Skip to content

Commit

Permalink
Implement unit tests with hybrid keys certification
Browse files Browse the repository at this point in the history
  • Loading branch information
@jpraynaud
jpraynaud committed Sep 30, 2022
1 parent 62cd0ca commit bc9897f
Show file tree
Hide file tree
Showing 15 changed files with 321 additions and 96 deletions.
99 changes: 84 additions & 15 deletions mithril-aggregator/src/multi_signer.rs
View file
Expand Up @@ -1007,7 +1007,7 @@ mod tests {
let mut stake_distribution_expected: ProtocolStakeDistribution =
setup_signers(5, &setup_protocol_parameters())
.iter()
.map(|(party_id, stake, _, _, _)| (party_id.to_owned(), *stake))
.map(|(party_id, stake, _, _, _, _, _)| (party_id.to_owned(), *stake))
.collect::<_>();
stake_distribution_expected.sort_by_key(|k| k.0.clone());
multi_signer
Expand Down Expand Up @@ -1056,19 +1056,36 @@ mod tests {

let stake_distribution_expected: ProtocolStakeDistribution = signers
.iter()
.map(|(party_id, stake, _, _, _)| (party_id.to_owned(), *stake))
.map(|(party_id, stake, _, _, _, _, _)| (party_id.to_owned(), *stake))
.collect::<_>();
multi_signer
.update_stake_distribution(&stake_distribution_expected)
.await
.expect("update stake distribution failed");

for (party_id, _, verification_key, _, _) in &signers {
for (
party_id,
_,
verification_key,
verification_key_signature,
operational_certificate,
_,
_,
) in &signers
{
let signer = Signer::new(
party_id.to_owned(),
key_encode_hex(verification_key).unwrap(),
None,
None,
verification_key_signature
.as_ref()
.map(|verification_key_signature| {
key_encode_hex(verification_key_signature).unwrap()
}),
operational_certificate
.as_ref()
.map(|operational_certificate| {
key_encode_hex(operational_certificate).unwrap()
}),
);
multi_signer
.register_signer(&signer)
Expand All @@ -1083,7 +1100,16 @@ mod tests {
.await;

let mut signers_with_stake_all_expected = Vec::new();
for (party_id, stake, verification_key_expected, _, _) in &signers {
for (
party_id,
stake,
verification_key_expected,
verification_key_signature,
operational_certificate,
_,
_,
) in &signers
{
let verification_key = multi_signer
.get_signer_verification_key(party_id.to_owned())
.await;
Expand All @@ -1095,8 +1121,16 @@ mod tests {
signers_with_stake_all_expected.push(entities::SignerWithStake::new(
party_id.to_owned(),
key_encode_hex(verification_key_expected).unwrap(),
None,
None,
verification_key_signature
.as_ref()
.map(|verification_key_signature| {
key_encode_hex(verification_key_signature).unwrap()
}),
operational_certificate
.as_ref()
.map(|operational_certificate| {
key_encode_hex(operational_certificate).unwrap()
}),
*stake,
));
}
Expand Down Expand Up @@ -1141,18 +1175,35 @@ mod tests {
let signers = setup_signers(5, &protocol_parameters);
let stake_distribution = &signers
.iter()
.map(|(party_id, stake, _, _, _)| (party_id.to_owned(), *stake))
.map(|(party_id, stake, _, _, _, _, _)| (party_id.to_owned(), *stake))
.collect::<_>();
multi_signer
.update_stake_distribution(stake_distribution)
.await
.expect("update stake distribution failed");
for (party_id, _, verification_key, _, _) in &signers {
for (
party_id,
_,
verification_key,
verification_key_signature,
operational_certificate,
_,
_,
) in &signers
{
let signer = Signer::new(
party_id.to_owned(),
key_encode_hex(verification_key).unwrap(),
None,
None,
verification_key_signature
.as_ref()
.map(|verification_key_signature| {
key_encode_hex(verification_key_signature).unwrap()
}),
operational_certificate
.as_ref()
.map(|operational_certificate| {
key_encode_hex(operational_certificate).unwrap()
}),
);
multi_signer
.register_signer(&signer)
Expand All @@ -1176,7 +1227,16 @@ mod tests {
let mut signatures = Vec::new();

let mut expected_certificate_signers = Vec::new();
for (party_id, stake, _, protocol_signer, protocol_initializer) in &signers {
for (
party_id,
stake,
_,
_,
operational_certificate,
protocol_signer,
protocol_initializer,
) in &signers
{
if let Some(signature) = protocol_signer.sign(message.compute_hash().as_bytes()) {
let won_indexes = signature.indexes.clone();

