如何在ClientIdentity中将getAttributeValue()用于结构垫片?

时间:2019-11-19 07:11:22

标签: hyperledger-fabric hyperledger-chaincode hyperledger-fabric-sdk-js

我正在将nodejs sdk用于超级账本结构,在我的链码中,我需要获取执行交易的身份(sam)的名称。

Error deploying to IBM WebSphere Application Server: org.jenkinsci.plugins.websphere.services.deployment.DeploymentServiceException: Failed to install artifact: Failure uploading archive to server

at org.jenkinsci.plugins.websphere.services.deployment.WebSphereDeploymentService.installArtifact(WebSphereDeploymentService.java:356)

at org.jenkinsci.plugins.websphere_deployer.WebSp

hereDeployerPlugin.deployArtifact(WebSphereDeployerPlugin.java:385)

我使用了以下代码

{"name":"sam","mspid":"Org1MSP","roles":null,"affiliation":"","enrollmentSecret":"","enrollment":{"signingIdentity":"5aad871581d63447218743ee79289c0c6f531a032d3cf1f0be32083e8c0cbaea","identity":{"certificate":"-----BEGIN CERTIFICATE-----\nMIICizCCAjGgAwIBAgIUQq0tPLPFsLujCsRclZc9POmAh6EwCgYIKoZIzj0EAwIw\nczELMAkGA1UEBhMCVVMxEzARBgNVBAgTCkNhbGlmb3JuaWExFjAUBgNVBAcTDVNh\nbiBGcmFuY2lzY28xGTAXBgNVBAoTEG9yZzEuZXhhbXBsZS5jb20xHDAaBgNVBAMT\nE2NhLm9yZzEuZXhhbXBsZS5jb20wHhcNMTkxMTE5MDU0ODAwWhcNMjAxMTE4MDU1\nMzAwWjBAMTAwDQYDVQQLEwZjbGllbnQwCwYDVQQLEwRvcmcxMBIGA1UECxMLZGVw\nYXJ0bWVudDExDDAKBgNVBAMTA3NhbTBZMBMGByqGSM49AgEGCCqGSM49AwEHA0IA\nBGbtyGsC9QNBlO0Z5sumDzEaYR4m8GJpXW2f8Qlvjt79IzCWDjGwFePAIOfnUojz\naDbr0VHgpnWOtUIKUqTVPOujgdUwgdIwDgYDVR0PAQH/BAQDAgeAMAwGA1UdEwEB\n/wQCMAAwHQYDVR0OBBYEFCR78iTBbBSCYjxajhOMyYrWDO8iMCsGA1UdIwQkMCKA\nIHWD+xHmJ7l80nLYW67w4+Bftya5oeDfD9d4KXfnqn3NMGYGCCoDBAUGBwgBBFp7\nImF0dHJzIjp7ImhmLkFmZmlsaWF0aW9uIjoib3JnMS5kZXBhcnRtZW50MSIsImhm\nLkVucm9sbG1lbnRJRCI6InNhbSIsImhmLlR5cGUiOiJjbGllbnQifX0wCgYIKoZI\nzj0EAwIDSAAwRQIhAJcIBDcygI6Z67ueo46b3WnJCZr+D1HzhaWNp6Lj/+7oAiA6\nRRc9JjnWFvaFaqIJTyNaE7/HFXTXKr+HIkig/UEZpQ==\n-----END CERTIFICATE-----\n"}}}

,但是上面的代码未返回名称或任何其他属性。 帮助将不胜感激!

2 个答案:

答案 0 :(得分:2)

使用以下命令在智能合约中使用getAttributeValue()检索的属性如下创建: fabric-ca-client register --id.name clare --id.secret hursley1 --id.maxenrollments -1 --id.attrs 'department=Finance:ecert,location=Berkshire:ecert'

所以我要为部门和位置创建2个属性。请注意最后的:ecert,这意味着我希望将属性写入证书,而不仅仅是存储在CA数据库中。还要注意,这些属性不会添加到现有证书中,只有在您注册或重新注册后才“显示”。

使用节点SDK,这是一段代码段,可以在注册身份时添加Department属性:

//create user attr array
let registerAttrs = [];
let registerAttribute = {
  name: "department",
  value: "Finance",
  ecert: true
};
registerAttrs.push(registerAttribute);

// at this point we should have the admin user
// first need to register the user with the CA server
return fabric_ca_client.register(
  {
    enrollmentID: username,
    affiliation: "org1",
    role: "client",
    attrs: registerAttrs
  },
  admin_user
);

然后,在智能合约中,您可以访问属性:

ctx.clientIdentity.getAttributeValue('department');

请注意,已经使用fabric-contract-api填充了clientIdentity对象,因此您不需要new clientIdentity对象。

答案 1 :(得分:1)

您没有名为“ name”的属性。如果您分析X.509证书... 

openssl x509 -text -noout -in yourcert.pem

...你得到... 

