Transaction signing options (Consensys#8)

ethfirewall/src/integration-test/java/tech/pegasys/ethfirewall/jsonrpcproxy/IntegrationTestBase.java

@@ -24,6 +24,9 @@
 import static org.web3j.utils.Async.defaultExecutorService;
 
 import tech.pegasys.ethfirewall.Runner;
+import tech.pegasys.ethfirewall.signing.ChainIdProvider;
+import tech.pegasys.ethfirewall.signing.ConfigurationChainId;
+import tech.pegasys.ethfirewall.signing.TransactionSigner;
 
 import java.io.File;
 import java.io.IOException;
@@ -48,11 +51,14 @@
 import org.slf4j.Logger;
 import org.slf4j.LoggerFactory;
 import org.web3j.crypto.CipherException;
+import org.web3j.crypto.Credentials;
+import org.web3j.crypto.WalletUtils;
 import org.web3j.protocol.core.JsonRpc2_0Web3j;
 import org.web3j.protocol.core.Request;
 import org.web3j.protocol.core.Response;
 
 public class IntegrationTestBase {
+
   private static final Logger LOG = LoggerFactory.getLogger(IntegrationTestBase.class);
 
   private static final String LOCALHOST = "127.0.0.1";
@@ -66,7 +72,8 @@ public static void setupEthFirewall() throws IOException, CipherException {
     ethNode = startClientAndServer();
 
     final File keyFile = createKeyFile();
-    final TransactionSigner transactionSigner = TransactionSigner.createFrom(keyFile, "password");
+    final TransactionSigner transactionSigner =
+        transactionSigner(keyFile, "password", new ConfigurationChainId((byte) 9));
 
     final HttpClientOptions httpClientOptions = new HttpClientOptions();
     httpClientOptions.setDefaultHost(LOCALHOST);
@@ -161,4 +168,12 @@ private List<Header> convertHeadersToMockServerHeaders(final Map<String, String>
         .map(e -> new Header(e.getKey(), e.getValue()))
         .collect(toList());
   }
+
+  private static TransactionSigner transactionSigner(
+      final File keyFile, final String password, final ChainIdProvider chain)
+      throws IOException, CipherException {
+    final Credentials credentials = WalletUtils.loadCredentials(password, keyFile);
+
+    return new TransactionSigner(chain, credentials);
+  }
 }

ethfirewall/src/integration-test/java/tech/pegasys/ethfirewall/jsonrpcproxy/ProxyIntegrationTest.java

@@ -69,11 +69,7 @@ public void requestWithSendTransactionIsSignedBeforeProxying() throws Exception
 
     Request<?, ? extends Response<?>> ethSendRawTransactionRequest =
         jsonRpc.ethSendRawTransaction(
-            "0xf8b2a0e04d296d2460cfb8472af2c5fd05b5a214109c25688d3704aed5484f9a7792f2"
-                + "8609184e72a0008276c094d46e8dd67c5d32be8058bb8eb970870f07244567849184e72aa9d46e8dd67c5"
-                + "d32be8d46e8dd67c5d32be8058bb8eb970870f072445675058bb8eb970870f0724456751ca03631b1cec6"
-                + "e5033e8a2bff6d1b2d08bfe106cbbb82df5eb7b380a1fdb5c06be2a06d15eeb833f26114de087c930e375"
-                + "56d93a47d86e6554e988d32cbbb273cfda4");
+            "0xf8b2a0e04d296d2460cfb8472af2c5fd05b5a214109c25688d3704aed5484f9a7792f28609184e72a0008276c094d46e8dd67c5d32be8058bb8eb970870f07244567849184e72aa9d46e8dd67c5d32be8d46e8dd67c5d32be8058bb8eb970870f072445675058bb8eb970870f07244567535a0f04e0e7b41adea417596550611138a3ec9a452abb6648d734107c53476e76a27a05b826d9e9b4e0dd0e7b8939c102a2079d71cfc27cd6b7bebe5a006d5ad17d780");
     // we create the eth_sendRawTransaction req with same id as the eth_sendTransaction req
     ethSendRawTransactionRequest.setId(5);
 

ethfirewall/src/main/java/tech/pegasys/ethfirewall/EthFirewall.java

@@ -12,8 +12,10 @@
  */
 package tech.pegasys.ethfirewall;
 
-import tech.pegasys.ethfirewall.jsonrpcproxy.TransactionSigner;
+import tech.pegasys.ethfirewall.signing.ChainIdProvider;
+import tech.pegasys.ethfirewall.signing.TransactionSigner;
 
