zf

zenflows testing
git clone https://s.sonu.ch/~srfsh/zf.git
Log | Files | Refs | Submodules | README | LICENSE
commit ac34de615fa7bcb2ee9de1120df9cbd0864f3350
parent 01772175bd27acf673b69a979f06f93807199731
Author: Jaromil <jaromil@dyne.org>
Date:   Thu, 30 Jun 2022 19:24:13 +0200

added zencode scripts and tests for sign/verify graphql

Diffstat:

Azencode/sign_graphql.zen | 11+++++++++++


Mzencode/test.sh | 114++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++---------


Azencode/verify_graphql.zen | 9+++++++++


3 files changed, 122 insertions(+), 12 deletions(-)

diff --git a/zencode/sign_graphql.zen b/zencode/sign_graphql.zen
@@ -0,0 +1,11 @@
+# The input expected is a graph query encoded as base64
+# and signed using ecdh
+
+Scenario schnorr: sign a graph query
+
+Given I have a 'base64' named 'graphql'
+and I have a 'keyring'
+
+When I create the schnorr signature of 'graphql'
+Then print 'schnorr signature' as 'base64'
+and print 'graphql' as 'base64'
diff --git a/zencode/test.sh b/zencode/test.sh
@@ -1,6 +1,6 @@
 #!/usr/bin/env bash
 
-conf="rngseed=hex:00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000"
+conf="debug=1,rngseed=hex:00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000"
 
 which zenroom > /dev/null
 if [ $? != 0 ]; then
@@ -22,15 +22,23 @@ function testzen() {
     script="${1}.zen"
     expect="$2"
     input="$3"
-    if [ "$input" != "" ]; then
-	tmpin=`mktemp`
-	echo "$input" > $tmpin
-	result=`cat $script | zenroom -z -c $conf -a $tmpin`
+    keys="$4"
+    tmpin=`mktemp`
+    tmpkey=`mktemp`
+    if [ -r "${input}" ]; then cp ${input} ${tmpin}; else echo "$input" > $tmpin; fi
+    if [ -r "${keys}" ]; then cp ${keys} ${tmpkey}; else echo "$keys" > $tmpkey; fi
+
+    if [ "$keys" != "" ]; then
+	result=`cat $script | zenroom -z -c $conf -a $tmpin -k $tmpkey 2>/dev/null`
+	rm -f $tmpin $tmpkey
+    elif [ "$input" != "" ]; then
+	result=`cat $script | zenroom -z -c $conf -a $tmpin 2>/dev/null`
 	rm -f $tmpin
     else
-	result=`cat $script | zenroom -z -c $conf`
+	result=`cat $script | zenroom -z -c $conf 2>/dev/null`
     fi
-    if [ $? != 0 ]; then
+    res=$?
+    if [ $res != 0 ]; then
 	echo "[!] Parse error in $script" >> $results
     else
 	if [ "$result" != "$expect" ]; then
@@ -38,18 +46,100 @@ function testzen() {
 	    echo "$result"
 	else
 	    echo " .  Success: $script" >> $results
+	    echo $result
 	fi
     fi
 }
 
