aboutsummaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorDeterminant <ted.sybil@gmail.com>2019-07-02 03:00:31 -0400
committerDeterminant <ted.sybil@gmail.com>2019-07-02 03:00:31 -0400
commitc1bb07e65f550e043d9a387d3978e651a1b7a15d (patch)
tree610d501e893c1eead667e558fb58ee85109fd82f
parent7e91de67703a3a3eb292d1a2422acb15a10d4b95 (diff)
enable TLS for replica-replica connections
Diffstat
-rw-r--r--.gitignore1
-rw-r--r--CMakeLists.txt4
-rw-r--r--hotstuff-sec0.conf4
-rw-r--r--hotstuff-sec1.conf4
-rw-r--r--hotstuff-sec2.conf4
-rw-r--r--hotstuff-sec3.conf4
-rw-r--r--hotstuff.conf10
-rw-r--r--include/hotstuff/hotstuff.h17
-rw-r--r--include/hotstuff/type.h2
m---------salticidae0
-rw-r--r--scripts/gen_conf.py17
-rw-r--r--src/hotstuff.cpp18
-rw-r--r--src/hotstuff_app.cpp41
-rw-r--r--src/hotstuff_client.cpp8
-rw-r--r--src/hotstuff_tls_keygen.cpp46
15 files changed, 145 insertions, 35 deletions
diff --git a/.gitignore b/.gitignore
index 68646ab..b9dda4a 100644
--- a/.gitignore
+++ b/.gitignore
@@ -8,6 +8,7 @@ libsecp256k1-prefix/
hotstuff-app
hotstuff-client
hotstuff-keygen
+hotstuff-tls-keygen
libhotstuff.a
src/*.swo
src/*.swp
diff --git a/CMakeLists.txt b/CMakeLists.txt
index 2a3209e..f93b944 100644
--- a/CMakeLists.txt
+++ b/CMakeLists.txt
@@ -96,6 +96,10 @@ add_executable(hotstuff-keygen
src/hotstuff_keygen.cpp)
target_link_libraries(hotstuff-keygen hotstuff_static)
+add_executable(hotstuff-tls-keygen
+ src/hotstuff_tls_keygen.cpp)
+target_link_libraries(hotstuff-tls-keygen hotstuff_static)
+
find_package(Doxygen)
if (DOXYGEN_FOUND)
add_custom_target(doc
diff --git a/hotstuff-sec0.conf b/hotstuff-sec0.conf
index 97fef97..bbfd3f2 100644
--- a/hotstuff-sec0.conf
+++ b/hotstuff-sec0.conf
@@ -1,2 +1,4 @@
-privkey = ee9dd39a8f269918ed9a27789bb4d5ddabe572e5d6397b01c643141a4568c83b
+privkey = 445fa01dbbb9d0510ab6d6f630c94ab43ba21ad91f31d47da92f7b679ba2f582
+tls-privkey = 308204a10201000282010100c5a358cee61ca7592dbe62cd28225426dc3fc65b33432043efb5e8fcfaf334720b2000d10c422172e6f94f82746928a6d51193342a1555684eedb141321170cb02cc7b189f5506cc30cb5c26d9b84123328ed6df61fc1a6582b046def7a662bb15d84e29ffa279f1d853c25ca79fbe3fab0200f8c85566a5eedb98df4a958e8512a647258e55a7a56c1ca8b05607b38b01b6a2669af9a70efa59141f6079341c6044f615687be756d4830ea359139ea35e23f34ce226215a1a2fb8271cc60a037841e44c460e149a71d3e2fa907a48677ad18af2e7348343932f5f29ac5241cd20ce64e6798ada684164cd1109c3a969662d9aaf9897fedc5a4e256eb92bf7bd02011102820100516160cdaa0bcc7003c6dd6388ff139787de0661c9d0589471c35fefb2a060e3aa3a5ab06e75954d6e2a6c088a496b1784e91e7ee426e6eeb7169448058eb5f93d6341bed83211db9b9f07d3c30fa259c9861c3ddd0d7447ea84d1e356ea28a7635911205a33d7dc0dc822dadb9c2129466a3ca2acd7def9080011c55af249bd98e3f84a5475a43cc0369cf7fa5e4ecdd1c09ac0b0a41bd19d8af70cad8f1b6aec66a22179e5dbf9c446c645e9daa9080b455fca64365d8e02a686fbd707198302db43cd37629033574561c025d89d29c393746ce12fa01bbe60feb3fab292928ead3f8f6def6b9a7dffcd2139f6e8d1f79844d216b28dfae29dc6ba8c11063102818100f770f6dea12236dd39cb46ba96c171f3cfa92c961a12bfb62108e82e0bac280554a9ad4b99c4faee9287467573eaf6cfcba360753668c40ab1b015fbbb95f6a2d3c2402966971fa54540befdc39b58962f7d0cfaa96ff268df02efab32238544ed75fd6586bd93e38934c9d59b037f3cd7f727b38c854e1061de1f68bf43a26d02818100cc7963002015bd593af15276f185cb5a34a76bb36633c85bc86c6640419612a5a8eb2cc1a6ad43e51c2b545f88a7e8c0096a6110b85de7d1f458eca33267f9fde6b4489e346304787d33c8e1033e96b502a53ea6ad2c55299cae973719587d24468f164930f58a56aac2c7eabd68870a1056f06b8bcec5b3d2156c8a1375d89102818048c6df326ba0a6b9897805be68933fa20fe676868023a1cc27d57176f45fcf8918e69c61879449cdb2a041e64f451b6a4af3d1136a5b0c7b9dac42b3736857994d57400c2d3b81c7327c7468c10f9286867012e04ff3bfc47dd3afe70ebf273263f586c381fb85d982b52c4de24c52996cb21abc56818f6e3ae6fa2ddde6b74d028180180e47e1e5a83464d9c209b3a3f19f740631d06f756f80fbbd39ede97120b6e6501baae99b2371663f8ca083b5b966ad2e48c02015b0b1dc77198540604877c3848dae30bade78ff1dc9db65c4257b245aaa075ee732645f3f9c11ca3f37964080c58a26ba773d739b9e71df6193d3a6d4beef1bb618537e912fb26a98e0b01102818100950d7d5ec366f8bca918011359590c6e7d6fe4d3e8922d68468c3e24277f27621db17cb41d0dcddf1f77e289e49dc92101d8544e84281ec7732fbfd4e9194924a2adac4e22ef79c2ad61428f1fa03e6affa3b0de07f857de87a2e758953122b0d693cf49e54ede4eba44dcdc2c5cbd6751af5117fd107fc0e4ffb18f8774d79e
