fix(common): KES period used to sign must be current

Author: jpraynaud

mithril-common/src/crypto_helper/cardano/kes/error.rs

@@ -18,7 +18,7 @@ pub enum KesVerifyError {
 #[derive(Error, Debug)]
 pub enum KesSignError {
     /// Error raised when a KES update error occurs
-    #[error("KES key cannot be updated for period {0}")]
+    #[error("KES key cannot be updated for evolution {0}")]
     UpdateKey(KesPeriod),
 
     /// Period of key file does not match with period provided by user

mithril-common/src/crypto_helper/cardano/kes/interface.rs

@@ -11,7 +11,13 @@ use crate::{
 #[cfg_attr(test, mockall::automock)]
 pub trait KesSigner: Send + Sync {
     /// Return signed bytes with the KES secret key and the associated Operational Certificate
-    fn sign(&self, message: &[u8], kes_period: KesPeriod) -> StdResult<(Sum6KesSig, OpCert)>;
+    ///
+    /// current_kes_period: The KES period used to sign the message (absolute period computed from the chain at the moment of signature)
+    fn sign(
+        &self,
+        message: &[u8],
+        current_kes_period: KesPeriod,
+    ) -> StdResult<(Sum6KesSig, OpCert)>;
 }
 
 /// Trait for KES (Key Evolving Signature) verification operation.

mithril-common/src/crypto_helper/cardano/kes/signer_with_key.rs

@@ -31,27 +31,32 @@ impl KesSignerStandard {
 }
 
 impl KesSigner for KesSignerStandard {
-    fn sign(&self, message: &[u8], kes_period: KesPeriod) -> StdResult<(Sum6KesSig, OpCert)> {
+    fn sign(
+        &self,
+        message: &[u8],
+        current_kes_period: KesPeriod,
+    ) -> StdResult<(Sum6KesSig, OpCert)> {
         let mut kes_sk_bytes = Sum6KesBytes::from_file(&self.kes_sk_path)
             .with_context(|| "StandardKesSigner can not read KES secret key from file")?;
         let mut kes_sk = Sum6Kes::try_from(&mut kes_sk_bytes)
             .with_context(|| "StandardKesSigner can not use KES secret key")?;
+        let operational_certificate = OpCert::from_file(&self.operational_certificate_path)
+            .with_context(|| "StandardKesSigner can not read operational certificate from file")?;
+        let kes_period_start = operational_certificate.get_start_kes_period() as u32;
         let kes_sk_period = kes_sk.get_period();
-        if kes_sk_period > kes_period {
+        let kes_evolutions = kes_period.saturating_sub(kes_period_start);
+        if kes_sk_period > kes_evolutions {
             return Err(anyhow!(KesSignError::PeriodMismatch(
                 kes_sk_period,
                 kes_period
             )));
         }
 
         // We need to perform the evolutions
-        for period in kes_sk_period..kes_period {
-            kes_sk.update().map_err(|_| KesSignError::UpdateKey(period))?;
+        for evolution in kes_sk_period..kes_evolutions {
+            kes_sk.update().map_err(|_| KesSignError::UpdateKey(evolution))?;
         }
 
-        let operational_certificate = OpCert::from_file(&self.operational_certificate_path)
-            .with_context(|| "StandardKesSigner can not read operational certificate from file")?;
-
         Ok((kes_sk.sign(message), operational_certificate))
     }
 }
@@ -119,7 +124,8 @@ mod tests {
     }
 
     #[test]
-    fn create_invalid_signature_for_invalid_kes_period() {
+    fn create_invalid_signature_for_invalid_kes_evolution() {
+        const MAX_KES_EVOLUTIONS: KesPeriod = 63;
         let kes_period_start = 5 as KesPeriod;
         let KesCryptographicMaterialForTest {
             party_id: _,
@@ -132,11 +138,7 @@ mod tests {
         );
         let message = b"Test message for KES signing";
         let kes_signer = KesSignerStandard::new(kes_secret_key_file, operational_certificate_file);
-        let kes_signing_period = 2;
-        assert!(
-            kes_signing_period < kes_period_start,
-            "KES signing period should be less than the KES period of the key"
-        );
+        let kes_signing_period = kes_period_start + MAX_KES_EVOLUTIONS + 1;
 
         kes_signer
             .sign(message, kes_signing_period)

mithril-common/src/crypto_helper/cardano/key_certification.rs

@@ -88,7 +88,7 @@ pub enum ProtocolInitializerErrorWrapper {
     ProtocolInitializer(#[source] StdError),
 
