diff --git a/pkg/client/common/selection/dynamicselection/ccpolicyprovider_test.go b/pkg/client/common/selection/dynamicselection/ccpolicyprovider_test.go index b63c583572..2b06fcebf8 100644 --- a/pkg/client/common/selection/dynamicselection/ccpolicyprovider_test.go +++ b/pkg/client/common/selection/dynamicselection/ccpolicyprovider_test.go @@ -82,14 +82,14 @@ func TestBadClient(t *testing.T) { // Non-existent user ccPolicyProvider, err := newCCPolicyProvider(sdk, "mychannel", "Invalid", "Org1") _, err = ccPolicyProvider.GetChaincodePolicy("mychannel") - if !strings.Contains(err.Error(), "Unable to load identity") { + if !strings.Contains(err.Error(), "user not found") { t.Fatalf("Should have failed for invalid user name: %v", err) } // Invalid org ccPolicyProvider, err = newCCPolicyProvider(sdk, "mychannel", "User1", "Invalid") _, err = ccPolicyProvider.GetChaincodePolicy("mychannel") - if !strings.Contains(err.Error(), "Unable to load identity") { + if !strings.Contains(err.Error(), "invalid org name") { t.Fatalf("Should have failed for invalid org name") } } diff --git a/pkg/context/api/identitymgr.go b/pkg/context/api/identitymgr.go index 42a6360809..6ca53e4af3 100644 --- a/pkg/context/api/identitymgr.go +++ b/pkg/context/api/identitymgr.go @@ -28,6 +28,7 @@ type SigningIdentity struct { // IdentityManager provides management of identities in a Fabric network type IdentityManager interface { GetSigningIdentity(name string) (*SigningIdentity, error) + GetUser(name string) (User, error) Enroll(enrollmentID string, enrollmentSecret string) error Reenroll(user User) error Register(request *RegistrationRequest) (string, error) diff --git a/pkg/context/api/mocks/mockidmgr.gen.go b/pkg/context/api/mocks/mockidmgr.gen.go index a0dc12c401..fd928aa419 100644 --- a/pkg/context/api/mocks/mockidmgr.gen.go +++ b/pkg/context/api/mocks/mockidmgr.gen.go @@ -71,6 +71,19 @@ func (mr *MockIdentityManagerMockRecorder) GetSigningIdentity(arg0 interface{}) return mr.mock.ctrl.RecordCallWithMethodType(mr.mock, "GetSigningIdentity", reflect.TypeOf((*MockIdentityManager)(nil).GetSigningIdentity), arg0) } +// GetUser mocks base method +func (m *MockIdentityManager) GetUser(arg0 string) (api.User, error) { + ret := m.ctrl.Call(m, "GetUser", arg0) + ret0, _ := ret[0].(api.User) + ret1, _ := ret[1].(error) + return ret0, ret1 +} + +// GetUser indicates an expected call of GetUser +func (mr *MockIdentityManagerMockRecorder) GetUser(arg0 interface{}) *gomock.Call { + return mr.mock.ctrl.RecordCallWithMethodType(mr.mock, "GetUser", reflect.TypeOf((*MockIdentityManager)(nil).GetUser), arg0) +} + // Reenroll mocks base method func (m *MockIdentityManager) Reenroll(arg0 api.User) error { ret := m.ctrl.Call(m, "Reenroll", arg0) diff --git a/pkg/context/api/userstore.go b/pkg/context/api/user.go similarity index 85% rename from pkg/context/api/userstore.go rename to pkg/context/api/user.go index 4264e2e867..9c52198d48 100644 --- a/pkg/context/api/userstore.go +++ b/pkg/context/api/user.go @@ -32,21 +32,8 @@ var ( // have access to the Peer identity’s private key. type User interface { MspID() string + Name() string Identity() ([]byte, error) PrivateKey() core.Key - Name() string EnrollmentCertificate() []byte - Roles() []string -} - -// UserKey is a lookup key in UserStore -type UserKey struct { - MspID string - Name string -} - -// UserStore is responsible for User persistence -type UserStore interface { - Store(User) error - Load(UserKey) (User, error) } diff --git a/pkg/core/identitymgr/certfileuserstore.go b/pkg/core/identitymgr/certfileuserstore.go new file mode 100644 index 0000000000..46fc050cc5 --- /dev/null +++ b/pkg/core/identitymgr/certfileuserstore.go @@ -0,0 +1,86 @@ +/* +Copyright SecureKey Technologies Inc. All Rights Reserved. + +SPDX-License-Identifier: Apache-2.0 +*/ + +package identitymgr + +import ( + "github.com/hyperledger/fabric-sdk-go/pkg/fab/keyvaluestore" + + "github.com/hyperledger/fabric-sdk-go/pkg/context/api" + "github.com/pkg/errors" +) + +// CertFileUserStore stores each user in a separate file. +// Only user's enrollment cert is stored, in pem format. +// File naming is @-cert.pem +type CertFileUserStore struct { + store api.KVStore +} + +func userIdentifierFromUser(user UserData) UserIdentifier { + return UserIdentifier{ + MspID: user.MspID, + Name: user.Name, + } +} + +func storeKeyFromUserIdentifier(key UserIdentifier) string { + return key.Name + "@" + key.MspID + "-cert.pem" +} + +// NewCertFileUserStore1 creates a new instance of CertFileUserStore +func NewCertFileUserStore1(store api.KVStore) (*CertFileUserStore, error) { + return &CertFileUserStore{ + store: store, + }, nil +} + +// NewCertFileUserStore creates a new instance of CertFileUserStore +func NewCertFileUserStore(path string) (*CertFileUserStore, error) { + if path == "" { + return nil, errors.New("path is empty") + } + store, err := keyvaluestore.New(&keyvaluestore.FileKeyValueStoreOptions{ + Path: path, + }) + if err != nil { + return nil, errors.WithMessage(err, "user store creation failed") + } + return NewCertFileUserStore1(store) +} + +// Load returns the User stored in the store for a key. +func (s *CertFileUserStore) Load(key UserIdentifier) (UserData, error) { + var userData UserData + cert, err := s.store.Load(storeKeyFromUserIdentifier(key)) + if err != nil { + if err == api.ErrNotFound { + return userData, api.ErrUserNotFound + } + return userData, err + } + certBytes, ok := cert.([]byte) + if !ok { + return userData, errors.New("user is not of proper type") + } + userData = UserData{ + MspID: key.MspID, + Name: key.Name, + EnrollmentCertificate: certBytes, + } + return userData, nil +} + +// Store stores a User into store +func (s *CertFileUserStore) Store(user UserData) error { + key := storeKeyFromUserIdentifier(UserIdentifier{MspID: user.MspID, Name: user.Name}) + return s.store.Store(key, user.EnrollmentCertificate) +} + +// Delete deletes a User from store +func (s *CertFileUserStore) Delete(key UserIdentifier) error { + return s.store.Delete(storeKeyFromUserIdentifier(key)) +} diff --git a/pkg/fab/identity/certfileuserstore_test.go b/pkg/core/identitymgr/certfileuserstore_test.go similarity index 52% rename from pkg/fab/identity/certfileuserstore_test.go rename to pkg/core/identitymgr/certfileuserstore_test.go index 4233e0f7bb..cec9d18cdb 100644 --- a/pkg/fab/identity/certfileuserstore_test.go +++ b/pkg/core/identitymgr/certfileuserstore_test.go @@ -4,7 +4,7 @@ Copyright SecureKey Technologies Inc. All Rights Reserved. SPDX-License-Identifier: Apache-2.0 */ -package identity +package identitymgr import ( "bytes" @@ -14,25 +14,13 @@ import ( "path" "testing" - "github.com/golang/mock/gomock" - - fabricCaUtil "github.com/hyperledger/fabric-sdk-go/internal/github.com/hyperledger/fabric-ca/util" "github.com/hyperledger/fabric-sdk-go/pkg/context/api" - "github.com/hyperledger/fabric-sdk-go/pkg/context/api/core" - "github.com/hyperledger/fabric-sdk-go/pkg/context/api/core/mocks" - "github.com/hyperledger/fabric-sdk-go/pkg/core/cryptosuite/bccsp/sw" "github.com/pkg/errors" ) var storePathRoot = "/tmp/testcertfileuserstore" var storePath = path.Join(storePathRoot, "-certs") -var testPrivKey1 = `-----BEGIN PRIVATE KEY----- -MIGHAgEAMBMGByqGSM49AgEGCCqGSM49AwEHBG0wawIBAQQgp4qKKB0WCEfx7XiB -5Ul+GpjM1P5rqc6RhjD5OkTgl5OhRANCAATyFT0voXX7cA4PPtNstWleaTpwjvbS -J3+tMGTG67f+TdCfDxWYMpQYxLlE8VkbEzKWDwCYvDZRMKCQfv2ErNvb ------END PRIVATE KEY-----` - var testCert1 = `-----BEGIN CERTIFICATE----- MIICGTCCAcCgAwIBAgIRALR/1GXtEud5GQL2CZykkOkwCgYIKoZIzj0EAwIwczEL MAkGA1UEBhMCVVMxEzARBgNVBAgTCkNhbGlmb3JuaWExFjAUBgNVBAcTDVNhbiBG @@ -48,12 +36,6 @@ AiaiI2BjxnL3/TetJ8iFJYZyWvK//an13WV/AiARBJd/pI5A7KZgQxJhXmmR8bie XdsmTcdRvJ3TS/6HCA== -----END CERTIFICATE-----` -var testPrivKey2 = `-----BEGIN PRIVATE KEY----- -MIGHAgEAMBMGByqGSM49AgEGCCqGSM49AwEHBG0wawIBAQQg5Ahcehypz6IpAYy6 -DtIf5zZsRjP4PtsmDhLbBJsXmD6hRANCAAR+YRAn8dFpDQDyvDA7JKPl5PoZenj3 -m1KOnMry/mOZcnXnTIh2ASV4ss8VluzBcyHGAv7BCmxXxDkjcV9eybv8 ------END PRIVATE KEY-----` - var testCert2 = `-----BEGIN CERTIFICATE----- MIICGjCCAcCgAwIBAgIRAIQkbh9nsGnLmDalAVlj8sUwCgYIKoZIzj0EAwIwczEL MAkGA1UEBhMCVVMxEzARBgNVBAgTCkNhbGlmb3JuaWExFjAUBgNVBAcTDVNhbiBG @@ -69,95 +51,62 @@ NrfToiPzJpEFPGF+/8CpzOkl91oz+XJsvdgf5wIgI/e8mpvpplUQbU52+LejA36D CsbWERvZPjR/GFEDEvc= -----END CERTIFICATE-----` -func crypto(t *testing.T) core.CryptoSuite { - mockCtrl := gomock.NewController(t) - defer mockCtrl.Finish() - - mockConfig := mock_core.NewMockConfig(mockCtrl) - mockConfig.EXPECT().SecurityProvider().Return("SW") - mockConfig.EXPECT().SecurityAlgorithm().Return("SHA2") - mockConfig.EXPECT().SecurityLevel().Return(256) - mockConfig.EXPECT().KeyStorePath().Return(path.Join(storePathRoot, "-keys")) - mockConfig.EXPECT().Ephemeral().Return(false) - - //Get cryptosuite using config - c, err := sw.GetSuiteByConfig(mockConfig) - if err != nil { - t.Fatalf("Not supposed to get error, but got: %v", err) - } - return c -} func TestStore(t *testing.T) { - cleanup(t, storePathRoot) - defer cleanup(t, storePathRoot) - - crypto := crypto(t) - - _, err := fabricCaUtil.ImportBCCSPKeyFromPEMBytes([]byte(testPrivKey1), crypto, false) - if err != nil { - t.Fatalf("ImportBCCSPKeyFromPEMBytes failed [%s]", err) - } - - _, err = fabricCaUtil.ImportBCCSPKeyFromPEMBytes([]byte(testPrivKey2), crypto, false) - if err != nil { - t.Fatalf("ImportBCCSPKeyFromPEMBytes failed [%s]", err) - } + cleanupTestPath(t, storePathRoot) + defer cleanupTestPath(t, storePathRoot) - store, err := NewCertFileUserStore(storePath, crypto) + store, err := NewCertFileUserStore(storePath) if err != nil { t.Fatalf("NewFileKeyValueStore failed [%s]", err) } - cleanup(t, storePath) - err = store.Store(nil) - if err == nil { - t.Fatal("Store(nil) should throw error") - } + cleanupTestPath(t, storePath) - user1 := &User{ - mspID: "Org1", - name: "user1", - enrollmentCertificate: []byte(testCert1), + user1 := UserData{ + MspID: "Org1", + Name: "user1", + EnrollmentCertificate: []byte(testCert1), } - user2 := &User{ - mspID: "Org2", - name: "user2", - enrollmentCertificate: []byte(testCert2), + user2 := UserData{ + MspID: "Org2", + Name: "user2", + EnrollmentCertificate: []byte(testCert2), } + if err := store.Store(user1); err != nil { - t.Fatalf("Store %s failed [%s]", user1.Name(), err) + t.Fatalf("Store %s failed [%s]", user1.Name, err) } if err := store.Store(user2); err != nil { - t.Fatalf("Store %s failed [%s]", user2.Name(), err) + t.Fatalf("Store %s failed [%s]", user2.Name, err) } // Check key1, value1 - if err := checkStoreValue(store, user1, user1.EnrollmentCertificate()); err != nil { - t.Fatalf("checkStoreValue %s failed [%s]", user1.Name(), err) + if err := checkStoreValue(store, user1, user1.EnrollmentCertificate); err != nil { + t.Fatalf("checkStoreValue %s failed [%s]", user1.Name, err) } - if err := store.Delete(user1); err != nil { - t.Fatalf("Delete %s failed [%s]", user1.Name(), err) + if err := store.Delete(userIdentifier(user1)); err != nil { + t.Fatalf("Delete %s failed [%s]", user1.Name, err) } - if err := checkStoreValue(store, user2, user2.EnrollmentCertificate()); err != nil { - t.Fatalf("checkStoreValue %s failed [%s]", user2.Name(), err) + if err := checkStoreValue(store, user2, user2.EnrollmentCertificate); err != nil { + t.Fatalf("checkStoreValue %s failed [%s]", user2.Name, err) } if err := checkStoreValue(store, user1, nil); err != api.ErrUserNotFound { - t.Fatalf("checkStoreValue %s failed, expected api.ErrUserNotFound, got: %v", user1.Name(), err) + t.Fatalf("checkStoreValue %s failed, expected api.ErrUserNotFound, got: %v", user1.Name, err) } // Check ke2, value2 - if err := checkStoreValue(store, user2, user2.EnrollmentCertificate()); err != nil { - t.Fatalf("checkStoreValue %s failed [%s]", user2.Name(), err) + if err := checkStoreValue(store, user2, user2.EnrollmentCertificate); err != nil { + t.Fatalf("checkStoreValue %s failed [%s]", user2.Name, err) } - if err := store.Delete(user2); err != nil { - t.Fatalf("Delete %s failed [%s]", user2.Name(), err) + if err := store.Delete(userIdentifier(user2)); err != nil { + t.Fatalf("Delete %s failed [%s]", user2.Name, err) } if err := checkStoreValue(store, user2, nil); err != api.ErrUserNotFound { - t.Fatalf("checkStoreValue %s failed, expected api.ErrUserNotFound, got: %v", user2.Name(), err) + t.Fatalf("checkStoreValue %s failed, expected api.ErrUserNotFound, got: %v", user2.Name, err) } // Check non-existing key - nonExistingKey := api.UserKey{ + nonExistingKey := UserIdentifier{ MspID: "Orgx", Name: "userx", } @@ -169,34 +118,20 @@ func TestStore(t *testing.T) { func TestCreateNewStore(t *testing.T) { - crypto := crypto(t) - - _, err := NewCertFileUserStore("", crypto) + _, err := NewCertFileUserStore("") if err == nil { t.Fatal("should return error for empty path") } - - _, err = NewCertFileUserStore("mypath", nil) - if err == nil { - t.Fatal("should return error for nil cryptosuite") - } -} - -func cleanup(t *testing.T, storePath string) { - err := os.RemoveAll(storePath) - if err != nil { - t.Fatalf("Cleaning up directory '%s' failed: %v", storePath, err) - } } -func checkStoreValue(store *CertFileUserStore, user api.User, expected []byte) error { - userKey := userKeyFromUser(user) - storeKey := storeKeyFromUserKey(userKeyFromUser(user)) - v, err := store.Load(userKey) +func checkStoreValue(store *CertFileUserStore, user UserData, expected []byte) error { + userIdentifier := userIdentifier(user) + storeKey := storeKeyFromUserIdentifier(userIdentifier) + v, err := store.Load(userIdentifier) if err != nil { return err } - if err = compare(v.EnrollmentCertificate(), expected); err != nil { + if err = compare(v.EnrollmentCertificate, expected); err != nil { return err } file := path.Join(storePath, storeKey) diff --git a/pkg/core/identitymgr/enrollment_test.go b/pkg/core/identitymgr/enrollment_test.go index 7e7cda85b4..6bdb99797b 100644 --- a/pkg/core/identitymgr/enrollment_test.go +++ b/pkg/core/identitymgr/enrollment_test.go @@ -15,10 +15,9 @@ import ( "github.com/hyperledger/fabric-sdk-go/pkg/context/api" "github.com/hyperledger/fabric-sdk-go/pkg/context/api/core" apimocks "github.com/hyperledger/fabric-sdk-go/pkg/context/api/mocks" - "github.com/hyperledger/fabric-sdk-go/pkg/fab/identity" - "github.com/hyperledger/fabric-sdk-go/pkg/core/config" "github.com/hyperledger/fabric-sdk-go/pkg/core/cryptosuite/bccsp/sw" + kvs "github.com/hyperledger/fabric-sdk-go/pkg/fab/keyvaluestore" ) var ( @@ -48,7 +47,7 @@ m1KOnMry/mOZcnXnTIh2ASV4ss8VluzBcyHGAv7BCmxXxDkjcV9eybv8 userToEnroll = "enrollmentID" userToEnrollMspID string - enrollmentTestUserStore api.UserStore + enrollmentTestUserStore UserStore ) func TestGetSigningIdentityWithEnrollment(t *testing.T) { @@ -74,14 +73,16 @@ func TestGetSigningIdentityWithEnrollment(t *testing.T) { // Delete all private keys from the crypto suite store // and users from the user store keyStorePath := config.KeyStorePath() + credentialStorePath := config.CredentialStorePath() cleanupTestPath(t, keyStorePath) defer cleanupTestPath(t, keyStorePath) - cleanupTestPath(t, clientCofig.CredentialStore.Path) - defer cleanupTestPath(t, clientCofig.CredentialStore.Path) + cleanupTestPath(t, credentialStorePath) + defer cleanupTestPath(t, credentialStorePath) cs, err := sw.GetSuiteByConfig(config) + stateStore := stateStoreFromConfig(t, config) - identityMgr, err := New(orgName, cs, config) + identityMgr, err := New(orgName, stateStore, cs, config) if err != nil { t.Fatalf("Failed to setup credential manager: %s", err) } @@ -91,7 +92,7 @@ func TestGetSigningIdentityWithEnrollment(t *testing.T) { } // Refers to the same location used by the IdentityManager - enrollmentTestUserStore, err = identity.NewCertFileUserStore(clientCofig.CredentialStore.Path, cs) + enrollmentTestUserStore, err = NewCertFileUserStore(clientCofig.CredentialStore.Path) if err != nil { t.Fatalf("Failed to setup userStore: %s", err) } @@ -134,8 +135,11 @@ func prepareForEnroll(t *testing.T, mc *apimocks.MockIdentityManager, cs core.Cr // Save the "new" cert to user store // This is done by IdentityManagement.Enroll() - user := identity.NewUser(userToEnrollMspID, userToEnroll) - user.SetEnrollmentCertificate([]byte(generatedCertBytes)) + user := UserData{ + MspID: userToEnrollMspID, + Name: userToEnroll, + EnrollmentCertificate: []byte(generatedCertBytes), + } err = enrollmentTestUserStore.Store(user) if err != nil { t.Fatalf("userStore.Store: %s", err) @@ -143,3 +147,11 @@ func prepareForEnroll(t *testing.T, mc *apimocks.MockIdentityManager, cs core.Cr }).Return(err) } + +func stateStoreFromConfig(t *testing.T, config core.Config) api.KVStore { + stateStore, err := kvs.New(&kvs.FileKeyValueStoreOptions{Path: config.CredentialStorePath()}) + if err != nil { + t.Fatalf("CreateNewFileKeyValueStore failed: %v", err) + } + return stateStore +} diff --git a/pkg/core/identitymgr/persistence/filecertstore.go b/pkg/core/identitymgr/filecertstore.go similarity index 98% rename from pkg/core/identitymgr/persistence/filecertstore.go rename to pkg/core/identitymgr/filecertstore.go index 578cb30dc7..ff8239a2a6 100644 --- a/pkg/core/identitymgr/persistence/filecertstore.go +++ b/pkg/core/identitymgr/filecertstore.go @@ -4,7 +4,7 @@ Copyright SecureKey Technologies Inc. All Rights Reserved. SPDX-License-Identifier: Apache-2.0 */ -package persistence +package identitymgr import ( "fmt" diff --git a/pkg/core/identitymgr/persistence/filekeystore.go b/pkg/core/identitymgr/filekeystore.go similarity index 97% rename from pkg/core/identitymgr/persistence/filekeystore.go rename to pkg/core/identitymgr/filekeystore.go index 81844ed35a..0fff002c1b 100644 --- a/pkg/core/identitymgr/persistence/filekeystore.go +++ b/pkg/core/identitymgr/filekeystore.go @@ -4,7 +4,7 @@ Copyright SecureKey Technologies Inc. All Rights Reserved. SPDX-License-Identifier: Apache-2.0 */ -package persistence +package identitymgr import ( "encoding/hex" diff --git a/pkg/core/identitymgr/getsigid.go b/pkg/core/identitymgr/getsigid.go index b0fc7f6b51..af97a8fe9b 100644 --- a/pkg/core/identitymgr/getsigid.go +++ b/pkg/core/identitymgr/getsigid.go @@ -17,30 +17,69 @@ import ( fabricCaUtil "github.com/hyperledger/fabric-sdk-go/internal/github.com/hyperledger/fabric-ca/util" "github.com/hyperledger/fabric-sdk-go/pkg/context/api" "github.com/hyperledger/fabric-sdk-go/pkg/context/api/core" - "github.com/hyperledger/fabric-sdk-go/pkg/core/identitymgr/persistence" "github.com/pkg/errors" ) -// GetSigningIdentity will sign the given object with provided key, +func newUser(userData UserData, cryptoSuite core.CryptoSuite) (*user, error) { + pubKey, err := cryptoutil.GetPublicKeyFromCert(userData.EnrollmentCertificate, cryptoSuite) + if err != nil { + return nil, errors.WithMessage(err, "fetching public key from cert failed") + } + pk, err := cryptoSuite.GetKey(pubKey.SKI()) + if err != nil { + return nil, errors.WithMessage(err, "cryptoSuite GetKey failed") + } + u := &user{ + mspID: userData.MspID, + name: userData.Name, + enrollmentCertificate: userData.EnrollmentCertificate, + privateKey: pk, + } + return u, nil +} + +func (mgr *IdentityManager) newUser(userData UserData) (*user, error) { + return newUser(userData, mgr.cryptoSuite) +} + +func (mgr *IdentityManager) loadUserFromStore(userName string) (api.User, error) { + if mgr.userStore == nil { + return nil, api.ErrUserNotFound + } + var user api.User + userData, err := mgr.userStore.Load(UserIdentifier{MspID: mgr.orgMspID, Name: userName}) + if err != nil { + return nil, err + } + user, err = mgr.newUser(userData) + if err != nil { + return nil, err + } + return user, nil +} + +// GetSigningIdentity returns a signing identity for the given user name func (mgr *IdentityManager) GetSigningIdentity(userName string) (*api.SigningIdentity, error) { - if userName == "" { - return nil, errors.New("username is required") + user, err := mgr.GetUser(userName) + if err != nil { + return nil, err } + signingIdentity := &api.SigningIdentity{MspID: user.MspID(), PrivateKey: user.PrivateKey(), EnrollmentCert: user.EnrollmentCertificate()} + return signingIdentity, nil +} - var signingIdentity *api.SigningIdentity +// GetUser returns a user for the given user name +func (mgr *IdentityManager) GetUser(userName string) (api.User, error) { - if mgr.userStore != nil { - user, err := mgr.userStore.Load(api.UserKey{MspID: mgr.orgMspID, Name: userName}) - if err == nil { - signingIdentity = &api.SigningIdentity{MspID: user.MspID(), PrivateKey: user.PrivateKey(), EnrollmentCert: user.EnrollmentCertificate()} - } else { - if err != api.ErrUserNotFound { - return nil, errors.Wrapf(err, "getting private key from cert failed") - } - // Not found, continue + u, err := mgr.loadUserFromStore(userName) + if err != nil { + if err != api.ErrUserNotFound { + return nil, errors.WithMessage(err, "getting private key from cert failed") } + // Not found, continue } - if signingIdentity == nil { + + if u == nil { certBytes, err := mgr.getEmbeddedCertBytes(userName) if err != nil && err != api.ErrUserNotFound { return nil, errors.WithMessage(err, "fetching embedded cert failed") @@ -61,7 +100,7 @@ func (mgr *IdentityManager) GetSigningIdentity(userName string) (*api.SigningIde if privateKey == nil { privateKey, err = mgr.getPrivateKeyFromCert(userName, certBytes) if err != nil { - return nil, errors.Wrapf(err, "getting private key from cert failed") + return nil, errors.WithMessage(err, "getting private key from cert failed") } } if privateKey == nil { @@ -71,9 +110,14 @@ func (mgr *IdentityManager) GetSigningIdentity(userName string) (*api.SigningIde if err != nil { return nil, errors.WithMessage(err, "MSP ID config read failed") } - signingIdentity = &api.SigningIdentity{MspID: mspID, PrivateKey: privateKey, EnrollmentCert: certBytes} + u = &user{ + mspID: mspID, + name: userName, + enrollmentCertificate: certBytes, + privateKey: privateKey, + } } - return signingIdentity, nil + return u, nil } func (mgr *IdentityManager) getEmbeddedCertBytes(userName string) ([]byte, error) { @@ -92,7 +136,7 @@ func (mgr *IdentityManager) getEmbeddedCertBytes(userName string) ([]byte, error } else if certPath != "" { pemBytes, err = ioutil.ReadFile(certPath) if err != nil { - return nil, errors.Wrapf(err, "reading cert from embedded path failed") + return nil, errors.WithMessage(err, "reading cert from embedded path failed") } } @@ -115,14 +159,14 @@ func (mgr *IdentityManager) getEmbeddedPrivateKey(userName string) (core.Key, er _, err := os.Stat(keyPath) if err != nil { if !os.IsNotExist(err) { - return nil, errors.Wrapf(err, "OS stat embedded path failed") + return nil, errors.WithMessage(err, "OS stat embedded path failed") } // file doesn't exist, continue } else { // file exists, try to read it pemBytes, err = ioutil.ReadFile(keyPath) if err != nil { - return nil, errors.Wrapf(err, "reading private key from embedded path failed") + return nil, errors.WithMessage(err, "reading private key from embedded path failed") } } } @@ -147,7 +191,7 @@ func (mgr *IdentityManager) getPrivateKeyPemFromKeyStore(userName string, ski [] return nil, nil } key, err := mgr.mspPrivKeyStore.Load( - &persistence.PrivKeyKey{ + &PrivKeyKey{ MspID: mgr.orgMspID, UserName: userName, SKI: ski, @@ -166,7 +210,7 @@ func (mgr *IdentityManager) getCertBytesFromCertStore(userName string) ([]byte, if mgr.mspCertStore == nil { return nil, api.ErrUserNotFound } - cert, err := mgr.mspCertStore.Load(&persistence.CertKey{ + cert, err := mgr.mspCertStore.Load(&CertKey{ MspID: mgr.orgMspID, UserName: userName, }) diff --git a/pkg/core/identitymgr/getsigid_test.go b/pkg/core/identitymgr/getsigid_test.go index 57654fe027..dba79daf1c 100644 --- a/pkg/core/identitymgr/getsigid_test.go +++ b/pkg/core/identitymgr/getsigid_test.go @@ -17,7 +17,6 @@ import ( "github.com/hyperledger/fabric-sdk-go/pkg/core/config" "github.com/hyperledger/fabric-sdk-go/pkg/core/cryptosuite" "github.com/hyperledger/fabric-sdk-go/pkg/core/cryptosuite/bccsp/sw" - "github.com/hyperledger/fabric-sdk-go/pkg/fab/identity" fcmocks "github.com/hyperledger/fabric-sdk-go/pkg/fab/mocks" "github.com/pkg/errors" ) @@ -79,14 +78,13 @@ func TestGetSigningIdentity(t *testing.T) { t.Fatalf("Failed to setup cryptoSuite: %s", err) } - // the same location used by credential manager. - // in the future all will use common user store instance from the SDK context - userStore, err := identity.NewCertFileUserStore(clientCofig.CredentialStore.Path, cryptoSuite) + stateStore := stateStoreFromConfig(t, config) + userStore, err := NewCertFileUserStore1(stateStore) if err != nil { t.Fatalf("Failed to setup userStore: %s", err) } - mgr, err := New(msp, cryptoSuite, config) + mgr, err := New(msp, stateStore, cryptoSuite, config) if err != nil { t.Fatalf("Failed to setup credential manager: %s", err) } @@ -113,8 +111,11 @@ func TestGetSigningIdentity(t *testing.T) { if err != nil { t.Fatalf("ImportBCCSPKeyFromPEMBytes failed [%s]", err) } - user1 := identity.NewUser(mspID, testUserName) - user1.SetEnrollmentCertificate([]byte(testCert)) + user1 := UserData{ + MspID: mspID, + Name: testUserName, + EnrollmentCertificate: []byte(testCert), + } err = userStore.Store(user1) if err != nil { t.Fatalf("userStore.Store: %s", err) @@ -156,9 +157,10 @@ func TestGetSigningIdentityInvalidOrg(t *testing.T) { if err != nil { t.Fatalf(err.Error()) } + stateStore := stateStoreFromConfig(t, config) // Invalid Org - _, err = New("invalidOrg", &fcmocks.MockCryptoSuite{}, config) + _, err = New("invalidOrg", stateStore, &fcmocks.MockCryptoSuite{}, config) if err == nil { t.Fatalf("Should have failed to setup manager for invalid org") } @@ -166,13 +168,14 @@ func TestGetSigningIdentityInvalidOrg(t *testing.T) { } func TestGetSigningIdentityFromEmbeddedCryptoConfig(t *testing.T) { - config, err := config.FromFile("../../../test/fixtures/config/config_test_embedded_pems.yaml")() + config, err := config.FromFile("../../../test/fixtures/config/config_test_embedded_pems.yaml")() if err != nil { t.Fatalf(err.Error()) } + stateStore := stateStoreFromConfig(t, config) - mgr, err := New(msp, cryptosuite.GetDefault(), config) + mgr, err := New(msp, stateStore, cryptosuite.GetDefault(), config) if err != nil { t.Fatalf("Failed to setup credential manager: %s", err) } diff --git a/pkg/core/identitymgr/identitymgr.go b/pkg/core/identitymgr/identitymgr.go index 3345249214..020f02e55f 100644 --- a/pkg/core/identitymgr/identitymgr.go +++ b/pkg/core/identitymgr/identitymgr.go @@ -15,8 +15,6 @@ import ( caapi "github.com/hyperledger/fabric-sdk-go/internal/github.com/hyperledger/fabric-ca/api" calib "github.com/hyperledger/fabric-sdk-go/internal/github.com/hyperledger/fabric-ca/lib" config "github.com/hyperledger/fabric-sdk-go/pkg/context/api/core" - "github.com/hyperledger/fabric-sdk-go/pkg/core/identitymgr/persistence" - "github.com/hyperledger/fabric-sdk-go/pkg/fab/identity" "github.com/hyperledger/fabric-sdk-go/pkg/logging" contextApi "github.com/hyperledger/fabric-sdk-go/pkg/context/api" @@ -35,7 +33,7 @@ type IdentityManager struct { embeddedUsers map[string]core.TLSKeyPair mspPrivKeyStore contextApi.KVStore mspCertStore contextApi.KVStore - userStore contextApi.UserStore + userStore UserStore // CA Client state caClient *calib.Client @@ -47,7 +45,7 @@ type IdentityManager struct { // @param {Config} client config for fabric-ca services // @returns {IdentityManager} IdentityManager instance // @returns {error} error, if any -func New(orgName string, cryptoSuite core.CryptoSuite, config config.Config) (*IdentityManager, error) { +func New(orgName string, stateStore contextApi.KVStore, cryptoSuite core.CryptoSuite, config config.Config) (*IdentityManager, error) { netConfig, err := config.NetworkConfig() if err != nil { @@ -72,11 +70,11 @@ func New(orgName string, cryptoSuite core.CryptoSuite, config config.Config) (*I if !filepath.IsAbs(orgCryptoPathTemplate) { orgCryptoPathTemplate = filepath.Join(config.CryptoConfigPath(), orgCryptoPathTemplate) } - mspPrivKeyStore, err = persistence.NewFileKeyStore(orgCryptoPathTemplate) + mspPrivKeyStore, err = NewFileKeyStore(orgCryptoPathTemplate) if err != nil { return nil, errors.Wrapf(err, "creating a private key store failed") } - mspCertStore, err = persistence.NewFileCertStore(orgCryptoPathTemplate) + mspCertStore, err = NewFileCertStore(orgCryptoPathTemplate) if err != nil { return nil, errors.Wrapf(err, "creating a cert store failed") } @@ -84,13 +82,9 @@ func New(orgName string, cryptoSuite core.CryptoSuite, config config.Config) (*I logger.Warnf("Cryptopath not provided for organization [%s], MSP stores not created", orgName) } - // In the future, shared UserStore from the SDK context will be used - var userStore contextApi.UserStore - if config.CredentialStorePath() != "" { - userStore, err = identity.NewCertFileUserStore(config.CredentialStorePath(), cryptoSuite) - if err != nil { - return nil, errors.Wrapf(err, "creating a user store failed") - } + userStore, err := NewCertFileUserStore1(stateStore) + if err != nil { + return nil, errors.Wrapf(err, "creating a user store failed") } var caName string @@ -146,10 +140,12 @@ func (im *IdentityManager) Enroll(enrollmentID string, enrollmentSecret string) if err != nil { return errors.Wrap(err, "enroll failed") } - user := identity.NewUser(im.orgMspID, enrollmentID) - user.SetEnrollmentCertificate(caresp.Identity.GetECert().Cert()) - user.SetPrivateKey(caresp.Identity.GetECert().Key()) - err = im.userStore.Store(user) + userData := UserData{ + MspID: im.orgMspID, + Name: enrollmentID, + EnrollmentCertificate: caresp.Identity.GetECert().Cert(), + } + err = im.userStore.Store(userData) if err != nil { return errors.Wrap(err, "enroll failed") } @@ -182,10 +178,12 @@ func (im *IdentityManager) Reenroll(user contextApi.User) error { if err != nil { return errors.Wrap(err, "reenroll failed") } - newUser := identity.NewUser(im.orgMspID, user.Name()) - newUser.SetEnrollmentCertificate(caresp.Identity.GetECert().Cert()) - newUser.SetPrivateKey(caresp.Identity.GetECert().Key()) - err = im.userStore.Store(newUser) + userData := UserData{ + MspID: im.orgMspID, + Name: user.Name(), + EnrollmentCertificate: caresp.Identity.GetECert().Cert(), + } + err = im.userStore.Store(userData) if err != nil { return errors.Wrap(err, "reenroll failed") } diff --git a/pkg/core/identitymgr/identitymgr_test.go b/pkg/core/identitymgr/identitymgr_test.go index a3b8bcfeb6..98e37f2f4e 100644 --- a/pkg/core/identitymgr/identitymgr_test.go +++ b/pkg/core/identitymgr/identitymgr_test.go @@ -24,7 +24,6 @@ import ( cryptosuiteimpl "github.com/hyperledger/fabric-sdk-go/pkg/core/cryptosuite/bccsp/sw" bccspwrapper "github.com/hyperledger/fabric-sdk-go/pkg/core/cryptosuite/bccsp/wrapper" "github.com/hyperledger/fabric-sdk-go/pkg/core/identitymgr/mocks" - "github.com/hyperledger/fabric-sdk-go/pkg/fab/identity" ) const ( @@ -40,7 +39,7 @@ var ( embeddedRegistrarConfig core.Config cryptoSuite core.CryptoSuite wrongURLConfig core.Config - userStore api.UserStore + userStore UserStore ) // TestMain Load testing config @@ -74,7 +73,7 @@ func TestMain(m *testing.M) { panic(fmt.Sprintf("Failed initialize cryptoSuite: %v", err)) } if fullConfig.CredentialStorePath() != "" { - userStore, err = identity.NewCertFileUserStore(fullConfig.CredentialStorePath(), cryptoSuite) + userStore, err = NewCertFileUserStore(fullConfig.CredentialStorePath()) if err != nil { panic(fmt.Sprintf("creating a user store failed: %v", err)) } @@ -96,7 +95,8 @@ func TestMain(m *testing.M) { // TestEnrollAndReenroll tests enrol/reenroll scenarios func TestEnrollAndReenroll(t *testing.T) { - identityManager, err := New(org1, cryptoSuite, fullConfig) + stateStore := stateStoreFromConfig(t, fullConfig) + identityManager, err := New(org1, stateStore, cryptoSuite, fullConfig) if err != nil { t.Fatalf("NewidentityManagerClient return error: %v", err) } @@ -116,7 +116,7 @@ func TestEnrollAndReenroll(t *testing.T) { // Successful enrollment enrollUserName := createRandomName() - enrolledUser, err := userStore.Load(api.UserKey{MspID: orgMspID, Name: enrollUserName}) + enrolledUserData, err := userStore.Load(UserIdentifier{MspID: orgMspID, Name: enrollUserName}) if err != api.ErrUserNotFound { t.Fatalf("Expected to not find user in user store") } @@ -124,7 +124,7 @@ func TestEnrollAndReenroll(t *testing.T) { if err != nil { t.Fatalf("identityManager Enroll return error %v", err) } - enrolledUser, err = userStore.Load(api.UserKey{MspID: orgMspID, Name: enrollUserName}) + enrolledUserData, err = userStore.Load(UserIdentifier{MspID: orgMspID, Name: enrollUserName}) if err != nil { t.Fatalf("Expected to load user from user store") } @@ -149,13 +149,17 @@ func TestEnrollAndReenroll(t *testing.T) { } // Reenroll with appropriate user + enrolledUser, err := identityManager.newUser(enrolledUserData) + if err != nil { + t.Fatalf("newUser return error %v", err) + } err = identityManager.Reenroll(enrolledUser) if err != nil { t.Fatalf("Reenroll return error %v", err) } // Try going against