Transferred MSP from FSC to TokenSDK

Signed-off-by: Alexandros Filios <alexandros.filios@ibm.com>
hyperledger-labs · Feb 29, 2024 · 26133bd · 26133bd
1 parent 11efbce
commit 26133bd
Show file tree

Hide file tree

Showing 53 changed files with 3,156 additions and 13 deletions.
diff --git a/integration/nwo/token/common/ppmgen.go b/integration/nwo/token/common/ppmgen.go
@@ -11,16 +11,15 @@ import (
  "path/filepath"
  "strconv"
 
- msp2 "github.com/hyperledger-labs/fabric-token-sdk/token/services/identity/msp"
-
  msp "github.com/IBM/idemix"
  math3 "github.com/IBM/mathlib"
- "github.com/hyperledger-labs/fabric-smart-client/platform/fabric/core/generic/msp/x509"
  "github.com/hyperledger-labs/fabric-token-sdk/integration/nwo/token/generators"
  "github.com/hyperledger-labs/fabric-token-sdk/integration/nwo/token/generators/dlog"
  "github.com/hyperledger-labs/fabric-token-sdk/integration/nwo/token/topology"
  "github.com/hyperledger-labs/fabric-token-sdk/token/core/fabtoken"
  cryptodlog "github.com/hyperledger-labs/fabric-token-sdk/token/core/zkatdlog/crypto"
+ msp2 "github.com/hyperledger-labs/fabric-token-sdk/token/services/identity/msp"
+ "github.com/hyperledger-labs/fabric-token-sdk/token/services/identity/msp/msp/x509"
  "github.com/pkg/errors"
 )
 

diff --git a/token/core/zkatdlog/crypto/audit/auditor_test.go b/token/core/zkatdlog/crypto/audit/auditor_test.go
@@ -12,7 +12,6 @@ import (
  "time"
 
  math "github.com/IBM/mathlib"
- idemix2 "github.com/hyperledger-labs/fabric-smart-client/platform/fabric/core/generic/msp/idemix"
  sig2 "github.com/hyperledger-labs/fabric-smart-client/platform/view/core/sig"
  _ "github.com/hyperledger-labs/fabric-smart-client/platform/view/services/db/driver/memory"
  "github.com/hyperledger-labs/fabric-smart-client/platform/view/services/kvs"
@@ -27,6 +26,7 @@ import (
  "github.com/hyperledger-labs/fabric-token-sdk/token/driver"
  "github.com/hyperledger-labs/fabric-token-sdk/token/services/identity"
  "github.com/hyperledger-labs/fabric-token-sdk/token/services/identity/msp/idemix"
+ idemix2 "github.com/hyperledger-labs/fabric-token-sdk/token/services/identity/msp/msp/idemix"
  msp2 "github.com/hyperledger/fabric/msp"
  . "github.com/onsi/ginkgo/v2"
  . "github.com/onsi/gomega"

diff --git a/token/core/zkatdlog/crypto/validator/validator_test.go b/token/core/zkatdlog/crypto/validator/validator_test.go
@@ -15,7 +15,6 @@ import (
  zkatdlog "github.com/hyperledger-labs/fabric-token-sdk/token/core/zkatdlog/nogh/driver"
 
  math "github.com/IBM/mathlib"
- idemix2 "github.com/hyperledger-labs/fabric-smart-client/platform/fabric/core/generic/msp/idemix"
  "github.com/hyperledger-labs/fabric-smart-client/platform/view/core/sig"
  _ "github.com/hyperledger-labs/fabric-smart-client/platform/view/services/db/driver/memory"
  "github.com/hyperledger-labs/fabric-smart-client/platform/view/services/kvs"
@@ -33,6 +32,7 @@ import (
  "github.com/hyperledger-labs/fabric-token-sdk/token/driver"
  "github.com/hyperledger-labs/fabric-token-sdk/token/services/identity"
  "github.com/hyperledger-labs/fabric-token-sdk/token/services/identity/msp/idemix"
+ idemix2 "github.com/hyperledger-labs/fabric-token-sdk/token/services/identity/msp/msp/idemix"
  msp2 "github.com/hyperledger/fabric/msp"
  . "github.com/onsi/ginkgo/v2"
  . "github.com/onsi/gomega"

diff --git a/token/core/zkatdlog/nogh/driver/deserializer.go b/token/core/zkatdlog/nogh/driver/deserializer.go
@@ -13,13 +13,13 @@ import (
 
  "github.com/hyperledger-labs/fabric-smart-client/platform/view/services/hash"
 
- idemix2 "github.com/hyperledger-labs/fabric-smart-client/platform/fabric/core/generic/msp/idemix"
  "github.com/hyperledger-labs/fabric-smart-client/platform/view/view"
  "github.com/hyperledger-labs/fabric-token-sdk/token/core/zkatdlog/crypto"
  "github.com/hyperledger-labs/fabric-token-sdk/token/driver"
  "github.com/hyperledger-labs/fabric-token-sdk/token/services/identity"
  "github.com/hyperledger-labs/fabric-token-sdk/token/services/identity/interop/htlc"
  "github.com/hyperledger-labs/fabric-token-sdk/token/services/identity/msp/idemix"
+ idemix2 "github.com/hyperledger-labs/fabric-token-sdk/token/services/identity/msp/msp/idemix"
  "github.com/hyperledger-labs/fabric-token-sdk/token/services/identity/msp/x509"
  "github.com/pkg/errors"
 )

diff --git a/token/services/identity/msp/common/common.go b/token/services/identity/msp/common/common.go
@@ -9,11 +9,11 @@ package common
 import (
  "reflect"
 
- "github.com/hyperledger-labs/fabric-smart-client/platform/fabric/core/generic/msp/idemix"
  "github.com/hyperledger-labs/fabric-smart-client/platform/fabric/driver"
  view2 "github.com/hyperledger-labs/fabric-smart-client/platform/view"
  "github.com/hyperledger-labs/fabric-smart-client/platform/view/core/sig"
  "github.com/hyperledger-labs/fabric-smart-client/platform/view/view"
+ "github.com/hyperledger-labs/fabric-token-sdk/token/services/identity/msp/msp/idemix"
  "github.com/pkg/errors"
 )
 

diff --git a/token/services/identity/msp/idemix/bccsp.go b/token/services/identity/msp/idemix/bccsp.go
@@ -11,7 +11,7 @@ import (
  "github.com/IBM/idemix/bccsp/keystore"
  bccsp "github.com/IBM/idemix/bccsp/types"
  math "github.com/IBM/mathlib"
- "github.com/hyperledger-labs/fabric-smart-client/platform/fabric/core/generic/msp/idemix"
+ "github.com/hyperledger-labs/fabric-token-sdk/token/services/identity/msp/msp/idemix"
  "github.com/pkg/errors"
 )
 

diff --git a/token/services/identity/msp/idemix/cache.go b/token/services/identity/msp/idemix/cache.go
@@ -9,9 +9,9 @@ package idemix
 import (
  "time"
 
- "github.com/hyperledger-labs/fabric-smart-client/platform/fabric/core/generic/msp/idemix"
  driver2 "github.com/hyperledger-labs/fabric-smart-client/platform/fabric/driver"
  "github.com/hyperledger-labs/fabric-smart-client/platform/view/view"
+ "github.com/hyperledger-labs/fabric-token-sdk/token/services/identity/msp/msp/idemix"
  "go.uber.org/zap/zapcore"
 )
 

diff --git a/token/services/identity/msp/idemix/deserializer.go b/token/services/identity/msp/idemix/deserializer.go
@@ -9,9 +9,9 @@ package idemix
 import (
  bccsp "github.com/IBM/idemix/bccsp/types"
  math "github.com/IBM/mathlib"
- "github.com/hyperledger-labs/fabric-smart-client/platform/fabric/core/generic/msp/idemix"
  "github.com/hyperledger-labs/fabric-smart-client/platform/view/view"
  "github.com/hyperledger-labs/fabric-token-sdk/token/driver"
+ "github.com/hyperledger-labs/fabric-token-sdk/token/services/identity/msp/msp/idemix"
  "github.com/pkg/errors"
 )
 

diff --git a/token/services/identity/msp/idemix/lm.go b/token/services/identity/msp/idemix/lm.go
@@ -17,7 +17,6 @@ import (
  "github.com/IBM/idemix/idemixmsp"
  math3 "github.com/IBM/mathlib"
  "github.com/hyperledger-labs/fabric-smart-client/pkg/utils/proto"
- idemix2 "github.com/hyperledger-labs/fabric-smart-client/platform/fabric/core/generic/msp/idemix"
  driver2 "github.com/hyperledger-labs/fabric-smart-client/platform/fabric/driver"
  "github.com/hyperledger-labs/fabric-smart-client/platform/view/services/flogging"
  "github.com/hyperledger-labs/fabric-smart-client/platform/view/services/hash"
@@ -27,6 +26,7 @@ import (
  driver3 "github.com/hyperledger-labs/fabric-token-sdk/token/services/db/driver"
  "github.com/hyperledger-labs/fabric-token-sdk/token/services/identity/msp/common"
  config2 "github.com/hyperledger-labs/fabric-token-sdk/token/services/identity/msp/config"
+ idemix2 "github.com/hyperledger-labs/fabric-token-sdk/token/services/identity/msp/msp/idemix"
  "github.com/hyperledger/fabric-protos-go/msp"
  "github.com/pkg/errors"
  "go.uber.org/zap/zapcore"

