github.com/adnan-c/fabric_e2e_couchdb@v0.6.1-preview.0.20170228180935-21ce6b23cf91/accesscontrol/impl/chaincode.go

github.com/adnan-c/fabric_e2e_couchdb@v0.6.1-preview.0.20170228180935-21ce6b23cf91/accesscontrol/impl/chaincode.go (about)

     1  package impl
     2  
     3  import (
     4  	"github.com/hyperledger/fabric/accesscontrol"
     5  	"github.com/hyperledger/fabric/accesscontrol/crypto/attr"
     6  	"github.com/hyperledger/fabric/accesscontrol/crypto/ecdsa"
     7  	"github.com/hyperledger/fabric/core/chaincode/shim"
     8  	"github.com/hyperledger/fabric/core/crypto/primitives"
     9  )
    10  
    11  // NewAccessControlShim create a new AccessControlShim instance
    12  func NewAccessControlShim(stub shim.ChaincodeStubInterface) *AccessControlShim {
    13  	// TODO: The package accesscontrol still depends on the initialization
    14  	// of the primitives package.
    15  	// This has to be removed by using the BCCSP which will carry this information.
    16  	// A similar approach has been used to remove the calls
    17  	// to InitSecurityLevel and SetSecurityLevel from the core.
    18  	primitives.SetSecurityLevel("SHA2", 256)
    19  
    20  	return &AccessControlShim{stub}
    21  }
    22  
    23  // AccessControlShim wraps the object passed to chaincode for shim side handling of
    24  // APIs to provide access control capabilities.
    25  type AccessControlShim struct {
    26  	stub shim.ChaincodeStubInterface
    27  }
    28  
    29  //ReadCertAttribute is used to read an specific attribute from the transaction certificate, *attributeName* is passed as input parameter to this function.
    30  // Example:
    31  //  attrValue,error:=stub.ReadCertAttribute("position")
    32  func (shim *AccessControlShim) ReadCertAttribute(attributeName string) ([]byte, error) {
    33  	attributesHandler, err := attr.NewAttributesHandlerImpl(shim.stub)
    34  	if err != nil {
    35  		return nil, err
    36  	}
    37  	return attributesHandler.GetValue(attributeName)
    38  }
    39  
    40  //VerifyAttribute is used to verify if the transaction certificate has an attribute with name *attributeName* and value *attributeValue* which are the input parameters received by this function.
    41  //Example:
    42  //    containsAttr, error := stub.VerifyAttribute("position", "Software Engineer")
    43  func (shim *AccessControlShim) VerifyAttribute(attributeName string, attributeValue []byte) (bool, error) {
    44  	attributesHandler, err := attr.NewAttributesHandlerImpl(shim.stub)
    45  	if err != nil {
    46  		return false, err
    47  	}
    48  	return attributesHandler.VerifyAttribute(attributeName, attributeValue)
    49  }
    50  
    51  //VerifyAttributes does the same as VerifyAttribute but it checks for a list of attributes and their respective values instead of a single attribute/value pair
    52  // Example:
    53  //    containsAttrs, error:= stub.VerifyAttributes(&attr.Attribute{"position",  "Software Engineer"}, &attr.Attribute{"company", "ACompany"})
    54  func (shim *AccessControlShim) VerifyAttributes(attrs ...*accesscontrol.Attribute) (bool, error) {
    55  	attributesHandler, err := attr.NewAttributesHandlerImpl(shim.stub)
    56  	if err != nil {
    57  		return false, err
    58  	}
    59  	return attributesHandler.VerifyAttributes(attrs...)
    60  }
    61  
    62  // VerifySignature verifies the transaction signature and returns `true` if
    63  // correct and `false` otherwise
    64  func (shim *AccessControlShim) VerifySignature(certificate, signature, message []byte) (bool, error) {
    65  	// Instantiate a new SignatureVerifier
    66  	sv := ecdsa.NewX509ECDSASignatureVerifier()
    67  
    68  	// Verify the signature
    69  	return sv.Verify(certificate, signature, message)
    70  }