fabric gateway java sdk 双向TLS

最新推荐文章于 2024-04-25 10:26:54 发布
最新推荐文章于 2024-04-25 10:26:54 发布
阅读量1.8k 收藏 4
点赞数 1
分类专栏: fabric fabric-sdk
版权声明:本文为博主原创文章,遵循 CC 4.0 BY-SA 版权协议,转载请附上原文出处链接和本声明。
本文链接:https://blog.csdn.net/weixin_38751513/article/details/105726851
版权 
注明版本:fabric-gateway-java 2.0.0, fabric 2.0.0

官方代码:https://github.com/hyperledger/fabric-gateway-java

官方connection.json:https://github.com/hyperledger/fabric-gateway-java/blob/fcebef01b383646abf6402c13cf78326c499477f/src/test/java/org/hyperledger/fabric/gateway/connection-tls.json

在以上基础上,官方 gateway java sdk只支持单向tls认证,对客户端不支持双向认证

fabric启用TLS说明:https://hyperledger-fabric.readthedocs.io/en/release-2.0/enable_tls.html

单向改双向TLS认证在cli链接时需要多配置以下参数

--certfile string                     Path to file containing PEM-encoded X509 public key to use for mutual TLS communication with the orderer endpoint
--keyfile string                      Path to file containing PEM-encoded private key to use for mutual TLS communication with the orderer endpoint
--clientauth                          Use mutual TLS when communicating with the orderer endpoint

 

而官方gateway java sdk,目前仅支持单向TLS,双向TLS需要修改如下:

并且需要修改官方的Endpoint类的源码如下:

package org.hyperledger.fabric.sdk;

import java.io.ByteArrayInputStream;
import java.io.ByteArrayOutputStream;
import java.io.File;
import java.io.IOException;
import java.io.InputStream;
import java.lang.reflect.InvocationTargetException;
import java.lang.reflect.Method;
import java.nio.file.Files;
import java.nio.file.Paths;
import java.security.PrivateKey;
import java.security.cert.X509Certificate;
import java.util.AbstractMap;
import java.util.Base64;
import java.util.Collections;
import java.util.HashMap;
import java.util.Map;
import java.util.Properties;
import java.util.regex.Matcher;
import java.util.regex.Pattern;

import javax.net.ssl.SSLException;

import com.google.common.collect.ImmutableMap;
import io.grpc.ManagedChannelBuilder;
import io.grpc.netty.GrpcSslContexts;
import io.grpc.netty.NegotiationType;
import io.grpc.netty.NettyChannelBuilder;
import io.netty.handler.ssl.SslContext;
import io.netty.handler.ssl.SslContextBuilder;
import io.netty.handler.ssl.SslProvider;
import org.apache.commons.codec.binary.Hex;
import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;
import org.bouncycastle.asn1.x500.RDN;
import org.bouncycastle.asn1.x500.X500Name;
import org.bouncycastle.asn1.x500.style.BCStyle;
import org.bouncycastle.asn1.x500.style.IETFUtils;
import org.bouncycastle.cert.jcajce.JcaX509CertificateHolder;
import org.bouncycastle.crypto.Digest;
import org.bouncycastle.crypto.digests.SHA256Digest;
import org.hyperledger.fabric.sdk.exception.CryptoException;
import org.hyperledger.fabric.sdk.helper.Config;
import org.hyperledger.fabric.sdk.security.CryptoPrimitives;

import static java.lang.String.format;
import static java.nio.charset.StandardCharsets.UTF_8;
import static org.hyperledger.fabric.sdk.helper.Utils.parseGrpcUrl;

class Endpoint {
    private static final Log logger = LogFactory.getLog(Endpoint.class);

    private static final String SSLPROVIDER = Config.getConfig().getDefaultSSLProvider();
    private static final String SSLNEGOTIATION = Config.getConfig().getDefaultSSLNegotiationType();

    private final String addr;
    private final int port;
    private final String url;
    private byte[] clientTLSCertificateDigest;
    private byte[] tlsClientCertificatePEMBytes;
    private NettyChannelBuilder channelBuilder = null;

    private static final Map<String, String> CN_CACHE = Collections.synchronizedMap(new HashMap<>());

