dmq: updated Sig according to the CIP#137

* signed fields of Sig include: `sigRawId`, `sigRawBody`, `sigRawKESPeriod`, `sigRawExpiresAt`.
* added `SigRawWithSignedBytes`, which carries signed bytes by the KES
  key.

Author: coot

decentralized-message-queue/decentralized-message-queue.cabal

@@ -120,6 +120,7 @@ test-suite dmq-test
     QuickCheck,
     base >=4.14 && <4.22,
     cborg,
+    cardano-binary,
     decentralized-message-queue,
     ouroboros-network-api,
     ouroboros-network-protocols:testlib,

decentralized-message-queue/src/DMQ/Protocol/SigSubmission/Codec.hs

@@ -10,8 +10,8 @@ module DMQ.Protocol.SigSubmission.Codec
   , byteLimitsSigSubmission
   , timeLimitsSigSubmission
   , codecSigSubmissionId
-    -- * Utils for testing
-  , encodeSigRaw
+  -- * Exported utility functions
+  , encodeSigId
   ) where
 
 import Control.Monad (when)
@@ -29,6 +29,7 @@ import Network.TypedProtocol.Codec.CBOR
 import DMQ.Protocol.SigSubmission.Type
 import Ouroboros.Network.Protocol.Limits
 import Ouroboros.Network.Protocol.TxSubmission2.Codec qualified as TX
+import Ouroboros.Network.Protocol.TxSubmission2.Codec (cborBytesFromOffsets)
 
 
 -- | 'SigSubmission' time limits.
@@ -83,26 +84,6 @@ decodeSigId :: forall s. CBOR.Decoder s SigId
 decodeSigId = SigId . SigHash <$> CBOR.decodeBytes
 
 
-encodeSigRaw :: SigRaw
-             -> CBOR.Encoding
-encodeSigRaw SigRaw {
-    sigRawId,
-    sigRawBody,
-    sigRawKESPeriod,
-    sigRawKESSignature,
-    sigRawOpCertificate,
-    sigRawExpiresAt,
-    sigRawColdKey
-  }
-  =  CBOR.encodeListLen 7
-  <> encodeSigId sigRawId
-  <> CBOR.encodeBytes (getSigBody sigRawBody)
-  <> CBOR.encodeWord32 sigRawKESPeriod
-  <> CBOR.encodeWord32 (floor sigRawExpiresAt)
-  <> CBOR.encodeBytes (getSigOpCertificate sigRawOpCertificate)
-  <> CBOR.encodeBytes (getSigColdKey sigRawColdKey)
-  <> CBOR.encodeBytes (getSigKESSignature sigRawKESSignature)
-
 -- | 'SigSubmission' protocol codec.
 --
 codecSigSubmission
@@ -118,25 +99,34 @@ codecSigSubmission =
     encodeSig :: Sig -> CBOR.Encoding
     encodeSig = TX.encodeBytes . sigRawBytes
 
-    decodeSig :: forall s. CBOR.Decoder s (ByteString -> SigRaw)
+    decodeSig :: forall s. CBOR.Decoder s (ByteString -> SigRawWithSignedBytes)
     decodeSig = do
+      -- start of signed data
+      startOffset <- CBOR.peekByteOffset
       a <- CBOR.decodeListLen
       when (a /= 7) $ fail (printf "codecSigSubmission: unexpected number of parameters %d" a)
       sigRawId <- decodeSigId
       sigRawBody <- SigBody <$> CBOR.decodeBytes
-      sigRawKESPeriod <- CBOR.decodeWord32
+      sigRawKESPeriod <- CBOR.decodeWord
       sigRawExpiresAt <- realToFrac <$> CBOR.decodeWord32
+      -- end of signed data
+      endOffset <- CBOR.peekByteOffset
+
+      sigRawKESSignature <- SigKESSignature <$> CBOR.decodeBytes
       sigRawOpCertificate <- SigOpCertificate <$> CBOR.decodeBytes
       sigRawColdKey <- SigColdKey <$> CBOR.decodeBytes
-      sigRawKESSignature <- SigKESSignature <$> CBOR.decodeBytes
-      return $ \_ -> SigRaw {
-          sigRawId,
-          sigRawBody,
-          sigRawKESSignature,
-          sigRawKESPeriod,
-          sigRawOpCertificate,
-          sigRawColdKey,
-          sigRawExpiresAt
+      return $ \bytes -- ^ full bytes of the message, not just the sig part
+             -> SigRawWithSignedBytes {
+          sigRawSignedBytes = cborBytesFromOffsets startOffset endOffset bytes,
+          sigRaw = SigRaw {
+            sigRawId,
+            sigRawBody,
+            sigRawKESSignature,
+            sigRawKESPeriod,
+            sigRawOpCertificate,
+            sigRawColdKey,
+            sigRawExpiresAt
+          }
         }
 