-testzen keygen '{"bitcoin_address":"bc1qlsqa5rgnrma4agtjar4q5jv9pe4pxze7vsyvp7","ethereum_address":"05a94ba6d94f9056e79351a8fd1dc186b737993f","keyring":{"bitcoin":"L1ipn47zzKEDFhbHgJ3ef4Hwpf3ACu4CHEzDGXdJ4Wh6DtjV1woo","ecdh":"B4rYTWx6UMbc2YPWRNpl4w2M6gY9jqSa637n8Kr2pPc=","ethereum":"d6fe79ff70b4a8663d1ecf495a983ba6effd0392c636923dff08a0482f5e5d5f","reflow":"abYTJShT0ZBKU+ZwJlEIPNinT6TFU+unaKMEZ+u3kbs=","schnorr":"DR92VSF2l3Az1K1+LyWO13Jk1eBPmuhhPT2NbpxGgsk="},"pubkeys":{"ecdh_public_key":"BHdrWMNBRclVO1I1/iEaYjfEi5C0eEvG2GZgsCNq87qy8feZ74JEvnKK9FC07ThhJ8s4ON2ZQcLJ+8HpWMfKPww=","reflow_public_key":"FwWLOfRBAoZKfykEvq26iNn2D64gvwgCfinWWZnG4HotCuomB6EB9qJ0sinpV5LNB6GdkrKU3wvYMUU+fBMX8mtR77E3x/ljbqpwwpcmjB9YtONG1peywJvRhXqhIBJSALFTXAB2Y1XtM63Uw5/CBex8zH3wXyYU6sv/ctKi5bUZ2Zzqua9Q8LMqtgLsrrB9GDKbmPT1einkXVMLX0kuJV/AOTnA57q91HKXMCvlvlKs/sr5mJ70FchdEZl0UHIV","schnorr_public_key":"EZH/DtDoGvjabyqiHwROQpt5suHlD3JiMZ7Cqv8yAWZpewOm8i5TlOq6L6eBbc/J"}}'
+keyring='{"bitcoin_address":"bc1qlsqa5rgnrma4agtjar4q5jv9pe4pxze7vsyvp7","ethereum_address":"05a94ba6d94f9056e79351a8fd1dc186b737993f","keyring":{"bitcoin":"L1ipn47zzKEDFhbHgJ3ef4Hwpf3ACu4CHEzDGXdJ4Wh6DtjV1woo","ecdh":"B4rYTWx6UMbc2YPWRNpl4w2M6gY9jqSa637n8Kr2pPc=","ethereum":"d6fe79ff70b4a8663d1ecf495a983ba6effd0392c636923dff08a0482f5e5d5f","reflow":"abYTJShT0ZBKU+ZwJlEIPNinT6TFU+unaKMEZ+u3kbs=","schnorr":"DR92VSF2l3Az1K1+LyWO13Jk1eBPmuhhPT2NbpxGgsk="},"pubkeys":{"ecdh_public_key":"BHdrWMNBRclVO1I1/iEaYjfEi5C0eEvG2GZgsCNq87qy8feZ74JEvnKK9FC07ThhJ8s4ON2ZQcLJ+8HpWMfKPww=","reflow_public_key":"FwWLOfRBAoZKfykEvq26iNn2D64gvwgCfinWWZnG4HotCuomB6EB9qJ0sinpV5LNB6GdkrKU3wvYMUU+fBMX8mtR77E3x/ljbqpwwpcmjB9YtONG1peywJvRhXqhIBJSALFTXAB2Y1XtM63Uw5/CBex8zH3wXyYU6sv/ctKi5bUZ2Zzqua9Q8LMqtgLsrrB9GDKbmPT1einkXVMLX0kuJV/AOTnA57q91HKXMCvlvlKs/sr5mJ70FchdEZl0UHIV","schnorr_public_key":"EZH/DtDoGvjabyqiHwROQpt5suHlD3JiMZ7Cqv8yAWZpewOm8i5TlOq6L6eBbc/J"}}'
+
+testzen keygen ${keyring} > /dev/null
+
+testzen passgen_pbkdf2 '{"key_derivation":"hUWpLrhAYoeWA/0uNjn32a/YNwQc8S1mAI0IpWgPMLU="}' '{"salt":"c24463f5e352da20cb79a43f97436cce57344911e1d0ec0008cbedb5fabcca33","password":"my secret pass"}' > /dev/null
