mirror of https://github.com/poanetwork/quorum.git
derive private key from nodekey
This commit is contained in:
parent
64d8db5678
commit
bb762580f5
|
@ -41,8 +41,8 @@ import (
|
|||
"github.com/ethereum/go-ethereum/node"
|
||||
"github.com/ethereum/go-ethereum/controls/permission"
|
||||
"github.com/ethereum/go-ethereum/controls/cluster"
|
||||
"gopkg.in/urfave/cli.v1"
|
||||
"github.com/ethereum/go-ethereum/core/quorum"
|
||||
"gopkg.in/urfave/cli.v1"
|
||||
)
|
||||
|
||||
const (
|
||||
|
@ -331,7 +331,7 @@ func startNode(ctx *cli.Context, stack *node.Node) {
|
|||
}()
|
||||
|
||||
//START - QUORUM Permissioning
|
||||
startQuorumPermissionOrgKeyService(ctx, stack)
|
||||
startQuorumPermissionService(ctx, stack)
|
||||
|
||||
// Start auxiliary services if enabled
|
||||
if ctx.GlobalBool(utils.MiningEnabledFlag.Name) || ctx.GlobalBool(utils.DeveloperFlag.Name) {
|
||||
|
@ -360,26 +360,15 @@ func startNode(ctx *cli.Context, stack *node.Node) {
|
|||
}
|
||||
}
|
||||
|
||||
func startQuorumPermissionOrgKeyService(ctx *cli.Context, stack *node.Node) {
|
||||
func startQuorumPermissionService(ctx *cli.Context, stack *node.Node) {
|
||||
if permEnabled := ctx.GlobalBool(utils.EnableNodePermissionFlag.Name); permEnabled {
|
||||
v := stack.GetRPC("permnode")
|
||||
if v == nil {
|
||||
utils.Fatalf("Failed to start Quorum Permission API")
|
||||
}
|
||||
papi := v.(*quorum.PermissionAPI)
|
||||
rpcClient, err := stack.Attach()
|
||||
if err != nil {
|
||||
utils.Fatalf("Failed to attach to self: %v", err)
|
||||
}
|
||||
stateReader := ethclient.NewClient(rpcClient)
|
||||
papi.Init(stateReader, stack.InstanceDir())
|
||||
log.Info("Permission API initialized")
|
||||
pctrl, err := permission.NewQuorumPermissionCtrl(ctx, stack)
|
||||
// start the permissions management service
|
||||
pc, err := permission.NewQuorumPermissionCtrl(stack, ctx.GlobalBool(utils.RaftModeFlag.Name))
|
||||
if err != nil {
|
||||
utils.Fatalf("Failed to start Quorum Permission contract service: %v", err)
|
||||
}
|
||||
pctrl.Start()
|
||||
log.Info("Node Permission service started")
|
||||
pc.Start()
|
||||
|
||||
}
|
||||
// Changes for managing org level cluster keys for privateFor txns
|
||||
kc, err := cluster.NewOrgKeyCtrl(stack)
|
||||
|
@ -387,6 +376,20 @@ func startQuorumPermissionOrgKeyService(ctx *cli.Context, stack *node.Node) {
|
|||
log.Warn("Failed to start quorum Org key management service", "err", err)
|
||||
} else {
|
||||
kc.Start()
|
||||
log.Info("Org key management service started")
|
||||
log.Trace("Key management service started")
|
||||
}
|
||||
|
||||
log.Info("Node Permission service started")
|
||||
v := stack.GetRPC("permnode")
|
||||
if v == nil {
|
||||
utils.Fatalf("Failed to start Quorum Permission API")
|
||||
}
|
||||
qapi := v.(*quorum.PermissionAPI)
|
||||
rpcClient, err := stack.Attach()
|
||||
if err != nil {
|
||||
utils.Fatalf("Failed to attach to self: %v", err)
|
||||
}
|
||||
stateReader := ethclient.NewClient(rpcClient)
|
||||
qapi.Init(stateReader, stack.InstanceDir())
|
||||
log.Info("Permission API initialized")
|
||||
}
|
||||
|
|
|
@ -1,6 +1,7 @@
|
|||
package permission
|
||||
|
||||
import (
|
||||
"crypto/ecdsa"
|
||||
"fmt"
|
||||
"encoding/json"
|
||||
"io/ioutil"
|
||||
|
@ -8,7 +9,6 @@ import (
|
|||
"math/big"
|
||||
"os"
|
||||
"sync"
|
||||
"strings"
|
||||
|
||||
"github.com/ethereum/go-ethereum/core/types"
|
||||
"github.com/ethereum/go-ethereum/accounts/abi/bind"
|
||||
|
@ -22,7 +22,6 @@ import (
|
|||
"github.com/ethereum/go-ethereum/controls"
|
||||
"github.com/ethereum/go-ethereum/cmd/utils"
|
||||
"github.com/ethereum/go-ethereum/raft"
|
||||
"gopkg.in/urfave/cli.v1"
|
||||
"github.com/ethereum/go-ethereum/controls/permbind"
|
||||
)
|
||||
|
||||
|
@ -43,23 +42,20 @@ type PermissionCtrl struct {
|
|||
ethClnt *ethclient.Client
|
||||
eth *eth.Ethereum
|
||||
isRaft bool
|
||||
key string
|
||||
key *ecdsa.PrivateKey
|
||||
}
|
||||
|
||||
func NewQuorumPermissionCtrl(ctx *cli.Context, stack *node.Node) (*PermissionCtrl, error) {
|
||||
func NewQuorumPermissionCtrl(stack *node.Node, isRaft bool) (*PermissionCtrl, error) {
|
||||
// Create a new ethclient to for interfacing with the contract
|
||||
stateReader, e, err := controls.CreateEthClient(stack)
|
||||
if err != nil {
