Mirroristas/bigchaindb
2
0
Fork 0
mirror of https://github.com/bigchaindb/bigchaindb.git synced 2024-10-13 13:34:05 +00:00
Code Issues Packages Projects Releases Wiki Activity

Change with notes to the validation behavior for CREATE transactions: transform and ignore signature if the signature field is not present, otherwise validate the signature as well.

Browse Source
This commit is contained in:
Matt Smith 2016-03-15 16:54:22 -07:00
parent 78a91d8be9
commit 40e70243a4
1 changed files with 9 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

11
bigchaindb/web/views.py
View File

@ -82,14 +82,21 @@ def validate_transaction():
tx = request.get_json(force=True) tx = request.get_json(force=True)
if tx['transaction']['operation'] == 'CREATE': # Always validate TRANSFER signatures; but only validate CREATE signatures
# if present.
validate_sig = True
# If a CREATE doesn't have the signature populated, then we treat it as
# an input to the `create` function and transform it.
if tx['transaction']['operation'] == 'CREATE' and 'signature' not in tx:
validate_sig = False
tx = util.transform_create(tx) tx = util.transform_create(tx)
try: try:
bigchain.validate_transaction(tx) bigchain.validate_transaction(tx)
except exceptions.InvalidSignature as e: except exceptions.InvalidSignature as e:
# We skipped signing CREATEs with the node's private key, so expect this # We skipped signing CREATEs with the node's private key, so expect this
if tx['transaction']['operation'] != 'CREATE': if validate_sig:
return flask.jsonify({'valid': False, 'error': repr(e)}) return flask.jsonify({'valid': False, 'error': repr(e)})
except Exception as e: except Exception as e:
return flask.jsonify({'valid': False, 'error': repr(e)}) return flask.jsonify({'valid': False, 'error': repr(e)})