[FAB-6983] replacing BCCSP with cryptosuite adaptor

Replacing all bccsp.BCCSP with CryptoSuite adaptor interface
to enable users to use their own BCCSP implementation.

NOTE: Integration test will be updated in next code push
to use fabric bccsp.


Change-Id: I2a60a141cd87e8f3f1dc69239342fe8531da37c4
Signed-off-by: Sudesh Shetty <sudesh.shetty@securekey.com>

api/apifabca/fabricca.go

@@ -7,15 +7,15 @@ SPDX-License-Identifier: Apache-2.0
 package apifabca
 
 import (
-	"github.com/hyperledger/fabric-sdk-go/third_party/github.com/hyperledger/fabric/bccsp"
+	"github.com/hyperledger/fabric-sdk-go/api/apicryptosuite"
 )
 
 // FabricCAClient is the client interface for fabric-ca
 type FabricCAClient interface {
 	CAName() string
-	Enroll(enrollmentID string, enrollmentSecret string) (bccsp.Key, []byte, error)
+	Enroll(enrollmentID string, enrollmentSecret string) (apicryptosuite.Key, []byte, error)
 	// Reenroll to renew user's enrollment certificate
-	Reenroll(user User) (bccsp.Key, []byte, error)
+	Reenroll(user User) (apicryptosuite.Key, []byte, error)
 	Register(registrar User, request *RegistrationRequest) (string, error)
 	Revoke(registrar User, request *RevocationRequest) error
 }

api/apifabca/user.go

@@ -7,7 +7,7 @@ SPDX-License-Identifier: Apache-2.0
 package apifabca
 
 import (
-	"github.com/hyperledger/fabric-sdk-go/third_party/github.com/hyperledger/fabric/bccsp"
+	"github.com/hyperledger/fabric-sdk-go/api/apicryptosuite"
 )
 
 // User represents users that have been enrolled and represented by
@@ -31,7 +31,7 @@ type User interface {
 
 	// ECerts
 	EnrollmentCertificate() []byte
-	PrivateKey() bccsp.Key
+	PrivateKey() apicryptosuite.Key
 
 	Identity() ([]byte, error)
 

api/apifabclient/credentialmgr.go

@@ -6,14 +6,16 @@ SPDX-License-Identifier: Apache-2.0
 
 package apifabclient
 
-import "github.com/hyperledger/fabric-sdk-go/third_party/github.com/hyperledger/fabric/bccsp"
+import (
+	"github.com/hyperledger/fabric-sdk-go/api/apicryptosuite"
+)
 
 // SigningIdentity is the identity object that encapsulates the user's private key for signing
 // and the user's enrollment certificate (identity)
 type SigningIdentity struct {
 	MspID          string
 	EnrollmentCert []byte
-	PrivateKey     bccsp.Key
+	PrivateKey     apicryptosuite.Key
 }
 
 // CredentialManager retrieves user's signing identity

api/apifabclient/fabricclient.go

@@ -8,8 +8,8 @@ package apifabclient
 
 import (
 	config "github.com/hyperledger/fabric-sdk-go/api/apiconfig" // TODO: Think about package hierarchy
+	"github.com/hyperledger/fabric-sdk-go/api/apicryptosuite"
 	txn "github.com/hyperledger/fabric-sdk-go/api/apitxn"
-	"github.com/hyperledger/fabric-sdk-go/third_party/github.com/hyperledger/fabric/bccsp"
 	"github.com/hyperledger/fabric-sdk-go/third_party/github.com/hyperledger/fabric/protos/common"
 	pb "github.com/hyperledger/fabric-sdk-go/third_party/github.com/hyperledger/fabric/protos/peer"
 )
@@ -40,7 +40,7 @@ type FabricClient interface {
 	QueryChannelInfo(name string, peers []Peer) (Channel, error)
 	StateStore() KeyValueStore
 	SigningManager() SigningManager
-	CryptoSuite() bccsp.BCCSP
+	CryptoSuite() apicryptosuite.CryptoSuite
 	SaveUserToStateStore(user User, skipPersistence bool) error
 	LoadUserFromStateStore(name string) (User, error)
 	InstallChaincode(chaincodeName string, chaincodePath string, chaincodeVersion string, chaincodePackage []byte, targets []txn.ProposalProcessor) ([]*txn.TransactionProposalResponse, string, error)

api/apifabclient/identity.go

@@ -6,9 +6,7 @@ SPDX-License-Identifier: Apache-2.0
 
 package apifabclient
 
-import (
-	"github.com/hyperledger/fabric-sdk-go/third_party/github.com/hyperledger/fabric/bccsp"
-)
+import "github.com/hyperledger/fabric-sdk-go/api/apicryptosuite"
 
