Java Code Examples for org.hyperledger.fabric.sdk.Enrollment#getCert()
The following examples show how to use
org.hyperledger.fabric.sdk.Enrollment#getCert() .
You can vote up the ones you like or vote down the ones you don't like,
and go to the original project or source file by following the links above each example. You may check out the related API usage on the sidebar.
Example 1
| Source File: ProtoUtils.java From fabric-sdk-java with Apache License 2.0 | 5 votes |
|
public static ByteString getSignatureHeaderAsByteString(User user, TransactionContext transactionContext) {
final Identities.SerializedIdentity identity = transactionContext.getSerializedIdentity();
if (isDebugLevel) {
Enrollment enrollment = user.getEnrollment();
String cert = enrollment.getCert();
logger.debug(format(" User: %s Certificate: %s", user.getName(), cert == null ? "null" : toHexString(cert.getBytes(UTF_8))));
if (enrollment instanceof X509Enrollment) {
if (null == suite) {
try {
suite = CryptoSuite.Factory.getCryptoSuite();
} catch (Exception e) {
//best try.
}
}
if (null != suite && suite instanceof CryptoPrimitives) {
CryptoPrimitives cp = (CryptoPrimitives) suite;
byte[] der = cp.certificateToDER(cert);
if (null != der && der.length > 0) {
cert = toHexString(suite.hash(der));
}
}
}
if (isDebugLevel) {
logger.debug(format("SignatureHeader: nonce: %s, User:%s, MSPID: %s, idBytes: %s",
toHexString(transactionContext.getNonce()),
user.getName(),
identity.getMspid(),
toHexString(cert)
));
}
}
return Common.SignatureHeader.newBuilder()
.setCreator(identity.toByteString())
.setNonce(transactionContext.getNonce())
.build().toByteString();
}
Example 2
| Source File: HFCAClientIT.java From fabric-sdk-java with Apache License 2.0 | 5 votes |
|
@Test
public void testRegisterAttributes() throws Exception {
if (testConfig.isRunningAgainstFabric10()) {
return; // needs v1.1
}
SampleUser user = new SampleUser("mrAttributes", TEST_ADMIN_ORG, sampleStore, crypto);
RegistrationRequest rr = new RegistrationRequest(user.getName(), TEST_USER1_AFFILIATION);
String password = "mrAttributespassword";
rr.setSecret(password);
rr.addAttribute(new Attribute("testattr1", "mrAttributesValue1"));
rr.addAttribute(new Attribute("testattr2", "mrAttributesValue2"));
rr.addAttribute(new Attribute("testattrDEFAULTATTR", "mrAttributesValueDEFAULTATTR", true));
user.setEnrollmentSecret(client.register(rr, admin));
if (!user.getEnrollmentSecret().equals(password)) {
fail("Secret returned from RegistrationRequest not match : " + user.getEnrollmentSecret());
}
EnrollmentRequest req = new EnrollmentRequest();
req.addAttrReq("testattr2").setOptional(false);
user.setEnrollment(client.enroll(user.getName(), user.getEnrollmentSecret(), req));
Enrollment enrollment = user.getEnrollment();
String cert = enrollment.getCert();
String certdec = getStringCert(cert);
assertTrue(format("Missing testattr2 in certficate decoded: %s", certdec), certdec.contains("\"testattr2\":\"mrAttributesValue2\""));
//Since request had specific attributes don't expect defaults.
assertFalse(format("Contains testattrDEFAULTATTR in certificate decoded: %s", certdec), certdec.contains("\"testattrDEFAULTATTR\"")
|| certdec.contains("\"mrAttributesValueDEFAULTATTR\""));
assertFalse(format("Contains testattr1 in certificate decoded: %s", certdec), certdec.contains("\"testattr1\"") || certdec.contains("\"mrAttributesValue1\""));
}
Example 3
| Source File: HFCAClientIT.java From fabric-sdk-java with Apache License 2.0 | 5 votes |
|
/**
* Test that we get default attributes.
