Expose the signed proposal to chaincodes

This change-set does the following: 1. It allows a chaincode to get the SignedProposal object from the chaincode shim. This is propaedeutic to the enforcement of access control in chaincodes. This change-set comes in the context of 1. https://jira.hyperledger.org/browse/FAB-2968 2. https://jira.hyperledger.org/browse/FAB-2969 Change-Id: I6f1af65c6959591af314e110d569558b3ab32ce5 Signed-off-by: Angelo De Caro <adc@zurich.ibm.com>
hyperledger · Apr 4, 2017 · 7a3af1d · 7a3af1d
1 parent 9428140
commit 7a3af1d
Show file tree

Hide file tree

Showing 7 changed files with 86 additions and 67 deletions.
diff --git a/core/chaincode/handler.go b/core/chaincode/handler.go
@@ -1415,7 +1415,7 @@ func (handler *Handler) setChaincodeProposal(signedProp *pb.SignedProposal, prop
 			return fmt.Errorf("Failed getting proposal context. Signed proposal is nil.")
 		}
 
-		msg.Proposal = prop
+		msg.Proposal = signedProp
 	}
 	return nil
 }

diff --git a/core/chaincode/shim/chaincode.go b/core/chaincode/shim/chaincode.go
@@ -60,9 +60,10 @@ type ChaincodeStub struct {
 	chaincodeEvent *pb.ChaincodeEvent
 	args           [][]byte
 	handler        *Handler
+	signedProposal *pb.SignedProposal
 	proposal       *pb.Proposal
 
-	// Additional fields extracted from the proposal
+	// Additional fields extracted from the signedProposal
 	creator   []byte
 	transient map[string][]byte
 	binding   []byte
@@ -286,28 +287,32 @@ func chatWithPeer(chaincodename string, stream PeerChaincodeStream, cc Chaincode
 // -- init stub ---
 // ChaincodeInvocation functionality
 
-func (stub *ChaincodeStub) init(handler *Handler, txid string, input *pb.ChaincodeInput, proposal *pb.Proposal) error {
+func (stub *ChaincodeStub) init(handler *Handler, txid string, input *pb.ChaincodeInput, signedProposal *pb.SignedProposal) error {
 	stub.TxID = txid
 	stub.args = input.Args
 	stub.handler = handler
-	stub.proposal = proposal
+	stub.signedProposal = signedProposal
 
 	// TODO: sanity check: verify that every call to init with a nil
-	// proposal is a legitimate one, meaning it is an internal call
+	// signedProposal is a legitimate one, meaning it is an internal call
 	// to system chaincodes.
-	if proposal != nil {
-		// Extract creator, transient, binding...
+	if signedProposal != nil {
 		var err error
-		stub.creator, stub.transient, err = utils.GetChaincodeProposalContext(proposal)
+
+		stub.proposal, err = utils.GetProposal(signedProposal.ProposalBytes)
+		if err != nil {
+			return fmt.Errorf("Failed extracting signedProposal from signed signedProposal. [%s]", err)
+		}
+
+		// Extract creator, transient, binding...
+		stub.creator, stub.transient, err = utils.GetChaincodeProposalContext(stub.proposal)
 		if err != nil {
-			return fmt.Errorf("Failed extracting proposal fields. [%s]", err)
+			return fmt.Errorf("Failed extracting signedProposal fields. [%s]", err)
 		}
 
-		// TODO: txid must uniquely identity the transaction.
-		// Remove this comment once replay attack protection will be in place
-		stub.binding, err = utils.ComputeProposalBinding(proposal)
+		stub.binding, err = utils.ComputeProposalBinding(stub.proposal)
 		if err != nil {
-			return fmt.Errorf("Failed computing binding from proposal. [%s]", err)
+			return fmt.Errorf("Failed computing binding from signedProposal. [%s]", err)
 		}
 	}
 
@@ -590,7 +595,7 @@ func (stub *ChaincodeStub) GetFunctionAndParameters() (function string, params [
 	return
 }
 
-// GetCreator returns SignatureHeader.Creator of the proposal
+// GetCreator returns SignatureHeader.Creator of the signedProposal
 // this Stub refers to.
 func (stub *ChaincodeStub) GetCreator() ([]byte, error) {
 	return stub.creator, nil
@@ -610,6 +615,11 @@ func (stub *ChaincodeStub) GetBinding() ([]byte, error) {
 	return stub.binding, nil
 }
 
+// GetSignedProposal return the signed signedProposal this stub refers to.
+func (stub *ChaincodeStub) GetSignedProposal() (*pb.SignedProposal, error) {
+	return stub.signedProposal, nil
+}
+
 // GetArgsSlice returns the arguments to the stub call as a byte array
 func (stub *ChaincodeStub) GetArgsSlice() ([]byte, error) {
 	args := stub.GetArgs()

diff --git a/core/chaincode/shim/interfaces.go b/core/chaincode/shim/interfaces.go
@@ -102,7 +102,7 @@ type ChaincodeStubInterface interface {
 	// key values across time. GetHistoryForKey is intended to be used for read-only queries.
 	GetHistoryForKey(key string) (HistoryQueryIteratorInterface, error)
 
-	// GetCreator returns SignatureHeader.Creator of the proposal
+	// GetCreator returns SignatureHeader.Creator of the signedProposal
 	// this Stub refers to.
 	GetCreator() ([]byte, error)
 
@@ -116,6 +116,9 @@ type ChaincodeStubInterface interface {
 	// GetBinding returns the transaction binding
 	GetBinding() ([]byte, error)
 
+	// GetSignedProposal return the signed signedProposal this stub refers to.
+	GetSignedProposal() (*pb.SignedProposal, error)
+
 	// GetArgsSlice returns the arguments to the stub call as a byte array
 	GetArgsSlice() ([]byte, error)
 

diff --git a/core/chaincode/shim/mockstub.go b/core/chaincode/shim/mockstub.go
@@ -270,6 +270,11 @@ func (stub *MockStub) GetBinding() ([]byte, error) {
 	return nil, nil
 }
 
+// Not implemented
+func (stub *MockStub) GetSignedProposal() (*pb.SignedProposal, error) {
+	return nil, nil
+}
+
 // Not implemented
 func (stub *MockStub) GetArgsSlice() ([]byte, error) {
 	return nil, nil

diff --git a/protos/peer/admin.pb.go b/protos/peer/admin.pb.go
diff --git a/protos/peer/chaincode_shim.pb.go b/protos/peer/chaincode_shim.pb.go
diff --git a/protos/peer/chaincode_shim.proto b/protos/peer/chaincode_shim.proto
@@ -53,7 +53,7 @@ message ChaincodeMessage {
     bytes payload = 3;
     string txid = 4;
 
-    Proposal proposal = 5;
+    SignedProposal proposal = 5;
 
     //event emmited by chaincode. Used only with Init or Invoke.
     // This event is then stored (currently)