Merge remote-tracking branch 'origin/dev_rc_jdk13_2.0.0' into dev_rc_jdk13_2.0.0

This commit is contained in:
brightestboy 2022-06-08 14:40:32 +08:00
commit 385f3fec4a
69 changed files with 934 additions and 951 deletions

View File

@ -16,43 +16,22 @@ akka {
}
remote {
#classic模式下的配置
classic {
netty.tcp {
//在单机单节点的情况下配置机器ip
#hostname=192.168.10.155
#hostname = 192.168.31.155
hostname = 127.0.0.1
//在单机单节点的情况下需要配置具体的端口在单机多节点的情况下直接配置为0
//port = 0
//port=8082//0automatic assign
//internal (bind) hostname
//bind-hostname=192.168.1.129
//bind-port=8082
#artery模式下的配置
artery {
#canonical.hostname = "192.168.10.155"
#canonical.hostname = "192.168.31.155"
canonical.hostname = "127.0.0.1"
canonical.port = 8083
ssl {
#节点的ssl配置,主要设置密码,密钥、证书、信任证书路径在程序中动态设置
config-ssl-engine {
key-password = "123"
key-store-password = "123"
trust-store-password = "changeme" // 加载信任列表证书用的_tls1.3
trust-store-password-mm = "changeme" // 加载信任列表证书用的_origin
}
}
}
netty.ssl.security {
//基础路径,证书的存放路径,建议不要修改
base-path = "jks/"
//名称前缀,证书的名称前缀,不要修改
base-name = ""
//证书的别名,需要跟节点的名称要保持一致
alias = "121000005l35120456.node1"
//用户ca文件密码
key-store-password = "123"
//用户证书密码
key-password = "123"
}
}
#artery模式下的配置
artery {
#canonical.hostname = "192.168.10.155"
#canonical.hostname = "192.168.31.155"
canonical.hostname = "127.0.0.1"
canonical.port = 8083
}
}
#以下两项配置是针对集群节点出现不可达是来配置的 在akka 2.6.13中适应
@ -111,6 +90,7 @@ system {
#如果是单机多节点测试模式Repchain则选择0默认节点1会开启
ws_enable = 1#api 0,不开启;1,开启
http_mode = 0 #http协议模式 0,http;1,https 默认使用http
is_need_client_auth = 1 #当http的模式设置为https时有效该配置指https时是否需要客户端验证;0=不验证1=验证
#交易生产方式
trans_create_type = 0#0,手动;1,自动
#是否进行TPS测试

View File

@ -16,43 +16,21 @@ akka {
}
remote {
#classic模式下的配置
classic {
netty.tcp {
//在单机单节点的情况下配置机器ip
#hostname=192.168.10.155
#hostname = 192.168.31.155
hostname = 127.0.0.1
//在单机单节点的情况下需要配置具体的端口在单机多节点的情况下直接配置为0
//port = 0
//port=8082//0automatic assign
//internal (bind) hostname
//bind-hostname=192.168.1.129
//bind-port=8082
}
netty.ssl.security {
//基础路径,证书的存放路径,建议不要修改
base-path = "jks/"
//名称前缀,证书的名称前缀,不要修改
base-name = ""
//证书的别名,需要跟节点的名称要保持一致
alias = "121000005l35120456.node1"
//用户ca文件密码
key-store-password = "123"
//用户证书密码
key-password = "123"
}
}
#artery模式下的配置
artery {
#canonical.hostname = "192.168.10.155"
#canonical.hostname = "192.168.31.155"
canonical.hostname = "127.0.0.1"
canonical.port = 22522
ssl {
#节点的ssl配置,主要设置密码,密钥、证书、信任证书路径在程序中动态设置
config-ssl-engine {
key-password = "123"
key-store-password = "123"
trust-store-password = "changeme" // 加载信任列表证书用的_tls1.3
trust-store-password-mm = "changeme" // 加载信任列表证书用的_origin
}
}
}
}
@ -111,7 +89,8 @@ system {
#api是否开启
#如果是单机多节点测试模式Repchain则选择0默认节点1会开启
ws_enable = 1#api 0,不开启;1,开启
http_mode = 0 #http协议模式 0,http;1,https 默认使用http
http_mode = 1 #http协议模式 0,http;1,https 默认使用http
is_need_client_auth = 1 #当http的模式设置为https时有效该配置指https时是否需要客户端验证;0=不验证1=验证
#交易生产方式
trans_create_type = 0#0,手动;1,自动
#是否进行TPS测试

View File

@ -16,42 +16,21 @@ akka {
}
remote {
#classic模式下的配置
classic {
netty.tcp {
//在单机单节点的情况下配置机器ip
#hostname=192.168.10.155
#hostname = 192.168.31.155
hostname = 127.0.0.1
//在单机单节点的情况下需要配置具体的端口在单机多节点的情况下直接配置为0
//port = 0
//port=8082//0automatic assign
//internal (bind) hostname
//bind-hostname=192.168.1.129
//bind-port=8082
}
netty.ssl.security {
//基础路径,证书的存放路径,建议不要修改
base-path = "jks/"
//名称前缀,证书的名称前缀,不要修改
base-name = ""
//证书的别名,需要跟节点的名称要保持一致
alias = "121000005l35120456.node1"
//用户ca文件密码
key-store-password = "123"
//用户证书密码
key-password = "123"
}
}
#artery模式下的配置
artery {
#canonical.hostname = "192.168.10.155"
#canonical.hostname = "192.168.31.155"
canonical.hostname = "127.0.0.1"
canonical.port = 22523
ssl {
#节点的ssl配置,主要设置密码,密钥、证书、信任证书路径在程序中动态设置
config-ssl-engine {
key-password = "123"
key-store-password = "123"
trust-store-password = "changeme" // 加载信任列表证书用的_tls1.3
trust-store-password-mm = "changeme" // 加载信任列表证书用的_origin
}
}
}
}
@ -110,7 +89,8 @@ system {
#api是否开启
#如果是单机多节点测试模式Repchain则选择0默认节点1会开启
ws_enable = 1#api 0,不开启;1,开启
http_mode = 0 #http协议模式 0,http;1,https 默认使用http
http_mode = 1 #http协议模式 0,http;1,https 默认使用http
is_need_client_auth = 1 #当http的模式设置为https时有效该配置指https时是否需要客户端验证;0=不验证1=验证
#交易生产方式
trans_create_type = 0#0,手动;1,自动
#是否进行TPS测试

View File

@ -16,43 +16,22 @@ akka {
}
remote {
#classic模式下的配置
classic {
netty.tcp {
//在单机单节点的情况下配置机器ip
#hostname=192.168.10.155
#hostname = 192.168.31.155
hostname = 127.0.0.1
//在单机单节点的情况下需要配置具体的端口在单机多节点的情况下直接配置为0
//port = 0
//port=8082//0automatic assign
//internal (bind) hostname
//bind-hostname=192.168.1.129
//bind-port=8082
#artery模式下的配置
artery {
#canonical.hostname = "192.168.10.155"
#canonical.hostname = "192.168.31.155"
canonical.hostname = "127.0.0.1"
canonical.port = 22524
ssl {
#节点的ssl配置,主要设置密码,密钥、证书、信任证书路径在程序中动态设置
config-ssl-engine {
key-password = "123"
key-store-password = "123"
trust-store-password = "changeme" // 加载信任列表证书用的_tls1.3
trust-store-password-mm = "changeme" // 加载信任列表证书用的_origin
}
}
}
netty.ssl.security {
//基础路径,证书的存放路径,建议不要修改
base-path = "jks/"
//名称前缀,证书的名称前缀,不要修改
base-name = ""
//证书的别名,需要跟节点的名称要保持一致
alias = "121000005l35120456.node1"
//用户ca文件密码
key-store-password = "123"
//用户证书密码
key-password = "123"
}
}
#artery模式下的配置
artery {
#canonical.hostname = "192.168.10.155"
#canonical.hostname = "192.168.31.155"
canonical.hostname = "127.0.0.1"
canonical.port = 22524
}
}
#以下两项配置是针对集群节点出现不可达是来配置的 在akka 2.6.13中适应
@ -110,7 +89,8 @@ system {
#api是否开启
#如果是单机多节点测试模式Repchain则选择0默认节点1会开启
ws_enable = 1#api 0,不开启;1,开启
http_mode = 0 #http协议模式 0,http;1,https 默认使用http
http_mode = 1 #http协议模式 0,http;1,https 默认使用http
is_need_client_auth = 1 #当http的模式设置为https时有效该配置指https时是否需要客户端验证;0=不验证1=验证
#交易生产方式
trans_create_type = 0#0,手动;1,自动
#是否进行TPS测试

View File

@ -16,43 +16,22 @@ akka {
}
remote {
#classic模式下的配置
classic {
netty.tcp {
//在单机单节点的情况下配置机器ip
#hostname=192.168.10.155
#hostname = 192.168.31.155
hostname = 127.0.0.1
//在单机单节点的情况下需要配置具体的端口在单机多节点的情况下直接配置为0
//port = 0
//port=8082//0automatic assign
//internal (bind) hostname
//bind-hostname=192.168.1.129
//bind-port=8082
#artery模式下的配置
artery {
#canonical.hostname = "192.168.10.155"
#canonical.hostname = "192.168.31.155"
canonical.hostname = "127.0.0.1"
canonical.port = 8084
ssl {
#节点的ssl配置,主要设置密码,密钥、证书、信任证书路径在程序中动态设置
config-ssl-engine {
key-password = "123"
key-store-password = "123"
trust-store-password = "changeme" // 加载信任列表证书用的_tls1.3
trust-store-password-mm = "changeme" // 加载信任列表证书用的_origin
}
}
}
netty.ssl.security {
//基础路径,证书的存放路径,建议不要修改
base-path = "jks/"
//名称前缀,证书的名称前缀,不要修改
base-name = ""
//证书的别名,需要跟节点的名称要保持一致
alias = "121000005l35120456.node1"
//用户ca文件密码
key-store-password = "123"
//用户证书密码
key-password = "123"
}
}
#artery模式下的配置
artery {
#canonical.hostname = "192.168.10.155"
#canonical.hostname = "192.168.31.155"
canonical.hostname = "127.0.0.1"
canonical.port = 8084
}
}
#以下两项配置是针对集群节点出现不可达是来配置的 在akka 2.6.13中适应
@ -111,6 +90,7 @@ system {
#如果是单机多节点测试模式Repchain则选择0默认节点1会开启
ws_enable = 1#api 0,不开启;1,开启
http_mode = 0 #http协议模式 0,http;1,https 默认使用http
is_need_client_auth = 1 #当http的模式设置为https时有效该配置指https时是否需要客户端验证;0=不验证1=验证
#交易生产方式
trans_create_type = 0#0,手动;1,自动
#是否进行TPS测试

View File

@ -16,43 +16,22 @@ akka {
}
remote {
#classic模式下的配置
classic {
netty.tcp {
//在单机单节点的情况下配置机器ip
#hostname=192.168.10.155
#hostname = 192.168.31.155
hostname = 127.0.0.1
//在单机单节点的情况下需要配置具体的端口在单机多节点的情况下直接配置为0
//port = 0
//port=8082//0automatic assign
//internal (bind) hostname
//bind-hostname=192.168.1.129
//bind-port=8082
}
netty.ssl.security {
//基础路径,证书的存放路径,建议不要修改
base-path = "jks/"
//名称前缀,证书的名称前缀,不要修改
base-name = ""
//证书的别名,需要跟节点的名称要保持一致
alias = "121000005l35120456.node1"
//用户ca文件密码
key-store-password = "123"
//用户证书密码
key-password = "123"
}
}
#artery模式下的配置
artery {
#canonical.hostname = "192.168.10.155"
#canonical.hostname = "192.168.31.155"
canonical.hostname = "127.0.0.1"
canonical.port = 8082
}
#artery模式下的配置
artery {
#canonical.hostname = "192.168.10.155"
#canonical.hostname = "192.168.31.155"
canonical.hostname = "127.0.0.1"
canonical.port = 8082
ssl {
#节点的ssl配置,主要设置密码,密钥、证书、信任证书路径在程序中动态设置
config-ssl-engine {
key-password = "123"
key-store-password = "123"
trust-store-password = "changeme" // 加载信任列表证书用的_tls1.3
trust-store-password-mm = "changeme" // 加载信任列表证书用的_origin
}
}
}
}
#以下两项配置是针对集群节点出现不可达是来配置的 在akka 2.6.13中适应
@ -111,6 +90,7 @@ system {
#如果是单机多节点测试模式Repchain则选择0默认节点1会开启
ws_enable = 1#api 0,不开启;1,开启
http_mode = 0 #http协议模式 0,http;1,https 默认使用http
is_need_client_auth = 1 #当http的模式设置为https时有效该配置指https时是否需要客户端验证;0=不验证1=验证
#交易生产方式
trans_create_type = 0#0,手动;1,自动
#是否进行TPS测试

View File

@ -16,43 +16,22 @@ akka {
}
remote {
#classic模式下的配置
classic {
netty.tcp {
//在单机单节点的情况下配置机器ip
#hostname=192.168.10.155
#hostname = 192.168.31.155
hostname = 127.0.0.1
//在单机单节点的情况下需要配置具体的端口在单机多节点的情况下直接配置为0
//port = 0
//port=8082//0automatic assign
//internal (bind) hostname
//bind-hostname=192.168.1.129
//bind-port=8082
#artery模式下的配置
artery {
#canonical.hostname = "192.168.10.155"
#canonical.hostname = "192.168.31.155"
canonical.hostname = "127.0.0.1"
canonical.port = 8086
ssl {
#节点的ssl配置,主要设置密码,密钥、证书、信任证书路径在程序中动态设置
config-ssl-engine {
key-password = "123"
key-store-password = "123"
trust-store-password = "changeme" // 加载信任列表证书用的_tls1.3
trust-store-password-mm = "changeme" // 加载信任列表证书用的_origin
}
}
}
netty.ssl.security {
//基础路径,证书的存放路径,建议不要修改
base-path = "jks/"
//名称前缀,证书的名称前缀,不要修改
base-name = ""
//证书的别名,需要跟节点的名称要保持一致
alias = "121000005l35120456.node1"
//用户ca文件密码
key-store-password = "123"
//用户证书密码
key-password = "123"
}
}
#artery模式下的配置
artery {
#canonical.hostname = "192.168.10.155"
#canonical.hostname = "192.168.31.155"
canonical.hostname = "127.0.0.1"
canonical.port = 8086
}
}
#以下两项配置是针对集群节点出现不可达是来配置的 在akka 2.6.13中适应
@ -111,6 +90,7 @@ system {
#如果是单机多节点测试模式Repchain则选择0默认节点1会开启
ws_enable = 1#api 0,不开启;1,开启
http_mode = 0 #http协议模式 0,http;1,https 默认使用http
is_need_client_auth = 1 #当http的模式设置为https时有效该配置指https时是否需要客户端验证;0=不验证1=验证
#交易生产方式
trans_create_type = 0#0,手动;1,自动
#是否进行TPS测试

