From 045cb57316462c2605404e7d048db8b77ba90307 Mon Sep 17 00:00:00 2001 From: 2byrds <2byrds@gmail.com> Date: Wed, 29 May 2024 01:12:21 -0400 Subject: [PATCH 1/2] fixes for unknown AID uploads Signed-off-by: 2byrds <2byrds@gmail.com> --- src/verifier/core/reporting.py | 11 ++- tests/integration/test_service.py | 131 +++++++++++++++--------------- 2 files changed, 73 insertions(+), 69 deletions(-) diff --git a/src/verifier/core/reporting.py b/src/verifier/core/reporting.py index f5f7577..f879ee4 100644 --- a/src/verifier/core/reporting.py +++ b/src/verifier/core/reporting.py @@ -366,6 +366,7 @@ def recur(self, tyme): signatures = docInfo["signatures"] signed = [] + verfed = [] for signature in signatures: try: file = signature["file"] @@ -377,9 +378,9 @@ def recur(self, tyme): aid = signature["aid"] - # First check to ensure signature if from submitter, otherwise skip + # First check to ensure signature is from submitter, otherwise skip if aid != stats.submitter: - continue + print(f"signature from {aid} does not match submitter {stats.submitter}") # Now ensure we know who this AID is and that we have their key state if aid not in self.hby.kevers: @@ -394,6 +395,8 @@ def recur(self, tyme): siger.verfer = kever.verfers[siger.index] # assign verfer if not siger.verfer.verify(siger.raw, ser): # verify each sig raise kering.ValidationError(f"signature {siger.index} invalid for {file}") + + verfed.append(os.path.basename(fullpath)) except KeyError as e: raise kering.ValidationError(f"Invalid signature in manifest signature list" @@ -401,14 +404,14 @@ def recur(self, tyme): except OSError: raise kering.ValidationError(f"signature element={signature} point to invalid file") - diff = set(files) - set(signed) + diff = set(files) - set(verfed) if len(diff) == 0: msg = f"All {len(files)} files in report package have been signed by " \ f"submitter ({stats.submitter})." self.filer.update(diger, ReportStatus.verified, msg) print(msg) else: - msg = f"{len(diff)} files from report package not signed {diff}, {signed}" + msg = f"{len(diff)} files from report package missing valid signed {diff}, {signed}" self.filer.update(diger, ReportStatus.failed, msg) print(msg) diff --git a/tests/integration/test_service.py b/tests/integration/test_service.py index 98a6772..bdd2042 100644 --- a/tests/integration/test_service.py +++ b/tests/integration/test_service.py @@ -111,79 +111,80 @@ def get(): thread.join() if exceptions: raise exceptions[0] + +@pytest.mark.manual +def test_service_integration(seeder): + with habbing.openHab(name="sid", temp=True, salt=b'0123456789abcdef') as (hby, hab): -# def test_service_integration(seeder): -# with habbing.openHab(name="sid", temp=True, salt=b'0123456789abcdef') as (hby, hab): - -# seeder.seedSchema(db=hby.db) -# regery, registry, verifier, seqner = reg_and_verf(hby, hab, registryName="qvireg") -# qvicred = get_qvi_cred(issuer=hab.pre, recipient=hab.pre, schema=Schema.QVI_SCHEMA, registry=registry) -# hab, qcrdntler, qsaid, qkmsgs, qtmsgs, qimsgs, qvimsgs = get_cred(hby, hab, regery, registry, verifier, Schema.QVI_SCHEMA, qvicred, seqner) + seeder.seedSchema(db=hby.db) + regery, registry, verifier, seqner = reg_and_verf(hby, hab, registryName="qvireg") + qvicred = get_qvi_cred(issuer=hab.pre, recipient=hab.pre, schema=Schema.QVI_SCHEMA, registry=registry) + hab, qcrdntler, qsaid, qkmsgs, qtmsgs, qimsgs, qvimsgs = get_cred(hby, hab, regery, registry, verifier, Schema.QVI_SCHEMA, qvicred, seqner) -# qviedge = get_qvi_edge(qvicred.sad["d"], Schema.QVI_SCHEMA) + qviedge = get_qvi_edge(qvicred.sad["d"], Schema.QVI_SCHEMA) -# leicred = get_lei_cred(issuer=hab.pre, recipient=hab.pre, schema=Schema.LEI_SCHEMA, registry=registry, sedge=qviedge) -# hab, lcrdntler, lsaid, lkmsgs, ltmsgs, limsgs, leimsgs = get_cred(hby, hab, regery, registry, verifier, Schema.LEI_SCHEMA, leicred, seqner) + leicred = get_lei_cred(issuer=hab.pre, recipient=hab.pre, schema=Schema.LEI_SCHEMA, registry=registry, sedge=qviedge) + hab, lcrdntler, lsaid, lkmsgs, ltmsgs, limsgs, leimsgs = get_cred(hby, hab, regery, registry, verifier, Schema.LEI_SCHEMA, leicred, seqner) -# #chained ecr auth cred -# eaedge = get_ecr_auth_edge(lsaid,Schema.LEI_SCHEMA) + #chained ecr auth cred + eaedge = get_ecr_auth_edge(lsaid,Schema.LEI_SCHEMA) -# eacred = get_ecr_auth_cred(aid=hab.pre, issuer=hab.pre, recipient=hab.pre, schema=Schema.ECR_AUTH_SCHEMA, registry=registry, sedge=eaedge) -# hab, eacrdntler, easaid, eakmsgs, eatmsgs, eaimsgs, eamsgs = get_cred(hby, hab, regery, registry, verifier, Schema.ECR_AUTH_SCHEMA, eacred, seqner) + eacred = get_ecr_auth_cred(aid=hab.pre, issuer=hab.pre, recipient=hab.pre, schema=Schema.ECR_AUTH_SCHEMA, registry=registry, sedge=eaedge) + hab, eacrdntler, easaid, eakmsgs, eatmsgs, eaimsgs, eamsgs = get_cred(hby, hab, regery, registry, verifier, Schema.ECR_AUTH_SCHEMA, eacred, seqner) -# #chained ecr auth cred -# ecredge = get_ecr_edge(easaid,Schema.ECR_AUTH_SCHEMA) + #chained ecr auth cred + ecredge = get_ecr_edge(easaid,Schema.ECR_AUTH_SCHEMA) -# ecr = get_ecr_cred(issuer=hab.pre, recipient=hab.pre, schema=Schema.ECR_SCHEMA, registry=registry, sedge=ecredge) -# hab, eccrdntler, ecsaid, eckmsgs, ectmsgs, ecimsgs, ecmsgs = get_cred(hby, hab, regery, registry, verifier, Schema.ECR_SCHEMA, ecr, seqner) + ecr = get_ecr_cred(issuer=hab.pre, recipient=hab.pre, schema=Schema.ECR_SCHEMA, registry=registry, sedge=ecredge) + hab, eccrdntler, ecsaid, eckmsgs, ectmsgs, ecimsgs, ecmsgs = get_cred(hby, hab, regery, registry, verifier, Schema.ECR_SCHEMA, ecr, seqner) -# app = falcon.App( -# middleware=falcon.CORSMiddleware( -# allow_origins='*', -# allow_credentials='*', -# expose_headers=['cesr-attachment', 'cesr-date', 'content-type'])) -# vdb = basing.VerifierBaser(name=hby.name, temp=True) -# verifying.setup(app=app, hby=hby, vdb=vdb, reger=eccrdntler.rgy.reger) -# server = http.Server(port=port, app=app) -# httpServerDoer = http.ServerDoer(server=server) -# # class testCf: -# # def get(): -# # return dict(LEIs=[f"{LEI1}",f"{LEI2}"]) -# rootsCf = configing.Configer(name="verifier-config-rootsid.json", -# headDirPath="/Users/meenyleeny/VSCode/vlei-verifier/scripts", -# base="", -# temp=False, reopen=True, clear=False) -# authDoers = authorizing.setup(hby, vdb=vdb, reger=eccrdntler.rgy.reger, cf=rootsCf) - -# reportDoers = reporting.setup(app=app, hby=hby, vdb=vdb) - -# doers = authDoers + reportDoers + [httpServerDoer] -# limit = 0.25 -# tock = 0.03125 -# doist = doing.Doist(limit=limit, tock=tock) -# doist.doers = doers -# doist.enter() -# # assert len(doist.deeds) == 2 -# # assert [val[1] for val in doist.deeds] == [0.0, 0.0] # retymes -# # for doer in doers: -# # assert doer.baser.opened -# # assert "_test/keri/db/test" in doer.baser.path -# try: -# doist.recur() -# except Exception as e: -# raise ValueError(f"Likely you have another service running on {port}") - -# issAndCred = bytearray() -# # issAndCred.extend(kmsgs) -# # issAndCred.extend(tmsgs) -# # issAndCred.extend(imsgs) -# issAndCred.extend(ecmsgs) -# acdc = issAndCred.decode("utf-8") - -# # use this for integration testing debugging sessions -# while True: -# time.sleep(1) -# doist.recur() + app = falcon.App( + middleware=falcon.CORSMiddleware( + allow_origins='*', + allow_credentials='*', + expose_headers=['cesr-attachment', 'cesr-date', 'content-type'])) + vdb = basing.VerifierBaser(name=hby.name, temp=True) + verifying.setup(app=app, hby=hby, vdb=vdb, reger=eccrdntler.rgy.reger) + server = http.Server(port=port, app=app) + httpServerDoer = http.ServerDoer(server=server) + # class testCf: + # def get(): + # return dict(LEIs=[f"{LEI1}",f"{LEI2}"]) + rootsCf = configing.Configer(name="verifier-config-rootsid.json", + headDirPath="/Users/meenyleeny/VSCode/vlei-verifier/scripts", + base="", + temp=False, reopen=True, clear=False) + authDoers = authorizing.setup(hby, vdb=vdb, reger=eccrdntler.rgy.reger, cf=rootsCf) + + reportDoers = reporting.setup(app=app, hby=hby, vdb=vdb) + + doers = authDoers + reportDoers + [httpServerDoer] + limit = 0.25 + tock = 0.03125 + doist = doing.Doist(limit=limit, tock=tock) + doist.doers = doers + doist.enter() + # assert len(doist.deeds) == 2 + # assert [val[1] for val in doist.deeds] == [0.0, 0.0] # retymes + # for doer in doers: + # assert doer.baser.opened + # assert "_test/keri/db/test" in doer.baser.path + try: + doist.recur() + except Exception as e: + raise ValueError(f"Likely you have another service running on {port}") + + issAndCred = bytearray() + # issAndCred.extend(kmsgs) + # issAndCred.extend(tmsgs) + # issAndCred.extend(imsgs) + issAndCred.extend(ecmsgs) + acdc = issAndCred.decode("utf-8") + + # use this for integration testing debugging sessions + while True: + time.sleep(1) + doist.recur() def presentation_request(said, acdc, exceptions): try: From b2000aa6e74c6914eb6e1a34e0f98fea58f89bb6 Mon Sep 17 00:00:00 2001 From: 2byrds <2byrds@gmail.com> Date: Wed, 29 May 2024 01:21:24 -0400 Subject: [PATCH 2/2] comment out debug integration test Signed-off-by: 2byrds <2byrds@gmail.com> --- tests/integration/test_service.py | 132 +++++++++++++++--------------- 1 file changed, 66 insertions(+), 66 deletions(-) diff --git a/tests/integration/test_service.py b/tests/integration/test_service.py index bdd2042..3679cd8 100644 --- a/tests/integration/test_service.py +++ b/tests/integration/test_service.py @@ -112,79 +112,79 @@ def get(): if exceptions: raise exceptions[0] -@pytest.mark.manual -def test_service_integration(seeder): - with