Merge pull request #13 from AntChainOpenLabs/feat/cli/convert-cross-c…

…hain-cert-to-pem

[feat][cli][v0.1.1]: convert-cross-chain-cert-to-pem added

README.md

@@ -31,6 +31,8 @@ AntChain Bridge Relayer将功能实现分为两部分，分别为通信和可信
 
 **在开始之前，请您确保安装了maven和JDK，这里推荐使用[openjdk-1.8](https://adoptium.net/zh-CN/temurin/releases/?version=8)版本*
 
+**确保安装了AntChain Bridge Plugin SDK，详情请[见](https://github.com/AntChainOpenLabs/AntChainBridgePluginSDK?tab=readme-ov-file#%E6%9E%84%E5%BB%BA)*
+
 ### 编译
 
 在项目根目录运行maven命令即可：
@@ -160,9 +162,20 @@ relayer:> generate-bid-document --publicKeyPath /path/to/public_key.pem
 file is : /path/to/bid_document.json
 ```
 
-如果仅需要将程序运行起来，或者进行某些测试，可以使用测试用例中提供的[证书](r-bootstrap/src/test/resources/cc_certs/relayer.crt)和[密钥](r-bootstrap/src/test/resources/cc_certs/private_key.pem)，请不要将该证书与密钥用于生产。
+如果BCDNS返回的是Base64格式的证书，可以使用CLI工具转换成PEM格式，以用于Relayer。
 
-在获得中继证书和密钥之后，将其配置到文件中，这里假设将证书和密钥分别放在`cc_certs/relayer.crt`和`cc_certs/private_key.pem`：
+```
+relayer:> convert-cross-chain-cert-to-pem --base64Input AAAIAgAAAAABAAAAMQEAK...wWf/zi60DKnQ7xaCA==
+-----BEGIN RELAYER CERTIFICATE-----
+AAAIAgAAAAABAAAAMQEAKAAAAGRpZDpiaWQ6ZWY5OVJ6OFRpN3g0aTZ6eUNyUHlG
+aXk5dXRzV0JKVVcCAAEAAAADAwA7AAAAAAA1AAAAAAABAAAAAQEAKAAAAGRpZDpi
+...
+4QlxLUp70uRK43ECAAcAAABFZDI1NTE5AwBAAAAAbA8zkKXCI4Iwp6KBERXOqKln
+JT/qn36in7+iU6SsNEz0rsJpmEvVRT6adNVY7zS/ni35JwWf/zi60DKnQ7xaCA==
+-----END RELAYER CERTIFICATE-----
+```
+
+在获得PEM格式的中继证书和密钥之后，将其配置到文件中，这里假设将证书和密钥分别放在`cc_certs/relayer.crt`和`cc_certs/private_key.pem`：
 
 ```
 relayer:
@@ -173,7 +186,7 @@ relayer:
       private_key_path: file:cc_certs/private_key.pem
 ```
 
-
+如果仅需要将程序运行起来，或者进行某些测试，可以使用测试用例中提供的[证书](r-bootstrap/src/test/resources/cc_certs/relayer.crt)和[密钥](r-bootstrap/src/test/resources/cc_certs/private_key.pem)，请不要将该证书与密钥用于生产。
 
 ### 运行
 

r-cli/README.md

@@ -25,6 +25,8 @@
 
 **在开始之前，请您确保安装了maven和JDK，这里推荐使用[openjdk-1.8](https://adoptium.net/zh-CN/temurin/releases/?version=8)版本**
 
+**确保安装了AntChain Bridge Plugin SDK，详情请[见](https://github.com/AntChainOpenLabs/AntChainBridgePluginSDK?tab=readme-ov-file#%E6%9E%84%E5%BB%BA)**
+
 在r-cli模块根目录运行maven命令即可：
 
