aljaz/python-teos
1
0
Fork 0
mirror of https://github.com/aljazceru/python-teos.git synced 2025-12-17 14:14:22 +01:00
Code Issues Packages Projects Releases Wiki Activity

user_pk/client_pk -> user_id and cli/client -> user (when it does not reffer to the software)

Browse Source
This commit is contained in:
Sergi Delgado Segura
2020-04-21 16:42:43 +02:00
parent 0e5a99b778
commit 5f7a909804
8 changed files with 168 additions and 196 deletions
Download Patch File Download Diff File Expand all files Collapse all files

36
cli/teos_cli.py
View File

@@ -57,7 +57,7 @@ def register(user_id, teos_url):
return response
def add_appointment(appointment_data, cli_sk, teos_id, teos_url):
def add_appointment(appointment_data, user_sk, teos_id, teos_url):
"""
Manages the add_appointment command.
@@ -72,7 +72,7 @@ def add_appointment(appointment_data, cli_sk, teos_id, teos_url):
Args:
appointment_data (:obj:`dict`): a dictionary containing the appointment data.
cli_sk (:obj:`PrivateKey`): the client's private key.
user_sk (:obj:`PrivateKey`): the user's private key.
teos_id (:obj:`str`): the tower's compressed public key.
teos_url (:obj:`str`): the teos base url.
@@ -104,7 +104,7 @@ def add_appointment(appointment_data, cli_sk, teos_id, teos_url):
appointment_data["locator"] = compute_locator(tx_id)
appointment_data["encrypted_blob"] = Cryptographer.encrypt(tx, tx_id)
appointment = Appointment.from_dict(appointment_data)
signature = Cryptographer.sign(appointment.serialize(), cli_sk)
signature = Cryptographer.sign(appointment.serialize(), user_sk)
data = {"appointment": appointment.to_dict(), "signature": signature}
@@ -128,13 +128,13 @@ def add_appointment(appointment_data, cli_sk, teos_id, teos_url):
return appointment, signature
def get_appointment(locator, cli_sk, teos_id, teos_url):
def get_appointment(locator, user_sk, teos_id, teos_url):
"""
Gets information about an appointment from the tower.
Args:
locator (:obj:`str`): the appointment locator used to identify it.
cli_sk (:obj:`PrivateKey`): the client's private key.
user_sk (:obj:`PrivateKey`): the user's private key.
teos_id (:obj:`PublicKey`): the tower's compressed public key.
teos_url (:obj:`str`): the teos base url.
@@ -155,7 +155,7 @@ def get_appointment(locator, cli_sk, teos_id, teos_url):
raise InvalidParameter("The provided locator is not valid", locator=locator)
message = "get appointment {}".format(locator)
signature = Cryptographer.sign(message.encode(), cli_sk)
signature = Cryptographer.sign(message.encode(), user_sk)
data = {"locator": locator, "signature": signature}
# Send request to the server.
@@ -199,13 +199,13 @@ def get_all_appointments(teos_url):
return None
def load_keys(teos_pk_path, cli_sk_path):
def load_keys(teos_pk_path, user_sk_path):
"""
Loads all the keys required so sign, send, and verify the appointment.
Args:
teos_pk_path (:obj:`str`): path to the tower public key file.
cli_sk_path (:obj:`str`): path to the client private key file.
teos_pk_path (:obj:`str`): path to the tower's public key file.
user_sk_path (:obj:`str`): path to the user's private key file.
Returns:
:obj:`tuple`: a three-item tuple containing a ``str``, a ``PrivateKey`` and a ``str``
@@ -218,7 +218,7 @@ def load_keys(teos_pk_path, cli_sk_path):
if not teos_pk_path:
raise InvalidKey("TEOS's public key file not found. Please check your settings")
if not cli_sk_path:
if not user_sk_path:
raise InvalidKey("Client's private key file not found. Please check your settings")
try:
@@ -229,19 +229,19 @@ def load_keys(teos_pk_path, cli_sk_path):
raise InvalidKey("TEOS public key cannot be loaded")
try:
cli_sk_der = Cryptographer.load_key_file(cli_sk_path)
cli_sk = Cryptographer.load_private_key_der(cli_sk_der)
user_sk_der = Cryptographer.load_key_file(user_sk_path)
user_sk = Cryptographer.load_private_key_der(user_sk_der)
except (InvalidParameter, InvalidKey):
raise InvalidKey("Client private key is invalid or cannot be parsed")
try:
client_id = Cryptographer.get_compressed_pk(cli_sk.public_key)
user_id = Cryptographer.get_compressed_pk(user_sk.public_key)
except (InvalidParameter, InvalidKey):
raise InvalidKey("Client public key cannot be loaded")
return teos_id, cli_sk, client_id
return teos_id, user_sk, user_id
def post_request(data, endpoint):
@@ -402,15 +402,15 @@ def main(command, args, command_line_conf):
teos_url = "http://" + teos_url
try:
teos_id, cli_sk, client_id = load_keys(config.get("TEOS_PUBLIC_KEY"), config.get("CLI_PRIVATE_KEY"))
teos_id, user_sk, user_id = load_keys(config.get("TEOS_PUBLIC_KEY"), config.get("CLI_PRIVATE_KEY"))
if command == "register":
register_data = register(client_id, teos_url)
register_data = register(user_id, teos_url)
logger.info("Registration succeeded. Available slots: {}".format(register_data.get("available_slots")))
if command == "add_appointment":
appointment_data = parse_add_appointment_args(args)
appointment, signature = add_appointment(appointment_data, cli_sk, teos_id, teos_url)
appointment, signature = add_appointment(appointment_data, user_sk, teos_id, teos_url)
save_appointment_receipt(appointment.to_dict(), signature, config.get("APPOINTMENTS_FOLDER_NAME"))
elif command == "get_appointment":
@@ -423,7 +423,7 @@ def main(command, args, command_line_conf):
if arg_opt in ["-h", "--help"]:
sys.exit(help_get_appointment())
appointment_data = get_appointment(arg_opt, cli_sk, teos_id, teos_url)
appointment_data = get_appointment(arg_opt, user_sk, teos_id, teos_url)
if appointment_data:
print(appointment_data)

