@Override public boolean isDeltaSigner(HashedVersion version, ByteString signerId) { ByteStringMessage<ProtocolAppliedWaveletDelta> appliedDelta = lookupAppliedDeltaByEndVersion(version); if (appliedDelta == null) { return false; } ProtocolSignedDelta signedDelta = appliedDelta.getMessage().getSignedOriginalDelta(); for (ProtocolSignature signature : signedDelta.getSignatureList()) { if (signature.getSignerId().equals(signerId)) return true; } return false; } }
/** * Calculates the hashed version after an applied delta is applied. */ public static HashedVersion calculateResultingHashedVersion( ByteStringMessage<ProtocolAppliedWaveletDelta> appliedDelta) throws InvalidProtocolBufferException { return HASH_FACTORY.create( appliedDelta.getByteArray(), getHashedVersionAppliedAt(appliedDelta), appliedDelta.getMessage().getOperationsApplied()); }
@Override public ProtocolSignedDelta signDelta(ByteStringMessage<ProtocolWaveletDelta> delta) { // TODO: support extended address paths. For now, there will be exactly // one signature, and we don't support federated groups. Preconditions.checkState(delta.getMessage().getAddressPathCount() == 0); ProtocolSignedDelta.Builder signedDelta = ProtocolSignedDelta.newBuilder(); signedDelta.setDelta(delta.getByteString()); signedDelta.addAllSignature(waveSigner.sign(delta)); return signedDelta.build(); }
@Override public ByteStringMessage<ProtocolWaveletDelta> verifyDelta(ProtocolSignedDelta signedDelta) throws SignatureException, UnknownSignerException { ByteStringMessage<ProtocolWaveletDelta> delta; try { delta = ByteStringMessage.parseProtocolWaveletDelta(signedDelta.getDelta()); } catch (InvalidProtocolBufferException e) { throw new IllegalArgumentException("signed delta does not contain valid delta", e); } if (disableVerfication) { return delta; } List<String> domains = getParticipantDomains(delta.getMessage()); if (domains.size() != signedDelta.getSignatureCount()) { throw new SignatureException("found " + domains.size() + " domains in " + "extended address path, but " + signedDelta.getSignatureCount() + " signatures."); } for (int i = 0; i < domains.size(); i++) { String domain = domains.get(i); ProtocolSignature signature = signedDelta.getSignature(i); verifySingleSignature(delta, signature, domain); } return delta; }
/** * Builds a transformed delta from an applied delta and its transformed ops. */ public static TransformedWaveletDelta buildTransformedDelta( ByteStringMessage<ProtocolAppliedWaveletDelta> appliedDeltaBytes, WaveletDelta transformed) throws InvalidProtocolBufferException { ProtocolAppliedWaveletDelta appliedDelta = appliedDeltaBytes.getMessage(); Preconditions.checkArgument( getHashedVersionAppliedAt(appliedDeltaBytes).equals(transformed.getTargetVersion())); Preconditions.checkArgument(appliedDelta.getOperationsApplied() == transformed.size()); HashedVersion resultingVersion = HASH_FACTORY.create(appliedDeltaBytes.getByteArray(), transformed.getTargetVersion(), appliedDelta.getOperationsApplied()); return TransformedWaveletDelta.cloneOperations(resultingVersion, appliedDelta.getApplicationTimestamp(), transformed); }
ProtocolSignedDelta toVerify = appliedDelta.getMessage().getSignedOriginalDelta(); HashedVersion deltaEndVersion; try {
/** * Inspects the given applied delta to determine the {@code HashedVersion} it * was applied at. * This may require looking at the contained {@code ProtocolWaveletDelta}. * * @param appliedDeltaBytes to inspect * @return hashed version the delta was applied at * @throws InvalidProtocolBufferException if the contained * {@code ProtocolWaveletDelta} is invalid * (is only inspected if the applied delta has the hashed version set) */ public static HashedVersion getHashedVersionAppliedAt( ByteStringMessage<ProtocolAppliedWaveletDelta> appliedDeltaBytes) throws InvalidProtocolBufferException { ProtocolAppliedWaveletDelta appliedDelta = appliedDeltaBytes.getMessage(); return CoreWaveletOperationSerializer.deserialize( // If the delta was transformed, the version it was actually applied at is specified // in the top-level message, otherwise we take if from the original signed delta. appliedDelta.hasHashedVersionAppliedAt() ? appliedDelta.getHashedVersionAppliedAt() : ProtocolWaveletDelta.parseFrom(appliedDelta.getSignedOriginalDelta().getDelta()) .getHashedVersion()); }
appliedDelta.getMessage().getSignedOriginalDelta().getDelta()); WaveletDelta delta = CoreWaveletOperationSerializer.deserialize(protocolDelta.getMessage()); if (appliedDelta.getMessage().hasHashedVersionAppliedAt()) { LOG.warning("Hashes are the same but applied delta has hashed_version_applied_at");
certificateManager.verifyDelta(appliedDelta.getMessage().getSignedOriginalDelta()); } catch (SignatureException e) { LOG.warning("Verification failure for " + domain + " incoming " + getWaveletName(), e); appliedDelta.getMessage().getSignedOriginalDelta().getDelta()); LOG.info("actual delta: " + actualDelta); } catch (InvalidProtocolBufferException e) { long opsApplied = applicationResult.getResultingVersion().getVersion() - expectedVersion.getVersion(); if (opsApplied != appliedDelta.getMessage().getOperationsApplied()) { throw new OperationException("Operations applied here do not match the authoritative" + " server claim (got " + opsApplied + ", expected " + appliedDelta.getMessage().getOperationsApplied() + ".");
PersistenceException { ProtocolWaveletDelta protocolDelta = ByteStringMessage.parseProtocolWaveletDelta(signedDelta.getDelta()).getMessage();
delta = ByteStringMessage.parseProtocolWaveletDelta(signedDelta.getDelta()).getMessage(); } catch (InvalidProtocolBufferException e) { LOG.warning("Submit request: Invalid delta protobuf. WaveletName: " + waveletName, e);