+tls-cert = 308202e4308201cc020101300d06092a864886f70d01010505003039310b300906035504061302555331163014060355040a0c0d6c696273616c746963696461653112301006035504030c096c6f63616c686f7374301e170d3139303730323036353535365a170d3139303730323036353535365a3039310b300906035504061302555331163014060355040a0c0d6c696273616c746963696461653112301006035504030c096c6f63616c686f737430820120300d06092a864886f70d01010105000382010d00308201080282010100c5a358cee61ca7592dbe62cd28225426dc3fc65b33432043efb5e8fcfaf334720b2000d10c422172e6f94f82746928a6d51193342a1555684eedb141321170cb02cc7b189f5506cc30cb5c26d9b84123328ed6df61fc1a6582b046def7a662bb15d84e29ffa279f1d853c25ca79fbe3fab0200f8c85566a5eedb98df4a958e8512a647258e55a7a56c1ca8b05607b38b01b6a2669af9a70efa59141f6079341c6044f615687be756d4830ea359139ea35e23f34ce226215a1a2fb8271cc60a037841e44c460e149a71d3e2fa907a48677ad18af2e7348343932f5f29ac5241cd20ce64e6798ada684164cd1109c3a969662d9aaf9897fedc5a4e256eb92bf7bd020111300d06092a864886f70d0101050500038201010009fc34f2835e4c14de1e03202c0f0884acb51e7568b286a9b3a374e8b69f304600a2787303cd382e52923db352cf91587ea7a33da5116c886c67775b5f96357971dddb568948fbb12987523a8be0e2e537284f8ee591af17c6d58410e41d32fc634f99289089915fb4273feaaca45d3442820155f5014fbd5d19fef7954729e4439218cad6a83b9dcd21834aaec379a276f163599cdac6b9513d0c07310852bb4104a58141a158d302908c23761899a4c68c3bf81115f302d41f42ff38150c0b7dc798fd7319abec6bd9365e00bf0a0998c3b97fe4834f0688e95d1eea4df4031274c781c6661cab085d629cb924c5c65b865ae98aa2349875fafe62b7eacbc5
idx = 0
diff --git a/hotstuff-sec1.conf b/hotstuff-sec1.conf
index e36849f..54c9b5f 100644
--- a/hotstuff-sec1.conf
+++ b/hotstuff-sec1.conf
@@ -1,2 +1,4 @@
-privkey = 06cf6276fa4353a1c54a9f762bb827e016f5ed4cf659010b0689cf667eda54eb
+privkey = 71f2f7aa5fb0f6d8fcdebe6c6c249aa7de068eb5d617dffa0dcfbc2f1dd73177
+tls-privkey = 308204a20201000282010100abfe4a55f831720dd46e2bca05e767aef9838d2069f893f3213bf5a31f5be249c2b356476e01d3fc221581bf4ffa93a6ec41898fbed6119b7981065d07fe476fa12b7da4a22f37d4cfc8a667ff163c05d17762f789df64995a1e80c50ed0d1f7ab8e733fb543d962818ce3ba7b38bf4fe0ca39926b6e99e3fa32eff48f503cf7f66824573e9fb34cb9c4e952f0f584d30c5b7312172facb0439ed5af6d0c6f7382db15315dce8f2fe1704f11bd76e5e3fbffd6f44b240036492187a13e23c0cc8769a52f5bbc90400867093d031483b84fe5c40a7ce66d7dab7a474689de080cc2b6670359f08d5bff53cfa92bf49fc306cccfe0b6fed8c6e4edef86d81638610201110282010100a1e045f68f3d98857ca3ecfa5fe8da0e180357a609626d2110386eb7a50b2f547b032406fe1fd692f2e710b40f09f460de5bccc3866f1fa1634c423970ef524af20ad09af2ff439b1dea060786ab83c93d9d8a5263a5136327a43cf5b3975c34653ac6d28c7c17e43db1c746199ed22d0fcd635ca159094f09995a4f95f12a513ebec6fe1af47c260090fcf8908e04192bb8b9a9c75608d221110d183a80380193b076354b2cb396500c94c8ca33e45559eeadefe217ef04898a2350390fadcf3e4ccb4d1783c619168c9fe7e29701f15476e980408975050d0a8e5df4e4ea35dc6fe3e3f71964952cf600c45d88688b5e92cf5144d869448290e7cefc8f793102818100d5c267d9f5b82ce47e3b7e3fa80fa599b73406b21d240c863bfc4c20d858c729d96e89adc0e51aa6248112fb351bcf5102dada449b5226842d9e7482e65391b8e89a8a0982a1f1b0e75922d416e45f28a06842d4ef00d9c7c8fa43d47487e79121e69d25f5dbbdf49ea85dc7035cb7a92fa79cad5666a2bd4bcd29be9ec31fff02818100cdfb090f4c43c27fdaef5e4b2f4efade96b3271b964036cac4806ba4d68b6cc7fc810deafd09f5ba07e1de013183f3f8499763e0cf986bbd49604d991b2f86676c9d8323f01e9c1479187c828b6fb27f45bf291d4953876084a4cc2e4122e7a26698e7bb2d89d488e0e611118536f905c2a936ed07724630ce66cf7c4cfaa79f0281810096e39499daa01fb0591aefb476a1a21226f78c417dfb542284b2179eb6d5414ab79952204bed03c0923cfe56f84fdda2989a7bf431672a3f2f42ac98a29557cdd15e0715c59f7d6dd07b27a4c4dd7058e9b301ffb7c45d7df7473ef05241d0a2ae84ab29dab93acaca58baaa98f6274a3fc19bc5a66690fe1763a4ff06a7da59028180792a41908736eae1cc145595a35ba2a10d5a533d6771112bfb1e5d7005bb6d2a584bea11c205dbd6d775cde29598e9dd58772bb16b0e5d7e6765d34b00eec78821c610e7f6a8980c0aff584cca7df08719f7fa113a31227502bb4aee0832a65f87a53d04b16022aadea57373b7c5fbe545547aa98be8ddfe9787c5582d48265d02818006385a17426489bc3393300bfec08c440cbfd894d991b1c1e1b672f17809ff150703496fde8df3bfa9d67553f0d6d4bb1bf73706454470479fc4aec0250b0613bd028cc111f61edfeb6ad40e6801fc22afcb67788a7a514c5b3f04a3986dbf063f4277bcf5182763242781f8ba6b2cb3a8cb909332f9b1966601675297a601cf