    Endpoint(String url, Properties properties) {
        logger.trace(format("Creating endpoint for url %s", url));
        this.url = url;
        String cn = null;
        String sslp = null;
        String nt = null;
        byte[] pemBytes = null;
        X509Certificate[] clientCert = null;
        PrivateKey clientKey = null;
        Properties purl = parseGrpcUrl(url);
        String protocol = purl.getProperty("protocol");
        this.addr = purl.getProperty("host");
        this.port = Integer.parseInt(purl.getProperty("port"));

        if (properties != null) {

            final AbstractMap.SimpleImmutableEntry<PrivateKey, X509Certificate[]> clientTLSProps = getClientTLSProps(properties);
            if (clientTLSProps != null) {
                clientCert = clientTLSProps.getValue();
                clientKey = clientTLSProps.getKey();
            }

            if ("grpcs".equals(protocol)) {
                CryptoPrimitives cp;
                try {
                    cp = new CryptoPrimitives();
                } catch (Exception e) {
                    throw new RuntimeException(e);
                }

                try (ByteArrayOutputStream bis = new ByteArrayOutputStream(64000)) {
                    byte[] pb = (byte[]) properties.get("pemBytes");
                    if (null != pb) {
                        bis.write(pb);
                    }
                    if (properties.containsKey("pemFile")) {

                        String pemFile = properties.getProperty("pemFile");

                        String[] pems = pemFile.split("[ \t]*,[ \t]*");

                        for (String pem : pems) {
                            if (null != pem && !pem.isEmpty()) {
                                try {
                                    bis.write(Files.readAllBytes(Paths.get(pem)));
                                } catch (IOException e) {
                                    throw new RuntimeException(format("Failed to read certificate file %s",
                                            new File(pem).getAbsolutePath()), e);
                                }
                            }
                        }

                    }
                    pemBytes = bis.toByteArray();
                    logger.trace(format("Endpoint %s pemBytes: %s", url, Hex.encodeHexString(pemBytes)));

                    if (pemBytes.length == 0) {
                        pemBytes = null;
                    }
                } catch (IOException e) {
                    throw new RuntimeException("Failed to read CA certificates file %s", e);
                }

                if (pemBytes == null) {
                    logger.warn(format("Endpoint %s is grpcs with no CA certificates", url));
                }

                if (null != pemBytes) {
                    try {
                        cn = properties.getProperty("hostnameOverride");
                        if (cn == null && "true".equals(properties.getProperty("trustServerCertificate"))) {
                            final String cnKey = new String(pemBytes, UTF_8);
                            cn = CN_CACHE.get(cnKey);
                            if (cn == null) {
                                X500Name x500name = new JcaX509CertificateHolder(
                                        (X509Certificate) cp.bytesToCertificate(pemBytes)).getSubject();
                                RDN rdn = x500name.getRDNs(BCStyle.CN)[0];
                                cn = IETFUtils.valueToString(rdn.getFirst().getValue());
                                CN_CACHE.put(cnKey, cn);
                            }
                        }
                    } catch (Exception e) {
                        /// Mostly a development env. just log it.
                        logger.error(
                                "Error getting Subject CN from certificate. Try setting it specifically with hostnameOverride property. "
                                        + e.getMessage());
                    }
                }
                // check for mutual TLS - both clientKey and clientCert must be present
                byte[] ckb = null, ccb = null;
                if (properties.containsKey("clientKeyFile") && properties.containsKey("clientKeyBytes")) {
                    throw new RuntimeException("Properties \"clientKeyFile\" and \"clientKeyBytes\" must cannot both be set");
                } else if (properties.containsKey("clientCertFile") && properties.containsKey("clientCertBytes")) {
                    throw new RuntimeException("Properties \"clientCertFile\" and \"clientCertBytes\" must cannot both be set");
                } else if (properties.containsKey("clientKeyFile") || properties.containsKey("clientCertFile")) {
                    if ((properties.getProperty("clientKeyFile") != null) && (properties.getProperty("clientCertFile") != null)) {
                        try {
                            logger.trace(format("Endpoint %s reading clientKeyFile: %s", url, properties.getProperty("clientKeyFile")));
                            ckb = Files.readAllBytes(Paths.get(properties.getProperty("clientKeyFile")));
                            logger.trace(format("Endpoint %s reading clientCertFile: %s", url, properties.getProperty("clientCertFile")));
                            ccb = Files.readAllBytes(Paths.get(properties.getProperty("clientCertFile")));
                        } catch (IOException e) {
                            throw new RuntimeException("Failed to parse TLS client key and/or cert", e);
                        }
                    } else {
                        throw new RuntimeException("Properties \"clientKeyFile\" and \"clientCertFile\" must both be set or both be null");
                    }
                } else if (properties.containsKey("clientKeyBytes") || properties.containsKey("clientCertBytes")) {
                    ckb = (byte[]) properties.get("clientKeyBytes");
                    ccb = (byte[]) properties.get("clientCertBytes");
                    if ((ckb == null) || (ccb == null)) {
                        throw new RuntimeException("Properties \"clientKeyBytes\" and \"clientCertBytes\" must both be set or both be null");
                    }
                }

