[FAb-1699] Deterministic hashing for block header

https://jira.hyperledger.org/browse/FAB-1699

Currently, we compute the hash of the block header by hashing over the
protobuf marshaling of the BlockHeader object.  This is not guaranteed
to be deterministic, so a reliable marshaling scheme is required.

This changeset causes block headers to be marshaled to bytes via ASN.1.
Note: Due to an idiosyncracy in the golang ASN.1 implementation, block
numbers of MaxInt64 cannot be encoded, and this will result in a panic.

This resulting byte slice is used as the parameter to the hashing
algorithm.

Change-Id: I3b0582e89c17c0d120f3e2d888a2205022f2de18
Signed-off-by: Jason Yellick <[email protected]>

Author: Jason Yellick

protos/common/block.go

@@ -17,6 +17,10 @@ limitations under the License.
 package common
 
 import (
+	"encoding/asn1"
+	"fmt"
+	"math"
+
 	"github.com/golang/protobuf/proto"
 	"github.com/hyperledger/fabric/common/util"
 )
@@ -38,16 +42,35 @@ func NewBlock(seqNum uint64, previousHash []byte) *Block {
 	return block
 }
 
-// Bytes returns the marshaled representation of the block header.
+type asn1Header struct {
+	Number       int64
+	PreviousHash []byte
+	DataHash     []byte
+}
+
+// Bytes returns the ASN.1 marshaled representation of the block header.
 func (b *BlockHeader) Bytes() []byte {
-	data, err := proto.Marshal(b) // XXX this is wrong, protobuf is not the right mechanism to serialize for a hash
+	asn1Header := asn1Header{
+		PreviousHash: b.PreviousHash,
+		DataHash:     b.DataHash,
+	}
+	if b.Number > uint64(math.MaxInt64) {
+		panic(fmt.Errorf("Golang does not currently support encoding uint64 to asn1"))
+	} else {
+		asn1Header.Number = int64(b.Number)
+	}
+	result, err := asn1.Marshal(asn1Header)
 	if err != nil {
-		panic("This should never fail and is generally irrecoverable")
+		// Errors should only arise for types which cannot be encoded, since the
+		// BlockHeader type is known a-priori to contain only encodable types, an
+		// error here is fatal and should not be propogated
+		panic(err)
 	}
-	return data
+	return result
 }
 
 // Hash returns the hash of the block header.
+// XXX This method will be removed shortly to allow for confgurable hashing algorithms
 func (b *BlockHeader) Hash() []byte {
 	return util.ComputeCryptoHash(b.Bytes())
 }

protos/common/block_test.go

@@ -0,0 +1,48 @@
+/*
+Copyright IBM Corp. 2016 All Rights Reserved.
+
+Licensed under the Apache License, Version 2.0 (the "License");
+you may not use this file except in compliance with the License.
+You may obtain a copy of the License at
+
+                 http://www.apache.org/licenses/LICENSE-2.0
+
+Unless required by applicable law or agreed to in writing, software
+distributed under the License is distributed on an "AS IS" BASIS,
+WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+See the License for the specific language governing permissions and
+limitations under the License.
+*/
+
+package common
+
+import (
+	"math"
+	"testing"
+)
+
+func TestGoodBlockHeaderBytes(t *testing.T) {
+	goodBlockHeader := &BlockHeader{
+		Number:       1,
+		PreviousHash: []byte("foo"),
+		DataHash:     []byte("bar"),
+	}
+
+	_ = goodBlockHeader.Bytes() // Should not panic
+}
+
+func TestBadBlockHeaderBytes(t *testing.T) {
+	defer func() {
+		if recover() == nil {
+			t.Fatalf("Should have panicked on block number too high to encode as int64")
+		}
+	}()
+
+	badBlockHeader := &BlockHeader{
+		Number:       math.MaxUint64,
+		PreviousHash: []byte("foo"),
+		DataHash:     []byte("bar"),
+	}
+
+	_ = badBlockHeader.Bytes() // Should panic
+}

protos/common/common.pb.go

@@ -145,6 +145,9 @@ message Block {
     BlockMetadata Metadata = 3;
 }
 
+// BlockHeader is the element of the block which forms the block chain
+// The block header is hashed using the configured chain hashing algorithm
+// over the ASN.1 encoding of the BlockHeader
 message BlockHeader {
     uint64 Number = 1; // The position in the blockchain
     bytes PreviousHash = 2; // The hash of the previous block header