wrong CA URL - identityManager, err = New(org1, cryptoSuite, wrongURLConfig) + identityManager, err = New(org1, stateStore, cryptoSuite, wrongURLConfig) if err != nil { t.Fatalf("NewidentityManagerClient return error: %v", err) } @@ -169,7 +173,8 @@ func TestEnrollAndReenroll(t *testing.T) { // TestRegister tests multiple scenarios of registering a test (mocked or nil user) and their certs func TestRegister(t *testing.T) { - identityManager, err := New(org1, cryptoSuite, fullConfig) + stateStore := stateStoreFromConfig(t, fullConfig) + identityManager, err := New(org1, stateStore, cryptoSuite, fullConfig) if err != nil { t.Fatalf("NewidentityManagerClient returned error: %v", err) } @@ -202,7 +207,8 @@ func TestRegister(t *testing.T) { // TestEmbeddedRegister tests registration with embedded registrar idenityt func TestEmbeddedRegister(t *testing.T) { - identityManager, err := New(org1, cryptoSuite, embeddedRegistrarConfig) + stateStore := stateStoreFromConfig(t, embeddedRegistrarConfig) + identityManager, err := New(org1, stateStore, cryptoSuite, embeddedRegistrarConfig) if err != nil { t.Fatalf("NewidentityManagerClient returned error: %v", err) } @@ -223,7 +229,8 @@ func TestEmbeddedRegister(t *testing.T) { // TestRegisterNoRegistrar tests registration with no configured registrar identity func TestRegisterNoRegistrar(t *testing.T) { - identityManager, err := New(org1, cryptoSuite, noRegistrarConfig) + stateStore := stateStoreFromConfig(t, noRegistrarConfig) + identityManager, err := New(org1, stateStore, cryptoSuite, noRegistrarConfig) if err != nil { t.Fatalf("NewidentityManagerClient returned error: %v", err) } @@ -259,7 +266,8 @@ func TestRevoke(t *testing.T) { t.Fatalf("cryptosuite.GetSuiteByConfig returned error: %v", err) } - identityManager, err := New(org1, cryptoSuite, fullConfig) + stateStore := stateStoreFromConfig(t, fullConfig) + identityManager, err := New(org1, stateStore, cryptoSuite, fullConfig) if err != nil { t.Fatalf("NewidentityManagerClient returned error: %v", err) } @@ -284,7 +292,8 @@ func TestRevoke(t *testing.T) { // TestGetCAName will test the CAName is properly created once a new identityManagerClient is created func TestGetCAName(t *testing.T) { - identityManager, err := New(org1, cryptoSuite, fullConfig) + stateStore := stateStoreFromConfig(t, fullConfig) + identityManager, err := New(org1, stateStore, cryptoSuite, fullConfig) if err != nil { t.Fatalf("NewidentityManagerClient returned error: %v", err) } @@ -313,7 +322,9 @@ func TestCreateNewidentityManagerClientCAConfigMissingFailure(t *testing.T) { mockConfig.EXPECT().CryptoConfigPath().Return(fullConfig.CryptoConfigPath()).AnyTimes() mockConfig.EXPECT().CAConfig(org1).Return(nil, errors.New("CAConfig error")) mockConfig.EXPECT().CredentialStorePath().Return(dummyUserStorePath).AnyTimes() - mgr, err := New(org1, cryptoSuite, mockConfig) + + stateStore := stateStoreFromConfig(t, mockConfig) + mgr, err := New(org1, stateStore, cryptoSuite, mockConfig) if err != nil { t.Fatalf("failed to create IdentityManager: %v", err) } @@ -335,7 +346,9 @@ func TestCreateNewidentityManagerClientCertFilesMissingFailure(t *testing.T) { mockConfig.EXPECT().CAConfig(org1).Return(&core.CAConfig{}, nil).AnyTimes() mockConfig.EXPECT().CredentialStorePath().Return(dummyUserStorePath).AnyTimes() mockConfig.EXPECT().CAServerCertPaths(org1).Return(nil, errors.New("CAServerCertPaths error")) - mgr, err := New(org1, cryptoSuite, mockConfig) + + stateStore := stateStoreFromConfig(t, mockConfig) + mgr, err := New(org1, stateStore, cryptoSuite, mockConfig) if err != nil { t.Fatalf("failed to create IdentityManager: %v", err) } @@ -357,7 +370,9 @@ func TestCreateNewidentityManagerClientCertFileErrorFailure(t *testing.T) { mockConfig.EXPECT().CredentialStorePath().Return(dummyUserStorePath).AnyTimes() mockConfig.EXPECT().CAServerCertPaths(org1).Return([]string{"test"}, nil) mockConfig.EXPECT().CAClientCertPath(org1).Return("", errors.New("CAClientCertPath error")) - mgr, err := New(org1, cryptoSuite, mockConfig) + + stateStore := stateStoreFromConfig(t, mockConfig) + mgr, err := New(org1, stateStore, cryptoSuite, mockConfig) if err != nil { t.Fatalf("failed to create IdentityManager: %v", err) } @@ -380,7 +395,9 @@ func TestCreateNewidentityManagerClientKeyFileErrorFailure(t *testing.T) { mockConfig.EXPECT().CAServerCertPaths(org1).Return([]string{"test"}, nil) mockConfig.EXPECT().CAClientCertPath(org1).Return("", nil) mockConfig.EXPECT().CAClientKeyPath(org1).Return("", errors.New("CAClientKeyPath error")) - mgr, err := New(org1, cryptoSuite, mockConfig) + + stateStore := stateStoreFromConfig(t, mockConfig) + mgr, err := New(org1, stateStore, cryptoSuite, mockConfig) if err != nil { t.Fatalf("failed to create IdentityManager: %v", err) } @@ -394,11 +411,12 @@ func TestCreateNewidentityManagerClientKeyFileErrorFailure(t *testing.T) { func TestCreateValidBCCSPOptsForNewFabricClient(t *testing.T) { newCryptosuiteProvider, err := cryptosuiteimpl.GetSuiteByConfig(fullConfig) - if err != nil { t.Fatalf("Expected fabric client ryptosuite to be created with SW BCCS provider, but got %v", err.Error()) } - _, err = New(org1, newCryptosuiteProvider, fullConfig) + + stateStore := stateStoreFromConfig(t, fullConfig) + _, err = New(org1, stateStore, newCryptosuiteProvider, fullConfig) if err != nil { t.Fatalf("Expected fabric client to be created with SW BCCS provider, but got %v", err.Error()) } diff --git a/pkg/core/identitymgr/persistence/persistence.go b/pkg/core/identitymgr/persistence.go similarity index 52% rename from pkg/core/identitymgr/persistence/persistence.go rename to pkg/core/identitymgr/persistence.go index 8b424d7f95..9d31c07b3b 100644 --- a/pkg/core/identitymgr/persistence/persistence.go +++ b/pkg/core/identitymgr/persistence.go @@ -4,13 +4,7 @@ Copyright SecureKey Technologies Inc. All Rights Reserved. SPDX-License-Identifier: Apache-2.0 */ -package persistence - -import ( - "github.com/hyperledger/fabric-sdk-go/pkg/logging" -) - -var logger = logging.NewLogger("fabric_sdk_go") +package identitymgr // PrivKeyKey is a composite key for accessing a private key in the key store type PrivKeyKey struct { @@ -24,3 +18,17 @@ type CertKey struct { MspID string UserName string } + +// UserData is the representation of User in UserStore +// PrivateKey is stored separately, in the crypto store +type UserData struct { + Name string + MspID string + EnrollmentCertificate []byte +} + +// UserIdentifier is the User's unique identifier +type UserIdentifier struct { + MspID string + Name string +} diff --git a/pkg/fab/identity/identity.go b/pkg/core/identitymgr/user.go similarity index 56% rename from pkg/fab/identity/identity.go rename to pkg/core/identitymgr/user.go index c79a83ab08..34c5a65fcb 100644 --- a/pkg/fab/identity/identity.go +++ b/pkg/core/identitymgr/user.go @@ -4,7 +4,7 @@ Copyright SecureKey Technologies Inc. All Rights Reserved. SPDX-License-Identifier: Apache-2.0 */ -package identity +package identitymgr import ( "github.com/golang/protobuf/proto" @@ -14,74 +14,46 @@ import ( "github.com/pkg/errors" ) -// User represents a Fabric user registered at an MSP -type User struct { - name string +// Internal representation of a Fabric user +type user struct { mspID string - roles []string - privateKey core.Key + name string enrollmentCertificate []byte + privateKey core.Key } -// NewUser Constructor for a user. -// @param {string} mspID - The mspID for this user -// @param {string} name - The user name -// @returns {User} new user -func NewUser(mspID string, name string) *User { - return &User{mspID: mspID, name: name} +func userIdentifier(userData UserData) UserIdentifier { + return UserIdentifier{MspID: userData.MspID, Name: userData.Name} } // Name Get the user name. // @returns {string} The user name. -func (u *User) Name() string { +func (u *user) Name() string { return u.name } -// Roles Get the roles. -// @returns {[]string} The roles. -func (u *User) Roles() []string { - return u.roles -} - -// SetRoles Set the roles. -// @param roles {[]string} The roles. -func (u *User) SetRoles(roles []string) { - u.roles = roles -} - // EnrollmentCertificate Returns the underlying ECert representing this user’s identity. -func (u *User) EnrollmentCertificate() []byte { +func (u *user) EnrollmentCertificate() []byte { return u.enrollmentCertificate } -// SetEnrollmentCertificate Set the user’s Enrollment Certificate. -func (u *User) SetEnrollmentCertificate(cert []byte) { - u.enrollmentCertificate = cert -} - -// SetPrivateKey sets the crypto suite representation of the private key -// for this user -func (u *User) SetPrivateKey(privateKey core.Key) { - u.privateKey = privateKey -} - // PrivateKey returns the crypto suite representation of the private key -func (u *User) PrivateKey() core.Key { +func (u *user) PrivateKey() core.Key { return u.privateKey } // SetMspID sets the MSP for this user -func (u *User) SetMspID(mspID string) { +func (u *user) SetMspID(mspID string) { u.mspID = mspID } // MspID returns the MSP for this user -func (u *User) MspID() string { +func (u *user) MspID() string { return u.mspID } // Identity returns client's serialized identity -func (u *User) Identity() ([]byte, error) { +func (u *user) Identity() ([]byte, error) { serializedIdentity := &pb_msp.SerializedIdentity{Mspid: u.MspID(), IdBytes: u.EnrollmentCertificate()} identity, err := proto.Marshal(serializedIdentity) @@ -96,6 +68,12 @@ func (u *User) Identity() ([]byte, error) { // @param {int} count how many in the batch to obtain // @param {[]string} attributes list of attributes to include in the TCert // @return {[]tcert} An array of TCerts -func (u *User) GenerateTcerts(count int, attributes []string) { +func (u *user) GenerateTcerts(count int, attributes []string) { // not yet implemented } + +// UserStore is responsible for UserData persistence +type UserStore interface { + Store(UserData) error + Load(UserIdentifier) (UserData, error) +} diff --git a/pkg/core/identitymgr/user_test.go b/pkg/core/identitymgr/user_test.go new file mode 100644 index 0000000000..76eb000c89 --- /dev/null +++ b/pkg/core/identitymgr/user_test.go @@ -0,0 +1,98 @@ +/* +Copyright SecureKey Technologies Inc. All Rights Reserved. + +SPDX-License-Identifier: Apache-2.0 +*/ + +package identitymgr + +import ( + "bytes" + "testing" + + "github.com/hyperledger/fabric-sdk-go/internal/github.com/hyperledger/fabric-ca/util" + "github.com/hyperledger/fabric-sdk-go/pkg/core/config" + cryptosuiteimpl "github.com/hyperledger/fabric-sdk-go/pkg/core/cryptosuite/bccsp/sw" +) + +func TestUserMethods(t *testing.T) { + + testUserMspID := "testUserMspID" + testUserName := "testUserName" + + config, err := config.FromFile("testdata/config_test.yaml")() + if err != nil { + t.Fatalf("Failed to read config: %v", err) + } + // Delete all private keys from the crypto suite store + // and users from the user store + cleanupTestPath(t, config.KeyStorePath()) + defer cleanupTestPath(t, config.KeyStorePath()) + cleanupTestPath(t, config.CredentialStorePath()) + defer cleanupTestPath(t, config.CredentialStorePath()) + + cryptoSuite, err = cryptosuiteimpl.GetSuiteByConfig(config) + if cryptoSuite == nil { + t.Fatalf("Failed initialize cryptoSuite: %v", err) + } + + // Missing enrollment cert + userData := UserData{ + MspID: testUserMspID, + Name: testUserName, + } + _, err = newUser(userData, cryptoSuite) + if err == nil { + t.Fatalf("Expected newUser to fail when missing enrollment cert") + } + + // User not enrolled (have cert, but private key is not in crypto store) + userData.EnrollmentCertificate = generatedCertBytes + _, err = newUser(userData, cryptoSuite) + if err == nil { + t.Fatalf("Expected newUser to fail when user is not enrolled") + } + + // Import the key into the crypto suite's private key storage. + // This is normally done when a new user in enrolled + generatedKey, err := util.ImportBCCSPKeyFromPEMBytes(generatedKeyBytes, cryptoSuite, false) + + user, err := newUser(userData, cryptoSuite) + if err != nil { + t.Fatalf("newUser failed: %v", err) + } + + // Check MspID + if user.MspID() != testUserMspID { + t.Fatal("user.SetMspID Failed to MSP.") + } + + // Check Name + if user.Name() != testUserName { + t.Fatalf("NewUser create wrong user") + } + + // Check EnrolmentCert + verifyBytes(t, user.EnrollmentCertificate(), generatedCertBytes) + + // Check PrivateKey + verifyBytes(t, user.PrivateKey().SKI(), generatedKey.SKI()) + +} + +func verifyBytes(t *testing.T, v interface{}, expected []byte) error { + var vbytes []byte + var ok bool + if v == nil { + vbytes = nil + } else { + vbytes, ok = v.