                if ((ckb != null) && (ccb != null)) {
                    String what = "private key";
                    byte[] whatBytes = new byte[0];
                    try {
                        logger.trace("client TLS private key bytes size:" + ckb.length);
                        whatBytes = ckb;
                        logger.trace("client TLS key bytes:" + Hex.encodeHexString(ckb));
                        clientKey = cp.bytesToPrivateKey(ckb);
                        logger.trace("converted TLS key.");
                        what = "certificate";
                        whatBytes = ccb;
                        logger.trace("client TLS certificate bytes:" + Hex.encodeHexString(ccb));
                        clientCert = new X509Certificate[]{(X509Certificate) cp.bytesToCertificate(ccb)};
                        logger.trace("converted client TLS certificate.");
                        tlsClientCertificatePEMBytes = ccb; // Save this away it's the exact pem we used.
                    } catch (CryptoException e) {
                        logger.error(format("Failed endpoint %s to parse %s TLS client %s", url, what, new String(whatBytes)));
                        throw new RuntimeException(format("Failed endpoint %s to parse TLS client %s", url, what), e);
                    }
                }

                sslp = properties.getProperty("sslProvider");

                if (null == sslp) {
                    sslp = SSLPROVIDER;
                    logger.trace(format("Endpoint %s specific SSL provider not found use global value: %s ", url, SSLPROVIDER));
                }
                if (!"openSSL".equals(sslp) && !"JDK".equals(sslp)) {
                    throw new RuntimeException(format("Endpoint %s property of sslProvider has to be either openSSL or JDK. value: '%s'", url, sslp));
                }

                nt = properties.getProperty("negotiationType");
                if (null == nt) {
                    nt = SSLNEGOTIATION;
                    logger.trace(format("Endpoint %s specific Negotiation type not found use global value: %s ", url, SSLNEGOTIATION));
                }

                if (!"TLS".equals(nt) && !"plainText".equals(nt)) {
                    throw new RuntimeException(format("Endpoint %s property of negotiationType has to be either TLS or plainText. value: '%s'", url, nt));
                }
            }
        }

        try {
            if (protocol.equalsIgnoreCase("grpc")) {
                this.channelBuilder = NettyChannelBuilder.forAddress(addr, port).usePlaintext(true);
                addNettyBuilderProps(channelBuilder, properties);
            } else if (protocol.equalsIgnoreCase("grpcs")) {
                if (pemBytes == null) {
                    // use root certificate
                    this.channelBuilder = NettyChannelBuilder.forAddress(addr, port);
                    addNettyBuilderProps(channelBuilder, properties);
                } else {
                    try {

                        logger.trace(format("Endpoint %s Negotiation type: '%s', SSLprovider: '%s'", url, nt, sslp));
                        SslProvider sslprovider = sslp.equals("openSSL") ? SslProvider.OPENSSL : SslProvider.JDK;
                        NegotiationType ntype = nt.equals("TLS") ? NegotiationType.TLS : NegotiationType.PLAINTEXT;

                        SslContextBuilder clientContextBuilder = getSslContextBuilder(clientCert, clientKey, sslprovider);
                        SslContext sslContext;

                        logger.trace(format("Endpoint %s  final server pemBytes: %s", url, Hex.encodeHexString(pemBytes)));

                        try (InputStream myInputStream = new ByteArrayInputStream(pemBytes)) {
                            sslContext = clientContextBuilder
                                    .trustManager(myInputStream)
                                    .build();
                        }

