alice.mosphere.at / indigo
this repo has no description
0
fork

Configure Feed

Select the types of activity you want to include in your feed.

signature tests: remove skipped failing tests (sigs were bad), and add some additional checks to interop

bryan newbold d0ea0723 812a34c0

+20 -100
+20 -100
testing/sig_test.go
··· 70 70 } 71 71 } 72 72 73 - func TestVerificationTwo(t *testing.T) { 74 - t.Skip("XXX: this test is failing!") 75 - assert := assert.New(t) 76 - 77 - // http get http://localhost:2583/xrpc/com.atproto.sync.getCheckout did==did:plc:z5vnbioquyhivxirw3bbljmu commit==bafyreieovfuizojpw3zresz7sx3nk4trm2by23pt5rxbey3jme4uo5ogiu > bafyreieovfuizojpw3zresz7sx3nk4trm2by23pt5rxbey3jme4uo5ogiu.car 78 - // http get http://localhost:2582/did:plc:z5vnbioquyhivxirw3bbljmu > code/indigo/testing/test_files/did_plc_z5vnbioquyhivxirw3bbljmu.didDoc.json 79 - 80 - fi, err := os.Open("test_files/bafyreieovfuizojpw3zresz7sx3nk4trm2by23pt5rxbey3jme4uo5ogiu.car") 81 - if err != nil { 82 - t.Fatal(err) 83 - } 84 - 85 - bs := blockstore.NewBlockstore(datastore.NewMapDatastore()) 86 - ctx := context.TODO() 87 - c, err := repo.IngestRepo(ctx, bs, fi) 88 - if err != nil { 89 - t.Fatal(err) 90 - } 91 - 92 - r, err := repo.OpenRepo(ctx, bs, c, true) 93 - if err != nil { 94 - t.Fatal(err) 95 - } 96 - 97 - vmstr := `{ 98 - "controller": "did:plc:z5vnbioquyhivxirw3bbljmu", 99 - "id": "#atproto", 100 - "publicKeyMultibase": "zPgFC4hKo2MFLkBRQuHewXRDp94MSrd3yuiJ1En87qTeF68T92DPWvWSjxjMuMiB4qz8UzE8wWTNvZq7mgr7BsjW9", 101 - "type": "EcdsaSecp256k1VerificationKey2019" 102 - }` 103 - var vm did.VerificationMethod 104 - 105 - if err := json.Unmarshal([]byte(vmstr), &vm); err != nil { 106 - t.Fatal(err) 107 - } 108 - 109 - pk, err := did.KeyFromMultibase(vm) 110 - if err != nil { 111 - t.Fatal(err) 112 - } 113 - 114 - assert.Equal(pk.Type, "EcdsaSecp256k1VerificationKey2019") 115 - 116 - scom := r.SignedCommit() 117 - 118 - msg, err := scom.Unsigned().BytesForSigning() 119 - if err != nil { 120 - t.Fatal(err) 121 - } 122 - 123 - if err := pk.Verify(msg, scom.Sig); err != nil { 124 - t.Fatal(err) 125 - } 126 - } 127 - 128 73 func TestVerificationK256(t *testing.T) { 129 74 // 2023-03-30T11:18:20.605-0700 WARN indexer indexer/keymgr.go:37 trying to verify sig {"key": {"Raw":"BBKybGcJOMvsIyPaKglHtcocOFN7QrlppYHN3i4fW5PfLmfUFCXNcNKMk/MjT/cnquZS1APwxr6QUR7LE8/bJC8=","Type":"EcdsaSecp256k1VerificationKey2019"}, "sigBytes": "1ZJM8YFVmHJksi+liHFn62GBfUd7zDio0BVej0JTjtJUdYMgmV8Mg4/4RNfL9VFM8bXMhzusJ1qpu2kTyHoliA==", "msgBytes": "pGNkaWR4IGRpZDpwbGM6cHVydnZqNXV0N2hyeGo1ejdtbTZyNGd0ZGRhdGHYKlglAAFxEiAG8t9fbFkSGKBhEXYLZLC5njldpEfHGg2hheTdR9VLi2RwcmV22CpYJQABcRIgtJroXREnp3TZxxf8xZTQC+w4+vnfz1KIkWVitinSPOFndmVyc2lvbgI="} 130 75 ··· 144 89 assert.NoError(key.Verify(msgBytes, sigBytes)) 145 90 } 146 91 147 - func TestVerificationK256Another(t *testing.T) { 148 - t.Skip("XXX: this test is failing!") 