Documentation ¶
Overview ¶
Copyright IBM Corp. All Rights Reserved.
SPDX-License-Identifier: Apache-2.0
Index ¶
- Constants
- func GetIdemixMspConfig(dir string, ID string) (*msp.MSPConfig, error)
- func GetRoleMaskFromIdemixRole(role Role) int
- func ProviderTypeToString(id ProviderType) string
- type IdemixSigningIdentity
- type Idemixidentity
- func (id *Idemixidentity) Anonymous() bool
- func (id *Idemixidentity) ExpiresAt() time.Time
- func (id *Idemixidentity) GetIdentifier() *IdentityIdentifier
- func (id *Idemixidentity) GetMSPIdentifier() string
- func (id *Idemixidentity) GetOrganizationalUnits() []*OUIdentifier
- func (id *Idemixidentity) SatisfiesPrincipal(principal *m.MSPPrincipal) error
- func (id *Idemixidentity) Serialize() ([]byte, error)
- func (id *Idemixidentity) Validate() error
- func (id *Idemixidentity) Verify(msg []byte, sig []byte) error
- type Idemixmsp
- func (msp *Idemixmsp) DeserializeIdentity(serializedID []byte) (Identity, error)
- func (msp *Idemixmsp) DeserializeIdentityInternal(serializedID []byte) (Identity, error)
- func (msp *Idemixmsp) GetDefaultSigningIdentity() (SigningIdentity, error)
- func (msp *Idemixmsp) GetIdentifier() (string, error)
- func (msp *Idemixmsp) GetTLSIntermediateCerts() [][]byte
- func (msp *Idemixmsp) GetTLSRootCerts() [][]byte
- func (msp *Idemixmsp) GetType() ProviderType
- func (msp *Idemixmsp) GetVersion() MSPVersion
- func (id *Idemixmsp) IsWellFormed(identity *m.SerializedIdentity) error
- func (msp *Idemixmsp) SatisfiesPrincipal(id Identity, principal *m.MSPPrincipal) error
- func (msp *Idemixmsp) Setup(conf1 *m.MSPConfig) error
- func (msp *Idemixmsp) Validate(id Identity) error
- type Identity
- type IdentityDeserializer
- type IdentityIdentifier
- type MSP
- type MSPManager
- type MSPVersion
- type OUIdentifier
- type ProviderType
- type Role
- type SigningIdentity
Constants ¶
const ( // AttributeIndexOU contains the index of the OU attribute in the idemix credential attributes AttributeIndexOU = iota // AttributeIndexRole contains the index of the Role attribute in the idemix credential attributes AttributeIndexRole // AttributeIndexEnrollmentId contains the index of the Enrollment ID attribute in the idemix credential attributes AttributeIndexEnrollmentId // AttributeIndexRevocationHandle contains the index of the Revocation Handle attribute in the idemix credential attributes AttributeIndexRevocationHandle )
const ( // AttributeNameOU is the attribute name of the Organization Unit attribute AttributeNameOU = "OU" // AttributeNameRole is the attribute name of the Role attribute AttributeNameRole = "Role" // AttributeNameEnrollmentId is the attribute name of the Enrollment ID attribute AttributeNameEnrollmentId = "EnrollmentID" // AttributeNameRevocationHandle is the attribute name of the revocation handle attribute AttributeNameRevocationHandle = "RevocationHandle" )
const ( MSPv1_0 = iota MSPv1_1 MSPv1_3 MSPv1_4_3 )
const ( IdemixConfigDirMsp = "msp" IdemixConfigDirUser = "user" IdemixConfigFileIssuerPublicKey = "IssuerPublicKey" IdemixConfigFileRevocationPublicKey = "RevocationPublicKey" IdemixConfigFileSigner = "SignerConfig" )
Variables ¶
This section is empty.