                        channelBuilder = NettyChannelBuilder
                                .forAddress(addr, port)
                                .sslContext(sslContext)
                                .negotiationType(ntype);

                        if (cn != null) {
                            logger.debug(format("Endpoint %s, using CN overrideAuthority: '%s'", url, cn));
                            channelBuilder.overrideAuthority(cn);
                        }
                        addNettyBuilderProps(channelBuilder, properties);
                    } catch (SSLException sslex) {

                        throw new RuntimeException(sslex);
                    }
                }
            } else {
                throw new RuntimeException("invalid protocol: " + protocol);
            }
        } catch (RuntimeException e) {
            logger.error(format("Endpoint %s, exception '%s'", url, e.getMessage()), e);
            throw e;
        } catch (Exception e) {
            logger.error(format("Endpoint %s, exception '%s'", url, e.getMessage()), e);
            logger.error(e);
            throw new RuntimeException(e);
        }
    }

    SslContextBuilder getSslContextBuilder(X509Certificate[] clientCert, PrivateKey clientKey, SslProvider sslprovider) {
        SslContextBuilder clientContextBuilder = GrpcSslContexts.configure(SslContextBuilder.forClient(), sslprovider);
        if (clientKey != null && clientCert != null) {
            clientContextBuilder = clientContextBuilder.keyManager(clientKey, clientCert);
        } else {
            logger.debug(format("Endpoint %s with no ssl context", url));
        }
        return clientContextBuilder;
    }

    byte[] getClientTLSCertificateDigest() {
        //The digest must be SHA256 over the DER encoded certificate. The PEM has the exact DER sequence in hex encoding around the begin and end markers

        if (tlsClientCertificatePEMBytes != null && clientTLSCertificateDigest == null) {

            String pemCert = new String(tlsClientCertificatePEMBytes, UTF_8);
            byte[] derBytes = Base64.getDecoder().decode(
                    pemCert.replaceAll("-+[ \t]*(BEGIN|END)[ \t]+CERTIFICATE[ \t]*-+", "").replaceAll("\\s", "").trim()
            );

            Digest digest = new SHA256Digest();
            clientTLSCertificateDigest = new byte[digest.getDigestSize()];
            digest.update(derBytes, 0, derBytes.length);
            digest.doFinal(clientTLSCertificateDigest, 0);
        }

        return clientTLSCertificateDigest;
    }

    private static final Pattern METHOD_PATTERN = Pattern.compile("grpc\\.NettyChannelBuilderOption\\.([^.]*)$");
    private static final Map<Class<?>, Class<?>> WRAPPERS_TO_PRIM = new ImmutableMap.Builder<Class<?>, Class<?>>()
            .put(Boolean.class, boolean.class).put(Byte.class, byte.class).put(Character.class, char.class)
            .put(Double.class, double.class).put(Float.class, float.class).put(Integer.class, int.class)
            .put(Long.class, long.class).put(Short.class, short.class).put(Void.class, void.class).build();

    private void addNettyBuilderProps(NettyChannelBuilder channelBuilder, Properties props)
            throws NoSuchMethodException, InvocationTargetException, IllegalAccessException {

        if (props == null) {
            return;
        }

        for (Map.Entry<?, ?> es : props.entrySet()) {
            Object methodprop = es.getKey();
            if (methodprop == null) {
                continue;
            }
            String methodprops = String.valueOf(methodprop);

            Matcher match = METHOD_PATTERN.matcher(methodprops);

            String methodName = null;

            if (match.matches() && match.groupCount() == 1) {
                methodName = match.group(1).trim();

            }
            if (null == methodName || "forAddress".equals(methodName) || "build".equals(methodName)) {

                continue;
            }

            Object parmsArrayO = es.getValue();
            Object[] parmsArray;
            if (!(parmsArrayO instanceof Object[])) {
                parmsArray = new Object[]{parmsArrayO};

            } else {
                parmsArray = (Object[]) parmsArrayO;
            }

            Class<?>[] classParms = new Class[parmsArray.length];
            int i = -1;
            for (Object oparm : parmsArray) {
                ++i;

                if (null == oparm) {
                    classParms[i] = Object.class;
                    continue;
                }