View File

@ -16,43 +16,22 @@ akka {
}
remote {
#classic模式下的配置
classic {
netty.tcp {
//在单机单节点的情况下配置机器ip
#hostname=192.168.10.155
#hostname = 192.168.31.155
hostname = 127.0.0.1
//在单机单节点的情况下需要配置具体的端口在单机多节点的情况下直接配置为0
//port = 0
//port=8082//0automatic assign
//internal (bind) hostname
//bind-hostname=192.168.1.129
//bind-port=8082
#artery模式下的配置
artery {
#canonical.hostname = "192.168.10.155"
#canonical.hostname = "192.168.31.155"
canonical.hostname = "127.0.0.1"
canonical.port = 8085
ssl {
#节点的ssl配置,主要设置密码,密钥、证书、信任证书路径在程序中动态设置
config-ssl-engine {
key-password = "123"
key-store-password = "123"
trust-store-password = "changeme" // 加载信任列表证书用的_tls1.3
trust-store-password-mm = "changeme" // 加载信任列表证书用的_origin
}
}
}
netty.ssl.security {
//基础路径,证书的存放路径,建议不要修改
base-path = "jks/"
//名称前缀,证书的名称前缀,不要修改
base-name = ""
//证书的别名,需要跟节点的名称要保持一致
alias = "121000005l35120456.node1"
//用户ca文件密码
key-store-password = "123"
//用户证书密码
key-password = "123"
}
}
#artery模式下的配置
artery {
#canonical.hostname = "192.168.10.155"
#canonical.hostname = "192.168.31.155"
canonical.hostname = "127.0.0.1"
canonical.port = 8085
}
}
#以下两项配置是针对集群节点出现不可达是来配置的 在akka 2.6.13中适应
@ -111,6 +90,7 @@ system {
#如果是单机多节点测试模式Repchain则选择0默认节点1会开启
ws_enable = 1#api 0,不开启;1,开启
http_mode = 0 #http协议模式 0,http;1,https 默认使用http
is_need_client_auth = 1 #当http的模式设置为https时有效该配置指https时是否需要客户端验证;0=不验证1=验证
#交易生产方式
trans_create_type = 0#0,手动;1,自动
#是否进行TPS测试

View File

@ -16,43 +16,22 @@ akka {
}
remote {
#classic模式下的配置
classic {
netty.tcp {
//在单机单节点的情况下配置机器ip
#hostname=192.168.10.155
#hostname = 192.168.31.155
hostname = 127.0.0.1
//在单机单节点的情况下需要配置具体的端口在单机多节点的情况下直接配置为0
//port = 0
//port=8082//0automatic assign
//internal (bind) hostname
//bind-hostname=192.168.1.129
//bind-port=8082
#artery模式下的配置
artery {
#canonical.hostname = "192.168.10.155"
#canonical.hostname = "192.168.31.155"
canonical.hostname = "127.0.0.1"
canonical.port = 22525
ssl {
#节点的ssl配置,主要设置密码,密钥、证书、信任证书路径在程序中动态设置
config-ssl-engine {
key-password = "123"
key-store-password = "123"
trust-store-password = "changeme" // 加载信任列表证书用的_tls1.3
trust-store-password-mm = "changeme" // 加载信任列表证书用的_origin
}
}
}
netty.ssl.security {
//基础路径,证书的存放路径,建议不要修改
base-path = "jks/"
//名称前缀,证书的名称前缀,不要修改
base-name = ""
//证书的别名,需要跟节点的名称要保持一致
alias = "121000005l35120456.node1"
//用户ca文件密码
key-store-password = "123"
//用户证书密码
key-password = "123"
}
}
#artery模式下的配置
artery {
#canonical.hostname = "192.168.10.155"
#canonical.hostname = "192.168.31.155"
canonical.hostname = "127.0.0.1"
canonical.port = 22525
}
}
#以下两项配置是针对集群节点出现不可达是来配置的 在akka 2.6.13中适应
@ -110,7 +89,8 @@ system {
#api是否开启
#如果是单机多节点测试模式Repchain则选择0默认节点1会开启
ws_enable = 1#api 0,不开启;1,开启
http_mode = 0 #http协议模式 0,http;1,https 默认使用http
http_mode = 1 #http协议模式 0,http;1,https 默认使用http
is_need_client_auth = 1 #当http的模式设置为https时有效该配置指https时是否需要客户端验证;0=不验证1=验证
#交易生产方式
trans_create_type = 0#0,手动;1,自动
#是否进行TPS测试

View File

@ -16,43 +16,22 @@ akka {
}
remote {
#classic模式下的配置
classic {
netty.tcp {
//在单机单节点的情况下配置机器ip
#hostname=192.168.10.155
#hostname = 192.168.31.155
hostname = 127.0.0.1
//在单机单节点的情况下需要配置具体的端口在单机多节点的情况下直接配置为0
//port = 0
//port=8082//0automatic assign
//internal (bind) hostname
//bind-hostname=192.168.1.129
//bind-port=8082
}
netty.ssl.security {
//基础路径,证书的存放路径,建议不要修改
base-path = "jks/"
//名称前缀,证书的名称前缀,不要修改
base-name = ""
//证书的别名,需要跟节点的名称要保持一致
alias = "121000005l35120456.node1"
//用户ca文件密码
key-store-password = "123"
//用户证书密码
key-password = "123"
}
}
#artery模式下的配置
artery {
#canonical.hostname = "192.168.10.155"
#canonical.hostname = "192.168.31.155"
canonical.hostname = "127.0.0.1"
canonical.port = 22526
}
#artery模式下的配置
artery {
#canonical.hostname = "192.168.10.155"
#canonical.hostname = "192.168.31.155"
canonical.hostname = "127.0.0.1"
canonical.port = 22526
ssl {
#节点的ssl配置,主要设置密码,密钥、证书、信任证书路径在程序中动态设置
config-ssl-engine {
key-password = "123"
key-store-password = "123"
trust-store-password = "changeme" // 加载信任列表证书用的_tls1.3
trust-store-password-mm = "changeme" // 加载信任列表证书用的_origin
}
}
}
}
#以下两项配置是针对集群节点出现不可达是来配置的 在akka 2.6.13中适应
@ -110,7 +89,8 @@ system {
#api是否开启
#如果是单机多节点测试模式Repchain则选择0默认节点1会开启
ws_enable = 1#api 0,不开启;1,开启
http_mode = 0 #http协议模式 0,http;1,https 默认使用http
http_mode = 1 #http协议模式 0,http;1,https 默认使用http
is_need_client_auth = 1 #当http的模式设置为https时有效该配置指https时是否需要客户端验证;0=不验证1=验证
#交易生产方式
trans_create_type = 0#0,手动;1,自动
#是否进行TPS测试

View File

@ -1,9 +0,0 @@
-----BEGIN CERTIFICATE-----
MIIBTDCB9KADAgECAgRd7wBCMAoGCCqGSM49BAMCMC8xETAPBgNVBAoMCHJlcGNo
YWluMQ4wDAYDVQQLDAVpc2NhczEKMAgGA1UEAwwBMTAeFw0xOTEyMTAwMjE3Mzha
Fw0yMDEyMDkwMjE3MzhaMC8xETAPBgNVBAoMCHJlcGNoYWluMQ4wDAYDVQQLDAVp
c2NhczEKMAgGA1UEAwwBMTBZMBMGByqGSM49AgEGCCqGSM49AwEHA0IABJu7PT4Z
s5hqqNha9SrP60TecIDVYGry0v6ayV5lP8w5FJ2UtRECrpUxuoO2pfaHfxyYIXCZ
A8w7YaZU0s4CEfcwCgYIKoZIzj0EAwIDRwAwRAIgcAxkxmiNexPx8CF+DvII7168
eeVcfsJwoMcFFLKCWrECICSIkc9vC6Vwze3s2UwBuIiSlwNxZ0YDJcdlbcmESWHy
-----END CERTIFICATE-----

View File

@ -1,10 +0,0 @@
-----BEGIN CERTIFICATE-----
MIIBTTCB9KADAgECAgRd7wDfMAoGCCqGSM49BAMCMC8xETAPBgNVBAoMCHJlcGNo
YWluMQ4wDAYDVQQLDAVpc2NhczEKMAgGA1UEAwwBMjAeFw0xOTEyMTAwMjIwMTVa
Fw0yMDEyMDkwMjIwMTVaMC8xETAPBgNVBAoMCHJlcGNoYWluMQ4wDAYDVQQLDAVp
c2NhczEKMAgGA1UEAwwBMjBZMBMGByqGSM49AgEGCCqGSM49AwEHA0IABIqbpyaG
r7ST/JsS86YBzlG/S3WqyXBCk00OvUfGcynwJt8m0vUnj8Z5QxNtsTUtMilzVayn
B7dVpeM1rFB/bGEwCgYIKoZIzj0EAwIDSAAwRQIhAKzfA6yHLF57HoEk+aVRCVpv
vAvvQZuHKkYdzS7/TeXjAiBCtWh8sRO4kXjn9e8H0GHxmt+zQPHTr5UJt0b47BDB
lg==
-----END CERTIFICATE-----

View File

@ -1,9 +0,0 @@
-----BEGIN CERTIFICATE-----
MIIBTDCB9KADAgECAgRd7wElMAoGCCqGSM49BAMCMC8xETAPBgNVBAoMCHJlcGNo
YWluMQ4wDAYDVQQLDAVpc2NhczEKMAgGA1UEAwwBMzAeFw0xOTEyMTAwMjIxMjVa
Fw0yMDEyMDkwMjIxMjVaMC8xETAPBgNVBAoMCHJlcGNoYWluMQ4wDAYDVQQLDAVp
c2NhczEKMAgGA1UEAwwBMzBZMBMGByqGSM49AgEGCCqGSM49AwEHA0IABHemUcIh
MpmOiWcbw5BBorqD+0LHaBzYVyKeYj2Sk3HR1M/JIb3R40xHEQbJPdb3SrgClSt6
LBiYiNENQBBJLw0wCgYIKoZIzj0EAwIDRwAwRAIgHX8epaHLqyPcNEj+fdD9zn/u
j8juebSZq42IRBAYTm0CICy+hKIZyVkNxPjV3tR+k+DjaWrDFSio57VuBbD8Cwvx
-----END CERTIFICATE-----

View File

@ -1,10 +0,0 @@
-----BEGIN CERTIFICATE-----
MIIBTTCB9KADAgECAgRd7wFdMAoGCCqGSM49BAMCMC8xETAPBgNVBAoMCHJlcGNo
YWluMQ4wDAYDVQQLDAVpc2NhczEKMAgGA1UEAwwBNDAeFw0xOTEyMTAwMjIyMjFa
Fw0yMDEyMDkwMjIyMjFaMC8xETAPBgNVBAoMCHJlcGNoYWluMQ4wDAYDVQQLDAVp
c2NhczEKMAgGA1UEAwwBNDBZMBMGByqGSM49AgEGCCqGSM49AwEHA0IABAjzZaK8
UAvLLIpYgH3IVoezCK/sOz+BG1vb19BEdhbPJA/r1xBuDKG1DK9qIVSbAvfHrioH
NiceJs6Mym9TgYcwCgYIKoZIzj0EAwIDSAAwRQIgcaGwPxUC//H+yQFRq16m9aZp
aYwh+NwRs1SQ9USC170CIQCgTXpMxcTbfsKWiPY7QsTGCHn/c0+XS3nVIR2FWno5
Bg==
-----END CERTIFICATE-----

View File

@ -1,10 +0,0 @@
-----BEGIN CERTIFICATE-----
MIIBTTCB9KADAgECAgRd7wGTMAoGCCqGSM49BAMCMC8xETAPBgNVBAoMCHJlcGNo
YWluMQ4wDAYDVQQLDAVpc2NhczEKMAgGA1UEAwwBNTAeFw0xOTEyMTAwMjIzMTVa
Fw0yMDEyMDkwMjIzMTVaMC8xETAPBgNVBAoMCHJlcGNoYWluMQ4wDAYDVQQLDAVp
c2NhczEKMAgGA1UEAwwBNTBZMBMGByqGSM49AgEGCCqGSM49AwEHA0IABNVDTgfE
OQaHL8uQd6Zb4VqQQOuuz/f12zIKQ9QcMaRs87H1o3JBoydjUHSV6e60tXtHt1Ty
vaswF9EfMooKpaYwCgYIKoZIzj0EAwIDSAAwRQIhAIHfXVE5IuR73YubAG2gvtZS
BHb0TBNri/dYEiCTYP6JAiBBpr0Ssf468NQo74ZjpZmnPBQ88fQApE9RA5WGPAY0
iA==
-----END CERTIFICATE-----

View File

@ -1,10 +0,0 @@
-----BEGIN CERTIFICATE-----
MIIBYzCCAQigAwIBAgIEXe8B6zAKBggqhkjOPQQDAjA5MREwDwYDVQQKDAhyZXBj
aGFpbjEOMAwGA1UECwwFaXNjYXMxFDASBgNVBAMMC3N1cGVyX2FkbWluMB4XDTE5
MTIxMDAyMjQ0M1oXDTIwMTIwOTAyMjQ0M1owOTERMA8GA1UECgwIcmVwY2hhaW4x
DjAMBgNVBAsMBWlzY2FzMRQwEgYDVQQDDAtzdXBlcl9hZG1pbjBZMBMGByqGSM49
AgEGCCqGSM49AwEHA0IABK9m+cb8jaYQ+ts/hK4INuQbOwAwoIhVa3uaRxsOsgoR
+QaPuwcZAIbGWSa9bn8oGjSBDQutmE5XONbdiDwPRtwwCgYIKoZIzj0EAwIDSQAw
RgIhAKZto+39OFced9YDaXYkOLrLcKD+8RbF57vzHpJrnFd1AiEAhNEK8MOsAlhM
eRZmlXsq4KsvQFs+Wav9N9qJ+GGRpCs=
-----END CERTIFICATE-----

Binary file not shown.

View File

@ -0,0 +1,10 @@
-----BEGIN CERTIFICATE-----
MIIBZDCCAQqgAwIBAgIGAYEEX3LxMAoGCCqGSM49BAMCMDkxFDASBgNVBAMMC3N1
cGVyX2FkbWluMQ4wDAYDVQQLDAVpc2NhczERMA8GA1UECgwIUmVwQ2hhaW4wHhcN
MjIwNTI3MDcxNjEzWhcNMjcwNTI2MDcxNjEzWjA5MRQwEgYDVQQDDAtzdXBlcl9h
ZG1pbjEOMAwGA1UECwwFaXNjYXMxETAPBgNVBAoMCFJlcENoYWluMFkwEwYHKoZI
zj0CAQYIKoZIzj0DAQcDQgAE0SsXKYp6BqzCk0BvfKPSIeCtHEAE2N53xM2CkPNE
3lueJp8G6S3jHJuzesV/1IMmbzVzk8xMotgMfJFEOcAtBDAKBggqhkjOPQQDAgNI
ADBFAiEAh8uOog9ZkpP939xaTqna8kGpLwYmZ6FukL6C85VgweQCIC/2hSUY/bJO
UQ27QWcjGxBTGdW1GfLS/4HNr9h923IJ
-----END CERTIFICATE-----

Binary file not shown.

Binary file not shown.

View File

@ -0,0 +1,10 @@
-----BEGIN CERTIFICATE-----
MIIBVjCB/qADAgECAgYBgQRfc0swCgYIKoZIzj0EAwIwMzEOMAwGA1UEAwwFbm9k
ZTExDjAMBgNVBAsMBWlzY2FzMREwDwYDVQQKDAhSZXBDaGFpbjAeFw0yMjA1Mjcw
NzE2MTNaFw0yNzA1MjYwNzE2MTNaMDMxDjAMBgNVBAMMBW5vZGUxMQ4wDAYDVQQL
DAVpc2NhczERMA8GA1UECgwIUmVwQ2hhaW4wWTATBgcqhkjOPQIBBggqhkjOPQMB
BwNCAAS2dFJZHZe07B9cZAugHd1dotPTAf8Lb05dW/644EXqTaXst4MzVt43grLp
uhEkvdtFB6n75yOrc0zQ+Q5fUFuQMAoGCCqGSM49BAMCA0cAMEQCIBHI9RGCplmK
lovEmnUMG7WpCs3m5G+SUsrGj9DFu7HXAiBEewxv+oZdbgi2RZs+2d5uEydvZW/8
2TSY7Ip3isk0aQ==
-----END CERTIFICATE-----

Binary file not shown.

Binary file not shown.

Binary file not shown.

