Unverified Commit dab02fa2 authored by andyYuanFZM's avatar andyYuanFZM Committed by GitHub

Merge pull request #8 from jpeng-go/master

支持证书签名和私钥文件导入
parents 0d8b0474 f5ec7ca5
...@@ -5,6 +5,8 @@ import ( ...@@ -5,6 +5,8 @@ import (
"github.com/33cn/chain33-sdk-go/crypto" "github.com/33cn/chain33-sdk-go/crypto"
"github.com/33cn/chain33-sdk-go/crypto/ed25519" "github.com/33cn/chain33-sdk-go/crypto/ed25519"
"github.com/33cn/chain33-sdk-go/crypto/gm" "github.com/33cn/chain33-sdk-go/crypto/gm"
"github.com/33cn/chain33-sdk-go/types"
log "github.com/inconshreveable/log15"
) )
type Account struct { type Account struct {
...@@ -14,6 +16,8 @@ type Account struct { ...@@ -14,6 +16,8 @@ type Account struct {
SignType string SignType string
} }
var rlog = log.New("module", "chain33 adk")
func NewAccount(signType string) (*Account, error) { func NewAccount(signType string) (*Account, error) {
if signType == "" { if signType == "" {
signType = crypto.SECP256K1 signType = crypto.SECP256K1
...@@ -27,6 +31,7 @@ func NewAccount(signType string) (*Account, error) { ...@@ -27,6 +31,7 @@ func NewAccount(signType string) (*Account, error) {
addr, err := crypto.PubKeyToAddress(account.PublicKey) addr, err := crypto.PubKeyToAddress(account.PublicKey)
if err != nil { if err != nil {
rlog.Error("NewAccount.PubKeyToAddress", "error", err.Error())
return nil, err return nil, err
} }
account.Address = addr account.Address = addr
...@@ -34,12 +39,14 @@ func NewAccount(signType string) (*Account, error) { ...@@ -34,12 +39,14 @@ func NewAccount(signType string) (*Account, error) {
account.PrivateKey, account.PublicKey = gm.GenerateKey() account.PrivateKey, account.PublicKey = gm.GenerateKey()
addr, err := crypto.PubKeyToAddress(account.PublicKey) addr, err := crypto.PubKeyToAddress(account.PublicKey)
if err != nil { if err != nil {
rlog.Error("NewAccount.PubKeyToAddress", "error", err.Error())
return nil, err return nil, err
} }
account.Address = addr account.Address = addr
} else if signType == crypto.ED25519 { } else if signType == crypto.ED25519 {
priv, pub, err := ed25519.GenerateKey() priv, pub, err := ed25519.GenerateKey()
if err != nil { if err != nil {
rlog.Error("NewAccount.GenerateKey", "error", err.Error())
return nil, err return nil, err
} }
copy(account.PrivateKey, priv) copy(account.PrivateKey, priv)
...@@ -47,12 +54,60 @@ func NewAccount(signType string) (*Account, error) { ...@@ -47,12 +54,60 @@ func NewAccount(signType string) (*Account, error) {
addr, err := crypto.PubKeyToAddress(account.PublicKey) addr, err := crypto.PubKeyToAddress(account.PublicKey)
if err != nil { if err != nil {
rlog.Error("NewAccount.PubKeyToAddress", "error", err.Error())
return nil, err
}
account.Address = addr
} else {
rlog.Error("sign type not support")
return nil, errors.New("sign type not support")
}
return &account, nil
}
func NewAccountFromLocal(signType string, filePath string) (*Account, error) {
if signType == "" {
signType = crypto.SECP256K1
}
account := Account{}
account.SignType = signType
if signType == crypto.SECP256K1 {
//TODO
return nil, errors.New("not support")
} else if signType == crypto.SM2 {
content, err := types.ReadFile(filePath)
if err != nil {
rlog.Error("GetKeyByte.read key file failed.", "file", filePath, "error", err.Error())
return nil, err
}