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            42:ad:2d:3c:b3:c5:b0:bb:a3:0a:c4:5c:95:97:3d:3c:e9:80:87:a1
        Signature Algorithm: ecdsa-with-SHA256
        Issuer: C = US, ST = California, L = San Francisco, O = org1.example.com, CN = ca.org1.example.com
        Validity
            Not Before: Nov 19 05:48:00 2019 GMT
            Not After : Nov 18 05:53:00 2020 GMT
        Subject: OU = client + OU = org1 + OU = department1, CN = sam
        Subject Public Key Info:
            Public Key Algorithm: id-ecPublicKey
                Public-Key: (256 bit)
                pub:
                    04:66:ed:c8:6b:02:f5:03:41:94:ed:19:e6:cb:a6:
                    0f:31:1a:61:1e:26:f0:62:69:5d:6d:9f:f1:09:6f:
                    8e:de:fd:23:30:96:0e:31:b0:15:e3:c0:20:e7:e7:
                    52:88:f3:68:36:eb:d1:51:e0:a6:75:8e:b5:42:0a:
                    52:a4:d5:3c:eb
                ASN1 OID: prime256v1
                NIST CURVE: P-256
        X509v3 extensions:
            X509v3 Key Usage: critical
                Digital Signature
            X509v3 Basic Constraints: critical
                CA:FALSE
            X509v3 Subject Key Identifier: 
                24:7B:F2:24:C1:6C:14:82:62:3C:5A:8E:13:8C:C9:8A:D6:0C:EF:22
            X509v3 Authority Key Identifier: 
                keyid:75:83:FB:11:E6:27:B9:7C:D2:72:D8:5B:AE:F0:E3:E0:5F:B7:26:B9:A1:E0:DF:0F:D7:78:29:77:E7:AA:7D:CD

            1.2.3.4.5.6.7.8.1: 
                {"attrs":{"hf.Affiliation":"org1.department1","hf.EnrollmentID":"sam","hf.Type":"client"}}
    Signature Algorithm: ecdsa-with-SHA256
         30:45:02:21:00:97:08:04:37:32:80:8e:99:eb:bb:9e:a3:8e:
         9b:dd:69:c9:09:9a:fe:0f:51:f3:85:a5:8d:a7:a2:e3:ff:ee:
         e8:02:20:3a:45:17:3d:26:39:d6:16:f6:85:6a:a2:09:4f:23:
         5a:13:bf:c7:15:74:d7:2a:bf:87:22:48:a0:fd:41:19:a5

您的属性键是:

  • hf.Affiliation
  • hf.EnrollmentID
  • hf.Type

没有“名称”属性。您可能正在寻找“ hf.EnrollmentID ”。

编辑:您自己在问题中的enrollment.identity.certificate字段中指出了您的证书。我只保存了... 

-----BEGIN CERTIFICATE-----
MIICizCCAjGgAwIBAgIUQq0tPLPFsLujCsRclZc9POmAh6EwCgYIKoZIzj0EAwIw
czELMAkGA1UEBhMCVVMxEzARBgNVBAgTCkNhbGlmb3JuaWExFjAUBgNVBAcTDVNh
biBGcmFuY2lzY28xGTAXBgNVBAoTEG9yZzEuZXhhbXBsZS5jb20xHDAaBgNVBAMT
E2NhLm9yZzEuZXhhbXBsZS5jb20wHhcNMTkxMTE5MDU0ODAwWhcNMjAxMTE4MDU1
MzAwWjBAMTAwDQYDVQQLEwZjbGllbnQwCwYDVQQLEwRvcmcxMBIGA1UECxMLZGVw
YXJ0bWVudDExDDAKBgNVBAMTA3NhbTBZMBMGByqGSM49AgEGCCqGSM49AwEHA0IA
BGbtyGsC9QNBlO0Z5sumDzEaYR4m8GJpXW2f8Qlvjt79IzCWDjGwFePAIOfnUojz
aDbr0VHgpnWOtUIKUqTVPOujgdUwgdIwDgYDVR0PAQH/BAQDAgeAMAwGA1UdEwEB
/wQCMAAwHQYDVR0OBBYEFCR78iTBbBSCYjxajhOMyYrWDO8iMCsGA1UdIwQkMCKA
IHWD+xHmJ7l80nLYW67w4+Bftya5oeDfD9d4KXfnqn3NMGYGCCoDBAUGBwgBBFp7
ImF0dHJzIjp7ImhmLkFmZmlsaWF0aW9uIjoib3JnMS5kZXBhcnRtZW50MSIsImhm
LkVucm9sbG1lbnRJRCI6InNhbSIsImhmLlR5cGUiOiJjbGllbnQifX0wCgYIKoZI
zj0EAwIDSAAwRQIhAJcIBDcygI6Z67ueo46b3WnJCZr+D1HzhaWNp6Lj/+7oAiA6
RRc9JjnWFvaFaqIJTyNaE7/HFXTXKr+HIkig/UEZpQ==
-----END CERTIFICATE-----

...如yourcert.pem一样通过openssl进行检查。

相关问题
最新问题