2023-02-08 16:26:23 +01:00
{. used . }
import
std / [ algorithm , json , options , os ] ,
2023-02-13 11:43:49 +01:00
testutils / unittests , chronos , stint
import
2023-02-08 16:26:23 +01:00
.. / .. / waku / v2 / protocol / waku_keystore ,
2023-02-13 11:43:49 +01:00
. / testlib / common
2023-02-08 16:26:23 +01:00
from .. / .. / waku / v2 / protocol / waku_noise / noise_utils import randomSeqByte
procSuite " Credentials test suite " :
let testAppInfo = AppInfo ( application : " test " , appIdentifier : " 1234 " , version : " 0.1 " )
2023-02-13 11:43:49 +01:00
test " Create keystore " :
2023-02-08 16:26:23 +01:00
let filepath = " ./testAppKeystore.txt "
defer : removeFile ( filepath )
let keystoreRes = createAppKeystore ( path = filepath ,
appInfo = testAppInfo )
check :
keystoreRes . isOk ( )
2023-02-13 11:43:49 +01:00
test " Load keystore " :
2023-02-08 16:26:23 +01:00
let filepath = " ./testAppKeystore.txt "
defer : removeFile ( filepath )
# If no keystore exists at filepath, a new one is created for appInfo and empty credentials
let keystoreRes = loadAppKeystore ( path = filepath ,
appInfo = testAppInfo )
check :
keystoreRes . isOk ( )
let keystore = keystoreRes . get ( )
check :
keystore . hasKeys ( [ " application " , " appIdentifier " , " version " , " credentials " ] )
keystore [ " application " ] . getStr ( ) = = testAppInfo . application
keystore [ " appIdentifier " ] . getStr ( ) = = testAppInfo . appIdentifier
keystore [ " version " ] . getStr ( ) = = testAppInfo . version
# We assume the loaded keystore to not have credentials set (previous tests delete the keystore at filepath)
keystore [ " credentials " ] . getElems ( ) . len ( ) = = 0
2023-02-13 11:43:49 +01:00
test " Add credentials to keystore " :
2023-02-08 16:26:23 +01:00
let filepath = " ./testAppKeystore.txt "
defer : removeFile ( filepath )
# We generate a random identity credential (inter-value constrains are not enforced, otherwise we need to load e.g. zerokit RLN keygen)
var
idTrapdoor = randomSeqByte ( rng [ ] , 32 )
idNullifier = randomSeqByte ( rng [ ] , 32 )
idSecretHash = randomSeqByte ( rng [ ] , 32 )
idCommitment = randomSeqByte ( rng [ ] , 32 )
var idCredential = IdentityCredential ( idTrapdoor : idTrapdoor , idNullifier : idNullifier , idSecretHash : idSecretHash , idCommitment : idCommitment )
var contract = MembershipContract ( chainId : " 5 " , address : " 0x0123456789012345678901234567890123456789 " )
var index1 = MembershipIndex ( 1 )
var membershipGroup1 = MembershipGroup ( membershipContract : contract , treeIndex : index1 )
let membershipCredentials1 = MembershipCredentials ( identityCredential : idCredential ,
membershipGroups : @ [ membershipGroup1 ] )
# We generate a random identity credential (inter-value constrains are not enforced, otherwise we need to load e.g. zerokit RLN keygen)
idTrapdoor = randomSeqByte ( rng [ ] , 32 )
idNullifier = randomSeqByte ( rng [ ] , 32 )
idSecretHash = randomSeqByte ( rng [ ] , 32 )
idCommitment = randomSeqByte ( rng [ ] , 32 )
idCredential = IdentityCredential ( idTrapdoor : idTrapdoor , idNullifier : idNullifier , idSecretHash : idSecretHash , idCommitment : idCommitment )
var index2 = MembershipIndex ( 2 )
var membershipGroup2 = MembershipGroup ( membershipContract : contract , treeIndex : index2 )
let membershipCredentials2 = MembershipCredentials ( identityCredential : idCredential ,
membershipGroups : @ [ membershipGroup2 ] )
let password = " %m0um0ucoW% "
2023-02-13 11:43:49 +01:00
2023-02-08 16:26:23 +01:00
let keystoreRes = addMembershipCredentials ( path = filepath ,
credentials = @ [ membershipCredentials1 , membershipCredentials2 ] ,
password = password ,
appInfo = testAppInfo )
check :
keystoreRes . isOk ( )
2023-02-13 11:43:49 +01:00
test " Add/retrieve credentials in keystore " :
2023-02-08 16:26:23 +01:00
let filepath = " ./testAppKeystore.txt "
defer : removeFile ( filepath )
# We generate two random identity credentials (inter-value constrains are not enforced, otherwise we need to load e.g. zerokit RLN keygen)
var
idTrapdoor1 = randomSeqByte ( rng [ ] , 32 )
idNullifier1 = randomSeqByte ( rng [ ] , 32 )
