----- Original message -----
From: "Joaquim Pedro Carvalho de Oliveira" <joaquim-pedro.oliveira@...>
Sent by: fabric@...
To: fabric <fabric@...>
Cc:
Subject: [EXTERNAL] [Hyperledger Fabric] Error using HSM in Fabric 2.2.1. Works fine in 1.4.9.
Date: Mon, Nov 16, 2020 4:03 PM
 

Hello, all!

 

We have a test network in docker-compose using HSM with Fabric 1.4.9 and everything runs fine. After upgrading to Fabric 2.2.1, although orderers started fine, peers show an error saying that "KeyMaterial not found in SigningIdentityInfo". Additional information:

- Images for 1.4.9 and 2.2.1 where recompiled with the appropriate pkcs11 support

- When using Fabric 2.2.1, CouchDB images where upgraded to the recommended version (couchdb:3.1.0)

- The SKI in question exists in HSM;

- Stacktrace apparently shows that SW BCCSP is being used instead of PKCS11 BCCSP, even with CORE_PEER_BCCSP_DEFAULT=PKCS11 set

- Just reverting the images to Fabric 1.4.9 and the corresponding couchdb makes everything work

 

Any tips about what could be the problem?

 

Below is the stack trace from peers:

 

2020-11-16 20:44:57.360 UTC [msp] getSigningIdentityFromConf -> DEBU 01e Could not find SKI [8be4af4a2c4d102e3da0928968d39c69a3d1b98736948509edee8c834626a5f7], trying KeyMaterial field: key with SKI 8be4af4a2c4d102e3da0928968d39c69a3d1b98736948509edee8c834626a5f7 not found in /etc/hyperledger/peer/msp/keystore
Failed getting key for SKI [[139 228 175 74 44 77 16 46 61 160 146 137 104 211 156 105 163 209 185 135 54 148 133 9 237 238 140 131 70 38 165 247]]
github.com/hyperledger/fabric/bccsp/sw.(*CSP).GetKey
    /go/src/github.com/hyperledger/fabric/bccsp/sw/impl.go:170
github.com/hyperledger/fabric/msp.(*bccspmsp).getSigningIdentityFromConf
    /go/src/github.com/hyperledger/fabric/msp/mspimpl.go:218
github.com/hyperledger/fabric/msp.(*bccspmsp).setupSigningIdentity
    /go/src/github.com/hyperledger/fabric/msp/mspimplsetup.go:369
github.com/hyperledger/fabric/msp.(*bccspmsp).preSetupV142
    /go/src/github.com/hyperledger/fabric/msp/mspimplsetup.go:554
github.com/hyperledger/fabric/msp.(*bccspmsp).setupV142
    /go/src/github.com/hyperledger/fabric/msp/mspimplsetup.go:615
github.com/hyperledger/fabric/msp.(*bccspmsp).Setup
    /go/src/github.com/hyperledger/fabric/msp/mspimpl.go:265
github.com/hyperledger/fabric/msp/cache.(*cachedMSP).Setup
    /go/src/github.com/hyperledger/fabric/msp/cache/cache.go:88
github.com/hyperledger/fabric/msp/mgmt.LoadLocalMspWithType
    /go/src/github.com/hyperledger/fabric/msp/mgmt/mgmt.go:33
github.com/hyperledger/fabric/internal/peer/common.InitCrypto
    /go/src/github.com/hyperledger/fabric/internal/peer/common/common.go:144
github.com/hyperledger/fabric/internal/peer/common.InitCmd
    /go/src/github.com/hyperledger/fabric/internal/peer/common/common.go:324
github.com/spf13/cobra.(*Command).execute
    /go/src/github.com/hyperledger/fabric/vendor/github.com/spf13/cobra/command.go:746
github.com/spf13/cobra.(*Command).ExecuteC
    /go/src/github.com/hyperledger/fabric/vendor/github.com/spf13/cobra/command.go:852
github.com/spf13/cobra.(*Command).Execute
    /go/src/github.com/hyperledger/fabric/vendor/github.com/spf13/cobra/command.go:800
main.main
    /go/src/github.com/hyperledger/fabric/cmd/peer/main.go:54
runtime.main
    /usr/local/go/src/runtime/proc.go:203
runtime.goexit
    /usr/local/go/src/runtime/asm_amd64.s:1373
2020-11-16 20:44:57.360 UTC [main] InitCmd -> ERRO 01f Cannot run peer because error when setting up MSP of type bccsp from directory /etc/hyperledger/peer/msp: KeyMaterial not found in SigningIdentityInfo
 

 

Joaquim Pedro Carvalho de Oliveira

Gerente de Divisão

Analista

Superintendência de Produtos e Serviços-Centro de Dados

Diretoria de Operações

+55 (85)4008-4630

+55 (85) 98806-1085