*
* @throws Exception
*/
@Test
public void testRegisterAttributesDefault() throws Exception {
if (testConfig.isRunningAgainstFabric10()) {
return; // needs v1.1
}
SampleUser user = new SampleUser("mrAttributesDefault", TEST_ADMIN_ORG, sampleStore, crypto);
RegistrationRequest rr = new RegistrationRequest(user.getName(), TEST_USER1_AFFILIATION);
String password = "mrAttributespassword";
rr.setSecret(password);
rr.addAttribute(new Attribute("testattr1", "mrAttributesValue1"));
rr.addAttribute(new Attribute("testattr2", "mrAttributesValue2"));
rr.addAttribute(new Attribute("testattrDEFAULTATTR", "mrAttributesValueDEFAULTATTR", true));
user.setEnrollmentSecret(client.register(rr, admin));
if (!user.getEnrollmentSecret().equals(password)) {
fail("Secret returned from RegistrationRequest not match : " + user.getEnrollmentSecret());
}
user.setEnrollment(client.enroll(user.getName(), user.getEnrollmentSecret()));
Enrollment enrollment = user.getEnrollment();
String cert = enrollment.getCert();
String certdec = getStringCert(cert);
assertTrue(format("Missing testattrDEFAULTATTR in certficate decoded: %s", certdec), certdec.contains("\"testattrDEFAULTATTR\":\"mrAttributesValueDEFAULTATTR\""));
//Since request and no attribute requests at all defaults should be in certificate.
assertFalse(format("Contains testattr1 in certificate decoded: %s", certdec), certdec.contains("\"testattr1\"") || certdec.contains("\"mrAttributesValue1\""));
assertFalse(format("Contains testattr2 in certificate decoded: %s", certdec), certdec.contains("\"testattr2\"") || certdec.contains("\"mrAttributesValue2\""));
}
Example 4
| Source File: HFCAClientIT.java From fabric-sdk-java with Apache License 2.0 | 5 votes |
|
/**
* Test that we get no attributes.
*
* @throws Exception
*/
@Test
public void testRegisterAttributesNONE() throws Exception {
SampleUser user = new SampleUser("mrAttributesNone", TEST_ADMIN_ORG, sampleStore, crypto);
RegistrationRequest rr = new RegistrationRequest(user.getName(), TEST_USER1_AFFILIATION);
String password = "mrAttributespassword";
rr.setSecret(password);
rr.addAttribute(new Attribute("testattr1", "mrAttributesValue1"));
rr.addAttribute(new Attribute("testattr2", "mrAttributesValue2"));
rr.addAttribute(new Attribute("testattrDEFAULTATTR", "mrAttributesValueDEFAULTATTR", true));
user.setEnrollmentSecret(client.register(rr, admin));
if (!user.getEnrollmentSecret().equals(password)) {
fail("Secret returned from RegistrationRequest not match : " + user.getEnrollmentSecret());
}
EnrollmentRequest req = new EnrollmentRequest();
req.addAttrReq(); // empty ensure no attributes.
