代码拉取完成,页面将自动刷新
/*
Copyright IBM Corp. All Rights Reserved.
SPDX-License-Identifier: Apache-2.0
*/
package msgprocessor
import (
"time"
"github.com/hyperledger/fabric/common/channelconfig"
"github.com/hyperledger/fabric/common/crypto"
"github.com/hyperledger/fabric/protos/common"
"github.com/pkg/errors"
)
type resources interface {
// OrdererConfig returns the config.Orderer for the channel
// and whether the Orderer config exists
OrdererConfig() (channelconfig.Orderer, bool)
}
// NewExpirationRejectRule returns a rule that rejects messages signed by identities
// who's identities have expired, given the capability is active
func NewExpirationRejectRule(filterSupport resources) Rule {
return &expirationRejectRule{filterSupport: filterSupport}
}
type expirationRejectRule struct {
filterSupport resources
}
// Apply checks whether the identity that created the envelope has expired
func (exp *expirationRejectRule) Apply(message *common.Envelope) error {
ordererConf, ok := exp.filterSupport.OrdererConfig()
if !ok {
logger.Panic("Programming error: orderer config not found")
}
if !ordererConf.Capabilities().ExpirationCheck() {
return nil
}
signedData, err := message.AsSignedData()
if err != nil {
return errors.Errorf("could not convert message to signedData: %s", err)
}
expirationTime := crypto.ExpiresAt(signedData[0].Identity)
// Identity cannot expire, or identity has not expired yet
if expirationTime.IsZero() || time.Now().Before(expirationTime) {
return nil
}
return errors.New("identity expired")
}
此处可能存在不合适展示的内容,页面不予展示。您可通过相关编辑功能自查并修改。
如您确认内容无涉及 不当用语 / 纯广告导流 / 暴力 / 低俗色情 / 侵权 / 盗版 / 虚假 / 无价值内容或违法国家有关法律法规的内容,可点击提交进行申诉,我们将尽快为您处理。