func (t *AssetManagementChaincode) init(stub *shim.ChaincodeStub, args []string) ([]byte, error) {
myLogger.Info("[AssetManagementChaincode] Init")
if len(args) != 0 {
return nil, errors.New("Incorrect number of arguments. Expecting 0")
}
// Create ownership table
err := stub.CreateTable("AssetsOwnership", []*shim.ColumnDefinition{
&shim.ColumnDefinition{"Asset", shim.ColumnDefinition_STRING, true},
&shim.ColumnDefinition{"Owner", shim.ColumnDefinition_BYTES, false},
})
if err != nil {
return nil, errors.New("Failed creating AssetsOnwership table.")
}
// Set the admin
// The metadata will contain the certificate of the administrator
adminCert, err := stub.GetCallerMetadata()
if err != nil {
return nil, errors.New("Failed getting metadata.")
}
if len(adminCert) == 0 {
return nil, errors.New("Invalid admin certificate. Empty.")
}
stub.PutState("admin", adminCert)
return nil, nil
}
func (t *AssetManagementChaincode) isCaller(stub *shim.ChaincodeStub, certificate []byte) (bool, error) {
// In order to enforce access control, we require that the
// metadata contains the signature under the signing key corresponding
// to the verification key inside certificate of
// the payload of the transaction (namely, function name and args) and
// the transaction binding (to avoid copying attacks)
// Verify \sigma=Sign(certificate.sk, tx.Payload||tx.Binding) against certificate.vk
// \sigma is in the metadata
sigma, err := stub.GetCallerMetadata()
if err != nil {
return false, errors.New("Failed getting metadata")
}
payload, err := stub.GetPayload()
if err != nil {
return false, errors.New("Failed getting payload")
}
binding, err := stub.GetBinding()
if err != nil {
return false, errors.New("Failed getting binding")
}
myLogger.Debug("passed certificate [% x]", certificate)
myLogger.Debug("passed sigma [% x]", sigma)
myLogger.Debug("passed payload [% x]", payload)
myLogger.Debug("passed binding [% x]", binding)
return stub.VerifySignature(
certificate,
sigma,
append(payload, binding...),
)
}
