refactor(common): use number of KES evolutions to KES verify

Author: jpraynaud

mithril-common/src/crypto_helper/cardano/kes/interface.rs

@@ -24,11 +24,13 @@ pub trait KesSigner: Send + Sync {
 #[cfg_attr(test, mockall::automock)]
 pub trait KesVerifier: Send + Sync + Debug {
     /// Verify the signed message and return the original message.
+    ///
+    /// kes_evolutions: The KES evolutions used to verify the signature (computed from the current KES period at the time of signing minus the start KES period in the operational certificate)
     fn verify(
         &self,
         message: &[u8],
         signature: &Sum6KesSig,
         operational_certificate: &OpCert,
-        kes_period: KesPeriod,
+        kes_evolutions: KesPeriod,
     ) -> StdResult<()>;
 }

mithril-common/src/crypto_helper/cardano/kes/signer_with_key.rs

@@ -66,82 +66,82 @@ mod tests {
     use super::*;
 
     use crate::crypto_helper::cardano::kes::{KesVerifier, KesVerifierStandard};
+    use crate::current_function;
     use crate::test::crypto_helper::{
         KesCryptographicMaterialForTest, KesPartyIndexForTest, create_kes_cryptographic_material,
     };
 
     #[test]
     fn create_valid_signature_for_message() {
+        let start_kes_period = 10 as KesPeriod;
+        let kes_evolutions = 1;
+        let signing_kes_period = start_kes_period + kes_evolutions;
         let KesCryptographicMaterialForTest {
             party_id: _,
             operational_certificate_file,
             kes_secret_key_file,
         } = create_kes_cryptographic_material(
             1 as KesPartyIndexForTest,
-            0 as KesPeriod,
-            "create_valid_signature_for_message",
+            start_kes_period,
+            current_function!(),
         );
         let message = b"Test message for KES signing";
         let kes_signer = KesSignerStandard::new(kes_secret_key_file, operational_certificate_file);
-        let kes_signing_period = 1;
 
         let (signature, op_cert) = kes_signer
-            .sign(message, kes_signing_period)
+            .sign(message, signing_kes_period)
             .expect("Signing should not fail");
 
         KesVerifierStandard
-            .verify(message, &signature, &op_cert, kes_signing_period)
+            .verify(message, &signature, &op_cert, kes_evolutions)
             .expect("Signature verification should not fail");
     }
 
     #[test]
     fn create_invalid_signature_for_different_message() {
+        let start_kes_period = 10 as KesPeriod;
+        let kes_evolutions = 1;
+        let signing_kes_period = start_kes_period + kes_evolutions;
         let KesCryptographicMaterialForTest {
             party_id: _,
             operational_certificate_file,
             kes_secret_key_file,
         } = create_kes_cryptographic_material(
             1 as KesPartyIndexForTest,
-            0 as KesPeriod,
-            "create_invalid_signature_for_different_message",
+            start_kes_period,
+            current_function!(),
         );
         let message = b"Test message for KES signing";
         let kes_signer = KesSignerStandard::new(kes_secret_key_file, operational_certificate_file);
-        let kes_signing_period = 1;
 
         let (signature, op_cert) = kes_signer
-            .sign(message, kes_signing_period)
+            .sign(message, signing_kes_period)
             .expect("Signing should not fail");
 
         KesVerifierStandard
-            .verify(
-                b"Different message",
-                &signature,
-                &op_cert,
-                kes_signing_period,
-            )
+            .verify(b"Different message", &signature, &op_cert, kes_evolutions)
             .expect_err("Signature verification should fail");
     }
 
     #[test]
     fn create_invalid_signature_for_invalid_kes_evolution() {
         const MAX_KES_EVOLUTIONS: KesPeriod = 63;
-        let kes_period_start = 5 as KesPeriod;
+        let start_kes_period = 10 as KesPeriod;
+        let signing_kes_period = start_kes_period + MAX_KES_EVOLUTIONS + 1;
         let KesCryptographicMaterialForTest {
             party_id: _,
             operational_certificate_file,
             kes_secret_key_file,
         } = create_kes_cryptographic_material(
             1 as KesPartyIndexForTest,
-            kes_period_start,
-            "create_invalid_signature_for_invalid_kes_period",
+            start_kes_period,
+            current_function!(),
         );
         let message = b"Test message for KES signing";
         let kes_signer = KesSignerStandard::new(kes_secret_key_file, operational_certificate_file);
-        let kes_signing_period = kes_period_start + MAX_KES_EVOLUTIONS + 1;
 
         kes_signer
-            .sign(message, kes_signing_period)
+            .sign(message, signing_kes_period)
             .expect_err("Signing should fail");
     }
 }

mithril-common/src/crypto_helper/cardano/kes/verifier_standard.rs

@@ -19,19 +19,19 @@ impl KesVerifier for KesVerifierStandard {
         message: &[u8],
         signature: &Sum6KesSig,
         operational_certificate: &OpCert,
-        kes_period: KesPeriod,
+        kes_evolutions: KesPeriod,
     ) -> StdResult<()> {
         operational_certificate
             .validate()
             .map_err(|_| KesVerifyError::OpCertInvalid)?;
 
-        // Check if the KES period in the operational certificate matches the provided KES period +/- 1
-        let kes_period_try_min = std::cmp::max(0, kes_period.saturating_sub(1));
-        let kes_period_try_max = std::cmp::min(64, kes_period.saturating_add(1));
-        for kes_period_try in kes_period_try_min..kes_period_try_max {
+        // Check if the signature verifies for the provided KES evolutions value +/- 1
+        let kes_evolutions_try_min = std::cmp::max(0, kes_evolutions.saturating_sub(1));
+        let kes_evolutions_try_max = std::cmp::min(64, kes_evolutions.saturating_add(1));
+        for kes_evolutions_try in kes_evolutions_try_min..kes_evolutions_try_max {
             if signature
                 .verify(
-                    kes_period_try,
+                    kes_evolutions_try,
                     &operational_certificate.get_kes_verification_key(),
                     message,
                 )
@@ -42,7 +42,7 @@ impl KesVerifier for KesVerifierStandard {
         }
 
         Err(KesVerifyError::SignatureInvalid(
-            kes_period,
+            kes_evolutions,
             operational_certificate.get_start_kes_period() as u32,
         )
         .into())
@@ -52,6 +52,7 @@ impl KesVerifier for KesVerifierStandard {
 #[cfg(test)]
 mod tests {
     use crate::crypto_helper::cardano::kes::{KesSigner, KesSignerStandard};
+    use crate::current_function;
     use crate::test::crypto_helper::{
         KesCryptographicMaterialForTest, KesPartyIndexForTest, create_kes_cryptographic_material,
     };
@@ -60,52 +61,52 @@ mod tests {
 
     #[test]
     fn verify_valid_signature_succeeds() {
+        let start_kes_period = 10 as KesPeriod;
+        let kes_evolutions = 1;
+        let signing_kes_period = start_kes_period + kes_evolutions;
         let KesCryptographicMaterialForTest {
             party_id: _,
             operational_certificate_file,
             kes_secret_key_file,
         } = create_kes_cryptographic_material(
             1 as KesPartyIndexForTest,
-            0 as KesPeriod,
-            "verify_valid_signature_succeeds",
+            start_kes_period,
+            current_function!(),
         );
         let message = b"Test message for KES signing";
         let kes_signer = KesSignerStandard::new(kes_secret_key_file, operational_certificate_file);
-        let kes_signing_period = 1;
+
         let (signature, op_cert) = kes_signer
-            .sign(message, kes_signing_period)
+            .sign(message, signing_kes_period)
             .expect("Signing should not fail");
 
         KesVerifierStandard
-            .verify(message, &signature, &op_cert, kes_signing_period)
+            .verify(message, &signature, &op_cert, kes_evolutions)
             .expect("Signature verification should not fail");
     }
 
