Act kvs merge (#22)

* grantee container and access logc tests are passed * refactored access logic and grantee container * PR 19 comments resolving * Refactor * Refactor * working manifest ACT with basic tests * (refactor:) Refactor act_test * (refactor:) Refactor kvs -> kvs.manifest, kvs.memory * (refactror:) kvs * refactor kvs contsructors --------- Co-authored-by: Roland Seres <[email protected]> Co-authored-by: Bálint Ujvári <[email protected]> Co-authored-by: Ferenc Sárai <[email protected]>
Solar-Punk-Ltd · Jun 6, 2024 · 56430a5 · 56430a5
1 parent a244177
commit 56430a5
Show file tree

Hide file tree

Showing 14 changed files with 388 additions and 184 deletions.
diff --git a/pkg/dynamicaccess/accesslogic.go b/pkg/dynamicaccess/accesslogic.go
@@ -14,57 +14,56 @@ var hashFunc = sha3.NewLegacyKeccak256
 // Logic has the responsibility to return a ref for a given grantee and create new encrypted reference for a grantee
 type Logic interface {
 	// Adds a new grantee to the ACT
-	AddNewGranteeToContent(act Act, publisherPubKey, granteePubKey *ecdsa.PublicKey) (Act, error)
-	// Get will return a decrypted reference, for given encrypted reference and grantee !!!!!!!!!!!!!!!!!!!!!
-	Get(act Act, encryped_ref swarm.Address, publisher *ecdsa.PublicKey) (swarm.Address, error)
+	AddNewGranteeToContent(rootHash swarm.Address, publisherPubKey, granteePubKey *ecdsa.PublicKey) (swarm.Address, error)
+	// Get will return a decrypted reference, for given encrypted reference and grantee
+	Get(rootHash swarm.Address, encryped_ref swarm.Address, publisher *ecdsa.PublicKey) (swarm.Address, error)
 }
 
 type ActLogic struct {
 	session Session
+	act     Act
 }
 
 var _ Logic = (*ActLogic)(nil)
 
 // Adds a new publisher to an empty act
-func (al ActLogic) AddPublisher(act Act, publisher *ecdsa.PublicKey) (Act, error) {
+func (al ActLogic) AddPublisher(rootHash swarm.Address, publisher *ecdsa.PublicKey) (swarm.Address, error) {
 	accessKey := encryption.GenerateRandomKey(encryption.KeyLength)
 
 	keys, err := al.getKeys(publisher)
 	if err != nil {
-		return nil, err
+		return swarm.EmptyAddress, err
 	}
 	lookupKey := keys[0]
 	accessKeyEncryptionKey := keys[1]
 
 	accessKeyCipher := encryption.New(encryption.Key(accessKeyEncryptionKey), 0, uint32(0), hashFunc)
 	encryptedAccessKey, err := accessKeyCipher.Encrypt([]byte(accessKey))
 	if err != nil {
-		return nil, err
+		return swarm.EmptyAddress, err
 	}
 
-	act.Add(lookupKey, encryptedAccessKey)
-
-	return act, nil
+	return al.act.Add(rootHash, lookupKey, encryptedAccessKey)
 }
 
 // Encrypts a SWARM reference for a publisher
-func (al ActLogic) EncryptRef(act Act, publisherPubKey *ecdsa.PublicKey, ref swarm.Address) (swarm.Address, error) {
-	accessKey := al.getAccessKey(act, publisherPubKey)
+func (al ActLogic) EncryptRef(rootHash swarm.Address, publisherPubKey *ecdsa.PublicKey, ref swarm.Address) (swarm.Address, error) {
+	accessKey := al.getAccessKey(rootHash, publisherPubKey)
 	refCipher := encryption.New(accessKey, 0, uint32(0), hashFunc)
 	encryptedRef, _ := refCipher.Encrypt(ref.Bytes())
 
 	return swarm.NewAddress(encryptedRef), nil
 }
 
 // Adds a new grantee to the ACT
-func (al ActLogic) AddNewGranteeToContent(act Act, publisherPubKey, granteePubKey *ecdsa.PublicKey) (Act, error) {
+func (al ActLogic) AddNewGranteeToContent(rootHash swarm.Address, publisherPubKey, granteePubKey *ecdsa.PublicKey) (swarm.Address, error) {
 	// Get previously generated access key
-	accessKey := al.getAccessKey(act, publisherPubKey)
+	accessKey := al.getAccessKey(rootHash, publisherPubKey)
 