 // User represents users that have been enrolled and represented by
 // an enrollment certificate (ECert) and a signing key. The ECert must have
@@ -28,7 +26,7 @@ type User interface {
 	Name() string
 	MspID() string
 	EnrollmentCertificate() []byte
-	PrivateKey() bccsp.Key
+	PrivateKey() apicryptosuite.Key
 	Roles() []string
 	Identity() ([]byte, error)
 }

api/apifabclient/signingmgr.go

@@ -6,9 +6,9 @@ SPDX-License-Identifier: Apache-2.0
 
 package apifabclient
 
-import "github.com/hyperledger/fabric-sdk-go/third_party/github.com/hyperledger/fabric/bccsp"
+import "github.com/hyperledger/fabric-sdk-go/api/apicryptosuite"
 
 // SigningManager signs object with provided key
 type SigningManager interface {
-	Sign([]byte, bccsp.Key) ([]byte, error)
+	Sign([]byte, apicryptosuite.Key) ([]byte, error)
 }

def/fabapi/context/context.go

@@ -8,13 +8,13 @@ package context
 
 import (
 	"github.com/hyperledger/fabric-sdk-go/api/apiconfig"
+	"github.com/hyperledger/fabric-sdk-go/api/apicryptosuite"
 	fab "github.com/hyperledger/fabric-sdk-go/api/apifabclient"
-	"github.com/hyperledger/fabric-sdk-go/third_party/github.com/hyperledger/fabric/bccsp"
 )
 
 // SDK represents the configuration context
 type SDK interface {
-	CryptoSuiteProvider() bccsp.BCCSP
+	CryptoSuiteProvider() apicryptosuite.CryptoSuite
 	StateStoreProvider() fab.KeyValueStore
 	ConfigProvider() apiconfig.Config
 	DiscoveryProvider() fab.DiscoveryProvider

def/fabapi/context/defprovider/org.go

@@ -8,12 +8,12 @@ package defprovider
 
 import (
 	"github.com/hyperledger/fabric-sdk-go/api/apiconfig"
+	"github.com/hyperledger/fabric-sdk-go/api/apicryptosuite"
 	fabca "github.com/hyperledger/fabric-sdk-go/api/apifabca"
 	fab "github.com/hyperledger/fabric-sdk-go/api/apifabclient"
 	"github.com/hyperledger/fabric-sdk-go/pkg/errors"
 	fabricCAClient "github.com/hyperledger/fabric-sdk-go/pkg/fabric-ca-client"
 	credentialMgr "github.com/hyperledger/fabric-sdk-go/pkg/fabric-client/credentialmgr"
-	"github.com/hyperledger/fabric-sdk-go/third_party/github.com/hyperledger/fabric/bccsp"
 )
 
 // OrgClientFactory represents the default org provider factory.
@@ -36,7 +36,7 @@ func (f *OrgClientFactory) NewMSPClient(orgName string, config apiconfig.Config)
 }
 
 // NewCredentialManager returns a new default implmentation of the credential manager
-func (f *OrgClientFactory) NewCredentialManager(orgName string, config apiconfig.Config, cryptoProvider bccsp.BCCSP) (fab.CredentialManager, error) {
+func (f *OrgClientFactory) NewCredentialManager(orgName string, config apiconfig.Config, cryptoProvider apicryptosuite.CryptoSuite) (fab.CredentialManager, error) {
 
 	credentialMgr, err := credentialMgr.NewCredentialManager(orgName, config, cryptoProvider)
 	if err != nil {

def/fabapi/context/defprovider/sdk.go

@@ -10,14 +10,15 @@ import (
 	"github.com/hyperledger/fabric-sdk-go/api/apiconfig"
 	fab "github.com/hyperledger/fabric-sdk-go/api/apifabclient"
 
