@@ -1,5 +1,7 @@ | |||
package com.jd.blockchain.gateway.web; | |||
import com.jd.blockchain.crypto.*; | |||
import com.jd.blockchain.transaction.SignatureUtils; | |||
import org.springframework.beans.factory.annotation.Autowired; | |||
import org.springframework.web.bind.annotation.RequestBody; | |||
import org.springframework.web.bind.annotation.RequestMapping; | |||
@@ -8,9 +10,6 @@ import org.springframework.web.bind.annotation.ResponseBody; | |||
import org.springframework.web.bind.annotation.RestController; | |||
import com.jd.blockchain.binaryproto.BinaryProtocol; | |||
import com.jd.blockchain.crypto.Crypto; | |||
import com.jd.blockchain.crypto.HashDigest; | |||
import com.jd.blockchain.crypto.SignatureFunction; | |||
import com.jd.blockchain.gateway.PeerService; | |||
import com.jd.blockchain.ledger.DigitalSignature; | |||
import com.jd.blockchain.ledger.TransactionContent; | |||
@@ -53,11 +52,8 @@ public class TxProcessingController implements TransactionService { | |||
throw new IllegalStateException("Not implemented!"); | |||
} else { | |||
// 验证签名; | |||
byte[] content = BinaryProtocol.encode(txRequest.getTransactionContent(), TransactionContent.class); | |||
for (DigitalSignature sign : partiSigns) { | |||
SignatureFunction signFunc = Crypto | |||
.getSignatureFunction(sign.getPubKey().getAlgorithm()); | |||
if (!signFunc.verify(sign.getDigest(), sign.getPubKey(), content)) { | |||
if (!SignatureUtils.verifySignature(txRequest.getTransactionContent(), sign.getDigest(), sign.getPubKey())) { | |||
throw new BusinessException("The validation of participant signatures fail!"); | |||
} | |||
} | |||
@@ -28,6 +28,7 @@ import com.jd.blockchain.ledger.core.TransactionSet; | |||
import com.jd.blockchain.storage.service.ExPolicyKVStorage; | |||
import com.jd.blockchain.storage.service.VersioningKVStorage; | |||
import com.jd.blockchain.storage.service.utils.BufferedKVStorage; | |||
import com.jd.blockchain.transaction.SignatureUtils; | |||
import com.jd.blockchain.transaction.TxBuilder; | |||
import com.jd.blockchain.transaction.TxRequestBuilder; | |||
import com.jd.blockchain.utils.Bytes; | |||
@@ -205,7 +206,7 @@ public class LedgerTransactionalEditor implements LedgerEditor { | |||
DigitalSignature[] endpointSignatures = request.getEndpointSignatures(); | |||
if (endpointSignatures != null) { | |||
for (DigitalSignature signature : endpointSignatures) { | |||
if (!TxRequestBuilder.verifyHashSignature(txContent.getHash(), signature.getDigest(), | |||
if (!SignatureUtils.verifyHashSignature(txContent.getHash(), signature.getDigest(), | |||
signature.getPubKey())) { | |||
return false; | |||
} | |||
@@ -214,7 +215,7 @@ public class LedgerTransactionalEditor implements LedgerEditor { | |||
DigitalSignature[] nodeSignatures = request.getNodeSignatures(); | |||
if (nodeSignatures != null) { | |||
for (DigitalSignature signature : nodeSignatures) { | |||
if (!TxRequestBuilder.verifyHashSignature(txContent.getHash(), signature.getDigest(), | |||
if (!SignatureUtils.verifyHashSignature(txContent.getHash(), signature.getDigest(), | |||
signature.getPubKey())) { | |||
return false; | |||
} | |||
@@ -68,11 +68,7 @@ public class PreparedTx implements PreparedTransaction { | |||
@Override | |||
public DigitalSignature sign(AsymmetricKeypair keyPair) { | |||
SignatureFunction signatureFunction = Crypto.getSignatureFunction(keyPair.getAlgorithm()); | |||
PrivKey privKey = keyPair.getPrivKey(); | |||
byte[] content = BinaryProtocol.encode(getTransactionContent(), TransactionContent.class); | |||
SignatureDigest signatureDigest = signatureFunction.sign(privKey, content); | |||
DigitalSignature signature = new DigitalSignatureBlob(keyPair.getPubKey(), signatureDigest); | |||
DigitalSignature signature = SignatureUtils.sign(getTransactionContent(), keyPair); | |||
addSignature(signature); | |||
return signature; | |||
} | |||
