Merge pull request #8 from jpeng-go/master

支持证书签名和私钥文件导入

Merge pull request #8 from jpeng-go/master
dab02fa2 · andyYuanFZM · GitHub · 0d8b0474 · f5ec7ca5 · dab02fa2
Unverified Commit dab02fa2 authored Feb 24, 2021 by andyYuanFZM Committed by GitHub Feb 24, 2021
16 changed files
--- a/account.go
+++ b/account.go
@@ -5,6 +5,8 @@ import (
 	"github.com/33cn/chain33-sdk-go/crypto"
 	"github.com/33cn/chain33-sdk-go/crypto/ed25519"
 	"github.com/33cn/chain33-sdk-go/crypto/gm"
+	"github.com/33cn/chain33-sdk-go/types"
+	log "github.com/inconshreveable/log15"
 )

 type Account struct {
@@ -14,6 +16,8 @@ type Account struct {
 	SignType    string
 }

+var rlog = log.New("module", "chain33 adk")
+
 func NewAccount(signType string) (*Account, error) {
    if signType == "" {
    	signType = crypto.SECP256K1
@@ -27,6 +31,7 @@ func NewAccount(signType string) (*Account, error) {

 		addr, err := crypto.PubKeyToAddress(account.PublicKey)
 		if err != nil {
+			rlog.Error("NewAccount.PubKeyToAddress", "error", err.Error())
 			return nil, err
 		}
 		account.Address = addr
@@ -34,12 +39,14 @@ func NewAccount(signType string) (*Account, error) {
 		account.PrivateKey, account.PublicKey = gm.GenerateKey()
 		addr, err := crypto.PubKeyToAddress(account.PublicKey)
 		if err != nil {
+			rlog.Error("NewAccount.PubKeyToAddress", "error", err.Error())
 			return nil, err
 		}
 		account.Address = addr
 	} else if signType == crypto.ED25519 {
 		priv, pub, err := ed25519.GenerateKey()
 		if err != nil {
+			rlog.Error("NewAccount.GenerateKey", "error", err.Error())
 			return nil, err
 		}
 		copy(account.PrivateKey, priv)
@@ -47,10 +54,58 @@ func NewAccount(signType string) (*Account, error) {

 		addr, err := crypto.PubKeyToAddress(account.PublicKey)
 		if err != nil {
+			rlog.Error("NewAccount.PubKeyToAddress", "error", err.Error())
 			return nil, err
 		}
 		account.Address = addr
 	} else {
+		rlog.Error("sign type not support")
+		return nil, errors.New("sign type not support")
+	}
+
+	return &account, nil
+}
+
+func NewAccountFromLocal(signType string, filePath string) (*Account, error) {
+	if signType == "" {
+		signType = crypto.SECP256K1
+	}
+
+	account := Account{}
+	account.SignType = signType
+
+	if signType == crypto.SECP256K1 {
+		//TODO
+		return nil, errors.New("not support")
+	} else if signType == crypto.SM2 {
+		content, err := types.ReadFile(filePath)
+		if err != nil {
+			rlog.Error("GetKeyByte.read key file failed.", "file", filePath, "error", err.Error())
+			return nil, err
+		}
+
+		keyBytes,err := types.FromHex(string(content))
+		if err != nil {
+			rlog.Error("GetKeyByte.FromHex.", "error", err.Error())
+			return nil, err
+		}
+
+		if len(keyBytes) != gm.SM2PrivateKeyLength {
+			rlog.Error("GetKeyByte.private key length error", "len", len(keyBytes), "expect", gm.SM2PrivateKeyLength)
+			return nil, errors.New("private key length error")
+		}
+		account.PrivateKey = keyBytes
+
+		account.PublicKey = gm.PubKeyFromPrivate(keyBytes)
+		addr, err := crypto.PubKeyToAddress(account.PublicKey)
+		if err != nil {
+			rlog.Error("NewAccount.PubKeyToAddress", "error", err.Error())
+			return nil, err
+		}
+		account.Address = addr
+	} else if signType == crypto.ED25519 {
+		return nil, errors.New("not support")
+	} else {
 		return nil, errors.New("sign type not support")
 	}


