-
Notifications
You must be signed in to change notification settings - Fork 106
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
Sort signatures by keys IDs for deterministic signature order (#155)
* Sort signatures by key ID * Improve slice comparison * Fix assert comment * Remove sortStrings test helper * Add test for Signer sort * Sort keys before usage * Revert "Sort keys before usage" This reverts commit 88d9340. * Rename to getSortedSigningKeys * Check sort in a different way
- Loading branch information
1 parent
7ba0400
commit 5908a16
Showing
14 changed files
with
225 additions
and
39 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -1,2 +1,3 @@ | ||
| .DS_Store | ||
| cmd/tuf/tuf | ||
| cmd/tuf-client/tuf-client |
8 changes: 4 additions & 4 deletions
8
client/testdata/go-tuf/consistent-snapshot-false/1/repository/2.root.json
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
8 changes: 4 additions & 4 deletions
8
client/testdata/go-tuf/consistent-snapshot-false/1/repository/root.json
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
8 changes: 4 additions & 4 deletions
8
client/testdata/go-tuf/consistent-snapshot-true/1/repository/2.root.json
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
8 changes: 4 additions & 4 deletions
8
client/testdata/go-tuf/consistent-snapshot-true/1/repository/root.json
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,49 @@ | ||
| package signer | ||
|
|
||
| import ( | ||
| "sort" | ||
|
|
||
| "github.com/theupdateframework/go-tuf/pkg/keys" | ||
| ) | ||
|
|
||
| // ByIDs implements sort.Interface for []keys.Signer based on | ||
| // the sorted public IDs() for each Signer. This facilitates | ||
| // deterministic order of signatures, which prevents tests | ||
| // that use fixtures from being flaky. | ||
| type ByIDs []keys.Signer | ||
|
|
||
| func (b ByIDs) Len() int { | ||
| return len(b) | ||
| } | ||
|
|
||
| func (b ByIDs) Swap(i, j int) { | ||
| b[i], b[j] = b[j], b[i] | ||
| } | ||
|
|
||
| func (b ByIDs) Less(i, j int) bool { | ||
| ids := b[i].PublicData().IDs() | ||
| iIDs := make([]string, len(ids)) | ||
| copy(iIDs, ids) | ||
| sort.Strings(iIDs) | ||
|
|
||
| ids = b[j].PublicData().IDs() | ||
| jIDs := make([]string, len(ids)) | ||
| copy(jIDs, ids) | ||
| sort.Strings(jIDs) | ||
|
|
||
| minLen := len(iIDs) | ||
| if len(jIDs) < minLen { | ||
| minLen = len(jIDs) | ||
| } | ||
|
|
||
| // Compare iIDs[:minLen] to jIDs[:minLen] element-wise. | ||
| for c := 0; c < minLen; c++ { | ||
| if iIDs[c] == jIDs[c] { | ||
| continue | ||
| } | ||
| return iIDs[c] < jIDs[c] | ||
| } | ||
|
|
||
| // iIDs[:minLen] is equal to jIDs[:minLen], so sort based on length. | ||
| return len(iIDs) < len(jIDs) | ||
| } |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,76 @@ | ||
| package signer_test | ||
|
|
||
| import ( | ||
| "encoding/json" | ||
| "sort" | ||
| "testing" | ||
|
|
||
| "github.com/theupdateframework/go-tuf/data" | ||
| "github.com/theupdateframework/go-tuf/internal/signer" | ||
| "github.com/theupdateframework/go-tuf/pkg/keys" | ||
| ) | ||
|
|
||
| type mockSigner struct { | ||
| value json.RawMessage | ||
| } | ||
|
|
||
| func (s *mockSigner) MarshalPrivateKey() (*data.PrivateKey, error) { | ||
| panic("not implemented") | ||
| return nil, nil | ||
| } | ||
|
|
||
| func (s *mockSigner) UnmarshalPrivateKey(key *data.PrivateKey) error { | ||
| panic("not implemented") | ||
| return nil | ||
| } | ||
|
|
||
| func (s *mockSigner) PublicData() *data.PublicKey { | ||
| return &data.PublicKey{ | ||
| Type: "mock", | ||
| Scheme: "mock", | ||
| Algorithms: []string{"mock"}, | ||
| Value: s.value, | ||
| } | ||
| } | ||
| func (s *mockSigner) SignMessage(message []byte) ([]byte, error) { | ||
| panic("not implemented") | ||
| return nil, nil | ||
| } | ||
|
|
||
| func TestSignerSortByIDs(t *testing.T) { | ||
| s1 := &mockSigner{ | ||
| value: json.RawMessage(`{"mock": 1}`), | ||
| } | ||
| s2 := &mockSigner{ | ||
| value: json.RawMessage(`{"mock": 2}`), | ||
| } | ||
| s3 := &mockSigner{ | ||
| value: json.RawMessage(`{"mock": 3}`), | ||
| } | ||
| s4 := &mockSigner{ | ||
| value: json.RawMessage(`{"mock": 4}`), | ||
| } | ||
| s5 := &mockSigner{ | ||
| value: json.RawMessage(`{"mock": 5}`), | ||
| } | ||
|
|
||
| s := []keys.Signer{ | ||
| s1, s2, s3, s4, s5, | ||
| } | ||
|
|
||
| sort.Sort(signer.ByIDs(s)) | ||
|
|
||
| signerIDs := []string{} | ||
|
|
||
| for i, signer := range s { | ||
| ids := signer.PublicData().IDs() | ||
| if len(ids) != 1 { | ||
| t.Errorf("Signer %v IDs %v should have length 1", i, ids) | ||
| } | ||
| signerIDs = append(signerIDs, ids[0]) | ||
| } | ||
|
|
||
| if !sort.StringsAreSorted(signerIDs) { | ||
| t.Errorf("Signers incorrectly sorted: %+v", signerIDs) | ||
| } | ||
| } |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Oops, something went wrong.