 ```shell
@@ -47,7 +49,29 @@ target/r-cli
 
 ## 启动
 
-执行编译生成包中的执行脚本即可启动中继CLI工具，命令执行情况如下：
+查看脚本帮助信息：
+
+```shell
+$ ./r-cli/bin/start.sh -h
+
+start.sh - Start the AntChain Bridge Relayer Command Line Interface Tool
+
+ Usage:
+   start.sh <params>
+
+ Examples:
+  1. start with the default server address `localhost` and default port `8088`：
+   start.sh
+  2. start with specific server address and port:
+   start.sh -H 0.0.0.0 -p 8088
+
+ Options:
+   -H         admin server host of relayer.
+   -p         admin server port of relayer.
+   -h         print help information.
+```
+
+启动命令执行情况如下：
 
 ```shell
 $ ./r-cli/bin/start.sh
@@ -67,7 +91,7 @@ relayer:>
 
 # 命令操作详情
 
-中继CLI工具目前累计支持`48`条交互命令，分别应用于BCDNS管理、区块链管理、中继器管理、服务管理及其他工具功能。
+中继CLI工具目前累计支持`51`条交互命令，分别应用于BCDNS管理、区块链管理、中继器管理、服务管理及其他工具功能。
 
 - 直接输入`help`可以查看支持命令概况
 - 直接输入`version`可以查看当前中继CLI工具版本
@@ -921,6 +945,28 @@ relayer:> get-cross-chain-msg-acl --bizId a3b56eea-3a31-43cd-9002-e656f6c3b521
 not found
 ```
 
+
+### 4.8 query-curr-active-nodes 查询中继节点
+
+用于查询当前中继的节点列表信息，注意用于查询节点活跃状态，
+每个节点的信息包括最近活跃时间戳、是否活跃以及节点IP和节点ID（默认为节点IP）。
+可以通过当前命令查询中继节点是否正常活跃可用。
+
+用法如下：
+
+```shell
+relayer:> query-curr-active-nodes
+# 当前中继服务只有一个节点，节点活跃状态正常
+[
+	{
+		"last_active_time":1704366281000,
+		"node_ip":"30.75.64.168",
+		"active":true,
+		"node_id":"30.75.64.168"
+	}
+]
+```
+
 ## 5 其他工具命令
 
