def two_requests(looper, sdk_wallet_steward): wh, did = sdk_wallet_steward op = {TXN_TYPE: AUCTION_START, DATA: {'id': 'xyz'}} req1 = sdk_gen_request(op, protocol_version=CURRENT_PROTOCOL_VERSION, identifier=did).as_dict field = list(PLUGIN_CLIENT_REQUEST_FIELDS.keys())[0] req1[field] = 'x' * 10 req2 = copy.deepcopy(req1) req2[field] = 'z' * 10 req1 = sdk_multisign_request_object(looper, sdk_wallet_steward, json.dumps(req1)) req_obj1 = Request(**json.loads(req1)) req2 = sdk_multisign_request_object(looper, sdk_wallet_steward, json.dumps(req2)) req_obj2 = Request(**json.loads(req2)) assert req_obj1.payload_digest == req_obj2.payload_digest assert req_obj1.digest != req_obj2.digest return req1, req2
def test_create_did_without_endorser_sig_count_2_one_on_ledger( looper, txnPoolNodeSet, nym_txn_data, sdk_pool_handle, sdk_wallet_trustee): change_auth_rule(looper, sdk_pool_handle, sdk_wallet_trustee, constraint=AuthConstraint(role='*', sig_count=2, off_ledger_signature=True)) wh, alias, sender_did, sender_verkey = nym_txn_data nym_request = looper.loop.run_until_complete( build_nym_request(sender_did, sender_did, sender_verkey, alias, NEW_ROLE)) nym_request = sdk_multisign_request_object(looper, (wh, sender_did), nym_request) nym_request = sdk_multisign_request_object(looper, sdk_wallet_trustee, nym_request) request_couple = sdk_send_signed_requests(sdk_pool_handle, [nym_request])[0] sdk_get_and_check_replies(looper, [request_couple]) details = get_nym_details(txnPoolNodeSet[0].states[1], sender_did, is_committed=True) assert details[ROLE] == NEW_ROLE assert details[VERKEY] == sender_verkey
def test_both_author_and_endorser_must_sign(looper, sdk_pool_handle, sdk_wallet_trustee, sdk_wallet_endorser): ''' Both author and endorser must sign the request even if the author can send the request without Endorser ''' req_json = sdk_build_schema_request(looper, sdk_wallet_trustee, ["attr1", "attr2"], "name1", "2.0") req_json = sdk_append_request_endorser(looper, req_json, sdk_wallet_endorser[1]) # sign by Author only req_json_author_only = sdk_multisign_request_object(looper, sdk_wallet_trustee, req_json) with pytest.raises(RequestNackedException): request_couple = sdk_send_signed_requests(sdk_pool_handle, [req_json_author_only])[0] sdk_get_and_check_replies(looper, [request_couple]) # sign by Endorser only req_json_endorser_only = sdk_multisign_request_object(looper, sdk_wallet_endorser, req_json) with pytest.raises(RequestNackedException): request_couple = sdk_send_signed_requests(sdk_pool_handle, [req_json_endorser_only])[0] sdk_get_and_check_replies(looper, [request_couple]) # sign by both req_json_both = sdk_multisign_request_object(looper, sdk_wallet_trustee, req_json) req_json_both = sdk_multisign_request_object(looper, sdk_wallet_endorser, req_json_both) request_couple = sdk_send_signed_requests(sdk_pool_handle, [req_json_both])[0] sdk_get_and_check_replies(looper, [request_couple])
def test_old_txn_metadata_multisig_digest_fallback(looper, sdk_wallet_client, sdk_wallet_client2): # Create signed request and convert to legacy txn req_str = json.dumps(sdk_random_request_objects(1, CURRENT_PROTOCOL_VERSION, sdk_wallet_client[1])[0].as_dict) req_str = sdk_multisign_request_object(looper, sdk_wallet_client, req_str) req_str = sdk_multisign_request_object(looper, sdk_wallet_client2, req_str) req = deserialize_req(req_str) txn = req_to_legacy_txn(req_str) # Check that digests still can be extracted correctly assert get_payload_digest(txn) == req.payload_digest assert get_digest(txn) == None
def test_second_digest_is_written( looper, txnPoolNodeSet, sdk_pool_handle, sdk_wallet_stewards): req = json.dumps(sdk_random_request_objects(1, CURRENT_PROTOCOL_VERSION, sdk_wallet_stewards[0][1])[0].as_dict) req = sdk_multisign_request_object(looper, sdk_wallet_stewards[0], req) req = sdk_multisign_request_object(looper, sdk_wallet_stewards[1], req) sdk_get_and_check_replies(looper, sdk_send_signed_requests(sdk_pool_handle, [req])) req = Request(**json.loads(req)) ledger_id, _ = txnPoolNodeSet[0].seqNoDB.get_by_payload_digest(req.payload_digest) assert ledger_id == DOMAIN_LEDGER_ID payload_digest = txnPoolNodeSet[0].seqNoDB.get_by_full_digest(req.digest) assert payload_digest == req.payload_digest
def two_requests(looper, op, sdk_wallet_stewards): wh, did = sdk_wallet_stewards[0] req = json.dumps(sdk_gen_request(op, protocol_version=CURRENT_PROTOCOL_VERSION, identifier=did).as_dict) req1 = sdk_multisign_request_object(looper, sdk_wallet_stewards[0], req) req_obj1 = Request(**json.loads(req1)) req2 = sdk_multisign_request_object(looper, sdk_wallet_stewards[1], req1) req_obj2 = Request(**json.loads(req2)) assert req_obj1.payload_digest == req_obj2.payload_digest assert req_obj1.digest != req_obj2.digest return req1, req2