+
+testzen passverify_pbkdf2 '{"output":["1"]}' '{"hash":"hUWpLrhAYoeWA/0uNjn32a/YNwQc8S1mAI0IpWgPMLU=","salt":"c24463f5e352da20cb79a43f97436cce57344911e1d0ec0008cbedb5fabcca33","password": "my secret pass"}' > /dev/null
+
+gql64=`mktemp`
+
+# example graphql with most allowed characters used
+gqljson=`mktemp`
+cat <<EOF | base64 -w0 > ${gql64}
+mutation {
+  createEconomicEvent(
+    event: {
+      action: "produce"
+      provider: "01FWN12XX7TJX1AFF5KA4WPNN9" # bob
+      receiver: "01FWN12XX7TJX1AFF5KA4WPNN9" # bob
+      outputOf: "01FWN136SPDMKWWF23SWQZRM5F" # harvesting apples process
+      resourceConformsTo: "01FWN136Y4ZZ7K9F314HQ7MKRG" # apple
+      resourceQuantity: {
+        hasNumericalValue: 50
+        hasUnit: "01FWN136S5VPCCR3B3TGYDYEY9" # kilogram
+      }
+      atLocation: "01FWN136ZAPQ5ENBF3FZ79935D" # bob's farm
+      hasPointInTime: "2022-01-02T03:04:05Z"
+    }
+    newInventoriedResource: {
+      name: "bob's apples"
+      note: "bob's delish apples"
+      trackingIdentifier: "lot 123"
+      currentLocation: "01FWN136ZAPQ5ENBF3FZ79935D" # bob's farm
+      stage: "01FWN136X183DM43CTWXESNWAB" # fresh
+    }
+  ) {
+    economicEvent {
+      id
+      action {id}
+      provider {id}
+      receiver {id}
+      outputOf {id}
+      resourceConformsTo {id}
+      resourceQuantity {
+        hasNumericalValue
+        hasUnit {id}
+      }
+      atLocation {id}
+      hasPointInTime
+    }
+    economicResource { # this is the newly-created resource
+      id
+      name
+      note
+      trackingIdentifier
+      stage {id}
+      currentLocation {id}
+      conformsTo {id}
+      primaryAccountable {id}
+      custodian {id}
+      accountingQuantity {
+        hasNumericalValue
+        hasUnit {id}
+      }
+      onhandQuantity {
+        hasNumericalValue
+        hasUnit {id}
+      }
+    }
+  }
+}
+EOF
+
+cat <<EOF > ${gqljson}
+{"graphql":"`cat ${gql64}`"}
+EOF
+
+keyfile=`mktemp`
+echo ${keyring} > ${keyfile}
 