@@ -0,0 +1,28 @@ | |||
package com.jd.blockchain.transaction; | |||
import com.jd.blockchain.crypto.*; | |||
import com.jd.blockchain.ledger.DigitalSignature; | |||
import com.jd.blockchain.ledger.TransactionContent; | |||
public class SignatureUtils { | |||
public static DigitalSignature sign(TransactionContent txContent, AsymmetricKeypair keyPair) { | |||
SignatureDigest signatureDigest = sign(txContent, keyPair.getPrivKey()); | |||
return new DigitalSignatureBlob(keyPair.getPubKey(), signatureDigest); | |||
} | |||
public static SignatureDigest sign(TransactionContent txContent, PrivKey privKey) { | |||
return Crypto.getSignatureFunction(privKey.getAlgorithm()).sign(privKey, txContent.getHash().toBytes()); | |||
} | |||
public static boolean verifySignature(TransactionContent txContent, SignatureDigest signDigest, PubKey pubKey) { | |||
if (!TxBuilder.verifyTxContentHash(txContent, txContent.getHash())) { | |||
return false; | |||
} | |||
return verifyHashSignature(txContent.getHash(), signDigest, pubKey); | |||
} | |||
public static boolean verifyHashSignature(HashDigest hash, SignatureDigest signDigest, PubKey pubKey) { | |||
return Crypto.getSignatureFunction(pubKey.getAlgorithm()).verify(signDigest, pubKey, hash.toBytes()); | |||
} | |||
} |
@@ -42,14 +42,14 @@ public class TxRequestBuilder implements TransactionRequestBuilder { | |||
@Override | |||
public DigitalSignature signAsEndpoint(AsymmetricKeypair keyPair) { | |||
DigitalSignature signature = sign(txContent, keyPair); | |||
DigitalSignature signature = SignatureUtils.sign(txContent, keyPair); | |||
addEndpointSignature(signature); | |||
return signature; | |||
} | |||
@Override | |||
public DigitalSignature signAsNode(AsymmetricKeypair keyPair) { | |||
DigitalSignature signature = sign(txContent, keyPair); | |||
DigitalSignature signature = SignatureUtils.sign(txContent, keyPair); | |||
addNodeSignature(signature); | |||
return signature; | |||
} | |||
@@ -64,26 +64,26 @@ public class TxRequestBuilder implements TransactionRequestBuilder { | |||
endpointSignatures.add(signature); | |||
} | |||
public static DigitalSignature sign(TransactionContent txContent, AsymmetricKeypair keyPair) { | |||
SignatureDigest signatureDigest = sign(txContent, keyPair.getPrivKey()); | |||
DigitalSignature signature = new DigitalSignatureBlob(keyPair.getPubKey(), signatureDigest); | |||
return signature; | |||
} | |||
public static SignatureDigest sign(TransactionContent txContent, PrivKey privKey) { | |||
return Crypto.getSignatureFunction(privKey.getAlgorithm()).sign(privKey, txContent.getHash().toBytes()); | |||
} | |||
public static boolean verifySignature(TransactionContent txContent, SignatureDigest signDigest, PubKey pubKey) { | |||
if (!TxBuilder.verifyTxContentHash(txContent, txContent.getHash())) { | |||
return false; | |||
} | |||
return verifyHashSignature(txContent.getHash(), signDigest, pubKey); | |||
} | |||
public static boolean verifyHashSignature(HashDigest hash, SignatureDigest signDigest, PubKey pubKey) { | |||
return Crypto.getSignatureFunction(pubKey.getAlgorithm()).verify(signDigest, pubKey, hash.toBytes()); | |||
} | |||
// public static DigitalSignature sign(TransactionContent txContent, AsymmetricKeypair keyPair) { | |||
// SignatureDigest signatureDigest = sign(txContent, keyPair.getPrivKey()); | |||
// DigitalSignature signature = new DigitalSignatureBlob(keyPair.getPubKey(), signatureDigest); | |||
// return signature; | |||
// } | |||
// | |||
// public static SignatureDigest sign(TransactionContent txContent, PrivKey privKey) { | |||
// return Crypto.getSignatureFunction(privKey.getAlgorithm()).sign(privKey, txContent.getHash().toBytes()); | |||
// } | |||
// public static boolean verifySignature(TransactionContent txContent, SignatureDigest signDigest, PubKey pubKey) { | |||
// if (!TxBuilder.verifyTxContentHash(txContent, txContent.getHash())) { | |||
