Examples with BlockchainKeypair com.jd.blockchain.ledger.BlockchainKeypair used on opensource projects

Example 1 with BlockchainKeypair

use of com.jd.blockchain.ledger.BlockchainKeypair in project jdchain-core by blockchain-jd-com.

the class LedgerSecurityManagerTest method testGetSecurityPolicy.

@Test
public void testGetSecurityPolicy() {
    MemoryKVStorage testStorage = new MemoryKVStorage();
    // 定义不同角色用户的 keypair；
    final BlockchainKeypair kpManager = BlockchainKeyGenerator.getInstance().generate();
    final BlockchainKeypair kpEmployee = BlockchainKeyGenerator.getInstance().generate();
    final BlockchainKeypair kpDevoice = BlockchainKeyGenerator.getInstance().generate();
    final BlockchainKeypair kpPlatform = BlockchainKeyGenerator.getInstance().generate();
    // 定义角色和权限；
    final String ROLE_ADMIN = "ID_ADMIN";
    final String ROLE_OPERATOR = "OPERATOR";
    final String ROLE_DATA_COLLECTOR = "DATA_COLLECTOR";
    final String ROLE_PLATFORM = "PLATFORM";
    // 定义管理员角色的权限：【账本权限只允许：注册用户、注册数据账户】【交易权限只允许：调用账本直接操作】
    final Privileges PRIVILEGES_ADMIN = Privileges.configure().enable(LedgerPermission.REGISTER_USER, LedgerPermission.REGISTER_DATA_ACCOUNT).enable(TransactionPermission.DIRECT_OPERATION);
    // 定义操作员角色的权限：【账本权限只允许：写入数据账户】【交易权限只允许：调用合约】
    final Privileges PRIVILEGES_OPERATOR = Privileges.configure().enable(LedgerPermission.WRITE_DATA_ACCOUNT).enable(TransactionPermission.CONTRACT_OPERATION);
    // 定义数据收集器角色的权限：【账本权限只允许：写入数据账户】【交易权限只允许：调用账本直接操作】
    final Privileges PRIVILEGES_DATA_COLLECTOR = Privileges.configure().enable(LedgerPermission.WRITE_DATA_ACCOUNT).enable(TransactionPermission.DIRECT_OPERATION);
    // 定义平台角色的权限：【账本权限只允许：签署合约】 (只允许作为节点签署交易，不允许作为终端发起交易指令)
    final Privileges PRIVILEGES_PLATFORM = Privileges.configure().enable(LedgerPermission.APPROVE_TX);
    RolePrivilegeDataset rolePrivilegeDataset = createRolePrivilegeDataset(testStorage);
    long v = rolePrivilegeDataset.addRolePrivilege(ROLE_ADMIN, PRIVILEGES_ADMIN);
    assertTrue(v > -1);
    v = rolePrivilegeDataset.addRolePrivilege(ROLE_OPERATOR, PRIVILEGES_OPERATOR);
    assertTrue(v > -1);
    v = rolePrivilegeDataset.addRolePrivilege(ROLE_DATA_COLLECTOR, PRIVILEGES_DATA_COLLECTOR);
    assertTrue(v > -1);
    v = rolePrivilegeDataset.addRolePrivilege(ROLE_PLATFORM, PRIVILEGES_PLATFORM);
    assertTrue(v > -1);
    rolePrivilegeDataset.commit();
    // 为用户分配角色；
    String[] managerRoles = new String[] { ROLE_ADMIN, ROLE_OPERATOR };
    String[] employeeRoles = new String[] { ROLE_OPERATOR };
    String[] devoiceRoles = new String[] { ROLE_DATA_COLLECTOR };
    String[] platformRoles = new String[] { ROLE_PLATFORM };
