From 95d9626b0e969b2fba626e9db1938455976bb0e8 Mon Sep 17 00:00:00 2001 From: Miguel Angel Rojo Date: Mon, 8 Aug 2022 11:49:58 +0100 Subject: [PATCH] Enclave public key length constraint removed for private transactions (#4086) * removed constraint with the length of the privacy public key * refactor to include tessera ec encryptor * added EC snippet to the tessera json config, still need to replace base64string from web3j * acceptance tests working after modifying the web3j library to allow secp256r1 keys * using NACL encryptor by default * using web3j v4.9.4 and web3j-quorum v4.9.0 Signed-off-by: Miguel Rojo Co-authored-by: Antony Denyer --- .../privacy/PrivacyNodeFactory.java | 50 +++----- .../privacy/ParameterizedEnclaveTestBase.java | 16 ++- .../privacy/PrivacyAcceptanceTestBase.java | 3 - .../dsl/privacy/account/PrivacyAccount.java | 27 ++++- .../account/PrivacyAccountResolver.java | 113 +++++++++++------- .../BftPrivacyClusterAcceptanceTest.java | 54 +++++++-- ...loyPrivateSmartContractAcceptanceTest.java | 15 ++- .../privacy/EnclaveErrorAcceptanceTest.java | 45 +++++-- .../FlexiblePrivacyAcceptanceTest.java | 8 +- .../PluginPrivacySigningAcceptanceTest.java | 34 +++++- .../privacy/PrivCallAcceptanceTest.java | 10 +- ...tStateRootFlexibleGroupAcceptanceTest.java | 5 +- ...tStateRootOffchainGroupAcceptanceTest.java | 12 +- .../privacy/PrivGetCodeAcceptanceTest.java | 10 +- .../privacy/PrivGetLogsAcceptanceTest.java | 10 +- ...ivGetPrivateTransactionAcceptanceTest.java | 13 +- .../privacy/PrivacyClusterAcceptanceTest.java | 81 ++++++++++--- .../privacy/PrivacyGroupAcceptanceTest.java | 26 ++-- .../privacy/PrivacyReceiptAcceptanceTest.java | 10 +- ...vateContractPublicStateAcceptanceTest.java | 13 +- .../privacy/PrivateGenesisAcceptanceTest.java | 10 +- .../PrivateLogFilterAcceptanceTest.java | 10 +- .../FlexibleMultiTenancyAcceptanceTest.java | 7 +- .../org/hyperledger/besu/cli/BesuCommand.java | 4 - .../hyperledger/besu/cli/BesuCommandTest.java | 3 +- .../org/hyperledger/besu/enclave/Enclave.java | 4 +- .../besu/ethereum/core/PrivacyParameters.java | 12 +- .../testutil/EnclaveConfiguration.java | 7 ++ .../testutil/EnclaveEncryptorType.java | 44 +++++++ .../testutil/EnclaveKeyConfiguration.java | 15 ++- .../enclave/testutil/TesseraTestHarness.java | 6 +- .../testutil/TesseraTestHarnessFactory.java | 9 +- .../src/main/resources/enclave_ec_key_0.key | 1 + .../src/main/resources/enclave_ec_key_0.pub | 1 + .../src/main/resources/enclave_ec_key_1.key | 1 + .../src/main/resources/enclave_ec_key_1.pub | 1 + .../src/main/resources/enclave_ec_key_2.key | 1 + .../src/main/resources/enclave_ec_key_2.pub | 1 + 38 files changed, 493 insertions(+), 199 deletions(-) create mode 100644 testutil/src/main/java/org/hyperledger/enclave/testutil/EnclaveEncryptorType.java create mode 100644 testutil/src/main/resources/enclave_ec_key_0.key create mode 100644 testutil/src/main/resources/enclave_ec_key_0.pub create mode 100644 testutil/src/main/resources/enclave_ec_key_1.key create mode 100644 testutil/src/main/resources/enclave_ec_key_1.pub create mode 100644 testutil/src/main/resources/enclave_ec_key_2.key create mode 100644 testutil/src/main/resources/enclave_ec_key_2.pub diff --git a/acceptance-tests/dsl/src/main/java/org/hyperledger/besu/tests/acceptance/dsl/node/configuration/privacy/PrivacyNodeFactory.java b/acceptance-tests/dsl/src/main/java/org/hyperledger/besu/tests/acceptance/dsl/node/configuration/privacy/PrivacyNodeFactory.java index 57455e461..0d96b6c3f 100644 --- a/acceptance-tests/dsl/src/main/java/org/hyperledger/besu/tests/acceptance/dsl/node/configuration/privacy/PrivacyNodeFactory.java +++ b/acceptance-tests/dsl/src/main/java/org/hyperledger/besu/tests/acceptance/dsl/node/configuration/privacy/PrivacyNodeFactory.java @@ -48,16 +48,6 @@ public class PrivacyNodeFactory { return new PrivacyNode(privacyNodeConfig, vertx, enclaveType, containerNetwork); } - public PrivacyNode createPrivateTransactionEnabledMinerNode( - final String name, - final PrivacyAccount privacyAccount, - final EnclaveType enclaveType, - final Optional containerNetwork) - throws IOException { - return createPrivateTransactionEnabledMinerNode( - name, privacyAccount, enclaveType, containerNetwork, false, false, false); - } - public PrivacyNode createPrivateTransactionEnabledMinerNode( final String name, final PrivacyAccount privacyAccount, @@ -83,21 +73,13 @@ public class PrivacyNodeFactory { .extraCLIOptions(List.of("--plugin-privacy-service-encryption-prefix=0xAA")) .build(), new EnclaveKeyConfiguration( - privacyAccount.getEnclaveKeyPaths(), privacyAccount.getEnclavePrivateKeyPaths())), + privacyAccount.getEnclaveKeyPaths(), + privacyAccount.getEnclavePrivateKeyPaths(), + privacyAccount.getEnclaveEncryptorType())), enclaveType, containerNetwork); } - public PrivacyNode createPrivateTransactionEnabledNode( - final String name, - final PrivacyAccount privacyAccount, - final EnclaveType enclaveType, - final Optional containerNetwork) - throws IOException { - return createPrivateTransactionEnabledNode( - name, privacyAccount, enclaveType, containerNetwork, false, false, false); - } - public PrivacyNode createPrivateTransactionEnabledNode( final String name, final PrivacyAccount privacyAccount, @@ -122,21 +104,13 @@ public class PrivacyNodeFactory { .extraCLIOptions(List.of("--plugin-privacy-service-encryption-prefix=0xBB")) .build(), new EnclaveKeyConfiguration( - privacyAccount.getEnclaveKeyPaths(), privacyAccount.getEnclavePrivateKeyPaths())), + privacyAccount.getEnclaveKeyPaths(), + privacyAccount.getEnclavePrivateKeyPaths(), + privacyAccount.getEnclaveEncryptorType())), enclaveType, containerNetwork); } - public PrivacyNode createIbft2NodePrivacyEnabled( - final String name, - final PrivacyAccount privacyAccount, - final EnclaveType enclaveType, - final Optional containerNetwork) - throws IOException { - return createIbft2NodePrivacyEnabled( - name, privacyAccount, false, enclaveType, containerNetwork, false, false, false, "0xAA"); - } - public PrivacyNode createIbft2NodePrivacyEnabled( final String name, final PrivacyAccount privacyAccount, @@ -167,7 +141,9 @@ public class PrivacyNodeFactory { List.of("--plugin-privacy-service-encryption-prefix=" + unrestrictedPrefix)) .build(), new EnclaveKeyConfiguration( - privacyAccount.getEnclaveKeyPaths(), privacyAccount.getEnclavePrivateKeyPaths())), + privacyAccount.getEnclaveKeyPaths(), + privacyAccount.getEnclavePrivateKeyPaths(), + privacyAccount.getEnclaveEncryptorType())), enclaveType, containerNetwork); } @@ -204,7 +180,9 @@ public class PrivacyNodeFactory { "--plugin-privacy-service-genesis-enabled=true")) .build(), new EnclaveKeyConfiguration( - privacyAccount.getEnclaveKeyPaths(), privacyAccount.getEnclavePrivateKeyPaths())), + privacyAccount.getEnclaveKeyPaths(), + privacyAccount.getEnclavePrivateKeyPaths(), + privacyAccount.getEnclaveEncryptorType())), enclaveType, containerNetwork); } @@ -238,7 +216,9 @@ public class PrivacyNodeFactory { List.of("--plugin-privacy-service-encryption-prefix=" + unrestrictedPrefix)) .build(), new EnclaveKeyConfiguration( - privacyAccount.getEnclaveKeyPaths(), privacyAccount.getEnclavePrivateKeyPaths())), + privacyAccount.getEnclaveKeyPaths(), + privacyAccount.getEnclavePrivateKeyPaths(), + privacyAccount.getEnclaveEncryptorType())), enclaveType, containerNetwork); } diff --git a/acceptance-tests/dsl/src/main/java/org/hyperledger/besu/tests/acceptance/dsl/privacy/ParameterizedEnclaveTestBase.java b/acceptance-tests/dsl/src/main/java/org/hyperledger/besu/tests/acceptance/dsl/privacy/ParameterizedEnclaveTestBase.java index c9ecaa7a1..581fd7172 100644 --- a/acceptance-tests/dsl/src/main/java/org/hyperledger/besu/tests/acceptance/dsl/privacy/ParameterizedEnclaveTestBase.java +++ b/acceptance-tests/dsl/src/main/java/org/hyperledger/besu/tests/acceptance/dsl/privacy/ParameterizedEnclaveTestBase.java @@ -14,6 +14,8 @@ */ package org.hyperledger.besu.tests.acceptance.dsl.privacy; +import static org.hyperledger.enclave.testutil.EnclaveEncryptorType.EC; +import static org.hyperledger.enclave.testutil.EnclaveEncryptorType.NACL; import static org.hyperledger.enclave.testutil.EnclaveType.NOOP; import static org.hyperledger.enclave.testutil.EnclaveType.TESSERA; import static org.web3j.utils.Restriction.RESTRICTED; @@ -22,6 +24,7 @@ import static org.web3j.utils.Restriction.UNRESTRICTED; import org.hyperledger.besu.tests.acceptance.dsl.privacy.transaction.PluginCreateRandomPrivacyGroupIdTransaction; import org.hyperledger.besu.tests.acceptance.dsl.privacy.transaction.RestrictedCreatePrivacyGroupTransaction; import org.hyperledger.besu.tests.acceptance.dsl.transaction.Transaction; +import org.hyperledger.enclave.testutil.EnclaveEncryptorType; import org.hyperledger.enclave.testutil.EnclaveType; import java.util.Arrays; @@ -36,19 +39,24 @@ import org.web3j.utils.Restriction; public abstract class ParameterizedEnclaveTestBase extends PrivacyAcceptanceTestBase { protected final Restriction restriction; protected final EnclaveType enclaveType; + protected final EnclaveEncryptorType enclaveEncryptorType; protected ParameterizedEnclaveTestBase( - final Restriction restriction, final EnclaveType enclaveType) { + final Restriction restriction, + final EnclaveType enclaveType, + final EnclaveEncryptorType enclaveEncryptorType) { this.restriction = restriction; this.enclaveType = enclaveType; + this.enclaveEncryptorType = enclaveEncryptorType; } - @Parameters(name = "{0} tx with {1} enclave") + @Parameters(name = "{0} tx with {1} enclave and {2} encryptor type") public static Collection params() { return Arrays.asList( new Object[][] { - {RESTRICTED, TESSERA}, - {UNRESTRICTED, NOOP} + {RESTRICTED, TESSERA, NACL}, + {RESTRICTED, TESSERA, EC}, + {UNRESTRICTED, NOOP, EnclaveEncryptorType.NOOP} }); } diff --git a/acceptance-tests/dsl/src/main/java/org/hyperledger/besu/tests/acceptance/dsl/privacy/PrivacyAcceptanceTestBase.java b/acceptance-tests/dsl/src/main/java/org/hyperledger/besu/tests/acceptance/dsl/privacy/PrivacyAcceptanceTestBase.java index 5fe784573..8e12cbc7a 100644 --- a/acceptance-tests/dsl/src/main/java/org/hyperledger/besu/tests/acceptance/dsl/privacy/PrivacyAcceptanceTestBase.java +++ b/acceptance-tests/dsl/src/main/java/org/hyperledger/besu/tests/acceptance/dsl/privacy/PrivacyAcceptanceTestBase.java @@ -21,7 +21,6 @@ import