Question

I have following this tutorial to setup multiple organizations. According to step 13 before committing transaction requires both organizations should sign off. How can I test that both organizations are endorsing transaction?

Answer 1

Give the proposal responses you are receiving from endorsing peer you can iterate to check validity of the signatures. Here for example code from Java SDK which handles this:

/*
 * Verifies that a Proposal response is properly signed. The payload is the
 * concatenation of the response payload byte string and the endorsement The
 * certificate (public key) is gotten from the Endorsement.Endorser.IdBytes
 * field
 *
 * @param crypto the CryptoPrimitives instance to be used for signing and
 * verification
 *
 * @return true/false depending on result of signature verification
 */
public boolean verify(CryptoSuite crypto) {

    if (isVerified()) { // check if this proposalResponse was already verified   by client code
        return isVerified();
    }

    if (isInvalid()) {
        this.isVerified = false;
    }

    FabricProposalResponse.Endorsement endorsement = this.proposalResponse.getEndorsement();
    ByteString sig = endorsement.getSignature();

    try {
        Identities.SerializedIdentity endorser = Identities.SerializedIdentity
                .parseFrom(endorsement.getEndorser());
        ByteString plainText = proposalResponse.getPayload().concat(endorsement.getEndorser());

        if (config.extraLogLevel(10)) {

            if (null != diagnosticFileDumper) {
                StringBuilder sb = new StringBuilder(10000);
                sb.append("payload TransactionBuilderbytes in hex: " + DatatypeConverter.printHexBinary(proposalResponse.getPayload().toByteArray()));
                sb.append("\n");
                sb.append("endorser bytes in hex: "
                        + DatatypeConverter.printHexBinary(endorsement.getEndorser().toByteArray()));
                sb.append("\n");
                sb.append("plainText bytes in hex: " + DatatypeConverter.printHexBinary(plainText.toByteArray()));

                logger.trace("payload TransactionBuilderbytes:  " +
                        diagnosticFileDumper.createDiagnosticFile(sb.toString()));
            }

        }

        this.isVerified = crypto.verify(endorser.getIdBytes().toByteArray(), config.getSignatureAlgorithm(),
                sig.toByteArray(), plainText.toByteArray()
        );
    } catch (InvalidProtocolBufferException | CryptoException e) {
        logger.error("verify: Cannot retrieve peer identity from ProposalResponse. Error is: " + e.getMessage(), e);
        this.isVerified = false;
    }

    return this.isVerified;
} // verify

Of course you can achive same results with other SDK in pretty similar way.