user.setEnrollment(client.enroll(user.getName(), user.getEnrollmentSecret(), req));
Enrollment enrollment = user.getEnrollment();
String cert = enrollment.getCert();
String certdec = getStringCert(cert);
assertFalse(format("Contains testattrDEFAULTATTR in certificate decoded: %s", certdec),
certdec.contains("\"testattrDEFAULTATTR\"") || certdec.contains("\"mrAttributesValueDEFAULTATTR\""));
assertFalse(format("Contains testattr1 in certificate decoded: %s", certdec), certdec.contains("\"testattr1\"") || certdec.contains("\"mrAttributesValue1\""));
assertFalse(format("Contains testattr2 in certificate decoded: %s", certdec), certdec.contains("\"testattr2\"") || certdec.contains("\"mrAttributesValue2\""));
}
Example 5
| Source File: HFCAClientIT.java From fabric-sdk-java with Apache License 2.0 | 5 votes |
|
@Test
public void testReenrollAndRevoke() throws Exception {
SampleUser user = getTestUser(TEST_ADMIN_ORG);
if (!user.isRegistered()) { // users need to be registered AND enrolled
RegistrationRequest rr = new RegistrationRequest(user.getName(), TEST_USER1_AFFILIATION);
String password = "testReenrollAndRevoke";
rr.setSecret(password);
user.setEnrollmentSecret(client.register(rr, admin));
if (!user.getEnrollmentSecret().equals(password)) {
fail("Secret returned from RegistrationRequest not match : " + user.getEnrollmentSecret());
}
}
if (!user.isEnrolled()) {
user.setEnrollment(client.enroll(user.getName(), user.getEnrollmentSecret()));
}
sleepALittle();
// get another enrollment
EnrollmentRequest req = new EnrollmentRequest(DEFAULT_PROFILE_NAME, "label 1", null);
req.addHost("example1.ibm.com");
req.addHost("example2.ibm.com");
Enrollment tmpEnroll = client.reenroll(user, req);
// verify
String cert = tmpEnroll.getCert();
verifyOptions(cert, req);
sleepALittle();
// revoke one enrollment of this user
client.revoke(admin, tmpEnroll, "remove user 2");
// trying to reenroll should be ok (revocation above is only for a particular enrollment of this user)
client.reenroll(user);
}
Example 6
| Source File: End2endLifecycleIT.java From fabric-sdk-java with Apache License 2.0 | 4 votes |
|
/**
* Will register and enroll users persisting them to samplestore.
*
* @param sampleStore
* @throws Exception
*/
public void enrollUsersSetup(SampleStore sampleStore) throws Exception {
////////////////////////////
//Set up USERS
//SampleUser can be any implementation that implements org.hyperledger.fabric.sdk.User Interface
////////////////////////////
// get users for all orgs
out("***** Enrolling Users *****");
for (SampleOrg sampleOrg : testSampleOrgs) {
HFCAClient ca = sampleOrg.getCAClient();
final String orgName = sampleOrg.getName();
final String mspid = sampleOrg.getMSPID();
ca.setCryptoSuite(CryptoSuite.Factory.getCryptoSuite());
if (testConfig.isRunningFabricTLS()) {
//This shows how to get a client TLS certificate from Fabric CA
// we will use one client TLS certificate for orderer peers etc.
final EnrollmentRequest enrollmentRequestTLS = new EnrollmentRequest();
enrollmentRequestTLS.addHost("localhost");
enrollmentRequestTLS.setProfile("tls");
final Enrollment enroll = ca.enroll("admin", "adminpw", enrollmentRequestTLS);
final String tlsCertPEM = enroll.getCert();
final String tlsKeyPEM = getPEMStringFromPrivateKey(enroll.getKey());
final Properties tlsProperties = new Properties();
tlsProperties.put("clientKeyBytes", tlsKeyPEM.getBytes(UTF_8));
tlsProperties.put("clientCertBytes", tlsCertPEM.getBytes(UTF_8));
clientTLSProperties.put(sampleOrg.getName(), tlsProperties);
//Save in samplestore for follow on tests.
sampleStore.storeClientPEMTLCertificate(sampleOrg, tlsCertPEM);
sampleStore.storeClientPEMTLSKey(sampleOrg, tlsKeyPEM);
}
HFCAInfo info = ca.info(); //just check if we connect at all.
assertNotNull(info);
String infoName = info.getCAName();
if (infoName != null && !infoName.isEmpty()) {
assertEquals(ca.getCAName(), infoName);
}
SampleUser admin = sampleStore.getMember(TEST_ADMIN_NAME, orgName);
if (!admin.isEnrolled()) { //Preregistered admin only needs to be enrolled with Fabric caClient.
