Add validator token to config (RIPD-1386)

2025-12-06 17:27:55 +00:00 · 2017-01-18 15:01:50 -08:00
parent 2fcde0e0b6
commit a8cf5e0a5c
29 changed files with 372 additions and 191 deletions
--- a/src/test/app/Manifest_test.cpp
+++ b/src/test/app/Manifest_test.cpp
@@ -227,7 +227,7 @@ public:
                PublicKey emptyLocalKey;
                std::vector<std::string> s1;
                std::vector<std::string> keys;
-                std::vector<std::string> cfgManifest;
+                std::string cfgManifest;
                for (auto const& man : inManifests)
                    s1.push_back (toBase58(
                        TokenType::TOKEN_NODE_PUBLIC, man->masterKey));
@@ -259,7 +259,7 @@ public:
            }
            {
                // load config manifest
-                std::vector<std::string> const badManifest ({"bad manifest"});
+                std::string const badManifest = "bad manifest";

                ManifestCache loaded;
                BEAST_EXPECT(! loaded.load (
@@ -269,9 +269,8 @@ public:
                auto const pk  = derivePublicKey(KeyType::ed25519, sk);
                auto const kp = randomKeyPair(KeyType::secp256k1);

-                std::vector<std::string> const cfgManifest ({
-                    makeManifestString (pk, sk, kp.first, kp.second, 0)
-                });
+                std::string const cfgManifest =
+                    makeManifestString (pk, sk, kp.first, kp.second, 0);

                BEAST_EXPECT(loaded.load (
                    dbCon, "ValidatorManifests", cfgManifest));
@@ -367,6 +366,45 @@ public:
        BEAST_EXPECT(cache.getMasterKey(kp1.first) == kp1.first);
    }

+    void testValidatorToken()
+    {
+        testcase ("validator token");
+
+        {
+            auto const valSecret = parseBase58<SecretKey>(
+                TokenType::TOKEN_NODE_PRIVATE,
+                "paQmjZ37pKKPMrgadBLsuf9ab7Y7EUNzh27LQrZqoexpAs31nJi");
+
+            // Format token string to test trim()
+            std::vector<std::string> const tokenBlob = {
+                "    eyJ2YWxpZGF0aW9uX3NlY3JldF9rZXkiOiI5ZWQ0NWY4NjYyNDFjYzE4YTI3NDdiNT\n",
+                " \tQzODdjMDYyNTkwNzk3MmY0ZTcxOTAyMzFmYWE5Mzc0NTdmYTlkYWY2IiwibWFuaWZl     \n",
+                "\tc3QiOiJKQUFBQUFGeEllMUZ0d21pbXZHdEgyaUNjTUpxQzlnVkZLaWxHZncxL3ZDeE\n",
+                "\t hYWExwbGMyR25NaEFrRTFhZ3FYeEJ3RHdEYklENk9NU1l1TTBGREFscEFnTms4U0tG\t  \t\n",
+                "bjdNTzJmZGtjd1JRSWhBT25ndTlzQUtxWFlvdUorbDJWMFcrc0FPa1ZCK1pSUzZQU2\n",
+                "hsSkFmVXNYZkFpQnNWSkdlc2FhZE9KYy9hQVpva1MxdnltR21WcmxIUEtXWDNZeXd1\n",
+                "NmluOEhBU1FLUHVnQkQ2N2tNYVJGR3ZtcEFUSGxHS0pkdkRGbFdQWXk1QXFEZWRGdj\n",
+                "VUSmEydzBpMjFlcTNNWXl3TFZKWm5GT3I3QzBrdzJBaVR6U0NqSXpkaXRROD0ifQ==\n"
+            };
+
+            auto const manifest =
+                "JAAAAAFxIe1FtwmimvGtH2iCcMJqC9gVFKilGfw1/vCxHXXLplc2GnMhAkE1agqXxBwD"
+                "wDbID6OMSYuM0FDAlpAgNk8SKFn7MO2fdkcwRQIhAOngu9sAKqXYouJ+l2V0W+sAOkVB"
+                "+ZRS6PShlJAfUsXfAiBsVJGesaadOJc/aAZokS1vymGmVrlHPKWX3Yywu6in8HASQKPu"
+                "gBD67kMaRFGvmpATHlGKJdvDFlWPYy5AqDedFv5TJa2w0i21eq3MYywLVJZnFOr7C0kw"
+                "2AiTzSCjIzditQ8=";
+
+            auto const token = ValidatorToken::make_ValidatorToken(tokenBlob);
+            BEAST_EXPECT(token);
+            BEAST_EXPECT(token->validationSecret == *valSecret);
+            BEAST_EXPECT(token->manifest == manifest);
+        }
+        {
+            std::vector<std::string> const badToken = { "bad token" };
+            BEAST_EXPECT(! ValidatorToken::make_ValidatorToken(badToken));
+        }
+    }
+
    void
    run() override
    {
@@ -428,6 +466,7 @@ public:
        testLoadStore (cache);
        testGetSignature ();
        testGetKeys ();
+        testValidatorToken ();
    }
 };

