fix ecdsa and schnorr tests (#2478)

* fix ecdsa and schnorr tests * fmt --------- Co-authored-by: Faisal Ahmed <42486737+felixfaisal@users.noreply.github.com>
litentry · Feb 12, 2024 · 800cca7 · 800cca7
1 parent aaccf7d
commit 800cca7
Show file tree

Hide file tree

Showing 4 changed files with 103 additions and 35 deletions.
diff --git a/bitacross-worker/core-primitives/sgx/crypto/src/ecdsa.rs b/bitacross-worker/core-primitives/sgx/crypto/src/ecdsa.rs
@@ -27,7 +27,7 @@ use std::{string::ToString, vec::Vec};
 /// File name of the sealed seed file.
 pub const SEALED_SIGNER_SEED_FILE: &str = "ecdsa_key_sealed.bin";
 
-#[derive(Clone, PartialEq)]
+#[derive(Clone, PartialEq, Eq)]
 pub struct Pair {
 	pub public: PublicKey,
 	private: SigningKey,
@@ -88,18 +88,16 @@ pub mod sgx {
 			self.base_path
 				.join(self.key_file_prefix.clone() + "_" + SEALED_SIGNER_SEED_FILE)
 		}
-	}
 
-	impl Seal {
 		fn unseal_pair(&self) -> Result<Pair> {
 			self.unseal()
 		}
 
-		fn exists(&self) -> bool {
+		pub fn exists(&self) -> bool {
 			self.path().exists()
 		}
 
-		fn init(&self) -> Result<Pair> {
+		pub fn init(&self) -> Result<Pair> {
 			if !self.exists() {
 				info!("Keyfile not found, creating new! {}", self.path().display());
 				let mut seed = [0u8; 32];
@@ -133,9 +131,16 @@ pub mod sgx {
 
 #[cfg(feature = "test")]
 pub mod sgx_tests {
+	use super::sgx::*;
+	use crate::{
+		create_ecdsa_repository, key_repository::AccessKey, std::string::ToString, Pair, Seal,
+	};
+	use itp_sgx_temp_dir::TempDir;
+	use k256::ecdsa::{signature::Verifier, Signature, VerifyingKey};
+	use sgx_tstd::path::PathBuf;
 
-	#[test]
-	pub fn creating_repository_with_same_path_and_prefix_results_in_same_key() {
+	pub fn ecdsa_creating_repository_with_same_path_and_prefix_results_in_same_key() {
+		//given
 		let key_file_prefix = "test";
 		fn get_key_from_repo(path: PathBuf, prefix: &str) -> Pair {
 			create_ecdsa_repository(path, prefix).unwrap().retrieve_key().unwrap()
@@ -145,17 +150,19 @@ pub mod sgx_tests {
 		)
 		.unwrap();
 		let temp_path = temp_dir.path().to_path_buf();
-		assert_eq!(
-			get_key_from_repo(temp_path.clone(), key_file_prefix),
-			get_key_from_repo(temp_path.clone(), key_file_prefix)
-		);
+
+		//when
+		let first_key = get_key_from_repo(temp_path.clone(), key_file_prefix);
+		let second_key = get_key_from_repo(temp_path.clone(), key_file_prefix);
+
+		//then
+		assert_eq!(first_key.public, second_key.public);
 	}
 
-	#[test]
-	pub fn seal_init_should_create_new_key_if_not_present() {
+	pub fn ecdsa_seal_init_should_create_new_key_if_not_present() {
 		//given
 		let temp_dir =
-			TempDir::with_prefix("seal_init_should_create_new_key_if_not_present").unwrap();
+			TempDir::with_prefix("ecdsa_seal_init_should_create_new_key_if_not_present").unwrap();
 		let seal = Seal::new(temp_dir.path().to_path_buf(), "test".to_string());
 		assert!(!seal.exists());
 
@@ -166,17 +173,32 @@ pub mod sgx_tests {
 		assert!(seal.exists());
 	}
 
-	#[test]
-	pub fn seal_init_should_not_change_key_if_exists() {
+	pub fn ecdsa_seal_init_should_not_change_key_if_exists() {
 		//given
-		let temp_dir = TempDir::with_prefix("seal_init_should_not_change_key_if_exists").unwrap();
+		let temp_dir =
+			TempDir::with_prefix("ecdsa_seal_init_should_not_change_key_if_exists").unwrap();
 		let seal = Seal::new(temp_dir.path().to_path_buf(), "test".to_string());
 		let pair = seal.init().unwrap();
 
