Uploaded image for project: 'Fabric'
  1. Fabric
  2. FAB-16609

Fail to start with empty KeyStorePath when PKCS11 BCCSP is default

    XMLWordPrintable

Details

    • Story
    • Status: Closed
    • Medium
    • Resolution: Done
    • v2.0.0
    • v2.0.0
    • fabric-crypto
    • None
    • Unset
    • Unset
    • Unset

    Description

      1. Symptoms

      When SW BCCSP is set as default BCCSP provider and 'fileKeystore.KeyStorePath' config for SW BCCSP is empty, the path '[MSP directory]/keystore' is used as keystore path without error.

      But when Fabric is built with pkcs11 tag and PKCS11 BCCSP is default BCCSP provider, it causes error and Fabric node(peer/orderer) fails to start under same condition.
      The 'fileKeystore.KeyStorePath' config of both SW and PKCS11 should be set for removing the error.

      Even though PKCS11 BCCSP does not need keystore, It fails to start because the logic in the PKCS11Factory only checks 'FileKeystore' config - it should also check 'KeyStorePath' under 'FileKeystore'.

      2. Enhancement suggestions

      I suggest 2 changes like below :

      • Set default keystore path( [MSP directory]/keystore ) for SW BCCSP not only default BCCSP provider is SW, but also BCCSP just when config for SW is set(not nil).
      • Check BCCSP 'FileKeystore.KeyStorePath' config of PKCS11 BCCSP, set DummyKeystore if the config is empty( zero length ).

       
       
       

      Attachments

        Issue Links

          Activity

            People

              magpie73 Jeehoon Lim
              magpie73 Jeehoon Lim
              Votes:
              0 Vote for this issue
              Watchers:
              3 Start watching this issue

              Dates

                Created:
                Updated:
                Resolved: