Skip to content
This repository was archived by the owner on Apr 22, 2025. It is now read-only.

Commit f3e6fef

Browse files
harrisobharrisob
committed
FAB-8723 NodeSDK V1.0 - string env vars
Allow new settings on the HSM cards to be strings CRYPTO_PKCS11_READWRITE CRYPTO_PKCS11_USERTYPE Change-Id: I9a5d7c11e3708ea8e25117c4fdf25c2344473f22 Signed-off-by: Bret Harrison <beharrison@nc.rr.com>
1 parent e3487ad commit f3e6fef

File tree

2 files changed

+75
-4
lines changed

2 files changed

+75
-4
lines changed

fabric-client/lib/impl/bccsp_pkcs11.js

Lines changed: 13 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -156,6 +156,9 @@ var CryptoSuite_PKCS11 = class extends api.CryptoSuite {
156156
var pkcs11UserType = opts ? opts.usertype: null;
157157
if (typeof pkcs11UserType === 'undefined' || pkcs11UserType === null)
158158
pkcs11UserType = utils.getConfigSetting('crypto-pkcs11-usertype', 1);
159+
if (typeof pkcs11UserType === 'string') {
160+
pkcs11UserType = Number.parseInt(pkcs11UserType);
161+
}
159162
if(!Number.isInteger(pkcs11UserType)) {
160163
throw new Error(__func() + 'PKCS11 usertype number invalid');
161164
}
@@ -166,8 +169,17 @@ var CryptoSuite_PKCS11 = class extends api.CryptoSuite {
166169
var pkcs11ReadWrite = opts ? opts.readwrite: null;
167170
if (typeof pkcs11ReadWrite === 'undefined' || pkcs11ReadWrite === null)
168171
pkcs11ReadWrite = utils.getConfigSetting('crypto-pkcs11-readwrite', true);
172+
if (typeof pkcs11ReadWrite === 'string') {
173+
if(pkcs11ReadWrite.toLowerCase() === 'true') {
174+
pkcs11ReadWrite = true;
175+
} else if(pkcs11ReadWrite.toLowerCase() === 'false') {
176+
pkcs11ReadWrite = false;
177+
} else {
178+
throw new Error(__func() + 'PKCS11 readwrite setting must be "true" or "false"');
179+
}
180+
}
169181
if (typeof pkcs11ReadWrite !== 'boolean') {
170-
throw new Error(__func() + 'PKCS11 readwrite is invalid');
182+
throw new Error(__func() + 'PKCS11 readwrite setting must be a boolean value');
171183
}
172184
/*
173185
* If no pin specified, get it from env var or config file.

test/unit/cryptosuite-pkcs11.js

Lines changed: 62 additions & 3 deletions
Original file line numberDiff line numberDiff line change
@@ -18,10 +18,12 @@
1818

1919
var tape = require('tape');
2020
var _test = require('tape-promise');
21+
var nconf = require('nconf');
2122
var test = _test(tape);
2223
var testutil = require('./util.js');
2324
var Client = require('fabric-client');
2425
var PKCS11 = require('fabric-client/lib/impl/bccsp_pkcs11.js');
26+
var Config = require('fabric-client/lib/Config.js');
2527

2628
test('\n\n** bccsp_pkcs11 tests **\n\n', (t) => {
2729
testutil.resetDefaults();
@@ -124,7 +126,7 @@ test('\n\n** bccsp_pkcs11 tests **\n\n', (t) => {
124126
function () {
125127
let pkcss11 = new PKCS11(256, 'sha2', opts);
126128
},
127-
/readwrite is invalid/,
129+
/readwrite setting must be "true" or "false"/,
128130
'Checking: for valid readwrite'
129131
);
130132
opts.readwrite = false;
@@ -186,14 +188,63 @@ test('\n\n** bccsp_pkcs11 tests **\n\n', (t) => {
186188
checkError(error,testing);
187189
}
188190

189-
Client.setConfigSetting('crypto-pkcs11-readwrite', 'false');
191+
Client.setConfigSetting('crypto-pkcs11-usertype', '2');
192+
testing = 'Checking: for valid usertype in config';
193+
try {
194+
let pkcss11 = new PKCS11(256, 'sha2');
195+
t.fail(testing);
196+
} catch(error) {
197+
checkError(error,testing);
198+
}
199+
200+
Client.setConfigSetting('crypto-pkcs11-readwrite', 99);
201+
t.throws(
202+
function () {
203+
let pkcss11 = new PKCS11(256, 'sha2');
204+
},
205+
/readwrite setting must be a boolean value/,
206+
'Checking: for valid readwrite'
207+
);
208+
Client.setConfigSetting('crypto-pkcs11-readwrite', 'not');
190209
t.throws(
191210
function () {
192211
let pkcss11 = new PKCS11(256, 'sha2');
193212
},
194-
/readwrite is invalid/,
213+
/readwrite setting must be "true" or "false"/,
195214
'Checking: for valid readwrite'
196215
);
216+
Client.setConfigSetting('crypto-pkcs11-readwrite', 'false');
217+
testing = 'Checking: for valid readwrite in config';
218+
try {
219+
let pkcss11 = new PKCS11(256, 'sha2');
220+
t.fail(testing);
221+
} catch(error) {
222+
checkError(error,testing);
223+
}
224+
Client.setConfigSetting('crypto-pkcs11-readwrite', 'true');
225+
testing = 'Checking: for valid readwrite in config';
226+
try {
227+
let pkcss11 = new PKCS11(256, 'sha2');
228+
t.fail(testing);
229+
} catch(error) {
230+
checkError(error,testing);
231+
}
232+
Client.setConfigSetting('crypto-pkcs11-readwrite', 'False');
233+
testing = 'Checking: for valid readwrite in config';
234+
try {
235+
let pkcss11 = new PKCS11(256, 'sha2');
236+
t.fail(testing);
237+
} catch(error) {
238+
checkError(error,testing);
239+
}
240+
Client.setConfigSetting('crypto-pkcs11-readwrite', 'True');
241+
testing = 'Checking: for valid readwrite in config';
242+
try {
243+
let pkcss11 = new PKCS11(256, 'sha2');
244+
t.fail(testing);
245+
} catch(error) {
246+
checkError(error,testing);
247+
}
197248
Client.setConfigSetting('crypto-pkcs11-readwrite', false);
198249
testing = 'Checking: for valid readwrite in config';
199250
try {
@@ -202,6 +253,14 @@ test('\n\n** bccsp_pkcs11 tests **\n\n', (t) => {
202253
} catch(error) {
203254
checkError(error,testing);
204255
}
256+
Client.setConfigSetting('crypto-pkcs11-readwrite', true);
257+
testing = 'Checking: for valid readwrite in config';
258+
try {
259+
let pkcss11 = new PKCS11(256, 'sha2');
260+
t.fail(testing);
261+
} catch(error) {
262+
checkError(error,testing);
263+
}
205264

206265
t.end();
207266
});

0 commit comments

Comments
 (0)