--- a/src/test/app/ValidatorList_test.cpp
+++ b/src/test/app/ValidatorList_test.cpp
@@ -142,9 +142,9 @@ private:
        auto const localMasterPublic = derivePublicKey(
            KeyType::ed25519, localMasterSecret);

-        auto cfgManifest = makeManifestString (
-                localMasterPublic, localMasterSecret,
-                localSigningPublic, localSigningSecret, 1);
+        std::string const cfgManifest (makeManifestString (
+            localMasterPublic, localMasterSecret,
+            localSigningPublic, localSigningSecret, 1));

        auto format = [](
            PublicKey const &publicKey,
@@ -254,6 +254,7 @@ private:
            BEAST_EXPECT(trustedKeys->load (
                *localSigningPublic, cfgKeys, emptyCfgPublishers));

+            BEAST_EXPECT(trustedKeys->localPublicKey() == localSigningPublic);
            BEAST_EXPECT(trustedKeys->listed (*localSigningPublic));
            for (auto const& n : configList)
                BEAST_EXPECT(trustedKeys->listed (n));
@@ -268,6 +269,7 @@ private:
            BEAST_EXPECT(trustedKeys->load (
                localSigningPublic, cfgKeys, emptyCfgPublishers));

+            BEAST_EXPECT(trustedKeys->localPublicKey() == localSigningPublic);
            BEAST_EXPECT(trustedKeys->listed (localSigningPublic));
            for (auto const& n : configList)
                BEAST_EXPECT(trustedKeys->listed (n));
@@ -283,6 +285,7 @@ private:
            BEAST_EXPECT(trustedKeys->load (
                localSigningPublic, cfgKeys, emptyCfgPublishers));

+            BEAST_EXPECT(trustedKeys->localPublicKey() == localMasterPublic);
            BEAST_EXPECT(trustedKeys->listed (localSigningPublic));
            BEAST_EXPECT(trustedKeys->listed (localMasterPublic));
            for (auto const& n : configList)
--- a/src/test/core/Config_test.cpp
+++ b/src/test/core/Config_test.cpp
@@ -474,6 +474,45 @@ port_wss_admin
        }
    }

+    void testValidatorKeys ()
+    {
+        testcase ("validator keys");
+
+        std::string const validationSeed = "spA4sh1qTvwq92X715tYyGQKmAKfa";
+
+        auto const token =
+            "eyJ2YWxpZGF0aW9uX3ByaXZhdGVfa2V5IjoiOWVkNDVmODY2MjQxY2MxOGEyNzQ3Yj"
+            "U0Mzg3YzA2MjU5MDc5NzJmNGU3MTkwMjMxZmFhOTM3NDU3ZmE5ZGFmNiIsIm1hbmlm"
+            "ZXN0IjoiSkFBQUFBRnhJZTFGdHdtaW12R3RIMmlDY01KcUM5Z1ZGS2lsR2Z3MS92Q3"
+            "hIWFhMcGxjMkduTWhBa0UxYWdxWHhCd0R3RGJJRDZPTVNZdU0wRkRBbHBBZ05rOFNL"
+            "Rm43TU8yZmRrY3dSUUloQU9uZ3U5c0FLcVhZb3VKK2wyVjBXK3NBT2tWQitaUlM2UF"
+            "NobEpBZlVzWGZBaUJzVkpHZXNhYWRPSmMvYUFab2tTMXZ5bUdtVnJsSFBLV1gzWXl3"
+            "dTZpbjhIQVNRS1B1Z0JENjdrTWFSRkd2bXBBVEhsR0tKZHZERmxXUFl5NUFxRGVkRn"
+            "Y1VEphMncwaTIxZXEzTVl5d0xWSlpuRk9yN0Mwa3cyQWlUelNDakl6ZGl0UTg9In0=";
+
+        {
+            Config c;
+            static boost::format configTemplate (R"rippleConfig(
+[validation_seed]
+%1%
+
+[validator_token]
+%2%
+)rippleConfig");
+            std::string error;
+            auto const expectedError =
+                "Cannot have both [validation_seed] "
+                "and [validator_token] config sections";
+            try {
+                c.loadFromString (boost::str (
+                    configTemplate % validationSeed % token));
+            } catch (std::runtime_error& e) {
+                error = e.what();
+            }
+            BEAST_EXPECT(error == expectedError);
+        }
+    }
+
    void testValidatorsFile ()
    {
        testcase ("validators_file");
@@ -818,6 +857,7 @@ trustthesevalidators.gov
    {
        testLegacy ();
        testDbPath ();
+        testValidatorKeys ();
        testValidatorsFile ();
        testSetup (false);
        testSetup (true);
--- a/src/test/ledger/View_test.cpp
+++ b/src/test/ledger/View_test.cpp
@@ -24,6 +24,7 @@
 #include <ripple/ledger/OpenView.h>
 #include <ripple/ledger/PaymentSandbox.h>
 #include <ripple/ledger/Sandbox.h>
+#include <ripple/core/ConfigSections.h>
 #include <ripple/protocol/Feature.h>
 #include <type_traits>