File diff suppressed because one or more lines are too long

View File

@ -39,37 +39,6 @@ akka {
remote {
#classic模式下的配置
classic {
netty.tcp {
//在单机单节点的情况下配置机器ip
#hostname=192.168.10.155
#hostname = 192.168.31.155
hostname = 127.0.0.1
//在单机单节点的情况下需要配置具体的端口在单机多节点的情况下直接配置为0
//port = 0
//port=8082//0automatic assign
//internal (bind) hostname
//bind-hostname=192.168.1.129
//bind-port=8082
}
netty.ssl.security {
//基础路径,证书的存放路径,建议不要修改
base-path = "jks/"
//名称前缀,证书的名称前缀,不要修改
base-name = ""
//证书的别名,需要跟节点的名称要保持一致
alias = "121000005l35120456.node1"
//用户ca文件密码
key-store-password = "123"
//用户证书密码
key-password = "123"
}
}
artery {
# Disable artery with this flag
@ -112,36 +81,25 @@ classic {
#inbound-lanes = 1
#outbound-lanes = 1
}
# SSL configuration that is used when transport=tls-tcp.
ssl {
# Factory of SSLEngine.
# Must implement akka.remote.artery.tcp.SSLEngineProvider and have a public
# constructor with an ActorSystem parameter.
# The default ConfigSSLEngineProvider is configured by properties in section
# akka.remote.artery.ssl.config-ssl-engine
#ssl-engine-provider = akka.remote.artery.tcp.ConfigSSLEngineProvider
ssl-engine-provider = akka.remote.artery.tcp.ConfigSSLEngineProvider
#ssl-engine-provider = rep.crypto.GMSSLEngineProvider
# Config of akka.remote.artery.tcp.ConfigSSLEngineProvider
#以下配置给管理服务启动https时使用节点的ssl配置在system.conf文件中配置
config-ssl-engine {
base-path = "jks/"
key-store = "jks/121000005l35120456.node1.jks"
trust-store = "jks/mytruststore.jks" // 加载信任列表证书用的_tls1.3
#trust-store = "jks/mytrust" // ssl用的_ca
trust-store-mm = "jks/mytruststore.jks" // 加载信任列表证书用的_origin
base-path = "jks/management/"
key-store = "jks/management/121000005l35120456.node1.jks"
trust-store = "jks/management/mytruststore.jks" // 加载信任列表证书用的_tls1.3
key-store-password = "123"
key-password = "123"
key-store-password = "123"
trust-store-password = "changeme" // 加载信任列表证书用的_tls1.3
#trust-store-password = "changeit" // ssl用的_ca
trust-store-password-mm = "changeme" // 加载信任列表证书用的_origin
protocol = "TLSv1.2"
#enabled-algorithms = [TLS_AES_128_GCM_SHA256]
@ -149,13 +107,6 @@ classic {
#require-mutual-authentication = on
random-number-generator = "SecureRandom"
# Require mutual authentication between TLS peers
#
# Without mutual authentication only the peer that actively establishes a connection (TLS client side)
# checks if the passive side (TLS server side) sends over a trusted certificate. With the flag turned on,
# the passive side will also request and verify a certificate from the connecting peer.
#
# To prevent man-in-the-middle attacks this setting is enabled by default.
require-mutual-authentication = on
# Set this to `on` to verify hostnames with sun.security.util.HostnameChecker

View File

@ -299,7 +299,11 @@
}
function buildWS() {
//Connect to our server: node server.js
var protocol = location.protocol
var ws_url = "ws://" + location.host + "/event";
if(protocol == 'https:'){
ws_url = "wss://" + location.host + "/event";
}
var socket = new WebSocket(ws_url);
socket.binaryType = "arraybuffer"; // We are talking binary