def test_request_with_incorrect_multisig_signatures(looper, sdk_pool_handle, sdk_wallet_client, sdk_wallet_client2): req = sdk_random_request_objects(1, identifier=sdk_wallet_client[1], protocol_version=CURRENT_PROTOCOL_VERSION)[0] req = sdk_multisign_request_object(looper, sdk_wallet_client, json.dumps(req.as_dict)) req = deserialize_req(req) req.signatures[req.identifier] = 'garbage' multisig_req = sdk_multisign_request_object(looper, sdk_wallet_client2, json.dumps(req.as_dict)) rep1 = sdk_send_signed_requests(sdk_pool_handle, [multisig_req]) invalid_signatures = 'did={}, signature={}'.format(req.identifier, req.signatures[req.identifier]) expected_error_message = 'Reason: client request invalid: {}'.\ format(InsufficientCorrectSignatures.reason.format(2, 1, 1, invalid_signatures)) with pytest.raises(RequestNackedException, match=expected_error_message): sdk_get_and_check_replies(looper, rep1)
def test_endorser_not_required_when_two_trustee_sigs(looper, sdk_pool_handle, sdk_wallet_trustee_list): change_new_schema_auth_rule(looper, sdk_pool_handle, sdk_wallet_trustee_list[0], constraint=AuthConstraint(role=TRUSTEE, sig_count=2)) req_json = sdk_build_schema_request(looper, sdk_wallet_trustee_list[1], ["attr1", "attr2"], "name4", "5.0") # sign by both req_json = sdk_multisign_request_object(looper, sdk_wallet_trustee_list[1], req_json) req_json = sdk_multisign_request_object(looper, sdk_wallet_trustee_list[2], req_json) request_couple = sdk_send_signed_requests(sdk_pool_handle, [req_json])[0] sdk_get_and_check_replies(looper, [request_couple])
def test_endorser_required_when_multi_sig_with_off_ledger_signature( looper, txnPoolNodeSet, sdk_wallet_client, sdk_pool_handle, sdk_wallet_trustee, sdk_wallet_endorser): change_new_did_auth_rule(looper, sdk_pool_handle, sdk_wallet_trustee, constraint=AuthConstraint( role='*', sig_count=2, off_ledger_signature=True)) new_did, verkey = \ looper.loop.run_until_complete( create_and_store_my_did(sdk_wallet_client[0], json.dumps({'seed': randomString(32)}))) sdk_wallet_new_client = (sdk_wallet_client[0], new_did) nym_request = looper.loop.run_until_complete( build_nym_request(new_did, new_did, verkey, None, IDENTITY_OWNER)) # can not send without Endorser with pytest.raises( RequestRejectedException, match= "'Endorser' field must be explicitly set for the endorsed transaction" ): signed_req = sdk_multisign_request_object(looper, sdk_wallet_new_client, nym_request) signed_req = sdk_multisign_request_object(looper, sdk_wallet_endorser, signed_req) request_couple = sdk_send_signed_requests(sdk_pool_handle, [signed_req])[0] sdk_get_and_check_replies(looper, [request_couple]) # can send with Endorser sdk_submit_and_check_by_endorser(looper, sdk_pool_handle, sdk_wallet_author=sdk_wallet_new_client, sdk_wallet_endorser=sdk_wallet_endorser, request_json=nym_request) details = get_nym_details(txnPoolNodeSet[0].states[1], new_did, is_committed=True) assert details[ROLE] == IDENTITY_OWNER assert details[VERKEY] == verkey
def sdk_submit_and_check_by_endorser(looper, sdk_pool_handle, sdk_wallet_author, sdk_wallet_endorser, request_json): _, endorser_did = sdk_wallet_endorser # 1. append Endorser field request_json = sdk_append_request_endorser(looper, request_json, endorser_did) # 2. sign by both Author and Endorser request_json = sdk_multisign_request_object(looper, sdk_wallet_author, request_json) request_json = sdk_multisign_request_object(looper, sdk_wallet_endorser, request_json) # 3. submit by Endorser request_couple = sdk_send_signed_requests(sdk_pool_handle, [request_json])[0] sdk_get_and_check_replies(looper, [request_couple])
def test_endorser_field_must_be_explicit(looper, sdk_pool_handle, sdk_wallet_new_client, sdk_wallet_endorser): req_json = sdk_build_schema_request(looper, sdk_wallet_new_client, ["attr1", "attr2"], "name2", "3.0") # Do not append Endorser field! # sign by both Author and Endorser req_json = sdk_multisign_request_object(looper, sdk_wallet_new_client, req_json) req_json = sdk_multisign_request_object(looper, sdk_wallet_endorser, req_json) with pytest.raises( RequestRejectedException, match= "'Endorser' field must be explicitly set for the endorsed transaction" ): request_couple = sdk_send_signed_requests(sdk_pool_handle, [req_json])[0] sdk_get_and_check_replies(looper, [request_couple])
def test_seq_no_db_multisigned_request(looper, node, sdk_wallet_client, sdk_wallet_client2): # Create signed request and write it to ledger req = sdk_random_request_objects( 1, identifier=sdk_wallet_client[1], protocol_version=CURRENT_PROTOCOL_VERSION)[0] req = sdk_multisign_request_object(looper, sdk_wallet_client, json.dumps(req.as_dict)) req = deserialize_req(req) write_request(node, req) # Make sure sending request again will return REPLY rep = node.getReplyFromLedgerForRequest(req) assert isinstance(rep, Reply) # Make sure sending request with additional signature will return NACK multisig_req = sdk_multisign_request_object(looper, sdk_wallet_client2, json.dumps(req.as_dict)) multisig_req = deserialize_req(multisig_req) rep = node.getReplyFromLedgerForRequest(multisig_req) assert isinstance(rep, RequestNack)