[refactor][*][v0.1.0]: some improvements

- support generate BIF bcdns client config json

- README fixed

README.md

@@ -91,9 +91,13 @@ docker run -itd --name redis-test -p 6379:6379 redis --requirepass 'YOUR_PWD' --
 
 ## 配置
 
+### 数据库
+
+在开始之前，需要初始化中继的数据库，这里提供一个[DDL](r-bootstrap/src/main/resources/db/ddl.sql)，或者解压之后在路径`config/db/ddl.sql`找到，在MySQL执行即可生成数据库`relayer`。
+
 ### TLS
 
-首先，初始化中继的TLS证书，会在`tls_certs`路径下生成`relayer.crt`和`relayer.key`。
+这里初始化中继的TLS证书，会在`tls_certs`路径下生成`relayer.crt`和`relayer.key`。
 
 ```
 bin/init_tls_certs.sh 

r-cli/pom.xml

@@ -83,6 +83,10 @@
                 </exclusion>
             </exclusions>
         </dependency>
+        <dependency>
+            <groupId>com.alipay.antchain.bridge</groupId>
+            <artifactId>antchain-bridge-bcdns</artifactId>
+        </dependency>
         <dependency>
             <groupId>org.bouncycastle</groupId>
             <artifactId>bcpkix-jdk18on</artifactId>

r-cli/src/main/java/com/alipay/antchain/bridge/relayer/cli/command/BCDNSManagerCommands.java

@@ -19,6 +19,7 @@
 import javax.annotation.Resource;
 
 import cn.hutool.core.util.StrUtil;
+import com.alipay.antchain.bridge.commons.core.base.CrossChainDomain;
 import com.alipay.antchain.bridge.relayer.cli.glclient.GrpcClient;
 import lombok.Getter;
 import org.springframework.shell.standard.*;
@@ -38,7 +39,7 @@ public String name() {
 
     @ShellMethod(value = "Register a new BCDNS bound with specified domain space into Relayer")
     Object registerBCDNSService(
-            @ShellOption(help = "The domain space owned by the BCDNS") String domainSpace,
+            @ShellOption(help = "The domain space owned by the BCDNS, default the root space \"\"", defaultValue = CrossChainDomain.ROOT_DOMAIN_SPACE) String domainSpace,
             @ShellOption(help = "The type of the BCDNS, e.g. embedded, bif") String bcdnsType,
             @ShellOption(valueProvider = FileValueProvider.class, help = "The properties file path needed to initialize the service stub, e.g. /path/to/your/prop.json") String propFile,
             @ShellOption(valueProvider = FileValueProvider.class, help = "The path to BCDNS trust root certificate file if you have it",  defaultValue = "") String bcdnsCertPath
@@ -50,38 +51,42 @@ Object registerBCDNSService(
     }
 
     @ShellMethod(value = "Get the BCDNS data bound with specified domain space")
-    Object getBCDNSService(@ShellOption(help = "The domain space bound with BCDNS") String domainSpace) {
+    Object getBCDNSService(@ShellOption(help = "The domain space bound with BCDNS, default the root space", defaultValue = CrossChainDomain.ROOT_DOMAIN_SPACE) String domainSpace) {
         return queryAPI("getBCDNSService", domainSpace);
     }
 
     @ShellMethod(value = "Delete the BCDNS bound with specified domain space")
-    Object deleteBCDNSService(@ShellOption(help = "The domain space bound with BCDNS") String domainSpace) {
+    Object deleteBCDNSService(@ShellOption(help = "The domain space bound with BCDNS, default the root space", defaultValue = CrossChainDomain.ROOT_DOMAIN_SPACE) String domainSpace) {
         return queryAPI("deleteBCDNSService", domainSpace);
     }
 
     @ShellMethod(value = "Get the BCDNS trust root certificate bound with specified domain space")
-    Object getBCDNSCertificate(@ShellOption(help = "The domain space bound with BCDNS") String domainSpace) {
+    Object getBCDNSCertificate(@ShellOption(help = "The domain space bound with BCDNS, default the root space", defaultValue = CrossChainDomain.ROOT_DOMAIN_SPACE) String domainSpace) {
         return queryAPI("getBCDNSCertificate", domainSpace);
     }
 
     @ShellMethod(value = "Stop the local BCDNS service stub")
-    Object stopBCDNSService(@ShellOption(help = "The domain space bound with BCDNS") String domainSpace) {
+    Object stopBCDNSService(@ShellOption(help = "The domain space bound with BCDNS, default the root space", defaultValue = CrossChainDomain.ROOT_DOMAIN_SPACE) String domainSpace) {
