def test_edit_attrib(sdk_pool_handle, sdk_user_wallet_a, sdk_wallet_endorser, attributeData, looper, attributeName): _, did_cl = sdk_user_wallet_a sdk_add_attribute_and_check(looper, sdk_pool_handle, sdk_wallet_endorser, attributeData, did_cl) res1 = sdk_get_attribute_and_check(looper, sdk_pool_handle, sdk_wallet_endorser, did_cl, attributeName) assert serialize_msg_for_signing(json.loads( res1[0][1]['result']['data'])) == serialize_msg_for_signing( json.loads(attributeData.replace(' ', ''))) data = json.loads(attributeData) data[attributeName] = {'John': 'Snow'} data = json.dumps(data) sdk_add_attribute_and_check(looper, sdk_pool_handle, sdk_wallet_endorser, data, did_cl) res2 = sdk_get_attribute_and_check(looper, sdk_pool_handle, sdk_wallet_endorser, did_cl, attributeName) assert serialize_msg_for_signing(json.loads( res2[0][1]['result']['data'])) == serialize_msg_for_signing( json.loads(data.replace(' ', '')))
def test_serialize_dicts_with_different_keys(): v1 = serialize_msg_for_signing( { 1: 'a', 2: { 3: 'b', 4: { 5: { 6: 'c' } } } }) v2 = serialize_msg_for_signing( { 1: 'a', 2: { 3: 'b', }, 4: { 5: { 6: 'c' } } }) assert v1 == v2
def test_serialize_complex_ordered_dict(): assert b'1:a|2:3:b|4:c' == serialize_msg_for_signing( OrderedDict([('1', 'a'), ('2', OrderedDict([ ('3', 'b'), ('4', 'c'), ]))])) assert b'1:a|2:3:b|4:c' == serialize_msg_for_signing( OrderedDict([ ('2', OrderedDict([ ('4', 'c'), ('3', 'b'), ])), ('1', 'a'), ]))
def test_serialize_complex_dict(): assert b'1:a|2:3:b|2:4:5:6:c' == serialize_msg_for_signing( { 1: 'a', 2: { 3: 'b', 4: { 5: { 6: 'c' } } } }) assert b'1:a|2:3:b|2:4:5:6:c' == serialize_msg_for_signing( { '1': 'a', '2': { '3': 'b', '4': { '5': { '6': 'c' } } } }) v = serialize_msg_for_signing( { '1': 'a', '2': 'b', '3': { '4': 'c', '5': 'd', '6': { '7': { '8': 'e', '9': 'f' }, '10': { '11': 'g', '12': 'h' } }, '13': { '13': { '13': 'i', } } } }) assert b'1:a|2:b|3:4:c|3:5:d|3:6:7:8:e|3:6:7:9:f|3:6:10:11:g|3:6:10:12:h|3:13:13:13:i' == v
def test_serialize_dicts_with_different_keys(): v1 = serialize_msg_for_signing({1: 'a', 2: {3: 'b', 4: {5: {6: 'c'}}}}) v2 = serialize_msg_for_signing({ 1: 'a', 2: { 3: 'b', }, 4: { 5: { 6: 'c' } } }) assert v1 == v2
def verify_signtures_on_payments(inputs, outputs, signatures, verifier, *extra_fields_for_signing): correct_sigs_from = [] for inp, sig in zip(inputs, signatures): try: sig = base58.b58decode(sig) except Exception as ex: raise InvalidSignatureFormat from ex new_data = [inp, outputs] new_data.extend(extra_fields_for_signing) idr = inp[ADDRESS] ser = serialize_msg_for_signing(new_data) try: verkey = address_to_verkey(idr) except ValueError: continue vr = verifier(verkey) if vr.verify(sig, ser): correct_sigs_from.append(idr) if len(correct_sigs_from) != len(inputs): # All inputs should have signatures present raise InsufficientCorrectSignatures(len(correct_sigs_from), len(inputs)) return correct_sigs_from
