v0.0.0-...-3287af7 Latest Latest

This package is not in the latest version of its module.

Go to latest
Published: Jul 22, 2021 License: Apache-2.0 Imports: 29 Imported by: 0




This section is empty.


This section is empty.


func BytesToX509Cert

func BytesToX509Cert(bytes []byte) (*x509.Certificate, error)

BytesToX509Cert converts bytes (PEM or DER) to an X509 certificate

func GetCertID

func GetCertID(bytes []byte) (string, string, error)

GetCertID returns both the serial number and AKI (Authority Key ID) for the certificate

func NormalizeURL

func NormalizeURL(addr string) (*url.URL, error)

NormalizeURL normalizes a URL (from cfssl)


type CAConfig

type CAConfig struct {

CAConfig ...

type CertificateDecoder

type CertificateDecoder struct {
	// contains filtered or unexported fields

CertificateDecoder is needed to keep track of state, to see how many certificates have been returned for each enrollment ID.

type CertificateStatus

type CertificateStatus string

CertificateStatus represents status of an enrollment certificate

const (
	// Revoked is the status of a revoked certificate
	Revoked CertificateStatus = "revoked"
	// Good is the status of a active certificate
	Good = "good"

type Client

type Client struct {
	// The client's home directory
	HomeDir string `json:"homeDir,omitempty"`
	// The client's configuration
	Config *ClientConfig
	// contains filtered or unexported fields

Client is the fabric-ca client object

func (*Client) Enroll

func (c *Client) Enroll(req *api.EnrollmentRequest) (*EnrollmentResponse, error)

Enroll enrolls a new identity @param req The enrollment request

func (*Client) GenCSR

func (c *Client) GenCSR(req *api.CSRInfo, id string) ([]byte, core.Key, error)

GenCSR generates a CSR (Certificate Signing Request)

func (*Client) GetCAInfo

func (c *Client) GetCAInfo(req *api.GetCAInfoRequest) (*GetCAInfoResponse, error)

GetCAInfo returns generic CA information

func (*Client) GetCSP

func (c *Client) GetCSP() core.CryptoSuite

GetCSP returns BCCSP instance associated with this client

func (*Client) Init

func (c *Client) Init() error

Init initializes the client

func (*Client) NewIdentity

func (c *Client) NewIdentity(creds []credential.Credential) (*Identity, error)

NewIdentity creates a new identity

func (*Client) NewX509Identity

func (c *Client) NewX509Identity(name string, creds []credential.Credential) x509cred.Identity

NewX509Identity creates a new identity

func (*Client) SendReq

func (c *Client) SendReq(req *http.Request, result interface{}) (err error)

SendReq sends a request to the fabric-ca-server and fills in the result

func (*Client) StreamResponse

func (c *Client) StreamResponse(req *http.Request, stream string, cb func(*json.Decoder) error) (err error)

StreamResponse reads the response as it comes back from the server

type ClientConfig

type ClientConfig struct {
	URL        string `def:"http://localhost:7054" opt:"u" help:"URL of fabric-ca-server"`
	MSPDir     string `def:"msp" opt:"M" help:"Membership Service Provider directory"`
	TLS        gmtls.ClientTLSConfig
	Enrollment api.EnrollmentRequest
	CSR        api.CSRInfo
	ID         api.RegistrationRequest
	Revoke     api.RevocationRequest
	CAInfo     api.GetCAInfoRequest
	CAName     string           `help:"Name of CA"`
	CSP        core.CryptoSuite `mapstructure:"bccsp" hide:"true"`
	ServerName string           `help:"CA server name to be used in case of host name override"`

	Debug    bool   `opt:"d" help:"Enable debug level logging" hide:"true"`
	LogLevel string `help:"Set logging level (info, warning, debug, error, fatal, critical)"`

ClientConfig is the fabric-ca client's config

type EnrollmentResponse

type EnrollmentResponse struct {
	Identity *Identity
	CAInfo   GetCAInfoResponse

EnrollmentResponse is the response from Client.Enroll and Identity.Reenroll

type GetCAInfoResponse

type GetCAInfoResponse struct {
	// CAName is the name of the CA
	CAName string
	// CAChain is the PEM-encoded bytes of the fabric-ca-server's CA chain.
	// The 1st element of the chain is the root CA cert
	CAChain []byte
	// Idemix issuer public key of the CA
	IssuerPublicKey []byte
	// Idemix issuer revocation public key of the CA
	IssuerRevocationPublicKey []byte
	// Version of the server
	Version string