+	"github.com/hyperledger/fabric-sdk-go/api/apicryptosuite"
 	"github.com/hyperledger/fabric-sdk-go/def/fabapi/opt"
 	configImpl "github.com/hyperledger/fabric-sdk-go/pkg/config"
+	cryptosuite "github.com/hyperledger/fabric-sdk-go/pkg/cryptosuite/bccsp"
 	"github.com/hyperledger/fabric-sdk-go/pkg/errors"
 	kvs "github.com/hyperledger/fabric-sdk-go/pkg/fabric-client/keyvaluestore"
 	signingMgr "github.com/hyperledger/fabric-sdk-go/pkg/fabric-client/signingmgr"
 	discovery "github.com/hyperledger/fabric-sdk-go/pkg/fabric-txn/discovery/staticdiscovery"
 	selection "github.com/hyperledger/fabric-sdk-go/pkg/fabric-txn/selection/staticselection"
-	"github.com/hyperledger/fabric-sdk-go/third_party/github.com/hyperledger/fabric/bccsp"
 	bccspFactory "github.com/hyperledger/fabric-sdk-go/third_party/github.com/hyperledger/fabric/bccsp/factory"
 )
 
@@ -55,12 +56,16 @@ func (f *DefaultProviderFactory) NewStateStoreProvider(o opt.StateStoreOpts, con
 }
 
 // NewCryptoSuiteProvider returns a new default implementation of BCCSP
-func (f *DefaultProviderFactory) NewCryptoSuiteProvider(config *bccspFactory.FactoryOpts) (bccsp.BCCSP, error) {
-	return bccspFactory.GetBCCSPFromOpts(config)
+func (f *DefaultProviderFactory) NewCryptoSuiteProvider(config apiconfig.Config) (apicryptosuite.CryptoSuite, error) {
+	bccspProvider, err := bccspFactory.GetBCCSPFromOpts(config.CSPConfig())
+	if err != nil {
+		return nil, err
+	}
+	return cryptosuite.GetSuite(bccspProvider), nil
 }
 
 // NewSigningManager returns a new default implementation of signing manager
-func (f *DefaultProviderFactory) NewSigningManager(cryptoProvider bccsp.BCCSP, config apiconfig.Config) (fab.SigningManager, error) {
+func (f *DefaultProviderFactory) NewSigningManager(cryptoProvider apicryptosuite.CryptoSuite, config apiconfig.Config) (fab.SigningManager, error) {
 	return signingMgr.NewSigningManager(cryptoProvider, config)
 }
 

def/fabapi/context/provider.go

@@ -8,21 +8,20 @@ package context
 
 import (
 	"github.com/hyperledger/fabric-sdk-go/api/apiconfig"
+	"github.com/hyperledger/fabric-sdk-go/api/apicryptosuite"
 	fabca "github.com/hyperledger/fabric-sdk-go/api/apifabca"
 	fab "github.com/hyperledger/fabric-sdk-go/api/apifabclient"
 	txn "github.com/hyperledger/fabric-sdk-go/api/apitxn"
 	chmgmt "github.com/hyperledger/fabric-sdk-go/api/apitxn/chmgmtclient"
 	"github.com/hyperledger/fabric-sdk-go/def/fabapi/opt"
-	"github.com/hyperledger/fabric-sdk-go/third_party/github.com/hyperledger/fabric/bccsp"
-	bccspFactory "github.com/hyperledger/fabric-sdk-go/third_party/github.com/hyperledger/fabric/bccsp/factory"
 )
 