 	// Encrypt the access key for the new Grantee
 	keys, err := al.getKeys(granteePubKey)
 	if err != nil {
-		return nil, err
+		return swarm.EmptyAddress, err
 	}
 	lookupKey := keys[0]
 	accessKeyEncryptionKey := keys[1]
@@ -73,18 +72,16 @@ func (al ActLogic) AddNewGranteeToContent(act Act, publisherPubKey, granteePubKe
 	cipher := encryption.New(encryption.Key(accessKeyEncryptionKey), 0, uint32(0), hashFunc)
 	granteeEncryptedAccessKey, err := cipher.Encrypt(accessKey)
 	if err != nil {
-		return nil, err
+		return swarm.EmptyAddress, err
 	}
 
 	// Add the new encrypted access key for the Act
-	act.Add(lookupKey, granteeEncryptedAccessKey)
-
-	return act, nil
+	return al.act.Add(rootHash, lookupKey, granteeEncryptedAccessKey)
 
 }
 
 // Will return the access key for a publisher (public key)
-func (al *ActLogic) getAccessKey(act Act, publisherPubKey *ecdsa.PublicKey) []byte {
+func (al *ActLogic) getAccessKey(rootHash swarm.Address, publisherPubKey *ecdsa.PublicKey) []byte {
 	keys, err := al.getKeys(publisherPubKey)
 	if err != nil {
 		return nil
@@ -93,7 +90,7 @@ func (al *ActLogic) getAccessKey(act Act, publisherPubKey *ecdsa.PublicKey) []by
 	publisherAKDecryptionKey := keys[1]
 
 	accessKeyDecryptionCipher := encryption.New(encryption.Key(publisherAKDecryptionKey), 0, uint32(0), hashFunc)
-	encryptedAK, err := al.getEncryptedAccessKey(act, publisherLookupKey)
+	encryptedAK, err := al.getEncryptedAccessKey(rootHash, publisherLookupKey)
 	if err != nil {
 		return nil
 	}
@@ -119,16 +116,16 @@ func (al *ActLogic) getKeys(publicKey *ecdsa.PublicKey) ([][]byte, error) {
 }
 
 // Gets the encrypted access key for a given grantee
-func (al *ActLogic) getEncryptedAccessKey(act Act, lookup_key []byte) ([]byte, error) {
-	val, err := act.Lookup(lookup_key)
+func (al *ActLogic) getEncryptedAccessKey(rootHash swarm.Address, lookup_key []byte) ([]byte, error) {
+	val, err := al.act.Lookup(rootHash, lookup_key)
 	if err != nil {
 		return nil, err
 	}
 	return val, nil
 }
 
 // Get will return a decrypted reference, for given encrypted reference and grantee
-func (al ActLogic) Get(act Act, encryped_ref swarm.Address, grantee *ecdsa.PublicKey) (swarm.Address, error) {
+func (al ActLogic) Get(rootHash swarm.Address, encryped_ref swarm.Address, grantee *ecdsa.PublicKey) (swarm.Address, error) {
 	if encryped_ref.Compare(swarm.EmptyAddress) == 0 {
 		return swarm.EmptyAddress, fmt.Errorf("encrypted ref not provided")
 	}
@@ -144,7 +141,7 @@ func (al ActLogic) Get(act Act, encryped_ref swarm.Address, grantee *ecdsa.Publi
 	accessKeyDecryptionKey := keys[1]
 
