Merge "[FAB-17095] Pretty print peer identities in gossip"

yacovm · Gerrit Code Review · commit b86a86f87ab2 · 2019-11-18T15:55:20.000Z
diff --git a/gossip/api/crypto.go b/gossip/api/crypto.go
@@ -7,9 +7,16 @@ SPDX-License-Identifier: Apache-2.0
 package api
 
 import (
+	"crypto/x509"
+	"encoding/base64"
+	"encoding/json"
+	"encoding/pem"
+	"fmt"
 	"time"
 
+	"github.com/golang/protobuf/proto"
 	cb "github.com/hyperledger/fabric-protos-go/common"
+	"github.com/hyperledger/fabric-protos-go/msp"
 	"github.com/hyperledger/fabric/gossip/common"
 	"google.golang.org/grpc"
 )
@@ -108,6 +115,42 @@ func (pis PeerIdentitySet) Filter(filter PeerIdentityFilter) PeerIdentitySet {
 // PeerIdentityType is the peer's certificate
 type PeerIdentityType []byte
 
+// String returns a string representation of this PeerIdentityType
+func (pit PeerIdentityType) String() string {
+	base64Representation := base64.StdEncoding.EncodeToString(pit)
+	sID := &msp.SerializedIdentity{}
+	err := proto.Unmarshal(pit, sID)
+	if err != nil {
+		return fmt.Sprintf("non SerializedIdentity: %s", base64Representation)
+	}
+
+	bl, _ := pem.Decode(sID.IdBytes)
+	if bl == nil {
+		return fmt.Sprintf("non PEM encoded identity: %s", base64Representation)
+	}
+
+	cert, _ := x509.ParseCertificate(bl.Bytes)
+	if cert == nil {
+		return fmt.Sprintf("non x509 identity: %s", base64Representation)
+	}
+	m := make(map[string]interface{})
+	m["MSP"] = sID.Mspid
+	s := cert.Subject
+	m["CN"] = s.CommonName
+	m["OU"] = s.OrganizationalUnit
+	m["L-ST-C"] = fmt.Sprintf("%s-%s-%s", s.Locality, s.StreetAddress, s.Country)
+	i := cert.Issuer
+	m["Issuer-CN"] = i.CommonName
+	m["Issuer-OU"] = i.OrganizationalUnit
+	m["Issuer-L-ST-C"] = fmt.Sprintf("%s-%s-%s", i.Locality, i.StreetAddress, i.Country)
+
+	rawJSON, err := json.Marshal(m)
+	if err != nil {
+		return base64Representation
+	}
+	return string(rawJSON)
+}
+
 // PeerSuspector returns whether a peer with a given identity is suspected
 // as being revoked, or its CA is revoked
 type PeerSuspector func(identity PeerIdentityType) bool
diff --git a/gossip/api/crypto_test.go b/gossip/api/crypto_test.go
@@ -0,0 +1,67 @@
+/*
+Copyright IBM Corp. All Rights Reserved.
+
+SPDX-License-Identifier: Apache-2.0
+*/
+
+package api
+
+import (
+	"encoding/pem"
+	"io/ioutil"
+	"path/filepath"
+	"testing"
+
+	"github.com/hyperledger/fabric-protos-go/msp"
+	"github.com/hyperledger/fabric/protoutil"
+	"github.com/stretchr/testify/assert"
+)
+
+func TestPeerIdentityTypeString(t *testing.T) {