admin.setEnrollment(ca.enroll(admin.getName(), "adminpw"));
admin.setMspId(mspid);
}
SampleUser user = sampleStore.getMember(testUser1, sampleOrg.getName());
if (!user.isRegistered()) { // users need to be registered AND enrolled
RegistrationRequest rr = new RegistrationRequest(user.getName(), "org1.department1");
user.setEnrollmentSecret(ca.register(rr, admin));
}
if (!user.isEnrolled()) {
user.setEnrollment(ca.enroll(user.getName(), user.getEnrollmentSecret()));
user.setMspId(mspid);
}
final String sampleOrgName = sampleOrg.getName();
final String sampleOrgDomainName = sampleOrg.getDomainName();
SampleUser peerOrgAdmin = sampleStore.getMember(sampleOrgName + "Admin", sampleOrgName, sampleOrg.getMSPID(),
Util.findFileSk(Paths.get(testConfig.getTestChannelPath(), "crypto-config/peerOrganizations/",
sampleOrgDomainName, format("/users/Admin@%s/msp/keystore", sampleOrgDomainName)).toFile()),
Paths.get(testConfig.getTestChannelPath(), "crypto-config/peerOrganizations/", sampleOrgDomainName,
format("/users/Admin@%s/msp/signcerts/Admin@%s-cert.pem", sampleOrgDomainName, sampleOrgDomainName)).toFile());
sampleOrg.setPeerAdmin(peerOrgAdmin); //A special user that can create channels, join peers and install chaincode
sampleOrg.addUser(user);
sampleOrg.setAdmin(admin); // The admin of this org --
}
}
Example 7
| Source File: End2endMTIT.java From fabric-sdk-java with Apache License 2.0 | 4 votes |
|
/**
* Will register and enroll users persisting them to samplestore.
*
* @param sampleStore
* @throws Exception
*/
public void enrollUsersSetup(SampleStore sampleStore) throws Exception {
////////////////////////////
//Set up USERS
//SampleUser can be any implementation that implements org.hyperledger.fabric.sdk.User Interface
////////////////////////////
// get users for all orgs
for (SampleOrg sampleOrg : testSampleOrgs) {
HFCAClient ca = sampleOrg.getCAClient();
final String orgName = sampleOrg.getName();
final String mspid = sampleOrg.getMSPID();
ca.setCryptoSuite(CryptoSuite.Factory.getCryptoSuite());
if (testConfig.isRunningFabricTLS()) {
//This shows how to get a client TLS certificate from Fabric CA
// we will use one client TLS certificate for orderer peers etc.
final EnrollmentRequest enrollmentRequestTLS = new EnrollmentRequest();
enrollmentRequestTLS.addHost("localhost");
enrollmentRequestTLS.setProfile("tls");
final Enrollment enroll = ca.enroll("admin", "adminpw", enrollmentRequestTLS);
final String tlsCertPEM = enroll.getCert();
final String tlsKeyPEM = getPEMStringFromPrivateKey(enroll.getKey());
final Properties tlsProperties = new Properties();
tlsProperties.put("clientKeyBytes", tlsKeyPEM.getBytes(UTF_8));
tlsProperties.put("clientCertBytes", tlsCertPEM.getBytes(UTF_8));
clientTLSProperties.put(sampleOrg.getName(), tlsProperties);
//Save in samplestore for follow on tests.
sampleStore.storeClientPEMTLCertificate(sampleOrg, tlsCertPEM);
sampleStore.storeClientPEMTLSKey(sampleOrg, tlsKeyPEM);
}
HFCAInfo info = ca.info(); //just check if we connect at all.
assertNotNull(info);
String infoName = info.getCAName();
if (infoName != null && !infoName.isEmpty()) {
assertEquals(ca.getCAName(), infoName);
}
SampleUser admin = sampleStore.getMember(TEST_ADMIN_NAME, orgName);
if (!admin.isEnrolled()) { //Preregistered admin only needs to be enrolled with Fabric caClient.