([]byte) + if !ok { + t.Fatalf("value is not []byte") + } + } + if bytes.Compare(vbytes, expected) != 0 { + t.Fatalf("value from store comparison failed") + } + return nil +} diff --git a/pkg/fab/client.go b/pkg/fab/client.go deleted file mode 100644 index e1a081e6d5..0000000000 --- a/pkg/fab/client.go +++ /dev/null @@ -1,264 +0,0 @@ -// +build deprecated - -/* -Copyright SecureKey Technologies Inc. All Rights Reserved. - -SPDX-License-Identifier: Apache-2.0 -*/ - -package fabricclient - -import ( - "github.com/hyperledger/fabric-sdk-go/pkg/context" - config "github.com/hyperledger/fabric-sdk-go/pkg/context/api/core" - "github.com/hyperledger/fabric-sdk-go/pkg/context/api/fab" - "github.com/hyperledger/fabric-sdk-go/third_party/github.com/hyperledger/fabric/protos/common" - pb "github.com/hyperledger/fabric-sdk-go/third_party/github.com/hyperledger/fabric/protos/peer" - - contextApi "github.com/hyperledger/fabric-sdk-go/pkg/context/api" - "github.com/hyperledger/fabric-sdk-go/pkg/context/api/core" - channel "github.com/hyperledger/fabric-sdk-go/pkg/fab/channel" - "github.com/hyperledger/fabric-sdk-go/pkg/fab/chconfig" - "github.com/hyperledger/fabric-sdk-go/pkg/fab/resource" - "github.com/hyperledger/fabric-sdk-go/pkg/fab/resource/api" - "github.com/hyperledger/fabric-sdk-go/pkg/logging" - "github.com/pkg/errors" -) - -var logger = logging.NewLogger("fabric_sdk_go") - -// Client enables access to a Fabric network. -type Client struct { - channels map[string]fab.Channel - cryptoSuite core.CryptoSuite - stateStore contextApi.UserStore - signingIdentity context.IdentityContext - config config.Config - signingManager contextApi.SigningManager -} - -type fabContext struct { - context.ProviderContext - context.IdentityContext -} - -// NewClient returns a Client instance. -// -// Deprecated: see fabsdk package. -func NewClient(config config.Config) *Client { - channels := make(map[string]fab.Channel) - c := Client{channels: channels, config: config} - return &c -} - -// NewChannel returns a channel instance with the given name. -// -// Deprecated: see fabsdk package. -func (c *Client) NewChannel(name string) (fab.Channel, error) { - if _, ok := c.channels[name]; ok { - return nil, errors.Errorf("channel %s already exists", name) - } - - ctx := fabContext{ProviderContext: c, IdentityContext: c.signingIdentity} - channel, err := channel.New(ctx, chconfig.NewChannelCfg(name)) - if err != nil { - return nil, err - } - c.channels[name] = channel - return c.channels[name], nil -} - -// Config returns the configuration of the client. -func (c *Client) Config() config.Config { - return c.config -} - -// Channel returns the channel by ID -func (c *Client) Channel(id string) fab.Channel { - return c.channels[id] -} - -// QueryChannelInfo ... -/* - * This is a network call to the designated Peer(s) to discover the channel information. - * The target Peer(s) must be part of the channel to be able to return the requested information. - * @param {string} name The name of the channel. - * @param {[]Peer} peers Array of target Peers to query. - * @returns {Channel} The channel instance for the name or error if the target Peer(s) does not know - * anything about the channel. - */ -func (c *Client) QueryChannelInfo(name string, peers []fab.Peer) (fab.Channel, error) { - return nil, errors.Errorf("Not implemented yet") -} - -// SetStateStore ... -// -// Deprecated: see fabsdk package. -/* - * The SDK should have a built-in key value store implementation (suggest a file-based implementation to allow easy setup during - * development). But production systems would want a store backed by database for more robust kvstore and clustering, - * so that multiple app instances can share app state via the database (note that this doesn’t necessarily make the app stateful). - * This API makes this pluggable so that different store implementations can be selected by the application. - */ -func (c *Client) SetStateStore(stateStore contextApi.UserStore) { - c.stateStore = stateStore -} - -// StateStore is a convenience method for obtaining the state store object in use for this client. -func (c *Client) StateStore() contextApi.UserStore { - return c.stateStore -} - -// SetCryptoSuite is a convenience method for obtaining the state store object in use for this client. -// -// Deprecated: see fabsdk package. -func (c *Client) SetCryptoSuite(cryptoSuite core.CryptoSuite) { - c.cryptoSuite = cryptoSuite -} - -// CryptoSuite is a convenience method for obtaining the CryptoSuite object in use for this client. -func (c *Client) CryptoSuite() core.CryptoSuite { - return c.cryptoSuite -} - -// SigningManager returns the signing manager -func (c *Client) SigningManager() contextApi.SigningManager { - return c.signingManager -} - -// SetSigningManager is a convenience method to set signing manager -// -// Deprecated: see fabsdk package. -func (c *Client) SetSigningManager(signingMgr contextApi.SigningManager) { - c.signingManager = signingMgr -} - -// SaveUserToStateStore ... -/* - * Sets an instance of the User class as the security context of this client instance. This user’s credentials (ECert) will be - * used to conduct transactions and queries with the blockchain network. Upon setting the user context, the SDK saves the object - * in a persistence cache if the “state store” has been set on the Client instance. If no state store has been set, - * this cache will not be established and the application is responsible for setting the user context again when the application - * crashed and is recovered. - */ -func (c *Client) SaveUserToStateStore(user contextApi.User) error { - if user == nil { - return errors.New("user required") - } - - if user.Name() == "" { - return errors.New("user name is empty") - } - - if c.stateStore == nil { - return errors.New("stateStore is nil") - } - err := c.stateStore.Store(user) - if err != nil { - return errors.WithMessage(err, "saving user failed") - } - return nil -} - -// LoadUserFromStateStore loads a user from user store. -// If user is not found, returns ErrUserNotFound -func (c *Client) LoadUserFromStateStore(mspID string, name string) (contextApi.User, error) { - if mspID == "" || name == "" { - return nil, errors.New("Invalid user key") - } - if c.stateStore == nil { - return nil, errors.New("Invalid state - start store is missing") - } - if c.cryptoSuite == nil { - return nil, errors.New("cryptoSuite required") - } - user, err := c.stateStore.Load(contextApi.UserKey{MspID: mspID, Name: name}) - if err != nil { - return nil, err - } - return user, nil -} - -// ExtractChannelConfig ... -/** - * Extracts the protobuf 'ConfigUpdate' object out of the 'ConfigEnvelope' - * that is produced by the ConfigTX tool. The returned object may then be - * signed using the signChannelConfig() method of this class. Once the all - * signatures have been collected this object and the signatures may be used - * on the updateChannel or createChannel requests. - * @param {byte[]} The bytes of the ConfigEnvelope protopuf - * @returns {byte[]} The bytes of the ConfigUpdate protobuf - */ -func (c *Client) ExtractChannelConfig(configEnvelope []byte) ([]byte, error) { - return resource.ExtractChannelConfig(configEnvelope) -} - -// SignChannelConfig ... -/** - * Sign a configuration - * @param {byte[]} config - The Configuration Update in byte form - * @return {ConfigSignature} - The signature of the current user on the config bytes - */ -func (c *Client) SignChannelConfig(config []byte, signer context.IdentityContext) (*common.ConfigSignature, error) { - ctx := fabContext{ProviderContext: c, IdentityContext: c.signingIdentity} - return resource.CreateConfigSignature(ctx, config) -} - -// CreateChannel ... -/** - * Calls the orderer to start building the new channel. - * Only one of the application instances needs to call this method. - * Once the channel is successfully created, this and other application - * instances only need to call Channel joinChannel() to participate on the channel. - * @param {Object} request - An object containing the following fields: - *
`name` : required - {string} The name of the new channel - *
`orderer` : required - {Orderer} object instance representing the - * Orderer to send the create request - *
`envelope` : optional - byte[] of the envelope object containing all - * required settings and signatures to initialize this channel. - * This envelope would have been created by the command - * line tool "configtx". - *
`config` : optional - {byte[]} Protobuf ConfigUpdate object extracted from - * a ConfigEnvelope created by the ConfigTX tool. - * see extractChannelConfig() - *