+import java.io.File;
 import java.io.IOException;
 import java.nio.file.Files;
 import java.util.Optional;
@@ -25,6 +27,8 @@
 import org.slf4j.Logger;
 import org.slf4j.LoggerFactory;
 import org.web3j.crypto.CipherException;
+import org.web3j.crypto.Credentials;
+import org.web3j.crypto.WalletUtils;
 
 public final class EthFirewall {
 
@@ -51,7 +55,7 @@ public void run() {
 
     try {
       runnerBuilder.setTransactionSigner(
-          TransactionSigner.createFrom(config.getKeyPath().toFile(), password.get()));
+          transactionSigner(config.getKeyPath().toFile(), password.get(), config.getChainId()));
       runnerBuilder.setClientOptions(
           new WebClientOptions()
               .setDefaultPort(config.getDownstreamHttpPort())
@@ -72,6 +76,14 @@ public void run() {
     }
   }
 
+  private TransactionSigner transactionSigner(
+      final File keyFile, final String password, final ChainIdProvider chain)
+      throws IOException, CipherException {
+    final Credentials credentials = WalletUtils.loadCredentials(password, keyFile);
+
+    return new TransactionSigner(chain, credentials);
+  }
+
   private Optional<String> readPasswordFromFile() {
     try {
       byte[] fileContent = Files.readAllBytes(config.getPasswordFilePath());

ethfirewall/src/main/java/tech/pegasys/ethfirewall/EthFirewallCommandLineConfig.java

@@ -12,6 +12,9 @@
  */
 package tech.pegasys.ethfirewall;
 
+import tech.pegasys.ethfirewall.signing.ChainIdProvider;
+import tech.pegasys.ethfirewall.signing.ConfigurationChainId;
+
 import java.io.PrintStream;
 import java.nio.file.Path;
 
@@ -38,6 +41,7 @@
     footerHeading = "%n",
     footer = "Ethfirewall is licensed under the Apache License 2.0")
 public class EthFirewallCommandLineConfig implements EthFirewallConfig {
+
   private static final Logger LOG = LoggerFactory.getLogger(EthFirewallCommandLineConfig.class);
   private CommandLine commandLine;
 
@@ -89,6 +93,14 @@ public class EthFirewallCommandLineConfig implements EthFirewallConfig {
       arity = "1")
   private final Integer httpListenPort = 8545;
 
+  @SuppressWarnings("FieldMayBeFinal") // Because PicoCLI requires Strings to not be final.
+  @Option(
+      names = {"--chain-id"},
+      description = "The Chain Id that will be the intended recipient for signed transactions",
+      required = true,
+      arity = "1")
+  private byte chainId;
+
   private final PrintStream output;
 
   public EthFirewallCommandLineConfig(PrintStream output) {
@@ -165,4 +177,9 @@ public String getHttpListenHost() {
   public Integer getHttpListenPort() {
     return httpListenPort;
   }
+
+  @Override
+  public ChainIdProvider getChainId() {
+    return new ConfigurationChainId(chainId);
+  }
 }

ethfirewall/src/main/java/tech/pegasys/ethfirewall/EthFirewallConfig.java

@@ -12,6 +12,8 @@
  */
 package tech.pegasys.ethfirewall;
 
+import tech.pegasys.ethfirewall.signing.ChainIdProvider;
+
 import java.nio.file.Path;
 
 import org.apache.logging.log4j.Level;
@@ -31,4 +33,6 @@ public interface EthFirewallConfig {
   String getHttpListenHost();
 
   Integer getHttpListenPort();
+
+  ChainIdProvider getChainId();
 }

ethfirewall/src/main/java/tech/pegasys/ethfirewall/Runner.java

@@ -16,7 +16,7 @@
 import tech.pegasys.ethfirewall.jsonrpcproxy.PassThroughHandler;
 import tech.pegasys.ethfirewall.jsonrpcproxy.RequestMapper;
 import tech.pegasys.ethfirewall.jsonrpcproxy.TransactionBodyProvider;
-import tech.pegasys.ethfirewall.jsonrpcproxy.TransactionSigner;
+import tech.pegasys.ethfirewall.signing.TransactionSigner;
 
 import io.vertx.core.AsyncResult;
 import io.vertx.core.Vertx;

ethfirewall/src/main/java/tech/pegasys/ethfirewall/RunnerBuilder.java

@@ -12,7 +12,7 @@
  */
 package tech.pegasys.ethfirewall;
 
