Skip to content

Commit

Permalink
FAB-9282 NetworkConfig support TLS HFCAClient
Browse files Browse the repository at this point in the history 
NetworkConfig doesn't support TLS for CertificateAuthority

Change-Id: I4df40c2ab36c4a474bc1d4293eb13701157f6ba9
Signed-off-by: rickr <cr22rc@gmail.com>
  • Loading branch information
@cr22rc
cr22rc committed Apr 5, 2018
1 parent aa14f2e commit 7b7df11
Show file tree
Hide file tree
Showing 9 changed files with 234 additions and 140 deletions.
82 changes: 33 additions & 49 deletions src/main/java/org/hyperledger/fabric/sdk/NetworkConfig.java
View file
Original file line number Diff line number Diff line change
Expand Up @@ -55,12 +55,10 @@
import static java.lang.String.format;

/**
*
* Holds details of network and channel configurations typically loaded from an external config file.
* <br>
* Also contains convenience methods for utilizing the config details,
* including the main {@link HFClient#getChannel(String)} method
*
*/

public class NetworkConfig {
Expand All @@ -81,7 +79,6 @@ public class NetworkConfig {

private static final Log logger = LogFactory.getLog(NetworkConfig.class);


private NetworkConfig(JsonObject jsonConfig) throws InvalidArgumentException, NetworkConfigurationException {

this.jsonConfig = jsonConfig;
Expand All @@ -106,27 +103,24 @@ private NetworkConfig(JsonObject jsonConfig) throws InvalidArgumentException, Ne
createAllCertificateAuthorities();
createAllOrganizations();


// Validate the organization for this client
JsonObject jsonClient = getJsonObject(jsonConfig, "client");
String orgName = jsonClient == null ? null : getJsonValueAsString(jsonClient.get("organization"));
if (orgName == null || orgName.isEmpty()) {
throw new InvalidArgumentException("A client organization must be specified");
}


clientOrganization = getOrganizationInfo(orgName);
if (clientOrganization == null) {
throw new InvalidArgumentException("Client organization " + orgName + " is not defined");
}

}


/**
* Creates a new NetworkConfig instance configured with details supplied in a YAML file.
*
* @param configFile The file containing the network configuration
* @param configFile The file containing the network configuration
* @return A new NetworkConfig instance
* @throws InvalidArgumentException
* @throws IOException
Expand All @@ -138,7 +132,7 @@ public static NetworkConfig fromYamlFile(File configFile) throws InvalidArgument
/**
* Creates a new NetworkConfig instance configured with details supplied in a JSON file.
*
* @param configFile The file containing the network configuration
* @param configFile The file containing the network configuration
* @return A new NetworkConfig instance
* @throws InvalidArgumentException
* @throws IOException
Expand All @@ -165,7 +159,7 @@ public static NetworkConfig fromYamlStream(InputStream configStream) throws Inva

Yaml yaml = new Yaml();

@SuppressWarnings("unchecked")
@SuppressWarnings ("unchecked")
Map<String, Object> map = (Map<String, Object>) yaml.load(configStream);

JsonObjectBuilder builder = Json.createObjectBuilder(map);
Expand Down Expand Up @@ -256,7 +250,7 @@ private static NetworkConfig load(JsonObject jsonConfig) throws InvalidArgumentE
throw new InvalidArgumentException("config must be specified");
}

return new NetworkConfig(jsonConfig);
return new NetworkConfig(jsonConfig);
}

public OrgInfo getClientOrganization() {
Expand All @@ -273,6 +267,7 @@ public Collection<OrgInfo> getOrganizationInfos() {

/**
* Returns the admin user associated with the client organization
*
* @return The admin user details
* @throws NetworkConfigurationException
*/
Expand All @@ -298,17 +293,14 @@ public UserInfo getPeerAdmin(String orgName) throws NetworkConfigurationExceptio
return org.getPeerAdmin();
}



//public Set<CertificateAuthority> getPeerCertificateAuthorites(String peerName) {
// return null;
//}


/**
* Returns a channel configured using the details in the Network Configuration file
*
* @param client The associated client
* @param client The associated client
* @param channelName The name of the channel
* @return A configured Channel instance
*/
Expand Down Expand Up @@ -510,7 +502,6 @@ private void createAllOrganizations() throws NetworkConfigurationException {

}


// Reconstructs an existing channel
private Channel reconstructChannel(HFClient client, String channelName, JsonObject jsonChannel) throws NetworkConfigurationException {

Expand All @@ -525,7 +516,7 @@ private Channel reconstructChannel(HFClient client, String channelName, JsonObje

