org.hyperledger.fabric.sdk.Enrollment Java Examples

@Test
public void testGetIdemixCred() throws Exception {
    if (testConfig.isFabricVersionBefore("1.3")) {
        return; // needs v1.3
    }

    SampleUser user = getTestUser(TEST_ADMIN_ORG);
    RegistrationRequest rr = new RegistrationRequest(user.getName(), TEST_USER1_AFFILIATION);
    String password = "password";
    rr.setSecret(password);
    user.setEnrollmentSecret(client.register(rr, admin));
    user.setEnrollment(client.enroll(user.getName(), user.getEnrollmentSecret()));

    Enrollment enrollment = client.idemixEnroll(user.getEnrollment(), "idemixMsp");
    assertNotNull(enrollment);
    assertTrue(enrollment instanceof IdemixEnrollment);
}
 

@Test
public void testReenrollAndRevoke() throws Exception {

    SampleUser user = getTestUser(TEST_ADMIN_ORG);

    if (!user.isRegistered()) { // users need to be registered AND enrolled
        RegistrationRequest rr = new RegistrationRequest(user.getName(), TEST_USER1_AFFILIATION);
        String password = "testReenrollAndRevoke";
        rr.setSecret(password);
        user.setEnrollmentSecret(client.register(rr, admin));
        if (!user.getEnrollmentSecret().equals(password)) {
            fail("Secret returned from RegistrationRequest not match : " + user.getEnrollmentSecret());
        }
    }
    if (!user.isEnrolled()) {
        user.setEnrollment(client.enroll(user.getName(), user.getEnrollmentSecret()));
    }

    sleepALittle();

    // get another enrollment
    EnrollmentRequest req = new EnrollmentRequest(DEFAULT_PROFILE_NAME, "label 1", null);
    req.addHost("example1.ibm.com");
    req.addHost("example2.ibm.com");
    Enrollment tmpEnroll = client.reenroll(user, req);

    // verify
    String cert = tmpEnroll.getCert();
    verifyOptions(cert, req);

    sleepALittle();

    // revoke one enrollment of this user
    client.revoke(admin, tmpEnroll, "remove user 2");

    // trying to reenroll should be ok (revocation above is only for a particular enrollment of this user)
    client.reenroll(user);

}
 

@Test
public void testIdemixWrongEnrollment() throws Exception {

    thrown.expect(InvalidArgumentException.class);
    thrown.expectMessage("enrollment type must be x509");

    HFCAClient client = HFCAClient.createNewInstance("client", "http://localhost:99", null);
    client.setCryptoSuite(crypto);
    Enrollment enrollment = new IdemixEnrollment(null, null, "mspid", null, null, null, "ou", (Integer) TestUtils.getField(IdemixRoles.MEMBER, "value"));
    client.idemixEnroll(enrollment, "mspid");
}
 

@Test
public void testIdemixMissingMSPID() throws Exception {

    thrown.expect(InvalidArgumentException.class);
    thrown.expectMessage("mspID cannot be null or empty");

    HFCAClient client = HFCAClient.createNewInstance("client", "http://localhost:99", null);
    client.setCryptoSuite(crypto);
    KeyPairGenerator keyGen = KeyPairGenerator.getInstance("ECDSA");
    KeyPair pair = keyGen.generateKeyPair();
    Enrollment enrollment = new X509Enrollment(pair, "");
    client.idemixEnroll(enrollment, null);
}
 

@Test
public void testRevoke1NullEnrollment() throws Exception {

    thrown.expect(InvalidArgumentException.class);
    thrown.expectMessage("revokee enrollment is not set");

    HFCAClient client = HFCAClient.createNewInstance("client", "http://localhost:99", null);
    client.setCryptoSuite(crypto);
    client.revoke(admin, (Enrollment) null, "keyCompromise");
}
 

@Test
public void testRevoke1NullUser() throws Exception {

    thrown.expect(InvalidArgumentException.class);
    thrown.expectMessage("revoker is not set");

