In one of my articles, I introduced the deployment test process of the Hyperledger Fabric v1.4.1 national secret version, but that article used the CLI when testing the Fabric. We know that the national secret transformation of a complete Fabric Hyperledger includes the three parts of the national secret transformation of Fabric source code, Fabric SDK and Fabric CA. Among them, the urgency of Fabric CA's requirements is not very high, but the requirements of the Fabric SDK's national secret transformation are real. Without it, there is no way to write programs to interact with Fabric. Therefore, this article takes a fabric-sdk-go-gm version open source on the Internet as an example, and takes the Fabric v1.4.1 (v1.4.6 also works) version of the national secret transformation as the underlying alliance chain, and briefly introduces the national secret fabric-sdk-go The use process.
1. Preparation
1. Refer to my article Fabric Hyperledger 1.4.1 National Secret Modification Version Centos Stand-alone Deployment and Test Process Deploy a national secret version of Fabric on this machine. After the deployment is complete, enter the first-network
directory and ./byfn.sh up
start a test network. Although that article talks about the operation in the Centos environment, it is also possible under Mac OS and Windows.
2. Download bolenzhang as an open source go-sdk
. There is no requirement for the downloaded directory. It can be placed in the $GOPATH/src/github.com/hyperledger
directory and put together with Fabric.
cd $GOPATH/src/github.com/hyperledger/
git clone [email protected]:bolenzhang/fabric-go-sdk-gm.git
3. Run to go env
check GO111MODULE
whether the environment variable is auto
. It is not necessary to change it and make it take effect (under windows, check whether it takes effect several times, it may need to log out or restart)
2. Create a new application project
We use the national secret version of go-sdk, which cannot be used directly go mod
to manage dependencies. All dependencies need to be placed in the vendor directory, but we can use it first go mod
to download the dependent library.
cd $GOPATH/src
mkdir sdk_test
cd sdk_test
go mod init sdktest
Three, create a configuration file
Directly quote the sample SDK configuration file config.yaml given in this article using fabric-sdk-go operation chain code and save it as sdk_test/config.yaml
, but there are the following points to note:
3.1、BCCSP
When applying the national secret go-sdk
, this item should be commented out.
# [Optional] BCCSP config for the client. Used by GO SDK.
# BCCSP:
# security:
# enabled: true
# default:
# provider: "GM"
# hashAlgorithm: "GMSM3"
# softVerify: true
# level: 256
Because the SDK will automatically convert the algorithm, we don’t need to set it to GM
. Of course, SW
there is no problem if you set it as the original configuration file . Here we use the default settings by default.
3.2、tlsCerts
tlsCerts:
# [Optional]. Use system certificate pool when connecting to peers, orderers (for negotiating TLS) Default: false
systemCertPool: true
If you are using a Windows operating system, change it to false here. Note that there is a space between the colon and "true". If you are a system such as Centos or Ubuntu, you don't need to change it; if you are a Mac operating system, there will be some problems if you don't change it here, but we can modify sm2
the source code to solve it. I'll talk about this later when you use it.
3.3, all paths
All path-related in the configuration file /Users/shitaibin/go/src/github.com/hyperledger/fabric/fabric-samples
should be replaced with your local real path. Note that there is no under Windows /
, it is estimated that it should be used \\
(this is not sure).
Fourth, write test files
This article uses a simple main.go
test file as the test file. The writing method of the test file also refers to the article "Using fabric-sdk-go to operate chain code" mentioned above. Use your editor or vim
create one in the project root directory with the main.go
following content:
package main
import (
"fmt"
"log"
"time"
"github.com/hyperledger/fabric-sdk-go/pkg/client/channel"
"github.com/hyperledger/fabric-sdk-go/pkg/core/config"
"github.com/hyperledger/fabric-sdk-go/pkg/fabsdk"
)
const (
org1CfgPath = "./config.yaml"
ChannelID = "mychannel"
peer0Org1 = "peer0.org1.example.com"
peer0Org2 = "peer0.org2.example.com"
)
func main() {
sdk, err := fabsdk.New(config.FromFile(org1CfgPath))
if err != nil {
log.Panicf("failed to create fabric sdk: %s", err)
}
ccp := sdk.ChannelContext(ChannelID, fabsdk.WithUser("User1"))
cc, err := channel.New(ccp)
if err != nil {
log.Panicf("failed to create channel client: %s", err)
}
query(cc)
execute(cc)
time.Sleep(5 * time.Second)
query(cc)
}
func query(cc *channel.Client) {
// new channel request for query
req := channel.Request{
ChaincodeID: "mycc",
Fcn: "query",
Args: packArgs([]string{
"a"}),
}
// send request and handle response
reqPeers := channel.WithTargetEndpoints(peer0Org1)
response, err := cc.Query(req, reqPeers)
if err != nil {
fmt.Printf("failed to query chaincode: %s\n", err)
}
if len(response.Payload) > 0 {
fmt.Printf("chaincode query success,the value is %s\n", string(response.Payload))
}
}
func execute(cc *channel.Client) {
args := packArgs([]string{
"a", "b", "10"})
req := channel.Request{
ChaincodeID: "mycc",
Fcn: "invoke",
Args: args,
}
peers := []string{
peer0Org1, peer0Org2}
reqPeers := channel.WithTargetEndpoints(peers...)
response, err := cc.Execute(req, reqPeers)
if err != nil {
fmt.Printf("failed to Execute chaincode: %s\n", err)
}
fmt.Printf("Execute chaincode success,txId:%s\n", response.TransactionID)
}
func packArgs(paras []string) [][]byte {
var args [][]byte
for _, k := range paras {
args = append(args, []byte(k))
}
return args
}
The test file is very simple, first initialize the SDK and establish a channel, then query the contract, execute the transaction, and then query the contract to see if the value is updated.
