Hyperleder Fabric国密改造&一键部署工具&区块链网络修改工具
Posted cway
tags:
篇首语:本文由小常识网(cha138.com)小编为大家整理,主要介绍了Hyperleder Fabric国密改造&一键部署工具&区块链网络修改工具相关的知识,希望对你有一定的参考价值。
A.Fabric国密改造(以2.2版本为例)
A.1.golang国密改造修改文件清单
└─src
└─crypto
│ crypto.go
│
├─ecdsa
│ ecdsa.go
│
├─sm2
│ ber.go
│ p256.go
│ sm2.go
│
├─sm3
│ sm3.go
│
├─sm4
│ key.pem
│ sm4.go
│ sm4_test.go
│
├─tls
│ auth.go
│ cipher_suites.go
│ common.go
│ conn.go
│ handshake_client.go
│ handshake_messages.go
│ handshake_server.go
│ key_agreement.go
│ tls.go
│
└─x509
cert_pool.go
pkcs8.go
sec1.go
x509.go
A.2 Fabric 国密修改文件清单
├─bccsp
│ │ hashopts.go
│ │ sm2opts.go
│ │
│ ├─factory
│ │ opts.go
│ │
│ ├─sw
│ │ conf.go
│ │ ecdsa.go
│ │ ecdsakey.go
│ │ fileks.go
│ │ keyimport.go
│ │ keys.go
│ │ new.go
│ │ sm2.go
│ │ sm2key.go
│ │ sm2_test.go
│ │ sm3sig.go
│ │
│ └─utils
│ ecdsa.go
│
├─cmd
│ └─cryptogen
│ main.go
│
├─core
│ ├─container
│ │ └─externalbuilder
│ │ externalbuilder.go
│ │
│ └─ledger
│ └─kvledger
│ kv_ledger_provider.go
│ snapshot.go
│
├─internal
│ └─cryptogen
│ ├─ca
│ │ ca.go
│ │
│ ├─csp
│ │ csp.go
│ │
│ └─msp
│ msp.go
│
└─msp
identities.go
mspimpl.go
A.3 编译链码的baseos容器
Dockerfile
gosrc.tar.gz
makego.sh
VERSION
B. Fabric Java SDK 及 fabric gateway 国密修改清单
B.1 bouncy castle 库国密算法处理过程完善
包括 bcprov 和 bcpkix
bcpkix-jdk15on-165-update.zip
bcprov-jdk15on-165-update.zip
B.2 netty库修改
主要是netty-handler中关于SSL协议中证书验证部分
netty-handler-4.1.38.Final-update.zip
B.3 替换netty-tcnative-boringssl二级制接口库实现为编译 netty-tcnative-openssl
netty-tcnative-openssl-static-2.0.30.Final-linux-x86_64.jar
B.4 OpenSSL库实现基于TASSL,但其兼容国密不完善,完善后可用。
TASSL-1.1.1b-1.3-update.zip
C. Fabric API 网关
基于SpringBoot开发http服务访问fabric
具体不详述,注意两个配置文件
connection.json 是工具生成的区块链连接参数文件
fabric-cc-config.json 是 访问智能合约的参数文件
D. 部署工具&定制工具
D.1 编写 区块链配置文件
"globalConfig":
"caInfo":
"country": "XXX",
"locality": "XXXXX",
"organizationalUnit": "XXXXXX",
"postalCode": "XXXXX",
"province": "XXX",
"streetAddress": "XXXXXXXXXXX"
,
"dockerImagePath": "./images",
"dockerImageType": "dockerhub",
"dockerType": "sshdocker",
"domain": "example.com",
"host": "172.16.0.72",
"remoteAccess":
"remotePath": "/home/ubuntu2004/setup",
"sshHost": "172.16.0.72",
"sshPass": "12345678",
"sshPort": "22",
"sshUser": "ubuntu2004"
,
"toolsConfig":
"dockerImage": "cwchain/fabric-tools:2.2.1_gm",
"dockerName": "tools",
"toolsType": "sshdocker"
,
"orderersConfig":
"dockerImage": "cwchain/fabric-orderer:2.2.1_gm",
"orderers": [
