Configtx tool to use Verifying MSP

Volodymyr Paprotski · Volodymyr Paprotski · commit 3bcd969b5ab7 · 2017-02-24T15:39:55.000-05:00
LocalMSP expects to use a private key, BCCSP was complaining that it
cannot find the key

Change-Id: I6e99afb9f480f4a9fa963daa0cdbb11f2a60228f
Signed-off-by: Volodymyr Paprotski &lt;vpaprots@ca.ibm.com&gt;
diff --git a/common/configtx/tool/configtxgen/main.go b/common/configtx/tool/configtxgen/main.go
@@ -20,6 +20,7 @@ import (
 	"flag"
 	"io/ioutil"
 
+	"github.com/hyperledger/fabric/bccsp/factory"
 	"github.com/hyperledger/fabric/common/configtx"
 	genesisconfig "github.com/hyperledger/fabric/common/configtx/tool/localconfig"
 	"github.com/hyperledger/fabric/common/configtx/tool/provisional"
@@ -43,6 +44,7 @@ func main() {
 	logging.SetLevel(logging.INFO, "")
 
 	logger.Info("Loading configuration")
+	factory.InitFactories(nil)
 	config := genesisconfig.Load(profile)
 	pgen := provisional.New(config)
 
diff --git a/common/configtx/tool/provisional/provisional.go b/common/configtx/tool/provisional/provisional.go
@@ -118,7 +118,7 @@ func New(conf *genesisconfig.Profile) Generator {
 		}
 
 		for _, org := range conf.Orderer.Organizations {
-			mspConfig, err := msp.GetLocalMspConfig(org.MSPDir, org.BCCSP, org.ID)
+			mspConfig, err := msp.GetVerifyingMspConfig(org.MSPDir, org.BCCSP, org.ID)
 			if err != nil {
 				logger.Panicf("Error loading MSP configuration for org %s: %s", org.Name, err)
 			}
@@ -148,7 +148,7 @@ func New(conf *genesisconfig.Profile) Generator {
 			policies.TemplateImplicitMetaMajorityPolicy([]string{configtxapplication.GroupKey}, configvaluesmsp.AdminsPolicyKey),
 		}
 		for _, org := range conf.Application.Organizations {
-			mspConfig, err := msp.GetLocalMspConfig(org.MSPDir, org.BCCSP, org.ID)
+			mspConfig, err := msp.GetVerifyingMspConfig(org.MSPDir, org.BCCSP, org.ID)
 			if err != nil {
 				logger.Panicf("Error loading MSP configuration for org %s: %s", org.Name, err)
 			}
diff --git a/msp/configbuilder.go b/msp/configbuilder.go
@@ -108,19 +108,41 @@ func SetupBCCSPKeystoreConfig(bccspConfig *factory.FactoryOpts, keystoreDir stri
 }
 
 func GetLocalMspConfig(dir string, bccspConfig *factory.FactoryOpts, ID string) (*msp.MSPConfig, error) {
-	cacertDir := filepath.Join(dir, cacerts)
 	signcertDir := filepath.Join(dir, signcerts)
-	admincertDir := filepath.Join(dir, admincerts)
 	keystoreDir := filepath.Join(dir, keystore)
-	intermediatecertsDir := filepath.Join(dir, intermediatecerts)
-
 	SetupBCCSPKeystoreConfig(bccspConfig, keystoreDir)
 
 	err := factory.InitFactories(bccspConfig)
 	if err != nil {
 		return nil, fmt.Errorf("Could not initialize BCCSP Factories [%s]", err)
 	}
 
+	signcert, err := getPemMaterialFromDir(signcertDir)
+	if err != nil || len(signcert) == 0 {
+		return nil, fmt.Errorf("Could not load a valid signer certificate from directory %s, err %s", signcertDir, err)
+	}
+
+	/* FIXME: for now we're making the following assumptions
+	1) there is exactly one signing cert
+	2) BCCSP's KeyStore has the the private key that matches SKI of
+	   signing cert
+	*/
+
+	sigid := &msp.SigningIdentityInfo{PublicSigner: signcert[0], PrivateSigner: nil}
+
+	return getMspConfig(dir, bccspConfig, ID, sigid)
+}
+
+func GetVerifyingMspConfig(dir string, bccspConfig *factory.FactoryOpts, ID string) (*msp.MSPConfig, error) {
+	return getMspConfig(dir, bccspConfig, ID, nil)
+}
+
+func getMspConfig(dir string, bccspConfig *factory.FactoryOpts, ID string, sigid *msp.SigningIdentityInfo) (*msp.MSPConfig, error) {
+	cacertDir := filepath.Join(dir, cacerts)
+	signcertDir := filepath.Join(dir, signcerts)
+	admincertDir := filepath.Join(dir, admincerts)
+	intermediatecertsDir := filepath.Join(dir, intermediatecerts)
+
 	cacerts, err := getPemMaterialFromDir(cacertDir)
 	if err != nil || len(cacerts) == 0 {
 		return nil, fmt.Errorf("Could not load a valid ca certificate from directory %s, err %s", cacertDir, err)
@@ -139,14 +161,6 @@ func GetLocalMspConfig(dir string, bccspConfig *factory.FactoryOpts, ID string)
 	intermediatecert, _ := getPemMaterialFromDir(intermediatecertsDir)
 	// intermediate certs are not mandatory
 
-	/* FIXME: for now we're making the following assumptions
-	1) there is exactly one signing cert
-	2) BCCSP's KeyStore has the the private key that matches SKI of
-	   signing cert
-	*/
-
-	sigid := &msp.SigningIdentityInfo{PublicSigner: signcert[0], PrivateSigner: nil}
-
 	fmspconf := &msp.FabricMSPConfig{
 		Admins:            admincert,
 		RootCerts:         cacerts,

Original file line number	Diff line number	Diff line change
`@@ -118,7 +118,7 @@ func New(conf *genesisconfig.Profile) Generator {`
`118`	`118`	`}`
`119`	`119`
`120`	`120`	`for _, org := range conf.Orderer.Organizations {`
`121`		`- mspConfig, err := msp.GetLocalMspConfig(org.MSPDir, org.BCCSP, org.ID)`
	`121`	`+ mspConfig, err := msp.GetVerifyingMspConfig(org.MSPDir, org.BCCSP, org.ID)`
`122`	`122`	`if err != nil {`
`123`	`123`	`logger.Panicf("Error loading MSP configuration for org %s: %s", org.Name, err)`
`124`	`124`	`}`
`@@ -148,7 +148,7 @@ func New(conf *genesisconfig.Profile) Generator {`
`148`	`148`	`policies.TemplateImplicitMetaMajorityPolicy([]string{configtxapplication.GroupKey}, configvaluesmsp.AdminsPolicyKey),`
`149`	`149`	`}`
`150`	`150`	`for _, org := range conf.Application.Organizations {`
`151`		`- mspConfig, err := msp.GetLocalMspConfig(org.MSPDir, org.BCCSP, org.ID)`
	`151`	`+ mspConfig, err := msp.GetVerifyingMspConfig(org.MSPDir, org.BCCSP, org.ID)`
`152`	`152`	`if err != nil {`
`153`	`153`	`logger.Panicf("Error loading MSP configuration for org %s: %s", org.Name, err)`
`154`	`154`	`}`