    UserRoleDatasetEditor userRolesDataset = createUserRoleDataset(testStorage);
    userRolesDataset.addUserRoles(kpManager.getAddress(), RolesPolicy.UNION, managerRoles);
    userRolesDataset.addUserRoles(kpEmployee.getAddress(), RolesPolicy.UNION, employeeRoles);
    userRolesDataset.addUserRoles(kpDevoice.getAddress(), RolesPolicy.UNION, devoiceRoles);
    userRolesDataset.addUserRoles(kpPlatform.getAddress(), RolesPolicy.UNION, platformRoles);
    userRolesDataset.commit();
    ParticipantCollection partisQuery = Mockito.mock(ParticipantCollection.class);
    UserAccountSet usersQuery = Mockito.mock(UserAccountSet.class);
    // 创建安全管理器；
    LedgerSecurityManager securityManager = new LedgerSecurityManagerImpl(rolePrivilegeDataset, userRolesDataset, partisQuery, usersQuery);
    // 定义终端用户列表；终端用户一起共同具有 ADMIN、OPERATOR 角色；
    final Map<Bytes, BlockchainKeypair> endpoints = new HashMap<>();
    endpoints.put(kpManager.getAddress(), kpManager);
    endpoints.put(kpEmployee.getAddress(), kpEmployee);
    // 定义节点参与方列表；
    final Map<Bytes, BlockchainKeypair> nodes = new HashMap<>();
    nodes.put(kpPlatform.getAddress(), kpPlatform);
    // 创建一项与指定的终端用户和节点参与方相关的安全策略；
    SecurityPolicy policy = securityManager.getSecurityPolicy(endpoints.keySet(), nodes.keySet());
    // 校验安全策略的正确性；
    LedgerPermission[] ledgerPermissions = LedgerPermission.values();
    for (LedgerPermission p : ledgerPermissions) {
        // 终端节点有 ADMIN 和 OPERATOR 两种角色的合并权限；
        if (p == LedgerPermission.REGISTER_USER || p == LedgerPermission.REGISTER_DATA_ACCOUNT || p == LedgerPermission.WRITE_DATA_ACCOUNT) {
            assertTrue(policy.isEndpointEnable(p, MultiIDsPolicy.AT_LEAST_ONE));
        } else {
            assertFalse(policy.isEndpointEnable(p, MultiIDsPolicy.AT_LEAST_ONE));
        }
        if (p == LedgerPermission.APPROVE_TX) {
            // 共识参与方只有 PLATFORM 角色的权限：核准交易；
            assertTrue(policy.isNodeEnable(p, MultiIDsPolicy.AT_LEAST_ONE));
        } else {
            assertFalse(policy.isNodeEnable(p, MultiIDsPolicy.AT_LEAST_ONE));
        }
    }
    TransactionPermission[] transactionPermissions = TransactionPermission.values();
    for (TransactionPermission p : transactionPermissions) {
        // 终端节点有 ADMIN 和 OPERATOR 两种角色的合并权限；
        if (p == TransactionPermission.DIRECT_OPERATION || p == TransactionPermission.CONTRACT_OPERATION) {
            assertTrue(policy.isEndpointEnable(p, MultiIDsPolicy.AT_LEAST_ONE));
        } else {
            assertFalse(policy.isEndpointEnable(p, MultiIDsPolicy.AT_LEAST_ONE));
        }
        assertFalse(policy.isNodeEnable(p, MultiIDsPolicy.AT_LEAST_ONE));
    }
}