Expand All @@ -1189,8 +1249,17 @@ mod tests {
expected_certificate_signers.push(entities::SignerWithStake::new(
party_id.to_owned(),
key_encode_hex(protocol_initializer.verification_key()).unwrap(),
None,
None,
protocol_initializer
.verification_key_signature()
.as_ref()
.map(|verification_key_signature| {
key_encode_hex(verification_key_signature).unwrap()
}),
operational_certificate
.as_ref()
.map(|operational_certificate| {
key_encode_hex(operational_certificate).unwrap()
}),
*stake,
))
}
Expand Down
2 changes: 1 addition & 1 deletion mithril-aggregator/src/tools/genesis.rs
View file
Expand Up @@ -159,7 +159,7 @@ mod tests {
fn create_fake_genesis_avk() -> ProtocolAggregateVerificationKey {
let protocol_parameters = tests_setup::setup_protocol_parameters();
let signers = tests_setup::setup_signers(5, &protocol_parameters);
let first_signer = &signers.first().unwrap().3;
let first_signer = &signers.first().unwrap().5;
let clerk = ProtocolClerk::from_signer(first_signer);
clerk.compute_avk()
}
Expand Down
40 changes: 35 additions & 5 deletions mithril-aggregator/tests/certificate_chain.rs
View file
@@ -1,8 +1,10 @@
mod test_extensions;

use std::collections::BTreeMap;

use mithril_aggregator::VerificationKeyStorer;
use mithril_common::chain_observer::ChainObserver;
use mithril_common::crypto_helper::tests_setup;
use mithril_common::crypto_helper::{tests_setup, ProtocolPartyId, ProtocolStake};
use mithril_common::entities::{ProtocolParameters, SignerWithStake};
use test_extensions::RuntimeTester;

Expand Down Expand Up @@ -143,8 +145,22 @@ async fn certificate_chain() {
"The new epoch certificate should be linked to the first certificate of the previous epoch"
);
assert_eq!(
&last_certificates[0].metadata.get_stake_distribution(),
&last_certificates[2].metadata.get_stake_distribution(),
BTreeMap::from_iter(
last_certificates[0]
.metadata
.get_stake_distribution()
.into_iter()
.collect::<Vec<(ProtocolPartyId, ProtocolStake)>>()
.into_iter(),
),
BTreeMap::from_iter(
last_certificates[2]
.metadata
.get_stake_distribution()
.into_iter()
.collect::<Vec<(ProtocolPartyId, ProtocolStake)>>()
.into_iter(),
),
"The stake distribution update should only be taken into account at the next epoch",
);

Expand Down Expand Up @@ -192,8 +208,22 @@ async fn certificate_chain() {
"The new epoch certificate should be linked to the first certificate of the previous epoch"
);
assert_ne!(
&last_certificates[0].metadata.get_stake_distribution(),
&last_certificates[2].metadata.get_stake_distribution(),
BTreeMap::from_iter(
last_certificates[0]
.metadata
.get_stake_distribution()
.into_iter()
.collect::<Vec<(ProtocolPartyId, ProtocolStake)>>()
.into_iter(),
),
BTreeMap::from_iter(
last_certificates[2]
.metadata
.get_stake_distribution()
.into_iter()
.collect::<Vec<(ProtocolPartyId, ProtocolStake)>>()
.into_iter(),
),
"The stake distribution update should have been applied for this epoch",
);
}
28 changes: 23 additions & 5 deletions mithril-aggregator/tests/test_extensions/runtime_tester.rs
View file
Expand Up @@ -8,7 +8,7 @@ use mithril_aggregator::{
AggregatorRunner, AggregatorRuntime, DependencyManager, DumbSnapshotUploader, DumbSnapshotter,
ProtocolParametersStorer,
};
use mithril_common::crypto_helper::tests_setup::setup_signers_from_parties;
use mithril_common::crypto_helper::tests_setup::setup_signers_from_stake_distribution;
use mithril_common::crypto_helper::{key_encode_hex, ProtocolClerk, ProtocolGenesisSigner};
use mithril_common::digesters::DumbImmutableFileObserver;
use mithril_common::entities::{
Expand Down Expand Up @@ -111,7 +111,7 @@ impl RuntimeTester {
let first_signer = &signers
.first()
.ok_or_else(|| "Signers list should not be empty".to_string())?
.3;
.5;
let clerk = ProtocolClerk::from_signer(first_signer);
let genesis_avk = clerk.compute_avk();
let genesis_producer = CertificateGenesisProducer::new(Some(self.genesis_signer.clone()));
Expand Down Expand Up @@ -186,7 +186,16 @@ impl RuntimeTester {
pub async fn register_signers(&self, signers: &[TestSigner]) -> Result<(), String> {
let mut multisigner = self.deps.multi_signer.write().await;