`signatures` : optional - {ConfigSignature[]} the list of collected signatures - * required by the channel create policy when using the `config` parameter. - * @returns {Result} Result Object with status on the create process. - */ -func (c *Client) CreateChannel(request api.CreateChannelRequest) (fab.TransactionID, error) { - ctx := fabContext{ProviderContext: c, IdentityContext: c.signingIdentity} - rc := resource.New(ctx) - return rc.CreateChannel(request) -} - -// QueryChannels queries the names of all the channels that a peer has joined. -func (c *Client) QueryChannels(peer fab.Peer) (*pb.ChannelQueryResponse, error) { - ctx := fabContext{ProviderContext: c, IdentityContext: c.signingIdentity} - rc := resource.New(ctx) - return rc.QueryChannels(peer) -} - -// QueryInstalledChaincodes queries the installed chaincodes on a peer. -// Returns the details of all chaincodes installed on a peer. -func (c *Client) QueryInstalledChaincodes(peer fab.Peer) (*pb.ChaincodeQueryResponse, error) { - ctx := fabContext{ProviderContext: c, IdentityContext: c.signingIdentity} - rc := resource.New(ctx) - return rc.QueryInstalledChaincodes(peer) -} - -// InstallChaincode sends an install proposal to one or more endorsing peers. -func (c *Client) InstallChaincode(req api.InstallChaincodeRequest) ([]*fab.TransactionProposalResponse, fab.TransactionID, error) { - ctx := fabContext{ProviderContext: c, IdentityContext: c.signingIdentity} - rc := resource.New(ctx) - return rc.InstallChaincode(req) -} - -// IdentityContext returns the current identity for signing. -func (c *Client) IdentityContext() context.IdentityContext { - return c.signingIdentity -} - -// SetIdentityContext sets the identity for signing -func (c *Client) SetIdentityContext(user context.IdentityContext) { - c.signingIdentity = user -} diff --git a/pkg/fab/client_test.go b/pkg/fab/client_test.go deleted file mode 100644 index 93871cdd4a..0000000000 --- a/pkg/fab/client_test.go +++ /dev/null @@ -1,196 +0,0 @@ -// +build deprecated - -/* -Copyright SecureKey Technologies Inc. All Rights Reserved. - -SPDX-License-Identifier: Apache-2.0 -*/ - -package fabricclient - -import ( - "bytes" - "os" - "path" - "testing" - - "github.com/golang/mock/gomock" - fabricCaUtil "github.com/hyperledger/fabric-sdk-go/internal/github.com/hyperledger/fabric-ca/util" - "github.com/hyperledger/fabric-sdk-go/pkg/context/api" - "github.com/hyperledger/fabric-sdk-go/pkg/context/api/core" - "github.com/hyperledger/fabric-sdk-go/pkg/context/api/core/mocks" - "github.com/hyperledger/fabric-sdk-go/pkg/core/cryptosuite/bccsp/sw" - "github.com/hyperledger/fabric-sdk-go/pkg/fab/identity" - mocks "github.com/hyperledger/fabric-sdk-go/pkg/fab/mocks" - "github.com/pkg/errors" -) - -var testMsp = "testMsp" - -var storePathRoot = "/tmp/testcertfileuserstore" -var storePath = path.Join(storePathRoot, "-certs") - -var testPrivKey1 = `-----BEGIN PRIVATE KEY----- -MIGHAgEAMBMGByqGSM49AgEGCCqGSM49AwEHBG0wawIBAQQgp4qKKB0WCEfx7XiB -5Ul+GpjM1P5rqc6RhjD5OkTgl5OhRANCAATyFT0voXX7cA4PPtNstWleaTpwjvbS -J3+tMGTG67f+TdCfDxWYMpQYxLlE8VkbEzKWDwCYvDZRMKCQfv2ErNvb ------END PRIVATE KEY-----` - -var testCert1 = `-----BEGIN CERTIFICATE----- -MIICGTCCAcCgAwIBAgIRALR/1GXtEud5GQL2CZykkOkwCgYIKoZIzj0EAwIwczEL -MAkGA1UEBhMCVVMxEzARBgNVBAgTCkNhbGlmb3JuaWExFjAUBgNVBAcTDVNhbiBG -cmFuY2lzY28xGTAXBgNVBAoTEG9yZzEuZXhhbXBsZS5jb20xHDAaBgNVBAMTE2Nh -Lm9yZzEuZXhhbXBsZS5jb20wHhcNMTcwNzI4MTQyNzIwWhcNMjcwNzI2MTQyNzIw -WjBbMQswCQYDVQQGEwJVUzETMBEGA1UECBMKQ2FsaWZvcm5pYTEWMBQGA1UEBxMN -U2FuIEZyYW5jaXNjbzEfMB0GA1UEAwwWVXNlcjFAb3JnMS5leGFtcGxlLmNvbTBZ -MBMGByqGSM49AgEGCCqGSM49AwEHA0IABPIVPS+hdftwDg8+02y1aV5pOnCO9tIn -f60wZMbrt/5N0J8PFZgylBjEuUTxWRsTMpYPAJi8NlEwoJB+/YSs29ujTTBLMA4G -A1UdDwEB/wQEAwIHgDAMBgNVHRMBAf8EAjAAMCsGA1UdIwQkMCKAIIeR0TY+iVFf -mvoEKwaToscEu43ZXSj5fTVJornjxDUtMAoGCCqGSM49BAMCA0cAMEQCID+dZ7H5 -AiaiI2BjxnL3/TetJ8iFJYZyWvK//an13WV/AiARBJd/pI5A7KZgQxJhXmmR8bie -XdsmTcdRvJ3TS/6HCA== ------END CERTIFICATE-----` - -func crypto(t *testing.T) core.CryptoSuite { - mockCtrl := gomock.NewController(t) - defer mockCtrl.Finish() - - mockConfig := mock_core.NewMockConfig(mockCtrl) - mockConfig.EXPECT().SecurityProvider().Return("SW") - mockConfig.EXPECT().SecurityAlgorithm().Return("SHA2") - mockConfig.EXPECT().SecurityLevel().Return(256) - mockConfig.EXPECT().KeyStorePath().Return(path.Join(storePathRoot, "-keys")) - mockConfig.EXPECT().Ephemeral().Return(false) - - //Get cryptosuite using config - c, err := sw.GetSuiteByConfig(mockConfig) - if err != nil { - t.Fatalf("Not supposed to get error, but got: %v", err) - } - return c -} - -func cleanup(storePath string) error { - err := os.RemoveAll(storePath) - if err != nil { - return errors.Wrapf(err, "Cleaning up directory '%s' failed", storePath) - } - return nil -} - -func TestClientMethods(t *testing.T) { - - cleanup(storePathRoot) - defer cleanup(storePathRoot) - - crypto := crypto(t) - _, err := fabricCaUtil.ImportBCCSPKeyFromPEMBytes([]byte(testPrivKey1), crypto, false) - if err != nil { - t.Fatalf("ImportBCCSPKeyFromPEMBytes failed [%s]", err) - } - - client := NewClient(mocks.NewMockConfig()) - if client.CryptoSuite() != nil { - t.Fatalf("Client CryptoSuite should initially be nil") - } - - client.SetCryptoSuite(crypto) - if client.CryptoSuite() == nil { - t.Fatalf("Client CryptoSuite should not be nil after setCryptoSuite") - } - - // Load nil user with no MspID - _, err = client.LoadUserFromStateStore("", "nonexistant") - if err == nil { - t.Fatalf("should return error for nil MspID") - } - - // Load nil user with no Name - _, err = client.LoadUserFromStateStore("nonexistant", "") - if err == nil { - t.Fatalf("should return error for nil Name") - } - - // Save nil user - err = client.SaveUserToStateStore(nil) - if err == nil { - t.Fatalf("should return error for nil user") - } - - // nil state store - client.SetStateStore(nil) - err = client.SaveUserToStateStore(mocks.NewMockUser("hello")) - if err == nil { - t.Fatalf("should return error for nil state store") - } - - //Client tests: Create new chain - chain, err := client.NewChannel("someChain") - if err != nil { - t.Fatalf("client.NewChain return error[%s]", err) - } - if chain.Name() != "someChain" { - t.Fatalf("client.NewChain create wrong chain") - } - chain1 := client.Channel("someChain") - if chain1.Name() != "someChain" { - t.Fatalf("client.NewChain create wrong chain") - } - - stateStore, err := identity.NewCertFileUserStore(storePath, crypto) - if err != nil { - t.Fatalf("CreateNewFileKeyValueStore return error[%s]", err) - } - client.SetStateStore(stateStore) - - // Load unknown user - _, err = client.LoadUserFromStateStore("nonexistant", "nonexistant") - if err != api.ErrUserNotFound { - t.Fatalf("should return ErrUserNotFound, got: %v", err) - } - - saveUser := identity.NewUser("myname", "mymsp") - saveUser.SetEnrollmentCertificate([]byte(testCert1)) - client.StateStore().Store(saveUser) - retrievedUser, err := client.StateStore().Load(api.UserKey{MspID: saveUser.MspID(), Name: saveUser.Name()}) - if err != nil { - t.Fatalf("client.StateStore().Load() return error[%s]", err) - } - if retrievedUser.MspID() != saveUser.MspID() { - t.Fatalf("MspID doesn't match") - } - if retrievedUser.Name() != saveUser.Name() { - t.Fatalf("Name doesn't match") - } - if string(retrievedUser.EnrollmentCertificate()) != string(saveUser.EnrollmentCertificate()) { - t.Fatalf("EnrollmentCertificate doesn't match") - } - - // Set and use siging manager - client.SetSigningManager(mocks.NewMockSigningManager()) - - greeting := []byte("Hello") - signedObj, err := client.SigningManager().Sign(greeting, nil) - if err != nil { - t.Fatalf("Failed to sign object.") - } - - if !bytes.Equal(signedObj, greeting) { - t.Fatalf("Expecting Hello, got %s", signedObj) - } -} - -func TestQueryMethodsOnClient(t *testing.T) { - client := NewClient(mocks.NewMockConfig()) - - _, err := client.QueryChannels(nil) - if err == nil { - t.Fatalf("QueryChanels: peer cannot be nil") - } - - _, err = client.QueryInstalledChaincodes(nil) - if err == nil { - t.Fatalf("QueryInstalledChaincodes: peer cannot be nil") - } - -} diff --git a/pkg/fab/identity/certfileuserstore.go b/pkg/fab/identity/certfileuserstore.go deleted file mode 100644 index a91249fb50..0000000000 --- a/pkg/fab/identity/certfileuserstore.go +++ /dev/null @@ -1,99 +0,0 @@ -/* -Copyright SecureKey Technologies Inc. All Rights Reserved. - -SPDX-License-Identifier: Apache-2.0 -*/ - -package identity - -import ( - "github.com/hyperledger/fabric-sdk-go/pkg/context/api/core" - "github.com/hyperledger/fabric-sdk-go/pkg/core/config/cryptoutil" - "github.com/hyperledger/fabric-sdk-go/pkg/fab/keyvaluestore" - - contextApi "github.com/hyperledger/fabric-sdk-go/pkg/context/api" - "github.com/pkg/errors" -) - -// CertFileUserStore stores each user in a separate file. -// Only user's enrollment cert is stored, in pem format. -// File naming is @-cert.pem -type CertFileUserStore struct { - store *keyvaluestore.FileKeyValueStore - cryptoSuite core.CryptoSuite -} - -func userKeyFromUser(user contextApi.User) contextApi.UserKey { - return contextApi.UserKey{ - MspID: user.MspID(), - Name: user.Name(), - } -} - -func storeKeyFromUserKey(key contextApi.UserKey) string { - return key.Name + "@" + key.MspID + "-cert.pem" -} - -// NewCertFileUserStore creates a new instance of CertFileUserStore -func NewCertFileUserStore(path string, cryptoSuite core.CryptoSuite) (*CertFileUserStore, error) { - if path == "" { - return nil, errors.New("path is empty") - } - if cryptoSuite == nil { - return nil, errors.New("cryptoSuite is nil") - } - store, err := keyvaluestore.New(&keyvaluestore.FileKeyValueStoreOptions{ - Path: path, - }) - if err != nil { - return nil, errors.Wrap(err, "user store creation failed") - } - return &CertFileUserStore{ - store: store, - cryptoSuite: cryptoSuite, - }, nil -} - -// Load returns the User stored in the store for a key. -func (s *CertFileUserStore) Load(key contextApi.UserKey) (contextApi.User, error) { - cert, err := s.store.Load(storeKeyFromUserKey(key)) - if err != nil { - if err == contextApi.ErrNotFound { - return nil, contextApi.ErrUserNotFound - } - return nil, err - } - certBytes, ok := cert.