import json import os import tempfile import pytest def write_temp(data: dict): fd, path = tempfile.mkstemp(text=True) with os.fdopen(fd, "w") as f: json.dump(data, f) return path def test_cli_generate_and_inspect(): from missionledger.cli import main pd = {"delta": {"move": True}, "version": 1, "metadata": {"invariants": {"a": True}}} path = write_temp(pd) # generate prints a compact JSON rc = main(["generate", "--plandelta", path, "--nframes", "2", "--signer", "cli-test"]) assert rc == 0 rc = main(["inspect", "--plandelta", path, "--nframes", "2", "--signer", "cli-test"]) assert rc == 0 def test_cli_sign_and_verify_roundtrip(): pytest.importorskip("nacl") from nacl.signing import SigningKey from missionledger.cli import main pd = {"delta": {"x": 1}, "version": 1, "metadata": {"invariants": {"a": True}}} path = write_temp(pd) # create keypair files sk = SigningKey.generate() vk = sk.verify_key keyfile = tempfile.NamedTemporaryFile(delete=False) keyfile.write(sk.encode()) keyfile.close() vkfile = tempfile.NamedTemporaryFile(delete=False) vkfile.write(vk.encode()) vkfile.close() # call sign via CLI (prints JSON) rc = main(["sign", "--plandelta", path, "--keyfile", keyfile.name, "--nframes", "1"]) assert rc == 0 # simulate capturing signature by re-generating and signing directly # Use the CLI verify command: first we need the signature string # We'll sign here to get the signature for verification step from missionledger.csfd import generate_csfd, sign_csfd from missionledger.dsl import PlanDelta pd_obj = PlanDelta(delta=pd["delta"], version=pd["version"], metadata=pd["metadata"]) csfd = generate_csfd(pd_obj, signer="cli-test", n_frames=1) sig = sign_csfd(csfd, sk.encode()) rc = main(["verify", "--plandelta", path, "--signature", sig, "--vkfile", vkfile.name]) assert rc == 0