Five, installation dependencies
Here comes the point: there are many operations here. We assume that you sdk_test
are operating in the project root directory , and the SDK of the national secret version is also placed in the $GOPATH/src/github.com/hyperledger/
directory as recommended :
go run main.go
The dependency will be installed first, and then an error will be reported when parsing the x509 certificate. Ignore it and the result is normal.
Then execute:
go mod vendor
Copy all dependencies to the vendor directory of the project.
Then execute:
rm go.mod
rm go.sum
rm -rf vendor/github.com/hyperledger/fabric-sdk-go
cp -r $GOPATH/src/github.com/hyperledger/fabric-go-sdk-gm vendor/github.com/hyperledger/fabric-sdk-go
The meaning of the above command is to delete go mod
the relevant content, and use the national secret SDK to replace the native SDK.
Six, run the test
Let's run it again go run main.go
. If you are prompted that some libraries are missing, you can open a new terminal and download it by referring to the following command:
mkdir -p $GOPATH/src/golang.org/x
cd $GOPATH/src/golang.org/x
git clone https://github.com/golang/crypto.git
After the download is complete, run the program in the original terminal. Here, there will be different results according to different operating systems:
1. Centos or Ubuntu
The operation is successful. From the output log, we can see that the value of a in the chain code is correct.
2、windows
An error will be reported when running under the windows environment (note that the systemCertPool in the configuration file under windows must be false):
# chaincodedemo/vendor/github.com/google/certificate-transparency-go/x509
vendor\github.com\google\certificate-transparency-go\x509\root_windows.go:112:3: cannot use uintptr(unsafe.Pointer(sslPara)) (type uintptr) as type syscall.Pointer in field value
This is because a library is too old and we need to update it manually.
git clone [email protected]:google/certificate-transparency-go.git
Copy the downloaded library to the directory corresponding to the vendor to replace it. Run go run main.go
it again and it will succeed.
3 、 Mac OS
Because the Mac under the configuration file systemCertPool
is true
in the country close version will find the files that do not correspond and initialized nil
, thereby error. After testing, the original Fabric with the original fabric-sdk-go will not have this problem. This problem is because in the sm2/cert_pool.go
file, the possible file locations under Mac OS are not listed. According to the error message, we open it vendor/github.com/fabric-sdk-go/internal/github.com/tjfoc/gmsm/sm2/cert_pool.go
(vscode is recommended) and you can see that there are two definitions:
// Possible certificate files; stop after finding one.
var certFiles = []string{
"/etc/ssl/certs/ca-certificates.crt", // Debian/Ubuntu/Gentoo etc.
"/etc/pki/tls/certs/ca-bundle.crt", // Fedora/RHEL 6
"/etc/ssl/ca-bundle.pem", // OpenSUSE
"/etc/pki/tls/cacert.pem", // OpenELEC
"/etc/pki/ca-trust/extracted/pem/tls-ca-bundle.pem", // CentOS/RHEL 7
}
// Possible directories with certificate files; stop after successfully
// reading at least one file from a directory.
var certDirectories = []string{
"/etc/ssl/certs", // SLES10/SLES11, https://golang.org/issue/12139
"/system/etc/security/cacerts", // Android
}
The program initializes the system certificate pool in the file or path listed above.
Although there is a "/etc/ssl/certs"
directory in Mac OS , it is empty. Therefore, after google it, certFiles
a definition under Mac OS needs to be added "/usr/local/etc/openssl/cert.pem", // Mac
to it to change to:
// Possible certificate files; stop after finding one.
var certFiles = []string{
"/etc/ssl/certs/ca-certificates.crt", // Debian/Ubuntu/Gentoo etc.
"/etc/pki/tls/certs/ca-bundle.crt", // Fedora/RHEL 6
"/etc/ssl/ca-bundle.pem", // OpenSUSE
"/etc/pki/tls/cacert.pem", // OpenELEC
"/etc/pki/ca-trust/extracted/pem/tls-ca-bundle.pem", // CentOS/RHEL 7
"/usr/local/etc/openssl/cert.pem", // Mac
}
Save and exit, and then run again go run main.go
, the value of a will be output correctly.
Seven, summary
Well, from the perspective of this article, it is quite simple to test the national secret fabric-sdk-go with the national secret fabric (mainly the go-sdk application, the national secret sdk has been written by others). Thank you very much for the bolenzhang
release of the national secret fabric-go-sdk-gm warehouse. Readers who use it can github
give him an order star
.
So far, the state secret transformation of Fabric Hyperledger based on the online open source version of the application is currently only one Fabric CA. After this CA etc. find a suitable open source national secret version, I will write an article to introduce its usage.
In order to test the CA, my local environment has been changed to the original Fabric. Therefore, most of the content of this article is written from memory, and there is no actual control step. If there are omissions or errors, please leave a message for correction or discussion.