Refactor MSP package and msp config w/o json

This change-set presents a better organisation of the MSP package: code that
belongs to msp proper is in fabric/msp, whereas core that instantiates and
manages msps for the peer was moved in fabric/core/peer (a new package was
created to avoid import cycles). Furthermore, configuration of the local
MSP no longer requires a specific json file: it is sufficient to place
certificates and keys in a directory with the appropriate structure (sample in
msp/sampleconfig).

Change-Id: Ic0c696a6e0fb406d8e482240e24e5d5774efc5c5
Signed-off-by: Alessandro Sorniotti <ale.linux@sopit.net>

Makefile

@@ -180,8 +180,7 @@ build/image/javaenv/payload:    build/javashim.tar.bz2 \
 				build/protos.tar.bz2 \
 				settings.gradle
 build/image/peer/payload:       build/docker/bin/peer \
-				peer/core.yaml \
-				msp/peer-config.json
+				peer/core.yaml
 build/image/orderer/payload:    build/docker/bin/orderer \
 				orderer/orderer.yaml
 build/image/testenv/payload:    build/gotools.tar.bz2
@@ -191,7 +190,25 @@ build/image/%/payload:
 	mkdir -p $@
 	cp $^ $@
 
-build/image/%/$(DUMMY): Makefile build/image/%/payload
+# the target below is required to produce a valid
+# local MSP config when we build the container; there
+# might be a better way of structuring it, but we'll
+# leave as a TODO for now
+.PHONY: mspconfig
+mspconfig: 	msp/sampleconfig/signcerts/peer.pem \
+		msp/sampleconfig/admincerts/admincert.pem \
+		msp/sampleconfig/keystore/key.pem \
+		msp/sampleconfig/cacerts/cacert.pem
+		mkdir -p build/image/peer/payload/msp/sampleconfig/signcerts
+		cp msp/sampleconfig/signcerts/peer.pem build/image/peer/payload/msp/sampleconfig/signcerts
+		mkdir -p build/image/peer/payload/msp/sampleconfig/admincerts
+		cp msp/sampleconfig/admincerts/admincert.pem build/image/peer/payload/msp/sampleconfig/admincerts
+		mkdir -p build/image/peer/payload/msp/sampleconfig/keystore
+		cp msp/sampleconfig/keystore/key.pem build/image/peer/payload/msp/sampleconfig/keystore
+		mkdir -p build/image/peer/payload/msp/sampleconfig/cacerts
+		cp msp/sampleconfig/cacerts/cacert.pem build/image/peer/payload/msp/sampleconfig/cacerts
+
+build/image/%/$(DUMMY): Makefile build/image/%/payload mspconfig
 	$(eval TARGET = ${patsubst build/image/%/$(DUMMY),%,${@}})
 	@echo "Building docker $(TARGET)-image"
 	@cat images/$(TARGET)/Dockerfile.in \

core/chaincode/exectransaction_test.go

@@ -38,8 +38,8 @@ import (
 	putils "github.com/hyperledger/fabric/protos/utils"
 
 	"github.com/golang/protobuf/proto"
-	"github.com/hyperledger/fabric/core/config"
 	"github.com/hyperledger/fabric/core/crypto/primitives"
+	"github.com/hyperledger/fabric/core/peer/msp"
 	"github.com/hyperledger/fabric/msp"
 	"github.com/hyperledger/fabric/protos/common"
 	"github.com/spf13/viper"
@@ -1070,9 +1070,9 @@ func TestMain(m *testing.M) {
 	primitives.SetSecurityLevel("SHA2", 256)
 
 	// setup the MSP manager so that we can sign/verify
-	mspMgrConfigFile := "../../msp/peer-config.json"
-	config.SetupFakeMSPInfrastructureForTests(mspMgrConfigFile)
-	signer, err = msp.GetLocalMSP().GetDefaultSigningIdentity()
+	mspMgrConfigDir := "../../msp/sampleconfig/"
+	mspmgmt.LoadFakeSetupWithLocalMspAndTestChainMsp(mspMgrConfigDir)
+	signer, err = mspmgmt.GetLocalMSP().GetDefaultSigningIdentity()
 	if err != nil {
 		os.Exit(-1)
 		fmt.Printf("Could not initialize msp/signer")

core/config/config.go

@@ -22,11 +22,6 @@ import (
 	"runtime"
 	"strings"
 
-	"encoding/json"
-	"io/ioutil"
-
-	"github.com/hyperledger/fabric/core/util"
-	"github.com/hyperledger/fabric/msp"
 	"github.com/op/go-logging"
 	"github.com/spf13/viper"
 )
@@ -80,59 +75,3 @@ func SetupTestConfig(pathToOpenchainYaml string) {
 	configLogger.Debugf("setting Number of procs to %d, was %d\n", numProcsDesired, runtime.GOMAXPROCS(2))
 
