zolfa
/
tendermint
1
0
Fork 0
Code Issues 0 Pull Requests 0 Projects 0 Releases 221 Wiki Activity
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
87 Commits
183 Branches
291 MiB
Tree: 438b16f1f8
Branches Tags
${ item.name }
Create branch ${ searchTerm }
from '438b16f1f8'
${ noResults }
tendermint/keys/cryptostore/holder_test.go

243 lines
6.5 KiB
Raw Normal View History

Import keystore logic from light-client
8 years ago
Set key algorithm on key creation
8 years ago
Moved crypto code to top level again
8 years ago
Import keystore logic from light-client
8 years ago
Set key algorithm on key creation
8 years ago
Import keystore logic from light-client
8 years ago
Set key algorithm on key creation
8 years ago
Expose new and list via cli
8 years ago
Import keystore logic from light-client
8 years ago
Set key algorithm on key creation
8 years ago
Import keystore logic from light-client
8 years ago
Set key algorithm on key creation
8 years ago
Import keystore logic from light-client
8 years ago
Set key algorithm on key creation
8 years ago
Import keystore logic from light-client
8 years ago
 
  1. package cryptostore_test
  2. 

  3. import (
  4. 	"testing"
  5. 

  6. 	"github.com/stretchr/testify/assert"
  7. 	"github.com/stretchr/testify/require"
  8. 	crypto "github.com/tendermint/go-crypto"
  9. 	"github.com/tendermint/go-crypto/keys/cryptostore"
  10. 	"github.com/tendermint/go-crypto/keys/storage/memstorage"
  11. )
  12. 

  13. // TestKeyManagement makes sure we can manipulate these keys well

  14. func TestKeyManagement(t *testing.T) {
  15. 	assert, require := assert.New(t), require.New(t)
  16. 

  17. 	// make the storage with reasonable defaults

  18. 	cstore := cryptostore.New(
  19. 		cryptostore.SecretBox,
  20. 		memstorage.New(),
  21. 	)
  22. 

  23. 	algo := crypto.NameEd25519
  24. 	n1, n2, n3 := "personal", "business", "other"
  25. 	p1, p2 := "1234", "really-secure!@#$"
  26. 

  27. 	// Check empty state

  28. 	l, err := cstore.List()
  29. 	require.Nil(err)
  30. 	assert.Empty(l)
  31. 

  32. 	// create some keys

  33. 	_, err = cstore.Get(n1)
  34. 	assert.NotNil(err)
  35. 	i, err := cstore.Create(n1, p1, algo)
  36. 	require.Equal(n1, i.Name)
  37. 	require.Nil(err)
  38. 	_, err = cstore.Create(n2, p2, algo)
  39. 	require.Nil(err)
  40. 

  41. 	// we can get these keys

  42. 	i2, err := cstore.Get(n2)
  43. 	assert.Nil(err)
  44. 	_, err = cstore.Get(n3)
  45. 	assert.NotNil(err)
  46. 

  47. 	// list shows them in order

  48. 	keys, err := cstore.List()
  49. 	require.Nil(err)
  50. 	require.Equal(2, len(keys))
  51. 	// note these are in alphabetical order

  52. 	assert.Equal(n2, keys[0].Name)
  53. 	assert.Equal(n1, keys[1].Name)
  54. 	assert.Equal(i2.PubKey, keys[0].PubKey)
  55. 

  56. 	// deleting a key removes it

  57. 	err = cstore.Delete("bad name", "foo")
  58. 	require.NotNil(err)
  59. 	err = cstore.Delete(n1, p1)
  60. 	require.Nil(err)
  61. 	keys, err = cstore.List()
  62. 	require.Nil(err)
  63. 	assert.Equal(1, len(keys))
  64. 	_, err = cstore.Get(n1)
  65. 	assert.NotNil(err)
  66. 