//out("Orderer names: " + (ordererNames == null ? "null" : ordererNames.toString()));
if (ordererNames != null) {
for (JsonValue jsonVal: ordererNames) {
for (JsonValue jsonVal : ordererNames) {

String ordererName = getJsonValueAsString(jsonVal);
Orderer orderer = getOrderer(client, ordererName);
Expand Down Expand Up @@ -594,7 +585,6 @@ private Channel reconstructChannel(HFClient client, String channelName, JsonObje
throw new NetworkConfigurationException(format("Error constructing channel %s. At least one peer must be specified", channelName));
}


} catch (InvalidArgumentException e) {
throw new IllegalArgumentException(e);
}
Expand Down Expand Up @@ -635,6 +625,12 @@ private Node createNode(String nodeName, JsonObject jsonOrderer, String urlPropN
Properties props = extractProperties(jsonOrderer, "grpcOptions");

// Extract the pem details
getTLSCerts(nodeName, jsonOrderer, props);

return new Node(nodeName, url, props);
}

private void getTLSCerts(String nodeName, JsonObject jsonOrderer, Properties props) throws NetworkConfigurationException {
JsonObject jsonTlsCaCerts = getJsonObject(jsonOrderer, "tlsCACerts");
if (jsonTlsCaCerts != null) {
String pemFilename = getJsonValueAsString(jsonTlsCaCerts.get("path"));
Expand All @@ -648,23 +644,15 @@ private Node createNode(String nodeName, JsonObject jsonOrderer, String urlPropN
// Determine full pathname and ensure the file exists
File pemFile = new File(pemFilename);
String fullPathname = pemFile.getAbsolutePath();
if (!pemFile.exists()) {
throw new NetworkConfigurationException(format("Endpoint %s: Pem file %s does not exist", nodeName, fullPathname));
}
props.put("pemFile", fullPathname);
}

if (pemBytes != null) {
props.put("pemBytes", pemBytes.getBytes());
}
}

return new Node(nodeName, url, props);
}




// Creates a new OrgInfo instance from a JSON object
private OrgInfo createOrg(String orgName, JsonObject jsonOrg) throws NetworkConfigurationException {

Expand All @@ -678,7 +666,7 @@ private OrgInfo createOrg(String orgName, JsonObject jsonOrg) throws NetworkConf
// Peers
JsonArray jsonPeers = getJsonValueAsArray(jsonOrg.get("peers"));
if (jsonPeers != null) {
for (JsonValue peer: jsonPeers) {
for (JsonValue peer : jsonPeers) {
String peerName = getJsonValueAsString(peer);
if (peerName != null) {
org.addPeerName(peerName);
Expand All @@ -689,7 +677,7 @@ private OrgInfo createOrg(String orgName, JsonObject jsonOrg) throws NetworkConf
// CAs
JsonArray jsonCertificateAuthorities = getJsonValueAsArray(jsonOrg.get("certificateAuthorities"));
if (jsonCertificateAuthorities != null) {
for (JsonValue jsonCA: jsonCertificateAuthorities) {
for (JsonValue jsonCA : jsonCertificateAuthorities) {
String caName = getJsonValueAsString(jsonCA);
if (caName != null) {
//org.addCAName(caName);
Expand All @@ -702,7 +690,6 @@ private OrgInfo createOrg(String orgName, JsonObject jsonOrg) throws NetworkConf
}
}


String adminPrivateKeyString = extractPemString(jsonOrg, "adminPrivateKey", msgPrefix);
String signedCert = extractPemString(jsonOrg, "signedCert", msgPrefix);

Expand All @@ -715,7 +702,6 @@ private OrgInfo createOrg(String orgName, JsonObject jsonOrg) throws NetworkConf
}
}


if (privateKey != null) {
org.setAdminPrivateKey(privateKey);
}
Expand All @@ -742,15 +728,12 @@ private static PrivateKey getPrivateKeyFromString(String data)
return privateKey;
}



// Returns the PEM (as a String) from either a path or a pem field
private static String extractPemString(JsonObject json, String fieldName, String msgPrefix) throws NetworkConfigurationException {

String path = null;
String pemString = null;


JsonObject jsonField = getJsonValueAsObject(json.get(fieldName));
if (jsonField != null) {
path = getJsonValueAsString(jsonField.get("path"));
Expand All @@ -761,7 +744,6 @@ private static String extractPemString(JsonObject json, String fieldName, String
throw new NetworkConfigurationException(format("%s should not specify both %s path and pem", msgPrefix, fieldName));
}


if (path != null) {
// Determine full pathname and ensure the file exists
File pemFile = new File(path);
Expand All @@ -781,7 +763,7 @@ private static String extractPemString(JsonObject json, String fieldName, String
}

