From 73991c2c116dfd7f4a6ad6766e6c61d699168c4a Mon Sep 17 00:00:00 2001 From: Will Lahti Date: Fri, 27 Jan 2017 08:27:16 -0500 Subject: [PATCH] Trim long MSP plaintext messages in logs This changeset trims the MSP plaintext message in the log statement to the beginning and end of the byte array if its length is greater than 32. Logging the entire plaintext for very long messages can lead to the process hanging when deploying chaincode. https://jira.hyperledger.org/browse/FAB-1870 Change-Id: I0d169df859c0be97090c86ff73f014d813ea7cdd Signed-off-by: Will Lahti --- msp/identities.go | 8 +++++++- msp/msp_test.go | 39 +++++++++++++++++++++++++++++++++++++++ 2 files changed, 46 insertions(+), 1 deletion(-) diff --git a/msp/identities.go b/msp/identities.go index 32140e5688f..8608f08cfd6 100644 --- a/msp/identities.go +++ b/msp/identities.go @@ -157,7 +157,13 @@ func (id *signingidentity) Sign(msg []byte) ([]byte, error) { return nil, fmt.Errorf("Failed computing digest [%s]", err) } - mspLogger.Debugf("Sign: plaintext: %X \n", msg) + // TODO - consider removing these debug statements in the future as they may + // contain confidential information + if len(msg) < 32 { + mspLogger.Debugf("Sign: plaintext: %X \n", msg) + } else { + mspLogger.Debugf("Sign: plaintext: %X...%X \n", msg[0:16], msg[len(msg)-16:]) + } mspLogger.Debugf("Sign: digest: %X \n", digest) // Sign diff --git a/msp/msp_test.go b/msp/msp_test.go index 5f4c289afc6..a212cf3dbe8 100644 --- a/msp/msp_test.go +++ b/msp/msp_test.go @@ -155,6 +155,45 @@ func TestSignAndVerify(t *testing.T) { } } +func TestSignAndVerify_longMessage(t *testing.T) { + id, err := localMsp.GetDefaultSigningIdentity() + if err != nil { + t.Fatalf("GetSigningIdentity should have succeeded") + return + } + + serializedID, err := id.Serialize() + if err != nil { + t.Fatalf("Serialize should have succeeded") + return + } + + idBack, err := localMsp.DeserializeIdentity(serializedID) + if err != nil { + t.Fatalf("DeserializeIdentity should have succeeded") + return + } + + msg := []byte("ABCDEFGABCDEFGABCDEFGABCDEFGABCDEFGABCDEFGABCDEFGABCDEFGABCDEFGABCDEFGABCDEFGABCDEFGABCDEFGABCDEFG") + sig, err := id.Sign(msg) + if err != nil { + t.Fatalf("Sign should have succeeded") + return + } + + err = id.Verify(msg, sig) + if err != nil { + t.Fatalf("The signature should be valid") + return + } + + err = idBack.Verify(msg, sig) + if err != nil { + t.Fatalf("The signature should be valid") + return + } +} + func TestMain(m *testing.M) { retVal := m.Run() os.Exit(retVal)