public void Verify() { PublicKey signerPublicKey = SignerFixture.PublicKey; var otherParty = new PrivateKey(); PublicKey otherPartyPublicKey = otherParty.PublicKey; Assert.True(ValidClaimFixture.Verify(signerPublicKey)); Assert.False(ValidClaimFixture.Verify(otherPartyPublicKey)); // A signature is no more valid for a different version. var invalidVersionClaim = new AppProtocolVersion( version: ValidClaimFixture.Version + 1, extra: ValidClaimFixture.Extra, signer: ValidClaimFixture.Signer, signature: ValidClaimFixture.Signature ); Assert.False(invalidVersionClaim.Verify(signerPublicKey)); Assert.False(invalidVersionClaim.Verify(otherPartyPublicKey)); // A signature is no more valid for a different extra data. var invalidExtraClaim = new AppProtocolVersion( version: ValidClaimFixture.Version, extra: (Bencodex.Types.Text) "invalid extra", signer: ValidClaimFixture.Signer, signature: ValidClaimFixture.Signature ); Assert.False(invalidExtraClaim.Verify(signerPublicKey)); Assert.False(invalidExtraClaim.Verify(otherPartyPublicKey)); // If a signer field does not correspond to an actual private key which signed // a signature a claim is invalid even if a signature in itself is valid. var invalidSigner = new AppProtocolVersion( version: ValidClaimFixture.Version, extra: ValidClaimFixture.Extra, signer: otherPartyPublicKey.ToAddress(), signature: ValidClaimFixture.Signature ); Assert.False(invalidSigner.Verify(signerPublicKey)); Assert.False(invalidSigner.Verify(otherPartyPublicKey)); }
public void Sign() { var signer = new PrivateKey(); PublicKey otherParty = new PrivateKey().PublicKey; AppProtocolVersion claim = AppProtocolVersion.Sign(signer, 1, null); Assert.Equal(1, claim.Version); Assert.Null(claim.Extra); Assert.True(claim.Verify(signer.PublicKey)); Assert.False(claim.Verify(otherParty)); AppProtocolVersion claimWithExtra = AppProtocolVersion.Sign(signer, 2, (Bencodex.Types.Text) "extra"); Assert.Equal(2, claimWithExtra.Version); Assert.Equal((Bencodex.Types.Text) "extra", claimWithExtra.Extra); Assert.True(claimWithExtra.Verify(signer.PublicKey)); Assert.False(claimWithExtra.Verify(otherParty)); ArgumentNullException exception = Assert.Throws <ArgumentNullException>(() => AppProtocolVersion.Sign(null, 1)); Assert.Equal("signer", exception.ParamName); }
private static void ValidateAppProtocolVersionTemplate( AppProtocolVersion appProtocolVersion, IImmutableSet <PublicKey>?trustedAppProtocolVersionSigners, DifferentAppProtocolVersionEncountered?differentAppProtocolVersionEncountered, Peer peer, byte[] identity, AppProtocolVersion peerAppProtocolVersion) { if (peerAppProtocolVersion.Equals(appProtocolVersion)) { return; } bool trusted = !( trustedAppProtocolVersionSigners is { } tapvs&& tapvs.All(publicKey => !peerAppProtocolVersion.Verify(publicKey))); if (trusted && differentAppProtocolVersionEncountered is { } dapve) { dapve(peer, peerAppProtocolVersion, appProtocolVersion); } throw new DifferentAppProtocolVersionException( $"The APV of a received message is invalid; " + $"Local: APV {appProtocolVersion} " + $"with signature {ByteUtil.Hex(appProtocolVersion.Signature)} " + $"by signer {appProtocolVersion.Signer}\n" + $"Remote: APV {peerAppProtocolVersion} " + $"with signature {ByteUtil.Hex(peerAppProtocolVersion.Signature)} " + $"by signer {peerAppProtocolVersion.Signer}\n" + $"Signed by a trusted signer: {trusted}", peer, identity, appProtocolVersion, peerAppProtocolVersion, trusted); }