12
teos/api.py
View File

@@ -120,14 +120,14 @@ class API:
logger.info("Received invalid register request", from_addr="{}".format(remote_addr))
return jsonify({"error": str(e)}), HTTP_BAD_REQUEST
client_pk = request_data.get("public_key")
user_id = request_data.get("public_key")
if client_pk:
if user_id:
try:
rcode = HTTP_OK
available_slots, subscription_expiry = self.watcher.gatekeeper.add_update_user(client_pk)
available_slots, subscription_expiry = self.watcher.gatekeeper.add_update_user(user_id)
response = {
"public_key": client_pk,
"public_key": user_id,
"available_slots": available_slots,
"subscription_expiry": subscription_expiry,
}
@@ -234,10 +234,10 @@ class API:
message = "get appointment {}".format(locator).encode()
signature = request_data.get("signature")
user_pk = self.watcher.gatekeeper.authenticate_user(message, signature)
user_id = self.watcher.gatekeeper.authenticate_user(message, signature)
triggered_appointments = self.watcher.db_manager.load_all_triggered_flags()
uuid = hash_160("{}{}".format(locator, user_pk))
uuid = hash_160("{}{}".format(locator, user_id))
# If the appointment has been triggered, it should be in the locator (default else just in case).
if uuid in triggered_appointments:

24
teos/gatekeeper.py
View File

@@ -76,12 +76,12 @@ class Gatekeeper:
}
self.lock = Lock()
def add_update_user(self, user_pk):
def add_update_user(self, user_id):
"""
Adds a new user or updates the subscription of an existing one, by adding additional slots.
Args:
user_pk(:obj:`str`): the public key that identifies the user (33-bytes hex str).
user_id(:obj:`str`): the public key that identifies the user (33-bytes hex str).
Returns:
:obj:`tuple`: a tuple with the number of available slots in the user subscription and the subscription
@@ -91,23 +91,23 @@ class Gatekeeper:
:obj:`InvalidParameter`: if the user_pk does not match the expected format.
"""
if not is_compressed_pk(user_pk):
if not is_compressed_pk(user_id):
raise InvalidParameter("Provided public key does not match expected format (33-byte hex string)")
if user_pk not in self.registered_users:
self.registered_users[user_pk] = UserInfo(
if user_id not in self.registered_users:
self.registered_users[user_id] = UserInfo(
self.default_slots, self.block_processor.get_block_count() + self.default_subscription_duration
)
else:
# FIXME: For now new calls to register add default_slots to the current count and reset the expiry time
self.registered_users[user_pk].available_slots += self.default_slots
self.registered_users[user_pk].subscription_expiry = (
self.registered_users[user_id].available_slots += self.default_slots
self.registered_users[user_id].subscription_expiry = (
self.block_processor.get_block_count() + self.default_subscription_duration
)
self.user_db.store_user(user_pk, self.registered_users[user_pk].to_dict())
self.user_db.store_user(user_id, self.registered_users[user_id].to_dict())
return self.registered_users[user_pk].available_slots, self.registered_users[user_pk].subscription_expiry
return self.registered_users[user_id].available_slots, self.registered_users[user_id].subscription_expiry
def authenticate_user(self, message, signature):
"""
@@ -126,10 +126,10 @@ class Gatekeeper:
try:
rpk = Cryptographer.recover_pk(message, signature)
compressed_pk = Cryptographer.get_compressed_pk(rpk)
user_id = Cryptographer.get_compressed_pk(rpk)
if compressed_pk in self.registered_users:
return compressed_pk
if user_id in self.registered_users:
return user_id
else:
raise AuthenticationFailure("User not found.")

36
teos/users_dbm.py
View File

@@ -37,42 +37,42 @@ class UsersDBM(DBManager):
raise e
def store_user(self, user_pk, user_data):
def store_user(self, user_id, user_data):
"""
Stores a user record to the database. ``user_pk`` is used as identifier.
Args:
user_pk (:obj:`str`): a 33-byte hex-encoded string identifying the user.
user_id (:obj:`str`): a 33-byte hex-encoded string identifying the user.
user_data (:obj:`dict`): the user associated data, as a dictionary.
Returns:
:obj:`bool`: True if the user was stored in the database, False otherwise.
"""
if is_compressed_pk(user_pk):
if is_compressed_pk(user_id):
try:
self.create_entry(user_pk, json.dumps(user_data))
logger.info("Adding user to Gatekeeper's db", user_pk=user_pk)
self.create_entry(user_id, json.dumps(user_data))
logger.info("Adding user to Gatekeeper's db", user_id=user_id)
return True
except json.JSONDecodeError:
logger.info("Could't add user to db. Wrong user data format", user_pk=user_pk, user_data=user_data)
logger.info("Could't add user to db. Wrong user data format", user_id=user_id, user_data=user_data)
return False
except TypeError:
logger.info("Could't add user to db", user_pk=user_pk, user_data=user_data)
logger.info("Could't add user to db", user_id=user_id, user_data=user_data)
return False
else:
logger.info("Could't add user to db. Wrong pk format", user_pk=user_pk, user_data=user_data)
logger.info("Could't add user to db. Wrong pk format", user_id=user_id, user_data=user_data)
return False
def load_user(self, user_pk):
def load_user(self, user_id):
"""
Loads a user record from the database using the ``user_pk`` as identifier.
Args:
user_pk (:obj:`str`): a 33-byte hex-encoded string identifying the user.
user_id (:obj:`str`): a 33-byte hex-encoded string identifying the user.
Returns:
:obj:`dict`: A dictionary containing the user data if the ``key`` is found.
@@ -81,31 +81,31 @@ class UsersDBM(DBManager):
"""
try:
data = self.load_entry(user_pk)
data = self.load_entry(user_id)
data = json.loads(data)
except (TypeError, json.decoder.JSONDecodeError):
data = None
return data
def delete_user(self, user_pk):
def delete_user(self, user_id):
"""
Deletes a user record from the database.
Args:
user_pk (:obj:`str`): a 33-byte hex-encoded string identifying the user.
user_id (:obj:`str`): a 33-byte hex-encoded string identifying the user.
Returns:
:obj:`bool`: True if the user was deleted from the database or it was non-existent, False otherwise.
"""
try:
self.delete_entry(user_pk)
logger.info("Deleting user from Gatekeeper's db", uuid=user_pk)
self.delete_entry(user_id)
logger.info("Deleting user from Gatekeeper's db", uuid=user_id)
return True
except TypeError:
logger.info("Cannot delete user from db, user key has wrong type", uuid=user_pk)
logger.info("Cannot delete user from db, user key has wrong type", uuid=user_id)
return False
def load_all_users(self):
@@ -122,7 +122,7 @@ class UsersDBM(DBManager):
for k, v in self.db.iterator():
# Get uuid and appointment_data from the db
user_pk = k.decode("utf-8")
data[user_pk] = json.loads(v)
user_id = k.decode("utf-8")
data[user_id] = json.loads(v)
return data

