<fix>(crud): crud adapt new condition data structure. (FISCO-BCOS#709)

Author: kyonRay

src/main/java/org/fisco/bcos/sdk/v3/config/model/CryptoMaterialConfig.java

@@ -16,17 +16,21 @@
 package org.fisco.bcos.sdk.v3.config.model;
 
 import java.util.Map;
+
 import org.fisco.bcos.sdk.v3.config.exceptions.ConfigException;
 import org.fisco.bcos.sdk.v3.model.CryptoType;
 import org.slf4j.Logger;
 import org.slf4j.LoggerFactory;
 
-/** Crypto material configuration, include certs and keys */
+/**
+ * Crypto material configuration, include certs and keys
+ */
 public class CryptoMaterialConfig {
     private static final Logger logger = LoggerFactory.getLogger(CryptoMaterialConfig.class);
 
     private Boolean useSmCrypto = false;
     private Boolean disableSsl = false;
+    private Boolean hsmEnable = false;
     private String certPath = "conf";
 
     private String caCertPath;
@@ -41,23 +45,36 @@ public class CryptoMaterialConfig {
     private String enSdkCert;
     private String enSdkPrivateKey;
 
-    public CryptoMaterialConfig() {}
+    private String hsmLibPath;
+    private String hsmKeyIndex;
+    private String hsmPassword;
+
+    public CryptoMaterialConfig() {
+    }
 
     public CryptoMaterialConfig(ConfigProperty configProperty) throws ConfigException {
 
         Map<String, Object> cryptoMaterialProperty = configProperty.getCryptoMaterial();
         String useSMCrypto = (String) cryptoMaterialProperty.get("useSMCrypto");
         String disableSsl = (String) cryptoMaterialProperty.get("disableSsl");
+        String hsmEnable = (String) cryptoMaterialProperty.get("hsmEnable");
 
         this.useSmCrypto = Boolean.valueOf(useSMCrypto);
         this.disableSsl = Boolean.valueOf(disableSsl);
+        this.hsmEnable = Boolean.valueOf(hsmEnable);
 
         if (this.disableSsl) {
             logger.info("Load cryptoMaterial, disableSsl has been set");
             return;
         }
 
-        int cryptoType = this.useSmCrypto ? CryptoType.SM_TYPE : CryptoType.ECDSA_TYPE;
+        if (this.hsmEnable) {
+            this.hsmLibPath = (String) cryptoMaterialProperty.get("hsmLibPath");
+            this.hsmKeyIndex = (String) cryptoMaterialProperty.get("hsmKeyIndex");
+            this.hsmPassword = (String) cryptoMaterialProperty.get("hsmPassword");
+        }
+
+        int cryptoType = this.useSmCrypto ? (this.hsmEnable ? CryptoType.HSM_TYPE : CryptoType.SM_TYPE) : CryptoType.ECDSA_TYPE;
         this.certPath =
                 ConfigProperty.getConfigFilePath(
                         ConfigProperty.getValue(cryptoMaterialProperty, "certPath", this.certPath));
@@ -134,7 +151,7 @@ public CryptoMaterialConfig getDefaultCaCertPath(int cryptoType, String certPath
             cryptoMaterialConfig.setCaCertPath(certPath + "/" + "ca.crt");
             cryptoMaterialConfig.setSdkCertPath(certPath + "/" + "sdk.crt");
             cryptoMaterialConfig.setSdkPrivateKeyPath(certPath + "/" + "sdk.key");
-        } else if (cryptoType == CryptoType.SM_TYPE) {
+        } else if (cryptoType == CryptoType.SM_TYPE | cryptoType == CryptoType.HSM_TYPE) {
             cryptoMaterialConfig.setCaCertPath(certPath + "/" + "sm_ca.crt");
             cryptoMaterialConfig.setSdkCertPath(certPath + "/" + "sm_sdk.crt");
             cryptoMaterialConfig.setSdkPrivateKeyPath(certPath + "/" + "sm_sdk.key");
@@ -220,6 +237,38 @@ public boolean isUseSmCrypto() {
         return useSmCrypto;
     }
 