def verifySignature(self, msg: Dict[str, str]): signature = msg.get(f.SIG.nm) identifier = msg.get(IDENTIFIER) msgWithoutSig = {k: v for k, v in msg.items() if k != f.SIG.nm} # TODO This assumes the current key is the cryptonym. This is a BAD # ASSUMPTION!!! Indy needs to provide the current key. ser = serialize_msg_for_signing(msgWithoutSig) signature = b58decode(signature.encode()) typ = msg.get(TYPE) # TODO: Maybe keeping ACCEPT_INVITE open is a better option than keeping # an if condition here? if typ == ACCEPT_INVITE: verkey = msg.get(VERKEY) else: try: link = self.getLinkForMsg(msg) verkey = self.getVerkeyForLink(link) except (ConnectionNotFound, VerkeyNotFound): # This is for verification of `NOTIFY` events link = self.wallet.getConnectionBy(remote=identifier) # TODO: If verkey is None, it should be fetched from Indy. # Assuming CID for now. verkey = link.remoteVerkey v = DidVerifier(verkey, identifier=identifier) if not v.verify(signature, ser): raise SignatureRejected else: if typ == ACCEPT_INVITE: self.logger.info('Signature accepted.') return True
def verifySig(identifier, signature, msg) -> bool: key = cryptonymToHex(identifier) if not isHex(identifier) else identifier ser = serialize_msg_for_signing(msg) b64sig = signature.encode('utf-8') sig = b58decode(b64sig) vr = Verifier(key) return vr.verify(sig, ser)
def test_serialize_complex_dict(): assert b'1:a|2:3:b|2:4:5:6:c' == serialize_msg_for_signing({ 1: 'a', 2: { 3: 'b', 4: { 5: { 6: 'c' } } } }) assert b'1:a|2:3:b|2:4:5:6:c' == serialize_msg_for_signing({ '1': 'a', '2': { '3': 'b', '4': { '5': { '6': 'c' } } } }) v = serialize_msg_for_signing({ '1': 'a', '2': 'b', '3': { '4': 'c', '5': 'd', '6': { '7': { '8': 'e', '9': 'f' }, '10': { '11': 'g', '12': 'h' } }, '13': { '13': { '13': 'i', } } } }) assert b'1:a|2:b|3:4:c|3:5:d|3:6:7:8:e|3:6:7:9:f|3:6:10:11:g|3:6:10:12:h|3:13:13:13:i' == v
def sign(self, msg: Dict) -> Dict: """ Return a signature for the given message. """ ser = serialize_msg_for_signing(msg, topLevelKeysToIgnore=[f.SIG.nm]) bsig = self.naclSigner.signature(ser) sig = base58.b58encode(bsig).decode("utf-8") return sig
def test_serialize_complex_ordered_dict(): assert b'1:a|2:3:b|4:c' == serialize_msg_for_signing( OrderedDict([ ('1', 'a'), ('2', OrderedDict([ ('3', 'b'), ('4', 'c'), ])) ])) assert b'1:a|2:3:b|4:c' == serialize_msg_for_signing( OrderedDict([ ('2', OrderedDict([ ('4', 'c'), ('3', 'b'), ])), ('1', 'a'), ]))
def test_serialize_dict_with_array(): assert b"1:a|2:b|3:1,2:k" == serialize_msg_for_signing({ 1: 'a', 2: 'b', 3: [1, { 2: 'k' }] }) assert b"1:a|2:b|3:1,2:k" == serialize_msg_for_signing({ '1': 'a', '2': 'b', '3': ['1', { '2': 'k' }] })
def sign(self, msg: Dict) -> Dict: """ Return a signature for the given message. """ ser = serialize_msg_for_signing(msg, topLevelKeysToIgnore=[f.SIG.nm]) bsig = self.naclSigner.signature(ser) sig = base58.b58encode(bsig) return sig
def put_into_seq_no_db(txn): # If there is no reqId, then it's genesis txn if get_req_id(txn) is None: return txn_new = copy.deepcopy(txn) operation = get_payload_data(txn_new) operation[TXN_TYPE] = get_type(txn_new) dct = { f.IDENTIFIER.nm: get_from(txn_new), f.REQ_ID.nm: get_req_id(txn_new), OPERATION: operation, } if get_protocol_version(txn_new) is not None: dct[f.PROTOCOL_VERSION.nm] = get_protocol_version(txn_new) digest = sha256(serialize_msg_for_signing(dct)).hexdigest() seq_no = get_seq_no(txn_new) ledger_id = get_ledger_id_by_txn_type(operation[TXN_TYPE]) line_to_record = str(ledger_id) + ReqIdrToTxn.delimiter + str(seq_no) dest_seq_no_db_storage.put(digest, line_to_record) return digest