--- a/crypto/cert.go
+++ b/crypto/cert.go
+package crypto
+
+import "github.com/33cn/chain33-sdk-go/types"
+
+func EncodeCertToSignature(signBytes, cert, uid []byte) []byte {
+	var certSignature types.CertSignature
+	certSignature.Cert = cert
+	certSignature.Signature = signBytes
+	certSignature.Uid = uid
+
+	return types.Encode(&certSignature)
+}
--- a/crypto/crypto_test.go
+++ b/crypto/crypto_test.go
@@ -48,7 +48,7 @@ func TestSM2(t *testing.T) {

 	msg := []byte("sign test")

-	sig, _ := gm.SM2Sign(priv, msg,nil)
+	sig, _ := gm.SM2Sign(msg, priv,nil)
 	fmt.Printf("sig = %x\n", sig)

 	result := gm.SM2Verify(pub, msg, nil, sig)

--- a/crypto/gm/sm2.go
+++ b/crypto/gm/sm2.go
@@ -119,7 +119,7 @@ func GenerateKey() ([]byte, []byte) {
 	return SerializePrivateKey(priv), SerializePublicKey(pub)
 }

-func SM2Sign(privateKey []byte, msg []byte, uid []byte) ([]byte, error) {
+func SM2Sign(msg []byte, privateKey []byte, uid []byte) ([]byte, error) {
 	if uid == nil {
 		uid = DefaultUID
 	}

