Skip to content

Commit

Permalink
[FABG-787] Add defaults for cryptoconfig
Browse files Browse the repository at this point in the history
Change-Id: I43194d0831fa71198e0f45046c15463670ec6262
Signed-off-by: Nye Liu <[email protected]>
  • Loading branch information
nyetwurk committed Nov 20, 2018
1 parent 1e9726a commit 11a8a7e
Show file tree
Hide file tree
Showing 3 changed files with 54 additions and 10 deletions.
41 changes: 35 additions & 6 deletions pkg/core/cryptosuite/cryptoconfig.go
Original file line number Diff line number Diff line change
Expand Up @@ -14,6 +14,15 @@ import (
"github.com/hyperledger/fabric-sdk-go/pkg/common/providers/core"
"github.com/hyperledger/fabric-sdk-go/pkg/core/config/lookup"
"github.com/hyperledger/fabric-sdk-go/pkg/util/pathvar"
"github.com/spf13/cast"
)

const (
defEnabled = true
defHashAlgorithm = "SHA2"
defLevel = 256
defProvider = "SW"
defSoftVerify = true
)

//ConfigFromBackend returns CryptoSuite config implementation for given backend
Expand All @@ -26,29 +35,49 @@ type Config struct {
backend *lookup.ConfigLookup
}

// IsSecurityEnabled config used enable and diable security in cryptosuite
// IsSecurityEnabled config used enable and disable security in cryptosuite
func (c *Config) IsSecurityEnabled() bool {
return c.backend.GetBool("client.BCCSP.security.enabled")
val, ok := c.backend.Lookup("client.BCCSP.security.enabled")
if !ok {
return defEnabled
}
return cast.ToBool(val)
}

// SecurityAlgorithm returns cryptoSuite config hash algorithm
func (c *Config) SecurityAlgorithm() string {
return c.backend.GetString("client.BCCSP.security.hashAlgorithm")
val, ok := c.backend.Lookup("client.BCCSP.security.hashAlgorithm")
if !ok {
return defHashAlgorithm
}
return cast.ToString(val)
}

// SecurityLevel returns cryptSuite config security level
func (c *Config) SecurityLevel() int {
return c.backend.GetInt("client.BCCSP.security.level")
val, ok := c.backend.Lookup("client.BCCSP.security.level")
if !ok {
return defLevel
}
return cast.ToInt(val)
}

//SecurityProvider provider SW or PKCS11
func (c *Config) SecurityProvider() string {
return c.backend.GetLowerString("client.BCCSP.security.default.provider")
val, ok := c.backend.Lookup("client.BCCSP.security.default.provider")
if !ok {
return strings.ToLower(defProvider)
}
return strings.ToLower(cast.ToString(val))
}

//SoftVerify flag
func (c *Config) SoftVerify() bool {
return c.backend.GetBool("client.BCCSP.security.softVerify")
val, ok := c.backend.Lookup("client.BCCSP.security.softVerify")
if !ok {
return defSoftVerify
}
return cast.ToBool(val)
}

//SecurityProviderLibPath will be set only if provider is PKCS11
Expand Down
16 changes: 16 additions & 0 deletions pkg/core/cryptosuite/cryptoconfig_test.go
Original file line number Diff line number Diff line change
Expand Up @@ -21,6 +21,22 @@ import (
)

const configTestFilePath = "../config/testdata/config_test.yaml"
const configEmptyTestFilePath = "../config/testdata/viper-test.yaml"

func TestEmptyTestFile(t *testing.T) {
backend, err := config.FromFile(configEmptyTestFilePath)()
assert.Nil(t, err, "Failed to read from empty config")

cryptoConfig := ConfigFromBackend(backend[0]).(*Config)

// Test for defaults
assert.Equal(t, true, cryptoConfig.IsSecurityEnabled())
assert.Equal(t, "SHA2", cryptoConfig.SecurityAlgorithm())
assert.Equal(t, 256, cryptoConfig.SecurityLevel())
// Note that we transform to lower case in SecurityProvider()
assert.Equal(t, "sw", cryptoConfig.SecurityProvider())
assert.Equal(t, true, cryptoConfig.SoftVerify())
}

func TestCAConfigKeyStorePath(t *testing.T) {
backend, err := config.FromFile(configTestFilePath)()
Expand Down
7 changes: 3 additions & 4 deletions pkg/fabsdk/fabsdk_test.go
Original file line number Diff line number Diff line change
Expand Up @@ -18,6 +18,7 @@ import (
mockapisdk "github.com/hyperledger/fabric-sdk-go/pkg/fabsdk/test/mocksdkapi"
"github.com/hyperledger/fabric-sdk-go/pkg/msp"
"github.com/pkg/errors"
"github.com/stretchr/testify/assert"
)

const (
Expand Down Expand Up @@ -266,11 +267,9 @@ func TestWithConfigFailure(t *testing.T) {
}
}

func TestBadConfigFile(t *testing.T) {
func TestEmptyConfigFile(t *testing.T) {
_, err := New(configImpl.FromFile("../../pkg/core/config/testdata/viper-test.yaml"))
if err == nil {
t.Fatal("Expected error from New with bad config file")
}
assert.Nil(t, err, "New with empty config file should not have failed")
}

func TestWithConfigEndpoint(t *testing.T) {
Expand Down

0 comments on commit 11a8a7e

Please sign in to comment.