 // SDKProviderFactory allows overriding default providers of an SDK
 type SDKProviderFactory interface {
 	NewConfigProvider(o opt.ConfigOpts, a opt.SDKOpts) (apiconfig.Config, error)
 	NewStateStoreProvider(o opt.StateStoreOpts, config apiconfig.Config) (fab.KeyValueStore, error)
-	NewCryptoSuiteProvider(config *bccspFactory.FactoryOpts) (bccsp.BCCSP, error)
-	NewSigningManager(cryptoProvider bccsp.BCCSP, config apiconfig.Config) (fab.SigningManager, error)
+	NewCryptoSuiteProvider(config apiconfig.Config) (apicryptosuite.CryptoSuite, error)
+	NewSigningManager(cryptoProvider apicryptosuite.CryptoSuite, config apiconfig.Config) (fab.SigningManager, error)
 	NewDiscoveryProvider(config apiconfig.Config) (fab.DiscoveryProvider, error)
 	NewSelectionProvider(config apiconfig.Config) (fab.SelectionProvider, error)
 }
@@ -31,7 +30,7 @@ type SDKProviderFactory interface {
 // Currently, a context is created for each organization that the client app needs.
 type OrgClientFactory interface {
 	NewMSPClient(orgName string, config apiconfig.Config) (fabca.FabricCAClient, error)
-	NewCredentialManager(orgName string, config apiconfig.Config, cryptoProvider bccsp.BCCSP) (fab.CredentialManager, error)
+	NewCredentialManager(orgName string, config apiconfig.Config, cryptoProvider apicryptosuite.CryptoSuite) (fab.CredentialManager, error)
 }
 
 // SessionClientFactory allows overriding default clients and providers of a session

def/fabapi/fabapi.go

@@ -12,13 +12,13 @@ import (
 	"github.com/hyperledger/fabric-sdk-go/api/apifabclient"
 	"github.com/hyperledger/fabric-sdk-go/api/apitxn"
 
+	"github.com/hyperledger/fabric-sdk-go/api/apicryptosuite"
 	"github.com/hyperledger/fabric-sdk-go/def/fabapi/context"
 	"github.com/hyperledger/fabric-sdk-go/def/fabapi/context/defprovider"
 	"github.com/hyperledger/fabric-sdk-go/def/fabapi/opt"
 	"github.com/hyperledger/fabric-sdk-go/pkg/errors"
 	"github.com/hyperledger/fabric-sdk-go/pkg/logging"
 	"github.com/hyperledger/fabric-sdk-go/pkg/logging/deflogger"
-	"github.com/hyperledger/fabric-sdk-go/third_party/github.com/hyperledger/fabric/bccsp"
 
 	chmgmt "github.com/hyperledger/fabric-sdk-go/api/apitxn/chmgmtclient"
 )
@@ -48,7 +48,7 @@ type FabricSDK struct {
 	// Implementations of client functionality (defaults are used if not specified)
 	configProvider    apiconfig.Config
 	stateStore        apifabclient.KeyValueStore
-	cryptoSuite       bccsp.BCCSP // TODO - maybe copy this interface into the API package
+	cryptoSuite       apicryptosuite.CryptoSuite
 	discoveryProvider apifabclient.DiscoveryProvider
 	selectionProvider apifabclient.SelectionProvider
 	signingManager    apifabclient.SigningManager
@@ -106,7 +106,7 @@ func NewSDK(options Options) (*FabricSDK, error) {
 	sdk.configProvider = config
 
 	// Initialize crypto provider
-	cryptosuite, err := sdk.ProviderFactory.NewCryptoSuiteProvider(sdk.configProvider.CSPConfig())
+	cryptosuite, err := sdk.ProviderFactory.NewCryptoSuiteProvider(sdk.configProvider)
 	if err != nil {
 		return nil, errors.WithMessage(err, "failed to initialize crypto suite")
 	}
@@ -155,7 +155,7 @@ func (sdk *FabricSDK) ConfigProvider() apiconfig.Config {
 }
 
