0

我正在将 nodejs sdk 用于超级账本结构,在我的链代码中,我需要获取正在执行交易的身份 (sam) 的名称。

{"name":"sam","mspid":"Org1MSP","roles":null,"affiliation":"","enrollmentSecret":"","enrollment":{"signingIdentity":"5aad871581d63447218743ee79289c0c6f531a032d3cf1f0be32083e8c0cbaea","identity":{"certificate":"-----BEGIN CERTIFICATE-----\nMIICizCCAjGgAwIBAgIUQq0tPLPFsLujCsRclZc9POmAh6EwCgYIKoZIzj0EAwIw\nczELMAkGA1UEBhMCVVMxEzARBgNVBAgTCkNhbGlmb3JuaWExFjAUBgNVBAcTDVNh\nbiBGcmFuY2lzY28xGTAXBgNVBAoTEG9yZzEuZXhhbXBsZS5jb20xHDAaBgNVBAMT\nE2NhLm9yZzEuZXhhbXBsZS5jb20wHhcNMTkxMTE5MDU0ODAwWhcNMjAxMTE4MDU1\nMzAwWjBAMTAwDQYDVQQLEwZjbGllbnQwCwYDVQQLEwRvcmcxMBIGA1UECxMLZGVw\nYXJ0bWVudDExDDAKBgNVBAMTA3NhbTBZMBMGByqGSM49AgEGCCqGSM49AwEHA0IA\nBGbtyGsC9QNBlO0Z5sumDzEaYR4m8GJpXW2f8Qlvjt79IzCWDjGwFePAIOfnUojz\naDbr0VHgpnWOtUIKUqTVPOujgdUwgdIwDgYDVR0PAQH/BAQDAgeAMAwGA1UdEwEB\n/wQCMAAwHQYDVR0OBBYEFCR78iTBbBSCYjxajhOMyYrWDO8iMCsGA1UdIwQkMCKA\nIHWD+xHmJ7l80nLYW67w4+Bftya5oeDfD9d4KXfnqn3NMGYGCCoDBAUGBwgBBFp7\nImF0dHJzIjp7ImhmLkFmZmlsaWF0aW9uIjoib3JnMS5kZXBhcnRtZW50MSIsImhm\nLkVucm9sbG1lbnRJRCI6InNhbSIsImhmLlR5cGUiOiJjbGllbnQifX0wCgYIKoZI\nzj0EAwIDSAAwRQIhAJcIBDcygI6Z67ueo46b3WnJCZr+D1HzhaWNp6Lj/+7oAiA6\nRRc9JjnWFvaFaqIJTyNaE7/HFXTXKr+HIkig/UEZpQ==\n-----END CERTIFICATE-----\n"}}}

我使用了下面的代码

async approve(ctx) {
    try {
        const owId = new clientIdentity(ctx.stub).getAttributeValue('name')
        return owId.toString();
     } catch(error) {
            console.log(error);
            throw new Error(`Low on amount`);
     }

}

但上面的代码没有返回名称或任何其他属性。帮助将不胜感激!!!

4

2 回答 2

2

您在智能合约中使用 getAttributeValue() 检索的属性是使用命令行创建的,如下所示: fabric-ca-client register --id.name clare --id.secret hursley1 --id.maxenrollments -1 --id.attrs 'department=Finance:ecert,location=Berkshire:ecert'

所以我正在为部门和位置创建 2 个属性。注意:ecert最后,这意味着我希望将属性写入证书,而不仅仅是存储在 CA 数据库中。另请注意,这些属性不会添加到现有证书中,而只会在您注册或重新注册时“出现”。

使用节点 SDK,这是一段代码,可以在注册身份时添加部门属性:

//create user attr array
let registerAttrs = [];
let registerAttribute = {
  name: "department",
  value: "Finance",
  ecert: true
};
registerAttrs.push(registerAttribute);

// at this point we should have the admin user
// first need to register the user with the CA server
return fabric_ca_client.register(
  {
    enrollmentID: username,
    affiliation: "org1",
    role: "client",
    attrs: registerAttrs
  },
  admin_user
);

然后在您的智能合约中,您可以访问该属性:

ctx.clientIdentity.getAttributeValue('department');

请注意,使用 fabric-contract-api 已经填充了 clientIdentity 对象,因此您不需要newclientIdentity 对象。

于 2019-11-19T10:50:32.820 回答
1

您没有名为“名称”的属性。如果您分析您的 X.509 证书...

openssl x509 -text -noout -in yourcert.pem

...你得到...

