FAB-9282 NetworkConfig support TLS HFCAClient

NetworkConfig doesn't support TLS for CertificateAuthority

Change-Id: I4df40c2ab36c4a474bc1d4293eb13701157f6ba9
Signed-off-by: rickr <cr22rc@gmail.com>

Author: cr22rc

src/main/java/org/hyperledger/fabric/sdk/NetworkConfig.java

@@ -55,12 +55,10 @@
 import static java.lang.String.format;
 
 /**
- *
  * Holds details of network and channel configurations typically loaded from an external config file.
  * <br>
  * Also contains convenience methods for utilizing the config details,
  * including the main {@link HFClient#getChannel(String)} method
- *
  */
 
 public class NetworkConfig {
@@ -81,7 +79,6 @@ public class NetworkConfig {
 
     private static final Log logger = LogFactory.getLog(NetworkConfig.class);
 
-
     private NetworkConfig(JsonObject jsonConfig) throws InvalidArgumentException, NetworkConfigurationException {
 
         this.jsonConfig = jsonConfig;
@@ -106,27 +103,24 @@ private NetworkConfig(JsonObject jsonConfig) throws InvalidArgumentException, Ne
         createAllCertificateAuthorities();
         createAllOrganizations();
 
-
         // Validate the organization for this client
         JsonObject jsonClient = getJsonObject(jsonConfig, "client");
         String orgName = jsonClient == null ? null : getJsonValueAsString(jsonClient.get("organization"));
         if (orgName == null || orgName.isEmpty()) {
             throw new InvalidArgumentException("A client organization must be specified");
         }
 
-
         clientOrganization = getOrganizationInfo(orgName);
         if (clientOrganization == null) {
             throw new InvalidArgumentException("Client organization " + orgName + " is not defined");
         }
 
     }
 
-
     /**
      * Creates a new NetworkConfig instance configured with details supplied in a YAML file.
      *
-     * @param configFile    The file containing the network configuration
+     * @param configFile The file containing the network configuration
      * @return A new NetworkConfig instance
      * @throws InvalidArgumentException
      * @throws IOException
@@ -138,7 +132,7 @@ public static NetworkConfig fromYamlFile(File configFile) throws InvalidArgument
     /**
      * Creates a new NetworkConfig instance configured with details supplied in a JSON file.
      *
-     * @param configFile    The file containing the network configuration
+     * @param configFile The file containing the network configuration
      * @return A new NetworkConfig instance
      * @throws InvalidArgumentException
      * @throws IOException
@@ -165,7 +159,7 @@ public static NetworkConfig fromYamlStream(InputStream configStream) throws Inva
 
         Yaml yaml = new Yaml();
 
-        @SuppressWarnings("unchecked")
+        @SuppressWarnings ("unchecked")
         Map<String, Object> map = (Map<String, Object>) yaml.load(configStream);
 
         JsonObjectBuilder builder = Json.createObjectBuilder(map);
@@ -256,7 +250,7 @@ private static NetworkConfig load(JsonObject jsonConfig) throws InvalidArgumentE
             throw new InvalidArgumentException("config must be specified");
         }
 
-       return new NetworkConfig(jsonConfig);
+        return new NetworkConfig(jsonConfig);
     }
 
     public OrgInfo getClientOrganization() {
@@ -273,6 +267,7 @@ public Collection<OrgInfo> getOrganizationInfos() {
 
     /**
      * Returns the admin user associated with the client organization
+     *
      * @return The admin user details
      * @throws NetworkConfigurationException
      */
@@ -298,17 +293,14 @@ public UserInfo getPeerAdmin(String orgName) throws NetworkConfigurationExceptio
         return org.getPeerAdmin();
     }
 
-
-
     //public Set<CertificateAuthority> getPeerCertificateAuthorites(String peerName) {
     //    return null;
     //}
 
-
     /**
      * Returns a channel configured using the details in the Network Configuration file
      *
-     * @param client The associated client
+     * @param client      The associated client
      * @param channelName The name of the channel
      * @return A configured Channel instance
      */
@@ -510,7 +502,6 @@ private void createAllOrganizations() throws NetworkConfigurationException {
 
     }
 
-
     // Reconstructs an existing channel
     private Channel reconstructChannel(HFClient client, String channelName, JsonObject jsonChannel) throws NetworkConfigurationException {
 
@@ -525,7 +516,7 @@ private Channel reconstructChannel(HFClient client, String channelName, JsonObje
 
             //out("Orderer names: " + (ordererNames == null ? "null" : ordererNames.toString()));
             if (ordererNames != null) {
-                for (JsonValue jsonVal: ordererNames) {
+                for (JsonValue jsonVal : ordererNames) {
 