    HFCAClient client = HFCAClient.createNewInstance("client", "http://localhost:99", null);
    client.setCryptoSuite(crypto);
    KeyPair keypair = crypto.keyGen();
    Enrollment enrollment = new X509Enrollment(keypair, "abc");

    client.revoke(null, enrollment, "keyCompromise");
}
 

@Test
public void testRevoke1Exception() throws Exception {

    thrown.expect(RevocationException.class);
    thrown.expectMessage("Error while revoking cert");

    HFCAClient client = HFCAClient.createNewInstance("client", "http://localhost:99", null);
    client.setCryptoSuite(crypto);
    KeyPair keypair = crypto.keyGen();
    Enrollment enrollment = new X509Enrollment(keypair, "abc");

    client.revoke(admin, enrollment, "keyCompromise");
}
 

/**
 * Enroll user.
 * 
 * @param user
 * @param secret
 * @return
 * @throws Exception
 */
public UserContext enrollUser(UserContext user, String secret) throws Exception {
	UserContext userContext = Util.readUserContext(adminContext.getAffiliation(), user.getName());
	if (userContext != null) {
		Logger.getLogger(CAClient.class.getName()).log(Level.WARNING, "CA -" + caUrl + " User " + user.getName()+" is already enrolled");
		return userContext;
	}
	Enrollment enrollment = instance.enroll(user.getName(), secret);
	user.setEnrollment(enrollment);
	Util.writeUserContext(user);
	Logger.getLogger(CAClient.class.getName()).log(Level.INFO, "CA -" + caUrl +" Enrolled User - " + user.getName());
	return user;
}
 

/**
 * Enroll admin user.
 * 
 * @param username
 * @param password
 * @return
 * @throws Exception
 */
public UserContext enrollAdminUser(String username, String password) throws Exception {
	UserContext userContext = Util.readUserContext(adminContext.getAffiliation(), username);
	if (userContext != null) {
		Logger.getLogger(CAClient.class.getName()).log(Level.WARNING, "CA -" + caUrl + " admin is already enrolled.");
		return userContext;
	}
	Enrollment adminEnrollment = instance.enroll(username, password);
	adminContext.setEnrollment(adminEnrollment);
	Logger.getLogger(CAClient.class.getName()).log(Level.INFO, "CA -" + caUrl + " Enrolled Admin.");
	Util.writeUserContext(adminContext);
	return adminContext;
}
 

/**
 * Test that we get no attributes.
 *
 * @throws Exception
 */
@Test
public void testRegisterAttributesNONE() throws Exception {
    SampleUser user = new SampleUser("mrAttributesNone", TEST_ADMIN_ORG, sampleStore, crypto);

    RegistrationRequest rr = new RegistrationRequest(user.getName(), TEST_USER1_AFFILIATION);
    String password = "mrAttributespassword";
    rr.setSecret(password);

    rr.addAttribute(new Attribute("testattr1", "mrAttributesValue1"));
    rr.addAttribute(new Attribute("testattr2", "mrAttributesValue2"));
    rr.addAttribute(new Attribute("testattrDEFAULTATTR", "mrAttributesValueDEFAULTATTR", true));
    user.setEnrollmentSecret(client.register(rr, admin));
    if (!user.getEnrollmentSecret().equals(password)) {
        fail("Secret returned from RegistrationRequest not match : " + user.getEnrollmentSecret());
    }

    EnrollmentRequest req = new EnrollmentRequest();
    req.addAttrReq(); // empty ensure no attributes.

    user.setEnrollment(client.enroll(user.getName(), user.getEnrollmentSecret(), req));

    Enrollment enrollment = user.getEnrollment();
    String cert = enrollment.getCert();

    String certdec = getStringCert(cert);

    assertFalse(format("Contains testattrDEFAULTATTR in certificate decoded: %s", certdec),
            certdec.contains("\"testattrDEFAULTATTR\"") || certdec.contains("\"mrAttributesValueDEFAULTATTR\""));
    assertFalse(format("Contains testattr1 in certificate decoded: %s", certdec), certdec.contains("\"testattr1\"") || certdec.contains("\"mrAttributesValue1\""));
    assertFalse(format("Contains testattr2 in certificate decoded: %s", certdec), certdec.contains("\"testattr2\"") || certdec.contains("\"mrAttributesValue2\""));