idSecretHash1 = randomSeqByte ( rng [ ] , 32 )
idCommitment1 = randomSeqByte ( rng [ ] , 32 )
idCredential1 = IdentityCredential ( idTrapdoor : idTrapdoor1 , idNullifier : idNullifier1 , idSecretHash : idSecretHash1 , idCommitment : idCommitment1 )
2023-02-13 11:43:49 +01:00
2023-02-08 16:26:23 +01:00
var
idTrapdoor2 = randomSeqByte ( rng [ ] , 32 )
idNullifier2 = randomSeqByte ( rng [ ] , 32 )
idSecretHash2 = randomSeqByte ( rng [ ] , 32 )
idCommitment2 = randomSeqByte ( rng [ ] , 32 )
idCredential2 = IdentityCredential ( idTrapdoor : idTrapdoor2 , idNullifier : idNullifier2 , idSecretHash : idSecretHash2 , idCommitment : idCommitment2 )
2023-02-13 11:43:49 +01:00
2023-02-08 16:26:23 +01:00
# We generate two distinct membership groups
var contract1 = MembershipContract ( chainId : " 5 " , address : " 0x0123456789012345678901234567890123456789 " )
var index1 = MembershipIndex ( 1 )
var membershipGroup1 = MembershipGroup ( membershipContract : contract1 , treeIndex : index1 )
var contract2 = MembershipContract ( chainId : " 6 " , address : " 0x0000000000000000000000000000000000000000 " )
var index2 = MembershipIndex ( 2 )
var membershipGroup2 = MembershipGroup ( membershipContract : contract2 , treeIndex : index2 )
# We generate three membership credentials
let membershipCredentials1 = MembershipCredentials ( identityCredential : idCredential1 ,
membershipGroups : @ [ membershipGroup1 ] )
let membershipCredentials2 = MembershipCredentials ( identityCredential : idCredential2 ,
membershipGroups : @ [ membershipGroup2 ] )
let membershipCredentials3 = MembershipCredentials ( identityCredential : idCredential1 ,
membershipGroups : @ [ membershipGroup2 ] )
# This is the same as rlnMembershipCredentials3, should not change the keystore entry of idCredential
let membershipCredentials4 = MembershipCredentials ( identityCredential : idCredential1 ,
membershipGroups : @ [ membershipGroup2 ] )
let password = " %m0um0ucoW% "
2023-02-13 11:43:49 +01:00
2023-02-08 16:26:23 +01:00
# We add credentials to the keystore. Note that only 3 credentials should be effectively added, since rlnMembershipCredentials3 is equal to membershipCredentials2
let keystoreRes = addMembershipCredentials ( path = filepath ,
credentials = @ [ membershipCredentials1 , membershipCredentials2 , membershipCredentials3 , membershipCredentials4 ] ,
password = password ,
appInfo = testAppInfo )
check :
keystoreRes . isOk ( )
# We test retrieval of credentials.
2023-02-13 11:43:49 +01:00
var expectedMembershipGroups1 = @ [ membershipGroup1 , membershipGroup2 ]
2023-02-08 16:26:23 +01:00
expectedMembershipGroups1 . sort ( sortMembershipGroup )
let expectedCredential1 = MembershipCredentials ( identityCredential : idCredential1 ,
membershipGroups : expectedMembershipGroups1 )
2023-02-13 11:43:49 +01:00
var expectedMembershipGroups2 = @ [ membershipGroup2 ]
2023-02-08 16:26:23 +01:00
expectedMembershipGroups2 . sort ( sortMembershipGroup )
let expectedCredential2 = MembershipCredentials ( identityCredential : idCredential2 ,
membershipGroups : expectedMembershipGroups2 )
# We retrieve all credentials stored under password (no filter)
var recoveredCredentialsRes = getMembershipCredentials ( path = filepath ,
password = password ,
appInfo = testAppInfo )
check :
recoveredCredentialsRes . isOk ( )
recoveredCredentialsRes . get ( ) = = @ [ expectedCredential1 , expectedCredential2 ]
# We retrieve credentials by filtering on an IdentityCredential
recoveredCredentialsRes = getMembershipCredentials ( path = filepath ,
password = password ,
filterIdentityCredentials = @ [ idCredential1 ] ,
appInfo = testAppInfo )
check :
recoveredCredentialsRes . isOk ( )
recoveredCredentialsRes . get ( ) = = @ [ expectedCredential1 ]
# We retrieve credentials by filtering on multiple IdentityCredentials
recoveredCredentialsRes = getMembershipCredentials ( path = filepath ,
password = password ,
filterIdentityCredentials = @ [ idCredential1 , idCredential2 ] ,
appInfo = testAppInfo )
2023-02-13 11:43:49 +01:00
check :
2023-02-08 16:26:23 +01:00
recoveredCredentialsRes . isOk ( )
recoveredCredentialsRes . get ( ) = = @ [ expectedCredential1 , expectedCredential2 ]