From e28ea4f303b32a8ccdabc052038711db30ebc7a0 Mon Sep 17 00:00:00 2001
From: Joe Sacher <321623+sacherjj@users.noreply.github.com>
Date: Tue, 8 Sep 2020 23:02:30 -0400
Subject: [PATCH] Correcting indian-ness of node-id to match node id of
 key-generator. This also is used in certificates.

---
 casperlabs_client/crypto.py           |  3 +-
 tests/cert_files/node-id              |  1 +
 tests/cert_files/node.certificate.pem | 16 ++++++++++
 tests/cert_files/node.key.pem         |  5 +++
 tests/test_certificate_generation.py  | 46 +++++++++++++++++++++++++++
 5 files changed, 70 insertions(+), 1 deletion(-)
 create mode 100644 tests/cert_files/node-id
 create mode 100644 tests/cert_files/node.certificate.pem
 create mode 100644 tests/cert_files/node.key.pem
 create mode 100644 tests/test_certificate_generation.py

diff --git a/casperlabs_client/crypto.py b/casperlabs_client/crypto.py
index 2303ee6..6348f87 100644
--- a/casperlabs_client/crypto.py
+++ b/casperlabs_client/crypto.py
@@ -32,9 +32,10 @@ def node_public_address(public_key):
     x, y = numbers.x, numbers.y
 
     def int_to_32_bytes(x):
-        return x.to_bytes(x.bit_length(), byteorder="little")[0:32]
+        return x.to_bytes(x.bit_length(), byteorder="big")[-32:]
 
     a = int_to_32_bytes(x) + int_to_32_bytes(y)
+    print(a.hex())
 
     keccak_hash = keccak.new(digest_bits=256)
     keccak_hash.update(a)
diff --git a/tests/cert_files/node-id b/tests/cert_files/node-id
new file mode 100644
index 0000000..e6a0c7c
--- /dev/null
+++ b/tests/cert_files/node-id
@@ -0,0 +1 @@
+69e769920e32cc7f41dfe6b944dd8ab74228cd11
diff --git a/tests/cert_files/node.certificate.pem b/tests/cert_files/node.certificate.pem
new file mode 100644
index 0000000..7523e56
--- /dev/null
+++ b/tests/cert_files/node.certificate.pem
@@ -0,0 +1,16 @@
+-----BEGIN CERTIFICATE-----
+MIICfTCCAiOgAwIBAgIUUhh2YxSda0gVTFpMNelPjQz9L1IwCgYIKoZIzj0EAwIw
+gZMxCzAJBgNVBAYTAlVTMQswCQYDVQQIDAJDQTESMBAGA1UEBwwJU2FuLURpZWdv
+MRgwFgYDVQQKDA9DYXNwZXJMYWJzLCBMTEMxFjAUBgNVBAsMDUlUIERlcGFydG1l
+bnQxMTAvBgNVBAMMKDY5ZTc2OTkyMGUzMmNjN2Y0MWRmZTZiOTQ0ZGQ4YWI3NDIy
+OGNkMTEwHhcNMjAwOTA5MDEzNjMxWhcNMjEwOTA5MDEzNjMxWjCBkzELMAkGA1UE
+BhMCVVMxCzAJBgNVBAgMAkNBMRIwEAYDVQQHDAlTYW4tRGllZ28xGDAWBgNVBAoM
+D0Nhc3BlckxhYnMsIExMQzEWMBQGA1UECwwNSVQgRGVwYXJ0bWVudDExMC8GA1UE
+AwwoNjllNzY5OTIwZTMyY2M3ZjQxZGZlNmI5NDRkZDhhYjc0MjI4Y2QxMTBZMBMG
+ByqGSM49AgEGCCqGSM49AwEHA0IABJ8jnhgl1xvrCI875LFbmOyaMAsMea7aVPE7
+EwvXTqT1owdPBOBXyxbqG7aEAXf7FEpOXFlyDZN3clJwjszdbaajUzBRMB0GA1Ud
+DgQWBBRjHGm9DriDZHVtJIHKX/XyG+N41DAfBgNVHSMEGDAWgBRjHGm9DriDZHVt
+JIHKX/XyG+N41DAPBgNVHRMBAf8EBTADAQH/MAoGCCqGSM49BAMCA0gAMEUCIFta
+nAzcvAVSpAut05wqkwD1C498M/e+Py2RSRIOrk3KAiEAixpAQXVw8S5rDchHZ3Y2
+rSFh5T4jOxuNeAWvc+qGQEY=
+-----END CERTIFICATE-----
diff --git a/tests/cert_files/node.key.pem b/tests/cert_files/node.key.pem
new file mode 100644
index 0000000..58a45c4
--- /dev/null
+++ b/tests/cert_files/node.key.pem
@@ -0,0 +1,5 @@
+-----BEGIN PRIVATE KEY-----
+MIGHAgEAMBMGByqGSM49AgEGCCqGSM49AwEHBG0wawIBAQQgS/XNRPTbU/QlE7+E
+yvAtTjfxuUDJWWzOxHDHFnxAx8OhRANCAASfI54YJdcb6wiPO+SxW5jsmjALDHmu
+2lTxOxML106k9aMHTwTgV8sW6hu2hAF3+xRKTlxZcg2Td3JScI7M3W2m
+-----END PRIVATE KEY-----
diff --git a/tests/test_certificate_generation.py b/tests/test_certificate_generation.py
new file mode 100644
index 0000000..6fcdd8f
--- /dev/null
+++ b/tests/test_certificate_generation.py
@@ -0,0 +1,46 @@
+from pathlib import Path
+
+from casperlabs_client import crypto
+
+from cryptography.hazmat.primitives import serialization
+from cryptography import x509
+from cryptography.hazmat.backends import default_backend
+
+from casperlabs_client.crypto import node_public_address
+from casperlabs_client.io import read_binary_file, read_file
+
+
+def test_key_to_certificate():
+    """
+    Using known good cert files from casperlabs/key-generator in `cert_files` directory to
+    test conversion from key to certificate.
+    """
+    current_path = Path(__file__).resolve().parent
+    cert_path = current_path / "cert_files"
+    node_cert_pem = cert_path / "node.certificate.pem"
+    node_key_pem = cert_path / "node.key.pem"
+    node_id = cert_path / "node-id"
+
+    # Read in and generate key
+    node_key_data = read_binary_file(node_key_pem)
+    private_key_obj = serialization.load_pem_private_key(
+        node_key_data, None, default_backend()
+    )
+    public_key_obj = private_key_obj.public_key()
+    node_address_data = read_file(node_id).strip()
+    node_address_calc = node_public_address(public_key_obj)
+    assert node_address_data == node_address_calc
+
+    # Read cert
+    node_cert_data = read_binary_file(node_cert_pem)
+    cert = x509.load_pem_x509_certificate(node_cert_data, default_backend())
+    print(cert)
+
+    py_cert_pem, key_pem = crypto.generate_node_certificates(
+        private_key_obj, private_key_obj.public_key()
+    )
+    py_cert = x509.load_pem_x509_certificate(py_cert_pem, default_backend())
+    print(py_cert)
+    # Due to time valid, these will not be exact.  Have to look manually.
+    # assert cert == py_cert
+    # assert py_cert_pem == node_cert_data