}
 

@Test
public void testEnrollAndRegisterUser() throws ClassNotFoundException, SQLException, java.lang.Exception {
    String configPath = "src/test/resources/blockchain-query";
    Class.forName("com.impetus.fabric.jdbc.FabricDriver");
    QueryBlock qb = new QueryBlock(configPath,"mychannel", "test", "testpw");
    HyperUser mockuser = mock(HyperUser.class);
    when(mockuser.isEnrolled()).thenReturn(true);
    Store mockStore = mock(Store.class);
    PowerMockito.whenNew(Store.class).withAnyArguments().thenReturn(mockStore);
    PowerMockito.mockStatic(HFCAClient.class);
    when(HFCAClient.createNewInstance(anyString(), any())).thenReturn(mockCA);
    Enrollment enrollment = mock(Enrollment.class);
    when(mockCA.enroll(anyString(), anyString())).thenReturn(enrollment);
    qb.enroll();
}
 

/**
 * Test that we get default attributes.
 *
 * @throws Exception
 */
@Test
public void testRegisterAttributesDefault() throws Exception {

    if (testConfig.isRunningAgainstFabric10()) {
        return; // needs v1.1
    }

    SampleUser user = new SampleUser("mrAttributesDefault", TEST_ADMIN_ORG, sampleStore, crypto);

    RegistrationRequest rr = new RegistrationRequest(user.getName(), TEST_USER1_AFFILIATION);
    String password = "mrAttributespassword";
    rr.setSecret(password);

    rr.addAttribute(new Attribute("testattr1", "mrAttributesValue1"));
    rr.addAttribute(new Attribute("testattr2", "mrAttributesValue2"));
    rr.addAttribute(new Attribute("testattrDEFAULTATTR", "mrAttributesValueDEFAULTATTR", true));
    user.setEnrollmentSecret(client.register(rr, admin));
    if (!user.getEnrollmentSecret().equals(password)) {
        fail("Secret returned from RegistrationRequest not match : " + user.getEnrollmentSecret());
    }

    user.setEnrollment(client.enroll(user.getName(), user.getEnrollmentSecret()));

    Enrollment enrollment = user.getEnrollment();
    String cert = enrollment.getCert();

    String certdec = getStringCert(cert);

    assertTrue(format("Missing testattrDEFAULTATTR in certficate decoded: %s", certdec), certdec.contains("\"testattrDEFAULTATTR\":\"mrAttributesValueDEFAULTATTR\""));
    //Since request and no attribute requests at all defaults should be in certificate.

    assertFalse(format("Contains testattr1 in certificate decoded: %s", certdec), certdec.contains("\"testattr1\"") || certdec.contains("\"mrAttributesValue1\""));
    assertFalse(format("Contains testattr2 in certificate decoded: %s", certdec), certdec.contains("\"testattr2\"") || certdec.contains("\"mrAttributesValue2\""));

}
 

@Test
public void testRegisterAttributes() throws Exception {

    if (testConfig.isRunningAgainstFabric10()) {
        return; // needs v1.1
    }

    SampleUser user = new SampleUser("mrAttributes", TEST_ADMIN_ORG, sampleStore, crypto);

    RegistrationRequest rr = new RegistrationRequest(user.getName(), TEST_USER1_AFFILIATION);
    String password = "mrAttributespassword";
    rr.setSecret(password);

    rr.addAttribute(new Attribute("testattr1", "mrAttributesValue1"));
    rr.addAttribute(new Attribute("testattr2", "mrAttributesValue2"));
    rr.addAttribute(new Attribute("testattrDEFAULTATTR", "mrAttributesValueDEFAULTATTR", true));
    user.setEnrollmentSecret(client.register(rr, admin));
    if (!user.getEnrollmentSecret().equals(password)) {
        fail("Secret returned from RegistrationRequest not match : " + user.getEnrollmentSecret());
    }
    EnrollmentRequest req = new EnrollmentRequest();
    req.addAttrReq("testattr2").setOptional(false);

    user.setEnrollment(client.enroll(user.getName(), user.getEnrollmentSecret(), req));

