diff --git a/libp2p/pubsub/pubsub.py b/libp2p/pubsub/pubsub.py index ac08b41..0b4d605 100644 --- a/libp2p/pubsub/pubsub.py +++ b/libp2p/pubsub/pubsub.py @@ -543,7 +543,10 @@ class Pubsub: # i.e., check if `msg.key` matches `msg.from_id` msg_pubkey = deserialize_public_key(msg.key) if ID.from_pubkey(msg_pubkey) != msg.from_id: - logger.debug("Reject because signing key does not match sender ID for msg: %s", msg) + logger.debug( + "Reject because signing key does not match sender ID for msg: %s", + msg, + ) return # Validate the signature of the message # First, construct the original payload that's signed by 'msg.key' @@ -556,9 +559,7 @@ class Pubsub: payload = ( PUBSUB_SIGNING_PREFIX.encode() + msg_without_key_sig.SerializeToString() ) - if not signature_validator( - msg_pubkey, payload, msg.signature - ): + if not signature_validator(msg_pubkey, payload, msg.signature): logger.debug("Signature validation failed for msg: %s", msg) return diff --git a/tests/pubsub/test_pubsub.py b/tests/pubsub/test_pubsub.py index 8052926..01d8ba7 100644 --- a/tests/pubsub/test_pubsub.py +++ b/tests/pubsub/test_pubsub.py @@ -5,8 +5,8 @@ import pytest from libp2p.exceptions import ValidationError from libp2p.peer.id import ID -from libp2p.pubsub.pubsub import PUBSUB_SIGNING_PREFIX from libp2p.pubsub.pb import rpc_pb2 +from libp2p.pubsub.pubsub import PUBSUB_SIGNING_PREFIX from libp2p.tools.pubsub.utils import make_pubsub_msg from libp2p.tools.utils import connect from libp2p.utils import encode_varint_prefixed @@ -538,9 +538,7 @@ async def test_strict_signing_failed_validation(pubsubs_fsub, hosts, monkeypatch seqno=b"\x00" * 8, ) priv_key = pubsubs_fsub[0].sign_key - signature = priv_key.sign( - PUBSUB_SIGNING_PREFIX.encode() + msg.SerializeToString() - ) + signature = priv_key.sign(PUBSUB_SIGNING_PREFIX.encode() + msg.SerializeToString()) event = asyncio.Event() diff --git a/tests_interop/conftest.py b/tests_interop/conftest.py index e75e519..8ae9769 100644 --- a/tests_interop/conftest.py +++ b/tests_interop/conftest.py @@ -76,7 +76,24 @@ def is_gossipsub(): @pytest.fixture -async def p2pds(num_p2pds, is_host_secure, is_gossipsub, unused_tcp_port_factory): +def is_pubsub_signing(): + return True + + +@pytest.fixture +def is_pubsub_signing_strict(): + return True + + +@pytest.fixture +async def p2pds( + num_p2pds, + is_host_secure, + is_gossipsub, + unused_tcp_port_factory, + is_pubsub_signing, + is_pubsub_signing_strict, +): p2pds: Union[Daemon, Exception] = await asyncio.gather( *[ make_p2pd( @@ -84,6 +101,8 @@ async def p2pds(num_p2pds, is_host_secure, is_gossipsub, unused_tcp_port_factory unused_tcp_port_factory(), is_host_secure, is_gossipsub=is_gossipsub, + is_pubsub_signing=is_pubsub_signing, + is_pubsub_signing_strict=is_pubsub_signing_strict, ) for _ in range(num_p2pds) ], @@ -102,13 +121,14 @@ async def p2pds(num_p2pds, is_host_secure, is_gossipsub, unused_tcp_port_factory @pytest.fixture -def pubsubs(num_hosts, hosts, is_gossipsub): +def pubsubs(num_hosts, hosts, is_gossipsub, is_pubsub_signing_strict): if is_gossipsub: routers = GossipsubFactory.create_batch(num_hosts, **GOSSIPSUB_PARAMS._asdict()) else: routers = FloodsubFactory.create_batch(num_hosts) _pubsubs = tuple( - PubsubFactory(host=host, router=router) for host, router in zip(hosts, routers) + PubsubFactory(host=host, router=router, strict_signing=is_pubsub_signing_strict) + for host, router in zip(hosts, routers) ) yield _pubsubs # TODO: Clean up diff --git a/tests_interop/test_pubsub.py b/tests_interop/test_pubsub.py index 4e845d7..f67b47a 100644 --- a/tests_interop/test_pubsub.py +++ b/tests_interop/test_pubsub.py @@ -55,6 +55,9 @@ def validate_pubsub_msg(msg: rpc_pb2.Message, data: bytes, from_peer_id: ID) -> assert msg.data == data and msg.from_id == from_peer_id +@pytest.mark.parametrize( + "is_pubsub_signing, is_pubsub_signing_strict", ((True, True), (False, False)) +) @pytest.mark.parametrize("is_gossipsub", (True, False)) @pytest.mark.parametrize("num_hosts, num_p2pds", ((1, 2),)) @pytest.mark.asyncio