Trim long MSP plaintext messages in logs

This changeset trims the MSP plaintext message in the log statement to the beginning and end of the byte array if its length is greater than 32. Logging the entire plaintext for very long messages can lead to the process hanging when deploying chaincode. https://jira.hyperledger.org/browse/FAB-1870 Change-Id: I0d169df859c0be97090c86ff73f014d813ea7cdd Signed-off-by: Will Lahti <wtlahti@us.ibm.com>
hyperledger · Jan 27, 2017 · 73991c2 · 73991c2
1 parent a3ee996
commit 73991c2
Show file tree

Hide file tree

Showing 2 changed files with 46 additions and 1 deletion.
diff --git a/msp/identities.go b/msp/identities.go
@@ -157,7 +157,13 @@ func (id *signingidentity) Sign(msg []byte) ([]byte, error) {
 		return nil, fmt.Errorf("Failed computing digest [%s]", err)
 	}
 
-	mspLogger.Debugf("Sign: plaintext: %X \n", msg)
+	// TODO - consider removing these debug statements in the future as they may
+	// contain confidential information
+	if len(msg) < 32 {
+		mspLogger.Debugf("Sign: plaintext: %X \n", msg)
+	} else {
+		mspLogger.Debugf("Sign: plaintext: %X...%X \n", msg[0:16], msg[len(msg)-16:])
+	}
 	mspLogger.Debugf("Sign: digest: %X \n", digest)
 
 	// Sign

diff --git a/msp/msp_test.go b/msp/msp_test.go
@@ -155,6 +155,45 @@ func TestSignAndVerify(t *testing.T) {
 	}
 }
 
+func TestSignAndVerify_longMessage(t *testing.T) {
+	id, err := localMsp.GetDefaultSigningIdentity()
+	if err != nil {
+		t.Fatalf("GetSigningIdentity should have succeeded")
+		return
+	}
+
+	serializedID, err := id.Serialize()
+	if err != nil {
+		t.Fatalf("Serialize should have succeeded")
+		return
+	}
+
+	idBack, err := localMsp.DeserializeIdentity(serializedID)
+	if err != nil {
+		t.Fatalf("DeserializeIdentity should have succeeded")
+		return
+	}
+
+	msg := []byte("ABCDEFGABCDEFGABCDEFGABCDEFGABCDEFGABCDEFGABCDEFGABCDEFGABCDEFGABCDEFGABCDEFGABCDEFGABCDEFGABCDEFG")
+	sig, err := id.Sign(msg)
+	if err != nil {
+		t.Fatalf("Sign should have succeeded")
+		return
+	}
+
+	err = id.Verify(msg, sig)
+	if err != nil {
+		t.Fatalf("The signature should be valid")
+		return
+	}
+
+	err = idBack.Verify(msg, sig)
+	if err != nil {
+		t.Fatalf("The signature should be valid")
+		return
+	}
+}
+
 func TestMain(m *testing.M) {
 	retVal := m.Run()
 	os.Exit(retVal)