 // CryptoSuiteProvider returns the BCCSP provider of sdk.
-func (sdk *FabricSDK) CryptoSuiteProvider() bccsp.BCCSP {
+func (sdk *FabricSDK) CryptoSuiteProvider() apicryptosuite.CryptoSuite {
 	return sdk.cryptoSuite
 }
 

def/fabapi/pkgfactory.go

@@ -8,9 +8,11 @@ package fabapi
 
 import (
 	config "github.com/hyperledger/fabric-sdk-go/api/apiconfig"
+	"github.com/hyperledger/fabric-sdk-go/api/apicryptosuite"
 	fabca "github.com/hyperledger/fabric-sdk-go/api/apifabca"
 	fab "github.com/hyperledger/fabric-sdk-go/api/apifabclient"
 	configImpl "github.com/hyperledger/fabric-sdk-go/pkg/config"
+	cryptosuite "github.com/hyperledger/fabric-sdk-go/pkg/cryptosuite/bccsp"
 	"github.com/hyperledger/fabric-sdk-go/pkg/errors"
 	fabricCAClient "github.com/hyperledger/fabric-sdk-go/pkg/fabric-ca-client"
 	clientImpl "github.com/hyperledger/fabric-sdk-go/pkg/fabric-client"
@@ -20,21 +22,17 @@ import (
 	ordererImpl "github.com/hyperledger/fabric-sdk-go/pkg/fabric-client/orderer"
 	peerImpl "github.com/hyperledger/fabric-sdk-go/pkg/fabric-client/peer"
 	"github.com/hyperledger/fabric-sdk-go/pkg/fabric-client/signingmgr"
-	bccsp "github.com/hyperledger/fabric-sdk-go/third_party/github.com/hyperledger/fabric/bccsp"
 	bccspFactory "github.com/hyperledger/fabric-sdk-go/third_party/github.com/hyperledger/fabric/bccsp/factory"
 )
 
 // TODO: Some (or most) of these functions should no longer be exported, as usage should occur via NewSDK
 
 // NewClient returns a new default implementation of the Client interface using the config provided.
 // It will save the provided user if requested into the state store.
-func NewClient(user fabca.User, skipUserPersistence bool, stateStorePath string, cryptosuite bccsp.BCCSP, config config.Config) (fab.FabricClient, error) {
+func NewClient(user fabca.User, skipUserPersistence bool, stateStorePath string, cryptosuiteprovider apicryptosuite.CryptoSuite, config config.Config) (fab.FabricClient, error) {
 	client := clientImpl.NewClient(config)
 
-	if cryptosuite == nil {
-		cryptosuite = bccspFactory.GetDefault()
-	}
-	client.SetCryptoSuite(cryptosuite)
+	client.SetCryptoSuite(cryptosuiteprovider)
 	if stateStorePath != "" {
 		stateStore, err := kvs.CreateNewFileKeyValueStore(stateStorePath)
 		if err != nil {
@@ -44,7 +42,7 @@ func NewClient(user fabca.User, skipUserPersistence bool, stateStorePath string,
 	}
 	client.SaveUserToStateStore(user, skipUserPersistence)
 
-	signingMgr, err := signingmgr.NewSigningManager(cryptosuite, config)
+	signingMgr, err := signingmgr.NewSigningManager(cryptosuiteprovider, config)
 	if err != nil {
 		return nil, errors.WithMessage(err, "NewSigningManager failed")
 	}
@@ -57,13 +55,10 @@ func NewClient(user fabca.User, skipUserPersistence bool, stateStorePath string,
 // NewClientWithUser returns a new default implementation of the Client interface.
 // It creates a default implementation of User, enrolls the user, and saves it to the state store.
 func NewClientWithUser(name string, pwd string, orgName string,
-	stateStorePath string, cryptosuite bccsp.BCCSP, config config.Config, msp fabca.FabricCAClient) (fab.FabricClient, error) {
+	stateStorePath string, cryptosuiteprovider apicryptosuite.CryptoSuite, config config.Config, msp fabca.FabricCAClient) (fab.FabricClient, error) {
 	client := clientImpl.NewClient(config)
 
-	if cryptosuite == nil {
-		cryptosuite = bccspFactory.GetDefault()
-	}
-	client.SetCryptoSuite(cryptosuite)
+	client.SetCryptoSuite(cryptosuiteprovider)
 	stateStore, err := kvs.CreateNewFileKeyValueStore(stateStorePath)
 	if err != nil {
 		return nil, errors.WithMessage(err, "CreateNewFileKeyValueStore failed")
@@ -151,13 +146,17 @@ func NewKVStore(stateStorePath string) (fab.KeyValueStore, error) {
 	return stateStore, nil
 }
 
