starter.go 4.4 KB
Newer Older
1
2
3
package sign

import (
Caro Axel's avatar
Caro Axel committed
4
5
	"crypto/rsa"
	"crypto/x509"
6
7
	"errors"
	"fmt"
8
	"log"
9
	"strconv"
Loïck Bonniot's avatar
Loïck Bonniot committed
10
	"time"
11

Caro Axel's avatar
Caro Axel committed
12
13
	"dfss"
	cAPI "dfss/dfssc/api"
14
	"dfss/dfssc/security"
Caro Axel's avatar
Caro Axel committed
15
	pAPI "dfss/dfssp/api"
16
17
18
	"dfss/dfssp/contract"
	"dfss/net"
	"golang.org/x/net/context"
Caro Axel's avatar
Caro Axel committed
19
	"google.golang.org/grpc"
20
21
22
23
24
25
26
)

// SignatureManager handles the signature of a contract.
type SignatureManager struct {
	auth      *security.AuthContainer
	localPort int
	contract  *contract.JSON
Caro Axel's avatar
Caro Axel committed
27
28
29
30
31
	platform  pAPI.PlatformClient
	peers     map[string]*cAPI.ClientClient
	cServer   *grpc.Server
	cert, ca  *x509.Certificate
	key       *rsa.PrivateKey
32
33
	sequence  []uint32
	uuid      string
34
35
36
37
38
39
40
41
42
}

// NewSignatureManager populates a SignatureManager and connects to the platform.
func NewSignatureManager(fileCA, fileCert, fileKey, addrPort, passphrase string, port int, c *contract.JSON) (*SignatureManager, error) {
	m := &SignatureManager{
		auth:      security.NewAuthContainer(fileCA, fileCert, fileKey, addrPort, passphrase),
		localPort: port,
		contract:  c,
	}
Caro Axel's avatar
Caro Axel committed
43
44
	var err error
	m.ca, m.cert, m.key, err = m.auth.LoadFiles()
45
46
47
48
	if err != nil {
		return nil, err
	}

Caro Axel's avatar
Caro Axel committed
49
	m.cServer = m.GetServer()
50
	go func() { log.Fatalln(net.Listen("0.0.0.0:"+strconv.Itoa(port), m.cServer)) }()
Caro Axel's avatar
Caro Axel committed
51
52

	conn, err := net.Connect(m.auth.AddrPort, m.cert, m.key, m.ca)
53
54
55
56
	if err != nil {
		return nil, err
	}

Caro Axel's avatar
Caro Axel committed
57
	m.platform = pAPI.NewPlatformClient(conn)
58

Caro Axel's avatar
Caro Axel committed
59
	m.peers = make(map[string]*cAPI.ClientClient)
60
	for _, u := range c.Signers {
61
62
63
		if u.Email != m.cert.Subject.CommonName {
			m.peers[u.Email] = nil
		}
64
65
66
67
68
69
70
	}

	return m, nil
}

// ConnectToPeers tries to fetch the list of users for this contract, and tries to establish a connection to each peer.
func (m *SignatureManager) ConnectToPeers() error {
Caro Axel's avatar
Caro Axel committed
71
	stream, err := m.platform.JoinSignature(context.Background(), &pAPI.JoinSignatureRequest{
72
73
74
75
76
77
78
79
80
81
82
83
84
		ContractUuid: m.contract.UUID,
		Port:         uint32(m.localPort),
	})
	if err != nil {
		return err
	}

	for {
		userConnected, err := stream.Recv()
		if err != nil {
			return err
		}
		errorCode := userConnected.GetErrorCode()
Caro Axel's avatar
Caro Axel committed
85
		if errorCode.Code != pAPI.ErrorCode_SUCCESS {
86
87
88
89
			return errors.New(errorCode.Message)
		}
		ready, err := m.addPeer(userConnected.User)
		if err != nil {
90
			continue // Unable to connect to this user, ignore it for the moment
91
92
93
94
95
96
97
98
99
100
		}
		if ready {
			break
		}
	}

	return nil
}

// addPeer stores a peer from the platform and tries to establish a connection to this peer.
Caro Axel's avatar
Caro Axel committed
101
func (m *SignatureManager) addPeer(user *pAPI.User) (ready bool, err error) {
102
103
104
105
	if user == nil {
		err = errors.New("unexpected user format")
		return
	}
106
107
108
	if _, ok := m.peers[user.Email]; !ok {
		return // Ignore if unknown
	}
109

Caro Axel's avatar
Caro Axel committed
110
	addrPort := user.Ip + ":" + strconv.Itoa(int(user.Port))
111
	fmt.Println("- Trying to connect with", user.Email, "/", addrPort)
112

Caro Axel's avatar
Caro Axel committed
113
114
115
116
117
118
119
120
	conn, err := net.Connect(addrPort, m.cert, m.key, m.ca)
	if err != nil {
		return false, err
	}

	// Sending Hello message
	client := cAPI.NewClientClient(conn)
	m.peers[user.Email] = &client
121
122
123
124

	ctx, cancel := context.WithTimeout(context.Background(), time.Minute)
	defer cancel()
	msg, err := client.Discover(ctx, &cAPI.Hello{Version: dfss.Version})
Caro Axel's avatar
Caro Axel committed
125
126
127
	if err != nil {
		return false, err
	}
128

Caro Axel's avatar
Caro Axel committed
129
	// Printing answer: application version
130
131
	// TODO check certificate
	fmt.Println("  Successfully connected!", "[", msg.Version, "]")
132
133
134
135

	// Check if we have any other peer to connect to
	for _, u := range m.peers {
		if u == nil {
Caro Axel's avatar
Caro Axel committed
136
			return false, nil
137
138
139
		}
	}

Caro Axel's avatar
Caro Axel committed
140
	return true, nil
141
}
Loïck Bonniot's avatar
Loïck Bonniot committed
142
143
144

// SendReadySign sends the READY signal to the platform, and wait (potentially a long time) for START signal.
func (m *SignatureManager) SendReadySign() (signatureUUID string, err error) {
145
	ctx, cancel := context.WithTimeout(context.Background(), 10*time.Minute)
Loïck Bonniot's avatar
Loïck Bonniot committed
146
	defer cancel()
Loïck Bonniot's avatar
Loïck Bonniot committed
147
	launch, err := m.platform.ReadySign(ctx, &pAPI.ReadySignRequest{
Loïck Bonniot's avatar
Loïck Bonniot committed
148
149
150
151
152
153
154
		ContractUuid: m.contract.UUID,
	})
	if err != nil {
		return
	}

	errorCode := launch.GetErrorCode()
Loïck Bonniot's avatar
Loïck Bonniot committed
155
	if errorCode.Code != pAPI.ErrorCode_SUCCESS {
Loïck Bonniot's avatar
Loïck Bonniot committed
156
157
158
159
		err = errors.New(errorCode.Code.String() + " " + errorCode.Message)
		return
	}

160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
	// Check signers from platform data
	if len(m.contract.Signers) != len(launch.KeyHash) {
		err = errors.New("Corrupted DFSS file: bad number of signers, unable to sign safely")
		return
	}

	for i, s := range m.contract.Signers {
		if s.Hash != fmt.Sprintf("%x", launch.KeyHash[i]) {
			err = errors.New("Corrupted DFSS file: signer " + s.Email + " has an invalid hash, unable to sign safely")
			return
		}
	}

	m.sequence = launch.Sequence
	m.uuid = launch.SignatureUuid
	signatureUUID = m.uuid
Loïck Bonniot's avatar
Loïck Bonniot committed
176
177
	return
}