Skip to content

Commit

Permalink
fix memkerl, kerl based verification used for sterotomy identifier ve…
Browse files Browse the repository at this point in the history 
…rifiers
  • Loading branch information
@Hellblazer
Hellblazer committed Nov 23, 2023
1 parent 307e8d8 commit e701c3e
Show file tree
Hide file tree
Showing 6 changed files with 42 additions and 50 deletions.
2 changes: 1 addition & 1 deletion cryptography/src/main/java/com/salesforce/apollo/crypto/JohnHancock.java
View file
Original file line number Diff line number Diff line change
Expand Up @@ -139,7 +139,7 @@ public Sig toSig() {
@Override
public String toString() {
return "Sig[" + Arrays.asList(bytes).stream().map(b -> Hex.hexSubString(b, 12)).toList() + ":"
+ algorithm.signatureCode() + "]";
+ algorithm.signatureCode() + " #" + sequenceNumber + "]";
}

public boolean verify(SigningThreshold threshold, Map<Integer, PublicKey> keys, InputStream input) {
Expand Down
18 changes: 9 additions & 9 deletions memberships/src/test/java/com/salesforce/apollo/membership/messaging/RbcTest.java
View file
Original file line number Diff line number Diff line change
Expand Up @@ -53,14 +53,14 @@
*/
public class RbcTest {

private static final Parameters.Builder parameters = Parameters.newBuilder()
.setMaxMessages(100)
.setFalsePositiveRate(0.0125)
.setBufferSize(500);
final AtomicReference<CountDownLatch> round = new AtomicReference<>();
private final List<Router> communications = new ArrayList<>();
private final AtomicInteger totalReceived = new AtomicInteger(0);
private List<ReliableBroadcaster> messengers;
private static final Parameters.Builder parameters = Parameters.newBuilder()
.setMaxMessages(100)
.setFalsePositiveRate(0.0125)
.setBufferSize(500);
final AtomicReference<CountDownLatch> round = new AtomicReference<>();
private final List<Router> communications = new ArrayList<>();
private final AtomicInteger totalReceived = new AtomicInteger(0);
private List<ReliableBroadcaster> messengers;

@AfterEach
public void after() {
Expand All @@ -75,7 +75,7 @@ public void broadcast() throws Exception {
MetricRegistry registry = new MetricRegistry();

var entropy = SecureRandom.getInstance("SHA1PRNG");
entropy.setSeed(new byte[] { 6, 6, 6 });
entropy.setSeed(new byte[] { 6, 6, 7, 6 });
var stereotomy = new StereotomyImpl(new MemKeyStore(), new MemKERL(DigestAlgorithm.DEFAULT), entropy);

List<SigningMember> members = IntStream.range(0, 50)
Expand Down
39 changes: 23 additions & 16 deletions memberships/src/test/java/com/salesforce/apollo/ring/RingCommunicationsTest.java
View file
Original file line number Diff line number Diff line change
Expand Up @@ -13,6 +13,7 @@
import org.junit.jupiter.api.Test;

import java.io.IOException;
import java.time.Duration;
import java.util.UUID;
import java.util.concurrent.CountDownLatch;
import java.util.concurrent.TimeUnit;
Expand Down Expand Up @@ -75,23 +76,29 @@ public Any ping(Any request) {
var cacheBuilder = ServerConnectionCache.newBuilder()
.setFactory(to -> InProcessChannelBuilder.forName(name).build());
var router = new RouterImpl(serverMember1, serverBuilder, cacheBuilder, null);
RouterImpl.CommonCommunications<TestItService, TestIt> commsA = router.create(serverMember1, context.getId(),
new ServiceImpl(local1, "A"), "A",
ServerImpl::new,
TestItClient::new, local1);
try {
RouterImpl.CommonCommunications<TestItService, TestIt> commsA = router.create(serverMember1,
context.getId(),
new ServiceImpl(local1, "A"),
"A", ServerImpl::new,
TestItClient::new, local1);

RouterImpl.CommonCommunications<TestItService, TestIt> commsB = router.create(serverMember2, context.getId(),
new ServiceImpl(local2, "B"), "B",
ServerImpl::new,
TestItClient::new, local2);
RouterImpl.CommonCommunications<TestItService, TestIt> commsB = router.create(serverMember2,
context.getId(),
new ServiceImpl(local2, "B"),
"B", ServerImpl::new,
TestItClient::new, local2);

router.start();
var sync = new RingCommunications<Member, TestItService>(context, serverMember1, commsA);
var countdown = new CountDownLatch(1);
sync.execute((link, round) -> link.ping(Any.getDefaultInstance()),
(result, destination) -> countdown.countDown());
assertTrue(countdown.await(1, TimeUnit.SECONDS), "Completed: " + countdown.getCount());
assertFalse(pinged1.get());
assertTrue(pinged2.get());
router.start();
var sync = new RingCommunications<Member, TestItService>(context, serverMember1, commsA);
var countdown = new CountDownLatch(1);
sync.execute((link, round) -> link.ping(Any.getDefaultInstance()),
(result, destination) -> countdown.countDown());
assertTrue(countdown.await(1, TimeUnit.SECONDS), "Completed: " + countdown.getCount());
assertFalse(pinged1.get());
assertTrue(pinged2.get());
} finally {
router.close(Duration.ofSeconds(5));
}
}
}
11 changes: 1 addition & 10 deletions stereotomy/src/main/java/com/salesforce/apollo/stereotomy/StereotomyImpl.java
View file
Original file line number Diff line number Diff line change
Expand Up @@ -450,9 +450,7 @@ public EstablishmentEvent getLastEstablishingEvent() {