Functions ¶
func GetIdemixMspConfig ¶
GetIdemixMspConfig returns the configuration for the Idemix MSP
func GetRoleMaskFromIdemixRole ¶
GetRoleMaskFromIdemixRole return a bitmask for one role
func ProviderTypeToString ¶
func ProviderTypeToString(id ProviderType) string
ProviderTypeToString returns a string that represents the ProviderType integer
Types ¶
type IdemixSigningIdentity ¶
type IdemixSigningIdentity struct { *Idemixidentity Cred []byte UserKey bccsp.Key NymKey bccsp.Key // contains filtered or unexported fields }
func (*IdemixSigningIdentity) GetPublicVersion ¶
func (id *IdemixSigningIdentity) GetPublicVersion() Identity
type Idemixidentity ¶
type Idemixidentity struct { NymPublicKey bccsp.Key Role *m.MSPRole OU *m.OrganizationUnit // contains filtered or unexported fields }
func (*Idemixidentity) Anonymous ¶
func (id *Idemixidentity) Anonymous() bool
func (*Idemixidentity) ExpiresAt ¶
func (id *Idemixidentity) ExpiresAt() time.Time
func (*Idemixidentity) GetIdentifier ¶
func (id *Idemixidentity) GetIdentifier() *IdentityIdentifier
func (*Idemixidentity) GetMSPIdentifier ¶
func (id *Idemixidentity) GetMSPIdentifier() string
func (*Idemixidentity) GetOrganizationalUnits ¶
func (id *Idemixidentity) GetOrganizationalUnits() []*OUIdentifier
func (*Idemixidentity) SatisfiesPrincipal ¶
func (id *Idemixidentity) SatisfiesPrincipal(principal *m.MSPPrincipal) error
func (*Idemixidentity) Serialize ¶
func (id *Idemixidentity) Serialize() ([]byte, error)
func (*Idemixidentity) Validate ¶
func (id *Idemixidentity) Validate() error
type Idemixmsp ¶
type Idemixmsp struct {
// contains filtered or unexported fields
}
func (*Idemixmsp) DeserializeIdentity ¶
func (*Idemixmsp) DeserializeIdentityInternal ¶
func (*Idemixmsp) GetDefaultSigningIdentity ¶
func (msp *Idemixmsp) GetDefaultSigningIdentity() (SigningIdentity, error)
func (*Idemixmsp) GetIdentifier ¶
func (*Idemixmsp) GetTLSIntermediateCerts ¶
func (*Idemixmsp) GetTLSRootCerts ¶
func (*Idemixmsp) GetType ¶
func (msp *Idemixmsp) GetType() ProviderType
func (*Idemixmsp) GetVersion ¶
func (msp *Idemixmsp) GetVersion() MSPVersion
GetVersion returns the version of this MSP
func (*Idemixmsp) IsWellFormed ¶
func (id *Idemixmsp) IsWellFormed(identity *m.SerializedIdentity) error
IsWellFormed checks if the given identity can be deserialized into its provider-specific . In this MSP implementation, an identity is considered well formed if it contains a marshaled SerializedIdemixIdentity protobuf message.
func (*Idemixmsp) SatisfiesPrincipal ¶
func (msp *Idemixmsp) SatisfiesPrincipal(id Identity, principal *m.MSPPrincipal) error
type Identity ¶
type Identity interface { // ExpiresAt returns the time at which the Identity expires. // If the returned time is the zero value, it implies // the Identity does not expire, or that its expiration // time is unknown ExpiresAt() time.Time // GetIdentifier returns the identifier of that identity GetIdentifier() *IdentityIdentifier // GetMSPIdentifier returns the MSP Id for this instance GetMSPIdentifier() string // Validate uses the rules that govern this identity to validate it. // E.g., if it is a fabric TCert implemented as identity, validate // will check the TCert signature against the assumed root certificate // authority. Validate() error // GetOrganizationalUnits returns zero or more organization units or // divisions this identity is related to as long as this is public // information. Certain MSP implementations may use attributes // that are publicly associated to this identity, or the identifier of // the root certificate authority that has provided signatures on this // certificate. // Examples: // - if the identity is an x.509 certificate, this function returns one // or more string which is encoded in the Subject's Distinguished Name // of the type OU // TODO: For X.509 based identities, check if we need a dedicated type // for OU where the Certificate OU is properly namespaced by the // signer's identity GetOrganizationalUnits() []*OUIdentifier // Anonymous returns true if this is an anonymous identity, false otherwise Anonymous() bool // Verify a signature over some message using this identity as reference Verify(msg []byte, sig []byte) error // Serialize converts an identity to bytes Serialize() ([]byte, error) // SatisfiesPrincipal checks whether this instance matches // the description supplied in MSPPrincipal. The check may // involve a byte-by-byte comparison (if the principal is // a serialized identity) or may require MSP validation SatisfiesPrincipal(principal *msp.MSPPrincipal) error }
Identity interface defining operations associated to a "certificate". That is, the public part of the identity could be thought to be a certificate, and offers solely signature verification capabilities. This is to be used at the peer side when verifying certificates that transactions are signed with, and verifying signatures that correspond to these certificates.///
type IdentityDeserializer ¶
type IdentityDeserializer interface { // DeserializeIdentity deserializes an identity. // Deserialization will fail if the identity is associated to // an msp that is different from this one that is performing // the deserialization. DeserializeIdentity(serializedIdentity []byte) (Identity, error) // IsWellFormed checks if the given identity can be deserialized into its provider-specific form IsWellFormed(identity *msp.SerializedIdentity) error }
IdentityDeserializer is implemented by both MSPManger and MSP
type IdentityIdentifier ¶
type IdentityIdentifier struct { // The identifier of the associated membership service provider Mspid string // The identifier for an identity within a provider Id string }
IdentityIdentifier is a holder for the identifier of a specific identity, naturally namespaced, by its provider identifier.
