[FAB-3757] Update to 1.0.0-alpha2

Change-Id: I46bc237779c026645bd1aca2b0883a886e7fe14a
Signed-off-by: Aleksandar Likic <aleksandar.likic@securekey.com>
Signed-off-by: Emir Heidinger <emir.heidinger@securekey.com>
Signed-off-by: Divyank Katira <Divyank.Katira@securekey.com>

.gitignore

@@ -1,3 +1,5 @@
 *.db
 *report.xml
 .DS_Store
+.vscode
+debug.test

README.md

@@ -38,8 +38,8 @@ repository.
 ### Compatibility
 
 This client SDK was last tested and found to be compatible with the following Hyperledger Fabric commit levels:
-- fabric: v1.0.0-alpha
-- fabric-ca: v1.0.0-alpha
+- fabric: v1.0.0-alpha2
+- fabric-ca: v1.0.0-alpha2
 
 ### Running the test suite
 
@@ -135,14 +135,14 @@ Alternatively you can build and run Fabric on your own box using the following c
 cd $GOPATH/src/github.com/hyperledger/
 git clone https://github.com/hyperledger/fabric
 cd $GOPATH/src/github.com/hyperledger/fabric/
-git checkout v1.0.0-alpha
+git checkout v1.0.0-alpha2
 make docker
 
 # Build fabric-ca:
 cd $GOPATH/src/github.com/hyperledger/
 git clone https://github.com/hyperledger/fabric-ca
 cd $GOPATH/src/github.com/hyperledger/fabric-ca/
-git checkout v1.0.0-alpha
+git checkout v1.0.0-alpha2
 make docker
 
 # Start fabric - latest-env.sh overrides the default docker tags in .env

config/config.go

@@ -29,6 +29,7 @@ import (
 	"strconv"
 	"strings"
 
+	bccspFactory "github.com/hyperledger/fabric/bccsp/factory"
 	"github.com/op/go-logging"
 	"github.com/spf13/viper"
 )
@@ -245,11 +246,21 @@ func GetFabricCAID() string {
 	return myViper.GetString("client.fabricCA.id")
 }
 
+//GetFabricCAName Read the fabric CA name
+func GetFabricCAName() string {
+	return myViper.GetString("client.fabricCA.name")
+}
+
 // GetKeyStorePath ...
 func GetKeyStorePath() string {
 	return myViper.GetString("client.keystore.path")
 }
 
+// GetCryptoConfigPath ...
+func GetCryptoConfigPath() string {
+	return strings.Replace(myViper.GetString("client.cryptoconfig.path"), "$GOPATH", os.Getenv("GOPATH"), -1)
+}
+
 // loadCAKey
 func loadCAKey(rawData []byte) (*x509.Certificate, error) {
 	block, _ := pem.Decode(rawData)
@@ -264,3 +275,18 @@ func loadCAKey(rawData []byte) (*x509.Certificate, error) {
 	}
 	return nil, errors.New("No pem data found")
 }
+
+// GetCSPConfig ...
+func GetCSPConfig() *bccspFactory.FactoryOpts {
+	return &bccspFactory.FactoryOpts{
+		ProviderName: "SW",
+		SwOpts: &bccspFactory.SwOpts{
+			HashFamily: GetSecurityAlgorithm(),
+			SecLevel:   GetSecurityLevel(),
+			FileKeystore: &bccspFactory.FileKeystoreOpts{
+				KeyStorePath: GetKeyStorePath(),
+			},
+			Ephemeral: false,
+		},
+	}
+}

config/config_test.go

@@ -27,6 +27,13 @@ import (
 	"github.com/spf13/viper"
 )
 
+func TestCAConfig(t *testing.T) {
+	caname := GetFabricCAName()
+	if caname != "ca-org1" {
+		t.Fatalf("caname doesn't match")
+	}
+}
+
 func TestGetPeersConfig(t *testing.T) {
 	pc, err := GetPeersConfig()
 	if err != nil {
@@ -75,7 +82,7 @@ func TestMultipleVipers(t *testing.T) {
 		t.Fatalf("Expected testvalue after config initialization")
 	}
 	// Make sure Go SDK config is unaffected
-	testValue3 := myViper.GetBool("client.tls.enabled")
+	testValue3 := myViper.GetBool("client.security.enabled")
 	if testValue3 != true {
 		t.Fatalf("Expected existing config value to remain unchanged")
 	}

fabric-ca-client/fabricca.go

@@ -21,25 +21,24 @@ package fabricca
 
 import (
 	"fmt"
-	"strings"
 
