From 9a5b456bcd28d6261eb0550709d26abc0b9d9f72 Mon Sep 17 00:00:00 2001 From: YACOVM Date: Mon, 6 Mar 2017 16:53:03 +0200 Subject: [PATCH] [FAB-2658] Bug fix: pass correct block data to MCS The MessageCryptoService complains: verifyBlock -> WARN 0cc Received fabricated block from [...]\ in DataUpdate: Failed casting SignedBlock to []byte on channel [foo] Because the object that was passed wasn't a []byte as expected but the object that contains the []byte as a field. I changed the signature of VerifyBlock to accept []byte instead of the previous interface type api.SignedBlock and removed the latter type. Change-Id: I7320c398b117072c0790f77d9c0f9305b1adf5ea Signed-off-by: Yacov Manevich --- gossip/api/crypto.go | 7 +------ gossip/comm/comm_test.go | 2 +- gossip/gossip/channel/channel.go | 2 +- gossip/gossip/channel/channel_test.go | 2 +- gossip/gossip/gossip_impl.go | 2 +- gossip/gossip/gossip_test.go | 2 +- gossip/identity/identity_test.go | 2 +- gossip/integration/integration_test.go | 2 +- gossip/service/gossip_service.go | 2 +- gossip/service/gossip_service_test.go | 2 +- gossip/state/state_test.go | 5 ++--- peer/gossip/mcs/mcs.go | 20 +++----------------- 12 files changed, 15 insertions(+), 35 deletions(-) diff --git a/gossip/api/crypto.go b/gossip/api/crypto.go index ab23dc45ff9..5028496a891 100644 --- a/gossip/api/crypto.go +++ b/gossip/api/crypto.go @@ -32,7 +32,7 @@ type MessageCryptoService interface { // VerifyBlock returns nil if the block is properly signed, // else returns error - VerifyBlock(chainID common.ChainID, signedBlock SignedBlock) error + VerifyBlock(chainID common.ChainID, signedBlock []byte) error // Sign signs msg with this peer's signing key and outputs // the signature if no error occurred. @@ -57,8 +57,3 @@ type MessageCryptoService interface { // PeerIdentityType is the peer's certificate type PeerIdentityType []byte - -// SignedBlock represents a fabric block that is signed according -// to the latest block verification policy known to the peer -type SignedBlock interface { -} diff --git a/gossip/comm/comm_test.go b/gossip/comm/comm_test.go index 842c0d182ef..f6792829b2b 100644 --- a/gossip/comm/comm_test.go +++ b/gossip/comm/comm_test.go @@ -65,7 +65,7 @@ func (*naiveSecProvider) GetPKIidOfCert(peerIdentity api.PeerIdentityType) commo // VerifyBlock returns nil if the block is properly signed, // else returns error -func (*naiveSecProvider) VerifyBlock(chainID common.ChainID, signedBlock api.SignedBlock) error { +func (*naiveSecProvider) VerifyBlock(chainID common.ChainID, signedBlock []byte) error { return nil } diff --git a/gossip/gossip/channel/channel.go b/gossip/gossip/channel/channel.go index 8b0ecdd61b8..e082db55338 100644 --- a/gossip/gossip/channel/channel.go +++ b/gossip/gossip/channel/channel.go @@ -487,7 +487,7 @@ func (gc *gossipChannel) verifyBlock(msg *proto.GossipMessage, sender common.PKI gc.logger.Warning("Received empty payload from", sender) return false } - err := gc.mcs.VerifyBlock(msg.Channel, msg.GetDataMsg().Payload) + err := gc.mcs.VerifyBlock(msg.Channel, msg.GetDataMsg().Payload.Data) if err != nil { gc.logger.Warning("Received fabricated block from", sender, "in DataUpdate:", err) return false diff --git a/gossip/gossip/channel/channel_test.go b/gossip/gossip/channel/channel_test.go index c298bc7f592..2a257996348 100644 --- a/gossip/gossip/channel/channel_test.go +++ b/gossip/gossip/channel/channel_test.go @@ -104,7 +104,7 @@ func (cs *cryptoService) VerifyByChannel(channel common.ChainID, identity api.Pe return args.Get(0).