)
func init() {
- errorFormatter.Errors[Pseudohsm.ErrDuplicateKeyAlias] = httperror.Info{400, "BTM050", "Alias already exists"}
- errorFormatter.Errors[Pseudohsm.ErrInvalidAfter] = httperror.Info{400, "BTM801", "Invalid `after` in query"}
- errorFormatter.Errors[Pseudohsm.ErrTooManyAliasesToList] = httperror.Info{400, "BTM802", "Too many aliases to list"}
+ errorFormatter.Errors[pseudohsm.ErrDuplicateKeyAlias] = httperror.Info{400, "BTM050", "Alias already exists"}
+ errorFormatter.Errors[pseudohsm.ErrInvalidAfter] = httperror.Info{400, "BTM801", "Invalid `after` in query"}
+ errorFormatter.Errors[pseudohsm.ErrTooManyAliasesToList] = httperror.Info{400, "BTM802", "Too many aliases to list"}
}
/*
*/
-func (a *BlockchainReactor) pseudohsmCreateKey(ctx context.Context, password string, in struct{ Alias string }) (result *Pseudohsm.XPub, err error) {
+func (a *BlockchainReactor) pseudohsmCreateKey(ctx context.Context, password string, in struct{ Alias string }) (result *pseudohsm.XPub, err error) {
return a.hsm.XCreate(password, in.Alias)
}
-func (a *BlockchainReactor)) pseudohsmListKeys(ctx context.Context, query requestQuery) (page, error) {
+
+func (a *BlockchainReactor) pseudohsmListKeys(ctx context.Context, query requestQuery) (page, error) {
limit := query.PageSize
if limit == 0 {
limit = defGenericPageSize // defGenericPageSize = 100
}
- xpubs, after, err := h.PseudoHSM.ListKeys(query.After, limit)
+ xpubs, after, err := a.hsm.ListKeys(query.After, limit)
if err != nil {
return page{}, err
}
return a.hsm.XDelete(xpub, password)
}
-func (a *BlockchainReactor) pseudohsmSignTemplates(ctx context.Context, x struct {
+func (a *BlockchainReactor) pseudohsmSignTemplates(ctx context.Context, password string, x struct {
Txs []*txbuilder.Template `json:"transactions"`
XPubs []chainkd.XPub `json:"xpubs"`
}) []interface{} {
resp := make([]interface{}, 0, len(x.Txs))
for _, tx := range x.Txs {
- err := txbuilder.Sign(ctx, tx, x.XPubs, a.hsm.pseudohsmSignTemplate)
+ err := txbuilder.Sign(ctx, tx, x.XPubs, a.pseudohsmSignTemplate)
if err != nil {
info := errorFormatter.Format(err)
- response = append(resp, info)
+ resp = append(resp, info)
} else {
resp = append(resp, tx)
}
}
func (a *BlockchainReactor) pseudohsmSignTemplate(ctx context.Context, xpub chainkd.XPub, path [][]byte, data [32]byte) ([]byte, error) {
- sigBytes, err := a.hsm.XSign(ctx, xpub, path, data[:])
- if err == Pseudohsm.ErrNoKey {
+ sigBytes, err := a.hsm.XSign(xpub, path, data[:], "nopassword")
+ if err == pseudohsm.ErrNoKey {
return nil, nil
}
return sigBytes, err
err = h.Client.Call(ctx, "/sign-transaction", body, &sigBytes)
return sigBytes
}
-*/
\ No newline at end of file
+*/
const listKeyMaxAliases = 200
var (
+ ErrDuplicateKeyAlias = errors.New("duplicate key alias")
ErrInvalidAfter = errors.New("invalid after")
ErrNoKey = errors.New("key not found")
ErrInvalidKeySize = errors.New("key invalid size")
ErrTooManyAliasesToList = errors.New("requested aliases exceeds limit")
- ErrAmbiguousAddr = errors.New("multiple keys match address")
- ErrDecrypt = errors.New("could not decrypt key with given passphrase")
- ErrInvalidKeyType = errors.New("key type stored invalid")
+ ErrAmbiguousAddr = errors.New("multiple keys match address")
+ ErrDecrypt = errors.New("could not decrypt key with given passphrase")
+ ErrInvalidKeyType = errors.New("key type stored invalid")
)
type HSM struct {
type XPub struct {
Alias string `json:"alias"`
- Address common.Address `json:"address"`
+ Address common.Address `json:"address"`
XPub chainkd.XPub `json:"xpub"`
File string `json:"file"`
}
// ListKeys returns a list of all xpubs from the store
-func (h *HSM) ListKeys(after int , limit int) ([]XPub, string, error) {
+func (h *HSM) ListKeys(after string , limit int) ([]XPub, string, error) {
xpubs := h.cache.keys()
start, end := 0, len(xpubs)
- if len(xpubs) > after {
- start = after
+
+ var (
+ zafter int
+ err error
+ )
+
+ if after != "" {
+ zafter,err = strconv.Atoi(after)
+ if err != nil {
+ return nil, "", errors.WithDetailf(ErrInvalidAfter, "value: %q", zafter)
+ }
+ }
+
+ if len(xpubs) > zafter {
+ start = zafter
} else {
- return nil, "", errors.WithDetailf(ErrInvalidAfter, "value: %v", after)
+ return nil, "", errors.WithDetailf(ErrInvalidAfter, "value: %v", zafter)
}
- if len(xpubs) > after+limit {
- end = after+limit
+ if len(xpubs) > zafter+limit {
+ end = zafter+limit
}
- return xpubs[start:end], strconv.FormatInt(int64(start), 10), nil
+ return xpubs[start:end], strconv.Itoa(start), nil
}
// XSign looks up the xprv given the xpub, optionally derives a new
"github.com/bytom/blockchain/asset"
"github.com/bytom/blockchain/txdb"
"github.com/bytom/blockchain/txfeed"
+ "github.com/bytom/blockchain/pseudohsm"
"github.com/bytom/encoding/json"
"github.com/bytom/log"
"github.com/bytom/mining/cpuminer"
"github.com/bytom/types"
wire "github.com/tendermint/go-wire"
cmn "github.com/tendermint/tmlibs/common"
- "github.com/bytom/crypto/ed25519/chainkd"
//"github.com/bytom/net/http/gzip"
"github.com/bytom/net/http/httpjson"
//"github.com/bytom/net/http/limit"
crosscoreRPCPrefix = "/rpc/"
)
-type hsmSigner interface {
- XSign(ctx context.Context, xpub chainkd.XPub, path [][]byte, msg []byte) ([]byte, error)
-}
// BlockchainReactor handles long-term catchup syncing.
