-
Notifications
You must be signed in to change notification settings - Fork 508
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
[FAB-8965] Resource Mgmt: Verify signature
Change-Id: I9176dc573bd458ad5f84b0fbafaaaae400cac96f Signed-off-by: Sandra Vrtikapa <sandra.vrtikapa@securekey.com>
- Loading branch information
Showing
4 changed files
with
94 additions
and
74 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,59 @@ | ||
/* | ||
Copyright SecureKey Technologies Inc. All Rights Reserved. | ||
SPDX-License-Identifier: Apache-2.0 | ||
*/ | ||
|
||
// Package verifiers provides various verifiers (e.g. signature) | ||
package verifiers | ||
|
||
import ( | ||
"github.com/hyperledger/fabric-sdk-go/pkg/common/logging" | ||
"github.com/hyperledger/fabric-sdk-go/pkg/common/providers/fab" | ||
"github.com/hyperledger/fabric-sdk-go/pkg/util/errors/status" | ||
"github.com/hyperledger/fabric-sdk-go/third_party/github.com/hyperledger/fabric/protos/common" | ||
"github.com/pkg/errors" | ||
) | ||
|
||
var logger = logging.NewLogger("fabsdk/client") | ||
|
||
// Signature verifies response signature | ||
type Signature struct { | ||
Membership fab.ChannelMembership | ||
} | ||
|
||
// Verify checks transaction proposal response | ||
func (v *Signature) Verify(response *fab.TransactionProposalResponse) error { | ||
|
||
if response.ProposalResponse.GetResponse().Status != int32(common.Status_SUCCESS) { | ||
return status.NewFromProposalResponse(response.ProposalResponse, response.Endorser) | ||
} | ||
|
||
res := response.ProposalResponse | ||
|
||
if res.GetEndorsement() == nil { | ||
return errors.Errorf("Missing endorsement in proposal response") | ||
} | ||
creatorID := res.GetEndorsement().Endorser | ||
|
||
err := v.Membership.Validate(creatorID) | ||
if err != nil { | ||
return errors.WithMessage(err, "The creator certificate is not valid") | ||
} | ||
|
||
// check the signature against the endorser and payload hash | ||
digest := append(res.GetPayload(), res.GetEndorsement().Endorser...) | ||
|
||
// validate the signature | ||
err = v.Membership.Verify(creatorID, digest, res.GetEndorsement().Signature) | ||
if err != nil { | ||
return errors.WithMessage(err, "The creator's signature over the proposal is not valid") | ||
} | ||
|
||
return nil | ||
} | ||
|
||
// Match matches transaction proposal responses (empty for signature verifier) | ||
func (v *Signature) Match(response []*fab.TransactionProposalResponse) error { | ||
return nil | ||
} |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters