Updates inspector to work with the new public key format and verification methods. Includes unit tests

pisa/inspector.py

@@ -3,7 +3,7 @@ from binascii import unhexlify
 
 import common.cryptographer
 from common.constants import LOCATOR_LEN_HEX
-from common.cryptographer import Cryptographer
+from common.cryptographer import Cryptographer, PublicKey
 
 from pisa import errors, LOG_PREFIX
 from common.logger import Logger
@@ -337,14 +337,14 @@ class Inspector:
 
     @staticmethod
     # Verifies that the appointment signature is a valid signature with public key
-    def check_appointment_signature(appointment_data, signature, pk_der):
+    def check_appointment_signature(appointment_data, signature, pk):
         """
         Checks if the provided user signature is correct.
 
         Args:
             appointment_data (:obj:`dict`): the appointment that was signed by the user.
             signature (:obj:`str`): the user's signature (hex encoded).
-            pk_der (:obj:`str`): the user's public key (hex encoded, DER format).
+            pk (:obj:`str`): the user's public key (hex encoded).
 
         Returns:
             :obj:`tuple`: A tuple (return code, message) as follows:
@@ -363,13 +363,19 @@ class Inspector:
             rcode = errors.APPOINTMENT_EMPTY_FIELD
             message = "empty signature received"
 
-        elif pk_der is None:
+        elif pk is None:
             rcode = errors.APPOINTMENT_EMPTY_FIELD
             message = "empty public key received"
 
+        elif re.match(r"^[0-9A-Fa-f]{66}$", pk) is None:
+            rcode = errors.APPOINTMENT_WRONG_FIELD
+            message = "public key must be a hex encoded 33-byte long value"
+
         else:
-            pk = Cryptographer.load_public_key_der(unhexlify(pk_der))
+            appointment = Appointment.from_dict(appointment_data)
-            valid_sig = Cryptographer.verify(Appointment.from_dict(appointment_data).serialize(), signature, pk)
+            rpk = Cryptographer.recover_pk(appointment.serialize(), signature)
+            pk = PublicKey(unhexlify(pk))
+            valid_sig = Cryptographer.verify_rpk(pk, rpk)
 
             if not valid_sig:
                 rcode = errors.APPOINTMENT_INVALID_SIGNATURE

test/pisa/unit/test_inspector.py

@@ -1,8 +1,4 @@
-from binascii import hexlify, unhexlify
+from binascii import unhexlify
-
-from cryptography.hazmat.backends import default_backend
-from cryptography.hazmat.primitives.asymmetric import ec
-from cryptography.hazmat.primitives import serialization
 
 from pisa.errors import *
 from pisa.inspector import Inspector
@@ -176,17 +172,14 @@ def test_check_blob():
 def test_check_appointment_signature():
     # The inspector receives the public key as hex
     client_sk, client_pk = generate_keypair()
-    client_pk_der = client_pk.public_bytes(
+    client_pk_hex = client_pk.format().hex()
-        encoding=serialization.Encoding.DER, format=serialization.PublicFormat.SubjectPublicKeyInfo
-    )
-    client_pk_hex = hexlify(client_pk_der).decode("utf-8")
 
     dummy_appointment_data, _ = generate_dummy_appointment_data(real_height=False)
     assert Inspector.check_appointment_signature(
         dummy_appointment_data["appointment"], dummy_appointment_data["signature"], dummy_appointment_data["public_key"]
     )
 
-    fake_sk = ec.generate_private_key(ec.SECP256K1, default_backend())
+    fake_sk, _ = generate_keypair()
 
     # Create a bad signature to make sure inspector rejects it
     bad_signature = Cryptographer.sign(
@@ -203,10 +196,7 @@ def test_inspect(run_bitcoind):
     # appointments.
 
     client_sk, client_pk = generate_keypair()
-    client_pk_der = client_pk.public_bytes(
+    client_pk_hex = client_pk.format().hex()
-        encoding=serialization.Encoding.DER, format=serialization.PublicFormat.SubjectPublicKeyInfo
-    )
-    client_pk_hex = hexlify(client_pk_der).decode("utf-8")
 
     # Valid appointment
     locator = get_random_value_hex(LOCATOR_LEN_BYTES)