From 5f7a9098046c733edeba76e969c46d60ddf19175 Mon Sep 17 00:00:00 2001 From: Sergi Delgado Segura Date: Tue, 21 Apr 2020 16:42:43 +0200 Subject: [PATCH] user_pk/client_pk -> user_id and cli/client -> user (when it does not reffer to the software) --- cli/teos_cli.py | 36 ++++----- teos/api.py | 12 +-- teos/gatekeeper.py | 24 +++--- teos/users_dbm.py | 36 ++++----- test/teos/e2e/test_basic_e2e.py | 42 +++++----- test/teos/unit/test_api.py | 130 ++++++++++++------------------ test/teos/unit/test_gatekeeper.py | 54 ++++++------- test/teos/unit/test_users_dbm.py | 30 +++---- 8 files changed, 168 insertions(+), 196 deletions(-) diff --git a/cli/teos_cli.py b/cli/teos_cli.py index 6b0ea7a..ad6e29e 100644 --- a/cli/teos_cli.py +++ b/cli/teos_cli.py @@ -57,7 +57,7 @@ def register(user_id, teos_url): return response -def add_appointment(appointment_data, cli_sk, teos_id, teos_url): +def add_appointment(appointment_data, user_sk, teos_id, teos_url): """ Manages the add_appointment command. @@ -72,7 +72,7 @@ def add_appointment(appointment_data, cli_sk, teos_id, teos_url): Args: appointment_data (:obj:`dict`): a dictionary containing the appointment data. - cli_sk (:obj:`PrivateKey`): the client's private key. + user_sk (:obj:`PrivateKey`): the user's private key. teos_id (:obj:`str`): the tower's compressed public key. teos_url (:obj:`str`): the teos base url. @@ -104,7 +104,7 @@ def add_appointment(appointment_data, cli_sk, teos_id, teos_url): appointment_data["locator"] = compute_locator(tx_id) appointment_data["encrypted_blob"] = Cryptographer.encrypt(tx, tx_id) appointment = Appointment.from_dict(appointment_data) - signature = Cryptographer.sign(appointment.serialize(), cli_sk) + signature = Cryptographer.sign(appointment.serialize(), user_sk) data = {"appointment": appointment.to_dict(), "signature": signature} @@ -128,13 +128,13 @@ def add_appointment(appointment_data, cli_sk, teos_id, teos_url): return appointment, signature -def get_appointment(locator, cli_sk, teos_id, teos_url): +def get_appointment(locator, user_sk, teos_id, teos_url): """ Gets information about an appointment from the tower. Args: locator (:obj:`str`): the appointment locator used to identify it. - cli_sk (:obj:`PrivateKey`): the client's private key. + user_sk (:obj:`PrivateKey`): the user's private key. teos_id (:obj:`PublicKey`): the tower's compressed public key. teos_url (:obj:`str`): the teos base url. @@ -155,7 +155,7 @@ def get_appointment(locator, cli_sk, teos_id, teos_url): raise InvalidParameter("The provided locator is not valid", locator=locator) message = "get appointment {}".format(locator) - signature = Cryptographer.sign(message.encode(), cli_sk) + signature = Cryptographer.sign(message.encode(), user_sk) data = {"locator": locator, "signature": signature} # Send request to the server. @@ -199,13 +199,13 @@ def get_all_appointments(teos_url): return None -def load_keys(teos_pk_path, cli_sk_path): +def load_keys(teos_pk_path, user_sk_path): """ Loads all the keys required so sign, send, and verify the appointment. Args: - teos_pk_path (:obj:`str`): path to the tower public key file. - cli_sk_path (:obj:`str`): path to the client private key file. + teos_pk_path (:obj:`str`): path to the tower's public key file. + user_sk_path (:obj:`str`): path to the user's private key file. Returns: :obj:`tuple`: a three-item tuple containing a ``str``, a ``PrivateKey`` and a ``str`` @@ -218,7 +218,7 @@ def load_keys(teos_pk_path, cli_sk_path): if not teos_pk_path: raise InvalidKey("TEOS's public key file not found. Please check your settings") - if not cli_sk_path: + if not user_sk_path: raise InvalidKey("Client's private key file not found. Please check your settings") try: @@ -229,19 +229,19 @@ def load_keys(teos_pk_path, cli_sk_path): raise InvalidKey("TEOS public key cannot be loaded") try: - cli_sk_der = Cryptographer.load_key_file(cli_sk_path) - cli_sk = Cryptographer.load_private_key_der(cli_sk_der) + user_sk_der = Cryptographer.load_key_file(user_sk_path) + user_sk = Cryptographer.load_private_key_der(user_sk_der) except (InvalidParameter, InvalidKey): raise InvalidKey("Client private key is invalid or cannot be parsed") try: - client_id = Cryptographer.get_compressed_pk(cli_sk.public_key) + user_id = Cryptographer.get_compressed_pk(user_sk.public_key) except (InvalidParameter, InvalidKey): raise InvalidKey("Client public key cannot be loaded") - return teos_id, cli_sk, client_id + return teos_id, user_sk, user_id def post_request(data, endpoint): @@ -402,15 +402,15 @@ def main(command, args, command_line_conf): teos_url = "http://" + teos_url try: - teos_id, cli_sk, client_id = load_keys(config.get("TEOS_PUBLIC_KEY"), config.get("CLI_PRIVATE_KEY")) + teos_id, user_sk, user_id = load_keys(config.get("TEOS_PUBLIC_KEY"), config.get("CLI_PRIVATE_KEY")) if command == "register": - register_data = register(client_id, teos_url) + register_data = register(user_id, teos_url) logger.info("Registration succeeded. Available slots: {}".format(register_data.get("available_slots"))) if command == "add_appointment": appointment_data = parse_add_appointment_args(args) - appointment, signature = add_appointment(appointment_data, cli_sk, teos_id, teos_url) + appointment, signature = add_appointment(appointment_data, user_sk, teos_id, teos_url) save_appointment_receipt(appointment.to_dict(), signature, config.get("APPOINTMENTS_FOLDER_NAME")) elif command == "get_appointment": @@ -423,7 +423,7 @@ def main(command, args, command_line_conf): if arg_opt in ["-h", "--help"]: sys.exit(help_get_appointment()) - appointment_data = get_appointment(arg_opt, cli_sk, teos_id, teos_url) + appointment_data = get_appointment(arg_opt, user_sk, teos_id, teos_url) if appointment_data: print(appointment_data) diff --git a/teos/api.py b/teos/api.py index 25b47bb..bdaf5b5 100644 --- a/teos/api.py +++ b/teos/api.py @@ -120,14 +120,14 @@ class API: logger.info("Received invalid register request", from_addr="{}".format(remote_addr)) return jsonify({"error": str(e)}), HTTP_BAD_REQUEST - client_pk = request_data.get("public_key") + user_id = request_data.get("public_key") - if client_pk: + if user_id: try: rcode = HTTP_OK - available_slots, subscription_expiry = self.watcher.gatekeeper.add_update_user(client_pk) + available_slots, subscription_expiry = self.watcher.gatekeeper.add_update_user(user_id) response = { - "public_key": client_pk, + "public_key": user_id, "available_slots": available_slots, "subscription_expiry": subscription_expiry, } @@ -234,10 +234,10 @@ class API: message = "get appointment {}".format(locator).encode() signature = request_data.get("signature") - user_pk = self.watcher.gatekeeper.authenticate_user(message, signature) + user_id = self.watcher.gatekeeper.authenticate_user(message, signature) triggered_appointments = self.watcher.db_manager.load_all_triggered_flags() - uuid = hash_160("{}{}".format(locator, user_pk)) + uuid = hash_160("{}{}".format(locator, user_id)) # If the appointment has been triggered, it should be in the locator (default else just in case). if uuid in triggered_appointments: diff --git a/teos/gatekeeper.py b/teos/gatekeeper.py index e0a8ec5..d0416a7 100644 --- a/teos/gatekeeper.py +++ b/teos/gatekeeper.py @@ -76,12 +76,12 @@ class Gatekeeper: } self.lock = Lock() - def add_update_user(self, user_pk): + def add_update_user(self, user_id): """ Adds a new user or updates the subscription of an existing one, by adding additional slots. Args: - user_pk(:obj:`str`): the public key that identifies the user (33-bytes hex str). + user_id(:obj:`str`): the public key that identifies the user (33-bytes hex str). Returns: :obj:`tuple`: a tuple with the number of available slots in the user subscription and the subscription @@ -91,23 +91,23 @@ class Gatekeeper: :obj:`InvalidParameter`: if the user_pk does not match the expected format. """ - if not is_compressed_pk(user_pk): + if not is_compressed_pk(user_id): raise InvalidParameter("Provided public key does not match expected format (33-byte hex string)") - if user_pk not in self.registered_users: - self.registered_users[user_pk] = UserInfo( + if user_id not in self.registered_users: + self.registered_users[user_id] = UserInfo( self.default_slots, self.block_processor.get_block_count() + self.default_subscription_duration ) else: # FIXME: For now new calls to register add default_slots to the current count and reset the expiry time - self.registered_users[user_pk].available_slots += self.default_slots - self.registered_users[user_pk].subscription_expiry = ( + self.registered_users[user_id].available_slots += self.default_slots + self.registered_users[user_id].subscription_expiry = ( self.block_processor.get_block_count() + self.default_subscription_duration ) - self.user_db.store_user(user_pk, self.registered_users[user_pk].to_dict()) + self.user_db.store_user(user_id, self.registered_users[user_id].to_dict()) - return self.registered_users[user_pk].available_slots, self.registered_users[user_pk].subscription_expiry + return self.registered_users[user_id].available_slots, self.registered_users[user_id].subscription_expiry def authenticate_user(self, message, signature): """ @@ -126,10 +126,10 @@ class Gatekeeper: try: rpk = Cryptographer.recover_pk(message, signature) - compressed_pk = Cryptographer.get_compressed_pk(rpk) + user_id = Cryptographer.get_compressed_pk(rpk) - if compressed_pk in self.registered_users: - return compressed_pk + if user_id in self.registered_users: + return user_id else: raise AuthenticationFailure("User not found.") diff --git a/teos/users_dbm.py b/teos/users_dbm.py index ea3cb0e..b3b85e3 100644 --- a/teos/users_dbm.py +++ b/teos/users_dbm.py @@ -37,42 +37,42 @@ class UsersDBM(DBManager): raise e - def store_user(self, user_pk, user_data): + def store_user(self, user_id, user_data): """ Stores a user record to the database. ``user_pk`` is used as identifier. Args: - user_pk (:obj:`str`): a 33-byte hex-encoded string identifying the user. + user_id (:obj:`str`): a 33-byte hex-encoded string identifying the user. user_data (:obj:`dict`): the user associated data, as a dictionary. Returns: :obj:`bool`: True if the user was stored in the database, False otherwise. """ - if is_compressed_pk(user_pk): + if is_compressed_pk(user_id): try: - self.create_entry(user_pk, json.dumps(user_data)) - logger.info("Adding user to Gatekeeper's db", user_pk=user_pk) + self.create_entry(user_id, json.dumps(user_data)) + logger.info("Adding user to Gatekeeper's db", user_id=user_id) return True except json.JSONDecodeError: - logger.info("Could't add user to db. Wrong user data format", user_pk=user_pk, user_data=user_data) + logger.info("Could't add user to db. Wrong user data format", user_id=user_id, user_data=user_data) return False except TypeError: - logger.info("Could't add user to db", user_pk=user_pk, user_data=user_data) + logger.info("Could't add user to db", user_id=user_id, user_data=user_data) return False else: - logger.info("Could't add user to db. Wrong pk format", user_pk=user_pk, user_data=user_data) + logger.info("Could't add user to db. Wrong pk format", user_id=user_id, user_data=user_data) return