derive private key from nodekey

2018-10-31 14:42:29 +08:00 · 2018-10-31 14:42:29 +08:00 · bb762580f5
parent 64d8db5678
commit bb762580f5
4 changed files with 53 additions and 79 deletions
--- a/cmd/geth/main.go
+++ b/cmd/geth/main.go
@ -41,8 +41,8 @@ import (
 	"github.com/ethereum/go-ethereum/node"
 	"github.com/ethereum/go-ethereum/controls/permission"
 	"github.com/ethereum/go-ethereum/controls/cluster"
-	"gopkg.in/urfave/cli.v1"
 	"github.com/ethereum/go-ethereum/core/quorum"
+	"gopkg.in/urfave/cli.v1"
 )

 const (
@ -331,7 +331,7 @@ func startNode(ctx *cli.Context, stack *node.Node) {
 	}()

 	//START - QUORUM Permissioning
-	startQuorumPermissionOrgKeyService(ctx, stack)
+	startQuorumPermissionService(ctx, stack)

 	// Start auxiliary services if enabled
 	if ctx.GlobalBool(utils.MiningEnabledFlag.Name) || ctx.GlobalBool(utils.DeveloperFlag.Name) {
@ -360,26 +360,15 @@ func startNode(ctx *cli.Context, stack *node.Node) {
 	}
 }

-func startQuorumPermissionOrgKeyService(ctx *cli.Context, stack *node.Node) {
+func startQuorumPermissionService(ctx *cli.Context, stack *node.Node) {
 	if permEnabled := ctx.GlobalBool(utils.EnableNodePermissionFlag.Name); permEnabled {
-		v := stack.GetRPC("permnode")
-		if v == nil {
-			utils.Fatalf("Failed to start Quorum Permission API")
-		}
-		papi := v.(*quorum.PermissionAPI)
-		rpcClient, err := stack.Attach()
-		if err != nil {
-			utils.Fatalf("Failed to attach to self: %v", err)
-		}
-		stateReader := ethclient.NewClient(rpcClient)
-		papi.Init(stateReader, stack.InstanceDir())
-		log.Info("Permission API initialized")
-		pctrl, err := permission.NewQuorumPermissionCtrl(ctx, stack)
+		// start the permissions management service
+		pc, err := permission.NewQuorumPermissionCtrl(stack, ctx.GlobalBool(utils.RaftModeFlag.Name)) 
 		if err != nil {
 			utils.Fatalf("Failed to start Quorum Permission contract service: %v", err)
 		}
-		pctrl.Start()
-		log.Info("Node Permission service started")
+		pc.Start()
+
 	}
 	// Changes for managing org level cluster keys for privateFor txns
 	kc, err := cluster.NewOrgKeyCtrl(stack)
@ -387,6 +376,20 @@ func startQuorumPermissionOrgKeyService(ctx *cli.Context, stack *node.Node) {
 		log.Warn("Failed to start quorum Org key management service", "err", err)
 	} else {
 		kc.Start()
-		log.Info("Org key management service started")
+		log.Trace("Key management service started")
 	}
+
+	log.Info("Node Permission service started")
+	v := stack.GetRPC("permnode")
+	if v == nil {
+		utils.Fatalf("Failed to start Quorum Permission API")
+	}
+	qapi := v.(*quorum.PermissionAPI)
+	rpcClient, err := stack.Attach()
+	if err != nil {
+		utils.Fatalf("Failed to attach to self: %v", err)
+	}
+	stateReader := ethclient.NewClient(rpcClient)
+	qapi.Init(stateReader, stack.InstanceDir())
+	log.Info("Permission API initialized")
 }
--- a/controls/permission/permission.go
+++ b/controls/permission/permission.go
@ -1,6 +1,7 @@
 package permission

 import (
+	"crypto/ecdsa"
 	"fmt"
 	"encoding/json"
 	"io/ioutil"
@ -8,7 +9,6 @@ import (
 	"math/big"
 	"os"
 	"sync"
-	"strings"

 	"github.com/ethereum/go-ethereum/core/types"
 	"github.com/ethereum/go-ethereum/accounts/abi/bind"
@ -22,7 +22,6 @@ import (
 	"github.com/ethereum/go-ethereum/controls"
 	"github.com/ethereum/go-ethereum/cmd/utils"
 	"github.com/ethereum/go-ethereum/raft"
-	"gopkg.in/urfave/cli.v1"
 	"github.com/ethereum/go-ethereum/controls/permbind"
 )

@ -43,23 +42,20 @@ type PermissionCtrl struct {
 	ethClnt *ethclient.Client
 	eth     *eth.Ethereum
 	isRaft  bool
-	key     string
+	key     *ecdsa.PrivateKey
 }