    Enrollment enrollment = user.getEnrollment();
    String cert = enrollment.getCert();
    String certdec = getStringCert(cert);

    assertTrue(format("Missing testattr2 in certficate decoded: %s", certdec), certdec.contains("\"testattr2\":\"mrAttributesValue2\""));
    //Since request had specific attributes don't expect defaults.
    assertFalse(format("Contains testattrDEFAULTATTR in certificate decoded: %s", certdec), certdec.contains("\"testattrDEFAULTATTR\"")
            || certdec.contains("\"mrAttributesValueDEFAULTATTR\""));
    assertFalse(format("Contains testattr1 in certificate decoded: %s", certdec), certdec.contains("\"testattr1\"") || certdec.contains("\"mrAttributesValue1\""));

}
 

String getHTTPAuthCertificate(Enrollment enrollment, String method, String url, String body) throws Exception {
    Base64.Encoder b64 = Base64.getEncoder();
    String cert = b64.encodeToString(enrollment.getCert().getBytes(UTF_8));
    body = b64.encodeToString(body.getBytes(UTF_8));
    String signString;
    // Cache the version, so don't need to make info call everytime the same client is used
    if (newPayloadType == null) {
        newPayloadType = true;

        // If CA version is less than 1.4.0, use old payload
        String caVersion = info().getVersion();
        logger.info(format("CA Version: %s", caVersion));

        if (Utils.isNullOrEmpty(caVersion)) {
            newPayloadType = false;
        }

        String version = caVersion + ".";
        if (version.startsWith("1.1.") || version.startsWith("1.2.") || version.startsWith("1.3.")) {
            newPayloadType = false;
        }
    }

    if (newPayloadType) {
        url = addCAToURL(url);
        String file = b64.encodeToString(new URL(url).getFile().getBytes(UTF_8));
        signString = method + "." + file + "." + body + "." + cert;
    } else {
        signString = body + "." + cert;
    }

    byte[] signature = cryptoSuite.sign(enrollment.getKey(), signString.getBytes(UTF_8));
    return cert + "." + b64.encodeToString(signature);
}
 

public static ByteString getSignatureHeaderAsByteString(User user, TransactionContext transactionContext) {
    final Identities.SerializedIdentity identity = transactionContext.getSerializedIdentity();

    if (isDebugLevel) {
        Enrollment enrollment = user.getEnrollment();
        String cert = enrollment.getCert();
        logger.debug(format(" User: %s Certificate: %s", user.getName(), cert == null ? "null" : toHexString(cert.getBytes(UTF_8))));

        if (enrollment instanceof X509Enrollment) {
            if (null == suite) {
                try {
                    suite = CryptoSuite.Factory.getCryptoSuite();
                } catch (Exception e) {
                    //best try.
                }
            }
            if (null != suite && suite instanceof CryptoPrimitives) {
                CryptoPrimitives cp = (CryptoPrimitives) suite;
                byte[] der = cp.certificateToDER(cert);
                if (null != der && der.length > 0) {
                    cert = toHexString(suite.hash(der));
                }
            }
        }

        if (isDebugLevel) {
            logger.debug(format("SignatureHeader: nonce: %s, User:%s, MSPID: %s, idBytes: %s",
                    toHexString(transactionContext.getNonce()),
                    user.getName(),
                    identity.getMspid(),
                    toHexString(cert)
            ));
        }
    }

    return Common.SignatureHeader.newBuilder()
            .setCreator(identity.toByteString())
            .setNonce(transactionContext.getNonce())
            .build().toByteString();
}
 

public static SigningIdentity getSigningIdentity(CryptoSuite cryptoSuite, User user) {
    Enrollment enrollment = user.getEnrollment();

    try {
        if (enrollment instanceof IdemixEnrollment) { // Need Idemix signer for this.
            return new IdemixSigningIdentity((IdemixEnrollment) enrollment);
        } else { // for now all others are x509
            return new X509SigningIdentity(cryptoSuite, user);
        }

    } catch (Exception e) {
        throw new IllegalStateException(e.getMessage(), e);
    }
}
 

