[FAB-7307] embed cert in config, test update

	Also included refactoring of Config interface in
	api/apiconfig/configprovider.go to rename the following
	three functions from:
	* CAServerCertFiles
	* CAClientKeyFile
	* CAClientCertFile
	to:
	* CAServerCertPaths
	* CAClientKeyPath
	* CAClientCertPath

	Respectively as these return file paths not actual files.

Change-Id: Ief5d4b32671f2ff352afa7fc94721764e9de2d9d
Signed-off-by: Baha Shaaban <baha.shaaban@securekey.com>

api/apiconfig/configprovider.go

@@ -16,11 +16,11 @@ type Config interface {
 	Client() (*ClientConfig, error)
 	CAConfig(org string) (*CAConfig, error)
 	CAServerCertPems(org string) ([]string, error)
-	CAServerCertFiles(org string) ([]string, error)
+	CAServerCertPaths(org string) ([]string, error)
 	CAClientKeyPem(org string) (string, error)
-	CAClientKeyFile(org string) (string, error)
+	CAClientKeyPath(org string) (string, error)
 	CAClientCertPem(org string) (string, error)
-	CAClientCertFile(org string) (string, error)
+	CAClientCertPath(org string) (string, error)
 	TimeoutOrDefault(TimeoutType) time.Duration
 	MspID(org string) (string, error)
 	PeerMspID(name string) (string, error)

pkg/config/config.go

@@ -196,9 +196,9 @@ func (c *Config) CAServerCertPems(org string) ([]string, error) {
 	return certPems, nil
 }
 
-// CAServerCertFiles Read configuration option for the server certificates
+// CAServerCertPaths Read configuration option for the server certificates
 // will send a list of cert file paths
-func (c *Config) CAServerCertFiles(org string) ([]string, error) {
+func (c *Config) CAServerCertPaths(org string) ([]string, error) {
 	config, err := c.NetworkConfig()
 	if err != nil {
 		return nil, err
@@ -242,8 +242,8 @@ func (c *Config) getCAName(org string) (string, error) {
 	return certAuthorityName, nil
 }
 
-// CAClientKeyFile Read configuration option for the fabric CA client key file
-func (c *Config) CAClientKeyFile(org string) (string, error) {
+// CAClientKeyPath Read configuration option for the fabric CA client key file
+func (c *Config) CAClientKeyPath(org string) (string, error) {
 	config, err := c.NetworkConfig()
 	if err != nil {
 		return "", err
@@ -282,8 +282,8 @@ func (c *Config) CAClientKeyPem(org string) (string, error) {
 	return ca.TLSCACerts.Client.KeyPem, nil
 }
 
-// CAClientCertFile Read configuration option for the fabric CA client cert file
-func (c *Config) CAClientCertFile(org string) (string, error) {
+// CAClientCertPath Read configuration option for the fabric CA client cert file
+func (c *Config) CAClientCertPath(org string) (string, error) {
 	config, err := c.NetworkConfig()
 	if err != nil {
 		return "", err

pkg/config/config_test.go

@@ -80,21 +80,21 @@ func TestCAConfig(t *testing.T) {
 	crossCheckWithViperConfig(configImpl.configViper.GetString("client.cryptoconfig.path"), configImpl.CryptoConfigPath(), "Incorrect crypto config path", t)
 
 	//Testing CA Client File Location
-	certfile, err := configImpl.CAClientCertFile(org1)
+	certfile, err := configImpl.CAClientCertPath(org1)
 
 	if certfile == "" || err != nil {
 		t.Fatalf("CA Cert file location read failed %s", err)
 	}
 
 	//Testing CA Key File Location
-	keyFile, err := configImpl.CAClientKeyFile(org1)
+	keyFile, err := configImpl.CAClientKeyPath(org1)
 
 	if keyFile == "" || err != nil {
 		t.Fatal("CA Key file location read failed")
 	}
 
 	//Testing CA Server Cert Files
-	sCertFiles, err := configImpl.CAServerCertFiles(org1)
+	sCertFiles, err := configImpl.CAServerCertPaths(org1)
 
 	if sCertFiles == nil || len(sCertFiles) == 0 || err != nil {
 		t.Fatal("Getting CA server cert files failed")
@@ -194,19 +194,19 @@ func TestCAConfigFailsByNetworkConfig(t *testing.T) {
 	}
 
