From 17a18b10f0035e6dea7840da00e7786fbf9884a6 Mon Sep 17 00:00:00 2001 From: Baha Shaaban Date: Wed, 6 Dec 2017 12:02:33 -0500 Subject: [PATCH] [FAB-7307] embed cert in config, test update Also included refactoring of Config interface in api/apiconfig/configprovider.go to rename the following three functions from: * CAServerCertFiles * CAClientKeyFile * CAClientCertFile to: * CAServerCertPaths * CAClientKeyPath * CAClientCertPath Respectively as these return file paths not actual files. Change-Id: Ief5d4b32671f2ff352afa7fc94721764e9de2d9d Signed-off-by: Baha Shaaban --- api/apiconfig/configprovider.go | 6 ++-- api/apiconfig/mocks/mockconfig.gen.go | 36 ++++++++++----------- pkg/config/config.go | 12 +++---- pkg/config/config_test.go | 41 +++++++++++++++++------- pkg/fabric-ca-client/fabricca.go | 6 ++-- pkg/fabric-ca-client/fabricca_test.go | 30 ++++++++--------- pkg/fabric-ca-client/mocks/mockconfig.go | 12 +++---- pkg/fabric-client/mocks/mockconfig.go | 12 +++---- test/integration/channel_queries_test.go | 2 +- 9 files changed, 87 insertions(+), 70 deletions(-) diff --git a/api/apiconfig/configprovider.go b/api/apiconfig/configprovider.go index fe359f5901..bc05c778b3 100644 --- a/api/apiconfig/configprovider.go +++ b/api/apiconfig/configprovider.go @@ -16,11 +16,11 @@ type Config interface { Client() (*ClientConfig, error) CAConfig(org string) (*CAConfig, error) CAServerCertPems(org string) ([]string, error) - CAServerCertFiles(org string) ([]string, error) + CAServerCertPaths(org string) ([]string, error) CAClientKeyPem(org string) (string, error) - CAClientKeyFile(org string) (string, error) + CAClientKeyPath(org string) (string, error) CAClientCertPem(org string) (string, error) - CAClientCertFile(org string) (string, error) + CAClientCertPath(org string) (string, error) TimeoutOrDefault(TimeoutType) time.Duration MspID(org string) (string, error) PeerMspID(name string) (string, error) diff --git a/api/apiconfig/mocks/mockconfig.gen.go b/api/apiconfig/mocks/mockconfig.gen.go index f8bf863e77..5b627b3833 100644 --- a/api/apiconfig/mocks/mockconfig.gen.go +++ b/api/apiconfig/mocks/mockconfig.gen.go @@ -36,17 +36,17 @@ func (m *MockConfig) EXPECT() *MockConfigMockRecorder { return m.recorder } -// CAClientCertFile mocks base method -func (m *MockConfig) CAClientCertFile(arg0 string) (string, error) { - ret := m.ctrl.Call(m, "CAClientCertFile", arg0) +// CAClientCertPath mocks base method +func (m *MockConfig) CAClientCertPath(arg0 string) (string, error) { + ret := m.ctrl.Call(m, "CAClientCertPath", arg0) ret0, _ := ret[0].(string) ret1, _ := ret[1].(error) return ret0, ret1 } -// CAClientCertFile indicates an expected call of CAClientCertFile -func (mr *MockConfigMockRecorder) CAClientCertFile(arg0 interface{}) *gomock.Call { - return mr.mock.ctrl.RecordCallWithMethodType(mr.mock, "CAClientCertFile", reflect.TypeOf((*MockConfig)(nil).CAClientCertFile), arg0) +// CAClientCertPath indicates an expected call of CAClientCertPath +func (mr *MockConfigMockRecorder) CAClientCertPath(arg0 interface{}) *gomock.Call { + return mr.mock.ctrl.RecordCallWithMethodType(mr.mock, "CAClientCertPath", reflect.TypeOf((*MockConfig)(nil).CAClientCertPath), arg0) } // CAClientCertPem mocks base method @@ -62,17 +62,17 @@ func (mr *MockConfigMockRecorder) CAClientCertPem(arg0 interface{}) *gomock.Call return mr.mock.ctrl.RecordCallWithMethodType(mr.mock, "CAClientCertPem", reflect.TypeOf((*MockConfig)(nil).CAClientCertPem), arg0) } -// CAClientKeyFile mocks base method -func (m *MockConfig) CAClientKeyFile(arg0 string) (string, error) { - ret := m.ctrl.Call(m, "CAClientKeyFile", arg0) +// CAClientKeyPath mocks base method +func (m *MockConfig) CAClientKeyPath(arg0 string) (string, error) { + ret := m.ctrl.Call(m, "CAClientKeyPath", arg0) ret0, _ := ret[0].(string) ret1, _ := ret[1].(error) return ret0, ret1 } -// CAClientKeyFile indicates an expected call of CAClientKeyFile -func (mr *MockConfigMockRecorder) CAClientKeyFile(arg0 interface{}) *gomock.Call { - return mr.mock.ctrl.RecordCallWithMethodType(mr.mock, "CAClientKeyFile", reflect.TypeOf((*MockConfig)(nil).CAClientKeyFile), arg0) +// CAClientKeyPath indicates an expected call of CAClientKeyPath +func (mr *MockConfigMockRecorder) CAClientKeyPath(arg0 interface{}) *gomock.Call { + return mr.mock.ctrl.RecordCallWithMethodType(mr.mock, "CAClientKeyPath", reflect.TypeOf((*MockConfig)(nil).CAClientKeyPath), arg0) } // CAClientKeyPem mocks base method @@ -113,17 +113,17 @@ func (mr *MockConfigMockRecorder) CAKeyStorePath() *gomock.Call { return mr.mock.ctrl.RecordCallWithMethodType(mr.mock, "CAKeyStorePath", reflect.TypeOf((*MockConfig)(nil).CAKeyStorePath)) } -// CAServerCertFiles mocks base method -func (m *MockConfig) CAServerCertFiles(arg0 string) ([]string, error) { - ret := m.ctrl.Call(m, "CAServerCertFiles", arg0) +// CAServerCertPaths mocks base method +func (m *MockConfig) CAServerCertPaths(arg0 string) ([]string, error) { + ret := m.ctrl.Call(m, "CAServerCertPaths", arg0) ret0, _ := ret[0].([]string) ret1, _ := ret[1].(error) return ret0, ret1 } -// CAServerCertFiles indicates an expected call of CAServerCertFiles -func (mr *MockConfigMockRecorder) CAServerCertFiles(arg0 interface{}) *gomock.Call { - return mr.mock.ctrl.RecordCallWithMethodType(mr.mock, "CAServerCertFiles", reflect.TypeOf((*MockConfig)(nil).CAServerCertFiles), arg0) +// CAServerCertPaths indicates an expected call of CAServerCertPaths +func (mr *MockConfigMockRecorder) CAServerCertPaths(arg0 interface{}) *gomock.Call { + return mr.mock.ctrl.RecordCallWithMethodType(mr.mock, "CAServerCertPaths", reflect.TypeOf((*MockConfig)(nil).CAServerCertPaths), arg0) } // CAServerCertPems mocks base method diff --git a/pkg/config/config.go b/pkg/config/config.go index bd761922eb..88c20b6768 100644 --- a/pkg/config/config.go +++ b/pkg/config/config.go @@ -196,9 +196,9 @@ func (c *Config) CAServerCertPems(org string) ([]string, error) { return certPems, nil } -// CAServerCertFiles Read configuration option for the server certificates +// CAServerCertPaths Read configuration option for the server certificates // will send a list of cert file paths -func (c *Config) CAServerCertFiles(org string) ([]string, error) { +func (c *Config) CAServerCertPaths(org string) ([]string, error) { config, err := c.NetworkConfig() if err != nil { return nil, err @@ -242,8 +242,8 @@ func (c *Config) getCAName(org string) (string, error) { return certAuthorityName, nil } -// CAClientKeyFile Read configuration option for the