/**
 * Will register and enroll users persisting them to samplestore.
 *
 * @param sampleStore
 * @throws Exception
 */
public void enrollUsersSetup(SampleStore sampleStore) throws Exception {
    ////////////////////////////
    //Set up USERS

    //SampleUser can be any implementation that implements org.hyperledger.fabric.sdk.User Interface

    ////////////////////////////
    // get users for all orgs

    for (SampleOrg sampleOrg : testSampleOrgs) {

        HFCAClient ca = sampleOrg.getCAClient();

        final String orgName = sampleOrg.getName();
        final String mspid = sampleOrg.getMSPID();
        ca.setCryptoSuite(CryptoSuite.Factory.getCryptoSuite());

        if (testConfig.isRunningFabricTLS()) {
            //This shows how to get a client TLS certificate from Fabric CA
            // we will use one client TLS certificate for orderer peers etc.
            final EnrollmentRequest enrollmentRequestTLS = new EnrollmentRequest();
            enrollmentRequestTLS.addHost("localhost");
            enrollmentRequestTLS.setProfile("tls");
            final Enrollment enroll = ca.enroll("admin", "adminpw", enrollmentRequestTLS);
            final String tlsCertPEM = enroll.getCert();
            final String tlsKeyPEM = getPEMStringFromPrivateKey(enroll.getKey());

            final Properties tlsProperties = new Properties();

            tlsProperties.put("clientKeyBytes", tlsKeyPEM.getBytes(UTF_8));
            tlsProperties.put("clientCertBytes", tlsCertPEM.getBytes(UTF_8));
            clientTLSProperties.put(sampleOrg.getName(), tlsProperties);
            //Save in samplestore for follow on tests.
            sampleStore.storeClientPEMTLCertificate(sampleOrg, tlsCertPEM);
            sampleStore.storeClientPEMTLSKey(sampleOrg, tlsKeyPEM);
        }

        HFCAInfo info = ca.info(); //just check if we connect at all.
        assertNotNull(info);
        String infoName = info.getCAName();
        if (infoName != null && !infoName.isEmpty()) {
            assertEquals(ca.getCAName(), infoName);
        }

        SampleUser admin = sampleStore.getMember(TEST_ADMIN_NAME, orgName);
        if (!admin.isEnrolled()) {  //Preregistered admin only needs to be enrolled with Fabric caClient.
            admin.setEnrollment(ca.enroll(admin.getName(), "adminpw"));
            admin.setMspId(mspid);
        }

        sampleOrg.setAdmin(admin); // The admin of this org --

        SampleUser user = sampleStore.getMember(TESTUSER_1_NAME, sampleOrg.getName());
        if (!user.isRegistered()) {  // users need to be registered AND enrolled
            RegistrationRequest rr = new RegistrationRequest(user.getName(), "org1.department1");
            user.setEnrollmentSecret(ca.register(rr, admin));
        }
        if (!user.isEnrolled()) {
            user.setEnrollment(ca.enroll(user.getName(), user.getEnrollmentSecret()));
            user.setMspId(mspid);
        }
        sampleOrg.addUser(user); //Remember user belongs to this Org

        final String sampleOrgName = sampleOrg.getName();
        final String sampleOrgDomainName = sampleOrg.getDomainName();

        // src/test/fixture/sdkintegration/e2e-2Orgs/channel/crypto-config/peerOrganizations/org1.example.com/users/[email protected]/msp/keystore/

        SampleUser peerOrgAdmin = sampleStore.getMember(sampleOrgName + "Admin", sampleOrgName, sampleOrg.getMSPID(),
                Util.findFileSk(Paths.get(testConfig.getTestChannelPath(), "crypto-config/peerOrganizations/",
                        sampleOrgDomainName, format("/users/Admin@%s/msp/keystore", sampleOrgDomainName)).toFile()),
                Paths.get(testConfig.getTestChannelPath(), "crypto-config/peerOrganizations/", sampleOrgDomainName,
                        format("/users/Admin@%s/msp/signcerts/Admin@%s-cert.pem", sampleOrgDomainName, sampleOrgDomainName)).toFile());

        sampleOrg.setPeerAdmin(peerOrgAdmin); //A special user that can create channels, join peers and install chaincode