42
test/teos/e2e/test_basic_e2e.py
View File

@@ -35,9 +35,7 @@ teos_get_all_appointments_endpoint = "{}/get_all_appointments".format(teos_base_
# Run teosd
teosd_process = run_teosd()
teos_pk, cli_sk, compressed_cli_pk = teos_cli.load_keys(
cli_config.get("TEOS_PUBLIC_KEY"), cli_config.get("CLI_PRIVATE_KEY")
)
teos_id, user_sk, user_id = teos_cli.load_keys(cli_config.get("TEOS_PUBLIC_KEY"), cli_config.get("CLI_PRIVATE_KEY"))
def broadcast_transaction_and_mine_block(bitcoin_cli, commitment_tx, addr):
@@ -46,13 +44,13 @@ def broadcast_transaction_and_mine_block(bitcoin_cli, commitment_tx, addr):
bitcoin_cli.generatetoaddress(1, addr)
def get_appointment_info(locator, sk=cli_sk):
def get_appointment_info(locator, sk=user_sk):
sleep(1) # Let's add a bit of delay so the state can be updated
return teos_cli.get_appointment(locator, sk, teos_pk, teos_base_endpoint)
return teos_cli.get_appointment(locator, sk, teos_id, teos_base_endpoint)
def add_appointment(appointment_data, sk=cli_sk):
return teos_cli.add_appointment(appointment_data, sk, teos_pk, teos_base_endpoint)
def add_appointment(appointment_data, sk=user_sk):
return teos_cli.add_appointment(appointment_data, sk, teos_id, teos_base_endpoint)
def get_all_appointments():
@@ -78,7 +76,7 @@ def test_commands_non_registered(bitcoin_cli):
def test_commands_registered(bitcoin_cli):
# Test registering and trying again
teos_cli.register(compressed_cli_pk, teos_base_endpoint)
teos_cli.register(user_id, teos_base_endpoint)
# Add appointment
commitment_tx, penalty_tx = create_txs(bitcoin_cli)
@@ -96,7 +94,7 @@ def test_commands_registered(bitcoin_cli):
def test_appointment_life_cycle(bitcoin_cli):
# First of all we need to register
teos_cli.register(compressed_cli_pk, teos_base_endpoint)
teos_cli.register(user_id, teos_base_endpoint)
# After that we can build an appointment and send it to the tower
commitment_tx, penalty_tx = create_txs(bitcoin_cli)
@@ -245,7 +243,7 @@ def test_appointment_wrong_decryption_key(bitcoin_cli):
appointment_data["encrypted_blob"] = Cryptographer.encrypt(penalty_tx, get_random_value_hex(32))
appointment = Appointment.from_dict(appointment_data)
signature = Cryptographer.sign(appointment.serialize(), cli_sk)
signature = Cryptographer.sign(appointment.serialize(), user_sk)
data = {"appointment": appointment.to_dict(), "signature": signature}
# Send appointment to the server.
@@ -255,7 +253,7 @@ def test_appointment_wrong_decryption_key(bitcoin_cli):
# Check that the server has accepted the appointment
signature = response_json.get("signature")
rpk = Cryptographer.recover_pk(appointment.serialize(), signature)
assert teos_pk == Cryptographer.get_compressed_pk(rpk)
assert teos_id == Cryptographer.get_compressed_pk(rpk)
assert response_json.get("locator") == appointment.locator
# Trigger the appointment
@@ -306,18 +304,18 @@ def test_two_identical_appointments(bitcoin_cli):
# locator = compute_locator(commitment_tx_id)
#
# # tmp keys from a different user
# tmp_sk = PrivateKey()
# tmp_compressed_pk = hexlify(tmp_sk.public_key.format(compressed=True)).decode("utf-8")
# teos_cli.register(tmp_compressed_pk, teos_base_endpoint)
# tmp_user_sk = PrivateKey()
# tmp_user_id = hexlify(tmp_user_sk.public_key.format(compressed=True)).decode("utf-8")
# teos_cli.register(tmp_user_id, teos_base_endpoint)
#
# # Send the appointment twice
# assert add_appointment(appointment_data) is True
# assert add_appointment(appointment_data, sk=tmp_sk) is True
# assert add_appointment(appointment_data, sk=tmp_user_sk) is True
#
# # Check that we can get it from both users
# appointment_info = get_appointment_info(locator)
# assert appointment_info.get("status") == "being_watched"
# appointment_info = get_appointment_info(locator, sk=tmp_sk)
# appointment_info = get_appointment_info(locator, sk=tmp_user_sk)
# assert appointment_info.get("status") == "being_watched"
#
# # Broadcast the commitment transaction and mine a block
@@ -327,7 +325,7 @@ def test_two_identical_appointments(bitcoin_cli):
# # The last appointment should have made it to the Responder
# sleep(1)
# appointment_info = get_appointment_info(locator)
# appointment_dup_info = get_appointment_info(locator, sk=tmp_sk)
# appointment_dup_info = get_appointment_info(locator, sk=tmp_user_sk)
#
# # One of the two request must be None, while the other must be valid
# assert (appointment_info is None and appointment_dup_info is not None) or (
@@ -355,12 +353,12 @@ def test_two_appointment_same_locator_different_penalty_different_users(bitcoin_
locator = compute_locator(commitment_tx_id)
# tmp keys for a different user
tmp_sk = PrivateKey()
tmp_compressed_pk = hexlify(tmp_sk.public_key.format(compressed=True)).decode("utf-8")
teos_cli.register(tmp_compressed_pk, teos_base_endpoint)
tmp_user_sk = PrivateKey()
tmp_user_id = hexlify(tmp_user_sk.public_key.format(compressed=True)).decode("utf-8")
teos_cli.register(tmp_user_id, teos_base_endpoint)
appointment, _ = add_appointment(appointment1_data)
appointment_2, _ = add_appointment(appointment2_data, sk=tmp_sk)
appointment_2, _ = add_appointment(appointment2_data, sk=tmp_user_sk)
# Broadcast the commitment transaction and mine a block
new_addr = bitcoin_cli.getnewaddress()
@@ -371,7 +369,7 @@ def test_two_appointment_same_locator_different_penalty_different_users(bitcoin_
appointment_info = None
with pytest.raises(TowerResponseError):
appointment_info = get_appointment_info(locator)
appointment2_info = get_appointment_info(locator, sk=tmp_sk)
appointment2_info = get_appointment_info(locator, sk=tmp_user_sk)
if appointment_info is None:
appointment_info = appointment2_info

