def test_get_key_for_old_root_keys_changed(bls_key_register_ledger,
pool_node_txns,
txnPoolNodeSet,
node,
looper,
sdk_wallet_steward,
sdk_pool_handle):
old_bls_key = get_payload_data(pool_node_txns[0])[DATA][BLS_KEY]
new_bls_key, key_proof = init_bls_keys(node.keys_dir, node.name)
old_pool_root_hash = node.poolManager.state.committedHeadHash
# change BLS keys
sdk_change_bls_key(looper, txnPoolNodeSet,
node,
sdk_pool_handle,
sdk_wallet_steward,
add_wrong=False,
new_bls=new_bls_key,
new_key_proof=key_proof)
new_pool_root_hash = node.poolManager.state.committedHeadHash
assert old_pool_root_hash != new_pool_root_hash
# get old and new keys
bls_key = bls_key_register_ledger.get_key_by_name(node.name,
old_pool_root_hash)
assert bls_key
assert IndyCryptoBlsUtils.bls_to_str(bls_key) == old_bls_key
bls_key = bls_key_register_ledger.get_key_by_name(node.name,
new_pool_root_hash)
assert bls_key
assert IndyCryptoBlsUtils.bls_to_str(bls_key) == new_bls_key
def test_verify_multi_signature_invalid_short_pk(bls_signer1, bls_signer2,
bls_verifier, message):
pk1 = bls_signer1.pk
pk2 = bls_signer2.pk
sigs = []
sigs.append(bls_signer1.sign(message))
sigs.append(bls_signer2.sign(message))
multi_sig = bls_verifier.create_multi_sig(sigs)
for invalid_pk in invalid_pks(
invalid_short_values(IndyCryptoBlsUtils.bls_to_str(pk2))):
pks = [pk1, invalid_pk]
assert not bls_verifier.verify_multi_sig(multi_sig, message, pks)
for invalid_pk in invalid_pks(
invalid_short_values(IndyCryptoBlsUtils.bls_to_str(pk1))):
pks = [invalid_pk, pk2]
assert not bls_verifier.verify_multi_sig(multi_sig, message, pks)
for invalid_pk1, invalid_pk2 in zip(
invalid_pks(
invalid_short_values(IndyCryptoBlsUtils.bls_to_str(pk1))),
invalid_pks(
invalid_short_values(IndyCryptoBlsUtils.bls_to_str(pk2)))):
pks = [invalid_pk1, invalid_pk2]
assert not bls_verifier.verify_multi_sig(multi_sig, message, pks)
def test_create_bls_crypto_multiple_times(bls_crypto_factory):
pk1, _ = bls_crypto_factory.generate_and_store_bls_keys()
bls_crypto_signer1 = bls_crypto_factory.create_bls_crypto_signer_from_saved_keys() # type: BlsCryptoSignerIndyCrypto
assert pk1 == IndyCryptoBlsUtils.bls_to_str(bls_crypto_signer1.pk)
pk2, _ = bls_crypto_factory.generate_and_store_bls_keys()
bls_crypto_signer2 = bls_crypto_factory.create_bls_crypto_signer_from_saved_keys() # type: BlsCryptoSignerIndyCrypto
assert pk2 == IndyCryptoBlsUtils.bls_to_str(bls_crypto_signer2.pk)
pk3, _ = bls_crypto_factory.generate_and_store_bls_keys()
bls_crypto_signer3 = bls_crypto_factory.create_bls_crypto_signer_from_saved_keys() # type: BlsCryptoSignerIndyCrypto
assert pk3 == IndyCryptoBlsUtils.bls_to_str(bls_crypto_signer3.pk)
def test_verify_invalid_short_pk(bls_signer1, bls_verifier, message):
pk = bls_signer1.pk
sig = bls_signer1.sign(message)
for invalid_pk in invalid_pks(
invalid_short_values(IndyCryptoBlsUtils.bls_to_str(pk))):
assert not bls_verifier.verify_sig(sig, message, invalid_pk)
