sschulz-t
commented
3 years ago the merge is ok. now please run the lint script and update the pull request with the fixed files.
Closed dhruvagarwal86 closed 3 years ago
sschulz-t
commented
3 years ago the merge is ok. now please run the lint script and update the pull request with the fixed files.
dhruvagarwal86
commented
3 years ago Rebased the code the current master and
the merge is ok. now please run the lint script and update the pull request with the fixed files.
@sschulz-t Done, kindly check now
sschulz-t
commented
3 years ago Did you fix the lint errors? When I run the linter I still see these errors:
> will run gofmt to fix formatting. will fix the following files:
> done.
> will run go lint ...
offchain.go:284:1: comment on exported method RoamingSmartContract.IsValidSignature should be of the form "IsValidSignature ..."
offchain.go:287:6: var certListJson should be certListJSON
> please fix all errors above (if any).now the lint error is fixed but the indentation is now broken again. running lint.sh should fix that for you.
sschulz-t
commented
3 years ago it looks good now. thanks!
func (s *RoamingSmartContract) IsValidSignature(ctx contractapi.TransactionContextInterface, document string, signature string, certPEM string) (int, error) {
"IsValidSignature" function receives 3 arguments as below 1 - Document Hash string 2 - Signature String 3 - Certificate array string in JSON format. For example - ["", "<Intermediate Certificate 1", "<Intermediate Certificate 2>", ..., ""]
Make sure Certificate JSON array string is URL safe.
Tasks performed by the function
Extracting the attribute "CanSignDocument" from user certificate and if it's value is yes, proceed further else return false (Signature is Invalid) Validating the Certificate chain till root certificate, if valid proceed further, else return false Validate the document and signature using x509's "CheckSignature" function, if true Signature is valid else invalid Error Codes
0 = Valid Signature Invalid Signature Scenarios with Error Codes -1 = Failed to parse Certificate JSON string which is passed as 3rd argument to "IsValidSignature" function -2 = Failed to Decode User Certificate PEM from Certificate JSON string which is passed as 3rd argument to "IsValidSignature" function -3 = Failed to parse User Certificate from User Certificate PEM block bytes -4 = Custom Attibute Extension with Oid "1.2.3.4.5.6.7.8.1" not present in User Certificate -5 = Failed to parse Custom Attribute Extension JSON"" -6 = Custom Attribute Extension JSON string doesn't have "attrs" key -7 = "attrs" JSON key value doesn't have "CanSignDocument" key -8 = "CanSignDocument" key value is not yes -9 = Failed to append Root Certificate PEM (from Certificate JSON string passed as 3rd argument to "IsValidSignature" function) to Certificate Pool Object -10 = Failed to append any Intermediate certificate PEM (from certificate JSON string passed as 3rd argument to "IsValidSignature" function) to certificate Pool Object -11 = User Certificate verification failed -12 = Signature validation failed over signed hashed data document from cert's public key