Skip to content
Merged
Show file tree
Hide file tree
Changes from all commits
Commits
File filter

Filter by extension

Filter by extension

Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
1 change: 1 addition & 0 deletions CHANGELOG.md
Original file line number Diff line number Diff line change
Expand Up @@ -2,6 +2,7 @@
## Feature
- Add option to cancel own pending operations [#881](https://github.com/upb-uc4/ui-web/pull/881)
- Add placeholder component for empty lists [#880](https://github.com/upb-uc4/ui-web/pull/880)
- Add support for timed frontend signing tokens [#882](https://github.com/upb-uc4/ui-web/pull/882)

## Refactor
- Improve performance by lazyloading [#835](https://github.com/upb-uc4/ui-web/pull/835)
Expand Down
2 changes: 1 addition & 1 deletion src/api/api_models/common/SignedProposalMessage.ts
Original file line number Diff line number Diff line change
@@ -1,4 +1,4 @@
export default interface SignedProposalMessage {
unsignedProposal: string;
unsignedProposalJwt: string;
signature: string;
}
2 changes: 1 addition & 1 deletion src/api/api_models/common/SignedTransactionMessage.ts
Original file line number Diff line number Diff line change
@@ -1,4 +1,4 @@
export default interface SignedTransactionMessage {
signature: string;
unsignedTransaction: string;
unsignedTransactionJwt: string;
}
2 changes: 1 addition & 1 deletion src/api/api_models/common/UnsignedProposalMessage.ts
Original file line number Diff line number Diff line change
@@ -1,3 +1,3 @@
export default interface UnsignedProposalMessage {
unsignedProposal: string;
unsignedProposalJwt: string;
}
2 changes: 1 addition & 1 deletion src/api/api_models/common/UnsignedTransactionMessage.ts
Original file line number Diff line number Diff line change
@@ -1,3 +1,3 @@
export default interface UnsignedTransactionMessage {
unsignedTransaction: string;
unsignedTransactionJwt: string;
}
8 changes: 4 additions & 4 deletions src/api/contracts/AbstractTransaction.ts
Original file line number Diff line number Diff line change
Expand Up @@ -52,12 +52,12 @@ export default abstract class AbstractTransaction {
return new GenericResponseHandler("transaction").handleResponse(response);
}

public decodeProposal(proposal: UnsignedProposalMessage, protoUrl?: string) {
return decodeProposal(proposal.unsignedProposal, protoUrl);
public decodeProposal(base64Proposal: string, protoUrl?: string) {
return decodeProposal(base64Proposal, protoUrl);
}

public decodeTransaction(transaction: UnsignedTransactionMessage, protoUrl?: string) {
return decodeTransaction(transaction.unsignedTransaction, protoUrl);
public decodeTransaction(base64Transaction: string, protoUrl?: string) {
return decodeTransaction(base64Transaction, protoUrl);
}

public abstract buildTransactionInfo(...params: any): TransactionInfo;
Expand Down
30 changes: 16 additions & 14 deletions src/api/contracts/ChaincodeUtility.ts
Original file line number Diff line number Diff line change
Expand Up @@ -27,9 +27,12 @@ export default async function executeTransaction(executableTransaction: Abstract

const unsignedProposal = await executableTransaction.getProposal();

if (!unsignedProposal.unsignedProposal) return false;
if (!unsignedProposal.unsignedProposalJwt) return false;

const proposal = await executableTransaction.decodeProposal(unsignedProposal, protoUrl).catch((reason: any) => {
const proposalTokenPayload = JSON.parse(atob(unsignedProposal.unsignedProposalJwt.split(".")[1]));
const unsignedProposalBytes = proposalTokenPayload["unsignedBytes"];

const proposal = await executableTransaction.decodeProposal(unsignedProposalBytes, protoUrl).catch((reason: any) => {
useToast().error("Could not decode proposal. This is a bug on our side, please consider reporting this.");
});

Expand All @@ -45,9 +48,9 @@ export default async function executeTransaction(executableTransaction: Abstract
return false;
}

const proposalSignature = await signProtobuf(unsignedProposal.unsignedProposal, privateKey);
const proposalSignature = await signProtobuf(unsignedProposalBytes, privateKey);

const proposalSignatureValidation = await verifyProtobufSignature(unsignedProposal.unsignedProposal, proposalSignature, publicKey);
const proposalSignatureValidation = await verifyProtobufSignature(unsignedProposalBytes, proposalSignature, publicKey);

if (!proposalSignatureValidation) {
useToast().error("Could not verify own signature. Your private key or certificate might be compromised.");
Expand All @@ -56,14 +59,17 @@ export default async function executeTransaction(executableTransaction: Abstract

const signedProposalMessage: SignedProposalMessage = {
signature: proposalSignature,
unsignedProposal: unsignedProposal.unsignedProposal,
unsignedProposalJwt: unsignedProposal.unsignedProposalJwt,
};

const unsignedTransaction = await executableTransaction.getTransaction(signedProposalMessage);

if (!unsignedTransaction.unsignedTransaction) return false;
if (!unsignedTransaction.unsignedTransactionJwt) return false;

const transactionTokenPayload = JSON.parse(atob(unsignedTransaction.unsignedTransactionJwt.split(".")[1]));
const unsignedTransactionBytes = transactionTokenPayload["unsignedBytes"];

const transaction = await executableTransaction.decodeTransaction(unsignedTransaction, protoUrl).catch((reason: any) => {
const transaction = await executableTransaction.decodeTransaction(unsignedTransactionBytes, protoUrl).catch((reason: any) => {
useToast().error("Could not decode transaction. This is a bug on our side, please consider reporting this.");
});

Expand All @@ -79,12 +85,8 @@ export default async function executeTransaction(executableTransaction: Abstract
return false;
}

const transactionSignature = await signProtobuf(unsignedTransaction.unsignedTransaction, privateKey);
const transactionSignatureValidation = await verifyProtobufSignature(
unsignedTransaction.unsignedTransaction,
transactionSignature,
publicKey
);
const transactionSignature = await signProtobuf(unsignedTransactionBytes, privateKey);
const transactionSignatureValidation = await verifyProtobufSignature(unsignedTransactionBytes, transactionSignature, publicKey);

if (!transactionSignatureValidation) {
useToast().error("Could not verify own signature. Your private key or certificate might be compromised.");
Expand All @@ -93,7 +95,7 @@ export default async function executeTransaction(executableTransaction: Abstract

const signedTransactionMessage: SignedTransactionMessage = {
signature: transactionSignature,
unsignedTransaction: unsignedTransaction.unsignedTransaction,
unsignedTransactionJwt: unsignedTransaction.unsignedTransactionJwt,
};

return await executableTransaction.submitTransaction(signedTransactionMessage);
Expand Down
2 changes: 1 addition & 1 deletion src/use/helpers/ImmatriculationResponseHandler.ts
Original file line number Diff line number Diff line change
Expand Up @@ -54,7 +54,7 @@ export class MatriculationValidationResponseHandler implements ResponseHandler<U
}

isUnsignedProposalMessage(object: any): object is UnsignedProposalMessage {
return (object as UnsignedProposalMessage).unsignedProposal !== undefined;
return (object as UnsignedProposalMessage).unsignedProposalJwt !== undefined;
}

handleResponse(response: APIResponse<UnsignedProposalMessage>): UnsignedProposalMessage {
Expand Down
4 changes: 2 additions & 2 deletions tests/unit/api/operationManagement.spec.ts
Original file line number Diff line number Diff line change
Expand Up @@ -537,11 +537,11 @@ describe("Operation Management tests", () => {

test("Fetch certificate of enrollment", async () => {
const reportManagement = new ReportManagement();

const response = await reportManagement.getCertificateOfEnrollment(student.authUser.username, "SS2020");

expect(response.returnValue.size).toBeGreaterThan(0);
})
});

afterAll(async () => {
resetState(encryptionPassword);
Expand Down
5 changes: 3 additions & 2 deletions tests/unit/transactionSigning.spec.ts
Original file line number Diff line number Diff line change
Expand Up @@ -37,9 +37,10 @@ describe("Transaction Signing Tests", () => {
if (!transaction) fail();

expect(await new MockTransaction().validateTransaction(transaction)).toEqual(true);
transaction.data.actions[0].payload.action.endorsements[0].signature = "aHR0cHM6Ly93d3cueW91dHViZS5jb20vd2F0Y2g/dj1kUXc0dzlXZ1hjUQ==";
transaction.data.actions[0].payload.action.endorsements[0].signature =
"aHR0cHM6Ly93d3cueW91dHViZS5jb20vd2F0Y2g/dj1kUXc0dzlXZ1hjUQ==";
expect(await new MockTransaction().validateTransaction(transaction)).toEqual(false);
})
});

class MockTransaction extends AbstractTransaction {
public getProposal(): Promise<UnsignedProposalMessage> {
Expand Down