+tls-cert = 308202e4308201cc020101300d06092a864886f70d01010505003039310b300906035504061302555331163014060355040a0c0d6c696273616c746963696461653112301006035504030c096c6f63616c686f7374301e170d3139303730323036353535365a170d3139303730323036353535365a3039310b300906035504061302555331163014060355040a0c0d6c696273616c746963696461653112301006035504030c096c6f63616c686f737430820120300d06092a864886f70d01010105000382010d00308201080282010100abfe4a55f831720dd46e2bca05e767aef9838d2069f893f3213bf5a31f5be249c2b356476e01d3fc221581bf4ffa93a6ec41898fbed6119b7981065d07fe476fa12b7da4a22f37d4cfc8a667ff163c05d17762f789df64995a1e80c50ed0d1f7ab8e733fb543d962818ce3ba7b38bf4fe0ca39926b6e99e3fa32eff48f503cf7f66824573e9fb34cb9c4e952f0f584d30c5b7312172facb0439ed5af6d0c6f7382db15315dce8f2fe1704f11bd76e5e3fbffd6f44b240036492187a13e23c0cc8769a52f5bbc90400867093d031483b84fe5c40a7ce66d7dab7a474689de080cc2b6670359f08d5bff53cfa92bf49fc306cccfe0b6fed8c6e4edef86d8163861020111300d06092a864886f70d0101050500038201010069f87140cc279dfc03b89cd6de3833aa7bb824f522b46943d8ea32c0bf24b2a7d7b77da04a359fe4fa840770552794836dc6cdbf80396ab87edfe5df187915cb94ef4b142b8b20c438b54608059fca91f5792a39bfaea547c6a56fac3ae165ce89d29e7af5f914304da4aabe02961f5dab7dc94124837539958015d89a22eedfd42981819004d1af6342498aa43f58cf84c391e0427835407089d0e95b5fdfe350974cb507dffeca15e55851e03b68ce4ac640ca898ea6a75a7f5469f677f74a14d05ce4bbd44e8a2a70366edb94f6e8706246dd904847e37abe3116320dc1688a4788a8600bf7ae05932541be665efb5b564c3c964504555f09175494517469
idx = 1
diff --git a/hotstuff-sec2.conf b/hotstuff-sec2.conf
index 9827647..12a361a 100644
--- a/hotstuff-sec2.conf
+++ b/hotstuff-sec2.conf
@@ -1,2 +1,4 @@
-privkey = 2d0d2f77fa8dc3dd590e3a4c7cd5669de0aaccd0c172c50263205a8ea29b495d
+privkey = f09707974bd60c68734e45172928eb600710675fc45822b6db5a8c75eec0f5a1
+tls-privkey = 308204a20201000282010100c1460bf8018ceec075d67405e96e056e2e3acf9c7c2d7d28ee6edfe9ee8fbeef0e978ac874ceff3ee770dafde1d019d9920b2ff334a3ac115bcf95e2bdc0b70faf46b8f13c46335c4815c72d75b488de46b96f8582446e886c6b7fdfb479bc40a0da03b7c4e414fde9ab44b1957e39c5e5c167ba88a233854f29404a1f35aa29994bcd7a62b57fc2000850c37569a8a1bfa75e6e06c54c40633e0fee1672c1f97689aabee650285a41fd6df24f20cd94733aeccdae68debba30a3588b71625f9ec7669d3f4c51317192f5acdee9b968d1a6db4a98a9c0eeef63a969c2ecaba95a9ddfd5841d996977696e41a541393ba40ae44b71c00129a25b30f6c44e89d8d0201110282010071b0bbbf0ff88c713641e9e55c2299c8576de38939fca3f9f5aaa1d4e6aee8c8db683384f96ab4431ebadb2bee3e2d52ce60ef07886047194510b285608f7abdeea2126fc91a3c5466a3661abdb57dafed5e055d97ec04c8b83f3c293cfc509e7cbc7aa855b357a46b55afeffd958b6559f94c135f6e78a8c52752fe6cb627db36195ca7e30537e3a1a2cfd2dfe23c2f6c9c91a45119e8b6c128dce763157d4f21350c7293f4cc7c96201e3b63484e22b6308c2d9351e1c5b833bcc301c68f9111c10c9e79ee6f590ce7cff86e1c8e6bf970d8d0e2d0bc32a6c06997e3cdcad17657cfa6d0300966fd1c0a4ad5e9817ab4d41b5ff0010ce93c08eae7ad053ef102818100e8b87e8ca3a329afedda121b2f005533749b067a3f9b38f43252f760ed18a9cdea42bd14a3b0ac599dc6c00fb873303713e030507fda557ab3de70864de60cba13dde108eedfe57df0a5fcbe3062b0cfce80aab3739e7f83b5534215c01830234bd439afdd02fd0755da8eb9c56466c762fb3c8cec5fa4229c8e94092db7b24102818100d49b649d2389770f18ffdd5b6368b9ea78cef9f60a17a148b558d43700e8c3250706588113e5b9f9a50014173ab2b2225cd50162e750230a693a37507fc4f1fc6d9d268a69cfd6b4f8ff494fcfd526d28a46cc92fbcde915256d076a9ea17e74ae747c4002eb56610c0caa47bca2373bdd7da66d7e050bb7d64885a60aa8004d02818100b1f67ee404a9f2b3b5e2fec97e4b8c72a4768c7b9a0d49abae0335a47912dc340d7e545b13c3569ee21074c0ba39f7b1a5c98e5bad105f7bf2f5651b68befaac698b8df7c5ba46150351c14625002cdb2571737a2b3cf8196c8af64cde309d482aed95867bd51bd86ed44f0687e35da787ed4c6bc3d0aab10e4ee9acaa7d6a31028181008991b992dac25c18d3f0da866d7fffd3f3d13853e869a4987557985fd3696f36139ab1bceec1d2b097f0fdf0e9beebbbe1b700e5a4bb61f7ad8005ac8ee8d8d08329734a80b3a90bb02cb6f7685cbec477973913d01bd30daece13db93d1e8699e0f23387a5c0ab7440831f22ec350ea80423e83154e8f1c99b674989d7bc3f5028180267c5167cd1f8dce4b15611b8ea0220e6be74efbf55e3bf4a775b1edf0e49b377c12f49fbf683f24e1850c455b8b7a96d0c7eff9f47661ec75004a2a435dd741e7d7bb6423fa576053a0677b2a0b714e7fadcc37c03dc9da053069477c1ce0afac316c1c63ffb510d30e11adc0865e94177f3545c0594860c10baa51bc074e4c
