From e6339c45aec90814aa3deac1710778e29f36f177 Mon Sep 17 00:00:00 2001
From: Jaromil <jaromil@dyne.org>
Date: Tue, 21 Apr 2020 01:21:26 +0200
Subject: [PATCH] zencode improve test and documentation for simple and dp3t
 scenarios

---
 build/zencode_scenario.sh   |  15 +++++
 docs/Makefile               |   4 +-
 docs/pages/zencode.md       |  38 +++--------
 src/lua/zenroom_common.lua  |   6 +-
 test/zencode_data.lua       |   4 +-
 test/zencode_dp3t/run.sh    |  52 ++++-----------
 test/zencode_numericals.lua |   8 +--
 test/zencode_simple/run.sh  | 124 ++++++++++++++++++++++++++++++++++++
 8 files changed, 174 insertions(+), 77 deletions(-)
 create mode 100755 build/zencode_scenario.sh
 create mode 100755 test/zencode_simple/run.sh

diff --git a/build/zencode_scenario.sh b/build/zencode_scenario.sh
new file mode 100755
index 0000000..88d773c
--- /dev/null
+++ b/build/zencode_scenario.sh
@@ -0,0 +1,15 @@
+#!/usr/bin/env zsh
+#
+# build the zencode scenario test scripts and copy them into the
+# documentation folder. called from zenroom/docs
+
+scen="$1"
+R="$PWD/.."
+[[ -r "$R/test/zencode_${scen}" ]] || {
+	echo "error in script $0"
+	echo "scenario not found: $R/test/zencode_${scen}"
+	exit 1 }
+pushd $R/test/zencode_${scen}
+./run.sh
+cp -av *zen *json $R/docs/_media/examples/zencode_${scen}
+popd
diff --git a/docs/Makefile b/docs/Makefile
index 9aad12e..870c0b0 100644
--- a/docs/Makefile
+++ b/docs/Makefile
@@ -14,7 +14,9 @@ website:
 	@ln -fs _media/js/zenroom.data .
 	@mkdir -p _media/examples
 	@cp -v ../examples/*.keys ../examples/*.data ../examples/*.lua _media/examples/
-	@cp -av ../test/zencode_coconut ../test/zencode_simple _media/examples/
+	@../build/zencode_scenario.sh dp3t
+	@../build/zencode_scenario.sh simple
+	@cp -av ../test/zencode_coconut _media/examples/
 	@cp -v ../bindings/javascript/README.md pages/javascript.md
 	@cp -v ../bindings/python3/README.md pages/python.md
 
diff --git a/docs/pages/zencode.md b/docs/pages/zencode.md
index c8e28fc..8f4d6c5 100755
--- a/docs/pages/zencode.md
+++ b/docs/pages/zencode.md
@@ -58,18 +58,11 @@ In this phase each participant will create his/her own keypair, store it and com
 
 The statement to generate a keypair (public and private keys) is simple:
 
-[](../_media/examples/zencode_simple/AES01.zen ':include :type=code gherkin')
+[](../_media/examples/zencode_simple/alice_keygen.zen ':include :type=code gherkin')
 
 It will produce something like this:
 
-```json
-"Alice": {
-   "keypair": {
-      "private_key": "u64:F_NaS3Y6Xw6BW...",
-      "public_key": "u64:BLG0OGDwzP_gY41TZgGpUB4lTYCgpx9BJVScxSQAfwqEi..."
-   }
-}
-```
+[](../_media/examples/zencode_simple/alice_keypair.json ':include :type=code json')
 
 Where the public key is usually a longer octet and actually an [Elliptic Curve Point](/lua/modules/ECP.html) coordinate.
 
@@ -96,14 +89,10 @@ After both Alice and Bob have their own keypairs and they both know
 each other public key we can move forward to do asymmetric encryption
 and signatures.
 
-[](../_media/examples/zencode_simple/AES02.zen ':include :type=code gherkin')
+[](../_media/examples/zencode_simple/alice_keypub.zen ':include :type=code gherkin')
 
 
-```json
-"Alice": {
-   "public_key": "u64:BLG0OGDwzP_gY41TZgGpUB4lTYCgpx9BJVScxSQAfwqEi..."
-}
-```
+[](../_media/examples/zencode_simple/alice_pub.json ':include :type=code json')
 
 The advantage of using Zencode here is the use of the `valid` keyword which effectively parses the `public key` object and verifies it as valid, in this case as being a valid point on the elliptic curve in use. This greatly reduces the possibility of common mistakes.
 
