From ecec58b271ecb6a8eb48a06ab06c745e08e6cec0 Mon Sep 17 00:00:00 2001
From: NIKHIL E GUPTA <negupta@us.ibm.com>
Date: Fri, 1 Nov 2019 10:48:41 -0400
Subject: [PATCH] [FAB-15900] Add pkcs11 section to orderer.yaml

As part of effort to add HSM docs and configuration
to Fabric. Section is already in core.yaml and user
would have to add manually

Change-Id: I12b9c13c36ae5d7e9fcd91ef83f3b0942fde9f49
Signed-off-by: NIKHIL E GUPTA <negupta@us.ibm.com>
Signed-off-by: Jason Yellick <jyellick@us.ibm.com>
---
 common/viperutil/config_util.go | 17 +++++++++++++++++
 sampleconfig/orderer.yaml       | 14 ++++++++++++++
 2 files changed, 31 insertions(+)

diff --git a/common/viperutil/config_util.go b/common/viperutil/config_util.go
index f8e295a1d90..8aab468fb81 100644
--- a/common/viperutil/config_util.go
+++ b/common/viperutil/config_util.go
@@ -20,6 +20,7 @@ import (
 
 	"github.com/Shopify/sarama"
 	version "github.com/hashicorp/go-version"
+	"github.com/hyperledger/fabric/bccsp/factory"
 	"github.com/hyperledger/fabric/common/flogging"
 	"github.com/mitchellh/mapstructure"
 	"github.com/pkg/errors"
@@ -305,6 +306,21 @@ func kafkaVersionDecodeHook() mapstructure.DecodeHookFunc {
 	}
 }
 
+func bccspHook(f reflect.Type, t reflect.Type, data interface{}) (interface{}, error) {
+	if t != reflect.TypeOf(&factory.FactoryOpts{}) {
+		return data, nil
+	}
+
+	config := factory.GetDefaultOpts()
+
+	err := mapstructure.Decode(data, config)
+	if err != nil {
+		return nil, errors.Wrap(err, "could not decode bcssp type")
+	}
+
+	return config, nil
+}
+
 // EnhancedExactUnmarshal is intended to unmarshal a config file into a structure
 // producing error when extraneous variables are introduced and supporting
 // the time.Duration type
@@ -330,6 +346,7 @@ func EnhancedExactUnmarshal(v *viper.Viper, output interface{}) error {
 		Result:           output,
 		WeaklyTypedInput: true,
 		DecodeHook: mapstructure.ComposeDecodeHookFunc(
+			bccspHook,
 			customDecodeHook(),
 			byteSizeDecodeHook(),
 			stringFromFileDecodeHook(),
diff --git a/sampleconfig/orderer.yaml b/sampleconfig/orderer.yaml
index f8e24e6762a..aed2580e58f 100644
--- a/sampleconfig/orderer.yaml
+++ b/sampleconfig/orderer.yaml
@@ -124,6 +124,19 @@ General:
             FileKeyStore:
                 KeyStore:
 
+        # Settings for the PKCS#11 crypto provider (i.e. when DEFAULT: PKCS11)
+        PKCS11:
+            # Location of the PKCS11 module library
+            Library:
+            # Token Label
+            Label:
+            # User PIN
+            Pin:
+            Hash:
+            Security:
+            FileKeyStore:
+                KeyStore:
+
     # Authentication contains configuration parameters related to authenticating
     # client messages
     Authentication:
@@ -131,6 +144,7 @@ General:
         # client's time as specified in a client request message
         TimeWindow: 15m
 
+
 ################################################################################
 #
 #   SECTION: File Ledger