    }

}
 

/**
 * Will register and enroll users persisting them to samplestore.
 *
 * @param sampleStore
 * @throws Exception
 */
public void enrollUsersSetup(SampleStore sampleStore) throws Exception {
    ////////////////////////////
    //Set up USERS

    //SampleUser can be any implementation that implements org.hyperledger.fabric.sdk.User Interface

    ////////////////////////////
    // get users for all orgs

    out("***** Enrolling Users *****");
    for (SampleOrg sampleOrg : testSampleOrgs) {

        HFCAClient ca = sampleOrg.getCAClient();

        final String orgName = sampleOrg.getName();
        final String mspid = sampleOrg.getMSPID();
        ca.setCryptoSuite(CryptoSuite.Factory.getCryptoSuite());

        if (testConfig.isRunningFabricTLS()) {
            //This shows how to get a client TLS certificate from Fabric CA
            // we will use one client TLS certificate for orderer peers etc.
            final EnrollmentRequest enrollmentRequestTLS = new EnrollmentRequest();
            enrollmentRequestTLS.addHost("localhost");
            enrollmentRequestTLS.setProfile("tls");
            final Enrollment enroll = ca.enroll("admin", "adminpw", enrollmentRequestTLS);
            final String tlsCertPEM = enroll.getCert();
            final String tlsKeyPEM = getPEMStringFromPrivateKey(enroll.getKey());

            final Properties tlsProperties = new Properties();

            tlsProperties.put("clientKeyBytes", tlsKeyPEM.getBytes(UTF_8));
            tlsProperties.put("clientCertBytes", tlsCertPEM.getBytes(UTF_8));
            clientTLSProperties.put(sampleOrg.getName(), tlsProperties);
            //Save in samplestore for follow on tests.
            sampleStore.storeClientPEMTLCertificate(sampleOrg, tlsCertPEM);
            sampleStore.storeClientPEMTLSKey(sampleOrg, tlsKeyPEM);
        }

        HFCAInfo info = ca.info(); //just check if we connect at all.
        assertNotNull(info);
        String infoName = info.getCAName();
        if (infoName != null && !infoName.isEmpty()) {
            assertEquals(ca.getCAName(), infoName);
        }

        SampleUser admin = sampleStore.getMember(TEST_ADMIN_NAME, orgName);
        if (!admin.isEnrolled()) {  //Preregistered admin only needs to be enrolled with Fabric caClient.
            admin.setEnrollment(ca.enroll(admin.getName(), "adminpw"));
            admin.setMspId(mspid);
        }

        SampleUser user = sampleStore.getMember(testUser1, sampleOrg.getName());
        if (!user.isRegistered()) {  // users need to be registered AND enrolled
            RegistrationRequest rr = new RegistrationRequest(user.getName(), "org1.department1");
            user.setEnrollmentSecret(ca.register(rr, admin));
        }
        if (!user.isEnrolled()) {
            user.setEnrollment(ca.enroll(user.getName(), user.getEnrollmentSecret()));
            user.setMspId(mspid);
        }

        final String sampleOrgName = sampleOrg.getName();
        final String sampleOrgDomainName = sampleOrg.getDomainName();

        SampleUser peerOrgAdmin = sampleStore.getMember(sampleOrgName + "Admin", sampleOrgName, sampleOrg.getMSPID(),
                Util.findFileSk(Paths.get(testConfig.getTestChannelPath(), "crypto-config/peerOrganizations/",
                        sampleOrgDomainName, format("/users/Admin@%s/msp/keystore", sampleOrgDomainName)).toFile()),
                Paths.get(testConfig.getTestChannelPath(), "crypto-config/peerOrganizations/", sampleOrgDomainName,
                        format("/users/Admin@%s/msp/signcerts/Admin@%s-cert.pem", sampleOrgDomainName, sampleOrgDomainName)).toFile());
        sampleOrg.setPeerAdmin(peerOrgAdmin); //A special user that can create channels, join peers and install chaincode

        sampleOrg.addUser(user);
        sampleOrg.setAdmin(admin); // The admin of this org --
    }
}
 

public MockSigningIdentity(String cert, String mspId, Enrollment enrollment) {
    this.cert = cert;
    this.mspId = mspId;
    this.enrollment = enrollment;
}
 

public void enrollIdemixUser(SampleStore sampleStore) throws Exception {
    for (SampleOrg sampleOrg : testSampleOrgs) {