 	// Lookup encrypted access key from the ACT manifest
-	encryptedAccessKey, err := al.getEncryptedAccessKey(act, lookupKey)
+	encryptedAccessKey, err := al.getEncryptedAccessKey(rootHash, lookupKey)
 	if err != nil {
 		return swarm.EmptyAddress, err
 	}
@@ -166,8 +163,9 @@ func (al ActLogic) Get(act Act, encryped_ref swarm.Address, grantee *ecdsa.Publi
 	return swarm.NewAddress(ref), nil
 }
 
-func NewLogic(s Session) ActLogic {
+func NewLogic(s Session, act Act) ActLogic {
 	return ActLogic{
 		session: s,
+		act:     act,
 	}
-}
+}
diff --git a/pkg/dynamicaccess/accesslogic_test.go b/pkg/dynamicaccess/accesslogic_test.go
@@ -8,14 +8,15 @@ import (
 	"testing"
 
 	"github.com/ethersphere/bee/pkg/dynamicaccess"
+	mockstorer "github.com/ethersphere/bee/pkg/storer/mock"
 	"github.com/ethersphere/bee/pkg/swarm"
 )
 
 // Generates a new test environment with a fix private key
-func setupAccessLogic2() dynamicaccess.ActLogic {
+func setupAccessLogic2(act dynamicaccess.Act) dynamicaccess.ActLogic {
 	privateKey := generateFixPrivateKey(1000)
 	diffieHellman := dynamicaccess.NewDefaultSession(&privateKey)
-	al := dynamicaccess.NewLogic(diffieHellman)
+	al := dynamicaccess.NewLogic(diffieHellman, act)
 
 	return al
 }
@@ -39,11 +40,11 @@ func generateFixPrivateKey(input int64) ecdsa.PrivateKey {
 }
 
 func TestGet_Success(t *testing.T) {
-	al := setupAccessLogic2()
 	id0 := generateFixPrivateKey(0)
-
-	act := dynamicaccess.NewInMemoryAct()
-	act, err := al.AddPublisher(act, &id0.PublicKey)
+	var mockStorer = mockstorer.New()
+	act := dynamicaccess.NewInManifestAct(mockStorer)
+	al := setupAccessLogic2(act)
+	ref, err := al.AddPublisher(swarm.EmptyAddress, &id0.PublicKey)
 	if err != nil {
 		t.Errorf("AddPublisher: expected no error, got %v", err)
 	}
@@ -53,72 +54,76 @@ func TestGet_Success(t *testing.T) {
 	expectedRef := swarm.NewAddress(byteRef)
 	t.Logf("encryptedRef: %s", expectedRef.String())
 
-	encryptedRef, err := al.EncryptRef(act, &id0.PublicKey, expectedRef)
+	encryptedRef, err := al.EncryptRef(ref, &id0.PublicKey, expectedRef)
 	t.Logf("encryptedRef: %s", encryptedRef.String())
 	if err != nil {
 		t.Errorf("There was an error while calling EncryptRef: ")
 		t.Error(err)
 	}
 
-	ref, err := al.Get(act, encryptedRef, &id0.PublicKey)
+	acutalRef, err := al.Get(ref, encryptedRef, &id0.PublicKey)
 	if err != nil {
 		t.Errorf("There was an error while calling Get: ")
 		t.Error(err)
 	}
 
-	if expectedRef.Compare(ref) != 0  {
+	if expectedRef.Compare(acutalRef) != 0 {
 
 		t.Errorf("Get gave back wrong Swarm reference!")
 	}
 }
 
 // This test function tests those cases where different parameters are missing
 func TestGet_Error(t *testing.T) {
-	al := setupAccessLogic2()
 	id0 := generateFixPrivateKey(0)
 
 	act := dynamicaccess.NewInMemoryAct()
-	act, err := al.AddPublisher(act, &id0.PublicKey)
+	al := setupAccessLogic2(act)
+	ref, err := al.AddPublisher(swarm.EmptyAddress, &id0.PublicKey)
 	if err != nil {
 		t.Errorf("AddPublisher: expected no error, got %v", err)
 	}
 
 	expectedRef := "39a5ea87b141fe44aa609c3327ecd896c0e2122897f5f4bbacf74db1033c5559"
 