org.hyperledger.besu.tests.acceptance.dsl.condition.eth.EthConditions; import org.hyperledger.besu.tests.acceptance.dsl.condition.net.NetConditions; import org.hyperledger.besu.tests.acceptance.dsl.condition.priv.PrivConditions; import org.hyperledger.besu.tests.acceptance.dsl.node.configuration.privacy.PrivacyNodeFactory; -import org.hyperledger.besu.tests.acceptance.dsl.privacy.account.PrivacyAccountResolver; import org.hyperledger.besu.tests.acceptance.dsl.privacy.condition.PrivateContractVerifier; import org.hyperledger.besu.tests.acceptance.dsl.privacy.condition.PrivateTransactionVerifier; import org.hyperledger.besu.tests.acceptance.dsl.privacy.contract.PrivateContractTransactions; @@ -47,7 +46,6 @@ public class PrivacyAcceptanceTestBase { protected final PrivateContractTransactions privateContractTransactions; protected final PrivConditions priv; protected final PrivacyCluster privacyCluster; - protected final PrivacyAccountResolver privacyAccountResolver; protected final ContractTransactions contractTransactions; protected final NetConditions net; protected final EthTransactions ethTransactions; @@ -63,7 +61,6 @@ public class PrivacyAcceptanceTestBase { privacyBesu = new PrivacyNodeFactory(vertx); privateContractTransactions = new PrivateContractTransactions(); privacyCluster = new PrivacyCluster(net); - privacyAccountResolver = new PrivacyAccountResolver(); priv = new PrivConditions( new org.hyperledger.besu.tests.acceptance.dsl.transaction.privacy diff --git a/acceptance-tests/dsl/src/main/java/org/hyperledger/besu/tests/acceptance/dsl/privacy/account/PrivacyAccount.java b/acceptance-tests/dsl/src/main/java/org/hyperledger/besu/tests/acceptance/dsl/privacy/account/PrivacyAccount.java index 07267342d..c246dd585 100644 --- a/acceptance-tests/dsl/src/main/java/org/hyperledger/besu/tests/acceptance/dsl/privacy/account/PrivacyAccount.java +++ b/acceptance-tests/dsl/src/main/java/org/hyperledger/besu/tests/acceptance/dsl/privacy/account/PrivacyAccount.java @@ -14,6 +14,8 @@ */ package org.hyperledger.besu.tests.acceptance.dsl.privacy.account; +import org.hyperledger.enclave.testutil.EnclaveEncryptorType; + import java.io.File; import java.net.URL; import java.util.Arrays; @@ -23,27 +25,38 @@ public class PrivacyAccount { private final URL privateKeyPath; private final URL[] enclaveKeyPaths; private final URL[] enclavePrivateKeyPaths; + private final EnclaveEncryptorType enclaveEncryptorType; private PrivacyAccount( final URL privateKeyPath, final URL[] enclavePublicKeyPaths, - final URL[] enclavePrivateKeyPaths) { + final URL[] enclavePrivateKeyPaths, + final EnclaveEncryptorType enclaveEncryptorType) { this.privateKeyPath = privateKeyPath; this.enclaveKeyPaths = enclavePublicKeyPaths; this.enclavePrivateKeyPaths = enclavePrivateKeyPaths; + this.enclaveEncryptorType = enclaveEncryptorType; } public static PrivacyAccount create( - final URL privateKeyPath, final URL enclavePublicKeyPath, final URL enclavePrivateKeyPath) { + final URL privateKeyPath, + final URL enclavePublicKeyPath, + final URL enclavePrivateKeyPath, + final EnclaveEncryptorType enclaveEncryptorType) { return new PrivacyAccount( - privateKeyPath, new URL[] {enclavePublicKeyPath}, new URL[] {enclavePrivateKeyPath}); + privateKeyPath, + new URL[] {enclavePublicKeyPath}, + new URL[] {enclavePrivateKeyPath}, + enclaveEncryptorType); } public static PrivacyAccount create( final URL privateKeyPath, final URL[] enclavePublicKeyPath, - final URL[] enclavePrivateKeyPath) { - return new PrivacyAccount(privateKeyPath, enclavePublicKeyPath, enclavePrivateKeyPath); + final URL[] enclavePrivateKeyPath, + final EnclaveEncryptorType enclaveEncryptorType) { + return new PrivacyAccount( + privateKeyPath, enclavePublicKeyPath, enclavePrivateKeyPath, enclaveEncryptorType); } public String getPrivateKeyPath() { @@ -62,6 +75,10 @@ public class PrivacyAccount { .toArray(String[]::new); } + public EnclaveEncryptorType getEnclaveEncryptorType() { + return enclaveEncryptorType; + } + private String toStringResource(final URL path) { return path.getPath().substring(path.getPath().lastIndexOf(File.separator) + 1); } diff --git a/acceptance-tests/dsl/src/main/java/org/hyperledger/besu/tests/acceptance/dsl/privacy/account/PrivacyAccountResolver.java b/acceptance-tests/dsl/src/main/java/org/hyperledger/besu/tests/acceptance/dsl/privacy/account/PrivacyAccountResolver.java index be349b8bf..7a6e26f7b 100644 --- a/acceptance-tests/dsl/src/main/java/org/hyperledger/besu/tests/acceptance/dsl/privacy/account/PrivacyAccountResolver.java +++ b/acceptance-tests/dsl/src/main/java/org/hyperledger/besu/tests/acceptance/dsl/privacy/account/PrivacyAccountResolver.java @@ -14,59 +14,88 @@ */ package org.hyperledger.besu.tests.acceptance.dsl.privacy.account; +import org.hyperledger.enclave.testutil.EnclaveEncryptorType; + import java.net.URL; /** Supplier of known funded accounts defined in dev.json */ -public class PrivacyAccountResolver { - - public static final PrivacyAccount ALICE = - PrivacyAccount.create( +public enum PrivacyAccountResolver { + ALICE { + @Override + public PrivacyAccount resolve(final EnclaveEncryptorType enclaveEncryptorType) { + return PrivacyAccount.create( resolveResource("key"), - resolveResource("enclave_key_0.pub"), - resolveResource("enclave_key_0.key")); - - public static final PrivacyAccount BOB = - PrivacyAccount.create( + enclaveEncryptorType.equals(EnclaveEncryptorType.EC) + ? resolveResource("enclave_ec_key_0.pub") + : resolveResource("enclave_key_0.pub"), + enclaveEncryptorType.equals(EnclaveEncryptorType.EC) + ? resolveResource("enclave_ec_key_0.key") + : resolveResource("enclave_key_0.key"), + enclaveEncryptorType); + } + }, + BOB { + @Override + public PrivacyAccount resolve(final EnclaveEncryptorType enclaveEncryptorType) { + return PrivacyAccount.create( resolveResource("key1"), - resolveResource("enclave_key_1.pub"), - resolveResource("enclave_key_1.key")); - - public static final PrivacyAccount CHARLIE = - PrivacyAccount.create( + enclaveEncryptorType.equals(EnclaveEncryptorType.EC) + ? resolveResource("enclave_ec_key_1.pub") + : resolveResource("enclave_key_1.pub"), + enclaveEncryptorType.equals(EnclaveEncryptorType.EC) + ? resolveResource("enclave_ec_key_1.key") + : resolveResource("enclave_key_1.key"), + enclaveEncryptorType); + } + }, + CHARLIE { + @Override + public PrivacyAccount resolve(final EnclaveEncryptorType enclaveEncryptorType) { + return PrivacyAccount.create( resolveResource("key2"), - resolveResource("enclave_key_2.pub"), - resolveResource("enclave_key_2.key")); - - public static final PrivacyAccount MULTI_TENANCY = - PrivacyAccount.create( + enclaveEncryptorType.equals(EnclaveEncryptorType.EC) + ? resolveResource("enclave_ec_key_2.pub") + : resolveResource("enclave_key_2.pub"), + enclaveEncryptorType.equals(EnclaveEncryptorType.EC) + ? resolveResource("enclave_ec_key_2.key") + : resolveResource("enclave_key_2.key"), + enclaveEncryptorType); + } + }, + MULTI_TENANCY { + @Override + public PrivacyAccount resolve(final EnclaveEncryptorType enclaveEncryptorType) { + return PrivacyAccount.create( resolveResource("key"), new URL[] { - resolveResource("enclave_key_0.pub"), - resolveResource("enclave_key_1.pub"), - resolveResource("enclave_key_2.pub") + enclaveEncryptorType.equals(EnclaveEncryptorType.EC) + ? resolveResource("enclave_ec_key_0.pub") + : resolveResource("enclave_key_0.pub"), + enclaveEncryptorType.equals(EnclaveEncryptorType.EC) + ? resolveResource("enclave_ec_key_1.pub") + : resolveResource("enclave_key_1.pub"), + enclaveEncryptorType.equals(EnclaveEncryptorType.EC) + ? resolveResource("enclave_ec_key_2.pub") + : resolveResource("enclave_key_2.pub") }, new URL[] { - resolveResource("enclave_key_0.key"), - resolveResource("enclave_key_1.key"), - resolveResource("enclave_key_2.key") - }); + enclaveEncryptorType.equals(EnclaveEncryptorType.EC) + ? resolveResource("enclave_ec_key_0.key") + : resolveResource("enclave_key_0.key"), + enclaveEncryptorType.equals(EnclaveEncryptorType.EC) + ? resolveResource("enclave_ec_key_1.key") + : resolveResource("enclave_key_1.key"), + enclaveEncryptorType.equals(EnclaveEncryptorType.EC) + ? resolveResource("enclave_ec_key_2.key") + : resolveResource("enclave_key_2.key") + }, + enclaveEncryptorType); + } + }; - private static URL resolveResource(final String resource) { + public abstract PrivacyAccount resolve(final EnclaveEncryptorType enclaveEncryptorType); + + URL resolveResource(final String resource) { return PrivacyAccountResolver.class.getClassLoader().getResource(resource); } - - public PrivacyAccountResolver() {} - - public PrivacyAccount resolve(final Integer account) { - switch (account) { - case 0: - return ALICE; - case 1: - return BOB; - case 2: - return CHARLIE; - default: - throw new RuntimeException("Unknown privacy account"); - } - } } diff --git a/acceptance-tests/tests/src/test/java/org/hyperledger/besu/tests/acceptance/privacy/BftPrivacyClusterAcceptanceTest.java b/acceptance-tests/tests/src/test/java/org/hyperledger/besu/tests/acceptance/privacy/BftPrivacyClusterAcceptanceTest.java index 5f47cc565..2baf1d1f5 100644 --- a/acceptance-tests/tests/src/test/java/org/hyperledger/besu/tests/acceptance/privacy/BftPrivacyClusterAcceptanceTest.java +++ b/acceptance-tests/tests/src/test/java/org/hyperledger/besu/tests/acceptance/privacy/BftPrivacyClusterAcceptanceTest.java @@ -16,8 +16,10 @@ package org.hyperledger.besu.tests.acceptance.privacy; import org.hyperledger.besu.tests.acceptance.dsl.privacy.PrivacyAcceptanceTestBase; import org.hyperledger.besu.tests.acceptance.dsl.privacy.PrivacyNode; +import org.hyperledger.besu.tests.acceptance.dsl.privacy.account.PrivacyAccountResolver; import org.hyperledger.besu.tests.acceptance.dsl.transaction.bft.ConsensusType; import org.hyperledger.besu.tests.web3j.generated.EventEmitter; +import org.hyperledger.enclave.testutil.EnclaveEncryptorType; import org.hyperledger.enclave.testutil.EnclaveType; import java.io.IOException; @@ -41,14 +43,17 @@ public class BftPrivacyClusterAcceptanceTest extends PrivacyAcceptanceTestBase { public static class BftPrivacyType { private final EnclaveType enclaveType; + private final EnclaveEncryptorType enclaveEncryptorType; private final ConsensusType consensusType; private final Restriction restriction; public BftPrivacyType( final EnclaveType enclaveType, + final EnclaveEncryptorType