 		//when
 		let new_pair = seal.init().unwrap();
 
 		//then
-		assert!(pair, new_pair);
+		assert_eq!(pair.public, new_pair.public);
+	}
+
+	pub fn ecdsa_sign_should_produce_valid_signature() {
+		//given
+		let temp_dir = TempDir::with_prefix("ecdsa_sign_should_produce_valid_signature").unwrap();
+		let seal = Seal::new(temp_dir.path().to_path_buf(), "test".to_string());
+		let pair = seal.init().unwrap();
+		let message = [1; 32];
+
+		//when
+		let signature = Signature::from_slice(&pair.sign(&message).unwrap()).unwrap();
+
+		//then
+		let verifying_key = VerifyingKey::from(&pair.private);
+		assert!(verifying_key.verify(&message, &signature).is_ok());
 	}
 }
diff --git a/bitacross-worker/core-primitives/sgx/crypto/src/lib.rs b/bitacross-worker/core-primitives/sgx/crypto/src/lib.rs
@@ -42,7 +42,7 @@ pub mod rsa3072;
 pub mod schnorr;
 pub mod traits;
 
-pub use self::{aes::*, ed25519::*, rsa3072::*};
+pub use self::{aes::*, ecdsa::*, ed25519::*, rsa3072::*};
 pub use error::*;
 pub use traits::*;
 
@@ -62,4 +62,17 @@ pub mod tests {
 	pub use super::aes::sgx_tests::{
 		aes_sealing_works, using_get_aes_repository_twice_initializes_key_only_once,
 	};
+
+	pub use super::ecdsa::sgx_tests::{
+		ecdsa_creating_repository_with_same_path_and_prefix_results_in_same_key,
+		ecdsa_seal_init_should_create_new_key_if_not_present,
+		ecdsa_seal_init_should_not_change_key_if_exists, ecdsa_sign_should_produce_valid_signature,
+	};
+
+	pub use super::schnorr::sgx_tests::{
+		schnorr_creating_repository_with_same_path_and_prefix_results_in_same_key,
+		schnorr_seal_init_should_create_new_key_if_not_present,
+		schnorr_seal_init_should_not_change_key_if_exists,
+		schnorr_sign_should_produce_valid_signature,
+	};
 }
diff --git a/bitacross-worker/core-primitives/sgx/crypto/src/schnorr.rs b/bitacross-worker/core-primitives/sgx/crypto/src/schnorr.rs
@@ -92,11 +92,11 @@ pub mod sgx {
 			self.unseal()
 		}
 
-		fn exists(&self) -> bool {
+		pub fn exists(&self) -> bool {
 			self.path().exists()
 		}
 
-		fn init(&self) -> Result<Pair> {
+		pub fn init(&self) -> Result<Pair> {
 			if !self.exists() {
 				info!("Keyfile not found, creating new! {}", self.path().display());
 				let mut seed = [0u8; 32];
@@ -129,29 +129,39 @@ pub mod sgx {
 
 #[cfg(feature = "test")]
 pub mod sgx_tests {
+	use crate::{
+		key_repository::AccessKey,
+		schnorr::{create_schnorr_repository, Pair, Seal},
+		std::string::ToString,
+	};
+	use itp_sgx_temp_dir::TempDir;
+	use k256::schnorr::{signature::Verifier, Signature, VerifyingKey};
+	use std::path::PathBuf;
 
