Skip to content

Commit

Permalink
Merge pull request stratisproject#355 from zeptin/sync-20200506
Browse files Browse the repository at this point in the history
Add sync command to MSD CLI
  • Loading branch information
fassadlr authored May 6, 2020
2 parents 2e227f9 + 69e30e6 commit 4178d94
Show file tree
Hide file tree
Showing 4 changed files with 54 additions and 4 deletions.
47 changes: 45 additions & 2 deletions src/MembershipServices.Cli/Program.cs
Original file line number Diff line number Diff line change
Expand Up @@ -90,6 +90,25 @@ class ExtendOptions
public string Type { get; set; }
}

[Verb("sync", HelpText = "Synchronize local MSD with the specified CA.")]
class SyncOptions
{
[Option("datadir", Required = true, HelpText = "The location of the underlying node's root folder.")]
public string DataDir { get; set; }

[Option("caurl", Required = false, Default = "https://localhost:5001", HelpText = "The URL of the certificate authority to synchronize with.")]
public string CaUrl { get; set; }

[Option("caaccountid", Required = true, HelpText = "The account ID of the CA user.")]
public string CaAccountId { get; set; }

[Option("capassword", Required = true, HelpText = "The account password of the CA user.")]
public string CaPassword { get; set; }

[Option("password", Required = true, HelpText = "The password for the node's keystore.")]
public string Password { get; set; }
}

static int RunHelp(HelpOptions options)
{
return 0;
Expand Down Expand Up @@ -164,7 +183,6 @@ static int RunGenerate(GenerateOptions options)
File.WriteAllBytes(Path.Combine(nodeSettings.DataFolder.RootPath, CertificatesManager.ClientCertificateName), CaCertificatesManager.CreatePfx(clientCert, privateKey, keyStoreSettings.Password));

return 0;

}

static int RunShowTemplate(ShowTemplateOptions options)
Expand Down Expand Up @@ -224,16 +242,41 @@ static int RunExtend(ExtendOptions options)
return 0;
}

static int RunSync(SyncOptions options)
{
// TODO: Move this logic into a reusable method
var network = new TokenlessNetwork();
var nodeSettings = new NodeSettings(network, args: new[] { $"-datadir={options.DataDir}", $"-password={options.Password}", $"-caaccountid={options.CaAccountId}", $"-capassword={options.CaPassword}" });

var membershipServices = new MembershipServicesDirectory(nodeSettings);
membershipServices.Initialize();

var caClient = new CaClient(new Uri(options.CaUrl), new HttpClient(), int.Parse(options.CaAccountId), options.CaPassword);

foreach (var cert in caClient.GetAllCertificates())
{
membershipServices.AddLocalMember(cert.ToCertificate(), MemberType.NetworkPeer);
}

foreach (string thumbprint in caClient.GetRevokedCertificates())
{
membershipServices.RevokeCertificate(thumbprint);
}

return 0;
}

public static void Main(string[] args)
{
// https://hyperledger-fabric.readthedocs.io/en/release-2.0/commands/cryptogen.html
Parser.Default.ParseArguments<HelpOptions, GenerateOptions, ShowTemplateOptions, VersionOptions, ExtendOptions>(args)
Parser.Default.ParseArguments<HelpOptions, GenerateOptions, ShowTemplateOptions, VersionOptions, ExtendOptions, SyncOptions>(args)
.MapResult(
(HelpOptions opts) => RunHelp(opts),
(GenerateOptions opts) => RunGenerate(opts),
(ShowTemplateOptions opts) => RunShowTemplate(opts),
(VersionOptions opts) => RunVersion(opts),
(ExtendOptions opts) => RunExtend(opts),
(SyncOptions opts) => RunSync(opts),
errs => 1);
}
}
Expand Down
2 changes: 2 additions & 0 deletions src/MembershipServices/IMembershipServicesDirectory.cs
Original file line number Diff line number Diff line change
Expand Up @@ -13,6 +13,8 @@ public interface IMembershipServicesDirectory

X509Certificate GetCertificateForTransactionSigningPubKeyHash(byte[] transactionSigningPubKeyHash);

void RevokeCertificate(string thumbprint);

bool IsCertificateRevoked(string thumbprint);

/// <summary>
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -175,7 +175,8 @@ public void RevokeCertificate(string thumbprint)
file.Flush();
file.Dispose();

// TODO: Delete from the local MSD folders and mappings too?
// TODO: Delete from the other mappings & the local MSD folder(s)
this.mapThumbprints.TryRemove(thumbprint, out _);
}

public bool IsCertificateRevoked(string thumbprint)
Expand Down
6 changes: 5 additions & 1 deletion src/MembershipServices/MembershipServicesDirectory.cs
Original file line number Diff line number Diff line change
Expand Up @@ -2,7 +2,6 @@
using System.Collections;
using System.Collections.Generic;
using System.Linq;
using System.Runtime.CompilerServices;
using System.Security.Cryptography.X509Certificates;
using System.Text;
using CertificateAuthority;
Expand Down Expand Up @@ -124,6 +123,11 @@ public X509Certificate GetCertificateForTransactionSigningPubKeyHash(byte[] tran
return this.localMembershipServices.GetCertificateByTransactionSigningPubKeyHash(transactionSigningPubKeyHash);
}

public void RevokeCertificate(string thumbprint)
{
this.localMembershipServices.RevokeCertificate(thumbprint);
}

// TODO: Perhaps move revocation checking into a sub-component of the MSD to keep the top level cleaner.
public bool IsCertificateRevoked(string thumbprint)
{
Expand Down

0 comments on commit 4178d94

Please sign in to comment.