 

decentralized-message-queue/src/DMQ/Protocol/SigSubmission/Type.hs

@@ -14,7 +14,8 @@ module DMQ.Protocol.SigSubmission.Type
   , SigOpCertificate (..)
   , SigColdKey (..)
   , SigRaw (..)
-  , Sig (Sig, SigWithBytes, sigRaw, sigRawBytes, sigId, sigBody, sigExpiresAt, sigOpCertificate, sigKESPeriod, sigKESSignature, sigColdKey, sigBytes)
+  , SigRawWithSignedBytes (..)
+  , Sig (Sig, SigWithBytes, sigRawWithSignedBytes, sigRawBytes, sigId, sigBody, sigExpiresAt, sigOpCertificate, sigKESPeriod, sigKESSignature, sigColdKey, sigSignedBytes, sigBytes)
     -- * `TxSubmission` mini-protocol
   , SigSubmission
   , module SigSubmission
@@ -23,7 +24,6 @@ module DMQ.Protocol.SigSubmission.Type
 import Data.ByteString (ByteString)
 import Data.ByteString.Lazy qualified as LBS
 import Data.Time.Clock.POSIX (POSIXTime)
-import Data.Word (Word32)
 
 import Ouroboros.Network.Protocol.TxSubmission2.Type as SigSubmission hiding
            (TxSubmission2)
@@ -54,7 +54,7 @@ newtype SigKESSignature = SigKESSignature { getSigKESSignature :: ByteString }
 newtype SigOpCertificate = SigOpCertificate { getSigOpCertificate :: ByteString }
   deriving stock (Show, Eq)
 
-type SigKESPeriod = Word32
+type SigKESPeriod = Word
 
 newtype SigColdKey = SigColdKey { getSigColdKey :: ByteString }
   deriving stock (Show, Eq)
@@ -65,20 +65,37 @@ newtype SigColdKey = SigColdKey { getSigColdKey :: ByteString }
 data SigRaw = SigRaw {
     sigRawId            :: SigId,
     sigRawBody          :: SigBody,
-    sigRawKESSignature  :: SigKESSignature,
     sigRawKESPeriod     :: SigKESPeriod,
+    -- ^ KES period when this signature was created.
+    --
+    -- NOTE: `kes-agent` library is using `Word` for KES period, CIP-137
+    -- requires `Word64`, thus we're only supporting 64-bit architectures.
+    sigRawExpiresAt     :: POSIXTime,
+    sigRawKESSignature  :: SigKESSignature,
     sigRawOpCertificate :: SigOpCertificate,
-    sigRawColdKey       :: SigColdKey,
-    sigRawExpiresAt     :: POSIXTime
+    sigRawColdKey       :: SigColdKey
+  }
+  deriving stock (Show, Eq)
+
+
+data SigRawWithSignedBytes = SigRawWithSignedBytes {
+    sigRawSignedBytes :: LBS.ByteString,
+    -- ^ bytes signed by the KES key
+    sigRaw            :: SigRaw
+    -- ^ the `SigRaw` data type
   }
   deriving stock (Show, Eq)
 
+
 data Sig = SigWithBytes {
-    sigRawBytes :: LBS.ByteString,
-    sigRaw      :: SigRaw
+    sigRawBytes           :: LBS.ByteString,
+    -- ^ encoded `SigRaw` data type
+    sigRawWithSignedBytes :: SigRawWithSignedBytes
+    -- ^ the `SigRaw` data type along with signed bytes
   }
   deriving stock (Show, Eq)
 
+
 -- | A convenient bidirectional pattern synonym for the `Sig` type.
 --
 pattern Sig
@@ -90,6 +107,7 @@ pattern Sig
   -> SigColdKey
   -> POSIXTime
   -> LBS.ByteString
+  -> LBS.ByteString
   -> Sig
 pattern
     Sig { sigId,
@@ -99,20 +117,24 @@ pattern
           sigOpCertificate,
           sigColdKey,
           sigExpiresAt,
+          sigSignedBytes,
           sigBytes
         }
     <-
     SigWithBytes {
       sigRawBytes = sigBytes,
-      sigRaw =
-        SigRaw {
-          sigRawId            = sigId,
-          sigRawBody          = sigBody,
-          sigRawKESSignature  = sigKESSignature,
-          sigRawKESPeriod     = sigKESPeriod,
-          sigRawOpCertificate = sigOpCertificate,
-          sigRawColdKey       = sigColdKey,
-          sigRawExpiresAt     = sigExpiresAt
+      sigRawWithSignedBytes =
+        SigRawWithSignedBytes {
+          sigRawSignedBytes = sigSignedBytes,
+          sigRaw = SigRaw {
+            sigRawId            = sigId,
+            sigRawBody          = sigBody,
+            sigRawKESSignature  = sigKESSignature,
+            sigRawKESPeriod     = sigKESPeriod,
+            sigRawOpCertificate = sigOpCertificate,
+            sigRawColdKey       = sigColdKey,
+            sigRawExpiresAt     = sigExpiresAt
+          }
         }
       }
   where
@@ -123,12 +145,14 @@ pattern
         sigRawOpCertificate
         sigRawColdKey
         sigRawExpiresAt
+        sigRawSignedBytes
         sigRawBytes
       =
       SigWithBytes {
         sigRawBytes = sigRawBytes,
-        sigRaw      =
-          SigRaw {
+        sigRawWithSignedBytes = SigRawWithSignedBytes {
+          sigRawSignedBytes,
+          sigRaw = SigRaw {
             sigRawId,
             sigRawBody,
             sigRawKESPeriod,
@@ -137,6 +161,7 @@ pattern
             sigRawColdKey,
             sigRawExpiresAt
           }
+        }
       }
 {-# COMPLETE Sig #-}
 

