yuanbiao
/
emqx
1
0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Merge pull request #7015 from zmstone/chore-update-license-pub-key 

chore: update license pub key
This commit is contained in:
Zaiming (Stone) Shi 2022-02-15 15:11:02 +01:00 committed by GitHub
parent 1dbfe0dce6 bc67ede384
commit 761aef7ea0
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
10 changed files with 52 additions and 67 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
lib-ee/emqx_license/etc/emqx_license.conf
View File

@ -1,3 +1,3 @@
license { license {
key = "MjIwMTExCjAKMTAKRm9vCmNvbnRhY3RAZm9vLmNvbQoyMDIyMDExMQoxMDAwMDAKMTAK.Iyle9eMrXSAZwJczR8MEI2dtpxLuL2OKRikTwYvFK/SgxfwZQLR7JJM2rKfkuT5eP4cxh0Y1+84hOoB7fj/MWA==" key = "MjIwMTExCjAKMTAKRXZhbHVhdGlvbgpjb250YWN0QGVtcXguaW8KMjAyMjAxMDEKMzY1MDAKMTAK.MEUCIFc9EUjqB3SjpRqWjqmAzI4Tg4LwhCRet9scEoxMRt8fAiEAk6vfYUiPOTzBC+3EjNF3WmLTiA3B0TN5ZNwuTKbTXJQ="
} }

26
lib-ee/emqx_license/src/emqx_license_parser.erl
View File

@ -9,8 +9,12 @@
-include_lib("emqx/include/logger.hrl"). -include_lib("emqx/include/logger.hrl").
-include("emqx_license.hrl"). -include("emqx_license.hrl").
-define(PUBKEY, <<"MEgCQQChzN6lCUdt4sYPQmWBYA3b8Zk87Jfk+1A1zcTd+lCU0Tf -define(PUBKEY, <<"""
vXhSHgEWz18No4lL2v1n+70CoYpc2fzfhNJitgnV9AgMBAAE=">>). -----BEGIN PUBLIC KEY-----
MFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAEbtkdos3TZmSv+D7+X5pc0yfcjum2
Q1DK6PCWkiQihjvjJjKFzdYzcWOgC6f4Ou3mgGAUSjdQYYnFKZ/9f5ax4g==
-----END PUBLIC KEY-----
""">>).
-define(LICENSE_PARSE_MODULES, [emqx_license_parser_v20220101 -define(LICENSE_PARSE_MODULES, [emqx_license_parser_v20220101
]). ]).
@ -40,11 +44,6 @@
max_connections/1 max_connections/1
]). ]).
-ifdef(TEST).
-export([public_key/0
]).
-endif.
%%-------------------------------------------------------------------- %%--------------------------------------------------------------------
%% Behaviour %% Behaviour
%%-------------------------------------------------------------------- %%--------------------------------------------------------------------
@ -67,10 +66,11 @@
-spec parse(string() | binary()) -> {ok, license()} | {error, term()}. -spec parse(string() | binary()) -> {ok, license()} | {error, term()}.
parse(Content) -> parse(Content) ->
DecodedKey = base64:decode(public_key()), parse(Content, ?PUBKEY).
parse(Content, DecodedKey).
parse(Content, Key) -> parse(Content, Pem) ->
[PemEntry] = public_key:pem_decode(Pem),
Key = public_key:pem_entry_decode(PemEntry),
do_parse(iolist_to_binary(Content), Key, ?LICENSE_PARSE_MODULES, []). do_parse(iolist_to_binary(Content), Key, ?LICENSE_PARSE_MODULES, []).
-spec dump(license()) -> list({atom(), term()}). -spec dump(license()) -> list({atom(), term()}).
@ -107,8 +107,6 @@ do_parse(Content, Key, [Module | Modules], Errors) ->
{error, Error} -> {error, Error} ->
do_parse(Content, Key, Modules, [{Module, Error} | Errors]) do_parse(Content, Key, Modules, [{Module, Error} | Errors])
catch catch
_Class : Error -> _Class : Error : Stacktrace ->
do_parse(Content, Key, Modules, [{Module, Error} | Errors]) do_parse(Content, Key, Modules, [{Module, {Error, Stacktrace}} | Errors])
end. end.
public_key() -> ?PUBKEY.