-	encryptedRef, _ := al.EncryptRef(act, &id0.PublicKey, swarm.NewAddress([]byte(expectedRef)))
+	encryptedRef, _ := al.EncryptRef(ref, &id0.PublicKey, swarm.NewAddress([]byte(expectedRef)))
 
-	_, err = al.Get(dynamicaccess.NewInMemoryAct(), encryptedRef, &id0.PublicKey)
+	r, err := al.Get(swarm.RandAddress(t), encryptedRef, &id0.PublicKey)
 	if err == nil {
+		t.Logf("r: %s", r.String())
 		t.Errorf("Get should give back encrypted access key not found error!")
 	}
 
-	refTwo, _ := al.Get(act, swarm.EmptyAddress, &id0.PublicKey)
+	refTwo, _ := al.Get(swarm.RandAddress(t), swarm.EmptyAddress, &id0.PublicKey)
 	if swarm.EmptyAddress.Compare(refTwo) != 0 {
 		t.Errorf("Get should give back empty string if encrypted ref not provided!")
 	}
 
-	_, err = al.Get(act, encryptedRef, nil)
+	_, err = al.Get(swarm.RandAddress(t), encryptedRef, nil)
 	if err == nil {
 		t.Errorf("Get should give back error if grantee not provided!")
 	}
 }
 
 func TestAddPublisher(t *testing.T) {
-	al := setupAccessLogic2()
 	id0 := generateFixPrivateKey(0)
 	savedLookupKey := "bc36789e7a1e281436464229828f817d6612f7b477d66591ff96a9e064bcc98a"
 	act := dynamicaccess.NewInMemoryAct()
-	act, err := al.AddPublisher(act, &id0.PublicKey)
+	al := setupAccessLogic2(act)
+	ref, err := al.AddPublisher(swarm.EmptyAddress, &id0.PublicKey)
 	if err != nil {
 		t.Errorf("AddPublisher: expected no error, got %v", err)
 	}
 
 	decodedSavedLookupKey, err := hex.DecodeString(savedLookupKey)
 	if err != nil {
-		t.Errorf("AddPublisher: expected no error, got %v", err)
+		t.Errorf("DecodeString: expected no error, got %v", err)
 	}
 
-	encryptedAccessKey, _ := act.Lookup(decodedSavedLookupKey)
+	encryptedAccessKey, err := act.Lookup(ref, decodedSavedLookupKey)
+	if err != nil {
+		t.Errorf("Lookup: expected no error, got %v", err)
+	}
 	decodedEncryptedAccessKey := hex.EncodeToString(encryptedAccessKey)
 
 	// A random value is returned so it is only possibly to check the length of the returned value
@@ -132,7 +137,6 @@ func TestAddPublisher(t *testing.T) {
 }
 
 func TestAdd_New_Grantee_To_Content(t *testing.T) {
-	al := setupAccessLogic2()
 
 	id0 := generateFixPrivateKey(0)
 	id1 := generateFixPrivateKey(1)
@@ -143,17 +147,18 @@ func TestAdd_New_Grantee_To_Content(t *testing.T) {
 	secondAddedGranteeLookupKey := "8fe8dff7cd15a6a0095c1b25071a5691e7c901fd0b95857a96c0e4659b48716a"
 
 	act := dynamicaccess.NewInMemoryAct()
-	act, err := al.AddPublisher(act, &id0.PublicKey)
-	 if err != nil {
+	al := setupAccessLogic2(act)
+	ref, err := al.AddPublisher(swarm.EmptyAddress, &id0.PublicKey)
+	if err != nil {
 		t.Errorf("AddNewGrantee: expected no error, got %v", err)
 	}
 
-	act, err = al.AddNewGranteeToContent(act, &id0.PublicKey, &id1.PublicKey)
+	ref, err = al.AddNewGranteeToContent(ref, &id0.PublicKey, &id1.PublicKey)
 	if err != nil {
 		t.Errorf("AddNewGrantee: expected no error, got %v", err)
 	}
 