public void Verify( [Argument( Name = "APV-TOKEN", Description = "An app protocol version token to verify. " + "Read from the standard input if omitted." )] string?token = null, [Option( 'p', ValueName = "PUBLIC-KEY", Description = "Public key(s) to be used for verification. " + "Can be applied multiple times." )] string[]?publicKey = null, [Option( 'K', Description = "Do not use any keys in the key store, " + "but only -p/--public-key options." )] bool noKeyStore = false ) { AppProtocolVersion v = ParseAppProtocolVersionToken(token); if (publicKey is string[] pubKeyHexes) { foreach (string pubKeyHex in pubKeyHexes) { string opt = $"-p/--public-key=\"{pubKeyHex}\""; PublicKey pubKey; try { pubKey = new PublicKey(ByteUtil.ParseHex(pubKeyHex)); } catch (Exception e) { throw Utils.Error($"The {opt} is not a valid public key. {e.Message}"); } if (v.Verify(pubKey)) { Console.Error.WriteLine( "The signature successfully was verified using the {0}.", opt ); return; } Console.Error.WriteLine( "The signature was failed to verify using the {0}.", opt ); } } if (!noKeyStore) { KeyCommand keyInstance = new KeyCommand(); IEnumerable <Tuple <Guid, ProtectedPrivateKey> > ppks = keyInstance.KeyStore.List() .Where(pair => pair.Item2.Address.Equals(v.Signer)); foreach (Tuple <Guid, ProtectedPrivateKey> pair in ppks) { pair.Deconstruct(out Guid keyId, out ProtectedPrivateKey ppk); PublicKey pubKey = keyInstance.UnprotectKey(keyId).PublicKey; if (v.Verify(pubKey)) { Console.Error.WriteLine( "The signature successfully was verified using the key {0}.", keyId ); return; } Console.Error.WriteLine( "The signature was failed to verify using the key {0}.", keyId ); } } throw Utils.Error("Failed to verify."); }
public void Verify() { var signer = new PrivateKey(new byte[] { 0x45, 0x7a, 0xfa, 0x94, 0x17, 0x78, 0x6e, 0x0c, 0xff, 0x4b, 0xa2, 0x5b, 0x35, 0x95, 0xe1, 0xfb, 0x2a, 0x54, 0x39, 0xf9, 0x0e, 0xd2, 0x9d, 0x39, 0xdf, 0x54, 0x57, 0x9b, 0x13, 0xea, 0x7c, 0x0f, }); PublicKey signerPublicKey = signer.PublicKey; var otherParty = new PrivateKey(); PublicKey otherPartyPublicKey = otherParty.PublicKey; var validClaim = new AppProtocolVersion( version: 1, extra: null, signer: signerPublicKey.ToAddress(), signature: new byte[] { 0x30, 0x45, 0x02, 0x21, 0x00, 0x89, 0x95, 0x9c, 0x59, 0x25, 0x83, 0x4e, 0xbc, 0x45, 0x59, 0xd7, 0x9b, 0xca, 0x82, 0x4a, 0x69, 0x20, 0xe5, 0x18, 0xf0, 0xc5, 0xad, 0xe2, 0xb9, 0xa3, 0xa3, 0xb3, 0x29, 0xbb, 0xa3, 0x3d, 0xd8, 0x02, 0x20, 0x1d, 0xcb, 0x88, 0xa1, 0x3a, 0x3c, 0x19, 0x2d, 0xe1, 0x9e, 0x39, 0xf6, 0x58, 0x05, 0xd4, 0x06, 0xbf, 0xb2, 0x93, 0xd1, 0x64, 0x85, 0x75, 0xa8, 0xa2, 0xcb, 0x9f, 0x95, 0xd9, 0x90, 0xb9, 0x51, }.ToImmutableArray() ); Assert.True(validClaim.Verify(signerPublicKey)); Assert.False(validClaim.Verify(otherPartyPublicKey)); // A signature is no more valid for a different version. var invalidVersionClaim = new AppProtocolVersion( version: validClaim.Version + 1, extra: validClaim.Extra, signer: validClaim.Signer, signature: validClaim.Signature ); Assert.False(invalidVersionClaim.Verify(signerPublicKey)); Assert.False(invalidVersionClaim.Verify(otherPartyPublicKey)); // A signature is no more valid for a different extra data. var invalidExtraClaim = new AppProtocolVersion( version: validClaim.Version, extra: (Bencodex.Types.Text) "invalid extra", signer: validClaim.Signer, signature: validClaim.Signature ); Assert.False(invalidExtraClaim.Verify(signerPublicKey)); Assert.False(invalidExtraClaim.Verify(otherPartyPublicKey)); // If a signer field does not correspond to an actual private key which signed // a signature a claim is invalid even if a signature in itself is valid. var invalidSigner = new AppProtocolVersion( version: validClaim.Version, extra: validClaim.Extra, signer: otherPartyPublicKey.ToAddress(), signature: validClaim.Signature ); Assert.False(invalidSigner.Verify(signerPublicKey)); Assert.False(invalidSigner.Verify(otherPartyPublicKey)); }