          reqId=1,
                          operation=randomOperation(),
                          signature="signature",
                          protocolVersion=CURRENT_PROTOCOL_VERSION)
    request.protocolVersion = None
    check_result(txnPoolNodeSet, request, False)
Ejemplo n.º 15
0
def test_make_result_protocol_version_less_than_state_proof(
        looper, txnPoolNodeSet, client1, client1Connected, wallet1):
    request = SafeRequest(identifier="1" * 16,
                          reqId=1,
                          operation=randomOperation(),
                          signature="signature")
    request.protocolVersion = 0
    check_result(txnPoolNodeSet, request, client1, False)
Ejemplo n.º 16
0
def testReplyMatchesRequest(looper, nodeSet, tdir, up):
    '''
    This tests does check following things:
      - wallet works correctly when used by multiple clients
      - clients do receive responses for exactly the same request they sent
    '''

    def makeClient(id):
        client, wallet = genTestClient(nodeSet,
                                       tmpdir=tdir,
                                       name="client-{}".format(id))
        looper.add(client)
        looper.run(client.ensureConnectedToNodes())
        return client, wallet

    # creating clients
    numOfClients = 3
    numOfRequests = 1

    clients = set()
    sharedWallet = None
    for i in range(numOfClients):
        client, wallet = makeClient(i)
        if sharedWallet is None:
            sharedWallet = wallet
        clients.add(client)

    for i in range(1, numOfRequests + 1):

        # sending requests
        requests = {}
        for client in clients:
            op = randomOperation()
            req = sharedWallet.signOp(op)

            request = client.submitReqs(req)[0]
            requests[client] = (request.reqId, request.operation['amount'])

        # checking results
        for client, (reqId, sentAmount) in requests.items():
            looper.run(eventually(checkResponseRecvdFromNodes,
                                  client,
                                  2 * nodeCount * i,
                                  reqId,
                                  retryWait=1,
                                  timeout=25))

            print("Expected amount for request {} is {}".
                  format(reqId, sentAmount))

            replies = [r[0]['result']['amount']
                       for r in client.inBox
                       if r[0]['op'] == 'REPLY'
                       and r[0]['result']['reqId'] == reqId]

            assert all(replies[0] == r for r in replies)
            assert replies[0] == sentAmount
Ejemplo n.º 17
0
def testReplyMatchesRequest(looper, nodeSet, tdir, up):
    '''
    This tests does check following things:
      - wallet works correctly when used by multiple clients
      - clients do receive responses for exactly the same request they sent
    '''
    def makeClient(id):
        client, wallet = genTestClient(nodeSet,
                                       tmpdir=tdir,
                                       name="client-{}".format(id))
        looper.add(client)
        looper.run(client.ensureConnectedToNodes())
        return client, wallet

    # creating clients
    numOfClients = 3
    numOfRequests = 1

    clients = set()
    sharedWallet = None
    for i in range(numOfClients):
        client, wallet = makeClient(i)
        if sharedWallet is None:
            sharedWallet = wallet
        clients.add(client)

    for i in range(1, numOfRequests + 1):

        # sending requests
        requests = {}
        for client in clients:
            op = randomOperation()
            req = sharedWallet.signOp(op)

            request = client.submitReqs(req)[0]
            requests[client] = (request.reqId, request.operation['amount'])

        # checking results
        for client, (reqId, sentAmount) in requests.items():
            looper.run(
                eventually(checkResponseRecvdFromNodes,
                           client,
                           nodeCount,
                           reqId,
                           retryWait=1,
                           timeout=25))

            print("Expected amount for request {} is {}".format(
                reqId, sentAmount))

            replies = [
                r[0]['result']['amount'] for r in client.inBox
                if r[0]['op'] == 'REPLY' and r[0]['result']['reqId'] == reqId
            ]

            assert all(replies[0] == r for r in replies)
            assert replies[0] == sentAmount
Ejemplo n.º 18
0
def test_make_result_protocol_version_less_than_state_proof(
        looper, txnPoolNodeSet):
    request = SafeRequest(identifier="1" * 16,
                          reqId=1,
                          operation=randomOperation(),
                          signature="signature",
                          protocolVersion=CURRENT_PROTOCOL_VERSION)
    request.protocolVersion = 0
    check_result(txnPoolNodeSet, request, False)
Ejemplo n.º 19
0
def build_req_multi_signed_by_endorser(author_role, endorser_role=ENDORSER, append_endorser=False):
    author_idr = get_idr_by_role(author_role) if author_role != IDENTITY_OWNER else "author_no_role"
    endorser_idr = get_idr_by_role(endorser_role)
    req = Request(identifier=author_idr,
                  reqId=1,
                  operation=randomOperation(),
                  signatures={endorser_idr: "sig1", author_idr: "sig2"},
                  protocolVersion=CURRENT_PROTOCOL_VERSION)
    if append_endorser:
        req.endorser = endorser_idr
    return req
Ejemplo n.º 20
0
def testGeneratedRequestSequencing(tdir_for_func):
    """
    Request ids must be generated in an increasing order
    """
    with TestNodeSet(count=4, tmpdir=tdir_for_func) as nodeSet:
        cli = genTestClient(nodeSet, tmpdir=tdir_for_func)
        operation = randomOperation()

        request = cli.createRequest(operation)
        assert request.reqId == 1

        request = cli.createRequest(operation)
        assert request.reqId == 2

        request = cli.createRequest(randomOperation())
        assert request.reqId == 3

        cli2 = genTestClient(nodeSet, tmpdir=tdir_for_func)

