mirror of https://codeberg.org/pzp/pzp-db.git
89 lines
2.8 KiB
JavaScript
89 lines
2.8 KiB
JavaScript
const test = require('node:test')
|
|
const assert = require('node:assert')
|
|
const path = require('node:path')
|
|
const p = require('node:util').promisify
|
|
const os = require('node:os')
|
|
const rimraf = require('rimraf')
|
|
const Keypair = require('pzp-keypair')
|
|
const { createPeer } = require('./util')
|
|
const MsgV4 = require('../lib/msg-v4')
|
|
|
|
const DIR = path.join(os.tmpdir(), 'pzp-db-sigkeys')
|
|
const DIR2 = path.join(os.tmpdir(), 'pzp-db-sigkeys2')
|
|
rimraf.sync(DIR)
|
|
rimraf.sync(DIR2)
|
|
|
|
test('sigkeys', async (t) => {
|
|
await t.test(
|
|
"Can't add msg that is signed by key newer than what accountTips points to",
|
|
async () => {
|
|
const keypair1 = Keypair.generate('ed25519', 'alice')
|
|
const keypair2 = Keypair.generate('ed25519', 'alice2')
|
|
const keypairOther = Keypair.generate('ed25519', 'bob')
|
|
|
|
const peer = createPeer({ keypair: keypair1, path: DIR })
|
|
const peerOther = createPeer({ keypair: keypairOther, path: DIR2 })
|
|
|
|
await peer.db.loaded()
|
|
await peerOther.db.loaded()
|
|
|
|
const account = await p(peer.db.account.create)({
|
|
keypair: keypair1,
|
|
subdomain: 'person',
|
|
})
|
|
const accountMsg0 = await p(peer.db.get)(account)
|
|
|
|
const consent = peer.db.account.consent({ account, keypair: keypair2 })
|
|
|
|
const accountRec1 = await p(peer.db.account.add)({
|
|
account,
|
|
keypair: keypair2,
|
|
consent,
|
|
powers: ['external-encryption'],
|
|
})
|
|
|
|
const goodRec = await p(peer.db.feed.publish)({
|
|
account,
|
|
domain: 'post',
|
|
data: { text: 'potatoGood' },
|
|
keypair: keypair2,
|
|
})
|
|
|
|
const postMootId = peer.db.feed.getID(account, 'post')
|
|
const postMootMsg = await p(peer.db.get)(postMootId)
|
|
|
|
const tangle = new MsgV4.Tangle(postMootId)
|
|
tangle.add(postMootId, postMootMsg)
|
|
tangle.add(goodRec.id, goodRec.msg)
|
|
const badMsg = MsgV4.create({
|
|
account,
|
|
accountTips: [account], // intentionally excluding keypair2
|
|
domain: 'post',
|
|
keypair: keypair2, // intentionally using newer key than accountTips points to
|
|
tangles: {
|
|
[postMootId]: tangle,
|
|
},
|
|
data: { text: 'potato' },
|
|
})
|
|
await assert.rejects(
|
|
p(peer.db.add)(badMsg, postMootId),
|
|
/add\(\) failed to verify msg/,
|
|
"Shouldn't be able to add() own bad msg"
|
|
)
|
|
|
|
await p(peerOther.db.add)(accountMsg0, account)
|
|
await p(peerOther.db.add)(accountRec1.msg, account)
|
|
await p(peerOther.db.add)(postMootMsg, postMootId)
|
|
await p(peerOther.db.add)(goodRec.msg, postMootId)
|
|
await assert.rejects(
|
|
p(peerOther.db.add)(badMsg, postMootId),
|
|
/add\(\) failed to verify msg/,
|
|
"Shouldn't be able to add() someone else's bad msg"
|
|
)
|
|
|
|
await p(peer.close)()
|
|
await p(peerOther.close)()
|
|
}
|
|
)
|
|
})
|