+    public Boolean getHsmEnable() {
+        return hsmEnable;
+    }
+
+    public void setHsmEnable(Boolean hsmEnable) {
+        this.hsmEnable = hsmEnable;
+    }
+
+    public String getHsmLibPath() {
+        return hsmLibPath;
+    }
+
+    public void setHsmLibPath(String hsmLibPath) {
+        this.hsmLibPath = hsmLibPath;
+    }
+
+    public String getHsmKeyIndex() {
+        return hsmKeyIndex;
+    }
+
+    public void setHsmKeyIndex(String hsmKeyIndex) {
+        this.hsmKeyIndex = hsmKeyIndex;
+    }
+
+    public String getHsmPassword() {
+        return hsmPassword;
+    }
+
+    public void setHsmPassword(String hsmPassword) {
+        this.hsmPassword = hsmPassword;
+    }
+
     public String getCaCertPath() {
         return caCertPath;
     }

src/main/java/org/fisco/bcos/sdk/v3/crypto/CryptoSuite.java

@@ -23,11 +23,13 @@
 import org.fisco.bcos.sdk.v3.crypto.hash.SM3Hash;
 import org.fisco.bcos.sdk.v3.crypto.keypair.CryptoKeyPair;
 import org.fisco.bcos.sdk.v3.crypto.keypair.ECDSAKeyPair;
+import org.fisco.bcos.sdk.v3.crypto.keypair.HsmSM2KeyPair;
 import org.fisco.bcos.sdk.v3.crypto.keypair.SM2KeyPair;
 import org.fisco.bcos.sdk.v3.crypto.keystore.KeyTool;
 import org.fisco.bcos.sdk.v3.crypto.keystore.P12KeyStore;
 import org.fisco.bcos.sdk.v3.crypto.keystore.PEMKeyStore;
 import org.fisco.bcos.sdk.v3.crypto.signature.ECDSASignature;
+import org.fisco.bcos.sdk.v3.crypto.signature.HsmSM2Signature;
 import org.fisco.bcos.sdk.v3.crypto.signature.SM2Signature;
 import org.fisco.bcos.sdk.v3.crypto.signature.Signature;
 import org.fisco.bcos.sdk.v3.crypto.signature.SignatureResult;
@@ -39,11 +41,10 @@ public class CryptoSuite {
 
     private static final Logger logger = LoggerFactory.getLogger(CryptoSuite.class);
 
-    public final int cryptoTypeConfig;
-
-    public final Signature signatureImpl;
-    public final Hash hashImpl;
-    private final CryptoKeyPair keyPairFactory;
+    public int cryptoTypeConfig;
+    public Signature signatureImpl;
+    public Hash hashImpl;
+    private CryptoKeyPair keyPairFactory;
     private CryptoKeyPair cryptoKeyPair;
     private ConfigOption config;
 
@@ -64,9 +65,9 @@ public CryptoSuite(int cryptoTypeConfig, String hexedPrivateKey) {
      * @param configOption the configuration of account.
      */
     public CryptoSuite(int cryptoTypeConfig, ConfigOption configOption) {
-        this(cryptoTypeConfig);
         logger.info("init CryptoSuite, cryptoType: {}", cryptoTypeConfig);
         this.setConfig(configOption);
+        this.initCryptoSuite(cryptoTypeConfig);
         // doesn't set the account name, generate the keyPair randomly
         if (!configOption.getAccountConfig().isAccountConfigured()) {
             this.generateRandomKeyPair();
@@ -81,6 +82,10 @@ public CryptoSuite(int cryptoTypeConfig, ConfigOption configOption) {
      * @param cryptoTypeConfig the crypto type config number
      */
     public CryptoSuite(int cryptoTypeConfig) {
+        initCryptoSuite(cryptoTypeConfig);
+    }
+
+    public void initCryptoSuite(int cryptoTypeConfig) {
         this.cryptoTypeConfig = cryptoTypeConfig;
         if (this.cryptoTypeConfig == CryptoType.ECDSA_TYPE) {
             this.signatureImpl = new ECDSASignature();
@@ -92,12 +97,20 @@ public CryptoSuite(int cryptoTypeConfig) {
             this.hashImpl = new SM3Hash();
             this.keyPairFactory = new SM2KeyPair();
 
