这篇文章主要为大家展示了“Hyperledger Fabric中通过SDK和Hyperledger Fabric Blockchain交互的示例分析”,内容简而易懂,条理清晰,希望能够帮助大家解决疑惑,下面让小编带领大家一起研究并学习一下“Hyperledger Fabric中通过SDK和Hyperledger Fabric Blockchain交互的示例分析”这篇文章吧。
首先看 enroll (登录) admin 过程。
'use strict'; /* * Copyright IBM Corp All Rights Reserved * * SPDX-License-Identifier: Apache-2.0 */ /* * Enroll the admin user */ var Fabric_Client = require('fabric-client'); var Fabric_CA_Client = require('fabric-ca-client'); var path = require('path'); var util = require('util'); var os = require('os'); // var fabric_client = new Fabric_Client(); var fabric_ca_client = null; var admin_user = null; var member_user = null; var store_path = path.join(__dirname, 'hfc-key-store'); console.log(' Store path:'+store_path); // create the key value store as defined in the fabric-client/config/default.json 'key-value-store' setting Fabric_Client.newDefaultKeyValueStore({ path: store_path }).then((state_store) => { // assign the store to the fabric client fabric_client.setStateStore(state_store); var crypto_suite = Fabric_Client.newCryptoSuite(); // use the same location for the state store (where the users' certificate are kept) // and the crypto store (where the users' keys are kept) var crypto_store = Fabric_Client.newCryptoKeyStore({path: store_path}); crypto_suite.setCryptoKeyStore(crypto_store); fabric_client.setCryptoSuite(crypto_suite); var tlsOptions = { trustedRoots: [], verify: false }; // be sure to change the http to https when the CA is running TLS enabled fabric_ca_client = new Fabric_CA_Client('http://localhost:7054', tlsOptions , 'ca.example.com', crypto_suite); // first check to see if the admin is already enrolled return fabric_client.getUserContext('admin', true); }).then((user_from_store) => { if (user_from_store && user_from_store.isEnrolled()) { console.log('Successfully loaded admin from persistence'); admin_user = user_from_store; return null; } else { // need to enroll it with CA server return fabric_ca_client.enroll({ enrollmentID: 'admin', enrollmentSecret: 'adminpw' }).then((enrollment) => { console.log('Successfully enrolled admin user "admin"'); return fabric_client.createUser( {username: 'admin', mspid: 'Org1MSP', cryptoContent: { privateKeyPEM: enrollment.key.toBytes(), signedCertPEM: enrollment.certificate } }); }).then((user) => { admin_user = user; return fabric_client.setUserContext(admin_user); }).catch((err) => { console.error('Failed to enroll and persist admin. Error: ' + err.stack ? err.stack : err); throw new Error('Failed to enroll admin'); }); } }).then(() => { console.log('Assigned the admin user to the fabric client ::' + admin_user.toString()); }).catch((err) => { console.error('Failed to enroll admin: ' + err); });
和其他所有程序一样, 首先需要加载相应的lib, 这里加载 fabric-client 和 fabric-ca-client.
var Fabric_Client = require("fabric-client"); var Fabric_CA_Client = require("fabric-ca-client");
然后初始化Fabric_Client 和 Fabric_CA_Client对象
var fabric_client = new Fabric_Client(); var fabric_ca_client = null; //fabric_ca_client = new Fabric_CA_Client("http://localhost:7054", tlsOption, "ca.example.com", crypto_suite)
同时需要创建一个admin_user对象, 一个member_user对象,和一个目录对象用来存储用户持久化信息和证书信息。
var admin_user = null; var member_user = null; var store_path = path.join(__dirname, "hfc-key-store"); //指定当前目录下的hfc_key_store文件夹
接下来创建key-value store, 这里调用Fabric_Client的static方法, 并且根据fabric-client/config/default.json配置文件中的key-value-store决定实现, 也就是前面说的Node SDK的默认实现。
我们看源码:
Fabric_Client.newDefaultKeyValueStore({path: store_path}) .then((state_store) => { // })...