View File

@ -17,17 +17,15 @@
package rep.api.rest
import java.io.File
import java.util.concurrent.atomic.{AtomicInteger, AtomicLong}
import scala.util.{Failure, Success}
import scala.concurrent.{ExecutionContext, Future}
import akka.actor.{ActorRef, ActorSelection}
import akka.util.Timeout
import akka.http.scaladsl.model.Uri.Path.Segment
//import akka.http.scaladsl.server.Directives
//import akka.http.scaladsl.server.Directives
//import Directives._
import io.swagger.v3.core.util.PrimitiveType
import akka.http.scaladsl.model.headers.`Tls-Session-Info`
import org.json4s.jackson.JsonMethods
import org.json4s.string2JsonInput
import rep.app.management.RepChainConfigFilePathMgr
import rep.app.system.RepChainSystemContext
import io.swagger.v3.oas.annotations.Operation
import io.swagger.v3.oas.annotations.enums.{ParameterIn, ParameterStyle}
import io.swagger.v3.oas.annotations.{Parameter, Parameters}
@ -35,38 +33,29 @@ import io.swagger.v3.oas.annotations.media.{Content, Schema}
import io.swagger.v3.oas.annotations.parameters.RequestBody
import io.swagger.v3.oas.annotations.responses.{ApiResponse, ApiResponses}
import io.swagger.v3.oas.annotations.tags.Tag
import io.swagger.v3.oas.models.Components
import io.swagger.v3.oas.models.media.BinarySchema
import javax.ws.rs._
import javax.ws.rs.core.MediaType
import javax.ws.rs.Path
import rep.proto.rc2.{Block, Transaction}
import akka.http.scaladsl.model._
import akka.http.scaladsl.server._
import StatusCodes._
import rep.sc.Sandbox.SandboxException
import rep.sc.Sandbox._
import rep.sc.Shim._
import de.heikoseeberger.akkahttpjson4s.Json4sSupport
import rep.api.rest.RestActor._
import spray.json.DefaultJsonProtocol._
import org.json4s.{DefaultFormats, Formats, jackson}
import akka.http.scaladsl.marshallers.sprayjson.SprayJsonSupport
import spray.json._
import org.json4s.{DefaultFormats, jackson}
import akka.http.scaladsl.marshallers.xml.ScalaXmlSupport
import akka.http.scaladsl.model.{ContentTypes, HttpCharsets}
import akka.http.scaladsl.model.HttpCharsets
import akka.http.scaladsl.unmarshalling.{FromEntityUnmarshaller, Unmarshaller}
import akka.stream.scaladsl.StreamConverters
import rep.authority.check.PermissionVerify
import scala.xml.NodeSeq
import rep.log.RepLogger
/**
* 获得区块链的概要信息
*
* @author c4w
*/
* 获得区块链的概要信息
*
* @author c4w
*/
@Tag(name = "chaininfo", description = "获得当前区块链信息")
@Path("/chaininfo")
class ChainService(ra: RestRouter)(implicit executionContext: ExecutionContext)
@ -81,34 +70,37 @@ class ChainService(ra: RestRouter)(implicit executionContext: ExecutionContext)
implicit val timeout = Timeout(20.seconds)
val route = getBlockChainInfo ~ getNodeNumber ~ getCacheTransNumber ~ getAcceptedTransNumber
@GET
@Operation(tags = Array("chaininfo"), summary = "返回块链信息", description = "getChainInfo", method = "GET")
@ApiResponse(responseCode = "200", description = "返回块链信息", content = Array(new Content(mediaType = "application/json",schema = new Schema(implementation = classOf[QueryResult]))))
@ApiResponse(responseCode = "200", description = "返回块链信息", content = Array(new Content(mediaType = "application/json", schema = new Schema(implementation = classOf[QueryResult]))))
def getBlockChainInfo =
path("chaininfo") {
get {
extractClientIP { ip =>
RepLogger.debug(RepLogger.APIAccess_Logger, s"remoteAddr=${ip} get chaininfo")
complete { (ra.getRestActor ? ChainInfo).mapTo[QueryResult] }
complete {
(ra.getRestActor ? ChainInfo).mapTo[QueryResult]
}
}
}
}
@GET
@Path("/node")
@Operation(tags = Array("chaininfo"), summary = "返回组网节点数量", description = "getNodeNumber", method = "GET")
@Operation(tags = Array("chaininfo"), summary = "返回组网节点数量", description = "getNodeNumber", method = "GET")
@ApiResponses(Array(
new ApiResponse(responseCode = "200", description = "返回组网节点数量", content = Array(new Content(mediaType = "application/json",schema = new Schema(implementation = classOf[QueryResult])))))
new ApiResponse(responseCode = "200", description = "返回组网节点数量", content = Array(new Content(mediaType = "application/json", schema = new Schema(implementation = classOf[QueryResult])))))
)
def getNodeNumber =
path("chaininfo" / "node") {
get {
extractClientIP { ip =>
RepLogger.debug(RepLogger.APIAccess_Logger, s"remoteAddr=${ip} get node number")
complete { (ra.getRestActor ? NodeNumber).mapTo[QueryResult] }
complete {
(ra.getRestActor ? NodeNumber).mapTo[QueryResult]
}
}
}
}
@ -116,25 +108,27 @@ class ChainService(ra: RestRouter)(implicit executionContext: ExecutionContext)
@GET
@Path("/getcachetransnumber")
@Operation(tags = Array("chaininfo"), summary = "返回系统缓存交易数量", description = "getCacheTransNumber", method = "GET")
@Operation(tags = Array("chaininfo"), summary = "返回系统缓存交易数量", description = "getCacheTransNumber", method = "GET")
@ApiResponses(Array(
new ApiResponse(responseCode = "200", description = "返回系统缓存交易数量", content = Array(new Content(mediaType = "application/json",schema = new Schema(implementation = classOf[QueryResult])))))
new ApiResponse(responseCode = "200", description = "返回系统缓存交易数量", content = Array(new Content(mediaType = "application/json", schema = new Schema(implementation = classOf[QueryResult])))))
)
def getCacheTransNumber =
path("chaininfo" / "getcachetransnumber") {
get {
extractClientIP { ip =>
RepLogger.debug(RepLogger.APIAccess_Logger, s"remoteAddr=${ip} get number of cache")
complete { (ra.getRestActor ? TransNumber).mapTo[QueryResult] }
complete {
(ra.getRestActor ? TransNumber).mapTo[QueryResult]
}
}
}
}
@GET
@Path("/getAcceptedTransNumber")
@Operation(tags = Array("chaininfo"), summary = "返回系统接收到的交易数量", description = "getAcceptedTransNumber", method = "GET")
@Operation(tags = Array("chaininfo"), summary = "返回系统接收到的交易数量", description = "getAcceptedTransNumber", method = "GET")
@ApiResponses(Array(
new ApiResponse(responseCode = "200", description = "返回系统接收到的交易数量", content = Array(new Content(mediaType = "application/json",schema = new Schema(implementation = classOf[QueryResult])))))
new ApiResponse(responseCode = "200", description = "返回系统接收到的交易数量", content = Array(new Content(mediaType = "application/json", schema = new Schema(implementation = classOf[QueryResult])))))
)
def getAcceptedTransNumber =
path("chaininfo" / "getAcceptedTransNumber") {
@ -150,14 +144,14 @@ class ChainService(ra: RestRouter)(implicit executionContext: ExecutionContext)
}
/**
* 获得指定区块的详细信息
*
* @author c4w
*/
* 获得指定区块的详细信息
*
* @author c4w
*/
@Tag(name = "block", description = "获得区块数据")
@Path("/block")
class BlockService(ra: RestRouter)(implicit executionContext: ExecutionContext)
class BlockService(ra: RestRouter, repContext: RepChainSystemContext, isCheckClientPermission: Boolean)(implicit executionContext: ExecutionContext)
extends Directives {
import akka.pattern.ask
@ -175,53 +169,88 @@ class BlockService(ra: RestRouter)(implicit executionContext: ExecutionContext)
@GET
@Path("/hash/{blockId}")
@Produces(Array(MediaType.APPLICATION_JSON))
@Operation(tags = Array("block"),summary = "返回指定id的区块", description = "getBlockById", method = "GET",
@Operation(tags = Array("block"), summary = "返回指定id的区块", description = "getBlockById", method = "GET",
parameters = Array(new Parameter(name = "blockId", description = "区块id", required = true, in = ParameterIn.PATH)),
responses = Array(new ApiResponse(responseCode = "200", description = "返回区块json内容", content = Array(new Content(mediaType = "application/json",schema = new Schema(implementation = classOf[QueryResult])))))
responses = Array(new ApiResponse(responseCode = "200", description = "返回区块json内容", content = Array(new Content(mediaType = "application/json", schema = new Schema(implementation = classOf[QueryResult])))))
)
// @ApiResponses(Array(
// new ApiResponse(responseCode = "200", description = "返回区块json内容", content = Array(new Content(mediaType = "application/json",schema = new Schema(implementation = classOf[QueryResult])))))
// )
def getBlockById =
path("block" / "hash" / Segment) { blockId =>
get {
extractClientIP { ip =>
RepLogger.debug(RepLogger.APIAccess_Logger, s"remoteAddr=${ip} get block for id,block id=${blockId}")
complete { (ra.getRestActor ? BlockId(blockId)).mapTo[QueryResult] }
if (isCheckClientPermission) {
headerValueByType[`Tls-Session-Info`]() { sessionInfo =>
val cert = RepChainConfigFilePathMgr.getCert(sessionInfo)
try {
if (cert != null && repContext.getPermissionVerify.CheckPermissionOfX509Certificate(cert, "block.hash", null)) {
complete {
(ra.getRestActor ? BlockId(blockId)).mapTo[QueryResult]
}
} else {
complete(QueryResult(Option(JsonMethods.parse(string2JsonInput(PermissionVerify.errorInfo_None_Permission)))))
}
} catch {
case e: Exception =>
complete(QueryResult(Option(JsonMethods.parse(string2JsonInput(PermissionVerify.errorInfo_Cert_or_permission)))))
}
}
} else {
complete {
(ra.getRestActor ? BlockId(blockId)).mapTo[QueryResult]
}
}
}
}
}
@GET
@Path("/{blockHeight}")
@Operation(tags = Array("block"), summary = "返回指定高度的区块", description = "getBlockByHeight", method = "GET")
@Operation(tags = Array("block"), summary = "返回指定高度的区块", description = "getBlockByHeight", method = "GET")
@Parameters(Array(
new Parameter(name = "blockHeight", description = "区块高度", required = true, schema = new Schema(implementation = classOf[Int]), in = ParameterIn.PATH, example = "1")))
@ApiResponses(Array(
new ApiResponse(responseCode = "200", description = "返回区块json内容", content = Array(new Content(mediaType = "application/json",schema = new Schema(implementation = classOf[QueryResult])))))
new ApiResponse(responseCode = "200", description = "返回区块json内容", content = Array(new Content(mediaType = "application/json", schema = new Schema(implementation = classOf[QueryResult])))))
)
def getBlockByHeightToo =
path("block" / Segment) { blockHeight =>
get {
extractClientIP { ip =>
RepLogger.debug(RepLogger.APIAccess_Logger, s"remoteAddr=${ip} get block for Height,block height=${blockHeight}")
complete { (ra.getRestActor ? BlockHeight(blockHeight.toInt)).mapTo[QueryResult] }
if (isCheckClientPermission) {
headerValueByType[`Tls-Session-Info`]() { sessionInfo =>
val cert = RepChainConfigFilePathMgr.getCert(sessionInfo)
try {
if (cert != null && repContext.getPermissionVerify.CheckPermissionOfX509Certificate(cert, "block.blockHeight", null)) {
complete {
(ra.getRestActor ? BlockHeight(blockHeight.toInt)).mapTo[QueryResult]
}
} else {
complete(QueryResult(Option(JsonMethods.parse(string2JsonInput(PermissionVerify.errorInfo_None_Permission)))))
}
} catch {
case e: Exception =>
complete(QueryResult(Option(JsonMethods.parse(string2JsonInput(PermissionVerify.errorInfo_Cert_or_permission)))))
}
}
} else {
complete {
(ra.getRestActor ? BlockHeight(blockHeight.toInt)).mapTo[QueryResult]
}
}
}
//complete { (ra ? BlockHeight(blockHeight.toInt)).mapTo[QueryResult] }
}
}
@POST
@Path("/getTransNumberOfBlock")
@Operation(tags = Array("block"),summary = "返回指定高度区块包含的交易数", description = "getTransNumberOfBlock", method = "POST",
@Operation(tags = Array("block"), summary = "返回指定高度区块包含的交易数", description = "getTransNumberOfBlock", method = "POST",
requestBody = new RequestBody(description = "区块高度最小为2", required = true,
content = Array(new Content(mediaType = MediaType.APPLICATION_JSON, schema = new Schema(name = "height", description = "height, 最小为2", `type` = "string", example = "{\"height\":2}")))))
// @Parameters(Array(
// new Parameter(name = "height", description = "区块高度", required = true, schema = new Schema(`type` = String))))
@ApiResponses(Array(
new ApiResponse(responseCode = "200", description = "返回指定高度区块包含的交易数", content = Array(new Content(mediaType = "application/json",schema = new Schema(implementation = classOf[QueryResult])))))
new ApiResponse(responseCode = "200", description = "返回指定高度区块包含的交易数", content = Array(new Content(mediaType = "application/json", schema = new Schema(implementation = classOf[QueryResult])))))
)
def getTransNumberOfBlock =
path("block" / "getTransNumberOfBlock") {
@ -236,73 +265,89 @@ class BlockService(ra: RestRouter)(implicit executionContext: ExecutionContext)
@GET
@Path("/blocktime/{blockHeight}")
@Operation(tags = Array("block"), summary = "返回指定高度的区块的出块时间",description = "getBlockTimeOfCreate", method = "GET")
@Operation(tags = Array("block"), summary = "返回指定高度的区块的出块时间", description = "getBlockTimeOfCreate", method = "GET")
@Parameters(Array(
new Parameter(name = "blockHeight", description = "区块高度, 最小为2", required = true, schema = new Schema(description = "height, 最小为2", `type` = "string"), in = ParameterIn.PATH, example = "2")))
@ApiResponses(Array(
new ApiResponse(responseCode = "200", description = "返回指定高度的区块的出块时间", content = Array(new Content(mediaType = "application/json",schema = new Schema(implementation = classOf[QueryResult])))))
new ApiResponse(responseCode = "200", description = "返回指定高度的区块的出块时间", content = Array(new Content(mediaType = "application/json", schema = new Schema(implementation = classOf[QueryResult])))))
)
def getBlockTimeOfCreate =
path("block" / "blocktime" / Segment) { blockHeight =>
get {
extractClientIP { ip =>
RepLogger.debug(RepLogger.APIAccess_Logger, s"remoteAddr=${ip} get block time for Height,block height=${blockHeight}")
complete { (ra.getRestActor ? BlockTimeForHeight(blockHeight.toLong)).mapTo[QueryResult] }
complete {
(ra.getRestActor ? BlockTimeForHeight(blockHeight.toLong)).mapTo[QueryResult]
}
}
//complete { (ra ? BlockHeight(blockHeight.toInt)).mapTo[QueryResult] }
}
}
@GET
@Path("/blocktimeoftran/{transid}")
@Operation(tags = Array("block"), summary = "返回指定交易的入块时间", description = "getBlockTimeOfTransaction", method = "GET")
@Operation(tags = Array("block"), summary = "返回指定交易的入块时间", description = "getBlockTimeOfTransaction", method = "GET")
@Parameters(Array(
new Parameter(name = "transid", description = "交易id", required = true, schema = new Schema(`type` = "string"), in = ParameterIn.PATH)))
@ApiResponses(Array(
new ApiResponse(responseCode = "200", description = "返回指定交易的入块时间", content = Array(new Content(mediaType = "application/json",schema = new Schema(implementation = classOf[QueryResult])))))
new ApiResponse(responseCode = "200", description = "返回指定交易的入块时间", content = Array(new Content(mediaType = "application/json", schema = new Schema(implementation = classOf[QueryResult])))))
)
def getBlockTimeOfTransaction =
path("block" / "blocktimeoftran" / Segment) { transid =>
get {
extractClientIP { ip =>
RepLogger.debug(RepLogger.APIAccess_Logger, s"remoteAddr=${ip} get block time for txid,txid=${transid}")
complete { (ra.getRestActor ? BlockTimeForTxid(transid)).mapTo[QueryResult] }
complete {
(ra.getRestActor ? BlockTimeForTxid(transid)).mapTo[QueryResult]
}
}
//complete { (ra ? BlockHeight(blockHeight.toInt)).mapTo[QueryResult] }
}
}
@GET
@Path("/stream/{blockHeight}")
@Operation(tags = Array("block"), summary = "返回指定高度的区块字节流", description = "getBlockStreamByHeight", method = "GET")
@Operation(tags = Array("block"), summary = "返回指定高度的区块字节流", description = "getBlockStreamByHeight", method = "GET")
@Parameters(Array(
new Parameter(name = "blockHeight", description = "区块高度", required = true, schema = new Schema(`type` = "integer", format = "int64"), in = ParameterIn.PATH, example = "1")))
@ApiResponses(Array(
new ApiResponse(responseCode = "200", description = "blockbytes", content = Array(new Content(mediaType = "application/octet-stream",schema = new Schema(implementation = classOf[Block]))))))
new ApiResponse(responseCode = "200", description = "blockbytes", content = Array(new Content(mediaType = "application/octet-stream", schema = new Schema(implementation = classOf[Block]))))))
def getBlockStreamByHeight =
path("block" / "stream" / Segment) { blockHeight =>
get {
extractClientIP { ip =>
RepLogger.debug(RepLogger.APIAccess_Logger, s"remoteAddr=${ip} get block stream for Height,block height=${blockHeight}")
complete((ra.getRestActor ? BlockHeightStream(blockHeight.toInt)).mapTo[HttpResponse])
if (isCheckClientPermission) {
headerValueByType[`Tls-Session-Info`]() { sessionInfo =>
val cert = RepChainConfigFilePathMgr.getCert(sessionInfo)
try {
if (cert != null && repContext.getPermissionVerify.CheckPermissionOfX509Certificate(cert, "block.stream", null)) {
complete((ra.getRestActor ? BlockHeightStream(blockHeight.toInt)).mapTo[HttpResponse])
} else {
complete(QueryResult(Option(JsonMethods.parse(string2JsonInput(PermissionVerify.errorInfo_None_Permission)))))
}
} catch {
case e: Exception =>
complete(QueryResult(Option(JsonMethods.parse(string2JsonInput(PermissionVerify.errorInfo_Cert_or_permission)))))
}
}
} else {
complete((ra.getRestActor ? BlockHeightStream(blockHeight.toInt)).mapTo[HttpResponse])
}
}
}
}
}
/**
* 获得指定交易的详细信息提交签名交易
*
* @author c4w
*/
* 获得指定交易的详细信息提交签名交易
*
* @author c4w
*/
@Tag(name = "transaction", description = "获得交易数据")
@Consumes(Array(MediaType.APPLICATION_JSON, MediaType.APPLICATION_XML, MediaType.MULTIPART_FORM_DATA))
@Produces(Array(MediaType.APPLICATION_JSON))
@Path("/transaction")
class TransactionService(ra: RestRouter)(implicit executionContext: ExecutionContext)
class TransactionService(ra: RestRouter, repContext: RepChainSystemContext, isCheckClientPermission: Boolean)(implicit executionContext: ExecutionContext)
extends Directives {
import akka.pattern.ask
@ -315,7 +360,7 @@ class TransactionService(ra: RestRouter)(implicit executionContext: ExecutionCon
import ScalaXmlSupport._
import akka.stream.scaladsl.FileIO
import akka.util.ByteString
import java.nio.file.{ Paths, Files }
import java.nio.file.{Paths, Files}
import akka.stream.scaladsl.Framing
implicit val serialization = jackson.Serialization // or native.Serialization
@ -354,18 +399,38 @@ class TransactionService(ra: RestRouter)(implicit executionContext: ExecutionCon
@GET
@Path("/{transactionId}")
@Operation(tags = Array("transaction"), summary = "返回指定id的交易", description= "getTransaction", method = "GET")
@Operation(tags = Array("transaction"), summary = "返回指定id的交易", description = "getTransaction", method = "GET")
@Parameters(Array(
new Parameter(name = "transactionId", description = "交易id", required = false, schema = new Schema(`type` = "string"), in = ParameterIn.PATH)))
@ApiResponses(Array(
new ApiResponse(responseCode = "200", description = "返回交易json内容", content = Array(new Content(mediaType = "application/json",schema = new Schema(implementation = classOf[QueryResult])))))
new ApiResponse(responseCode = "200", description = "返回交易json内容", content = Array(new Content(mediaType = "application/json", schema = new Schema(implementation = classOf[QueryResult])))))
)
def getTransaction =
path("transaction" / Segment) { transactionId =>
get {
extractClientIP { ip =>
RepLogger.debug(RepLogger.APIAccess_Logger, s"remoteAddr=${ip} get transaction for txid,txid=${transactionId}")
complete { (ra.getRestActor ? TransactionId(transactionId)).mapTo[QueryResult] }
if (isCheckClientPermission) {
headerValueByType[`Tls-Session-Info`]() { sessionInfo =>
val cert = RepChainConfigFilePathMgr.getCert(sessionInfo)
try {
if (cert != null && repContext.getPermissionVerify.CheckPermissionOfX509Certificate(cert, "transaction", null)) {
complete {
(ra.getRestActor ? TransactionId(transactionId)).mapTo[QueryResult]
}
} else {
complete(QueryResult(Option(JsonMethods.parse(string2JsonInput(PermissionVerify.errorInfo_None_Permission)))))
}
} catch {
case e: Exception =>
complete(QueryResult(Option(JsonMethods.parse(string2JsonInput(PermissionVerify.errorInfo_Cert_or_permission)))))
}
}
} else {
complete {
(ra.getRestActor ? TransactionId(transactionId)).mapTo[QueryResult]
}
}
}
}
}
@ -377,14 +442,30 @@ class TransactionService(ra: RestRouter)(implicit executionContext: ExecutionCon
@Parameters(Array(
new Parameter(name = "transactionId", description = "交易id", required = false, schema = new Schema(`type` = "string"), in = ParameterIn.PATH)))
@ApiResponses(Array(
new ApiResponse(responseCode = "200", description = "返回交易字节流", content = Array(new Content(mediaType = "application/octet-stream",schema = new Schema(implementation = classOf[Transaction], `type` = "string", format = "binary")))))
new ApiResponse(responseCode = "200", description = "返回交易字节流", content = Array(new Content(mediaType = "application/octet-stream", schema = new Schema(implementation = classOf[Transaction], `type` = "string", format = "binary")))))
)
def getTransactionStream =
path("transaction" / "stream" / Segment) { transactionId =>
get {
extractClientIP { ip =>
RepLogger.debug(RepLogger.APIAccess_Logger, s"remoteAddr=${ip} get transaction stream for txid,txid=${transactionId}")
complete((ra.getRestActor ? TransactionStreamId(transactionId)).mapTo[HttpResponse])
if (isCheckClientPermission) {
headerValueByType[`Tls-Session-Info`]() { sessionInfo =>
val cert = RepChainConfigFilePathMgr.getCert(sessionInfo)
try {
if (cert != null && repContext.getPermissionVerify.CheckPermissionOfX509Certificate(cert, "transaction.stream", null)) {
complete((ra.getRestActor ? TransactionStreamId(transactionId)).mapTo[HttpResponse])
} else {
complete(QueryResult(Option(JsonMethods.parse(string2JsonInput(PermissionVerify.errorInfo_None_Permission)))))
}
} catch {
case e: Exception =>
complete(QueryResult(Option(JsonMethods.parse(string2JsonInput(PermissionVerify.errorInfo_Cert_or_permission)))))
}
}
} else {
complete((ra.getRestActor ? TransactionStreamId(transactionId)).mapTo[HttpResponse])
}
}
}
}
@ -395,14 +476,33 @@ class TransactionService(ra: RestRouter)(implicit executionContext: ExecutionCon
@Parameters(Array(
new Parameter(name = "transactionId", description = "交易id", required = false, schema = new Schema(`type` = "string"), in = ParameterIn.PATH)))
@ApiResponses(Array(
new ApiResponse(responseCode = "200", description = "返回指定id的交易信息及所在区块高度", content = Array(new Content(mediaType = "application/json",schema = new Schema(implementation = classOf[QueryResult])))))
new ApiResponse(responseCode = "200", description = "返回指定id的交易信息及所在区块高度", content = Array(new Content(mediaType = "application/json", schema = new Schema(implementation = classOf[QueryResult])))))
)
def tranInfoAndHeightOfTranId =
path("transaction"/"tranInfoAndHeight"/Segment) { transactionId =>
path("transaction" / "tranInfoAndHeight" / Segment) { transactionId =>
get {
extractClientIP { ip =>
RepLogger.debug(RepLogger.APIAccess_Logger, s"remoteAddr=${ip} get transactionInfo and blockHeight for txid,txid=${transactionId}")
complete((ra.getRestActor ? TranInfoAndHeightId(transactionId)).mapTo[QueryResult])
val errorInfo_None_Permission = "{\"error info\":\"You do not have this operation{transaction.tranInfoAndHeight} permission, please contact the administrator.\"}"
if (isCheckClientPermission) {
headerValueByType[`Tls-Session-Info`]() { sessionInfo =>
val cert = RepChainConfigFilePathMgr.getCert(sessionInfo)
try {
if (cert != null && repContext.getPermissionVerify.CheckPermissionOfX509Certificate(cert, "transaction.tranInfoAndHeight", null)) {
complete((ra.getRestActor ? TranInfoAndHeightId(transactionId)).mapTo[QueryResult])
} else {
complete(QueryResult(Option(JsonMethods.parse(string2JsonInput(PermissionVerify.errorInfo_None_Permission)))))
}
} catch {
case e: Exception =>
complete(QueryResult(Option(JsonMethods.parse(string2JsonInput(PermissionVerify.errorInfo_Cert_or_permission)))))
}
}
} else {
complete((ra.getRestActor ? TranInfoAndHeightId(transactionId)).mapTo[QueryResult])
}
}
}
}
@ -416,32 +516,35 @@ class TransactionService(ra: RestRouter)(implicit executionContext: ExecutionCon
// @Parameters(Array(
// new Parameter(name = "body", value = "交易内容", required = true, dataType = "string", paramType = "body")))
@ApiResponses(Array(
new ApiResponse(responseCode = "200", description = "返回交易id以及执行结果", content = Array(new Content(mediaType = "application/json",schema = new Schema(implementation = classOf[PostResult])))),
new ApiResponse(responseCode = "202", description = "处理存在异常", content = Array(new Content(mediaType = "application/json",schema = new Schema(implementation = classOf[PostResult])))))
new ApiResponse(responseCode = "200", description = "返回交易id以及执行结果", content = Array(new Content(mediaType = "application/json", schema = new Schema(implementation = classOf[PostResult])))),
new ApiResponse(responseCode = "202", description = "处理存在异常", content = Array(new Content(mediaType = "application/json", schema = new Schema(implementation = classOf[PostResult])))))
)
def postSignTransaction =
path("transaction" / "postTranByString") {
post {
entity(as[String]) { trans =>
complete { (ra.getRestActor ? tranSign(trans)).mapTo[PostResult] }
complete {
(ra.getRestActor ? tranSign(trans)).mapTo[PostResult]
}
// complete { (StatusCodes.Accepted, PostResult("hahhaha",None, Some("处理存在异常"))) }
}
}
}
case class SignedTransData(var signedTrans: File)
//以字节流提交签名交易
@POST
@Path("/postTranStream")
@Operation(tags = Array("transaction"), summary = "提交带签名的交易字节流", description = "postSignTransactionStream", method = "POST",
@Operation(tags = Array("transaction"), summary = "提交带签名的交易字节流", description = "postSignTransactionStream", method = "POST",
// parameters = Array(new Parameter(name = "signedTrans", schema = new Schema(`type` = "string", format = "binary"), style = ParameterStyle.FORM, explode = Explode.TRUE))
requestBody = new RequestBody(description = "签名交易的二进制文件", required = true,
content = Array(new Content(mediaType = MediaType.MULTIPART_FORM_DATA, schema = new Schema(name = "signedTrans", implementation = classOf[SignedTransData])))
)
)
@ApiResponses(Array(
new ApiResponse(responseCode = "200", description = "返回交易id以及执行结果", content = Array(new Content(mediaType = "application/json",schema = new Schema(implementation = classOf[PostResult])))),
new ApiResponse(responseCode = "202", description = "处理存在异常", content = Array(new Content(mediaType = "application/json",schema = new Schema(implementation = classOf[PostResult])))))
new ApiResponse(responseCode = "200", description = "返回交易id以及执行结果", content = Array(new Content(mediaType = "application/json", schema = new Schema(implementation = classOf[PostResult])))),
new ApiResponse(responseCode = "202", description = "处理存在异常", content = Array(new Content(mediaType = "application/json", schema = new Schema(implementation = classOf[PostResult])))))
)
def postSignTransactionStream =
path("transaction" / "postTranStream") {
@ -459,7 +562,7 @@ class TransactionService(ra: RestRouter)(implicit executionContext: ExecutionCon
(ra.getRestActor ? Transaction.parseFrom(tranByteString.toArray)).mapTo[PostResult]
}
case Failure(ex) =>
complete (StatusCodes.InternalServerError, ex.getMessage)
complete(StatusCodes.InternalServerError, ex.getMessage)
}
}
}
@ -467,7 +570,6 @@ class TransactionService(ra: RestRouter)(implicit executionContext: ExecutionCon
}
@POST
@Path("/postTran")
@Operation(tags = Array("transaction"), summary = "提交交易", description = "postTransaction", method = "POST",
@ -478,15 +580,17 @@ class TransactionService(ra: RestRouter)(implicit executionContext: ExecutionCon
// new Parameter(name = "body", value = "交易内容", required = true,
// dataTypeClass = classOf[CSpec], paramType = "body")))
@ApiResponses(Array(
new ApiResponse(responseCode = "200", description = "返回交易id以及执行结果", content = Array(new Content(mediaType = "application/json",schema = new Schema(implementation = classOf[PostResult])))),
new ApiResponse(responseCode = "202", description = "处理存在异常", content = Array(new Content(mediaType = "application/json",schema = new Schema(implementation = classOf[PostResult])))))
new ApiResponse(responseCode = "200", description = "返回交易id以及执行结果", content = Array(new Content(mediaType = "application/json", schema = new Schema(implementation = classOf[PostResult])))),
new ApiResponse(responseCode = "202", description = "处理存在异常", content = Array(new Content(mediaType = "application/json", schema = new Schema(implementation = classOf[PostResult])))))
)
def postTransaction =
path("transaction" / "postTran") {
post {
import akka.http.scaladsl.marshallers.xml.ScalaXmlSupport._
entity(as[CSpec]) { request =>
complete { (ra.getRestActor ? request).mapTo[PostResult] }
complete {
(ra.getRestActor ? request).mapTo[PostResult]
}
}
}
}
@ -499,7 +603,7 @@ class TransactionService(ra: RestRouter)(implicit executionContext: ExecutionCon
*/
@Tag(name = "db", description = "查询合约存储在DB中的数据")
@Path("/db")
class DbService(ra: RestRouter)(implicit executionContext: ExecutionContext)
class DbService(ra: RestRouter, repContext: RepChainSystemContext, isCheckClientPermission: Boolean)(implicit executionContext: ExecutionContext)
extends Directives {
import akka.pattern.ask
@ -523,8 +627,30 @@ class DbService(ra: RestRouter)(implicit executionContext: ExecutionContext)
post {
extractClientIP { ip =>
RepLogger.debug(RepLogger.APIAccess_Logger, s"remoteAddr=${ip} query levelDB or rocksDB")
entity(as[QueryDB]) { query: QueryDB =>
complete { (ra.getRestActor ? query).mapTo[QueryResult] }
if (isCheckClientPermission) {
headerValueByType[`Tls-Session-Info`]() { sessionInfo =>
val cert = RepChainConfigFilePathMgr.getCert(sessionInfo)
try {
if (cert != null && repContext.getPermissionVerify.CheckPermissionOfX509Certificate(cert, "db.query", null)) {
entity(as[QueryDB]) { query: QueryDB =>
complete {
(ra.getRestActor ? query).mapTo[QueryResult]
}
}
} else {
complete(QueryResult(Option(JsonMethods.parse(string2JsonInput(PermissionVerify.errorInfo_None_Permission)))))
}
} catch {
case e: Exception =>
complete(QueryResult(Option(JsonMethods.parse(string2JsonInput(PermissionVerify.errorInfo_Cert_or_permission)))))
}
}
} else {
entity(as[QueryDB]) { query: QueryDB =>
complete {
(ra.getRestActor ? query).mapTo[QueryResult]
}
}
}
}
}