fabric CA client key file -func (c *Config) CAClientKeyFile(org string) (string, error) { +// CAClientKeyPath Read configuration option for the fabric CA client key file +func (c *Config) CAClientKeyPath(org string) (string, error) { config, err := c.NetworkConfig() if err != nil { return "", err @@ -282,8 +282,8 @@ func (c *Config) CAClientKeyPem(org string) (string, error) { return ca.TLSCACerts.Client.KeyPem, nil } -// CAClientCertFile Read configuration option for the fabric CA client cert file -func (c *Config) CAClientCertFile(org string) (string, error) { +// CAClientCertPath Read configuration option for the fabric CA client cert file +func (c *Config) CAClientCertPath(org string) (string, error) { config, err := c.NetworkConfig() if err != nil { return "", err diff --git a/pkg/config/config_test.go b/pkg/config/config_test.go index 427985a922..dcf4694c27 100644 --- a/pkg/config/config_test.go +++ b/pkg/config/config_test.go @@ -80,21 +80,21 @@ func TestCAConfig(t *testing.T) { crossCheckWithViperConfig(configImpl.configViper.GetString("client.cryptoconfig.path"), configImpl.CryptoConfigPath(), "Incorrect crypto config path", t) //Testing CA Client File Location - certfile, err := configImpl.CAClientCertFile(org1) + certfile, err := configImpl.CAClientCertPath(org1) if certfile == "" || err != nil { t.Fatalf("CA Cert file location read failed %s", err) } //Testing CA Key File Location - keyFile, err := configImpl.CAClientKeyFile(org1) + keyFile, err := configImpl.CAClientKeyPath(org1) if keyFile == "" || err != nil { t.Fatal("CA Key file location read failed") } //Testing CA Server Cert Files - sCertFiles, err := configImpl.CAServerCertFiles(org1) + sCertFiles, err := configImpl.CAServerCertPaths(org1) if sCertFiles == nil || len(sCertFiles) == 0 || err != nil { t.Fatal("Getting CA server cert files failed") @@ -194,19 +194,19 @@ func TestCAConfigFailsByNetworkConfig(t *testing.T) { } //Test CA client cert file failure scenario - certfile, err := sampleConfig.CAClientCertFile("peerorg1") + certfile, err := sampleConfig.CAClientCertPath("peerorg1") if certfile != "" || err == nil { t.Fatal("CA Cert file location read supposed to fail") } //Test CA client cert file failure scenario - keyFile, err := sampleConfig.CAClientKeyFile("peerorg1") + keyFile, err := sampleConfig.CAClientKeyPath("peerorg1") if keyFile != "" || err == nil { t.Fatal("CA Key file location read supposed to fail") } //Testing CA Server Cert Files failure scenario - sCertFiles, err := sampleConfig.CAServerCertFiles("peerorg1") + sCertFiles, err := sampleConfig.CAServerCertPaths("peerorg1") if len(sCertFiles) > 0 || err == nil { t.Fatal("Getting CA server cert files supposed to fail") } @@ -275,7 +275,7 @@ func TestCAConfigFailsByNetworkConfig(t *testing.T) { func TestTLSACAConfig(t *testing.T) { //Test TLSCA Cert Pool (Positive test case) - certFile, _ := configImpl.CAClientCertFile(org1) + certFile, _ := configImpl.CAClientCertPath(org1) _, err := configImpl.TLSCACertPool(certFile) if err != nil { t.Fatalf("TLS CA cert pool fetch failed, reason: %v", err) @@ -287,7 +287,7 @@ func TestTLSACAConfig(t *testing.T) { t.Fatalf("TLS CA cert pool was supposed to fail") } - keyFile, _ := configImpl.CAClientKeyFile(org1) + keyFile, _ := configImpl.CAClientKeyPath(org1) _, err = configImpl.TLSCACertPool(keyFile) if err == nil { t.Fatalf("TLS CA cert pool was supposed to fail when provided with wrong cert file") @@ -757,7 +757,7 @@ O94CDp7l2k7hMQI0zQ== t.Fatalf("%s Pem doesn't match. Expected \n'%s'\n, but got \n'%s'\n", peer0, pPem, loadedPPem) } - // get CAServerCertPems for org1 + // get CA Server cert pems (embedded) for org1 certs, err := c.CAServerCertPems("org1") if err != nil { t.Fatalf("Failed to load CAServerCertPems from config. Error: %s", err) @@ -766,20 +766,37 @@ O94CDp7l2k7hMQI0zQ== t.Fatalf("Got empty PEM certs for CAServerCertPems") } + // get the client cert pem (embedded) for org1 c.CAClientCertPem("org1") if err != nil { t.Fatalf("Failed to load CAClientCertPem from config. Error: %s", err) } + + // get CA Server certs paths for org1 + certs, err = c.CAServerCertPaths("org1") + if err != nil { + t.Fatalf("Failed to load CAServerCertPaths from config. Error: %s", err) + } if len(certs) == 0 { - t.Fatalf("Got empty PEM certs for CAClientCertPem") + t.Fatalf("Got empty cert file paths for CAServerCertPaths") } + // get the client cert path for org1 + c.CAClientCertPath("org1") + if err != nil { + t.Fatalf("Failed to load CAClientCertPath from config. Error: %s", err) + } + + // get the client key pem (embedded) for org1 c.CAClientKeyPem("org1") if err != nil { t.Fatalf("Failed to load CAClientKeyPem from config. Error: %s", err) } - if len(certs) == 0 { - t.Fatalf("Got empty PEM certs for CAClientKeyPem") + + // get the client key file path for org1 + c.CAClientKeyPath("org1") + if err != nil { + t.Fatalf("Failed to load CAClientKeyPath from config. Error: %s", err) } } diff --git a/pkg/fabric-ca-client/fabricca.go b/pkg/fabric-ca-client/fabricca.go index 82c1715519..574d39df0f 100644 --- a/pkg/fabric-ca-client/fabricca.go +++ b/pkg/fabric-ca-client/fabricca.go @@ -55,18 +55,18 @@ func NewFabricCAClient(org string, config config.Config, cryptoSuite apicryptosu //set server URL c.Config.URL = urlutil.ToAddress(conf.URL) //certs file list - c.Config.TLS.CertFiles, err = config.CAServerCertFiles(org) + c.Config.TLS.CertFiles, err = config.CAServerCertPaths(org) if err != nil { return nil, err } // set key file and cert file - c.Config.TLS.Client.CertFile, err = config.CAClientCertFile(org) + c.Config.TLS.Client.CertFile, err = config.CAClientCertPath(org) if err != nil { return nil, err } - c.Config.TLS.Client.KeyFile, err = config.CAClientKeyFile(org) + c.Config.TLS.Client.KeyFile, err = config.CAClientKeyPath(org) if err != nil { return nil, err } diff --git a/pkg/fabric-ca-client/fabricca_test.go b/pkg/fabric-ca-client/fabricca_test.go index 839626ee72..a311b59a91 100644 --- a/pkg/fabric-ca-client/fabricca_test.go +++ b/pkg/fabric-ca-client/fabricca_test.go @@ -293,10 +293,10 @@ func TestCreateNewFabricCAClientCertFilesMissingFailure(t *testing.T) { defer mockCtrl.Finish() mockConfig := mock_apiconfig.NewMockConfig(mockCtrl) mockConfig.EXPECT().CAConfig(org1).Return(&config.CAConfig{URL: ""}, nil) - mockConfig.EXPECT().CAServerCertFiles(org1).Return(nil, errors.New("CAServerCertFiles error")) + mockConfig.EXPECT().CAServerCertPaths(org1).Return(nil, errors.New("CAServerCertPaths error")) _, err := NewFabricCAClient(org1, mockConfig, cryptoSuiteProvider) - if err.Error() != "CAServerCertFiles error" { - t.Fatalf("Expected error from CAServerCertFiles. Got: %s", err.Error()) + if err.Error() != "CAServerCertPaths error" { + t.Fatalf("Expected error from CAServerCertPaths. Got: %s", err.Error()) } } @@ -306,11 +306,11 @@ func TestCreateNewFabricCAClientCertFileErrorFailure(t *testing.T) { defer mockCtrl.Finish() mockConfig := mock_apiconfig.NewMockConfig(mockCtrl) mockConfig.EXPECT().CAConfig(org1).Return(&config.CAConfig{URL: ""}, nil) - mockConfig.EXPECT().CAServerCertFiles(org1).Return([]string{"test"}, nil) - mockConfig.EXPECT().CAClientCertFile(org1).Return("", errors.New("CAClientCertFile error")) + mockConfig.EXPECT().CAServerCertPaths(org1).Return([]string{"test"}, nil) + mockConfig.EXPECT().CAClientCertPath(org1).Return("", errors.New("CAClientCertPath error")) _, err := NewFabricCAClient(org1, mockConfig, cryptoSuiteProvider) - if err.Error() != "CAClientCertFile error" { - t.Fatalf("Expected error from CAClientCertFile. Got: %s", err.Error()) + if err.Error() != "CAClientCertPath error" { + t.Fatalf("Expected error from CAClientCertPath. Got: %s", err.Error()) } } @@ -320,12 +320,12 @@ func TestCreateNewFabricCAClientKeyFileErrorFailure(t *testing.T) { defer mockCtrl.Finish() mockConfig := mock_apiconfig.NewMockConfig(mockCtrl) mockConfig.EXPECT().CAConfig(org1).Return(&config.CAConfig{URL: ""}, nil) - mockConfig.EXPECT().CAServerCertFiles(org1).Return([]string{"test"}, nil) - mockConfig.EXPECT().CAClientCertFile(org1).Return("", nil) - mockConfig.EXPECT().CAClientKeyFile(org1).Return("", errors.New("CAClientKeyFile error")) + mockConfig.EXPECT().CAServerCertPaths(org1).Return([]string{"test"}, nil) + mockConfig.EXPECT().CAClientCertPath(org1).Return("", nil) + mockConfig.EXPECT().CAClientKeyPath(org1).Return("", errors.New("CAClientKeyPath error")) _, err := NewFabricCAClient(org1, mockConfig, cryptoSuiteProvider) - if err.Error() != "CAClientKeyFile error" { - t.Fatalf("Expected error from CAClientKeyFile. Got: %s", err.Error()) + if err.Error() != "CAClientKeyPath error" { + t.Fatalf("Expected error from CAClientKeyPath. Got: %s", err.Error()) } } @@ -337,9 +337,9 @@ func TestCreateValidBCCSPOptsForNewFabricClient(t *testing.T) { clientMockObject := &config.ClientConfig{Organization: "org1", Logging: config.LoggingType{Level: "info"}, CryptoConfig: config.CCType{Path: "test/path"}} mockConfig.EXPECT().CAConfig(org1).Return(&config.CAConfig{}, nil) - mockConfig.EXPECT().CAServerCertFiles(org1).Return([]string{"test"}, nil) - mockConfig.EXPECT().CAClientCertFile(org1).Return("", nil) - mockConfig.EXPECT().CAClientKeyFile(org1).Return("", nil) + mockConfig.EXPECT().CAServerCertPaths(org1).Return([]string{"test"}, nil) + mockConfig.EXPECT().CAClientCertPath(org1).Return("", nil) + mockConfig.EXPECT().CAClientKeyPath(org1).Return("", nil) mockConfig.EXPECT().CAKeyStorePath().Return(os.TempDir()) mockConfig.EXPECT().Client().Return(clientMockObject, nil) mockConfig.EXPECT().SecurityProvider().Return("SW") diff --git a/pkg/fabric-ca-client/mocks/mockconfig.go b/pkg/fabric-ca-client/mocks/mockconfig.go index 5cf5c81f71..6765eaa9c6 100644 --- a/pkg/fabric-ca-client/mocks/mockconfig.go +++ b/pkg/fabric-ca-client/mocks/mockconfig.go @@ -38,8 +38,8 @@ func (c *MockConfig) CAServerCertPems(org string) ([]string, error) { return nil, nil } -// CAServerCertFiles Read configuration option for the server certificate files -func (c *MockConfig) CAServerCertFiles(org string) ([]string, error) { +// CAServerCertPaths Read configuration option for the server certificate files +func (c *MockConfig) CAServerCertPaths(org string) ([]string, error) { return nil, nil } @@ -48,8 +48,8 @@ func (c *MockConfig) CAClientKeyPem(org string) (string, error) { return "", nil } -// CAClientKeyFile Read configuration option for the fabric CA client key file -func (c *MockConfig) CAClientKeyFile(org string) (string, error) { +// CAClientKeyPath Read configuration option for the fabric CA client key file +func (c *MockConfig) CAClientKeyPath(org string) (string, error) { return "", nil } @@ -58,8 +58,8 @@ func (c *MockConfig) CAClientCertPem(org string) (string, error) { return "", nil } -// CAClientCertFile Read configuration option for the fabric CA client cert file -func (c *MockConfig) CAClientCertFile(org string) (string, error) { +// CAClientCertPath Read configuration option for the fabric CA client cert file +func (c *MockConfig) CAClientCertPath(org string) (string, error) { return "", nil } diff --git a/pkg/fabric-client/mocks/mockconfig.go b/pkg/fabric-client/mocks/mockconfig.go index ba4c4ea60a..172c0b4c80 100644 --- a/pkg/fabric-client/mocks/mockconfig.go +++ b/pkg/fabric-client/mocks/mockconfig.go @@ -46,8 +46,8 @@ func (c *MockConfig) CAServerCertPems(org string) ([]string, error) { return nil, nil } -//CAServerCertFiles Read configuration option for the server certificate files -func (c *MockConfig) CAServerCertFiles(org string) ([]string, error) { +//CAServerCertPaths Read configuration option for the server certificate files +func (c *MockConfig) CAServerCertPaths(org string) ([]string, error) { return nil, nil } @@ -56,8 +56,8 @@ func (c *MockConfig) CAClientKeyPem(org string) (string, error) { return "", nil } -//CAClientKeyFile Read configuration option for the fabric CA client key file -func (c *MockConfig) CAClientKeyFile(org string) (string, error) { +//CAClientKeyPath Read configuration option for the fabric CA client key file +func (c *MockConfig) CAClientKeyPath(org string) (string, error) { return "", nil } @@ -66,8 +66,8 @@ func (c *MockConfig) CAClientCertPem(org string) (string, error) { return "", nil } -//CAClientCertFile Read configuration option for the fabric CA client cert file -func (c *MockConfig) CAClientCertFile(org string) (string, error) { +//CAClientCertPath Read configuration option for the fabric CA client cert file +func (c *MockConfig) CAClientCertPath(org string) (string, error) { return "", nil } diff --git a/test/integration/channel_queries_test.go b/test/integration/channel_queries_test.go index 47d4731275..f371eed77e 100644 --- a/test/integration/channel_queries_test.go +++ b/test/integration/channel_queries_test.go @@ -249,7 +249,7 @@ func testQueryByChaincode(t *testing.T, channel fab.Channel, config config.Confi } // Configured cert for cert pool - cert, err := config.CAClientCertFile(org1Name) + cert, err := config.CAClientCertPath(org1Name) if err != nil { t.Fatal(err) }