fed-sx-m1: Step 6b-sig — pipeline:stage_signature/1,/2 (factory + direct) + 11 tests
Some checks failed
Test, Build, and Deploy / test-build-deploy (push) Failing after 26s
Some checks failed
Test, Build, and Deploy / test-build-deploy (push) Failing after 26s
This commit is contained in:
@@ -2,7 +2,8 @@
|
||||
-export([run_stages/2,
|
||||
validate_inbound/1, validate_outbound/1,
|
||||
inbound_stages/0, outbound_stages/0,
|
||||
stage_envelope/1]).
|
||||
stage_envelope/1,
|
||||
stage_signature/1, stage_signature/2]).
|
||||
|
||||
%% Validation pipeline per design §14.
|
||||
%%
|
||||
@@ -47,3 +48,17 @@ outbound_stages() ->
|
||||
%% that, so delegation is direct.
|
||||
stage_envelope(Activity) ->
|
||||
envelope:validate_shape(Activity).
|
||||
|
||||
%% stage_signature/2 — direct (Activity, ActorState) check. Wraps
|
||||
%% envelope:verify_signature/2 from Step 2c. Useful for tests and
|
||||
%% for callers that already have ActorState in scope.
|
||||
stage_signature(Activity, ActorState) ->
|
||||
envelope:verify_signature(Activity, ActorState).
|
||||
|
||||
%% stage_signature/1 — factory: takes the ActorState and returns a
|
||||
%% 1-arity stage fun the pipeline driver can fold. This is how
|
||||
%% signature checking gets composed into a stage list at runtime
|
||||
%% (the static `inbound_stages/0` list omits it precisely because
|
||||
%% ActorState isn't available at static-list build time).
|
||||
stage_signature(ActorState) ->
|
||||
fun (Activity) -> envelope:verify_signature(Activity, ActorState) end.
|
||||
|
||||
122
next/tests/pipeline_signature.sh
Executable file
122
next/tests/pipeline_signature.sh
Executable file
@@ -0,0 +1,122 @@
|
||||
#!/usr/bin/env bash
|
||||
# next/tests/pipeline_signature.sh — Step 6b-sig acceptance test.
|
||||
#
|
||||
# Exercises pipeline:stage_signature/2 (direct) and stage_signature/1
|
||||
# (factory). The factory returns a 1-arity stage fun bound to the
|
||||
# given actor-state so it can be folded into a stage list by the
|
||||
# pipeline driver alongside stage_envelope. 10 cases.
|
||||
|
||||
set -uo pipefail
|
||||
cd "$(git rev-parse --show-toplevel)"
|
||||
|
||||
SX_SERVER="${SX_SERVER:-hosts/ocaml/_build/default/bin/sx_server.exe}"
|
||||
if [ ! -x "$SX_SERVER" ]; then
|
||||
SX_SERVER="/root/rose-ash/hosts/ocaml/_build/default/bin/sx_server.exe"
|
||||
fi
|
||||
if [ ! -x "$SX_SERVER" ]; then
|
||||
echo "ERROR: sx_server.exe not found." >&2
|
||||
exit 1
|
||||
fi
|
||||
|
||||
VERBOSE="${1:-}"
|
||||
PASS=0; FAIL=0; ERRORS=""
|
||||
TMPFILE=$(mktemp); trap "rm -f $TMPFILE" EXIT
|
||||
|
||||
# Shared Erlang prelude builds a valid signed envelope + actor
|
||||
# state — same shape as next/tests/envelope_sig.sh from Step 2c.
|
||||
PRELUDE='KM = <<1,2,3,4>>, U = [{actor,alice},{id,1},{published,100},{type,create}], CB = envelope:canonical_bytes(U), Sig = crypto:hash(sha256, <<KM/binary, CB/binary>>), Env = [{actor,alice},{id,1},{published,100},{type,create},{signature,[{algorithm,ed25519},{key_id,k1},{value,Sig}]}], AS = [{public_keys, [[{id,k1},{created,50},{value,KM}]]}],'
|
||||
|
||||
cat > "$TMPFILE" <<EPOCHS
|
||||
(epoch 1)
|
||||
(load "lib/erlang/tokenizer.sx")
|
||||
(load "lib/erlang/parser.sx")
|
||||
(load "lib/erlang/parser-core.sx")
|
||||
(load "lib/erlang/parser-expr.sx")
|
||||
(load "lib/erlang/parser-module.sx")
|
||||
(load "lib/erlang/transpile.sx")
|
||||
(load "lib/erlang/runtime.sx")
|
||||
(load "lib/erlang/vm/dispatcher.sx")
|
||||
|
||||
(epoch 2)
|
||||
(eval "(get (erlang-load-module (file-read \"next/kernel/envelope.erl\")) :name)")
|
||||
(epoch 3)
|
||||
(eval "(get (erlang-load-module (file-read \"next/kernel/pipeline.erl\")) :name)")
|
||||
|
||||
;; Direct 2-arity stage_signature on a valid signed envelope returns ok
|
||||
(epoch 10)
|
||||
(eval "(get (erlang-eval-ast \"${PRELUDE} pipeline:stage_signature(Env, AS) =:= ok\") :name)")
|
||||
|
||||
;; Tampered envelope returns the proper error tag