False - def load_user(self, user_pk): + def load_user(self, user_id): """ Loads a user record from the database using the ``user_pk`` as identifier. Args: - user_pk (:obj:`str`): a 33-byte hex-encoded string identifying the user. + user_id (:obj:`str`): a 33-byte hex-encoded string identifying the user. Returns: :obj:`dict`: A dictionary containing the user data if the ``key`` is found. @@ -81,31 +81,31 @@ class UsersDBM(DBManager): """ try: - data = self.load_entry(user_pk) + data = self.load_entry(user_id) data = json.loads(data) except (TypeError, json.decoder.JSONDecodeError): data = None return data - def delete_user(self, user_pk): + def delete_user(self, user_id): """ Deletes a user record from the database. Args: - user_pk (:obj:`str`): a 33-byte hex-encoded string identifying the user. + user_id (:obj:`str`): a 33-byte hex-encoded string identifying the user. Returns: :obj:`bool`: True if the user was deleted from the database or it was non-existent, False otherwise. """ try: - self.delete_entry(user_pk) - logger.info("Deleting user from Gatekeeper's db", uuid=user_pk) + self.delete_entry(user_id) + logger.info("Deleting user from Gatekeeper's db", uuid=user_id) return True except TypeError: - logger.info("Cannot delete user from db, user key has wrong type", uuid=user_pk) + logger.info("Cannot delete user from db, user key has wrong type", uuid=user_id) return False def load_all_users(self): @@ -122,7 +122,7 @@ class UsersDBM(DBManager): for k, v in self.db.iterator(): # Get uuid and appointment_data from the db - user_pk = k.decode("utf-8") - data[user_pk] = json.loads(v) + user_id = k.decode("utf-8") + data[user_id] = json.loads(v) return data diff --git a/test/teos/e2e/test_basic_e2e.py b/test/teos/e2e/test_basic_e2e.py index 7326145..fbab9f8 100644 --- a/test/teos/e2e/test_basic_e2e.py +++ b/test/teos/e2e/test_basic_e2e.py @@ -35,9 +35,7 @@ teos_get_all_appointments_endpoint = "{}/get_all_appointments".format(teos_base_ # Run teosd teosd_process = run_teosd() -teos_pk, cli_sk, compressed_cli_pk = teos_cli.load_keys( - cli_config.get("TEOS_PUBLIC_KEY"), cli_config.get("CLI_PRIVATE_KEY") -) +teos_id, user_sk, user_id = teos_cli.load_keys(cli_config.get("TEOS_PUBLIC_KEY"), cli_config.get("CLI_PRIVATE_KEY")) def broadcast_transaction_and_mine_block(bitcoin_cli, commitment_tx, addr): @@ -46,13 +44,13 @@ def broadcast_transaction_and_mine_block(bitcoin_cli, commitment_tx, addr): bitcoin_cli.generatetoaddress(1, addr) -def get_appointment_info(locator, sk=cli_sk): +def get_appointment_info(locator, sk=user_sk): sleep(1) # Let's add a bit of delay so the state can be updated - return teos_cli.get_appointment(locator, sk, teos_pk, teos_base_endpoint) + return teos_cli.get_appointment(locator, sk, teos_id, teos_base_endpoint) -def add_appointment(appointment_data, sk=cli_sk): - return teos_cli.add_appointment(appointment_data, sk, teos_pk, teos_base_endpoint) +def add_appointment(appointment_data, sk=user_sk): + return teos_cli.add_appointment(appointment_data, sk, teos_id, teos_base_endpoint) def get_all_appointments(): @@ -78,7 +76,7 @@ def test_commands_non_registered(bitcoin_cli): def test_commands_registered(bitcoin_cli): # Test registering and trying again - teos_cli.register(compressed_cli_pk, teos_base_endpoint) + teos_cli.register(user_id, teos_base_endpoint) # Add appointment commitment_tx, penalty_tx = create_txs(bitcoin_cli) @@ -96,7 +94,7 @@ def test_commands_registered(bitcoin_cli): def test_appointment_life_cycle(bitcoin_cli): # First of all we need to register - teos_cli.register(compressed_cli_pk, teos_base_endpoint) + teos_cli.register(user_id, teos_base_endpoint) # After that we can build an appointment and send it to the tower commitment_tx, penalty_tx = create_txs(bitcoin_cli) @@ -245,7 +243,7 @@ def test_appointment_wrong_decryption_key(bitcoin_cli): appointment_data["encrypted_blob"] = Cryptographer.encrypt(penalty_tx, get_random_value_hex(32)) appointment = Appointment.from_dict(appointment_data) - signature = Cryptographer.sign(appointment.serialize(), cli_sk) + signature = Cryptographer.sign(appointment.serialize(), user_sk) data = {"appointment": appointment.to_dict(), "signature": signature} # Send appointment to the server. @@ -255,7 +253,7 @@ def test_appointment_wrong_decryption_key(bitcoin_cli): # Check that the server has accepted the appointment signature = response_json.get("signature") rpk = Cryptographer.recover_pk(appointment.serialize(), signature) - assert teos_pk == Cryptographer.get_compressed_pk(rpk) + assert teos_id == Cryptographer.get_compressed_pk(rpk) assert response_json.get("locator") == appointment.locator # Trigger the appointment @@ -306,18 +304,18 @@ def test_two_identical_appointments(bitcoin_cli): # locator = compute_locator(commitment_tx_id) # # # tmp keys from a different user -# tmp_sk = PrivateKey() -# tmp_compressed_pk = hexlify(tmp_sk.public_key.format(compressed=True)).decode("utf-8") -# teos_cli.register(tmp_compressed_pk, teos_base_endpoint) +# tmp_user_sk = PrivateKey() +# tmp_user_id = hexlify(tmp_user_sk.public_key.format(compressed=True)).decode("utf-8") +# teos_cli.register(tmp_user_id, teos_base_endpoint) # # # Send the appointment twice # assert add_appointment(appointment_data) is True -# assert add_appointment(appointment_data, sk=tmp_sk) is True +# assert add_appointment(appointment_data, sk=tmp_user_sk) is True # # # Check that we can get it from both users # appointment_info = get_appointment_info(locator) # assert appointment_info.get("status") == "being_watched" -# appointment_info = get_appointment_info(locator, sk=tmp_sk) +# appointment_info = get_appointment_info(locator, sk=tmp_user_sk) # assert appointment_info.get("status") == "being_watched" # # # Broadcast the commitment transaction and mine a block @@ -327,7 +325,7 @@ def test_two_identical_appointments(bitcoin_cli): # # The last appointment should have made it to the Responder # sleep(1) # appointment_info = get_appointment_info(locator) -# appointment_dup_info = get_appointment_info(locator, sk=tmp_sk) +# appointment_dup_info = get_appointment_info(locator, sk=tmp_user_sk) # # # One of the two request must be None, while the other must be valid # assert (appointment_info is None and appointment_dup_info is not None) or ( @@ -355,12 +353,12 @@ def test_two_appointment_same_locator_different_penalty_different_users(bitcoin_ locator = compute_locator(commitment_tx_id) # tmp keys for a different user - tmp_sk = PrivateKey() - tmp_compressed_pk = hexlify(tmp_sk.public_key.format(compressed=True)).decode("utf-8") - teos_cli.register(tmp_compressed_pk, teos_base_endpoint) + tmp_user_sk = PrivateKey() + tmp_user_id = hexlify(tmp_user_sk.public_key.format(compressed=True)).decode("utf-8") + teos_cli.register(tmp_user_id, teos_base_endpoint) appointment, _ = add_appointment(appointment1_data) - appointment_2, _ = add_appointment(appointment2_data, sk=tmp_sk) + appointment_2, _ = add_appointment(appointment2_data, sk=tmp_user_sk) # Broadcast the commitment transaction and mine a block new_addr = bitcoin_cli.getnewaddress() @@ -371,7 +369,7 @@ def test_two_appointment_same_locator_different_penalty_different_users(bitcoin_ appointment_info = None with pytest.raises(TowerResponseError): appointment_info = get_appointment_info(locator) - appointment2_info = get_appointment_info(locator, sk=tmp_sk) + appointment2_info = get_appointment_info(locator, sk=tmp_user_sk) if appointment_info is None: appointment_info = appointment2_info diff --git a/test/teos/unit/test_api.py b/test/teos/unit/test_api.py index 959254f..b42f52e 100644 --- a/test/teos/unit/test_api.py +++ b/test/teos/unit/test_api.py @@ -40,8 +40,8 @@ appointments = {} locator_dispute_tx_map = {} -client_sk, client_pk = generate_keypair() -compressed_client_pk = hexlify(client_pk.format(compressed=True)).decode("utf-8") +user_sk, user_pk = generate_keypair() +user_id = hexlify(user_pk.format(compressed=True)).decode("utf-8") @pytest.fixture() @@ -86,12 +86,12 @@ def appointment(): return appointment -def add_appointment(client, appointment_data, user_pk): +def add_appointment(client, appointment_data, user_id): r = client.post(add_appointment_endpoint, json=appointment_data) if r.status_code == HTTP_OK: locator = appointment_data.get("appointment").get("locator") - uuid = hash_160("{}{}".format(locator, user_pk)) + uuid = hash_160("{}{}".format(locator, user_id)) appointments[uuid] = appointment_data["appointment"] return r @@ -99,10 +99,10 @@ def add_appointment(client, appointment_data, user_pk): def test_register(client, api): current_height = api.watcher.block_processor.get_block_count() - data = {"public_key": compressed_client_pk} + data = {"public_key": user_id} r = client.post(register_endpoint, json=data) assert r.status_code == HTTP_OK - assert r.json.get("public_key") == compressed_client_pk + assert r.json.get("public_key") == user_id assert r.json.get("available_slots") == config.get("DEFAULT_SLOTS") assert r.json.get("subscription_expiry") == current_height + config.get("DEFAULT_SUBSCRIPTION_DURATION") @@ -111,15 +111,15 @@ def test_register_top_up(client, api): # Calling register more than once will give us DEFAULT_SLOTS * number_of_calls slots. # It will also refresh the expiry. temp_sk, tmp_pk = generate_keypair() - tmp_pk_hex = hexlify(tmp_pk.format(compressed=True)).decode("utf-8") + tmp_user_id = hexlify(tmp_pk.format(compressed=True)).decode("utf-8") current_height = api.watcher.block_processor.get_block_count() - data = {"public_key": tmp_pk_hex} + data = {"public_key": tmp_user_id} for i in range(10): r = client.post(register_endpoint, json=data) assert r.status_code == HTTP_OK - assert r.json.get("public_key") == tmp_pk_hex + assert r.json.get("public_key") == tmp_user_id assert r.json.get("available_slots") == config.get("DEFAULT_SLOTS") * (i + 1) assert r.json.get("subscription_expiry") == current_height + config.get("DEFAULT_SUBSCRIPTION_DURATION") @@ -131,7 +131,7 @@ def test_register_no_client_pk(client): def test_register_wrong_client_pk(client): - data = {"public_key": compressed_client_pk + compressed_client_pk} + data = {"public_key": user_id + user_id} r = client.post(register_endpoint, json=data) assert r.status_code == HTTP_BAD_REQUEST @@ -148,20 +148,18 @@ def test_register_json_no_inner_dict(client): def test_add_appointment(api, client, appointment): # Simulate the user registration (end time does not matter here) - api.watcher.gatekeeper.registered_users[compressed_client_pk] = UserInfo(available_slots=1, subscription_expiry=0) + api.watcher.gatekeeper.registered_users[user_id] = UserInfo(available_slots=1, subscription_expiry=0) # Properly formatted appointment - appointment_signature = Cryptographer.sign(appointment.serialize(), client_sk) - r = add_appointment( - client, {"appointment": appointment.to_dict(), "signature": appointment_signature}, compressed_client_pk - ) + appointment_signature = Cryptographer.sign(appointment.serialize(), user_sk) + r = add_appointment(client, {"appointment": appointment.to_dict(), "signature": appointment_signature}, user_id) assert r.status_code == HTTP_OK assert