Merge "Cleaup core.yaml security section"

hyperledger · Jan 6, 2017 · 80da43a · 80da43a
2 parents b9ed727 + e63662a
commit 80da43a
Show file tree

Hide file tree

Showing 19 changed files with 212 additions and 999 deletions.
diff --git a/core/chaincode/exectransaction_test.go b/core/chaincode/exectransaction_test.go
@@ -378,7 +378,7 @@ func chaincodeQueryChaincode(chainID string, user string) error {
 	f := "init"
 	args := util.ToChaincodeArgs(f, "a", "100", "b", "200")
 
-	spec1 := &pb.ChaincodeSpec{Type: 1, ChaincodeID: cID1, CtorMsg: &pb.ChaincodeInput{Args: args}, SecureContext: user}
+	spec1 := &pb.ChaincodeSpec{Type: 1, ChaincodeID: cID1, CtorMsg: &pb.ChaincodeInput{Args: args}}
 
 	cccid1 := NewCCContext(chainID, "example02", "0", "", false, nil)
 
@@ -399,7 +399,7 @@ func chaincodeQueryChaincode(chainID string, user string) error {
 	f = "init"
 	args = util.ToChaincodeArgs(f, "sum", "0")
 
-	spec2 := &pb.ChaincodeSpec{Type: 1, ChaincodeID: cID2, CtorMsg: &pb.ChaincodeInput{Args: args}, SecureContext: user}
+	spec2 := &pb.ChaincodeSpec{Type: 1, ChaincodeID: cID2, CtorMsg: &pb.ChaincodeInput{Args: args}}
 
 	cccid2 := NewCCContext(chainID, "example05", "0", "", false, nil)
 
@@ -417,7 +417,7 @@ func chaincodeQueryChaincode(chainID string, user string) error {
 	f = "invoke"
 	args = util.ToChaincodeArgs(f, chaincodeID1, "sum")
 
-	spec2 = &pb.ChaincodeSpec{Type: 1, ChaincodeID: cID2, CtorMsg: &pb.ChaincodeInput{Args: args}, SecureContext: user}
+	spec2 = &pb.ChaincodeSpec{Type: 1, ChaincodeID: cID2, CtorMsg: &pb.ChaincodeInput{Args: args}}
 	// Invoke chaincode
 	var retVal []byte
 	_, _, retVal, err = invoke(ctxt, chainID, spec2)
@@ -440,7 +440,7 @@ func chaincodeQueryChaincode(chainID string, user string) error {
 	f = "query"
 	args = util.ToChaincodeArgs(f, chaincodeID1, "sum")
 
-	spec2 = &pb.ChaincodeSpec{Type: 1, ChaincodeID: cID2, CtorMsg: &pb.ChaincodeInput{Args: args}, SecureContext: user}
+	spec2 = &pb.ChaincodeSpec{Type: 1, ChaincodeID: cID2, CtorMsg: &pb.ChaincodeInput{Args: args}}
 	// Invoke chaincode
 	_, _, retVal, err = invoke(ctxt, chainID, spec2)
 
@@ -687,7 +687,7 @@ func chaincodeInvokeChaincode(t *testing.T, chainID string, user string) (err er
 	f := "init"
 	args := util.ToChaincodeArgs(f, "a", "100", "b", "200")
 
-	spec1 := &pb.ChaincodeSpec{Type: 1, ChaincodeID: cID1, CtorMsg: &pb.ChaincodeInput{Args: args}, SecureContext: user}
+	spec1 := &pb.ChaincodeSpec{Type: 1, ChaincodeID: cID1, CtorMsg: &pb.ChaincodeInput{Args: args}}
 
 	cccid1 := NewCCContext(chainID, "example02", "0", "", false, nil)
 
@@ -711,7 +711,7 @@ func chaincodeInvokeChaincode(t *testing.T, chainID string, user string) (err er
 	f = "init"
 	args = util.ToChaincodeArgs(f, "e", "0")
 
-	spec2 := &pb.ChaincodeSpec{Type: 1, ChaincodeID: cID2, CtorMsg: &pb.ChaincodeInput{Args: args}, SecureContext: user}
+	spec2 := &pb.ChaincodeSpec{Type: 1, ChaincodeID: cID2, CtorMsg: &pb.ChaincodeInput{Args: args}}
 
 	cccid2 := NewCCContext(chainID, "example04", "0", "", false, nil)
 
@@ -733,7 +733,7 @@ func chaincodeInvokeChaincode(t *testing.T, chainID string, user string) (err er
 	cid := spec1.ChaincodeID.Name
 	args = util.ToChaincodeArgs(f, cid, "e", "1")
 
