Merge #39

39: ECO655 - Correcting endian-ness of node-id to match node id of key-generator. r=sacherjj a=sacherjj

node-id was calculated with little endian instead of big.  Once changed I matched node-id generated with key-generator when fed same private_key.

https://casperlabs.atlassian.net/browse/ECO-655


Co-authored-by: Joe Sacher <[email protected]>

casperlabs_client/crypto.py

@@ -32,9 +32,10 @@ def node_public_address(public_key):
     x, y = numbers.x, numbers.y
 
     def int_to_32_bytes(x):
-        return x.to_bytes(x.bit_length(), byteorder="little")[0:32]
+        return x.to_bytes(x.bit_length(), byteorder="big")[-32:]
 
     a = int_to_32_bytes(x) + int_to_32_bytes(y)
+    print(a.hex())
 
     keccak_hash = keccak.new(digest_bits=256)
     keccak_hash.update(a)

tests/cert_files/node-id

@@ -0,0 +1 @@
+69e769920e32cc7f41dfe6b944dd8ab74228cd11

tests/cert_files/node.certificate.pem

@@ -0,0 +1,16 @@
+-----BEGIN CERTIFICATE-----
+MIICfTCCAiOgAwIBAgIUUhh2YxSda0gVTFpMNelPjQz9L1IwCgYIKoZIzj0EAwIw
+gZMxCzAJBgNVBAYTAlVTMQswCQYDVQQIDAJDQTESMBAGA1UEBwwJU2FuLURpZWdv
+MRgwFgYDVQQKDA9DYXNwZXJMYWJzLCBMTEMxFjAUBgNVBAsMDUlUIERlcGFydG1l
+bnQxMTAvBgNVBAMMKDY5ZTc2OTkyMGUzMmNjN2Y0MWRmZTZiOTQ0ZGQ4YWI3NDIy
+OGNkMTEwHhcNMjAwOTA5MDEzNjMxWhcNMjEwOTA5MDEzNjMxWjCBkzELMAkGA1UE
+BhMCVVMxCzAJBgNVBAgMAkNBMRIwEAYDVQQHDAlTYW4tRGllZ28xGDAWBgNVBAoM
+D0Nhc3BlckxhYnMsIExMQzEWMBQGA1UECwwNSVQgRGVwYXJ0bWVudDExMC8GA1UE
+AwwoNjllNzY5OTIwZTMyY2M3ZjQxZGZlNmI5NDRkZDhhYjc0MjI4Y2QxMTBZMBMG
+ByqGSM49AgEGCCqGSM49AwEHA0IABJ8jnhgl1xvrCI875LFbmOyaMAsMea7aVPE7
+EwvXTqT1owdPBOBXyxbqG7aEAXf7FEpOXFlyDZN3clJwjszdbaajUzBRMB0GA1Ud
+DgQWBBRjHGm9DriDZHVtJIHKX/XyG+N41DAfBgNVHSMEGDAWgBRjHGm9DriDZHVt
+JIHKX/XyG+N41DAPBgNVHRMBAf8EBTADAQH/MAoGCCqGSM49BAMCA0gAMEUCIFta
+nAzcvAVSpAut05wqkwD1C498M/e+Py2RSRIOrk3KAiEAixpAQXVw8S5rDchHZ3Y2
+rSFh5T4jOxuNeAWvc+qGQEY=
+-----END CERTIFICATE-----

tests/cert_files/node.key.pem

@@ -0,0 +1,5 @@
+-----BEGIN PRIVATE KEY-----
+MIGHAgEAMBMGByqGSM49AgEGCCqGSM49AwEHBG0wawIBAQQgS/XNRPTbU/QlE7+E
+yvAtTjfxuUDJWWzOxHDHFnxAx8OhRANCAASfI54YJdcb6wiPO+SxW5jsmjALDHmu
+2lTxOxML106k9aMHTwTgV8sW6hu2hAF3+xRKTlxZcg2Td3JScI7M3W2m
+-----END PRIVATE KEY-----

tests/test_certificate_generation.py

@@ -0,0 +1,46 @@
+from pathlib import Path
+
+from casperlabs_client import crypto
+
+from cryptography.hazmat.primitives import serialization
+from cryptography import x509
+from cryptography.hazmat.backends import default_backend
+
+from casperlabs_client.crypto import node_public_address
+from casperlabs_client.io import read_binary_file, read_file
+
+
+def test_key_to_certificate():
+    """
+    Using known good cert files from casperlabs/key-generator in `cert_files` directory to
+    test conversion from key to certificate.
+    """
+    current_path = Path(__file__).resolve().parent
+    cert_path = current_path / "cert_files"
+    node_cert_pem = cert_path / "node.certificate.pem"
+    node_key_pem = cert_path / "node.key.pem"
+    node_id = cert_path / "node-id"
+
+    # Read in and generate key
+    node_key_data = read_binary_file(node_key_pem)
+    private_key_obj = serialization.load_pem_private_key(
+        node_key_data, None, default_backend()
+    )
+    public_key_obj = private_key_obj.public_key()
+    node_address_data = read_file(node_id).strip()
+    node_address_calc = node_public_address(public_key_obj)
+    assert node_address_data == node_address_calc
+
+    # Read cert
+    node_cert_data = read_binary_file(node_cert_pem)
+    cert = x509.load_pem_x509_certificate(node_cert_data, default_backend())
+    print(cert)
+
+    py_cert_pem, key_pem = crypto.generate_node_certificates(
+        private_key_obj, private_key_obj.public_key()
+    )
+    py_cert = x509.load_pem_x509_certificate(py_cert_pem, default_backend())
+    print(py_cert)
+    # Due to time valid, these will not be exact.  Have to look manually.
+    # assert cert == py_cert
+    # assert py_cert_pem == node_cert_data