gitee.com/zhaochuninhefei/fabric-ca-gm@v0.0.2/cmd/fabric-ca-client/command/gencrl.go (about)

     1  /*
     2  Copyright IBM Corp. 2017 All Rights Reserved.
     3  Licensed under the Apache License, Version 2.0 (the "License");
     4  you may not use this file except in compliance with the License.
     5  You may obtain a copy of the License at
     6                   http://www.apache.org/licenses/LICENSE-2.0
     7  Unless required by applicable law or agreed to in writing, software
     8  distributed under the License is distributed on an "AS IS" BASIS,
     9  WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
    10  See the License for the specific language governing permissions and
    11  limitations under the License.
    12  */
    13  
    14  package command
    15  
    16  import (
    17  	"os"
    18  	"path"
    19  	"path/filepath"
    20  	"time"
    21  
    22  	"gitee.com/zhaochuninhefei/fabric-ca-gm/internal/pkg/api"
    23  	"gitee.com/zhaochuninhefei/fabric-ca-gm/internal/pkg/util"
    24  	"gitee.com/zhaochuninhefei/fabric-ca-gm/lib"
    25  	log "gitee.com/zhaochuninhefei/zcgolog/zclog"
    26  	"github.com/pkg/errors"
    27  	"github.com/spf13/cobra"
    28  )
    29  
    30  const (
    31  	// crlsFolder is the MSP folder name where generate CRL will be stored
    32  	crlsFolder = "crls"
    33  	// crlFile is the name of the file used to the generate CRL
    34  	crlFile = "crl.pem"
    35  )
    36  
    37  func (c *ClientCmd) newGenCRLCommand() *cobra.Command {
    38  	var genCrlCmd = &cobra.Command{
    39  		Use:   "gencrl",
    40  		Short: "Generate a CRL",
    41  		Long:  "Generate a Certificate Revocation List",
    42  		// PreRunE block for this command will load client configuration
    43  		// before running the command
    44  		PreRunE: func(cmd *cobra.Command, args []string) error {
    45  			if len(args) > 0 {
    46  				return errors.Errorf(extraArgsError, args, cmd.UsageString())
    47  			}
    48  			err := c.ConfigInit()
    49  			if err != nil {
    50  				return err
    51  			}
    52  			log.Debugf("Client configuration settings: %+v", c.clientCfg)
    53  			return nil
    54  		},
    55  		RunE: func(cmd *cobra.Command, args []string) error {
    56  			err := c.runGenCRL()
    57  			if err != nil {
    58  				return err
    59  			}
    60  			return nil
    61  		},
    62  	}
    63  	util.RegisterFlags(c.myViper, genCrlCmd.Flags(), &c.crlParams, nil)
    64  	return genCrlCmd
    65  }
    66  
    67  // The client register main logic
    68  func (c *ClientCmd) runGenCRL() error {
    69  	log.Debug("Entered runGenCRL")
    70  	client := lib.Client{
    71  		HomeDir: filepath.Dir(c.cfgFileName),
    72  		Config:  c.clientCfg,
    73  	}
    74  	id, err := client.LoadMyIdentity()
    75  	if err != nil {
    76  		return err
    77  	}
    78  	var revokedAfter, revokedBefore time.Time
    79  	if c.crlParams.RevokedAfter != "" {
    80  		revokedAfter, err = time.Parse(time.RFC3339, c.crlParams.RevokedAfter)
    81  		if err != nil {
    82  			return errors.Wrap(err, "Invalid 'revokedafter' value")
    83  		}
    84  	}
    85  	if c.crlParams.RevokedBefore != "" {
    86  		revokedBefore, err = time.Parse(time.RFC3339, c.crlParams.RevokedBefore)
    87  		if err != nil {
    88  			return errors.Wrap(err, "Invalid 'revokedbefore' value")
    89  		}
    90  	}
    91  	if !revokedBefore.IsZero() && revokedAfter.After(revokedBefore) {
    92  		return errors.Errorf("Invalid revokedafter value '%s'. It must not be a timestamp greater than revokedbefore value '%s'",
    93  			c.crlParams.RevokedAfter, c.crlParams.RevokedBefore)
    94  	}
    95  
    96  	var expireAfter, expireBefore time.Time
    97  	if c.crlParams.ExpireAfter != "" {
    98  		expireAfter, err = time.Parse(time.RFC3339, c.crlParams.ExpireAfter)
    99  		if err != nil {
   100  			return errors.Wrap(err, "Invalid 'expireafter' value")
   101  		}
   102  	}
   103  	if c.crlParams.ExpireBefore != "" {
   104  		expireBefore, err = time.Parse(time.RFC3339, c.crlParams.ExpireBefore)
   105  		if err != nil {
   106  			return errors.Wrap(err, "Invalid 'expirebefore' value")
   107  		}
   108  	}
   109  	if !expireBefore.IsZero() && expireAfter.After(expireBefore) {
   110  		return errors.Errorf("Invalid expireafter value '%s'. It must not be a timestamp greater than expirebefore value '%s'",
   111  			c.crlParams.ExpireAfter, c.crlParams.ExpireBefore)
   112  	}
   113  	req := &api.GenCRLRequest{
   114  		CAName:        c.clientCfg.CAName,
   115  		RevokedAfter:  revokedAfter,
   116  		RevokedBefore: revokedBefore,
   117  		ExpireAfter:   expireAfter,
   118  		ExpireBefore:  expireBefore,
   119  	}
   120  	resp, err := id.GenCRL(req)
   121  	if err != nil {
   122  		return err
   123  	}
   124  	log.Info("Successfully generated the CRL")
   125  	err = storeCRL(c.clientCfg, resp.CRL)
   126  	if err != nil {
   127  		return err
   128  	}
   129  	return nil
   130  }
   131  
   132  // Store the CRL
   133  func storeCRL(config *lib.ClientConfig, crl []byte) error {
   134  	dirName := path.Join(config.MSPDir, crlsFolder)
   135  	if _, err := os.Stat(dirName); os.IsNotExist(err) {
   136  		mkdirErr := os.MkdirAll(dirName, os.ModeDir|0755)
   137  		if mkdirErr != nil {
   138  			return errors.Wrapf(mkdirErr, "Failed to create directory %s", dirName)
   139  		}
   140  	}
   141  	fileName := path.Join(dirName, crlFile)
   142  	err := util.WriteFile(fileName, crl, 0644)
   143  	if err != nil {
   144  		return errors.Wrapf(err, "Failed to write CRL to the file %s", fileName)
   145  	}
   146  	log.Infof("Successfully stored the CRL in the file %s", fileName)
   147  	return nil
   148  }