admin.setEnrollment(ca.enroll(admin.getName(), "adminpw"));
admin.setMspId(mspid);
}
sampleOrg.setAdmin(admin); // The admin of this org --
SampleUser user = sampleStore.getMember(TESTUSER_1_NAME, sampleOrg.getName());
if (!user.isRegistered()) { // users need to be registered AND enrolled
RegistrationRequest rr = new RegistrationRequest(user.getName(), "org1.department1");
user.setEnrollmentSecret(ca.register(rr, admin));
}
if (!user.isEnrolled()) {
user.setEnrollment(ca.enroll(user.getName(), user.getEnrollmentSecret()));
user.setMspId(mspid);
}
sampleOrg.addUser(user); //Remember user belongs to this Org
final String sampleOrgName = sampleOrg.getName();
final String sampleOrgDomainName = sampleOrg.getDomainName();
// src/test/fixture/sdkintegration/e2e-2Orgs/channel/crypto-config/peerOrganizations/org1.example.com/users/[email protected]/msp/keystore/
SampleUser peerOrgAdmin = sampleStore.getMember(sampleOrgName + "Admin", sampleOrgName, sampleOrg.getMSPID(),
Util.findFileSk(Paths.get(testConfig.getTestChannelPath(), "crypto-config/peerOrganizations/",
sampleOrgDomainName, format("/users/Admin@%s/msp/keystore", sampleOrgDomainName)).toFile()),
Paths.get(testConfig.getTestChannelPath(), "crypto-config/peerOrganizations/", sampleOrgDomainName,
format("/users/Admin@%s/msp/signcerts/Admin@%s-cert.pem", sampleOrgDomainName, sampleOrgDomainName)).toFile());
sampleOrg.setPeerAdmin(peerOrgAdmin); //A special user that can create channels, join peers and install chaincode
}
}
Example 8
| Source File: End2endIdemixIT.java From fabric-sdk-java with Apache License 2.0 | 4 votes |
|
public void enrollIdemixUser(SampleStore sampleStore) throws Exception {
for (SampleOrg sampleOrg : testSampleOrgs) {
HFCAClient ca = sampleOrg.getCAClient();
final String orgName = sampleOrg.getName();
final String mspid = sampleOrg.getMSPID();
ca.setCryptoSuite(CryptoSuite.Factory.getCryptoSuite());
if (testConfig.isRunningFabricTLS()) {
//This shows how to get a client TLS certificate from Fabric CA
// we will use one client TLS certificate for orderer peers etc.
final EnrollmentRequest enrollmentRequestTLS = new EnrollmentRequest();
enrollmentRequestTLS.addHost("localhost");
enrollmentRequestTLS.setProfile("tls");
final Enrollment enroll = ca.enroll("admin", "adminpw", enrollmentRequestTLS);
final String tlsCertPEM = enroll.getCert();
final String tlsKeyPEM = getPEMStringFromPrivateKey(enroll.getKey());
final Properties tlsProperties = new Properties();
tlsProperties.put("clientKeyBytes", tlsKeyPEM.getBytes(UTF_8));
tlsProperties.put("clientCertBytes", tlsCertPEM.getBytes(UTF_8));
clientTLSProperties.put(sampleOrg.getName(), tlsProperties);
//Save in samplestore for follow on tests.
sampleStore.storeClientPEMTLCertificate(sampleOrg, tlsCertPEM);
sampleStore.storeClientPEMTLSKey(sampleOrg, tlsKeyPEM);
}
HFCAInfo info = ca.info(); //just check if we connect at all.
assertNotNull(info);
String infoName = info.getCAName();
if (infoName != null && !infoName.isEmpty()) {
assertEquals(ca.getCAName(), infoName);
}
SampleUser admin = sampleStore.getMember(TEST_ADMIN_NAME, orgName);
SampleUser idemixUser = sampleStore.getMember(testUser1, sampleOrg.getName());
if (!idemixUser.isRegistered()) { // users need to be registered AND enrolled
RegistrationRequest rr = new RegistrationRequest(idemixUser.getName(), "org1.department1");
idemixUser.setEnrollmentSecret(ca.register(rr, admin));
}
if (!idemixUser.isEnrolled()) {
idemixUser.setEnrollment(ca.enroll(idemixUser.getName(), idemixUser.getEnrollmentSecret()));
idemixUser.setMspId(mspid);
}
// If running version 1.3, then get Idemix credential
if (testConfig.isFabricVersionAtOrAfter("1.3")) {
String mspID = "idemixMSPID1";
if (sampleOrg.getName().contains("Org2")) {
mspID = "idemixMSPID2";
}
idemixUser.setIdemixEnrollment(ca.idemixEnroll(idemixUser.getEnrollment(), mspID));
}
sampleOrg.addUser(idemixUser);
}
}
Example 9
| Source File: End2endIT.java From fabric-sdk-java with Apache License 2.0 | 4 votes |
|
/**
* Will register and enroll users persisting them to samplestore.