// return false; | |||
// } | |||
// return verifyHashSignature(txContent.getHash(), signDigest, pubKey); | |||
// } | |||
// | |||
// public static boolean verifyHashSignature(HashDigest hash, SignatureDigest signDigest, PubKey pubKey) { | |||
// return Crypto.getSignatureFunction(pubKey.getAlgorithm()).verify(signDigest, pubKey, hash.toBytes()); | |||
// } | |||
@Override | |||
public TransactionRequest buildRequest() { | |||
@@ -47,8 +47,8 @@ public class ConsensusMessageDispatcher implements MessageHandle { | |||
public String beginBatch(String realmName) { | |||
RealmProcessor realmProcessor = realmProcessorMap.get(realmName); | |||
if (realmProcessor == null) { | |||
beginLock.lock(); | |||
try { | |||
beginLock.lock(); | |||
realmProcessor = realmProcessorMap.get(realmName); | |||
if (realmProcessor == null) { | |||
realmProcessor = initRealmProcessor(realmName); | |||
@@ -174,8 +174,8 @@ public class ConsensusMessageDispatcher implements MessageHandle { | |||
} | |||
public String newBatchId() { | |||
realmLock.lock(); | |||
try { | |||
realmLock.lock(); | |||
if (currBatchId == null) { | |||
currBatchId = getRealmName() + "-" + getBatchIdIndex().getAndIncrement(); | |||
} | |||
@@ -227,8 +227,8 @@ public class ConsensusMessageDispatcher implements MessageHandle { | |||
} | |||
public void commit() { | |||
realmLock.lock(); | |||
try { | |||
realmLock.lock(); | |||
if (batchResultHandle == null) { | |||
throw new IllegalArgumentException("BatchResultHandle is null, complete() is not execute !"); | |||
} | |||
@@ -242,8 +242,8 @@ public class ConsensusMessageDispatcher implements MessageHandle { | |||
} | |||
public void rollback(int reasonCode) { | |||
realmLock.lock(); | |||
try { | |||
realmLock.lock(); | |||
batchResultHandle.cancel(TransactionState.valueOf((byte)reasonCode)); | |||
} finally { | |||
realmLock.unlock(); | |||
@@ -10,10 +10,12 @@ import com.jd.blockchain.crypto.HashDigest; | |||
import com.jd.blockchain.crypto.HashFunction; | |||
import com.jd.blockchain.crypto.SignatureDigest; | |||
import com.jd.blockchain.crypto.SignatureFunction; | |||
import com.jd.blockchain.ledger.DigitalSignature; | |||
import com.jd.blockchain.ledger.NodeRequest; | |||
import com.jd.blockchain.ledger.TransactionRequest; | |||
import com.jd.blockchain.ledger.TransactionResponse; | |||
import com.jd.blockchain.transaction.DigitalSignatureBlob; | |||
import com.jd.blockchain.transaction.SignatureUtils; | |||
import com.jd.blockchain.transaction.TransactionService; | |||
import com.jd.blockchain.transaction.TxRequestMessage; | |||
import com.jd.blockchain.utils.concurrent.AsyncFuture; | |||
@@ -62,13 +64,16 @@ public class NodeSigningAppender implements TransactionService { | |||
public TransactionResponse process(TransactionRequest txRequest) { | |||
TxRequestMessage txMessage = new TxRequestMessage(txRequest); | |||
// 生成网关签名; | |||
byte[] endpointRequestBytes = BinaryProtocol.encode(txMessage, TransactionRequest.class); | |||
// // 生成网关签名; | |||
// byte[] endpointRequestBytes = BinaryProtocol.encode(txMessage, TransactionRequest.class); | |||
// | |||
// short signAlgorithm = nodeKeyPair.getAlgorithm(); | |||
// SignatureFunction signFunc = Crypto.getSignatureFunction(signAlgorithm); | |||
// SignatureDigest signDigest = signFunc.sign(nodeKeyPair.getPrivKey(), endpointRequestBytes); | |||
short signAlgorithm = nodeKeyPair.getAlgorithm(); | |||
SignatureFunction signFunc = Crypto.getSignatureFunction(signAlgorithm); | |||
SignatureDigest signDigest = signFunc.sign(nodeKeyPair.getPrivKey(), endpointRequestBytes); | |||
txMessage.addNodeSignatures(new DigitalSignatureBlob(nodeKeyPair.getPubKey(), signDigest)); | |||
DigitalSignature nodeSign = SignatureUtils.sign(txRequest.getTransactionContent(), nodeKeyPair); | |||
txMessage.addNodeSignatures(nodeSign); | |||
// 计算交易哈希; | |||
