forked from hyperledger/fabric-sdk-go
/
signature.go
56 lines (43 loc) · 1.96 KB
/
signature.go
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
/*
Copyright SecureKey Technologies Inc. All Rights Reserved.
SPDX-License-Identifier: Apache-2.0
*/
// Package verifier provides various verifier (e.g. signature)
package verifier
import (
"github.com/hyperledger/fabric-sdk-go/pkg/common/errors/status"
"github.com/hyperledger/fabric-sdk-go/pkg/common/providers/fab"
"github.com/hyperledger/fabric-sdk-go/third_party/github.com/hyperledger/fabric/protos/common"
"github.com/pkg/errors"
)
// Signature verifies response signature
type Signature struct {
Membership fab.ChannelMembership
}
// Verify checks transaction proposal response
func (v *Signature) Verify(response *fab.TransactionProposalResponse) error {
if response.ProposalResponse.GetResponse().Status != int32(common.Status_SUCCESS) {
return status.NewFromProposalResponse(response.ProposalResponse, response.Endorser)
}
res := response.ProposalResponse
if res.GetEndorsement() == nil {
return errors.WithStack(status.New(status.EndorserClientStatus, status.MissingEndorsement.ToInt32(), "missing endorsement in proposal response", nil))
}
creatorID := res.GetEndorsement().Endorser
err := v.Membership.Validate(creatorID)
if err != nil {
return errors.WithStack(status.New(status.EndorserClientStatus, status.SignatureVerificationFailed.ToInt32(), "the creator certificate is not valid", []interface{}{err.Error()}))
}
// check the signature against the endorser and payload hash
digest := append(res.GetPayload(), res.GetEndorsement().Endorser...)
// validate the signature
err = v.Membership.Verify(creatorID, digest, res.GetEndorsement().Signature)
if err != nil {
return errors.WithStack(status.New(status.EndorserClientStatus, status.SignatureVerificationFailed.ToInt32(), "the creator's signature over the proposal is not valid", []interface{}{err.Error()}))
}
return nil
}
// Match matches transaction proposal responses (empty for signature verifier)
func (v *Signature) Match(response []*fab.TransactionProposalResponse) error {
return nil
}