(error) } -func (cs *cryptoService) VerifyBlock(chainID common.ChainID, signedBlock api.SignedBlock) error { +func (cs *cryptoService) VerifyBlock(chainID common.ChainID, signedBlock []byte) error { args := cs.Called(signedBlock) if args.Get(0) == nil { return nil diff --git a/gossip/gossip/gossip_impl.go b/gossip/gossip/gossip_impl.go index 2dcec752902..6429e92a9e2 100644 --- a/gossip/gossip/gossip_impl.go +++ b/gossip/gossip/gossip_impl.go @@ -387,7 +387,7 @@ func (g *gossipServiceImpl) validateMsg(msg proto.ReceivedMessage) bool { return true } - if err := g.mcs.VerifyBlock(msg.GetGossipMessage().Channel, blockMsg); err != nil { + if err := g.mcs.VerifyBlock(msg.GetGossipMessage().Channel, blockMsg.Payload.Data); err != nil { g.logger.Warning("Could not verify block", blockMsg.Payload.SeqNum, ":", err) return false } diff --git a/gossip/gossip/gossip_test.go b/gossip/gossip/gossip_test.go index 4fce74b5c23..81dc00a5acc 100644 --- a/gossip/gossip/gossip_test.go +++ b/gossip/gossip/gossip_test.go @@ -130,7 +130,7 @@ func (*naiveCryptoService) GetPKIidOfCert(peerIdentity api.PeerIdentityType) com // VerifyBlock returns nil if the block is properly signed, // else returns error -func (*naiveCryptoService) VerifyBlock(chainID common.ChainID, signedBlock api.SignedBlock) error { +func (*naiveCryptoService) VerifyBlock(chainID common.ChainID, signedBlock []byte) error { return nil } diff --git a/gossip/identity/identity_test.go b/gossip/identity/identity_test.go index 9c59a67bb0d..b1244b8317e 100644 --- a/gossip/identity/identity_test.go +++ b/gossip/identity/identity_test.go @@ -42,7 +42,7 @@ func (*naiveCryptoService) GetPKIidOfCert(peerIdentity api.PeerIdentityType) com // VerifyBlock returns nil if the block is properly signed, // else returns error -func (*naiveCryptoService) VerifyBlock(chainID common.ChainID, signedBlock api.SignedBlock) error { +func (*naiveCryptoService) VerifyBlock(chainID common.ChainID, signedBlock []byte) error { return nil } diff --git a/gossip/integration/integration_test.go b/gossip/integration/integration_test.go index 9121ab4ff30..e41c16da117 100644 --- a/gossip/integration/integration_test.go +++ b/gossip/integration/integration_test.go @@ -95,7 +95,7 @@ func (s *cryptoService) GetPKIidOfCert(peerIdentity api.PeerIdentityType) common return common.PKIidType(peerIdentity) } -func (s *cryptoService) VerifyBlock(chainID common.ChainID, signedBlock api.SignedBlock) error { +func (s *cryptoService) VerifyBlock(chainID common.ChainID, signedBlock []byte) error { return nil } diff --git a/gossip/service/gossip_service.go b/gossip/service/gossip_service.go index 8bcba1ec384..a257e18e689 100644 --- a/gossip/service/gossip_service.go +++ b/gossip/service/gossip_service.go @@ -293,7 +293,7 @@ func (s *secImpl) GetPKIidOfCert(peerIdentity api.PeerIdentityType) gossipCommon return gossipCommon.PKIidType(peerIdentity) } -func (s *secImpl) VerifyBlock(chainID gossipCommon.ChainID, signedBlock api.SignedBlock) error { +func (s *secImpl) VerifyBlock(chainID gossipCommon.ChainID, signedBlock []byte) error { return nil } diff --git a/gossip/service/gossip_service_test.go