@@ -809,12 +810,9 @@ class GetAmendments_test
        setupConfigForUnitTests(*p);

        // If the config has valid validation keys then we run as a validator.
-        auto const seed = parseBase58<Seed>("shUwVw52ofnCUX5m7kPTKzJdr4HEH");
-        if (!seed)
-            Throw<std::runtime_error> ("Invalid seed specified");
-        p->VALIDATION_PRIV = generateSecretKey (KeyType::secp256k1, *seed);
-        p->VALIDATION_PUB =
-            derivePublicKey (KeyType::secp256k1, p->VALIDATION_PRIV);
+        p->section(SECTION_VALIDATION_SEED).append(
+            std::vector<std::string>{"shUwVw52ofnCUX5m7kPTKzJdr4HEH"});
+
        return p;
    }

--- a/src/test/overlay/cluster_test.cpp
+++ b/src/test/overlay/cluster_test.cpp
@@ -22,6 +22,7 @@
 #include <test/jtx/TestSuite.h>
 #include <ripple/overlay/Cluster.h>
 #include <ripple/overlay/ClusterNode.h>
+#include <ripple/protocol/SecretKey.h>

 namespace ripple {
 namespace tests {
--- a/src/test/rpc/ServerInfo_test.cpp
+++ b/src/test/rpc/ServerInfo_test.cpp
@@ -29,18 +29,18 @@ namespace ripple {
 namespace test {

 namespace validator {
-static auto const seed = "ss7t3J9dYentEFgKdPA3q6eyxtrLB";
-static auto const master_key =
-    "nHUYwQk8AyQ8pW9p4SvrWC2hosvaoii9X54uGLDYGBtEFwWFHsJK";
-static auto const signing_key =
-    "n9LHPLA36SBky1YjbaVEApQQ3s9XcpazCgfAG7jsqBb1ugDAosbm";
-// Format manifest string to test trim()
-static auto const manifest =
-    "    JAAAAAFxIe2cDLvm5IqpeGFlMTD98HCqv7+GE54anRD/zbvGNYtOsXMhAuUTyasIhvj2KPfN\n"
-    " \tRbmmIBnqNUzidgkKb244eP794ZpMdkYwRAIgNVq8SYP7js0C/GAGMKVYXiCGUTIL7OKPSBLS     \n"
-    "\t7LTyrL4CIE+s4Tsn/FrrYj0nMEV1Mvf7PMRYCxtEERD3PG/etTJ3cBJAbwWWofHqg9IACoYV\n"
-    "\t +n9ulZHSVRajo55EkZYw0XUXDw8zcI4gD58suOSLZTG/dXtZp17huIyHgxHbR2YeYjQpCw==\t  \t";
-static auto sequence = 1;
+static auto const public_key =
+    "nHBt9fsb4849WmZiCds4r5TXyBeQjqnH5kzPtqgMAQMgi39YZRPa";
+
+static auto const token =
+    "eyJ2YWxpZGF0aW9uX3NlY3JldF9rZXkiOiI5ZWQ0NWY4NjYyNDFjYzE4YTI3NDdiNT\n"
+    "QzODdjMDYyNTkwNzk3MmY0ZTcxOTAyMzFmYWE5Mzc0NTdmYTlkYWY2IiwibWFuaWZl\n"
+    "c3QiOiJKQUFBQUFGeEllMUZ0d21pbXZHdEgyaUNjTUpxQzlnVkZLaWxHZncxL3ZDeE\n"
+    "hYWExwbGMyR25NaEFrRTFhZ3FYeEJ3RHdEYklENk9NU1l1TTBGREFscEFnTms4U0tG\n"
+    "bjdNTzJmZGtjd1JRSWhBT25ndTlzQUtxWFlvdUorbDJWMFcrc0FPa1ZCK1pSUzZQU2\n"
+    "hsSkFmVXNYZkFpQnNWSkdlc2FhZE9KYy9hQVpva1MxdnltR21WcmxIUEtXWDNZeXd1\n"
+    "NmluOEhBU1FLUHVnQkQ2N2tNYVJGR3ZtcEFUSGxHS0pkdkRGbFdQWXk1QXFEZWRGdj\n"
+    "VUSmEydzBpMjFlcTNNWXl3TFZKWm5GT3I3QzBrdzJBaVR6U0NqSXpkaXRROD0ifQ==\n";
 }