        HFCAClient ca = sampleOrg.getCAClient();

        final String orgName = sampleOrg.getName();
        final String mspid = sampleOrg.getMSPID();
        ca.setCryptoSuite(CryptoSuite.Factory.getCryptoSuite());

        if (testConfig.isRunningFabricTLS()) {
            //This shows how to get a client TLS certificate from Fabric CA
            // we will use one client TLS certificate for orderer peers etc.
            final EnrollmentRequest enrollmentRequestTLS = new EnrollmentRequest();
            enrollmentRequestTLS.addHost("localhost");
            enrollmentRequestTLS.setProfile("tls");
            final Enrollment enroll = ca.enroll("admin", "adminpw", enrollmentRequestTLS);
            final String tlsCertPEM = enroll.getCert();
            final String tlsKeyPEM = getPEMStringFromPrivateKey(enroll.getKey());

            final Properties tlsProperties = new Properties();

            tlsProperties.put("clientKeyBytes", tlsKeyPEM.getBytes(UTF_8));
            tlsProperties.put("clientCertBytes", tlsCertPEM.getBytes(UTF_8));
            clientTLSProperties.put(sampleOrg.getName(), tlsProperties);
            //Save in samplestore for follow on tests.
            sampleStore.storeClientPEMTLCertificate(sampleOrg, tlsCertPEM);
            sampleStore.storeClientPEMTLSKey(sampleOrg, tlsKeyPEM);
        }

        HFCAInfo info = ca.info(); //just check if we connect at all.
        assertNotNull(info);
        String infoName = info.getCAName();
        if (infoName != null && !infoName.isEmpty()) {
            assertEquals(ca.getCAName(), infoName);
        }

        SampleUser admin = sampleStore.getMember(TEST_ADMIN_NAME, orgName);
        SampleUser idemixUser = sampleStore.getMember(testUser1, sampleOrg.getName());
        if (!idemixUser.isRegistered()) {  // users need to be registered AND enrolled
            RegistrationRequest rr = new RegistrationRequest(idemixUser.getName(), "org1.department1");
            idemixUser.setEnrollmentSecret(ca.register(rr, admin));
        }
        if (!idemixUser.isEnrolled()) {
            idemixUser.setEnrollment(ca.enroll(idemixUser.getName(), idemixUser.getEnrollmentSecret()));
            idemixUser.setMspId(mspid);
        }

        // If running version 1.3, then get Idemix credential
        if (testConfig.isFabricVersionAtOrAfter("1.3")) {
            String mspID = "idemixMSPID1";
            if (sampleOrg.getName().contains("Org2")) {
                mspID = "idemixMSPID2";
            }
            idemixUser.setIdemixEnrollment(ca.idemixEnroll(idemixUser.getEnrollment(), mspID));
        }

        sampleOrg.addUser(idemixUser);
    }
}
 

/**
 * Will register and enroll users persisting them to samplestore.
 *
 * @param sampleStore
 * @throws Exception
 */
public void enrollUsersSetup(SampleStore sampleStore) throws Exception {
    ////////////////////////////
    //Set up USERS

    //SampleUser can be any implementation that implements org.hyperledger.fabric.sdk.User Interface

    ////////////////////////////
    // get users for all orgs

    out("***** Enrolling Users *****");
    for (SampleOrg sampleOrg : testSampleOrgs) {