                Class<?> unwrapped = WRAPPERS_TO_PRIM.get(oparm.getClass());
                if (null != unwrapped) {
                    classParms[i] = unwrapped;
                } else {

                    Class<?> clz = oparm.getClass();

                    Class<?> ecz = clz.getEnclosingClass();
                    if (null != ecz && ecz.isEnum()) {
                        clz = ecz;
                    }

                    classParms[i] = clz;
                }
            }

            final Method method = channelBuilder.getClass().getMethod(methodName, classParms);

            method.invoke(channelBuilder, parmsArray);

            if (logger.isTraceEnabled()) {
                StringBuilder sb = new StringBuilder(200);
                String sep = "";
                for (Object p : parmsArray) {
                    sb.append(sep).append(p + "");
                    sep = ", ";

                }
                logger.trace(format("Endpoint with url: %s set managed channel builder method %s (%s) ", url,
                        method, sb.toString()));

            }

        }

    }

    AbstractMap.SimpleImmutableEntry<PrivateKey, X509Certificate[]> getClientTLSProps(Properties properties) {

        // check for mutual TLS - both clientKey and clientCert must be present
        byte[] ckb = null, ccb = null;
        if (properties.containsKey("clientKeyPem") || properties.containsKey("clientCertPem")) {
            if ((properties.getProperty("clientKeyPem") != null) && (properties.getProperty("clientCertPem") != null)) {
                logger.trace(format("Endpoint %s reading clientKeyPem: %s", url, properties.getProperty("clientKeyPem")));
                ckb = properties.getProperty("clientKeyPem").getBytes();
                logger.trace(format("Endpoint %s reading clientCertPem: %s", url, properties.getProperty("clientCertPem")));
                ccb = properties.getProperty("clientCertPem").getBytes();

            } else {
                throw new RuntimeException("Properties \"clientKeyFile\" and \"clientCertFile\" must both be set or both be null");
            }
        }

        if ((ckb != null) && (ccb != null)) {
            String what = "private key";
            byte[] whatBytes = new byte[0];
            try {

                CryptoPrimitives cp;
                try {
                    cp = new CryptoPrimitives();
                } catch (Exception e) {
                    throw new RuntimeException(e);
                }

                logger.trace("client TLS private key bytes size:" + ckb.length);
                whatBytes = ckb;
                logger.trace("client TLS key bytes:" + Hex.encodeHexString(ckb));
                PrivateKey clientKey = cp.bytesToPrivateKey(ckb);
                logger.trace("converted TLS key.");
                what = "certificate";
                whatBytes = ccb;
                logger.trace("client TLS certificate bytes:" + Hex.encodeHexString(ccb));
                X509Certificate[] clientCert = new X509Certificate[]{(X509Certificate) cp.bytesToCertificate(ccb)};
                logger.trace("converted client TLS certificate.");
                tlsClientCertificatePEMBytes = ccb; // Save this away it's the exact pem we used.

                return new AbstractMap.SimpleImmutableEntry<>(clientKey, clientCert);
            } catch (CryptoException e) {
                logger.error(format("Failed endpoint %s to parse %s TLS client %s", url, what, new String(whatBytes)));
                throw new RuntimeException(format("Failed endpoint %s to parse TLS client %s", url, what), e);
            }
        }
        return null;
    }

    ManagedChannelBuilder<?> getChannelBuilder() {
        return this.channelBuilder;
    }

    String getHost() {
        return this.addr;
    }

    int getPort() {
        return this.port;
    }

    static Endpoint createEndpoint(String url, Properties properties) {

        return new Endpoint(url, properties);

    }

}

覆盖源码

原因如下:

注入clinet的TLS证书只能通过

clientKeyFile(传递证书路径),
clientKeyBytes(传递证书byte)

通过在connection.json里grpcOptions加入clientKeyFile路径方式可以直接调用,不需要修改源码,但是会依赖多个文件,增加复杂性,而clientKeyBytes可以直接传证书信息,但是得通过byte数组传递,而gateway sdk,整个信息注入都是通过conn.json文件来注入的,无法实现,所以本人修改以上源码,实现直接传pem文件实现client证书注入