--- a/dapp/cert/cert.go
+++ b/dapp/cert/cert.go
+package cert
+
+import (
+	sdk "github.com/33cn/chain33-sdk-go"
+	"github.com/33cn/chain33-sdk-go/crypto"
+	"github.com/33cn/chain33-sdk-go/types"
+	"math/rand"
+	"time"
+)
+
+func CreateCertNormalTx(paraName string, privateKey []byte, cert []byte, uid []byte, key string, value []byte) (*types.Transaction, error) {
+	payload := &types.CertAction{
+		Value: &types.CertAction_Normal{
+			&types.CertNormal{
+				Key:   key,
+				Value: value,
+			},
+		},
+		Ty:    CertActionNormal,
+	}
+
+	var tx *types.Transaction
+	if paraName == "" {
+		tx = &types.Transaction{Execer: []byte(CertX), Payload: types.Encode(payload), Fee: 1e5, Nonce: rand.Int63n(time.Now().UnixNano()), To: crypto.GetExecAddress(CertX)}
+	} else {
+		tx = &types.Transaction{Execer: []byte(paraName + CertX), Payload: types.Encode(payload), Fee: 1e5, Nonce: rand.Int63n(time.Now().UnixNano()), To: crypto.GetExecAddress(paraName + CertX)}
+	}
+
+	var err error
+	tx,err = sdk.Sign(tx, privateKey, crypto.SM2, uid)
+	if err != nil {
+		return nil, err
+	}
+
+	tx.Signature.Signature = crypto.EncodeCertToSignature(tx.Signature.Signature, cert, uid)
+
+	return tx, nil
+}
--- a/dapp/cert/cert_test.go
+++ b/dapp/cert/cert_test.go
+package cert
+
+import (
+	sdk "github.com/33cn/chain33-sdk-go"
+	"github.com/33cn/chain33-sdk-go/client"
+	"github.com/33cn/chain33-sdk-go/crypto"
+	"github.com/33cn/chain33-sdk-go/types"
+	"github.com/stretchr/testify/assert"
+	"testing"
+	"time"
+)
+
+var (
+	url = "http://127.0.0.1:8801"
+	keyFilePath = "./test/keystore/5c3682a5719cf5bc1bd6280938670c3acfcb67cc15744a7b9b348066795a4e62_sk"
+	certFilePath = "./test/signcerts/user1@org1-cert.pem"
+)
+
+func TestCreateCertNormalTx(t *testing.T) {
+	account,err := sdk.NewAccountFromLocal(crypto.SM2, keyFilePath)
+	assert.Nil(t, err)
+
+	certByte,err := types.ReadFile(certFilePath)
+	assert.Nil(t, err)
+
+	tx, err := CreateCertNormalTx("", account.PrivateKey, certByte, []byte("cert test"), "key1", []byte("value1"))
+	assert.Nil(t, err)
+
+	jsonclient, err := client.NewJSONClient("", url)
+	assert.Nil(t, err)
+
+	signTx := types.ToHexPrefix(types.Encode(tx))
+	reply, err := jsonclient.SendTransaction(signTx)
+	assert.Nil(t, err)
+
+	txhash := types.ToHexPrefix(sdk.Hash(tx))
+	assert.Equal(t, txhash, reply)
+
+	time.Sleep(2 * time.Second)
+	detail, err := jsonclient.QueryTransaction(txhash)
+	assert.Nil(t, err)
+	assert.Equal(t, types.ExecOk, int(detail.Receipt.Ty))
+
+}
--- a/dapp/cert/const.go
+++ b/dapp/cert/const.go
+package cert
+
+const (
+	CertActionNew    = 1
+	CertActionUpdate = 2
+	CertActionNormal = 3
+)
+
+const CertX = "cert"
--- a/dapp/cert/test/keystore/5c3682a5719cf5bc1bd6280938670c3acfcb67cc15744a7b9b348066795a4e62_sk
+++ b/dapp/cert/test/keystore/5c3682a5719cf5bc1bd6280938670c3acfcb67cc15744a7b9b348066795a4e62_sk
+0x7c7b4ec9751189031546f0b4a26a31c5d4bcc2072058761c79253961e22bbff0
\ No newline at end of file
--- a/dapp/cert/test/signcerts/user1@org1-cert.pem
+++ b/dapp/cert/test/signcerts/user1@org1-cert.pem
+-----BEGIN CERTIFICATE-----
+MIIB3TCCAYOgAwIBAgIRAJsTFVMpZJ1ueJeqOT6kmeEwCgYIKoEcz1UBg3UwSjEO
+MAwGA1UEBhMFQ2hpbmExETAPBgNVBAgTCFpoZWppYW5nMREwDwYDVQQHEwhIYW5n
+emhvdTESMBAGA1UEAxMJQ2hhaW4zM0NBMB4XDTIxMDIxODA5MjQ0MVoXDTIxMDUy
+OTA5MjQ0MVowRzEOMAwGA1UEBhMFQ2hpbmExETAPBgNVBAgTCFpoZWppYW5nMREw
+DwYDVQQHEwhIYW5nemhvdTEPMA0GA1UEAxMGb3JnMUNBMFkwEwYHKoZIzj0CAQYI
+KoEcz1UBgi0DQgAEcvXlZYHqBVuDXYW9u6UiKyiVlFSqzMLvHcGmG4scJeKKPjDs
+Mpe0aZjiTc0a9cqRKjRlmOWAibBGEyDl0gg8qqNNMEswDgYDVR0PAQH/BAQDAgeA
+MAwGA1UdEwEB/wQCMAAwKwYDVR0jBCQwIoAgZdhZ1Mqw9S+2jfaICWczSJQQ8WPx
+2u9vbtrj6vVA18cwCgYIKoEcz1UBg3UDSAAwRQIhAPyJRlofrYok7J4XDEBLGFN5
+cELeTzrUeFlxsfQIGOOUAiAnirPpNu0Y9mf1l451kfy1YdDHypV5lTTqgyJk+P+L
+Lw==
+-----END CERTIFICATE-----
--- a/dapp/storage/storage_test.go
+++ b/dapp/storage/storage_test.go
@@ -12,7 +12,7 @@ import (

