Skip to content

Commit

Permalink
chore: refactor SkvsStubInterface
Browse files Browse the repository at this point in the history
  • Loading branch information
chenchanglew committed Nov 26, 2024
1 parent 43869b2 commit 9cb49d8
Show file tree
Hide file tree
Showing 2 changed files with 12 additions and 97 deletions.
7 changes: 6 additions & 1 deletion ecc_go/chaincode/enclave_go/enclave.go
Original file line number Diff line number Diff line change
Expand Up @@ -18,6 +18,7 @@ import (
"github.com/hyperledger/fabric-private-chaincode/ecc_go/chaincode/enclave_go/attestation"
"github.com/hyperledger/fabric-private-chaincode/internal/crypto"
"github.com/hyperledger/fabric-private-chaincode/internal/protos"
pb "github.com/hyperledger/fabric-protos-go/peer"
"github.com/hyperledger/fabric/bccsp"
"github.com/hyperledger/fabric/bccsp/factory"
"github.com/hyperledger/fabric/common/flogging"
Expand All @@ -37,6 +38,7 @@ type EnclaveStub struct {
hostParams *protos.HostParameters
chaincodeParams *protos.CCParameters
fabricCryptoProvider bccsp.BCCSP
stubProvider func(shim.ChaincodeStubInterface, *pb.ChaincodeInput, *readWriteSet, StateEncryptionFunctions) shim.ChaincodeStubInterface
}

func NewEnclaveStub(cc shim.Chaincode) *EnclaveStub {
Expand All @@ -49,6 +51,9 @@ func NewEnclaveStub(cc shim.Chaincode) *EnclaveStub {
csp: crypto.GetDefaultCSP(),
ccRef: cc,
fabricCryptoProvider: cryptoProvider,
stubProvider: func(stub shim.ChaincodeStubInterface, input *pb.ChaincodeInput, rwset *readWriteSet, sep StateEncryptionFunctions) shim.ChaincodeStubInterface {
return NewFpcStubInterface(stub, input, rwset, sep)
},
}
}

Expand Down Expand Up @@ -161,7 +166,7 @@ func (e *EnclaveStub) ChaincodeInvoke(stub shim.ChaincodeStubInterface, chaincod

// Invoke chaincode
// we wrap the stub with our FpcStubInterface
fpcStub := NewFpcStubInterface(stub, cleartextChaincodeRequest.GetInput(), rwset, e.ccKeys)
fpcStub := e.stubProvider(stub, cleartextChaincodeRequest.GetInput(), rwset, e.ccKeys)
ccResponse := e.ccRef.Invoke(fpcStub)

// marshal chaincode response
Expand Down
102 changes: 6 additions & 96 deletions ecc_go/chaincode/enclave_go/skvs_stub.go
Original file line number Diff line number Diff line change
Expand Up @@ -7,105 +7,15 @@ SPDX-License-Identifier: Apache-2.0
package enclave_go

import (
"crypto/sha256"
"fmt"

"github.com/hyperledger/fabric-chaincode-go/shim"
"github.com/hyperledger/fabric-private-chaincode/internal/protos"
"github.com/hyperledger/fabric/protoutil"
"github.com/pkg/errors"
"google.golang.org/protobuf/proto"
pb "github.com/hyperledger/fabric-protos-go/peer"
)

type skvsStub struct {
*EnclaveStub
}

func NewSkvsStub(cc shim.Chaincode) *skvsStub {
func NewSkvsStub(cc shim.Chaincode) *EnclaveStub {
logger.Warning("==== SKVS NewSkvsStub ====")
enclaveStub := NewEnclaveStub(cc)
return &skvsStub{enclaveStub}
}

func (e *skvsStub) ChaincodeInvoke(stub shim.ChaincodeStubInterface, chaincodeRequestMessageBytes []byte) ([]byte, error) {
logger.Warning("==== SKVS ChaincodeInvoke ====")

signedProposal, err := stub.GetSignedProposal()
if err != nil {
return nil, fmt.Errorf("cannot get signed proposal: %s", err.Error())
}

if err := e.verifySignedProposal(stub, chaincodeRequestMessageBytes); err != nil {
return nil, errors.Wrap(err, "signed proposal verification failed")
}

// unmarshal chaincodeRequest
chaincodeRequestMessage := &protos.ChaincodeRequestMessage{}
err = proto.Unmarshal(chaincodeRequestMessageBytes, chaincodeRequestMessage)
if err != nil {
return nil, err
}

// get key transport message including the encryption keys for request and response
keyTransportMessage, err := e.extractKeyTransportMessage(chaincodeRequestMessage)
if err != nil {
return nil, errors.Wrap(err, "cannot extract keyTransportMessage")
}

// decrypt request
cleartextChaincodeRequest, err := e.extractCleartextChaincodeRequest(chaincodeRequestMessage, keyTransportMessage)
if err != nil {
return nil, errors.Wrap(err, "cannot decrypt chaincode request")
}

// create a new instance of a FPC RWSet that we pass to the stub and later return with the response
rwset := NewReadWriteSet()

// Invoke chaincode
// we wrap the stub with our FpcStubInterface
// ** Implement our own FpcStubInterface
skvsStub := NewSkvsStubInterface(stub, cleartextChaincodeRequest.GetInput(), rwset, e.ccKeys)
ccResponse := e.ccRef.Invoke(skvsStub)
// **
// fpcStub := NewFpcStubInterface(stub, cleartextChaincodeRequest.GetInput(), rwset, e.ccKeys)
// ccResponse := e.ccRef.Invoke(fpcStub)

// marshal chaincode response
ccResponseBytes, err := protoutil.Marshal(&ccResponse)
if err != nil {
return nil, err
}

//encrypt response
encryptedResponse, err := e.csp.EncryptMessage(keyTransportMessage.GetResponseEncryptionKey(), ccResponseBytes)
if err != nil {
return nil, err
}

chaincodeRequestMessageHash := sha256.Sum256(chaincodeRequestMessageBytes)

response := &protos.ChaincodeResponseMessage{
EncryptedResponse: encryptedResponse,
FpcRwSet: rwset.ToFPCKVSet(),
EnclaveId: e.identity.GetEnclaveId(),
Proposal: signedProposal,
ChaincodeRequestMessageHash: chaincodeRequestMessageHash[:],
enclaveStub.stubProvider = func(stub shim.ChaincodeStubInterface, input *pb.ChaincodeInput, rwset *readWriteSet, sep StateEncryptionFunctions) shim.ChaincodeStubInterface {
return NewSkvsStubInterface(stub, input, rwset, sep)
}

responseBytes, err := proto.Marshal(response)
if err != nil {
return nil, err
}

// create signature
sig, err := e.identity.Sign(responseBytes)
if err != nil {
return nil, err
}

signedResponse := &protos.SignedChaincodeResponseMessage{
ChaincodeResponseMessage: responseBytes,
Signature: sig,
}

return proto.Marshal(signedResponse)
return enclaveStub
}

0 comments on commit 9cb49d8

Please sign in to comment.