-	spec2 = &pb.ChaincodeSpec{Type: 1, ChaincodeID: cID2, CtorMsg: &pb.ChaincodeInput{Args: args}, SecureContext: user}
+	spec2 = &pb.ChaincodeSpec{Type: 1, ChaincodeID: cID2, CtorMsg: &pb.ChaincodeInput{Args: args}}
 	// Invoke chaincode
 	var uuid string
 	_, uuid, _, err = invoke(ctxt, chainID, spec2)

diff --git a/core/config.go b/core/config.go
@@ -16,10 +16,7 @@ limitations under the License.
 
 package core
 
-import (
-	"github.com/op/go-logging"
-	"github.com/spf13/viper"
-)
+import "github.com/op/go-logging"
 
 // See fabric/core/peer/config.go for comments on the configuration caching
 // methodology.
@@ -32,7 +29,7 @@ var securityEnabled bool
 // CacheConfiguration caches configuration settings so that reading the yaml
 // file can be avoided on future requests
 func CacheConfiguration() error {
-	securityEnabled = viper.GetBool("security.enabled")
+	securityEnabled = true
 	configurationCached = true
 	return nil
 }

diff --git a/core/endorser/endorser_test.go b/core/endorser/endorser_test.go
@@ -78,16 +78,10 @@ func initPeer(chainID string) (net.Listener, error) {
 	}
 
 	// Install security object for peer
-	if viper.GetBool("security.enabled") {
-		//TODO:  integrate new crypto / idp
-		securityLevel := viper.GetInt("security.level")
-		hashAlgorithm := viper.GetString("security.hashAlgorithm")
-		primitives.SetSecurityLevel(hashAlgorithm, securityLevel)
-	} else {
-		// the primitives need to be instantiated no matter what. Otherwise
-		// the escc code won't have a hash algorithm available to hash the proposal
-		primitives.SetSecurityLevel("SHA2", 256)
-	}
+	//TODO:  integrate new crypto / idp
+	securityLevel := viper.GetInt("security.level")
+	hashAlgorithm := viper.GetString("security.hashAlgorithm")
+	primitives.SetSecurityLevel(hashAlgorithm, securityLevel)
 
 	ccStartupTimeout := time.Duration(30000) * time.Millisecond
 	pb.RegisterChaincodeSupportServer(grpcServer, chaincode.NewChaincodeSupport(getPeerEndpoint, false, ccStartupTimeout))

diff --git a/core/peer/config.go b/core/peer/config.go
@@ -106,7 +106,7 @@ func CacheConfiguration() (err error) {
 	syncBlocksChannelSize = viper.GetInt("peer.sync.blocks.channelSize")
 	validatorEnabled = viper.GetBool("peer.validator.enabled")
 
-	securityEnabled = viper.GetBool("security.enabled")
+	securityEnabled = true
 
 	configurationCached = true
 

diff --git a/docs/Setup/Chaincode-setup.md b/docs/Setup/Chaincode-setup.md
@@ -40,16 +40,14 @@ Running the above commands builds and runs the CA server with the default setup,
 
 ### Running the validating peer
 
-**Note:** To run with security enabled, first modify the [core.yaml](https://github.com/hyperledger/fabric/blob/master/peer/core.yaml) configuration file to set the `security.enabled` value to `true` before building the peer executable. Alternatively, you can enable security by running the peer with the following environment variable: `CORE_SECURITY_ENABLED=true`. To enable privacy and confidentiality of transactions (which requires security to also be enabled), modify the [core.yaml](https://github.com/hyperledger/fabric/blob/master/peer/core.yaml) configuration file to set the `security.privacy` value to `true` as well. Alternatively, you can enable privacy by running the peer with the following environment variable: `CORE_SECURITY_PRIVACY=true`. If you are enabling security and privacy on the peer process with environment variables, it is important to include these environment variables in the command when executing all subsequent peer operations (e.g. deploy, invoke, or query).
-
 In a **new** terminal window, from the `devenv` subdirectory of your fabric workspace environment, `ssh` into Vagrant:
 
 ```
 cd $GOPATH/src/github.com/hyperledger/fabric/devenv
 vagrant ssh
 ```
 
-Build and run the peer process to enable security and privacy after setting `security.enabled` and `security.privacy` settings to `true`.
+Build and run the peer process.
 
 ```
 cd $GOPATH/src/github.com/hyperledger/fabric

diff --git a/examples/chaincode/go/asset_management/app/README.md b/examples/chaincode/go/asset_management/app/README.md