|
||||
log.Error("Unable to create ethereum client for permissions check : ", "err", err)
|
||||
return nil, err
|
||||
}
|
||||
isRaft := false
|
||||
if ctx.GlobalBool(utils.RaftModeFlag.Name) {
|
||||
isRaft = true
|
||||
}
|
||||
//Read the key file from key store. SHOULD WE MAKE IT CONFIG value
|
||||
key := getKeyFromKeyStore(ctx)
|
||||
return &PermissionCtrl{stack, stateReader, e, isRaft, key}, nil
|
||||
prvKey := stack.GetNodeKey()
|
||||
log.Info("mykey value is : ", "prvKey", prvKey)
|
||||
|
||||
return &PermissionCtrl{stack, stateReader, e, isRaft, prvKey}, nil
|
||||
}
|
||||
|
||||
// This function first adds the node list from permissioned-nodes.json to
|
||||
|
@ -410,7 +406,7 @@ func (p *PermissionCtrl) populateStaticNodesToContract() {
|
|||
if err != nil {
|
||||
utils.Fatalf("Failed to instantiate a Permissions contract: %v", err)
|
||||
}
|
||||
auth, err := bind.NewTransactor(strings.NewReader(p.key), "")
|
||||
auth := bind.NewKeyedTransactor(p.key)
|
||||
if err != nil {
|
||||
utils.Fatalf("Failed to create authorized transactor: %v", err)
|
||||
}
|
||||
|
@ -467,29 +463,3 @@ func (p *PermissionCtrl) populateStaticNodesToContract() {
|
|||
}
|
||||
}
|
||||
}
|
||||
|
||||
//This functions reads the first file in key store directory, reads the key
|
||||
//value and returns the same
|
||||
func getKeyFromKeyStore(ctx *cli.Context) string {
|
||||
datadir := ctx.GlobalString(utils.DataDirFlag.Name)
|
||||
|
||||
files, err := ioutil.ReadDir(filepath.Join(datadir, "keystore"))
|
||||
if err != nil {
|
||||
utils.Fatalf("Failed to read keystore directory: %v", err)
|
||||
}
|
||||
|
||||
// HACK: here we always use the first key as transactor
|
||||
var keyPath string
|
||||
for _, f := range files {
|
||||
keyPath = filepath.Join(datadir, "keystore", f.Name())
|
||||
break
|
||||
}
|
||||
keyBlob, err := ioutil.ReadFile(keyPath)
|
||||
if err != nil {
|
||||
utils.Fatalf("Failed to read key file: %v", err)
|
||||
}
|
||||
// n := bytes.IndexByte(keyBlob, 0)
|
||||
n := len(keyBlob)
|
||||
|
||||
return string(keyBlob[:n])
|
||||
}
|
||||
|
|
|
@ -20,36 +20,32 @@ type PermissionAPI struct {
|
|||
ethClnt *ethclient.Client
|
||||
permContr *permbind.Permissions
|
||||
transOpts *bind.TransactOpts
|
||||
initialized bool
|
||||
}
|
||||
|
||||
func NewPermissionAPI(e *core.TxPool) *PermissionAPI {
|
||||
pa := &PermissionAPI{e, nil, nil, nil, false}
|
||||
pa := &PermissionAPI{e, nil, nil, nil}
|
||||
return pa
|
||||
}
|
||||
|
||||
func (p *PermissionAPI) Init(ethClnt *ethclient.Client, datadir string) error {
|
||||
if !p.initialized {
|
||||
p.ethClnt = ethClnt
|
||||
key, kerr := getKeyFromKeyStore(datadir)
|
||||
if kerr != nil {
|
||||
log.Error("error reading key file", "err", kerr)
|
||||
return kerr
|
||||
}
|
||||
|
||||
permContr, err := permbind.NewPermissions(params.QuorumPermissionsContract, p.ethClnt)
|
||||
if err != nil {
|
||||
return err
|
||||
}
|
||||
p.permContr = permContr
|
||||
auth, err := bind.NewTransactor(strings.NewReader(key), "")
|
||||
if err != nil {
|
||||
return err
|
||||
}
|
||||
p.transOpts = auth
|
||||
p.initialized = true
|
||||
|
||||
p.ethClnt = ethClnt
|
||||
key, kerr := getKeyFromKeyStore(datadir)
|
||||
if kerr != nil {
|
||||
log.Error("error reading key file", "err", kerr)
|
||||
return kerr
|
||||
}
|
||||
|
||||
permContr, err := permbind.NewPermissions(params.QuorumPermissionsContract, p.ethClnt)
|
||||
if err != nil {
|
||||
return err
|
||||
}
|
||||
p.permContr = permContr
|
||||
auth, err := bind.NewTransactor(strings.NewReader(key), "")
|
||||
if err != nil {
|
||||
return err
|
||||
}
|
||||
p.transOpts = auth
|
||||
|
||||
return nil
|
||||
}
|
||||
|
||||
|
|
|
@ -17,6 +17,7 @@
|
|||
package node
|
||||
|
||||
import (
|
||||
"crypto/ecdsa"
|
||||
"errors"
|
||||
"fmt"
|
||||
"net"
|
||||
|
@ -83,6 +84,10 @@ func (n *Node) GetRPC(name string) interface{} {
|
|||
return nil
|
||||
}
|
||||
|
||||
func (n *Node) GetNodeKey () *ecdsa.PrivateKey {
|
||||
return n.config.NodeKey()
|
||||
}
|
||||
|
||||
// New creates a new P2P node, ready for protocol registration.
|
||||
func New(conf *Config) (*Node, error) {
|
||||
// Copy config and resolve the datadir so future changes to the current
|
||||
|
|
Loading…
Reference in New Issue