         return queryAPI("stopBCDNSService", domainSpace);
     }
 
     @ShellMethod(value = "Restart the local BCDNS service stub from stop")
-    Object restartBCDNSService(@ShellOption(help = "domainSpace") String domainSpace) {
-
+    Object restartBCDNSService(@ShellOption(help = "domain space, default the root space", defaultValue = CrossChainDomain.ROOT_DOMAIN_SPACE) String domainSpace) {
         return queryAPI("restartBCDNSService", domainSpace);
     }
 
     @ShellMethod(value = "Apply a domain certificate for a blockchain from the BCDNS with specified domain space")
     Object applyDomainNameCert(
-            @ShellOption(help = "The domain space bound with BCDNS") String domainSpace,
+            @ShellOption(help = "The domain space bound with BCDNS, default the root space", defaultValue = CrossChainDomain.ROOT_DOMAIN_SPACE) String domainSpace,
             @ShellOption(help = "The domain applying") String domain,
-            @ShellOption(help = "The type for applicant subject, e.g. 0 for `X509_PUBLIC_KEY_INFO`, 1 for `BID`") String applicantOidType,
+            @ShellOption(help = "The type for applicant subject, e.g. `X509_PUBLIC_KEY_INFO` or `BID`", defaultValue = "BID") String applicantOidType,
             @ShellOption(valueProvider = FileValueProvider.class, help = "The subject file like public key file in PEM or BID document file") String oidFilePath
     ) {
+        if (StrUtil.equalsIgnoreCase(applicantOidType, "bid")) {
+            applicantOidType = "1";
+        } else {
+            applicantOidType = "0";
+        }
         return queryAPI("applyDomainNameCert", domainSpace, domain, applicantOidType, oidFilePath);
     }
 
@@ -93,7 +98,7 @@ Object queryDomainCertApplicationState(@ShellOption(help = "The specified domain
     @ShellMethod(value = "Fetch the certificate for a specified blockchain domain from the BCDNS with the domain space")
     Object fetchDomainNameCertFromBCDNS(
             @ShellOption(help = "The specified domain") String domain,
-            @ShellOption(help = "The BCDNS domain space") String domainSpace
+            @ShellOption(help = "The BCDNS domain space, default the root space", defaultValue = CrossChainDomain.ROOT_DOMAIN_SPACE) String domainSpace
     ) {
 
         return queryAPI("fetchDomainNameCertFromBCDNS", domain, domainSpace);
@@ -102,7 +107,7 @@ Object fetchDomainNameCertFromBCDNS(
     @ShellMethod(value = "Query the domain name certificate from the BCDNS with the domain space")
     Object queryDomainNameCertFromBCDNS(
             @ShellOption(help = "The specified domain") String domain,
-            @ShellOption(help = "The BCDNS domain space") String domainSpace
+            @ShellOption(help = "The BCDNS domain space, default the root space", defaultValue = CrossChainDomain.ROOT_DOMAIN_SPACE) String domainSpace
     ) {
         return queryAPI("queryDomainNameCertFromBCDNS", domain, domainSpace);
     }
@@ -115,9 +120,8 @@ Object registerDomainRouter(@ShellOption(help = "The specified domain") String d
     @ShellMethod(value = "Query the domain router for the domain from the BCDNS with the domain space")
     Object queryDomainRouter(
             @ShellOption(help = "The specified domain") String domain,
-            @ShellOption(help = "The BCDNS domain space") String domainSpace
+            @ShellOption(help = "The BCDNS domain space, default the root space", defaultValue = CrossChainDomain.ROOT_DOMAIN_SPACE) String domainSpace
     ) {
-
         return queryAPI("queryDomainRouter", domainSpace, domain);
     }
 

r-cli/src/main/java/com/alipay/antchain/bridge/relayer/cli/command/UtilsCommands.java

@@ -30,14 +30,28 @@
 import cn.ac.caict.bid.model.BIDDocumentOperation;
 import cn.ac.caict.bid.model.BIDpublicKeyOperation;
 import cn.bif.common.JsonUtils;
+import cn.bif.module.encryption.key.PrivateKeyManager;