 }
-
-func getPeerConfFromFile(configFile string) (*msp.NodeLocalConfig, error) {
-	file, err := ioutil.ReadFile(configFile)
-	if err != nil {
-		return nil, fmt.Errorf("Could not read file %s, err %s", configFile, err)
-	}
-
-	var localConf msp.NodeLocalConfig
-	err = json.Unmarshal(file, &localConf)
-	if err != nil {
-		return nil, fmt.Errorf("Could not unmarshal config, err %s", err)
-	}
-
-	return &localConf, nil
-}
-
-func LoadLocalMSPConfig(configFile string) error {
-	localConf, err := getPeerConfFromFile(configFile)
-	if err != nil {
-		return err
-	}
-
-	if localConf.LocalMSP == nil {
-		return fmt.Errorf("nil LocalMSP")
-	}
-
-	err = msp.GetLocalMSP().Setup(localConf.LocalMSP)
-	if err != nil {
-		return fmt.Errorf("Could not setup local msp, err %s", err)
-	}
-
-	// TODO: setup BCCSP here using localConf.BCCSP
-
-	return nil
-}
-
-func SetupFakeMSPInfrastructureForTests(configFile string) error {
-	err := LoadLocalMSPConfig(configFile)
-	if err != nil {
-		return err
-	}
-
-	localConf, err := getPeerConfFromFile(configFile)
-	if err != nil {
-		return err
-	}
-
-	mgrconf := &msp.MSPManagerConfig{MspList: []*msp.MSPConfig{localConf.LocalMSP}, Name: "MGRFORTESTCHAIN"}
-
-	err = msp.GetManagerForChain(util.GetTestChainID()).Setup(mgrconf)
-	if err != nil {
-		return err
-	}
-
-	return nil
-}

core/endorser/endorser_test.go

@@ -27,11 +27,11 @@ import (
 
 	"github.com/golang/protobuf/proto"
 	"github.com/hyperledger/fabric/core/chaincode"
-	"github.com/hyperledger/fabric/core/config"
 	"github.com/hyperledger/fabric/core/container"
 	"github.com/hyperledger/fabric/core/crypto/primitives"
 	"github.com/hyperledger/fabric/core/ledger/kvledger"
 	"github.com/hyperledger/fabric/core/peer"
+	"github.com/hyperledger/fabric/core/peer/msp"
 	"github.com/hyperledger/fabric/core/util"
 	"github.com/hyperledger/fabric/msp"
 	pb "github.com/hyperledger/fabric/protos/peer"
@@ -43,7 +43,7 @@ import (
 )
 
 var endorserServer pb.EndorserServer
-var mspInstance msp.PeerMSP
+var mspInstance msp.MSP
 var signer msp.SigningIdentity
 
 //initialize peer and start up. If security==enabled, login as vp
@@ -437,12 +437,18 @@ func TestMain(m *testing.M) {
 	endorserServer = NewEndorserServer()
 
 	// setup the MSP manager so that we can sign/verify
-	mspMgrConfigFile := "../../msp/peer-config.json"
-	config.SetupFakeMSPInfrastructureForTests(mspMgrConfigFile)
-	signer, err = msp.GetLocalMSP().GetDefaultSigningIdentity()
+	mspMgrConfigDir := "../../msp/sampleconfig/"
+	err = mspmgmt.LoadFakeSetupWithLocalMspAndTestChainMsp(mspMgrConfigDir)
 	if err != nil {
+		fmt.Printf("Could not initialize msp/signer, err %s", err)
 		os.Exit(-1)
+		finitPeer(lis)
+		return
+	}
+	signer, err = mspmgmt.GetLocalMSP().GetDefaultSigningIdentity()
+	if err != nil {
 		fmt.Printf("Could not initialize msp/signer")
+		os.Exit(-1)
 		finitPeer(lis)
 		return
 	}

core/peer/fullflow_test.go

@@ -24,8 +24,8 @@ import (
 	"fmt"
 	"os"
 
-	"github.com/hyperledger/fabric/core/config"
 	"github.com/hyperledger/fabric/core/crypto/primitives"
+	"github.com/hyperledger/fabric/core/peer/msp"
 	"github.com/hyperledger/fabric/core/util"
 	"github.com/hyperledger/fabric/msp"
 	"github.com/hyperledger/fabric/protos/peer"
@@ -316,25 +316,25 @@ func TestMain(m *testing.M) {
 	// setup crypto algorithms
 	primitives.SetSecurityLevel("SHA2", 256)
 	// setup the MSP manager so that we can sign/verify
-	mspMgrConfigFile := "../../msp/peer-config.json"
-	err := config.SetupFakeMSPInfrastructureForTests(mspMgrConfigFile)
+	mspMgrConfigDir := "../../msp/sampleconfig/"
+	err := mspmgmt.LoadFakeSetupWithLocalMspAndTestChainMsp(mspMgrConfigDir)
 	if err != nil {
+		fmt.Printf("Could not initialize msp, err %s", err)
 		os.Exit(-1)
-		fmt.Printf("Could not initialize msp")
 		return
 	}
 