habbing.openHab(name="sid", temp=True, salt=b'0123456789abcdef') as (hby, hab): - - seeder.seedSchema(db=hby.db) - regery, registry, verifier, seqner = reg_and_verf(hby, hab, registryName="qvireg") - qvicred = get_qvi_cred(issuer=hab.pre, recipient=hab.pre, schema=Schema.QVI_SCHEMA, registry=registry) - hab, qcrdntler, qsaid, qkmsgs, qtmsgs, qimsgs, qvimsgs = get_cred(hby, hab, regery, registry, verifier, Schema.QVI_SCHEMA, qvicred, seqner) +# @pytest.mark.manual +# def test_service_integration(seeder): +# with habbing.openHab(name="sid", temp=True, salt=b'0123456789abcdef') as (hby, hab): + +# seeder.seedSchema(db=hby.db) +# regery, registry, verifier, seqner = reg_and_verf(hby, hab, registryName="qvireg") +# qvicred = get_qvi_cred(issuer=hab.pre, recipient=hab.pre, schema=Schema.QVI_SCHEMA, registry=registry) +# hab, qcrdntler, qsaid, qkmsgs, qtmsgs, qimsgs, qvimsgs = get_cred(hby, hab, regery, registry, verifier, Schema.QVI_SCHEMA, qvicred, seqner) - qviedge = get_qvi_edge(qvicred.sad["d"], Schema.QVI_SCHEMA) +# qviedge = get_qvi_edge(qvicred.sad["d"], Schema.QVI_SCHEMA) - leicred = get_lei_cred(issuer=hab.pre, recipient=hab.pre, schema=Schema.LEI_SCHEMA, registry=registry, sedge=qviedge) - hab, lcrdntler, lsaid, lkmsgs, ltmsgs, limsgs, leimsgs = get_cred(hby, hab, regery, registry, verifier, Schema.LEI_SCHEMA, leicred, seqner) +# leicred = get_lei_cred(issuer=hab.pre, recipient=hab.pre, schema=Schema.LEI_SCHEMA, registry=registry, sedge=qviedge) +# hab, lcrdntler, lsaid, lkmsgs, ltmsgs, limsgs, leimsgs = get_cred(hby, hab, regery, registry, verifier, Schema.LEI_SCHEMA, leicred, seqner) - #chained ecr auth cred - eaedge = get_ecr_auth_edge(lsaid,Schema.LEI_SCHEMA) +# #chained ecr auth cred +# eaedge = get_ecr_auth_edge(lsaid,Schema.LEI_SCHEMA) - eacred = get_ecr_auth_cred(aid=hab.pre, issuer=hab.pre, recipient=hab.pre, schema=Schema.ECR_AUTH_SCHEMA, registry=registry, sedge=eaedge) - hab, eacrdntler, easaid, eakmsgs, eatmsgs, eaimsgs, eamsgs = get_cred(hby, hab, regery, registry, verifier, Schema.ECR_AUTH_SCHEMA, eacred, seqner) +# eacred = get_ecr_auth_cred(aid=hab.pre, issuer=hab.pre, recipient=hab.pre, schema=Schema.ECR_AUTH_SCHEMA, registry=registry, sedge=eaedge) +# hab, eacrdntler, easaid, eakmsgs, eatmsgs, eaimsgs, eamsgs = get_cred(hby, hab, regery, registry, verifier, Schema.ECR_AUTH_SCHEMA, eacred, seqner) - #chained ecr auth cred - ecredge = get_ecr_edge(easaid,Schema.ECR_AUTH_SCHEMA) +# #chained ecr auth cred +# ecredge = get_ecr_edge(easaid,Schema.ECR_AUTH_SCHEMA) - ecr = get_ecr_cred(issuer=hab.pre, recipient=hab.pre, schema=Schema.ECR_SCHEMA, registry=registry, sedge=ecredge) - hab, eccrdntler, ecsaid, eckmsgs, ectmsgs, ecimsgs, ecmsgs = get_cred(hby, hab, regery, registry, verifier, Schema.ECR_SCHEMA, ecr, seqner) +# ecr = get_ecr_cred(issuer=hab.pre, recipient=hab.pre, schema=Schema.ECR_SCHEMA, registry=registry, sedge=ecredge) +# hab, eccrdntler, ecsaid, eckmsgs, ectmsgs, ecimsgs, ecmsgs = get_cred(hby, hab, regery, registry, verifier, Schema.ECR_SCHEMA, ecr, seqner) - app = falcon.App( - middleware=falcon.CORSMiddleware( - allow_origins='*', - allow_credentials='*', - expose_headers=['cesr-attachment', 