[FAB-1394] gossip MessageCryptoService-Add Channel

This commit adds a method VerifyByChannel that is channel-contexted and does the same thing as Verify, just that it causes the MSP layer to use a specific MSP manager. Change-Id: I6b7401935f7751b434be893769810a3ba4fad76f Signed-off-by: Yacov Manevich <yacovm@il.ibm.com>
hyperledger · Jan 25, 2017 · eb57157 · eb57157
1 parent cb39a14
commit eb57157
Show file tree

Hide file tree

Showing 7 changed files with 43 additions and 1 deletion.
diff --git a/gossip/api/crypto.go b/gossip/api/crypto.go
@@ -37,9 +37,15 @@ type MessageCryptoService interface {
 
 	// Verify checks that signature is a valid signature of message under a peer's verification key.
 	// If the verification succeeded, Verify returns nil meaning no error occurred.
-	// If peerCert is nil, then the signature is verified against this peer's verification key.
+	// If peerIdentity is nil, then the signature is verified against this peer's verification key.
 	Verify(peerIdentity PeerIdentityType, signature, message []byte) error
 
+	// VerifyByChannel checks that signature is a valid signature of message
+	// under a peer's verification key, but also in the context of a specific channel.
+	// If the verification succeeded, Verify returns nil meaning no error occurred.
+	// If peerIdentity is nil, then the signature is verified against this peer's verification key.
+	VerifyByChannel(chainID common.ChainID, peerIdentity PeerIdentityType, signature, message []byte) error
+
 	// ValidateIdentity validates the identity of a remote peer.
 	// If the identity is invalid, revoked, expired it returns an error.
 	// Else, returns nil

diff --git a/gossip/comm/comm_test.go b/gossip/comm/comm_test.go
@@ -82,6 +82,12 @@ func (*naiveSecProvider) Verify(peerIdentity api.PeerIdentityType, signature, me
 	return nil
 }
 
+// VerifyByChannel verifies a peer's signature on a message in the context
+// of a specific channel
+func (*naiveSecProvider) VerifyByChannel(_ common.ChainID, _ api.PeerIdentityType, _, _ []byte) error {
+	return nil
+}
+
 func newCommInstance(port int, sec api.MessageCryptoService) (Comm, error) {
 	endpoint := fmt.Sprintf("localhost:%d", port)
 	inst, err := NewCommInstanceWithServer(port, identity.NewIdentityMapper(sec), []byte(endpoint))

diff --git a/gossip/gossip/channel/channel_test.go b/gossip/gossip/channel/channel_test.go
@@ -94,6 +94,10 @@ func (cs *cryptoService) GetPKIidOfCert(peerIdentity api.PeerIdentityType) commo
 	panic("Should not be called in this test")
 }
 
+func (cs *cryptoService) VerifyByChannel(_ common.ChainID, _ api.PeerIdentityType, _, _ []byte) error {
+	panic("Should not be called in this test")
+}
+
 func (cs *cryptoService) VerifyBlock(signedBlock api.SignedBlock) error {
 	args := cs.Called(signedBlock)
 	if args.Get(0) == nil {

diff --git a/gossip/gossip/gossip_test.go b/gossip/gossip/gossip_test.go
@@ -94,6 +94,12 @@ func (*orgCryptoService) Verify(joinChanMsg api.JoinChannelMessage) error {
 	return nil
 }
 
+// VerifyByChannel verifies a peer's signature on a message in the context
+// of a specific channel
+func (*naiveCryptoService) VerifyByChannel(_ common.ChainID, _ api.PeerIdentityType, _, _ []byte) error {
+	return nil
+}
+
 func (*naiveCryptoService) ValidateIdentity(peerIdentity api.PeerIdentityType) error {
 	return nil
 }

diff --git a/gossip/identity/identity_test.go b/gossip/identity/identity_test.go
@@ -46,6 +46,12 @@ func (*naiveCryptoService) VerifyBlock(signedBlock api.SignedBlock) error {
 	return nil
 }
 
+// VerifyByChannel verifies a peer's signature on a message in the context
+// of a specific channel
+func (*naiveCryptoService) VerifyByChannel(_ common.ChainID, _ api.PeerIdentityType, _, _ []byte) error {
+	return nil
+}
+
 // Sign signs msg with this peer's signing key and outputs
 // the signature if no error occurred.
 func (*naiveCryptoService) Sign(msg []byte) ([]byte, error) {

diff --git a/gossip/integration/integration.go b/gossip/integration/integration.go
@@ -92,6 +92,12 @@ func (*naiveCryptoService) Sign(msg []byte) ([]byte, error) {
 	return msg, nil
 }
 
+// VerifyByChannel verifies a peer's signature on a message in the context
+// of a specific channel
+func (*naiveCryptoService) VerifyByChannel(_ common.ChainID, _ api.PeerIdentityType, _, _ []byte) error {
+	return nil
+}
+
 // Verify verifies a signature on a message that came from a peer with a certain vkID
 func (cs *naiveCryptoService) Verify(vkID api.PeerIdentityType, signature, message []byte) error {
 	if !bytes.Equal(signature, message) {

diff --git a/gossip/state/state_test.go b/gossip/state/state_test.go
@@ -108,6 +108,14 @@ func (*naiveCryptoService) Verify(peerIdentity api.PeerIdentityType, signature,
 	return nil
 }
 
+// VerifyByChannel checks that signature is a valid signature of message
+// under a peer's verification key, but also in the context of a specific channel.
+// If the verification succeeded, Verify returns nil meaning no error occurred.
+// If peerIdentity is nil, then the signature is verified against this peer's verification key.
+func (*naiveCryptoService) VerifyByChannel(chainID common.ChainID, peerIdentity api.PeerIdentityType, signature, message []byte) error {
+	return nil
+}
+
 func (*naiveCryptoService) ValidateIdentity(peerIdentity api.PeerIdentityType) error {
 	return nil
 }