def test_create_bls_crypto(bls_crypto_factory):
pk, _ = bls_crypto_factory.generate_and_store_bls_keys()
bls_crypto_signer = bls_crypto_factory.create_bls_crypto_signer_from_saved_keys() # type: BlsCryptoSignerIndyCrypto
assert bls_crypto_signer
assert isinstance(bls_crypto_signer, BlsCryptoSigner)
assert bls_crypto_signer._sk
assert bls_crypto_signer.pk
assert pk == IndyCryptoBlsUtils.bls_to_str(bls_crypto_signer.pk)
def check_bls_key(blskey, node, nodes, add_wrong=False):
'''
Check that each node has the same and correct blskey for this node
'''
keys = set()
for n in nodes:
keys.add(
IndyCryptoBlsUtils.bls_to_str(
n.bls_bft.bls_key_register.get_key_by_name(node.name)))
assert len(keys) == 1
if not add_wrong:
assert blskey == next(iter(keys))
# check that this node has correct blskey
if not add_wrong:
assert node.bls_bft.can_sign_bls()
assert blskey == IndyCryptoBlsUtils.bls_to_str(
node.bls_bft.bls_crypto_signer.pk)
else:
assert not node.bls_bft.can_sign_bls()
def _validate_signature(self, sender, bls_sig, pre_prepare: PrePrepare):
pool_root_hash = self._get_pool_root_hash(pre_prepare, serialize=False)
sender_node = self.get_node_name(sender)
pk = self._bls_bft.bls_key_register.get_key_by_name(
sender_node, pool_root_hash)
if not pk:
return False
pool_root_hash_ser = self._get_pool_root_hash(pre_prepare)
message = self._create_multi_sig_value_for_pre_prepare(
pre_prepare, pool_root_hash_ser)
result = self._bls_bft.bls_crypto_verifier.verify_sig(
bls_sig, message.as_single_value(), pk)
if not result:
logger.info("Incorrect bls signature {} in commit for "
"{} public key: '{}' and message: '{}' from "
"pre-prepare: {}".format(
bls_sig, sender, IndyCryptoBlsUtils.bls_to_str(pk),
message, pre_prepare))
return result
def generate_bls_keys(self, seed=None) -> (str, str, str):
sk, pk, key_proof = self._generate_raw_bls_keys(seed)
return IndyCryptoBlsUtils.bls_to_str(
sk), IndyCryptoBlsUtils.bls_to_str(
pk), IndyCryptoBlsUtils.bls_to_str(key_proof)
def bls_key(self):
bls_key = self._node.bls_bft.bls_key_register.get_key_by_name(
self._node.name)
if bls_key is not None:
bls_key = IndyCryptoBlsUtils.bls_to_str(bls_key)
return bls_key
def test_get_key_for_current_root_explicitly(bls_key_register_ledger, txnPoolNodeSet, pool_node_txns):
for i in range(nodeCount):
bls_key = bls_key_register_ledger.get_key_by_name(txnPoolNodeSet[i].name,
bls_key_register_ledger.get_pool_root_hash_committed())
assert bls_key
assert IndyCryptoBlsUtils.bls_to_str(bls_key) == get_payload_data(pool_node_txns[i])[DATA][BLS_KEY]
def get_current_bls_keys(node):
bls_keys_raw_dict = node.master_replica._bls_bft_replica._bls_bft.bls_key_register._current_bls_keys
return {
node_nane: IndyCryptoBlsUtils.bls_to_str(bls_key_raw)
for node_nane, bls_key_raw in bls_keys_raw_dict.items()
}
def test_validator_info_file_bls_field_valid(info, node):
assert info['Node_info']['BLS_key'] == IndyCryptoBlsUtils.bls_to_str(node.bls_bft.bls_crypto_signer.pk)