-// NewCryptoSuite returns a new default implementation of BCCSP
-func NewCryptoSuite(config *bccspFactory.FactoryOpts) (bccsp.BCCSP, error) {
-	return bccspFactory.GetBCCSPFromOpts(config)
+// NewCryptoSuite returns a new default implementation of CryptoSuite
+func NewCryptoSuite(config config.Config) (apicryptosuite.CryptoSuite, error) {
+	bccsp, err := bccspFactory.GetBCCSPFromOpts(config.CSPConfig())
+	if err != nil {
+		return nil, err
+	}
+	return cryptosuite.GetSuite(bccsp), nil
 }
 
 // NewSigningManager returns a new default implementation of signing manager
-func NewSigningManager(cryptoProvider bccsp.BCCSP, config config.Config) (fab.SigningManager, error) {
+func NewSigningManager(cryptoProvider apicryptosuite.CryptoSuite, config config.Config) (fab.SigningManager, error) {
 	return signingmgr.NewSigningManager(cryptoProvider, config)
 }
 

internal/github.com/hyperledger/fabric-ca/lib/client.go

@@ -33,6 +33,7 @@ import (
 	"strconv"
 	"strings"
 
+	"github.com/hyperledger/fabric-sdk-go/api/apicryptosuite"
 	"github.com/hyperledger/fabric-sdk-go/pkg/errors"
 
 	cfsslapi "github.com/cloudflare/cfssl/api"
@@ -41,7 +42,6 @@ import (
 	"github.com/hyperledger/fabric-sdk-go/internal/github.com/hyperledger/fabric-ca/lib/tls"
 	log "github.com/hyperledger/fabric-sdk-go/internal/github.com/hyperledger/fabric-ca/sdkpatch/logbridge"
 	"github.com/hyperledger/fabric-sdk-go/internal/github.com/hyperledger/fabric-ca/util"
-	"github.com/hyperledger/fabric-sdk-go/third_party/github.com/hyperledger/fabric/bccsp"
 	"github.com/mitchellh/mapstructure"
 )
 
@@ -56,7 +56,7 @@ type Client struct {
 	// File and directory paths
 	keyFile, certFile, caCertsDir string
 	// The crypto service provider (BCCSP)
-	csp bccsp.BCCSP
+	csp apicryptosuite.CryptoSuite
 	// HTTP client associated with this Fabric CA client
 	httpClient *http.Client
 }
@@ -210,7 +210,7 @@ func (c *Client) Enroll(req *api.EnrollmentRequest) (*EnrollmentResponse, error)
 // @param result The result from server
 // @param id Name of identity being enrolled or reenrolled
 // @param key The private key which was used to sign the request
-func (c *Client) newEnrollmentResponse(result *enrollmentResponseNet, id string, key bccsp.Key) (*EnrollmentResponse, error) {
+func (c *Client) newEnrollmentResponse(result *enrollmentResponseNet, id string, key apicryptosuite.Key) (*EnrollmentResponse, error) {
 	log.Debugf("newEnrollmentResponse %s", id)
 	certByte, err := util.B64Decode(result.Cert)
 	if err != nil {
@@ -227,7 +227,7 @@ func (c *Client) newEnrollmentResponse(result *enrollmentResponseNet, id string,
 }
 
 // GenCSR generates a CSR (Certificate Signing Request)
-func (c *Client) GenCSR(req *api.CSRInfo, id string) ([]byte, bccsp.Key, error) {
+func (c *Client) GenCSR(req *api.CSRInfo, id string) ([]byte, apicryptosuite.Key, error) {
 	log.Debugf("GenCSR %+v", req)
 
 	err := c.Init()
@@ -285,7 +285,7 @@ func (c *Client) newCertificateRequest(req *api.CSRInfo) *csr.CertificateRequest
 }
 
 // NewIdentity creates a new identity
-func (c *Client) NewIdentity(key bccsp.Key, cert []byte) (*Identity, error) {
+func (c *Client) NewIdentity(key apicryptosuite.Key, cert []byte) (*Identity, error) {
 	name, err := util.GetEnrollmentIDFromPEM(cert)
 	if err != nil {
 		return nil, err