Skip to content

Commit 73991c2

Browse files
wlahtiwlahti
committed
Trim long MSP plaintext messages in logs
This changeset trims the MSP plaintext message in the log statement to the beginning and end of the byte array if its length is greater than 32. Logging the entire plaintext for very long messages can lead to the process hanging when deploying chaincode. https://jira.hyperledger.org/browse/FAB-1870 Change-Id: I0d169df859c0be97090c86ff73f014d813ea7cdd Signed-off-by: Will Lahti <[email protected]>
1 parent a3ee996 commit 73991c2

File tree

2 files changed

+46
-1
lines changed

2 files changed

+46
-1
lines changed

msp/identities.go

+7-1
Original file line numberDiff line numberDiff line change
@@ -157,7 +157,13 @@ func (id *signingidentity) Sign(msg []byte) ([]byte, error) {
157157
return nil, fmt.Errorf("Failed computing digest [%s]", err)
158158
}
159159

160-
mspLogger.Debugf("Sign: plaintext: %X \n", msg)
160+
// TODO - consider removing these debug statements in the future as they may
161+
// contain confidential information
162+
if len(msg) < 32 {
163+
mspLogger.Debugf("Sign: plaintext: %X \n", msg)
164+
} else {
165+
mspLogger.Debugf("Sign: plaintext: %X...%X \n", msg[0:16], msg[len(msg)-16:])
166+
}
161167
mspLogger.Debugf("Sign: digest: %X \n", digest)
162168

163169
// Sign

msp/msp_test.go

+39
Original file line numberDiff line numberDiff line change
@@ -155,6 +155,45 @@ func TestSignAndVerify(t *testing.T) {
155155
}
156156
}
157157

158+
func TestSignAndVerify_longMessage(t *testing.T) {
159+
id, err := localMsp.GetDefaultSigningIdentity()
160+
if err != nil {
161+
t.Fatalf("GetSigningIdentity should have succeeded")
162+
return
163+
}
164+
165+
serializedID, err := id.Serialize()
166+
if err != nil {
167+
t.Fatalf("Serialize should have succeeded")
168+
return
169+
}
170+
171+
idBack, err := localMsp.DeserializeIdentity(serializedID)
172+
if err != nil {
173+
t.Fatalf("DeserializeIdentity should have succeeded")
174+
return
175+
}
176+
177+
msg := []byte("ABCDEFGABCDEFGABCDEFGABCDEFGABCDEFGABCDEFGABCDEFGABCDEFGABCDEFGABCDEFGABCDEFGABCDEFGABCDEFGABCDEFG")
178+
sig, err := id.Sign(msg)
179+
if err != nil {
180+
t.Fatalf("Sign should have succeeded")
181+
return
182+
}
183+
184+
err = id.Verify(msg, sig)
185+
if err != nil {
186+
t.Fatalf("The signature should be valid")
187+
return
188+
}
189+
190+
err = idBack.Verify(msg, sig)
191+
if err != nil {
192+
t.Fatalf("The signature should be valid")
193+
return
194+
}
195+
}
196+
158197
func TestMain(m *testing.M) {
159198
retVal := m.Run()
160199
os.Exit(retVal)

0 commit comments

Comments
 (0)