@@ -121,14 +110,7 @@ Before getting to the encryption 2 other objects must be given:
 
 So with an input separated between DATA and KEYS or grouped together in an array like:
 
-```json
-[
-  {"Bob": {"public_key":"u64:BGF59uMP0DkHoTjMT..."} },
-  {"Alice": { "keypair": {
-      "private_key": "u64:F_NaS3Y6Xw6BW...",
-      "public_key": "u64:BLG0OGDwzP_gY41TZgGpUB4lTYCgpx9BJVScxSQAfwqEi..." } } }
-]
-```
+[](../_media/examples/zencode_simple/bob_keyring.json ':include :type=code json')
 
 [](../_media/examples/zencode_simple/AES05.zen ':include :type=code gherkin')
 
@@ -150,12 +132,15 @@ sequenceDiagram
 
 
 **1. Alice encrypts the message using Bob's public key**
+
 [](../_media/examples/zencode_simple/AES05.zen ':include :type=code gherkin')
 
 **2. Bob prepares a keyring with Alice's public key**
+
 [](../_media/examples/zencode_simple/AES06.zen ':include :type=code gherkin')
 
 **3. Bob decrypts the message using Alice's public key**
+
 [](../_media/examples/zencode_simple/AES07.zen ':include :type=code gherkin')
 
 In this basic example the session key for encryption is made combining
@@ -255,12 +240,7 @@ These 3 arguments can be written or imported, but must given before using the `I
 
 The output is returned in `secret message` and it looks like:
 
-```json
-{"secret_message":{"iv":"u64:-tU2gbox9kATCeC2k_zkhYM-PBA3IzvN7HtfyVXdzB4",
-	"header":"u64:dGhpc19pc19mb3JfQm9i",
-	"text":"u64:cw4M3FBO3zaPRAB26d6y8SMPGgAo_0AmJUrhg5dmKwoEB7BWLAAD_A2h",
-	"checksum":"u64:UugLrIuxRX46BETc1-XkrA"}}
-```
+[](../_media/examples/zencode_simple/cipher_message.json ':include :type=code json')
 
 To decode make sure to have that secret password and that a valid `secret message` is given, then use:
 
diff --git a/src/lua/zenroom_common.lua b/src/lua/zenroom_common.lua
index 8a39028..a238e79 100644
--- a/src/lua/zenroom_common.lua
+++ b/src/lua/zenroom_common.lua
@@ -230,10 +230,12 @@ local function split(src,pat)
    src:gsub(pat, function(x) tbl[#tbl+1]=x end)
    return tbl
 end
-function strtok(src)
+function strtok(src, pat)
    if not src then return { } end
+   pat = pat or "%S+"
    ZEN.assert(luatype(src) == "string", "strtok error: argument is not a string")
-   return split(src, "%S+") end
+   return split(src, pat)
+end
 
 -- assert all values in table are converted to zenroom types
 -- used in zencode when transitioning out of given memory
diff --git a/test/zencode_data.lua b/test/zencode_data.lua
index 4779347..a1ca3b2 100644
--- a/test/zencode_data.lua
+++ b/test/zencode_data.lua
@@ -14,8 +14,8 @@ rule check version 1.0.0
 rule input encoding string
 Given I have a 'inside' inside 'first'
 and I have a 'third'
-When I write 'first.inside' in 'test'
-and I write 'three' in 'tertiur'
+When I write string 'first.inside' in 'test'
+and I write string 'three' in 'tertiur'
 and I verify 'third' is equal to 'tertiur'
 Then print the 'test' as 'string'
 ]])
diff --git a/test/zencode_dp3t/run.sh b/test/zencode_dp3t/run.sh
index 1c31cef..31203dc 100755
--- a/test/zencode_dp3t/run.sh
+++ b/test/zencode_dp3t/run.sh
@@ -2,38 +2,16 @@
 
 # https://github.com/DP-3T/documents
 
-# use executable in current directory
-Z=../../src/zenroom
-D=.
+####################
+# common script init
+if ! test -r ../utils.sh; then
+	echo "run executable from its own directory: $0"; exit 1; fi
+. ../utils.sh
+Z="`detect_zenroom_path` `detect_zenroom_conf`"
+####################
 
-if test -r ./zenroom-linux-amd64; then
-	Z=./zenroom-linux-amd64
-	D=./out-dp3t
-elif test -r ./zenroom-osx.command; then
-	Z=./zenroom-osx.command;
-	D=./out-dp3t
-elif test -r ./src/zenroom; then
-	Z=./src/zenroom
-	D=./out-dp3t
-elif test -r ../../src/zenroom; then
-	Z=../../src/zenroom
-	D=./out-dp3t
-fi
 