-testzen passgen_pbkdf2 '{"key_derivation":"hUWpLrhAYoeWA/0uNjn32a/YNwQc8S1mAI0IpWgPMLU="}' '{"salt":"c24463f5e352da20cb79a43f97436cce57344911e1d0ec0008cbedb5fabcca33","password":"my secret pass"}'
+gqlsigned=`mktemp`
+testzen sign_graphql '{"graphql":"bXV0YXRpb24gewogIGNyZWF0ZUVjb25vbWljRXZlbnQoCiAgICBldmVudDogewogICAgICBhY3Rpb246ICJwcm9kdWNlIgogICAgICBwcm92aWRlcjogIjAxRldOMTJYWDdUSlgxQUZGNUtBNFdQTk45IiAjIGJvYgogICAgICByZWNlaXZlcjogIjAxRldOMTJYWDdUSlgxQUZGNUtBNFdQTk45IiAjIGJvYgogICAgICBvdXRwdXRPZjogIjAxRldOMTM2U1BETUtXV0YyM1NXUVpSTTVGIiAjIGhhcnZlc3RpbmcgYXBwbGVzIHByb2Nlc3MKICAgICAgcmVzb3VyY2VDb25mb3Jtc1RvOiAiMDFGV04xMzZZNFpaN0s5RjMxNEhRN01LUkciICMgYXBwbGUKICAgICAgcmVzb3VyY2VRdWFudGl0eTogewogICAgICAgIGhhc051bWVyaWNhbFZhbHVlOiA1MAogICAgICAgIGhhc1VuaXQ6ICIwMUZXTjEzNlM1VlBDQ1IzQjNUR1lEWUVZOSIgIyBraWxvZ3JhbQogICAgICB9CiAgICAgIGF0TG9jYXRpb246ICIwMUZXTjEzNlpBUFE1RU5CRjNGWjc5OTM1RCIgIyBib2IncyBmYXJtCiAgICAgIGhhc1BvaW50SW5UaW1lOiAiMjAyMi0wMS0wMlQwMzowNDowNVoiCiAgICB9CiAgICBuZXdJbnZlbnRvcmllZFJlc291cmNlOiB7CiAgICAgIG5hbWU6ICJib2IncyBhcHBsZXMiCiAgICAgIG5vdGU6ICJib2IncyBkZWxpc2ggYXBwbGVzIgogICAgICB0cmFja2luZ0lkZW50aWZpZXI6ICJsb3QgMTIzIgogICAgICBjdXJyZW50TG9jYXRpb246ICIwMUZXTjEzNlpBUFE1RU5CRjNGWjc5OTM1RCIgIyBib2IncyBmYXJtCiAgICAgIHN0YWdlOiAiMDFGV04xMzZYMTgzRE00M0NUV1hFU05XQUIiICMgZnJlc2gKICAgIH0KICApIHsKICAgIGVjb25vbWljRXZlbnQgewogICAgICBpZAogICAgICBhY3Rpb24ge2lkfQogICAgICBwcm92aWRlciB7aWR9CiAgICAgIHJlY2VpdmVyIHtpZH0KICAgICAgb3V0cHV0T2Yge2lkfQogICAgICByZXNvdXJjZUNvbmZvcm1zVG8ge2lkfQogICAgICByZXNvdXJjZVF1YW50aXR5IHsKICAgICAgICBoYXNOdW1lcmljYWxWYWx1ZQogICAgICAgIGhhc1VuaXQge2lkfQogICAgICB9CiAgICAgIGF0TG9jYXRpb24ge2lkfQogICAgICBoYXNQb2ludEluVGltZQogICAgfQogICAgZWNvbm9taWNSZXNvdXJjZSB7ICMgdGhpcyBpcyB0aGUgbmV3bHktY3JlYXRlZCByZXNvdXJjZQogICAgICBpZAogICAgICBuYW1lCiAgICAgIG5vdGUKICAgICAgdHJhY2tpbmdJZGVudGlmaWVyCiAgICAgIHN0YWdlIHtpZH0KICAgICAgY3VycmVudExvY2F0aW9uIHtpZH0KICAgICAgY29uZm9ybXNUbyB7aWR9CiAgICAgIHByaW1hcnlBY2NvdW50YWJsZSB7aWR9CiAgICAgIGN1c3RvZGlhbiB7aWR9CiAgICAgIGFjY291bnRpbmdRdWFudGl0eSB7CiAgICAgICAgaGFzTnVtZXJpY2FsVmFsdWUKICAgICAgICBoYXNVbml0IHtpZH0KICAgICAgfQogICAgICBvbmhhbmRRdWFudGl0eSB7CiAgICAgICAgaGFzTnVtZXJpY2FsVmFsdWUKICAgICAgICBoYXNVbml0IHtpZH0KICAgICAgfQogICAgfQogIH0KfQo=","schnorr_signature":"CL7LFfLAIgE7e3U2KroR8q18EZ3KMCxaXpwE7MH+ZIpvIhAxIHrO9eZhRO6LQ9GAEtwdXnW04Q89O1eFo4C2JeFI/11i9rc7MjB3PIdBtUk="}' ${gqljson} ${keyfile} > ${gqlsigned}
+# cat sign_graphql.zen | zenroom -z -c ${conf} -k ${keyfile} -a ${gqljson} > ${gqlsigned}
 
-testzen passverify_pbkdf2 '{"output":["1"]}' '{"hash":"hUWpLrhAYoeWA/0uNjn32a/YNwQc8S1mAI0IpWgPMLU=","salt":"c24463f5e352da20cb79a43f97436cce57344911e1d0ec0008cbedb5fabcca33","password": "my secret pass"}'
+testzen verify_graphql '{"output":["VALID_SIGNATURE"]}' ${gqlsigned} ${keyfile} > /dev/null
+
+# cleanup tempfiles
+rm -f $keyfile $gqljson $gql64 $gqlsigned
 
 echo >> $results
 cat $results
 rm -f $results
-
-
diff --git a/zencode/verify_graphql.zen b/zencode/verify_graphql.zen
@@ -0,0 +1,9 @@
+Scenario schnorr: verify the signature of a graph query
+
+Given I have a 'base64' named 'graphql'
+and a 'schnorr signature'
+and a 'schnorr public key' in 'pubkeys'
+
+When I verify the 'graphql' has a schnorr signature in 'schnorr signature' by 'schnorr public key'
+
+Then print the string 'VALID SIGNATURE'