split eca.CreateCertificatePair API to 2 separate ones

hyperledger-archives / fabric

THIS IS A READ-ONLY historic repository. Current development is at https://gerrit.hyperledger.org/r/#/admin/projects/fabric . pull requests not accepted

https://gerrit.hyperledger.org/

Apache License 2.0

1.17k stars 1.01k forks source link

split eca.CreateCertificatePair API to 2 separate ones #1055

Open frankyclu opened 8 years ago

frankyclu commented 8 years ago

"The CreateCertificatePair functions allows a user to create and read her enrollment certificate pair. For this, the user has to do two successive invocations of this functions"

from usability stand point this is difficult to follow, can we split this into two APIs? this should be trivial since state used to differentiate 2 separate calls is persisted into db

adecaro commented 8 years ago

@diegomasini, please, may you take care of this?

@frankyclu, the piece of code you posted is fine.

frankyclu commented 8 years ago

accidentally deleted previous post, re-post for record keeping purpose.

I had confusion on in.sign and in.sig, looked almost the same to me

`// validate request signature sig := in.Sig in.Sig = nil

    r, s := big.NewInt(0), big.NewInt(0)
    r.UnmarshalText(sig.R)
    s.UnmarshalText(sig.S)

    if in.Sign.Type != pb.CryptoType_ECDSA {
        return nil, errors.New("unsupported key type")
    }
    skey, err := x509.ParsePKIXPublicKey(in.Sign.Key)
    `