From 2ade51056e6ee1cc020cd19f39bcda181a06deef Mon Sep 17 00:00:00 2001 From: z-bowen Date: Thu, 23 Aug 2018 14:18:13 +0200 Subject: [PATCH] Problem: `upsert-validator approve` has no error handling for an unauthorized signing key Solution: Raise an exception if the signature doesn't match one of the authorized keys --- bigchaindb/commands/bigchaindb.py | 12 +++++++++--- 1 file changed, 9 insertions(+), 3 deletions(-) diff --git a/bigchaindb/commands/bigchaindb.py b/bigchaindb/commands/bigchaindb.py index 1712b7e9..184b82de 100644 --- a/bigchaindb/commands/bigchaindb.py +++ b/bigchaindb/commands/bigchaindb.py @@ -16,7 +16,7 @@ import sys from bigchaindb.utils import load_node_key from bigchaindb.common.exceptions import (DatabaseAlreadyExists, DatabaseDoesNotExist, - OperationError) + OperationError, KeypairMismatchException) import bigchaindb from bigchaindb import (backend, ValidatorElection, BigchainDB, ValidatorElectionVote) @@ -159,9 +159,15 @@ def run_upsert_validator_approve(args, bigchain): key = load_node_key(args.sk) tx = bigchain.get_transaction(args.election_id) - voting_power = [v.amount for v in tx.outputs if key.public_key in v.public_keys][0] + voting_powers = [v.amount for v in tx.outputs if key.public_key in v.public_keys] + if len(voting_powers) > 0: + voting_power = voting_powers[0] + else: + raise KeypairMismatchException( + 'The key you provided does not match any of the eligible voters in this election.' + ) - inputs = [input for input in tx.to_inputs() if key.public_key in input.owners_before] + inputs = [i for i in tx.to_inputs() if key.public_key in i.owners_before] approval = ValidatorElectionVote.generate(inputs, [ ([key.public_key], voting_power)], tx.id).sign([key.private_key]) approval.validate(bigchain)