+tls-cert = 308202e4308201cc020101300d06092a864886f70d01010505003039310b300906035504061302555331163014060355040a0c0d6c696273616c746963696461653112301006035504030c096c6f63616c686f7374301e170d3139303730323036353535365a170d3139303730323036353535365a3039310b300906035504061302555331163014060355040a0c0d6c696273616c746963696461653112301006035504030c096c6f63616c686f737430820120300d06092a864886f70d01010105000382010d00308201080282010100c1460bf8018ceec075d67405e96e056e2e3acf9c7c2d7d28ee6edfe9ee8fbeef0e978ac874ceff3ee770dafde1d019d9920b2ff334a3ac115bcf95e2bdc0b70faf46b8f13c46335c4815c72d75b488de46b96f8582446e886c6b7fdfb479bc40a0da03b7c4e414fde9ab44b1957e39c5e5c167ba88a233854f29404a1f35aa29994bcd7a62b57fc2000850c37569a8a1bfa75e6e06c54c40633e0fee1672c1f97689aabee650285a41fd6df24f20cd94733aeccdae68debba30a3588b71625f9ec7669d3f4c51317192f5acdee9b968d1a6db4a98a9c0eeef63a969c2ecaba95a9ddfd5841d996977696e41a541393ba40ae44b71c00129a25b30f6c44e89d8d020111300d06092a864886f70d01010505000382010100706c7eb29939c38cfcbab592c62a3572e05dcaa4d54e24cce74a244972e74ac8ed6e0b3eb1add0d4de6007d392ac75a7fb9836a9a1d937d0b2c3f01a6b1994ac317328527c763eae26a6ca647752badcd09e73364ac7828d375b4966e510de1cdbd01a5be047e45533f5a3d81df00ffe9d13fe5d54e18584691abb3a9a3d423d348d7714382317547338a8e83d14f404348db41c10a05e57221eda1e220b265ae4237e59ab2db1facbe8cc8d2198ca5fe2ad074bb8c7c4dd675cbe3d60b9e29f6b12ab4c587c6576e1ce2d2512be035e4692100c6c3e47d4d84dbbc865804af1bd0240fb804ef99c7038191dae2fab73a1a1ffa09f536a0fbf49fa1a3234b62a
idx = 2
diff --git a/hotstuff-sec3.conf b/hotstuff-sec3.conf
index 1789083..9c36b9b 100644
--- a/hotstuff-sec3.conf
+++ b/hotstuff-sec3.conf
@@ -1,2 +1,4 @@
-privkey = d5e41b168dd1c1703d6e6dc69db475daacae413e86e9db31afdbeea0fd1c45d4
+privkey = 3d0cdf598a2514649a5dedf626467716d04e22d2b6a83dc0f5ca810701f728f3
+tls-privkey = 308204a20201000282010100de01b461213afa37d4aa68bdc7e1a6de12307440f1de6588e5362450694cbb4ba63b1f992a7dc88b999c7dec9088d17253ac278c33018ea8caa1f96c7d90bcb5a6a3f8568825bafa9a696699a4eaf0c6fcdd8ed7bc91a688ead564fb882a1c25c7f72bbe44eb44fda1d11d6ca090503e36de532f2fededff03da30f8f95f11b6472e9588fd6be69cad285915c68edaa7754c6524017bf08c3c336f04d0246d8e967a4de2824a3ac7486aaf9160540c63f75d36ecba9261ff6b859a7684b023ecfbc5408dc7c59942c76464040770c6097833dd770a7dffc6ed6a8716b1f683379843969f937d859d8f69a21362eda9dabd64dd6fb7131ee46b2654d3aa8dc9df02011102820100414bcba418d51c6ac61400b049d8f4d7e73b6d7c835f8746618865089770ebcaf4a7fa3c1b8e68290f0fe8cd1b7388e563e756ecfff16631a5027689521b82cc03d5dfa0faddebb31e5b3c4b4e9f73fe4a5f48215594400a26f3780dbea2f93849df4919d808f62c7ae326c598a2ea6ca6b9dc3b0e18cd873d5e4aa394a37dad88a49b91b7446343d03d4ea067b72c62ba622d68f7fb97c031a7f9259401318905e092b0aec27e643fb3efd9bf392050941d43fe06a87630412bf765a4800f57561a9fc339ff92a9b33e748efe5c6ddafe4069e99cf039794b4641ab4f199703860b4f8ee3669a04ad664379012650e68debe0ccc4c41a39e6bf8a3de15003f902818100f56482abd14db0f327311b376dc4cfac86cc3379036b6672713d296a0665797de7b115350d77a27193de1f5abd9e2b44eff6c5a323b1209c4aac68c86e3488abab89139a7cbb98a4f0c1e930c2bc276bbcf0efd47cf4dc6614b9c16c332a5f7ef339d5c746780884a66e087236ec784361fda7e72c21528c0427d7abbc9751f502818100e79a68542368e4295b8d3289c4f4da780e6597461952b9592221901b05bae53ece00df87ef7084340f28c71f188d400d0fcfbd504d0ae2bf101082214d9500b1f8480dc1ec3ea7900ece21b9e3e0c2b5279b1f21de585ff7a58eb330d841ef13107ce58c14a8a4a29b6cb438f4e551baac120603878a3ff9f00cda5589800403028181009ec890c9876e818e46892fba74340de81afc99c6c5fa333afdfa66176d8cf44268bde08bbd6b873a6ebce71c98cfc1a513bdcb2d53547e833f60800938401c32d867c163f65b44a6f6231e6ad85ba1097a418c20149e707e49a55f09c6c1109d70347b44b5207dfb7abfab1cba208a0d7ba4215958ca4478b7651314c552daad02818100cc5b10c2b5d5058de75e77e2f914484bd077c1b652944930878706ae6e77bb376a793db42d9f83b576c9a0a2f78bb0fc775cf255e9a0317b68870968adddd36fdb12667dee91a2e88588b458ba028daee6b60c692d99459e46c934b2a0b2a5c58704ca8aa8d109bca741cc32417f0be0f22e054e68890b45f1ed391e4c25a92f02818016d4c0a1d4cc7fadb7033ae8506221a7dde9c2437fe5989175e8de47791b4ff957fb485d6d04c85b9fd1d7734950dc4d032dd3fdf9c14193b04ea179839fb4560282d106b684b5712a9b140afbe4d92ff30c745a7bdca71de9808f6d2a88340e116cc4475e908993c27a27847601ec378d4357dc5e99a147c60d7258e282453e
+tls-cert = 308202e4308201cc020101300d06092a864886f70d01010505003039310b300906035504061302555331163014060355040a0c0d6c696273616c746963696461653112301006035504030c096c6f63616c686f7374301e170d3139303730323036353535365a170d3139303730323036353535365a3039310b300906035504061302555331163014060355040a0c0d6c696273616c746963696461653112301006035504030c096c6f63616c686f737430820120300d06092a864886f70d01010105000382010d00308201080282010100de01b461213afa37d4aa68bdc7e1a6de12307440f1de6588e5362450694cbb4ba63b1f992a7dc88b999c7dec9088d17253ac278c33018ea8caa1f96c7d90bcb5a6a3f8568825bafa9a696699a4eaf0c6fcdd8ed7bc91a688ead564fb882a1c25c7f72bbe44eb44fda1d11d6ca090503e36de532f2fededff03da30f8f95f11b6472e9588fd6be69cad285915c68edaa7754c6524017bf08c3c336f04d0246d8e967a4de2824a3ac7486aaf9160540c63f75d36ecba9261ff6b859a7684b023ecfbc5408dc7c59942c76464040770c6097833dd770a7dffc6ed6a8716b1f683379843969f937d859d8f69a21362eda9dabd64dd6fb7131ee46b2654d3aa8dc9df020111300d06092a864886f70d010105050003820101007f9d4f2848059831e5ea7d727d9b09f826027c78fdc86d27ea83d32d727ac4a0484e55ed34851adcc8903a3ef39c1b0c447c28cd84cbc513cdcd607da3fa903495a70b7772e71873e3c8a734d3e8b9f82c7380604ccb8416bd92822e703a3b8839aff411f967d2bcc1cd96d158e7839a2bff6110ffd005808f7047fd57a7150c1e14ddcfd2e1a24a5878f99409b7ede1d5f4a385077b6f55f4818c854c6e64adb4789433667e672b9a615b680301a05852255cef958ff1031a489dd95327d045be0315359644ec51f2fd3cb724382ba2425da519dbf1d89098e10a1091f44c7a8e12733b7d0b1fce7c6d19adfee3cdac89f95ed1ae979093cb2793892724d7d9
idx = 3
diff --git a/hotstuff.conf b/hotstuff.conf
index 3651b70..4bda9af 100644
--- a/hotstuff.conf
+++ b/hotstuff.conf
@@ -1,6 +1,6 @@
-nworker = 1
block-size = 1
-replica = 127.0.0.1:2234;22234, 028a1caf2c503a1e9b0b3ddf1d1df30253facdd50b93add05ebc7f708db00c11e4
-replica = 127.0.0.1:2235;22235, 034ca53338e69321c1bc83e2fa76b1b00d68f64911074221abda88aac8af9d2b53
-replica = 127.0.0.1:2236;22236, 0340f9d12dd1532968f7d8a99f95c3cd03992346487e15bd43265a3f273558ff2e
-replica = 127.0.0.1:2237;22237, 02735def87faba2667d1a5db32b6dd50bb0c2ce875935846b3db121def62f34e83
+pace-maker = dummy
+replica = 127.0.0.1:10000;20000, 039f89215177475ac408d079b45acef4591fc477dd690f2467df052cf0c7baba23, 542865a568784c4e77c172b82e99cb8a1a53b7bee5f86843b04960ea4157f420
+replica = 127.0.0.1:10001;20001, 0278740a5bec75e333b3c93965b1609163b15d2e3c2fdef141d4859ec70c238e7a, c261250345ebcd676a0edeea173526608604f626b2e8bc4fd2142d3bde1d44d5
+replica = 127.0.0.1:10002;20002, 0269eb606576a315a630c2483deed35cc4bd845abae1c693f97c440c89503fa92e, 065b010aed5629edfb5289e8b22fc6cc6b33c4013bfdd128caba80c3c02d6d78
+replica = 127.0.0.1:10003;20003, 03e6911bf17e632eecdfa0dc9fc6efc9ddca60c0e3100db469a3d3d62008044a53, 6540a0fea67efcb08f53ec3a952df4c3f0e2e07c2778fd92320807717e29a651
diff --git a/include/hotstuff/hotstuff.h b/include/hotstuff/hotstuff.h
index 313511f..680abce 100644
--- a/include/hotstuff/hotstuff.h
+++ b/include/hotstuff/hotstuff.h
@@ -148,6 +148,7 @@ class HotStuffBase: public HotStuffCore {
bool ec_loop;
/** network stack */
Net pn;
+ std::unordered_set<uint256_t> valid_tls_certs;
#ifdef HOTSTUFF_BLK_PROFILE
BlockProfiler blk_profiler;
#endif
@@ -189,6 +190,8 @@ class HotStuffBase: public HotStuffCore {
/** receives a block */
inline void resp_blk_handler(MsgRespBlock &&, const Net::conn_t &);
+ inline bool conn_handler(const salticidae::ConnPool::conn_t &, bool);
+
void do_broadcast_proposal(const Proposal &) override;
void do_vote(ReplicaID, const Vote &) override;
void do_decide(Finality &&) override;
@@ -215,7 +218,8 @@ class HotStuffBase: public HotStuffCore {
/* Submit the command to be decided. */
void exec_command(uint256_t cmd_hash, commit_cb_t callback);
- void start(std::vector<std::pair<NetAddr, pubkey_bt>> &&replicas, bool ec_loop = false);
+ void start(std::vector<std::tuple<NetAddr, pubkey_bt, uint256_t>> &&replicas,
+ bool ec_loop = false);
size_t size() const { return peers.size(); }
PaceMaker &get_pace_maker() { return *pmaker; }
