Change with notes to the validation behavior for CREATE transactions: transform and ignore signature if the signature field is not present, otherwise validate the signature as well.

2024-10-13 13:34:05 +00:00 · 2016-03-15 16:54:22 -07:00 · 2016-03-15 16:54:22 -07:00 · 40e70243a4
commit 40e70243a4
parent 78a91d8be9
1 changed files with 9 additions and 2 deletions
--- a/bigchaindb/web/views.py
+++ b/bigchaindb/web/views.py
@ -82,14 +82,21 @@ def validate_transaction():

    tx = request.get_json(force=True)

-    if tx['transaction']['operation'] == 'CREATE':
+    # Always validate TRANSFER signatures; but only validate CREATE signatures
+    # if present.
+    validate_sig = True
+
+    # If a CREATE doesn't have the signature populated, then we treat it as
+    # an input to the `create` function and transform it.
+    if tx['transaction']['operation'] == 'CREATE' and 'signature' not in tx:
+        validate_sig = False
        tx = util.transform_create(tx)

    try:
        bigchain.validate_transaction(tx)
    except exceptions.InvalidSignature as e:
        # We skipped signing CREATEs with the node's private key, so expect this
-        if tx['transaction']['operation'] != 'CREATE':
+        if validate_sig:
            return flask.jsonify({'valid': False, 'error': repr(e)})
    except Exception as e:
        return flask.jsonify({'valid': False, 'error': repr(e)})