 	//Test CA client cert file failure scenario
-	certfile, err := sampleConfig.CAClientCertFile("peerorg1")
+	certfile, err := sampleConfig.CAClientCertPath("peerorg1")
 	if certfile != "" || err == nil {
 		t.Fatal("CA Cert file location read supposed to fail")
 	}
 
 	//Test CA client cert file failure scenario
-	keyFile, err := sampleConfig.CAClientKeyFile("peerorg1")
+	keyFile, err := sampleConfig.CAClientKeyPath("peerorg1")
 	if keyFile != "" || err == nil {
 		t.Fatal("CA Key file location read supposed to fail")
 	}
 
 	//Testing CA Server Cert Files failure scenario
-	sCertFiles, err := sampleConfig.CAServerCertFiles("peerorg1")
+	sCertFiles, err := sampleConfig.CAServerCertPaths("peerorg1")
 	if len(sCertFiles) > 0 || err == nil {
 		t.Fatal("Getting CA server cert files supposed to fail")
 	}
@@ -275,7 +275,7 @@ func TestCAConfigFailsByNetworkConfig(t *testing.T) {
 
 func TestTLSACAConfig(t *testing.T) {
 	//Test TLSCA Cert Pool (Positive test case)
-	certFile, _ := configImpl.CAClientCertFile(org1)
+	certFile, _ := configImpl.CAClientCertPath(org1)
 	_, err := configImpl.TLSCACertPool(certFile)
 	if err != nil {
 		t.Fatalf("TLS CA cert pool fetch failed, reason: %v", err)
@@ -287,7 +287,7 @@ func TestTLSACAConfig(t *testing.T) {
 		t.Fatalf("TLS CA cert pool was supposed to fail")
 	}
 
-	keyFile, _ := configImpl.CAClientKeyFile(org1)
+	keyFile, _ := configImpl.CAClientKeyPath(org1)
 	_, err = configImpl.TLSCACertPool(keyFile)
 	if err == nil {
 		t.Fatalf("TLS CA cert pool was supposed to fail when provided with wrong cert file")
@@ -757,7 +757,7 @@ O94CDp7l2k7hMQI0zQ==
 		t.Fatalf("%s Pem doesn't match. Expected \n'%s'\n, but got \n'%s'\n", peer0, pPem, loadedPPem)
 	}
 
-	// get CAServerCertPems for org1
+	// get CA Server cert pems (embedded) for org1
 	certs, err := c.CAServerCertPems("org1")
 	if err != nil {
 		t.Fatalf("Failed to load CAServerCertPems from config. Error: %s", err)
@@ -766,20 +766,37 @@ O94CDp7l2k7hMQI0zQ==
 		t.Fatalf("Got empty PEM certs for CAServerCertPems")
 	}
 
+	// get the client cert pem (embedded) for org1
 	c.CAClientCertPem("org1")
 	if err != nil {
 		t.Fatalf("Failed to load CAClientCertPem from config. Error: %s", err)
 	}
+
+	// get CA Server certs paths for org1
+	certs, err = c.CAServerCertPaths("org1")
+	if err != nil {
+		t.Fatalf("Failed to load CAServerCertPaths from config. Error: %s", err)
+	}
 	if len(certs) == 0 {
-		t.Fatalf("Got empty PEM certs for CAClientCertPem")
+		t.Fatalf("Got empty cert file paths for CAServerCertPaths")
 	}
 
+	// get the client cert path for org1
+	c.CAClientCertPath("org1")
+	if err != nil {
+		t.Fatalf("Failed to load CAClientCertPath from config. Error: %s", err)
+	}
+
+	// get the client key pem (embedded) for org1
 	c.CAClientKeyPem("org1")
 	if err != nil {
 		t.Fatalf("Failed to load CAClientKeyPem from config. Error: %s", err)
 	}
-	if len(certs) == 0 {
-		t.Fatalf("Got empty PEM certs for CAClientKeyPem")
+
+	// get the client key file path for org1
+	c.CAClientKeyPath("org1")
+	if err != nil {
+		t.Fatalf("Failed to load CAClientKeyPath from config. Error: %s", err)
 	}
 }
 

pkg/fabric-ca-client/fabricca.go

@@ -55,18 +55,18 @@ func NewFabricCAClient(org string, config config.Config, cryptoSuite apicryptosu
 	//set server URL
 	c.Config.URL = urlutil.ToAddress(conf.URL)
 	//certs file list
-	c.Config.TLS.CertFiles, err = config.CAServerCertFiles(org)
+	c.Config.TLS.CertFiles, err = config.CAServerCertPaths(org)
 	if err != nil {
 		return nil, err
 	}
 
