v1.0.0-alpha

分支 (13)

标签 (42)

管理

管理

master

release-2.2

release-2.1

release-2.0

release-1.4

release-1.1

release-1.3

release-1.2

release-1.0

v0.6

v1.0.0-preview

feature/convergence

feature/ca

v2.2.0

v2.1.1

v1.4.7

v2.1.0

v2.0.1

v1.4.6

v1.4.5

v2.0.0

v2.0.0-beta

v1.4.4

v1.4.3

v1.4.2

v1.4.1

v2.0.0-alpha

v1.4.1-rc1

v1.4.0

v1.4.0-rc2

v1.4.0-rc1

v1.3.0

v1.2.1

fabric
/
accesscontrol
/
impl
/
chaincode.go

package impl

import (
	"github.com/hyperledger/fabric/accesscontrol"
	"github.com/hyperledger/fabric/accesscontrol/crypto/attr"
	"github.com/hyperledger/fabric/accesscontrol/crypto/ecdsa"
	"github.com/hyperledger/fabric/core/chaincode/shim"
	"github.com/hyperledger/fabric/core/crypto/primitives"
)

// NewAccessControlShim create a new AccessControlShim instance
func NewAccessControlShim(stub shim.ChaincodeStubInterface) *AccessControlShim {
	// TODO: The package accesscontrol still depends on the initialization
	// of the primitives package.
	// This has to be removed by using the BCCSP which will carry this information.
	// A similar approach has been used to remove the calls
	// to InitSecurityLevel and SetSecurityLevel from the core.
	primitives.SetSecurityLevel("SHA2", 256)

	return &AccessControlShim{stub}
}

// AccessControlShim wraps the object passed to chaincode for shim side handling of
// APIs to provide access control capabilities.
type AccessControlShim struct {
	stub shim.ChaincodeStubInterface
}

//ReadCertAttribute is used to read an specific attribute from the transaction certificate, *attributeName* is passed as input parameter to this function.
// Example:
//  attrValue,error:=stub.ReadCertAttribute("position")
func (shim *AccessControlShim) ReadCertAttribute(attributeName string) ([]byte, error) {
	attributesHandler, err := attr.NewAttributesHandlerImpl(shim.stub)
	if err != nil {
		return nil, err
	}
	return attributesHandler.GetValue(attributeName)
}

//VerifyAttribute is used to verify if the transaction certificate has an attribute with name *attributeName* and value *attributeValue* which are the input parameters received by this function.
//Example:
//    containsAttr, error := stub.VerifyAttribute("position", "Software Engineer")
func (shim *AccessControlShim) VerifyAttribute(attributeName string, attributeValue []byte) (bool, error) {
	attributesHandler, err := attr.NewAttributesHandlerImpl(shim.stub)
	if err != nil {
		return false, err
	}
	return attributesHandler.VerifyAttribute(attributeName, attributeValue)
}

//VerifyAttributes does the same as VerifyAttribute but it checks for a list of attributes and their respective values instead of a single attribute/value pair
// Example:
//    containsAttrs, error:= stub.VerifyAttributes(&attr.Attribute{"position",  "Software Engineer"}, &attr.Attribute{"company", "ACompany"})
func (shim *AccessControlShim) VerifyAttributes(attrs ...*accesscontrol.Attribute) (bool, error) {
	attributesHandler, err := attr.NewAttributesHandlerImpl(shim.stub)
	if err != nil {
		return false, err
	}
	return attributesHandler.VerifyAttributes(attrs...)
}

// VerifySignature verifies the transaction signature and returns `true` if
// correct and `false` otherwise
func (shim *AccessControlShim) VerifySignature(certificate, signature, message []byte) (bool, error) {
	// Instantiate a new SignatureVerifier
	sv := ecdsa.NewX509ECDSASignatureVerifier()

	// Verify the signature
	return sv.Verify(certificate, signature, message)
}