/**
* Create Idemix Identity from a Serialized Identity
*
* @param proto
*/
public IdemixIdentity(SerializedIdentity proto)
{
if (proto == null)
{
throw new ArgumentException("Input must not be null");
}
mspId = proto.Mspid;
try
{
logger.Trace("Fetching Idemix Proto");
SerializedIdemixIdentity idemixProto = SerializedIdemixIdentity.Parser.ParseFrom(proto.IdBytes);
if (idemixProto == null)
{
throw new ArgumentException("The identity does not contain a serialized idemix identity");
}
logger.Trace("Deserializing Nym and attribute values");
pseudonym = new ECP(BIG.FromBytes(idemixProto.NymX.ToByteArray()), BIG.FromBytes(idemixProto.NymY.ToByteArray()));
OrganizationUnit ou = OrganizationUnit.Parser.ParseFrom(idemixProto.Ou);
MSPRole role = MSPRole.Parser.ParseFrom(idemixProto.Role);
Ou = ou.OrganizationalUnitIdentifier;
RoleMask = role.Role.ToIdemixRole();
ipkHash = ou.CertifiersIdentifier.ToByteArray();
logger.Trace("Deserializing Proof");
associationProof = new IdemixSignature(Signature.Parser.ParseFrom(idemixProto.Proof.ToByteArray()));
}
catch (InvalidProtocolBufferException e)
{
throw new CryptoException("Cannot deserialize MSP ID", e);
}
}
/**
* Serialize Idemix Identity
*/
public SerializedIdentity CreateSerializedIdentity()
{
OrganizationUnit ou = new OrganizationUnit();
ou.CertifiersIdentifier = ByteString.CopyFrom(ipkHash);
ou.MspIdentifier = mspId;
ou.OrganizationalUnitIdentifier = Ou;
//Warning, this does not support multi-roleMask.
//Serialize the bitmask is the correct way to support multi-roleMask in the future
MSPRole role = new MSPRole();
role.Role = RoleMask.ToMSPRoleTypes().First();
role.MspIdentifier = mspId;
SerializedIdemixIdentity serializedIdemixIdentity = new SerializedIdemixIdentity();
serializedIdemixIdentity.Proof = ByteString.CopyFrom(associationProof.ToProto().ToByteArray());
serializedIdemixIdentity.Ou = ByteString.CopyFrom(ou.ToByteArray());
serializedIdemixIdentity.Role = ByteString.CopyFrom(role.ToByteArray());
serializedIdemixIdentity.NymY = ByteString.CopyFrom(pseudonym.Y.ToBytes());
serializedIdemixIdentity.NymX = ByteString.CopyFrom(pseudonym.X.ToBytes());
SerializedIdentity serializedIdentity = new SerializedIdentity();
serializedIdentity.IdBytes = ByteString.CopyFrom(serializedIdemixIdentity.ToByteArray());
serializedIdentity.Mspid = mspId;
return(serializedIdentity);
}
private void AddOrg(MSPPrincipal identity)
{
try
{
MSPRole mspRole = MSPRole.Parser.ParseFrom(identity.Principal);
orgs[mspRole.MspIdentifier] = mspRole.Role;
}
catch (InvalidProtocolBufferException e)
{
logger.Warning("error unmarshaling msp principal");
throw new ArgumentException("error unmarshaling msp principal", e);
}
}
public void TestSDKIntegrationYaml()
{
ChaincodeEndorsementPolicy itTestPolicy = new ChaincodeEndorsementPolicy();
itTestPolicy.FromYamlFile("Fixture/sdkintegration/chaincodeendorsementpolicy.yaml".Locate());
SignaturePolicyEnvelope sigPolEnv = SignaturePolicyEnvelope.Parser.ParseFrom(itTestPolicy.ChaincodeEndorsementPolicyAsBytes);
List <MSPPrincipal> identitiesList = sigPolEnv.Identities.ToList();
foreach (MSPPrincipal ident in identitiesList)
{
MSPPrincipal mspPrincipal = MSPPrincipal.Parser.ParseFrom(ident.Principal);
MSPPrincipal.Types.Classification principalClassification = mspPrincipal.PrincipalClassification;
Assert.AreEqual(principalClassification.ToString(), MSPPrincipal.Types.Classification.Role.ToString());
MSPRole mspRole = MSPRole.Parser.ParseFrom(ident.Principal);
string iden = mspRole.MspIdentifier;
Assert.IsTrue("Org1MSP".Equals(iden) || "Org2MSP".Equals(iden));
Assert.IsTrue(mspRole.Role == MSPRole.Types.MSPRoleType.Admin || mspRole.Role == MSPRole.Types.MSPRoleType.Member);
}
SignaturePolicy rule = sigPolEnv.Rule;
SignaturePolicy.TypeOneofCase typeCase = rule.TypeCase;
Assert.AreEqual(SignaturePolicy.TypeOneofCase.NOutOf, typeCase);
}
private static IndexedHashMap <string, MSPPrincipal> ParseIdentities(Dictionary <object, object> identities)
{
//Only Role types are excepted at this time.
IndexedHashMap <string, MSPPrincipal> ret = new IndexedHashMap <string, MSPPrincipal>();
foreach (KeyValuePair <object, object> kp in identities)
{
string key = (string)kp.Key;
object val = kp.Value;
/*
* if (!(key instanceof String)) {
* throw new ChaincodeEndorsementPolicyParseException(format("In identities key expected String got %s ", key == null ? "null" : key.getClass().getName()));
* }
*/
if (ret.ContainsKey(key))
{
throw new ChaincodeEndorsementPolicyParseException($"In identities with key {key} is listed more than once ");
}
if (!(val is Dictionary <object, object> dictval))
{
string str = val == null ? "null" : val.GetType().Name;
throw new ChaincodeEndorsementPolicyParseException($"In identities with key {key} value expected Map got {str}");
}
object role = dictval.ContainsKey("role") ? dictval["role"] : null;
if (!(role is Dictionary <object, object> roleMap))
{
string str = role == null ? "null" : role.GetType().Name;
throw new ChaincodeEndorsementPolicyParseException($"In identities with key {key} value expected Map for role got {str}");
}
object nameObj = roleMap.ContainsKey("name") ? roleMap["name"] : null;
if (!(nameObj is string name))
{
string str = nameObj == null ? "null" : nameObj.GetType().Name;
throw new ChaincodeEndorsementPolicyParseException($"In identities with key {key} name expected String in role got {str}");
}
name = name.Trim();
object mspId = roleMap.ContainsKey("mspId") ? roleMap["mspId"] : null;
if (!(mspId is string))
{
string str = mspId == null ? "null" : mspId.GetType().Name;
throw new ChaincodeEndorsementPolicyParseException($"In identities with key {key} mspId expected String in role got {str}");
}
if (string.IsNullOrEmpty((string)mspId))
{
throw new ChaincodeEndorsementPolicyParseException($"In identities with key {key} mspId must not be null or empty String in role");
}
MSPRole.Types.MSPRoleType mspRoleType;
switch (name)
{
case "member":
mspRoleType = MSPRole.Types.MSPRoleType.Member;
break;
case "admin":
mspRoleType = MSPRole.Types.MSPRoleType.Admin;
break;
case "client":
mspRoleType = MSPRole.Types.MSPRoleType.Client;
break;
case "peer":
mspRoleType = MSPRole.Types.MSPRoleType.Peer;
break;
default:
throw new ChaincodeEndorsementPolicyParseException($"In identities with key {key} name expected member, admin, client, or peer in role got {name}");
}
MSPRole mspRole = new MSPRole {
MspIdentifier = (string)mspId, Role = mspRoleType
};
MSPPrincipal principal = new MSPPrincipal {
Principal = mspRole.ToByteString(), PrincipalClassification = MSPPrincipal.Types.Classification.Role
};
ret.Add(key, principal);
}
if (ret.Count == 0)
{
throw new ChaincodeEndorsementPolicyParseException("No identities were found in the policy specification");
}
return(ret);
}
private Dictionary <string, MSPPrincipal> ParseIdentities(JArray identities)
{
Dictionary <string, MSPPrincipal> ret = new Dictionary <string, MSPPrincipal>();
foreach (JToken jsonValue in identities)
{
if (jsonValue.Type != JTokenType.Object)
{
throw new ChaincodeCollectionConfigurationException($"Expected in identities user to be Object type but got: {jsonValue.Type.ToString()}");
}
JObject user = jsonValue as JObject;
if (user?.Count != 1)
{
throw new ChaincodeCollectionConfigurationException("Only expected on property for user entry in identities.");
}
string key = user.Properties().Select(p => p.Name).First();
JToken vv = user[key];
if (vv.Type != JTokenType.Object)
{
throw new ChaincodeCollectionConfigurationException($"Expected in identities role to be Object type but got: {vv.Type.ToString()}");
}
JObject role = vv as JObject;
if (role == null)
{
throw new ChaincodeCollectionConfigurationException($"Expected a valid role");
}
JObject roleObj = role["role"] as JObject;
if (roleObj == null)
{
throw new ChaincodeCollectionConfigurationException($"Expected a valid role");
}
string roleName = roleObj["name"].Value <string>();
string mspId = roleObj["mspId"].Value <string>();
MSPRole.Types.MSPRoleType mspRoleType;
switch (roleName.ToLowerInvariant())
{
case "member":
mspRoleType = MSPRole.Types.MSPRoleType.Member;
break;
case "admin":
mspRoleType = MSPRole.Types.MSPRoleType.Admin;
break;
case "client":
mspRoleType = MSPRole.Types.MSPRoleType.Client;
break;
case "peer":
mspRoleType = MSPRole.Types.MSPRoleType.Peer;
break;
default:
throw new ChaincodeCollectionConfigurationException($"In identities with key {key} name expected member, admin, client, or peer in role got {roleName}");
}
MSPRole mspRole = new MSPRole();
mspRole.Role = mspRoleType;
mspRole.MspIdentifier = mspId;
MSPPrincipal principal = new MSPPrincipal();
principal.PrincipalClassification = MSPPrincipal.Types.Classification.Role;
principal.Principal = mspRole.ToByteString();
ret.Add(key, principal);
}
return(ret);
}
