From 50c540e65ed1f2edecfb9c7ec457764ca2d56cce Mon Sep 17 00:00:00 2001
From: Keith Smith <bksmith@us.ibm.com>
Date: Fri, 28 Apr 2017 14:47:08 -0400
Subject: [PATCH] [FAB-3503] Wrong MSP keystore directory location

See [FAB-3503].
The keystore location is in the wrong location.
It is being created in the current working directory, but should
be in the client's HOME/msp directory.

Change-Id: I15d7714a2c7be128cded74d288d062b8d7b96b8a
Signed-off-by: Keith Smith <bksmith@us.ibm.com>
---
 cmd/fabric-ca-client/config.go    |  2 +-
 cmd/fabric-ca-server/main_test.go |  4 ++--
 lib/ca.go                         |  3 +--
 lib/client.go                     |  3 +--
 lib/csp/util.go                   | 29 ++++++++++++++++++++++++++---
 lib/server_test.go                |  1 +
 6 files changed, 32 insertions(+), 10 deletions(-)

diff --git a/cmd/fabric-ca-client/config.go b/cmd/fabric-ca-client/config.go
index 41aef012c..6dce0a861 100644
--- a/cmd/fabric-ca-client/config.go
+++ b/cmd/fabric-ca-client/config.go
@@ -150,7 +150,7 @@ bccsp:
         security: 256
         filekeystore:
             # The directory used for the software file-based keystore
-            keystore: keystore
+            keystore: msp/keystore
 `
 )
 
diff --git a/cmd/fabric-ca-server/main_test.go b/cmd/fabric-ca-server/main_test.go
index b77ff29dc..3053feb6b 100644
--- a/cmd/fabric-ca-server/main_test.go
+++ b/cmd/fabric-ca-server/main_test.go
@@ -263,9 +263,9 @@ func TestClean(t *testing.T) {
 	os.Remove(unsupportedFileType)
 	os.Remove("ca-key.pem")
 	os.Remove("ca-cert.pem")
-	os.Remove("ca-cert.pem")
 	os.Remove("fabric-ca-server.db")
-	os.RemoveAll("msp")
+	os.RemoveAll("keystore")
+	os.RemoveAll("../../testdata/keystore")
 	os.Remove("../../testdata/fabric-ca-server.db")
 	os.Remove("../../testdata/ca-cert.pem")
 }
diff --git a/lib/ca.go b/lib/ca.go
index 32a205f7d..567dc73b5 100644
--- a/lib/ca.go
+++ b/lib/ca.go
@@ -112,8 +112,7 @@ func (ca *CA) init(renew bool) (err error) {
 		return err
 	}
 	// Initialize the crypto layer (BCCSP) for this CA
-	defaultKeyStoreDir := path.Join(ca.HomeDir, "msp", "keystore")
-	ca.csp, err = csp.InitBCCSP(&ca.Config.CSP, defaultKeyStoreDir)
+	ca.csp, err = csp.InitBCCSP(&ca.Config.CSP, ca.HomeDir)
 	if err != nil {
 		return err
 	}
diff --git a/lib/client.go b/lib/client.go
index d357770a4..776873986 100644
--- a/lib/client.go
+++ b/lib/client.go
@@ -89,8 +89,7 @@ func (c *Client) Init() error {
 			return fmt.Errorf("Failed to create cacerts directory: %s", err)
 		}
 		// Initialize BCCSP (the crypto layer)
-		keyStoreDir := path.Join(mspDir, "keystore")
-		c.csp, err = csp.InitBCCSP(&cfg.CSP, keyStoreDir)
+		c.csp, err = csp.InitBCCSP(&cfg.CSP, c.HomeDir)
 		if err != nil {
 			return err
 		}
diff --git a/lib/csp/util.go b/lib/csp/util.go
index 5fc476179..d75232f4b 100644
--- a/lib/csp/util.go
+++ b/lib/csp/util.go
@@ -24,6 +24,8 @@ import (
 	"errors"
 	"fmt"
 	"io/ioutil"
+	"path"
+	"path/filepath"
 	"strings"
 	_ "time" // for ocspSignerFromConfig
 
@@ -47,9 +49,10 @@ func GetDefaultBCCSP() bccsp.BCCSP {
 }
 
 // InitBCCSP initializes BCCSP
-func InitBCCSP(optsPtr **factory.FactoryOpts, keyStoreDir string) (bccsp.BCCSP, error) {
+func InitBCCSP(optsPtr **factory.FactoryOpts, homeDir string) (bccsp.BCCSP, error) {
 	// Initialize the config, setting defaults as needed
 	var opts *factory.FactoryOpts
+	var err error
 	if optsPtr != nil {
 		opts = *optsPtr
 	}
@@ -64,11 +67,16 @@ func InitBCCSP(optsPtr **factory.FactoryOpts, keyStoreDir string) (bccsp.BCCSP,
 		if opts.SwOpts.FileKeystore == nil ||
 			opts.SwOpts.FileKeystore.KeyStorePath == "" {
 			opts.SwOpts.Ephemeral = false
-			opts.SwOpts.FileKeystore = &factory.FileKeystoreOpts{KeyStorePath: keyStoreDir}
+			opts.SwOpts.FileKeystore = &factory.FileKeystoreOpts{KeyStorePath: path.Join("msp", "keystore")}
 		}
+		opts.SwOpts.FileKeystore.KeyStorePath, err = makeFileAbs(opts.SwOpts.FileKeystore.KeyStorePath, homeDir)
+		if err != nil {
+			return nil, fmt.Errorf("Failed to initialize BCCSP: %s", err)
+		}
+		log.Debugf("Software key file store directory: %s", opts.SwOpts.FileKeystore.KeyStorePath)
 	}
 	// Init the BCCSP factories
-	err := factory.InitFactories(opts)
+	err = factory.InitFactories(opts)
 	if err != nil {
 		return nil, fmt.Errorf("Failed to initialize BCCSP Factories: %s", err)
 	}
@@ -236,3 +244,18 @@ func ImportBCCSPKeyFromPEM(keyFile string, myCSP bccsp.BCCSP, temporary bool) (b
 		return nil, fmt.Errorf("Failed to import key from %s: invalid secret key type", keyFile)
 	}
 }
+
+// makeFileAbs makes 'file' absolute relative to 'dir' if not already absolute
+func makeFileAbs(file, dir string) (string, error) {
+	if file == "" {
+		return "", nil
+	}
+	if filepath.IsAbs(file) {
+		return file, nil
+	}
+	path, err := filepath.Abs(filepath.Join(dir, file))
+	if err != nil {
+		return "", fmt.Errorf("Failed making '%s' absolute based on '%s'", file, dir)
+	}
+	return path, nil
+}
diff --git a/lib/server_test.go b/lib/server_test.go
index f3f91e9fd..2c8143b7e 100644
--- a/lib/server_test.go
+++ b/lib/server_test.go
@@ -700,6 +700,7 @@ func TestEnd(t *testing.T) {
 	os.RemoveAll(rootDir)
 	os.RemoveAll(intermediateDir)
 	os.RemoveAll("multica")
+	os.RemoveAll(serversDir)
 	cleanMultiCADir()
 }