GetCAInfoResponse is the response from the GetCAInfo call

type Identity

type Identity struct {
	// contains filtered or unexported fields

Identity is fabric-ca's implementation of an identity

func NewIdentity

func NewIdentity(client *Client, name string, creds []credential.Credential) *Identity

NewIdentity is the constructor for identity

func (*Identity) AddAffiliation

func (i *Identity) AddAffiliation(req *api.AddAffiliationRequest) (*api.AffiliationResponse, error)

AddAffiliation adds a new affiliation to the server

func (*Identity) AddIdentity

func (i *Identity) AddIdentity(req *api.AddIdentityRequest) (*api.IdentityResponse, error)

AddIdentity adds a new identity to the server

func (*Identity) Delete

func (i *Identity) Delete(endpoint string, result interface{}, queryParam map[string]string) error

Delete sends a delete request to an endpoint

func (*Identity) Get

func (i *Identity) Get(endpoint, caname string, result interface{}) error

Get sends a get request to an endpoint

func (*Identity) GetAffiliation

func (i *Identity) GetAffiliation(affiliation, caname string) (*api.AffiliationResponse, error)

GetAffiliation returns information about the requested affiliation

func (*Identity) GetAllAffiliations

func (i *Identity) GetAllAffiliations(caname string) (*api.AffiliationResponse, error)

GetAllAffiliations returns all affiliations that the caller is authorized to see

func (*Identity) GetAllIdentities

func (i *Identity) GetAllIdentities(caname string, cb func(*json.Decoder) error) error

GetAllIdentities returns all identities that the caller is authorized to see

func (*Identity) GetECert

func (i *Identity) GetECert() *x509.Signer

GetECert returns the enrollment certificate signer for this identity Returns nil if the identity does not have a X509 credential

func (*Identity) GetIdentity

func (i *Identity) GetIdentity(id, caname string) (*api.GetIDResponse, error)

GetIdentity returns information about the requested identity

func (*Identity) GetName

func (i *Identity) GetName() string

GetName returns the identity name

func (*Identity) GetStreamResponse

func (i *Identity) GetStreamResponse(endpoint string, queryParam map[string]string, stream string, cb func(*json.Decoder) error) error

GetStreamResponse sends a request to an endpoint and streams the response

func (*Identity) ModifyAffiliation

func (i *Identity) ModifyAffiliation(req *api.ModifyAffiliationRequest) (*api.AffiliationResponse, error)

ModifyAffiliation renames an existing affiliation on the server

func (*Identity) ModifyIdentity

func (i *Identity) ModifyIdentity(req *api.ModifyIdentityRequest) (*api.IdentityResponse, error)

ModifyIdentity modifies an existing identity on the server

func (*Identity) Post

func (i *Identity) Post(endpoint string, reqBody []byte, result interface{}, queryParam map[string]string) error

Post sends arbitrary request body (reqBody) to an endpoint. This adds an authorization header which contains the signature of this identity over the body and non-signature part of the authorization header. The return value is the body of the response.

func (*Identity) Put

func (i *Identity) Put(endpoint string, reqBody []byte, queryParam map[string]string, result interface{}) error

Put sends a put request to an endpoint

func (*Identity) Reenroll

Reenroll reenrolls an existing Identity and returns a new Identity @param req The reenrollment request

func (*Identity) Register

func (i *Identity) Register(req *api.RegistrationRequest) (rr *api.RegistrationResponse, err error)

Register registers a new identity @param req The registration request

func (*Identity) RemoveAffiliation

func (i *Identity) RemoveAffiliation(req *api.RemoveAffiliationRequest) (*api.AffiliationResponse, error)

RemoveAffiliation removes an existing affiliation from the server

func (*Identity) RemoveIdentity

func (i *Identity) RemoveIdentity(req *api.RemoveIdentityRequest) (*api.IdentityResponse, error)

RemoveIdentity removes a new identity from the server

func (*Identity) Revoke

Revoke the identity associated with 'id'

type ServerConfig

type ServerConfig struct {
	CAcfg CAConfig `skip:"true"`

ServerConfig ...


Path Synopsis

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL