Add signs digest and verify

b6bd7d38 · suyanlong · 278d7ee5 · b6bd7d38 · b6bd7d38 · b6bd7d38
Commit b6bd7d38 authored Sep 17, 2021 by suyanlong
Show whitespace changes
Inline Side-by-side

Showing with 64 additions and 6 deletions

sidecar.go internal/app/sidecar.go +1 -1

router.go internal/router/router.go +17 -5

ibtpx.go model/pb/ibtpx.go +46 -0

No files found.
--- a/internal/app/sidecar.go
+++ b/internal/app/sidecar.go
@@ -53,7 +53,7 @@ func NewSidecar(repoRoot string, config *repo.Config) (internal.Launcher, error)
 	// cryptor     txcrypto.Cryptor
 	// apiServer   *apiServer.Server
 	)
-	r := router.NewRouter(loggers.Logger(loggers.Router))
+	r := router.NewRouter(privateKey, loggers.Logger(loggers.Router))
 	pm, err := peermgr.New(config, r, nodePrivKey, privateKey, 1, loggers.Logger(loggers.PeerMgr))
 	tool.Asset(err)
 	clients := plugins.CreateClients(config.Appchains, nil)

--- a/internal/router/router.go
+++ b/internal/router/router.go
@@ -5,6 +5,7 @@ import (
 	"errors"
 	"strings"
+	"github.com/meshplus/bitxhub-kit/crypto"
 	"github.com/sirupsen/logrus"
 	"github.com/link33/sidecar/internal/checker"
@@ -20,11 +21,12 @@ type router struct {
 	checker    checker.Checker
 	portMap    *port.PortMap
 	methodMap  map[string]routeMethod
+	privateKey crypto.PrivateKey
 }
 type routeMethod func([]string) []port.Port
-func NewRouter(logger logrus.FieldLogger) Router {
+func NewRouter(privateKey crypto.PrivateKey, logger logrus.FieldLogger) Router {
 	ctx, cancel := context.WithCancel(context.Background())
 	return &router{
 		logger:     logger,
@@ -32,6 +34,7 @@ func NewRouter(logger logrus.FieldLogger) Router {
 		cancel:     cancel,
 		portMap:    port.NewPortMap(),
 		methodMap:  map[string]routeMethod{},
+		privateKey: privateKey,
 	}
 }
@@ -110,7 +113,10 @@ func (r *router) Route(msg *pb.Message) error {
 	}
 	// 本网关签名
 	if !r.isSign(ibtpx) {
-		r.sign(ibtpx)
+		err := r.sign(ibtpx)
+		if err != nil {
+			return err
+		}
 	}
 	data, err := ibtpx.Marshal()
@@ -227,11 +233,17 @@ func (r *router) getHub() (port.Port, bool) {
 }
 func (r *router) isSign(ibtpx *pb.IBTPX) bool {
-	panic("implement me")
+	return ibtpx.RecursiveVerify(r.privateKey.PublicKey().Verify)
 }
-func (r *router) sign(ibtpx *pb.IBTPX) {
+func (r *router) sign(ibtpx *pb.IBTPX) error {
-	panic("implement me")
+	hash := ibtpx.Hash()
+	sign, err := r.privateKey.Sign(hash.Bytes())
+	if err != nil {
+		return err
+	}
+	ibtpx.RouteSign = append(ibtpx.RouteSign, string(sign))
+	return nil
 }
 // hub endorse

--- a/model/pb/ibtpx.go
+++ b/model/pb/ibtpx.go
 package pb
 import (
+	"crypto/sha256"
 	"fmt"
+	"github.com/meshplus/bitxhub-kit/types"
 )
 func WrapperKey(height uint64) []byte {
@@ -11,3 +14,46 @@ func WrapperKey(height uint64) []byte {
 func IBTPKey(id string) []byte {
 	return []byte(fmt.Sprintf("ibtp-%s", id))
 }
+func (m *IBTPX) Hash() *types.Hash {
+	data := m.frontPart()
+	return m.digest(data, m.RouteSign)
+}
+func (m *IBTPX) frontPart() []byte {
+	var data []byte
+	hash := m.Ibtp.Hash()
+	data = append(data, hash.Bytes()...)
+	data = append(data, []byte(m.Mode)...)
+	data = append(data, []byte(m.RouteMethod)...)
+	for _, s := range m.RouteMethodArg {
+		data = append(data, []byte(s)...)
+	}
+	return data
+}
+func (m *IBTPX) digest(part []byte, signs []string) *types.Hash {
+	for _, s := range signs {
+		part = append(part, []byte(s)...)
+	}
+	s := sha256.Sum256(part)
+	return types.NewHash(s[:])
+}
+func (m *IBTPX) RecursiveVerify(verify func(digest []byte, sig []byte) (bool, error)) bool {
+	part := m.frontPart()
+	for i, currentSig := range m.RouteSign {
+		var d, dig []byte
+		copy(d, part)
+		if i == 0 {
+			copy(dig, part)
+		} else {
+			signs := m.RouteSign[:i-1]
+			dig = m.digest(d, signs).Bytes()
+		}
+		if val, _ := verify(dig, []byte(currentSig)); val {
+			return val
+		}
+	}
+	return false
+}