*
* @param sampleStore
* @throws Exception
*/
public void enrollUsersSetup(SampleStore sampleStore) throws Exception {
////////////////////////////
//Set up USERS
//SampleUser can be any implementation that implements org.hyperledger.fabric.sdk.User Interface
////////////////////////////
// get users for all orgs
out("***** Enrolling Users *****");
for (SampleOrg sampleOrg : testSampleOrgs) {
HFCAClient ca = sampleOrg.getCAClient();
final String orgName = sampleOrg.getName();
final String mspid = sampleOrg.getMSPID();
ca.setCryptoSuite(CryptoSuite.Factory.getCryptoSuite());
if (testConfig.isRunningFabricTLS()) {
//This shows how to get a client TLS certificate from Fabric CA
// we will use one client TLS certificate for orderer peers etc.
final EnrollmentRequest enrollmentRequestTLS = new EnrollmentRequest();
enrollmentRequestTLS.addHost("localhost");
enrollmentRequestTLS.setProfile("tls");
final Enrollment enroll = ca.enroll("admin", "adminpw", enrollmentRequestTLS);
final String tlsCertPEM = enroll.getCert();
final String tlsKeyPEM = getPEMStringFromPrivateKey(enroll.getKey());
final Properties tlsProperties = new Properties();
tlsProperties.put("clientKeyBytes", tlsKeyPEM.getBytes(UTF_8));
tlsProperties.put("clientCertBytes", tlsCertPEM.getBytes(UTF_8));
clientTLSProperties.put(sampleOrg.getName(), tlsProperties);
//Save in samplestore for follow on tests.
sampleStore.storeClientPEMTLCertificate(sampleOrg, tlsCertPEM);
sampleStore.storeClientPEMTLSKey(sampleOrg, tlsKeyPEM);
}
HFCAInfo info = ca.info(); //just check if we connect at all.
assertNotNull(info);
String infoName = info.getCAName();
if (infoName != null && !infoName.isEmpty()) {
assertEquals(ca.getCAName(), infoName);
}
SampleUser admin = sampleStore.getMember(TEST_ADMIN_NAME, orgName);
if (!admin.isEnrolled()) { //Preregistered admin only needs to be enrolled with Fabric caClient.
admin.setEnrollment(ca.enroll(admin.getName(), "adminpw"));
admin.setMspId(mspid);
}
SampleUser user = sampleStore.getMember(testUser1, sampleOrg.getName());
if (!user.isRegistered()) { // users need to be registered AND enrolled
RegistrationRequest rr = new RegistrationRequest(user.getName(), "org1.department1");
user.setEnrollmentSecret(ca.register(rr, admin));
}
if (!user.isEnrolled()) {
user.setEnrollment(ca.enroll(user.getName(), user.getEnrollmentSecret()));
user.setMspId(mspid);
}
final String sampleOrgName = sampleOrg.getName();
final String sampleOrgDomainName = sampleOrg.getDomainName();
SampleUser peerOrgAdmin = sampleStore.getMember(sampleOrgName + "Admin", sampleOrgName, sampleOrg.getMSPID(),
Util.findFileSk(Paths.get(testConfig.getTestChannelPath(), "crypto-config/peerOrganizations/",
sampleOrgDomainName, format("/users/Admin@%s/msp/keystore", sampleOrgDomainName)).toFile()),
Paths.get(testConfig.getTestChannelPath(), "crypto-config/peerOrganizations/", sampleOrgDomainName,
format("/users/Admin@%s/msp/signcerts/Admin@%s-cert.pem", sampleOrgDomainName, sampleOrgDomainName)).toFile());
sampleOrg.setPeerAdmin(peerOrgAdmin); //A special user that can create channels, join peers and install chaincode
sampleOrg.addUser(user);
sampleOrg.setAdmin(admin); // The admin of this org --
}
}