 var (
 	privkey = "cc38546e9e659d15e6b4893f0ab32a06d103931a8230b0bde71459d2b27d6944"
-	url     = "http://fd.33.cn:1276"
+	url     = "http://127.0.0.1:8801"
 )

 func TestCreateContentStorageTx(t *testing.T) {
@@ -20,7 +20,7 @@ func TestCreateContentStorageTx(t *testing.T) {
 	tx, err := CreateContentStorageTx("", OpCreate, "", []byte("hello"), "")
 	assert.Nil(t, err)
 	hexbytes, _ := types.FromHex(privkey)
-	sdk.Sign(tx, hexbytes, crypto.SECP256K1)
+	sdk.Sign(tx, hexbytes, crypto.SECP256K1, nil)
 	txhash := types.ToHexPrefix(sdk.Hash(tx))
 	jsonclient, err := client.NewJSONClient("", url)
 	assert.Nil(t, err)
@@ -57,7 +57,7 @@ func TestCreateHashStorageTx(t *testing.T) {
 	assert.Nil(t, err)
 	//签名
 	hexbytes, _ := types.FromHex(privkey)
-	sdk.Sign(tx, hexbytes, crypto.SECP256K1)
+	sdk.Sign(tx, hexbytes, crypto.SECP256K1, nil)
 	txhash := types.ToHexPrefix(sdk.Hash(tx))
 	jsonclient, err := client.NewJSONClient("", url)
 	assert.Nil(t, err)
@@ -80,7 +80,7 @@ func TestCreateLinkStorageTx(t *testing.T) {
 	tx, err := CreateLinkStorageTx("", "", []byte("hello"), "")
 	assert.Nil(t, err)
 	hexbytes, _ := types.FromHex(privkey)
-	sdk.Sign(tx, hexbytes, crypto.SECP256K1)
+	sdk.Sign(tx, hexbytes, crypto.SECP256K1, nil)
 	txhash := types.ToHexPrefix(sdk.Hash(tx))
 	jsonclient, err := client.NewJSONClient("", url)
 	assert.Nil(t, err)

--- a/go.mod
+++ b/go.mod
@@ -3,30 +3,23 @@ module github.com/33cn/chain33-sdk-go
 go 1.12