而直接采用java-sdk则不存在以上问题,证书的信息,可以手动通过properties注入byte数组

不搬砖的程序员不是好程序员
关注
  • 1
    点赞
  • 4
    收藏
    觉得还不错? 一键收藏
  • 0
    评论
专栏目录
阿里云javasdk源码-spring-fabric-gateway:Fabric-gateway-java的Spring启动状态(https
06-06
阿里云java sdk源码 Spring Fabric 网关 提供了基于 的 Spring MVC 服务和 spring boot starters,更多信息可以从(中文)找到。 依赖关系 使用 Hyperledger Fabric v2.3.0 构建您的 Fabric 网络。 可选,安装默认的通用链码或 . Springboot 初学者 fabric-gateway-spring-boot-starter :一个 spring MVC 启动器。 fabric-explorer-spring-boot-starter :一个简单的 Fabric Explorer 启动器。 如何使用 Spring Boot 配置: 首先,将以下依赖项添加到项目的pom.xml文件中: io.github.ecsoya fabric-gateway-spring-boot-starter ${latest_version}
fabric-java-sdk实现tls.zip
03-07
基于Fabric1.4关于fabric-java-sdk实现tls访问,包括了对sdk调用的完整配置,不包含SDK本身。其中图片内容为crypto-config.yaml部分配置内容。其中SANS对应ChaincodeManager中115行的地址。
fabric-gateway-java 调用虚拟机上的fabric链码,以fabcar为例
zxingyu的博客
03-30 9437
作为学习的记录。我是在虚拟机上搭建了fabric网络和通道,并部署了官方示例fabcar链码,现在想在windows上通过fabric-gateway-java 实现对fabric上链码的调用。 fabric的版本是2.4.0,编译器是IDEA,代码基于springboot框架。 fanric环境的搭建、test-network及通道的创建、链码的部署这里不再赘述。 首先导入如下依赖: <dependency> <groupId>or
理解与解决BouncyCastle库中“ASN1Primitive overrides final method equals”异常
最新发布
gongjin28_csdn的博客
04-25 1118
在实际编程实践中,合理的依赖管理、及时的版本更新以及对核心库特性的深入了解,都是保障项目稳定运行的重要因素。方法在Java中用于比较对象的相等性,如果在一个类中被声明为final,则表示它不允许在其子类中被重写。在Java开发中,尤其是在处理安全相关的编码任务时,开发者经常需要借助强大的第三方加密库——BouncyCastle。假设您正在使用一个较老版本的BouncyCastle库,而另一个依赖项却更新到了新的版本,在新版本中可能已经将。方法声明为了final。类的方法集的库一起使用时,就会抛出此错误。
5. 利用fabric-gateway-java连接并调用fabric链码
klay077的博客
10-21 8469
上一篇文章中记录了自定义链码的部署过程,并利用cli进行了调用。本文尝试利用fabric-gateway-java对链码进行调用。
(Fabric 学习四)Fabric Java SDK 连接fabcar网络
Wannabe_hacker的博客
04-19 4025
一、打开fabcar网络 在/你自己的路径/github.com/hyperledger/fabric/scripts/fabric-samples/fabcar中启动网络 ./networkDown.sh 启动成功后查看启动情况: docker ps -a 如果容器成功打开,则可以进行下一步操作! 二、创建一个springboot项目 创建一个springboot项目 其中选项建议: 2.0 项目结构目录 这是我们最终要生成的项目结构目录,接下来我们将一个一个创建器中的文
Hyperledger Fabric Java App Demo
y19910825的博客
01-08 649
编写一个应用程序来连接到 fabrc 网络中,通过调用智能合约来访问账本.
fabric-java-SDK:2.1.0简单的用法示例
05-20
基于java-sdk实现的简单示例, invoke,query, 创建channel亲测可用, 安装和实例化链码还不能用,此版本是开启TLS的 , 使用方式可以参考https://blog.csdn.net/qq_27348837/article/details/88354838,不成功的可以联系...
fabric-sdk-java开启TLS时的简单示例
07-11
这是fabric-sdk-java在开启tls的情况下的简单引用示例, 详细的描述在https://blog.csdn.net/qq_27348837/article/details/95489720博客中可以看到.