130
test/teos/unit/test_api.py
View File

@@ -40,8 +40,8 @@ appointments = {}
locator_dispute_tx_map = {}
client_sk, client_pk = generate_keypair()
compressed_client_pk = hexlify(client_pk.format(compressed=True)).decode("utf-8")
user_sk, user_pk = generate_keypair()
user_id = hexlify(user_pk.format(compressed=True)).decode("utf-8")
@pytest.fixture()
@@ -86,12 +86,12 @@ def appointment():
return appointment
def add_appointment(client, appointment_data, user_pk):
def add_appointment(client, appointment_data, user_id):
r = client.post(add_appointment_endpoint, json=appointment_data)
if r.status_code == HTTP_OK:
locator = appointment_data.get("appointment").get("locator")
uuid = hash_160("{}{}".format(locator, user_pk))
uuid = hash_160("{}{}".format(locator, user_id))
appointments[uuid] = appointment_data["appointment"]
return r
@@ -99,10 +99,10 @@ def add_appointment(client, appointment_data, user_pk):
def test_register(client, api):
current_height = api.watcher.block_processor.get_block_count()
data = {"public_key": compressed_client_pk}
data = {"public_key": user_id}
r = client.post(register_endpoint, json=data)
assert r.status_code == HTTP_OK
assert r.json.get("public_key") == compressed_client_pk
assert r.json.get("public_key") == user_id
assert r.json.get("available_slots") == config.get("DEFAULT_SLOTS")
assert r.json.get("subscription_expiry") == current_height + config.get("DEFAULT_SUBSCRIPTION_DURATION")
@@ -111,15 +111,15 @@ def test_register_top_up(client, api):
# Calling register more than once will give us DEFAULT_SLOTS * number_of_calls slots.
# It will also refresh the expiry.
temp_sk, tmp_pk = generate_keypair()
tmp_pk_hex = hexlify(tmp_pk.format(compressed=True)).decode("utf-8")
tmp_user_id = hexlify(tmp_pk.format(compressed=True)).decode("utf-8")
current_height = api.watcher.block_processor.get_block_count()
data = {"public_key": tmp_pk_hex}
data = {"public_key": tmp_user_id}
for i in range(10):
r = client.post(register_endpoint, json=data)
assert r.status_code == HTTP_OK
assert r.json.get("public_key") == tmp_pk_hex
assert r.json.get("public_key") == tmp_user_id
assert r.json.get("available_slots") == config.get("DEFAULT_SLOTS") * (i + 1)
assert r.json.get("subscription_expiry") == current_height + config.get("DEFAULT_SUBSCRIPTION_DURATION")
@@ -131,7 +131,7 @@ def test_register_no_client_pk(client):
def test_register_wrong_client_pk(client):
data = {"public_key": compressed_client_pk + compressed_client_pk}
data = {"public_key": user_id + user_id}
r = client.post(register_endpoint, json=data)
assert r.status_code == HTTP_BAD_REQUEST
@@ -148,20 +148,18 @@ def test_register_json_no_inner_dict(client):
def test_add_appointment(api, client, appointment):
# Simulate the user registration (end time does not matter here)
api.watcher.gatekeeper.registered_users[compressed_client_pk] = UserInfo(available_slots=1, subscription_expiry=0)
api.watcher.gatekeeper.registered_users[user_id] = UserInfo(available_slots=1, subscription_expiry=0)
# Properly formatted appointment
appointment_signature = Cryptographer.sign(appointment.serialize(), client_sk)
r = add_appointment(
client, {"appointment": appointment.to_dict(), "signature": appointment_signature}, compressed_client_pk
)
appointment_signature = Cryptographer.sign(appointment.serialize(), user_sk)
r = add_appointment(client, {"appointment": appointment.to_dict(), "signature": appointment_signature}, user_id)
assert r.status_code == HTTP_OK
assert r.json.get("available_slots") == 0
def test_add_appointment_no_json(api, client, appointment):
# Simulate the user registration (end time does not matter here)
api.watcher.gatekeeper.registered_users[compressed_client_pk] = UserInfo(available_slots=1, subscription_expiry=0)
api.watcher.gatekeeper.registered_users[user_id] = UserInfo(available_slots=1, subscription_expiry=0)
# No JSON data
r = client.post(add_appointment_endpoint, data="random_message")
@@ -171,7 +169,7 @@ def test_add_appointment_no_json(api, client, appointment):
def test_add_appointment_json_no_inner_dict(api, client, appointment):
# Simulate the user registration (end time does not matter here)
api.watcher.gatekeeper.registered_users[compressed_client_pk] = UserInfo(available_slots=1, subscription_expiry=0)
api.watcher.gatekeeper.registered_users[user_id] = UserInfo(available_slots=1, subscription_expiry=0)
# JSON data with no inner dict (invalid data foramat)
r = client.post(add_appointment_endpoint, json="random_message")
@@ -181,14 +179,12 @@ def test_add_appointment_json_no_inner_dict(api, client, appointment):
def test_add_appointment_wrong(api, client, appointment):
# Simulate the user registration (end time does not matter here)
api.watcher.gatekeeper.registered_users[compressed_client_pk] = UserInfo(available_slots=1, subscription_expiry=0)
api.watcher.gatekeeper.registered_users[user_id] = UserInfo(available_slots=1, subscription_expiry=0)
# Incorrect appointment (properly formatted, wrong data)
appointment.to_self_delay = 0
appointment_signature = Cryptographer.sign(appointment.serialize(), client_sk)
r = add_appointment(
client, {"appointment": appointment.to_dict(), "signature": appointment_signature}, compressed_client_pk
)
appointment_signature = Cryptographer.sign(appointment.serialize(), user_sk)
r = add_appointment(client, {"appointment": appointment.to_dict(), "signature": appointment_signature}, user_id)
assert r.status_code == HTTP_BAD_REQUEST
assert "Error {}:".format(errors.APPOINTMENT_FIELD_TOO_SMALL) in r.json.get("error")