3
lib-ee/emqx_license/src/emqx_license_parser_v20220101.erl
View File

@ -81,8 +81,7 @@ do_parse(Content) ->
end. end.
verify_signature(Payload, Signature, Key) -> verify_signature(Payload, Signature, Key) ->
RSAPublicKey = public_key:der_decode('RSAPublicKey', Key), public_key:verify(Payload, ?DIGEST_TYPE, Signature, Key).
public_key:verify(Payload, ?DIGEST_TYPE, Signature, RSAPublicKey).
parse_payload(Payload) -> parse_payload(Payload) ->
Lines = lists:map( Lines = lists:map(

4
lib-ee/emqx_license/test/data/pub.pem
View File

@ -1,4 +1,4 @@
-----BEGIN PUBLIC KEY----- -----BEGIN PUBLIC KEY-----
MFwwDQYJKoZIhvcNAQEBBQADSwAwSAJBAKHM3qUJR23ixg9CZYFgDdvxmTzsl+T7 MFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAEGul8oM77eCk9HgOt0mOkBnQHUf0G
UDXNxN36UJTRN+9eFIeARbPXw2jiUva/Wf7vQKhilzZ/N+E0mK2CdX0CAwEAAQ== M8QyDrnMYLOTpP93XcEQlf70nvodmEmHBbDzKTa7DoZMZRRIW3vGCK6zsw==
-----END PUBLIC KEY----- -----END PUBLIC KEY-----

14
lib-ee/emqx_license/test/data/pvt.key
View File

@ -1,9 +1,5 @@
-----BEGIN RSA PRIVATE KEY----- -----BEGIN EC PRIVATE KEY-----
MIIBPAIBAAJBAKHM3qUJR23ixg9CZYFgDdvxmTzsl+T7UDXNxN36UJTRN+9eFIeA MHcCAQEEIDBWnjhdKzQ5VWsjJouCdl7MmPKFc664K+MMfsekbtBaoAoGCCqGSM49
RbPXw2jiUva/Wf7vQKhilzZ/N+E0mK2CdX0CAwEAAQJBAJCy2UKbA8hgEGTBKmoD AwEHoUQDQgAEGul8oM77eCk9HgOt0mOkBnQHUf0GM8QyDrnMYLOTpP93XcEQlf70
byGN9U8o/8aGgns7pJ4oKDyNWwM6Z3/omObDSTDcKn8Mfo26ccHUprIh+eiUW7TX nvodmEmHBbDzKTa7DoZMZRRIW3vGCK6zsw==
F4ECIQDMfCREBKniVK1yDZgqKFe1+uZqj7ylT1DQne2S9bn2UQIhAMqP3TIAED3C -----END EC PRIVATE KEY-----
MUfF3AN9oVDKJ/SFhQSKqI38XBmw9QVtAiEAqq801lHOPE3SOVF/ojDqhcxYaLpy
DMqX+orYs8LI5wECIQC/5tuf6v94Aum9HW36wKJ7b4m61mPWkaZuHY8Dp+n5YQIg
MrcXYujtNHEMWidC8S3ca1Ytp8kjMNcZVIil5CroP8E=
-----END RSA PRIVATE KEY-----

8
lib-ee/emqx_license/test/emqx_license_SUITE.erl
View File

@ -27,13 +27,10 @@ end_per_suite(_) ->
init_per_testcase(Case, Config) -> init_per_testcase(Case, Config) ->
{ok, _} = emqx_cluster_rpc:start_link(node(), emqx_cluster_rpc, 1000), {ok, _} = emqx_cluster_rpc:start_link(node(), emqx_cluster_rpc, 1000),
meck:new(emqx_license_parser, [passthrough]),
meck:expect(emqx_license_parser, public_key, fun public_key/0),
set_invalid_license_file(Case), set_invalid_license_file(Case),
Config. Config.
end_per_testcase(Case, _Config) -> end_per_testcase(Case, _Config) ->
meck:unload(emqx_license_parser),
restore_valid_license_file(Case), restore_valid_license_file(Case),
ok. ok.
@ -167,8 +164,5 @@ mk_license(Fields) ->
EncodedLicense = emqx_license_test_lib:make_license(Fields), EncodedLicense = emqx_license_test_lib:make_license(Fields),
{ok, License} = emqx_license_parser:parse( {ok, License} = emqx_license_parser:parse(
EncodedLicense, EncodedLicense,
emqx_license_test_lib:public_key_encoded()), emqx_license_test_lib:public_key_pem()),
License. License.
public_key() -> <<"MEgCQQChzN6lCUdt4sYPQmWBYA3b8Zk87Jfk+1A1zcTd+lCU0Tf
vXhSHgEWz18No4lL2v1n+70CoYpc2fzfhNJitgnV9AgMBAAE=">>.

2
lib-ee/emqx_license/test/emqx_license_checker_SUITE.erl
View File

@ -198,7 +198,7 @@ mk_license(Fields) ->
EncodedLicense = emqx_license_test_lib:make_license(Fields), EncodedLicense = emqx_license_test_lib:make_license(Fields),
{ok, License} = emqx_license_parser:parse( {ok, License} = emqx_license_parser:parse(
EncodedLicense, EncodedLicense,
emqx_license_test_lib:public_key_encoded()), emqx_license_test_lib:public_key_pem()),
License. License.
format_date({Year, Month, Day}) -> format_date({Year, Month, Day}) ->

11
lib-ee/emqx_license/test/emqx_license_cli_SUITE.erl
View File

@ -25,12 +25,9 @@ end_per_suite(_) ->
init_per_testcase(_Case, Config) -> init_per_testcase(_Case, Config) ->
{ok, _} = emqx_cluster_rpc:start_link(node(), emqx_cluster_rpc, 1000), {ok, _} = emqx_cluster_rpc:start_link(node(), emqx_cluster_rpc, 1000),
meck:new(emqx_license_parser, [passthrough]),
meck:expect(emqx_license_parser, public_key, fun public_key/0),
Config. Config.
end_per_testcase(_Case, _Config) -> end_per_testcase(_Case, _Config) ->
meck:unload(emqx_license_parser),
ok. ok.
set_special_configs(emqx_license) -> set_special_configs(emqx_license) ->
@ -62,11 +59,3 @@ t_update(_Config) ->
_ = emqx_license_cli:license(["reload"]), _ = emqx_license_cli:license(["reload"]),
_ = emqx_license_cli:license(["update", "Invalid License Value"]). _ = emqx_license_cli:license(["update", "Invalid License Value"]).
%%------------------------------------------------------------------------------
%% Helpers
%%------------------------------------------------------------------------------
public_key() -> <<"MEgCQQChzN6lCUdt4sYPQmWBYA3b8Zk87Jfk+1A1zcTd+lCU0Tf
vXhSHgEWz18No4lL2v1n+70CoYpc2fzfhNJitgnV9AgMBAAE=">>.
digest() -> <<"3jHg0zCb4NL5v8eIoKn+CNDMq8A04mXEOefqlUBSSVs=">>.