diff --git a/token/services/identity/msp/msp/idemix/audit.go b/token/services/identity/msp/msp/idemix/audit.go
@@ -0,0 +1,101 @@
+/*
+Copyright IBM Corp. All Rights Reserved.
+
+SPDX-License-Identifier: Apache-2.0
+*/
+
+package idemix
+
+import (
+ "encoding/json"
+
+ csp "github.com/IBM/idemix/bccsp/types"
+ "github.com/hyperledger-labs/fabric-smart-client/pkg/utils/proto"
+ m "github.com/hyperledger/fabric-protos-go/msp"
+ "github.com/pkg/errors"
+)
+
+type AuditInfo struct {
+ EidNymAuditData *csp.AttrNymAuditData
+ RhNymAuditData *csp.AttrNymAuditData
+ Attributes [][]byte
+ Csp csp.BCCSP `json:"-"`
+ IssuerPublicKey csp.Key `json:"-"`
+}
+
+func (a *AuditInfo) Bytes() ([]byte, error) {
+ return json.Marshal(a)
+}
+
+func (a *AuditInfo) FromBytes(raw []byte) error {
+ return json.Unmarshal(raw, a)
+}
+
+func (a *AuditInfo) EnrollmentID() string {
+ return string(a.Attributes[2])
+}
+
+func (a *AuditInfo) RevocationHandle() string {
+ return string(a.Attributes[3])
+}
+
+func (a *AuditInfo) Match(id []byte) error {
+ si := &m.SerializedIdentity{}
+ err := proto.Unmarshal(id, si)
+ if err != nil {
+ return errors.Wrap(err, "failed to unmarshal to msp.SerializedIdentity{}")
+ }
+
+ serialized := new(m.SerializedIdemixIdentity)
+ err = proto.Unmarshal(si.IdBytes, serialized)
+ if err != nil {
+ return errors.Wrap(err, "could not deserialize a SerializedIdemixIdentity")
+ }
+
+ // Audit EID
+ valid, err := a.Csp.Verify(
+ a.IssuerPublicKey,
+ serialized.Proof,
+ nil,
+ &csp.EidNymAuditOpts{
+ EidIndex: EIDIndex,
+ EnrollmentID: string(a.Attributes[EIDIndex]),
+ RNymEid: a.EidNymAuditData.Rand,
+ },
+ )
+ if err != nil {
+ return errors.Wrap(err, "error while verifying the nym eid")
+ }
+ if !valid {
+ return errors.New("invalid nym rh")
+ }
+
+ // Audit RH
+ valid, err = a.Csp.Verify(
+ a.IssuerPublicKey,
+ serialized.Proof,
+ nil,
+ &csp.RhNymAuditOpts{
+ RhIndex: RHIndex,
+ RevocationHandle: string(a.Attributes[RHIndex]),
+ RNymRh: a.RhNymAuditData.Rand,
+ },
+ )
+ if err != nil {
+ return errors.Wrap(err, "error while verifying the nym rh")
+ }
+ if !valid {
+ return errors.New("invalid nym eid")
+ }
+
+ return nil
+}
+
+func DeserializeAuditInfo(raw []byte) (*AuditInfo, error) {
+ auditInfo := &AuditInfo{}
+ err := auditInfo.FromBytes(raw)
+ if err != nil {
+ return nil, err
+ }
+ return auditInfo, nil
+}
diff --git a/token/services/identity/msp/msp/idemix/cache.go b/token/services/identity/msp/msp/idemix/cache.go
@@ -0,0 +1,132 @@
+/*
+Copyright IBM Corp. All Rights Reserved.
+
+SPDX-License-Identifier: Apache-2.0
+*/
+
+package idemix
+
+import (
+ "runtime"
+ "sync"
+ "time"
+
+ "github.com/hyperledger-labs/fabric-smart-client/platform/fabric/driver"
+ "github.com/hyperledger-labs/fabric-smart-client/platform/view/view"
+ "go.uber.org/zap/zapcore"
+)
+
+type IdentityCacheBackendFunc func(opts *driver.IdentityOptions) (view.Identity, []byte, error)
+
+type identityCacheEntry struct {
+ Identity view.Identity
+ Audit []byte
+}
+
+type IdentityCache struct {
+ once sync.Once
+ backed IdentityCacheBackendFunc
+ cache chan identityCacheEntry
+ opts *driver.IdentityOptions
+}
+
+func NewIdentityCache(backed IdentityCacheBackendFunc, size int, opts *driver.IdentityOptions) *IdentityCache {
+ ci := &IdentityCache{
+ backed: backed,
+ cache: make(chan identityCacheEntry, size),
+ opts: opts,
+ }
+
