Constructing message_kit with Signature - we'll do this a better way soon.

2018-02-12 12:58:10 -08:00 · 2018-02-12 12:58:10 -08:00 · 7551d79fd6
parent 6aeef2f6ec
commit 7551d79fd6
2 changed files with 30 additions and 4 deletions
--- a/nkms/characters.py
+++ b/nkms/characters.py
@ -178,6 +178,7 @@ class Character(object):
                message_kit = self._crypto_power.encrypt_for(
                        actor.public_key(EncryptingPower), plaintext)
                signature = self.seal(message_kit)
+            message_kit.alice_pubkey = self.public_key(SigningPower)
        else:
            signature = NOT_SIGNED
            message_kit = self._crypto_power.encrypt_for(
@ -214,6 +215,7 @@ class Character(object):
                cleartext_with_sig = self._crypto_power.decrypt(message_kit)
                signature, cleartext = BytestringSplitter(Signature)(cleartext_with_sig,
                                                                       return_remainder=True)
+                message_kit.signature = signature  # TODO: Obviously this is the wrong way to do this.  Let's make signature a property.
            else:
                raise ValueError(
                    "Can't look for a signature on the cleartext if we're not \
@ -235,10 +237,7 @@ class Character(object):

    def public_key(self, key_class):
        # TODO: Does it make sense to have a specialized exception here? Probably.
-        try:
-            return self._crypto_power.public_keys[key_class]
-        except KeyError:
-            raise  
+        return self._crypto_power.public_keys[key_class]


 class Alice(Character):
--- a/tests/crypto/test_signature.py
+++ b/tests/crypto/test_signature.py
@ -0,0 +1,27 @@
+from nkms.crypto.api import ecdsa_sign
+from umbral.keys import UmbralPrivateKey
+from nkms.crypto.signature import Signature
+
+
+def test_signature_can_verify():
+    privkey = UmbralPrivateKey.gen_key()
+    message = b"attack at dawn"
+    der_sig_bytes = ecdsa_sign(message, privkey)
+    signature = Signature.from_bytes(der_sig_bytes, der_encoded=True)
+    assert signature.verify(message, privkey.get_pubkey())
+
+
+def test_signature_rs_serialization():
+    privkey = UmbralPrivateKey.gen_key()
+    message = b"attack at dawn"
+    der_sig_bytes = ecdsa_sign(message, privkey)
+
+    signature_from_der = Signature.from_bytes(der_sig_bytes, der_encoded=True)
+    rs_sig_bytes = bytes(signature_from_der)
+    assert len(rs_sig_bytes) == 64
+
+    signature_from_rs = Signature.from_bytes(rs_sig_bytes, der_encoded=False)
+
+    assert signature_from_rs == signature_from_der
+    assert signature_from_rs == der_sig_bytes
+    assert signature_from_rs.verify(message, privkey.get_pubkey())