@@ -208,44 +204,38 @@ def test_add_appointment_not_registered(api, client, appointment):
def test_add_appointment_registered_no_free_slots(api, client, appointment):
# Empty the user slots (end time does not matter here)
api.watcher.gatekeeper.registered_users[compressed_client_pk] = UserInfo(available_slots=0, subscription_expiry=0)
api.watcher.gatekeeper.registered_users[user_id] = UserInfo(available_slots=0, subscription_expiry=0)
# Properly formatted appointment, user has no available slots
appointment_signature = Cryptographer.sign(appointment.serialize(), client_sk)
r = add_appointment(
client, {"appointment": appointment.to_dict(), "signature": appointment_signature}, compressed_client_pk
)
appointment_signature = Cryptographer.sign(appointment.serialize(), user_sk)
r = add_appointment(client, {"appointment": appointment.to_dict(), "signature": appointment_signature}, user_id)
assert r.status_code == HTTP_BAD_REQUEST
assert "Error {}:".format(errors.APPOINTMENT_INVALID_SIGNATURE_OR_INSUFFICIENT_SLOTS) in r.json.get("error")
def test_add_appointment_registered_not_enough_free_slots(api, client, appointment):
# Give some slots to the user (end time does not matter here)
api.watcher.gatekeeper.registered_users[compressed_client_pk] = UserInfo(available_slots=1, subscription_expiry=0)
api.watcher.gatekeeper.registered_users[user_id] = UserInfo(available_slots=1, subscription_expiry=0)
# Properly formatted appointment, user has not enough slots
appointment_signature = Cryptographer.sign(appointment.serialize(), client_sk)
appointment_signature = Cryptographer.sign(appointment.serialize(), user_sk)
# Let's create a big blob
appointment.encrypted_blob = TWO_SLOTS_BLOTS
r = add_appointment(
client, {"appointment": appointment.to_dict(), "signature": appointment_signature}, compressed_client_pk
)
r = add_appointment(client, {"appointment": appointment.to_dict(), "signature": appointment_signature}, user_id)
assert r.status_code == HTTP_BAD_REQUEST
assert "Error {}:".format(errors.APPOINTMENT_INVALID_SIGNATURE_OR_INSUFFICIENT_SLOTS) in r.json.get("error")
def test_add_appointment_multiple_times_same_user(api, client, appointment, n=MULTIPLE_APPOINTMENTS):
# Multiple appointments with the same locator should be valid and count as updates
appointment_signature = Cryptographer.sign(appointment.serialize(), client_sk)
appointment_signature = Cryptographer.sign(appointment.serialize(), user_sk)
# Simulate registering enough slots (end time does not matter here)
api.watcher.gatekeeper.registered_users[compressed_client_pk] = UserInfo(available_slots=n, subscription_expiry=0)
api.watcher.gatekeeper.registered_users[user_id] = UserInfo(available_slots=n, subscription_expiry=0)
for _ in range(n):
r = add_appointment(
client, {"appointment": appointment.to_dict(), "signature": appointment_signature}, compressed_client_pk
)
r = add_appointment(client, {"appointment": appointment.to_dict(), "signature": appointment_signature}, user_id)
assert r.status_code == HTTP_OK
assert r.json.get("available_slots") == n - 1
@@ -277,75 +267,61 @@ def test_add_appointment_multiple_times_different_users(api, client, appointment
def test_add_appointment_update_same_size(api, client, appointment):
# Update an appointment by one of the same size and check that no additional slots are filled
api.watcher.gatekeeper.registered_users[compressed_client_pk] = UserInfo(available_slots=1, subscription_expiry=0)
api.watcher.gatekeeper.registered_users[user_id] = UserInfo(available_slots=1, subscription_expiry=0)
appointment_signature = Cryptographer.sign(appointment.serialize(), client_sk)
r = add_appointment(
client, {"appointment": appointment.to_dict(), "signature": appointment_signature}, compressed_client_pk
)
appointment_signature = Cryptographer.sign(appointment.serialize(), user_sk)
r = add_appointment(client, {"appointment": appointment.to_dict(), "signature": appointment_signature}, user_id)
assert r.status_code == HTTP_OK and r.json.get("available_slots") == 0
# The user has no additional slots, but it should be able to update
# Let's just reverse the encrypted blob for example
appointment.encrypted_blob = appointment.encrypted_blob[::-1]
appointment_signature = Cryptographer.sign(appointment.serialize(), client_sk)
r = add_appointment(
client, {"appointment": appointment.to_dict(), "signature": appointment_signature}, compressed_client_pk
)
appointment_signature = Cryptographer.sign(appointment.serialize(), user_sk)
r = add_appointment(client, {"appointment": appointment.to_dict(), "signature": appointment_signature}, user_id)
assert r.status_code == HTTP_OK and r.json.get("available_slots") == 0
def test_add_appointment_update_bigger(api, client, appointment):
# Update an appointment by one bigger, and check additional slots are filled
api.watcher.gatekeeper.registered_users[compressed_client_pk] = UserInfo(available_slots=2, subscription_expiry=0)
api.watcher.gatekeeper.registered_users[user_id] = UserInfo(available_slots=2, subscription_expiry=0)
appointment_signature = Cryptographer.sign(appointment.serialize(), client_sk)
r = add_appointment(
client, {"appointment": appointment.to_dict(), "signature": appointment_signature}, compressed_client_pk
)
appointment_signature = Cryptographer.sign(appointment.serialize(), user_sk)
r = add_appointment(client, {"appointment": appointment.to_dict(), "signature": appointment_signature}, user_id)
assert r.status_code == HTTP_OK and r.json.get("available_slots") == 1
# The user has one slot, so it should be able to update as long as it only takes 1 additional slot
appointment.encrypted_blob = TWO_SLOTS_BLOTS