keyBytes,err := types.FromHex(string(content))
if err != nil {
rlog.Error("GetKeyByte.FromHex.", "error", err.Error())
return nil, err
}
if len(keyBytes) != gm.SM2PrivateKeyLength {
rlog.Error("GetKeyByte.private key length error", "len", len(keyBytes), "expect", gm.SM2PrivateKeyLength)
return nil, errors.New("private key length error")
}
account.PrivateKey = keyBytes
account.PublicKey = gm.PubKeyFromPrivate(keyBytes)
addr, err := crypto.PubKeyToAddress(account.PublicKey)
if err != nil {
rlog.Error("NewAccount.PubKeyToAddress", "error", err.Error())
return nil, err return nil, err
} }
account.Address = addr account.Address = addr
} else if signType == crypto.ED25519 {
return nil, errors.New("not support")
} else { } else {
return nil, errors.New("sign type not support") return nil, errors.New("sign type not support")
} }
return &account, nil return &account, nil
} }
\ No newline at end of file
package crypto
import "github.com/33cn/chain33-sdk-go/types"
func EncodeCertToSignature(signBytes, cert, uid []byte) []byte {
var certSignature types.CertSignature
certSignature.Cert = cert
certSignature.Signature = signBytes
certSignature.Uid = uid
return types.Encode(&certSignature)
}
...@@ -48,7 +48,7 @@ func TestSM2(t *testing.T) { ...@@ -48,7 +48,7 @@ func TestSM2(t *testing.T) {
msg := []byte("sign test") msg := []byte("sign test")
sig, _ := gm.SM2Sign(priv, msg,nil) sig, _ := gm.SM2Sign(msg, priv,nil)
fmt.Printf("sig = %x\n", sig) fmt.Printf("sig = %x\n", sig)
result := gm.SM2Verify(pub, msg, nil, sig) result := gm.SM2Verify(pub, msg, nil, sig)
......
...@@ -119,7 +119,7 @@ func GenerateKey() ([]byte, []byte) { ...@@ -119,7 +119,7 @@ func GenerateKey() ([]byte, []byte) {
return SerializePrivateKey(priv), SerializePublicKey(pub) return SerializePrivateKey(priv), SerializePublicKey(pub)
} }
func SM2Sign(privateKey []byte, msg []byte, uid []byte) ([]byte, error) { func SM2Sign(msg []byte, privateKey []byte, uid []byte) ([]byte, error) {
if uid == nil { if uid == nil {
uid = DefaultUID uid = DefaultUID
} }
......
package cert
import (
sdk "github.com/33cn/chain33-sdk-go"
"github.com/33cn/chain33-sdk-go/crypto"
"github.com/33cn/chain33-sdk-go/types"
"math/rand"
"time"
)
func CreateCertNormalTx(paraName string, privateKey []byte, cert []byte, uid []byte, key string, value []byte) (*types.Transaction, error) {
payload := &types.CertAction{
Value: &types.CertAction_Normal{
&types.CertNormal{
Key: key,
Value: value,
},
},
Ty: CertActionNormal,
}
var tx *types.Transaction
if paraName == "" {
tx = &types.Transaction{Execer: []byte(CertX), Payload: types.Encode(payload), Fee: 1e5, Nonce: rand.Int63n(time.Now().UnixNano()), To: crypto.GetExecAddress(CertX)}
} else {
tx = &types.Transaction{Execer: []byte(paraName + CertX), Payload: types.Encode(payload), Fee: 1e5, Nonce: rand.Int63n(time.Now().UnixNano()), To: crypto.GetExecAddress(paraName + CertX)}
}
var err error
tx,err = sdk.Sign(tx, privateKey, crypto.SM2, uid)
if err != nil {
return nil, err
}
tx.Signature.Signature = crypto.EncodeCertToSignature(tx.Signature.Signature, cert, uid)
return tx, nil
}
package cert
import (
sdk "github.com/33cn/chain33-sdk-go"
"github.com/33cn/chain33-sdk-go/client"
"github.com/33cn/chain33-sdk-go/crypto"
"github.com/33cn/chain33-sdk-go/types"
"github.com/stretchr/testify/assert"
"testing"