 	"github.com/hyperledger/fabric-ca/api"
 	fabric_ca "github.com/hyperledger/fabric-ca/lib"
 	"github.com/hyperledger/fabric-sdk-go/config"
 	fabricclient "github.com/hyperledger/fabric-sdk-go/fabric-client"
 
-	"io/ioutil"
-
+	"github.com/hyperledger/fabric/bccsp"
 	"github.com/op/go-logging"
 )
 
 var logger = logging.MustGetLogger("fabric_sdk_go")
 
 // Services ...
 type Services interface {
-	Enroll(enrollmentID string, enrollmentSecret string) ([]byte, []byte, error)
+	GetCAName() string
+	Enroll(enrollmentID string, enrollmentSecret string) (bccsp.Key, []byte, error)
 	//reenroll  to renew user's enrollment certificate
-	Reenroll(user fabricclient.User) ([]byte, []byte, error)
+	Reenroll(user fabricclient.User) (bccsp.Key, []byte, error)
 	Register(registrar fabricclient.User, request *RegistrationRequest) (string, error)
 	Revoke(registrar fabricclient.User, request *RevocationRequest) error
 }
@@ -61,6 +60,8 @@ type RegistrationRequest struct {
 	Affiliation string
 	// Optional attributes associated with this identity
 	Attributes []Attribute
+	// CAName is the name of the CA to connect to
+	CAName string
 }
 
 // RevocationRequest defines the attributes required to revoke credentials with the CA
@@ -75,7 +76,9 @@ type RevocationRequest struct {
 	AKI string
 	// Reason is the reason for revocation. See https://godoc.org/golang.org/x/crypto/ocsp
 	// for valid values. The default value is 0 (ocsp.Unspecified).
-	Reason int
+	Reason string
+	// CAName is the name of the CA to connect to
+	CAName string
 }
 
 // Attribute defines additional attributes that may be passed along during registration
@@ -91,44 +94,40 @@ type Attribute struct {
 func NewFabricCAClient() (Services, error) {
 
 	// Create new Fabric-ca client without configs
-	c, err := fabric_ca.NewClient("")
-	if err != nil {
-		return nil, fmt.Errorf("New fabricCAClient failed: %s", err)
+	c := &fabric_ca.Client{
+		Config: &fabric_ca.ClientConfig{},
 	}
 
-	certFile := config.GetFabricCAClientCertFile()
-	keyFile := config.GetFabricCAClientKeyFile()
-	serverCertFiles := config.GetServerCertFiles()
-
+	//set server CAName
+	c.Config.CAName = config.GetFabricCAName()
 	//set server URL
 	c.Config.URL = config.GetServerURL()
 	//certs file list
-	c.Config.TLS.CertFilesList = serverCertFiles
-	//concat cert files
-	c.Config.TLS.CertFiles = strings.Join(serverCertFiles[:], ",")
-	//set cert file into TLS context
-	file, err := ioutil.ReadFile(certFile)
-	if err != nil {
-		logger.Errorf("Error reading fabric ca client propertiy certfile: %v", err)
-		return nil, fmt.Errorf("New fabricCAClient failed: %s", err)
-	}
-	c.Config.TLS.Client.CertFile = string(file)
-	//set key file into TLS context
-	keyfile, err := ioutil.ReadFile(keyFile)
-	if err != nil {
-		logger.Errorf("Error reading fabric ca client property keyfile: %v", err)
-		return nil, fmt.Errorf("New fabricCAClient failed: %s", err)
-	}
-	c.Config.TLS.Client.KeyFile = string(keyfile)
+	c.Config.TLS.CertFiles = config.GetServerCertFiles()
+
+	// set key file and cert file
+	c.Config.TLS.Client.CertFile = string(config.GetFabricCAClientCertFile())
+	c.Config.TLS.Client.KeyFile = string(config.GetFabricCAClientKeyFile())
 
