Can I use Existing Certificate, private key, public key for my hyperledger fabric user rather than creating new from CA or cryptogen?
Question
I am working on Hyperledger fabric 1.0 beta release. So far I have noticed that if a transaction is done on a peer using Node sdk, it internally sends a call to CA to get crypto material for new user(Cert, private key, public key). If I already have a user certificate, private key, public key, how can I use them to send request to peers instead of using crypto material provided by CA. I have noticed that Cryptogen utility also generates crypto artifacts for users. How can I use those artifacts to make a transaction on peer instead of making a call to CA first?
2 answers
solution1
1 2017-07-07 13:11:50
Please share how to solve this problem in GO SDK. I can move to GO application layer if necessary.
func TestExample(t *testing.T) {
conf, err := config.InitConfig("config.yaml")
assert.NoError(t, err)
cl := fabricclient.NewClient(conf)
bccspFactory.InitFactories(nil)
cryptoSuite := bccspFactory.GetDefault()
privKey := "/home/yacovm/fabricDeployment/crypto-config/peerOrganizations/hrl.ibm.il/users/Admin@hrl.ibm.il/msp/keystore/213d24d189babc01e1f2e4e4cc2fd1a68bcfe95a2bdd0981ef2f9c39a00fb3f2_sk"
pubKey := "/home/yacovm/fabricDeployment/crypto-config/peerOrganizations/hrl.ibm.il/users/Admin@hrl.ibm.il/msp/signcerts/Admin@hrl.ibm.il-cert.pem"
user ,err := fabapi.NewPreEnrolledUser(conf, privKey, pubKey, "yacov", "PeerOrg", bccspFactory.GetDefault())
cl.SetCryptoSuite(cryptoSuite)
assert.NotNil(t, user)
assert.NoError(t, err)
cl.SetUserContext(user)
o, err := orderer2.NewOrderer("vm1:7050",
"/home/yacovm/fabricDeployment/crypto-config/ordererOrganizations/hrl.ibm.il/orderers/vm1.hrl.ibm.il/tls/ca.crt",
"", conf)
assert.NoError(t, err)
p, err := peer.NewPeerTLSFromCert("vm2:7051", "/home/yacovm/fabricDeployment/crypto-config/peerOrganizations/hrl.ibm.il/peers/vm2.hrl.ibm.il/tls/ca.crt", "", conf)
assert.NoError(t, err)
ch, err := cl.NewChannel("yacov")
ch.AddOrderer(o)
ch.AddPeer(p)
cl.SaveUserToStateStore(user, true)
tp, err := ch.CreateTransactionProposal("exampleCC", "yacov", []string{"invoke", "a", "b", "1"}, true, nil)
assert.NoError(t, err)
assert.NotNil(t, tp)
resp, err := channel.SendTransactionProposal(tp, 1, []apitxn.ProposalProcessor{p})
assert.NoError(t, err)
fmt.Println(string(resp[0].TransactionProposalResult.ProposalResponse.Response.Payload))
txn, err := ch.CreateTransaction(resp)
assert.NoError(t, err)
txnResp, err := ch.SendTransaction(txn)
assert.NoError(t, err)
fmt.Println(txnResp[0])
time.Sleep(time.Second * 5)
tp, err = ch.CreateTransactionProposal("exampleCC", "yacov", []string{"query", "a"}, true, nil)
resp, err = channel.SendTransactionProposal(tp, 1, []apitxn.ProposalProcessor{p})
fmt.Println(string(resp[0].TransactionProposalResult.ProposalResponse.Response.Payload))
}
solution2
0 2017-07-09 01:56:09
Please refer to the e2e_cli example in fabric project, by using the script generateArtifacts.sh, you will get the certificate files and genesis block. When you start you node server, you read the certificate directly from the existing file instead of getting them from CA server, actually you don't need to run the CA server.
The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.