fix: added return value and test for signatures (#253)

Signed-off-by: Lazar Petrovic <lpetrovic05@gmail.com>
hashgraph · May 9, 2024 · 6da76df · 6da76df
1 parent 80df99b
commit 6da76df
Show file tree

Hide file tree

Showing 2 changed files with 31 additions and 4 deletions.
diff --git a/pbj-core/pbj-runtime/src/main/java/com/hedera/pbj/runtime/io/buffer/Bytes.java b/pbj-core/pbj-runtime/src/main/java/com/hedera/pbj/runtime/io/buffer/Bytes.java
@@ -334,8 +334,8 @@ public void updateSignature(@NonNull final Signature signature, final int offset
      * Same as {@link #verifySignature(Signature, int, int)} with offset 0 and length equal to the length of this
      * {@link Bytes} object.
      */
-    public void verifySignature(@NonNull final Signature signature) throws SignatureException {
-        signature.verify(buffer, start, length);
+    public boolean verifySignature(@NonNull final Signature signature) throws SignatureException {
+        return signature.verify(buffer, start, length);
     }
 
     /**
@@ -347,12 +347,13 @@ public void verifySignature(@NonNull final Signature signature) throws Signature
      * @param signature the Signature to use to verify
      * @param offset    The offset from the start of this {@link Bytes} object to get the bytes from
      * @param length    The number of bytes to extract
+     * @return true if the signature is valid, false otherwise
      * @throws SignatureException If the Signature instance throws this exception
      */
-    public void verifySignature(@NonNull final Signature signature, final int offset, final int length)
+    public boolean verifySignature(@NonNull final Signature signature, final int offset, final int length)
             throws SignatureException {
         validateOffsetLength(offset, length);
-        signature.verify(buffer, calculateOffset(offset), length);
+        return signature.verify(buffer, calculateOffset(offset), length);
     }
 
     /**

diff --git a/pbj-core/pbj-runtime/src/test/java/com/hedera/pbj/runtime/io/buffer/BytesTest.java b/pbj-core/pbj-runtime/src/test/java/com/hedera/pbj/runtime/io/buffer/BytesTest.java
@@ -4,8 +4,10 @@
 import static org.junit.jupiter.api.Assertions.assertArrayEquals;
 import static org.junit.jupiter.api.Assertions.assertDoesNotThrow;
 import static org.junit.jupiter.api.Assertions.assertEquals;
+import static org.junit.jupiter.api.Assertions.assertFalse;
 import static org.junit.jupiter.api.Assertions.assertNotEquals;
 import static org.junit.jupiter.api.Assertions.assertThrows;
+import static org.junit.jupiter.api.Assertions.assertTrue;
 
 import com.hedera.pbj.runtime.io.DataEncodingException;
 import com.hedera.pbj.runtime.io.ReadableSequentialData;
@@ -20,6 +22,8 @@
 import java.nio.ByteBuffer;
 import java.nio.charset.StandardCharsets;
 import java.security.InvalidKeyException;
+import java.security.KeyPair;
+import java.security.KeyPairGenerator;
 import java.security.MessageDigest;
 import java.security.NoSuchAlgorithmException;
 import java.security.PublicKey;
@@ -549,6 +553,28 @@ void verifySignatureBoundsChecks() throws InvalidKeyException {
         assertDoesNotThrow(() -> bytes.verifySignature(signature, 5, 0));
     }
 
+    @Test
+    @DisplayName("Tests the signature verification without a mock")
+    void realSignatureTest() throws NoSuchAlgorithmException, InvalidKeyException, SignatureException {
+        final Bytes bytes = Bytes.wrap(new byte[]{1, 2, 3, 4, 5});
+        final KeyPair keyPair = KeyPairGenerator.getInstance("RSA").generateKeyPair();
+        // sign the data
+        final Signature signer = Signature.getInstance("SHA256withRSA");
+        signer.initSign(keyPair.getPrivate());
+        bytes.updateSignature(signer);
+        final Bytes signature = Bytes.wrap(signer.sign());
+        // verify the signature
+        final Signature verifier = Signature.getInstance("SHA256withRSA");
+        verifier.initVerify(keyPair.getPublic());
+        bytes.updateSignature(verifier);
+        assertTrue(signature.verifySignature(verifier));
+        // test a bad signature
+        final Signature verifier2 = Signature.getInstance("SHA256withRSA");
+        verifier2.initVerify(keyPair.getPublic());
+        Bytes.wrap(new byte[]{123, 1, 2, 3}).updateSignature(verifier2);
+        assertFalse(signature.verifySignature(verifier2));
+    }
+
     // asUtf8String throws with null (no offset here? That's wierd. Should have offset, or we should have non-offset
     // versions of everything else Or at least "getBytes").