温馨提示×

温馨提示×

您好,登录后才能下订单哦!

密码登录×
登录注册×
其他方式登录
点击 登录注册 即表示同意《亿速云用户服务条款》

Hyperledger Fabric中通过SDK和Hyperledger Fabric Blockchain交互的示例分析

发布时间:2021-12-06 14:41:13 来源:亿速云 阅读:177 作者:小新 栏目:互联网科技

这篇文章主要为大家展示了“Hyperledger Fabric中通过SDK和Hyperledger Fabric Blockchain交互的示例分析”,内容简而易懂,条理清晰,希望能够帮助大家解决疑惑,下面让小编带领大家一起研究并学习一下“Hyperledger Fabric中通过SDK和Hyperledger Fabric Blockchain交互的示例分析”这篇文章吧。

首先看 enroll (登录) admin 过程。

'use strict';
/*
* Copyright IBM Corp All Rights Reserved
*
* SPDX-License-Identifier: Apache-2.0
*/
/*
 * Enroll the admin user
 */

var Fabric_Client = require('fabric-client');
var Fabric_CA_Client = require('fabric-ca-client');

var path = require('path');
var util = require('util');
var os = require('os');

//
var fabric_client = new Fabric_Client();
var fabric_ca_client = null;
var admin_user = null;
var member_user = null;
var store_path = path.join(__dirname, 'hfc-key-store');
console.log(' Store path:'+store_path);

// create the key value store as defined in the fabric-client/config/default.json 'key-value-store' setting
Fabric_Client.newDefaultKeyValueStore({ path: store_path
}).then((state_store) => {
    // assign the store to the fabric client
    fabric_client.setStateStore(state_store);
    var crypto_suite = Fabric_Client.newCryptoSuite();
    // use the same location for the state store (where the users' certificate are kept)
    // and the crypto store (where the users' keys are kept)
    var crypto_store = Fabric_Client.newCryptoKeyStore({path: store_path});
    crypto_suite.setCryptoKeyStore(crypto_store);
    fabric_client.setCryptoSuite(crypto_suite);
    var	tlsOptions = {
    	trustedRoots: [],
    	verify: false
    };
    // be sure to change the http to https when the CA is running TLS enabled
    fabric_ca_client = new Fabric_CA_Client('http://localhost:7054', tlsOptions , 'ca.example.com', crypto_suite);

    // first check to see if the admin is already enrolled
    return fabric_client.getUserContext('admin', true);
}).then((user_from_store) => {
    if (user_from_store && user_from_store.isEnrolled()) {
        console.log('Successfully loaded admin from persistence');
        admin_user = user_from_store;
        return null;
    } else {
        // need to enroll it with CA server
        return fabric_ca_client.enroll({
          enrollmentID: 'admin',
          enrollmentSecret: 'adminpw'
        }).then((enrollment) => {
          console.log('Successfully enrolled admin user "admin"');
          return fabric_client.createUser(
              {username: 'admin',
                  mspid: 'Org1MSP',
                  cryptoContent: { privateKeyPEM: enrollment.key.toBytes(), signedCertPEM: enrollment.certificate }
              });
        }).then((user) => {
          admin_user = user;
          return fabric_client.setUserContext(admin_user);
        }).catch((err) => {
          console.error('Failed to enroll and persist admin. Error: ' + err.stack ? err.stack : err);
          throw new Error('Failed to enroll admin');
        });
    }
}).then(() => {
    console.log('Assigned the admin user to the fabric client ::' + admin_user.toString());
}).catch((err) => {
    console.error('Failed to enroll admin: ' + err);
});

和其他所有程序一样, 首先需要加载相应的lib, 这里加载 fabric-client 和 fabric-ca-client.

var Fabric_Client = require("fabric-client");
var Fabric_CA_Client = require("fabric-ca-client");

然后初始化Fabric_Client 和 Fabric_CA_Client对象

var fabric_client = new Fabric_Client();
var fabric_ca_client = null;  
//fabric_ca_client =  new Fabric_CA_Client("http://localhost:7054", tlsOption, "ca.example.com", crypto_suite)

同时需要创建一个admin_user对象, 一个member_user对象,和一个目录对象用来存储用户持久化信息和证书信息。

var admin_user = null;
var member_user = null;
var store_path = path.join(__dirname, "hfc-key-store"); //指定当前目录下的hfc_key_store文件夹

生成key value 存储 (create the key value store)

接下来创建key-value store, 这里调用Fabric_Client的static方法, 并且根据fabric-client/config/default.json配置文件中的key-value-store决定实现, 也就是前面说的Node SDK的默认实现。

我们看源码:

Fabric_Client.newDefaultKeyValueStore({path: store_path})
             .then((state_store) => {
                  //
              })...

