Gossip Crypto-related API update

This commit:
1) Helps connect between the existing fabric message verification API
to the gossip implementation by using the same signature methods
as the crypto/crypto.go Peer interface
2) Adds a PKI_id to the discovery infrasturcture and to the communication layer
in order for peers to assert:
	2)a) Single connection to each peer
	2)b) Identity of connecting peer

Change-Id: Ie18ccbb6135d65b1c508f3e0a3d1dc911df0bd7b
Signed-off-by: Yacov Manevich <yacovm@il.ibm.com>

gossip/api/api.go

@@ -16,14 +16,6 @@ limitations under the License.
 
 package api
 
-import (
-	"github.com/hyperledger/fabric/gossip/discovery"
-	"google.golang.org/grpc"
-)
-
-type GossipEmitterFactory interface {
-	NewGossipEmitter(id string, discSvc discovery.DiscoveryService) GossipService
-}
 
 // GossipService is used to publish new blocks to the gossip network
 type GossipService interface {
@@ -43,12 +35,6 @@ type Payload struct {
 	SeqNum uint64 // The message sequence number
 }
 
-type GossipMemberFactory interface {
-	NewGossipMember(discovery.DiscoveryService, ReplicationProvider, MessageCryptoService, MessagePolicyVerifier, *grpc.Server) GossipMember
-
-	NewGossipMemberWithRPCServer(discovery.DiscoveryService, ReplicationProvider, MessageCryptoService, MessagePolicyVerifier, BindAddress) (GossipMember, error)
-}
-
 // GossipMember is used to obtain new blocks from the gossip network
 type GossipMember interface {
 	// RegisterCallback registers a callback that is invoked on messages
@@ -73,21 +59,14 @@ type ReplicationProvider interface {
 type MessageCryptoService interface {
 	// Verify returns nil whether the message and its identifier are authentic,
 	// otherwise returns an error
-	Verify(seqNum uint64, sender string, payload Payload) error
-
-	// Sign signs the payload
-	Sign(sender string, Payload Payload) Payload
+	VerifyBlock(seqNum uint64, pkiId []byte, payload Payload) error
 
-	// SignBlob signs a blob
-	SignBlob([]byte) []byte
-
-	// VerifyBlob verifies a blob, returns error on failure
-	// and nil if the blob is correctly signed
-	VerifyBlob(sender string, blob []byte) error
-}
+	// Sign signs msg with this peer's signing key and outputs
+	// the signature if no error occurred.
+	Sign(msg []byte) ([]byte, error)
 
-// MessagePolicyVerifier verifies whether the message conforms to all required policies,
-// and can be safely delivered to the user.
-type MessagePolicyVerifier interface {
-	Verify(seqNum uint64, sender string, payload Payload) error
+	// Verify checks that signature is a valid signature of message under vkID's verification key.
+	// If the verification succeeded, Verify returns nil meaning no error occurred.
+	// If vkID is nil, then the signature is verified against this validator's verification key.
+	Verify(vkID, signature, message []byte) error
 }

gossip/comm/comm.go

@@ -25,6 +25,9 @@ type CommModule interface {
 	// Send sends a message to endpoints
 	Send(msg *proto.GossipMessage, endpoints ...string)
 
+	// SetPKIid asserts that pkiId is the PKI_id of endpoint
+	SetPKIid(endpoint, pkiId []byte)
+
 	// Probe probes a remote node and returns nil if its responsive
 	Probe(endpoint string) error
 
@@ -42,6 +45,21 @@ type CommModule interface {
 	Stop()
 }
 
+type SecurityProvider interface {
+
+	// isEnabled returns whether this
+	isEnabled() bool
+
+	// Sign signs msg with this peers signing key and outputs
+	// the signature if no error occurred.
+	Sign(msg []byte) ([]byte, error)
+
+	// Verify checks that signature if a valid signature of message under vkID's verification key.
+	// If the verification succeeded, Verify returns nil meaning no error occurred.
+	// If vkID is nil, then the signature is verified against this validator's verification key.
+	Verify(vkID, signature, message []byte) error
+}
+
 
 type MessageAcceptor func(*proto.GossipMessage) bool
 

gossip/discovery/discovery.go

@@ -57,6 +57,7 @@ type NetworkMember struct {
 	Id       string
 	Endpoint string
 	Metadata []byte
+	PKIid	 []byte
 }
 
 type DiscoveryService interface {