48 lines
1.6 KiB
Python
48 lines
1.6 KiB
Python
import pytest
|
|
|
|
from nova_plan.contracts import (
|
|
PlanDelta,
|
|
CaCContract,
|
|
sign_ca_contract,
|
|
GoCRegistry,
|
|
SignerStore,
|
|
sign_plan_delta,
|
|
verify_plan_delta_signature,
|
|
)
|
|
|
|
|
|
def test_ca_contract_sign_and_registry_roundtrip():
|
|
# register signer key
|
|
SignerStore.register("alice", "alice-key-123")
|
|
|
|
contract = CaCContract(contract_id="ic-contract-1", version=1, content={"name": "Test"})
|
|
signed = sign_ca_contract(contract, "alice-key-123")
|
|
# store in GoC registry
|
|
GoCRegistry.register_signed_contract(contract, signer="alice", signature=signed.signature)
|
|
assert GoCRegistry.get_signed_contract("ic-contract-1")["signature"] == signed.signature
|
|
|
|
|
|
def test_plan_delta_sign_and_verify():
|
|
SignerStore.register("alice", "alice-key-123")
|
|
delta = PlanDelta(agent_id="alice", delta={"task": 1}, contract_id="ic-contract-1")
|
|
signed_delta = sign_plan_delta(delta, signer_id="alice")
|
|
assert signed_delta.signature is not None
|
|
assert verify_plan_delta_signature(signed_delta)
|
|
|
|
# push to provenance registry
|
|
GoCRegistry.push_delta("ic-contract-1", signed_delta)
|
|
prov = GoCRegistry.get_provenance("ic-contract-1")
|
|
assert len(prov) >= 1 and prov[-1].agent_id == "alice"
|
|
|
|
# tamper should fail verification
|
|
tampered = PlanDelta(
|
|
agent_id="alice",
|
|
delta={"task": 999},
|
|
contract_id="ic-contract-1",
|
|
timestamp=signed_delta.timestamp,
|
|
signature=signed_delta.signature,
|
|
)
|
|
# mutate the delta content after signing should invalidate signature
|
|
tampered.delta["task"] = 1000
|
|
assert not verify_plan_delta_signature(tampered)
|