此方法调用的是BaseClient.js的接口, 该接口位于 fabric-client/lib/BaseClient.js。

  var sdkUtils = require('./utils.js');

  static newDefaultKeyValueStore(options) {
                return sdkUtils.newKeyValueStore(options);
        }

通过阅读源码发现, 实际上调用的是sdkUtils的方法, 该方法实际上调用fabric-client/lib/utils.js的 newKeyValueStore方法。

// Provide a Promise-based keyValueStore for couchdb, etc.
module.exports.newKeyValueStore = function(options) {
        // initialize the correct KeyValueStore
        var kvsEnv = this.getConfigSetting('key-value-store');
        var store = require(kvsEnv);
        return Promise.resolve(new store(options));
};

此处, 程序首先从获取key-value-store的配置, 然后动态加载该模块, 然后返回Promise。可以看出, SDK提供了不同的KeyvalueStore实现, 默认为FileKeyValueStore实现, fabric-client/config/default.json中指定。

我们看default.json文件

{
	...
	"key-value-store": "fabric-client/lib/impl/FileKeyValueStore.js",
	"certificate-authority-client": "fabric-ca-client",
	"nonce-size" : 24,
	...
}

在fabric-client/lib/impl下可以看到, SDK提供了2种不同的实现:

FileKeyValueStore , CouchDBKeyValueStore.

我们看FileKeyValueStore的实现。在FileKeyValueStore的构造函数中, 有这么一段:

// Create the keyValStore instance
                super();

                var self = this;
                this._dir = options.path;
                return new Promise(function (resolve, reject) {
                        fs.mkdirs(self._dir, function (err) {
                                if (err) {
                                        logger.error('constructor, error creating directory, code: %s' , err.code);
                                        return reject(err);
                                }
                                return resolve(self);
                        });
                });

这一步执行后, 生成上面指定的hfc-key-store目录。 在看 FileKeyValueStore, 实际上实现了 setKey(name, value) 和 getValue(name) 方法。

配置fabric_client, 生成CryptoSuite

上面步骤执行成功后, 拿到KeyValueStore对象,然后执行一下操作:

// assign the store to the fabric client
    fabric_client.setStateStore(state_store);
    var crypto_suite = Fabric_Client.newCryptoSuite();
    // use the same location for the state store (where the users' certificate are kept)
    // and the crypto store (where the users' keys are kept)
    var crypto_store = Fabric_Client.newCryptoKeyStore({path: store_path});
    crypto_suite.setCryptoKeyStore(crypto_store);
    fabric_client.setCryptoSuite(crypto_suite);
    var tlsOptions = {
        trustedRoots: [],
        verify: false
    };
    // be sure to change the http to https when the CA is running TLS enabled
    fabric_ca_client = new Fabric_CA_Client('http://localhost:7054', tlsOptions , 'ca.example.com', crypto_suite);

    // first check to see if the admin is already enrolled
    return fabric_client.getUserContext('admin', true);

1 生成CrytoKeyStore, 用来存储用户的密钥和用户的证书(状态)。

     var crypto_store = Fabric_Client.newCryptoKeyStore({path: store_path});

这里调用的是BaseClient.js的方法:

  static newCryptoKeyStore(KVSImplClass, opts) {
                return sdkUtils.newCryptoKeyStore(KVSImplClass, opts);
        }

这里调用util.js中的方法

module.exports.newCryptoKeyStore = function(KVSImplClass, opts) {
        // this function supports skipping any of the arguments such that it can be called in any of the following fashions:
        // - newCryptoKeyStore(CouchDBKeyValueStore, {name: 'member_db', url: 'http://localhost:5984'})
        // - newCryptoKeyStore({path: '/tmp/app-state-store'})
        // - newCryptoKeyStore()
        return new CryptoKeyStore(KVSImplClass, opts);
};

2 生成CryptoSuite

var crypto_suite = Fabric_Client.newCryptoSuite();
crypto_suite.setCryptoKeyStore(crypto_store);

3 指定 fabric_client的StateStore 和 CryptoSuite

fabric_client.setStateStore(state_store);
fabric_client.setCryptoSuite(crypto_suite);

4 连接到Fabric CA

var tlsOptions = {
        trustedRoots: [],
        verify: false
    };
    // be sure to change the http to https when the CA is running TLS enabled
    fabric_ca_client = new Fabric_CA_Client('http://localhost:7054', tlsOptions , 'ca.example.com', crypto_suite);

5 检查admin是否enroll

fabric_client.getUserContext('admin', true);

这一步返回一个User对象。true用于检测是否持久化。

reroll & register

同样看代码:

  if (user_from_store && user_from_store.isEnrolled()) {
        console.log('Successfully loaded admin from persistence');
        admin_user = user_from_store;
        return null;
    } else {
        // need to enroll it with CA server
        return fabric_ca_client.enroll({
          enrollmentID: 'admin',
          enrollmentSecret: 'adminpw'
        }).then((enrollment) => {
          console.log('Successfully enrolled admin user "admin"');
          return fabric_client.createUser(
              {username: 'admin',
                  mspid: 'Org1MSP',
                  cryptoContent: { privateKeyPEM: enrollment.key.toBytes(), signedCertPEM: enrollment.certificate }
              });
        }).then((user) => {
          admin_user = user;
          return fabric_client.setUserContext(admin_user);
        }).catch((err) => {
          console.error('Failed to enroll and persist admin. Error: ' + err.stack ? err.stack : err);
          throw new Error('Failed to enroll admin');
        });
    }

这里检测User对象是否已经reroll, 否则先reroll, 然后register用户。

1 检测用户状态

if (user_from_store && user_from_store.isEnrolled()) {
        console.log('Successfully loaded admin from persistence');
        admin_user = user_from_store;
        return null;
    }

这里User的API文档见:Hyperledger Fabric SDK for node.js Class: User 。

如果检测到用户已经reroll, 则说明当前用户已经reroll, 并且证书有效, 可以使用此证书进行后续操作, 否则需要注册用户。

2 reroll

 return fabric_ca_client.enroll({
          enrollmentID: 'admin',
          enrollmentSecret: 'adminpw'
        }).then((enrollment) => {
//
        });

此处的admin用户为配置文件中的启动用户,或者说是引导用户身份。或者应该是注册的具有相关权限的用户。

这一步执行后, 在hfc-key-store目录下产生af37da4c94057cd98f288a671703d346c7a79a79acd28ea8de7bf03cf04baf36-priv 文件, 内容为:

ThinkPad-L430:/opt/fabric-samples/fabcar$ ls hfc-key-store/
af37da4c94057cd98f288a671703d346c7a79a79acd28ea8de7bf03cf04baf36-priv
ThinkPad-L430:/opt/fabric-samples/fabcar$ cat hfc-key-store/af37da4c94057cd98f288a671703d346c7a79a79acd28ea8de7bf03cf04baf36-priv 
-----BEGIN PRIVATE KEY-----
MIGHAgEAMBMGByqGSM49AgEGCCqGSM49AwEHBG0wawIBAQQgBqYfrwZerZFT2MU4
Dl5uyQxX2KyPzFu0ZUN14NDlMBuhRANCAARgBxgXvWsvWIPoxA8R1G+2A2D6YGtE
NmE2ZTAeNXHJ+fWzitjOLrwaHKwl42/9sXfAaQP3WWYcEdSKicNrXTH3
-----END PRIVATE KEY-----

并且返回的enrollment对象内容为:

{ key: 
   ECDSA_KEY {
     _key: 
      { type: 'EC',
        isPrivate: true,
        isPublic: false,
        getBigRandom: [Function],
        setNamedCurve: [Function],
        setPrivateKeyHex: [Function],
        setPublicKeyHex: [Function],
        getPublicKeyXYHex: [Function],
        getShortNISTPCurveName: [Function],
        generateKeyPairHex: [Function],
        signWithMessageHash: [Function],
        signHex: [Function],
        sign: [Function],
        verifyWithMessageHash: [Function],
        verifyHex: [Function],
        verify: [Function],
        verifyRaw: [Function],
        serializeSig: [Function],
        parseSig: [Function],
        parseSigCompact: [Function],
        readPKCS5PrvKeyHex: [Function],
        readPKCS8PrvKeyHex: [Function],
        readPKCS8PubKeyHex: [Function],
        readCertPubKeyHex: [Function],
        curveName: 'secp256r1',
        ecparams: [Object],
        prvKeyHex: '06a61faf065ead9153d8c5380e5e6ec90c57d8ac8fcc5bb4654375e0d0e5301b',
        pubKeyHex: '0460071817bd6b2f5883e8c40f11d46fb60360fa606b4436613665301e3571c9f9f5b38ad8ce2ebc1a1cac25e36ffdb177c06903f759661c11d48a89c36b5d31f7' } },
  certificate: '-----BEGIN CERTIFICATE-----\nMIIB6jCCAZGgAwIBAgIUbwp/ziKtelTXH+F+t+KUPUp2H6gwCgYIKoZIzj0EAwIw\naDELMAkGA1UEBhMCVVMxFzAVBgNVBAgTDk5vcnRoIENhcm9saW5hMRQwEgYDVQQK\nEwtIeXBlcmxlZGdlcjEPMA0GA1UECxMGRmFicmljMRkwFwYDVQQDExBmYWJyaWMt\nY2Etc2VydmVyMB4XDTE4MDcxMzAyMTYwMFoXDTE5MDcxMzAyMjEwMFowITEPMA0G\nA1UECxMGY2xpZW50MQ4wDAYDVQQDEwVhZG1pbjBZMBMGByqGSM49AgEGCCqGSM49\nAwEHA0IABGAHGBe9ay9Yg+jEDxHUb7YDYPpga0Q2YTZlMB41ccn59bOK2M4uvBoc\nrCXjb/2xd8BpA/dZZhwR1IqJw2tdMfejYDBeMA4GA1UdDwEB/wQEAwIHgDAMBgNV\nHRMBAf8EAjAAMB0GA1UdDgQWBBSVRkLelRKZo4YdwGsdCouXu4KkzjAfBgNVHSME\nGDAWgBSh2y67zVpnp1sh4kHj2x4mD5Rx4zAKBggqhkjOPQQDAgNHADBEAiAU3UEg\nx4q+vkWJRKjzXgzvZWUhAaAbHihFfjHmBmqKUQIgXDZfiLVVHkfOTIBoAIvTp2Ek\n8KVd0T9j8mlU7Sj3T7k=\n-----END CERTIFICATE-----\n',
  rootCertificate: '-----BEGIN CERTIFICATE-----\nMIICFzCCAb2gAwIBAgIUdjYbUaxnBoP/JrvomKxCZuwVeDQwCgYIKoZIzj0EAwIw\naDELMAkGA1UEBhMCVVMxFzAVBgNVBAgTDk5vcnRoIENhcm9saW5hMRQwEgYDVQQK\nEwtIeXBlcmxlZGdlcjEPMA0GA1UECxMGRmFicmljMRkwFwYDVQQDExBmYWJyaWMt\nY2Etc2VydmVyMB4XDTE4MDcxMDA2NTQwMFoXDTMzMDcwNjA2NTQwMFowaDELMAkG\nA1UEBhMCVVMxFzAVBgNVBAgTDk5vcnRoIENhcm9saW5hMRQwEgYDVQQKEwtIeXBl\ncmxlZGdlcjEPMA0GA1UECxMGRmFicmljMRkwFwYDVQQDExBmYWJyaWMtY2Etc2Vy\ndmVyMFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAESzbX2rdDUJWHu+K0C91A1Ukh\np/AIhEUp6J5SrxqrLJIh8bEv8Kv722Yj05qvVwFNi/0iRoCCNBM7XNMrpwqkEKNF\nMEMwDgYDVR0PAQH/BAQDAgEGMBIGA1UdEwEB/wQIMAYBAf8CAQEwHQYDVR0OBBYE\nFKHXLrvNWmenWyHeQePbHiYPlHHjMAoGCCqGSM49BAMCA0gAMEUCIQCoCz/1dpIt\nGYozrxTcBrgsEfGCkkN9JsSr5BtSGPoCMQIgbVBTgXyPGOBf4jk2Mo9DK4zZIrkF\n56GY03W/ZiZY6Zg=\n-----END CERTIFICATE-----\n' }

3 register

fabric_client.createUser(
              {username: 'admin',
                  mspid: 'Org1MSP',
                  cryptoContent: { privateKeyPEM: enrollment.key.toBytes(), signedCertPEM: enrollment.certificate }
              });
        }).then((user) => {
//
        });

执行结果:

ThinkPad-L430:/opt/fabric-samples/fabcar$ ls hfc-key-store/
2124ac635ac52a4c5d13c32812768ebe6837ae288bfa351c3712b9160f502214-priv  admin
2124ac635ac52a4c5d13c32812768ebe6837ae288bfa351c3712b9160f502214-pub
ThinkPad-L430:/opt/fabric-samples/fabcar$ cat hfc-key-store/2124ac635ac52a4c5d13c32812768ebe6837ae288bfa351c3712b9160f502214-pub 
-----BEGIN PUBLIC KEY-----
MFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAEnUNKr708UFaMWRHbdfcM8oTW130U
H/u7X3tH+/88RQR5O8sA5EyKsMMi5OgrhwQkRbYZ8FUIiZuHRZUxL9as1w==
-----END PUBLIC KEY-----
ThinkPad-L430:/opt/fabric-samples/fabcar$ cat hfc-key-store/admin 
{"name":"admin","mspid":"Org1MSP","roles":null,"affiliation":"","enrollmentSecret":"","enrollment":{"signingIdentity":"2124ac635ac52a4c5d13c32812768ebe6837ae288bfa351c3712b9160f502214","identity":{"certificate":"-----BEGIN CERTIFICATE-----\nMIIB6zCCAZGgAwIBAgIUMR8qzOAWUEfAzYlvCzQ4yTL7AHAwCgYIKoZIzj0EAwIw\naDELMAkGA1UEBhMCVVMxFzAVBgNVBAgTDk5vcnRoIENhcm9saW5hMRQwEgYDVQQK\nEwtIeXBlcmxlZGdlcjEPMA0GA1UECxMGRmFicmljMRkwFwYDVQQDExBmYWJyaWMt\nY2Etc2VydmVyMB4XDTE4MDcxMzAyMjUwMFoXDTE5MDcxMzAyMzAwMFowITEPMA0G\nA1UECxMGY2xpZW50MQ4wDAYDVQQDEwVhZG1pbjBZMBMGByqGSM49AgEGCCqGSM49\nAwEHA0IABJ1DSq+9PFBWjFkR23X3DPKE1td9FB/7u197R/v/PEUEeTvLAORMirDD\nIuToK4cEJEW2GfBVCImbh0WVMS/WrNejYDBeMA4GA1UdDwEB/wQEAwIHgDAMBgNV\nHRMBAf8EAjAAMB0GA1UdDgQWBBSvDlI5ax6zbDAGj3wq+4N9EF8iwDAfBgNVHSME\nGDAWgBSh2y67zVpnp1sh4kHj2x4mD5Rx4zAKBggqhkjOPQQDAgNIADBFAiEAgzdL\n6GWqvEtD03uushzYHzPUkTf+CdSISutr1hCQunkCIBY+LlllnXtW5iFnEcktP5RH\nnPmYhhiKe9DqeDw3H3ku\n-----END CERTIFICATE-----\n"}}}

这一步执行成功后, 需要设置fabric_client中的当前用户。

fabric_client.setUserContext(admin_user);

此刻, reroll整个过程完成。

以上是“Hyperledger Fabric中通过SDK和Hyperledger Fabric Blockchain交互的示例分析”这篇文章的所有内容,感谢各位的阅读!相信大家都有了一定的了解,希望分享的内容对大家有所帮助,如果还想学习更多知识,欢迎关注亿速云行业资讯频道!

向AI问一下细节

免责声明:本站发布的内容(图片、视频和文字)以原创、转载和分享为主,文章观点不代表本网站立场,如果涉及侵权请联系站长邮箱:is@yisu.com进行举报,并提供相关证据,一经查实,将立刻删除涉嫌侵权内容。

AI