Merge "[FAB-6412] Add Node SDK support for gencrl endpoint"

hyperledger · Nov 6, 2017 · 47f63a8 · 47f63a8
2 parents 476a616 + 431df8a
commit 47f63a8
Show file tree

Hide file tree

Showing 2 changed files with 78 additions and 0 deletions.
diff --git a/fabric-ca-client/lib/FabricCAClientImpl.js b/fabric-ca-client/lib/FabricCAClientImpl.js
@@ -349,6 +349,35 @@ var FabricCAServices = class extends BaseClient {
 			registrar.getSigningIdentity());
 	}
 
+	/**
+	 * @typedef {Object} Restriction
+	 * @property {Date} revokedBefore - Include certificates that were revoked before this UTC timestamp (in RFC3339 format) in the CRL
+	 * @property {Date} revokedAfter - Include certificates that were revoked after this UTC timestamp (in RFC3339 format) in the CRL
+	 * @property {Date} expireBefore - Include revoked certificates that expire before this UTC timestamp (in RFC3339 format) in the CRL
+	 * @property {Date} expireAfter - Include revoked certificates that expire after this UTC timestamp (in RFC3339 format) in the CRL
+	 */
+
+	/**
+	 *
+	 * @param {Restriction} request
+	 * @param {User} registrar The identity of the registrar (i.e. who is performing the revocation)
+	 * @returns {Promise} The Certificate Revocation List (CRL)
+	 */
+	generateCRL(request, registrar) {
+		if (typeof request === 'undefined' || request === null) {
+			throw new Error('Missing required argument "request"');
+		}
+
+		checkRegistrar(registrar);
+
+		return this._fabricCAClient.generateCRL(
+			request.revokedBefore ? request.revokedBefore.toISOString() : null,
+			request.revokedAfter ? request.revokedAfter.toISOString() : null,
+			request.expireBefore ? request.expireBefore.toISOString() : null,
+			request.expireAfter ? request.expireAfter.toISOString() : null,
+			registrar.getSigningIdentity());
+	}
+
 	/**
 	 * @typedef {Object} HTTPEndpoint
 	 * @property {string} hostname
@@ -783,6 +812,46 @@ var FabricCAClient = class {
 
 	}
 
+	generateCRL(revokedBefore, revokedAfter, expireBefore, expireAfter, signingIdentity) {
+		let self = this;
+		let numArgs = arguments.length;
+
+		return new Promise(function (resolve, reject) {
+			if(numArgs !== 5) {
+				return reject(new Error('Missing required parameters. \'revokedBefore\', \'revokedAfter\', \
+					\'expireBefore\', \'expireAfter\' and \'signingIdentity\' are all required.'));
+			}
+
+			let request = {};
+			if (!revokedBefore) {
+				request.revokedBefore = revokedBefore;
+			}
+			if (!revokedAfter) {
+				request.revokedAfter = revokedAfter;
+			}
+			if (!expireBefore) {
+				request.expireBefore = expireBefore;
+			}
+			if (!expireAfter) {
+				request.expireAfter = expireAfter;
+			}
+			if (!self._caName) {
+				request.caname = self._caName;
+			}
+
+			return self.post('gencrl', request, signingIdentity)
+				.then(function (response) {
+					if (response.success && response.result) {
+						return resolve(response.result.CRL);
+					} else {
+						return reject(response.errors);
+					}
+				}).catch(function (err) {
+					return reject(err);
+				});
+		});
+	}
+
 	/**
 	 * Convert a PEM encoded certificate to DER format
 	 * @param {string) pem PEM encoded public or private key

diff --git a/test/integration/fabric-ca-services-tests.js b/test/integration/fabric-ca-services-tests.js
@@ -202,6 +202,15 @@ test('\n\n ** FabricCAServices: Test enroll() With Dynamic CSR **\n\n', function
 		}).then((response) => {
 			t.equal(response.success, true, 'Successfully revoked "testUserY" using serial number and AKI');
 
+			// generate CRL
+			return caService.generateCRL({}, member);
+		}).then((CRL) => {
+			if(CRL){
+				t.pass('Successfully generated CRL');
+			} else {
+				t.fail('Unable to generate CRL');
+			}
+
 			// register a new user 'test1'
 			return caService.register({
 				enrollmentID: 'test1',