 	// set key file and cert file
-	c.Config.TLS.Client.CertFile, err = config.CAClientCertFile(org)
+	c.Config.TLS.Client.CertFile, err = config.CAClientCertPath(org)
 	if err != nil {
 		return nil, err
 	}
 
-	c.Config.TLS.Client.KeyFile, err = config.CAClientKeyFile(org)
+	c.Config.TLS.Client.KeyFile, err = config.CAClientKeyPath(org)
 	if err != nil {
 		return nil, err
 	}

pkg/fabric-ca-client/fabricca_test.go

@@ -293,10 +293,10 @@ func TestCreateNewFabricCAClientCertFilesMissingFailure(t *testing.T) {
 	defer mockCtrl.Finish()
 	mockConfig := mock_apiconfig.NewMockConfig(mockCtrl)
 	mockConfig.EXPECT().CAConfig(org1).Return(&config.CAConfig{URL: ""}, nil)
-	mockConfig.EXPECT().CAServerCertFiles(org1).Return(nil, errors.New("CAServerCertFiles error"))
+	mockConfig.EXPECT().CAServerCertPaths(org1).Return(nil, errors.New("CAServerCertPaths error"))
 	_, err := NewFabricCAClient(org1, mockConfig, cryptoSuiteProvider)
-	if err.Error() != "CAServerCertFiles error" {
-		t.Fatalf("Expected error from CAServerCertFiles. Got: %s", err.Error())
+	if err.Error() != "CAServerCertPaths error" {
+		t.Fatalf("Expected error from CAServerCertPaths. Got: %s", err.Error())
 	}
 }
 
@@ -306,11 +306,11 @@ func TestCreateNewFabricCAClientCertFileErrorFailure(t *testing.T) {
 	defer mockCtrl.Finish()
 	mockConfig := mock_apiconfig.NewMockConfig(mockCtrl)
 	mockConfig.EXPECT().CAConfig(org1).Return(&config.CAConfig{URL: ""}, nil)
-	mockConfig.EXPECT().CAServerCertFiles(org1).Return([]string{"test"}, nil)
-	mockConfig.EXPECT().CAClientCertFile(org1).Return("", errors.New("CAClientCertFile error"))
+	mockConfig.EXPECT().CAServerCertPaths(org1).Return([]string{"test"}, nil)
+	mockConfig.EXPECT().CAClientCertPath(org1).Return("", errors.New("CAClientCertPath error"))
 	_, err := NewFabricCAClient(org1, mockConfig, cryptoSuiteProvider)
-	if err.Error() != "CAClientCertFile error" {
-		t.Fatalf("Expected error from CAClientCertFile. Got: %s", err.Error())
+	if err.Error() != "CAClientCertPath error" {
+		t.Fatalf("Expected error from CAClientCertPath. Got: %s", err.Error())
 	}
 }
 
@@ -320,12 +320,12 @@ func TestCreateNewFabricCAClientKeyFileErrorFailure(t *testing.T) {
 	defer mockCtrl.Finish()
 	mockConfig := mock_apiconfig.NewMockConfig(mockCtrl)
 	mockConfig.EXPECT().CAConfig(org1).Return(&config.CAConfig{URL: ""}, nil)
-	mockConfig.EXPECT().CAServerCertFiles(org1).Return([]string{"test"}, nil)
-	mockConfig.EXPECT().CAClientCertFile(org1).Return("", nil)
-	mockConfig.EXPECT().CAClientKeyFile(org1).Return("", errors.New("CAClientKeyFile error"))
+	mockConfig.EXPECT().CAServerCertPaths(org1).Return([]string{"test"}, nil)
+	mockConfig.EXPECT().CAClientCertPath(org1).Return("", nil)
+	mockConfig.EXPECT().CAClientKeyPath(org1).Return("", errors.New("CAClientKeyPath error"))
 	_, err := NewFabricCAClient(org1, mockConfig, cryptoSuiteProvider)
-	if err.Error() != "CAClientKeyFile error" {
-		t.Fatalf("Expected error from CAClientKeyFile. Got: %s", err.Error())
+	if err.Error() != "CAClientKeyPath error" {
+		t.Fatalf("Expected error from CAClientKeyPath. Got: %s", err.Error())
 	}
 }
 
@@ -337,9 +337,9 @@ func TestCreateValidBCCSPOptsForNewFabricClient(t *testing.T) {
 	clientMockObject := &config.ClientConfig{Organization: "org1", Logging: config.LoggingType{Level: "info"}, CryptoConfig: config.CCType{Path: "test/path"}}
 
 	mockConfig.EXPECT().CAConfig(org1).Return(&config.CAConfig{}, nil)
-	mockConfig.EXPECT().CAServerCertFiles(org1).Return([]string{"test"}, nil)
-	mockConfig.EXPECT().CAClientCertFile(org1).Return("", nil)
-	mockConfig.EXPECT().CAClientKeyFile(org1).Return("", nil)
+	mockConfig.EXPECT().CAServerCertPaths(org1).Return([]string{"test"}, nil)
+	mockConfig.EXPECT().CAClientCertPath(org1).Return("", nil)
+	mockConfig.EXPECT().CAClientKeyPath(org1).Return("", nil)
 	mockConfig.EXPECT().CAKeyStorePath().Return(os.TempDir())
 	mockConfig.EXPECT().Client().Return(clientMockObject, nil)
 	mockConfig.EXPECT().SecurityProvider().Return("SW")

pkg/fabric-ca-client/mocks/mockconfig.go

@@ -38,8 +38,8 @@ func (c *MockConfig) CAServerCertPems(org string) ([]string, error) {
 	return nil, nil
 }
 
-// CAServerCertFiles Read configuration option for the server certificate files
-func (c *MockConfig) CAServerCertFiles(org string) ([]string, error) {
+// CAServerCertPaths Read configuration option for the server certificate files
+func (c *MockConfig) CAServerCertPaths(org string) ([]string, error) {
 	return nil, nil
 }
 
@@ -48,8 +48,8 @@ func (c *MockConfig) CAClientKeyPem(org string) (string, error) {
 	return "", nil
 }
 
-// CAClientKeyFile Read configuration option for the fabric CA client key file
-func (c *MockConfig) CAClientKeyFile(org string) (string, error) {
+// CAClientKeyPath Read configuration option for the fabric CA client key file
+func (c *MockConfig) CAClientKeyPath(org string) (string, error) {
 	return "", nil
 }
 
@@ -58,8 +58,8 @@ func (c *MockConfig) CAClientCertPem(org string) (string, error) {
 	return "", nil
 }
 
-// CAClientCertFile Read configuration option for the fabric CA client cert file
-func (c *MockConfig) CAClientCertFile(org string) (string, error) {
+// CAClientCertPath Read configuration option for the fabric CA client cert file
+func (c *MockConfig) CAClientCertPath(org string) (string, error) {
 	return "", nil
 }
 

pkg/fabric-client/mocks/mockconfig.go

@@ -46,8 +46,8 @@ func (c *MockConfig) CAServerCertPems(org string) ([]string, error) {
 	return nil, nil
 }
 
-//CAServerCertFiles Read configuration option for the server certificate files
-func (c *MockConfig) CAServerCertFiles(org string) ([]string, error) {
+//CAServerCertPaths Read configuration option for the server certificate files
+func (c *MockConfig) CAServerCertPaths(org string) ([]string, error) {
 	return nil, nil
 }
 
@@ -56,8 +56,8 @@ func (c *MockConfig) CAClientKeyPem(org string) (string, error) {
 	return "", nil
 }
 
-//CAClientKeyFile Read configuration option for the fabric CA client key file
-func (c *MockConfig) CAClientKeyFile(org string) (string, error) {
+//CAClientKeyPath Read configuration option for the fabric CA client key file
+func (c *MockConfig) CAClientKeyPath(org string) (string, error) {
 	return "", nil
 }
 
@@ -66,8 +66,8 @@ func (c *MockConfig) CAClientCertPem(org string) (string, error) {
 	return "", nil
 }
 
-//CAClientCertFile Read configuration option for the fabric CA client cert file
-func (c *MockConfig) CAClientCertFile(org string) (string, error) {
+//CAClientCertPath Read configuration option for the fabric CA client cert file
+func (c *MockConfig) CAClientCertPath(org string) (string, error) {
 	return "", nil
 }
 

test/integration/channel_queries_test.go

@@ -249,7 +249,7 @@ func testQueryByChaincode(t *testing.T, channel fab.Channel, config config.Confi
 	}
 
 	// Configured cert for cert pool
-	cert, err := config.CAClientCertFile(org1Name)
+	cert, err := config.CAClientCertPath(org1Name)
 	if err != nil {
 		t.Fatal(err)
 	}