def test_get_key_for_old_root_keys_changed(bls_key_register_ledger, pool_node_txns, txnPoolNodeSet, node, looper, sdk_wallet_steward, sdk_pool_handle): old_bls_key = get_payload_data(pool_node_txns[0])[DATA][BLS_KEY] new_bls_key, key_proof = init_bls_keys(node.keys_dir, node.name) old_pool_root_hash = node.poolManager.state.committedHeadHash # change BLS keys sdk_change_bls_key(looper, txnPoolNodeSet, node, sdk_pool_handle, sdk_wallet_steward, add_wrong=False, new_bls=new_bls_key, new_key_proof=key_proof) new_pool_root_hash = node.poolManager.state.committedHeadHash assert old_pool_root_hash != new_pool_root_hash # get old and new keys bls_key = bls_key_register_ledger.get_key_by_name(node.name, old_pool_root_hash) assert bls_key assert bls_key == old_bls_key bls_key = bls_key_register_ledger.get_key_by_name(node.name, new_pool_root_hash) assert bls_key assert bls_key == new_bls_key
def sdk_change_bls_key(looper, txnPoolNodeSet, node, sdk_pool_handle, sdk_wallet_steward, add_wrong=False, new_bls=None, new_key_proof=None): if add_wrong: _, new_blspk, key_proof = create_default_bls_crypto_factory( ).generate_bls_keys() else: new_blspk, key_proof = init_bls_keys(node.keys_dir, node.name) key_in_txn = new_bls or new_blspk bls_key_proof = new_key_proof or key_proof node_dest = hexToFriendly(node.nodestack.verhex) sdk_send_update_node(looper, sdk_wallet_steward, sdk_pool_handle, node_dest, node.name, None, None, None, None, bls_key=key_in_txn, services=None, key_proof=bls_key_proof) poolSetExceptOne = list(txnPoolNodeSet) poolSetExceptOne.remove(node) waitNodeDataEquality(looper, node, *poolSetExceptOne) sdk_pool_refresh(looper, sdk_pool_handle) sdk_ensure_pool_functional(looper, txnPoolNodeSet, sdk_wallet_steward, sdk_pool_handle) return new_blspk
def sdk_change_bls_key(looper, txnPoolNodeSet, node, sdk_pool_handle, sdk_wallet_steward, add_wrong=False, new_bls=None): new_blspk = init_bls_keys(node.keys_dir, node.name) key_in_txn = new_bls or new_blspk \ if not add_wrong \ else base58.b58encode(randomString(128).encode()).decode("utf-8") node_dest = hexToFriendly(node.nodestack.verhex) sdk_send_update_node(looper, sdk_wallet_steward, sdk_pool_handle, node_dest, node.name, None, None, None, None, bls_key=key_in_txn, services=None) poolSetExceptOne = list(txnPoolNodeSet) poolSetExceptOne.remove(node) waitNodeDataEquality(looper, node, *poolSetExceptOne) sdk_pool_refresh(looper, sdk_pool_handle) sdk_ensure_pool_functional(looper, txnPoolNodeSet, sdk_wallet_steward, sdk_pool_handle) return new_blspk
def test_get_key_for_old_root_keys_changed(bls_key_register_ledger, pool_node_txns, txnPoolNodeSet, node, looper, sdk_wallet_steward, sdk_pool_handle): old_bls_key = get_payload_data(pool_node_txns[0])[DATA][BLS_KEY] new_bls_key, key_proof = init_bls_keys(node.keys_dir, node.name) old_pool_root_hash = node.poolManager.state.committedHeadHash # change BLS keys sdk_change_bls_key(looper, txnPoolNodeSet, node, sdk_pool_handle, sdk_wallet_steward, add_wrong=False, new_bls=new_bls_key, new_key_proof=key_proof) new_pool_root_hash = node.poolManager.state.committedHeadHash assert old_pool_root_hash != new_pool_root_hash # get old and new keys bls_key = bls_key_register_ledger.get_key_by_name(node.name, old_pool_root_hash) assert bls_key assert IndyCryptoBlsUtils.bls_to_str(bls_key) == old_bls_key bls_key = bls_key_register_ledger.get_key_by_name(node.name, new_pool_root_hash) assert bls_key assert IndyCryptoBlsUtils.bls_to_str(bls_key) == new_bls_key
def sdk_change_bls_key(looper, txnPoolNodeSet, node, sdk_pool_handle, sdk_wallet_steward, add_wrong=False, new_bls=None): new_blspk = init_bls_keys(node.keys_dir, node.name) key_in_txn = new_bls or new_blspk \ if not add_wrong \ else base58.b58encode(randomString(128).encode()) node_dest = hexToFriendly(node.nodestack.verhex) sdk_send_update_node(looper, sdk_wallet_steward, sdk_pool_handle, node_dest, node.name, None, None, None, None, bls_key=key_in_txn, services=None) poolSetExceptOne = list(txnPoolNodeSet) poolSetExceptOne.remove(node) waitNodeDataEquality(looper, node, *poolSetExceptOne) sdk_pool_refresh(looper, sdk_pool_handle) sdk_add_new_nym(looper, sdk_pool_handle, sdk_wallet_steward, alias=randomString(5)) ensure_all_nodes_have_same_data(looper, txnPoolNodeSet) return new_blspk
