From 9cb49d8a8f99aefb7ba4b7101c0b5703dd09b9e6 Mon Sep 17 00:00:00 2001 From: chenchanglew Date: Tue, 26 Nov 2024 18:01:17 +0100 Subject: [PATCH] chore: refactor SkvsStubInterface --- ecc_go/chaincode/enclave_go/enclave.go | 7 +- ecc_go/chaincode/enclave_go/skvs_stub.go | 102 ++--------------------- 2 files changed, 12 insertions(+), 97 deletions(-) diff --git a/ecc_go/chaincode/enclave_go/enclave.go b/ecc_go/chaincode/enclave_go/enclave.go index 04545d894..3b25a8729 100644 --- a/ecc_go/chaincode/enclave_go/enclave.go +++ b/ecc_go/chaincode/enclave_go/enclave.go @@ -18,6 +18,7 @@ import ( "github.com/hyperledger/fabric-private-chaincode/ecc_go/chaincode/enclave_go/attestation" "github.com/hyperledger/fabric-private-chaincode/internal/crypto" "github.com/hyperledger/fabric-private-chaincode/internal/protos" + pb "github.com/hyperledger/fabric-protos-go/peer" "github.com/hyperledger/fabric/bccsp" "github.com/hyperledger/fabric/bccsp/factory" "github.com/hyperledger/fabric/common/flogging" @@ -37,6 +38,7 @@ type EnclaveStub struct { hostParams *protos.HostParameters chaincodeParams *protos.CCParameters fabricCryptoProvider bccsp.BCCSP + stubProvider func(shim.ChaincodeStubInterface, *pb.ChaincodeInput, *readWriteSet, StateEncryptionFunctions) shim.ChaincodeStubInterface } func NewEnclaveStub(cc shim.Chaincode) *EnclaveStub { @@ -49,6 +51,9 @@ func NewEnclaveStub(cc shim.Chaincode) *EnclaveStub { csp: crypto.GetDefaultCSP(), ccRef: cc, fabricCryptoProvider: cryptoProvider, + stubProvider: func(stub shim.ChaincodeStubInterface, input *pb.ChaincodeInput, rwset *readWriteSet, sep StateEncryptionFunctions) shim.ChaincodeStubInterface { + return NewFpcStubInterface(stub, input, rwset, sep) + }, } } @@ -161,7 +166,7 @@ func (e *EnclaveStub) ChaincodeInvoke(stub shim.ChaincodeStubInterface, chaincod // Invoke chaincode // we wrap the stub with our FpcStubInterface - fpcStub := NewFpcStubInterface(stub, cleartextChaincodeRequest.GetInput(), rwset, e.ccKeys) + fpcStub := e.stubProvider(stub, cleartextChaincodeRequest.GetInput(), rwset, e.ccKeys) ccResponse := e.ccRef.Invoke(fpcStub) // marshal chaincode response diff --git a/ecc_go/chaincode/enclave_go/skvs_stub.go b/ecc_go/chaincode/enclave_go/skvs_stub.go index 27b9d94ce..5162fcf0a 100644 --- a/ecc_go/chaincode/enclave_go/skvs_stub.go +++ b/ecc_go/chaincode/enclave_go/skvs_stub.go @@ -7,105 +7,15 @@ SPDX-License-Identifier: Apache-2.0 package enclave_go import ( - "crypto/sha256" - "fmt" - "github.com/hyperledger/fabric-chaincode-go/shim" - "github.com/hyperledger/fabric-private-chaincode/internal/protos" - "github.com/hyperledger/fabric/protoutil" - "github.com/pkg/errors" - "google.golang.org/protobuf/proto" + pb "github.com/hyperledger/fabric-protos-go/peer" ) -type skvsStub struct { - *EnclaveStub -} - -func NewSkvsStub(cc shim.Chaincode) *skvsStub { +func NewSkvsStub(cc shim.Chaincode) *EnclaveStub { + logger.Warning("==== SKVS NewSkvsStub ====") enclaveStub := NewEnclaveStub(cc) - return &skvsStub{enclaveStub} -} - -func (e *skvsStub) ChaincodeInvoke(stub shim.ChaincodeStubInterface, chaincodeRequestMessageBytes []byte) ([]byte, error) { - logger.Warning("==== SKVS ChaincodeInvoke ====") - - signedProposal, err := stub.GetSignedProposal() - if err != nil { - return nil, fmt.Errorf("cannot get signed proposal: %s", err.Error()) - } - - if err := e.verifySignedProposal(stub, chaincodeRequestMessageBytes); err != nil { - return nil, errors.Wrap(err, "signed proposal verification failed") - } - - // unmarshal chaincodeRequest - chaincodeRequestMessage := &protos.ChaincodeRequestMessage{} - err = proto.Unmarshal(chaincodeRequestMessageBytes, chaincodeRequestMessage) - if err != nil { - return nil, err - } - - // get key transport message including the encryption keys for request and response - keyTransportMessage, err := e.extractKeyTransportMessage(chaincodeRequestMessage) - if err != nil { - return nil, errors.Wrap(err, "cannot extract keyTransportMessage") - } - - // decrypt request - cleartextChaincodeRequest, err := e.extractCleartextChaincodeRequest(chaincodeRequestMessage, keyTransportMessage) - if err != nil { - return nil, errors.Wrap(err, "cannot decrypt chaincode request") - } - - // create a new instance of a FPC RWSet that we pass to the stub and later return with the response - rwset := NewReadWriteSet() - - // Invoke chaincode - // we wrap the stub with our FpcStubInterface - // ** Implement our own FpcStubInterface - skvsStub := NewSkvsStubInterface(stub, cleartextChaincodeRequest.GetInput(), rwset, e.ccKeys) - ccResponse := e.ccRef.Invoke(skvsStub) - // ** - // fpcStub := NewFpcStubInterface(stub, cleartextChaincodeRequest.GetInput(), rwset, e.ccKeys) - // ccResponse := e.ccRef.Invoke(fpcStub) - - // marshal chaincode response - ccResponseBytes, err := protoutil.Marshal(&ccResponse) - if err != nil { - return nil, err - } - - //encrypt response - encryptedResponse, err := e.csp.EncryptMessage(keyTransportMessage.GetResponseEncryptionKey(), ccResponseBytes) - if err != nil { - return nil, err - } - - chaincodeRequestMessageHash := sha256.Sum256(chaincodeRequestMessageBytes) - - response := &protos.ChaincodeResponseMessage{ - EncryptedResponse: encryptedResponse, - FpcRwSet: rwset.ToFPCKVSet(), - EnclaveId: e.identity.GetEnclaveId(), - Proposal: signedProposal, - ChaincodeRequestMessageHash: chaincodeRequestMessageHash[:], + enclaveStub.stubProvider = func(stub shim.ChaincodeStubInterface, input *pb.ChaincodeInput, rwset *readWriteSet, sep StateEncryptionFunctions) shim.ChaincodeStubInterface { + return NewSkvsStubInterface(stub, input, rwset, sep) } - - responseBytes, err := proto.Marshal(response) - if err != nil { - return nil, err - } - - // create signature - sig, err := e.identity.Sign(responseBytes) - if err != nil { - return nil, err - } - - signedResponse := &protos.SignedChaincodeResponseMessage{ - ChaincodeResponseMessage: responseBytes, - Signature: sig, - } - - return proto.Marshal(signedResponse) + return enclaveStub }