        HFCAClient ca = sampleOrg.getCAClient();

        final String orgName = sampleOrg.getName();
        final String mspid = sampleOrg.getMSPID();
        ca.setCryptoSuite(CryptoSuite.Factory.getCryptoSuite());

        if (testConfig.isRunningFabricTLS()) {
            //This shows how to get a client TLS certificate from Fabric CA
            // we will use one client TLS certificate for orderer peers etc.
            final EnrollmentRequest enrollmentRequestTLS = new EnrollmentRequest();
            enrollmentRequestTLS.addHost("localhost");
            enrollmentRequestTLS.setProfile("tls");
            final Enrollment enroll = ca.enroll("admin", "adminpw", enrollmentRequestTLS);
            final String tlsCertPEM = enroll.getCert();
            final String tlsKeyPEM = getPEMStringFromPrivateKey(enroll.getKey());

            final Properties tlsProperties = new Properties();

            tlsProperties.put("clientKeyBytes", tlsKeyPEM.getBytes(UTF_8));
            tlsProperties.put("clientCertBytes", tlsCertPEM.getBytes(UTF_8));
            clientTLSProperties.put(sampleOrg.getName(), tlsProperties);
            //Save in samplestore for follow on tests.
            sampleStore.storeClientPEMTLCertificate(sampleOrg, tlsCertPEM);
            sampleStore.storeClientPEMTLSKey(sampleOrg, tlsKeyPEM);
        }

        HFCAInfo info = ca.info(); //just check if we connect at all.
        assertNotNull(info);
        String infoName = info.getCAName();
        if (infoName != null && !infoName.isEmpty()) {
            assertEquals(ca.getCAName(), infoName);
        }

        SampleUser admin = sampleStore.getMember(TEST_ADMIN_NAME, orgName);
        if (!admin.isEnrolled()) {  //Preregistered admin only needs to be enrolled with Fabric caClient.
            admin.setEnrollment(ca.enroll(admin.getName(), "adminpw"));
            admin.setMspId(mspid);
        }

        SampleUser user = sampleStore.getMember(testUser1, sampleOrg.getName());
        if (!user.isRegistered()) {  // users need to be registered AND enrolled
            RegistrationRequest rr = new RegistrationRequest(user.getName(), "org1.department1");
            user.setEnrollmentSecret(ca.register(rr, admin));
        }
        if (!user.isEnrolled()) {
            user.setEnrollment(ca.enroll(user.getName(), user.getEnrollmentSecret()));
            user.setMspId(mspid);
        }

        final String sampleOrgName = sampleOrg.getName();
        final String sampleOrgDomainName = sampleOrg.getDomainName();

        SampleUser peerOrgAdmin = sampleStore.getMember(sampleOrgName + "Admin", sampleOrgName, sampleOrg.getMSPID(),
                Util.findFileSk(Paths.get(testConfig.getTestChannelPath(), "crypto-config/peerOrganizations/",
                        sampleOrgDomainName, format("/users/Admin@%s/msp/keystore", sampleOrgDomainName)).toFile()),
                Paths.get(testConfig.getTestChannelPath(), "crypto-config/peerOrganizations/", sampleOrgDomainName,
                        format("/users/Admin@%s/msp/signcerts/Admin@%s-cert.pem", sampleOrgDomainName, sampleOrgDomainName)).toFile());
        sampleOrg.setPeerAdmin(peerOrgAdmin); //A special user that can create channels, join peers and install chaincode

        sampleOrg.addUser(user);
        sampleOrg.setAdmin(admin); // The admin of this org --
    }
}
 

@Override
public Enrollment getEnrollment() {
    return this.enrollment;
}
 

public void setIdemixEnrollment(Enrollment enrollment) {
    this.enrollment = enrollment;
}
 

public static Enrollment getMockEnrollment(String cert) {
    return new X509Enrollment(new MockPrivateKey(), cert);
}
 

public static MockSigningIdentity getMockSigningIdentity(String cert, String mspId, Enrollment enrollment) {
    return new MockSigningIdentity(cert, mspId, enrollment);
}
 

public static Enrollment getMockEnrollment(PrivateKey key, String cert) {
    return new X509Enrollment(key, cert);
}
 

public void setEnrollment(Enrollment e) {
    this.enrollment = e;
}
 

@Override
public Enrollment getEnrollment() {
    return enrollment;
}
 

@Override
public Enrollment getEnrollment() {
	return this.enrollment;
}
 

JsonObject httpPost(String url, String body, Enrollment enrollment) throws Exception {
    String authHTTPCert = getHTTPAuthCertificate(enrollment, "POST", url, body);
    return post(url, body, authHTTPCert);
}