r.json.get("available_slots") == 0 def test_add_appointment_no_json(api, client, appointment): # Simulate the user registration (end time does not matter here) - api.watcher.gatekeeper.registered_users[compressed_client_pk] = UserInfo(available_slots=1, subscription_expiry=0) + api.watcher.gatekeeper.registered_users[user_id] = UserInfo(available_slots=1, subscription_expiry=0) # No JSON data r = client.post(add_appointment_endpoint, data="random_message") @@ -171,7 +169,7 @@ def test_add_appointment_no_json(api, client, appointment): def test_add_appointment_json_no_inner_dict(api, client, appointment): # Simulate the user registration (end time does not matter here) - api.watcher.gatekeeper.registered_users[compressed_client_pk] = UserInfo(available_slots=1, subscription_expiry=0) + api.watcher.gatekeeper.registered_users[user_id] = UserInfo(available_slots=1, subscription_expiry=0) # JSON data with no inner dict (invalid data foramat) r = client.post(add_appointment_endpoint, json="random_message") @@ -181,14 +179,12 @@ def test_add_appointment_json_no_inner_dict(api, client, appointment): def test_add_appointment_wrong(api, client, appointment): # Simulate the user registration (end time does not matter here) - api.watcher.gatekeeper.registered_users[compressed_client_pk] = UserInfo(available_slots=1, subscription_expiry=0) + api.watcher.gatekeeper.registered_users[user_id] = UserInfo(available_slots=1, subscription_expiry=0) # Incorrect appointment (properly formatted, wrong data) appointment.to_self_delay = 0 - appointment_signature = Cryptographer.sign(appointment.serialize(), client_sk) - r = add_appointment( - client, {"appointment": appointment.to_dict(), "signature": appointment_signature}, compressed_client_pk - ) + appointment_signature = Cryptographer.sign(appointment.serialize(), user_sk) + r = add_appointment(client, {"appointment": appointment.to_dict(), "signature": appointment_signature}, user_id) assert r.status_code == HTTP_BAD_REQUEST assert "Error {}:".format(errors.APPOINTMENT_FIELD_TOO_SMALL) in r.json.get("error") @@ -208,44 +204,38 @@ def test_add_appointment_not_registered(api, client, appointment): def test_add_appointment_registered_no_free_slots(api, client, appointment): # Empty the user slots (end time does not matter here) - api.watcher.gatekeeper.registered_users[compressed_client_pk] = UserInfo(available_slots=0, subscription_expiry=0) + api.watcher.gatekeeper.registered_users[user_id] = UserInfo(available_slots=0, subscription_expiry=0) # Properly formatted appointment, user has no available slots - appointment_signature = Cryptographer.sign(appointment.serialize(), client_sk) - r = add_appointment( - client, {"appointment": appointment.to_dict(), "signature": appointment_signature}, compressed_client_pk - ) + appointment_signature = Cryptographer.sign(appointment.serialize(), user_sk) + r = add_appointment(client, {"appointment": appointment.to_dict(), "signature": appointment_signature}, user_id) assert r.status_code == HTTP_BAD_REQUEST assert "Error {}:".format(errors.APPOINTMENT_INVALID_SIGNATURE_OR_INSUFFICIENT_SLOTS) in r.json.get("error") def test_add_appointment_registered_not_enough_free_slots(api, client, appointment): # Give some slots to the user (end time does not matter here) - api.watcher.gatekeeper.registered_users[compressed_client_pk] = UserInfo(available_slots=1, subscription_expiry=0) + api.watcher.gatekeeper.registered_users[user_id] = UserInfo(available_slots=1, subscription_expiry=0) # Properly formatted appointment, user has not enough slots - appointment_signature = Cryptographer.sign(appointment.serialize(), client_sk) + appointment_signature = Cryptographer.sign(appointment.serialize(), user_sk) # Let's create a big blob appointment.encrypted_blob = TWO_SLOTS_BLOTS - r = add_appointment( - client, {"appointment": appointment.to_dict(), "signature": appointment_signature}, compressed_client_pk - ) + r = add_appointment(client, {"appointment": appointment.to_dict(), "signature": appointment_signature}, user_id) assert r.status_code == HTTP_BAD_REQUEST assert "Error {}:".format(errors.APPOINTMENT_INVALID_SIGNATURE_OR_INSUFFICIENT_SLOTS) in r.json.get("error") def test_add_appointment_multiple_times_same_user(api, client, appointment, n=MULTIPLE_APPOINTMENTS): # Multiple appointments with the same locator should be valid and count as updates - appointment_signature = Cryptographer.sign(appointment.serialize(), client_sk) + appointment_signature = Cryptographer.sign(appointment.serialize(), user_sk) # Simulate registering enough slots (end time does not matter here) - api.watcher.gatekeeper.registered_users[compressed_client_pk] = UserInfo(available_slots=n, subscription_expiry=0) + api.watcher.gatekeeper.registered_users[user_id] = UserInfo(available_slots=n, subscription_expiry=0) for _ in range(n): - r = add_appointment( - client, {"appointment": appointment.to_dict(), "signature": appointment_signature}, compressed_client_pk - ) + r = add_appointment(client, {"appointment": appointment.to_dict(), "signature": appointment_signature}, user_id) assert r.status_code == HTTP_OK assert r.json.get("available_slots") == n - 1 @@ -277,75 +267,61 @@ def test_add_appointment_multiple_times_different_users(api, client, appointment def test_add_appointment_update_same_size(api, client, appointment): # Update an appointment by one of the same size and check that no additional slots are filled - api.watcher.gatekeeper.registered_users[compressed_client_pk] = UserInfo(available_slots=1, subscription_expiry=0) + api.watcher.gatekeeper.registered_users[user_id] = UserInfo(available_slots=1, subscription_expiry=0) - appointment_signature = Cryptographer.sign(appointment.serialize(), client_sk) - r = add_appointment( - client, {"appointment": appointment.to_dict(), "signature": appointment_signature}, compressed_client_pk - ) + appointment_signature = Cryptographer.sign(appointment.serialize(), user_sk) + r = add_appointment(client, {"appointment": appointment.to_dict(), "signature": appointment_signature}, user_id) assert r.status_code == HTTP_OK and r.json.get("available_slots") == 0 # The user has no additional slots, but it should be able to update # Let's just reverse the encrypted blob for example appointment.encrypted_blob = appointment.encrypted_blob[::-1] - appointment_signature = Cryptographer.sign(appointment.serialize(), client_sk) - r = add_appointment( - client, {"appointment": appointment.to_dict(), "signature": appointment_signature}, compressed_client_pk - ) + appointment_signature = Cryptographer.sign(appointment.serialize(), user_sk) + r = add_appointment(client, {"appointment": appointment.to_dict(), "signature": appointment_signature}, user_id) assert r.status_code == HTTP_OK and r.json.get("available_slots") == 0 def test_add_appointment_update_bigger(api, client, appointment): # Update an appointment by one bigger, and check additional slots are filled - api.watcher.gatekeeper.registered_users[compressed_client_pk] = UserInfo(available_slots=2, subscription_expiry=0) + api.watcher.gatekeeper.registered_users[user_id] = UserInfo(available_slots=2, subscription_expiry=0) - appointment_signature = Cryptographer.sign(appointment.serialize(), client_sk) - r = add_appointment( - client, {"appointment": appointment.to_dict(), "signature": appointment_signature}, compressed_client_pk - ) + appointment_signature = Cryptographer.sign(appointment.serialize(), user_sk) + r = add_appointment(client, {"appointment": appointment.to_dict(), "signature": appointment_signature}, user_id) assert r.status_code == HTTP_OK and r.json.get("available_slots") == 1 # The user has one slot, so it should be able to update as long as it only takes 1 additional slot appointment.encrypted_blob = TWO_SLOTS_BLOTS - appointment_signature = Cryptographer.sign(appointment.serialize(), client_sk) - r = add_appointment( - client, {"appointment": appointment.to_dict(), "signature": appointment_signature}, compressed_client_pk - ) + appointment_signature = Cryptographer.sign(appointment.serialize(), user_sk) + r = add_appointment(client, {"appointment": appointment.to_dict(), "signature": appointment_signature}, user_id) assert r.status_code == HTTP_OK and r.json.get("available_slots") == 0 # Check that it'll fail if no enough slots are available # Double the size from before appointment.encrypted_blob = TWO_SLOTS_BLOTS + TWO_SLOTS_BLOTS - appointment_signature = Cryptographer.sign(appointment.serialize(), client_sk) - r = add_appointment( - client, {"appointment": appointment.to_dict(), "signature": appointment_signature}, compressed_client_pk - ) + appointment_signature = Cryptographer.sign(appointment.serialize(), user_sk) + r = add_appointment(client, {"appointment": appointment.to_dict(), "signature": appointment_signature}, user_id) assert r.status_code == HTTP_BAD_REQUEST def test_add_appointment_update_smaller(api, client, appointment): # Update an appointment by one bigger, and check slots are freed - api.watcher.gatekeeper.registered_users[compressed_client_pk] = UserInfo(available_slots=2, subscription_expiry=0) + api.watcher.gatekeeper.registered_users[user_id] = UserInfo(available_slots=2, subscription_expiry=0) # This should take 2 slots appointment.encrypted_blob = TWO_SLOTS_BLOTS - appointment_signature = Cryptographer.sign(appointment.serialize(), client_sk) - r = add_appointment( - client, {"appointment": appointment.to_dict(), "signature": appointment_signature}, compressed_client_pk - ) + appointment_signature = Cryptographer.sign(appointment.serialize(), user_sk) + r = add_appointment(client, {"appointment": appointment.to_dict(), "signature": appointment_signature}, user_id) assert r.status_code == HTTP_OK and r.json.get("available_slots") == 0 # Let's update with one just small enough appointment.encrypted_blob = "A" * (ENCRYPTED_BLOB_MAX_SIZE_HEX - 2) - appointment_signature = Cryptographer.sign(appointment.serialize(), client_sk) - r = add_appointment( - client, {"appointment": appointment.to_dict(), "signature": appointment_signature}, compressed_client_pk - ) + appointment_signature = Cryptographer.sign(appointment.serialize(), user_sk) + r = add_appointment(client, {"appointment": appointment.to_dict(), "signature": appointment_signature}, user_id) assert r.status_code == HTTP_OK and r.json.get("available_slots") == 1 def test_add_too_many_appointment(api, client): # Give slots to the user - api.watcher.gatekeeper.registered_users[compressed_client_pk] = UserInfo(available_slots=200, subscription_expiry=0) + api.watcher.gatekeeper.registered_users[user_id] = UserInfo(available_slots=200, subscription_expiry=0) free_appointment_slots = MAX_APPOINTMENTS - len(api.watcher.appointments) @@ -353,10 +329,8 @@ def test_add_too_many_appointment(api, client): appointment, dispute_tx = generate_dummy_appointment() locator_dispute_tx_map[appointment.locator] = dispute_tx - appointment_signature = Cryptographer.sign(appointment.serialize(), client_sk) - r = add_appointment( - client, {"appointment": appointment.to_dict(), "signature": appointment_signature}, compressed_client_pk - ) + appointment_signature = Cryptographer.sign(appointment.serialize(), user_sk) + r = add_appointment(client, {"appointment": appointment.to_dict(), "signature": appointment_signature}, user_id) if i < free_appointment_slots: assert r.status_code == HTTP_OK @@ -376,7 +350,7 @@ def test_get_appointment_json_no_inner_dict(api, client, appointment): assert "Invalid request content" in r.json.get("error") -def test_get_random_appointment_registered_user(client, user_sk=client_sk): +def test_get_random_appointment_registered_user(client, user_sk=user_sk): locator = get_random_value_hex(LOCATOR_LEN_BYTES) message = "get appointment {}".format(locator) signature = Cryptographer.sign(message.encode("utf-8"), user_sk) @@ -401,12 +375,12 @@ def test_get_appointment_not_registered_user(client): def test_get_appointment_in_watcher(api, client, appointment): # Mock the appointment in the Watcher - uuid = hash_160("{}{}".format(appointment.locator, compressed_client_pk)) + uuid = hash_160("{}{}".format(appointment.locator, user_id)) api.watcher.db_manager.store_watcher_appointment(uuid, appointment.to_dict()) # Next we can request it message = "get appointment {}".format(appointment.locator) - signature = Cryptographer.sign(message.encode("utf-8"), client_sk) + signature = Cryptographer.sign(message.encode("utf-8"), user_sk) data = {"locator": appointment.locator, "signature": signature} r = client.post(get_appointment_endpoint, json=data) assert r.status_code == HTTP_OK @@ -432,13 +406,13 @@ def test_get_appointment_in_responder(api, client, appointment): } tx_tracker = TransactionTracker.from_dict(tracker_data) - uuid = hash_160("{}{}".format(appointment.locator, compressed_client_pk)) + uuid = hash_160("{}{}".format(appointment.locator, user_id)) api.watcher.db_manager.create_triggered_appointment_flag(uuid) api.watcher.responder.db_manager.store_responder_tracker(uuid, tx_tracker.to_dict()) # Request back the data message = "get appointment {}".format(appointment.locator) - signature = Cryptographer.sign(message.encode("utf-8"), client_sk) + signature = Cryptographer.sign(message.encode("utf-8"), user_sk) data = {"locator": appointment.locator, "signature": signature} # Next we can request it diff --git a/test/teos/unit/test_gatekeeper.py b/test/teos/unit/test_gatekeeper.py index d7ce00b..f878aca 100644 --- a/test/teos/unit/test_gatekeeper.py +++ b/test/teos/unit/test_gatekeeper.py @@ -28,17 +28,17 @@ def test_init(gatekeeper, run_bitcoind): def test_add_update_user(gatekeeper): # add_update_user adds DEFAULT_SLOTS to a given user as long as the identifier is {02, 03}| 32-byte hex str # it also add DEFAULT_SUBSCRIPTION_DURATION + current_block_height to the user - user_pk = "02" + get_random_value_hex(32) + user_id = "02" + get_random_value_hex(32) for _ in range(10): - user = gatekeeper.registered_users.get(user_pk) + user = gatekeeper.registered_users.get(user_id) current_slots = user.available_slots if user is not None else 0 - gatekeeper.add_update_user(user_pk) + gatekeeper.add_update_user(user_id) - assert gatekeeper.registered_users.get(user_pk).available_slots == current_slots + config.get("DEFAULT_SLOTS") + assert gatekeeper.registered_users.get(user_id).available_slots == current_slots + config.get("DEFAULT_SLOTS") assert gatekeeper.registered_users[ - user_pk + user_id ].subscription_expiry == gatekeeper.block_processor.get_block_count() + config.get( "DEFAULT_SUBSCRIPTION_DURATION" ) @@ -46,31 +46,31 @@ def test_add_update_user(gatekeeper): # The same can be checked for multiple users for _ in range(10): # The user identifier is changed every call - user_pk = "03" + get_random_value_hex(32) + user_id = "03" + get_random_value_hex(32) - gatekeeper.add_update_user(user_pk) - assert gatekeeper.registered_users.get(user_pk).available_slots == config.get("DEFAULT_SLOTS") + gatekeeper.add_update_user(user_id) + assert gatekeeper.registered_users.get(user_id).available_slots == config.get("DEFAULT_SLOTS") assert gatekeeper.registered_users[ - user_pk + user_id ].subscription_expiry == gatekeeper.block_processor.get_block_count() + config.get( "DEFAULT_SUBSCRIPTION_DURATION" ) -def test_add_update_user_wrong_pk(gatekeeper): +def test_add_update_user_wrong_id(gatekeeper): # Passing a wrong pk defaults to the errors in check_user_pk. We can try with one. - wrong_pk = get_random_value_hex(32) + wrong_id = get_random_value_hex(32) with pytest.raises(InvalidParameter): - gatekeeper.add_update_user(wrong_pk) + gatekeeper.add_update_user(wrong_id) -def test_add_update_user_wrong_pk_prefix(gatekeeper): +def test_add_update_user_wrong_id_prefix(gatekeeper): # Prefixes must be 02 or 03, anything else should fail - wrong_pk = "04" + get_random_value_hex(32) + wrong_id = "04" + get_random_value_hex(32) with pytest.raises(InvalidParameter): - gatekeeper.add_update_user(wrong_pk) + gatekeeper.add_update_user(wrong_id) def test_identify_user(gatekeeper): @@ -79,13 +79,13 @@ def test_identify_user(gatekeeper): # Let's first register a user sk, pk = generate_keypair() - compressed_pk = Cryptographer.get_compressed_pk(pk) - gatekeeper.add_update_user(compressed_pk) + user_id = Cryptographer.get_compressed_pk(pk) + gatekeeper.add_update_user(user_id) message = "Hey, it's me" signature = Cryptographer.sign(message.encode(), sk) - assert gatekeeper.authenticate_user(message.encode(), signature) == compressed_pk + assert gatekeeper.authenticate_user(message.encode(), signature) == user_id def test_identify_user_non_registered(gatekeeper): @@ -132,15 +132,15 @@ def test_update_available_slots(gatekeeper): # update_available_slots