View File

@ -1,6 +1,7 @@
package rep.app.conf
import java.io.File
import java.nio.file.Paths
import java.util
import com.typesafe.config.{Config, ConfigFactory, ConfigValueFactory}
@ -38,14 +39,56 @@ class RepChainConfig {
ConfigFactory.parseString("akka.remote.artery.ssl.config-ssl-engine.key-store = \"jks/" + this.systemName +
".jks\"")
var combined_conf = ConfigFactory.parseFile(userConfigFile).withFallback(this.sysConf)
combined_conf = myConfig.withFallback(combined_conf)
this.sysConf = ConfigFactory.load(combined_conf)
setSSLConfig
} else{
RepLogger.trace(RepLogger.System_Logger, this.systemName + " ~ " + "ClusterSystem" + "~" + " custom configuration file not exist")
}
RepLogger.trace(RepLogger.System_Logger, this.systemName + " ~ " + "ClusterSystem" + "~" + "load System configuration successfully")
}
private def setSSLConfig:Unit={
val networkId = this.getChainNetworkId
val isUseGM = this.isUseGM
val prefix = if(isUseGM) "pfx" else "jks"
val base_path = prefix + File.separator + networkId + File.separator
val key_store = base_path + this.systemName + "."+ prefix
val trust_store = base_path + "mytruststore"+"." + prefix
var myConfig =
ConfigFactory.parseString("akka.remote.artery.ssl.config-ssl-engine.base-path = \"" + base_path + "\"")
this.sysConf = myConfig.withFallback(this.sysConf)
myConfig =
ConfigFactory.parseString("akka.remote.artery.ssl.config-ssl-engine.key-store = \"" + key_store + "\"")
this.sysConf = myConfig.withFallback(this.sysConf)
myConfig =
ConfigFactory.parseString("akka.remote.artery.ssl.config-ssl-engine.trust-store = \"" + trust_store + "\"")
this.sysConf = myConfig.withFallback(this.sysConf)
}
def getBasePath:String={
this.sysConf.getString("akka.remote.artery.ssl.config-ssl-engine.base-path")
}
def getKeyStore:String={
this.sysConf.getString("akka.remote.artery.ssl.config-ssl-engine.key-store")
}
def getTrustStore:String={
this.sysConf.getString("akka.remote.artery.ssl.config-ssl-engine.trust-store")
}
def getKeyPassword:String={
this.sysConf.getString("akka.remote.artery.ssl.config-ssl-engine.key-password")
}
def getKeyStorePassword:String={
this.sysConf.getString("akka.remote.artery.ssl.config-ssl-engine.key-store-password")
}
def getTrustPassword:String={
this.sysConf.getString("akka.remote.artery.ssl.config-ssl-engine.trust-store-password")
}
def getSystemName:String={
this.systemName
}
@ -111,6 +154,13 @@ class RepChainConfig {
}
}
def isNeedClientAuth:Boolean={
this.sysConf.getInt("system.is_need_client_auth") match {
case 0 => false
case 1 => true
}
}
/**
* @author jiangbuyun
* @version 2.0

View File

@ -4,7 +4,6 @@ import java.nio.file.{Path, Paths}
import java.security.cert.X509Certificate
import akka.http.javadsl.model.headers.TlsSessionInfo
import rep.storage.util.pathUtil
import scala.concurrent.duration._
object RepChainConfigFilePathMgr {
@ -21,21 +20,33 @@ object RepChainConfigFilePathMgr {
def getSavePath(network_name:String,node_name:String,file_type:String,file_name:String):Path={
file_type match {
case "pfx_key" =>
Paths.get("pfx",file_name)
val path = Paths.get("pfx",network_name)
checkPath(path)
Paths.get("pfx",network_name,file_name)
case "jks_key" =>
Paths.get("jks",file_name)
val path = Paths.get("jks",network_name)
checkPath(path)
Paths.get("jks",network_name,file_name)
case "pfx_cert" =>
Paths.get("pfx",file_name)
val path = Paths.get("pfx",network_name)
checkPath(path)
Paths.get("pfx",network_name,file_name)
case "jks_cert" =>
Paths.get("jks",file_name)
val path = Paths.get("jks",network_name)
checkPath(path)
Paths.get("jks",network_name,file_name)
case "config" =>
val path = Paths.get("conf",node_name)
checkPath(path)
Paths.get("conf",node_name,file_name)
case "pfx_trust" =>
Paths.get("pfx",file_name)
val path = Paths.get("pfx",network_name)
checkPath(path)
Paths.get("pfx",network_name,file_name)
case "jks_trust" =>
Paths.get("jks",file_name)
val path = Paths.get("jks",network_name)
checkPath(path)
Paths.get("jks",network_name,file_name)
case "genesis" =>
val path = Paths.get("json",network_name)
checkPath(path)

View File

@ -26,6 +26,7 @@ import java.util.ArrayList
import akka.util.Timeout
import org.slf4j.LoggerFactory
import rep.app.conf.RepChainConfig
import rep.log.RepLogger
import scala.concurrent.Await
@ -165,7 +166,7 @@ class ClusterSystem(sysTag: String, isStartupClusterSystem: Boolean) {
throw new Exception("没有足够的磁盘空间")
}
loadSecurityInfo(ctx.getConfig.getSystemConf)
loadSecurityInfo
if (!checkSystemStorage) {
terminateOfSystem
@ -202,12 +203,12 @@ class ClusterSystem(sysTag: String, isStartupClusterSystem: Boolean) {
r
}
def loadSecurityInfo(conf:Config):Unit={
val cryptoMgr = ctx.getCryptoMgr
val mykeyPath = cryptoMgr.getKeyFileSuffix.substring(1)+ java.io.File.separatorChar + ctx.getSystemName + cryptoMgr.getKeyFileSuffix
val psw = conf.getString("akka.remote.artery.ssl.config-ssl-engine.key-store-password")
val trustPath = cryptoMgr.getKeyFileSuffix.substring(1)+ java.io.File.separatorChar+ctx.getConfig.getGMTrustStoreName + cryptoMgr.getKeyFileSuffix
val trustPwd = conf.getString("akka.remote.artery.ssl.config-ssl-engine.trust-store-password-mm")
def loadSecurityInfo:Unit={
val conf = ctx.getConfig
val mykeyPath = conf.getKeyStore
val psw = conf.getKeyPassword
val trustPath = conf.getTrustStore
val trustPwd = conf.getTrustPassword
ctx.getSignTool.loadPrivateKey(ctx.getSystemName, psw, mykeyPath)
ctx.getSignTool.loadNodeCertList(trustPwd, trustPath)
RepLogger.info(RepLogger.System_Logger, "密钥初始化装载完成...")

View File

@ -23,6 +23,14 @@ import scala.util.control.Breaks.{break, breakable}
* 实现权限校验
*/
object PermissionVerify{
private val errorInfo_Permission = "You do not have this operation{transaction.tranInfoAndHeight} permission, please contact the administrator."
private val errorInfo_Cert = "Failed to get client certificate."
val errorInfo_None_Permission = "{\"error info\":\""+errorInfo_Permission+"\"}"
val errorInfo_Cert_or_permission = "{\"error info\":\""+errorInfo_Cert + " or "+ errorInfo_Permission +"\"}"
}
class PermissionVerify(ctx: RepChainSystemContext) {
val opCache = ctx.getPermissionCacheManager.getCache(DidTplPrefix.operPrefix).asInstanceOf[OperateCache]
val authCache = ctx.getPermissionCacheManager.getCache(DidTplPrefix.authPrefix).asInstanceOf[AuthenticateCache]
@ -155,7 +163,9 @@ class PermissionVerify(ctx: RepChainSystemContext) {
}
def CheckPermissionOfX509Certificate(cert: X509Certificate, opName: String, dbInstance: BlockPreload): Boolean = {
CheckPermissionOfCertHash(this.ctx.getHashTool.hashstr(toPemString(cert)), opName, dbInstance)
val pem = toPemString(cert)
val hash = this.ctx.getHashTool.hashstr(IdTool.deleteLine(pem))
CheckPermissionOfCertHash(hash, opName, dbInstance)
}
def CheckPermissionOfDeployContract(doTrans: DoTransactionOfSandboxInSingle): Boolean = {
@ -233,13 +243,11 @@ class PermissionVerify(ctx: RepChainSystemContext) {
val pemWriter = new JcaPEMWriter(writer)
try{
pemWriter.writeObject(x509)
writer.toString
}catch{
case e:Exception=>
""
}finally {
try{pemWriter.close()}catch {case e:Exception=>e.printStackTrace()}
try{writer.close()}catch {case e:Exception=>e.printStackTrace()}
writer.toString
}catch{
case e:Exception=> ""
}
}
}

View File

@ -89,13 +89,6 @@ class CryptoMgr(ctx:RepChainSystemContext) {
rel
}
/*def loadSystemConfInDebug={
val userConfFile = new File("conf/system.conf")
val combined_conf = ConfigFactory.parseFile(userConfFile)
val final_conf = ConfigFactory.load(combined_conf)
SystemProfile.initConfigSystem(final_conf,"215159697776981712.node1" )
}*/
private def checkProvider={
if(!isLoadProvider){
synchronized {

View File

@ -17,13 +17,18 @@ package rep.crypto.cert
import java.security.{KeyStore, PrivateKey, PublicKey}
import java.security.cert.Certificate
import scala.collection.mutable
import java.io._
import java.util.{ArrayList, List}
import rep.app.system.RepChainSystemContext
import rep.authority.cache.{CertificateCache}
import rep.authority.cache.CertificateCache
import rep.log.RepLogger
import rep.proto.rc2.CertId
import rep.sc.tpl.did.DidTplPrefix
import rep.utils.IdTool
import scala.util.control.Breaks._
/**
@ -92,10 +97,20 @@ class SignTool(ctx:RepChainSystemContext) {
//根据CertId实现验签
def verify(signature: Array[Byte], message: Array[Byte], certinfo: CertId): Boolean = {
val k = certinfo.creditCode + "." + certinfo.certName
var pk = getVerifyCert(k)
//this.getSigner(sysName).verify(signature, message, pk)
this.signer.verify(signature, message, pk)
var r = false
try{
val k = certinfo.creditCode + "." + certinfo.certName
val pk = getVerifyCert(k)
r = this.signer.verify(signature, message, pk)
}catch {
case e:Exception=>{
RepLogger.trace(RepLogger.System_Logger,s"验签异常失败certinfo=${IdTool.getSigner4String(certinfo)}")
}
}
if(!r){
RepLogger.trace(RepLogger.System_Logger,s"验签失败certinfo=${IdTool.getSigner4String(certinfo)}")
}
r
}
//根据公钥实现签名

View File

@ -4,6 +4,7 @@ import rep.crypto.Sha256
import rep.proto.rc2.{ActionResult, Certificate, Signer}
import rep.sc.scalax.{ContractContext, ContractException}
import rep.sc.tpl.did.DidTplPrefix.{certPrefix, hashPrefix, signerPrefix}
import rep.utils.IdTool
/**
* 无需授权自己注册普通证书修改普通证书状态
@ -66,7 +67,7 @@ object CertOperation extends DidOperation {
} else if (customCert.certType.isCertAuthentication || customCert.certType.isCertUndefined) {
// 身份校验证书通过signer注册指定或通过 signUpAllTypeCertificate
throw ContractException(toJsonErrMsg(canNotSignUpAuthCertificate))
} else if (!ctx.api.getSha256Tool.hashstr(customCert.certificate).equals(customCert.certHash)) {
} else if (!ctx.api.getSha256Tool.hashstr(IdTool.deleteLine(customCert.certificate)).equals(customCert.certHash)) {
throw ContractException(toJsonErrMsg(hashNotMatch))
} else {
ctx.api.setVal(certKey, customCert)
@ -132,7 +133,7 @@ object CertOperation extends DidOperation {
val certHashKey = hashPrefix + customCert.certHash
if (ctx.api.getVal(certKey) != null || ctx.api.getVal(certHashKey) != null) {
throw ContractException(toJsonErrMsg(certExists))
} else if (!ctx.api.getSha256Tool.hashstr(customCert.certificate).equals(customCert.certHash)) {
} else if (!ctx.api.getSha256Tool.hashstr(IdTool.deleteLine(customCert.certificate)).equals(customCert.certHash)) {
throw ContractException(toJsonErrMsg(hashNotMatch))
} else {
ctx.api.setVal(certKey, customCert)