 	//TLS falg enabled/disabled
 	c.Config.TLS.Enabled = config.GetFabricCATLSEnabledFlag()
 	fabricCAClient := &services{fabricCAClient: c}
 	logger.Infof("Constructed fabricCAClient instance: %v", fabricCAClient)
 
+	c.Config.CSP = config.GetCSPConfig()
+
+	err := c.Init()
+	if err != nil {
+		return nil, fmt.Errorf("New fabricCAClient failed: %s", err)
+	}
+
 	return fabricCAClient, nil
 }
 
+func (fabricCAServices *services) GetCAName() string {
+	return fabricCAServices.fabricCAClient.Config.CAName
+}
+
 // Enroll ...
 /**
  * Enroll a registered user in order to receive a signed X509 certificate
@@ -137,14 +136,15 @@ func NewFabricCAClient() (Services, error) {
  * @returns {[]byte} X509 certificate
  * @returns {[]byte} private key
  */
-func (fabricCAServices *services) Enroll(enrollmentID string, enrollmentSecret string) ([]byte, []byte, error) {
+func (fabricCAServices *services) Enroll(enrollmentID string, enrollmentSecret string) (bccsp.Key, []byte, error) {
 	if enrollmentID == "" {
 		return nil, nil, fmt.Errorf("enrollmentID is empty")
 	}
 	if enrollmentSecret == "" {
 		return nil, nil, fmt.Errorf("enrollmentSecret is empty")
 	}
 	req := &api.EnrollmentRequest{
+		CAName: fabricCAServices.fabricCAClient.Config.CAName,
 		Name:   enrollmentID,
 		Secret: enrollmentSecret,
 	}
@@ -161,15 +161,17 @@ func (fabricCAServices *services) Enroll(enrollmentID string, enrollmentSecret s
  * @returns {[]byte} X509 certificate
  * @returns {[]byte} private key
  */
-func (fabricCAServices *services) Reenroll(user fabricclient.User) ([]byte, []byte, error) {
+func (fabricCAServices *services) Reenroll(user fabricclient.User) (bccsp.Key, []byte, error) {
 	if user == nil {
 		return nil, nil, fmt.Errorf("User does not exist")
 	}
 	if user.GetName() == "" {
 		logger.Infof("Invalid re-enroll request, missing argument user")
 		return nil, nil, fmt.Errorf("User is empty")
 	}
-	req := &api.ReenrollmentRequest{}
+	req := &api.ReenrollmentRequest{
+		CAName: fabricCAServices.fabricCAClient.Config.CAName,
+	}
 	// Create signing identity
 	identity, err := fabricCAServices.createSigningIdentity(user)
 	if err != nil {
@@ -212,6 +214,7 @@ func (fabricCAServices *services) Register(registrar fabricclient.User,
 			Attributes[i].Key, Value: request.Attributes[i].Value})
 	}
 	var req = api.RegistrationRequest{
+		CAName:         request.CAName,
 		Name:           request.Name,
 		Type:           request.Type,
 		MaxEnrollments: request.MaxEnrollments,
@@ -243,6 +246,7 @@ func (fabricCAServices *services) Revoke(registrar fabricclient.User,
 	}
 	// Create revocation request
 	var req = api.RevocationRequest{
+		CAName: request.CAName,
 		Name:   request.Name,
 		Serial: request.Serial,
 		AKI:    request.AKI,
@@ -264,12 +268,5 @@ func (fabricCAServices *services) createSigningIdentity(user fabricclient.
 		return nil, fmt.Errorf(
 			"Unable to read user enrolment information to create signing identity")
 	}
-	// TODO: Right now this reads the key from a default BCCSP implementation using the SKI
-	// this method signature will change to accepting a BCCSP key soon.
-	// Track changes here: https://gerrit.hyperledger.org/r/#/c/6727/
-	ski := key.SKI()
-	if ski == nil {
-		return nil, fmt.Errorf("Unable to read private key SKI")
-	}
-	return fabricCAServices.fabricCAClient.NewIdentity(ski, cert)
+	return fabricCAServices.fabricCAClient.NewIdentity(key, cert)
 }

fabric-ca-client/fabricca_test.go

@@ -37,7 +37,6 @@ func TestMain(m *testing.M) {
 		fmt.Println(err.Error())
 	}
 	os.Exit(m.Run())
-
 }
 
 func TestEnrollWithMissingParameters(t *testing.T) {