should decrease the slot count if a new appointment is added # let's add a new user sk, pk = generate_keypair() - compressed_pk = Cryptographer.get_compressed_pk(pk) - gatekeeper.add_update_user(compressed_pk) + user_id = Cryptographer.get_compressed_pk(pk) + gatekeeper.add_update_user(user_id) # And now update the slots given an appointment appointment, _ = generate_dummy_appointment() - gatekeeper.update_available_slots(compressed_pk, appointment.get_summary()) + gatekeeper.update_available_slots(user_id, appointment.get_summary()) # This is a standard size appointment, so it should have reduced the slots by one - assert gatekeeper.registered_users[compressed_pk].available_slots == config.get("DEFAULT_SLOTS") - 1 + assert gatekeeper.registered_users[user_id].available_slots == config.get("DEFAULT_SLOTS") - 1 # Updates can leave the count as it, decrease it, or increase it, depending on the appointment size (modulo # ENCRYPTED_BLOB_MAX_SIZE_HEX) @@ -148,7 +148,7 @@ def test_update_available_slots(gatekeeper): # Appointments of the same size leave it as is appointment_same_size, _ = generate_dummy_appointment() remaining_slots = gatekeeper.update_available_slots( - compressed_pk, appointment.get_summary(), appointment_same_size.get_summary() + user_id, appointment.get_summary(), appointment_same_size.get_summary() ) assert remaining_slots == config.get("DEFAULT_SLOTS") - 1 @@ -156,20 +156,20 @@ def test_update_available_slots(gatekeeper): appointment_x2_size = appointment_same_size appointment_x2_size.encrypted_blob = "A" * (ENCRYPTED_BLOB_MAX_SIZE_HEX + 1) remaining_slots = gatekeeper.update_available_slots( - compressed_pk, appointment_x2_size.get_summary(), appointment.get_summary() + user_id, appointment_x2_size.get_summary(), appointment.get_summary() ) assert remaining_slots == config.get("DEFAULT_SLOTS") - 2 # Smaller appointments increase it (using the same data but flipped) remaining_slots = gatekeeper.update_available_slots( - compressed_pk, appointment.get_summary(), appointment_x2_size.get_summary() + user_id, appointment.get_summary(), appointment_x2_size.get_summary() ) assert remaining_slots == config.get("DEFAULT_SLOTS") - 1 # If the appointment needs more slots than there's free, it should fail - gatekeeper.registered_users[compressed_pk].available_slots = 1 + gatekeeper.registered_users[user_id].available_slots = 1 with pytest.raises(NotEnoughSlots): - gatekeeper.update_available_slots(compressed_pk, appointment_x2_size.get_summary()) + gatekeeper.update_available_slots(user_id, appointment_x2_size.get_summary()) def test_get_expired_appointments(gatekeeper): diff --git a/test/teos/unit/test_users_dbm.py b/test/teos/unit/test_users_dbm.py index 43957fc..605c6e4 100644 --- a/test/teos/unit/test_users_dbm.py +++ b/test/teos/unit/test_users_dbm.py @@ -19,27 +19,27 @@ def open_create_db(db_path): def test_store_user(user_db_manager): # Store user should work as long as the user_pk is properly formatted and data is a dictionary - user_pk = "02" + get_random_value_hex(32) + user_id = "02" + get_random_value_hex(32) user_info = UserInfo(available_slots=42, subscription_expiry=100) - stored_users[user_pk] = user_info.to_dict() - assert user_db_manager.store_user(user_pk, user_info.to_dict()) is True + stored_users[user_id] = user_info.to_dict() + assert user_db_manager.store_user(user_id, user_info.to_dict()) is True # Wrong pks should return False on adding - user_pk = "04" + get_random_value_hex(32) + user_id = "04" + get_random_value_hex(32) user_info = UserInfo(available_slots=42, subscription_expiry=100) - assert user_db_manager.store_user(user_pk, user_info.to_dict()) is False + assert user_db_manager.store_user(user_id, user_info.to_dict()) is False # Same for wrong types assert user_db_manager.store_user(42, user_info.to_dict()) is False # And for wrong type user data - assert user_db_manager.store_user(user_pk, 42) is False + assert user_db_manager.store_user(user_id, 42) is False def test_load_user(user_db_manager): # Loading a user we have stored should work - for user_pk, user_data in stored_users.items(): - assert user_db_manager.load_user(user_pk) == user_data + for user_id, user_data in stored_users.items(): + assert user_db_manager.load_user(user_id) == user_data # Random keys should fail assert user_db_manager.load_user(get_random_value_hex(33)) is None @@ -50,11 +50,11 @@ def test_load_user(user_db_manager): def test_delete_user(user_db_manager): # Deleting an existing user should work - for user_pk, user_data in stored_users.items(): - assert user_db_manager.delete_user(user_pk) is True + for user_id, user_data in stored_users.items(): + assert user_db_manager.delete_user(user_id) is True - for user_pk, user_data in stored_users.items(): - assert user_db_manager.load_user(user_pk) is None + for user_id, user_data in stored_users.items(): + assert user_db_manager.load_user(user_id) is None # But deleting a non existing one should not fail assert user_db_manager.delete_user(get_random_value_hex(32)) is True @@ -70,10 +70,10 @@ def test_load_all_users(user_db_manager): # Adding some and checking we get them all for i in range(10): - user_pk = "02" + get_random_value_hex(32) + user_id = "02" + get_random_value_hex(32) user_info = UserInfo(available_slots=42, subscription_expiry=100) - user_db_manager.store_user(user_pk, user_info.to_dict()) - stored_users[user_pk] = user_info.to_dict() + user_db_manager.store_user(user_id, user_info.to_dict()) + stored_users[user_id] = user_info.to_dict() all_users = user_db_manager.load_all_users()