View File

@ -4,6 +4,7 @@ import rep.crypto.Sha256
import rep.proto.rc2.{ActionResult, Signer}
import rep.sc.scalax.{ContractContext, ContractException}
import rep.sc.tpl.did.DidTplPrefix.{certPrefix, hashPrefix, signerPrefix}
import rep.utils.IdTool
/**
* 注册signer禁用启用signer
@ -68,7 +69,7 @@ object SignerOperation extends DidOperation {
throw ContractException(toJsonErrMsg(authCertExistsCode, authCertExists.format(certKey)))
} else if (!signer.creditCode.equals(certId.creditCode)) {
throw ContractException(toJsonErrMsg(SignerCertificateNotMatch))
} else if (!ctx.api.getSha256Tool.hashstr(cert.certificate).equals(cert.certHash)) {
} else if (!ctx.api.getSha256Tool.hashstr(IdTool.deleteLine(cert.certificate)).equals(cert.certHash)) {
throw ContractException(toJsonErrMsg(hashNotMatch))
} else {
// 身份校验用

View File

@ -17,7 +17,7 @@ class ChainInfoInCache(mda:BlockSearcher) {
val lstInfo = mda.getLastChainInfo
currentheight = lstInfo.height
currenttxnumber = lstInfo.txCount
val bidx = mda.getBlockIndexByHeight(Some(currentheight)).get
val bidx = mda.getBlockIndexByHeight(Some(currentheight)).getOrElse(null)
if (bidx != null) {
bhash = bidx.getHash
bprevhash = bidx.getPreHash

View File

@ -350,7 +350,7 @@ class BlockSearcher(ctx:RepChainSystemContext,isEncrypt:Boolean=false) {
case _ =>
val idx = this.getObjectForClass[BlockIndex](KeyPrefixManager.getBlockIndexKey4Height(ctx.getConfig,h.get))
idx match {
case None => null
case None => None
case _ => idx.asInstanceOf[Option[BlockIndex]]
}
}

View File

@ -168,6 +168,9 @@ class BlockStorager(ctx: RepChainSystemContext, isEncrypt: Boolean = false) exte
setHm.put(KeyPrefixManager.getBlockFileFirstHeightKey(ctx.getConfig, bIndex.getFileNo), SerializeUtils.serialise(bIndex.getHeight))
}else{
val preBlockIdx = getBlockIndexByHeight(Option(bIndex.getHeight-1))
if(preBlockIdx == None){
throw new Exception("Index of previous block not found")
}
if(bIndex.getFileNo > preBlockIdx.get.getFileNo){
setHm.put(KeyPrefixManager.getBlockFileFirstHeightKey(ctx.getConfig, bIndex.getFileNo), SerializeUtils.serialise(bIndex.getHeight))
}

View File

@ -186,65 +186,65 @@ object EventServer {
Thread.sleep(2000)
}
if(repContext.getConfig.isUseHttps) {
var https : HttpsConnectionContext = null
if (repContext.getConfig.isUseGM) {
https = ConnectionContext.httpsServer(() => {
//val engine = repContext.getSSLContext.getSSLcontext.createSSLEngine()
val engine = pe.getSSLContext.createSSLEngine()
engine.setUseClientMode(false)
engine.setEnabledCipherSuites(Array("GMSSL_ECC_SM4_SM3"))
engine.setEnabledProtocols(Array("GMSSLv1.1"))
repContext.getConfig.isUseHttps match{
case true=>
var https : HttpsConnectionContext = null
repContext.getConfig.isUseGM match {
case true=>
https = ConnectionContext.httpsServer(() => {
//val engine = repContext.getSSLContext.getSSLcontext.createSSLEngine()
val engine = pe.getSSLContext.createSSLEngine()
engine.setUseClientMode(false)
engine.setEnabledCipherSuites(Array("GMSSL_ECC_SM4_SM3"))
engine.setEnabledProtocols(Array("GMSSLv1.1"))
engine.setNeedClientAuth(repContext.getConfig.isNeedClientAuth)
engine
})
Http().newServerAt("0.0.0.0", port)
.enableHttps(https)
.bindFlow(route_evt
~ cors() (
new BlockService(ra,repContext,repContext.getConfig.isNeedClientAuth).route ~
new ChainService(ra).route ~
new TransactionService(ra,repContext,repContext.getConfig.isNeedClientAuth).route ~
new DbService(ra,repContext,repContext.getConfig.isNeedClientAuth).route ~
SwaggerDocService.routes))
System.out.println(s"^^^^^^^^https GM Service:${repContext.getSystemName}^^^^^^^^")
case false=>
https = ConnectionContext.httpsServer(() => {
val sslCtx = JsseContextHelper.createJsseContext(repContext.getConfig.getSystemConf)//EventServer.createJsseContext(repContext)
val engine = sslCtx.createSSLEngine()
engine.setUseClientMode(false)
val cipherSuite = immutableSeq(repContext.getConfig.getSystemConf.getStringList("akka.remote.artery.ssl.config-ssl-engine.enabled-algorithms")).toSet
engine.setEnabledCipherSuites(cipherSuite.toArray)
engine.setEnabledProtocols(Array(
repContext.getConfig.getSystemConf.getString("akka.remote.artery.ssl.config-ssl-engine.protocol")))
engine.setNeedClientAuth(repContext.getConfig.isNeedClientAuth)
engine
})
engine
})
Http().newServerAt("0.0.0.0", port)
.enableHttps(https)
.bindFlow(route_evt
~ cors() (
new BlockService(ra,repContext,repContext.getConfig.isNeedClientAuth).route ~
new ChainService(ra).route ~
new TransactionService(ra,repContext,repContext.getConfig.isNeedClientAuth).route ~
new DbService(ra,repContext,repContext.getConfig.isNeedClientAuth).route ~
SwaggerDocService.routes))
System.out.println(s"^^^^^^^^https TLS Service:${repContext.getSystemName}^^^^^^^^")
}
case false=>
Http().newServerAt("0.0.0.0", port)
.enableHttps(https)
// .enableHttps(https)
.bindFlow(route_evt
~ cors() (
new BlockService(ra).route ~
new BlockService(ra,repContext,false).route ~
new ChainService(ra).route ~
new TransactionService(ra).route ~
new DbService(ra).route ~
new TransactionService(ra,repContext,false).route ~
new DbService(ra,repContext,false).route ~
SwaggerDocService.routes))
System.out.println(s"^^^^^^^^https GM Service:${repContext.getSystemName}^^^^^^^^")
} else {
https = ConnectionContext.httpsServer(() => {
val sslCtx = JsseContextHelper.createJsseContext(repContext.getConfig.getSystemConf)//EventServer.createJsseContext(repContext)
val engine = sslCtx.createSSLEngine()
engine.setUseClientMode(false)
val cipherSuite = immutableSeq(repContext.getConfig.getSystemConf.getStringList("akka.remote.artery.ssl.config-ssl-engine.enabled-algorithms")).toSet
engine.setEnabledCipherSuites(cipherSuite.toArray)
engine.setEnabledProtocols(Array(
repContext.getConfig.getSystemConf.getString("akka.remote.artery.ssl.config-ssl-engine.protocol")))
engine.setNeedClientAuth(false)
engine.setWantClientAuth(false)
engine
})
Http().newServerAt("0.0.0.0", port)
.enableHttps(https)
.bindFlow(route_evt
~ cors() (
new BlockService(ra).route ~
new ChainService(ra).route ~
new TransactionService(ra).route ~
new DbService(ra).route ~
SwaggerDocService.routes))
System.out.println(s"^^^^^^^^https TLS Service:${repContext.getSystemName}^^^^^^^^")
}
}else{
Http().newServerAt("0.0.0.0", port)
// .enableHttps(https)
.bindFlow(route_evt
~ cors() (
new BlockService(ra).route ~
new ChainService(ra).route ~
new TransactionService(ra).route ~
new DbService(ra).route ~
SwaggerDocService.routes))
System.out.println(s"^^^^^^^^http Service:${repContext.getSystemName}^^^^^^^^")
System.out.println(s"^^^^^^^^http Service:${repContext.getSystemName}^^^^^^^^")
}

View File

@ -27,9 +27,9 @@ object CreateGenesisInfo {
def main(args: Array[String]): Unit = {
val ctx = new RepChainSystemContext("121000005l35120456.node1")
ctx.getSignTool.loadPrivateKey("121000005l35120456.node1", "123", s"${ctx.getCryptoMgr.getKeyFileSuffix.substring(1)}/121000005l35120456.node1${ctx.getCryptoMgr.getKeyFileSuffix}")
ctx.getSignTool.loadNodeCertList("changeme", s"${ctx.getCryptoMgr.getKeyFileSuffix.substring(1)}/mytruststore${ctx.getCryptoMgr.getKeyFileSuffix}")
ctx.getSignTool.loadPrivateKey("951002007l78123233.super_admin", "super_admin", s"${ctx.getCryptoMgr.getKeyFileSuffix.substring(1)}/951002007l78123233.super_admin${ctx.getCryptoMgr.getKeyFileSuffix}")
ctx.getSignTool.loadPrivateKey("121000005l35120456.node1", "123", s"${ctx.getCryptoMgr.getKeyFileSuffix.substring(1)}/${ctx.getConfig.getChainNetworkId}/121000005l35120456.node1${ctx.getCryptoMgr.getKeyFileSuffix}")
ctx.getSignTool.loadNodeCertList("changeme", s"${ctx.getCryptoMgr.getKeyFileSuffix.substring(1)}/${ctx.getConfig.getChainNetworkId}/mytruststore${ctx.getCryptoMgr.getKeyFileSuffix}")
ctx.getSignTool.loadPrivateKey("951002007l78123233.super_admin", "super_admin", s"${ctx.getCryptoMgr.getKeyFileSuffix.substring(1)}/${ctx.getConfig.getChainNetworkId}/951002007l78123233.super_admin${ctx.getCryptoMgr.getKeyFileSuffix}")
val sysName = "121000005l35120456.node1"
val superAdmin = "951002007l78123233.super_admin"
val super_credit = "951002007l78123233"
@ -57,9 +57,9 @@ object CreateGenesisInfo {
nodes(4) = ("node4", "921000005k36123789", "18912345678")
nodes(5) = ("node5", "921000006e0012v696", "18912345678")
for (i <- 0 to 5) {
val certfile = scala.io.Source.fromFile(s"${ctx.getCryptoMgr.getKeyFileSuffix.substring(1)}/" + nodes(i)._2 + "." + nodes(i)._1 + ".cer", "UTF-8")
val certfile = scala.io.Source.fromFile(s"${ctx.getCryptoMgr.getKeyFileSuffix.substring(1)}/${ctx.getConfig.getChainNetworkId}/" + nodes(i)._2 + "." + nodes(i)._1 + ".cer", "UTF-8")
val certstr = try certfile.mkString finally certfile.close()
val certstrhash = ctx.getHashTool.hashstr(certstr)
val certstrhash = ctx.getHashTool.hashstr(IdTool.deleteLine(certstr))
val certid = IdTool.getCertIdFromName(nodes(i)._2 + "." + nodes(i)._1)
val millis = System.currentTimeMillis()
//生成Did的身份证书
@ -107,31 +107,34 @@ object CreateGenesisInfo {
}
//api操作注册
val opsOfAPI: Array[(String, String, String)] = new Array[(String, String, String)](15)
opsOfAPI(0) = (ctx.getHashTool.hashstr("chaininfo.chaininfo"), "获取链信息", "chaininfo.chaininfo")
opsOfAPI(1) = (ctx.getHashTool.hashstr("chaininfo.node"), "返回组网节点数量", "chaininfo.node")
opsOfAPI(2) = (ctx.getHashTool.hashstr("chaininfo.getcachetransnumber"), "返回系统缓存交易数量", "chaininfo.getcachetransnumber")
opsOfAPI(3) = (ctx.getHashTool.hashstr("chaininfo.getAcceptedTransNumber"), "返回系统接收到的交易数量", "chaininfo.getAcceptedTransNumber")
val opsOfAPI: Array[(String, String, String,Boolean)] = new Array[(String, String, String,Boolean)](17)
opsOfAPI(0) = (ctx.getHashTool.hashstr("chaininfo.chaininfo"), "获取链信息", "chaininfo.chaininfo",true)
opsOfAPI(1) = (ctx.getHashTool.hashstr("chaininfo.node"), "返回组网节点数量", "chaininfo.node",true)
opsOfAPI(2) = (ctx.getHashTool.hashstr("chaininfo.getcachetransnumber"), "返回系统缓存交易数量", "chaininfo.getcachetransnumber",true)
opsOfAPI(3) = (ctx.getHashTool.hashstr("chaininfo.getAcceptedTransNumber"), "返回系统接收到的交易数量", "chaininfo.getAcceptedTransNumber",true)
opsOfAPI(4) = (ctx.getHashTool.hashstr("block.hash"), "返回指定id的区块", "block.hash")
opsOfAPI(5) = (ctx.getHashTool.hashstr("block.blockHeight"), "返回指定高度的区块", "block.blockHeight")
opsOfAPI(6) = (ctx.getHashTool.hashstr("block.getTransNumberOfBlock"), "返回指定高度区块包含的交易数", "block.getTransNumberOfBlock")
opsOfAPI(7) = (ctx.getHashTool.hashstr("block.blocktime"), "返回指定高度的区块的出块时间", "block.blocktime")
opsOfAPI(8) = (ctx.getHashTool.hashstr("block.blocktimeoftran"), "返回指定交易的入块时间", "block.blocktimeoftran")
opsOfAPI(9) = (ctx.getHashTool.hashstr("block.stream"), "返回指定高度的区块字节流", "block.stream")
opsOfAPI(4) = (ctx.getHashTool.hashstr("block.hash"), "返回指定id的区块", "block.hash",false)
opsOfAPI(5) = (ctx.getHashTool.hashstr("block.blockHeight"), "返回指定高度的区块", "block.blockHeight",false)
opsOfAPI(6) = (ctx.getHashTool.hashstr("block.getTransNumberOfBlock"), "返回指定高度区块包含的交易数", "block.getTransNumberOfBlock",true)
opsOfAPI(7) = (ctx.getHashTool.hashstr("block.blocktime"), "返回指定高度的区块的出块时间", "block.blocktime",true)
opsOfAPI(8) = (ctx.getHashTool.hashstr("block.blocktimeoftran"), "返回指定交易的入块时间", "block.blocktimeoftran",true)
opsOfAPI(9) = (ctx.getHashTool.hashstr("block.stream"), "返回指定高度的区块字节流", "block.stream",false)
opsOfAPI(10) = (ctx.getHashTool.hashstr("transaction"), "返回指定id的交易", "transaction")
opsOfAPI(11) = (ctx.getHashTool.hashstr("transaction.stream"), "返回指定id的交易字节流", "transaction.stream")
opsOfAPI(12) = (ctx.getHashTool.hashstr("transaction.postTranByString"), "提交带签名的交易", "transaction.postTranByString")
opsOfAPI(13) = (ctx.getHashTool.hashstr("transaction.postTranStream"), "提交带签名的交易字节流", "transaction.postTranStream")
opsOfAPI(14) = (ctx.getHashTool.hashstr("transaction.postTran"), "提交交易", "transaction.postTran")
opsOfAPI(10) = (ctx.getHashTool.hashstr("transaction"), "返回指定id的交易", "transaction",false)
opsOfAPI(11) = (ctx.getHashTool.hashstr("transaction.stream"), "返回指定id的交易字节流", "transaction.stream",false)
opsOfAPI(12) = (ctx.getHashTool.hashstr("transaction.postTranByString"), "提交带签名的交易", "transaction.postTranByString",true)
opsOfAPI(13) = (ctx.getHashTool.hashstr("transaction.postTranStream"), "提交带签名的交易字节流", "transaction.postTranStream",true)
opsOfAPI(14) = (ctx.getHashTool.hashstr("transaction.postTran"), "提交交易", "transaction.postTran",true)
opsOfAPI(15) = (ctx.getHashTool.hashstr("transaction.tranInfoAndHeight"), "回指定id的交易信息及所在区块高度", "transaction.tranInfoAndHeight",false)
opsOfAPI(16) = (ctx.getHashTool.hashstr("db.query"), "查询合约存储在DB中的数据", "db.query",false)
for (i <- 0 to 14) {
for (i <- 0 to 16) {
val millis = System.currentTimeMillis()
val snls = List("transaction.stream", "transaction.postTranByString", "transaction.postTranStream", "transaction.postTran")
//生成Operate不是公开的
val op = Operate(opsOfAPI(i)._1, opsOfAPI(i)._2, super_credit, false, OperateType.OPERATE_SERVICE,
List(opsOfAPI(i)._3), "*", "", Option(Timestamp(millis / 1000, ((millis % 1000) * 1000000).toInt)),
val op = Operate(opsOfAPI(i)._1, opsOfAPI(i)._2, super_credit, opsOfAPI(i)._4, OperateType.OPERATE_SERVICE,
snls, "*", opsOfAPI(i)._3, Option(Timestamp(millis / 1000, ((millis % 1000) * 1000000).toInt)),
_root_.scala.None, true, "1.0")
translist += ctx.getTransactionBuilder.createTransaction4Invoke(superAdmin, cid1, "signUpOperate", Seq(JsonFormat.toJsonString(op)))
}
@ -149,7 +152,7 @@ object CreateGenesisInfo {
}
// 授权节点所有api相关的操作
for (i <- 0 to 14) {
for (i <- 0 to 16) {
opids += opsOfAPI(i)._1
}