for (party_id, _stakes, verification_key, _signer, _initializer) in signers {
for (
party_id,
_stakes,
verification_key,
_verification_key_signature,
_operational_certificate,
_signer,
_initializer,
) in signers
{
let signer = Signer::new(
party_id.to_owned(),
key_encode_hex(verification_key).unwrap(),
Expand All @@ -210,7 +219,16 @@ impl RuntimeTester {
.await
.ok_or("There should be a message to be signed.")?;

for (party_id, _stakes, _verification_key, protocol_signer, _initializer) in signers {
for (
party_id,
_stakes,
_verification_key,
_verification_key_signature,
_operational_certificate,
protocol_signer,
_initializer,
) in signers
{
if let Some(signature) = protocol_signer.sign(message.compute_hash().as_bytes()) {
let single_signatures = SingleSignatures::new(
party_id.to_string(),
Expand Down Expand Up @@ -282,7 +300,7 @@ impl RuntimeTester {
})?
.ok_or("A protocol parameters for the recording epoch should be available")?;

Ok(setup_signers_from_parties(
Ok(setup_signers_from_stake_distribution(
&signers_with_stake
.clone()
.into_iter()
Expand Down
6 changes: 4 additions & 2 deletions mithril-aggregator/tests/test_extensions/utilities.rs
View file
@@ -1,6 +1,6 @@
use mithril_common::crypto_helper::{
ProtocolInitializer, ProtocolPartyId, ProtocolSigner, ProtocolSignerVerificationKey,
ProtocolStake,
OpCert, ProtocolInitializer, ProtocolPartyId, ProtocolSigner, ProtocolSignerVerificationKey,
ProtocolSignerVerificationKeySignature, ProtocolStake,
};
use slog_scope::debug;
use std::sync::atomic::{AtomicUsize, Ordering};
Expand All @@ -9,6 +9,8 @@ pub type TestSigner = (
ProtocolPartyId,
ProtocolStake,
ProtocolSignerVerificationKey,
Option<ProtocolSignerVerificationKeySignature>,
Option<OpCert>,
ProtocolSigner,
ProtocolInitializer,
);
Expand Down
16 changes: 9 additions & 7 deletions mithril-common/src/certificate_chain/certificate_verifier.rs
View file
Expand Up @@ -315,13 +315,15 @@ mod tests {
let message = setup_message();

let mut single_signatures = Vec::new();
signers.iter().for_each(|(_, _, _, protocol_signer, _)| {
if let Some(signature) = protocol_signer.sign(message.compute_hash().as_bytes()) {
single_signatures.push(signature);
}
});

let first_signer = &signers.first().unwrap().3;
signers
.iter()
.for_each(|(_, _, _, _, _, protocol_signer, _)| {
if let Some(signature) = protocol_signer.sign(message.compute_hash().as_bytes()) {
single_signatures.push(signature);
}
});

let first_signer = &signers.first().unwrap().5;
let clerk = ProtocolClerk::from_signer(first_signer);
let aggregate_verification_key = clerk.compute_avk();
let multi_signature = clerk
Expand Down
4 changes: 2 additions & 2 deletions mithril-common/src/crypto_helper/cardano/codec.rs
View file
Expand Up @@ -71,6 +71,6 @@ pub trait FromShelleyFile: serde::Serialize {
}

impl FromShelleyFile for Sum6Kes {
const TYPE: &'static str = "VrfSigningKey_PraosVRF";
const DESCRIPTION: &'static str = "VRF Signing Key";
const TYPE: &'static str = "KesSigningKey_ed25519_kes_2^6";
const DESCRIPTION: &'static str = "KES Signing Key";
}
6 changes: 5 additions & 1 deletion mithril-common/src/crypto_helper/cardano/key_certification.rs
View file
Expand Up @@ -214,11 +214,15 @@ impl KeyRegWrapper {
.unwrap()
.verify(kes_period, &opcert.kes_vk, &pk.to_bytes())
.map_err(|_| ProtocolRegistrationErrorWrapper::KesSignatureInvalid)?;
println!(
"INFO: Signer certification is enforced! {:?}",
&opcert.compute_protocol_party_id()
);
opcert
.compute_protocol_party_id()
.map_err(|_| ProtocolRegistrationErrorWrapper::PoolAddressEncoding)?
} else {
println!("WARNING: Signer certification is skipped!");
println!("WARNING: Signer certification is skipped! {:?}", party_id);
party_id.unwrap()
};

Expand Down

0 comments on commit bc9897f

Please sign in to comment.