ATL-432: Update Checks If Master Key Revoked (#746)

input-output-hk · May 16, 2022 · 40b5452 · 40b5452
1 parent d866707
commit 40b5452
Show file tree

Hide file tree

Showing 2 changed files with 31 additions and 2 deletions.
diff --git a/...-backend/node/src/main/scala/io/iohk/atala/prism/node/operations/UpdateDIDOperation.scala b/...-backend/node/src/main/scala/io/iohk/atala/prism/node/operations/UpdateDIDOperation.scala
@@ -51,10 +51,16 @@ case class UpdateDIDOperation(
       }.subflatMap { didKey =>
         Either.cond(
           didKey.keyUsage == KeyUsage.MasterKey,
-          didKey.key,
+          didKey,
           StateError.InvalidKeyUsed("master key")
         )
-      }
+      }.subflatMap { didKey =>
+        Either.cond(
+          didKey.revokedOn.isEmpty,
+          didKey,
+          StateError.KeyAlreadyRevoked()
+        )
+      }.map(_.key)
     } yield CorrectnessData(key, Some(lastOperation))
   }
 

diff --git a/...kend/node/src/test/scala/io/iohk/atala/prism/node/operations/UpdateDIDOperationSpec.scala b/...kend/node/src/test/scala/io/iohk/atala/prism/node/operations/UpdateDIDOperationSpec.scala
@@ -10,6 +10,7 @@ import io.iohk.atala.prism.node.DataPreparation
 import io.iohk.atala.prism.node.DataPreparation.{dummyApplyOperationConfig, dummyLedgerData}
 import io.iohk.atala.prism.node.models.{DIDPublicKey, KeyUsage}
 import io.iohk.atala.prism.node.operations.CreateDIDOperationSpec.{randomCompressedECKeyData, randomECKeyData}
+import io.iohk.atala.prism.node.repositories.daos.PublicKeysDAO
 import io.iohk.atala.prism.node.services.BlockProcessingServiceSpec
 import io.iohk.atala.prism.protos.node_models
 import org.scalatest.EitherValues._
@@ -234,6 +235,28 @@ class UpdateDIDOperationSpec extends AtalaWithPostgresSpec with ProtoParsingTest
       key mustBe masterKeys.getPublicKey
       previousOperation mustBe Some(createDidOperation.digest)
     }
+
+    "fail given master key revoked" in {
+      createDidOperation.applyState(dummyApplyOperationConfig).transact(database).value.unsafeRunSync()
+
+      PublicKeysDAO
+        .revoke(createDidOperation.id, "master", dummyLedgerData)
+        .transact(database)
+        .unsafeRunSync()
+
+      val parsedOperation = UpdateDIDOperation
+        .parse(signedExampleOperation, dummyLedgerData)
+        .toOption
+        .value
+
+      val result = parsedOperation
+        .getCorrectnessData("master")
+        .transact(database)
+        .value
+        .unsafeRunSync()
+
+      result mustBe Left(StateError.KeyAlreadyRevoked())
+    }
   }
 
   "UpdateDIDOperation.applyState" should {