+	certBytes, err := ioutil.ReadFile(filepath.Join("testdata", "peer.pem"))
+	assert.NoError(t, err)
+
+	for _, testCase := range []struct {
+		description string
+		identity    PeerIdentityType
+		expectedOut string
+	}{
+		{
+			description: "non serialized identity",
+			identity:    PeerIdentityType("some garbage"),
+			expectedOut: "non SerializedIdentity: c29tZSBnYXJiYWdl",
+		},
+		{
+			description: "non PEM identity",
+			identity: PeerIdentityType(protoutil.MarshalOrPanic(&msp.SerializedIdentity{
+				Mspid:   "SampleOrg",
+				IdBytes: []byte{1, 2, 3},
+			})),
+			expectedOut: "non PEM encoded identity: CglTYW1wbGVPcmcSAwECAw==",
+		},
+		{
+			description: "non x509 identity",
+			identity: PeerIdentityType(protoutil.MarshalOrPanic(&msp.SerializedIdentity{
+				Mspid: "SampleOrg",
+				IdBytes: pem.EncodeToMemory(&pem.Block{
+					Type:  "CERTIFICATE",
+					Bytes: []byte{1, 2, 3},
+				}),
+			})),
+			expectedOut: `non x509 identity: CglTYW1wbGVPcmcSOy0tLS0tQkVHSU4gQ0VSVElGSUNBVEUtLS0tLQpBUUlECi0tLS0tRU5EIENFUlRJRklDQVRFLS0tLS0K`,
+		},
+		{
+			description: "x509 identity",
+			identity: PeerIdentityType(protoutil.MarshalOrPanic(&msp.SerializedIdentity{
+				Mspid:   "SampleOrg",
+				IdBytes: certBytes,
+			})),
+			expectedOut: `{"CN":"peer0.org1.example.com","Issuer-CN":"ca.org1.example.com","Issuer-L-ST-C":"[San Francisco]-[]-[US]","Issuer-OU":["COP"],"L-ST-C":"[San Francisco]-[]-[US]","MSP":"SampleOrg","OU":["COP"]}`,
+		},
+	} {
+		t.Run(testCase.description, func(t *testing.T) {
+			assert.Equal(t, testCase.identity.String(), testCase.expectedOut)
+		})
+	}
+
+}
diff --git a/gossip/api/testdata/peer.pem b/gossip/api/testdata/peer.pem
@@ -0,0 +1,14 @@
+-----BEGIN CERTIFICATE-----
+MIICNjCCAd2gAwIBAgIRAMnf9/dmV9RvCCVw9pZQUfUwCgYIKoZIzj0EAwIwgYEx
+CzAJBgNVBAYTAlVTMRMwEQYDVQQIEwpDYWxpZm9ybmlhMRYwFAYDVQQHEw1TYW4g
+RnJhbmNpc2NvMRkwFwYDVQQKExBvcmcxLmV4YW1wbGUuY29tMQwwCgYDVQQLEwND
+T1AxHDAaBgNVBAMTE2NhLm9yZzEuZXhhbXBsZS5jb20wHhcNMTcxMTEyMTM0MTEx
+WhcNMjcxMTEwMTM0MTExWjBpMQswCQYDVQQGEwJVUzETMBEGA1UECBMKQ2FsaWZv
+cm5pYTEWMBQGA1UEBxMNU2FuIEZyYW5jaXNjbzEMMAoGA1UECxMDQ09QMR8wHQYD
+VQQDExZwZWVyMC5vcmcxLmV4YW1wbGUuY29tMFkwEwYHKoZIzj0CAQYIKoZIzj0D
+AQcDQgAEZ8S4V71OBJpyMIVZdwYdFXAckItrpvSrCf0HQg40WW9XSoOOO76I+Umf
+EkmTlIJXP7/AyRRSRU38oI8Ivtu4M6NNMEswDgYDVR0PAQH/BAQDAgeAMAwGA1Ud
+EwEB/wQCMAAwKwYDVR0jBCQwIoAginORIhnPEFZUhXm6eWBkm7K7Zc8R4/z7LW4H
+ossDlCswCgYIKoZIzj0EAwIDRwAwRAIgVikIUZzgfuFsGLQHWJUVJCU7pDaETkaz
+PzFgsCiLxUACICgzJYlW7nvZxP7b6tbeu3t8mrhMXQs956mD4+BoKuNI
+-----END CERTIFICATE-----