-func NewQuorumPermissionCtrl(ctx *cli.Context, stack *node.Node) (*PermissionCtrl, error) {
+func NewQuorumPermissionCtrl(stack *node.Node, isRaft bool) (*PermissionCtrl, error) {
 	// Create a new ethclient to for interfacing with the contract
 	stateReader, e, err := controls.CreateEthClient(stack)
 	if err != nil {
 		log.Error("Unable to create ethereum client for permissions check : ", "err", err)
 		return nil, err
 	}
-	isRaft := false
-	if ctx.GlobalBool(utils.RaftModeFlag.Name) {
-		isRaft = true
-	}
-	//Read the key file from key store. SHOULD WE MAKE IT CONFIG value
-	key := getKeyFromKeyStore(ctx)
-	return &PermissionCtrl{stack, stateReader, e, isRaft, key}, nil
+	prvKey := stack.GetNodeKey()
+	log.Info("mykey value is : ", "prvKey", prvKey)
+
+	return &PermissionCtrl{stack, stateReader, e, isRaft, prvKey}, nil
 }

 // This function first adds the node list from permissioned-nodes.json to
@ -410,7 +406,7 @@ func (p *PermissionCtrl) populateStaticNodesToContract() {
 	if err != nil {
 		utils.Fatalf("Failed to instantiate a Permissions contract: %v", err)
 	}
-	auth, err := bind.NewTransactor(strings.NewReader(p.key), "")
+	auth := bind.NewKeyedTransactor(p.key)
 	if err != nil {
 		utils.Fatalf("Failed to create authorized transactor: %v", err)
 	}
@ -467,29 +463,3 @@ func (p *PermissionCtrl) populateStaticNodesToContract() {
 		}
 	}
 }
-
-//This functions reads the first file in key store directory, reads the key
-//value and returns the same
-func getKeyFromKeyStore(ctx *cli.Context) string {
-	datadir := ctx.GlobalString(utils.DataDirFlag.Name)
-
-	files, err := ioutil.ReadDir(filepath.Join(datadir, "keystore"))
-	if err != nil {
-		utils.Fatalf("Failed to read keystore directory: %v", err)
-	}
-
-	// HACK: here we always use the first key as transactor
-	var keyPath string
-	for _, f := range files {
-		keyPath = filepath.Join(datadir, "keystore", f.Name())
-		break
-	}
-	keyBlob, err := ioutil.ReadFile(keyPath)
-	if err != nil {
-		utils.Fatalf("Failed to read key file: %v", err)
-	}
-	// n := bytes.IndexByte(keyBlob, 0)
-	n := len(keyBlob)
-
-	return string(keyBlob[:n])
-}
--- a/core/quorum/permission_api.go
+++ b/core/quorum/permission_api.go
@ -20,36 +20,32 @@ type PermissionAPI struct {
 	ethClnt     *ethclient.Client
 	permContr   *permbind.Permissions
 	transOpts   *bind.TransactOpts
-	initialized bool
 }

 func NewPermissionAPI(e *core.TxPool) *PermissionAPI {
-	pa := &PermissionAPI{e, nil, nil, nil, false}
+	pa := &PermissionAPI{e, nil, nil, nil}
 	return pa
 }

 func (p *PermissionAPI) Init(ethClnt *ethclient.Client, datadir string) error {
-	if !p.initialized {
-		p.ethClnt = ethClnt
-		key, kerr := getKeyFromKeyStore(datadir)
-		if kerr != nil {
-			log.Error("error reading key file", "err", kerr)
-			return kerr
-		}
-
-		permContr, err := permbind.NewPermissions(params.QuorumPermissionsContract, p.ethClnt)
-		if err != nil {
-			return err
-		}
-		p.permContr = permContr
-		auth, err := bind.NewTransactor(strings.NewReader(key), "")
-		if err != nil {
-			return err
-		}
-		p.transOpts = auth
-		p.initialized = true
-
+	p.ethClnt = ethClnt
+	key, kerr := getKeyFromKeyStore(datadir)
+	if kerr != nil {
+		log.Error("error reading key file", "err", kerr)
+		return kerr
 	}
+
+	permContr, err := permbind.NewPermissions(params.QuorumPermissionsContract, p.ethClnt)
+	if err != nil {
+		return err
+	}
+	p.permContr = permContr
+	auth, err := bind.NewTransactor(strings.NewReader(key), "")
+	if err != nil {
+		return err
+	}
+	p.transOpts = auth
+
 	return nil
 }

--- a/node/node.go
+++ b/node/node.go
@ -17,6 +17,7 @@
 package node

 import (
+	"crypto/ecdsa"
 	"errors"
 	"fmt"
 	"net"
@ -83,6 +84,10 @@ func (n *Node) GetRPC(name string) interface{} {
 	return nil
 }

+func (n *Node) GetNodeKey () *ecdsa.PrivateKey {
+	return n.config.NodeKey()
+}
+
 // New creates a new P2P node, ready for protocol registration.
 func New(conf *Config) (*Node, error) {
 	// Copy config and resolve the datadir so future changes to the current