feat:support tls gateway for chain sdk --story=0

chain/sdk.go

@@ -14,7 +14,7 @@ import (
 
 	"chainmaker.org/chainmaker/common/v2/crypto/x509"
 	"chainmaker.org/chainmaker/common/v2/log"
-	chainmaker_sdk_go "chainmaker.org/chainmaker/sdk-go/v2"
+	chainmakersdk "chainmaker.org/chainmaker/sdk-go/v2"
 	"go.uber.org/zap"
 )
 
@@ -25,6 +25,9 @@ type NodeConf struct {
 	EnableTls   bool
 	TlsHostName string
 	CaCert      string
+
+	// TLS chain hostname(如果是网关，tlsHostName是网关，当前为链的配置nginx的寻址地址)
+	ChainTlsHostName string
 }
 
 // createSDKClient 创建 sdk client
@@ -40,31 +43,31 @@ type NodeConf struct {
 //	@return error
 func createSDKClient(nodeConfs []NodeConf, chainId, chainMode, signKey, signCert,
 	hashMethod, orgId, userTlsCert, userTlsKey, userEncCert, userEncKey,
-	logPath, proxyUrl string) (sdkClient *chainmaker_sdk_go.ChainClient, err error) {
-	rpcConf := chainmaker_sdk_go.NewRPCClientConfig(
-		chainmaker_sdk_go.WithRPCClientGetTxTimeout(60),
-		chainmaker_sdk_go.WithRPCClientSendTxTimeout(60),
-		chainmaker_sdk_go.WithRPCClientMaxReceiveMessageSize(100),
-		chainmaker_sdk_go.WithRPCClientMaxSendMessageSize(100),
+	logPath, proxyUrl string) (sdkClient *chainmakersdk.ChainClient, err error) {
+	rpcConf := chainmakersdk.NewRPCClientConfig(
+		chainmakersdk.WithRPCClientGetTxTimeout(60),
+		chainmakersdk.WithRPCClientSendTxTimeout(60),
+		chainmakersdk.WithRPCClientMaxReceiveMessageSize(100),
+		chainmakersdk.WithRPCClientMaxSendMessageSize(100),
 	)
 
-	cryptoConf := chainmaker_sdk_go.NewCryptoConfig(
-		chainmaker_sdk_go.WithHashAlgo(hashMethod),
+	cryptoConf := chainmakersdk.NewCryptoConfig(
+		chainmakersdk.WithHashAlgo(hashMethod),
 	)
 
-	sdkClientOpts := []chainmaker_sdk_go.ChainClientOption{
-		chainmaker_sdk_go.WithChainClientChainId(chainId),
-		chainmaker_sdk_go.WithCryptoConfig(cryptoConf),
-		chainmaker_sdk_go.WithRetryInterval(500),
-		chainmaker_sdk_go.WithRetryLimit(20),
-		chainmaker_sdk_go.WithEnableNormalKey(false),
-		chainmaker_sdk_go.WithRPCClientConfig(rpcConf),
+	sdkClientOpts := []chainmakersdk.ChainClientOption{
+		chainmakersdk.WithChainClientChainId(chainId),
+		chainmakersdk.WithCryptoConfig(cryptoConf),
+		chainmakersdk.WithRetryInterval(500),
+		chainmakersdk.WithRetryLimit(20),
+		chainmakersdk.WithEnableNormalKey(false),
+		chainmakersdk.WithRPCClientConfig(rpcConf),
 
 		// sdk 日志设置
-		chainmaker_sdk_go.WithChainClientLogger(getDefaultLogger(logPath)),
+		chainmakersdk.WithChainClientLogger(getDefaultLogger(logPath)),
 
 		// 配置代理，如果传了正确地址才有，没传则不走代理
-		chainmaker_sdk_go.WithProxy(proxyUrl),
+		chainmakersdk.WithProxy(proxyUrl),
 	}
 
