1. 01 May, 2018 1 commit
    • Alessandro Sorniotti's avatar
      [FAB-6381] Secure defaults for txsFilter · 53de0781
      Alessandro Sorniotti authored
      The aim of this change set is to apply the well-established "Secure by
      default" security principle to the way the validator validates transactions
      in a block.
      The current code behaves as follows: create an array of validation codes, set
      by default to "all transactions are valid"; then perform validation which may
      mark transactions as invalid. Furthermore, in other parts of the code, if no
      array of validation codes is yet persent in the block, a new one is
      indiscriminately created (again, marking all transactions as valid). This
      approach is a security anti-pattern because it opens up to attacks where an
      adversary may force the code through a path where the default "tx is valid"
      validation code is maintained even for invalid txes.
      This change set ensures that validation code arrays are created and set to a
      new value (TxValidationCode_NOT_VALIDATED) which ensures that a transaction
      that hasn't been validated cannot be mistaken for a valid one.
      Change-Id: I5dbb18dd77af3cd14b168042ae660e4e27bf29dd
      Signed-off-by: default avatarAlessandro Sorniotti <ale.linux@sopit.net>
  2. 04 May, 2017 1 commit
  3. 22 Apr, 2017 1 commit
  4. 11 Mar, 2017 1 commit
    • Gari Singh's avatar
      [FAB-2174] Populate TLS trust stores from config blocks · 4844ce83
      Gari Singh authored
      With this change, the peer now obtains the root
      certificates it needs to populate the server and
      client trust stores from config blocks.
      The following changes updates were made:
      - core/peer/peer.go - added structure to maintain
      per chain aggegate list of CAs for apps and orderers,
      callback function for the config mgr which will
      update the trust stores from config blocks, and
      a function to obtain the aggregate list of
      root CAs for the peer as a whole
      - msp - added methods to get the root and intermediate
      certs from an MSP instance.  We can revisit this if
      there is strong belief in not doing it this way, but it
      is better than parsing the protos multiple times
      - common/configtx/test - added helper function to
      generate a config block which accepts MSPConfigs
      - some cleanup and slight modifications to utility
      functions needed for the above
      Change-Id: I30668428a3c65702e1ebe2774668606ff4d78016
      Signed-off-by: default avatarGari Singh <gari.r.singh@gmail.com>
  5. 09 Mar, 2017 1 commit
    • Gari Singh's avatar
      [FAB-2714] Enable peer to start with TLS enabled · 1f49bfb0
      Gari Singh authored
      Prior to this change, the peer did not honor the TLS
      setting in core.yaml.  With this change, the peer will
      now read the peer.tls.* settings to determine whether or
      not to start the main peer server with TLS enabled.
      This following changes were made:
      - core/comm/testdata/certs/generate.go - needed to
      add usage extension to be able to use server certs as
      client certs
      - core/peer/peer.go - added package scoped peerServer variable in
      order to support dynamic updates from config transactions
      - peer/node/start.go - loads TLS config and calls function in
      core/peer package in order to create the peer server
      The tests do include a test for mutual (client) TLS
      authentication, but this is not yet enabled for the peer
      on start up
      Change-Id: I9a6d19b928c36b7500d004a57b7d76e40bb18fd9
      Signed-off-by: default avatarGari Singh <gari.r.singh@gmail.com>
  6. 08 Dec, 2016 1 commit
    • Angelo De Caro's avatar
      Copying shim/crypto to new a package · 44ae2fe0
      Angelo De Caro authored
      This change-set is the first step in the process of removing
      shim/crypto and the dependencies from the ChaincodeStubInterface.
      The change-set introduces a new top-level folder called
      accesscontrol that has the same content of shim/crypto
      plus a file containing some API.
      Subsequent change-sets will remove shim/crypto and ensure
      that the chaincode example can still work.
      Change-Id: I8b1c701fd708e497dc6d95dbada5619979d05964
      Signed-off-by: default avatarAngelo De Caro <adc@zurich.ibm.com>
  7. 26 Jul, 2016 1 commit