"time"
)
var (
url = "http://127.0.0.1:8801"
keyFilePath = "./test/keystore/5c3682a5719cf5bc1bd6280938670c3acfcb67cc15744a7b9b348066795a4e62_sk"
certFilePath = "./test/signcerts/user1@org1-cert.pem"
)
func TestCreateCertNormalTx(t *testing.T) {
account,err := sdk.NewAccountFromLocal(crypto.SM2, keyFilePath)
assert.Nil(t, err)
certByte,err := types.ReadFile(certFilePath)
assert.Nil(t, err)
tx, err := CreateCertNormalTx("", account.PrivateKey, certByte, []byte("cert test"), "key1", []byte("value1"))
assert.Nil(t, err)
jsonclient, err := client.NewJSONClient("", url)
assert.Nil(t, err)
signTx := types.ToHexPrefix(types.Encode(tx))
reply, err := jsonclient.SendTransaction(signTx)
assert.Nil(t, err)
txhash := types.ToHexPrefix(sdk.Hash(tx))
assert.Equal(t, txhash, reply)
time.Sleep(2 * time.Second)
detail, err := jsonclient.QueryTransaction(txhash)
assert.Nil(t, err)
assert.Equal(t, types.ExecOk, int(detail.Receipt.Ty))
}
package cert
const (
CertActionNew = 1
CertActionUpdate = 2
CertActionNormal = 3
)
const CertX = "cert"
0x7c7b4ec9751189031546f0b4a26a31c5d4bcc2072058761c79253961e22bbff0
\ No newline at end of file
-----BEGIN CERTIFICATE-----
MIIB3TCCAYOgAwIBAgIRAJsTFVMpZJ1ueJeqOT6kmeEwCgYIKoEcz1UBg3UwSjEO
MAwGA1UEBhMFQ2hpbmExETAPBgNVBAgTCFpoZWppYW5nMREwDwYDVQQHEwhIYW5n
emhvdTESMBAGA1UEAxMJQ2hhaW4zM0NBMB4XDTIxMDIxODA5MjQ0MVoXDTIxMDUy
OTA5MjQ0MVowRzEOMAwGA1UEBhMFQ2hpbmExETAPBgNVBAgTCFpoZWppYW5nMREw
DwYDVQQHEwhIYW5nemhvdTEPMA0GA1UEAxMGb3JnMUNBMFkwEwYHKoZIzj0CAQYI
KoEcz1UBgi0DQgAEcvXlZYHqBVuDXYW9u6UiKyiVlFSqzMLvHcGmG4scJeKKPjDs
Mpe0aZjiTc0a9cqRKjRlmOWAibBGEyDl0gg8qqNNMEswDgYDVR0PAQH/BAQDAgeA
MAwGA1UdEwEB/wQCMAAwKwYDVR0jBCQwIoAgZdhZ1Mqw9S+2jfaICWczSJQQ8WPx
2u9vbtrj6vVA18cwCgYIKoEcz1UBg3UDSAAwRQIhAPyJRlofrYok7J4XDEBLGFN5
cELeTzrUeFlxsfQIGOOUAiAnirPpNu0Y9mf1l451kfy1YdDHypV5lTTqgyJk+P+L
Lw==
-----END CERTIFICATE-----
...@@ -12,7 +12,7 @@ import ( ...@@ -12,7 +12,7 @@ import (
var ( var (
privkey = "cc38546e9e659d15e6b4893f0ab32a06d103931a8230b0bde71459d2b27d6944" privkey = "cc38546e9e659d15e6b4893f0ab32a06d103931a8230b0bde71459d2b27d6944"
url = "http://fd.33.cn:1276" url = "http://127.0.0.1:8801"
) )
func TestCreateContentStorageTx(t *testing.T) { func TestCreateContentStorageTx(t *testing.T) {
...@@ -20,7 +20,7 @@ func TestCreateContentStorageTx(t *testing.T) { ...@@ -20,7 +20,7 @@ func TestCreateContentStorageTx(t *testing.T) {
tx, err := CreateContentStorageTx("", OpCreate, "", []byte("hello"), "") tx, err := CreateContentStorageTx("", OpCreate, "", []byte("hello"), "")
assert.Nil(t, err) assert.Nil(t, err)
hexbytes, _ := types.FromHex(privkey) hexbytes, _ := types.FromHex(privkey)
sdk.Sign(tx, hexbytes, crypto.SECP256K1) sdk.Sign(tx, hexbytes, crypto.SECP256K1, nil)
txhash := types.ToHexPrefix(sdk.Hash(tx)) txhash := types.ToHexPrefix(sdk.Hash(tx))
jsonclient, err := client.NewJSONClient("", url) jsonclient, err := client.NewJSONClient("", url)
assert.Nil(t, err) assert.Nil(t, err)
...@@ -57,7 +57,7 @@ func TestCreateHashStorageTx(t *testing.T) { ...@@ -57,7 +57,7 @@ func TestCreateHashStorageTx(t *testing.T) {
assert.Nil(t, err) assert.Nil(t, err)
//签名 //签名
hexbytes, _ := types.FromHex(privkey) hexbytes, _ := types.FromHex(privkey)
sdk.Sign(tx, hexbytes, crypto.SECP256K1) sdk.Sign(tx, hexbytes, crypto.SECP256K1, nil)
