def test_get_key_for_old_root_keys_changed(bls_key_register_ledger, pool_node_txns, txnPoolNodeSet, node, looper, sdk_wallet_steward, sdk_pool_handle): old_bls_key = get_payload_data(pool_node_txns[0])[DATA][BLS_KEY] new_bls_key, key_proof = init_bls_keys(node.keys_dir, node.name) old_pool_root_hash = node.poolManager.state.committedHeadHash # change BLS keys sdk_change_bls_key(looper, txnPoolNodeSet, node, sdk_pool_handle, sdk_wallet_steward, add_wrong=False, new_bls=new_bls_key, new_key_proof=key_proof) new_pool_root_hash = node.poolManager.state.committedHeadHash assert old_pool_root_hash != new_pool_root_hash # get old and new keys bls_key = bls_key_register_ledger.get_key_by_name(node.name, old_pool_root_hash) assert bls_key assert IndyCryptoBlsUtils.bls_to_str(bls_key) == old_bls_key bls_key = bls_key_register_ledger.get_key_by_name(node.name, new_pool_root_hash) assert bls_key assert IndyCryptoBlsUtils.bls_to_str(bls_key) == new_bls_key
def test_verify_multi_signature_invalid_short_pk(bls_signer1, bls_signer2, bls_verifier, message): pk1 = bls_signer1.pk pk2 = bls_signer2.pk sigs = [] sigs.append(bls_signer1.sign(message)) sigs.append(bls_signer2.sign(message)) multi_sig = bls_verifier.create_multi_sig(sigs) for invalid_pk in invalid_pks( invalid_short_values(IndyCryptoBlsUtils.bls_to_str(pk2))): pks = [pk1, invalid_pk] assert not bls_verifier.verify_multi_sig(multi_sig, message, pks) for invalid_pk in invalid_pks( invalid_short_values(IndyCryptoBlsUtils.bls_to_str(pk1))): pks = [invalid_pk, pk2] assert not bls_verifier.verify_multi_sig(multi_sig, message, pks) for invalid_pk1, invalid_pk2 in zip( invalid_pks( invalid_short_values(IndyCryptoBlsUtils.bls_to_str(pk1))), invalid_pks( invalid_short_values(IndyCryptoBlsUtils.bls_to_str(pk2)))): pks = [invalid_pk1, invalid_pk2] assert not bls_verifier.verify_multi_sig(multi_sig, message, pks)
def test_create_bls_crypto_multiple_times(bls_crypto_factory): pk1, _ = bls_crypto_factory.generate_and_store_bls_keys() bls_crypto_signer1 = bls_crypto_factory.create_bls_crypto_signer_from_saved_keys() # type: BlsCryptoSignerIndyCrypto assert pk1 == IndyCryptoBlsUtils.bls_to_str(bls_crypto_signer1.pk) pk2, _ = bls_crypto_factory.generate_and_store_bls_keys() bls_crypto_signer2 = bls_crypto_factory.create_bls_crypto_signer_from_saved_keys() # type: BlsCryptoSignerIndyCrypto assert pk2 == IndyCryptoBlsUtils.bls_to_str(bls_crypto_signer2.pk) pk3, _ = bls_crypto_factory.generate_and_store_bls_keys() bls_crypto_signer3 = bls_crypto_factory.create_bls_crypto_signer_from_saved_keys() # type: BlsCryptoSignerIndyCrypto assert pk3 == IndyCryptoBlsUtils.bls_to_str(bls_crypto_signer3.pk)
def test_verify_invalid_short_pk(bls_signer1, bls_verifier, message): pk = bls_signer1.pk sig = bls_signer1.sign(message) for invalid_pk in invalid_pks( invalid_short_values(IndyCryptoBlsUtils.bls_to_str(pk))): assert not bls_verifier.verify_sig(sig, message, invalid_pk)
def test_create_bls_crypto(bls_crypto_factory): pk, _ = bls_crypto_factory.generate_and_store_bls_keys() bls_crypto_signer = bls_crypto_factory.create_bls_crypto_signer_from_saved_keys() # type: BlsCryptoSignerIndyCrypto assert bls_crypto_signer assert isinstance(bls_crypto_signer, BlsCryptoSigner) assert bls_crypto_signer._sk assert bls_crypto_signer.pk assert pk == IndyCryptoBlsUtils.bls_to_str(bls_crypto_signer.pk)
def check_bls_key(blskey, node, nodes, add_wrong=False): ''' Check that each node has the same and correct blskey for this node ''' keys = set() for n in nodes: keys.add( IndyCryptoBlsUtils.bls_to_str( n.bls_bft.bls_key_register.get_key_by_name(node.name))) assert len(keys) == 1 if not add_wrong: assert blskey == next(iter(keys)) # check that this node has correct blskey if not add_wrong: assert node.bls_bft.can_sign_bls() assert blskey == IndyCryptoBlsUtils.bls_to_str( node.bls_bft.bls_crypto_signer.pk) else: assert not node.bls_bft.can_sign_bls()
def _validate_signature(self, sender, bls_sig, pre_prepare: PrePrepare): pool_root_hash = self._get_pool_root_hash(pre_prepare, serialize=False) sender_node = self.get_node_name(sender) pk = self._bls_bft.bls_key_register.get_key_by_name( sender_node, pool_root_hash) if not pk: return False pool_root_hash_ser = self._get_pool_root_hash(pre_prepare) message = self._create_multi_sig_value_for_pre_prepare( pre_prepare, pool_root_hash_ser) result = self._bls_bft.bls_crypto_verifier.verify_sig( bls_sig, message.as_single_value(), pk) if not result: logger.info("Incorrect bls signature {} in commit for " "{} public key: '{}' and message: '{}' from " "pre-prepare: {}".format( bls_sig, sender, IndyCryptoBlsUtils.bls_to_str(pk), message, pre_prepare)) return result
def generate_bls_keys(self, seed=None) -> (str, str, str): sk, pk, key_proof = self._generate_raw_bls_keys(seed) return IndyCryptoBlsUtils.bls_to_str( sk), IndyCryptoBlsUtils.bls_to_str( pk), IndyCryptoBlsUtils.bls_to_str(key_proof)
def bls_key(self): bls_key = self._node.bls_bft.bls_key_register.get_key_by_name( self._node.name) if bls_key is not None: bls_key = IndyCryptoBlsUtils.bls_to_str(bls_key) return bls_key
def test_get_key_for_current_root_explicitly(bls_key_register_ledger, txnPoolNodeSet, pool_node_txns): for i in range(nodeCount): bls_key = bls_key_register_ledger.get_key_by_name(txnPoolNodeSet[i].name, bls_key_register_ledger.get_pool_root_hash_committed()) assert bls_key assert IndyCryptoBlsUtils.bls_to_str(bls_key) == get_payload_data(pool_node_txns[i])[DATA][BLS_KEY]
def get_current_bls_keys(node): bls_keys_raw_dict = node.master_replica._bls_bft_replica._bls_bft.bls_key_register._current_bls_keys return { node_nane: IndyCryptoBlsUtils.bls_to_str(bls_key_raw) for node_nane, bls_key_raw in bls_keys_raw_dict.items() }
def test_validator_info_file_bls_field_valid(info, node): assert info['Node_info']['BLS_key'] == IndyCryptoBlsUtils.bls_to_str(node.bls_bft.bls_crypto_signer.pk)