 class ServerInfo_test : public beast::unit_test::suite
@@ -52,18 +52,15 @@ public:
    {
        auto p = std::make_unique<Config>();
        boost::format toLoad(R"rippleConfig(
-[validation_manifest]
+[validator_token]
 %1%

-[validation_seed]
-%2%
-
 [validators]
-%3%
+%2%
 )rippleConfig");

        p->loadFromString (boost::str (
-            toLoad % validator::manifest % validator::seed % validator::master_key));
+            toLoad % validator::token % validator::public_key));

        setupConfigForUnitTests(*p);

@@ -88,15 +85,7 @@ public:
            BEAST_EXPECT(result[jss::status] == "success");
            BEAST_EXPECT(result[jss::result].isMember(jss::info));
            BEAST_EXPECT(result[jss::result][jss::info]
-                [jss::pubkey_validator] == validator::signing_key);
-            BEAST_EXPECT(result[jss::result][jss::info].isMember(
-                jss::validation_manifest));
-            BEAST_EXPECT(result[jss::result][jss::info][jss::validation_manifest]
-                [jss::master_key] == validator::master_key);
-            BEAST_EXPECT(result[jss::result][jss::info][jss::validation_manifest]
-                [jss::signing_key] == validator::signing_key);
-            BEAST_EXPECT(result[jss::result][jss::info][jss::validation_manifest]
-                [jss::seq] == validator::sequence);
+                [jss::pubkey_validator] == validator::public_key);
        }
    }

--- a/src/test/rpc/Subscribe_test.cpp
+++ b/src/test/rpc/Subscribe_test.cpp
@@ -18,6 +18,7 @@
 #include <BeastConfig.h>
 #include <ripple/app/misc/LoadFeeTrack.h>
 #include <ripple/app/misc/NetworkOPs.h>
+#include <ripple/core/ConfigSections.h>
 #include <ripple/protocol/JsonFields.h>
 #include <test/jtx/WSClient.h>
 #include <test/jtx.h>
@@ -313,26 +314,14 @@ public:

    static
    std::unique_ptr<Config>
-    makeValidatorConfig(
-        std::string const& valPrivateKey, std::string const& valPublicKey)
+    makeValidatorConfig(std::string const& seed)
    {
        auto p = std::make_unique<Config>();
        setupConfigForUnitTests(*p);

        // If the config has valid validation keys then we run as a validator.
-        auto const sk = parseBase58<SecretKey>(
-            TOKEN_NODE_PRIVATE,
-            valPrivateKey);
-        if (!sk)
-            Throw<std::runtime_error> ("Invalid validation private key");
-        p->VALIDATION_PRIV = *sk;
-
-        auto const pk = parseBase58<PublicKey>(
-            TOKEN_NODE_PUBLIC,
-            valPublicKey);
-        if (!pk)
-            Throw<std::runtime_error> ("Invalid validation public key");
-        p->VALIDATION_PUB = *pk;
+        p->section(SECTION_VALIDATION_SEED).append(
+            std::vector<std::string>{seed});

        return p;
    }
@@ -342,11 +331,10 @@ public:
        using namespace jtx;

        // Public key must be derived from the private key
-        const std::string valPrivateKey =
-            "paEdUCVVCNnv4aYBepid9Xh3NaAr9xWRw2vh351piFJrxQwvExd";
-        const std::string valPublicKey =
-            "n9MvFGjgv1kYkm7bLbb2QUwSqgzrQkYMYHXtrzN8W28Jfp2mVihq";
-        Env env(*this, makeValidatorConfig(valPrivateKey, valPublicKey));
+        std::string const seed = "snpTg5uPtiRG2hE8HHCAF4NzdorKT";
+        std::string const valPublicKey =
+            "n9KCD2WU48u1WG3neBH6vRSinAxoTwrjLbjUAn6Xq6mCe5YrJv2V";
+        Env env(*this, makeValidatorConfig(seed));
        auto wsc = makeWSClient(env.app().config());
        Json::Value stream;