txhash := types.ToHexPrefix(sdk.Hash(tx)) txhash := types.ToHexPrefix(sdk.Hash(tx))
jsonclient, err := client.NewJSONClient("", url) jsonclient, err := client.NewJSONClient("", url)
assert.Nil(t, err) assert.Nil(t, err)
...@@ -80,7 +80,7 @@ func TestCreateLinkStorageTx(t *testing.T) { ...@@ -80,7 +80,7 @@ func TestCreateLinkStorageTx(t *testing.T) {
tx, err := CreateLinkStorageTx("", "", []byte("hello"), "") tx, err := CreateLinkStorageTx("", "", []byte("hello"), "")
assert.Nil(t, err) assert.Nil(t, err)
hexbytes, _ := types.FromHex(privkey) hexbytes, _ := types.FromHex(privkey)
sdk.Sign(tx, hexbytes, crypto.SECP256K1) sdk.Sign(tx, hexbytes, crypto.SECP256K1, nil)
txhash := types.ToHexPrefix(sdk.Hash(tx)) txhash := types.ToHexPrefix(sdk.Hash(tx))
jsonclient, err := client.NewJSONClient("", url) jsonclient, err := client.NewJSONClient("", url)
assert.Nil(t, err) assert.Nil(t, err)
......
...@@ -3,30 +3,23 @@ module github.com/33cn/chain33-sdk-go ...@@ -3,30 +3,23 @@ module github.com/33cn/chain33-sdk-go
go 1.12 go 1.12
require ( require (
github.com/NebulousLabs/Sia v1.3.7 // indirect
github.com/NebulousLabs/entropy-mnemonics v0.0.0-20181203154559-bc7e13c5ccd8 // indirect
github.com/NebulousLabs/errors v0.0.0-20181203160057-9f787ce8f69e // indirect
github.com/NebulousLabs/fastrand v0.0.0-20181203155948-6fb6489aac4e // indirect
github.com/NebulousLabs/merkletree v0.0.0-20181203152040-08d5d54b07f5 // indirect
github.com/XiaoMi/pegasus-go-client v0.0.0-20200509085530-e2f054e1ad99 // indirect
github.com/bitly/go-simplejson v0.5.0 github.com/bitly/go-simplejson v0.5.0
github.com/bmizerany/assert v0.0.0-20160611221934-b7ed37b82869 github.com/bmizerany/assert v0.0.0-20160611221934-b7ed37b82869 // indirect
github.com/btcsuite/btcd v0.0.0-20190824003749-130ea5bddde3 github.com/btcsuite/btcd v0.0.0-20190824003749-130ea5bddde3
github.com/decred/base58 v1.0.2 // indirect github.com/davecgh/go-spew v1.1.1 // indirect
github.com/dgraph-io/badger v1.6.1 // indirect github.com/go-stack/stack v1.8.0 // indirect
github.com/golang/protobuf v1.3.4 github.com/golang/protobuf v1.4.3
github.com/haltingstate/secp256k1-go v0.0.0-20151224084235-572209b26df6 // indirect github.com/inconshreveable/log15 v0.0.0-20201112154412-8562bdadbbac
github.com/hashicorp/golang-lru v0.5.4 // indirect github.com/kr/pretty v0.2.0 // indirect
github.com/huin/goupnp v1.0.0 // indirect
github.com/jackpal/go-nat-pmp v1.0.2 // indirect
github.com/mattn/go-colorable v0.1.6 // indirect github.com/mattn/go-colorable v0.1.6 // indirect
github.com/mr-tron/base58 v1.1.3 github.com/mr-tron/base58 v1.1.3
github.com/pkg/errors v0.9.1 // indirect
github.com/rs/cors v1.7.0 // indirect
github.com/spf13/cobra v1.0.0 // indirect
github.com/stretchr/testify v1.5.1 github.com/stretchr/testify v1.5.1
github.com/syndtr/goleveldb v1.0.0 // indirect
github.com/tjfoc/gmsm v1.3.2 github.com/tjfoc/gmsm v1.3.2
golang.org/x/crypto v0.0.0-20191219195013-becbf705a915 golang.org/x/crypto v0.0.0-20191219195013-becbf705a915
google.golang.org/grpc v1.29.1 // indirect golang.org/x/net v0.0.0-20191105084925-a882066a44e0 // indirect
golang.org/x/text v0.3.2 // indirect
google.golang.org/grpc v1.29.1
google.golang.org/protobuf v1.25.0
gopkg.in/check.v1 v1.0.0-20190902080502-41f04d3bba15 // indirect
gopkg.in/yaml.v2 v2.2.4 // indirect
) )
This diff is collapsed.