                     String ordererName = getJsonValueAsString(jsonVal);
                     Orderer orderer = getOrderer(client, ordererName);
@@ -594,7 +585,6 @@ private Channel reconstructChannel(HFClient client, String channelName, JsonObje
                 throw new NetworkConfigurationException(format("Error constructing channel %s. At least one peer must be specified", channelName));
             }
 
-
         } catch (InvalidArgumentException e) {
             throw new IllegalArgumentException(e);
         }
@@ -635,6 +625,12 @@ private Node createNode(String nodeName, JsonObject jsonOrderer, String urlPropN
         Properties props = extractProperties(jsonOrderer, "grpcOptions");
 
         // Extract the pem details
+        getTLSCerts(nodeName, jsonOrderer, props);
+
+        return new Node(nodeName, url, props);
+    }
+
+    private void getTLSCerts(String nodeName, JsonObject jsonOrderer, Properties props) throws NetworkConfigurationException {
         JsonObject jsonTlsCaCerts = getJsonObject(jsonOrderer, "tlsCACerts");
         if (jsonTlsCaCerts != null) {
             String pemFilename = getJsonValueAsString(jsonTlsCaCerts.get("path"));
@@ -648,23 +644,15 @@ private Node createNode(String nodeName, JsonObject jsonOrderer, String urlPropN
                 // Determine full pathname and ensure the file exists
                 File pemFile = new File(pemFilename);
                 String fullPathname = pemFile.getAbsolutePath();
-                if (!pemFile.exists()) {
-                    throw new NetworkConfigurationException(format("Endpoint %s: Pem file %s does not exist", nodeName, fullPathname));
-                }
                 props.put("pemFile", fullPathname);
             }
 
             if (pemBytes != null) {
                 props.put("pemBytes", pemBytes.getBytes());
             }
         }
-
-        return new Node(nodeName, url, props);
     }
 
-
-
-
     // Creates a new OrgInfo instance from a JSON object
     private OrgInfo createOrg(String orgName, JsonObject jsonOrg) throws NetworkConfigurationException {
 
@@ -678,7 +666,7 @@ private OrgInfo createOrg(String orgName, JsonObject jsonOrg) throws NetworkConf
         // Peers
         JsonArray jsonPeers = getJsonValueAsArray(jsonOrg.get("peers"));
         if (jsonPeers != null) {
-            for (JsonValue peer: jsonPeers) {
+            for (JsonValue peer : jsonPeers) {
                 String peerName = getJsonValueAsString(peer);
                 if (peerName != null) {
                     org.addPeerName(peerName);
@@ -689,7 +677,7 @@ private OrgInfo createOrg(String orgName, JsonObject jsonOrg) throws NetworkConf
         // CAs
         JsonArray jsonCertificateAuthorities = getJsonValueAsArray(jsonOrg.get("certificateAuthorities"));
         if (jsonCertificateAuthorities != null) {
-            for (JsonValue jsonCA: jsonCertificateAuthorities) {
+            for (JsonValue jsonCA : jsonCertificateAuthorities) {
                 String caName = getJsonValueAsString(jsonCA);
                 if (caName != null) {
                     //org.addCAName(caName);
@@ -702,7 +690,6 @@ private OrgInfo createOrg(String orgName, JsonObject jsonOrg) throws NetworkConf
             }
         }
 
-
         String adminPrivateKeyString = extractPemString(jsonOrg, "adminPrivateKey", msgPrefix);
         String signedCert = extractPemString(jsonOrg, "signedCert", msgPrefix);
 
@@ -715,7 +702,6 @@ private OrgInfo createOrg(String orgName, JsonObject jsonOrg) throws NetworkConf
             }
         }
 
-
         if (privateKey != null) {
             org.setAdminPrivateKey(privateKey);
         }
@@ -742,15 +728,12 @@ private static PrivateKey getPrivateKeyFromString(String data)
         return privateKey;
     }
 
-
-
     // Returns the PEM (as a String) from either a path or a pem field
     private static String extractPemString(JsonObject json, String fieldName, String msgPrefix) throws NetworkConfigurationException {
 
         String path = null;
         String pemString = null;
 
-
         JsonObject jsonField = getJsonValueAsObject(json.get(fieldName));
         if (jsonField != null) {
             path = getJsonValueAsString(jsonField.get("path"));
@@ -761,7 +744,6 @@ private static String extractPemString(JsonObject json, String fieldName, String
             throw new NetworkConfigurationException(format("%s should not specify both %s path and pem", msgPrefix, fieldName));
         }
 
-
         if (path != null) {
             // Determine full pathname and ensure the file exists
             File pemFile = new File(path);
@@ -781,7 +763,7 @@ private static String extractPemString(JsonObject json, String fieldName, String
     }
 