+import cn.bif.module.encryption.key.PublicKeyManager;
+import cn.bif.module.encryption.model.KeyMember;
 import cn.bif.module.encryption.model.KeyType;
+import cn.hutool.core.util.ArrayUtil;
 import cn.hutool.core.util.HexUtil;
+import cn.hutool.core.util.ObjectUtil;
 import cn.hutool.core.util.StrUtil;
 import cn.hutool.crypto.ECKeyUtil;
 import cn.hutool.crypto.KeyUtil;
 import cn.hutool.crypto.PemUtil;
+import com.alibaba.fastjson.JSON;
+import com.alibaba.fastjson.serializer.SerializerFeature;
+import com.alipay.antchain.bridge.bcdns.impl.bif.conf.BifBCNDSConfig;
+import com.alipay.antchain.bridge.bcdns.impl.bif.conf.BifCertificationServiceConfig;
+import com.alipay.antchain.bridge.bcdns.impl.bif.conf.BifChainConfig;
+import com.alipay.antchain.bridge.commons.bcdns.AbstractCrossChainCertificate;
+import com.alipay.antchain.bridge.commons.bcdns.CrossChainCertificateFactory;
+import com.alipay.antchain.bridge.commons.bcdns.utils.CrossChainCertificateUtil;
 import lombok.Getter;
 import lombok.SneakyThrows;
+import org.bouncycastle.asn1.pkcs.PrivateKeyInfo;
 import org.bouncycastle.asn1.x509.SubjectPublicKeyInfo;
 import org.bouncycastle.jcajce.provider.asymmetric.edec.BCEdDSAPublicKey;
 import org.bouncycastle.jce.provider.BouncyCastleProvider;
@@ -110,6 +124,101 @@ public String generateBidDocument(
         }
     }
 
+    @ShellMethod(value = "Generate the config json file for BIF BCDNS client")
+    public String generateBifBcdnsConf(
+            @ShellOption(valueProvider = FileValueProvider.class, help = "authorized private key to apply the relayer and ptc certificates from BIF BCDNS, default using relayer key", defaultValue = "") String authPrivateKeyFile,
+            @ShellOption(valueProvider = FileValueProvider.class, help = "authorized public key to apply the relayer and ptc certificates from BIF BCDNS, default using relayer key", defaultValue = "") String authPublicKeyFile,
+            @ShellOption(help = "Authorized key sig algorithm, default Ed25519", defaultValue = "Ed25519") String authSigAlgo,
+            @ShellOption(valueProvider = FileValueProvider.class, help = "relayer private key") String relayerPrivateKeyFile,
+            @ShellOption(valueProvider = FileValueProvider.class, help = "relayer cross-chain certificate") String relayerCrossChainCertFile,
+            @ShellOption(help = "Relayer key sig algorithm, default Ed25519", defaultValue = "Ed25519") String relayerSigAlgo,
+            @ShellOption(help = "Certificate server url of BIF BCDNS, e.g. http://localhost:8112") String certServerUrl,
+            @ShellOption(help = "The RPC url for BIF blockchain node, e.g. `http://test.bifcore.bitfactory.cn` for testnet") String bifChainRpcUrl,
+            @ShellOption(help = "The RPC port for BIF blockchain node if needed", defaultValue = "-1") Integer bifChainRpcPort,
+            @ShellOption(help = "Domain govern contract address on BIF chain") String bifDomainGovernContract,
+            @ShellOption(help = "PTC govern contract address on BIF chain") String bifPtcGovernContract,
+            @ShellOption(help = "Relayer govern contract address on BIF chain") String bifRelayerGovernContract,
+            @ShellOption(valueProvider = FileValueProvider.class, help = "Directory path to save the output", defaultValue = "") String outDir
+    ) {
+        try {
+            if (!StrUtil.equalsIgnoreCase(relayerSigAlgo, "Ed25519")) {
+                return "relayer sig algo only support Ed25519 for now";
+            }
+
+            AbstractCrossChainCertificate relayerCert = CrossChainCertificateFactory.createCrossChainCertificateFromPem(
+                    Files.readAllBytes(Paths.get(relayerCrossChainCertFile))
+            );
+            String authPublicKey;
+            if (ObjectUtil.isEmpty(authPrivateKeyFile)) {
+                authPrivateKeyFile = relayerPrivateKeyFile;