        request = cli2.createRequest(operation)
        assert request.reqId == 1
Ejemplo n.º 21
0
def testGeneratedRequestSequencing(tdir_for_func):
    """
    Request ids must be generated in an increasing order
    """
    with TestNodeSet(count=4, tmpdir=tdir_for_func) as nodeSet:
        cli = genTestClient(nodeSet, tmpdir=tdir_for_func)
        operation = randomOperation()

        request = cli.createRequest(operation)
        assert request.reqId == 1

        request = cli.createRequest(operation)
        assert request.reqId == 2

        request = cli.createRequest(randomOperation())
        assert request.reqId == 3

        cli2 = genTestClient(nodeSet, tmpdir=tdir_for_func)

        request = cli2.createRequest(operation)
        assert request.reqId == 1
Ejemplo n.º 22
0
def test_role_authorizer_not_authorize_unknown_nym(idr_cache):
    authorizer = RolesAuthorizer(cache=idr_cache)

    unknown_req_auth = Request(identifier="some_unknown_identifier",
                               reqId=2,
                               operation=randomOperation(),
                               signature="signature",
                               protocolVersion=CURRENT_PROTOCOL_VERSION)

    authorized, reason = authorizer.authorize(unknown_req_auth,
                                              AuthConstraint(role=TRUSTEE, sig_count=1))
    assert not authorized
    assert reason == "sender's DID {} is not found in the Ledger".format(unknown_req_auth.identifier)
Ejemplo n.º 23
0
def test_wallet_multisig():
    wallet = Wallet()
    idr1, signer1 = wallet.addIdentifier()
    idr2, signer2 = wallet.addIdentifier()
    idr3, signer3 = wallet.addIdentifier()
    authnr = CoreAuthNr()
    for idr, signer in [(idr1, signer1), (idr2, signer2), (idr3, signer3)]:
        authnr.addIdr(idr, signer.verkey)

    def serz(req):
        return {
            k: v
            for k, v in req.as_dict.items()
            if k not in authnr.excluded_from_signing
        }

    op = randomOperation()
    request = Request(reqId=Request.gen_req_id(),
                      operation=op,
                      protocolVersion=CURRENT_PROTOCOL_VERSION,
                      identifier=idr1)
    req = wallet.sign_using_multi_sig(request=request, identifier=idr1)
    assert len(req.signatures) == 1
    req_data = serz(req)
    assert set(authnr.authenticate_multi(req_data, req.signatures, 1)) == {
        idr1,
    }
    with pytest.raises(InsufficientSignatures):
        authnr.authenticate_multi(req_data, req.signatures, 2)

    req = wallet.sign_using_multi_sig(request=req, identifier=idr2)
    assert len(req.signatures) == 2
    req_data = serz(req)
    assert set(authnr.authenticate_multi(req_data, req.signatures,
                                         2)) == {idr1, idr2}
    with pytest.raises(InsufficientSignatures):
        authnr.authenticate_multi(req_data, req.signatures, 3)

    wallet.do_multi_sig_on_req(req, identifier=idr3)
    assert len(req.signatures) == 3
    req_data = serz(req)
    assert set(authnr.authenticate_multi(req_data, req.signatures,
                                         3)) == {idr1, idr2, idr3}
Ejemplo n.º 24
0
    async def go(ctx):
        client1 = genTestClient(ctx.nodeset, tmpdir=ctx.tmpdir)

        # remove the client's ability to sign
        assert client1.getSigner()
        client1.signers[client1.defaultIdentifier] = None
        assert not client1.getSigner()

        ctx.looper.add(client1)
        await client1.ensureConnectedToNodes()

        operation = randomOperation()
        request = client1.submit(operation)[0]

        with pytest.raises(AssertionError):
            for node in ctx.nodeset:
                await eventually(checkLastClientReqForNode,
                                 node,
                                 request,
                                 retryWait=1,
                                 timeout=10)

        for n in ctx.nodeset:
            params = n.spylog.getLastParams(Node.reportSuspiciousClient)
            frm = params['clientName']
            reason = params['reason']

            assert frm == client1.name
            assert isinstance(reason, EmptySignature)

            params = n.spylog.getLastParams(Node.discard)
            reason = params["reason"]
            (msg, frm) = params["msg"]
            assert msg == request.__dict__
            assert frm == client1.name
            assert isinstance(reason, EmptySignature)
Ejemplo n.º 25
0
def req(identifier):
    return Request(identifier=identifier,
                   operation=randomOperation(),
                   signature='signature')
Ejemplo n.º 26
0
def req_auth():
    return Request(identifier="some_identifier",
                   reqId=1,
                   operation=randomOperation(),
                   signature="signature",
                   protocolVersion=CURRENT_PROTOCOL_VERSION)
Ejemplo n.º 27
0
def req_multi_signed_by_non_author():
    return Request(identifier="some_identifier",
                   reqId=1,
                   operation=randomOperation(),
                   signatures={"some_identifier2": "sig"},
                   protocolVersion=CURRENT_PROTOCOL_VERSION)
Ejemplo n.º 28
0
def req(identity_owners):
    return Request(identifier=identity_owners[0], operation=randomOperation())
Ejemplo n.º 29
0
def request1():
    return randomOperation()
Ejemplo n.º 30
0
def request1(wallet1):
    op = randomOperation()
    req = wallet1.signOp(op)
    return req
Ejemplo n.º 31
0
def request1(wallet1):
    op = randomOperation()
    req = wallet1.signOp(op)
    return req
Ejemplo n.º 32
0
def request1():
    return randomOperation()