 为方便用户使用，中继CLI工具提供部分工具命令，包括区块链域名申请文件生成、跨链中继身份申请相关文件生成等辅助功能。
@@ -997,4 +1043,40 @@ $ cat bid_document.json
 ```shell
 relayer:> generate-bif-bcdns-conf --relayerPrivateKeyFile /path/to/private_key.pem --relayerCrossChainCertFile /path/to/relayer.crt --certServerUrl http://localhost:8112 --bifChainRpcUrl http://test.bifcore.bitfactory.cn --bifDomainGovernContract did:bid:efjQKy4HEshTueHGKzrJPATKoFeNgHKo --bifRelayerGovernContract did:bid:efSnvCFJSnpWiQiVhnh8Eimgyi4RoNpA --bifPtcGovernContract did:bid:efgTq9DtP2zHAhmKp7M4BhN6AVYMVWV2
 file is : /path/to/bif_bcdns_conf.json
-```
+```
+
+### 5.4 convert-cross-chain-cert-to-pem 转换跨链证书为PEM格式
+
+用于将跨链证书从Base64字符串转换为PEM格式。
+
+命令参数如下：
+
+- `--base64Input`：（必选）跨链证书序列化的Base64字符串；
+- `--outDir`：（可选）PEM证书的保存路径（文件夹），默认输出到命令行，否则为类似`output_1704359604268.crt`的文件；
+
+用法如下：
+
+```
+relayer:> convert-cross-chain-cert-to-pem --base64Input AAAIAgAAAAABAAAAMQEAKAAAAGRpZDpiaWQ6ZWY5OVJ6OFRpN3g0aTZ6eUNyUHlGaXk5dXRzV0JKVVcCAAEAAAADAwA7AAAAAAA1AAAAAAABAAAAAQEAKAAAAGRpZDpiaWQ6ZWZLTDJ3Tm5xV2ZyOWJ5amRib3hQM2tIckFmQWR0bzkEAAgAAABrZpZlAAAAAAUACAAAAOuZd2cAAAAABgDbAAAAAADVAAAAAAADAAAAMS4wAQAFAAAAcmVsYXkDADsAAAAAADUAAAAAAAEAAAABAQAoAAAAZGlkOmJpZDplZm5KaWZqYlJVcXdrajd3UnZVc053d0FGZWluYjRmSgQAegAAAHsicHVibGljS2V5IjpbeyJ0eXBlIjoiRUQyNTUxOSIsInB1YmxpY0tleUhleCI6ImIwNjU2NjkzYTA1YTBmZDhmYWVmZDQ3OTMxZTIxYTIxYjI3YzBlYmEwMWZmNmM2OGZmZjEyYmQzY2VmZDViM2VlODVjMWIifV19BwCIAAAAAACCAAAAAAADAAAAU00zAQAgAAAANSyaAeb+N8q0mRncA7uGGG2cTmF+4QlxLUp70uRK43ECAAcAAABFZDI1NTE5AwBAAAAAbA8zkKXCI4Iwp6KBERXOqKlnJT/qn36in7+iU6SsNEz0rsJpmEvVRT6adNVY7zS/ni35JwWf/zi60DKnQ7xaCA==
+-----BEGIN RELAYER CERTIFICATE-----
+AAAIAgAAAAABAAAAMQEAKAAAAGRpZDpiaWQ6ZWY5OVJ6OFRpN3g0aTZ6eUNyUHlG
+aXk5dXRzV0JKVVcCAAEAAAADAwA7AAAAAAA1AAAAAAABAAAAAQEAKAAAAGRpZDpi
+aWQ6ZWZLTDJ3Tm5xV2ZyOWJ5amRib3hQM2tIckFmQWR0bzkEAAgAAABrZpZlAAAA
+AAUACAAAAOuZd2cAAAAABgDbAAAAAADVAAAAAAADAAAAMS4wAQAFAAAAcmVsYXkD
+ADsAAAAAADUAAAAAAAEAAAABAQAoAAAAZGlkOmJpZDplZm5KaWZqYlJVcXdrajd3
+UnZVc053d0FGZWluYjRmSgQAegAAAHsicHVibGljS2V5IjpbeyJ0eXBlIjoiRUQy
+NTUxOSIsInB1YmxpY0tleUhleCI6ImIwNjU2NjkzYTA1YTBmZDhmYWVmZDQ3OTMx
+ZTIxYTIxYjI3YzBlYmEwMWZmNmM2OGZmZjEyYmQzY2VmZDViM2VlODVjMWIifV19
+BwCIAAAAAACCAAAAAAADAAAAU00zAQAgAAAANSyaAeb+N8q0mRncA7uGGG2cTmF+
+4QlxLUp70uRK43ECAAcAAABFZDI1NTE5AwBAAAAAbA8zkKXCI4Iwp6KBERXOqKln
+JT/qn36in7+iU6SsNEz0rsJpmEvVRT6adNVY7zS/ni35JwWf/zi60DKnQ7xaCA==
+-----END RELAYER CERTIFICATE-----
+```
+
+或者导出到文件：
+
+```
+relayer:> convert-cross-chain-cert-to-pem --base64Input AAAIAgAAAAABAAAAMQEAKAAAAGRpZDpiaWQ6ZWY5OVJ6OFRpN3g0aTZ6eUNyUHlGaXk5dXRzV0JKVVcCAAEAAAADAwA7AAAAAAA1AAAAAAABAAAAAQEAKAAAAGRpZDpiaWQ6ZWZLTDJ3Tm5xV2ZyOWJ5amRib3hQM2tIckFmQWR0bzkEAAgAAABrZpZlAAAAAAUACAAAAOuZd2cAAAAABgDbAAAAAADVAAAAAAADAAAAMS4wAQAFAAAAcmVsYXkDADsAAAAAADUAAAAAAAEAAAABAQAoAAAAZGlkOmJpZDplZm5KaWZqYlJVcXdrajd3UnZVc053d0FGZWluYjRmSgQAegAAAHsicHVibGljS2V5IjpbeyJ0eXBlIjoiRUQyNTUxOSIsInB1YmxpY0tleUhleCI6ImIwNjU2NjkzYTA1YTBmZDhmYWVmZDQ3OTMxZTIxYTIxYjI3YzBlYmEwMWZmNmM2OGZmZjEyYmQzY2VmZDViM2VlODVjMWIifV19BwCIAAAAAACCAAAAAAADAAAAU00zAQAgAAAANSyaAeb+N8q0mRncA7uGGG2cTmF+4QlxLUp70uRK43ECAAcAAABFZDI1NTE5AwBAAAAAbA8zkKXCI4Iwp6KBERXOqKlnJT/qn36in7+iU6SsNEz0rsJpmEvVRT6adNVY7zS/ni35JwWf/zi60DKnQ7xaCA== --outDir ./