  67. 	// make sure that it only signs with the right password

  68. 	// tx := mock.NewSig([]byte("mytransactiondata"))

  69. 	// err = cstore.Sign(n2, p1, tx)

  70. 	// assert.NotNil(err)

  71. 	// err = cstore.Sign(n2, p2, tx)

  72. 	// assert.Nil(err, "%+v", err)

  73. 	// sigs, err := tx.Signers()

  74. 	// assert.Nil(err, "%+v", err)

  75. 	// if assert.Equal(1, len(sigs)) {

  76. 	// 	assert.Equal(i2.PubKey, sigs[0])

  77. 	// }

  78. }
  79. 

  80. // TestSignVerify does some detailed checks on how we sign and validate

  81. // signatures

  82. // func TestSignVerify(t *testing.T) {

  83. // 	assert, require := assert.New(t), require.New(t)

  84. 

  85. // 	// make the storage with reasonable defaults

  86. // 	cstore := cryptostore.New(

  87. // 		cryptostore.GenSecp256k1,

  88. // 		cryptostore.SecretBox,

  89. // 		memstorage.New(),

  90. // 	)

  91. 

  92. // 	n1, n2 := "some dude", "a dudette"

  93. // 	p1, p2 := "1234", "foobar"

  94. 

  95. // 	// create two users and get their info

  96. // 	err := cstore.Create(n1, p1)

  97. // 	require.Nil(err)

  98. // 	i1, err := cstore.Get(n1)

  99. // 	require.Nil(err)

  100. 

  101. // 	err = cstore.Create(n2, p2)

  102. // 	require.Nil(err)

  103. // 	i2, err := cstore.Get(n2)

  104. // 	require.Nil(err)

  105. 

  106. // 	// let's try to sign some messages

  107. // 	d1 := []byte("my first message")

  108. // 	d2 := []byte("some other important info!")

  109. 

  110. // 	// try signing both data with both keys...

  111. // 	s11, err := cstore.Signature(n1, p1, d1)

  112. // 	require.Nil(err)

  113. // 	s12, err := cstore.Signature(n1, p1, d2)

  114. // 	require.Nil(err)

  115. // 	s21, err := cstore.Signature(n2, p2, d1)

  116. // 	require.Nil(err)

  117. // 	s22, err := cstore.Signature(n2, p2, d2)

  118. // 	require.Nil(err)

  119. 

  120. // 	// let's try to validate and make sure it only works when everything is proper

  121. // 	keys := [][]byte{i1.PubKey, i2.PubKey}

  122. // 	data := [][]byte{d1, d2}

  123. // 	sigs := [][]byte{s11, s12, s21, s22}

  124. 

  125. // 	// loop over keys and data

  126. // 	for k := 0; k < 2; k++ {

  127. // 		for d := 0; d < 2; d++ {

  128. // 			// make sure only the proper sig works

  129. // 			good := 2*k + d

  130. // 			for s := 0; s < 4; s++ {

  131. // 				err = cstore.Verify(data[d], sigs[s], keys[k])

  132. // 				if s == good {

  133. // 					assert.Nil(err, "%+v", err)

  134. // 				} else {

  135. // 					assert.NotNil(err)

  136. // 				}

  137. // 			}

  138. // 		}

  139. // 	}

  140. // }

  141. 

  142. func assertPassword(assert *assert.Assertions, cstore cryptostore.Manager, name, pass, badpass string) {
  143. 	err := cstore.Update(name, badpass, pass)
  144. 	assert.NotNil(err)
  145. 	err = cstore.Update(name, pass, pass)
  146. 	assert.Nil(err, "%+v", err)
  147. }
  148. 

  149. // TestAdvancedKeyManagement verifies update, import, export functionality

  150. func TestAdvancedKeyManagement(t *testing.T) {
  151. 	assert, require := assert.New(t), require.New(t)
  152. 

  153. 	// make the storage with reasonable defaults

  154. 	cstore := cryptostore.New(
  155. 		cryptostore.SecretBox,
  156. 		memstorage.New(),
  157. 	)
  158. 

