From ac89b893ff8d9c5315b4d5b45bcd22811a151af7 Mon Sep 17 00:00:00 2001 From: Aleksandar Likic Date: Fri, 9 Feb 2018 21:32:42 -0500 Subject: [PATCH] [FAB-8195] Loading embedded certs is broken Change-Id: I3207cbd64b426070c00fed5b4c5e0506b1caf72c Signed-off-by: Aleksandar Likic --- .../credentialmgr/credentialmgr.go | 42 +++++++++++-------- .../credentialmgr/credentialmgr_test.go | 42 ++++++++++++++++--- 2 files changed, 61 insertions(+), 23 deletions(-) diff --git a/pkg/fabric-client/credentialmgr/credentialmgr.go b/pkg/fabric-client/credentialmgr/credentialmgr.go index 4ed2696e8a..de64721dc0 100644 --- a/pkg/fabric-client/credentialmgr/credentialmgr.go +++ b/pkg/fabric-client/credentialmgr/credentialmgr.go @@ -94,31 +94,31 @@ func (mgr *CredentialManager) GetSigningIdentity(userName string) (*apifabclient return nil, errors.New("username is required") } - privateKey, err := mgr.getEmbeddedPrivateKey(userName) + certBytes, err := mgr.getEmbeddedCertBytes(userName) + if err != nil { - return nil, errors.WithMessage(err, "fetching embedded private key failed") + return nil, errors.WithMessage(err, "fetching embedded cert failed") } - mspID, err := mgr.config.MspID(mgr.orgName) + if certBytes == nil { + certBytes, err = mgr.getStoredCertBytes(userName) + + if err != nil { + return nil, errors.WithMessage(err, "fetching cert from store failed") + } + } + + if certBytes == nil { + return nil, fmt.Errorf("cert not found for user [%s]", userName) + } + + privateKey, err := mgr.getEmbeddedPrivateKey(userName) + if err != nil { - return nil, errors.WithMessage(err, "MSP ID config read failed") + return nil, errors.WithMessage(err, "fetching embedded private key failed") } - var certBytes []byte if privateKey == nil { - certBytes, err = mgr.getEmbeddedCertBytes(userName) - if err != nil { - return nil, errors.WithMessage(err, "fetching enbedded cert failed") - } - if certBytes == nil { - certBytes, err = mgr.getStoredCertBytes(userName) - if err != nil { - return nil, errors.WithMessage(err, "fetching cert from store failed") - } - } - if certBytes == nil { - return nil, fmt.Errorf("cert not found for user [%s]", userName) - } privateKey, err = mgr.getPivateKeyFromCert(userName, certBytes) if err != nil { return nil, errors.Wrapf(err, "getting private key from cert failed") @@ -129,6 +129,12 @@ func (mgr *CredentialManager) GetSigningIdentity(userName string) (*apifabclient return nil, fmt.Errorf("unable to find private key for user [%s]", userName) } + mspID, err := mgr.config.MspID(mgr.orgName) + + if err != nil { + return nil, errors.WithMessage(err, "MSP ID config read failed") + } + signingIdentity := &apifabclient.SigningIdentity{MspID: mspID, PrivateKey: privateKey, EnrollmentCert: certBytes} return signingIdentity, nil diff --git a/pkg/fabric-client/credentialmgr/credentialmgr_test.go b/pkg/fabric-client/credentialmgr/credentialmgr_test.go index cdeaaf4697..5129bd9ede 100644 --- a/pkg/fabric-client/credentialmgr/credentialmgr_test.go +++ b/pkg/fabric-client/credentialmgr/credentialmgr_test.go @@ -9,9 +9,11 @@ package credentialmgr import ( "testing" + "github.com/hyperledger/fabric-sdk-go/api/apifabclient" "github.com/hyperledger/fabric-sdk-go/pkg/config" "github.com/hyperledger/fabric-sdk-go/pkg/cryptosuite" fcmocks "github.com/hyperledger/fabric-sdk-go/pkg/fabric-client/mocks" + "github.com/pkg/errors" ) func TestCredentialManager(t *testing.T) { @@ -36,11 +38,29 @@ func TestCredentialManager(t *testing.T) { t.Fatalf("Should have failed to retrieve signing identity for non-existent user") } - _, err = credentialMgr.GetSigningIdentity("User1") + id, err := credentialMgr.GetSigningIdentity("User1") if err != nil { t.Fatalf("Failed to retrieve signing identity: %s", err) } + if err := checkSigningIdentity(id); err != nil { + t.Fatalf("checkSigningIdentity failes: %s", err) + } +} +func checkSigningIdentity(id *apifabclient.SigningIdentity) error { + if id == nil { + return errors.New("SigningIdentity is nil") + } + if id.EnrollmentCert == nil { + return errors.New("Enrollment cert is missing") + } + if id.MspID == "" { + return errors.New("MspID is missing") + } + if id.PrivateKey == nil { + return errors.New("private key is missing") + } + return nil } func TestInvalidOrgCredentialManager(t *testing.T) { @@ -80,23 +100,35 @@ func TestCredentialManagerFromEmbeddedCryptoConfig(t *testing.T) { t.Fatalf("Should have failed to retrieve signing identity for non-existent user") } - _, err = credentialMgr.GetSigningIdentity("EmbeddedUser") + id, err := credentialMgr.GetSigningIdentity("EmbeddedUser") if err != nil { t.Fatalf("Failed to retrieve signing identity: %+v", err) } + if err := checkSigningIdentity(id); err != nil { + t.Fatalf("checkSigningIdentity failes: %s", err) + } - _, err = credentialMgr.GetSigningIdentity("EmbeddedUserWithPaths") + id, err = credentialMgr.GetSigningIdentity("EmbeddedUserWithPaths") if err != nil { t.Fatalf("Failed to retrieve signing identity: %+v", err) } + if err := checkSigningIdentity(id); err != nil { + t.Fatalf("checkSigningIdentity failes: %s", err) + } - _, err = credentialMgr.GetSigningIdentity("EmbeddedUserMixed") + id, err = credentialMgr.GetSigningIdentity("EmbeddedUserMixed") if err != nil { t.Fatalf("Failed to retrieve signing identity: %+v", err) } + if err := checkSigningIdentity(id); err != nil { + t.Fatalf("checkSigningIdentity failes: %s", err) + } - _, err = credentialMgr.GetSigningIdentity("EmbeddedUserMixed2") + id, err = credentialMgr.GetSigningIdentity("EmbeddedUserMixed2") if err != nil { t.Fatalf("Failed to retrieve signing identity: %+v", err) } + if err := checkSigningIdentity(id); err != nil { + t.Fatalf("checkSigningIdentity failes: %s", err) + } }