此方法调用的是BaseClient.js的接口, 该接口位于 fabric-client/lib/BaseClient.js。
var sdkUtils = require('./utils.js'); static newDefaultKeyValueStore(options) { return sdkUtils.newKeyValueStore(options); }
通过阅读源码发现, 实际上调用的是sdkUtils的方法, 该方法实际上调用fabric-client/lib/utils.js的 newKeyValueStore方法。
// Provide a Promise-based keyValueStore for couchdb, etc. module.exports.newKeyValueStore = function(options) { // initialize the correct KeyValueStore var kvsEnv = this.getConfigSetting('key-value-store'); var store = require(kvsEnv); return Promise.resolve(new store(options)); };
此处, 程序首先从获取key-value-store的配置, 然后动态加载该模块, 然后返回Promise。可以看出, SDK提供了不同的KeyvalueStore实现, 默认为FileKeyValueStore实现, fabric-client/config/default.json中指定。
我们看default.json文件
{ ... "key-value-store": "fabric-client/lib/impl/FileKeyValueStore.js", "certificate-authority-client": "fabric-ca-client", "nonce-size" : 24, ... }
在fabric-client/lib/impl下可以看到, SDK提供了2种不同的实现:
FileKeyValueStore , CouchDBKeyValueStore.
我们看FileKeyValueStore的实现。在FileKeyValueStore的构造函数中, 有这么一段:
// Create the keyValStore instance super(); var self = this; this._dir = options.path; return new Promise(function (resolve, reject) { fs.mkdirs(self._dir, function (err) { if (err) { logger.error('constructor, error creating directory, code: %s' , err.code); return reject(err); } return resolve(self); }); });
这一步执行后, 生成上面指定的hfc-key-store目录。 在看 FileKeyValueStore, 实际上实现了 setKey(name, value) 和 getValue(name) 方法。
上面步骤执行成功后, 拿到KeyValueStore对象,然后执行一下操作:
// assign the store to the fabric client fabric_client.setStateStore(state_store); var crypto_suite = Fabric_Client.newCryptoSuite(); // use the same location for the state store (where the users' certificate are kept) // and the crypto store (where the users' keys are kept) var crypto_store = Fabric_Client.newCryptoKeyStore({path: store_path}); crypto_suite.setCryptoKeyStore(crypto_store); fabric_client.setCryptoSuite(crypto_suite); var tlsOptions = { trustedRoots: [], verify: false }; // be sure to change the http to https when the CA is running TLS enabled fabric_ca_client = new Fabric_CA_Client('http://localhost:7054', tlsOptions , 'ca.example.com', crypto_suite); // first check to see if the admin is already enrolled return fabric_client.getUserContext('admin', true);
1 生成CrytoKeyStore, 用来存储用户的密钥和用户的证书(状态)。
var crypto_store = Fabric_Client.newCryptoKeyStore({path: store_path});
这里调用的是BaseClient.js的方法:
static newCryptoKeyStore(KVSImplClass, opts) { return sdkUtils.newCryptoKeyStore(KVSImplClass, opts); }
这里调用util.js中的方法
module.exports.newCryptoKeyStore = function(KVSImplClass, opts) { // this function supports skipping any of the arguments such that it can be called in any of the following fashions: // - newCryptoKeyStore(CouchDBKeyValueStore, {name: 'member_db', url: 'http://localhost:5984'}) // - newCryptoKeyStore({path: '/tmp/app-state-store'}) // - newCryptoKeyStore() return new CryptoKeyStore(KVSImplClass, opts); };
2 生成CryptoSuite
var crypto_suite = Fabric_Client.newCryptoSuite(); crypto_suite.setCryptoKeyStore(crypto_store);
3 指定 fabric_client的StateStore 和 CryptoSuite
fabric_client.setStateStore(state_store); fabric_client.setCryptoSuite(crypto_suite);
4 连接到Fabric CA
var tlsOptions = { trustedRoots: [], verify: false }; // be sure to change the http to https when the CA is running TLS enabled fabric_ca_client = new Fabric_CA_Client('http://localhost:7054', tlsOptions , 'ca.example.com', crypto_suite);
5 检查admin是否enroll
fabric_client.getUserContext('admin', true);
这一步返回一个User对象。true用于检测是否持久化。
同样看代码:
if (user_from_store && user_from_store.isEnrolled()) { console.log('Successfully loaded admin from persistence'); admin_user = user_from_store; return null; } else { // need to enroll it with CA server return fabric_ca_client.enroll({ enrollmentID: 'admin', enrollmentSecret: 'adminpw' }).then((enrollment) => { console.log('Successfully enrolled admin user "admin"'); return fabric_client.createUser( {username: 'admin', mspid: 'Org1MSP', cryptoContent: { privateKeyPEM: enrollment.key.toBytes(), signedCertPEM: enrollment.certificate } }); }).then((user) => { admin_user = user; return fabric_client.setUserContext(admin_user); }).catch((err) => { console.error('Failed to enroll and persist admin. Error: ' + err.stack ? err.stack : err); throw new Error('Failed to enroll admin'); }); }
这里检测User对象是否已经reroll, 否则先reroll, 然后register用户。
1 检测用户状态
if (user_from_store && user_from_store.isEnrolled()) { console.log('Successfully loaded admin from persistence'); admin_user = user_from_store; return null; }
这里User的API文档见:Hyperledger Fabric SDK for node.js Class: User 。
如果检测到用户已经reroll, 则说明当前用户已经reroll, 并且证书有效, 可以使用此证书进行后续操作, 否则需要注册用户。
2 reroll
return fabric_ca_client.enroll({ enrollmentID: 'admin', enrollmentSecret: 'adminpw' }).then((enrollment) => { // });
此处的admin用户为配置文件中的启动用户,或者说是引导用户身份。或者应该是注册的具有相关权限的用户。
这一步执行后, 在hfc-key-store目录下产生af37da4c94057cd98f288a671703d346c7a79a79acd28ea8de7bf03cf04baf36-priv 文件, 内容为:
ThinkPad-L430:/opt/fabric-samples/fabcar$ ls hfc-key-store/ af37da4c94057cd98f288a671703d346c7a79a79acd28ea8de7bf03cf04baf36-priv ThinkPad-L430:/opt/fabric-samples/fabcar$ cat hfc-key-store/af37da4c94057cd98f288a671703d346c7a79a79acd28ea8de7bf03cf04baf36-priv -----BEGIN PRIVATE KEY----- MIGHAgEAMBMGByqGSM49AgEGCCqGSM49AwEHBG0wawIBAQQgBqYfrwZerZFT2MU4 Dl5uyQxX2KyPzFu0ZUN14NDlMBuhRANCAARgBxgXvWsvWIPoxA8R1G+2A2D6YGtE NmE2ZTAeNXHJ+fWzitjOLrwaHKwl42/9sXfAaQP3WWYcEdSKicNrXTH3 -----END PRIVATE KEY-----
并且返回的enrollment对象内容为:
{ key: ECDSA_KEY { _key: { type: 'EC', isPrivate: true, isPublic: false, getBigRandom: [Function], setNamedCurve: [Function], setPrivateKeyHex: [Function], setPublicKeyHex: [Function], getPublicKeyXYHex: [Function], getShortNISTPCurveName: [Function], generateKeyPairHex: [Function], signWithMessageHash: [Function], signHex: [Function], sign: [Function], verifyWithMessageHash: [Function], verifyHex: [Function], verify: [Function], verifyRaw: [Function], serializeSig: [Function], parseSig: [Function], parseSigCompact: [Function], readPKCS5PrvKeyHex: [Function], readPKCS8PrvKeyHex: [Function], readPKCS8PubKeyHex: [Function], readCertPubKeyHex: [Function], curveName: 'secp256r1', ecparams: [Object], prvKeyHex: '06a61faf065ead9153d8c5380e5e6ec90c57d8ac8fcc5bb4654375e0d0e5301b', pubKeyHex: '0460071817bd6b2f5883e8c40f11d46fb60360fa606b4436613665301e3571c9f9f5b38ad8ce2ebc1a1cac25e36ffdb177c06903f759661c11d48a89c36b5d31f7' } }, certificate: '-----BEGIN CERTIFICATE-----\nMIIB6jCCAZGgAwIBAgIUbwp/ziKtelTXH+F+t+KUPUp2H6gwCgYIKoZIzj0EAwIw\naDELMAkGA1UEBhMCVVMxFzAVBgNVBAgTDk5vcnRoIENhcm9saW5hMRQwEgYDVQQK\nEwtIeXBlcmxlZGdlcjEPMA0GA1UECxMGRmFicmljMRkwFwYDVQQDExBmYWJyaWMt\nY2Etc2VydmVyMB4XDTE4MDcxMzAyMTYwMFoXDTE5MDcxMzAyMjEwMFowITEPMA0G\nA1UECxMGY2xpZW50MQ4wDAYDVQQDEwVhZG1pbjBZMBMGByqGSM49AgEGCCqGSM49\nAwEHA0IABGAHGBe9ay9Yg+jEDxHUb7YDYPpga0Q2YTZlMB41ccn59bOK2M4uvBoc\nrCXjb/2xd8BpA/dZZhwR1IqJw2tdMfejYDBeMA4GA1UdDwEB/wQEAwIHgDAMBgNV\nHRMBAf8EAjAAMB0GA1UdDgQWBBSVRkLelRKZo4YdwGsdCouXu4KkzjAfBgNVHSME\nGDAWgBSh2y67zVpnp1sh4kHj2x4mD5Rx4zAKBggqhkjOPQQDAgNHADBEAiAU3UEg\nx4q+vkWJRKjzXgzvZWUhAaAbHihFfjHmBmqKUQIgXDZfiLVVHkfOTIBoAIvTp2Ek\n8KVd0T9j8mlU7Sj3T7k=\n-----END CERTIFICATE-----\n', rootCertificate: '-----BEGIN CERTIFICATE-----\nMIICFzCCAb2gAwIBAgIUdjYbUaxnBoP/JrvomKxCZuwVeDQwCgYIKoZIzj0EAwIw\naDELMAkGA1UEBhMCVVMxFzAVBgNVBAgTDk5vcnRoIENhcm9saW5hMRQwEgYDVQQK\nEwtIeXBlcmxlZGdlcjEPMA0GA1UECxMGRmFicmljMRkwFwYDVQQDExBmYWJyaWMt\nY2Etc2VydmVyMB4XDTE4MDcxMDA2NTQwMFoXDTMzMDcwNjA2NTQwMFowaDELMAkG\nA1UEBhMCVVMxFzAVBgNVBAgTDk5vcnRoIENhcm9saW5hMRQwEgYDVQQKEwtIeXBl\ncmxlZGdlcjEPMA0GA1UECxMGRmFicmljMRkwFwYDVQQDExBmYWJyaWMtY2Etc2Vy\ndmVyMFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAESzbX2rdDUJWHu+K0C91A1Ukh\np/AIhEUp6J5SrxqrLJIh8bEv8Kv722Yj05qvVwFNi/0iRoCCNBM7XNMrpwqkEKNF\nMEMwDgYDVR0PAQH/BAQDAgEGMBIGA1UdEwEB/wQIMAYBAf8CAQEwHQYDVR0OBBYE\nFKHXLrvNWmenWyHeQePbHiYPlHHjMAoGCCqGSM49BAMCA0gAMEUCIQCoCz/1dpIt\nGYozrxTcBrgsEfGCkkN9JsSr5BtSGPoCMQIgbVBTgXyPGOBf4jk2Mo9DK4zZIrkF\n56GY03W/ZiZY6Zg=\n-----END CERTIFICATE-----\n' }
3 register
fabric_client.createUser( {username: 'admin', mspid: 'Org1MSP', cryptoContent: { privateKeyPEM: enrollment.key.toBytes(), signedCertPEM: enrollment.certificate } }); }).then((user) => { // });
执行结果:
ThinkPad-L430:/opt/fabric-samples/fabcar$ ls hfc-key-store/ 2124ac635ac52a4c5d13c32812768ebe6837ae288bfa351c3712b9160f502214-priv admin 2124ac635ac52a4c5d13c32812768ebe6837ae288bfa351c3712b9160f502214-pub ThinkPad-L430:/opt/fabric-samples/fabcar$ cat hfc-key-store/2124ac635ac52a4c5d13c32812768ebe6837ae288bfa351c3712b9160f502214-pub -----BEGIN PUBLIC KEY----- MFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAEnUNKr708UFaMWRHbdfcM8oTW130U H/u7X3tH+/88RQR5O8sA5EyKsMMi5OgrhwQkRbYZ8FUIiZuHRZUxL9as1w== -----END PUBLIC KEY----- ThinkPad-L430:/opt/fabric-samples/fabcar$ cat hfc-key-store/admin {"name":"admin","mspid":"Org1MSP","roles":null,"affiliation":"","enrollmentSecret":"","enrollment":{"signingIdentity":"2124ac635ac52a4c5d13c32812768ebe6837ae288bfa351c3712b9160f502214","identity":{"certificate":"-----BEGIN CERTIFICATE-----\nMIIB6zCCAZGgAwIBAgIUMR8qzOAWUEfAzYlvCzQ4yTL7AHAwCgYIKoZIzj0EAwIw\naDELMAkGA1UEBhMCVVMxFzAVBgNVBAgTDk5vcnRoIENhcm9saW5hMRQwEgYDVQQK\nEwtIeXBlcmxlZGdlcjEPMA0GA1UECxMGRmFicmljMRkwFwYDVQQDExBmYWJyaWMt\nY2Etc2VydmVyMB4XDTE4MDcxMzAyMjUwMFoXDTE5MDcxMzAyMzAwMFowITEPMA0G\nA1UECxMGY2xpZW50MQ4wDAYDVQQDEwVhZG1pbjBZMBMGByqGSM49AgEGCCqGSM49\nAwEHA0IABJ1DSq+9PFBWjFkR23X3DPKE1td9FB/7u197R/v/PEUEeTvLAORMirDD\nIuToK4cEJEW2GfBVCImbh0WVMS/WrNejYDBeMA4GA1UdDwEB/wQEAwIHgDAMBgNV\nHRMBAf8EAjAAMB0GA1UdDgQWBBSvDlI5ax6zbDAGj3wq+4N9EF8iwDAfBgNVHSME\nGDAWgBSh2y67zVpnp1sh4kHj2x4mD5Rx4zAKBggqhkjOPQQDAgNIADBFAiEAgzdL\n6GWqvEtD03uushzYHzPUkTf+CdSISutr1hCQunkCIBY+LlllnXtW5iFnEcktP5RH\nnPmYhhiKe9DqeDw3H3ku\n-----END CERTIFICATE-----\n"}}}
这一步执行成功后, 需要设置fabric_client中的当前用户。
fabric_client.setUserContext(admin_user);
此刻, reroll整个过程完成。
以上是“Hyperledger Fabric中通过SDK和Hyperledger Fabric Blockchain交互的示例分析”这篇文章的所有内容,感谢各位的阅读!相信大家都有了一定的了解,希望分享的内容对大家有所帮助,如果还想学习更多知识,欢迎关注亿速云行业资讯频道!
免责声明:本站发布的内容(图片、视频和文字)以原创、转载和分享为主,文章观点不代表本网站立场,如果涉及侵权请联系站长邮箱:is@yisu.com进行举报,并提供相关证据,一经查实,将立刻删除涉嫌侵权内容。