+certificate in pem saved here: /path/to/output_1704359604268.crt
+```
+

r-cli/src/main/java/com/alipay/antchain/bridge/relayer/cli/command/UtilsCommands.java

@@ -34,6 +34,7 @@
 import cn.bif.module.encryption.key.PublicKeyManager;
 import cn.bif.module.encryption.model.KeyMember;
 import cn.bif.module.encryption.model.KeyType;
+import cn.hutool.core.codec.Base64;
 import cn.hutool.core.util.ArrayUtil;
 import cn.hutool.core.util.HexUtil;
 import cn.hutool.core.util.ObjectUtil;
@@ -193,6 +194,24 @@ public String generateBifBcdnsConf(
         }
     }
 
+    @ShellMethod(value = "Convert the crosschain certificate from other format to PEM")
+    public String convertCrossChainCertToPem(
+            @ShellOption(help = "Base64 format string of crosschain certificate") String base64Input,
+            @ShellOption(valueProvider = FileValueProvider.class, help = "Directory path to save the output", defaultValue = "") String outDir
+    ) {
+        try {
+            AbstractCrossChainCertificate crossChainCertificate = CrossChainCertificateFactory.createCrossChainCertificate(Base64.decode(base64Input));
+            if (StrUtil.isNotEmpty(outDir)) {
+                Path path = Paths.get(outDir, StrUtil.format("output_{}.crt", System.currentTimeMillis()));
+                Files.write(path, CrossChainCertificateUtil.formatCrossChainCertificateToPem(crossChainCertificate).getBytes());
+                return StrUtil.format("certificate in pem saved here: {}", path.toAbsolutePath().toString());
+            }
+            return CrossChainCertificateUtil.formatCrossChainCertificateToPem(crossChainCertificate);
+        } catch (Exception e) {
+            throw new RuntimeException("unexpected error please input stacktrace to check the detail", e);
+        }
+    }
+
     private String convertToBIFAddress(byte[] rawPublicKey) {
         PublicKeyManager publicKeyManager = new PublicKeyManager();
         publicKeyManager.setRawPublicKey(rawPublicKey);

r-core/src/main/java/com/alipay/antchain/bridge/relayer/core/types/blockchain/HeteroBlockchainClient.java

@@ -99,7 +99,7 @@ private boolean checkContractsStatus(AbstractBBCContext bbcContext) {
         boolean ifAMPrepared = ContractStatusEnum.CONTRACT_READY == bbcContext.getAuthMessageContract().getStatus();
         if (!ifAMPrepared) {
             log.info(
-                    "AM contract of heterogeneous blockchain client ( product: {} , domain: {} ) is {} but ready",
+                    "AM contract of heterogeneous blockchain client ( product: {} , domain: {} ) is {} instead of ready",
                     getBlockchainMeta().getProduct(), getDomain(), bbcContext.getAuthMessageContract().getStatus()
             );
             return false;