@Override
public Optional<Verifier> getVerifier() {
// var veri = new StereotomyVerifier<D>(getIdentifier(), StereotomyImpl.this);
var veri = new Verifier.DefaultVerifier(getState().getKeys());
return Optional.of(veri);
return Optional.of(new StereotomyVerifier<D>(getIdentifier(), StereotomyImpl.this));
}

@Override
Expand Down Expand Up @@ -533,13 +531,6 @@ public Signer getSigner() {
return StereotomyImpl.this.getSigner(getState());
}

@Override
public Optional<Verifier> getVerifier() {
// var veri = new StereotomyVerifier<D>(getIdentifier(), StereotomyImpl.this);
var veri = new Verifier.DefaultVerifier(getState().getKeys());
return Optional.of(veri);
}

@Override
public int hashCode() {
final int prime = 31;
Expand Down
11 changes: 7 additions & 4 deletions stereotomy/src/main/java/com/salesforce/apollo/stereotomy/mem/MemKERL.java
View file
Original file line number Diff line number Diff line change
Expand Up @@ -22,7 +22,6 @@

import java.util.*;
import java.util.concurrent.ConcurrentHashMap;
import java.util.concurrent.ConcurrentSkipListMap;

import static com.salesforce.apollo.crypto.QualifiedBase64.qb64;
import static com.salesforce.apollo.stereotomy.identifier.QualifiedBase64Identifier.qb64;
Expand All @@ -41,7 +40,7 @@ public class MemKERL implements KERL {
// Order by <identifier>
private final Map<String, String> keyStateByIdentifier = new ConcurrentHashMap<>();
private final Map<String, Digest> locationToHash = new ConcurrentHashMap<>();
private final Map<ULong, String> sequenceNumberToLocation = new ConcurrentSkipListMap<>();
private final Map<String, String> sequenceNumberToLocation = new ConcurrentHashMap<>();
private final KeyEventProcessor processor = new KeyEventProcessor(
this);
// Order by <receiptOrdering>
Expand All @@ -68,6 +67,10 @@ public static String receiptDigestSuffix(EventCoordinates event, EventCoordinate
return qb64(event.getDigest()) + ':' + qb64(signer.getDigest());
}

public static String locationOrdering(Identifier identifier, ULong sequenceNumber) {
return qb64(identifier) + ':' + sequenceNumber;
}

/**
* Ordering by
*
Expand Down Expand Up @@ -154,7 +157,7 @@ public Map<EventCoordinates, JohnHancock> getValidations(EventCoordinates coordi

@Override
public KeyState getKeyState(Identifier identifier, ULong sequenceNumber) {
var location = sequenceNumberToLocation.get(sequenceNumber);
var location = sequenceNumberToLocation.get(locationOrdering(identifier, sequenceNumber));
return location == null ? null : keyState.get(location);
}

Expand All @@ -163,7 +166,7 @@ private void append(KeyEvent event, KeyState newState) {
events.put(coordinates, event);
eventsByHash.put(newState.getDigest(), coordinates);
locationToHash.put(coordinates, newState.getDigest());
sequenceNumberToLocation.put(event.getCoordinates().getSequenceNumber(), coordinates);
sequenceNumberToLocation.put(locationOrdering(event.getIdentifier(), event.getSequenceNumber()), coordinates);
keyState.put(coordinates, newState);
keyStateByIdentifier.put(qb64(event.getIdentifier()), coordinates);
}
Expand Down
11 changes: 1 addition & 10 deletions stereotomy/src/test/java/com/salesforce/apollo/stereotomy/VerifierTest.java
View file
Original file line number Diff line number Diff line change
Expand Up @@ -7,7 +7,6 @@

import java.security.SecureRandom;

import static org.junit.jupiter.api.Assertions.assertFalse;
import static org.junit.jupiter.api.Assertions.assertTrue;

/**
Expand All @@ -20,32 +19,24 @@ public void stereotomy() throws Exception {
entropy.setSeed(new byte[] { 6, 6, 6 });
var stereotomy = new StereotomyImpl(new MemKeyStore(), new MemKERL(DigestAlgorithm.DEFAULT), entropy);
var identifier = stereotomy.newIdentifier();
var verifier = new StereotomyVerifier<>(identifier.getIdentifier(), stereotomy);
var testMsg = "Give me food or give me slack or kill me";
var signature1 = identifier.getSigner().sign(testMsg.getBytes());
final var initialVerifier = identifier.getVerifier().get();
assertTrue(initialVerifier.verify(signature1, testMsg.getBytes()));
final var verifier = identifier.getVerifier().get();
assertTrue(verifier.verify(signature1, testMsg.getBytes()));

identifier.rotate();
identifier.rotate();

var tipVerifier = identifier.getVerifier().get();

assertFalse(tipVerifier.verify(signature1, testMsg.getBytes())); // only the keys from the tip are used
assertTrue(
verifier.verify(signature1, testMsg.getBytes())); // kerl verifier knows what key to use to verify the signature

final var signature2 = identifier.getSigner().sign(testMsg.getBytes());
assertTrue(tipVerifier.verify(signature2, testMsg.getBytes()));
assertTrue(verifier.verify(signature2, testMsg.getBytes()));

identifier.rotate();

final var signature3 = identifier.getSigner().sign(testMsg.getBytes());
assertTrue(verifier.verify(signature1, testMsg.getBytes()));
assertTrue(verifier.verify(signature3, testMsg.getBytes()));
assertFalse(tipVerifier.verify(signature3, testMsg.getBytes()));
assertFalse(tipVerifier.verify(signature3, testMsg.getBytes()));
}
}

0 comments on commit e701c3e

Please sign in to comment.