     #[test]
     fn verify_invalid_signature_fails() {
+        let start_kes_period = 10 as KesPeriod;
+        let kes_evolutions = 1;
+        let signing_kes_period = start_kes_period + kes_evolutions;
         let KesCryptographicMaterialForTest {
             party_id: _,
             operational_certificate_file,
             kes_secret_key_file,
         } = create_kes_cryptographic_material(
             1 as KesPartyIndexForTest,
-            0 as KesPeriod,
-            "verify_invalid_signature_fails",
+            start_kes_period,
+            current_function!(),
         );
         let message = b"Test message for KES signing";
         let kes_signer = KesSignerStandard::new(kes_secret_key_file, operational_certificate_file);
-        let kes_signing_period = 1;
         let (signature, op_cert) = kes_signer
-            .sign(message, kes_signing_period)
+            .sign(message, signing_kes_period)
             .expect("Signing should not fail");
 
         KesVerifierStandard
-            .verify(
-                b"Different message",
-                &signature,
-                &op_cert,
-                kes_signing_period,
-            )
+            .verify(b"Different message", &signature, &op_cert, kes_evolutions)
             .expect_err("Signature verification should fail");
     }
 }

mithril-common/src/crypto_helper/cardano/key_certification.rs

@@ -239,21 +239,23 @@ impl KeyRegWrapper {
     /// Register a new party. For a successful registration, the registrar needs to
     /// provide the OpCert (in cbor form), the cold VK, a KES signature, and a
     /// Mithril key (with its corresponding Proof of Possession).
+    ///
+    /// kes_evolutions: The number of evolutions since the start KES period of the operational certificate.
     pub fn register(
         &mut self,
         party_id: Option<ProtocolPartyId>, // Used for only for testing when SPO pool id is not certified
         opcert: Option<ProtocolOpCert>, // Used for only for testing when SPO pool id is not certified
         kes_sig: Option<ProtocolSignerVerificationKeySignature>, // Used for only for testing when SPO pool id is not certified
-        kes_period: Option<KesPeriod>,
+        kes_evolutions: Option<KesPeriod>,
         pk: ProtocolSignerVerificationKey,
     ) -> StdResult<ProtocolPartyId> {
         let pool_id_bech32: ProtocolPartyId = if let Some(opcert) = opcert {
             let signature = kes_sig.ok_or(ProtocolRegistrationErrorWrapper::KesSignatureMissing)?;
-            let kes_period =
-                kes_period.ok_or(ProtocolRegistrationErrorWrapper::KesPeriodMissing)?;
+            let kes_evolutions =
+                kes_evolutions.ok_or(ProtocolRegistrationErrorWrapper::KesPeriodMissing)?;
             if self
                 .kes_verifier
-                .verify(&pk.to_bytes(), &signature, &opcert, kes_period)
+                .verify(&pk.to_bytes(), &signature, &opcert, kes_evolutions)
                 .is_ok()
             {
                 opcert
@@ -262,7 +264,7 @@ impl KeyRegWrapper {
             } else {
                 return Err(anyhow!(
                     ProtocolRegistrationErrorWrapper::KesSignatureInvalid(
-                        kes_period,
+                        kes_evolutions,
                         opcert.get_start_kes_period(),
                     )
                 ));

mithril-common/src/test/crypto_helper/setup.rs

@@ -127,7 +127,7 @@ pub fn setup_signers_from_stake_distribution(
     )> = vec![];
 
     for (party_id, stake) in stake_distribution {
-        let kes_period = 0;
+        let kes_evolutions = 0;
         let temp_dir = setup_temp_directory_for_signer(party_id, false);
         let kes_secret_key_path: Option<PathBuf> = temp_dir.as_ref().map(|dir| dir.join("kes.sk"));
         let operational_certificate_path = temp_dir.as_ref().map(|dir| dir.join("opcert.cert"));
@@ -144,15 +144,15 @@ pub fn setup_signers_from_stake_distribution(
             *stake,
             &protocol_initializer,
             operational_certificate.clone(),
-            kes_period,
+            kes_evolutions,
         );
 
         key_registration
             .register(
                 Some(signer_with_stake.party_id.to_owned()),
                 operational_certificate,
                 protocol_initializer.verification_key_signature(),
-                Some(kes_period),
+                Some(kes_evolutions),
                 protocol_initializer.verification_key().into(),
             )
             .expect("key registration should have succeeded");