"name": "orderer1",
"host": "172.16.0.72",
"port": "7050",
"remoteAccess":
"remotePath": "/home/ubuntu2004/setup",
"sshHost": "172.16.0.72",
"sshPass": "12345678",
"sshPort": "22",
"sshUser": "ubuntu2004"
,
"name": "orderer2",
"host": "172.16.0.72",
"port": "8050",
"remoteAccess":
"remotePath": "/home/ubuntu2004/setup",
"sshHost": "172.16.0.72",
"sshPass": "12345678",
"sshPort": "22",
"sshUser": "ubuntu2004"
,
"name": "orderer3",
"host": "172.16.0.72",
"port": "9050",
"remoteAccess":
"remotePath": "/home/ubuntu2004/setup",
"sshHost": "172.16.0.72",
"sshPass": "12345678",
"sshPort": "22",
"sshUser": "ubuntu2004"
]
,
"orgsConfig":
"chaincodeBuilderDockerImage": "cwchain/fabric-ccenv:2.2.1_gm",
"dockerImage": "cwchain/fabric-peer:2.2.1_gm",
"golangBaseDockerImage": "cwchain/fabric-baseos:2.2.1",
"orgs": [
"admin": "Admin",
"domain": "org1",
"name": "Org1",
"peers": [
"name": "peer0",
"host": "172.16.0.72",
"port": "7051",
"operationPort":"9443",
"remoteAccess":
"remotePath": "/home/ubuntu2004/setup",
"sshHost": "172.16.0.72",
"sshPass": "12345678",
"sshPort": "22",
"sshUser": "ubuntu2004"
,
"name": "peer1",
"host": "172.16.0.72",
"port": "8051",
"operationPort":"10443",
"remoteAccess":
"remotePath": "/home/ubuntu2004/setup",
"sshHost": "172.16.0.72",
"sshPass": "12345678",
"sshPort": "22",
"sshUser": "ubuntu2004"
,
"name": "peer2",
"host": "172.16.0.72",
"port": "9051",
"operationPort":"11443",
"remoteAccess":
"remotePath": "/home/ubuntu2004/setup",
"sshHost": "172.16.0.72",
"sshPass": "12345678",
"sshPort": "22",
"sshUser": "ubuntu2004"
],
"users": [
"name": "User1"
]
]
D.2 部署工具命令
│ 0.network-testenv.sh
│ 1.fromtplcreate.sh
│ 2.generate.sh
│ 3.network-compose.sh
│ 4.network-addchannel.sh
│ 5.network-installcc.sh
其中需要channel配置文件和链码配置文件
"name":"c001",
"join":"all",
"orgs":[
"name":"Org1"
,
"name":"Org2"
]
"name":"fabcar",
"package":"fabcar.tar.gz",
"version":"1.0",
"sequence":"1",
"initFunc":"initLedger",
"testFunc":"queryAllCars",
"installOnOrgs":"all",
"installOnChannels":"p001",
"orgs":[
"name":"Org1",
"peers":[
"peer0",
"peer1"
]
,
"name":"Org2",
"peers":[
"peer0",
"peer1"
]
]
D.3 修改区块链结构的命令
│ 6.update-addorderer.sh
│ 7.update-removeorderer.sh
│ 8.update-addorg.sh
│ 9.update-addorg-installcc.sh
│ a.update-removeorg.sh
│ b.update-addpeer.sh
│ c.update-removepeer.sh
D.4 生成API网关连接参数文件
d.generate-connection.sh
以上是关于Hyperleder Fabric国密改造&一键部署工具&区块链网络修改工具的主要内容,如果未能解决你的问题,请参考以下文章