enclaveEncryptorType, final ConsensusType consensusType, final Restriction restriction) { this.enclaveType = enclaveType; + this.enclaveEncryptorType = enclaveEncryptorType; this.consensusType = consensusType; this.restriction = restriction; } @@ -56,7 +61,11 @@ public class BftPrivacyClusterAcceptanceTest extends PrivacyAcceptanceTestBase { @Override public String toString() { return String.join( - ",", enclaveType.toString(), consensusType.toString(), restriction.toString()); + ",", + enclaveType.toString(), + enclaveEncryptorType.toString(), + consensusType.toString(), + restriction.toString()); } } @@ -69,13 +78,21 @@ public class BftPrivacyClusterAcceptanceTest extends PrivacyAcceptanceTestBase { final List bftPrivacyTypes = new ArrayList<>(); for (EnclaveType x : EnclaveType.valuesForTests()) { for (ConsensusType consensusType : ConsensusType.values()) { - bftPrivacyTypes.add(new BftPrivacyType(x, consensusType, Restriction.RESTRICTED)); + bftPrivacyTypes.add( + new BftPrivacyType( + x, EnclaveEncryptorType.NACL, consensusType, Restriction.RESTRICTED)); + bftPrivacyTypes.add( + new BftPrivacyType(x, EnclaveEncryptorType.EC, consensusType, Restriction.RESTRICTED)); } } for (ConsensusType consensusType : ConsensusType.values()) { bftPrivacyTypes.add( - new BftPrivacyType(EnclaveType.NOOP, consensusType, Restriction.UNRESTRICTED)); + new BftPrivacyType( + EnclaveType.NOOP, + EnclaveEncryptorType.NOOP, + consensusType, + Restriction.UNRESTRICTED)); } return bftPrivacyTypes; @@ -102,7 +119,8 @@ public class BftPrivacyClusterAcceptanceTest extends PrivacyAcceptanceTestBase { if (bftPrivacyType.consensusType == ConsensusType.IBFT2) { return privacyBesu.createIbft2NodePrivacyEnabled( nodeName, - privacyAccountResolver.resolve(privacyAccount), + PrivacyAccountResolver.values()[privacyAccount].resolve( + bftPrivacyType.enclaveEncryptorType), true, bftPrivacyType.enclaveType, Optional.of(containerNetwork), @@ -113,7 +131,8 @@ public class BftPrivacyClusterAcceptanceTest extends PrivacyAcceptanceTestBase { } else if (bftPrivacyType.consensusType == ConsensusType.QBFT) { return privacyBesu.createQbftNodePrivacyEnabled( nodeName, - privacyAccountResolver.resolve(privacyAccount), + PrivacyAccountResolver.values()[privacyAccount].resolve( + bftPrivacyType.enclaveEncryptorType), bftPrivacyType.enclaveType, Optional.of(containerNetwork), false, @@ -128,7 +147,10 @@ public class BftPrivacyClusterAcceptanceTest extends PrivacyAcceptanceTestBase { @Test public void onlyAliceAndBobCanExecuteContract() { // Contract address is generated from sender address and transaction nonce - final String contractAddress = "0xebf56429e6500e84442467292183d4d621359838"; + final String contractAddress = + EnclaveEncryptorType.EC.equals(bftPrivacyType.enclaveEncryptorType) + ? "0x3e5d325a03ad3ce5640502219833d30b89ce3ce1" + : "0xebf56429e6500e84442467292183d4d621359838"; final EventEmitter eventEmitter = alice.execute( @@ -166,7 +188,10 @@ public class BftPrivacyClusterAcceptanceTest extends PrivacyAcceptanceTestBase { @Test public void aliceCanDeployMultipleTimesInSingleGroup() { - final String firstDeployedAddress = "0xebf56429e6500e84442467292183d4d621359838"; + final String firstDeployedAddress = + EnclaveEncryptorType.EC.equals(bftPrivacyType.enclaveEncryptorType) + ? "0x3e5d325a03ad3ce5640502219833d30b89ce3ce1" + : "0xebf56429e6500e84442467292183d4d621359838"; privacyCluster.stopNode(charlie); @@ -182,7 +207,10 @@ public class BftPrivacyClusterAcceptanceTest extends PrivacyAcceptanceTestBase { .validPrivateContractDeployed(firstDeployedAddress, alice.getAddress().toString()) .verify(firstEventEmitter); - final String secondDeployedAddress = "0x10f807f8a905da5bd319196da7523c6bd768690f"; + final String secondDeployedAddress = + EnclaveEncryptorType.EC.equals(bftPrivacyType.enclaveEncryptorType) + ? "0x5194e214fae257530710d18c868df7a295d9d53b" + : "0x10f807f8a905da5bd319196da7523c6bd768690f"; final EventEmitter secondEventEmitter = alice.execute( @@ -200,7 +228,10 @@ public class BftPrivacyClusterAcceptanceTest extends PrivacyAcceptanceTestBase { @Test public void canInteractWithMultiplePrivacyGroups() { // alice deploys contract - final String firstDeployedAddress = "0xff206d21150a8da5b83629d8a722f3135ed532b1"; + final String firstDeployedAddress = + EnclaveEncryptorType.EC.equals(bftPrivacyType.enclaveEncryptorType) + ? "0x760359bc605b3848f5199829bde6b382d90fb8eb" + : "0xff206d21150a8da5b83629d8a722f3135ed532b1"; final EventEmitter firstEventEmitter = alice.execute( @@ -240,7 +271,10 @@ public class BftPrivacyClusterAcceptanceTest extends PrivacyAcceptanceTestBase { firstTransactionHash, aliceReceipt)); // alice deploys second contract - final String secondDeployedAddress = "0xebf56429e6500e84442467292183d4d621359838"; + final String secondDeployedAddress = + EnclaveEncryptorType.EC.equals(bftPrivacyType.enclaveEncryptorType) + ? "0x3e5d325a03ad3ce5640502219833d30b89ce3ce1" + : "0xebf56429e6500e84442467292183d4d621359838"; final EventEmitter secondEventEmitter = alice.execute( diff --git a/acceptance-tests/tests/src/test/java/org/hyperledger/besu/tests/acceptance/privacy/DeployPrivateSmartContractAcceptanceTest.java b/acceptance-tests/tests/src/test/java/org/hyperledger/besu/tests/acceptance/privacy/DeployPrivateSmartContractAcceptanceTest.java index 97e6ee110..71aa618cd 100644 --- a/acceptance-tests/tests/src/test/java/org/hyperledger/besu/tests/acceptance/privacy/DeployPrivateSmartContractAcceptanceTest.java +++ b/acceptance-tests/tests/src/test/java/org/hyperledger/besu/tests/acceptance/privacy/DeployPrivateSmartContractAcceptanceTest.java @@ -20,6 +20,7 @@ import org.hyperledger.besu.tests.acceptance.dsl.privacy.ParameterizedEnclaveTes import org.hyperledger.besu.tests.acceptance.dsl.privacy.PrivacyNode; import org.hyperledger.besu.tests.acceptance.dsl.privacy.account.PrivacyAccountResolver; import org.hyperledger.besu.tests.web3j.generated.EventEmitter; +import org.hyperledger.enclave.testutil.EnclaveEncryptorType; import org.hyperledger.enclave.testutil.EnclaveType; import java.io.IOException; @@ -33,13 +34,16 @@ public class DeployPrivateSmartContractAcceptanceTest extends ParameterizedEncla private final PrivacyNode minerNode; public DeployPrivateSmartContractAcceptanceTest( - final Restriction restriction, final EnclaveType enclaveType) throws IOException { - super(restriction, enclaveType); + final Restriction restriction, + final EnclaveType enclaveType, + final EnclaveEncryptorType enclaveEncryptorType) + throws IOException { + super(restriction, enclaveType, enclaveEncryptorType); minerNode = privacyBesu.createPrivateTransactionEnabledMinerNode( restriction + "-node", - PrivacyAccountResolver.ALICE, + PrivacyAccountResolver.ALICE.resolve(enclaveEncryptorType), enclaveType, Optional.empty(), false, @@ -51,7 +55,10 @@ public class DeployPrivateSmartContractAcceptanceTest extends ParameterizedEncla @Test public void deployingMustGiveValidReceiptAndCode() throws Exception { - final String contractAddress = "0x89ce396d0f9f937ddfa71113e29b2081c4869555"; + final String contractAddress = + EnclaveEncryptorType.EC.equals(enclaveEncryptorType) + ? "0xfeeb2367e77e28f75fc3bcc55b70a535752db058" + : "0x89ce396d0f9f937ddfa71113e29b2081c4869555"; final EventEmitter eventEmitter = minerNode.execute( diff --git a/acceptance-tests/tests/src/test/java/org/hyperledger/besu/tests/acceptance/privacy/EnclaveErrorAcceptanceTest.java b/acceptance-tests/tests/src/test/java/org/hyperledger/besu/tests/acceptance/privacy/EnclaveErrorAcceptanceTest.java index c9e090019..7822768f1 100644 --- a/acceptance-tests/tests/src/test/java/org/hyperledger/besu/tests/acceptance/privacy/EnclaveErrorAcceptanceTest.java +++ b/acceptance-tests/tests/src/test/java/org/hyperledger/besu/tests/acceptance/privacy/EnclaveErrorAcceptanceTest.java @@ -16,15 +16,23 @@ package org.hyperledger.besu.tests.acceptance.privacy; import static org.assertj.core.api.Assertions.catchThrowable; import static org.assertj.core.api.AssertionsForClassTypes.assertThat; +import static org.hyperledger.enclave.testutil.EnclaveEncryptorType.EC; +import static org.hyperledger.enclave.testutil.EnclaveEncryptorType.NACL; +import static org.hyperledger.enclave.testutil.EnclaveType.TESSERA; import org.hyperledger.besu.ethereum.api.jsonrpc.internal.response.JsonRpcError; import org.hyperledger.besu.tests.acceptance.dsl.privacy.PrivacyAcceptanceTestBase; import org.hyperledger.besu.tests.acceptance.dsl.privacy.PrivacyNode; +import org.hyperledger.besu.tests.acceptance.dsl.privacy.account.PrivacyAccountResolver; import org.hyperledger.besu.tests.web3j.generated.EventEmitter; +import org.hyperledger.enclave.testutil.EnclaveEncryptorType; import org.hyperledger.enclave.testutil.EnclaveType; import java.io.IOException; import java.math.BigInteger; +import java.security.KeyPairGenerator; +import java.security.spec.ECGenParameterSpec; +import java.util.Arrays; import java.util.Base64; import java.util.Collection; import java.util.Optional; @@ -47,19 +55,25 @@ public class EnclaveErrorAcceptanceTest extends PrivacyAcceptanceTestBase { private final PrivacyNode bob; private final String wrongPublicKey; - @Parameters(name = "{0}") - public static Collection enclaveTypes() { - return EnclaveType.valuesForTests(); + @Parameters(name = "{0} enclave type with {1} encryptor") + public static Collection enclaveParameters() { + return Arrays.asList( + new Object[][] { + {TESSERA, NACL}, + {TESSERA, EC} + }); } - public EnclaveErrorAcceptanceTest(final EnclaveType enclaveType) throws IOException { + public EnclaveErrorAcceptanceTest( + final EnclaveType enclaveType, final EnclaveEncryptorType enclaveEncryptorType) + throws IOException { final Network containerNetwork = Network.newNetwork(); alice = privacyBesu.createIbft2NodePrivacyEnabled( "node1", - privacyAccountResolver.resolve(0), + PrivacyAccountResolver.ALICE.resolve(enclaveEncryptorType), false, enclaveType, Optional.of(containerNetwork), @@ -70,7 +84,7 @@ public class EnclaveErrorAcceptanceTest extends PrivacyAcceptanceTestBase { bob = privacyBesu.createIbft2NodePrivacyEnabled( "node2", - privacyAccountResolver.resolve(1), + PrivacyAccountResolver.BOB.resolve(enclaveEncryptorType), false, enclaveType, Optional.of(containerNetwork), @@ -80,8 +94,12 @@ public class EnclaveErrorAcceptanceTest extends PrivacyAcceptanceTestBase { "0xBB"); privacyCluster.start(alice, bob); - wrongPublicKey = - Base64.getEncoder().encodeToString(Box.KeyPair.random().publicKey().bytesArray()); + final byte[] wrongPublicKeyBytes = + EnclaveEncryptorType.EC.equals(enclaveEncryptorType) + ? getSECP256r1PublicKeyByteArray() + : Box.KeyPair.random().publicKey().bytesArray(); + + wrongPublicKey = Base64.getEncoder().encodeToString(wrongPublicKeyBytes); } @Test @@ -205,4 +223,15 @@ public class EnclaveErrorAcceptanceTest extends PrivacyAcceptanceTestBase { message -> message.contains(enclaveMessage), "Message did not match Tessera expected output"); } + + private byte[] getSECP256r1PublicKeyByteArray() { + try { + final KeyPairGenerator keyGen = KeyPairGenerator.getInstance("EC"); + final ECGenParameterSpec spec = new ECGenParameterSpec("secp256r1"); + keyGen.initialize(spec); + return keyGen.generateKeyPair().getPublic().getEncoded(); + } catch (Exception exception) { + return new byte[0]; + } + } } diff --git a/acceptance-tests/tests/src/test/java/org/hyperledger/besu/tests/acceptance/privacy/FlexiblePrivacyAcceptanceTest.java b/acceptance-tests/tests/src/test/java/org/hyperledger/besu/tests/acceptance/privacy/FlexiblePrivacyAcceptanceTest.java index 2db988787..d64f73d2a 100644 --- a/acceptance-tests/tests/src/test/java/org/hyperledger/besu/tests/acceptance/privacy/FlexiblePrivacyAcceptanceTest.java +++ b/acceptance-tests/tests/src/test/java/org/hyperledger/besu/tests/acceptance/privacy/FlexiblePrivacyAcceptanceTest.java @@ -21,8 +21,10 @@ import static org.junit.runners.Parameterized.Parameters; import org.hyperledger.besu.tests.acceptance.dsl.condition.eth.EthConditions; import org.hyperledger.besu.tests.acceptance.dsl.privacy.PrivacyNode; +import org.hyperledger.besu.tests.acceptance.dsl.privacy.account.PrivacyAccountResolver; import org.hyperledger.besu.tests.acceptance.dsl.transaction.miner.MinerTransactions; import org.hyperledger.besu.tests.web3j.generated.EventEmitter; +import org.hyperledger.enclave.testutil.EnclaveEncryptorType; import org.hyperledger.enclave.testutil.EnclaveType; import java.math.BigInteger; @@ -80,21 +82,21 @@ public class FlexiblePrivacyAcceptanceTest extends FlexiblePrivacyAcceptanceTest alice = privacyBesu.createFlexiblePrivacyGroupEnabledMinerNode( "node1", - privacyAccountResolver.resolve(0), + PrivacyAccountResolver.ALICE.resolve(EnclaveEncryptorType.NACL), false, enclaveType, Optional.of(containerNetwork)); bob = privacyBesu.createFlexiblePrivacyGroupEnabledNode( "node2", - privacyAccountResolver.resolve(1), + PrivacyAccountResolver.BOB.resolve(EnclaveEncryptorType.NACL), false, enclaveType, Optional.of(containerNetwork)); charlie = privacyBesu.createFlexiblePrivacyGroupEnabledNode( "node3", - privacyAccountResolver.resolve(2), + PrivacyAccountResolver.CHARLIE.resolve(EnclaveEncryptorType.NACL), false, enclaveType, Optional.of(containerNetwork)); diff --git a/acceptance-tests/tests/src/test/java/org/hyperledger/besu/tests/acceptance/privacy/PluginPrivacySigningAcceptanceTest.java b/acceptance-tests/tests/src/test/java/org/hyperledger/besu/tests/acceptance/privacy/PluginPrivacySigningAcceptanceTest.java index acc3389b9..68d5117fd 100644 --- a/acceptance-tests/tests/src/test/java/org/hyperledger/besu/tests/acceptance/privacy/PluginPrivacySigningAcceptanceTest.java +++ b/acceptance-tests/tests/src/test/java/org/hyperledger/besu/tests/acceptance/privacy/PluginPrivacySigningAcceptanceTest.java @@ -15,33 +15,56 @@ package org.hyperledger.besu.tests.acceptance.privacy; import static org.assertj.core.api.Assertions.assertThat; -import static org.hyperledger.besu.tests.acceptance.dsl.privacy.account.PrivacyAccountResolver.BOB; import org.hyperledger.besu.tests.acceptance.dsl.node.configuration.BesuNodeConfigurationBuilder; import org.hyperledger.besu.tests.acceptance.dsl.node.configuration.privacy.PrivacyNodeConfiguration; import org.hyperledger.besu.tests.acceptance.dsl.privacy.PrivacyAcceptanceTestBase; import org.hyperledger.besu.tests.acceptance.dsl.privacy.PrivacyNode; +import org.hyperledger.besu.tests.acceptance.dsl.privacy.account.PrivacyAccount; +import org.hyperledger.besu.tests.acceptance.dsl.privacy.account.PrivacyAccountResolver; import org.hyperledger.besu.tests.web3j.generated.EventEmitter; +import org.hyperledger.enclave.testutil.EnclaveEncryptorType; import org.hyperledger.enclave.testutil.EnclaveKeyConfiguration; import org.hyperledger.enclave.testutil.EnclaveType; import java.io.IOException; import java.math.BigInteger; +import java.util.Arrays; +import java.util.Collection; import java.util.Collections; import java.util.List; import java.util.Optional; +import java.util.stream.Collectors; import org.junit.Before; import org.junit.Test; +import org.junit.runner.RunWith; +import org.junit.runners.Parameterized; import org.web3j.protocol.core.DefaultBlockParameter; import org.web3j.protocol.core.methods.response.EthBlock.Block; import org.web3j.protocol.core.methods.response.TransactionReceipt; +@RunWith(Parameterized.class) public class PluginPrivacySigningAcceptanceTest extends PrivacyAcceptanceTestBase { private PrivacyNode minerNode; + private final EnclaveEncryptorType enclaveEncryptorType; + + public PluginPrivacySigningAcceptanceTest(final EnclaveEncryptorType enclaveEncryptorType) { + this.enclaveEncryptorType = enclaveEncryptorType; + } + + @Parameterized.Parameters(name = "{0}") + public static Collection enclaveEncryptorTypes() { + return Arrays.stream(EnclaveEncryptorType.values()) + .filter(encryptorType -> !EnclaveEncryptorType.NOOP.equals(encryptorType)) + .collect(Collectors.toList()); + } + @Before public void setup() throws IOException { + final PrivacyAccount BOB = PrivacyAccountResolver.BOB.resolve(enclaveEncryptorType); + minerNode = privacyBesu.create( new PrivacyNodeConfiguration( @@ -63,7 +86,9 @@ public class PluginPrivacySigningAcceptanceTest extends PrivacyAcceptanceTestBas "--plugin-privacy-service-signing-key=8f2a55949038a9610f50fb23b5883af3b4ecb3c3bb792cbcefbd1542c692be63")) .build(), new EnclaveKeyConfiguration( - BOB.getEnclaveKeyPaths(), BOB.getEnclavePrivateKeyPaths())), + BOB.getEnclaveKeyPaths(), + BOB.getEnclavePrivateKeyPaths(), + BOB.getEnclaveEncryptorType())), EnclaveType.NOOP, Optional.empty()); @@ -72,7 +97,10 @@ public class PluginPrivacySigningAcceptanceTest extends PrivacyAcceptanceTestBas @Test public void canDeployContractSignedByPlugin() throws Exception { - final String contractAddress = "0xd0152772c54cecfa7684f09f7616dcc825545dff"; + final String contractAddress = + EnclaveEncryptorType.EC.equals(enclaveEncryptorType) + ? "0xf01ec73d91fdeb8bb9388ec74e6a3981da86e021" + : "0xd0152772c54cecfa7684f09f7616dcc825545dff"; final EventEmitter eventEmitter = minerNode.execute( diff --git a/acceptance-tests/tests/src/test/java/org/hyperledger/besu/tests/acceptance/privacy/PrivCallAcceptanceTest.java b/acceptance-tests/tests/src/test/java/org/hyperledger/besu/tests/acceptance/privacy/PrivCallAcceptanceTest.java index cf5adbb94..b2c9c3bda 100644 --- a/acceptance-tests/tests/src/test/java/org/hyperledger/besu/tests/acceptance/privacy/PrivCallAcceptanceTest.java +++ b/acceptance-tests/tests/src/test/java/org/hyperledger/besu/tests/acceptance/privacy/PrivCallAcceptanceTest.java @@ -22,6 +22,7 @@ import org.hyperledger.besu.tests.acceptance.dsl.privacy.ParameterizedEnclaveTes import org.hyperledger.besu.tests.acceptance.dsl.privacy.PrivacyNode; import org.hyperledger.besu.tests.acceptance.dsl.privacy.account.PrivacyAccountResolver; import org.hyperledger.besu.tests.web3j.generated.EventEmitter; +import org.hyperledger.enclave.testutil.EnclaveEncryptorType; import org.hyperledger.enclave.testutil.EnclaveType; import java.io.IOException; @@ -53,15 +54,18 @@ public class PrivCallAcceptanceTest extends ParameterizedEnclaveTestBase { private final PrivacyNode minerNode; - public PrivCallAcceptanceTest(final Restriction restriction, final EnclaveType enclaveType) + public PrivCallAcceptanceTest( + final Restriction restriction, + final EnclaveType enclaveType, + final EnclaveEncryptorType enclaveEncryptorType) throws IOException { - super(restriction, enclaveType); + super(restriction, enclaveType, enclaveEncryptorType); minerNode = privacyBesu.createPrivateTransactionEnabledMinerNode( restriction + "-node", - PrivacyAccountResolver.ALICE, + PrivacyAccountResolver.ALICE.resolve(enclaveEncryptorType), enclaveType, Optional.empty(), false, diff --git a/acceptance-tests/tests/src/test/java/org/hyperledger/besu/tests/acceptance/privacy/PrivDebugGetStateRootFlexibleGroupAcceptanceTest.java b/acceptance-tests/tests/src/test/java/org/hyperledger/besu/tests/acceptance/privacy/PrivDebugGetStateRootFlexibleGroupAcceptanceTest.java index e8aef87f3..59973fd00 100644 --- a/acceptance-tests/tests/src/test/java/org/hyperledger/besu/tests/acceptance/privacy/PrivDebugGetStateRootFlexibleGroupAcceptanceTest.java +++ b/acceptance-tests/tests/src/test/java/org/hyperledger/besu/tests/acceptance/privacy/PrivDebugGetStateRootFlexibleGroupAcceptanceTest.java @@ -21,6 +21,7 @@ import org.hyperledger.besu.tests.acceptance.dsl.privacy.PrivacyNode; import org.hyperledger.besu.tests.acceptance.dsl.privacy.account.PrivacyAccountResolver; import org.hyperledger.besu.tests.acceptance.dsl.transaction.privacy.PrivacyRequestFactory; import org.hyperledger.besu.tests.web3j.generated.EventEmitter; +import org.hyperledger.enclave.testutil.EnclaveEncryptorType; import org.hyperledger.enclave.testutil.EnclaveType; import java.io.IOException; @@ -62,14 +63,14 @@ public class PrivDebugGetStateRootFlexibleGroupAcceptanceTest aliceNode = privacyBesu.createFlexiblePrivacyGroupEnabledMinerNode( "alice-node", - PrivacyAccountResolver.ALICE, + PrivacyAccountResolver.ALICE.resolve(EnclaveEncryptorType.NACL), false, enclaveType, Optional.of(containerNetwork)); bobNode = privacyBesu.createFlexiblePrivacyGroupEnabledNode( "bob-node", - PrivacyAccountResolver.BOB, + PrivacyAccountResolver.BOB.resolve(EnclaveEncryptorType.NACL), false, enclaveType, Optional.of(containerNetwork)); diff --git a/acceptance-tests/tests/src/test/java/org/hyperledger/besu/tests/acceptance/privacy/PrivDebugGetStateRootOffchainGroupAcceptanceTest.java b/acceptance-tests/tests/src/test/java/org/hyperledger/besu/tests/acceptance/privacy/PrivDebugGetStateRootOffchainGroupAcceptanceTest.java index 2d1b83e43..92643446d 100644 --- a/acceptance-tests/tests/src/test/java/org/hyperledger/besu/tests/acceptance/privacy/PrivDebugGetStateRootOffchainGroupAcceptanceTest.java +++ b/acceptance-tests/tests/src/test/java/org/hyperledger/besu/tests/acceptance/privacy/PrivDebugGetStateRootOffchainGroupAcceptanceTest.java @@ -22,6 +22,7 @@ import org.hyperledger.besu.tests.acceptance.dsl.privacy.ParameterizedEnclaveTes import org.hyperledger.besu.tests.acceptance.dsl.privacy.PrivacyNode; import org.hyperledger.besu.tests.acceptance.dsl.privacy.account.PrivacyAccountResolver; import org.hyperledger.besu.tests.acceptance.dsl.transaction.privacy.PrivacyRequestFactory; +import org.hyperledger.enclave.testutil.EnclaveEncryptorType; import org.hyperledger.enclave.testutil.EnclaveType; import java.io.IOException; @@ -38,16 +39,19 @@ public class PrivDebugGetStateRootOffchainGroupAcceptanceTest extends Parameteri private final PrivacyNode bobNode; public PrivDebugGetStateRootOffchainGroupAcceptanceTest( - final Restriction restriction, final EnclaveType enclaveType) throws IOException { + final Restriction restriction, + final EnclaveType enclaveType, + final EnclaveEncryptorType enclaveEncryptorType) + throws IOException { - super(restriction, enclaveType); + super(restriction, enclaveType, enclaveEncryptorType); final Network containerNetwork = Network.newNetwork(); aliceNode = privacyBesu.createIbft2NodePrivacyEnabled( "alice-node", - PrivacyAccountResolver.ALICE, + PrivacyAccountResolver.ALICE.resolve(enclaveEncryptorType), false, enclaveType, Optional.of(containerNetwork), @@ -58,7 +62,7 @@ public class PrivDebugGetStateRootOffchainGroupAcceptanceTest extends Parameteri bobNode = privacyBesu.createIbft2NodePrivacyEnabled( "bob-node", - PrivacyAccountResolver.BOB, + PrivacyAccountResolver.BOB.resolve(enclaveEncryptorType), false, enclaveType, Optional.of(containerNetwork), diff --git a/acceptance-tests/tests/src/test/java/org/hyperledger/besu/tests/acceptance/privacy/PrivGetCodeAcceptanceTest.java b/acceptance-tests/tests/src/test/java/org/hyperledger/besu/tests/acceptance/privacy/PrivGetCodeAcceptanceTest.java index f2bb0399c..c08006f69 100644 --- a/acceptance-tests/tests/src/test/java/org/hyperledger/besu/tests/acceptance/privacy/PrivGetCodeAcceptanceTest.java +++ b/acceptance-tests/tests/src/test/java/org/hyperledger/besu/tests/acceptance/privacy/PrivGetCodeAcceptanceTest.java @@ -22,6 +22,7 @@ import org.hyperledger.besu.tests.acceptance.dsl.privacy.ParameterizedEnclaveTes import org.hyperledger.besu.tests.acceptance.dsl.privacy.PrivacyNode; import org.hyperledger.besu.tests.acceptance.dsl.privacy.account.PrivacyAccountResolver; import org.hyperledger.besu.tests.web3j.generated.EventEmitter; +import org.hyperledger.enclave.testutil.EnclaveEncryptorType; import org.hyperledger.enclave.testutil.EnclaveType; import java.io.IOException; @@ -35,15 +36,18 @@ public class PrivGetCodeAcceptanceTest extends ParameterizedEnclaveTestBase { private final PrivacyNode alice; - public PrivGetCodeAcceptanceTest(final Restriction restriction, final EnclaveType enclaveType) + public PrivGetCodeAcceptanceTest( + final Restriction restriction, + final EnclaveType enclaveType, + final EnclaveEncryptorType enclaveEncryptorType) throws IOException { - super(restriction, enclaveType); + super(restriction, enclaveType, enclaveEncryptorType); alice = privacyBesu.createPrivateTransactionEnabledMinerNode( restriction + "-node", - PrivacyAccountResolver.ALICE, + PrivacyAccountResolver.ALICE.resolve(enclaveEncryptorType), enclaveType, Optional.empty(), false, diff --git a/acceptance-tests/tests/src/test/java/org/hyperledger/besu/tests/acceptance/privacy/PrivGetLogsAcceptanceTest.java b/acceptance-tests/tests/src/test/java/org/hyperledger/besu/tests/acceptance/privacy/PrivGetLogsAcceptanceTest.java index c97eb3966..62519385a 100644 --- a/acceptance-tests/tests/src/test/java/org/hyperledger/besu/tests/acceptance/privacy/PrivGetLogsAcceptanceTest.java +++ b/acceptance-tests/tests/src/test/java/org/hyperledger/besu/tests/acceptance/privacy/PrivGetLogsAcceptanceTest.java @@ -22,6 +22,7 @@ import org.hyperledger.besu.tests.acceptance.dsl.privacy.PrivacyNode; import org.hyperledger.besu.tests.acceptance.dsl.privacy.account.PrivacyAccountResolver; import org.hyperledger.besu.tests.acceptance.dsl.privacy.util.LogFilterJsonParameter; import org.hyperledger.besu.tests.web3j.generated.EventEmitter; +import org.hyperledger.enclave.testutil.EnclaveEncryptorType; import org.hyperledger.enclave.testutil.EnclaveType; import java.io.IOException; @@ -45,15 +46,18 @@ public class PrivGetLogsAcceptanceTest extends ParameterizedEnclaveTestBase { private final PrivacyNode node; - public PrivGetLogsAcceptanceTest(final Restriction restriction, final EnclaveType enclaveType) + public PrivGetLogsAcceptanceTest( + final Restriction restriction, + final EnclaveType enclaveType, + final EnclaveEncryptorType enclaveEncryptorType) throws IOException { - super(restriction, enclaveType); + super(restriction, enclaveType, enclaveEncryptorType); node = privacyBesu.createPrivateTransactionEnabledMinerNode( restriction + "-node", - PrivacyAccountResolver.ALICE, + PrivacyAccountResolver.ALICE.resolve(enclaveEncryptorType), enclaveType, Optional.empty(), false, diff --git a/acceptance-tests/tests/src/test/java/org/hyperledger/besu/tests/acceptance/privacy/PrivGetPrivateTransactionAcceptanceTest.java b/acceptance-tests/tests/src/test/java/org/hyperledger/besu/tests/acceptance/privacy/PrivGetPrivateTransactionAcceptanceTest.java index f39596105..91896761d 100644 --- a/acceptance-tests/tests/src/test/java/org/hyperledger/besu/tests/acceptance/privacy/PrivGetPrivateTransactionAcceptanceTest.java +++ b/acceptance-tests/tests/src/test/java/org/hyperledger/besu/tests/acceptance/privacy/PrivGetPrivateTransactionAcceptanceTest.java @@ -23,7 +23,9 @@ import org.hyperledger.besu.ethereum.privacy.PrivateTransaction; import org.hyperledger.besu.ethereum.rlp.BytesValueRLPOutput; import org.hyperledger.besu.tests.acceptance.dsl.privacy.ParameterizedEnclaveTestBase; import org.hyperledger.besu.tests.acceptance.dsl.privacy.PrivacyNode; +import org.hyperledger.besu.tests.acceptance.dsl.privacy.account.PrivacyAccountResolver; import org.hyperledger.besu.tests.acceptance.dsl.transaction.Transaction; +import org.hyperledger.enclave.testutil.EnclaveEncryptorType; import org.hyperledger.enclave.testutil.EnclaveType; import java.io.IOException; @@ -40,16 +42,19 @@ public class PrivGetPrivateTransactionAcceptanceTest extends ParameterizedEnclav private final PrivacyNode bob; public PrivGetPrivateTransactionAcceptanceTest( - final Restriction restriction, final EnclaveType enclaveType) throws IOException { + final Restriction restriction, + final EnclaveType enclaveType, + final EnclaveEncryptorType enclaveEncryptorType) + throws IOException { - super(restriction, enclaveType); + super(restriction, enclaveType, enclaveEncryptorType); final Network containerNetwork = Network.newNetwork(); alice = privacyBesu.createIbft2NodePrivacyEnabled( "node1", - privacyAccountResolver.resolve(0), + PrivacyAccountResolver.ALICE.resolve(enclaveEncryptorType), false, enclaveType, Optional.of(containerNetwork), @@ -60,7 +65,7 @@ public class PrivGetPrivateTransactionAcceptanceTest extends ParameterizedEnclav bob = privacyBesu.createIbft2NodePrivacyEnabled( "node2", - privacyAccountResolver.resolve(1), + PrivacyAccountResolver.BOB.resolve(enclaveEncryptorType), false, enclaveType, Optional.of(containerNetwork), diff --git a/acceptance-tests/tests/src/test/java/org/hyperledger/besu/tests/acceptance/privacy/PrivacyClusterAcceptanceTest.java b/acceptance-tests/tests/src/test/java/org/hyperledger/besu/tests/acceptance/privacy/PrivacyClusterAcceptanceTest.java index 5f10b1e0c..1284daf91 100644 --- a/acceptance-tests/tests/src/test/java/org/hyperledger/besu/tests/acceptance/privacy/PrivacyClusterAcceptanceTest.java +++ b/acceptance-tests/tests/src/test/java/org/hyperledger/besu/tests/acceptance/privacy/PrivacyClusterAcceptanceTest.java @@ -16,6 +16,9 @@ package org.hyperledger.besu.tests.acceptance.privacy; import static org.assertj.core.api.Assertions.assertThat; import static org.hyperledger.besu.ethereum.core.PrivacyParameters.DEFAULT_PRIVACY; +import static org.hyperledger.enclave.testutil.EnclaveEncryptorType.EC; +import static org.hyperledger.enclave.testutil.EnclaveEncryptorType.NACL; +import static org.hyperledger.enclave.testutil.EnclaveType.TESSERA; import static org.web3j.utils.Restriction.RESTRICTED; import org.hyperledger.besu.enclave.Enclave; @@ -23,12 +26,15 @@ import org.hyperledger.besu.enclave.EnclaveFactory; import org.hyperledger.besu.enclave.types.ReceiveResponse; import org.hyperledger.besu.tests.acceptance.dsl.privacy.PrivacyAcceptanceTestBase; import org.hyperledger.besu.tests.acceptance.dsl.privacy.PrivacyNode; +import org.hyperledger.besu.tests.acceptance.dsl.privacy.account.PrivacyAccountResolver; import org.hyperledger.besu.tests.web3j.generated.EventEmitter; +import org.hyperledger.enclave.testutil.EnclaveEncryptorType; import org.hyperledger.enclave.testutil.EnclaveType; import java.io.IOException; import java.math.BigInteger; import java.util.ArrayList; +import java.util.Arrays; import java.util.Collection; import java.util.Collections; import java.util.Optional; @@ -56,20 +62,28 @@ public class PrivacyClusterAcceptanceTest extends PrivacyAcceptanceTestBase { private final PrivacyNode alice; private final PrivacyNode bob; private final PrivacyNode charlie; + private final EnclaveEncryptorType enclaveEncryptorType; private final Vertx vertx = Vertx.vertx(); private final EnclaveFactory enclaveFactory = new EnclaveFactory(vertx); - @Parameters(name = "{0}") - public static Collection enclaveTypes() { - return EnclaveType.valuesForTests(); + @Parameters(name = "{0} enclave type with {1} encryptor") + public static Collection enclaveParameters() { + return Arrays.asList( + new Object[][] { + {TESSERA, NACL}, + {TESSERA, EC} + }); } - public PrivacyClusterAcceptanceTest(final EnclaveType enclaveType) throws IOException { + public PrivacyClusterAcceptanceTest( + final EnclaveType enclaveType, final EnclaveEncryptorType enclaveEncryptorType) + throws IOException { + this.enclaveEncryptorType = enclaveEncryptorType; final Network containerNetwork = Network.newNetwork(); alice = privacyBesu.createPrivateTransactionEnabledMinerNode( "node1", - privacyAccountResolver.resolve(0), + PrivacyAccountResolver.ALICE.resolve(enclaveEncryptorType), enclaveType, Optional.of(containerNetwork), false, @@ -78,7 +92,7 @@ public class PrivacyClusterAcceptanceTest extends PrivacyAcceptanceTestBase { bob = privacyBesu.createPrivateTransactionEnabledNode( "node2", - privacyAccountResolver.resolve(1), + PrivacyAccountResolver.BOB.resolve(enclaveEncryptorType), enclaveType, Optional.of(containerNetwork), false, @@ -87,7 +101,7 @@ public class PrivacyClusterAcceptanceTest extends PrivacyAcceptanceTestBase { charlie = privacyBesu.createPrivateTransactionEnabledNode( "node3", - privacyAccountResolver.resolve(2), + PrivacyAccountResolver.CHARLIE.resolve(enclaveEncryptorType), enclaveType, Optional.of(containerNetwork), false, @@ -104,7 +118,10 @@ public class PrivacyClusterAcceptanceTest extends PrivacyAcceptanceTestBase { @Test public void onlyAliceAndBobCanExecuteContract() { // Contract address is generated from sender address and transaction nonce - final String contractAddress = "0xebf56429e6500e84442467292183d4d621359838"; + final String contractAddress = + EnclaveEncryptorType.EC.equals(enclaveEncryptorType) + ? "0x3e5d325a03ad3ce5640502219833d30b89ce3ce1" + : "0xebf56429e6500e84442467292183d4d621359838"; final EventEmitter eventEmitter = alice.execute( @@ -162,7 +179,10 @@ public class PrivacyClusterAcceptanceTest extends PrivacyAcceptanceTestBase { @Test public void aliceCanUsePrivDistributeTransaction() { // Contract address is generated from sender address and transaction nonce - final String contractAddress = "0xebf56429e6500e84442467292183d4d621359838"; + final String contractAddress = + EnclaveEncryptorType.EC.equals(enclaveEncryptorType) + ? "0x3e5d325a03ad3ce5640502219833d30b89ce3ce1" + : "0xebf56429e6500e84442467292183d4d621359838"; final RawPrivateTransaction rawPrivateTransaction = RawPrivateTransaction.createContractTransaction( @@ -208,6 +228,22 @@ public class PrivacyClusterAcceptanceTest extends PrivacyAcceptanceTestBase { final String transactionHash = alice.execute(ethTransactions.sendRawTransaction(signedPmt)); + final String receiptPrivateFrom = + EnclaveEncryptorType.EC.equals(enclaveEncryptorType) + ? "MFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAES8nC4qT/KdoAoTSF3qs/47DUsDihyVbWiRjZAiyvqp9eSDkqV1RzlM+58oOwnpFRwvWNZM+AxMVxT+MvxdsqMA==" + : "A1aVtMxLCUHmBVHXoZzzBgPbW/wj5axDpW9X8l91SGo="; + final ArrayList receiptPrivateFor = + EnclaveEncryptorType.EC.equals(enclaveEncryptorType) + ? new ArrayList<>( + Collections.singletonList( + "MFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAEXIgZqRA25V+3nN+Do6b5r0jiUunub6ubjPhqwHpPxP44uUYh9RKCQNRnsqCJ9PjeTnC8R3ieJk7HWAlycU1bug==")) + : new ArrayList<>( + Collections.singletonList("Ko2bVqD+nNlNYL5EE7y3IdOnviftjiizpjRt+HTuFBs=")); + final String receiptPrivacyGroupId = + EnclaveEncryptorType.EC.equals(enclaveEncryptorType) + ? "MjuFB4b9Hz+f8zvkWWasxZWRjHWXU4t7B2nOHo4mekA=" + : "DyAOiF/ynpc+JXa2YAGB0bCitSlOMNm+ShmB/7M6C4w="; + final PrivateTransactionReceipt expectedReceipt = new PrivateTransactionReceipt( contractAddress, @@ -217,10 +253,9 @@ public class PrivacyClusterAcceptanceTest extends PrivacyAcceptanceTestBase { Collections.emptyList(), "0x023955c49d6265c579561940287449242704d5fd239ff07ea36a3fc7aface61c", "0x82e521ee16ff13104c5f81e8354ecaaafd5450b710b07f620204032bfe76041a", - "A1aVtMxLCUHmBVHXoZzzBgPbW/wj5axDpW9X8l91SGo=", - new ArrayList<>( - Collections.singletonList("Ko2bVqD+nNlNYL5EE7y3IdOnviftjiizpjRt+HTuFBs=")), - "DyAOiF/ynpc+JXa2YAGB0bCitSlOMNm+ShmB/7M6C4w=", + receiptPrivateFrom, + receiptPrivateFor, + receiptPrivacyGroupId, "0x1", null); @@ -244,7 +279,10 @@ public class PrivacyClusterAcceptanceTest extends PrivacyAcceptanceTestBase { @Test public void aliceCanDeployMultipleTimesInSingleGroup() { - final String firstDeployedAddress = "0xebf56429e6500e84442467292183d4d621359838"; + final String firstDeployedAddress = + EnclaveEncryptorType.EC.equals(enclaveEncryptorType) + ? "0x3e5d325a03ad3ce5640502219833d30b89ce3ce1" + : "0xebf56429e6500e84442467292183d4d621359838"; final EventEmitter firstEventEmitter = alice.execute( @@ -258,7 +296,10 @@ public class PrivacyClusterAcceptanceTest extends PrivacyAcceptanceTestBase { .validPrivateContractDeployed(firstDeployedAddress, alice.getAddress().toString()) .verify(firstEventEmitter); - final String secondDeployedAddress = "0x10f807f8a905da5bd319196da7523c6bd768690f"; + final String secondDeployedAddress = + EnclaveEncryptorType.EC.equals(enclaveEncryptorType) + ? "0x5194e214fae257530710d18c868df7a295d9d53b" + : "0x10f807f8a905da5bd319196da7523c6bd768690f"; final EventEmitter secondEventEmitter = alice.execute( @@ -276,7 +317,10 @@ public class PrivacyClusterAcceptanceTest extends PrivacyAcceptanceTestBase { @Test public void canInteractWithMultiplePrivacyGroups() { // alice deploys contract - final String firstDeployedAddress = "0xff206d21150a8da5b83629d8a722f3135ed532b1"; + final String firstDeployedAddress = + EnclaveEncryptorType.EC.equals(enclaveEncryptorType) + ? "0x760359bc605b3848f5199829bde6b382d90fb8eb" + : "0xff206d21150a8da5b83629d8a722f3135ed532b1"; final EventEmitter firstEventEmitter = alice.execute( @@ -316,7 +360,10 @@ public class PrivacyClusterAcceptanceTest extends PrivacyAcceptanceTestBase { firstTransactionHash, firstExpectedReceipt)); // alice deploys second contract - final String secondDeployedAddress = "0xebf56429e6500e84442467292183d4d621359838"; + final String secondDeployedAddress = + EnclaveEncryptorType.EC.equals(enclaveEncryptorType) + ? "0x3e5d325a03ad3ce5640502219833d30b89ce3ce1" + : "0xebf56429e6500e84442467292183d4d621359838"; final EventEmitter secondEventEmitter = alice.execute( diff --git a/acceptance-tests/tests/src/test/java/org/hyperledger/besu/tests/acceptance/privacy/PrivacyGroupAcceptanceTest.java b/acceptance-tests/tests/src/test/java/org/hyperledger/besu/tests/acceptance/privacy/PrivacyGroupAcceptanceTest.java index 13e3a7fe5..ab1bd91d0 100644 --- a/acceptance-tests/tests/src/test/java/org/hyperledger/besu/tests/acceptance/privacy/PrivacyGroupAcceptanceTest.java +++ b/acceptance-tests/tests/src/test/java/org/hyperledger/besu/tests/acceptance/privacy/PrivacyGroupAcceptanceTest.java @@ -15,16 +15,22 @@ package org.hyperledger.besu.tests.acceptance.privacy; import static org.assertj.core.api.Assertions.assertThat; +import static org.hyperledger.enclave.testutil.EnclaveEncryptorType.EC; +import static org.hyperledger.enclave.testutil.EnclaveEncryptorType.NACL; +import static org.hyperledger.enclave.testutil.EnclaveType.TESSERA; import static org.web3j.utils.Restriction.RESTRICTED; import org.hyperledger.besu.tests.acceptance.dsl.privacy.PrivacyAcceptanceTestBase; import org.hyperledger.besu.tests.acceptance.dsl.privacy.PrivacyNode; +import org.hyperledger.besu.tests.acceptance.dsl.privacy.account.PrivacyAccountResolver; import org.hyperledger.besu.tests.web3j.generated.EventEmitter; import org.hyperledger.besu.util.Log4j2ConfiguratorUtil; +import org.hyperledger.enclave.testutil.EnclaveEncryptorType; import org.hyperledger.enclave.testutil.EnclaveType; import java.io.IOException; import java.math.BigInteger; +import java.util.Arrays; import java.util.Collection; import java.util.Optional; @@ -45,19 +51,25 @@ public class PrivacyGroupAcceptanceTest extends PrivacyAcceptanceTestBase { private final PrivacyNode bob; private final PrivacyNode charlie; - @Parameters(name = "{0}") - public static Collection enclaveTypes() { - return EnclaveType.valuesForTests(); + @Parameters(name = "{0} enclave type with {1} encryptor") + public static Collection enclaveParameters() { + return Arrays.asList( + new Object[][] { + {TESSERA, NACL}, + {TESSERA, EC} + }); } - public PrivacyGroupAcceptanceTest(final EnclaveType enclaveType) throws IOException { + public PrivacyGroupAcceptanceTest( + final EnclaveType enclaveType, final EnclaveEncryptorType enclaveEncryptorType) + throws IOException { final Network containerNetwork = Network.newNetwork(); alice = privacyBesu.createPrivateTransactionEnabledMinerNode( "node1", - privacyAccountResolver.resolve(0), + PrivacyAccountResolver.ALICE.resolve(enclaveEncryptorType), enclaveType, Optional.of(containerNetwork), false, @@ -66,7 +78,7 @@ public class PrivacyGroupAcceptanceTest extends PrivacyAcceptanceTestBase { bob = privacyBesu.createPrivateTransactionEnabledNode( "node2", - privacyAccountResolver.resolve(1), + PrivacyAccountResolver.BOB.resolve(enclaveEncryptorType), enclaveType, Optional.of(containerNetwork), false, @@ -76,7 +88,7 @@ public class PrivacyGroupAcceptanceTest extends PrivacyAcceptanceTestBase { charlie = privacyBesu.createPrivateTransactionEnabledNode( "node3", - privacyAccountResolver.resolve(2), + PrivacyAccountResolver.CHARLIE.resolve(enclaveEncryptorType), enclaveType, Optional.of(containerNetwork), false, diff --git a/acceptance-tests/tests/src/test/java/org/hyperledger/besu/tests/acceptance/privacy/PrivacyReceiptAcceptanceTest.java b/acceptance-tests/tests/src/test/java/org/hyperledger/besu/tests/acceptance/privacy/PrivacyReceiptAcceptanceTest.java index ec8bb1f86..0b45d2973 100644 --- a/acceptance-tests/tests/src/test/java/org/hyperledger/besu/tests/acceptance/privacy/PrivacyReceiptAcceptanceTest.java +++ b/acceptance-tests/tests/src/test/java/org/hyperledger/besu/tests/acceptance/privacy/PrivacyReceiptAcceptanceTest.java @@ -27,6 +27,7 @@ import org.hyperledger.besu.tests.acceptance.dsl.privacy.PrivacyNode; import org.hyperledger.besu.tests.acceptance.dsl.privacy.account.PrivacyAccountResolver; import org.hyperledger.besu.tests.acceptance.dsl.transaction.Transaction; import org.hyperledger.besu.tests.acceptance.dsl.transaction.miner.MinerTransactions; +import org.hyperledger.enclave.testutil.EnclaveEncryptorType; import org.hyperledger.enclave.testutil.EnclaveType; import java.io.IOException; @@ -41,14 +42,17 @@ public class PrivacyReceiptAcceptanceTest extends ParameterizedEnclaveTestBase { private final PrivacyNode alice; - public PrivacyReceiptAcceptanceTest(final Restriction restriction, final EnclaveType enclaveType) + public PrivacyReceiptAcceptanceTest( + final Restriction restriction, + final EnclaveType enclaveType, + final EnclaveEncryptorType enclaveEncryptorType) throws IOException { - super(restriction, enclaveType); + super(restriction, enclaveType, enclaveEncryptorType); alice = privacyBesu.createIbft2NodePrivacyEnabled( "node1", - PrivacyAccountResolver.ALICE, + PrivacyAccountResolver.ALICE.resolve(enclaveEncryptorType), false, enclaveType, Optional.empty(), diff --git a/acceptance-tests/tests/src/test/java/org/hyperledger/besu/tests/acceptance/privacy/PrivateContractPublicStateAcceptanceTest.java b/acceptance-tests/tests/src/test/java/org/hyperledger/besu/tests/acceptance/privacy/PrivateContractPublicStateAcceptanceTest.java index a65ba9df7..83a7ce66d 100644 --- a/acceptance-tests/tests/src/test/java/org/hyperledger/besu/tests/acceptance/privacy/PrivateContractPublicStateAcceptanceTest.java +++ b/acceptance-tests/tests/src/test/java/org/hyperledger/besu/tests/acceptance/privacy/PrivateContractPublicStateAcceptanceTest.java @@ -21,10 +21,12 @@ import static org.web3j.utils.Restriction.UNRESTRICTED; import org.hyperledger.besu.tests.acceptance.dsl.privacy.ParameterizedEnclaveTestBase; import org.hyperledger.besu.tests.acceptance.dsl.privacy.PrivacyNode; +import org.hyperledger.besu.tests.acceptance.dsl.privacy.account.PrivacyAccountResolver; import org.hyperledger.besu.tests.web3j.generated.CrossContractReader; import org.hyperledger.besu.tests.web3j.generated.EventEmitter; import org.hyperledger.besu.tests.web3j.generated.RemoteSimpleStorage; import org.hyperledger.besu.tests.web3j.generated.SimpleStorage; +import org.hyperledger.enclave.testutil.EnclaveEncryptorType; import org.hyperledger.enclave.testutil.EnclaveType; import java.io.IOException; @@ -45,14 +47,17 @@ public class PrivateContractPublicStateAcceptanceTest extends ParameterizedEncla private final PrivacyNode transactionNode; public PrivateContractPublicStateAcceptanceTest( - final Restriction restriction, final EnclaveType enclaveType) throws IOException { - super(restriction, enclaveType); + final Restriction restriction, + final EnclaveType enclaveType, + final EnclaveEncryptorType enclaveEncryptorType) + throws IOException { + super(restriction, enclaveType, enclaveEncryptorType); final Network containerNetwork = Network.newNetwork(); final PrivacyNode minerNode = privacyBesu.createPrivateTransactionEnabledMinerNode( restriction + "-miner-node", - privacyAccountResolver.resolve(0), + PrivacyAccountResolver.ALICE.resolve(enclaveEncryptorType), enclaveType, Optional.of(containerNetwork), false, @@ -62,7 +67,7 @@ public class PrivateContractPublicStateAcceptanceTest extends ParameterizedEncla transactionNode = privacyBesu.createPrivateTransactionEnabledNode( restriction + "-transaction-node", - privacyAccountResolver.resolve(1), + PrivacyAccountResolver.BOB.resolve(enclaveEncryptorType), enclaveType, Optional.of(containerNetwork), false, diff --git a/acceptance-tests/tests/src/test/java/org/hyperledger/besu/tests/acceptance/privacy/PrivateGenesisAcceptanceTest.java b/acceptance-tests/tests/src/test/java/org/hyperledger/besu/tests/acceptance/privacy/PrivateGenesisAcceptanceTest.java index 531e00645..29d5b655e 100644 --- a/acceptance-tests/tests/src/test/java/org/hyperledger/besu/tests/acceptance/privacy/PrivateGenesisAcceptanceTest.java +++ b/acceptance-tests/tests/src/test/java/org/hyperledger/besu/tests/acceptance/privacy/PrivateGenesisAcceptanceTest.java @@ -22,6 +22,7 @@ import org.hyperledger.besu.tests.acceptance.dsl.privacy.ParameterizedEnclaveTes import org.hyperledger.besu.tests.acceptance.dsl.privacy.PrivacyNode; import org.hyperledger.besu.tests.acceptance.dsl.privacy.account.PrivacyAccountResolver; import org.hyperledger.besu.tests.web3j.generated.EventEmitter; +import org.hyperledger.enclave.testutil.EnclaveEncryptorType; import org.hyperledger.enclave.testutil.EnclaveType; import java.io.IOException; @@ -38,15 +39,18 @@ import org.web3j.utils.Restriction; public class PrivateGenesisAcceptanceTest extends ParameterizedEnclaveTestBase { private final PrivacyNode alice; - public PrivateGenesisAcceptanceTest(final Restriction restriction, final EnclaveType enclaveType) + public PrivateGenesisAcceptanceTest( + final Restriction restriction, + final EnclaveType enclaveType, + final EnclaveEncryptorType enclaveEncryptorType) throws IOException { - super(restriction, enclaveType); + super(restriction, enclaveType, enclaveEncryptorType); alice = privacyBesu.createIbft2NodePrivacyEnabledWithGenesis( "node1", - PrivacyAccountResolver.ALICE, + PrivacyAccountResolver.ALICE.resolve(enclaveEncryptorType), true, enclaveType, Optional.empty(), diff --git a/acceptance-tests/tests/src/test/java/org/hyperledger/besu/tests/acceptance/privacy/PrivateLogFilterAcceptanceTest.java b/acceptance-tests/tests/src/test/java/org/hyperledger/besu/tests/acceptance/privacy/PrivateLogFilterAcceptanceTest.java index 7d8c8d620..a6837f954 100644 --- a/acceptance-tests/tests/src/test/java/org/hyperledger/besu/tests/acceptance/privacy/PrivateLogFilterAcceptanceTest.java +++ b/acceptance-tests/tests/src/test/java/org/hyperledger/besu/tests/acceptance/privacy/PrivateLogFilterAcceptanceTest.java @@ -22,6 +22,7 @@ import org.hyperledger.besu.tests.acceptance.dsl.privacy.PrivacyNode; import org.hyperledger.besu.tests.acceptance.dsl.privacy.account.PrivacyAccountResolver; import org.hyperledger.besu.tests.acceptance.dsl.privacy.util.LogFilterJsonParameter; import org.hyperledger.besu.tests.web3j.generated.EventEmitter; +import org.hyperledger.enclave.testutil.EnclaveEncryptorType; import org.hyperledger.enclave.testutil.EnclaveType; import java.io.IOException; @@ -41,14 +42,17 @@ public class PrivateLogFilterAcceptanceTest extends ParameterizedEnclaveTestBase private final PrivacyNode node; public PrivateLogFilterAcceptanceTest( - final Restriction restriction, final EnclaveType enclaveType) throws IOException { + final Restriction restriction, + final EnclaveType enclaveType, + final EnclaveEncryptorType enclaveEncryptorType) + throws IOException { - super(restriction, enclaveType); + super(restriction, enclaveType, enclaveEncryptorType); node = privacyBesu.createPrivateTransactionEnabledMinerNode( restriction + "-node", - PrivacyAccountResolver.ALICE, + PrivacyAccountResolver.ALICE.resolve(enclaveEncryptorType), enclaveType, Optional.empty(), false, diff --git a/acceptance-tests/tests/src/test/java/org/hyperledger/besu/tests/acceptance/privacy/multitenancy/FlexibleMultiTenancyAcceptanceTest.java b/acceptance-tests/tests/src/test/java/org/hyperledger/besu/tests/acceptance/privacy/multitenancy/FlexibleMultiTenancyAcceptanceTest.java index 80dcf7a0a..7907c37a1 100644 --- a/acceptance-tests/tests/src/test/java/org/hyperledger/besu/tests/acceptance/privacy/multitenancy/FlexibleMultiTenancyAcceptanceTest.java +++ b/acceptance-tests/tests/src/test/java/org/hyperledger/besu/tests/acceptance/privacy/multitenancy/FlexibleMultiTenancyAcceptanceTest.java @@ -28,6 +28,7 @@ import org.hyperledger.besu.tests.acceptance.dsl.transaction.perm.PermissioningT import org.hyperledger.besu.tests.acceptance.dsl.transaction.privacy.PrivacyRequestFactory; import org.hyperledger.besu.tests.acceptance.privacy.FlexiblePrivacyAcceptanceTestBase; import org.hyperledger.besu.tests.web3j.generated.EventEmitter; +import org.hyperledger.enclave.testutil.EnclaveEncryptorType; import org.hyperledger.enclave.testutil.EnclaveType; import java.math.BigInteger; @@ -73,7 +74,11 @@ public class FlexibleMultiTenancyAcceptanceTest extends FlexiblePrivacyAcceptanc public void setUp() throws Exception { alice = privacyBesu.createFlexiblePrivacyGroupEnabledMinerNode( - "node1", PrivacyAccountResolver.MULTI_TENANCY, true, enclaveType, Optional.empty()); + "node1", + PrivacyAccountResolver.MULTI_TENANCY.resolve(EnclaveEncryptorType.NACL), + true, + enclaveType, + Optional.empty()); final BesuNode aliceBesu = alice.getBesu(); privacyCluster.startNodes(alice); final String alice1Token = diff --git a/besu/src/main/java/org/hyperledger/besu/cli/BesuCommand.java b/besu/src/main/java/org/hyperledger/besu/cli/BesuCommand.java index 9bada9713..a6a5b5b26 100644 --- a/besu/src/main/java/org/hyperledger/besu/cli/BesuCommand.java +++ b/besu/src/main/java/org/hyperledger/besu/cli/BesuCommand.java @@ -2024,10 +2024,6 @@ public class BesuCommand implements DefaultCommandValues, Runnable { "--privacy-public-key-file must be set if isQuorum is set in the genesis file.", e); } - if (key.length() != 44) { - throw new IllegalArgumentException( - "Contents of enclave public key file needs to be 44 characters long to decode to a valid 32 byte public key."); - } // throws exception if invalid base 64 Base64.getDecoder().decode(key); diff --git a/besu/src/test/java/org/hyperledger/besu/cli/BesuCommandTest.java b/besu/src/test/java/org/hyperledger/besu/cli/BesuCommandTest.java index 3ab6e7bbc..1e040e39a 100644 --- a/besu/src/test/java/org/hyperledger/besu/cli/BesuCommandTest.java +++ b/besu/src/test/java/org/hyperledger/besu/cli/BesuCommandTest.java @@ -4826,7 +4826,8 @@ public class BesuCommandTest extends CommandTestAbstract { assertThat(commandOutput.toString(UTF_8)).isEmpty(); assertThat(commandErrorOutput.toString(UTF_8)) .startsWith("Contents of privacy-public-key-file invalid"); - assertThat(commandErrorOutput.toString(UTF_8)).contains("needs to be 44 characters long"); + assertThat(commandErrorOutput.toString(UTF_8)) + .contains("Last unit does not have enough valid bits"); } @Test diff --git a/enclave/src/main/java/org/hyperledger/besu/enclave/Enclave.java b/enclave/src/main/java/org/hyperledger/besu/enclave/Enclave.java index 58bc7101f..f1d54f9b1 100644 --- a/enclave/src/main/java/org/hyperledger/besu/enclave/Enclave.java +++ b/enclave/src/main/java/org/hyperledger/besu/enclave/Enclave.java @@ -195,9 +195,9 @@ public class Enclave { private String removeBase64(final String input) { if (input.contains("=")) { - final String startInclBase64 = input.substring(0, input.indexOf('=')); + final String startInclBase64 = input.substring(0, input.lastIndexOf('=')); final String startTrimmed = startInclBase64.substring(0, startInclBase64.lastIndexOf(" ")); - final String end = input.substring(input.indexOf("=")); + final String end = input.substring(input.lastIndexOf("=")); if (end.length() > 1) { // Base64 in middle return startTrimmed + end.substring(1); diff --git a/ethereum/core/src/main/java/org/hyperledger/besu/ethereum/core/PrivacyParameters.java b/ethereum/core/src/main/java/org/hyperledger/besu/ethereum/core/PrivacyParameters.java index 845aebddb..fe75a5776 100644 --- a/ethereum/core/src/main/java/org/hyperledger/besu/ethereum/core/PrivacyParameters.java +++ b/ethereum/core/src/main/java/org/hyperledger/besu/ethereum/core/PrivacyParameters.java @@ -339,7 +339,8 @@ public class PrivacyParameters { public Builder setPrivacyUserIdUsingFile(final File publicKeyFile) throws IOException { this.enclavePublicKeyFile = publicKeyFile; this.privacyUserId = Files.asCharSource(publicKeyFile, UTF_8).read(); - validatePublicKey(publicKeyFile); + // throws exception if invalid base 64 + Base64.getDecoder().decode(this.privacyUserId); return this; } @@ -400,14 +401,5 @@ public class PrivacyParameters { config.setGoQuorumPrivacyParameters(goQuorumPrivacyParameters); return config; } - - private void validatePublicKey(final File publicKeyFile) { - if (publicKeyFile.length() != 44) { - throw new IllegalArgumentException( - "Contents of enclave public key file needs to be 44 characters long to decode to a valid 32 byte public key."); - } - // throws exception if invalid base 64 - Base64.getDecoder().decode(this.privacyUserId); - } } } diff --git a/testutil/src/main/java/org/hyperledger/enclave/testutil/EnclaveConfiguration.java b/testutil/src/main/java/org/hyperledger/enclave/testutil/EnclaveConfiguration.java index 80dacbc63..1e86234d7 100644 --- a/testutil/src/main/java/org/hyperledger/enclave/testutil/EnclaveConfiguration.java +++ b/testutil/src/main/java/org/hyperledger/enclave/testutil/EnclaveConfiguration.java @@ -22,6 +22,7 @@ public class EnclaveConfiguration { private final Path[] publicKeys; private final Path[] privateKeys; + private final EnclaveEncryptorType enclaveEncryptorType; private final Path tempDir; private final List otherNodes = new ArrayList<>(); private final boolean clearKnownNodes; @@ -32,6 +33,7 @@ public class EnclaveConfiguration { final String name, final Path[] publicKeys, final Path[] privateKeys, + final EnclaveEncryptorType enclaveEncryptorType, final Path tempDir, final List otherNodes, final boolean clearKnownNodes, @@ -39,6 +41,7 @@ public class EnclaveConfiguration { this.publicKeys = publicKeys; this.privateKeys = privateKeys; + this.enclaveEncryptorType = enclaveEncryptorType; this.tempDir = tempDir; this.otherNodes.addAll(otherNodes); this.clearKnownNodes = clearKnownNodes; @@ -77,4 +80,8 @@ public class EnclaveConfiguration { public String getName() { return name; } + + public EnclaveEncryptorType getEnclaveEncryptorType() { + return enclaveEncryptorType; + } } diff --git a/testutil/src/main/java/org/hyperledger/enclave/testutil/EnclaveEncryptorType.java b/testutil/src/main/java/org/hyperledger/enclave/testutil/EnclaveEncryptorType.java new file mode 100644 index 000000000..e0dc61f17 --- /dev/null +++ b/testutil/src/main/java/org/hyperledger/enclave/testutil/EnclaveEncryptorType.java @@ -0,0 +1,44 @@ +/* + * Copyright ConsenSys AG. + * + * Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with + * the License. You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software distributed under the License is distributed on + * an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the License for the + * specific language governing permissions and limitations under the License. + * + * SPDX-License-Identifier: Apache-2.0 + */ +package org.hyperledger.enclave.testutil; + +public enum EnclaveEncryptorType { + NACL, + EC, + NOOP; + + public String toTesseraEncryptorConfigJSON() { + switch (this) { + case NACL: + return " \"encryptor\":{\n" + + " \"type\":\"NACL\",\n" + + " \"properties\":{\n" + + " }\n" + + " },\n"; + case EC: + return " \"encryptor\":{\n" + + " \"type\":\"EC\",\n" + + " \"properties\":{\n" + + " \"symmetricCipher\": \"AES/GCM/NoPadding\",\n" + + " \"ellipticCurve\": \"secp256r1\",\n" + + " \"nonceLength\": \"24\",\n" + + " \"sharedKeyLength\": \"32\"\n" + + " }\n" + + " },\n"; + default: + return ""; + } + } +} diff --git a/testutil/src/main/java/org/hyperledger/enclave/testutil/EnclaveKeyConfiguration.java b/testutil/src/main/java/org/hyperledger/enclave/testutil/EnclaveKeyConfiguration.java index cb739ac44..929f2ac48 100644 --- a/testutil/src/main/java/org/hyperledger/enclave/testutil/EnclaveKeyConfiguration.java +++ b/testutil/src/main/java/org/hyperledger/enclave/testutil/EnclaveKeyConfiguration.java @@ -17,15 +17,24 @@ package org.hyperledger.enclave.testutil; public class EnclaveKeyConfiguration { private final String[] pubKeyPaths; private final String[] privKeyPaths; + private EnclaveEncryptorType enclaveEncryptorType; public EnclaveKeyConfiguration(final String pubKeyPath, final String privKeyPath) { this.pubKeyPaths = new String[] {pubKeyPath}; this.privKeyPaths = new String[] {privKeyPath}; } - public EnclaveKeyConfiguration(final String[] pubKeyPaths, final String[] privKeyPaths) { + public EnclaveKeyConfiguration( + final String[] pubKeyPaths, + final String[] privKeyPaths, + final EnclaveEncryptorType enclaveEncryptorType) { this.pubKeyPaths = pubKeyPaths; this.privKeyPaths = privKeyPaths; + this.enclaveEncryptorType = enclaveEncryptorType; + } + + public EnclaveKeyConfiguration(final String[] pubKeyPaths, final String[] privKeyPaths) { + this(pubKeyPaths, privKeyPaths, EnclaveEncryptorType.NACL); } public String[] getPubKeyPaths() { @@ -35,4 +44,8 @@ public class EnclaveKeyConfiguration { public String[] getPrivKeyPaths() { return privKeyPaths; } + + public EnclaveEncryptorType getEnclaveEncryptorType() { + return enclaveEncryptorType; + } } diff --git a/testutil/src/main/java/org/hyperledger/enclave/testutil/TesseraTestHarness.java b/testutil/src/main/java/org/hyperledger/enclave/testutil/TesseraTestHarness.java index 4d50f285e..e8117e60f 100644 --- a/testutil/src/main/java/org/hyperledger/enclave/testutil/TesseraTestHarness.java +++ b/testutil/src/main/java/org/hyperledger/enclave/testutil/TesseraTestHarness.java @@ -163,11 +163,7 @@ public class TesseraTestHarness implements EnclaveTestHarness { String confString = "{\n" + " \"mode\" : \"orion\",\n" - + " \"encryptor\":{\n" - + " \"type\":\"NACL\",\n" - + " \"properties\":{\n" - + " }\n" - + " },\n" + + enclaveConfiguration.getEnclaveEncryptorType().toTesseraEncryptorConfigJSON() + " \"useWhiteList\": false,\n" + " \"jdbc\": {\n" + " \"username\": \"sa\",\n" diff --git a/testutil/src/main/java/org/hyperledger/enclave/testutil/TesseraTestHarnessFactory.java b/testutil/src/main/java/org/hyperledger/enclave/testutil/TesseraTestHarnessFactory.java index e5c7100e9..fb76533c0 100644 --- a/testutil/src/main/java/org/hyperledger/enclave/testutil/TesseraTestHarnessFactory.java +++ b/testutil/src/main/java/org/hyperledger/enclave/testutil/TesseraTestHarnessFactory.java @@ -39,6 +39,7 @@ public class TesseraTestHarnessFactory { tempDir, enclaveConfig.getPubKeyPaths(), enclaveConfig.getPrivKeyPaths(), + enclaveConfig.getEnclaveEncryptorType(), Collections.emptyList(), containerNetwork); } @@ -48,12 +49,14 @@ public class TesseraTestHarnessFactory { final Path tempDir, final String[] pubKeyPaths, final String[] privKeyPaths, + final EnclaveEncryptorType enclaveEncryptorType, final List othernodes, final Optional containerNetwork) { final Path[] pubKeys = stringArrayToPathArray(tempDir, pubKeyPaths); final Path[] privKeys = stringArrayToPathArray(tempDir, privKeyPaths); - return create(name, tempDir, pubKeys, privKeys, othernodes, containerNetwork); + return create( + name, tempDir, pubKeys, privKeys, enclaveEncryptorType, othernodes, containerNetwork); } public static TesseraTestHarness create( @@ -61,10 +64,12 @@ public class TesseraTestHarnessFactory { final Path tempDir, final Path[] key1pubs, final Path[] key1keys, + final EnclaveEncryptorType enclaveEncryptorType, final List othernodes, final Optional containerNetwork) { return new TesseraTestHarness( - new EnclaveConfiguration(name, key1pubs, key1keys, tempDir, othernodes, false, storage), + new EnclaveConfiguration( + name, key1pubs, key1keys, enclaveEncryptorType, tempDir, othernodes, false, storage), containerNetwork); } diff --git a/testutil/src/main/resources/enclave_ec_key_0.key b/testutil/src/main/resources/enclave_ec_key_0.key new file mode 100644 index 000000000..65bfc5003 --- /dev/null +++ b/testutil/src/main/resources/enclave_ec_key_0.key @@ -0,0 +1 @@ +{"data":{"bytes":"MEECAQAwEwYHKoZIzj0CAQYIKoZIzj0DAQcEJzAlAgEBBCA3i4I2sXNvZ/oP+faqfqFVKhc3lIthuqa5nczOMMmjVg=="},"type":"unlocked"} \ No newline at end of file diff --git a/testutil/src/main/resources/enclave_ec_key_0.pub b/testutil/src/main/resources/enclave_ec_key_0.pub new file mode 100644 index 000000000..aeb0cc0c4 --- /dev/null +++ b/testutil/src/main/resources/enclave_ec_key_0.pub @@ -0,0 +1 @@ +MFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAES8nC4qT/KdoAoTSF3qs/47DUsDihyVbWiRjZAiyvqp9eSDkqV1RzlM+58oOwnpFRwvWNZM+AxMVxT+MvxdsqMA== \ No newline at end of file diff --git a/testutil/src/main/resources/enclave_ec_key_1.key b/testutil/src/main/resources/enclave_ec_key_1.key new file mode 100644 index 000000000..56cc7cc0d --- /dev/null +++ b/testutil/src/main/resources/enclave_ec_key_1.key @@ -0,0 +1 @@ +{"data":{"bytes":"MEECAQAwEwYHKoZIzj0CAQYIKoZIzj0DAQcEJzAlAgEBBCA/80gy3GG2gCdmCk3Xp4hcO06c3OomIf+aH3oZGVSYfQ=="},"type":"unlocked"} \ No newline at end of file diff --git a/testutil/src/main/resources/enclave_ec_key_1.pub b/testutil/src/main/resources/enclave_ec_key_1.pub new file mode 100644 index 000000000..3c565ec7d --- /dev/null +++ b/testutil/src/main/resources/enclave_ec_key_1.pub @@ -0,0 +1 @@ +MFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAEXIgZqRA25V+3nN+Do6b5r0jiUunub6ubjPhqwHpPxP44uUYh9RKCQNRnsqCJ9PjeTnC8R3ieJk7HWAlycU1bug== \ No newline at end of file diff --git a/testutil/src/main/resources/enclave_ec_key_2.key b/testutil/src/main/resources/enclave_ec_key_2.key new file mode 100644 index 000000000..a6f675e7e --- /dev/null +++ b/testutil/src/main/resources/enclave_ec_key_2.key @@ -0,0 +1 @@ +{"data":{"bytes":"MEECAQAwEwYHKoZIzj0CAQYIKoZIzj0DAQcEJzAlAgEBBCC64DUSx9FrS2wHVOa1CWMStiq1jo2u7Oef0hzpgOK+8w=="},"type":"unlocked"} \ No newline at end of file diff --git a/testutil/src/main/resources/enclave_ec_key_2.pub b/testutil/src/main/resources/enclave_ec_key_2.pub new file mode 100644 index 000000000..5700cbd07 --- /dev/null +++ b/testutil/src/main/resources/enclave_ec_key_2.pub @@ -0,0 +1 @@ +MFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAEFl85WnNPyzSEX+evc774xoqUQdjSnQMTE1uIyMOve+iVwjs6dUEUwz5teiKuUUf63a/qYe4n6SGnQ7HnmtDViQ== \ No newline at end of file