def test_store_success(self):
context = self.get_context()
cert, key, _ = create_certificate(context.pub_key_payload,
signer=context.client.get_signer())
cert_address, transaction_payload = self._pre_parse_payload_and_exec(
context, cert, key)
crt_export, crt_bin, crt_sig, rem_sig, pub_key, \
valid_from, valid_to = get_crt_export_bin_sig_rem_sig(cert, key, context.client)
account = AccountClient.get_account_model(PUB_KEY_STORE_PRICE)
data = PubKeyStorage()
data.owner = self.account_signer1.get_public_key().as_hex()
data.payload.CopyFrom(transaction_payload)
data.revoked = False
self.expect_get({cert_address: None, self.account_address1: account})
self.expect_get({_make_settings_key('remme.economy_enabled'): None})
context.client.store_pub_key(pub_key, rem_sig, crt_sig, valid_from,
valid_to)
account.balance -= PUB_KEY_STORE_PRICE
account.pub_keys.append(cert_address)
self.expect_set({self.account_address1: account, cert_address: data})
self.expect_ok()
def _store_pub_key(self, context, signer_pubkey, transaction_payload):
address = self.make_address_from_data(transaction_payload.public_key)
LOGGER.info('Pub key address {}'.format(address))
account_address = AccountHandler().make_address_from_data(signer_pubkey)
LOGGER.info('Account address {}'.format(address))
data, account = get_multiple_data(context, [(address, PubKeyStorage), (account_address, Account)])
if data:
raise InvalidTransaction('This pub key is already registered.')
cert_signer_pubkey = load_pem_public_key(transaction_payload.public_key.encode('utf-8'),
backend=default_backend())
try:
ehs_bytes = binascii.unhexlify(transaction_payload.entity_hash_signature)
eh_bytes = binascii.unhexlify(transaction_payload.entity_hash)
except binascii.Error:
LOGGER.debug(f'entity_hash_signature {transaction_payload.entity_hash_signature}')
LOGGER.debug(f'entity_hash {transaction_payload.entity_hash}')
raise InvalidTransaction('Entity hash or signature not a hex format')
# FIXME: For support PKCS1v15 and PSS
LOGGER.warn('HAZARD: Detecting padding for verification')
sigerr = 0
pkcs = padding.PKCS1v15()
pss = padding.PSS(mgf=padding.MGF1(hashes.SHA512()), salt_length=padding.PSS.MAX_LENGTH)
for _padding in (pkcs, pss):
try:
cert_signer_pubkey.verify(ehs_bytes, eh_bytes, _padding, hashes.SHA512())
LOGGER.warn('HAZARD: Padding found: %s', _padding.name)
except InvalidSignature:
sigerr += 1
if sigerr == 2:
raise InvalidTransaction('Invalid signature')
valid_from = datetime.fromtimestamp(transaction_payload.valid_from)
valid_to = datetime.fromtimestamp(transaction_payload.valid_to)
if valid_to - valid_from > PUB_KEY_MAX_VALIDITY:
raise InvalidTransaction('The public key validity exceeds the maximum value.')
data = PubKeyStorage()
data.owner = signer_pubkey
data.payload.CopyFrom(transaction_payload)
data.revoked = False
if not account:
account = Account()
if _get_setting_value(context, 'remme.economy_enabled', 'true').lower() == 'true':
if account.balance < PUB_KEY_STORE_PRICE:
raise InvalidTransaction('Not enough tokens to register a new pub key. Current balance: {}'
.format(account.balance))
account.balance -= PUB_KEY_STORE_PRICE
if address not in account.pub_keys:
account.pub_keys.append(address)
return {address: data,
account_address: account}
def test_revoke_success(self):
context = self.get_context()
cert, key, key_export = create_certificate(context.pub_key_payload,
org_name='different',
signer=self.account_signer2)
cert_address, transaction_payload = self._pre_parse_payload_and_exec(
context, cert, key, 'revoke')
data = PubKeyStorage()
data.owner = context.client.get_signer().get_public_key().as_hex()
data.payload.CopyFrom(transaction_payload)
data.revoked = False
self.expect_get({cert_address: data})
data.revoked = True
self.expect_set({cert_address: data})
self.expect_ok()
def test_store_success(self):
context = self.get_context()
cert, key, _ = PubKeyClient.create_certificate(
context.pub_key_payload, signer=context.client.get_signer())
transaction_signature, cert_address, transaction_payload = self._pre_parse_payload_and_exec(
context, cert, key)
crt_export, crt_bin, crt_sig, rem_sig, pub_key, \
valid_from, valid_to = PubKeyClient.get_crt_export_bin_sig_rem_sig(cert, key, context.client)
account = AccountClient.get_account_model(PUB_KEY_STORE_PRICE)
storage_account = AccountClient.get_account_model(0)
storage_signer = self.get_new_signer()
storage_pub_key = storage_signer.get_public_key().as_hex()
storage_address = AccountHandler().make_address_from_data(
storage_pub_key)
data = PubKeyStorage()
data.owner = self.account_signer1.get_public_key().as_hex()
data.payload.CopyFrom(transaction_payload)
data.revoked = False
self.expect_get({cert_address: None, self.account_address1: account})
self.expect_get({_make_settings_key('remme.economy_enabled'): None})
self.expect_get({
_make_settings_key(SETTINGS_STORAGE_PUB_KEY):
get_setting_from_key_value(SETTINGS_STORAGE_PUB_KEY,
storage_pub_key)
})
self.expect_get({
self.account_address1: account,
storage_address: storage_account
})
context.client.store_pub_key(pub_key, rem_sig, crt_sig, valid_from,
valid_to)
account.balance -= PUB_KEY_STORE_PRICE
account.pub_keys.append(cert_address)
storage_account.balance += PUB_KEY_STORE_PRICE
self.expect_set(
transaction_signature, PubKeyMethod.STORE, {
self.account_address1: account,
cert_address: data,
storage_address: storage_account
})
self.expect_ok()
def test_revoke_fail_wrong_signer(self):
context = self.get_context()
cert, key, key_export = PubKeyClient.create_certificate(
context.pub_key_payload,
org_name='different',
signer=self.account_signer2)
signature, cert_address, transaction_payload = self._pre_parse_payload_and_exec(
context, cert, key, 'revoke')
data = PubKeyStorage()
data.owner = self.account_signer2.get_public_key().as_hex()
data.payload.CopyFrom(transaction_payload)
data.revoked = False
self.expect_get({cert_address: data})
self.expect_invalid_transaction()
def test_store_success(self):
context = self.get_context()
cert, key, _ = create_certificate(context.pub_key_payload, signer=context.client.get_signer())
cert_address, transaction_payload = self._pre_parse_payload_and_exec(context, cert, key)
self.expect_get({cert_address: None})
account = AccountClient.get_account_model(PUB_KEY_STORE_PRICE)
self.expect_get({self.account_address1: account})
data = PubKeyStorage()
data.owner = self.account_signer1.get_public_key().as_hex()
data.payload.CopyFrom(transaction_payload)
data.revoked = False
account.balance -= PUB_KEY_STORE_PRICE
account.pub_keys.append(cert_address)
self.expect_set({
self.account_address1: account,
cert_address: data
})
self.expect_ok()