appointment_signature = Cryptographer.sign(appointment.serialize(), client_sk)
r = add_appointment(
client, {"appointment": appointment.to_dict(), "signature": appointment_signature}, compressed_client_pk
)
appointment_signature = Cryptographer.sign(appointment.serialize(), user_sk)
r = add_appointment(client, {"appointment": appointment.to_dict(), "signature": appointment_signature}, user_id)
assert r.status_code == HTTP_OK and r.json.get("available_slots") == 0
# Check that it'll fail if no enough slots are available
# Double the size from before
appointment.encrypted_blob = TWO_SLOTS_BLOTS + TWO_SLOTS_BLOTS
appointment_signature = Cryptographer.sign(appointment.serialize(), client_sk)
r = add_appointment(
client, {"appointment": appointment.to_dict(), "signature": appointment_signature}, compressed_client_pk
)
appointment_signature = Cryptographer.sign(appointment.serialize(), user_sk)
r = add_appointment(client, {"appointment": appointment.to_dict(), "signature": appointment_signature}, user_id)
assert r.status_code == HTTP_BAD_REQUEST
def test_add_appointment_update_smaller(api, client, appointment):
# Update an appointment by one bigger, and check slots are freed
api.watcher.gatekeeper.registered_users[compressed_client_pk] = UserInfo(available_slots=2, subscription_expiry=0)
api.watcher.gatekeeper.registered_users[user_id] = UserInfo(available_slots=2, subscription_expiry=0)
# This should take 2 slots
appointment.encrypted_blob = TWO_SLOTS_BLOTS
appointment_signature = Cryptographer.sign(appointment.serialize(), client_sk)
r = add_appointment(
client, {"appointment": appointment.to_dict(), "signature": appointment_signature}, compressed_client_pk
)
appointment_signature = Cryptographer.sign(appointment.serialize(), user_sk)
r = add_appointment(client, {"appointment": appointment.to_dict(), "signature": appointment_signature}, user_id)
assert r.status_code == HTTP_OK and r.json.get("available_slots") == 0
# Let's update with one just small enough
appointment.encrypted_blob = "A" * (ENCRYPTED_BLOB_MAX_SIZE_HEX - 2)
appointment_signature = Cryptographer.sign(appointment.serialize(), client_sk)
r = add_appointment(
client, {"appointment": appointment.to_dict(), "signature": appointment_signature}, compressed_client_pk
)
appointment_signature = Cryptographer.sign(appointment.serialize(), user_sk)
r = add_appointment(client, {"appointment": appointment.to_dict(), "signature": appointment_signature}, user_id)
assert r.status_code == HTTP_OK and r.json.get("available_slots") == 1
def test_add_too_many_appointment(api, client):
# Give slots to the user
api.watcher.gatekeeper.registered_users[compressed_client_pk] = UserInfo(available_slots=200, subscription_expiry=0)
api.watcher.gatekeeper.registered_users[user_id] = UserInfo(available_slots=200, subscription_expiry=0)
free_appointment_slots = MAX_APPOINTMENTS - len(api.watcher.appointments)
@@ -353,10 +329,8 @@ def test_add_too_many_appointment(api, client):
appointment, dispute_tx = generate_dummy_appointment()
locator_dispute_tx_map[appointment.locator] = dispute_tx
appointment_signature = Cryptographer.sign(appointment.serialize(), client_sk)
r = add_appointment(
client, {"appointment": appointment.to_dict(), "signature": appointment_signature}, compressed_client_pk
)
appointment_signature = Cryptographer.sign(appointment.serialize(), user_sk)
r = add_appointment(client, {"appointment": appointment.to_dict(), "signature": appointment_signature}, user_id)
if i < free_appointment_slots:
assert r.status_code == HTTP_OK
@@ -376,7 +350,7 @@ def test_get_appointment_json_no_inner_dict(api, client, appointment):
assert "Invalid request content" in r.json.get("error")
def test_get_random_appointment_registered_user(client, user_sk=client_sk):
def test_get_random_appointment_registered_user(client, user_sk=user_sk):
locator = get_random_value_hex(LOCATOR_LEN_BYTES)
message = "get appointment {}".format(locator)
signature = Cryptographer.sign(message.encode("utf-8"), user_sk)
@@ -401,12 +375,12 @@ def test_get_appointment_not_registered_user(client):
def test_get_appointment_in_watcher(api, client, appointment):
# Mock the appointment in the Watcher
uuid = hash_160("{}{}".format(appointment.locator, compressed_client_pk))
uuid = hash_160("{}{}".format(appointment.locator, user_id))
api.watcher.db_manager.store_watcher_appointment(uuid, appointment.to_dict())
# Next we can request it
message = "get appointment {}".format(appointment.locator)
signature = Cryptographer.sign(message.encode("utf-8"), client_sk)
signature = Cryptographer.sign(message.encode("utf-8"), user_sk)
data = {"locator": appointment.locator, "signature": signature}
r = client.post(get_appointment_endpoint, json=data)
assert r.status_code == HTTP_OK
@@ -432,13 +406,13 @@ def test_get_appointment_in_responder(api, client, appointment):
}
tx_tracker = TransactionTracker.from_dict(tracker_data)
uuid = hash_160("{}{}".format(appointment.locator, compressed_client_pk))
uuid = hash_160("{}{}".format(appointment.locator, user_id))
api.watcher.db_manager.create_triggered_appointment_flag(uuid)
api.watcher.responder.db_manager.store_responder_tracker(uuid, tx_tracker.to_dict())
# Request back the data
message = "get appointment {}".format(appointment.locator)
signature = Cryptographer.sign(message.encode("utf-8"), client_sk)
signature = Cryptographer.sign(message.encode("utf-8"), user_sk)
data = {"locator": appointment.locator, "signature": signature}
# Next we can request it