type BlockchainReactor struct {
store *txdb.Store
accounts *account.Manager
assets *asset.Registry
+ accesstoken *accesstoken.Token
txFeeds *txfeed.TxFeed
pool *BlockPool
txPool *protocol.TxPool
requestsCh chan BlockRequest
timeoutsCh chan string
submitter txbuilder.Submitter
- hsm hsmSigner
+ hsm *pseudohsm.HSM
evsw types.EventSwitch
}
m.Handle("/list-access-tokens", jsonHandler(bcr.listAccessTokens))
m.Handle("/delete-access-token", jsonHandler(bcr.deleteAccessToken))
- m.Handle("/hsm/create-key", needConfig(bcr.pseudohsmCreateKey))
- m.Handle("/hsm/list-keys", needConfig(bcr.pseudohsmListKeys))
- m.Handle("/hsm/delete-key", needConfig(bcr.pseudohsmDeleteKey))
- m.Handle("/hsm/sign-transaction", needConfig(bcr.pseudohsmSignTemplates))
- m.Handle("/hsm/reset-password", needConfig(bcr.pseudohsmResetPassword))
- m.Handle("/hsm/update-alias", needConfig(bcr.pseudohsmUpdateAlias))
+ m.Handle("/hsm/create-key", jsonHandler(bcr.pseudohsmCreateKey))
+ m.Handle("/hsm/list-keys", jsonHandler(bcr.pseudohsmListKeys))
+ m.Handle("/hsm/delete-key", jsonHandler(bcr.pseudohsmDeleteKey))
+ m.Handle("/hsm/sign-transaction", jsonHandler(bcr.pseudohsmSignTemplates))
+
+ //m.Handle("/hsm/reset-password", jsonHandler(bcr.pseudohsmResetPassword))
+ //m.Handle("/hsm/update-alias", jsonHandler(bcr.pseudohsmUpdateAlias))
latencyHandler := http.HandlerFunc(func(w http.ResponseWriter, req *http.Request) {
}
-func NewBlockchainReactor(store *txdb.Store, chain *protocol.Chain, txPool *protocol.TxPool, accounts *account.Manager, assets *asset.Registry, hsm hsmSigner, fastSync bool) *BlockchainReactor {
+func NewBlockchainReactor(store *txdb.Store, chain *protocol.Chain, txPool *protocol.TxPool, accounts *account.Manager, assets *asset.Registry, hsm *pseudohsm.HSM, fastSync bool) *BlockchainReactor {
requestsCh := make(chan BlockRequest, defaultChannelCapacity)
timeoutsCh := make(chan string, defaultChannelCapacity)
pool := NewBlockPool(
txPool: txPool,
mining: mining,
mux: http.NewServeMux(),
- hsm: hsm,
+ hsm: hsm,
fastSync: fastSync,
requestsCh: requestsCh,
timeoutsCh: timeoutsCh,
TxIndex: "kv",
DBBackend: "leveldb",
DBPath: "data",
- KeysPath: "keystore",
- HsmUrl: ""
+ KeysPath: "keystore",
+ HsmUrl: "",
}
}
assets := asset.NewRegistry(assets_db, chain)
//Todo HSM
- var hsm bc.hsmSigner
-
+ /*
if config.HsmUrl != ""{
// todo remoteHSM
- hsm = nil
+ cmn.Exit(cmn.Fmt("not implement"))
+
} else {
hsm, err = pseudohsm.New(config.KeysDir())
if err != nil {
cmn.Exit(cmn.Fmt("initialize HSM failed: %v", err))
}
- }
+ }*/
+ hsm, err := pseudohsm.New(config.KeysDir())
+ if err != nil {
+ cmn.Exit(cmn.Fmt("initialize HSM failed: %v", err))
+ }
bcReactor := bc.NewBlockchainReactor(store, chain, txPool, accounts, assets, hsm, fastSync)
bcReactor.SetLogger(logger.With("module", "blockchain"))