@@ -284,10 +288,15 @@ class HotStuff: public HotStuffBase {
nworker,
netconfig) {}
- void start(const std::vector<std::pair<NetAddr, bytearray_t>> &replicas, bool ec_loop = false) {
- std::vector<std::pair<NetAddr, pubkey_bt>> reps;
+ void start(const std::vector<std::tuple<NetAddr, bytearray_t, bytearray_t>> &replicas, bool ec_loop = false) {
+ std::vector<std::tuple<NetAddr, pubkey_bt, uint256_t>> reps;
for (auto &r: replicas)
- reps.push_back(std::make_pair(r.first, new PubKeyType(r.second)));
+ reps.push_back(
+ std::make_tuple(
+ std::get<0>(r),
+ new PubKeyType(std::get<1>(r)),
+ uint256_t(std::get<2>(r))
+ ));
HotStuffBase::start(std::move(reps), ec_loop);
}
};
diff --git a/include/hotstuff/type.h b/include/hotstuff/type.h
index 1d5ac55..07c1e72 100644
--- a/include/hotstuff/type.h
+++ b/include/hotstuff/type.h
@@ -73,6 +73,8 @@ class Cloneable {
using ReplicaID = uint16_t;
using opcode_t = uint8_t;
+using tls_pkey_bt = BoxObj<salticidae::PKey>;
+using tls_x509_bt = BoxObj<salticidae::X509>;
}
diff --git a/salticidae b/salticidae
-Subproject 53f776997d0e92650b9f3a16224cef1c0c76b71
+Subproject ce842602ccac8c10d025a055c966bc32f204f75
diff --git a/scripts/gen_conf.py b/scripts/gen_conf.py
index 391e0d6..ca61ea1 100644
--- a/scripts/gen_conf.py
+++ b/scripts/gen_conf.py
@@ -11,6 +11,7 @@ if __name__ == "__main__":
parser.add_argument('--pport', type=int, default=10000)
parser.add_argument('--cport', type=int, default=20000)
parser.add_argument('--keygen', type=str, default='./hotstuff-keygen')
+ parser.add_argument('--tls-keygen', type=str, default='./hotstuff-tls-keygen')
parser.add_argument('--nodes', type=str, default='nodes.txt')
parser.add_argument('--block-size', type=int, default=1)
parser.add_argument('--pace-maker', type=str, default='dummy')
@@ -26,6 +27,7 @@ if __name__ == "__main__":
base_pport = args.pport
base_cport = args.cport
keygen_bin = args.keygen
+ tls_keygen_bin = args.tls_keygen
main_conf = open("{}.conf".format(prefix), 'w')
nodes = open(args.nodes, 'w')
@@ -35,14 +37,19 @@ if __name__ == "__main__":
p = subprocess.Popen([keygen_bin, '--num', str(len(replicas))],
stdout=subprocess.PIPE, stderr=open(os.devnull, 'w'))
keys = [[t[4:] for t in l.decode('ascii').split()] for l in p.stdout]
+ tls_p = subprocess.Popen([tls_keygen_bin, '--num', str(len(replicas))],
+ stdout=subprocess.PIPE, stderr=open(os.devnull, 'w'))
+ tls_keys = [[t[4:] for t in l.decode('ascii').split()] for l in tls_p.stdout]
if not (args.block_size is None):
main_conf.write("block-size = {}\n".format(args.block_size))
if not (args.pace_maker is None):
main_conf.write("pace-maker = {}\n".format(args.pace_maker))
- for r in zip(replicas, keys, itertools.count(0)):
- main_conf.write("replica = {}, {}\n".format(r[0], r[1][0]))
- r_conf_name = "{}-sec{}.conf".format(prefix, r[2])
- nodes.write("{}:{}\t{}\n".format(r[2], r[0], r_conf_name))
+ for r in zip(replicas, keys, tls_keys, itertools.count(0)):
+ main_conf.write("replica = {}, {}, {}\n".format(r[0], r[1][0], r[2][2]))
+ r_conf_name = "{}-sec{}.conf".format(prefix, r[3])
+ nodes.write("{}:{}\t{}\n".format(r[3], r[0], r_conf_name))
r_conf = open(r_conf_name, 'w')
r_conf.write("privkey = {}\n".format(r[1][1]))
- r_conf.write("idx = {}\n".format(r[2]))
+ r_conf.write("tls-privkey = {}\n".format(r[2][1]))
+ r_conf.write("tls-cert = {}\n".format(r[2][0]))
+ r_conf.write("idx = {}\n".format(r[3]))
diff --git a/src/hotstuff.cpp b/src/hotstuff.cpp
index 54b80e4..a59aa82 100644
--- a/src/hotstuff.cpp
+++ b/src/hotstuff.cpp
@@ -246,6 +246,16 @@ void HotStuffBase::resp_blk_handler(MsgRespBlock &&msg, const Net::conn_t &) {
if (blk) on_fetch_blk(blk);
}
+bool HotStuffBase::conn_handler(const salticidae::ConnPool::conn_t &conn, bool connected) {
+ if (connected)
+ {
+ auto cert = conn->get_peer_cert();
+ SALTICIDAE_LOG_INFO("%s", salticidae::get_hash(cert->get_der()).to_hex().c_str());
+ return (!cert) || valid_tls_certs.count(salticidae::get_hash(cert->get_der()));
+ }
+ return true;
+}
+
void HotStuffBase::print_stat() const {
LOG_INFO("===== begin stats =====");
LOG_INFO("-------- queues -------");
@@ -339,6 +349,7 @@ HotStuffBase::HotStuffBase(uint32_t blk_size,