  159. 	algo := crypto.NameSecp256k1
  160. 	n1, n2 := "old-name", "new name"
  161. 	p1, p2, p3, pt := "1234", "foobar", "ding booms!", "really-secure!@#$"
  162. 

  163. 	// make sure key works with initial password

  164. 	_, err := cstore.Create(n1, p1, algo)
  165. 	require.Nil(err, "%+v", err)
  166. 	assertPassword(assert, cstore, n1, p1, p2)
  167. 

  168. 	// update password requires the existing password

  169. 	err = cstore.Update(n1, "jkkgkg", p2)
  170. 	assert.NotNil(err)
  171. 	assertPassword(assert, cstore, n1, p1, p2)
  172. 

  173. 	// then it changes the password when correct

  174. 	err = cstore.Update(n1, p1, p2)
  175. 	assert.Nil(err)
  176. 	// p2 is now the proper one!

  177. 	assertPassword(assert, cstore, n1, p2, p1)
  178. 

  179. 	// exporting requires the proper name and passphrase

  180. 	_, err = cstore.Export(n2, p2, pt)
  181. 	assert.NotNil(err)
  182. 	_, err = cstore.Export(n1, p1, pt)
  183. 	assert.NotNil(err)
  184. 	exported, err := cstore.Export(n1, p2, pt)
  185. 	require.Nil(err, "%+v", err)
  186. 

  187. 	// import fails on bad transfer pass

  188. 	err = cstore.Import(n2, p3, p2, exported)
  189. 	assert.NotNil(err)
  190. 	// import cannot overwrite existing keys

  191. 	err = cstore.Import(n1, p3, pt, exported)
  192. 	assert.NotNil(err)
  193. 	// we can now import under another name

  194. 	err = cstore.Import(n2, p3, pt, exported)
  195. 	require.Nil(err, "%+v", err)
  196. 

  197. 	// make sure both passwords are now properly set (not to the transfer pass)

  198. 	assertPassword(assert, cstore, n1, p2, pt)
  199. 	assertPassword(assert, cstore, n2, p3, pt)
  200. }
  201. 

  202. // func ExampleStore() {

  203. // 	// Select the encryption and storage for your cryptostore

  204. // 	cstore := cryptostore.New(

  205. // 		cryptostore.GenEd25519,

  206. // 		cryptostore.SecretBox,

  207. // 		// Note: use filestorage.New(dir) for real data

  208. // 		memstorage.New(),

  209. // 	)

  210. 

  211. // 	// Add keys and see they return in alphabetical order

  212. // 	cstore.Create("Bob", "friend")

  213. // 	cstore.Create("Alice", "secret")

  214. // 	cstore.Create("Carl", "mitm")

  215. // 	info, _ := cstore.List()

  216. // 	for _, i := range info {

  217. // 		fmt.Println(i.Name)

  218. // 	}

  219. 

  220. // 	// We need to use passphrase to generate a signature

  221. // 	tx := mock.NewSig([]byte("deadbeef"))

  222. // 	err := cstore.Sign("Bob", "friend", tx)

  223. // 	if err != nil {

  224. // 		fmt.Println("don't accept real passphrase")

  225. // 	}

  226. 

  227. // 	// and we can validate the signature with publically available info

  228. // 	binfo, _ := cstore.Get("Bob")

  229. // 	sigs, err := tx.Signers()

  230. // 	if err != nil {

  231. // 		fmt.Println("badly signed")

  232. // 	} else if bytes.Equal(sigs[0].Bytes(), binfo.PubKey.Bytes()) {

  233. // 		fmt.Println("signed by Bob")

  234. // 	} else {

  235. // 		fmt.Println("signed by someone else")

  236. // 	}

  237. 

  238. // 	// Output:

  239. // 	// Alice

  240. // 	// Bob

  241. // 	// Carl

  242. // 	// signed by Bob

  243. // }