149 - 150 - // 2023-03-30T14:45:38.564-0700 WARN indexer indexer/keymgr.go:39 signature failed to verify {"err": "invalid signature", "did": "did:plc:5wy3mk2y6hr5hfjd27t25mwq", "pubKey": {"Raw":"BG43klS5n0pGwV4pbSDZus9gEpAv9y9ixMw5g+BTXejAefzTvGuS0wXUtd+4gNynDKnJI8Ql5HZgd31wUOcuEnI=","Type":"EcdsaSecp256k1VerificationKey2019"}, "sigBytes": "/RqP+2UeQxEotDobElhPIqMUfLuP6NAqWH1DFYz4uBIzG9m2rq+AOv+7ByTs1Iz3W2Pb/ArU6h4u9b32TcOA8w==", "msgBytes": "pGNkaWR4IGRpZDpwbGM6NXd5M21rMnk2aHI1aGZqZDI3dDI1bXdxZGRhdGHYKlglAAFxEiAmLxtdfzvOecsKYGpQcJoKe/sez3Azipj+ruH8+Oeb2mRwcmV22CpYJQABcRIgaaoi6eUxIHB/n6QucX3fjxP/43pLhAd2NEo8wIpc1I1ndmVyc2lvbgI="} 151 - 152 - assert := assert.New(t) 153 - keyBytes, err := base64.StdEncoding.DecodeString("BG43klS5n0pGwV4pbSDZus9gEpAv9y9ixMw5g+BTXejAefzTvGuS0wXUtd+4gNynDKnJI8Ql5HZgd31wUOcuEnI=") 154 - assert.NoError(err) 155 - msgBytes, err := base64.StdEncoding.DecodeString("pGNkaWR4IGRpZDpwbGM6NXd5M21rMnk2aHI1aGZqZDI3dDI1bXdxZGRhdGHYKlglAAFxEiAmLxtdfzvOecsKYGpQcJoKe/sez3Azipj+ruH8+Oeb2mRwcmV22CpYJQABcRIgaaoi6eUxIHB/n6QucX3fjxP/43pLhAd2NEo8wIpc1I1ndmVyc2lvbgI=") 156 - assert.NoError(err) 157 - sigBytes, err := base64.StdEncoding.DecodeString("/RqP+2UeQxEotDobElhPIqMUfLuP6NAqWH1DFYz4uBIzG9m2rq+AOv+7ByTs1Iz3W2Pb/ArU6h4u9b32TcOA8w==") 158 - assert.NoError(err) 159 - 160 - key := did.PubKey{ 161 - Type: "EcdsaSecp256k1VerificationKey2019", // k1 -> K256 162 - Raw: keyBytes, 163 - } 164 - 165 - assert.NoError(key.Verify(msgBytes, sigBytes)) 166 - } 167 - 168 - func TestVerificationP256(t *testing.T) { 169 - t.Skip("XXX: this test is failing!") 170 - 171 - // 2023-03-30T10:48:24.163-0700 WARN indexer indexer/keymgr.go:37 trying to verify sig {"key": {"Raw":"BHNFqXf9epzecIlKScjkhbG40FfJ77Cc3klxkozXuQ+UzzxyVwIQMmwrd8hW+BtF1GHLv7bt3D6feMvsnOgoxTI=","Type":"EcdsaSecp256r1VerificationKey2019"}, "sigBytes": "Utv2SWqgajkPF0MdMAEEK4JY1eF6DQEqPZgYEXAFlus4zRcdoK/5ttKRG1Nn4yaqbxJ/ezpW2d2dbZoxhhTe1A==", "msgBytes": "pGNkaWR4IGRpZDpwbGM6emtva2JrZ3g3a3B6bGF0Y2ZxeXVkZ2ttZGRhdGHYKlglAAFxEiC9iE2tv7bvgaTPHg7Z+ay8hQK+7QY+OM7OO8IYI0X/sWRwcmV22CpYJQABcRIgG5obqev4a3cjqY6juXsSUgcV4Vad5id+1nE1/GPqfuBndmVyc2lvbgI="} 172 - 173 - assert := assert.New(t) 174 - keyBytes, err := base64.StdEncoding.DecodeString("BHNFqXf9epzecIlKScjkhbG40FfJ77Cc3klxkozXuQ+UzzxyVwIQMmwrd8hW+BtF1GHLv7bt3D6feMvsnOgoxTI=") 175 - assert.NoError(err) 176 - msgBytes, err := base64.StdEncoding.DecodeString("pGNkaWR4IGRpZDpwbGM6emtva2JrZ3g3a3B6bGF0Y2ZxeXVkZ2ttZGRhdGHYKlglAAFxEiC9iE2tv7bvgaTPHg7Z+ay8hQK+7QY+OM7OO8IYI0X/sWRwcmV22CpYJQABcRIgG5obqev4a3cjqY6juXsSUgcV4Vad5id+1nE1/GPqfuBndmVyc2lvbgI=") 