View File

@ -31,9 +31,9 @@ object CreateGenesisInfo4NoTransaction {
val super_credit = "951002007l78123233"
val ctx = new RepChainSystemContext(sysName)
ctx.getSignTool.loadPrivateKey(sysName, "123", s"${ctx.getCryptoMgr.getKeyFileSuffix.substring(1)}/$sysName${ctx.getCryptoMgr.getKeyFileSuffix}")
ctx.getSignTool.loadNodeCertList("changeme", s"${ctx.getCryptoMgr.getKeyFileSuffix.substring(1)}/mytruststore${ctx.getCryptoMgr.getKeyFileSuffix}")
ctx.getSignTool.loadPrivateKey(superAdmin, "super_admin", s"${ctx.getCryptoMgr.getKeyFileSuffix.substring(1)}/$superAdmin${ctx.getCryptoMgr.getKeyFileSuffix}")
ctx.getSignTool.loadPrivateKey(sysName, "123", s"${ctx.getCryptoMgr.getKeyFileSuffix.substring(1)}/${ctx.getConfig.getChainNetworkId}/$sysName${ctx.getCryptoMgr.getKeyFileSuffix}")
ctx.getSignTool.loadNodeCertList("changeme", s"${ctx.getCryptoMgr.getKeyFileSuffix.substring(1)}/${ctx.getConfig.getChainNetworkId}/mytruststore${ctx.getCryptoMgr.getKeyFileSuffix}")
ctx.getSignTool.loadPrivateKey(superAdmin, "super_admin", s"${ctx.getCryptoMgr.getKeyFileSuffix.substring(1)}/${ctx.getConfig.getChainNetworkId}/$superAdmin${ctx.getCryptoMgr.getKeyFileSuffix}")
val translist: ArrayBuffer[Transaction] = new ArrayBuffer[Transaction]

View File

@ -28,9 +28,9 @@ object CreateGenesisInfoInGM {
val dir4key = ctx.getCryptoMgr.getKeyFileSuffix.substring(1)
val keySuffix = ctx.getCryptoMgr.getKeyFileSuffix
ctx.getSignTool.loadPrivateKey("215159697776981712.node1", "123", s"${dir4key}/215159697776981712.node1${keySuffix}")
ctx.getSignTool.loadNodeCertList("changeme", s"${dir4key}/mytruststore${keySuffix}")
ctx.getSignTool.loadPrivateKey("257091603041653856.super_admin", "super_admin", s"${dir4key}/257091603041653856.super_admin${keySuffix}")
ctx.getSignTool.loadPrivateKey("215159697776981712.node1", "123", s"${dir4key}/${ctx.getConfig.getChainNetworkId}/215159697776981712.node1${keySuffix}")
ctx.getSignTool.loadNodeCertList("changeme", s"${dir4key}/${ctx.getConfig.getChainNetworkId}/mytruststore${keySuffix}")
ctx.getSignTool.loadPrivateKey("257091603041653856.super_admin", "super_admin", s"${dir4key}/${ctx.getConfig.getChainNetworkId}/257091603041653856.super_admin${keySuffix}")
val sysName = "215159697776981712.node1"
val superAdmin = "257091603041653856.super_admin"
val super_credit = "257091603041653856"
@ -56,9 +56,9 @@ object CreateGenesisInfoInGM {
nodes(4) = ("node4", "645377164372772928", "18912345678")
nodes(5) = ("node5", "379552050023903168", "18912345678")
for (i <- 0 to 5) {
val certfile = scala.io.Source.fromFile(s"${dir4key}/" + nodes(i)._2 + "." + nodes(i)._1 + ".cer", "UTF-8")
val certfile = scala.io.Source.fromFile(s"${dir4key}/${ctx.getConfig.getChainNetworkId}/" + nodes(i)._2 + "." + nodes(i)._1 + ".cer", "UTF-8")
val certstr = try certfile.mkString finally certfile.close()
val certstrhash = ctx.getHashTool.hashstr(certstr)
val certstrhash = ctx.getHashTool.hashstr(IdTool.deleteLine(certstr))
val certid = IdTool.getCertIdFromName(nodes(i)._2 + "." + nodes(i)._1)
val millis = System.currentTimeMillis()
//生成Did的身份证书
@ -106,31 +106,35 @@ object CreateGenesisInfoInGM {
}
//api操作注册
val opsOfAPI: Array[(String, String, String)] = new Array[(String, String, String)](15)
opsOfAPI(0) = (ctx.getHashTool.hashstr("chaininfo.chaininfo"), "获取链信息", "chaininfo.chaininfo")
opsOfAPI(1) = (ctx.getHashTool.hashstr("chaininfo.node"), "返回组网节点数量", "chaininfo.node")
opsOfAPI(2) = (ctx.getHashTool.hashstr("chaininfo.getcachetransnumber"), "返回系统缓存交易数量", "chaininfo.getcachetransnumber")
opsOfAPI(3) = (ctx.getHashTool.hashstr("chaininfo.getAcceptedTransNumber"), "返回系统接收到的交易数量", "chaininfo.getAcceptedTransNumber")
//api操作注册
val opsOfAPI: Array[(String, String, String,Boolean)] = new Array[(String, String, String,Boolean)](17)
opsOfAPI(0) = (ctx.getHashTool.hashstr("chaininfo.chaininfo"), "获取链信息", "chaininfo.chaininfo",true)
opsOfAPI(1) = (ctx.getHashTool.hashstr("chaininfo.node"), "返回组网节点数量", "chaininfo.node",true)
opsOfAPI(2) = (ctx.getHashTool.hashstr("chaininfo.getcachetransnumber"), "返回系统缓存交易数量", "chaininfo.getcachetransnumber",true)
opsOfAPI(3) = (ctx.getHashTool.hashstr("chaininfo.getAcceptedTransNumber"), "返回系统接收到的交易数量", "chaininfo.getAcceptedTransNumber",true)
opsOfAPI(4) = (ctx.getHashTool.hashstr("block.hash"), "返回指定id的区块", "block.hash")
opsOfAPI(5) = (ctx.getHashTool.hashstr("block.blockHeight"), "返回指定高度的区块", "block.blockHeight")
opsOfAPI(6) = (ctx.getHashTool.hashstr("block.getTransNumberOfBlock"), "返回指定高度区块包含的交易数", "block.getTransNumberOfBlock")
opsOfAPI(7) = (ctx.getHashTool.hashstr("block.blocktime"), "返回指定高度的区块的出块时间", "block.blocktime")
opsOfAPI(8) = (ctx.getHashTool.hashstr("block.blocktimeoftran"), "返回指定交易的入块时间", "block.blocktimeoftran")
opsOfAPI(9) = (ctx.getHashTool.hashstr("block.stream"), "返回指定高度的区块字节流", "block.stream")
opsOfAPI(4) = (ctx.getHashTool.hashstr("block.hash"), "返回指定id的区块", "block.hash",false)
opsOfAPI(5) = (ctx.getHashTool.hashstr("block.blockHeight"), "返回指定高度的区块", "block.blockHeight",false)
opsOfAPI(6) = (ctx.getHashTool.hashstr("block.getTransNumberOfBlock"), "返回指定高度区块包含的交易数", "block.getTransNumberOfBlock",true)
opsOfAPI(7) = (ctx.getHashTool.hashstr("block.blocktime"), "返回指定高度的区块的出块时间", "block.blocktime",true)
opsOfAPI(8) = (ctx.getHashTool.hashstr("block.blocktimeoftran"), "返回指定交易的入块时间", "block.blocktimeoftran",true)
opsOfAPI(9) = (ctx.getHashTool.hashstr("block.stream"), "返回指定高度的区块字节流", "block.stream",false)
opsOfAPI(10) = (ctx.getHashTool.hashstr("transaction"), "返回指定id的交易", "transaction")
opsOfAPI(11) = (ctx.getHashTool.hashstr("transaction.stream"), "返回指定id的交易字节流", "transaction.stream")
opsOfAPI(12) = (ctx.getHashTool.hashstr("transaction.postTranByString"), "提交带签名的交易", "transaction.postTranByString")
opsOfAPI(13) = (ctx.getHashTool.hashstr("transaction.postTranStream"), "提交带签名的交易字节流", "transaction.postTranStream")
opsOfAPI(14) = (ctx.getHashTool.hashstr("transaction.postTran"), "提交交易", "transaction.postTran")
opsOfAPI(10) = (ctx.getHashTool.hashstr("transaction"), "返回指定id的交易", "transaction",false)
opsOfAPI(11) = (ctx.getHashTool.hashstr("transaction.stream"), "返回指定id的交易字节流", "transaction.stream",false)
opsOfAPI(12) = (ctx.getHashTool.hashstr("transaction.postTranByString"), "提交带签名的交易", "transaction.postTranByString",true)
opsOfAPI(13) = (ctx.getHashTool.hashstr("transaction.postTranStream"), "提交带签名的交易字节流", "transaction.postTranStream",true)
opsOfAPI(14) = (ctx.getHashTool.hashstr("transaction.postTran"), "提交交易", "transaction.postTran",true)
opsOfAPI(15) = (ctx.getHashTool.hashstr("transaction.tranInfoAndHeight"), "回指定id的交易信息及所在区块高度", "transaction.tranInfoAndHeight",false)
opsOfAPI(16) = (ctx.getHashTool.hashstr("db.query"), "查询合约存储在DB中的数据", "db.query",false)
for (i <- 0 to 14) {
for (i <- 0 to 16) {
val millis = System.currentTimeMillis()
val snls = List("transaction.stream", "transaction.postTranByString", "transaction.postTranStream", "transaction.postTran")
//生成Operate不是公开的
val op = rep.proto.rc2.Operate(opsOfAPI(i)._1, opsOfAPI(i)._2, super_credit, false, OperateType.OPERATE_SERVICE,
List(opsOfAPI(i)._3), "*", "", Option(Timestamp(millis / 1000, ((millis % 1000) * 1000000).toInt)),
snls, "*", opsOfAPI(i)._3, Option(Timestamp(millis / 1000, ((millis % 1000) * 1000000).toInt)),
_root_.scala.None, true, "1.0")
translist += ctx.getTransactionBuilder.createTransaction4Invoke(superAdmin, cid1, "signUpOperate", Seq(JsonFormat.toJsonString(op)))
}
@ -148,7 +152,7 @@ object CreateGenesisInfoInGM {
}
// 授权节点所有api相关的操作
for (i <- 0 to 14) {
for (i <- 0 to 16) {
opids += opsOfAPI(i)._1
}

View File

@ -27,7 +27,16 @@ object IdTool {
def getRandomUUID: String = {
UUID.randomUUID().toString
}
def deleteLine(src:String):String={
var rStr = ""
if(src == null) {
rStr
}else{
rStr = src.replaceAll("\\r\\n|\\n|\\\\n|\\s","")
}
rStr
}
def isDidContract(contractName:String):Boolean = {
contractName == "RdidOperateAuthorizeTPL"