-	signer, err = msp.GetLocalMSP().GetDefaultSigningIdentity()
+	signer, err = mspmgmt.GetLocalMSP().GetDefaultSigningIdentity()
 	if err != nil {
-		os.Exit(-1)
 		fmt.Printf("Could not get signer")
+		os.Exit(-1)
 		return
 	}
 
 	signerSerialized, err = signer.Serialize()
 	if err != nil {
-		os.Exit(-1)
 		fmt.Printf("Could not serialize identity")
+		os.Exit(-1)
 		return
 	}
 

core/peer/msgvalidation.go

@@ -21,7 +21,7 @@ import (
 
 	"bytes"
 
-	"github.com/hyperledger/fabric/msp"
+	"github.com/hyperledger/fabric/core/peer/msp"
 	"github.com/hyperledger/fabric/protos/common"
 	pb "github.com/hyperledger/fabric/protos/peer"
 	"github.com/hyperledger/fabric/protos/utils"
@@ -114,29 +114,25 @@ func checkSignatureFromCreator(creatorBytes []byte, sig []byte, msg []byte, Chai
 	}
 
 	// get the identity of the creator
-	creator, err := msp.GetManagerForChain(ChainID).DeserializeIdentity(creatorBytes)
+	creator, err := mspmgmt.GetManagerForChain(ChainID).DeserializeIdentity(creatorBytes)
 	if err != nil {
 		return fmt.Errorf("Failed to deserialize creator identity, err %s", err)
 	}
 
-	putilsLogger.Infof("checkSignatureFromCreator info: creator is %s", creator.Identifier())
+	putilsLogger.Infof("checkSignatureFromCreator info: creator is %s", creator.GetIdentifier())
 
 	// ensure that creator is a valid certificate
-	valid, err := creator.Validate()
+	err = creator.IsValid()
 	if err != nil {
-		return fmt.Errorf("Could not determine whether the identity is valid, err %s", err)
-	} else if !valid {
-		return fmt.Errorf("The creator certificate is not valid, aborting")
+		return fmt.Errorf("The creator certificate is not valid, err %s", err)
 	}
 
 	putilsLogger.Infof("checkSignatureFromCreator info: creator is valid")
 
 	// validate the signature
-	verified, err := creator.Verify(msg, sig)
+	err = creator.Verify(msg, sig)
 	if err != nil {
-		return fmt.Errorf("Could not determine whether the signature is valid, err %s", err)
-	} else if !verified {
-		return fmt.Errorf("The creator's signature over the proposal is not valid, aborting")
+		return fmt.Errorf("The creator's signature over the proposal is not valid, err %s", err)
 	}
 
 	putilsLogger.Infof("checkSignatureFromCreator exists successfully")

core/peer/msp/config.go

@@ -0,0 +1,78 @@
+package mspmgmt
+
+import (
+	"github.com/hyperledger/fabric/core/util"
+	"github.com/hyperledger/fabric/msp"
+	"github.com/hyperledger/fabric/protos/common"
+)
+
+func LoadLocalMsp(dir string) error {
+	conf, err := msp.GetLocalMspConfig(dir)
+	if err != nil {
+		return err
+	}
+
+	return GetLocalMSP().Setup(conf)
+}
+
+// FIXME: this is required for now because we need a local MSP
+// and also the MSP mgr for the test chain; as soon as the code
+// to setup chains is ready, the chain should be setup using
+// the method below and this method should disappear
+func LoadFakeSetupWithLocalMspAndTestChainMsp(dir string) error {
+	conf, err := msp.GetLocalMspConfig(dir)
+	if err != nil {
+		return err
+	}
+
+	err = GetLocalMSP().Setup(conf)
+	if err != nil {
+		return err
+	}
+
+	fakeConfig = &msp.MSPManagerConfig{MspList: []*msp.MSPConfig{conf}, Name: "MGRFORTESTCHAIN"}
+
+	err = GetManagerForChain(util.GetTestChainID()).Setup(fakeConfig)
+	if err != nil {
+		return err
+	}
+
+	return nil
+}
+
+// FIXME! Every chain needs an MSP config but for now,
+// we don't have support for that; we get around it
+// temporarily by storing the config the peer loaded
+// and using it every time we're asked to get an MSP
+// manager via LoadMSPManagerFromBlock
+var fakeConfig *msp.MSPManagerConfig
+
+func GetMSPManagerFromBlock(b *common.Block) (msp.MSPManager, error) {
+	// FIXME! We need to extract the config item
+	// that relates to MSP from the contig tx
+	// inside this block, unmarshal it to extract
+	// an *MSPManagerConfig that we can then pass
+	// to the Setup method; for now we wing it by
+	// passing the same config we got for the
+	// local manager; this way chain creation tests
+	// can proceed without being block by this
+
+	// this hack is required to give us some configuration
+	// so that we can return a valid MSP manager when
+	// someone calls this function; it should work, provided
+	// that this call occurs after the peer has started
+	// and called LoadFakeSetupWithLocalMspAndTestChainMsp.
+	// Notice that this happens very early in the peer
+	// startup and so the assumption should be safe
+	if fakeConfig == nil {
+		panic("fakeConfig is nil")
+	}
+
+	mgr := msp.NewMSPManager()
+	err := mgr.Setup(fakeConfig)
+	if err != nil {
+		return nil, err
+	} else {
+		return mgr, nil
+	}
+}