-if ! test -r $Z; then
-	echo "Zenroom executable not found"
-	echo "download yours from https://files.dyne.org/zenroom/nightly/"
-	exit 1
-fi
-
-alias zenroom=$Z
-chmod +x $Z
-
-echo "Zenroom executable: $Z"
-mkdir -p $D
-echo "destination dir: $D"
-
-cat <<EOF | $Z -z | tee $D/SK1.json
+cat <<EOF | tee dp3t_keygen.zen | $Z -z | tee SK1.json
 rule check version 1.0.0
 rule input encoding hex
 rule output encoding hex
@@ -44,7 +22,7 @@ Then print the 'secret day key'
 EOF
 
 
-cat <<EOF | $Z -z -a $D/SK1.json | tee $D/SK2.json
+cat <<EOF | tee dp3t_keyderiv.zen | $Z -z -a SK1.json | tee SK2.json
 scenario 'dp3t': Decentralized Privacy-Preserving Proximity Tracing
 rule check version 1.0.0
 rule input encoding hex
@@ -54,11 +32,7 @@ When I renew the secret day key to a new day
 Then print the 'secret day key'
 EOF
 
-cat <<EOF | tee $D/moments.json
-{ "moments": "8" }
-EOF
-
-cat <<EOF | $Z -z -k $D/SK2.json | tee $D/EphID_2.json
+cat <<EOF | tee dp3t_ephidgen.zen | $Z -z -k SK2.json | tee EphID_2.json
 scenario 'dp3t': Decentralized Privacy-Preserving Proximity Tracing
 rule check version 1.0.0
 rule input encoding hex
@@ -73,7 +47,7 @@ EOF
 
 
 # now generate a test with 40.000 infected SK
-cat <<EOF | $Z -c memmanager=sys -z > $D/SK_infected_40k.json
+cat <<EOF | $Z -z > SK_infected_40k.json
 rule check version 1.0.0
 rule input encoding hex
 rule output encoding hex
@@ -84,7 +58,7 @@ Then print the 'list of infected'
 EOF
 
 # extract a few random infected ephemeral ids to simulate proximity
-cat <<EOF | $Z -c memmanager=sys,debug=1 -z -a $D/SK_infected_40k.json | tee $D/EphID_infected.json
+cat <<EOF | $Z -z -a SK_infected_40k.json | tee EphID_infected.json
 scenario 'dp3t'
 rule check version 1.0.0
 rule input encoding hex
@@ -100,7 +74,7 @@ Then print the 'ephemeral ids'
 EOF
 