     // Creates a new CAInfo instance from a JSON object
-    private static CAInfo createCA(String name, JsonObject jsonCA) {
+    private CAInfo createCA(String name, JsonObject jsonCA) throws NetworkConfigurationException {
 
         String url = getJsonValueAsString(jsonCA.get("url"));
         Properties httpOptions = extractProperties(jsonCA, "httpOptions");
@@ -802,7 +784,12 @@ private static CAInfo createCA(String name, JsonObject jsonCA) {
             caInfo.setCaName(caName);
         }
 
-        // TODO: Implement tlsCACerts???
+        Properties properties = new Properties();
+        if (null != httpOptions && "false".equals(httpOptions.getProperty("verify"))) {
+            properties.setProperty("allowAllHostNames", "true");
+        }
+        getTLSCerts(name, jsonCA, properties);
+        caInfo.setProperties(properties);
 
         return caInfo;
     }
@@ -824,7 +811,6 @@ private static Properties extractProperties(JsonObject json, String fieldName) {
         return props;
     }
 
-
     // Returns a new Peer instance for the specified peer name
     private Peer getPeer(HFClient client, String peerName) throws InvalidArgumentException {
         Peer peer = null;
@@ -835,7 +821,6 @@ private Peer getPeer(HFClient client, String peerName) throws InvalidArgumentExc
         return peer;
     }
 
-
     // Returns a new EventHub instance for the specified name
     private EventHub getEventHub(HFClient client, String name) throws InvalidArgumentException {
         EventHub ehub = null;
@@ -846,7 +831,6 @@ private EventHub getEventHub(HFClient client, String name) throws InvalidArgumen
         return ehub;
     }
 
-
     // Returns the specified JsonValue in a suitable format
     // If it's a JsonString - it returns the string
     // If it's a number = it returns the string represenation of that number
@@ -911,7 +895,6 @@ private static JsonObject getJsonObject(JsonObject object, String propName) {
         return obj;
     }
 
-
     // Holds a network "node" (eg. Peer, Orderer, EventHub)
     private class Node {
 
@@ -937,12 +920,10 @@ private Properties getProperties() {
             return properties;
         }
 
-
     }
 
     /**
      * Holds details of a User
-     *
      */
     public static class UserInfo {
 
@@ -969,7 +950,7 @@ public String getMspId() {
         }
 
         public PrivateKey getPrivateKey() {
-           return parentOrg.getAdminPrivateKey();
+            return parentOrg.getAdminPrivateKey();
         }
 
         public String getSignedCert() {
@@ -979,7 +960,6 @@ public String getSignedCert() {
 
     /**
      * Holds details of an Organization
-     *
      */
     public static class OrgInfo {
 
@@ -990,7 +970,6 @@ public static class OrgInfo {
         private final List<String> peerNames = new ArrayList<>();
         private final List<CAInfo> certificateAuthorities = new ArrayList<>();
 
-
         OrgInfo(String orgName, String mspId) {
             this.name = orgName;
             this.mspId = mspId;
@@ -1012,7 +991,6 @@ private void setSignedCert(String signedCert) {
             this.signedCert = signedCert;
         }
 
-
         public String getName() {
             return name;
         }
@@ -1063,17 +1041,16 @@ public UserInfo getPeerAdmin() throws NetworkConfigurationException {
     }
 
     /**
-    *
-    * Holds the details of a Certificate Authority
-    *
-    */
+     * Holds the details of a Certificate Authority
+     */
     public static class CAInfo {
         private final String name;
         private final String url;
         private final String registrarEnrollId;
         private final String registrarEnrollSecret;
         private final Properties httpOptions;
         private String caName;          // The "optional" caName specified in the config, as opposed to its "config" name
+        private Properties properties;
 
         CAInfo(String name, String url, String registrarEnrollId, String registrarEnrollSecret, Properties httpOptions) {
             this.name = name;
@@ -1111,6 +1088,13 @@ public Properties getHttpOptions() {
             return httpOptions;
         }
 
+        void setProperties(Properties properties) {
+            this.properties = properties;
+        }
+
+        public Properties getProperties() {
+            return this.properties;
+        }
     }
 
 }

src/main/java/org/hyperledger/fabric/sdk/transaction/InstallProposalBuilder.java

@@ -190,7 +190,7 @@ private void createNetModeTransaction() throws IOException {
                 // chaincodeSource may be a File or InputStream
 
                 //   Verify that chaincodePath is null
-                if (null != chaincodePath) {
+                if (!Utils.isNullOrEmpty(chaincodePath)) {
                     throw new IllegalArgumentException("chaincodePath must be null for Java chaincode");
                 }