diff --git a/indy_common/state/domain.py b/indy_common/state/domain.py index b895b57df..f6e5863e9 100644 --- a/indy_common/state/domain.py +++ b/indy_common/state/domain.py @@ -11,9 +11,10 @@ MARKER_ATTR = "\01" MARKER_SCHEMA = "\02" MARKER_CLAIM_DEF = "\03" -MARKER_REVOC_DEF = "\04" -MARKER_REVOC_REG_ENTRY = "\05" -MARKER_REVOC_REG_ENTRY_ACCUM = "\06" +# TODO: change previous markers in "request refactoring" sprint +MARKER_REVOC_DEF = "4" +MARKER_REVOC_REG_ENTRY = "5" +MARKER_REVOC_REG_ENTRY_ACCUM = "6" LAST_SEQ_NO = "lsn" VALUE = "val" LAST_UPDATE_TIME = "lut" diff --git a/indy_node/server/domain_req_handler.py b/indy_node/server/domain_req_handler.py index 8f9bed4a0..38283fc48 100644 --- a/indy_node/server/domain_req_handler.py +++ b/indy_node/server/domain_req_handler.py @@ -275,7 +275,16 @@ def _validate_revoc_reg_def(self, req: Request): assert cred_def_id assert revoc_def_tag assert revoc_def_type - cred_def, _, _, _ = self.lookup(cred_def_id, isCommitted=False) + tags = cred_def_id.split(":") + if len(tags) != 4: + raise InvalidClientRequest(req.identifier, + req.reqId, + "Format of {} field is not acceptable. " + "Expected: 'did:marker:signature_type:seq_no'".format(CRED_DEF_ID)) + cred_def_path = domain.make_state_path_for_claim_def(authors_did=tags[0], + signature_type=tags[2], + schema_seq_no=tags[3]) + cred_def, _, _, _ = self.lookup(cred_def_path, isCommitted=False) if cred_def is None: raise InvalidClientRequest(req.identifier, req.reqId, diff --git a/indy_node/test/anon_creds/conftest.py b/indy_node/test/anon_creds/conftest.py index 281f01a1c..317a3bf35 100644 --- a/indy_node/test/anon_creds/conftest.py +++ b/indy_node/test/anon_creds/conftest.py @@ -17,6 +17,14 @@ from plenum.test.helper import create_new_test_node +def build_path_for_claim_def(did, sig_type, seq_no): + return "{DID}:{MARKER}:{SIGNATURE_TYPE}:{SCHEMA_SEQ_NO}" \ + .format(DID=did, + MARKER="3", + SIGNATURE_TYPE=sig_type, + SCHEMA_SEQ_NO=seq_no) + + @pytest.fixture(scope="module") def create_node_and_not_start(testNodeClass, node_config_helper_class, @@ -48,7 +56,7 @@ def add_revoc_def_by_default(create_node_and_not_start, TXN_TYPE: REVOC_REG_DEF, REVOC_TYPE: "CL_ACCUM", TAG: randomString(5), - CRED_DEF_ID: randomString(50), + CRED_DEF_ID: ":".join(4*[randomString(10)]), VALUE:{ ISSUANCE_TYPE: ISSUANCE_BY_DEFAULT, MAX_CRED_NUM: 1000000, @@ -107,7 +115,7 @@ def add_revoc_def_by_demand(create_node_and_not_start, TXN_TYPE: REVOC_REG_DEF, REVOC_TYPE: "CL_ACCUM", TAG: randomString(5), - CRED_DEF_ID: randomString(50), + CRED_DEF_ID: ":".join(4 * [randomString(10)]), VALUE:{ ISSUANCE_TYPE: ISSUANCE_ON_DEMAND, MAX_CRED_NUM: 1000000, @@ -190,7 +198,7 @@ def build_revoc_def_by_default(looper, sdk_wallet_steward): TXN_TYPE: REVOC_REG_DEF, REVOC_TYPE: "CL_ACCUM", TAG: randomString(5), - CRED_DEF_ID: randomString(50), + CRED_DEF_ID: ":".join(4 * [randomString(10)]), VALUE:{ ISSUANCE_TYPE: ISSUANCE_BY_DEFAULT, MAX_CRED_NUM: 