diff options
author | Mission Liao <mission.liao@dexon.org> | 2018-09-25 11:02:32 +0800 |
---|---|---|
committer | GitHub <noreply@github.com> | 2018-09-25 11:02:32 +0800 |
commit | 01a6b236b82391adfedad1498f3497a70d4cf948 (patch) | |
tree | 54807a80c7756d62ca1ff8c860cdb43c870c90a6 /core/key-holder.go | |
parent | dc6b4d947aa017aa37e51178f52d9dccb47864ae (diff) | |
download | dexon-consensus-01a6b236b82391adfedad1498f3497a70d4cf948.tar dexon-consensus-01a6b236b82391adfedad1498f3497a70d4cf948.tar.gz dexon-consensus-01a6b236b82391adfedad1498f3497a70d4cf948.tar.bz2 dexon-consensus-01a6b236b82391adfedad1498f3497a70d4cf948.tar.lz dexon-consensus-01a6b236b82391adfedad1498f3497a70d4cf948.tar.xz dexon-consensus-01a6b236b82391adfedad1498f3497a70d4cf948.tar.zst dexon-consensus-01a6b236b82391adfedad1498f3497a70d4cf948.zip |
core: add key holder (#130)
The purpose to add this module is to export
the functionality to sign/verify data without
exporting private key directly.
Diffstat (limited to 'core/key-holder.go')
-rw-r--r-- | core/key-holder.go | 98 |
1 files changed, 98 insertions, 0 deletions
diff --git a/core/key-holder.go b/core/key-holder.go new file mode 100644 index 0000000..355c823 --- /dev/null +++ b/core/key-holder.go @@ -0,0 +1,98 @@ +// Copyright 2018 The dexon-consensus-core Authors +// This file is part of the dexon-consensus-core library. +// +// The dexon-consensus-core library is free software: you can redistribute it +// and/or modify it under the terms of the GNU Lesser General Public License as +// published by the Free Software Foundation, either version 3 of the License, +// or (at your option) any later version. +// +// The dexon-consensus-core library is distributed in the hope that it will be +// useful, but WITHOUT ANY WARRANTY; without even the implied warranty of +// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU Lesser +// General Public License for more details. +// +// You should have received a copy of the GNU Lesser General Public License +// along with the dexon-consensus-core library. If not, see +// <http://www.gnu.org/licenses/>. + +package core + +import ( + "github.com/dexon-foundation/dexon-consensus-core/common" + "github.com/dexon-foundation/dexon-consensus-core/core/types" + "github.com/dexon-foundation/dexon-consensus-core/crypto" +) + +type keyHolder struct { + prvKey crypto.PrivateKey + pubKey crypto.PublicKey + sigToPub SigToPubFn +} + +func newKeyHolder(prvKey crypto.PrivateKey, sigToPub SigToPubFn) *keyHolder { + return &keyHolder{ + prvKey: prvKey, + pubKey: prvKey.PublicKey(), + sigToPub: sigToPub, + } +} + +// SignBlock implements core.Signer. +func (h *keyHolder) SignBlock(b *types.Block) (err error) { + b.ProposerID = types.NewNodeID(h.pubKey) + if b.Hash, err = hashBlock(b); err != nil { + return + } + if b.Signature, err = h.prvKey.Sign(b.Hash); err != nil { + return + } + return +} + +// SignVote implements core.Signer. +func (h *keyHolder) SignVote(v *types.Vote) (err error) { + v.ProposerID = types.NewNodeID(h.pubKey) + v.Signature, err = h.prvKey.Sign(hashVote(v)) + return +} + +// SignCRS implements core.Signer +func (h *keyHolder) SignCRS(b *types.Block, crs common.Hash) (err error) { + if b.ProposerID != types.NewNodeID(h.pubKey) { + err = ErrInvalidProposerID + return + } + b.CRSSignature, err = h.prvKey.Sign(hashCRS(b, crs)) + return +} + +// VerifyBlock implements core.CryptoVerifier. +func (h *keyHolder) VerifyBlock(b *types.Block) (err error) { + hash, err := hashBlock(b) + if err != nil { + return + } + if hash != b.Hash { + err = ErrIncorrectHash + return + } + pubKey, err := h.sigToPub(b.Hash, b.Signature) + if err != nil { + return + } + if !b.ProposerID.Equal(crypto.Keccak256Hash(pubKey.Bytes())) { + err = ErrIncorrectSignature + return + } + return +} + +// VerifyVote implements core.CryptoVerifier. +func (h *keyHolder) VerifyVote(v *types.Vote) (bool, error) { + return verifyVoteSignature(v, h.sigToPub) +} + +// VerifyWitness implements core.CryptoVerifier. +func (h *keyHolder) VerifyCRS(b *types.Block, crs common.Hash) (bool, error) { + return verifyCRSSignature(b, crs, h.sigToPub) +} |