github.com/hechain20/hechain@v0.0.0-20220316014945-b544036ba106/internal/peer/gossip/sa.go

github.com/hechain20/hechain@v0.0.0-20220316014945-b544036ba106/internal/peer/gossip/sa.go (about)

     1  /*
     2  Copyright hechain. All Rights Reserved.
     3  
     4  SPDX-License-Identifier: Apache-2.0
     5  */
     6  
     7  package gossip
     8  
     9  import (
    10  	"github.com/hechain20/hechain/common/flogging"
    11  	"github.com/hechain20/hechain/gossip/api"
    12  )
    13  
    14  var saLogger = flogging.MustGetLogger("peer.gossip.sa")
    15  
    16  // mspSecurityAdvisor implements the SecurityAdvisor interface
    17  // using peer's MSPs.
    18  //
    19  // In order for the system to be secure it is vital to have the
    20  // MSPs to be up-to-date. Channels' MSPs are updated via
    21  // configuration transactions distributed by the ordering service.
    22  //
    23  // This implementation assumes that these mechanisms are all in place and working.
    24  type mspSecurityAdvisor struct {
    25  	deserializer DeserializersManager
    26  }
    27  
    28  // NewSecurityAdvisor creates a new instance of mspSecurityAdvisor
    29  // that implements MessageCryptoService
    30  func NewSecurityAdvisor(deserializer DeserializersManager) api.SecurityAdvisor {
    31  	return &mspSecurityAdvisor{deserializer: deserializer}
    32  }
    33  
    34  // OrgByPeerIdentity returns the OrgIdentityType
    35  // of a given peer identity.
    36  // If any error occurs, nil is returned.
    37  // This method does not validate peerIdentity.
    38  // This validation is supposed to be done appropriately during the execution flow.
    39  func (advisor *mspSecurityAdvisor) OrgByPeerIdentity(peerIdentity api.PeerIdentityType) api.OrgIdentityType {
    40  	// Validate arguments
    41  	if len(peerIdentity) == 0 {
    42  		saLogger.Error("Invalid Peer Identity. It must be different from nil.")
    43  
    44  		return nil
    45  	}
    46  
    47  	// Notice that peerIdentity is assumed to be the serialization of an identity.
    48  	// So, first step is the identity deserialization
    49  
    50  	// TODO: This method should return a structure consisting of two fields:
    51  	// one of the MSPidentifier of the MSP the identity belongs to,
    52  	// and then a list of organization units this identity is in possession of.
    53  	// For gossip use, it is the first part that we would need for now,
    54  	// namely the identity's MSP identifier be returned (Identity.GetMSPIdentifier())
    55  
    56  	// First check against the local MSP.
    57  	identity, err := advisor.deserializer.GetLocalDeserializer().DeserializeIdentity([]byte(peerIdentity))
    58  	if err == nil {
    59  		return []byte(identity.GetMSPIdentifier())
    60  	}
    61  
    62  	// Check against managers
    63  	for chainID, mspManager := range advisor.deserializer.GetChannelDeserializers() {
    64  		// Deserialize identity
    65  		identity, err := mspManager.DeserializeIdentity([]byte(peerIdentity))
    66  		if err != nil {
    67  			saLogger.Debugf("Failed deserialization identity [% x] on [%s]: [%s]", peerIdentity, chainID, err)
    68  			continue
    69  		}
    70  
    71  		return []byte(identity.GetMSPIdentifier())
    72  	}
    73  
    74  	saLogger.Warningf("Peer Identity [% x] cannot be desirialized. No MSP found able to do that.", peerIdentity)
    75  
    76  	return nil
    77  }