pn.reg_handler(salticidae::generic_bind(&HotStuffBase::vote_handler, this, _1, _2));
pn.reg_handler(salticidae::generic_bind(&HotStuffBase::req_blk_handler, this, _1, _2));
pn.reg_handler(salticidae::generic_bind(&HotStuffBase::resp_blk_handler, this, _1, _2));
+ pn.reg_conn_handler(salticidae::generic_bind(&HotStuffBase::conn_handler, this, _1, _2));
pn.start();
pn.listen(listen_addr);
}
@@ -377,12 +388,13 @@ void HotStuffBase::do_decide(Finality &&fin) {
HotStuffBase::~HotStuffBase() {}
void HotStuffBase::start(
- std::vector<std::pair<NetAddr, pubkey_bt>> &&replicas,
+ std::vector<std::tuple<NetAddr, pubkey_bt, uint256_t>> &&replicas,
bool ec_loop) {
for (size_t i = 0; i < replicas.size(); i++)
{
- auto &addr = replicas[i].first;
- HotStuffCore::add_replica(i, addr, std::move(replicas[i].second));
+ auto &addr = std::get<0>(replicas[i]);
+ HotStuffCore::add_replica(i, addr, std::move(std::get<1>(replicas[i])));
+ valid_tls_certs.insert(std::move(std::get<2>(replicas[i])));
if (addr != listen_addr)
{
peers.push_back(addr);
diff --git a/src/hotstuff_app.cpp b/src/hotstuff_app.cpp
index 25b5698..7aa9e1d 100644
--- a/src/hotstuff_app.cpp
+++ b/src/hotstuff_app.cpp
@@ -142,7 +142,7 @@ class HotStuffApp: public HotStuff {
const Net::Config &repnet_config,
const ClientNetwork<opcode_t>::Config &clinet_config);
- void start(const std::vector<std::pair<NetAddr, bytearray_t>> &reps);
+ void start(const std::vector<std::tuple<NetAddr, bytearray_t, bytearray_t>> &reps);
void stop();
};
@@ -168,6 +168,8 @@ int main(int argc, char **argv) {
auto opt_idx = Config::OptValInt::create(0);
auto opt_client_port = Config::OptValInt::create(-1);
auto opt_privkey = Config::OptValStr::create();
+ auto opt_tls_privkey = Config::OptValStr::create();
+ auto opt_tls_cert = Config::OptValStr::create();
auto opt_help = Config::OptValFlag::create(false);
auto opt_pace_maker = Config::OptValStr::create("dummy");
auto opt_fixed_proposer = Config::OptValInt::create(1);
@@ -178,6 +180,7 @@ int main(int argc, char **argv) {
auto opt_repburst = Config::OptValInt::create(100);
auto opt_clinworker = Config::OptValInt::create(8);
auto opt_cliburst = Config::OptValInt::create(1000);
+ auto opt_notls = Config::OptValFlag::create(false);
config.add_opt("block-size", opt_blk_size, Config::SET_VAL);
config.add_opt("parent-limit", opt_parent_limit, Config::SET_VAL);
@@ -186,6 +189,8 @@ int main(int argc, char **argv) {
config.add_opt("idx", opt_idx, Config::SET_VAL, 'i', "specify the index in the replica list");
config.add_opt("cport", opt_client_port, Config::SET_VAL, 'c', "specify the port listening for clients");
config.add_opt("privkey", opt_privkey, Config::SET_VAL);
+ config.add_opt("tls-privkey", opt_tls_privkey, Config::SET_VAL);
+ config.add_opt("tls-cert", opt_tls_cert, Config::SET_VAL);
config.add_opt("pace-maker", opt_pace_maker, Config::SET_VAL, 'p', "specify pace maker (sticky, dummy)");
config.add_opt("proposer", opt_fixed_proposer, Config::SET_VAL, 'l', "set the fixed proposer (for dummy)");
config.add_opt("qc-timeout", opt_qc_timeout, Config::SET_VAL, 't', "set QC timeout (for sticky)");
@@ -195,6 +200,7 @@ int main(int argc, char **argv) {
config.add_opt("repburst", opt_repburst, Config::SET_VAL, 'b', "");
config.add_opt("clinworker", opt_clinworker, Config::SET_VAL, 'M', "the number of threads for client network");
config.add_opt("cliburst", opt_cliburst, Config::SET_VAL, 'B', "");
+ config.add_opt("notls", opt_notls, Config::SWITCH_ON, 's', "disable TLS");
config.add_opt("help", opt_help, Config::SWITCH_ON, 'h', "show this help info");
EventContext ec;
@@ -206,18 +212,18 @@ int main(int argc, char **argv) {
}
auto idx = opt_idx->get();
auto client_port = opt_client_port->get();
- std::vector<std::pair<std::string, std::string>> replicas;
+ std::vector<std::tuple<std::string, std::string, std::string>> replicas;
for (const auto &s: opt_replicas->get())
{
auto res = trim_all(split(s, ","));
- if (res.size() != 2)
+ if (res.size() != 3)
throw HotStuffError("invalid replica info");
- replicas.push_back(std::make_pair(res[0], res[1]));
+ replicas.push_back(std::make_tuple(res[0], res[1], res[2]));
}
if (!(0 <= idx && (size_t)idx < replicas.size()))