([]byte) - if !ok { - return nil, errors.New("user is not of proper type") - } - pubKey, err := cryptoutil.GetPublicKeyFromCert(certBytes, s.cryptoSuite) - if err != nil { - return nil, errors.WithMessage(err, "fetching public key from cert failed") - } - pk, err := s.cryptoSuite.GetKey(pubKey.SKI()) - if err != nil { - return nil, errors.Wrap(err, "cryptoSuite GetKey failed") - } - u := &User{ - mspID: key.MspID, - name: key.Name, - enrollmentCertificate: certBytes, - privateKey: pk, - } - return u, nil -} - -// Store stores a User into store -func (s *CertFileUserStore) Store(user contextApi.User) error { - if user == nil { - return errors.New("user is nil") - } - key := storeKeyFromUserKey(userKeyFromUser(user)) - return s.store.Store(key, user.EnrollmentCertificate()) -} - -// Delete deletes a User from store -func (s *CertFileUserStore) Delete(user contextApi.User) error { - return s.store.Delete(storeKeyFromUserKey(userKeyFromUser(user))) -} diff --git a/pkg/fab/identity/identity_test.go b/pkg/fab/identity/identity_test.go deleted file mode 100644 index e10838e93e..0000000000 --- a/pkg/fab/identity/identity_test.go +++ /dev/null @@ -1,81 +0,0 @@ -/* -Copyright SecureKey Technologies Inc. All Rights Reserved. - -SPDX-License-Identifier: Apache-2.0 -*/ - -package identity - -import ( - "testing" - - "io/ioutil" - - bccspwrapper "github.com/hyperledger/fabric-sdk-go/pkg/core/cryptosuite/bccsp/wrapper" - "github.com/hyperledger/fabric-sdk-go/pkg/core/identitymgr/mocks" -) - -func TestUserMethods(t *testing.T) { - user := NewUser("testMSP", "testUser") - - //test Name - if user.Name() != "testUser" { - t.Fatalf("NewUser create wrong user") - } - - // test Roles - var roles []string - roles = append(roles, "admin") - roles = append(roles, "user") - user.SetRoles(roles) - - if user.Roles()[0] != "admin" { - t.Fatalf("user.GetRoles() return wrong user") - } - if user.Roles()[1] != "user" { - t.Fatalf("user.GetRoles() return wrong user") - } - - // test PrivateKey - privateKey := bccspwrapper.GetKey(&mocks.MockKey{}) - - user.SetPrivateKey(privateKey) - - returnKey := user.PrivateKey() - if returnKey == nil { - t.Fatalf("GetKey() after SetKey() returned nil.") - } - - if returnKey != privateKey { - t.Fatalf("user.SetKey() and GetKey() don't return matching keys.") - } - - // test TCerts - var attributes []string - user.GenerateTcerts(1, attributes) // TODO implement test when function is implemented - - // test EnrolmentCert - cert := readCert(t) - user.SetEnrollmentCertificate(cert) - setCert := user.EnrollmentCertificate() - if len(cert) != len(setCert) { - t.Fatal("user.SetEnrollmentCertificate did not set the same cert.") - } - - // test MSP - user.SetMspID("test") - mspID := user.MspID() - if mspID != "test" { - t.Fatal("user.SetMspID Failed to MSP.") - } - -} - -// Reads a random cert for testing -func readCert(t *testing.T) []byte { - cert, err := ioutil.ReadFile("testdata/root.pem") - if err != nil { - t.Fatalf("Error reading cert: %s", err.Error()) - } - return cert -} diff --git a/pkg/fab/identity/testdata/root.pem b/pkg/fab/identity/testdata/root.pem deleted file mode 100644 index 8d98dfa59e..0000000000 --- a/pkg/fab/identity/testdata/root.pem +++ /dev/null @@ -1,15 +0,0 @@ ------BEGIN CERTIFICATE----- -MIICYjCCAgmgAwIBAgIUB3CTDOU47sUC5K4kn/Caqnh114YwCgYIKoZIzj0EAwIw -fzELMAkGA1UEBhMCVVMxEzARBgNVBAgTCkNhbGlmb3JuaWExFjAUBgNVBAcTDVNh -biBGcmFuY2lzY28xHzAdBgNVBAoTFkludGVybmV0IFdpZGdldHMsIEluYy4xDDAK -BgNVBAsTA1dXVzEUMBIGA1UEAxMLZXhhbXBsZS5jb20wHhcNMTYxMDEyMTkzMTAw -WhcNMjExMDExMTkzMTAwWjB/MQswCQYDVQQGEwJVUzETMBEGA1UECBMKQ2FsaWZv -cm5pYTEWMBQGA1UEBxMNU2FuIEZyYW5jaXNjbzEfMB0GA1UEChMWSW50ZXJuZXQg -V2lkZ2V0cywgSW5jLjEMMAoGA1UECxMDV1dXMRQwEgYDVQQDEwtleGFtcGxlLmNv -bTBZMBMGByqGSM49AgEGCCqGSM49AwEHA0IABKIH5b2JaSmqiQXHyqC+cmknICcF -i5AddVjsQizDV6uZ4v6s+PWiJyzfA/rTtMvYAPq/yeEHpBUB1j053mxnpMujYzBh -MA4GA1UdDwEB/wQEAwIBBjAPBgNVHRMBAf8EBTADAQH/MB0GA1UdDgQWBBQXZ0I9 -qp6CP8TFHZ9bw5nRtZxIEDAfBgNVHSMEGDAWgBQXZ0I9qp6CP8TFHZ9bw5nRtZxI -EDAKBggqhkjOPQQDAgNHADBEAiAHp5Rbp9Em1G/UmKn8WsCbqDfWecVbZPQj3RK4 -oG5kQQIgQAe4OOKYhJdh3f7URaKfGTf492/nmRmtK+ySKjpHSrU= ------END CERTIFICATE----- diff --git a/pkg/fab/mocks/mockidentitymgr.go b/pkg/fab/mocks/mockidentitymgr.go index 0ed47e2403..01cf563769 100644 --- a/pkg/fab/mocks/mockidentitymgr.go +++ b/pkg/fab/mocks/mockidentitymgr.go @@ -31,6 +31,11 @@ func (mgr *MockIdentityManager) GetSigningIdentity(userName string) (*api.Signin return &si, nil } +// GetUser will return a user for a given user name +func (mgr *MockIdentityManager) GetUser(userName string) (api.User, error) { + return nil, nil +} + // Enroll enrolls a user with a Fabric network func (mgr *MockIdentityManager) Enroll(enrollmentID string, enrollmentSecret string) error { return errors.New("not implemented") diff --git a/pkg/fabsdk/api/factory.go b/pkg/fabsdk/api/factory.go index f814647807..0c64ef424e 100644 --- a/pkg/fabsdk/api/factory.go +++ b/pkg/fabsdk/api/factory.go @@ -19,7 +19,7 @@ type CoreProviderFactory interface { CreateStateStoreProvider(config core.Config) (api.KVStore, error) CreateCryptoSuiteProvider(config core.Config) (core.CryptoSuite, error) CreateSigningManager(cryptoProvider core.CryptoSuite, config core.Config) (api.SigningManager, error) - CreateIdentityManager(orgName string, cryptoProvider core.CryptoSuite, config core.Config) (api.IdentityManager, error) + CreateIdentityManager(orgName string, stateStore api.KVStore, cryptoProvider core.CryptoSuite, config core.Config) (api.IdentityManager, error) CreateFabricProvider(context context.ProviderContext) (FabricProvider, error) } diff --git a/pkg/fabsdk/api/pvdr.go b/pkg/fabsdk/api/pvdr.go index 97363cc647..3fb4d6750b 100644 --- a/pkg/fabsdk/api/pvdr.go +++ b/pkg/fabsdk/api/pvdr.go @@ -25,7 +25,6 @@ type FabricProvider interface { CreatePeerFromConfig(peerCfg *core.NetworkPeer) (fab.Peer, error) CreateOrdererFromConfig(cfg *core.OrdererConfig) (fab.Orderer, error) - CreateUser(name string, signingIdentity *contextApi.SigningIdentity) (contextApi.User, error) } // Providers represents the SDK configured providers context. diff --git a/pkg/fabsdk/context.go b/pkg/fabsdk/context.go index 5aef99f338..b4883e2267 100644 --- a/pkg/fabsdk/context.go +++ b/pkg/fabsdk/context.go @@ -7,6 +7,9 @@ SPDX-License-Identifier: Apache-2.0 package fabsdk import ( + "fmt" + "strings" + "github.com/hyperledger/fabric-sdk-go/pkg/context" contextApi "github.com/hyperledger/fabric-sdk-go/pkg/context/api" "github.com/hyperledger/fabric-sdk-go/pkg/context/api/core" @@ -40,7 +43,7 @@ func (c *fabContext) SigningManager() contextApi.SigningManager { // IdentityManager returns identity manager for organization func (c *fabContext) IdentityManager(orgName string) (contextApi.IdentityManager, bool) { - mgr, ok := c.sdk.identityManager[orgName] + mgr, ok := c.sdk.identityManager[strings.ToLower(orgName)] return mgr, ok } @@ -84,11 +87,15 @@ func WithUser(name string) IdentityOption { return errors.New("Identity already determined") } - identity, err := sdk.newUser(orgName, name) + identityManager, ok := sdk.context().IdentityManager(orgName) + if !ok { + return fmt.Errorf("invalid org name: %s", orgName) + } + user, err := identityManager.GetUser(name) if err != nil { - return errors.WithMessage(err, "Unable to load identity") + return err } - o.identity = identity + o.identity = user o.ok = true return nil diff --git a/pkg/fabsdk/context_test.go b/pkg/fabsdk/context_test.go index 2a8110b6c0..45b9a8e94f 100644 --- a/pkg/fabsdk/context_test.go +++ b/pkg/fabsdk/context_test.go @@ -61,7 +61,11 @@ func TestWithIdentity(t *testing.T) { } defer sdk.Close() - identity, err := sdk.newUser(identityValidOptOrg, identityValidOptUser) + identityManager, ok := sdk.context().IdentityManager(identityValidOptOrg) + if !ok { + t.Fatalf("Invalid organization: %s", identityValidOptOrg) + } + identity, err := identityManager.GetUser(identityValidOptUser) if err != nil { t.Fatalf("Unexpected error loading identity: %v", err) } diff --git a/pkg/fabsdk/deprecated.go b/pkg/fabsdk/deprecated.go deleted file mode 100644 index dd08025a73..0000000000 --- a/pkg/fabsdk/deprecated.go +++ /dev/null @@ -1,92 +0,0 @@ -// +build deprecated - -/* -Copyright SecureKey Technologies Inc. All Rights Reserved. - -SPDX-License-Identifier: Apache-2.0 -*/ - -package fabsdk - -import ( - "github.com/hyperledger/fabric-sdk-go/pkg/client/channel" - "github.com/hyperledger/fabric-sdk-go/pkg/client/resmgmt" - "github.com/hyperledger/fabric-sdk-go/pkg/context" - "github.com/hyperledger/fabric-sdk-go/pkg/context/api/core" - "github.com/hyperledger/fabric-sdk-go/pkg/fab/resource/api" - "github.com/pkg/errors" -) - -// ChannelClientOpts provides options for creating channel client -// -// Deprecated: Use NewClient instead. -type ChannelClientOpts struct { - OrgName string - ConfigProvider core.Config -} - -// ChannelMgmtClientOpts provides options for creating channel management client -// -// Deprecated: Use NewClient instead. -type ChannelMgmtClientOpts struct { - OrgName string - ConfigProvider core.Config -} - -// ResourceMgmtClientOpts provides options for creating resource management client -// -// Deprecated: Use NewClient instead. -type ResourceMgmtClientOpts struct { - OrgName string - TargetFilter resmgmt.TargetFilter - ConfigProvider core.Config -} - -// CreateChannelClientWithOpts returns a new client for a channel (user has to be pre-enrolled) -// -// Deprecated: Use NewClient instead. -func (sdk *FabricSDK) CreateChannelClientWithOpts(channelID string, userName string, opt *ChannelClientOpts) (*channel.Client, error) { - o := []ContextOption{} - if opt.OrgName != "" { - o = append(o, WithOrg(opt.OrgName)) - } - if opt.ConfigProvider != nil { - o = append(o, withConfig(opt.ConfigProvider)) - } - - c := sdk.NewClient(WithUser(userName), o...) - return c.Channel(channelID) -} - -// CreateChannelClient returns a new client for a channel -// -// Deprecated: Use NewClient instead. -func (sdk *FabricSDK) CreateChannelClient(channelID string, userName string, opts ...ContextOption) (*channel.Client, error) { - c := sdk.NewClient(WithUser(userName), opts...) - return c.Channel(channelID) -} - -// NewPreEnrolledUser returns a new pre-enrolled user -func (sdk *FabricSDK) NewPreEnrolledUser(orgID string, userName string) (context.IdentityContext, error) { - return sdk.newUser(orgID, userName) -} - -// newSessionFromIdentityName returns a new user session -func (sdk *FabricSDK) newSessionFromIdentityName(orgID string, id string) (*session, error) { - - user, err := sdk.newUser(orgID, id) - if err != nil { - return nil, errors.WithMessage(err, "failed to get pre-enrolled user") - } - - session := newSession(user, sdk.channelProvider) - - return session, nil -} - -// NewSystemClient returns a new client for the system (operations not on a channel) -// -// Deprecated: the system client is being replaced with the interfaces supplied by NewClient() -func (sdk *FabricSDK) NewSystemClient(s context.SessionContext) (api.Resource, error) { - return sdk.fabricProvider.CreateResourceClient(s) -} diff --git a/pkg/fabsdk/deprecated_test.go b/pkg/fabsdk/deprecated_test.go deleted file mode 100644 index 9d0c4d7bec..0000000000 --- a/pkg/fabsdk/deprecated_test.go +++ /dev/null @@ -1,40 +0,0 @@ -// +build deprecated - -/* -Copyright SecureKey Technologies Inc. All Rights Reserved. - -SPDX-License-Identifier: Apache-2.0 -*/ - -package fabsdk - -import ( - "testing" - - configImpl "github.com/hyperledger/fabric-sdk-go/pkg/core/config" -) - -const ( - txClientConfigFile = "testdata/test.yaml" - txValidClientUser = "User1" - txValidClientAdmin = "Admin" - txValidClientOrg = "Org2" -) - -func TestNewPreEnrolledUserSession(t *testing.T) { - sdk, err := New(configImpl.FromFile("../../test/fixtures/config/config_test.yaml")) - if err != nil { - t.Fatalf("Error initializing SDK: %s", err) - } - defer sdk.Close() - - _, err = sdk.newSessionFromIdentityName("org1", txValidClientUser) - if err != nil { - t.Fatalf("Unexpected error loading user session: %s", err) - } - - _, err = sdk.newSessionFromIdentityName("notarealorg", txValidClientUser) - if err == nil { - t.Fatal("Expected error loading user session from fake org") - } -} diff --git a/pkg/fabsdk/fabsdk.go b/pkg/fabsdk/fabsdk.go index 145d703413..52d0ecd91a 100644 --- a/pkg/fabsdk/fabsdk.go +++ b/pkg/fabsdk/fabsdk.go @@ -8,15 +8,12 @@ SPDX-License-Identifier: Apache-2.0 package fabsdk import ( - "fmt" "math/rand" - "strings" "time" "github.com/hyperledger/fabric-sdk-go/pkg/context/api/fab" "github.com/hyperledger/fabric-sdk-go/pkg/logging/api" - "github.com/hyperledger/fabric-sdk-go/pkg/context" contextApi "github.com/hyperledger/fabric-sdk-go/pkg/context/api" "github.com/hyperledger/fabric-sdk-go/pkg/context/api/core" "github.com/hyperledger/fabric-sdk-go/pkg/core/cryptosuite" @@ -199,7 +196,7 @@ func initSDK(sdk *FabricSDK, opts []Option) error { return errors.Wrapf(err, "failed to retrieve network config") } for orgName := range netConfig.Organizations { - mgr, err := sdk.opts.Core.CreateIdentityManager(orgName, sdk.cryptoSuite, sdk.config) + mgr, err := sdk.opts.Core.CreateIdentityManager(orgName, sdk.stateStore, sdk.cryptoSuite, sdk.config) if err != nil { return errors.Wrapf(err, "failed to initialize identity manager for organization: %s", orgName) } @@ -265,23 +262,3 @@ func (sdk *FabricSDK) context() *sdkContext { } return &c } - -func (sdk *FabricSDK) newUser(orgName string, userName string) (context.IdentityContext, error) { - - identityMgr, ok := sdk.identityManager[strings.ToLower(orgName)] - if !ok { - return nil, fmt.Errorf("identity manager not found for org %s", orgName) - } - - signingIdentity, err := identityMgr.GetSigningIdentity(userName) - if err != nil { - return nil, errors.WithMessage(err, "failed to get signing identity") - } - - user, err := sdk.fabricProvider.CreateUser(userName, signingIdentity) - if err != nil { - return nil, errors.WithMessage(err, "create User returned error") - } - - return user, nil -} diff --git a/pkg/fabsdk/fabsdk_test.go b/pkg/fabsdk/fabsdk_test.go index 1b8b22e1eb..4ad5f10896 100644 --- a/pkg/fabsdk/fabsdk_test.go +++ b/pkg/fabsdk/fabsdk_test.go @@ -83,7 +83,7 @@ func TestWithCorePkg(t *testing.T) { factory.EXPECT().CreateCryptoSuiteProvider(c).Return(nil, nil) factory.EXPECT().CreateStateStoreProvider(c).Return(nil, nil) factory.EXPECT().CreateSigningManager(nil, c).Return(nil, nil) - factory.EXPECT().CreateIdentityManager(gomock.Any(), nil, c).Return(nil, nil).AnyTimes() + factory.EXPECT().CreateIdentityManager(gomock.Any(), gomock.Any(), nil, c).Return(nil, nil).AnyTimes() factory.EXPECT().CreateFabricProvider(gomock.Any()).Return(nil, nil) _, err = New(WithConfig(c), WithCorePkg(factory)) diff --git a/pkg/fabsdk/factory/defcore/corefactory.go b/pkg/fabsdk/factory/defcore/corefactory.go index 0460701235..1139d29707 100644 --- a/pkg/fabsdk/factory/defcore/corefactory.go +++ b/pkg/fabsdk/factory/defcore/corefactory.go @@ -61,8 +61,8 @@ func (f *ProviderFactory) CreateSigningManager(cryptoProvider core.CryptoSuite, } // CreateIdentityManager returns a new default implementation of identity manager -func (f *ProviderFactory) CreateIdentityManager(org string, cryptoProvider core.CryptoSuite, config core.Config) (contextApi.IdentityManager, error) { - return identitymgr.New(org, cryptoProvider, config) +func (f *ProviderFactory) CreateIdentityManager(org string, stateStore contextApi.KVStore, cryptoProvider core.CryptoSuite, config core.Config) (contextApi.IdentityManager, error) { + return identitymgr.New(org, stateStore, cryptoProvider, config) } // CreateFabricProvider returns a new default implementation of fabric primitives diff --git a/pkg/fabsdk/factory/defcore/corefactory_test.go b/pkg/fabsdk/factory/defcore/corefactory_test.go index e37f2c613b..4e5dc27763 100644 --- a/pkg/fabsdk/factory/defcore/corefactory_test.go +++ b/pkg/fabsdk/factory/defcore/corefactory_test.go @@ -147,7 +147,15 @@ func TestCreateIdentityManager(t *testing.T) { t.Fatalf("Unexpected error creating cryptosuite provider %v", err) } - mgr, err := factory.CreateIdentityManager("Org1", cryptosuite, config) + stateStore, err := kvs.New( + &kvs.FileKeyValueStoreOptions{ + Path: config.CredentialStorePath(), + }) + if err != nil { + t.Fatalf("creating a user store failed: %v", err) + } + + mgr, err := factory.CreateIdentityManager("Org1", stateStore, cryptosuite, config) if err != nil { t.Fatalf("Unexpected error creating signing manager %v", err) } diff --git a/pkg/fabsdk/mocks/mockfabsdkapi.gen.go b/pkg/fabsdk/mocks/mockfabsdkapi.gen.go index 8ca6e11fd2..653f0e354a 100644 --- a/pkg/fabsdk/mocks/mockfabsdkapi.gen.go +++ b/pkg/fabsdk/mocks/mockfabsdkapi.gen.go @@ -327,16 +327,16 @@ func (mr *MockCoreProviderFactoryMockRecorder) CreateFabricProvider(arg0 interfa } // CreateIdentityManager mocks base method -func (m *MockCoreProviderFactory) CreateIdentityManager(arg0 string, arg1 core.CryptoSuite, arg2 core.Config) (api.IdentityManager, error) { - ret := m.ctrl.Call(m, "CreateIdentityManager", arg0, arg1, arg2) +func (m *MockCoreProviderFactory) CreateIdentityManager(arg0 string, arg1 api.KVStore, arg2 core.CryptoSuite, arg3 core.Config) (api.IdentityManager, error) { + ret := m.ctrl.Call(m, "CreateIdentityManager", arg0, arg1, arg2, arg3) ret0, _ := ret[0].(api.IdentityManager) ret1, _ := ret[1].(error) return ret0, ret1 } // CreateIdentityManager indicates an expected call of CreateIdentityManager -func (mr *MockCoreProviderFactoryMockRecorder) CreateIdentityManager(arg0, arg1, arg2 interface{}) *gomock.Call { - return mr.mock.ctrl.RecordCallWithMethodType(mr.mock, "CreateIdentityManager", reflect.TypeOf((*MockCoreProviderFactory)(nil).CreateIdentityManager), arg0, arg1, arg2) +func (mr *MockCoreProviderFactoryMockRecorder) CreateIdentityManager(arg0, arg1, arg2, arg3 interface{}) *gomock.Call { + return mr.mock.ctrl.RecordCallWithMethodType(mr.mock, "CreateIdentityManager", reflect.TypeOf((*MockCoreProviderFactory)(nil).CreateIdentityManager), arg0, arg1, arg2, arg3) } // CreateSigningManager mocks base method diff --git a/pkg/fabsdk/mocks_test.go b/pkg/fabsdk/mocks_test.go index ba0f07c897..cc6f18623f 100644 --- a/pkg/fabsdk/mocks_test.go +++ b/pkg/fabsdk/mocks_test.go @@ -55,7 +55,7 @@ func newMockCorePkg(config core.Config) (*mockCorePkg, error) { } im := make(map[string]contextApi.IdentityManager) for orgName := range netConfig.Organizations { - mgr, err := mocks.NewMockIdentityManager(orgName, cs, config) + mgr, err := core.CreateIdentityManager(orgName, stateStore, cs, config) if err != nil { return nil, err } @@ -91,7 +91,7 @@ func (mc *mockCorePkg) CreateSigningManager(cryptoProvider core.CryptoSuite, con return mc.signingManager, nil } -func (mc *mockCorePkg) CreateIdentityManager(orgName string, cryptoProvider core.CryptoSuite, config core.Config) (contextApi.IdentityManager, error) { +func (mc *mockCorePkg) CreateIdentityManager(orgName string, stateStore contextApi.KVStore, cryptoProvider core.CryptoSuite, config core.Config) (contextApi.IdentityManager, error) { mgr, ok := mc.identityManager[orgName] if !ok { return nil, fmt.Errorf("identity manager not found for organization: %s", orgName) diff --git a/pkg/fabsdk/provider/fabpvdr/fabpvdr.go b/pkg/fabsdk/provider/fabpvdr/fabpvdr.go index b7bbc471ec..1a5938857f 100644 --- a/pkg/fabsdk/provider/fabpvdr/fabpvdr.go +++ b/pkg/fabsdk/provider/fabpvdr/fabpvdr.go @@ -8,14 +8,12 @@ package fabpvdr import ( "github.com/hyperledger/fabric-sdk-go/pkg/context" - contextApi "github.com/hyperledger/fabric-sdk-go/pkg/context/api" "github.com/hyperledger/fabric-sdk-go/pkg/context/api/core" "github.com/hyperledger/fabric-sdk-go/pkg/context/api/fab" channelImpl "github.com/hyperledger/fabric-sdk-go/pkg/fab/channel" "github.com/hyperledger/fabric-sdk-go/pkg/fab/channel/membership" "github.com/hyperledger/fabric-sdk-go/pkg/fab/chconfig" "github.com/hyperledger/fabric-sdk-go/pkg/fab/events" - identityImpl "github.com/hyperledger/fabric-sdk-go/pkg/fab/identity" "github.com/hyperledger/fabric-sdk-go/pkg/fab/orderer" peerImpl "github.com/hyperledger/fabric-sdk-go/pkg/fab/peer" clientImpl "github.com/hyperledger/fabric-sdk-go/pkg/fab/resource" @@ -120,17 +118,6 @@ func (f *FabricProvider) CreateChannelTransactor(ic context.IdentityContext, cfg return channelImpl.NewTransactor(ctx, cfg) } -// CreateUser returns a new default implementation of a User. -func (f *FabricProvider) CreateUser(name string, signingIdentity *contextApi.SigningIdentity) (contextApi.User, error) { - - user := identityImpl.NewUser(signingIdentity.MspID, name) - - user.SetPrivateKey(signingIdentity.PrivateKey) - user.SetEnrollmentCertificate(signingIdentity.EnrollmentCert) - - return user, nil -} - // CreatePeerFromConfig returns a new default implementation of Peer based configuration func (f *FabricProvider) CreatePeerFromConfig(peerCfg *core.NetworkPeer) (fab.Peer, error) { return peerImpl.New(f.providerContext.Config(), peerImpl.FromPeerConfig(peerCfg)) diff --git a/pkg/fabsdk/provider/fabpvdr/fabpvdr_test.go b/pkg/fabsdk/provider/fabpvdr/fabpvdr_test.go index 77e694bce0..51376fcba6 100644 --- a/pkg/fabsdk/provider/fabpvdr/fabpvdr_test.go +++ b/pkg/fabsdk/provider/fabpvdr/fabpvdr_test.go @@ -14,7 +14,6 @@ import ( "github.com/hyperledger/fabric-sdk-go/pkg/context/api/fab" "github.com/hyperledger/fabric-sdk-go/pkg/core/config" "github.com/hyperledger/fabric-sdk-go/pkg/core/cryptosuite/bccsp/sw" - identityImpl "github.com/hyperledger/fabric-sdk-go/pkg/fab/identity" "github.com/hyperledger/fabric-sdk-go/pkg/fab/mocks" peerImpl "github.com/hyperledger/fabric-sdk-go/pkg/fab/peer" "github.com/hyperledger/fabric-sdk-go/pkg/fab/resource" @@ -74,31 +73,6 @@ func TestCreatePeerFromConfig(t *testing.T) { verifyPeer(t, peer, url) } -func TestCreateUser(t *testing.T) { - org := "org1" - - p := newMockFabricProvider(t) - cm, err := mocks.NewMockIdentityManager(org, p.providerContext.CryptoSuite(), p.providerContext.Config()) - if err != nil { - t.Fatalf("Unexpected error creating credential manager %v", err) - } - - signingIdentity, err := cm.GetSigningIdentity("user") - if err != nil { - t.Fatalf("Unexpected error getting signing identity %v", err) - } - - user, err := p.CreateUser("user", signingIdentity) - if err != nil { - t.Fatalf("Unexpected error getting user %v", err) - } - - _, ok := user.(*identityImpl.User) - if !ok { - t.Fatalf("Unexpected peer impl created") - } -} - func TestCreateMembership(t *testing.T) { p := newMockFabricProvider(t) m, err := p.CreateChannelMembership(mocks.NewMockChannelCfg("")) diff --git a/test/integration/fab/fabric_ca_test.go b/test/integration/fab/fabric_ca_test.go index 24873575d4..ee2ae247aa 100644 --- a/test/integration/fab/fabric_ca_test.go +++ b/test/integration/fab/fabric_ca_test.go @@ -11,6 +11,7 @@ import ( cryptosuite "github.com/hyperledger/fabric-sdk-go/pkg/core/cryptosuite/bccsp/sw" "github.com/hyperledger/fabric-sdk-go/pkg/core/identitymgr" + kvs "github.com/hyperledger/fabric-sdk-go/pkg/fab/keyvaluestore" ) const ( @@ -25,7 +26,12 @@ func TestEnrollOrg2(t *testing.T) { t.Fatalf("Failed getting cryptosuite from config : %s", err) } - caClient, err := identitymgr.New(org2Name, cryptoSuiteProvider, testFabricConfig) + stateStore, err := kvs.New(&kvs.FileKeyValueStoreOptions{Path: testFabricConfig.CredentialStorePath()}) + if err != nil { + t.Fatalf("CreateNewFileKeyValueStore failed: %v", err) + } + + caClient, err := identitymgr.New(org2Name, stateStore, cryptoSuiteProvider, testFabricConfig) if err != nil { t.Fatalf("NewFabricCAClient return error: %v", err) }