'cesr-date', 'content-type'])) - vdb = basing.VerifierBaser(name=hby.name, temp=True) - verifying.setup(app=app, hby=hby, vdb=vdb, reger=eccrdntler.rgy.reger) - server = http.Server(port=port, app=app) - httpServerDoer = http.ServerDoer(server=server) - # class testCf: - # def get(): - # return dict(LEIs=[f"{LEI1}",f"{LEI2}"]) - rootsCf = configing.Configer(name="verifier-config-rootsid.json", - headDirPath="/Users/meenyleeny/VSCode/vlei-verifier/scripts", - base="", - temp=False, reopen=True, clear=False) - authDoers = authorizing.setup(hby, vdb=vdb, reger=eccrdntler.rgy.reger, cf=rootsCf) - - reportDoers = reporting.setup(app=app, hby=hby, vdb=vdb) - - doers = authDoers + reportDoers + [httpServerDoer] - limit = 0.25 - tock = 0.03125 - doist = doing.Doist(limit=limit, tock=tock) - doist.doers = doers - doist.enter() - # assert len(doist.deeds) == 2 - # assert [val[1] for val in doist.deeds] == [0.0, 0.0] # retymes - # for doer in doers: - # assert doer.baser.opened - # assert "_test/keri/db/test" in doer.baser.path - try: - doist.recur() - except Exception as e: - raise ValueError(f"Likely you have another service running on {port}") - - issAndCred = bytearray() - # issAndCred.extend(kmsgs) - # issAndCred.extend(tmsgs) - # issAndCred.extend(imsgs) - issAndCred.extend(ecmsgs) - acdc = issAndCred.decode("utf-8") - - # use this for integration testing debugging sessions - while True: - time.sleep(1) - doist.recur() +# app = falcon.App( +# middleware=falcon.CORSMiddleware( +# allow_origins='*', +# allow_credentials='*', +# expose_headers=['cesr-attachment', 'cesr-date', 'content-type'])) +# vdb = basing.VerifierBaser(name=hby.name, temp=True) +# verifying.setup(app=app, hby=hby, vdb=vdb, reger=eccrdntler.rgy.reger) +# server = http.Server(port=port, app=app) +# httpServerDoer = http.ServerDoer(server=server) +# # class testCf: +# # def get(): +# # return dict(LEIs=[f"{LEI1}",f"{LEI2}"]) +# rootsCf = configing.Configer(name="verifier-config-rootsid.json", +# headDirPath="/Users/meenyleeny/VSCode/vlei-verifier/scripts", +# base="", +# temp=False, reopen=True, clear=False) +# authDoers = authorizing.setup(hby, vdb=vdb, reger=eccrdntler.rgy.reger, cf=rootsCf) + +# reportDoers = reporting.setup(app=app, hby=hby, vdb=vdb) + +# doers = authDoers + reportDoers + [httpServerDoer] +# limit = 0.25 +# tock = 0.03125 +# doist = doing.Doist(limit=limit, tock=tock) +# doist.doers = doers +# doist.enter() +# # assert len(doist.deeds) == 2 +# # assert [val[1] for val in doist.deeds] == [0.0, 0.0] # retymes +# # for doer in doers: +# # assert doer.baser.opened +# # assert "_test/keri/db/test" in doer.baser.path +# try: +# doist.recur() +# except Exception as e: +# raise ValueError(f"Likely you have another service running on {port}") + +# issAndCred = bytearray() +# # issAndCred.extend(kmsgs) +# # issAndCred.extend(tmsgs) +# # issAndCred.extend(imsgs) +# issAndCred.extend(ecmsgs) +# acdc = issAndCred.decode("utf-8") + +# # use this for integration testing debugging sessions +# while True: +# time.sleep(1) +# doist.recur() def presentation_request(said, acdc, exceptions): try: