github.com/lzy4123/fabric@v2.1.1+incompatible/internal/cryptogen/msp/msp_test.go (about) 1 /* 2 Copyright IBM Corp. All Rights Reserved. 3 4 SPDX-License-Identifier: Apache-2.0 5 */ 6 package msp_test 7 8 import ( 9 "io/ioutil" 10 "os" 11 "path/filepath" 12 "testing" 13 14 "github.com/hyperledger/fabric/internal/cryptogen/ca" 15 "github.com/hyperledger/fabric/internal/cryptogen/msp" 16 fabricmsp "github.com/hyperledger/fabric/msp" 17 "github.com/stretchr/testify/assert" 18 "gopkg.in/yaml.v2" 19 ) 20 21 const ( 22 testCAOrg = "example.com" 23 testCAName = "ca" + "." + testCAOrg 24 testName = "peer0" 25 testCountry = "US" 26 testProvince = "California" 27 testLocality = "San Francisco" 28 testOrganizationalUnit = "Hyperledger Fabric" 29 testStreetAddress = "testStreetAddress" 30 testPostalCode = "123456" 31 ) 32 33 var testDir = filepath.Join(os.TempDir(), "msp-test") 34 35 func testGenerateLocalMSP(t *testing.T, nodeOUs bool) { 36 cleanup(testDir) 37 38 err := msp.GenerateLocalMSP(testDir, testName, nil, &ca.CA{}, &ca.CA{}, msp.PEER, nodeOUs) 39 assert.Error(t, err, "Empty CA should have failed") 40 41 caDir := filepath.Join(testDir, "ca") 42 tlsCADir := filepath.Join(testDir, "tlsca") 43 mspDir := filepath.Join(testDir, "msp") 44 tlsDir := filepath.Join(testDir, "tls") 45 46 // generate signing CA 47 signCA, err := ca.NewCA(caDir, testCAOrg, testCAName, testCountry, testProvince, testLocality, testOrganizationalUnit, testStreetAddress, testPostalCode) 48 assert.NoError(t, err, "Error generating CA") 49 // generate TLS CA 50 tlsCA, err := ca.NewCA(tlsCADir, testCAOrg, testCAName, testCountry, testProvince, testLocality, testOrganizationalUnit, testStreetAddress, testPostalCode) 51 assert.NoError(t, err, "Error generating CA") 52 53 assert.NotEmpty(t, signCA.SignCert.Subject.Country, "country cannot be empty.") 54 assert.Equal(t, testCountry, signCA.SignCert.Subject.Country[0], "Failed to match country") 55 assert.NotEmpty(t, signCA.SignCert.Subject.Province, "province cannot be empty.") 56 assert.Equal(t, testProvince, signCA.SignCert.Subject.Province[0], "Failed to match province") 57 assert.NotEmpty(t, signCA.SignCert.Subject.Locality, "locality cannot be empty.") 58 assert.Equal(t, testLocality, signCA.SignCert.Subject.Locality[0], "Failed to match locality") 59 assert.NotEmpty(t, signCA.SignCert.Subject.OrganizationalUnit, "organizationalUnit cannot be empty.") 60 assert.Equal(t, testOrganizationalUnit, signCA.SignCert.Subject.OrganizationalUnit[0], "Failed to match organizationalUnit") 61 assert.NotEmpty(t, signCA.SignCert.Subject.StreetAddress, "streetAddress cannot be empty.") 62 assert.Equal(t, testStreetAddress, signCA.SignCert.Subject.StreetAddress[0], "Failed to match streetAddress") 63 assert.NotEmpty(t, signCA.SignCert.Subject.PostalCode, "postalCode cannot be empty.") 64 assert.Equal(t, testPostalCode, signCA.SignCert.Subject.PostalCode[0], "Failed to match postalCode") 65 66 // generate local MSP for nodeType=PEER 67 err = msp.GenerateLocalMSP(testDir, testName, nil, signCA, tlsCA, msp.PEER, nodeOUs) 68 assert.NoError(t, err, "Failed to generate local MSP") 69 70 // check to see that the right files were generated/saved 71 mspFiles := []string{ 72 filepath.Join(mspDir, "cacerts", testCAName+"-cert.pem"), 73 filepath.Join(mspDir, "tlscacerts", testCAName+"-cert.pem"), 74 filepath.Join(mspDir, "keystore"), 75 filepath.Join(mspDir, "signcerts", testName+"-cert.pem"), 76 } 77 if nodeOUs { 78 mspFiles = append(mspFiles, filepath.Join(mspDir, "config.yaml")) 79 } else { 80 mspFiles = append(mspFiles, filepath.Join(mspDir, "admincerts", testName+"-cert.pem")) 81 } 82 83 tlsFiles := []string{ 84 filepath.Join(tlsDir, "ca.crt"), 85 filepath.Join(tlsDir, "server.key"), 86 filepath.Join(tlsDir, "server.crt"), 87 } 88 89 for _, file := range mspFiles { 90 assert.Equal(t, true, checkForFile(file), 91 "Expected to find file "+file) 92 } 93 for _, file := range tlsFiles { 94 assert.Equal(t, true, checkForFile(file), 95 "Expected to find file "+file) 96 } 97 98 // generate local MSP for nodeType=CLIENT 99 err = msp.GenerateLocalMSP(testDir, testName, nil, signCA, tlsCA, msp.CLIENT, nodeOUs) 100 assert.NoError(t, err, "Failed to generate local MSP") 101 // check all 102 for _, file := range mspFiles { 103 assert.Equal(t, true, checkForFile(file), 104 "Expected to find file "+file) 105 } 106 107 for _, file := range tlsFiles { 108 assert.Equal(t, true, checkForFile(file), 109 "Expected to find file "+file) 110 } 111 112 tlsCA.Name = "test/fail" 113 err = msp.GenerateLocalMSP(testDir, testName, nil, signCA, tlsCA, msp.CLIENT, nodeOUs) 114 assert.Error(t, err, "Should have failed with CA name 'test/fail'") 115 signCA.Name = "test/fail" 116 err = msp.GenerateLocalMSP(testDir, testName, nil, signCA, tlsCA, msp.ORDERER, nodeOUs) 117 assert.Error(t, err, "Should have failed with CA name 'test/fail'") 118 t.Log(err) 119 cleanup(testDir) 120 } 121 122 func TestGenerateLocalMSPWithNodeOU(t *testing.T) { 123 testGenerateLocalMSP(t, true) 124 } 125 126 func TestGenerateLocalMSPWithoutNodeOU(t *testing.T) { 127 testGenerateLocalMSP(t, false) 128 } 129 130 func testGenerateVerifyingMSP(t *testing.T, nodeOUs bool) { 131 caDir := filepath.Join(testDir, "ca") 132 tlsCADir := filepath.Join(testDir, "tlsca") 133 mspDir := filepath.Join(testDir, "msp") 134 // generate signing CA 135 signCA, err := ca.NewCA(caDir, testCAOrg, testCAName, testCountry, testProvince, testLocality, testOrganizationalUnit, testStreetAddress, testPostalCode) 136 assert.NoError(t, err, "Error generating CA") 137 // generate TLS CA 138 tlsCA, err := ca.NewCA(tlsCADir, testCAOrg, testCAName, testCountry, testProvince, testLocality, testOrganizationalUnit, testStreetAddress, testPostalCode) 139 assert.NoError(t, err, "Error generating CA") 140 141 err = msp.GenerateVerifyingMSP(mspDir, signCA, tlsCA, nodeOUs) 142 assert.NoError(t, err, "Failed to generate verifying MSP") 143 144 // check to see that the right files were generated/saved 145 files := []string{ 146 filepath.Join(mspDir, "cacerts", testCAName+"-cert.pem"), 147 filepath.Join(mspDir, "tlscacerts", testCAName+"-cert.pem"), 148 } 149 150 if nodeOUs { 151 files = append(files, filepath.Join(mspDir, "config.yaml")) 152 } else { 153 files = append(files, filepath.Join(mspDir, "admincerts", testCAName+"-cert.pem")) 154 } 155 156 for _, file := range files { 157 assert.Equal(t, true, checkForFile(file), 158 "Expected to find file "+file) 159 } 160 161 tlsCA.Name = "test/fail" 162 err = msp.GenerateVerifyingMSP(mspDir, signCA, tlsCA, nodeOUs) 163 assert.Error(t, err, "Should have failed with CA name 'test/fail'") 164 signCA.Name = "test/fail" 165 err = msp.GenerateVerifyingMSP(mspDir, signCA, tlsCA, nodeOUs) 166 assert.Error(t, err, "Should have failed with CA name 'test/fail'") 167 t.Log(err) 168 cleanup(testDir) 169 170 } 171 172 func TestGenerateVerifyingMSPWithNodeOU(t *testing.T) { 173 testGenerateVerifyingMSP(t, true) 174 } 175 176 func TestGenerateVerifyingMSPWithoutNodeOU(t *testing.T) { 177 testGenerateVerifyingMSP(t, true) 178 } 179 180 func TestExportConfig(t *testing.T) { 181 path := filepath.Join(testDir, "export-test") 182 configFile := filepath.Join(path, "config.yaml") 183 caFile := "ca.pem" 184 t.Log(path) 185 err := os.MkdirAll(path, 0755) 186 if err != nil { 187 t.Fatalf("failed to create test directory: [%s]", err) 188 } 189 190 err = msp.ExportConfig(path, caFile, true) 191 assert.NoError(t, err) 192 193 configBytes, err := ioutil.ReadFile(configFile) 194 if err != nil { 195 t.Fatalf("failed to read config file: [%s]", err) 196 } 197 198 config := &fabricmsp.Configuration{} 199 err = yaml.Unmarshal(configBytes, config) 200 if err != nil { 201 t.Fatalf("failed to unmarshal config: [%s]", err) 202 } 203 assert.True(t, config.NodeOUs.Enable) 204 assert.Equal(t, caFile, config.NodeOUs.ClientOUIdentifier.Certificate) 205 assert.Equal(t, msp.CLIENTOU, config.NodeOUs.ClientOUIdentifier.OrganizationalUnitIdentifier) 206 assert.Equal(t, caFile, config.NodeOUs.PeerOUIdentifier.Certificate) 207 assert.Equal(t, msp.PEEROU, config.NodeOUs.PeerOUIdentifier.OrganizationalUnitIdentifier) 208 assert.Equal(t, caFile, config.NodeOUs.AdminOUIdentifier.Certificate) 209 assert.Equal(t, msp.ADMINOU, config.NodeOUs.AdminOUIdentifier.OrganizationalUnitIdentifier) 210 assert.Equal(t, caFile, config.NodeOUs.OrdererOUIdentifier.Certificate) 211 assert.Equal(t, msp.ORDEREROU, config.NodeOUs.OrdererOUIdentifier.OrganizationalUnitIdentifier) 212 } 213 214 func cleanup(dir string) { 215 os.RemoveAll(dir) 216 } 217 218 func checkForFile(file string) bool { 219 if _, err := os.Stat(file); os.IsNotExist(err) { 220 return false 221 } 222 return true 223 }