fabric-sdk-java+ springBoot 简单invoke和query引用示例
03-11
这是一个基于spingBoot的项目,通过此项目可以实现对fabric网络的简单调用,并且可以启动一个fabric网路的服务,直接在网页上调用. 搭建流程,首先需要fabric1.4的网络, 1进入-first-network目录,修改byfn.sh中...
fabric-sdk-java demo
01-20
《使用fabric-sdk-java进行区块链操作详解》 在区块链技术领域,Hyperledger Fabric 是一个重要的分布式账本平台,它提供了一套强大的工具供开发者构建企业级的区块链应用。在这个场景中,我们将聚焦于如何使用 `...
fabric-sdk-java调用网络tls验证问题
wsh的专栏
04-19 1640
问题:当通过fabric-sdk-java调用网络时出现以下tls验证问题时可将tls验证关闭   Sending proposal to peer0.org1.example.com failed because of: gRPC failure=Status{code=UNAVAILABLE, description=io exception, cause=javax.net.ssl.S...
JAVA应用关于区块链技术(Fabric超级账本1.4)的心得
沉心ss的博客
07-01 1384
底层技术用的还是Fabric超级账本, 这边java说白了就是做个saas平台来调用,这边可能叫baas平台
Hyperledger Fabric Java Gateway配置解析
千山暮彩
11-29 2684
Hyperledger Fabric 2.x之后逐步减少Java SDK API的使用频率,并希望大家的客户端开发集中使用Gateway来完成。本篇博客将从具体实现的角度带大家串一遍使用Gateway进行链码调用的流程。如果大家只是想直接开发的话,其实不用在意每个接口是如何实现的,直接查API文档看接口即可,我这篇里面结合了一些具体实现去讲解,有兴趣的可以看看。
使用fabric-gateway-java无法连接到test-network网络 gRPC failure=Status{code=UNAVAILABLE
weixin_42777414的博客
05-09 644
最后还是没解决,就把服务改成web应用,打包发到虚拟机里面,curl命令调用,是能够正常返回结果的。fabirc版本是2.5.0, test-network网络是在虚拟机里面部署的。网上找了很多解决方案都不行。但是可以肯定的是网络问题。测试代码是复制的官方代码,本地调试的时候报错。
Fabric 2.0,编写应用(Java版)
zekdot的博客
09-22 2228
本文参考了fabric官网的nodejs版本:https://hyperledger-fabric.readthedocs.io/en/latest/write_first_app.html 使用应用时,网络中必须要有CA,因为我们需要用CA来注册管理员和app用户,然后再以他们的身份去调用智能合约,如以test-network为例,启动时必须使用如下命令: ./network.sh up createChannel -c mychannel -ca 链码这里仍然使用上篇博客所编写的atcc,在编写应用之
Java连接Hyperledger示例Demo
热门推荐
qq_36566262的博客
01-06 1万+
简介 主要是借助fabric-gateway-java提供更简单快速的连接hyperldger网络的方法。
Hyperledger Fabric 2.x Java区块链应用
uuqaz的博客
02-22 989
一、说明 在上一篇文章中《Hyperledger Fabric 2.x 自定义智能合约》分享了智能合约的安装并使用cli客户端进行合约的调用;本文将使用Java代码基于fabric-gateway-java进行区块链网络的访问与交易,并集成SpringBoot框架。 Fabric Gateway SDK 实现Fabric的编程模型,提供了一系列简单的API给应用程序与Fabric区块链网络进行交互; 网络拓扑图: 应用程序将各自的网络交互委托给其网关,每个网关都了解网络...
fabric java sdk peer文件下的msp和tls
05-24
Fabric Java SDK中,peer文件夹下的msp和tls文件夹是用于配置Peer节点的身份验证和安全传输的。 msp文件夹包含Peer节点的成员身份证书和私钥,以及组织的根证书和中间证书。这些证书和私钥用于验证交易发送者的...
评论
添加红包

请填写红包祝福语或标题

红包个数最小为10个

红包金额最低5元

当前余额3.43前往充值 >
需支付:10.00
成就一亿技术人!
领取后你会自动成为博主和红包主的粉丝 规则
hope_wisdom
发出的红包
实付
使用余额支付
点击重新获取
扫码支付
钱包余额 0

抵扣说明:

1.余额是钱包充值的虚拟货币,按照1:1的比例进行支付金额的抵扣。
2.余额无法直接购买下载,可以购买VIP、付费专栏及课程。

余额充值