func isEqual(src, dst *obc.Transaction) error {
if !reflect.DeepEqual(src.Payload, dst.Payload) {
return fmt.Errorf("Different Payload [%s]!=[%s].", utils.EncodeBase64(src.Payload), utils.EncodeBase64(dst.Payload))
}
if !reflect.DeepEqual(src.ChaincodeID, dst.ChaincodeID) {
return fmt.Errorf("Different ChaincodeID [%s]!=[%s].", utils.EncodeBase64(src.ChaincodeID), utils.EncodeBase64(dst.ChaincodeID))
}
if !reflect.DeepEqual(src.Metadata, dst.Metadata) {
return fmt.Errorf("Different Metadata [%s]!=[%s].", utils.EncodeBase64(src.Metadata), utils.EncodeBase64(dst.Metadata))
}
return nil
}
func (peer *peerImpl) getEnrollmentCert(id []byte) (*x509.Certificate, error) {
if len(id) == 0 {
return nil, fmt.Errorf("Invalid peer id. It is empty.")
}
sid := utils.EncodeBase64(id)
peer.Debugf("Getting enrollment certificate for [%s]", sid)
if cert := peer.getNodeEnrollmentCertificate(sid); cert != nil {
peer.Debugf("Enrollment certificate for [%s] already in memory.", sid)
return cert, nil
}
// Retrieve from the DB or from the ECA in case
peer.Debugf("Retrieve Enrollment certificate for [%s]...", sid)
rawCert, err := peer.ks.GetSignEnrollmentCert(id, peer.getEnrollmentCertByHashFromECA)
if err != nil {
peer.Errorf("Failed getting enrollment certificate for [%s]: [%s]", sid, err)
return nil, err
}
cert, err := primitives.DERToX509Certificate(rawCert)
if err != nil {
peer.Errorf("Failed parsing enrollment certificate for [%s]: [% x],[% x]", sid, rawCert, err)
return nil, err
}
peer.putNodeEnrollmentCertificate(sid, cert)
return cert, nil
}
func (ks *keyStore) GetSignEnrollmentCert(id []byte, certFetcher func(id []byte) ([]byte, []byte, error)) ([]byte, error) {
if len(id) == 0 {
return nil, fmt.Errorf("Invalid peer id. It is empty.")
}
ks.m.Lock()
defer ks.m.Unlock()
sid := utils.EncodeBase64(id)
certSign, certEnc, err := ks.selectSignEnrollmentCert(sid)
if err != nil {
ks.node.error("Failed selecting enrollment cert [%s].", err.Error())
return nil, err
}
if certSign == nil {
ks.node.debug("Cert for [%s] not available. Fetching from ECA....", sid)
// If No cert is available, fetch from ECA
// 1. Fetch
ks.node.debug("Fectch Enrollment Certificate from ECA...")
certSign, certEnc, err = certFetcher(id)
if err != nil {
return nil, err
}
// 2. Store
ks.node.debug("Store certificate...")
tx, err := ks.sqlDB.Begin()
if err != nil {
ks.node.error("Failed beginning transaction [%s].", err.Error())
return nil, err
}
ks.node.debug("Insert id [%s].", sid)
ks.node.debug("Insert cert [% x].", certSign)
_, err = tx.Exec("INSERT INTO Certificates (id, certsign, certenc) VALUES (?, ?, ?)", sid, certSign, certEnc)
if err != nil {
ks.node.error("Failed inserting cert [%s].", err.Error())
tx.Rollback()
return nil, err
}
err = tx.Commit()
if err != nil {
ks.node.error("Failed committing transaction [%s].", err.Error())
tx.Rollback()
return nil, err
}
ks.node.debug("Fectch Enrollment Certificate from ECA...done!")
certSign, certEnc, err = ks.selectSignEnrollmentCert(sid)
if err != nil {
ks.node.error("Failed selecting next TCert after fetching [%s].", err.Error())
return nil, err
}
}
ks.node.debug("Cert for [%s] = [% x]", sid, certSign)
return certSign, nil
}