Example 2 with BlockchainKeypair

use of com.jd.blockchain.ledger.BlockchainKeypair in project jdchain-core by blockchain-jd-com.

the class LedgerAdminDatasetTest method verifyReadonlyState.

/**
 * 验证指定账户是否只读；
 *
 * @param readonlyAccount
 */
private void verifyReadonlyState(LedgerAdminDataSetEditor readonlyAccount) {
    ConsensusParticipantData newParti = new ConsensusParticipantData();
    newParti.setId((int) readonlyAccount.getParticipantCount());
    newParti.setHostAddress(new NetworkAddress("192.168.10." + (10 + newParti.getId()), 10010 + 10 * newParti.getId()));
    newParti.setName("Participant[" + newParti.getAddress() + "]");
    BlockchainKeypair newKey = BlockchainKeyGenerator.getInstance().generate();
    newParti.setPubKey(newKey.getPubKey());
    newParti.setParticipantState(ParticipantNodeState.CONSENSUS);
    Throwable ex = null;
    try {
        readonlyAccount.addParticipant(newParti);
    } catch (Exception e) {
        ex = e;
    }
    assertNotNull(ex);
    ex = null;
    try {
        LedgerConfiguration newLedgerSetting = new LedgerConfiguration(readonlyAccount.getSettings());
        readonlyAccount.setLedgerSetting(newLedgerSetting);
    } catch (Exception e) {
        ex = e;
    }
    assertNotNull(ex);
}

Example 3 with BlockchainKeypair

use of com.jd.blockchain.ledger.BlockchainKeypair in project jdchain-core by blockchain-jd-com.

the class LedgerEditorTest method testGennesisBlockCreation.

/**
 * 测试创建账本；
 */
@Test
public void testGennesisBlockCreation() {
    LedgerEditor ldgEdt = createLedgerInitEditor();
    LedgerTransactionContext genisisTxCtx = createGenisisTx(ldgEdt, participants);
    LedgerDataSetEditor ldgDS = (LedgerDataSetEditor) genisisTxCtx.getDataset();
    AsymmetricKeypair cryptoKeyPair = signatureFunction.generateKeypair();
    BlockchainKeypair userKP = new BlockchainKeypair(cryptoKeyPair.getPubKey(), cryptoKeyPair.getPrivKey());
    UserAccount userAccount = ldgDS.getUserAccountSet().register(userKP.getAddress(), userKP.getPubKey());
    userAccount.setProperty("Name", "孙悟空", -1);
    userAccount.setProperty("Age", "10000", -1);
    TransactionResult tx = genisisTxCtx.commit(TransactionState.SUCCESS);
    TransactionRequest genesisTxReq = genisisTxCtx.getTransactionRequest();
    assertEquals(genesisTxReq.getTransactionHash(), tx.getTransactionHash());
    assertEquals(0, tx.getBlockHeight());
    LedgerBlock block = ldgEdt.prepare();
    assertEquals(0, block.getHeight());
    assertNotNull(block.getHash());
    assertNull(block.getLedgerHash());
    assertNull(block.getPreviousHash());
    // 提交数据，写入存储；
    ldgEdt.commit();
}

Example 4 with BlockchainKeypair

use of com.jd.blockchain.ledger.BlockchainKeypair in project jdchain-core by blockchain-jd-com.

the class LedgerEditorTest method testWriteDataAccoutKvOp.