throw HotStuffError("replica idx out of range");
- std::string binding_addr = replicas[idx].first;
+ std::string binding_addr = std::get<0>(replicas[idx]);
if (client_port == -1)
{
auto p = split_ip_port_cport(binding_addr);
@@ -242,6 +248,19 @@ int main(int argc, char **argv) {
HotStuffApp::Net::Config repnet_config;
ClientNetwork<opcode_t>::Config clinet_config;
+ if (!opt_tls_privkey->get().empty() && !opt_notls->get())
+ {
+ auto tls_priv_key = new salticidae::PKey(
+ salticidae::PKey::create_privkey_from_der(
+ hotstuff::from_hex(opt_tls_privkey->get())));
+ auto tls_cert = new salticidae::X509(
+ salticidae::X509::create_from_der(
+ hotstuff::from_hex(opt_tls_cert->get())));
+ repnet_config
+ .enable_tls(true)
+ .tls_key(tls_priv_key)
+ .tls_cert(tls_cert);
+ }
repnet_config
.burst_size(opt_repburst->get())
.nworker(opt_repnworker->get());
@@ -260,12 +279,14 @@ int main(int argc, char **argv) {
opt_nworker->get(),
repnet_config,
clinet_config);
- std::vector<std::pair<NetAddr, bytearray_t>> reps;
+ std::vector<std::tuple<NetAddr, bytearray_t, bytearray_t>> reps;
for (auto &r: replicas)
{
- auto p = split_ip_port_cport(r.first);
- reps.push_back(std::make_pair(
- NetAddr(p.first), hotstuff::from_hex(r.second)));
+ auto p = split_ip_port_cport(std::get<0>(r));
+ reps.push_back(std::make_tuple(
+ NetAddr(p.first),
+ hotstuff::from_hex(std::get<1>(r)),
+ hotstuff::from_hex(std::get<2>(r))));
}
auto shutdown = [&](int) { papp->stop(); };
salticidae::SigEvent ev_sigint(ec, shutdown);
@@ -344,7 +365,7 @@ void HotStuffApp::client_request_cmd_handler(MsgReqCmd &&msg, const conn_t &conn
});
}
-void HotStuffApp::start(const std::vector<std::pair<NetAddr, bytearray_t>> &reps) {
+void HotStuffApp::start(const std::vector<std::tuple<NetAddr, bytearray_t, bytearray_t>> &reps) {
ev_stat_timer = TimerEvent(ec, [this](TimerEvent &) {
HotStuff::print_stat();
HotStuffApp::print_stat();
diff --git a/src/hotstuff_client.cpp b/src/hotstuff_client.cpp
index 08f2a2e..9f7423d 100644
--- a/src/hotstuff_client.cpp
+++ b/src/hotstuff_client.cpp
@@ -156,13 +156,13 @@ int main(int argc, char **argv) {
auto idx = opt_idx->get();
max_iter_num = opt_max_iter_num->get();
max_async_num = opt_max_async_num->get();
- std::vector<std::pair<std::string, std::string>> raw;
+ std::vector<std::string> raw;
for (const auto &s: opt_replicas->get())
{
auto res = salticidae::trim_all(salticidae::split(s, ","));
- if (res.size() != 2)
+ if (res.size() < 1)
throw HotStuffError("format error");
- raw.push_back(std::make_pair(res[0], res[1]));
+ raw.push_back(res[0]);
}
if (!(0 <= idx && (size_t)idx < raw.size() && raw.size() > 0))
@@ -170,7 +170,7 @@ int main(int argc, char **argv) {
cid = opt_cid->get() != -1 ? opt_cid->get() : idx;
for (const auto &p: raw)
{
- auto _p = split_ip_port_cport(p.first);
+ auto _p = split_ip_port_cport(p);
size_t _;
replicas.push_back(NetAddr(NetAddr(_p.first).ip, htons(stoi(_p.second, &_))));
}
diff --git a/src/hotstuff_tls_keygen.cpp b/src/hotstuff_tls_keygen.cpp
new file mode 100644
index 0000000..1ce80f2
--- /dev/null
+++ b/src/hotstuff_tls_keygen.cpp
@@ -0,0 +1,46 @@
+/**
+ * Copyright 2018 VMware
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+#include <error.h>
+#include "salticidae/util.h"
+#include "salticidae/crypto.h"
+#include "hotstuff/type.h"
+
+using salticidae::Config;
+using hotstuff::tls_pkey_bt;
+using hotstuff::tls_x509_bt;
+
+int main(int argc, char **argv) {
+ Config config("hotstuff.conf");
+ tls_pkey_bt priv_key;
+ tls_x509_bt pub_key;
+ auto opt_n = Config::OptValInt::create(1);
+ config.add_opt("num", opt_n, Config::SET_VAL);
+ config.parse(argc, argv);
+ int n = opt_n->get();
+ if (n < 1)
+ error(1, 0, "n must be >0");
+ while (n--)
+ {
+ priv_key = new salticidae::PKey(salticidae::PKey::create_privkey_rsa());
+ pub_key = new salticidae::X509(salticidae::X509::create_self_signed_from_pubkey(*priv_key));
+ printf("crt:%s sec:%s cid:%s\n",
+ salticidae::get_hex(pub_key->get_der()).c_str(),
+ salticidae::get_hex(priv_key->get_privkey_der()).c_str(),
+ salticidae::get_hex(salticidae::get_hash(pub_key->get_der())).c_str());
+ }
+ return 0;
+}
Powered by cgit, Themed by Ted Yin.