Skip to content

Commit

Permalink
Merge "[FAB-5713] properly log x509 certs"
Browse files Browse the repository at this point in the history
  • Loading branch information
Srinivasan Muralidharan authored and Gerrit Code Review committed Aug 11, 2017
2 parents 8f3c705 + 82f0bd9 commit 4388f48
Show file tree
Hide file tree
Showing 2 changed files with 41 additions and 4 deletions.
41 changes: 38 additions & 3 deletions msp/cert.go
View file
Original file line number Diff line number Diff line change
Expand Up @@ -22,11 +22,12 @@ import (
"crypto/x509"
"crypto/x509/pkix"
"encoding/asn1"
"encoding/pem"
"errors"
"fmt"
"math/big"
"time"

"errors"

"github.com/hyperledger/fabric/bccsp/sw"
)

Expand Down Expand Up @@ -101,7 +102,7 @@ func sanitizeECDSASignedCert(cert *x509.Certificate, parentCert *x509.Certificat
// the lower level interface that represent an x509 certificate
// encoding
var newCert certificate
_, err = asn1.Unmarshal(cert.Raw, &newCert)
newCert, err = certFromX509Cert(cert)
if err != nil {
return nil, err
}
Expand All @@ -119,3 +120,37 @@ func sanitizeECDSASignedCert(cert *x509.Certificate, parentCert *x509.Certificat
// 4. parse newRaw to get an x509 certificate
return x509.ParseCertificate(newRaw)
}

func certFromX509Cert(cert *x509.Certificate) (certificate, error) {
var newCert certificate
_, err := asn1.Unmarshal(cert.Raw, &newCert)
if err != nil {
return certificate{}, err
}
return newCert, nil
}

// String returns a PEM representation of a certificate
func (c certificate) String() string {
b, err := asn1.Marshal(c)
if err != nil {
return fmt.Sprintf("Failed marshaling cert: %v", err)
}
block := &pem.Block{
Bytes: b,
Type: "CERTIFICATE",
}
b = pem.EncodeToMemory(block)
return string(b)
}

// certToPEM converts the given x509.Certificate to a PEM
// encoded string
func certToPEM(certificate *x509.Certificate) string {
cert, err := certFromX509Cert(certificate)
if err != nil {
mspIdentityLogger.Warning("Failed converting certificate to asn1", err)
return ""
}
return cert.String()
}
4 changes: 3 additions & 1 deletion msp/identities.go
View file
Original file line number Diff line number Diff line change
Expand Up @@ -49,7 +49,9 @@ type identity struct {
}

func newIdentity(cert *x509.Certificate, pk bccsp.Key, msp *bccspmsp) (Identity, error) {
mspIdentityLogger.Debugf("Creating identity instance for cert %s", cert)
if mspIdentityLogger.IsEnabledFor(logging.DEBUG) {
mspIdentityLogger.Debugf("Creating identity instance for cert %s", certToPEM(cert))
}

// Sanitize first the certificate
cert, err := msp.sanitizeCert(cert)
Expand Down

0 comments on commit 4388f48

Please sign in to comment.