updated new cert for test certs; added a py script gen TestCerts.sol …

…auto
lsd-ucsc · Jun 19, 2024 · 32a2b22 · 32a2b22
1 parent 41037a1
commit 32a2b22
Show file tree

Hide file tree

Showing 7 changed files with 1,221 additions and 402 deletions.
diff --git a/tests/DecentServer/01_DecentServerCert.sol b/tests/DecentServer/01_DecentServerCert.sol
@@ -56,6 +56,7 @@ contract DecentServerCertBasics_proxy {
 
     constructor() {
         m_quoteStatusMap[keccak256("OK")] = true;
+        m_quoteStatusMap[keccak256("GROUP_OUT_OF_DATE")] = true;
         m_quoteStatusMap[keccak256("CONFIGURATION_NEEDED")] = true;
         m_quoteStatusMap[keccak256("SW_HARDENING_NEEDED")] = true;
         m_quoteStatusMap[keccak256("CONFIGURATION_AND_SW_HARDENING_NEEDED")] = true;
@@ -157,6 +158,7 @@ contract DecentServerCertCerts_proxy {
 
     constructor() {
         m_quoteStatusMap[keccak256("OK")] = true;
+        m_quoteStatusMap[keccak256("GROUP_OUT_OF_DATE")] = true;
         m_quoteStatusMap[keccak256("CONFIGURATION_NEEDED")] = true;
         m_quoteStatusMap[keccak256("SW_HARDENING_NEEDED")] = true;
         m_quoteStatusMap[keccak256("CONFIGURATION_AND_SW_HARDENING_NEEDED")] = true;

diff --git a/tests/Ecdsa/01_LibSecp256k1Sha256.sol b/tests/Ecdsa/01_LibSecp256k1Sha256.sol
@@ -141,24 +141,31 @@ contract LibSecp256k1Sha256_proxy {
             certNodes.loadCertNodes(certDer);
 
             address addr = TestCerts.DECENT_SVR_CERT_KEY_ADDR;
+            uint8   v = TestCerts.DECENT_SVR_CERT_SIGN_V;
             bytes32 r = TestCerts.DECENT_SVR_CERT_SIGN_R;
             bytes32 s = TestCerts.DECENT_SVR_CERT_SIGN_S;
 
             bytes memory tbsBytes = certDer.allBytesAt(certNodes.tbs.root);
             bytes32 tbsHash = sha256(tbsBytes);
 
             Assert.equal(
-                ecrecover(tbsHash, 28, r, s),
+                tbsHash,
+                TestCerts.DECENT_SVR_CERT_HASH,
+                "[server cert]tbsHash!=DECENT_SVR_CERT_HASH"
+            );
+
+            Assert.equal(
+                ecrecover(tbsHash, v, r, s),
                 addr,
-                "ecrecover()!=addr"
+                "[server cert]ecrecover()!=addr"
             );
             Assert.ok(
                 LibSecp256k1Sha256.verifySignMsg(addr, tbsBytes, r, s),
-                "verifySignMsg!=true"
+                "[server cert]verifySignMsg!=true"
             );
             Assert.ok(
                 LibSecp256k1Sha256.verifySignHash(addr, tbsHash, r, s),
-                "verifySignHash!=true"
+                "[server cert]verifySignHash!=true"
             );
         }
 
@@ -170,24 +177,31 @@ contract LibSecp256k1Sha256_proxy {
             certNodes.loadCertNodes(certDer);
 
             address addr = TestCerts.DECENT_SVR_CERT_KEY_ADDR;
+            uint8   v = TestCerts.DECENT_APP_CERT_SIGN_V;
             bytes32 r = TestCerts.DECENT_APP_CERT_SIGN_R;
             bytes32 s = TestCerts.DECENT_APP_CERT_SIGN_S;
 
             bytes memory tbsBytes = certDer.allBytesAt(certNodes.tbs.root);
             bytes32 tbsHash = sha256(tbsBytes);
 
             Assert.equal(
-                ecrecover(tbsHash, 27, r, s),
+                tbsHash,
+                TestCerts.DECENT_APP_CERT_HASH,
+                "[server cert]tbsHash!=DECENT_APP_CERT_HASH"
+            );
+
+            Assert.equal(
+                ecrecover(tbsHash, v, r, s),
                 addr,
-                "ecrecover()!=addr"
+                "[app cert]ecrecover()!=addr"
             );
             Assert.ok(
                 LibSecp256k1Sha256.verifySignMsg(addr, tbsBytes, r, s),
-                "verifySignMsg!=true"
+                "[app cert]verifySignMsg!=true"
             );
             Assert.ok(
                 LibSecp256k1Sha256.verifySignHash(addr, tbsHash, r, s),
-                "verifySignHash!=true"
+                "[app cert]verifySignHash!=true"
             );
         }
 

diff --git a/tests/Ecdsa/01_LibSecp256k1Sha256_test.sol b/tests/Ecdsa/01_LibSecp256k1Sha256_test.sol
@@ -138,17 +138,16 @@ contract LibSecp256k1Sha256_testSuite {
 
     function ecrecoverGasEval() public {
         address addr = TestCerts.DECENT_SVR_CERT_KEY_ADDR;
-        uint8 recId = 27;
 
+        uint8   v = TestCerts.DECENT_APP_CERT_SIGN_V;
         bytes32 r = TestCerts.DECENT_APP_CERT_SIGN_R;
         bytes32 s = TestCerts.DECENT_APP_CERT_SIGN_S;
 
-        bytes32 msgHash =
-            0x43c4bb5ebe59f2bfa5d1d90cb04f49c2d814f2be48a00055c014fefccf9de381;
+        bytes32 msgHash =  TestCerts.DECENT_APP_CERT_HASH;
 
         address actAddr;
         uint256 gasUsed = gasleft();
-        actAddr = ecrecover(msgHash, recId, r, s);
+        actAddr = ecrecover(msgHash, v, r, s);
         gasUsed = gasUsed - gasleft();
 
         Assert.equal(actAddr, addr, "ecrecover returns a diff addr");