b/gossip/service/gossip_service_test.go index 021d0dcd4e7..da21cb20ca4 100644 --- a/gossip/service/gossip_service_test.go +++ b/gossip/service/gossip_service_test.go @@ -662,7 +662,7 @@ func (*naiveCryptoService) GetPKIidOfCert(peerIdentity api.PeerIdentityType) gos // VerifyBlock returns nil if the block is properly signed, // else returns error -func (*naiveCryptoService) VerifyBlock(chainID gossipCommon.ChainID, signedBlock api.SignedBlock) error { +func (*naiveCryptoService) VerifyBlock(chainID gossipCommon.ChainID, signedBlock []byte) error { return nil } diff --git a/gossip/state/state_test.go b/gossip/state/state_test.go index dac5d2f9eed..be3822032af 100644 --- a/gossip/state/state_test.go +++ b/gossip/state/state_test.go @@ -18,14 +18,13 @@ package state import ( "bytes" + "errors" "fmt" "strconv" "sync" "testing" "time" - "errors" - pb "github.com/golang/protobuf/proto" "github.com/hyperledger/fabric/common/configtx/test" "github.com/hyperledger/fabric/common/util" @@ -97,7 +96,7 @@ func (*cryptoServiceMock) GetPKIidOfCert(peerIdentity api.PeerIdentityType) comm // VerifyBlock returns nil if the block is properly signed, // else returns error -func (*cryptoServiceMock) VerifyBlock(chainID common.ChainID, signedBlock api.SignedBlock) error { +func (*cryptoServiceMock) VerifyBlock(chainID common.ChainID, signedBlock []byte) error { return nil } diff --git a/peer/gossip/mcs/mcs.go b/peer/gossip/mcs/mcs.go index e3beff80efd..027271289ff 100644 --- a/peer/gossip/mcs/mcs.go +++ b/peer/gossip/mcs/mcs.go @@ -17,15 +17,13 @@ limitations under the License. package mcs import ( + "bytes" "errors" "fmt" - "bytes" - "github.com/hyperledger/fabric/bccsp" "github.com/hyperledger/fabric/bccsp/factory" "github.com/hyperledger/fabric/common/crypto" - "github.com/hyperledger/fabric/common/localmsp" "github.com/hyperledger/fabric/common/policies" "github.com/hyperledger/fabric/common/util" "github.com/hyperledger/fabric/gossip/api" @@ -54,12 +52,6 @@ type mspMessageCryptoService struct { deserializer mgmt.DeserializersManager } -// NewWithMockPolicyManagerGetter returns an instance of MessageCryptoService -// with all defaults but the policies.ChannelPolicyManagerGetter that is mocked -func NewWithMockPolicyManagerGetter() api.MessageCryptoService { - return New(&MockChannelPolicyManagerGetter{}, localmsp.NewSigner(), mgmt.NewDeserializersManager()) -} - // New creates a new instance of mspMessageCryptoService // that implements MessageCryptoService. // The method takes in input: @@ -109,15 +101,9 @@ func (s *mspMessageCryptoService) GetPKIidOfCert(peerIdentity api.PeerIdentityTy // VerifyBlock returns nil if the block is properly signed, // else returns error -func (s *mspMessageCryptoService) VerifyBlock(chainID common.ChainID, signedBlock api.SignedBlock) error { +func (s *mspMessageCryptoService) VerifyBlock(chainID common.ChainID, signedBlock []byte) error { // - Convert signedBlock to common.Block. - // signedBlock is assumed to be a byte array - blockBytes, ok := signedBlock.([]byte) - if !ok { - return fmt.Errorf("Failed casting SignedBlock to []byte on channel [%s]", chainID) - } - - block, err := utils.GetBlockFromBlockBytes(blockBytes) + block, err := utils.GetBlockFromBlockBytes(signedBlock) if err != nil { return fmt.Errorf("Failed unmarshalling block bytes on channel [%s]: [%s]", chainID, err) }