-	#[test]
-	pub fn creating_repository_with_same_path_and_prefix_results_in_same_key() {
+	pub fn schnorr_creating_repository_with_same_path_and_prefix_results_in_same_key() {
+		//given
 		let key_file_prefix = "test";
 		fn get_key_from_repo(path: PathBuf, prefix: &str) -> Pair {
 			create_schnorr_repository(path, prefix).unwrap().retrieve_key().unwrap()
 		}
 		let temp_dir = TempDir::with_prefix(
-			"creating_repository_with_same_path_and_prefix_results_in_same_key",
+			"schnorr_creating_repository_with_same_path_and_prefix_results_in_same_key",
 		)
 		.unwrap();
 		let temp_path = temp_dir.path().to_path_buf();
-		assert_eq!(
-			get_key_from_repo(temp_path.clone(), key_file_prefix),
-			get_key_from_repo(temp_path.clone(), key_file_prefix)
-		);
+
+		//when
+		let first_key = get_key_from_repo(temp_path.clone(), key_file_prefix);
+		let second_key = get_key_from_repo(temp_path.clone(), key_file_prefix);
+
+		//then
+		assert_eq!(first_key.public, second_key.public);
 	}
 
-	#[test]
-	pub fn seal_init_should_create_new_key_if_not_present() {
+	pub fn schnorr_seal_init_should_create_new_key_if_not_present() {
 		//given
 		let temp_dir =
-			TempDir::with_prefix("seal_init_should_create_new_key_if_not_present").unwrap();
+			TempDir::with_prefix("schnorr_seal_init_should_create_new_key_if_not_present").unwrap();
 		let seal = Seal::new(temp_dir.path().to_path_buf(), "test".to_string());
 		assert!(!seal.exists());
 
@@ -162,17 +172,32 @@ pub mod sgx_tests {
 		assert!(seal.exists());
 	}
 
-	#[test]
-	pub fn seal_init_should_not_change_key_if_exists() {
+	pub fn schnorr_seal_init_should_not_change_key_if_exists() {
 		//given
-		let temp_dir = TempDir::with_prefix("seal_init_should_not_change_key_if_exists").unwrap();
+		let temp_dir =
+			TempDir::with_prefix("schnorr_seal_init_should_not_change_key_if_exists").unwrap();
 		let seal = Seal::new(temp_dir.path().to_path_buf(), "test".to_string());
 		let pair = seal.init().unwrap();
 
 		//when
 		let new_pair = seal.init().unwrap();
 
 		//then
-		assert!(pair, new_pair);
+		assert_eq!(pair.public, new_pair.public);
+	}
+
+	pub fn schnorr_sign_should_produce_valid_signature() {
+		//given
+		let temp_dir = TempDir::with_prefix("ecdsa_sign_should_produce_valid_signature").unwrap();
+		let seal = Seal::new(temp_dir.path().to_path_buf(), "test".to_string());
+		let pair = seal.init().unwrap();
+		let message = [1; 32];
+
+		//when
+		let signature = Signature::try_from(pair.sign(&message).unwrap().as_slice()).unwrap();
+
+		//then
+		let verifying_key = VerifyingKey::try_from(&pair.public).unwrap();
+		assert!(verifying_key.verify(&message, &signature).is_ok());
 	}
 }
diff --git a/bitacross-worker/enclave-runtime/src/test/tests_main.rs b/bitacross-worker/enclave-runtime/src/test/tests_main.rs
@@ -99,6 +99,14 @@ pub extern "C" fn test_main_entrance() -> size_t {
 		itp_sgx_crypto::tests::using_get_ed25519_repository_twice_initializes_key_only_once,
 		itp_sgx_crypto::tests::rsa3072_sealing_works,
 		itp_sgx_crypto::tests::using_get_rsa3072_repository_twice_initializes_key_only_once,
+		itp_sgx_crypto::tests::ecdsa_creating_repository_with_same_path_and_prefix_results_in_same_key,
+		itp_sgx_crypto::tests::ecdsa_seal_init_should_create_new_key_if_not_present,
+		itp_sgx_crypto::tests::ecdsa_seal_init_should_not_change_key_if_exists,
+		itp_sgx_crypto::tests::ecdsa_sign_should_produce_valid_signature,
+		itp_sgx_crypto::tests::schnorr_creating_repository_with_same_path_and_prefix_results_in_same_key,
+		itp_sgx_crypto::tests::schnorr_seal_init_should_create_new_key_if_not_present,
+		itp_sgx_crypto::tests::schnorr_seal_init_should_not_change_key_if_exists,
+		itp_sgx_crypto::tests::schnorr_sign_should_produce_valid_signature,
 		test_compose_block,
 		test_submit_trusted_call_to_top_pool,
 		test_submit_trusted_getter_to_top_pool,