From f3e6feff2c7e61951244793a225052c5d47a68fc Mon Sep 17 00:00:00 2001
From: Bret Harrison <beharrison@nc.rr.com>
Date: Thu, 8 Mar 2018 14:39:32 -0500
Subject: [PATCH] FAB-8723 NodeSDK V1.0 - string env vars

Allow new settings on the HSM cards to be strings
CRYPTO_PKCS11_READWRITE
CRYPTO_PKCS11_USERTYPE

Change-Id: I9a5d7c11e3708ea8e25117c4fdf25c2344473f22
Signed-off-by: Bret Harrison <beharrison@nc.rr.com>
---
 fabric-client/lib/impl/bccsp_pkcs11.js | 14 +++++-
 test/unit/cryptosuite-pkcs11.js        | 65 ++++++++++++++++++++++++--
 2 files changed, 75 insertions(+), 4 deletions(-)

diff --git a/fabric-client/lib/impl/bccsp_pkcs11.js b/fabric-client/lib/impl/bccsp_pkcs11.js
index 0590fc8c71..5f95f66a62 100644
--- a/fabric-client/lib/impl/bccsp_pkcs11.js
+++ b/fabric-client/lib/impl/bccsp_pkcs11.js
@@ -156,6 +156,9 @@ var CryptoSuite_PKCS11 = class extends api.CryptoSuite {
 		var pkcs11UserType = opts ? opts.usertype: null;
 		if (typeof pkcs11UserType === 'undefined' || pkcs11UserType === null)
 			pkcs11UserType = utils.getConfigSetting('crypto-pkcs11-usertype', 1);
+		if (typeof pkcs11UserType === 'string') {
+			pkcs11UserType = Number.parseInt(pkcs11UserType);
+		}
 		if(!Number.isInteger(pkcs11UserType)) {
 			throw new Error(__func() + 'PKCS11 usertype number invalid');
 		}
@@ -166,8 +169,17 @@ var CryptoSuite_PKCS11 = class extends api.CryptoSuite {
 		var pkcs11ReadWrite = opts ? opts.readwrite: null;
 		if (typeof pkcs11ReadWrite === 'undefined' || pkcs11ReadWrite === null)
 			pkcs11ReadWrite = utils.getConfigSetting('crypto-pkcs11-readwrite', true);
+		if (typeof pkcs11ReadWrite === 'string') {
+			if(pkcs11ReadWrite.toLowerCase() === 'true') {
+				pkcs11ReadWrite = true;
+			} else if(pkcs11ReadWrite.toLowerCase() === 'false') {
+				pkcs11ReadWrite = false;
+			} else {
+				throw new Error(__func() + 'PKCS11 readwrite setting must be "true" or "false"');
+			}
+		}
 		if (typeof pkcs11ReadWrite !== 'boolean') {
-			throw new Error(__func() + 'PKCS11 readwrite is invalid');
+			throw new Error(__func() + 'PKCS11 readwrite setting must be a boolean value');
 		}
 		/*
 		 * If no pin specified, get it from env var or config file.
diff --git a/test/unit/cryptosuite-pkcs11.js b/test/unit/cryptosuite-pkcs11.js
index 3a48c253f9..3ca0fd879f 100644
--- a/test/unit/cryptosuite-pkcs11.js
+++ b/test/unit/cryptosuite-pkcs11.js
@@ -18,10 +18,12 @@
 
 var tape = require('tape');
 var _test = require('tape-promise');
+var nconf = require('nconf');
 var test = _test(tape);
 var testutil = require('./util.js');
 var Client = require('fabric-client');
 var PKCS11 = require('fabric-client/lib/impl/bccsp_pkcs11.js');
+var Config = require('fabric-client/lib/Config.js');
 
 test('\n\n** bccsp_pkcs11 tests **\n\n', (t) => {
 	testutil.resetDefaults();
@@ -124,7 +126,7 @@ test('\n\n** bccsp_pkcs11 tests **\n\n', (t) => {
 		function () {
 			let pkcss11 = new PKCS11(256, 'sha2', opts);
 		},
-		/readwrite is invalid/,
+		/readwrite setting must be "true" or "false"/,
 		'Checking: for valid readwrite'
 	);
 	opts.readwrite = false;
@@ -186,14 +188,63 @@ test('\n\n** bccsp_pkcs11 tests **\n\n', (t) => {
 		checkError(error,testing);
 	}
 
-	Client.setConfigSetting('crypto-pkcs11-readwrite', 'false');
+	Client.setConfigSetting('crypto-pkcs11-usertype', '2');
+	testing = 'Checking: for valid usertype in config';
+	try {
+		let pkcss11 = new PKCS11(256, 'sha2');
+		t.fail(testing);
+	} catch(error) {
+		checkError(error,testing);
+	}
+
+	Client.setConfigSetting('crypto-pkcs11-readwrite', 99);
+	t.throws(
+		function () {
+			let pkcss11 = new PKCS11(256, 'sha2');
+		},
+		/readwrite setting must be a boolean value/,
+		'Checking: for valid readwrite'
+	);
+	Client.setConfigSetting('crypto-pkcs11-readwrite', 'not');
 	t.throws(
 		function () {
 			let pkcss11 = new PKCS11(256, 'sha2');
 		},
-		/readwrite is invalid/,
+		/readwrite setting must be "true" or "false"/,
 		'Checking: for valid readwrite'
 	);
+	Client.setConfigSetting('crypto-pkcs11-readwrite', 'false');
+	testing = 'Checking: for valid readwrite in config';
+	try {
+		let pkcss11 = new PKCS11(256, 'sha2');
+		t.fail(testing);
+	} catch(error) {
+		checkError(error,testing);
+	}
+	Client.setConfigSetting('crypto-pkcs11-readwrite', 'true');
+	testing = 'Checking: for valid readwrite in config';
+	try {
+		let pkcss11 = new PKCS11(256, 'sha2');
+		t.fail(testing);
+	} catch(error) {
+		checkError(error,testing);
+	}
+	Client.setConfigSetting('crypto-pkcs11-readwrite', 'False');
+	testing = 'Checking: for valid readwrite in config';
+	try {
+		let pkcss11 = new PKCS11(256, 'sha2');
+		t.fail(testing);
+	} catch(error) {
+		checkError(error,testing);
+	}
+	Client.setConfigSetting('crypto-pkcs11-readwrite', 'True');
+	testing = 'Checking: for valid readwrite in config';
+	try {
+		let pkcss11 = new PKCS11(256, 'sha2');
+		t.fail(testing);
+	} catch(error) {
+		checkError(error,testing);
+	}
 	Client.setConfigSetting('crypto-pkcs11-readwrite', false);
 	testing = 'Checking: for valid readwrite in config';
 	try {
@@ -202,6 +253,14 @@ test('\n\n** bccsp_pkcs11 tests **\n\n', (t) => {
 	} catch(error) {
 		checkError(error,testing);
 	}
+	Client.setConfigSetting('crypto-pkcs11-readwrite', true);
+	testing = 'Checking: for valid readwrite in config';
+	try {
+		let pkcss11 = new PKCS11(256, 'sha2');
+		t.fail(testing);
+	} catch(error) {
+		checkError(error,testing);
+	}
 
 	t.end();
 });