54
test/teos/unit/test_gatekeeper.py
View File

@@ -28,17 +28,17 @@ def test_init(gatekeeper, run_bitcoind):
def test_add_update_user(gatekeeper):
# add_update_user adds DEFAULT_SLOTS to a given user as long as the identifier is {02, 03}| 32-byte hex str
# it also add DEFAULT_SUBSCRIPTION_DURATION + current_block_height to the user
user_pk = "02" + get_random_value_hex(32)
user_id = "02" + get_random_value_hex(32)
for _ in range(10):
user = gatekeeper.registered_users.get(user_pk)
user = gatekeeper.registered_users.get(user_id)
current_slots = user.available_slots if user is not None else 0
gatekeeper.add_update_user(user_pk)
gatekeeper.add_update_user(user_id)
assert gatekeeper.registered_users.get(user_pk).available_slots == current_slots + config.get("DEFAULT_SLOTS")
assert gatekeeper.registered_users.get(user_id).available_slots == current_slots + config.get("DEFAULT_SLOTS")
assert gatekeeper.registered_users[
user_pk
user_id
].subscription_expiry == gatekeeper.block_processor.get_block_count() + config.get(
"DEFAULT_SUBSCRIPTION_DURATION"
)
@@ -46,31 +46,31 @@ def test_add_update_user(gatekeeper):
# The same can be checked for multiple users
for _ in range(10):
# The user identifier is changed every call
user_pk = "03" + get_random_value_hex(32)
user_id = "03" + get_random_value_hex(32)
gatekeeper.add_update_user(user_pk)
assert gatekeeper.registered_users.get(user_pk).available_slots == config.get("DEFAULT_SLOTS")
gatekeeper.add_update_user(user_id)
assert gatekeeper.registered_users.get(user_id).available_slots == config.get("DEFAULT_SLOTS")
assert gatekeeper.registered_users[
user_pk
user_id
].subscription_expiry == gatekeeper.block_processor.get_block_count() + config.get(
"DEFAULT_SUBSCRIPTION_DURATION"
)
def test_add_update_user_wrong_pk(gatekeeper):
def test_add_update_user_wrong_id(gatekeeper):
# Passing a wrong pk defaults to the errors in check_user_pk. We can try with one.
wrong_pk = get_random_value_hex(32)
wrong_id = get_random_value_hex(32)
with pytest.raises(InvalidParameter):
gatekeeper.add_update_user(wrong_pk)
gatekeeper.add_update_user(wrong_id)
def test_add_update_user_wrong_pk_prefix(gatekeeper):
def test_add_update_user_wrong_id_prefix(gatekeeper):
# Prefixes must be 02 or 03, anything else should fail
wrong_pk = "04" + get_random_value_hex(32)
wrong_id = "04" + get_random_value_hex(32)
with pytest.raises(InvalidParameter):
gatekeeper.add_update_user(wrong_pk)
gatekeeper.add_update_user(wrong_id)
def test_identify_user(gatekeeper):
@@ -79,13 +79,13 @@ def test_identify_user(gatekeeper):
# Let's first register a user
sk, pk = generate_keypair()
compressed_pk = Cryptographer.get_compressed_pk(pk)
gatekeeper.add_update_user(compressed_pk)
user_id = Cryptographer.get_compressed_pk(pk)
gatekeeper.add_update_user(user_id)
message = "Hey, it's me"
signature = Cryptographer.sign(message.encode(), sk)
assert gatekeeper.authenticate_user(message.encode(), signature) == compressed_pk
assert gatekeeper.authenticate_user(message.encode(), signature) == user_id
def test_identify_user_non_registered(gatekeeper):
@@ -132,15 +132,15 @@ def test_update_available_slots(gatekeeper):
# update_available_slots should decrease the slot count if a new appointment is added
# let's add a new user
sk, pk = generate_keypair()
compressed_pk = Cryptographer.get_compressed_pk(pk)
gatekeeper.add_update_user(compressed_pk)
user_id = Cryptographer.get_compressed_pk(pk)
gatekeeper.add_update_user(user_id)
# And now update the slots given an appointment
appointment, _ = generate_dummy_appointment()
gatekeeper.update_available_slots(compressed_pk, appointment.get_summary())
gatekeeper.update_available_slots(user_id, appointment.get_summary())
# This is a standard size appointment, so it should have reduced the slots by one
assert gatekeeper.registered_users[compressed_pk].available_slots == config.get("DEFAULT_SLOTS") - 1
assert gatekeeper.registered_users[user_id].available_slots == config.get("DEFAULT_SLOTS") - 1
# Updates can leave the count as it, decrease it, or increase it, depending on the appointment size (modulo
# ENCRYPTED_BLOB_MAX_SIZE_HEX)
@@ -148,7 +148,7 @@ def test_update_available_slots(gatekeeper):
# Appointments of the same size leave it as is
appointment_same_size, _ = generate_dummy_appointment()
remaining_slots = gatekeeper.update_available_slots(
compressed_pk, appointment.get_summary(), appointment_same_size.get_summary()
user_id, appointment.get_summary(), appointment_same_size.get_summary()
)
assert remaining_slots == config.get("DEFAULT_SLOTS") - 1
@@ -156,20 +156,20 @@ def test_update_available_slots(gatekeeper):
appointment_x2_size = appointment_same_size
appointment_x2_size.encrypted_blob = "A" * (ENCRYPTED_BLOB_MAX_SIZE_HEX + 1)
remaining_slots = gatekeeper.update_available_slots(
compressed_pk, appointment_x2_size.get_summary(), appointment.get_summary()
user_id, appointment_x2_size.get_summary(), appointment.get_summary()
)
assert remaining_slots == config.get("DEFAULT_SLOTS") - 2
# Smaller appointments increase it (using the same data but flipped)
remaining_slots = gatekeeper.update_available_slots(
compressed_pk, appointment.get_summary(), appointment_x2_size.get_summary()
user_id, appointment.get_summary(), appointment_x2_size.get_summary()
)
assert remaining_slots == config.get("DEFAULT_SLOTS") - 1
# If the appointment needs more slots than there's free, it should fail
gatekeeper.registered_users[compressed_pk].available_slots = 1
gatekeeper.registered_users[user_id].available_slots = 1
with pytest.raises(NotEnoughSlots):
gatekeeper.update_available_slots(compressed_pk, appointment_x2_size.get_summary())
gatekeeper.update_available_slots(user_id, appointment_x2_size.get_summary())
def test_get_expired_appointments(gatekeeper):

