Revert change to Idemix credential directory

Also some minor code tidy-up.

Signed-off-by: Mark S. Lewis <Mark.S.Lewis@outlook.com>

Author: bestbeforetoday

docs/source/deployguide/cadeploy.md

@@ -447,6 +447,7 @@ These folders are used by the Fabric CA client to:
        |   └── 60b6a16b8b5ba3fc3113c522cce86a724d7eb92d6c3961cfd9afbd27bf11c37f_sk
        ├── signcerts
        |   └── cert.pem
+       ├── user
        ├── IssuerPublicKey
        └── RevocationPublicKey
    ```
@@ -504,13 +505,13 @@ The resulting folder structure is similar to the following structure. (Some fold
 fabric-ca-client
 └── tls-ca
     └── icaadmin
-        ├── user
         └── msp
             ├── cacerts
             ├── keystore
             |   └── key.pem
             ├── signcerts
             |   └── cert.pem
+            ├── user
             ├── tlscacerts
             ├── IssuerPublicKey
             └── RevocationPublicKey

docs/source/operations_guide.rst

@@ -233,16 +233,16 @@ issued form the CA. You will see files such as the ones below:
 
    admin
    ├── fabric-ca-client-config.yaml
-   ├── user
    └── msp
        ├── IssuerPublicKey
        ├── RevocationPublicKey
        ├── cacerts
        │   └── 0-0-0-0-7053.pem
        ├── keystore
        │   └── 60b6a16b8b5ba3fc3113c522cce86a724d7eb92d6c3961cfd9afbd27bf11c37f_sk
-       └── signcerts
-           └── cert.pem
+       ├── signcerts
+       │   └── cert.pem
+       └── user
 
 The ``fabric-ca-client-config.yaml`` is a file that is generated by the CA client,
 this file contains the configuration of the CA client. There are three other important files

lib/client.go

@@ -53,7 +53,7 @@ type Client struct {
 	// Denotes if the client object is already initialized
 	initialized bool
 	// File and directory paths
-	keyFile, certFile, idemixCredFile, idemixCredsDir, ipkFile, caCertsDir string
+	keyFile, certFile, idemixCredFile, ipkFile, caCertsDir string
 	// The crypto service provider (BCCSP)
 	csp bccsp.BCCSP
 	// HTTP client associated with this Fabric CA client
@@ -126,12 +126,12 @@ func (c *Client) Init() error {
 		c.ipkFile = filepath.Join(mspDir, "IssuerPublicKey")
 
 		// Idemix credentials directory
-		c.idemixCredsDir = path.Join(c.HomeDir, "user")
-		err = os.MkdirAll(c.idemixCredsDir, 0o755)
+		idemixCredsDir := path.Join(mspDir, "user")
+		err = os.MkdirAll(idemixCredsDir, 0o755)
 		if err != nil {
 			return errors.Wrap(err, "Failed to create Idemix credentials directory 'user'")
 		}
-		c.idemixCredFile = path.Join(c.idemixCredsDir, "SignerConfig")
+		c.idemixCredFile = path.Join(idemixCredsDir, "SignerConfig")
 
 		// Initialize BCCSP (the crypto layer)
 		c.csp, err = util.InitBCCSP(&cfg.CSP, mspDir, c.HomeDir)

lib/client/credential/idemix/credential.go

@@ -109,15 +109,18 @@ func (cred *Credential) Store() error {
 		EnrollmentId:                    caSignerConfig.EnrollmentID,
 		CredentialRevocationInformation: caSignerConfig.CredentialRevocationInformation,
 	}
+
 	signerConfigBytes, err := proto2.Marshal(mspSignerConfig)
 	if err != nil {
 		return errors.Wrapf(err, "Failed to marshal SignerConfig")
 	}
-	err = util.WriteFile(cred.signerConfigFile, signerConfigBytes, 0o644)
-	if err != nil {
+
+	if err := util.WriteFile(cred.signerConfigFile, signerConfigBytes, 0o644); err != nil {
 		return errors.WithMessage(err, "Failed to store the Idemix credential")
 	}
+
 	log.Infof("Stored the Idemix credential at %s", cred.signerConfigFile)
+
 	return nil
 }
 
@@ -131,30 +134,26 @@ func (cred *Credential) Load() error {
 	}
 
 	// Load the MSP signer config
-	var val SignerConfig
 	mspSignerConfig := &msp.IdemixMSPSignerConfig{}
-	err = proto2.Unmarshal(signerConfigBytes, mspSignerConfig)
-	if err == nil {
-		val = SignerConfig{
+	if err := proto2.Unmarshal(signerConfigBytes, mspSignerConfig); err == nil {
+		cred.val = &SignerConfig{
 			Cred:                            mspSignerConfig.Cred,
 			Sk:                              mspSignerConfig.Sk,
 			OrganizationalUnitIdentifier:    mspSignerConfig.OrganizationalUnitIdentifier,
 			Role:                            int(mspSignerConfig.Role),
 			EnrollmentID:                    mspSignerConfig.EnrollmentId,
 			CredentialRevocationInformation: mspSignerConfig.CredentialRevocationInformation,
 		}
+		return nil
 	}
 
-	if err != nil {
-		// try to unmarshal via json
-		val = SignerConfig{}
-		err = json.Unmarshal(signerConfigBytes, &val)
-		if err != nil {
-			return errors.Wrapf(err, "Failed to unmarshal SignerConfig bytes from %s", cred.signerConfigFile)
-		}
+	// try to unmarshal via json
+	val := new(SignerConfig)
+	if err := json.Unmarshal(signerConfigBytes, val); err != nil {
+		return errors.Wrapf(err, "Failed to unmarshal SignerConfig bytes from %s", cred.signerConfigFile)
 	}
 
-	cred.val = &val
+	cred.val = val
 	return nil
 }
 

lib/client_test.go

@@ -209,10 +209,10 @@ func TestIdemixEnroll(t *testing.T) {
 		t.Fatalf("Failed to store identity: %s", err.Error())
 	}
 
-	_, err = client.LoadIdentity("", filepath.Join(clientHome, "msp/signcerts/cert.pem"), filepath.Join(clientHome, "user/SignerConfig"))
+	_, err = client.LoadIdentity("", filepath.Join(clientHome, "msp/signcerts/cert.pem"), filepath.Join(clientHome, "msp/user/SignerConfig"))
 	assert.NoError(t, err, "Failed to load identity that has both X509 and Idemix credentials")
 
-	_, err = client.LoadIdentity("", "", filepath.Join(clientHome, "user/SignerConfig"))
+	_, err = client.LoadIdentity("", "", filepath.Join(clientHome, "msp/user/SignerConfig"))
 	assert.NoError(t, err, "Failed to load identity that only has Idemix credential")
 
 	// Error case, invalid x509 and Idemix credential

scripts/fvt/idemix_test.sh

@@ -40,7 +40,7 @@ function getIdemixCred() {
     $FABRIC_CA_CLIENTEXEC enroll -u "${PROTO}${USERNAME}:$USERPSWD@$CA_HOST_ADDRESS:$PROXY_PORT" -H $CA_CFG_PATH/$USERNAME --enrollment.type idemix -d $TLSOPT
     test $? -eq 0 || ErrorMsg "Failed to complete 'enroll' command"
 
-    CLIENTCERT="$CA_CFG_PATH/$USERNAME/user/SignerConfig"
+    CLIENTCERT="$CA_CFG_PATH/$USERNAME/msp/user/SignerConfig"
     if [ ! -f $CLIENTCERT ]; then
         ErrorMsg "Idemix credential was not stored in the correct location"
     fi