// Creates a new CAInfo instance from a JSON object
private static CAInfo createCA(String name, JsonObject jsonCA) {
private CAInfo createCA(String name, JsonObject jsonCA) throws NetworkConfigurationException {

String url = getJsonValueAsString(jsonCA.get("url"));
Properties httpOptions = extractProperties(jsonCA, "httpOptions");
Expand All @@ -802,7 +784,12 @@ private static CAInfo createCA(String name, JsonObject jsonCA) {
caInfo.setCaName(caName);
}

// TODO: Implement tlsCACerts???
Properties properties = new Properties();
if (null != httpOptions && "false".equals(httpOptions.getProperty("verify"))) {
properties.setProperty("allowAllHostNames", "true");
}
getTLSCerts(name, jsonCA, properties);
caInfo.setProperties(properties);

return caInfo;
}
Expand All @@ -824,7 +811,6 @@ private static Properties extractProperties(JsonObject json, String fieldName) {
return props;
}


// Returns a new Peer instance for the specified peer name
private Peer getPeer(HFClient client, String peerName) throws InvalidArgumentException {
Peer peer = null;
Expand All @@ -835,7 +821,6 @@ private Peer getPeer(HFClient client, String peerName) throws InvalidArgumentExc
return peer;
}


// Returns a new EventHub instance for the specified name
private EventHub getEventHub(HFClient client, String name) throws InvalidArgumentException {
EventHub ehub = null;
Expand All @@ -846,7 +831,6 @@ private EventHub getEventHub(HFClient client, String name) throws InvalidArgumen
return ehub;
}


// Returns the specified JsonValue in a suitable format
// If it's a JsonString - it returns the string
// If it's a number = it returns the string represenation of that number
Expand Down Expand Up @@ -911,7 +895,6 @@ private static JsonObject getJsonObject(JsonObject object, String propName) {
return obj;
}


// Holds a network "node" (eg. Peer, Orderer, EventHub)
private class Node {

Expand All @@ -937,12 +920,10 @@ private Properties getProperties() {
return properties;
}


}

/**
* Holds details of a User
*
*/
public static class UserInfo {

Expand All @@ -969,7 +950,7 @@ public String getMspId() {
}

public PrivateKey getPrivateKey() {
return parentOrg.getAdminPrivateKey();
return parentOrg.getAdminPrivateKey();
}

public String getSignedCert() {
Expand All @@ -979,7 +960,6 @@ public String getSignedCert() {

/**
* Holds details of an Organization
*
*/
public static class OrgInfo {

Expand All @@ -990,7 +970,6 @@ public static class OrgInfo {
private final List<String> peerNames = new ArrayList<>();
private final List<CAInfo> certificateAuthorities = new ArrayList<>();


OrgInfo(String orgName, String mspId) {
this.name = orgName;
this.mspId = mspId;
Expand All @@ -1012,7 +991,6 @@ private void setSignedCert(String signedCert) {
this.signedCert = signedCert;
}


public String getName() {
return name;
}
Expand Down Expand Up @@ -1063,17 +1041,16 @@ public UserInfo getPeerAdmin() throws NetworkConfigurationException {
}

/**
*
* Holds the details of a Certificate Authority
*
*/
* Holds the details of a Certificate Authority
*/
public static class CAInfo {
private final String name;
private final String url;
private final String registrarEnrollId;
private final String registrarEnrollSecret;
private final Properties httpOptions;
private String caName; // The "optional" caName specified in the config, as opposed to its "config" name
private Properties properties;

CAInfo(String name, String url, String registrarEnrollId, String registrarEnrollSecret, Properties httpOptions) {
this.name = name;
Expand Down Expand Up @@ -1111,6 +1088,13 @@ public Properties getHttpOptions() {
return httpOptions;
}

void setProperties(Properties properties) {
this.properties = properties;
}

public Properties getProperties() {
return this.properties;
}
}

}
2 changes: 1 addition & 1 deletion src/main/java/org/hyperledger/fabric/sdk/transaction/InstallProposalBuilder.java
View file
Original file line number Diff line number Diff line change
Expand Up @@ -190,7 +190,7 @@ private void createNetModeTransaction() throws IOException {
// chaincodeSource may be a File or InputStream

// Verify that chaincodePath is null
if (null != chaincodePath) {
if (!Utils.isNullOrEmpty(chaincodePath)) {
throw new IllegalArgumentException("chaincodePath must be null for Java chaincode");
}

Expand Down
Loading

0 comments on commit 7b7df11

Please sign in to comment.