type MSP ¶
type MSP interface { // IdentityDeserializer interface needs to be implemented by MSP IdentityDeserializer // Setup the MSP instance according to configuration information Setup(config *msp.MSPConfig) error // GetVersion returns the version of this MSP GetVersion() MSPVersion // GetType returns the provider type GetType() ProviderType // GetIdentifier returns the provider identifier GetIdentifier() (string, error) // GetDefaultSigningIdentity returns the default signing identity GetDefaultSigningIdentity() (SigningIdentity, error) // GetTLSRootCerts returns the TLS root certificates for this MSP GetTLSRootCerts() [][]byte // GetTLSIntermediateCerts returns the TLS intermediate root certificates for this MSP GetTLSIntermediateCerts() [][]byte // Validate checks whether the supplied identity is valid Validate(id Identity) error // SatisfiesPrincipal checks whether the identity matches // the description supplied in MSPPrincipal. The check may // involve a byte-by-byte comparison (if the principal is // a serialized identity) or may require MSP validation SatisfiesPrincipal(id Identity, principal *msp.MSPPrincipal) error }
MSP is the minimal Membership Service Provider Interface to be implemented to accommodate peer functionality
func NewIdemixMsp ¶
func NewIdemixMsp(version MSPVersion) (MSP, error)
NewIdemixMsp creates a new instance of idemixmsp
type MSPManager ¶
type MSPManager interface { // IdentityDeserializer interface needs to be implemented by MSPManager IdentityDeserializer // Setup the MSP manager instance according to configuration information Setup(msps []MSP) error // GetMSPs Provides a list of Membership Service providers GetMSPs() (map[string]MSP, error) }
MSPManager is an interface defining a manager of one or more MSPs. This essentially acts as a mediator to MSP calls and routes MSP related calls to the appropriate MSP. This object is immutable, it is initialized once and never changed.
type MSPVersion ¶
type MSPVersion int
type OUIdentifier ¶
type OUIdentifier struct { // CertifiersIdentifier is the hash of certificates chain of trust // related to this organizational unit CertifiersIdentifier []byte // OrganizationUnitIdentifier defines the organizational unit under the // MSP identified with MSPIdentifier OrganizationalUnitIdentifier string }
OUIdentifier represents an organizational unit and its related chain of trust identifier.
type ProviderType ¶
type ProviderType int
ProviderType indicates the type of an identity provider
const ( FABRIC ProviderType = iota // MSP is of FABRIC type IDEMIX // MSP is of IDEMIX type OTHER // MSP is of OTHER TYPE )
The ProviderType of a member relative to the member API
type SigningIdentity ¶
type SigningIdentity interface { // Extends Identity Identity // Sign the message Sign(msg []byte) ([]byte, error) // GetPublicVersion returns the public parts of this identity GetPublicVersion() Identity }
SigningIdentity is an extension of Identity to cover signing capabilities. E.g., signing identity should be requested in the case of a client who wishes to sign transactions, or fabric endorser who wishes to sign proposal processing outcomes.
Directories ¶
Path | Synopsis |
---|---|
schemes/dlog/handlers/mock
Code generated by counterfeiter.
|
Code generated by counterfeiter. |
schemes/aries
Module
|
|
schemes/weak-bb
Module
|
|
types
Module
|
|
common
|
|
flogging/mock
Code generated by counterfeiter.
|
Code generated by counterfeiter. |
tools
|
|