[gnunet] 05/06: - finished test for signature rest endpoint

gnunet-svn

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[gnunet] 05/06: - finished test for signature rest endpoint

From:	gnunet
Subject:	[gnunet] 05/06: - finished test for signature rest endpoint
Date:	Wed, 31 Aug 2022 17:04:43 +0200

This is an automated email from the git hooks/post-receive script.

martin-schanzenbach pushed a commit to branch master
in repository gnunet.

commit 2a46a30bdbfbcf07a755bd83a876ef9a7e7643fb
Author: Tristan Schwieren <tristan.schwieren@tum.de>
AuthorDate: Fri Aug 26 17:34:13 2022 +0200

    - finished test for signature rest endpoint
---
 src/identity/plugin_rest_identity.c                |   2 +-
 .../test_plugin_rest_identity_signature.sh         | 101 +++++++++++----------
 src/util/crypto_ecc.c                              |   4 +-
 3 files changed, 57 insertions(+), 50 deletions(-)

diff --git a/src/identity/plugin_rest_identity.c 
b/src/identity/plugin_rest_identity.c
index 15e0987f2..f46de1091 100644
--- a/src/identity/plugin_rest_identity.c
+++ b/src/identity/plugin_rest_identity.c
@@ -1236,7 +1236,7 @@ ego_sign_data_cb (void *cls, struct GNUNET_IDENTITY_Ego 
*ego)
     return;
   }
 
-  sig_str = malloc (64);
+  sig_str = malloc (128);
   GNUNET_CRYPTO_eddsa_signature_encode (
     (const struct GNUNET_CRYPTO_EddsaSignature *) &sig,
     &sig_str);
diff --git a/src/identity/test_plugin_rest_identity_signature.sh 
b/src/identity/test_plugin_rest_identity_signature.sh
index 6b3470388..a4d5fa5d7 100755
--- a/src/identity/test_plugin_rest_identity_signature.sh
+++ b/src/identity/test_plugin_rest_identity_signature.sh
@@ -2,25 +2,16 @@
 
 # https://www.rfc-editor.org/rfc/rfc7515#appendix-A.3
 
-header='{"alg":"ES256"}'
-payload='{"iss":"joe",\r\n "exp":1300819380,\r\n 
"http://example.com/is_root":true}'
-
-key='{"kty":"EC",
-      "crv":"P-256",
-      "x":"f83OJ3D2xF1Bg8vub9tLe1gHMzV76e8Tus9uPHvRVEU",
-      "y":"x_FEzRu9m36HLN_tue659LNpXW6pCyStikYjKIWI5a0",
-      "d":"jpsQnnGQmL-YBIffH1136cspYG6-0iY7X1fCE9-E9LI"
-     }'
-
-header_payload_test=(
-    101 121 74 104 98 71 99 105 79 105 74 70 85 122 73
-    49 78 105 74 57 46 101 121 74 112 99 51 77 105 79 105
-    74 113 98 50 85 105 76 65 48 75 73 67 74 108 101 72
-    65 105 79 106 69 122 77 68 65 52 77 84 107 122 79 68
-    65 115 68 81 111 103 73 109 104 48 100 72 65 54 76
-    121 57 108 101 71 70 116 99 71 120 108 76 109 78 118
-    98 83 57 112 99 49 57 121 98 50 57 48 73 106 112 48
-    99 110 86 108 102 81)
+header='{"alg":"EdDSA"}'
+payload='Example of Ed25519 signing'
+key='{  "kty":"OKP",
+        "crv":"Ed25519",
+        "d":"nWGxne_9WmC6hEr0kuwsxERJxWl7MmkZcDusAxyuf2A",
+        "x":"11qYAYKxCrfVS_7TyWQHOg7hcvPapiMlrwIaaPcHURo"
+    }'
+
+header_payload_test="eyJhbGciOiJFZERTQSJ9.RXhhbXBsZSBvZiBFZDI1NTE5IHNpZ25pbmc"
+signature_test="hgyY0il_MGCjP0JzlnLWG1PPOt7-09PGcvMg3AIbQR6dWbhijcNR4ki4iylGjg5BhVsPt9g7sVvpAr_MuM0KAg"
 
 base64url_add_padding() {
     for i in $( seq 1 $(( 4 - ${#1} % 4 )) ); do padding+="="; done
@@ -33,42 +24,58 @@ base64url_encode () {
 
 base64url_decode () {
     padded_input=$(base64url_add_padding "$1")
-    echo -n "$padded_input" | tr '_-' '/+' | base64 -w0 --decode 
+    echo -n "$padded_input" | basenc --base64url -d
 }
 
 base32crockford_encode () {
-    echo -n "$i" | basenc --base32hex | tr 'IJKLMNOPQRSTUV' 'JKMNPQRSTVWXYZ'
+    echo -n -e "$1" | basenc --base32hex | tr 'IJKLMNOPQRSTUV' 'JKMNPQRSTVWXYZ'
 }
 