def test_fail_node_bls_key_validation(looper, sdk_pool_handle, sdk_node_theta_added): """ Test request for change node bls key with incorrect bls key proof of possession. """ new_steward_wallet, new_node = sdk_node_theta_added node_dest = hexToFriendly(new_node.nodestack.verhex) bls_key, key_proof = init_bls_keys(new_node.keys_dir, new_node.name) # change key_proof key_proof = key_proof.upper() with pytest.raises(RequestNackedException) as e: sdk_send_update_node(looper, new_steward_wallet, sdk_pool_handle, node_dest, new_node.name, None, None, None, None, bls_key=bls_key, key_proof=key_proof) assert "Proof of possession {} " \ "is incorrect for BLS key {}".format(key_proof, bls_key) \ in e._excinfo[1].args[0]
def sdk_change_bls_key(looper, txnPoolNodeSet, node, sdk_pool_handle, sdk_wallet_steward, add_wrong=False, new_bls=None, new_key_proof=None): if add_wrong: _, new_blspk, key_proof = create_default_bls_crypto_factory().generate_bls_keys() else: new_blspk, key_proof = init_bls_keys(node.keys_dir, node.name) key_in_txn = new_bls or new_blspk bls_key_proof = new_key_proof or key_proof node_dest = hexToFriendly(node.nodestack.verhex) sdk_send_update_node(looper, sdk_wallet_steward, sdk_pool_handle, node_dest, node.name, None, None, None, None, bls_key=key_in_txn, services=None, key_proof=bls_key_proof) poolSetExceptOne = list(txnPoolNodeSet) poolSetExceptOne.remove(node) waitNodeDataEquality(looper, node, *poolSetExceptOne) sdk_pool_refresh(looper, sdk_pool_handle) sdk_ensure_pool_functional(looper, txnPoolNodeSet, sdk_wallet_steward, sdk_pool_handle) return new_blspk
def change_bls_key(looper, txnPoolNodeSet, tdirWithPoolTxns, node, steward_client, steward_wallet, add_wrong=False): new_blspk = init_bls_keys(tdirWithPoolTxns, node.name) key_in_txn = new_blspk if not add_wrong else randomString(32) node_data = {ALIAS: node.name, BLS_KEY: key_in_txn} updateNodeData(looper, steward_client, steward_wallet, node, node_data) waitNodeDataEquality(looper, node, *txnPoolNodeSet[:-1]) ensureClientConnectedToNodesAndPoolLedgerSame(looper, steward_client, *txnPoolNodeSet) return new_blspk
def update_bls_keys_no_proof(node_index, sdk_wallet_stewards, sdk_pool_handle, looper, txnPoolNodeSet): node = txnPoolNodeSet[node_index] sdk_wallet_steward = sdk_wallet_stewards[node_index] new_blspk, key_proof = init_bls_keys(node.keys_dir, node.name) node_dest = hexToFriendly(node.nodestack.verhex) sdk_send_update_node(looper, sdk_wallet_steward, sdk_pool_handle, node_dest, node.name, None, None, None, None, bls_key=new_blspk, services=None, key_proof=None) poolSetExceptOne = list(txnPoolNodeSet) poolSetExceptOne.remove(node) waitNodeDataEquality(looper, node, *poolSetExceptOne) sdk_pool_refresh(looper, sdk_pool_handle) return new_blspk
def change_bls_key(looper, txnPoolNodeSet, node, steward_client, steward_wallet, add_wrong=False): new_blspk = init_bls_keys(node.keys_dir, node.name) key_in_txn = \ new_blspk \ if not add_wrong \ else ''.join(random_from_alphabet(32, base58.alphabet)) node_data = {ALIAS: node.name, BLS_KEY: key_in_txn} updateNodeData(looper, steward_client, steward_wallet, node, node_data) waitNodeDataEquality(looper, node, *txnPoolNodeSet[:-1]) ensureClientConnectedToNodesAndPoolLedgerSame(looper, steward_client, *txnPoolNodeSet) return new_blspk
def bootstrapTestNodesCore( cls, config, network, appendToLedgers, domainTxnFieldOrder, trustee_def, steward_defs, node_defs, client_defs, localNodes, nodeParamsFileName, config_helper_class=PConfigHelper, node_config_helper_class=PNodeConfigHelper, chroot: str=None): if not localNodes: localNodes = {} try: if isinstance(localNodes, int): _localNodes = {localNodes} else: _localNodes = {int(_) for _ in localNodes} except BaseException as exc: raise RuntimeError('nodeNum must be an int or set of ints') from exc config.NETWORK_NAME = network if _localNodes: config_helper = config_helper_class(config, chroot=chroot) os.makedirs(config_helper.genesis_dir, exist_ok=True) genesis_dir = config_helper.genesis_dir keys_dir = config_helper.keys_dir else: genesis_dir = cls.setup_clibase_dir(config, network) keys_dir = os.path.join(genesis_dir, "keys") poolLedger = cls.init_pool_ledger(appendToLedgers, genesis_dir, config) domainLedger = cls.init_domain_ledger(appendToLedgers, genesis_dir, config, domainTxnFieldOrder) # 1. INIT DOMAIN LEDGER GENESIS FILE seq_no = 1 trustee_txn = Member.nym_txn(trustee_def.nym, verkey=trustee_def.verkey, role=TRUSTEE, seq_no=seq_no) seq_no += 1 domainLedger.add(trustee_txn) for sd in steward_defs: nym_txn = Member.nym_txn(sd.nym, verkey=sd.verkey, role=STEWARD, creator=trustee_def.nym, seq_no=seq_no) seq_no += 1 domainLedger.add(nym_txn) for cd in client_defs: txn = Member.nym_txn(cd.nym, verkey=cd.verkey, creator=trustee_def.nym, seq_no=seq_no) seq_no += 1 domainLedger.add(txn) # 2. INIT KEYS AND POOL LEDGER GENESIS FILE seq_no = 1 for nd in node_defs: if nd.idx in _localNodes: _, verkey, blskey = initNodeKeysForBothStacks(nd.name, keys_dir, nd.sigseed, override=True) verkey = verkey.encode() assert verkey == nd.verkey if nd.ip != '127.0.0.1': paramsFilePath = os.path.join(config.GENERAL_CONFIG_DIR, nodeParamsFileName) print('Nodes will not run locally, so writing {}'.format(paramsFilePath)) TestNetworkSetup.writeNodeParamsFile(paramsFilePath, nd.name, "0.0.0.0", nd.port, "0.0.0.0", nd.client_port) print("This node with name {} will use ports {} and {} for nodestack and clientstack respectively" .format(nd.name, nd.port, nd.client_port)) else: verkey = nd.verkey blskey = init_bls_keys(keys_dir, nd.name, nd.sigseed) node_nym = cls.getNymFromVerkey(verkey) node_txn = Steward.node_txn(nd.steward_nym, nd.name, node_nym, nd.ip, nd.port, nd.client_port, blskey=blskey, seq_no=seq_no) seq_no += 1 poolLedger.add(node_txn) poolLedger.stop() domainLedger.stop()
def _add_changes(self, node_data): sigseed, verkey, bls_key, nodeIp, nodePort, clientIp, clientPort, key_proof = node_data new_blspk, key_proof = init_bls_keys(self.tdir, "node_name") bls_key = new_blspk return sigseed, verkey, bls_key, nodeIp, nodePort, clientIp, clientPort, key_proof
def bootstrapTestNodesCore( cls, config, envName, appendToLedgers, domainTxnFieldOrder, trustee_def, steward_defs, node_defs, client_defs, localNodes, nodeParamsFileName): if not localNodes: localNodes = {} try: if isinstance(localNodes, int): _localNodes = {localNodes} else: _localNodes = {int(_) for _ in localNodes} except BaseException as exc: raise RuntimeError('nodeNum must be an int or set of ints') from exc baseDir = cls.setup_base_dir(config, envName) if _localNodes else cls.setup_clibase_dir(config, envName) poolLedger = cls.init_pool_ledger(appendToLedgers, baseDir, config, envName) domainLedger = cls.init_domain_ledger(appendToLedgers, baseDir, config, envName, domainTxnFieldOrder) trustee_txn = Member.nym_txn(trustee_def.nym, trustee_def.name, verkey=trustee_def.verkey, role=TRUSTEE) domainLedger.add(trustee_txn) for sd in steward_defs: nym_txn = Member.nym_txn(sd.nym, sd.name, verkey=sd.verkey, role=STEWARD, creator=trustee_def.nym) domainLedger.add(nym_txn) key_dir = os.path.expanduser(baseDir) for nd in node_defs: if nd.idx in _localNodes: _, verkey, blskey = initNodeKeysForBothStacks(nd.name, key_dir, nd.sigseed, override=True) verkey = verkey.encode() assert verkey == nd.verkey if nd.ip != '127.0.0.1': paramsFilePath = os.path.join(baseDir, nodeParamsFileName) print('Nodes will not run locally, so writing {}'.format(paramsFilePath)) TestNetworkSetup.writeNodeParamsFile(paramsFilePath, nd.name, nd.port, nd.client_port) print("This node with name {} will use ports {} and {} for nodestack and clientstack respectively" .format(nd.name, nd.port, nd.client_port)) else: verkey = nd.verkey blskey = init_bls_keys(key_dir, nd.name, nd.sigseed) node_nym = cls.getNymFromVerkey(verkey) node_txn = Steward.node_txn(nd.steward_nym, nd.name, node_nym, nd.ip, nd.port, nd.client_port, blskey=blskey) poolLedger.add(node_txn) for cd in client_defs: txn = Member.nym_txn(cd.nym, cd.name, verkey=cd.verkey, creator=trustee_def.nym) domainLedger.add(txn) poolLedger.stop() domainLedger.stop()