-import tech.pegasys.ethfirewall.jsonrpcproxy.TransactionSigner;
+import tech.pegasys.ethfirewall.signing.TransactionSigner;
 
 import io.vertx.core.http.HttpServerOptions;
 import io.vertx.ext.web.client.WebClientOptions;

ethfirewall/src/main/java/tech/pegasys/ethfirewall/jsonrpcproxy/TransactionBodyProvider.java

@@ -12,6 +12,8 @@
  */
 package tech.pegasys.ethfirewall.jsonrpcproxy;
 
+import tech.pegasys.ethfirewall.signing.TransactionSigner;
+
 import io.vertx.core.buffer.Buffer;
 import io.vertx.core.json.JsonArray;
 import io.vertx.core.json.JsonObject;

ethfirewall/src/main/java/tech/pegasys/ethfirewall/signing/ChainIdProvider.java

@@ -0,0 +1,19 @@
+/*
+ * Copyright 2019 ConsenSys AG.
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with
+ * the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software distributed under the License is distributed on
+ * an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations under the License.
+ */
+package tech.pegasys.ethfirewall.signing;
+
+/** Obtains the chain ID for the blockchain that transaction are being signed. */
+public interface ChainIdProvider {
+
+  byte id();
+}

ethfirewall/src/main/java/tech/pegasys/ethfirewall/signing/ConfigurationChainId.java

@@ -0,0 +1,27 @@
+/*
+ * Copyright 2019 ConsenSys AG.
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with
+ * the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software distributed under the License is distributed on
+ * an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations under the License.
+ */
+package tech.pegasys.ethfirewall.signing;
+
+public class ConfigurationChainId implements ChainIdProvider {
+
+  private final byte id;
+
+  public ConfigurationChainId(final byte id) {
+    this.id = id;
+  }
+
+  @Override
+  public byte id() {
+    return id;
+  }
+}

ethfirewall/src/main/java/tech/pegasys/ethfirewall/jsonrpcproxy/TransactionSigner.java → ethfirewall/src/main/java/tech/pegasys/ethfirewall/signing/TransactionSigner.java

@@ -10,43 +10,36 @@
  * an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the License for the
  * specific language governing permissions and limitations under the License.
  */
-package tech.pegasys.ethfirewall.jsonrpcproxy;
+package tech.pegasys.ethfirewall.signing;
 
-import java.io.File;
-import java.io.IOException;
 import java.math.BigInteger;
 
 import io.vertx.core.json.JsonObject;
-import org.web3j.crypto.CipherException;
 import org.web3j.crypto.Credentials;
 import org.web3j.crypto.RawTransaction;
 import org.web3j.crypto.TransactionEncoder;
-import org.web3j.crypto.WalletUtils;
 import org.web3j.utils.Numeric;
 
 public class TransactionSigner {
 
-  private Credentials credentials;
+  private final Credentials credentials;
+  private final ChainIdProvider chain;
 
-  public TransactionSigner(final Credentials credentials) {
+  public TransactionSigner(final ChainIdProvider chain, final Credentials credentials) {
+    this.chain = chain;
     this.credentials = credentials;
   }
 
-  public static TransactionSigner createFrom(final File keyFile, final String password)
-      throws IOException, CipherException {
-    final Credentials credentials = WalletUtils.loadCredentials(password, keyFile);
-
-    return new TransactionSigner(credentials);
-  }
-
   public String signTransaction(final JsonObject transaction) {
     final RawTransaction rawTransaction = fromTransactionJson(transaction);
 
-    final byte[] signedMessage = TransactionEncoder.signMessage(rawTransaction, credentials);
+    // Sign the transaction using the post Spurious Dragon technique
+    final byte[] signedMessage =
+        TransactionEncoder.signMessage(rawTransaction, chain.id(), credentials);
     return Numeric.toHexString(signedMessage);
   }
 
-  public static RawTransaction fromTransactionJson(final JsonObject transaction) {
+  private RawTransaction fromTransactionJson(final JsonObject transaction) {
     final JsonObject txnParams = transaction.getJsonArray("params").getJsonObject(0);
     String dataString = "";
     if (txnParams.getString("data") != null) {

ethfirewall/src/test/java/tech/pegasys/ethfirewall/EthFirewallCommandLineConfigTest.java

@@ -42,6 +42,7 @@ private String validCommandLine() {
         + "--downstream-http-port=5000 "
         + "--http-listen-port=5001 "
         + "--http-listen-host=localhost "
+        + "--chain-id=6 "
         + "--logging=INFO";
   }