View File

@ -77,29 +77,29 @@ class RdidCertOperationSpec(_system: ActorSystem) extends TestKit(_system) with
val sha256 = ctx.getHashTool
val transactionTool = ctx.getTransactionBuilder
// 加载node1的私钥
ctx.getSignTool.loadPrivateKey(sysName, "123", s"${keyFileSuffix.substring(1)}/" + sysName + s"${keyFileSuffix}")
ctx.getSignTool.loadPrivateKey(sysName, "123", s"${keyFileSuffix.substring(1)}/${ctx.getConfig.getChainNetworkId}/" + sysName + s"${keyFileSuffix}")
// 加载super_admin的私钥
ctx.getSignTool.loadPrivateKey(superAdmin, "super_admin", s"${keyFileSuffix.substring(1)}/" + superAdmin + s"${keyFileSuffix}")
ctx.getSignTool.loadPrivateKey(superAdmin, "super_admin", s"${keyFileSuffix.substring(1)}/${ctx.getConfig.getChainNetworkId}/" + superAdmin + s"${keyFileSuffix}")
val cid = ChaincodeId("RdidOperateAuthorizeTPL", 1)
val certNode1: BufferedSource = scala.io.Source.fromFile(s"${keyFileSuffix.substring(1)}/certs/121000005l35120456.node1.cer")
val certNode1: BufferedSource = scala.io.Source.fromFile(s"${keyFileSuffix.substring(1)}/${ctx.getConfig.getChainNetworkId}/121000005l35120456.node1.cer")
val certStr1: String = try certNode1.mkString finally certNode1.close()
val certNode2: BufferedSource = scala.io.Source.fromFile(s"${keyFileSuffix.substring(1)}/certs/12110107bi45jh675g.node2.cer")
val certNode2: BufferedSource = scala.io.Source.fromFile(s"${keyFileSuffix.substring(1)}/${ctx.getConfig.getChainNetworkId}/12110107bi45jh675g.node2.cer")
val certStr2: String = try certNode2.mkString finally certNode2.close()
val certNode3: BufferedSource = scala.io.Source.fromFile(s"${keyFileSuffix.substring(1)}/certs/122000002n00123567.node3.cer")
val certNode3: BufferedSource = scala.io.Source.fromFile(s"${keyFileSuffix.substring(1)}/${ctx.getConfig.getChainNetworkId}/122000002n00123567.node3.cer")
val certStr3: String = try certNode3.mkString finally certNode3.close()
val certNode4: BufferedSource = scala.io.Source.fromFile(s"${keyFileSuffix.substring(1)}/certs/921000005k36123789.node4.cer")
val certNode4: BufferedSource = scala.io.Source.fromFile(s"${keyFileSuffix.substring(1)}/${ctx.getConfig.getChainNetworkId}/921000005k36123789.node4.cer")
val certStr4: String = try certNode4.mkString finally certNode4.close()
val certNode5: BufferedSource = scala.io.Source.fromFile(s"${keyFileSuffix.substring(1)}/certs/921000006e0012v696.node5.cer")
val certNode5: BufferedSource = scala.io.Source.fromFile(s"${keyFileSuffix.substring(1)}/${ctx.getConfig.getChainNetworkId}/921000006e0012v696.node5.cer")
val certStr5: String = try certNode5.mkString finally certNode5.close()
val superCert: BufferedSource = scala.io.Source.fromFile(s"${keyFileSuffix.substring(1)}/certs/951002007l78123233.super_admin.cer", "UTF-8")
val superCert: BufferedSource = scala.io.Source.fromFile(s"${keyFileSuffix.substring(1)}/${ctx.getConfig.getChainNetworkId}/951002007l78123233.super_admin.cer", "UTF-8")
val superCertPem: String = try superCert.mkString finally superCert.close()
val certs: mutable.Map[String, String] = mutable.Map("node1" -> certStr1, "node2" -> certStr2, "node3" -> certStr3, "node4" -> certStr4, "node5" -> certStr5)
val cert1 = Certificate(certStr1, "SHA256withECDSA", certValid = true, None, None, Certificate.CertType.CERT_AUTHENTICATION, Some(CertId("121000005l35120456", "CERT1", "1")), sha256.hashstr(certStr1), "1")
val cert2 = Certificate(certStr2, "SHA256withECDSA", certValid = true, None, None, Certificate.CertType.CERT_AUTHENTICATION, Some(CertId("121000005l35120456", "CERT2", "1")), sha256.hashstr(certStr2), "1")
val cert3 = Certificate(certStr3, "SHA256withECDSA", certValid = true, None, None, Certificate.CertType.CERT_CUSTOM, Some(CertId("121000005l35120456", "CERT3", "1")), sha256.hashstr(certStr3), "1")
val cert1 = Certificate(certStr1, "SHA256withECDSA", certValid = true, None, None, Certificate.CertType.CERT_AUTHENTICATION, Some(CertId("121000005l35120456", "CERT1", "1")), sha256.hashstr(IdTool.deleteLine(certStr1)), "1")
val cert2 = Certificate(certStr2, "SHA256withECDSA", certValid = true, None, None, Certificate.CertType.CERT_AUTHENTICATION, Some(CertId("121000005l35120456", "CERT2", "1")), sha256.hashstr(IdTool.deleteLine(certStr2)), "1")
val cert3 = Certificate(certStr3, "SHA256withECDSA", certValid = true, None, None, Certificate.CertType.CERT_CUSTOM, Some(CertId("121000005l35120456", "CERT3", "1")), sha256.hashstr(IdTool.deleteLine(certStr3)), "1")
// 只有AuthCert
@ -133,7 +133,7 @@ class RdidCertOperationSpec(_system: ActorSystem) extends TestKit(_system) with
test("注册superAdmin账户与操作") {
// 注册账户
val superCertHash = sha256.hashstr(superCertPem)
val superCertHash = sha256.hashstr(IdTool.deleteLine(superCertPem))
val superCertId = CertId("951002007l78123233", "super_admin")
val millis = System.currentTimeMillis()
//生成Did的身份证书
@ -232,7 +232,7 @@ class RdidCertOperationSpec(_system: ActorSystem) extends TestKit(_system) with
val cip = new ChaincodeInput(chaincodeInputFunc, params)
t = t.withId(txid).withCid(chaincodeId).withIpt(cip).withType(Transaction.Type.CHAINCODE_INVOKE).clearSignature
var sobj = Signature(Option(certid), Option(Timestamp(millis / 1000, ((millis % 1000) * 1000000).toInt)))
val privateKey = loadPrivateKey(nodeName, "123", s"${keyFileSuffix.substring(1)}/121000005l35120456.node1${keyFileSuffix}")
val privateKey = loadPrivateKey(nodeName, "123", s"${keyFileSuffix.substring(1)}/${ctx.getConfig.getChainNetworkId}/121000005l35120456.node1${keyFileSuffix}")
sobj = sobj.withSignature(ByteString.copyFrom(ctx.getSigner.sign(privateKey, t.toByteArray)))
t = t.withSignature(sobj)
t

View File

@ -32,7 +32,9 @@ import rep.proto.rc2.{ActionResult, CertId, Certificate, ChaincodeDeploy, Chainc
import rep.sc.SandboxDispatcher.DoTransaction
import rep.sc.tpl.did.operation.{OperOperation, SignerOperation}
import rep.sc.tpl.did.operation.OperOperation.{OperateStatus, operateNotExists}
import rep.utils.IdTool
import scalapb.json4s.JsonFormat
import scala.collection.mutable
import scala.concurrent.duration._
import scala.io.BufferedSource
@ -67,22 +69,22 @@ class RdidOperOperationSpec(_system: ActorSystem) extends TestKit(_system) with
val transactionTool = ctx.getTransactionBuilder
// 加载node1的私钥
ctx.getSignTool.loadPrivateKey(sysName, "123", s"${keyFileSuffix.substring(1)}/" + sysName + s"${keyFileSuffix}")
ctx.getSignTool.loadPrivateKey(sysName, "123", s"${keyFileSuffix.substring(1)}/${ctx.getConfig.getChainNetworkId}/" + sysName + s"${keyFileSuffix}")
// 加载super_admin的私钥
ctx.getSignTool.loadPrivateKey(superAdmin, "super_admin", s"${keyFileSuffix.substring(1)}/" + superAdmin + s"${keyFileSuffix}")
ctx.getSignTool.loadPrivateKey(superAdmin, "super_admin", s"${keyFileSuffix.substring(1)}/${ctx.getConfig.getChainNetworkId}/" + superAdmin + s"${keyFileSuffix}")
val cid = ChaincodeId("RdidOperateAuthorizeTPL", 1)
val certNode1: BufferedSource = scala.io.Source.fromFile(s"${keyFileSuffix.substring(1)}/certs/121000005l35120456.node1.cer")
val certNode1: BufferedSource = scala.io.Source.fromFile(s"${keyFileSuffix.substring(1)}/${ctx.getConfig.getChainNetworkId}/121000005l35120456.node1.cer")
val certStr1: String = try certNode1.mkString finally certNode1.close()
val certNode2: BufferedSource = scala.io.Source.fromFile(s"${keyFileSuffix.substring(1)}/certs/12110107bi45jh675g.node2.cer")
val certNode2: BufferedSource = scala.io.Source.fromFile(s"${keyFileSuffix.substring(1)}/${ctx.getConfig.getChainNetworkId}/12110107bi45jh675g.node2.cer")
val certStr2: String = try certNode2.mkString finally certNode2.close()
val superCert: BufferedSource = scala.io.Source.fromFile(s"${keyFileSuffix.substring(1)}/certs/951002007l78123233.super_admin.cer", "UTF-8")
val superCert: BufferedSource = scala.io.Source.fromFile(s"${keyFileSuffix.substring(1)}/${ctx.getConfig.getChainNetworkId}/951002007l78123233.super_admin.cer", "UTF-8")
val superCertPem: String = try superCert.mkString finally superCert.close()
val certs: mutable.Map[String, String] = mutable.Map("node1" -> certStr1, "node2" -> certStr2, "super_admin" -> superCertPem)
val node1Cert1 = Certificate(certStr1, "SHA256withECDSA", certValid = true, None, None, Certificate.CertType.CERT_AUTHENTICATION, Some(CertId("121000005l35120456", "node1Cert1", "1")), sha256.hashstr(certStr1), "1")
val node1Cert1 = Certificate(certStr1, "SHA256withECDSA", certValid = true, None, None, Certificate.CertType.CERT_AUTHENTICATION, Some(CertId("121000005l35120456", "node1Cert1", "1")), sha256.hashstr(IdTool.deleteLine(certStr1)), "1")
// 包含有AuthCert
val node1AuthCerts1 = Seq(node1Cert1)
@ -90,7 +92,7 @@ class RdidOperOperationSpec(_system: ActorSystem) extends TestKit(_system) with
val superCertId = CertId("951002007l78123233", "super_admin")
val millis: Long = System.currentTimeMillis()
//生成Did的身份证书
val superAuthCert = Certificate(superCertPem, "SHA256withECDSA", true, Option(Timestamp(millis / 1000, ((millis % 1000) * 1000000).toInt)), None, CertType.CERT_AUTHENTICATION, Option(superCertId), sha256.hashstr(superCertPem), "1.0")
val superAuthCert = Certificate(superCertPem, "SHA256withECDSA", true, Option(Timestamp(millis / 1000, ((millis % 1000) * 1000000).toInt)), None, CertType.CERT_AUTHENTICATION, Option(superCertId), sha256.hashstr(IdTool.deleteLine(superCertPem)), "1.0")
val signers: Array[Signer] = Array(
Signer("super_admin", "951002007l78123233", "13856789234", Seq.empty, Seq.empty, Seq.empty, Seq.empty, List(superAuthCert), "", Option(Timestamp(millis / 1000, ((millis % 1000) * 1000000).toInt)), None, true, "1.0"),

View File

@ -16,20 +16,22 @@
package rep.sc
import akka.actor.{ ActorSystem}
import akka.actor.ActorSystem
import akka.testkit.{TestKit, TestProbe}
import org.json4s.jackson.Serialization
import org.json4s.native.Serialization.write
import org.json4s.{DefaultFormats, jackson}
import org.scalatest._
import rep.app.conf.RepChainConfig
import rep.app.system.{ RepChainSystemContext}
import rep.app.system.RepChainSystemContext
import rep.network.tools.PeerExtension
import rep.proto.rc2.{ActionResult, CertId, Certificate, ChaincodeDeploy, ChaincodeId, Signer, TransactionResult}
import rep.sc.tpl.did.operation.SignerOperation
import rep.sc.tpl.did.operation.SignerOperation.SignerStatus
import scalapb.json4s.JsonFormat
import rep.sc.SandboxDispatcher.DoTransaction
import rep.utils.IdTool
import scala.collection.mutable
import scala.concurrent.duration._
import scala.io.BufferedSource
@ -65,29 +67,29 @@ class RdidSignrOperationSpec(_system: ActorSystem) extends TestKit(_system) with
val transactionTool = ctx.getTransactionBuilder
// 加载node1的私钥
ctx.getSignTool.loadPrivateKey(sysName, "123", s"${keyFileSuffix.substring(1)}/" + sysName + s"${keyFileSuffix}")
ctx.getSignTool.loadPrivateKey(sysName, "123", s"${keyFileSuffix.substring(1)}/${ctx.getConfig.getChainNetworkId}/" + sysName + s"${keyFileSuffix}")
// 加载super_admin的私钥
ctx.getSignTool.loadPrivateKey(superAdmin, "super_admin", s"${keyFileSuffix.substring(1)}/" + superAdmin + s"${keyFileSuffix}")
ctx.getSignTool.loadPrivateKey(superAdmin, "super_admin", s"${keyFileSuffix.substring(1)}/${ctx.getConfig.getChainNetworkId}/" + superAdmin + s"${keyFileSuffix}")
val cid = ChaincodeId("RdidOperateAuthorizeTPL", 1)
val certNode1: BufferedSource = scala.io.Source.fromFile(s"${keyFileSuffix.substring(1)}/certs/121000005l35120456.node1.cer")
val certNode1: BufferedSource = scala.io.Source.fromFile(s"${keyFileSuffix.substring(1)}/${ctx.getConfig.getChainNetworkId}/121000005l35120456.node1.cer")
val certStr1: String = try certNode1.mkString finally certNode1.close()
val certNode2: BufferedSource = scala.io.Source.fromFile(s"${keyFileSuffix.substring(1)}/certs/12110107bi45jh675g.node2.cer")
val certNode2: BufferedSource = scala.io.Source.fromFile(s"${keyFileSuffix.substring(1)}/${ctx.getConfig.getChainNetworkId}/12110107bi45jh675g.node2.cer")
val certStr2: String = try certNode2.mkString finally certNode2.close()
val certNode3: BufferedSource = scala.io.Source.fromFile(s"${keyFileSuffix.substring(1)}/certs/122000002n00123567.node3.cer")
val certNode3: BufferedSource = scala.io.Source.fromFile(s"${keyFileSuffix.substring(1)}/${ctx.getConfig.getChainNetworkId}/122000002n00123567.node3.cer")
val certStr3: String = try certNode3.mkString finally certNode3.close()
val certNode4: BufferedSource = scala.io.Source.fromFile(s"${keyFileSuffix.substring(1)}/certs/921000005k36123789.node4.cer")
val certNode4: BufferedSource = scala.io.Source.fromFile(s"${keyFileSuffix.substring(1)}/${ctx.getConfig.getChainNetworkId}/921000005k36123789.node4.cer")
val certStr4: String = try certNode4.mkString finally certNode4.close()
val certNode5: BufferedSource = scala.io.Source.fromFile(s"${keyFileSuffix.substring(1)}/certs/921000006e0012v696.node5.cer")
val certNode5: BufferedSource = scala.io.Source.fromFile(s"${keyFileSuffix.substring(1)}/${ctx.getConfig.getChainNetworkId}/921000006e0012v696.node5.cer")
val certStr5: String = try certNode5.mkString finally certNode5.close()
val certs: mutable.Map[String, String] = mutable.Map("node1" -> certStr1, "node2" -> certStr2, "node3" -> certStr3, "node4" -> certStr4, "node5" -> certStr5)
val node1Cert1 = Certificate(certStr1, "SHA256withECDSA", certValid = true, None, None, certType = Certificate.CertType.CERT_AUTHENTICATION, Some(CertId("121000005l35120456", "node1Cert1", "1")), ctx.getHashTool.hashstr(certStr1), "1")
val node1Cert2 = Certificate(certStr2, "SHA256withECDSA", certValid = true, None, None, Certificate.CertType.CERT_CUSTOM, Some(CertId("121000005l35120456", "node1Cert1", "1")), ctx.getHashTool.hashstr(certStr1), "1")
val node1Cert3 = Certificate(certStr2, "SHA256withECDSA", certValid = true, None, None, certType = Certificate.CertType.CERT_AUTHENTICATION, Some(CertId("121000005l35120456", "node1Cert1", "1")), ctx.getHashTool.hashstr(certStr1), "1")
val node1Cert4 = Certificate(certStr2, "SHA256withECDSA", certValid = true, None, None, certType = Certificate.CertType.CERT_AUTHENTICATION, Some(CertId("121000005l3512v587", "node1Cert1", "1")), ctx.getHashTool.hashstr(certStr2), "1")
val node1Cert5 = Certificate(certStr2, "SHA256withECDSA", certValid = true, None, None, certType = Certificate.CertType.CERT_AUTHENTICATION, Some(CertId("121000005l3512v123", "node1Cert1", "1")), ctx.getHashTool.hashstr(certStr2), "1")
val node1Cert1 = Certificate(certStr1, "SHA256withECDSA", certValid = true, None, None, certType = Certificate.CertType.CERT_AUTHENTICATION, Some(CertId("121000005l35120456", "node1Cert1", "1")), ctx.getHashTool.hashstr(IdTool.deleteLine(certStr1)), "1")
val node1Cert2 = Certificate(certStr2, "SHA256withECDSA", certValid = true, None, None, Certificate.CertType.CERT_CUSTOM, Some(CertId("121000005l35120456", "node1Cert1", "1")), ctx.getHashTool.hashstr(IdTool.deleteLine(certStr1)), "1")
val node1Cert3 = Certificate(certStr2, "SHA256withECDSA", certValid = true, None, None, certType = Certificate.CertType.CERT_AUTHENTICATION, Some(CertId("121000005l35120456", "node1Cert1", "1")), ctx.getHashTool.hashstr(IdTool.deleteLine(certStr1)), "1")
val node1Cert4 = Certificate(certStr2, "SHA256withECDSA", certValid = true, None, None, certType = Certificate.CertType.CERT_AUTHENTICATION, Some(CertId("121000005l3512v587", "node1Cert1", "1")), ctx.getHashTool.hashstr(IdTool.deleteLine(certStr2)), "1")
val node1Cert5 = Certificate(certStr2, "SHA256withECDSA", certValid = true, None, None, certType = Certificate.CertType.CERT_AUTHENTICATION, Some(CertId("121000005l3512v123", "node1Cert1", "1")), ctx.getHashTool.hashstr(IdTool.deleteLine(certStr2)), "1")
// 只有AuthCert
val node1AuthCerts1 = List(node1Cert1)