 # given a list of infected and a list of ephemeral ids 
-cat <<EOF | time $Z -c memmanager=sys,debug=1 -z -a $D/SK_infected_40k.json -k $D/EphID_infected.json
+cat <<EOF | tee dp3t_check.zen | $Z -z -a SK_infected_40k.json -k EphID_infected.json
 scenario 'dp3t'
 rule check version 1.0.0
 rule input encoding hex
diff --git a/test/zencode_numericals.lua b/test/zencode_numericals.lua
index 410ec20..ac3a5f7 100644
--- a/test/zencode_numericals.lua
+++ b/test/zencode_numericals.lua
@@ -7,8 +7,8 @@ ZEN:begin()
 ZEN:parse([[
 rule check version 1.0.0
 Given nothing
-When I set 'left' to '10'
-and I set 'right' to '20'
+When I write number '10' in 'left'
+and I write number '20' in 'right'
 and number 'left' is less or equal than 'right'
 Then print 'OK'
 ]])
@@ -31,8 +31,8 @@ ZEN:begin()
 ZEN:parse([[
 rule check version 1.0.0
 Given nothing
-When I set 'left' to '0a' formatted as 'hex'
-and I set 'right' to '14' formatted as 'hex'
+When I set 'left' to '0a' base '16'
+and I set 'right' to '14' base '16'
 and number 'left' is less than 'right'
 Then print 'OK'
 ]])
diff --git a/test/zencode_simple/run.sh b/test/zencode_simple/run.sh
new file mode 100755
index 0000000..1571655
--- /dev/null
+++ b/test/zencode_simple/run.sh
@@ -0,0 +1,124 @@
+#!/usr/bin/env bash
+
+####################
+# common script init
+if ! test -r ../utils.sh; then
+	echo "run executable from its own directory: $0"; exit 1; fi
+. ../utils.sh
+Z="`detect_zenroom_path` `detect_zenroom_conf`"
+####################
+
+cat <<EOF | tee SYM01.zen | $Z -z > secret.json
+rule check version 1.0.0
+Scenario simple: Generate a random password
+Given nothing
+When I create a random 'password'
+Then print the 'password'
+EOF
+
+cat <<EOF | tee SYM02.zen | $Z -z > cipher_message.json
+Scenario simple: Encrypt a message with the password
+Given nothing
+# only inline input, no KEYS or DATA passed
+When I write string 'my secret word' in 'password'
+and I write string 'a very short but very confidential message' in 'whisper'
+and I write string 'for your eyes only' in 'header'
+# header is implicitly used when encrypt
+and I encrypt the secret message 'whisper' with 'password'
+# anything introduced by 'the' becomes a new variable
+Then print the 'secret message'
+EOF
+
+cat <<EOF | tee SYM03.zen | $Z -a cipher_message.json -z
+Scenario simple: Decrypt the message with the password
+Given I have a valid 'secret message'
+When I write string 'my secret word' in 'password'
+and I decrypt the secret message with 'password'
+Then print as 'string' the 'text' inside 'message'
+and print as 'string' the 'header' inside 'message'
+EOF
+
+cat <<EOF | tee alice_keygen.zen | $Z -z > alice_keypair.json
+Scenario 'simple': Create the keypair
+Given that I am known as 'Alice'
+When I create the keypair
+Then print my data
+EOF
+
+cat <<EOF | tee alice_keypub.zen | $Z -z -k alice_keypair.json > alice_pub.json
+Scenario 'simple': Publish the public key
+Given that I am known as 'Alice'
+and I have my valid 'public key'
+Then print my 'public key'
+EOF
+
+cat <<EOF | tee DSA01.zen | $Z -z -k alice_keypair.json | tee alice_signs_to_bob.json
+Rule check version 1.0.0
+Scenario 'simple': Alice signs a message for Bob
+	Given that I am known as 'Alice'
+	and I have my valid 'keypair'
+	When I write string 'This is my signed message to Bob.' in 'draft'
+	and I create the signature of 'draft'
+	Then print my 'signature'
+	and print my 'draft'
+EOF
+
+cat <<EOF | tee DSA02.zen | $Z -z -k alice_pub.json -a alice_signs_to_bob.json
+rule check version 1.0.0
+Scenario 'simple': Bob verifies the signature from Alice
+	Given that I am known as 'Bob'
+	and I have a valid 'public key' from 'Alice'
+	and I have a valid 'signature' from 'Alice'
+	and I have a 'draft'
+	When I verify the 'draft' is signed by 'Alice'
+	Then print 'signature' 'correct' as 'string'
+	and print as 'string' the 'draft'
+EOF
+
+cat <<EOF | tee bob_keygen.zen | $Z -z > bob_keypair.json
+Scenario 'simple': Create the keypair
+Given that I am known as 'Bob'
+When I create the keypair
+Then print my data
+EOF
+
+cat <<EOF | tee bob_keypub.zen | $Z -z -k bob_keypair.json > bob_pub.json
+Scenario 'simple': Publish the public key
+Given that I am known as 'Bob'
+and I have my valid 'public key'
+Then print my 'public key'
+EOF
+
+cat <<EOF | tee AES05.zen | $Z -z -k alice_keypair.json -a bob_pub.json | tee alice_to_bob.json
+Rule check version 1.0.0
+Scenario 'simple': Alice encrypts a message for Bob
+	Given that I am known as 'Alice'
+	and I have my valid 'keypair'
+	and I have a valid 'public key' from 'Bob'
+	When I write string 'This is my secret message.' in 'message'
+	and I write string 'This is the header' in 'header'
+	and I encrypt the message for 'Bob'
+	Then print the 'secret message'
+EOF
+
+cat <<EOF | tee AES06.zen | $Z -z -k bob_keypair.json -a alice_pub.json | tee bob_keyring.json
+Rule check version 1.0.0
+Scenario 'simple': Bob gathers public keys in his keyring
+	Given that I am 'Bob'
+	and I have my valid 'keypair'
+	and I have a valid 'public key' from 'Alice'
+	Then print my 'keypair'
+	and print the 'public key'
+EOF
+
+cat <<EOF | tee AES07.zen | $Z -z -k bob_keyring.json -a alice_to_bob.json
+Rule check version 1.0.0
+Scenario 'simple': Bob decrypts the message from Alice
+	Given that I am known as 'Bob'
+	and I have my valid 'keypair'
+	and I have a valid 'public key' from 'Alice'
+	and I have a valid 'secret message'
+	When I decrypt the secret message from 'Alice'
+	Then print as 'string' the 'message'
+	and print as 'string' the 'header' inside 'secret message'
+EOF