diff --git a/pkg/dynamicaccess/accesslogic.go b/pkg/dynamicaccess/accesslogic.go index aab18aa1174..671537486e9 100644 --- a/pkg/dynamicaccess/accesslogic.go +++ b/pkg/dynamicaccess/accesslogic.go @@ -33,7 +33,7 @@ type Decryptor interface { type Control interface { Decryptor // AddGrantee adds a new grantee to the ACT - AddGrantee(ctx context.Context, storage kvs.KeyValueStore, publisherPubKey, granteePubKey *ecdsa.PublicKey, accessKey *encryption.Key) error + AddGrantee(ctx context.Context, storage kvs.KeyValueStore, publisherPubKey, granteePubKey *ecdsa.PublicKey) error // EncryptRef encrypts a Swarm reference for a given grantee EncryptRef(ctx context.Context, storage kvs.KeyValueStore, grantee *ecdsa.PublicKey, ref swarm.Address) (swarm.Address, error) } @@ -44,13 +44,6 @@ type ActLogic struct { var _ Control = (*ActLogic)(nil) -// AddPublisher adds a new publisher to an empty act. -func (al ActLogic) AddPublisher(ctx context.Context, storage kvs.KeyValueStore, publisher *ecdsa.PublicKey) error { - accessKey := encryption.GenerateRandomKey(encryption.KeyLength) - - return al.AddGrantee(ctx, storage, publisher, publisher, &accessKey) -} - // EncryptRef encrypts a SWARM reference for a publisher. func (al ActLogic) EncryptRef(ctx context.Context, storage kvs.KeyValueStore, publisherPubKey *ecdsa.PublicKey, ref swarm.Address) (swarm.Address, error) { accessKey, err := al.getAccessKey(ctx, storage, publisherPubKey) @@ -67,21 +60,21 @@ func (al ActLogic) EncryptRef(ctx context.Context, storage kvs.KeyValueStore, pu } // AddGrantee adds a new grantee to the ACT. -func (al ActLogic) AddGrantee(ctx context.Context, storage kvs.KeyValueStore, publisherPubKey, granteePubKey *ecdsa.PublicKey, accessKeyPointer *encryption.Key) error { +func (al ActLogic) AddGrantee(ctx context.Context, storage kvs.KeyValueStore, publisherPubKey, granteePubKey *ecdsa.PublicKey) error { var ( accessKey encryption.Key err error ) - if accessKeyPointer == nil { + // Create new access key because grantee is the publisher + if publisherPubKey.Equal(granteePubKey) { + accessKey = encryption.GenerateRandomKey(encryption.KeyLength) + } else { // Get previously generated access key accessKey, err = al.getAccessKey(ctx, storage, publisherPubKey) if err != nil { return err } - } else { - // This is a newly created access key, because grantee is publisher (they are the same) - accessKey = *accessKeyPointer } // Encrypt the access key for the new Grantee diff --git a/pkg/dynamicaccess/accesslogic_test.go b/pkg/dynamicaccess/accesslogic_test.go index 93b65f1bdaf..b8cab2f8fbf 100644 --- a/pkg/dynamicaccess/accesslogic_test.go +++ b/pkg/dynamicaccess/accesslogic_test.go @@ -56,50 +56,48 @@ func getPrivKey(keyNumber int) *ecdsa.PrivateKey { } func TestDecryptRef_Success(t *testing.T) { + t.Parallel() ctx := context.Background() - id0 := getPrivKey(0) + id1 := getPrivKey(1) s := kvsmock.New() al := setupAccessLogic() - err := al.AddPublisher(ctx, s, &id0.PublicKey) + err := al.AddGrantee(ctx, s, &id1.PublicKey, &id1.PublicKey) if err != nil { - t.Fatalf("AddPublisher: expected no error, got %v", err) + t.Fatalf("AddGrantee: expected no error, got %v", err) } byteRef, _ := hex.DecodeString("39a5ea87b141fe44aa609c3327ecd896c0e2122897f5f4bbacf74db1033c5559") - expectedRef := swarm.NewAddress(byteRef) - t.Logf("encryptedRef: %s", expectedRef.String()) - - encryptedRef, err := al.EncryptRef(ctx, s, &id0.PublicKey, expectedRef) - t.Logf("encryptedRef: %s", encryptedRef.String()) + encryptedRef, err := al.EncryptRef(ctx, s, &id1.PublicKey, expectedRef) if err != nil { t.Fatalf("There was an error while calling EncryptRef: %v", err) } - actualRef, err := al.DecryptRef(ctx, s, encryptedRef, &id0.PublicKey) + actualRef, err := al.DecryptRef(ctx, s, encryptedRef, &id1.PublicKey) if err != nil { t.Fatalf("There was an error while calling Get: %v", err) } - if expectedRef.Compare(actualRef) != 0 { - t.Fatalf("Get gave back wrong Swarm reference!") + if !expectedRef.Equal(actualRef) { + t.Fatalf("DecryptRef gave back wrong Swarm reference! Expedted: %v, actual: %v", expectedRef, actualRef) } } func TestDecryptRefWithGrantee_Success(t *testing.T) { + t.Parallel() ctx := context.Background() id0, _ := ecdsa.GenerateKey(elliptic.P256(), rand.Reader) diffieHellman := dynamicaccess.NewDefaultSession(id0) al := dynamicaccess.NewLogic(diffieHellman) s := kvsmock.New() - err := al.AddPublisher(ctx, s, &id0.PublicKey) + err := al.AddGrantee(ctx, s, &id0.PublicKey, &id0.PublicKey) if err != nil { - t.Fatalf("AddPublisher: expected no error, got %v", err) + t.Fatalf("AddGrantee: expected no error, got %v", err) } id1, _ := ecdsa.GenerateKey(elliptic.P256(), rand.Reader) - err = al.AddGrantee(ctx, s, &id0.PublicKey, &id1.PublicKey, nil) + err = al.AddGrantee(ctx, s, &id0.PublicKey, &id1.PublicKey) if err != nil { t.Fatalf("AddNewGrantee: expected no error, got %v", err) } @@ -107,10 +105,8 @@ func TestDecryptRefWithGrantee_Success(t *testing.T) { byteRef, _ := hex.DecodeString("39a5ea87b141fe44aa609c3327ecd896c0e2122897f5f4bbacf74db1033c5559") expectedRef := swarm.NewAddress(byteRef) - t.Logf("encryptedRef: %s", expectedRef.String()) encryptedRef, err := al.EncryptRef(ctx, s, &id0.PublicKey, expectedRef) - t.Logf("encryptedRef: %s", encryptedRef.String()) if err != nil { t.Fatalf("There was an error while calling EncryptRef: %v", err) } @@ -122,18 +118,19 @@ func TestDecryptRefWithGrantee_Success(t *testing.T) { t.Fatalf("There was an error while calling Get: %v", err) } - if expectedRef.Compare(actualRef) != 0 { - t.Fatalf("Get gave back wrong Swarm reference!") + if !expectedRef.Equal(actualRef) { + t.Fatalf("DecryptRef gave back wrong Swarm reference! Expedted: %v, actual: %v", expectedRef, actualRef) } } func TestDecryptRef_Error(t *testing.T) { + t.Parallel() id0 := getPrivKey(0) ctx := context.Background() s := kvsmock.New() al := setupAccessLogic() - err := al.AddPublisher(ctx, s, &id0.PublicKey) + err := al.AddGrantee(ctx, s, &id0.PublicKey, &id0.PublicKey) assert.NoError(t, err) expectedRef := "39a5ea87b141fe44aa609c3327ecd896c0e2122897f5f4bbacf74db1033c5559" @@ -148,13 +145,14 @@ func TestDecryptRef_Error(t *testing.T) { } func TestAddPublisher(t *testing.T) { + t.Parallel() id0 := getPrivKey(0) savedLookupKey := "b6ee086390c280eeb9824c331a4427596f0c8510d5564bc1b6168d0059a46e2b" s := kvsmock.New() ctx := context.Background() al := setupAccessLogic() - err := al.AddPublisher(ctx, s, &id0.PublicKey) + err := al.AddGrantee(ctx, s, &id0.PublicKey, &id0.PublicKey) assert.NoError(t, err) decodedSavedLookupKey, err := hex.DecodeString(savedLookupKey) @@ -168,14 +166,15 @@ func TestAddPublisher(t *testing.T) { // A random value is returned, so it is only possible to check the length of the returned value // We know the lookup key because the generated private key is fixed if len(decodedEncryptedAccessKey) != 64 { - t.Fatalf("AddPublisher: expected encrypted access key length 64, got %d", len(decodedEncryptedAccessKey)) + t.Fatalf("AddGrantee: expected encrypted access key length 64, got %d", len(decodedEncryptedAccessKey)) } if s == nil { - t.Fatalf("AddPublisher: expected act, got nil") + t.Fatalf("AddGrantee: expected act, got nil") } } func TestAddNewGranteeToContent(t *testing.T) { + t.Parallel() id0 := getPrivKey(0) id1 := getPrivKey(1) id2 := getPrivKey(2) @@ -187,13 +186,13 @@ func TestAddNewGranteeToContent(t *testing.T) { s := kvsmock.New() al := setupAccessLogic() - err := al.AddPublisher(ctx, s, &id0.PublicKey) + err := al.AddGrantee(ctx, s, &id0.PublicKey, &id0.PublicKey) assert.NoError(t, err) - err = al.AddGrantee(ctx, s, &id0.PublicKey, &id1.PublicKey, nil) + err = al.AddGrantee(ctx, s, &id0.PublicKey, &id1.PublicKey) assert.NoError(t, err) - err = al.AddGrantee(ctx, s, &id0.PublicKey, &id2.PublicKey, nil) + err = al.AddGrantee(ctx, s, &id0.PublicKey, &id2.PublicKey) assert.NoError(t, err) lookupKeyAsByte, err := hex.DecodeString(publisherLookupKey) diff --git a/pkg/dynamicaccess/controller.go b/pkg/dynamicaccess/controller.go index 2b3c9e24ace..030e7c3316d 100644 --- a/pkg/dynamicaccess/controller.go +++ b/pkg/dynamicaccess/controller.go @@ -86,7 +86,7 @@ func (c *ControllerStruct) UploadHandler( if err != nil { return swarm.ZeroAddress, swarm.ZeroAddress, swarm.ZeroAddress, err } - err = c.accessLogic.AddPublisher(ctx, storage, publisher) + err = c.accessLogic.AddGrantee(ctx, storage, publisher, publisher) if err != nil { return swarm.ZeroAddress, swarm.ZeroAddress, swarm.ZeroAddress, err } @@ -168,7 +168,7 @@ func (c *ControllerStruct) UpdateHandler( if err != nil { return swarm.ZeroAddress, swarm.ZeroAddress, swarm.ZeroAddress, swarm.ZeroAddress, err } - err = c.accessLogic.AddPublisher(ctx, act, publisher) + err = c.accessLogic.AddGrantee(ctx, act, publisher, publisher) if err != nil { return swarm.ZeroAddress, swarm.ZeroAddress, swarm.ZeroAddress, swarm.ZeroAddress, err } @@ -211,7 +211,7 @@ func (c *ControllerStruct) UpdateHandler( if err != nil { return swarm.ZeroAddress, swarm.ZeroAddress, swarm.ZeroAddress, swarm.ZeroAddress, err } - err = c.accessLogic.AddPublisher(ctx, act, publisher) + err = c.accessLogic.AddGrantee(ctx, act, publisher, publisher) if err != nil { return swarm.ZeroAddress, swarm.ZeroAddress, swarm.ZeroAddress, swarm.ZeroAddress, err } @@ -221,7 +221,7 @@ func (c *ControllerStruct) UpdateHandler( } for _, grantee := range granteesToAdd { - err := c.accessLogic.AddGrantee(ctx, act, publisher, grantee, nil) + err := c.accessLogic.AddGrantee(ctx, act, publisher, grantee) if err != nil { return swarm.ZeroAddress, swarm.ZeroAddress, swarm.ZeroAddress, swarm.ZeroAddress, err } diff --git a/pkg/dynamicaccess/controller_test.go b/pkg/dynamicaccess/controller_test.go index 6aa7757a5ca..7118368afa8 100644 --- a/pkg/dynamicaccess/controller_test.go +++ b/pkg/dynamicaccess/controller_test.go @@ -32,15 +32,15 @@ func getHistoryFixture(ctx context.Context, ls file.LoadSaver, al dynamicaccess. pk2 := getPrivKey(2) kvs0, _ := kvs.New(ls) - al.AddPublisher(ctx, kvs0, publisher) + al.AddGrantee(ctx, kvs0, publisher, publisher) kvs0Ref, _ := kvs0.Save(ctx) kvs1, _ := kvs.New(ls) - al.AddPublisher(ctx, kvs1, publisher) - al.AddGrantee(ctx, kvs1, publisher, &pk1.PublicKey, nil) + al.AddGrantee(ctx, kvs1, publisher, publisher) + al.AddGrantee(ctx, kvs1, publisher, &pk1.PublicKey) kvs1Ref, _ := kvs1.Save(ctx) kvs2, _ := kvs.New(ls) - al.AddPublisher(ctx, kvs2, publisher) - al.AddGrantee(ctx, kvs2, publisher, &pk2.PublicKey, nil) + al.AddGrantee(ctx, kvs2, publisher, publisher) + al.AddGrantee(ctx, kvs2, publisher, &pk2.PublicKey) kvs2Ref, _ := kvs2.Save(ctx) firstTime := time.Date(1994, time.April, 1, 0, 0, 0, 0, time.UTC).Unix() secondTime := time.Date(2000, time.April, 1, 0, 0, 0, 0, time.UTC).Unix() @@ -53,6 +53,7 @@ func getHistoryFixture(ctx context.Context, ls file.LoadSaver, al dynamicaccess. } func TestController_UploadHandler(t *testing.T) { + t.Parallel() ctx := context.Background() publisher := getPrivKey(0) diffieHellman := dynamicaccess.NewDefaultSession(publisher) @@ -101,6 +102,7 @@ func TestController_UploadHandler(t *testing.T) { } func TestController_PublisherDownload(t *testing.T) { + t.Parallel() ctx := context.Background() publisher := getPrivKey(0) diffieHellman := dynamicaccess.NewDefaultSession(publisher) @@ -122,6 +124,7 @@ func TestController_PublisherDownload(t *testing.T) { } func TestController_GranteeDownload(t *testing.T) { + t.Parallel() ctx := context.Background() publisher := getPrivKey(0) grantee := getPrivKey(2) @@ -147,7 +150,8 @@ func TestController_GranteeDownload(t *testing.T) { assert.Equal(t, ref, dref) } -func TestController_HandleGrantees(t *testing.T) { +func TestController_UpdateHandler(t *testing.T) { + t.Parallel() ctx := context.Background() publisher := getPrivKey(1) diffieHellman := dynamicaccess.NewDefaultSession(publisher) @@ -223,7 +227,8 @@ func TestController_HandleGrantees(t *testing.T) { }) } -func TestController_GetGrantees(t *testing.T) { +func TestController_Get(t *testing.T) { + t.Parallel() ctx := context.Background() publisher := getPrivKey(1) caller := getPrivKey(0) diff --git a/pkg/dynamicaccess/grantee_test.go b/pkg/dynamicaccess/grantee_test.go index 91e44569b2a..f9a9b0904f8 100644 --- a/pkg/dynamicaccess/grantee_test.go +++ b/pkg/dynamicaccess/grantee_test.go @@ -52,6 +52,7 @@ func generateKeyListFixture() ([]*ecdsa.PublicKey, error) { } func TestGranteeAddGet(t *testing.T) { + t.Parallel() gl, _ := dynamicaccess.NewGranteeList(createLs()) keys, err := generateKeyListFixture() if err != nil { @@ -116,6 +117,7 @@ func TestGranteeAddGet(t *testing.T) { } func TestGranteeRemove(t *testing.T) { + t.Parallel() gl, _ := dynamicaccess.NewGranteeList(createLs()) keys, err := generateKeyListFixture() if err != nil { @@ -163,6 +165,7 @@ func TestGranteeRemove(t *testing.T) { } func TestGranteeSave(t *testing.T) { + t.Parallel() ctx := context.Background() keys, err := generateKeyListFixture() if err != nil { diff --git a/pkg/dynamicaccess/history_test.go b/pkg/dynamicaccess/history_test.go index edc86dc7f22..871b5241eab 100644 --- a/pkg/dynamicaccess/history_test.go +++ b/pkg/dynamicaccess/history_test.go @@ -21,6 +21,7 @@ import ( ) func TestHistoryAdd(t *testing.T) { + t.Parallel() h, err := dynamicaccess.NewHistory(nil) assert.NoError(t, err) @@ -33,6 +34,7 @@ func TestHistoryAdd(t *testing.T) { } func TestSingleNodeHistoryLookup(t *testing.T) { + t.Parallel() storer := mockstorer.New() ctx := context.Background() ls := loadsave.New(storer.ChunkStore(), storer.Cache(), pipelineFactory(storer.Cache(), false)) @@ -56,6 +58,7 @@ func TestSingleNodeHistoryLookup(t *testing.T) { } func TestMultiNodeHistoryLookup(t *testing.T) { + t.Parallel() storer := mockstorer.New() ctx := context.Background() ls := loadsave.New(storer.ChunkStore(), storer.Cache(), pipelineFactory(storer.Cache(), false)) @@ -121,6 +124,7 @@ func TestMultiNodeHistoryLookup(t *testing.T) { } func TestHistoryStore(t *testing.T) { + t.Parallel() storer := mockstorer.New() ctx := context.Background() ls := loadsave.New(storer.ChunkStore(), storer.Cache(), pipelineFactory(storer.Cache(), false)) diff --git a/pkg/kvs/kvs_test.go b/pkg/kvs/kvs_test.go index e2da7aa7030..2f9af999a95 100644 --- a/pkg/kvs/kvs_test.go +++ b/pkg/kvs/kvs_test.go @@ -38,6 +38,7 @@ func keyValuePair(t *testing.T) ([]byte, []byte) { } func TestKvs(t *testing.T) { + t.Parallel() s, err := kvs.New(createLs()) assert.NoError(t, err) @@ -119,6 +120,7 @@ func TestKvs(t *testing.T) { } func TestKvs_Save(t *testing.T) { + t.Parallel() ctx := context.Background() key1, val1 := keyValuePair(t)