def put_into_seq_no_db(txn): # If there is no reqId, then it's genesis txn if get_req_id(txn) is None: return txn_new = copy.deepcopy(txn) operation = get_payload_data(txn_new) operation[TXN_TYPE] = get_type(txn_new) dct = { f.IDENTIFIER.nm: get_from(txn_new), f.REQ_ID.nm: get_req_id(txn_new), OPERATION: operation, } if get_protocol_version(txn_new) is not None: dct[f.PROTOCOL_VERSION.nm] = get_protocol_version(txn_new) digest = sha256(serialize_msg_for_signing(dct)).hexdigest().encode() seq_no = get_seq_no(txn_new) ledger_id = get_ledger_id_by_txn_type(operation[TXN_TYPE]) line_to_record = str(ledger_id) + ReqIdrToTxn.delimiter + str(seq_no) dest_seq_no_db_storage.put(digest, line_to_record) return digest
def _do_checkpoint(self, state, s, e, ledger_id, view_no): # TODO CheckpointState/Checkpoint is not a namedtuple anymore # 1. check if updateNamedTuple works for the new message type # 2. choose another name state = updateNamedTuple(state, digest=sha256( serialize_msg_for_signing( state.digests)).hexdigest(), digests=[]) self._checkpoint_state[s, e] = state self._logger.info( "{} sending Checkpoint {} view {} checkpointState digest {}. Ledger {} " "txn root hash {}. Committed state root hash {} Uncommitted state root hash {}" .format( self, (s, e), view_no, state.digest, ledger_id, self._db_manager.get_txn_root_hash(ledger_id), self._db_manager.get_state_root_hash(ledger_id, committed=True), self._db_manager.get_state_root_hash(ledger_id, committed=False))) checkpoint = Checkpoint(self._data.inst_id, view_no, s, e, state.digest) self._network.send(checkpoint) self._data.checkpoints.append(checkpoint)
def verifyMsg(self, sig, msg: Dict): ser = serialize_msg_for_signing(msg) return self.verify(sig, ser)
def test_serialize_none(): assert b"" == serialize_msg_for_signing(None)
def test_serialize_int(): assert b"1" == serialize_msg_for_signing(1)
def serializeForSig(self, msg, identifier=None, topLevelKeysToIgnore=None): if not msg.get(f.IDENTIFIER.nm): msg = {**msg, f.IDENTIFIER.nm: identifier} return serialize_msg_for_signing( msg, topLevelKeysToIgnore=topLevelKeysToIgnore)
def serializeForSig(self, msg, identifier=None, topLevelKeysToIgnore=None): return serialize_msg_for_signing( msg, topLevelKeysToIgnore=topLevelKeysToIgnore)
def serialized(self): return serialize_msg_for_signing(self.__getstate__())
def test_serialize_str(): assert b"aaa" == serialize_msg_for_signing("aaa")
def test_serialize_ordered_dict(): v1 = OrderedDict([('1', 'a'), ('2', 'b')]) v2 = OrderedDict([('2', 'b'), ('1', 'a')]) assert b"1:a|2:b" == serialize_msg_for_signing(v1) assert b"1:a|2:b" == serialize_msg_for_signing(v2)
def getDigest(self): return sha256(serialize_msg_for_signing(self.signingState)).hexdigest()
def test_serialize_dict_with_array(): assert b"1:a|2:b|3:1,2:k" == serialize_msg_for_signing({1: 'a', 2: 'b', 3: [1, {2: 'k'}]}) assert b"1:a|2:b|3:1,2:k" == serialize_msg_for_signing({'1': 'a', '2': 'b', '3': ['1', {'2': 'k'}]})
def test_serialize_simple_dict(): assert b"1:a|2:b" == serialize_msg_for_signing({1: 'a', 2: 'b'}) assert b"1:a|2:b" == serialize_msg_for_signing({"2": 'b', "1": 'a'})
def test_serialize_array(): assert b"1,5,3,4,2" == serialize_msg_for_signing([1, 5, 3, 4, 2])
def getPayloadDigest(self): return sha256(serialize_msg_for_signing(self.signingPayloadState())).hexdigest()
def getDigest(self): return sha256(serialize_msg_for_signing(self.signingState())).hexdigest()