 	// 添加多个 node 配置
@@ -76,17 +79,20 @@ func createSDKClient(nodeConfs []NodeConf, chainId, chainMode, signKey, signCert
 			return nil, fmt.Errorf("failed to base64 decode caCert,err: %v", err2)
 		}
 
-		nodeConf := chainmaker_sdk_go.NewNodeConfig(
-			chainmaker_sdk_go.WithNodeAddr(n.Url),
-			chainmaker_sdk_go.WithNodeConnCnt(10),
-			chainmaker_sdk_go.WithNodeUseTLS(n.EnableTls),
-			chainmaker_sdk_go.WithNodeTLSHostName(n.TlsHostName),
+		nodeConf := chainmakersdk.NewNodeConfig(
+			chainmakersdk.WithNodeAddr(n.Url),
+			chainmakersdk.WithNodeConnCnt(10),
+			chainmakersdk.WithNodeUseTLS(n.EnableTls),
+			chainmakersdk.WithNodeTLSHostName(n.TlsHostName),
 
 			// 如果是开启 tls，必须传 CaCert
-			chainmaker_sdk_go.WithNodeCACerts([]string{string(caStr)}),
+			chainmakersdk.WithNodeCACerts([]string{string(caStr)}),
+
+			// 如果是网关，tlsHostName是网关，当前为链的配置nginx的寻址地址
+			chainmakersdk.WithNodeChainTLSHostName(n.ChainTlsHostName),
 		)
 
-		sdkClientOpts = append(sdkClientOpts, chainmaker_sdk_go.AddChainClientNodeConfig(nodeConf))
+		sdkClientOpts = append(sdkClientOpts, chainmakersdk.AddChainClientNodeConfig(nodeConf))
 	}
 
 	key, err := base64.StdEncoding.DecodeString(signKey)
@@ -119,22 +125,22 @@ func createSDKClient(nodeConfs []NodeConf, chainId, chainMode, signKey, signCert
 	sdkClientOpts = append(sdkClientOpts,
 
 		// 这里是用于签名的
-		chainmaker_sdk_go.WithUserSignKeyBytes(key),
+		chainmakersdk.WithUserSignKeyBytes(key),
 
 		// tls，用于验证节点端证书有效性的，并不是签名用的
-		chainmaker_sdk_go.WithUserKeyBytes(userKey),
-		chainmaker_sdk_go.WithUserCrtBytes(userCert),
+		chainmakersdk.WithUserKeyBytes(userKey),
+		chainmakersdk.WithUserCrtBytes(userCert),
 
 		// 国密双证书和私钥
-		chainmaker_sdk_go.WithUserEncKeyBytes(userEncKeyRaw),
-		chainmaker_sdk_go.WithUserEncCrtBytes(userEncCertRaw),
+		chainmakersdk.WithUserEncKeyBytes(userEncKeyRaw),
+		chainmakersdk.WithUserEncCrtBytes(userEncCertRaw),
 	)
 
 	switch chainMode {
 	case KEY_MODE_PK:
 
 		sdkClientOpts = append(sdkClientOpts,
-			chainmaker_sdk_go.WithAuthType("public"),
+			chainmakersdk.WithAuthType("public"),
 		)
 	case KEY_MODE_CERT:
 
@@ -144,21 +150,21 @@ func createSDKClient(nodeConfs []NodeConf, chainId, chainMode, signKey, signCert
 		}
 
 		sdkClientOpts = append(sdkClientOpts,
-			chainmaker_sdk_go.WithAuthType("permissionedwithcert"),
-			chainmaker_sdk_go.WithChainClientOrgId(orgId),
+			chainmakersdk.WithAuthType("permissionedwithcert"),
+			chainmakersdk.WithChainClientOrgId(orgId),
 
 			// 这里是用于签名的证书
-			chainmaker_sdk_go.WithUserSignCrtBytes(sCert),
+			chainmakersdk.WithUserSignCrtBytes(sCert),
 		)
 	}
 
 	if signKey != "" {
-		sdkClient, err = chainmaker_sdk_go.NewChainClient(sdkClientOpts...)
+		sdkClient, err = chainmakersdk.NewChainClient(sdkClientOpts...)
 		if err != nil {
 			return nil, fmt.Errorf("failed to new sdk client,err: %v", err)
 		}
 	} else {
-		sdkClient, err = chainmaker_sdk_go.NewChainClientWithoutKey(sdkClientOpts...)
+		sdkClient, err = chainmakersdk.NewChainClientWithoutKey(sdkClientOpts...)
 		if err != nil {
 			return nil, fmt.Errorf("failed to new sdk client without sign key,err: %v", err)
 		}
@@ -180,7 +186,7 @@ func createSDKClient(nodeConfs []NodeConf, chainId, chainMode, signKey, signCert
 //	@return error
 func CreateSDKClient(nodeConfs []NodeConf, chainId, chainMode, signKey, signCert,
 	hashMethod, orgId, userTlsCert, userTlsKey, userEncCert, userEncKey,
-	logPath, proxyUrl string) (*chainmaker_sdk_go.ChainClient, error) {
+	logPath, proxyUrl string) (*chainmakersdk.ChainClient, error) {
 	return createSDKClient(nodeConfs, chainId, chainMode, signKey, signCert, hashMethod, orgId,
 		userTlsCert, userTlsKey, userEncCert, userEncKey, logPath, proxyUrl)
 }
@@ -196,7 +202,7 @@ func CreateSDKClient(nodeConfs []NodeConf, chainId, chainMode, signKey, signCert
 //	@return error
 func CreateSDKClientWithoutKey(nodeConfs []NodeConf, chainId,
 	chainMode, orgId, userTlsCert, userTlsKey, userEncCert, userEncKey,
-	logPath, proxyUrl string) (*chainmaker_sdk_go.ChainClient, error) {
+	logPath, proxyUrl string) (*chainmakersdk.ChainClient, error) {
 	return createSDKClient(nodeConfs, chainId, chainMode, "", "", "",
 		orgId, userTlsCert, userTlsKey, userEncCert, userEncKey, logPath, proxyUrl)
 }
@@ -241,17 +247,17 @@ func getDefaultLogger(logPath string) *zap.SugaredLogger {
 	return logger
 }
 
-func CreateFtpClient(cc *chainmaker_sdk_go.ChainClient, ftpConfigPath string) (*chainmaker_sdk_go.FtpClient, error) {
-	return chainmaker_sdk_go.NewFTPClient(
-		chainmaker_sdk_go.WithFtpConfPath(ftpConfigPath),
-		chainmaker_sdk_go.WithChainClient(cc),
+func CreateFtpClient(cc *chainmakersdk.ChainClient, ftpConfigPath string) (*chainmakersdk.FtpClient, error) {
+	return chainmakersdk.NewFTPClient(
+		chainmakersdk.WithFtpConfPath(ftpConfigPath),
+		chainmakersdk.WithChainClient(cc),
 	)
 }
 
-func CreateKafkaClient(cc *chainmaker_sdk_go.ChainClient, kafkaConfigPath string) (
-	*chainmaker_sdk_go.KafkaClient, error) {
-	return chainmaker_sdk_go.NewKafkaClient(
-		chainmaker_sdk_go.WithKafkaConfPath(kafkaConfigPath),
-		chainmaker_sdk_go.WithChainClientForKafka(cc),
+func CreateKafkaClient(cc *chainmakersdk.ChainClient, kafkaConfigPath string) (
+	*chainmakersdk.KafkaClient, error) {
+	return chainmakersdk.NewKafkaClient(
+		chainmakersdk.WithKafkaConfPath(kafkaConfigPath),
+		chainmakersdk.WithChainClientForKafka(cc),
 	)
 }