-	act, err = al.AddNewGranteeToContent(act, &id0.PublicKey, &id2.PublicKey)
+	ref, err = al.AddNewGranteeToContent(ref, &id0.PublicKey, &id2.PublicKey)
 	if err != nil {
 		t.Errorf("AddNewGrantee: expected no error, got %v", err)
 	}
@@ -162,7 +167,7 @@ func TestAdd_New_Grantee_To_Content(t *testing.T) {
 	if err != nil {
 		t.Errorf("AddNewGrantee: expected no error, got %v", err)
 	}
-	result, _ := act.Lookup(lookupKeyAsByte)
+	result, _ := act.Lookup(ref, lookupKeyAsByte)
 	hexEncodedEncryptedAK := hex.EncodeToString(result)
 	if len(hexEncodedEncryptedAK) != 64 {
 		t.Errorf("AddNewGrantee: expected encrypted access key length 64, got %d", len(hexEncodedEncryptedAK))
@@ -172,7 +177,7 @@ func TestAdd_New_Grantee_To_Content(t *testing.T) {
 	if err != nil {
 		t.Errorf("AddNewGrantee: expected no error, got %v", err)
 	}
-	result, _ = act.Lookup(lookupKeyAsByte)
+	result, _ = act.Lookup(ref, lookupKeyAsByte)
 	hexEncodedEncryptedAK = hex.EncodeToString(result)
 	if len(hexEncodedEncryptedAK) != 64 {
 		t.Errorf("AddNewGrantee: expected encrypted access key length 64, got %d", len(hexEncodedEncryptedAK))
@@ -182,7 +187,7 @@ func TestAdd_New_Grantee_To_Content(t *testing.T) {
 	if err != nil {
 		t.Errorf("AddNewGrantee: expected no error, got %v", err)
 	}
-	result, _ = act.Lookup(lookupKeyAsByte)
+	result, _ = act.Lookup(ref, lookupKeyAsByte)
 	hexEncodedEncryptedAK = hex.EncodeToString(result)
 	if len(hexEncodedEncryptedAK) != 64 {
 		t.Errorf("AddNewGrantee: expected encrypted access key length 64, got %d", len(hexEncodedEncryptedAK))
@@ -193,22 +198,25 @@ func TestEncryptRef(t *testing.T) {
 	ref := "39a5ea87b141fe44aa609c3327ecd896c0e2122897f5f4bbacf74db1033c5559"
 	savedEncryptedRef := "230cdcfb2e67adddb2822b38f70105213ab3e4f97d03560bfbfbb218f487c5303e9aa9a97e62aa1a8003f162679e7c65e1c8e3aacaec2043fd5d2a4a7d69285e"
 
-	al := setupAccessLogic2()
 	id0 := generateFixPrivateKey(0)
 	act := dynamicaccess.NewInMemoryAct()
+	al := setupAccessLogic2(act)
 	decodedLookupKey, err := hex.DecodeString("bc36789e7a1e281436464229828f817d6612f7b477d66591ff96a9e064bcc98a")
 	if err != nil {
 		t.Errorf("EncryptRef: expected no error, got %v", err)
 	}
 
-	act.Add(decodedLookupKey, []byte("42"))
-
-	encryptedRefValue, err := al.EncryptRef(act, &id0.PublicKey, swarm.NewAddress([]byte(ref)))
+	addRef, err := act.Add(swarm.EmptyAddress, decodedLookupKey, []byte("42"))
+	if err != nil {
+		t.Errorf("Add: expected no error, got %v", err)
+	}
+
+	encryptedRefValue, err := al.EncryptRef(addRef, &id0.PublicKey, swarm.NewAddress([]byte(ref)))
 	if err != nil {
 		t.Errorf("EncryptRef: expected no error, got %v", err)
 	}
 
 	if encryptedRefValue.String() != savedEncryptedRef {
 		t.Errorf("EncryptRef: expected encrypted ref, got empty address")
 	}
-}
+}