github.com/canhui/fabric_ca2_2@v2.0.0-alpha+incompatible/lib/client/credential/idemix/credential_test.go (about) 1 /* 2 Copyright IBM Corp. All Rights Reserved. 3 4 SPDX-License-Identifier: Apache-2.0 5 */ 6 7 package idemix_test 8 9 import ( 10 "bytes" 11 "fmt" 12 "io/ioutil" 13 "net/http" 14 "os" 15 "path/filepath" 16 "testing" 17 18 lib "github.com/hyperledger/fabric-ca/lib" 19 . "github.com/hyperledger/fabric-ca/lib/client/credential/idemix" 20 "github.com/hyperledger/fabric-ca/lib/server/idemix" 21 "github.com/stretchr/testify/assert" 22 ) 23 24 const ( 25 testDataDir = "../../../../testdata" 26 testSignerConfigFile = testDataDir + "/IdemixSignerConfig" 27 testIssuerPublicFile = testDataDir + "/IdemixPublicKey" 28 ) 29 30 func TestIdemixCredential(t *testing.T) { 31 clientHome, err := ioutil.TempDir(testDataDir, "idemixcredtest") 32 if err != nil { 33 t.Fatalf("Failed to create temp directory: %s", err.Error()) 34 } 35 defer os.RemoveAll(clientHome) 36 37 signerConfig := filepath.Join(clientHome, "SignerConfig") 38 client := &lib.Client{ 39 Config: &lib.ClientConfig{ 40 URL: fmt.Sprintf("http://localhost:7054"), 41 }, 42 HomeDir: clientHome, 43 } 44 err = client.Init() 45 if err != nil { 46 t.Fatalf("Failed to initialize client: %s", err.Error()) 47 } 48 49 idemixCred := NewCredential(signerConfig, client) 50 51 assert.Equal(t, idemixCred.Type(), CredType, "Type for a IdemixCredential instance must be Idemix") 52 _, err = idemixCred.Val() 53 assert.Error(t, err, "Val should return error if credential has not been loaded from disk or set") 54 if err != nil { 55 assert.Equal(t, err.Error(), "Idemix credential value is not set") 56 } 57 _, err = idemixCred.EnrollmentID() 58 assert.Error(t, err, "EnrollmentID should return an error if credential has not been loaded from disk or set") 59 if err != nil { 60 assert.Equal(t, err.Error(), "Idemix credential value is not set") 61 } 62 body := []byte("hello") 63 req, err := http.NewRequest("GET", "localhost:7054/enroll", bytes.NewReader(body)) 64 if err != nil { 65 t.Fatalf("Failed to create HTTP request: %s", err.Error()) 66 } 67 _, err = idemixCred.CreateToken(req, body) 68 assert.Error(t, err, "CreateToken should return an error if credential has not been loaded from disk or set") 69 if err != nil { 70 assert.Equal(t, err.Error(), "Idemix credential value is not set") 71 } 72 73 err = idemixCred.SetVal("hello") 74 assert.Error(t, err, "SetVal should fail as it expects an object of type *SignerConfig") 75 76 err = idemixCred.Store() 77 assert.Error(t, err, "Store should return an error if credential has not been set") 78 79 err = idemixCred.Load() 80 assert.Error(t, err, "Load should fail as %s is not found", signerConfig) 81 82 err = ioutil.WriteFile(signerConfig, []byte("hello"), 0744) 83 if err != nil { 84 t.Fatalf("Failed to write to file %s: %s", signerConfig, err.Error()) 85 } 86 err = idemixCred.Load() 87 assert.Error(t, err, "Load should fail as %s contains invalid data", signerConfig) 88 89 err = lib.CopyFile(testSignerConfigFile, signerConfig) 90 if err != nil { 91 t.Fatalf("Failed to copy %s to %s: %s", testSignerConfigFile, signerConfig, err.Error()) 92 } 93 94 clientPubKeyFile := filepath.Join(clientHome, "msp/IssuerPublicKey") 95 err = os.MkdirAll(filepath.Join(clientHome, "msp"), 0744) 96 if err != nil { 97 t.Fatalf("Failed to create msp directory: %s", err.Error()) 98 } 99 err = lib.CopyFile(testIssuerPublicFile, clientPubKeyFile) 100 if err != nil { 101 t.Fatalf("Failed to copy %s to %s: %s", testIssuerPublicFile, clientPubKeyFile, err.Error()) 102 } 103 104 err = idemixCred.Load() 105 assert.NoError(t, err, "Load should not return error as %s exists and is valid", signerConfig) 106 107 val, err := idemixCred.Val() 108 assert.NoError(t, err, "Val should not return error as credential is loaded") 109 110 signercfg, _ := val.(*SignerConfig) 111 cred := signercfg.GetCred() 112 assert.NotNil(t, cred) 113 assert.True(t, len(cred) > 0, "Credential bytes length should be more than zero") 114 115 enrollID := signercfg.GetEnrollmentID() 116 assert.Equal(t, "admin", enrollID, "Enrollment ID of the Idemix credential in testdata/IdemixSignerConfig should be admin") 117 118 sk := signercfg.GetSk() 119 assert.NotNil(t, sk, "secret key should not be nil") 120 assert.True(t, len(sk) > 0, "Secret key bytes length should be more than zero") 121 122 signercfg.GetOrganizationalUnitIdentifier() 123 role := signercfg.GetRole() 124 assert.False(t, idemix.CheckRole(role, idemix.ADMIN)) 125 126 err = idemixCred.SetVal(val) 127 assert.NoError(t, err, "Setting the value that we got from the credential should not return an error") 128 129 if err = os.Chmod(signerConfig, 0000); err != nil { 130 t.Fatalf("Failed to chmod SignerConfig file %s: %v", signerConfig, err) 131 } 132 err = idemixCred.Store() 133 assert.Error(t, err, "Store should fail as %s is not writable", signerConfig) 134 135 if err = os.Chmod(signerConfig, 0644); err != nil { 136 t.Fatalf("Failed to chmod SignerConfig file %s: %v", signerConfig, err) 137 } 138 err = idemixCred.Store() 139 assert.NoError(t, err, "Store should not fail as %s is writable and Idemix credential value is set", signerConfig) 140 141 _, err = idemixCred.Val() 142 assert.NoError(t, err, "Val should not return error as Idemix credential has been loaded") 143 144 _, err = idemixCred.EnrollmentID() 145 assert.NoError(t, err, "EnrollmentID should not return error as Idemix credential has been loaded") 146 147 if err = os.Chmod(clientPubKeyFile, 0000); err != nil { 148 t.Fatalf("Failed to chmod SignerConfig file %s: %v", clientPubKeyFile, err) 149 } 150 _, err = idemixCred.CreateToken(req, body) 151 assert.Error(t, err, "CreateToken should fail as %s is not readable", clientPubKeyFile) 152 153 if err = os.Chmod(clientPubKeyFile, 0644); err != nil { 154 t.Fatalf("Failed to chmod SignerConfig file %s: %v", clientPubKeyFile, err) 155 } 156 157 origCred := signercfg.Cred 158 signercfg.Cred = []byte("fakecred") 159 _, err = idemixCred.CreateToken(req, body) 160 assert.Error(t, err, "CreateToken should fail credential is junk bytes in the signerconfig") 161 signercfg.Cred = origCred 162 163 origCri := signercfg.CredentialRevocationInformation 164 signercfg.CredentialRevocationInformation = []byte("fakecred") 165 _, err = idemixCred.CreateToken(req, body) 166 assert.Error(t, err, "CreateToken should fail credential revocation information is junk bytes in the signerconfig") 167 signercfg.CredentialRevocationInformation = origCri 168 169 _, err = idemixCred.CreateToken(req, body) 170 assert.NoError(t, err, "CreateToken should not return error as Idemix credential has been loaded") 171 172 _, err = idemixCred.RevokeSelf() 173 assert.Error(t, err, "RevokeSelf should fail as it is not implmented for Idemix credential") 174 }