syntax = "proto3";
package types;
// cert合约action
message CertAction {
oneof value {
CertNew new = 1;
CertUpdate update = 2;
CertNormal normal = 3;
}
int32 ty = 4;
}
// 证书启用
message CertNew {
string key = 1;
bytes value = 2;
}
// 证书更新
message CertUpdate {
string key = 1;
bytes value = 2;
}
// 用户证书校验
message CertNormal {
string key = 1;
bytes value = 2;
}
message CertSignature {
bytes signature = 1;
bytes cert = 2;
bytes uid = 3;
}
...@@ -8,7 +8,7 @@ import ( ...@@ -8,7 +8,7 @@ import (
. "github.com/33cn/chain33-sdk-go/types" . "github.com/33cn/chain33-sdk-go/types"
) )
func Sign(tx *Transaction, privateKey []byte, signType string) (*Transaction, error) { func Sign(tx *Transaction, privateKey []byte, signType string, uid []byte) (*Transaction, error) {
if signType == "" { if signType == "" {
signType = crypto.SECP256K1 signType = crypto.SECP256K1
} }
...@@ -28,12 +28,12 @@ func Sign(tx *Transaction, privateKey []byte, signType string) (*Transaction, er ...@@ -28,12 +28,12 @@ func Sign(tx *Transaction, privateKey []byte, signType string) (*Transaction, er
pub := gm.PubKeyFromPrivate(privateKey) pub := gm.PubKeyFromPrivate(privateKey)
data := Encode(tx) data := Encode(tx)
signature, err := gm.SM2Sign(data, privateKey, nil) signature, err := gm.SM2Sign(data, privateKey, uid)
if err != nil { if err != nil {
return nil, err return nil, err
} }
tx.Signature = &Signature{ tx.Signature = &Signature{
Ty: 3, Ty: 258,
Pubkey: pub, Pubkey: pub,
Signature: signature, Signature: signature,
} }
......
This diff is collapsed.
...@@ -4,6 +4,7 @@ import ( ...@@ -4,6 +4,7 @@ import (
"encoding/hex" "encoding/hex"
secp256k1 "github.com/btcsuite/btcd/btcec" secp256k1 "github.com/btcsuite/btcd/btcec"
"github.com/golang/protobuf/proto" "github.com/golang/protobuf/proto"
"io/ioutil"
) )
//exec type //exec type
...@@ -66,4 +67,13 @@ func ECDH(priv *secp256k1.PrivateKey, pub *secp256k1.PublicKey) []byte { ...@@ -66,4 +67,13 @@ func ECDH(priv *secp256k1.PrivateKey, pub *secp256k1.PublicKey) []byte {
ecKey := &secp256k1.PublicKey{} ecKey := &secp256k1.PublicKey{}
ecKey.X, ecKey.Y = secp256k1.S256().ScalarMult(pub.X, pub.Y, priv.D.Bytes()) ecKey.X, ecKey.Y = secp256k1.S256().ScalarMult(pub.X, pub.Y, priv.D.Bytes())
return ecKey.SerializeCompressed() return ecKey.SerializeCompressed()
} }
\ No newline at end of file
func ReadFile(file string) ([]byte, error) {
fileCont, err := ioutil.ReadFile(file)
if err != nil {
return nil, err
}
return fileCont, nil
}
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment