func (t *AssetManagementChaincode) isCaller(stub *shim.ChaincodeStub, certificate []byte) (bool, error) { // In order to enforce access control, we require that the // metadata contains the signature under the signing key corresponding // to the verification key inside certificate of // the payload of the transaction (namely, function name and args) and // the transaction binding (to avoid copying attacks) // Verify \sigma=Sign(certificate.sk, tx.Payload||tx.Binding) against certificate.vk // \sigma is in the metadata sigma, err := stub.GetCallerMetadata() if err != nil { return false, errors.New("Failed getting metadata") } payload, err := stub.GetPayload() if err != nil { return false, errors.New("Failed getting payload") } binding, err := stub.GetBinding() if err != nil { return false, errors.New("Failed getting binding") } myLogger.Debug("passed certificate [% x]", certificate) myLogger.Debug("passed sigma [% x]", sigma) myLogger.Debug("passed payload [% x]", payload) myLogger.Debug("passed binding [% x]", binding) return stub.VerifySignature( certificate, sigma, append(payload, binding...), ) }