177 - assert.NoError(err) 178 - sigBytes, err := base64.StdEncoding.DecodeString("Utv2SWqgajkPF0MdMAEEK4JY1eF6DQEqPZgYEXAFlus4zRcdoK/5ttKRG1Nn4yaqbxJ/ezpW2d2dbZoxhhTe1A==") 179 - assert.NoError(err) 180 - 181 - key := did.PubKey{ 182 - Type: "EcdsaSecp256r1VerificationKey2019", // r1 -> P256 183 - Raw: keyBytes, 184 - } 185 - 186 - assert.NoError(key.Verify(msgBytes, sigBytes)) 187 - } 188 - 189 92 func parseKeyFromMultibase(t *testing.T, s, keyType string) did.PubKey { 190 93 _, data, err := multibase.Decode(s) 191 94 if err != nil { ··· 205 108 } 206 109 switch { 207 110 case data[0] == 0x80 && data[1] == 0x24: 208 - // p256 209 - // need to "uncompress" 111 + // p256; need to "uncompress" 210 112 curve := elliptic.P256() 211 113 x, y := elliptic.UnmarshalCompressed(curve, data[2:]) 212 114 return did.PubKey{ ··· 214 116 Raw: elliptic.Marshal(curve, x, y), 215 117 } 216 118 case data[0] == 0xE7 && data[1] == 0x01: 217 - // k256 119 + // k256; apparently don't need to uncompress 218 120 return did.PubKey{ 219 121 Type: "EcdsaSecp256k1VerificationKey2019", 220 122 Raw: data[2:], ··· 267 169 268 170 assert.NoError(pkDid.Verify(msgBytes, sigBytes), "keyType=%v format=%v", row.description, "did:key") 269 171 assert.NoError(pkMultibase.Verify(msgBytes, sigBytes), "keyType=%v format=%v", row.description, "multibase") 172 + assert.Error(pkMultibase.Verify(msgBytes, []byte{1, 2, 3}), "keyType=%v format=%v", row.description, "multibase") 173 + assert.Error(pkMultibase.Verify([]byte{1, 2, 3}, sigBytes), "keyType=%v format=%v", row.description, "multibase") 174 + 175 + // TODO: investigate these additional tests, which partially fail, instead of "continue" 176 + /* 177 + assert.Equal(pkDid, pkMultibase, row.description) 178 + assert.NotEqual(pkDid.MultibaseString(), "<invalid key>", "keyType=%v format=%v", row.description, "did:key") 179 + assert.NotEqual(pkMultibase.MultibaseString(), "<invalid key>", "keyType=%v format=%v", row.description, "multibase") 180 + 181 + // check that keys round-trip ok 182 + assert.Equal(row.didKey, pkDid.DID(), "export keyType=%v format=%v", row.description, "did:key") 183 + assert.Equal(row.multibaseKey, pkDid.MultibaseString(), "export keyType=%v format=%v", row.description, "multibase") 184 + pkDid = parseDidKey(t, pkDid.DID()) 185 + pkMultibase = parseKeyFromMultibase(t, pkMultibase.MultibaseString(), row.docType) 186 + 187 + assert.NoError(pkDid.Verify(msgBytes, sigBytes), "round-trip keyType=%v format=%v", row.description, "did:key") 188 + assert.NoError(pkMultibase.Verify(msgBytes, sigBytes), "round-trip keyType=%v format=%v", row.description, "multibase") 189 + */ 270 190 } 271 191 }