|
||||
(epoch 11)
|
||||
(eval "(get (erlang-eval-ast \"${PRELUDE} Tampered = [{actor,alice},{id,999},{published,100},{type,create},{signature,[{algorithm,ed25519},{key_id,k1},{value,Sig}]}], pipeline:stage_signature(Tampered, AS) =:= {error,bad_signature}\") :name)")
|
||||
|
||||
;; Missing signature -> no_signature
|
||||
(epoch 12)
|
||||
(eval "(get (erlang-eval-ast \"${PRELUDE} pipeline:stage_signature(U, AS) =:= {error,no_signature}\") :name)")
|
||||
|
||||
;; stage_signature/1 returns a function
|
||||
(epoch 13)
|
||||
(eval "(get (erlang-eval-ast \"is_function(pipeline:stage_signature([{public_keys, []}]))\") :name)")
|
||||
|
||||
;; stage_signature/1 factory: built stage returns ok on valid input
|
||||
(epoch 14)
|
||||
(eval "(get (erlang-eval-ast \"${PRELUDE} Stage = pipeline:stage_signature(AS), Stage(Env) =:= ok\") :name)")
|
||||
|
||||
;; stage_signature/1 factory: built stage returns error on tampered input
|
||||
(epoch 15)
|
||||
(eval "(get (erlang-eval-ast \"${PRELUDE} Stage = pipeline:stage_signature(AS), Tampered = [{actor,alice},{id,999},{published,100},{type,create},{signature,[{algorithm,ed25519},{key_id,k1},{value,Sig}]}], Stage(Tampered) =:= {error,bad_signature}\") :name)")
|
||||
|
||||
;; Composable: envelope + signature stages folded together via run_stages
|
||||
(epoch 16)
|
||||
(eval "(get (erlang-eval-ast \"${PRELUDE} Stages = [fun (A) -> pipeline:stage_envelope(A) end, pipeline:stage_signature(AS)], pipeline:run_stages(Env, Stages) =:= ok\") :name)")
|
||||
|
||||
;; Composable + halt: envelope stage fails first, signature never runs
|
||||
(epoch 17)
|
||||
(eval "(get (erlang-eval-ast \"${PRELUDE} BadShape = [{type,create}], Stages = [fun (A) -> pipeline:stage_envelope(A) end, pipeline:stage_signature(AS)], case pipeline:run_stages(BadShape, Stages) of {error, {missing_field, _}} -> ok; _ -> bad end\") :name)")
|
||||
|
||||
;; Composable + halt: envelope OK, signature fails -> sig error surfaces
|
||||
(epoch 18)
|
||||
(eval "(get (erlang-eval-ast \"${PRELUDE} Tampered = [{actor,alice},{id,999},{published,100},{type,create},{signature,[{algorithm,ed25519},{key_id,k1},{value,Sig}]}], Stages = [fun (A) -> pipeline:stage_envelope(A) end, pipeline:stage_signature(AS)], pipeline:run_stages(Tampered, Stages) =:= {error,bad_signature}\") :name)")
|
||||
EPOCHS
|
||||
|
||||
OUTPUT=$(timeout 180 "$SX_SERVER" < "$TMPFILE" 2>/dev/null)
|
||||
|
||||
check() {
|
||||
local epoch="$1" desc="$2" expected="$3"
|
||||
local actual
|
||||
actual=$(echo "$OUTPUT" | awk -v e="$epoch" '
|
||||
$0 ~ "^\\(ok-len " e " " { getline; print; exit }
|
||||
$0 ~ "^\\(ok " e " " { print; exit }
|
||||
$0 ~ "^\\(error " e " " { print; exit }
|
||||
')
|
||||
[ -z "$actual" ] && actual="<no output for epoch $epoch>"
|
||||
if echo "$actual" | grep -qF -- "$expected"; then
|
||||
PASS=$((PASS+1))
|
||||
[ "$VERBOSE" = "-v" ] && echo " ok $desc"
|
||||
else
|
||||
FAIL=$((FAIL+1))
|
||||
ERRORS+=" FAIL [$desc] (epoch $epoch) expected: $expected | actual: $actual
|
||||
"
|
||||
fi
|
||||
}
|
||||
|
||||
check 2 "envelope module loaded" "envelope"
|
||||
check 3 "pipeline module loaded" "pipeline"
|
||||
check 10 "stage_signature/2 valid -> ok" "true"
|
||||
check 11 "stage_signature/2 tampered" "true"
|
||||
check 12 "stage_signature/2 no sig" "true"
|
||||
check 13 "stage_signature/1 returns fun" "true"
|
||||
check 14 "factory stage valid -> ok" "true"
|
||||
check 15 "factory stage tampered" "true"
|
||||
check 16 "envelope+sig composed ok" "true"
|
||||
check 17 "halt on envelope before sig" "ok"
|
||||
check 18 "sig error after envelope ok" "true"
|
||||
|
||||
TOTAL=$((PASS+FAIL))
|
||||
if [ $FAIL -eq 0 ]; then
|
||||
echo "ok $PASS/$TOTAL next/tests/pipeline_signature.sh passed"
|
||||
else
|
||||
echo "FAIL $PASS/$TOTAL passed, $FAIL failed:"
|
||||
echo "$ERRORS"
|
||||
fi
|
||||
[ $FAIL -eq 0 ]
|
||||
Reference in New Issue
Block a user