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            42:ad:2d:3c:b3:c5:b0:bb:a3:0a:c4:5c:95:97:3d:3c:e9:80:87:a1
        Signature Algorithm: ecdsa-with-SHA256
        Issuer: C = US, ST = California, L = San Francisco, O = org1.example.com, CN = ca.org1.example.com
        Validity
            Not Before: Nov 19 05:48:00 2019 GMT
            Not After : Nov 18 05:53:00 2020 GMT
        Subject: OU = client + OU = org1 + OU = department1, CN = sam
        Subject Public Key Info:
            Public Key Algorithm: id-ecPublicKey
                Public-Key: (256 bit)
                pub:
                    04:66:ed:c8:6b:02:f5:03:41:94:ed:19:e6:cb:a6:
                    0f:31:1a:61:1e:26:f0:62:69:5d:6d:9f:f1:09:6f:
                    8e:de:fd:23:30:96:0e:31:b0:15:e3:c0:20:e7:e7:
                    52:88:f3:68:36:eb:d1:51:e0:a6:75:8e:b5:42:0a:
                    52:a4:d5:3c:eb
                ASN1 OID: prime256v1
                NIST CURVE: P-256
        X509v3 extensions:
            X509v3 Key Usage: critical
                Digital Signature
            X509v3 Basic Constraints: critical
                CA:FALSE
            X509v3 Subject Key Identifier: 
                24:7B:F2:24:C1:6C:14:82:62:3C:5A:8E:13:8C:C9:8A:D6:0C:EF:22
            X509v3 Authority Key Identifier: 
                keyid:75:83:FB:11:E6:27:B9:7C:D2:72:D8:5B:AE:F0:E3:E0:5F:B7:26:B9:A1:E0:DF:0F:D7:78:29:77:E7:AA:7D:CD

            1.2.3.4.5.6.7.8.1: 
                {"attrs":{"hf.Affiliation":"org1.department1","hf.EnrollmentID":"sam","hf.Type":"client"}}
    Signature Algorithm: ecdsa-with-SHA256
         30:45:02:21:00:97:08:04:37:32:80:8e:99:eb:bb:9e:a3:8e:
         9b:dd:69:c9:09:9a:fe:0f:51:f3:85:a5:8d:a7:a2:e3:ff:ee:
         e8:02:20:3a:45:17:3d:26:39:d6:16:f6:85:6a:a2:09:4f:23:
         5a:13:bf:c7:15:74:d7:2a:bf:87:22:48:a0:fd:41:19:a5

您的属性键是:

  • hf.Affiliation
  • hf.EnrollmentID
  • hf.Type

没有“名称”属性。您可能正在寻找“ hf.EnrollmentID ”。

编辑:enrollment.identity.certificate您自己在现场的问题中指出了您的证书。我只保存了...

-----BEGIN CERTIFICATE-----
MIICizCCAjGgAwIBAgIUQq0tPLPFsLujCsRclZc9POmAh6EwCgYIKoZIzj0EAwIw
czELMAkGA1UEBhMCVVMxEzARBgNVBAgTCkNhbGlmb3JuaWExFjAUBgNVBAcTDVNh
biBGcmFuY2lzY28xGTAXBgNVBAoTEG9yZzEuZXhhbXBsZS5jb20xHDAaBgNVBAMT
E2NhLm9yZzEuZXhhbXBsZS5jb20wHhcNMTkxMTE5MDU0ODAwWhcNMjAxMTE4MDU1
MzAwWjBAMTAwDQYDVQQLEwZjbGllbnQwCwYDVQQLEwRvcmcxMBIGA1UECxMLZGVw
YXJ0bWVudDExDDAKBgNVBAMTA3NhbTBZMBMGByqGSM49AgEGCCqGSM49AwEHA0IA
BGbtyGsC9QNBlO0Z5sumDzEaYR4m8GJpXW2f8Qlvjt79IzCWDjGwFePAIOfnUojz
aDbr0VHgpnWOtUIKUqTVPOujgdUwgdIwDgYDVR0PAQH/BAQDAgeAMAwGA1UdEwEB
/wQCMAAwHQYDVR0OBBYEFCR78iTBbBSCYjxajhOMyYrWDO8iMCsGA1UdIwQkMCKA
IHWD+xHmJ7l80nLYW67w4+Bftya5oeDfD9d4KXfnqn3NMGYGCCoDBAUGBwgBBFp7
ImF0dHJzIjp7ImhmLkFmZmlsaWF0aW9uIjoib3JnMS5kZXBhcnRtZW50MSIsImhm
LkVucm9sbG1lbnRJRCI6InNhbSIsImhmLlR5cGUiOiJjbGllbnQifX0wCgYIKoZI
zj0EAwIDSAAwRQIhAJcIBDcygI6Z67ueo46b3WnJCZr+D1HzhaWNp6Lj/+7oAiA6
RRc9JjnWFvaFaqIJTyNaE7/HFXTXKr+HIkig/UEZpQ==
-----END CERTIFICATE-----

...yourcert.pem通过 openssl 检查它。

于 2019-11-19T08:06:11.197 回答