Commit b6bd7d38 authored by suyanlong's avatar suyanlong

Add signs digest and verify

parent 278d7ee5
Pipeline #8013 failed with stages
......@@ -53,7 +53,7 @@ func NewSidecar(repoRoot string, config *repo.Config) (internal.Launcher, error)
// cryptor txcrypto.Cryptor
// apiServer *apiServer.Server
)
r := router.NewRouter(loggers.Logger(loggers.Router))
r := router.NewRouter(privateKey, loggers.Logger(loggers.Router))
pm, err := peermgr.New(config, r, nodePrivKey, privateKey, 1, loggers.Logger(loggers.PeerMgr))
tool.Asset(err)
clients := plugins.CreateClients(config.Appchains, nil)
......
......@@ -5,6 +5,7 @@ import (
"errors"
"strings"
"github.com/meshplus/bitxhub-kit/crypto"
"github.com/sirupsen/logrus"
"github.com/link33/sidecar/internal/checker"
......@@ -14,24 +15,26 @@ import (
)
type router struct {
logger logrus.FieldLogger
ctx context.Context
cancel context.CancelFunc
checker checker.Checker
portMap *port.PortMap
methodMap map[string]routeMethod
logger logrus.FieldLogger
ctx context.Context
cancel context.CancelFunc
checker checker.Checker
portMap *port.PortMap
methodMap map[string]routeMethod
privateKey crypto.PrivateKey
}
type routeMethod func([]string) []port.Port
func NewRouter(logger logrus.FieldLogger) Router {
func NewRouter(privateKey crypto.PrivateKey, logger logrus.FieldLogger) Router {
ctx, cancel := context.WithCancel(context.Background())
return &router{
logger: logger,
ctx: ctx,
cancel: cancel,
portMap: port.NewPortMap(),
methodMap: map[string]routeMethod{},
logger: logger,
ctx: ctx,
cancel: cancel,
portMap: port.NewPortMap(),
methodMap: map[string]routeMethod{},
privateKey: privateKey,
}
}
......@@ -110,7 +113,10 @@ func (r *router) Route(msg *pb.Message) error {
}
// 本网关签名
if !r.isSign(ibtpx) {
r.sign(ibtpx)
err := r.sign(ibtpx)
if err != nil {
return err
}
}
data, err := ibtpx.Marshal()
......@@ -227,11 +233,17 @@ func (r *router) getHub() (port.Port, bool) {
}
func (r *router) isSign(ibtpx *pb.IBTPX) bool {
panic("implement me")
return ibtpx.RecursiveVerify(r.privateKey.PublicKey().Verify)
}
func (r *router) sign(ibtpx *pb.IBTPX) {
panic("implement me")
func (r *router) sign(ibtpx *pb.IBTPX) error {
hash := ibtpx.Hash()
sign, err := r.privateKey.Sign(hash.Bytes())
if err != nil {
return err
}
ibtpx.RouteSign = append(ibtpx.RouteSign, string(sign))
return nil
}
// hub endorse
......
package pb
import (
"crypto/sha256"
"fmt"
"github.com/meshplus/bitxhub-kit/types"
)
func WrapperKey(height uint64) []byte {
......@@ -11,3 +14,46 @@ func WrapperKey(height uint64) []byte {
func IBTPKey(id string) []byte {
return []byte(fmt.Sprintf("ibtp-%s", id))
}
func (m *IBTPX) Hash() *types.Hash {
data := m.frontPart()
return m.digest(data, m.RouteSign)
}
func (m *IBTPX) frontPart() []byte {
var data []byte
hash := m.Ibtp.Hash()
data = append(data, hash.Bytes()...)
data = append(data, []byte(m.Mode)...)
data = append(data, []byte(m.RouteMethod)...)
for _, s := range m.RouteMethodArg {
data = append(data, []byte(s)...)
}
return data
}
func (m *IBTPX) digest(part []byte, signs []string) *types.Hash {
for _, s := range signs {
part = append(part, []byte(s)...)
}
s := sha256.Sum256(part)
return types.NewHash(s[:])
}
func (m *IBTPX) RecursiveVerify(verify func(digest []byte, sig []byte) (bool, error)) bool {
part := m.frontPart()
for i, currentSig := range m.RouteSign {
var d, dig []byte
copy(d, part)
if i == 0 {
copy(dig, part)
} else {
signs := m.RouteSign[:i-1]
dig = m.digest(d, signs).Bytes()
}
if val, _ := verify(dig, []byte(currentSig)); val {
return val
}
}
return false
}
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment