From bb762580f53b160ee03cd440c67813cd979c7a4c Mon Sep 17 00:00:00 2001 From: vsmk98 Date: Wed, 31 Oct 2018 14:42:29 +0800 Subject: [PATCH] derive private key from nodekey --- cmd/geth/main.go | 41 ++++++++++++++------------- controls/permission/permission.go | 46 ++++++------------------------- core/quorum/permission_api.go | 40 ++++++++++++--------------- node/node.go | 5 ++++ 4 files changed, 53 insertions(+), 79 deletions(-) diff --git a/cmd/geth/main.go b/cmd/geth/main.go index f9febfa90..3271a08fa 100644 --- a/cmd/geth/main.go +++ b/cmd/geth/main.go @@ -41,8 +41,8 @@ import ( "github.com/ethereum/go-ethereum/node" "github.com/ethereum/go-ethereum/controls/permission" "github.com/ethereum/go-ethereum/controls/cluster" - "gopkg.in/urfave/cli.v1" "github.com/ethereum/go-ethereum/core/quorum" + "gopkg.in/urfave/cli.v1" ) const ( @@ -331,7 +331,7 @@ func startNode(ctx *cli.Context, stack *node.Node) { }() //START - QUORUM Permissioning - startQuorumPermissionOrgKeyService(ctx, stack) + startQuorumPermissionService(ctx, stack) // Start auxiliary services if enabled if ctx.GlobalBool(utils.MiningEnabledFlag.Name) || ctx.GlobalBool(utils.DeveloperFlag.Name) { @@ -360,26 +360,15 @@ func startNode(ctx *cli.Context, stack *node.Node) { } } -func startQuorumPermissionOrgKeyService(ctx *cli.Context, stack *node.Node) { +func startQuorumPermissionService(ctx *cli.Context, stack *node.Node) { if permEnabled := ctx.GlobalBool(utils.EnableNodePermissionFlag.Name); permEnabled { - v := stack.GetRPC("permnode") - if v == nil { - utils.Fatalf("Failed to start Quorum Permission API") - } - papi := v.(*quorum.PermissionAPI) - rpcClient, err := stack.Attach() - if err != nil { - utils.Fatalf("Failed to attach to self: %v", err) - } - stateReader := ethclient.NewClient(rpcClient) - papi.Init(stateReader, stack.InstanceDir()) - log.Info("Permission API initialized") - pctrl, err := permission.NewQuorumPermissionCtrl(ctx, stack) + // start the permissions management service + pc, err := permission.NewQuorumPermissionCtrl(stack, ctx.GlobalBool(utils.RaftModeFlag.Name)) if err != nil { utils.Fatalf("Failed to start Quorum Permission contract service: %v", err) } - pctrl.Start() - log.Info("Node Permission service started") + pc.Start() + } // Changes for managing org level cluster keys for privateFor txns kc, err := cluster.NewOrgKeyCtrl(stack) @@ -387,6 +376,20 @@ func startQuorumPermissionOrgKeyService(ctx *cli.Context, stack *node.Node) { log.Warn("Failed to start quorum Org key management service", "err", err) } else { kc.Start() - log.Info("Org key management service started") + log.Trace("Key management service started") } + + log.Info("Node Permission service started") + v := stack.GetRPC("permnode") + if v == nil { + utils.Fatalf("Failed to start Quorum Permission API") + } + qapi := v.(*quorum.PermissionAPI) + rpcClient, err := stack.Attach() + if err != nil { + utils.Fatalf("Failed to attach to self: %v", err) + } + stateReader := ethclient.NewClient(rpcClient) + qapi.Init(stateReader, stack.InstanceDir()) + log.Info("Permission API initialized") } diff --git a/controls/permission/permission.go b/controls/permission/permission.go index e2c813a85..09e4e9b46 100644 --- a/controls/permission/permission.go +++ b/controls/permission/permission.go @@ -1,6 +1,7 @@ package permission import ( + "crypto/ecdsa" "fmt" "encoding/json" "io/ioutil" @@ -8,7 +9,6 @@ import ( "math/big" "os" "sync" - "strings" "github.com/ethereum/go-ethereum/core/types" "github.com/ethereum/go-ethereum/accounts/abi/bind" @@ -22,7 +22,6 @@ import ( "github.com/ethereum/go-ethereum/controls" "github.com/ethereum/go-ethereum/cmd/utils" "github.com/ethereum/go-ethereum/raft" - "gopkg.in/urfave/cli.v1" "github.com/ethereum/go-ethereum/controls/permbind" ) @@ -43,23 +42,20 @@ type PermissionCtrl struct { ethClnt *ethclient.Client eth *eth.Ethereum isRaft bool - key string + key *ecdsa.PrivateKey } -func NewQuorumPermissionCtrl(ctx *cli.Context, stack *node.Node) (*PermissionCtrl, error) { +func NewQuorumPermissionCtrl(stack *node.Node, isRaft bool) (*PermissionCtrl, error) { // Create a new ethclient to for interfacing with the contract stateReader, e, err := controls.CreateEthClient(stack) if err != nil { log.Error("Unable to create ethereum client for permissions check : ", "err", err) return nil, err } - isRaft := false - if ctx.GlobalBool(utils.RaftModeFlag.Name) { - isRaft = true - } - //Read the key file from key store. SHOULD WE MAKE IT CONFIG value - key := getKeyFromKeyStore(ctx) - return &PermissionCtrl{stack, stateReader, e, isRaft, key}, nil + prvKey := stack.GetNodeKey() + log.Info("mykey value is : ", "prvKey", prvKey) + + return &PermissionCtrl{stack, stateReader, e, isRaft, prvKey}, nil } // This function first adds the node list from permissioned-nodes.json to @@ -410,7 +406,7 @@ func (p *PermissionCtrl) populateStaticNodesToContract() { if err != nil { utils.Fatalf("Failed to instantiate a Permissions contract: %v", err) } - auth, err := bind.NewTransactor(strings.NewReader(p.key), "") + auth := bind.NewKeyedTransactor(p.key) if err != nil { utils.Fatalf("Failed to create authorized transactor: %v", err) } @@ -467,29 +463,3 @@ func (p *PermissionCtrl) populateStaticNodesToContract() { } } } - -//This functions reads the first file in key store directory, reads the key -//value and returns the same -func getKeyFromKeyStore(ctx *cli.Context) string { - datadir := ctx.GlobalString(utils.DataDirFlag.Name) - - files, err := ioutil.ReadDir(filepath.Join(datadir, "keystore")) - if err != nil { - utils.Fatalf("Failed to read keystore directory: %v", err) - } - - // HACK: here we always use the first key as transactor - var keyPath string - for _, f := range files { - keyPath = filepath.Join(datadir, "keystore", f.Name()) - break - } - keyBlob, err := ioutil.ReadFile(keyPath) - if err != nil { - utils.Fatalf("Failed to read key file: %v", err) - } - // n := bytes.IndexByte(keyBlob, 0) - n := len(keyBlob) - - return string(keyBlob[:n]) -} diff --git a/core/quorum/permission_api.go b/core/quorum/permission_api.go index 4c5d18fd7..8f7383ddc 100644 --- a/core/quorum/permission_api.go +++ b/core/quorum/permission_api.go @@ -20,36 +20,32 @@ type PermissionAPI struct { ethClnt *ethclient.Client permContr *permbind.Permissions transOpts *bind.TransactOpts - initialized bool } func NewPermissionAPI(e *core.TxPool) *PermissionAPI { - pa := &PermissionAPI{e, nil, nil, nil, false} + pa := &PermissionAPI{e, nil, nil, nil} return pa } func (p *PermissionAPI) Init(ethClnt *ethclient.Client, datadir string) error { - if !p.initialized { - p.ethClnt = ethClnt - key, kerr := getKeyFromKeyStore(datadir) - if kerr != nil { - log.Error("error reading key file", "err", kerr) - return kerr - } - - permContr, err := permbind.NewPermissions(params.QuorumPermissionsContract, p.ethClnt) - if err != nil { - return err - } - p.permContr = permContr - auth, err := bind.NewTransactor(strings.NewReader(key), "") - if err != nil { - return err - } - p.transOpts = auth - p.initialized = true - + p.ethClnt = ethClnt + key, kerr := getKeyFromKeyStore(datadir) + if kerr != nil { + log.Error("error reading key file", "err", kerr) + return kerr } + + permContr, err := permbind.NewPermissions(params.QuorumPermissionsContract, p.ethClnt) + if err != nil { + return err + } + p.permContr = permContr + auth, err := bind.NewTransactor(strings.NewReader(key), "") + if err != nil { + return err + } + p.transOpts = auth + return nil } diff --git a/node/node.go b/node/node.go index 8c9a15d96..1a20dce80 100644 --- a/node/node.go +++ b/node/node.go @@ -17,6 +17,7 @@ package node import ( + "crypto/ecdsa" "errors" "fmt" "net" @@ -83,6 +84,10 @@ func (n *Node) GetRPC(name string) interface{} { return nil } +func (n *Node) GetNodeKey () *ecdsa.PrivateKey { + return n.config.NodeKey() +} + // New creates a new P2P node, ready for protocol registration. func New(conf *Config) (*Node, error) { // Copy config and resolve the datadir so future changes to the current