 require (
-	github.com/NebulousLabs/Sia v1.3.7 // indirect
-	github.com/NebulousLabs/entropy-mnemonics v0.0.0-20181203154559-bc7e13c5ccd8 // indirect
-	github.com/NebulousLabs/errors v0.0.0-20181203160057-9f787ce8f69e // indirect
-	github.com/NebulousLabs/fastrand v0.0.0-20181203155948-6fb6489aac4e // indirect
-	github.com/NebulousLabs/merkletree v0.0.0-20181203152040-08d5d54b07f5 // indirect
-	github.com/XiaoMi/pegasus-go-client v0.0.0-20200509085530-e2f054e1ad99 // indirect
 	github.com/bitly/go-simplejson v0.5.0
-	github.com/bmizerany/assert v0.0.0-20160611221934-b7ed37b82869
+	github.com/bmizerany/assert v0.0.0-20160611221934-b7ed37b82869 // indirect
 	github.com/btcsuite/btcd v0.0.0-20190824003749-130ea5bddde3
-	github.com/decred/base58 v1.0.2 // indirect
-	github.com/dgraph-io/badger v1.6.1 // indirect
-	github.com/golang/protobuf v1.3.4
-	github.com/haltingstate/secp256k1-go v0.0.0-20151224084235-572209b26df6 // indirect
-	github.com/hashicorp/golang-lru v0.5.4 // indirect
-	github.com/huin/goupnp v1.0.0 // indirect
-	github.com/jackpal/go-nat-pmp v1.0.2 // indirect
+	github.com/davecgh/go-spew v1.1.1 // indirect
+	github.com/go-stack/stack v1.8.0 // indirect
+	github.com/golang/protobuf v1.4.3
+	github.com/inconshreveable/log15 v0.0.0-20201112154412-8562bdadbbac
+	github.com/kr/pretty v0.2.0 // indirect
 	github.com/mattn/go-colorable v0.1.6 // indirect
 	github.com/mr-tron/base58 v1.1.3
-	github.com/pkg/errors v0.9.1 // indirect
-	github.com/rs/cors v1.7.0 // indirect
-	github.com/spf13/cobra v1.0.0 // indirect
 	github.com/stretchr/testify v1.5.1
-	github.com/syndtr/goleveldb v1.0.0 // indirect
 	github.com/tjfoc/gmsm v1.3.2
 	golang.org/x/crypto v0.0.0-20191219195013-becbf705a915
-	google.golang.org/grpc v1.29.1 // indirect
+	golang.org/x/net v0.0.0-20191105084925-a882066a44e0 // indirect
+	golang.org/x/text v0.3.2 // indirect
+	google.golang.org/grpc v1.29.1
+	google.golang.org/protobuf v1.25.0
+	gopkg.in/check.v1 v1.0.0-20190902080502-41f04d3bba15 // indirect
+	gopkg.in/yaml.v2 v2.2.4 // indirect
 )
--- a/go.sum
+++ b/go.sum
--- a/proto/cert.proto
+++ b/proto/cert.proto
+syntax = "proto3";
+
+package types;
+
+// cert合约action
+message CertAction {
+    oneof value {
+        CertNew new       = 1;
+        CertUpdate update = 2;
+        CertNormal normal = 3;
+    }
+    int32 ty = 4;
+}
+
+// 证书启用
+message CertNew {
+    string key   = 1;
+    bytes  value = 2;
+}
+
+// 证书更新
+message CertUpdate {
+    string key   = 1;
+    bytes  value = 2;
+}
+
+// 用户证书校验
+message CertNormal {
+    string key   = 1;
+    bytes  value = 2;
+}
+
+message CertSignature {
+    bytes signature = 1;
+    bytes cert      = 2;
+    bytes uid       = 3;
+}
--- a/transaction.go
+++ b/transaction.go
@@ -8,7 +8,7 @@ import (
 	. "github.com/33cn/chain33-sdk-go/types"
 )

-func Sign(tx *Transaction, privateKey []byte, signType string) (*Transaction, error) {
+func Sign(tx *Transaction, privateKey []byte, signType string, uid []byte) (*Transaction, error) {
 	if signType == "" {
 		signType = crypto.SECP256K1
 	}
@@ -28,12 +28,12 @@ func Sign(tx *Transaction, privateKey []byte, signType string) (*Transaction, er
 		pub := gm.PubKeyFromPrivate(privateKey)

 		data := Encode(tx)
-		signature, err := gm.SM2Sign(data, privateKey, nil)
+		signature, err := gm.SM2Sign(data, privateKey, uid)
 		if err != nil {
 			return nil, err
 		}
 		tx.Signature = &Signature{
-			Ty:        3,
+			Ty:        258,
 			Pubkey:    pub,
 			Signature: signature,
 		}

--- a/types/cert.pb.go
+++ b/types/cert.pb.go
--- a/types/utils.go
+++ b/types/utils.go
@@ -4,6 +4,7 @@ import (
 	"encoding/hex"
 	secp256k1 "github.com/btcsuite/btcd/btcec"
 	"github.com/golang/protobuf/proto"
+	"io/ioutil"
 )

 //exec type
@@ -67,3 +68,12 @@ func ECDH(priv *secp256k1.PrivateKey, pub *secp256k1.PublicKey) []byte {
 	ecKey.X, ecKey.Y = secp256k1.S256().ScalarMult(pub.X, pub.Y, priv.D.Bytes())
 	return ecKey.SerializeCompressed()
 }
+
+func ReadFile(file string) ([]byte, error) {
+	fileCont, err := ioutil.ReadFile(file)
+	if err != nil {
+		return nil, err
+	}
+
+	return fileCont, nil
+}