     /// Error raised when a KES update error occurs
-    #[error("KES key cannot be updated for period {0}")]
+    #[error("KES key cannot be updated for evolution {0}")]
     KesUpdate(KesPeriod),
 
     /// Period of key file does not match with period provided by user

mithril-common/src/test/crypto_helper/cardano/kes/setup.rs

@@ -21,7 +21,7 @@ pub(crate) struct KesCryptographicMaterialForTest {
 /// Create KES cryptographic material for testing purposes.
 pub fn create_kes_cryptographic_material(
     party_idx: KesPartyIndexForTest,
-    kes_period: KesPeriod,
+    start_kes_period: KesPeriod,
     test_directory: &str,
 ) -> KesCryptographicMaterialForTest {
     let temp_dir = std::env::temp_dir()
@@ -31,16 +31,12 @@ pub fn create_kes_cryptographic_material(
     let keypair = ColdKeyGenerator::create_deterministic_keypair([party_idx as u8; 32]);
     let mut dummy_buffer = [0u8; Sum6Kes::SIZE + 4];
     let mut dummy_seed = [party_idx as u8; 32];
-    let (mut kes_secret_key, kes_verification_key) =
+    let (kes_secret_key, kes_verification_key) =
         Sum6Kes::keygen(&mut dummy_buffer, &mut dummy_seed);
-    for _ in 0..kes_period {
-        kes_secret_key
-            .update()
-            .expect("KES secret key update should not fail");
-    }
     let mut kes_bytes = Sum6KesBytes([0u8; Sum6Kes::SIZE + 4]);
     kes_bytes.0.copy_from_slice(&kes_secret_key.clone_sk());
-    let operational_certificate = OpCert::new(kes_verification_key, 0, 0, keypair);
+    let operational_certificate =
+        OpCert::new(kes_verification_key, 0, start_kes_period as u64, keypair);
     let kes_secret_key_file = temp_dir.join(format!("kes{party_idx}.skey"));
     kes_bytes
         .to_file(&kes_secret_key_file)

mithril-common/src/test/crypto_helper/cardano/kes/signer_fake.rs

@@ -63,7 +63,7 @@ impl KesSignerFake {
 }
 
 impl KesSigner for KesSignerFake {
-    fn sign(&self, message: &[u8], _kes_period: KesPeriod) -> KesSignatureResult {
+    fn sign(&self, message: &[u8], _current_kes_period: KesPeriod) -> KesSignatureResult {
         let mut messages = self.signed_messages.lock().unwrap();
         messages.push_back(message.to_vec());
 

mithril-signer/src/runtime/runner.rs

@@ -5,7 +5,7 @@ use thiserror::Error;
 use tokio::sync::RwLockReadGuard;
 
 use mithril_common::StdResult;
-use mithril_common::crypto_helper::{KesPeriod, OpCert, ProtocolOpCert, SerDeShelleyFileFormat};
+use mithril_common::crypto_helper::{OpCert, ProtocolOpCert, SerDeShelleyFileFormat};
 use mithril_common::entities::{
     Epoch, PartyId, ProtocolMessage, SignedEntityType, Signer, TimePoint,
 };
@@ -184,7 +184,7 @@ impl Runner for SignerRunner {
         let stake = stake_distribution
             .get(&self.services.single_signer.get_party_id())
             .ok_or_else(RunnerError::NoStakeForSelf)?;
-        let (operational_certificate, protocol_operational_certificate) = match &self
+        let (_operational_certificate, protocol_operational_certificate) = match &self
             .config
             .operational_certificate_path
         {
@@ -198,18 +198,7 @@ impl Runner for SignerRunner {
             }
             _ => (None, None),
         };
-
-        let kes_period = match operational_certificate {
-            Some(operational_certificate) => Some(
-                self.services
-                    .chain_observer
-                    .get_current_kes_period()
-                    .await?
-                    .unwrap_or_default()
-                    - operational_certificate.get_start_kes_period() as KesPeriod,
-            ),
-            None => None,
-        };
+        let kes_period = self.services.chain_observer.get_current_kes_period().await?;
 
         let protocol_initializer = self
             .services