28
lib-ee/emqx_license/test/emqx_license_parser_SUITE.erl
View File

@ -40,7 +40,7 @@ set_special_configs(_) -> ok.
%%------------------------------------------------------------------------------ %%------------------------------------------------------------------------------
t_parse(_Config) -> t_parse(_Config) ->
?assertMatch({ok, _}, emqx_license_parser:parse(sample_license(), public_key_encoded())), ?assertMatch({ok, _}, emqx_license_parser:parse(sample_license(), public_key_pem())),
%% invalid version %% invalid version
?assertMatch( ?assertMatch(
@ -57,7 +57,7 @@ t_parse(_Config) ->
"100000", "100000",
"10" "10"
]), ]),
public_key_encoded())), public_key_pem())),
%% invalid field number %% invalid field number
?assertMatch( ?assertMatch(
@ -74,7 +74,7 @@ t_parse(_Config) ->
"100000", "100000",
"10" "10"
]), ]),
public_key_encoded())), public_key_pem())),
?assertMatch( ?assertMatch(
{error, {error,
@ -94,7 +94,7 @@ t_parse(_Config) ->
"-10", "-10",
"10" "10"
]), ]),
public_key_encoded())), public_key_pem())),
%% invalid signature %% invalid signature
[LicensePart, _] = binary:split( [LicensePart, _] = binary:split(
@ -125,23 +125,23 @@ t_parse(_Config) ->
[{emqx_license_parser_v20220101,invalid_signature}]}, [{emqx_license_parser_v20220101,invalid_signature}]},
emqx_license_parser:parse( emqx_license_parser:parse(
iolist_to_binary([LicensePart, <<".">>, SignaturePart]), iolist_to_binary([LicensePart, <<".">>, SignaturePart]),
public_key_encoded())), public_key_pem())),
%% totally invalid strings as license %% totally invalid strings as license
?assertMatch( ?assertMatch(
{error, [_ | _]}, {error, [_ | _]},
emqx_license_parser:parse( emqx_license_parser:parse(
<<"badlicense">>, <<"badlicense">>,
public_key_encoded())), public_key_pem())),
?assertMatch( ?assertMatch(
{error, [_ | _]}, {error, [_ | _]},
emqx_license_parser:parse( emqx_license_parser:parse(
<<"bad.license">>, <<"bad.license">>,
public_key_encoded())). public_key_pem())).
t_dump(_Config) -> t_dump(_Config) ->
{ok, License} = emqx_license_parser:parse(sample_license(), public_key_encoded()), {ok, License} = emqx_license_parser:parse(sample_license(), public_key_pem()),
?assertEqual( ?assertEqual(
[{customer,<<"Foo">>}, [{customer,<<"Foo">>},
@ -155,22 +155,22 @@ t_dump(_Config) ->
emqx_license_parser:dump(License)). emqx_license_parser:dump(License)).
t_customer_type(_Config) -> t_customer_type(_Config) ->
{ok, License} = emqx_license_parser:parse(sample_license(), public_key_encoded()), {ok, License} = emqx_license_parser:parse(sample_license(), public_key_pem()),
?assertEqual(10, emqx_license_parser:customer_type(License)). ?assertEqual(10, emqx_license_parser:customer_type(License)).
t_license_type(_Config) -> t_license_type(_Config) ->
{ok, License} = emqx_license_parser:parse(sample_license(), public_key_encoded()), {ok, License} = emqx_license_parser:parse(sample_license(), public_key_pem()),
?assertEqual(0, emqx_license_parser:license_type(License)). ?assertEqual(0, emqx_license_parser:license_type(License)).
t_max_connections(_Config) -> t_max_connections(_Config) ->
{ok, License} = emqx_license_parser:parse(sample_license(), public_key_encoded()), {ok, License} = emqx_license_parser:parse(sample_license(), public_key_pem()),
?assertEqual(10, emqx_license_parser:max_connections(License)). ?assertEqual(10, emqx_license_parser:max_connections(License)).
t_expiry_date(_Config) -> t_expiry_date(_Config) ->
{ok, License} = emqx_license_parser:parse(sample_license(), public_key_encoded()), {ok, License} = emqx_license_parser:parse(sample_license(), public_key_pem()),
?assertEqual({2295,10,27}, emqx_license_parser:expiry_date(License)). ?assertEqual({2295,10,27}, emqx_license_parser:expiry_date(License)).
@ -178,8 +178,8 @@ t_expiry_date(_Config) ->
%% Helpers %% Helpers
%%------------------------------------------------------------------------------ %%------------------------------------------------------------------------------
public_key_encoded() -> public_key_pem() ->
emqx_license_test_lib:public_key_encoded(). emqx_license_test_lib:public_key_pem().
sample_license() -> sample_license() ->
emqx_license_test_lib:make_license( emqx_license_test_lib:make_license(

21
lib-ee/emqx_license/test/emqx_license_test_lib.erl
View File

@ -25,16 +25,22 @@ private_key() ->
public_key() -> public_key() ->
test_key("pub.pem"). test_key("pub.pem").
public_key_encoded() -> public_key_pem() ->
public_key:der_encode('RSAPublicKey', public_key()). test_key("pub.pem", pem).
test_key(Filename) -> test_key(Filename) ->
test_key(Filename, decoded).
test_key(Filename, Format) ->
Dir = code:lib_dir(emqx_license, test), Dir = code:lib_dir(emqx_license, test),
Path = filename:join([Dir, "data", Filename]), Path = filename:join([Dir, "data", Filename]),
{ok, KeyData} = file:read_file(Path), {ok, KeyData} = file:read_file(Path),
[PemEntry] = public_key:pem_decode(KeyData), case Format of
Key = public_key:pem_entry_decode(PemEntry), pem -> KeyData;
Key. decoded ->
[PemEntry] = public_key:pem_decode(KeyData),
public_key:pem_entry_decode(PemEntry)
end.
make_license(Values) -> make_license(Values) ->
Key = private_key(), Key = private_key(),
@ -45,6 +51,9 @@ make_license(Values) ->
iolist_to_binary([EncodedText, ".", EncodedSignature]). iolist_to_binary([EncodedText, ".", EncodedSignature]).
default_license() -> default_license() ->
License = make_license(?DEFAULT_LICENSE_VALUES), %% keep it the same as in etc/emqx_license.conf
License =
"MjIwMTExCjAKMTAKRXZhbHVhdGlvbgpjb250YWN0QGVtcXguaW8KMjAyMjAxMDEKMzY1MDAKMTAK."
"MEUCIFc9EUjqB3SjpRqWjqmAzI4Tg4LwhCRet9scEoxMRt8fAiEAk6vfYUiPOTzBC+3EjNF3WmLTiA3B0TN5ZNwuTKbTXJQ=",
ok = file:write_file(?DEFAULT_LICENSE_FILE, License), ok = file:write_file(?DEFAULT_LICENSE_FILE, License),
?DEFAULT_LICENSE_FILE. ?DEFAULT_LICENSE_FILE.