From 2300bb9d008dc241f70b04d9cc62dc46d08ab4f7 Mon Sep 17 00:00:00 2001
From: Alexandre Paillier <alexandre.paillier@ledger.fr>
Date: Wed, 16 Nov 2022 15:16:44 +0100
Subject: [PATCH] Updated Ragger tests to use the new private CAL key

---
 .github/workflows/ci-workflow.yml |  2 --
 tests/ragger/cal/cal.py           | 18 ++++++++++++++++++
 tests/ragger/eip712/InputData.py  | 12 +++---------
 3 files changed, 21 insertions(+), 11 deletions(-)
 create mode 100644 tests/ragger/cal/cal.py

diff --git a/.github/workflows/ci-workflow.yml b/.github/workflows/ci-workflow.yml
index ff7c218..b846efa 100644
--- a/.github/workflows/ci-workflow.yml
+++ b/.github/workflows/ci-workflow.yml
@@ -270,8 +270,6 @@ jobs:
           sudo apt install -y qemu-user-static
 
       - name: Run tests
-        env:
-          CAL_SIGNATURE_TEST_KEY: ${{ secrets.CAL_SIGNATURE_TEST_KEY }}
         run: |
           cd tests/ragger
           . ./venv/bin/activate
diff --git a/tests/ragger/cal/cal.py b/tests/ragger/cal/cal.py
new file mode 100644
index 0000000..e75fcab
--- /dev/null
+++ b/tests/ragger/cal/cal.py
@@ -0,0 +1,18 @@
+import os
+import hashlib
+from ecdsa.util import sigencode_der
+from ecdsa import SigningKey
+
+_key: SigningKey = None
+
+def _init_key():
+    global _key
+    with open(os.path.dirname(__file__) + "/key.pem") as pem_file:
+        _key = SigningKey.from_pem(pem_file.read(), hashlib.sha256)
+    assert _key != None
+
+def sign(data: bytes) -> bytes:
+    global _key
+    if not _key:
+        _init_key()
+    return _key.sign_deterministic(data, sigencode=sigencode_der)
diff --git a/tests/ragger/eip712/InputData.py b/tests/ragger/eip712/InputData.py
index 89e877c..01e0c6e 100644
--- a/tests/ragger/eip712/InputData.py
+++ b/tests/ragger/eip712/InputData.py
@@ -1,14 +1,11 @@
 #!/usr/bin/env python3
 
-import os
 import json
 import sys
 import re
 import hashlib
-from ecdsa import SigningKey
-from ecdsa.util import sigencode_der
 from ethereum_client.client import EthereumClient, EIP712FieldType
-import base64
+from cal import cal
 
 # global variables
 app_client: EthereumClient = None
@@ -254,7 +251,7 @@ def send_filtering_message_info(display_name: str, filters_count: int):
     for char in display_name:
         to_sign.append(ord(char))
 
-    sig = sig_ctx["key"].sign_deterministic(to_sign, sigencode=sigencode_der)
+    sig = cal.sign(to_sign)
     app_client.eip712_filtering_message_info(display_name, filters_count, sig)
 
 # ledgerjs doesn't actually sign anything, and instead uses already pre-computed signatures
@@ -272,7 +269,7 @@ def send_filtering_show_field(display_name):
         to_sign.append(ord(char))
     for char in display_name:
         to_sign.append(ord(char))
-    sig = sig_ctx["key"].sign_deterministic(to_sign, sigencode=sigencode_der)
+    sig = cal.sign(to_sign)
     app_client.eip712_filtering_show_field(display_name, sig)
 
 def read_filtering_file(domain, message, filtering_file_path):
@@ -299,9 +296,6 @@ def init_signature_context(types, domain):
     global sig_ctx
 
     handle_optional_domain_values(domain)
-    env_key = os.environ["CAL_SIGNATURE_TEST_KEY"]
-    key = base64.b64decode(env_key).decode() # base 64 string -> decode bytes -> string
-    sig_ctx["key"] = SigningKey.from_pem(key, hashlib.sha256)
     caddr = domain["verifyingContract"]
     if caddr.startswith("0x"):
         caddr = caddr[2:]