-header_enc=$(base64url_encode "$header")
-payload_enc=$(base64url_encode "$payload")
+echo -n "jwk: "
+echo $key | jq
+
+# Create Header
+# 65556 (decimal)
+# = 00000000-00000001-00000000-00010100 (binary little endian)
+# = 00-01-00-14 (hex little endian)
+header_hex=("00" "01" "00" "14")
+
+# Convert secret JWK to HEX array
+key_hex=( $( base64url_decode $( echo -n "$key" | jq -r '.d' ) | xxd -p | tr 
-d '\n' | fold -w 2 | tr '\n' ' ' ) )
 
-# encode header_payload test vektor
-for i in "${header_payload_test[@]}"
-do 
-    header_payload_test_enc+=$(printf "\x$(printf %x $i)")
-done
+# Concat header and key
+header_key_hex=(${header_hex[@]} ${key_hex[@]})
 
-# test base64url encoding and header-payload concatenation
-if [ "$header_enc.$payload_enc" != $header_payload_test_enc ] ; 
+# Encode with Base32Crogford
+key_gnunet=$(echo -n "${header_key_hex[*]}" | tr -d " " | xxd -p -r | basenc 
--base32hex | tr 'IJKLMNOPQRSTUV' 'JKMNPQRSTVWXYZ' | tr -d "=")
+echo "gnunet skey: $key_gnunet"
+
+# Create ego
+gnunet-identity -C ego9696595726 -X -P "$key_gnunet"
+
+# Test base64url encoding and header.payload generation
+header_payload_enc="$(base64url_encode "$header").$(base64url_encode 
"$payload")"
+if [ $header_payload_enc != $header_payload_test ] ; 
 then 
     exit 1
 fi
+echo "header.payload: $header_payload_enc"
+
+# Sign JWT
+signature_enc=$(curl -s 
"localhost:7776/sign?user=ego9696595726&data=$header_payload_enc" | jq -r 
'.signature')
+jwt="$header_payload_enc.$signature_enc"
+echo "header.payload.signature: $jwt"
+
+gnunet-identity -D ego9696595726
+
+if [ $signature_enc !=  $signature_test ]
+then
+    echo "Signature does not check out:"
+    echo "$signature_enc"
+    echo "$signature_test"
+    exit 1
+else 
+    echo "Signature does check out!"
+    exit 1
+fi
 
-signature_enc=$(curl -s 
"localhost:7776/sign?user=tristan&data=$header_payload_enc" | jq -r 
'.signature')
-jwt="$header_enc.$payload_enc.$signature_enc"
-echo $jwt
-
-# Convert secret JWK to GNUnet skey
-key_dec=$(base64url_decode $( echo -n "$key" | jq -r '.d'))
-for i in $(echo -n $key_dec | xxd -p | tr -d '\n' | fold -w 2)
-do 
-    echo -n "$i "
-done
-echo ""
-
-# TODO: Test Signature
-    # Gen key: Public Key GNS zone type value + d in crockford encoding
-    # Create new ego with key
-    # Check if signaure is valid using openssh
-    # Check if signaure is valid with test vektor
diff --git a/src/util/crypto_ecc.c b/src/util/crypto_ecc.c
index 0ac6e2865..b8374537f 100644
--- a/src/util/crypto_ecc.c
+++ b/src/util/crypto_ecc.c
@@ -621,7 +621,7 @@ GNUNET_CRYPTO_eddsa_signature_encode (
 {
   return GNUNET_STRINGS_base64url_encode (
     (void*) sig,
-    32,
+    64,
     sig_str);
 }
 
@@ -643,7 +643,7 @@ GNUNET_CRYPTO_ecdsa_signature_encode (
 {
   return GNUNET_STRINGS_base64url_encode (
     (void*) sig,
-    32,
+    64,
     sig_str);
 }
 

-- 
To stop receiving notification emails like this one, please contact
gnunet@gnunet.org.

[Prev in Thread]

Current Thread

[Next in Thread]

[gnunet] branch master updated (fcfa115e2 -> cc70504a2), gnunet, 2022/08/31
- [gnunet] 01/06: - siop for reclaim; A rest endpoint that signs stuff, gnunet, 2022/08/31
- [gnunet] 04/06: -switch to EdDSA egos only for signature rest endpoint, gnunet, 2022/08/31
- [gnunet] 02/06: -sign rest api + unfinished test, gnunet, 2022/08/31
- [gnunet] 03/06: - add to gitignore, gnunet, 2022/08/31
- [gnunet] 06/06: Merge branch 'dev/trizuz/siop', gnunet, 2022/08/31
- [gnunet] 05/06: - finished test for signature rest endpoint, gnunet <=

Prev by Date: [gnunet] 06/06: Merge branch 'dev/trizuz/siop'
Next by Date: [gnunet] branch master updated (fcfa115e2 -> cc70504a2)
Previous by thread: [gnunet] 06/06: Merge branch 'dev/trizuz/siop'
Index(es):
- Date
- Thread