30
test/teos/unit/test_users_dbm.py
View File

@@ -19,27 +19,27 @@ def open_create_db(db_path):
def test_store_user(user_db_manager):
# Store user should work as long as the user_pk is properly formatted and data is a dictionary
user_pk = "02" + get_random_value_hex(32)
user_id = "02" + get_random_value_hex(32)
user_info = UserInfo(available_slots=42, subscription_expiry=100)
stored_users[user_pk] = user_info.to_dict()
assert user_db_manager.store_user(user_pk, user_info.to_dict()) is True
stored_users[user_id] = user_info.to_dict()
assert user_db_manager.store_user(user_id, user_info.to_dict()) is True
# Wrong pks should return False on adding
user_pk = "04" + get_random_value_hex(32)
user_id = "04" + get_random_value_hex(32)
user_info = UserInfo(available_slots=42, subscription_expiry=100)
assert user_db_manager.store_user(user_pk, user_info.to_dict()) is False
assert user_db_manager.store_user(user_id, user_info.to_dict()) is False
# Same for wrong types
assert user_db_manager.store_user(42, user_info.to_dict()) is False
# And for wrong type user data
assert user_db_manager.store_user(user_pk, 42) is False
assert user_db_manager.store_user(user_id, 42) is False
def test_load_user(user_db_manager):
# Loading a user we have stored should work
for user_pk, user_data in stored_users.items():
assert user_db_manager.load_user(user_pk) == user_data
for user_id, user_data in stored_users.items():
assert user_db_manager.load_user(user_id) == user_data
# Random keys should fail
assert user_db_manager.load_user(get_random_value_hex(33)) is None
@@ -50,11 +50,11 @@ def test_load_user(user_db_manager):
def test_delete_user(user_db_manager):
# Deleting an existing user should work
for user_pk, user_data in stored_users.items():
assert user_db_manager.delete_user(user_pk) is True
for user_id, user_data in stored_users.items():
assert user_db_manager.delete_user(user_id) is True
for user_pk, user_data in stored_users.items():
assert user_db_manager.load_user(user_pk) is None
for user_id, user_data in stored_users.items():
assert user_db_manager.load_user(user_id) is None
# But deleting a non existing one should not fail
assert user_db_manager.delete_user(get_random_value_hex(32)) is True
@@ -70,10 +70,10 @@ def test_load_all_users(user_db_manager):
# Adding some and checking we get them all
for i in range(10):
user_pk = "02" + get_random_value_hex(32)
user_id = "02" + get_random_value_hex(32)
user_info = UserInfo(available_slots=42, subscription_expiry=100)
user_db_manager.store_user(user_pk, user_info.to_dict())
stored_users[user_pk] = user_info.to_dict()
user_db_manager.store_user(user_id, user_info.to_dict())
stored_users[user_id] = user_info.to_dict()
all_users = user_db_manager.load_all_users()