+ return ci
+}
+
+func (c *IdentityCache) Identity(opts *driver.IdentityOptions) (view.Identity, []byte, error) {
+ if opts != nil {
+ return c.fetchIdentityFromBackend(opts)
+ }
+
+ c.once.Do(func() {
+ if cap(c.cache) > 0 {
+ // Spin up as many background goroutines as we need to prepare identities in the background.
+ for i := 0; i < runtime.NumCPU(); i++ {
+ go c.provisionIdentities()
+ }
+ }
+ })
+
+ if logger.IsEnabledFor(zapcore.DebugLevel) {
+ logger.Debugf("fetching identity from cache...")
+ }
+
+ return c.fetchIdentityFromCache(opts)
+
+}
+
+func (c *IdentityCache) fetchIdentityFromCache(opts *driver.IdentityOptions) (view.Identity, []byte, error) {
+ var identity view.Identity
+ var audit []byte
+
+ var start time.Time
+
+ if logger.IsEnabledFor(zapcore.DebugLevel) {
+ start = time.Now()
+ }
+
+ timeout := time.NewTimer(time.Second)
+ defer timeout.Stop()
+
+ select {
+
+ case entry := <-c.cache:
+ identity = entry.Identity
+ audit = entry.Audit
+
+ if logger.IsEnabledFor(zapcore.DebugLevel) {
+ logger.Debugf("fetching identity from cache [%s][%d] took %v", identity, len(audit), time.Since(start))
+ }
+
+ case <-timeout.C:
+ id, a, err := c.backed(opts)
+ if err != nil {
+ return nil, nil, err
+ }
+ identity = id
+ audit = a
+
+ if logger.IsEnabledFor(zapcore.DebugLevel) {
+ logger.Debugf("fetching identity from backend after a timeout [%s][%d] took %v", identity, len(audit), time.Since(start))
+ }
+ }
+
+ return identity, audit, nil
+}
+
+func (c *IdentityCache) fetchIdentityFromBackend(opts *driver.IdentityOptions) (view.Identity, []byte, error) {
+ if logger.IsEnabledFor(zapcore.DebugLevel) {
+ logger.Debugf("fetching identity from backend")
+ }
+ id, audit, err := c.backed(opts)
+ if err != nil {
+ return nil, nil, err
+ }
+ if logger.IsEnabledFor(zapcore.DebugLevel) {
+ logger.Debugf("fetch identity from backend done [%s][%d]", id, len(audit))
+ }
+
+ return id, audit, nil
+}
+
+func (c *IdentityCache) provisionIdentities() {
+ count := 0
+ for {
+ id, audit, err := c.backed(c.opts)
+ if err != nil {
+ logger.Errorf("failed to provision identity [%s]", err)
+ continue
+ }
+ if logger.IsEnabledFor(zapcore.DebugLevel) {
+ logger.Debugf("generated new idemix identity [%d]", count)
+ }
+ c.cache <- identityCacheEntry{Identity: id, Audit: audit}
+ }
+}
diff --git a/token/services/identity/msp/msp/idemix/cache_test.go b/token/services/identity/msp/msp/idemix/cache_test.go
@@ -0,0 +1,33 @@
+/*
+Copyright IBM Corp. All Rights Reserved.
+
+SPDX-License-Identifier: Apache-2.0
+*/
+
+package idemix
+
+import (
+ "testing"
+
+ api2 "github.com/hyperledger-labs/fabric-smart-client/platform/fabric/driver"
+ "github.com/hyperledger-labs/fabric-smart-client/platform/view/view"
+ "github.com/stretchr/testify/assert"
+)
+
+func TestIdentityCache(t *testing.T) {
+ c := NewIdentityCache(func(opts *api2.IdentityOptions) (view.Identity, []byte, error) {
+ return []byte("hello world"), []byte("audit"), nil
+ }, 100, nil)
+ id, audit, err := c.Identity(&api2.IdentityOptions{
+ EIDExtension: true,
+ AuditInfo: nil,
+ })
+ assert.NoError(t, err)
+ assert.Equal(t, view.Identity([]byte("hello world")), id)
+ assert.Equal(t, []byte("audit"), audit)
+
+ id, audit, err = c.Identity(nil)
+ assert.NoError(t, err)
+ assert.Equal(t, view.Identity([]byte("hello world")), id)
+ assert.Equal(t, []byte("audit"), audit)
+}