+        } else if(this.cryptoTypeConfig == CryptoType.HSM_TYPE) {
+            HsmSM2Signature hsmSM2Signature = new HsmSM2Signature();
+            hsmSM2Signature.setHsmLibPath(this.config.getCryptoMaterialConfig().getHsmLibPath());
+            this.signatureImpl = hsmSM2Signature;
+            this.hashImpl = new SM3Hash();
+            this.keyPairFactory = new HsmSM2KeyPair(this.config.getCryptoMaterialConfig().getHsmLibPath());
         } else {
             throw new UnsupportedCryptoTypeException(
                     "only support "
                             + CryptoType.ECDSA_TYPE
                             + "/"
                             + CryptoType.SM_TYPE
+                            + "/"
+                            + CryptoType.HSM_TYPE
                             + " crypto type");
         }
         // create keyPair randomly
@@ -159,7 +172,6 @@ private void loadAccount(ConfigOption configOption) {
      */
     public void setConfig(ConfigOption config) {
         this.config = config;
-        this.keyPairFactory.setConfig(config);
     }
 
     public int getCryptoTypeConfig() {

src/main/java/org/fisco/bcos/sdk/v3/crypto/keypair/HsmSM2KeyPair.java

@@ -0,0 +1,100 @@
+/**
+ * Copyright 2014-2020 [fisco-dev]
+ *
+ * <p>Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file
+ * except in compliance with the License. You may obtain a copy of the License at
+ *
+ * <p>http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * <p>Unless required by applicable law or agreed to in writing, software distributed under the
+ * License is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either
+ * express or implied. See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+package org.fisco.bcos.sdk.v3.crypto.keypair;
+
+import org.fisco.bcos.sdk.jni.common.JniException;
+import org.fisco.bcos.sdk.jni.utilities.keypair.KeyPairJniObj;
+import org.fisco.bcos.sdk.v3.crypto.hash.Hash;
+import org.fisco.bcos.sdk.v3.crypto.hash.SM3Hash;
+import org.slf4j.Logger;
+import org.slf4j.LoggerFactory;
+
+import java.security.KeyPair;
+
+public class HsmSM2KeyPair extends CryptoKeyPair {
+    private static final Logger logger = LoggerFactory.getLogger(HsmSM2KeyPair.class);
+
+    public static Hash DefaultHashAlgorithm = new SM3Hash();
+    private String hsmLibPath;
+
+    public HsmSM2KeyPair(String hsmLibPath) {
+        this.hsmLibPath = hsmLibPath;
+        initHsmSM2KeyPairObject();
+    }
+
+    public HsmSM2KeyPair(String hsmLibPath, KeyPair javaKeyPair) {
+        super(javaKeyPair);
+        this.hsmLibPath = hsmLibPath;
+        initHsmSM2KeyPairObject();
+    }
+
+    private void initHsmSM2KeyPairObject() {
+        this.keyStoreSubDir = GM_ACCOUNT_SUBDIR;
+        this.hashImpl = new SM3Hash();
+        this.curveName = SM2_CURVE_NAME;
+        this.signatureAlgorithm = SM_SIGNATURE_ALGORITHM;
+    }
+
+    /**
+     * generate keyPair randomly
+     *
+     * @return the generated keyPair
+     */
+    @Override
+    public CryptoKeyPair generateKeyPair() {
+        try {
+            HsmSM2KeyPair hsmSM2KeyPair = new HsmSM2KeyPair(this.hsmLibPath);
+            hsmSM2KeyPair.jniKeyPair = KeyPairJniObj.createHsmKeyPair(this.hsmLibPath);
+            return hsmSM2KeyPair;
+        } catch (JniException e) {
+            // TODO: handle jni exception
+            logger.error("hsm generateKeyPair exception, jni e: ", e);
+            return null;
+        }
+    }
+
+    @Override
+    public CryptoKeyPair createKeyPair(KeyPair javaKeyPair) {
+        try {
+            HsmSM2KeyPair hsmSM2KeyPair = new HsmSM2KeyPair(this.hsmLibPath, javaKeyPair);
+            hsmSM2KeyPair.jniKeyPair = KeyPairJniObj.createHsmKeyPair(javaKeyPair.getPrivate().getEncoded(), this.hsmLibPath);
+            return hsmSM2KeyPair;
+
+        } catch (JniException e) {
+            // TODO: handle jni exception
+            logger.error("hsm createKeyPair exception, jni e: ", e);
+            return null;
+        }
+    }
+
+    public CryptoKeyPair useKeyPair(int keyIndex, String password) {
+        try {
+            HsmSM2KeyPair hsmSM2KeyPair = new HsmSM2KeyPair(this.hsmLibPath);
+            hsmSM2KeyPair.jniKeyPair = KeyPairJniObj.useHsmKeyPair(keyIndex, password, this.hsmLibPath);
+            return hsmSM2KeyPair;
+        } catch (JniException e) {
+            // TODO: handle jni exception
+            logger.error("hsm useKeyPair exception, jni e: ", e);
+            return null;
+        }
+    }
+
+    public String getHsmLibPath() {
+        return hsmLibPath;
+    }
+
+    public void setHsmLibPath(String hsmLibPath) {
+        this.hsmLibPath = hsmLibPath;
+    }
+}

src/main/java/org/fisco/bcos/sdk/v3/crypto/signature/HsmSM2Signature.java

@@ -0,0 +1,98 @@
+/**
+ * Copyright 2014-2020 [fisco-dev]
+ *
+ * <p>Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file
+ * except in compliance with the License. You may obtain a copy of the License at
+ *
+ * <p>http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * <p>Unless required by applicable law or agreed to in writing, software distributed under the
+ * License is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either
+ * express or implied. See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+package org.fisco.bcos.sdk.v3.crypto.signature;
+
+import org.fisco.bcos.sdk.jni.common.JniException;
+import org.fisco.bcos.sdk.jni.utilities.signature.SignatureJniObj;
+import org.fisco.bcos.sdk.v3.crypto.keypair.HsmSM2KeyPair;
+import org.fisco.bcos.sdk.v3.crypto.exceptions.SignatureException;
+import org.fisco.bcos.sdk.v3.crypto.keypair.CryptoKeyPair;
+import org.fisco.bcos.sdk.v3.model.CryptoType;
+import org.fisco.bcos.sdk.v3.utils.Hex;
+import org.fisco.bcos.sdk.v3.utils.Numeric;
+import org.slf4j.Logger;
+import org.slf4j.LoggerFactory;
+
+public class HsmSM2Signature implements Signature {
+    private static final Logger logger = LoggerFactory.getLogger(HsmSM2Signature.class);
+
+    private String hsmLibPath;
+
+    public String getHsmLibPath() {
+        return hsmLibPath;
+    }
+
+    public void setHsmLibPath(String hsmLibPath) {
+        this.hsmLibPath = hsmLibPath;
+    }
+
+    @Override
+    public SignatureResult sign(final String message, final CryptoKeyPair keyPair) {
+        return new SM2SignatureResult(
+                keyPair.getHexPublicKey(), signWithStringSignature(message, keyPair));
+    }
+
+    @Override
+    public SignatureResult sign(final byte[] message, final CryptoKeyPair keyPair) {
+        return sign(Hex.toHexString(message), keyPair);
+    }
+
+    @Override
+    public String signWithStringSignature(final String message, final CryptoKeyPair keyPair) {
+        return signMessage(message, keyPair);
+    }
+
+    public String signMessage(String message, CryptoKeyPair keyPair) {
+        if (!keyPair.getCurveName().equals(CryptoKeyPair.SM2_CURVE_NAME)) {
+            throw new SignatureException("hsm sm2 sign with " + keyPair.getCurveName() + " keypair");
+        }
+
+        HsmSM2KeyPair hsmSM2KeyPair = (HsmSM2KeyPair) keyPair;
+        try {
+            return SignatureJniObj.sign(
+                    hsmSM2KeyPair.getJniKeyPair(),
+                    Numeric.cleanHexPrefix(message),
+                    hsmSM2KeyPair.getHsmLibPath());
+        } catch (JniException e) {
+            // TODO: handle jni exception
+            logger.error("Sign with hsm sm2 failed, jni e: ", e);
+            return null;
+        }
+    }
+
+    @Override
+    public boolean verify(final String publicKey, final String message, final String signature) {
+        return verifyMessage(publicKey, message, signature);
+    }
+
+    @Override
+    public boolean verify(final String publicKey, final byte[] message, final byte[] signature) {
+        return verify(publicKey, Hex.toHexString(message), Hex.toHexString(signature));
+    }
+
+    public boolean verifyMessage(String publicKey, String message, String signature) {
+        try {
+            return SignatureJniObj.verify(
+                    CryptoType.HSM_TYPE,
+                    Hex.decode(publicKey),
+                    Numeric.cleanHexPrefix(message),
+                    Numeric.cleanHexPrefix(signature),
+                    this.getHsmLibPath());
+        } catch (JniException e) {
+            // TODO: handle jni exception
+            logger.error("Verify with hsm sm2 failed, jni e: ", e);
+            return false;
+        }
+    }
+}

src/main/java/org/fisco/bcos/sdk/v3/model/CryptoType.java

@@ -19,4 +19,5 @@ public class CryptoType {
     public static final int ECDSA_TYPE = 0;
     public static final int SM_TYPE = 1;
     public static final int ED25519_VRF_TYPE = 2;
+    public static final int HSM_TYPE = 3;
 }