Merge pull request #171 from keybase/zapu/debug-localize

Expose a way of "localizing" v3 signatures
keybase · Jan 23, 2020 · 656d8f3 · 656d8f3
2 parents 48596d7 + 3eae5fd
commit 656d8f3
Show file tree

Hide file tree

Showing 10 changed files with 119 additions and 19 deletions.
diff --git a/CHANGELOG.md b/CHANGELOG.md
@@ -1,3 +1,8 @@
+## 2.3.16 (2020-01-22)
+
+- Add sig3/Base::get_schema() and schema3/Node::debug_localize for transforming
+  message-packed sig3 signatures to user-readable JSON objects.
+
 ## 2.3.15 (2020-01-16)
 
 - Support `assert_pgp_hash` optional argument, passed to KBPGP.

diff --git a/lib/schema3.js b/lib/schema3.js
diff --git a/lib/sig3.js b/lib/sig3.js
diff --git a/lib/team_hidden.js b/lib/team_hidden.js
diff --git a/package-lock.json b/package-lock.json
diff --git a/package.json b/package.json
@@ -1,6 +1,6 @@
 {
   "name": "keybase-proofs",
-  "version": "2.3.15",
+  "version": "2.3.16",
   "description": "Publicly-verifiable proofs of identity",
   "main": "lib/main.js",
   "scripts": {

diff --git a/src/schema3.iced b/src/schema3.iced
@@ -29,6 +29,7 @@ class Node
   _check : ({path, obj}) -> mkerr path, "internal error, no checker found"
 
   check : (obj) -> @_check { path : Path.top(@_name), obj }
+  debug_localize : (obj) -> obj
 
   _check_value : ({checker, path, obj}) ->
     if not obj? and checker.is_optional() then return null
@@ -52,6 +53,12 @@ class Dict extends Node
       if not obj[k]? and not v.is_optional() then return mkerr new_path, "key is missing but is mandatory"
     return null
 
+  debug_localize : (obj) ->
+    ret = {}
+    for k,v of @_keys when obj[k]?
+      ret[v._name or k] = v.debug_localize obj[k]
+    ret
+
   set_key : (k,v) ->
     @_keys[k] = v
 
@@ -65,6 +72,12 @@ class Array extends Node
     @_empty_is_ok = true
     @
 
+  debug_localize : (obj) ->
+    ret = []
+    for v,i in obj
+      ret[i] = @_elem.debug_localize obj[i]
+    ret
+
   _check : ({path, obj}) ->
     unless parse.is_array(obj)
       return mkerr path, "need an array"
@@ -80,6 +93,12 @@ class Struct extends Node
   constructor : ({slots}) ->
     @_slots = slots
 
+  debug_localize : (obj) ->
+    ret = []
+    for v,i in obj
+      ret[i] = @_slots[i].debug_localize obj[i]
+    ret
+
   _check : ({path, obj}) ->
     unless parse.is_array(obj)
       return mkerr path, "need an array"

diff --git a/src/sig3.iced b/src/sig3.iced
@@ -105,7 +105,7 @@ exports.Base = class Base
     @prev = outer_obj.prev
     @ignore_if_unsupported = outer_obj.ignore_if_unsupported
 
-  _enforce_schema : ({json}, cb) ->
+  get_schema : () ->
     schm = schema.dict({
       c : schema.time().name("ctime")
       e : schema.binary(16).name("entropy")
@@ -127,6 +127,10 @@ exports.Base = class Base
       }).optional().name("client_info")
     }).name("inner")
     @_v_extend_schema schm
+    return schm
+
+  _enforce_schema : ({json}, cb) ->
+    schm = @get_schema()
     cb schm.check json
 
   decode_inner : ({json, outer_obj}, cb) ->
@@ -240,4 +244,4 @@ exports.Base = class Base
     {json, armored} = _encode_dict raw
     cb null, { raw, armored, json }
 
-#-------------------------
+#-------------------------
diff --git a/src/team_hidden.iced b/src/team_hidden.iced
@@ -34,7 +34,7 @@ exports.TeamBase = class TeamBase extends Base
         t : schema.chain_type().name("chain_type") }).optional().name("implicit_admin")
       i : schema.binary(16).name("team_id")
       m : schema.bool().optional().name("is_implicit")
-      p : schema.bool().optional().name("is_public") })
+      p : schema.bool().optional().name("is_public") }).name('team')
 
   _v_decode_inner : ({json}, cb) ->
     @team = {
@@ -174,4 +174,4 @@ exports.RotateKey = class RotateKey extends TeamBase
       reverse_sig : k.reverse_sig.toString('base64')
     return ret
 
-#------------------
+#------------------
diff --git a/test/files/team_hidden.iced b/test/files/team_hidden.iced
@@ -290,3 +290,32 @@ exports.test_bad_reverse_sig = (T,cb) ->
   T.equal err.message, "Signature failed to verify", "right error"
   T.assert (err.stack.indexOf("_v_verify_reverse_sig") > 0), "we find a reverse sig in the stack"
   cb null
+
+exports.test_schema_localize = (T, cb) ->
+  esc = make_esc cb
+  await gen { T }, esc defer { km, ret, arg }
+  [err, outer_obj] = sig3.OuterLink.decode ret.raw.outer
+  T.no_error err
+
+  obj = new team_hidden.RotateKey {}
+  await obj.decode_inner { json: ret.raw.inner, outer_obj }, esc defer()
+  localized = obj.get_schema().debug_localize(ret.raw.inner)
+
+  for f in ['ctime', 'entropy', 'merkle_root', 'signer', 'parent_chain_tail', 'client_info', 'team', 'body']
+    T.assert localized[f]?, "looking for field #{f}"
+  for f in ['ctime', 'hash_meta', 'seqno']
+    T.assert localized.merkle_root?[f]?, "looking for field merkle_root.#{f}"
+  for f in ['eldest_seqno', 'kid', 'uid']
+    T.assert localized.signer?[f]?, "looking for field signer.#{f}"
+  for f in ['tail', 'seqno', 'chain_type']
+    T.assert localized.parent_chain_tail?[f]?, "looking for field parent_chain_tail.#{f}"
+  for f in ['description', 'version']
+    T.assert localized.client_info?[f]?, "looking for field client_info.#{f}"
+  for f in ['team_id', 'is_implicit', 'is_public']
+    T.assert localized.team?[f]?, "looking for field team.#{f}"
+  T.assert localized.body?.keys?, "looking for localized.body.keys"
+  for k in localized.body?.keys ? []
+    for f in ['appkey_derivation_version', 'seed_check', 'encryption_kid', 'generation', 'reverse_sig', 'signing_kid', 'ptk_type']
+      T.assert k[f]?, "looking for field body.keys.#{f}"
+
+  cb null