byte[] nodeRequestBytes = BinaryProtocol.encode(txMessage, TransactionRequest.class); | |||
@@ -10,6 +10,7 @@ import java.io.InputStream; | |||
import java.util.Properties; | |||
import java.util.concurrent.CountDownLatch; | |||
import com.jd.blockchain.transaction.SignatureUtils; | |||
import org.springframework.boot.SpringApplication; | |||
import org.springframework.context.ConfigurableApplicationContext; | |||
import org.springframework.core.io.ClassPathResource; | |||
@@ -125,10 +126,10 @@ public class LedgerInitializeWeb4SingleStepsTest { | |||
TransactionContent initTxContent2 = node2.getInitTxContent(); | |||
TransactionContent initTxContent3 = node3.getInitTxContent(); | |||
assertTrue(TxRequestBuilder.verifySignature(initTxContent0, permission0.getTransactionSignature(), pubKey0)); | |||
assertTrue(TxRequestBuilder.verifySignature(initTxContent1, permission1.getTransactionSignature(), pubKey1)); | |||
assertTrue(TxRequestBuilder.verifySignature(initTxContent2, permission2.getTransactionSignature(), pubKey2)); | |||
assertTrue(TxRequestBuilder.verifySignature(initTxContent3, permission3.getTransactionSignature(), pubKey3)); | |||
assertTrue(SignatureUtils.verifySignature(initTxContent0, permission0.getTransactionSignature(), pubKey0)); | |||
assertTrue(SignatureUtils.verifySignature(initTxContent1, permission1.getTransactionSignature(), pubKey1)); | |||
assertTrue(SignatureUtils.verifySignature(initTxContent2, permission2.getTransactionSignature(), pubKey2)); | |||
assertTrue(SignatureUtils.verifySignature(initTxContent3, permission3.getTransactionSignature(), pubKey3)); | |||
assertNotNull(initTxContent0.getHash()); | |||
if (!initTxContent0.getHash().equals(initTxContent1.getHash())) { | |||
@@ -10,6 +10,7 @@ import java.util.Random; | |||
import java.util.concurrent.CountDownLatch; | |||
import java.util.concurrent.TimeUnit; | |||
import com.jd.blockchain.transaction.*; | |||
import org.springframework.beans.factory.annotation.Autowired; | |||
import org.springframework.web.bind.annotation.PathVariable; | |||
import org.springframework.web.bind.annotation.RequestBody; | |||
@@ -58,10 +59,6 @@ import com.jd.blockchain.tools.initializer.LedgerInitProcess; | |||
import com.jd.blockchain.tools.initializer.LedgerInitProperties; | |||
import com.jd.blockchain.tools.initializer.LedgerInitProperties.ConsensusParticipantConfig; | |||
import com.jd.blockchain.tools.initializer.Prompter; | |||
import com.jd.blockchain.transaction.DigitalSignatureBlob; | |||
import com.jd.blockchain.transaction.LedgerInitSettingData; | |||
import com.jd.blockchain.transaction.TxBuilder; | |||
import com.jd.blockchain.transaction.TxRequestBuilder; | |||
import com.jd.blockchain.utils.Bytes; | |||
import com.jd.blockchain.utils.concurrent.InvocationResult; | |||
import com.jd.blockchain.utils.io.BytesUtils; | |||
@@ -385,7 +382,7 @@ public class LedgerInitializeWebController implements LedgerInitProcess, LedgerI | |||
this.initTxContent = initTxBuilder.prepareContent(initSetting.getCreatedTime()); | |||
// 对初始交易签名,生成当前参与者的账本初始化许可; | |||
SignatureDigest permissionSign = TxRequestBuilder.sign(initTxContent, privKey); | |||
SignatureDigest permissionSign = SignatureUtils.sign(initTxContent, privKey); | |||
LedgerInitPermissionData permission = new LedgerInitPermissionData(currentId, permissionSign); | |||
this.currentId = currentId; | |||
@@ -504,7 +501,7 @@ public class LedgerInitializeWebController implements LedgerInitProcess, LedgerI | |||
continue; | |||
} | |||
if (!TxRequestBuilder.verifySignature(this.initTxContent, permission.getTransactionSignature(), pubKey)) { | |||
if (!SignatureUtils.verifySignature(this.initTxContent, permission.getTransactionSignature(), pubKey)) { | |||
prompter.error("Invalid permission from participant! --[Id=%s][name=%s]", participants[i].getAddress(), | |||
participants[i].getName()); | |||
allPermitted = false; | |||