@SuppressWarnings("unused")
@Test
public void testWriteDataAccoutKvOp() {
    MemoryKVStorage storage = new MemoryKVStorage();
    LedgerEditor ldgEdt = createLedgerInitEditor(storage);
    LedgerTransactionContext genisisTxCtx = createGenisisTx(ldgEdt, participants);
    LedgerDataSetEditor ldgDS = (LedgerDataSetEditor) genisisTxCtx.getDataset();
    AsymmetricKeypair cryptoKeyPair = signatureFunction.generateKeypair();
    BlockchainKeypair dataKP = new BlockchainKeypair(cryptoKeyPair.getPubKey(), cryptoKeyPair.getPrivKey());
    DataAccount dataAccount = ldgDS.getDataAccountSet().register(dataKP.getAddress(), dataKP.getPubKey(), null);
    dataAccount.getDataset().setValue("A", TypedValue.fromText("abc"), -1);
    TransactionResult tx = genisisTxCtx.commit(TransactionState.SUCCESS);
    LedgerBlock block = ldgEdt.prepare();
    // 提交数据，写入存储；
    ldgEdt.commit();
    // 预期这是第1个区块；
    assertNotNull(block);
    assertNotNull(block.getHash());
    assertEquals(0, block.getHeight());
    // 验证数据读写的一致性；
    BytesValue bytes = dataAccount.getDataset().getValue("A");
    assertEquals(DataType.TEXT, bytes.getType());
    String textValue = bytes.getBytes().toUTF8String();
    assertEquals("abc", textValue);
    // 验证重新加载的正确性；
    LedgerManager manager = new LedgerManager();
    HashDigest ledgerHash = block.getHash();
    LedgerRepository repo = manager.register(ledgerHash, storage, LedgerDataStructure.MERKLE_TREE);
    dataAccount = repo.getDataAccountSet().getAccount(dataKP.getAddress());
    assertNotNull(dataAccount);
    bytes = dataAccount.getDataset().getValue("A");
    assertEquals(DataType.TEXT, bytes.getType());
    textValue = bytes.getBytes().toUTF8String();
    assertEquals("abc", textValue);
    LedgerTransaction tx_init = repo.getTransactionSet().getTransaction(tx.getTransactionHash());
    assertNotNull(tx_init);
}

Example 5 with BlockchainKeypair

use of com.jd.blockchain.ledger.BlockchainKeypair in project jdchain-core by blockchain-jd-com.

the class LedgerInitSettingSerializeTest method test_ledgerinitsetting_ParticipantCertData.

// @Test
// public void test_ledgerinitsetting_ConsensusParticipantConfig() {
// }
@Test
public void test_ledgerinitsetting_ParticipantCertData() {
    ParticipantCertData[] parties = new ParticipantCertData[4];
    BlockchainKeypair[] keys = new BlockchainKeypair[parties.length];
    for (int i = 0; i < parties.length; i++) {
        keys[i] = BlockchainKeyGenerator.getInstance().generate();
        parties[i] = new ParticipantCertData(AddressEncoding.generateAddress(keys[i].getPubKey()), "Participant[" + i + "]", keys[i].getPubKey(), ParticipantNodeState.CONSENSUS);
    }
    ParticipantCertData[] parties1 = Arrays.copyOf(parties, 4);
    ledgerInitSettingData.setConsensusParticipants(parties1);
    ledgerInitSettingData.setLedgerDataStructure(LedgerDataStructure.MERKLE_TREE);
    ledgerInitSettingData.setIdentityMode(IdentityMode.KEYPAIR);
    byte[] encode = BinaryProtocol.encode(ledgerInitSettingData, LedgerInitSetting.class);
    LedgerInitSetting decode = BinaryProtocol.decode(encode);
    for (int i = 0; i < ledgerInitSettingData.getConsensusParticipants().length; i++) {
        assertEquals(ledgerInitSettingData.getConsensusParticipants()[i].getAddress(), decode.getConsensusParticipants()[i].getAddress());
        assertEquals(ledgerInitSettingData.getConsensusParticipants()[i].getName(), decode.getConsensusParticipants()[i].getName());
        assertEquals(ledgerInitSettingData.getConsensusParticipants()[i].getPubKey(), decode.getConsensusParticipants()[i].getPubKey());
    }
    assertArrayEquals(ledgerInitSettingData.getLedgerSeed(), decode.getLedgerSeed());
    assertArrayEquals(ledgerInitSettingData.getConsensusSettings().toBytes(), decode.getConsensusSettings().toBytes());
    assertEquals(ledgerInitSettingData.getCryptoSetting().getHashAlgorithm(), decode.getCryptoSetting().getHashAlgorithm());
    assertEquals(ledgerInitSettingData.getCryptoSetting().getAutoVerifyHash(), decode.getCryptoSetting().getAutoVerifyHash());
    assertEquals(ledgerInitSettingData.getConsensusProvider(), decode.getConsensusProvider());
}