+                authPublicKey = getPemPublicKey(CrossChainCertificateUtil.getPublicKeyFromCrossChainCertificate(relayerCert));
+                authSigAlgo = relayerSigAlgo;
+            } else {
+                authPublicKey = new String(Files.readAllBytes(Paths.get(authPublicKeyFile)));
+            }
+
+            BifCertificationServiceConfig bifCertificationServiceConfig = new BifCertificationServiceConfig();
+            bifCertificationServiceConfig.setAuthorizedKeyPem(new String(Files.readAllBytes(Paths.get(authPrivateKeyFile))));
+            bifCertificationServiceConfig.setAuthorizedPublicKeyPem(authPublicKey);
+            bifCertificationServiceConfig.setAuthorizedSigAlgo(authSigAlgo);
+            bifCertificationServiceConfig.setClientPrivateKeyPem(new String(Files.readAllBytes(Paths.get(relayerPrivateKeyFile))));
+            bifCertificationServiceConfig.setSigAlgo(relayerSigAlgo);
+            bifCertificationServiceConfig.setClientCrossChainCertPem(CrossChainCertificateUtil.formatCrossChainCertificateToPem(relayerCert));
+            bifCertificationServiceConfig.setUrl(certServerUrl);
+
+            BifChainConfig bifChainConfig = new BifChainConfig();
+            bifChainConfig.setBifChainRpcUrl(bifChainRpcUrl);
+            if (bifChainRpcPort > 0) {
+                bifChainConfig.setBifChainRpcPort(bifChainRpcPort);
+            }
+            bifChainConfig.setBifPrivateKey(convertToBIFPrivateKey(bifCertificationServiceConfig.getClientPrivateKeyPem()));
+            bifChainConfig.setBifAddress(convertToBIFAddress(
+                    CrossChainCertificateUtil.getRawPublicKeyFromCrossChainCertificate(relayerCert)
+            ));
+            bifChainConfig.setDomainGovernContract(bifDomainGovernContract);
+            bifChainConfig.setPtcGovernContract(bifPtcGovernContract);
+            bifChainConfig.setRelayerGovernContract(bifRelayerGovernContract);
+            bifChainConfig.setCertificatesGovernContract("");
+
+            BifBCNDSConfig config = new BifBCNDSConfig();
+            config.setChainConfig(bifChainConfig);
+            config.setCertificationServiceConfig(bifCertificationServiceConfig);
+
+            Path path = Paths.get(outDir, "bif_bcdns_conf.json");
+            Files.write(path, JSON.toJSONString(config, SerializerFeature.PrettyFormat).getBytes());
+
+            return "file is : " + path.toAbsolutePath();
+        } catch (Exception e) {
+            throw new RuntimeException("unexpected error please input stacktrace to check the detail", e);
+        }
+    }
+
+    private String convertToBIFAddress(byte[] rawPublicKey) {
+        PublicKeyManager publicKeyManager = new PublicKeyManager();
+        publicKeyManager.setRawPublicKey(rawPublicKey);
+        publicKeyManager.setKeyType(KeyType.ED25519);
+        return publicKeyManager.getEncAddress();
+    }
+
+    private String convertToBIFPrivateKey(String privateKeyPem) {
+        byte[] rawOctetStr = PrivateKeyInfo.getInstance(
+                PemUtil.readPem(new ByteArrayInputStream(privateKeyPem.getBytes()))
+        ).getPrivateKey().getOctets();
+        KeyMember keyMember = new KeyMember();
+        keyMember.setRawSKey(ArrayUtil.sub(rawOctetStr, 2, rawOctetStr.length));
+        keyMember.setKeyType(KeyType.ED25519);
+        return PrivateKeyManager.getEncPrivateKey(keyMember.getRawSKey(), keyMember.getKeyType());
+    }
+
+    @SneakyThrows
+    private String getPemPublicKey(PublicKey publicKey) {
+        StringWriter stringWriter = new StringWriter(256);
+        JcaPEMWriter jcaPEMWriter = new JcaPEMWriter(stringWriter);
+        jcaPEMWriter.writeObject(publicKey);
+        jcaPEMWriter.close();
+        return stringWriter.toString();
+    }
+
     @SneakyThrows
     private PublicKey readPublicKeyFromPem(byte[] publicKeyPem) {
         SubjectPublicKeyInfo keyInfo = SubjectPublicKeyInfo.getInstance(PemUtil.readPem(new ByteArrayInputStream(publicKeyPem)));