1000000, @@ -209,7 +217,7 @@ def build_revoc_def_by_demand(looper, sdk_wallet_steward): TXN_TYPE: REVOC_REG_DEF, REVOC_TYPE: "CL_ACCUM", TAG: randomString(5), - CRED_DEF_ID: randomString(50), + CRED_DEF_ID: ":".join(4 * [randomString(10)]), VALUE:{ ISSUANCE_TYPE: ISSUANCE_ON_DEMAND, MAX_CRED_NUM: 1000000, @@ -231,10 +239,9 @@ def send_revoc_reg_def_by_default(looper, _, author_did = sdk_wallet_steward claim_def_req = send_claim_def revoc_reg = build_revoc_def_by_default - revoc_reg['operation'][CRED_DEF_ID] = ":".join([author_did, - domain.MARKER_CLAIM_DEF, - claim_def_req['operation']["signature_type"], - str(claim_def_req['operation']["ref"])]) + revoc_reg['operation'][CRED_DEF_ID] = build_path_for_claim_def(author_did, + claim_def_req['operation']["signature_type"], + str(claim_def_req['operation']["ref"])) revoc_req = sdk_sign_request_from_dict(looper, sdk_wallet_steward, revoc_reg['operation']) _, revoc_reply = sdk_send_and_check([json.dumps(revoc_req)], looper, txnPoolNodeSet, sdk_pool_handle)[0] return revoc_req, revoc_reply @@ -249,10 +256,9 @@ def send_revoc_reg_def_by_demand(looper, _, author_did = sdk_wallet_steward claim_def_req = send_claim_def revoc_reg = build_revoc_def_by_demand - revoc_reg['operation'][CRED_DEF_ID] = ":".join([author_did, - domain.MARKER_CLAIM_DEF, - claim_def_req['operation']["signature_type"], - str(claim_def_req['operation']["ref"])]) + revoc_reg['operation'][CRED_DEF_ID] = build_path_for_claim_def(author_did, + claim_def_req['operation']["signature_type"], + str(claim_def_req['operation']["ref"])) revoc_req = sdk_sign_request_from_dict(looper, sdk_wallet_steward, revoc_reg['operation']) sdk_send_and_check([json.dumps(revoc_req)], looper, txnPoolNodeSet, sdk_pool_handle) return revoc_req diff --git a/indy_node/test/anon_creds/test_revoc_def_validation.py b/indy_node/test/anon_creds/test_revoc_def_validation.py index e6728ad37..46833309e 100644 --- a/indy_node/test/anon_creds/test_revoc_def_validation.py +++ b/indy_node/test/anon_creds/test_revoc_def_validation.py @@ -1,6 +1,8 @@ import pytest from indy_common.types import Request +from indy_common.constants import CRED_DEF_ID from plenum.common.exceptions import InvalidClientRequest +from plenum.common.util import randomString def test_validation_cred_def_not_present(build_revoc_def_by_default, @@ -11,3 +13,12 @@ def test_validation_cred_def_not_present(build_revoc_def_by_default, with pytest.raises(InvalidClientRequest, match="There is no any CRED_DEF"): req_handler.validate(Request(**req)) + +def test_invalid_cred_def_id_format(build_revoc_def_by_default, + create_node_and_not_start): + node = create_node_and_not_start + req = build_revoc_def_by_default + req['operation'][CRED_DEF_ID] = ":".join(3*[randomString(10)]) + req_handler = node.getDomainReqHandler() + with pytest.raises(InvalidClientRequest, match="Format of {} field is not acceptable".format(CRED_DEF_ID)): + req_handler.validate(Request(**req))