decentralized-message-queue/test/Test/DMQ/Protocol/SigSubmission.hs

@@ -6,6 +6,7 @@
 
 module Test.DMQ.Protocol.SigSubmission where
 
+import Codec.CBOR.Encoding qualified as CBOR
 import Codec.CBOR.Write qualified as CBOR
 import Control.Monad.ST (runST)
 import Data.Time.Clock.POSIX (POSIXTime)
@@ -14,6 +15,8 @@ import Data.Word (Word32)
 import Network.TypedProtocol.Codec
 import Network.TypedProtocol.Codec.Properties hiding (prop_codec)
 
+import Cardano.Binary (ToCBOR (..))
+
 import DMQ.Protocol.SigSubmission.Codec
 import DMQ.Protocol.SigSubmission.Type
 
@@ -115,17 +118,63 @@ instance Arbitrary SigRaw where
     | sigRawExpiresAt' <- shrink sigRawExpiresAt
     ]
 
+mkSigRawWithSignedBytes :: SigRaw -> SigRawWithSignedBytes
+mkSigRawWithSignedBytes sigRaw =
+    SigRawWithSignedBytes {
+      sigRaw,
+      sigRawSignedBytes
+    }
+  where
+    sigRawSignedBytes = CBOR.toLazyByteString (encodeSigRaw' sigRaw)
+
+instance Arbitrary SigRawWithSignedBytes where
+  arbitrary = mkSigRawWithSignedBytes <$> arbitrary
+  shrink SigRawWithSignedBytes {sigRaw} = mkSigRawWithSignedBytes <$> shrink sigRaw
+
 -- NOTE: this function is not exposed in the main library on purpose.  We
 -- should never construct `Sig` by serialising `SigRaw`.
 --
-mkSig :: SigRaw -> Sig
-mkSig sigRaw = SigWithBytes {sigRawBytes, sigRaw}
+mkSig :: SigRawWithSignedBytes -> Sig
+mkSig sigRawWithSignedBytes@SigRawWithSignedBytes { sigRaw } =
+    SigWithBytes {
+      sigRawBytes,
+      sigRawWithSignedBytes
+    }
   where
     sigRawBytes = CBOR.toLazyByteString (encodeSigRaw sigRaw)
 
 instance Arbitrary Sig where
   arbitrary = mkSig <$> arbitrary
-  shrink SigWithBytes {sigRaw} = mkSig <$> shrink sigRaw
+  shrink SigWithBytes {sigRawWithSignedBytes} = mkSig <$> shrink sigRawWithSignedBytes
+
+-- encode only signed part
+encodeSigRaw' :: SigRaw
+              -> CBOR.Encoding
+encodeSigRaw' SigRaw {
+    sigRawId,
+    sigRawBody,
+    sigRawKESPeriod,
+    sigRawExpiresAt
+  }
+  =  CBOR.encodeListLen 7
+  <> encodeSigId sigRawId
+  <> CBOR.encodeBytes (getSigBody sigRawBody)
+  <> CBOR.encodeWord sigRawKESPeriod
+  <> CBOR.encodeWord32 (floor sigRawExpiresAt)
+
+-- encode together with KES signature, OCert and cold key.
+encodeSigRaw :: SigRaw
+             -> CBOR.Encoding
+encodeSigRaw sigRaw@SigRaw { sigRawKESSignature, sigRawOpCertificate, sigRawColdKey } =
+     encodeSigRaw' sigRaw
+  <> CBOR.encodeBytes (getSigKESSignature sigRawKESSignature)
+  <> toCBOR (getSigOpCertificate sigRawOpCertificate)
+  <> CBOR.encodeBytes (getSigColdKey sigRawColdKey)
+
+
+shrinkSigFn :: Sig -> [Sig]
+shrinkSigFn SigWithBytes {sigRawWithSignedBytes = SigRawWithSignedBytes { sigRaw, sigRawSignedBytes } } =
+    mkSig . (\sigRaw' -> SigRawWithSignedBytes { sigRaw = sigRaw', sigRawSignedBytes }) <$> shrink sigRaw
 
 prop_codec :: AnyMessage SigSubmission -> Property
 prop_codec msg =