crypto

package
v0.0.0-...-1d5e6b2 Latest Latest
Warning

This package is not in the latest version of its module.

Go to latest
Published: Sep 7, 2016 License: Apache-2.0 Imports: 42 Imported by: 9

Documentation

Index

Constants

This section is empty.

Variables

View Source
var (
	// ECertSubjectRole is the ASN1 object identifier of the subject's role.
	ECertSubjectRole = asn1.ObjectIdentifier{2, 1, 3, 4, 5, 6, 7}
)

Functions

func CloseAllClients

func CloseAllClients() (bool, []error)

CloseAllClients closes all the clients initialized so far

func CloseAllPeers

func CloseAllPeers() (bool, []error)

CloseAllPeers closes all the peers initialized so far

func CloseAllValidators

func CloseAllValidators() (bool, []error)

CloseAllValidators closes all the validators initialized so far

func CloseClient

func CloseClient(client Client) error

CloseClient releases all the resources allocated by clients

func ClosePeer

func ClosePeer(peer Peer) error

ClosePeer releases all the resources allocated by peers

func CloseValidator

func CloseValidator(peer Peer) error

CloseValidator releases all the resources allocated by the validator

func Init

func Init() (err error)

Init initializes the crypto layer. It load from viper the security level and the logging setting.

func RegisterClient

func RegisterClient(name string, pwd []byte, enrollID, enrollPWD string) error

RegisterClient registers a client to the PKI infrastructure

func RegisterPeer

func RegisterPeer(name string, pwd []byte, enrollID, enrollPWD string) error

RegisterPeer registers a peer to the PKI infrastructure

func RegisterValidator

func RegisterValidator(name string, pwd []byte, enrollID, enrollPWD string) error

RegisterValidator registers a validator to the PKI infrastructure

Types

type CertificateHandler

type CertificateHandler interface {

	// GetCertificate returns the certificate's DER
	GetCertificate() []byte

	// Sign signs msg using the signing key corresponding to the certificate
	Sign(msg []byte) ([]byte, error)

	// Verify verifies msg using the verifying key corresponding to the certificate
	Verify(signature []byte, msg []byte) error

	// GetTransactionHandler returns a new transaction handler relative to this certificate
	GetTransactionHandler() (TransactionHandler, error)
}

CertificateHandler exposes methods to deal with an ECert/TCert

type Client

type Client interface {
	Node

	// NewChaincodeDeployTransaction is used to deploy chaincode.
	NewChaincodeDeployTransaction(chaincodeDeploymentSpec *obc.ChaincodeDeploymentSpec, uuid string, attributes ...string) (*obc.Transaction, error)

	// NewChaincodeExecute is used to execute chaincode's functions.
	NewChaincodeExecute(chaincodeInvocation *obc.ChaincodeInvocationSpec, uuid string, attributes ...string) (*obc.Transaction, error)

	// NewChaincodeQuery is used to query chaincode's functions.
	NewChaincodeQuery(chaincodeInvocation *obc.ChaincodeInvocationSpec, uuid string, attributes ...string) (*obc.Transaction, error)

	// DecryptQueryResult is used to decrypt the result of a query transaction
	DecryptQueryResult(queryTx *obc.Transaction, result []byte) ([]byte, error)

	// GetEnrollmentCertHandler returns a CertificateHandler whose certificate is the enrollment certificate
	GetEnrollmentCertificateHandler() (CertificateHandler, error)

	// GetTCertHandlerNext returns a CertificateHandler whose certificate is the next available TCert
	GetTCertificateHandlerNext(attributes ...string) (CertificateHandler, error)

	// GetTCertHandlerFromDER returns a CertificateHandler whose certificate is the one passed
	GetTCertificateHandlerFromDER(tCertDER []byte) (CertificateHandler, error)

	// GetNextTCert returns a slice of a requested number of (not yet used) transaction certificates
	GetNextTCerts(nCerts int, attributes ...string) ([]tCert, error)
}

Client is an entity able to deploy and invoke chaincode

func InitClient

func InitClient(name string, pwd []byte) (Client, error)

InitClient initializes a client named name with password pwd

type Node

type Node interface {

	// GetType returns this entity's name
	GetType() NodeType

	// GetName returns this entity's name
	GetName() string
}

Node represents a crypto object having a name

type NodeType

type NodeType int32

NodeType represents the node's type

const (
	// NodeClient a client
	NodeClient NodeType = 0
	// NodePeer a peer
	NodePeer NodeType = 1
	// NodeValidator a validator
	NodeValidator NodeType = 2
)

type Peer

type Peer interface {
	Node

	// GetID returns this peer's identifier
	GetID() []byte

	// GetEnrollmentID returns this peer's enrollment id
	GetEnrollmentID() string

	// TransactionPreValidation verifies that the transaction is
	// well formed with the respect to the security layer
	// prescriptions (i.e. signature verification).
	TransactionPreValidation(tx *obc.Transaction) (*obc.Transaction, error)

	// TransactionPreExecution verifies that the transaction is
	// well formed with the respect to the security layer
	// prescriptions (i.e. signature verification). If this is the case,
	// the method prepares the transaction to be executed.
	// TransactionPreExecution returns a clone of tx.
	TransactionPreExecution(tx *obc.Transaction) (*obc.Transaction, error)

	// Sign signs msg with this validator's signing key and outputs
	// the signature if no error occurred.
	Sign(msg []byte) ([]byte, error)

	// Verify checks that signature if a valid signature of message under vkID's verification key.
	// If the verification succeeded, Verify returns nil meaning no error occurred.
	// If vkID is nil, then the signature is verified against this validator's verification key.
	Verify(vkID, signature, message []byte) error

	// GetStateEncryptor returns a StateEncryptor linked to pair defined by
	// the deploy transaction and the execute transaction. Notice that,
	// executeTx can also correspond to a deploy transaction.
	GetStateEncryptor(deployTx, executeTx *obc.Transaction) (StateEncryptor, error)

	GetTransactionBinding(tx *obc.Transaction) ([]byte, error)
}

Peer is an entity able to verify transactions

func InitPeer

func InitPeer(name string, pwd []byte) (Peer, error)

InitPeer initializes a peer named name with password pwd

func InitValidator

func InitValidator(name string, pwd []byte) (Peer, error)

InitValidator initializes a validator named name with password pwd

type StateEncryptor

type StateEncryptor interface {

	// Encrypt encrypts message msg
	Encrypt(msg []byte) ([]byte, error)

	// Decrypt decrypts ciphertext ct obtained
	// from a call of the Encrypt method.
	Decrypt(ct []byte) ([]byte, error)
}

StateEncryptor is used to encrypt chaincode's state

type TCertBlock

type TCertBlock struct {
	// contains filtered or unexported fields
}

TCertBlock is an object that include the generated TCert and the attributes used to generate it.

type TCertDBBlock

type TCertDBBlock struct {
	// contains filtered or unexported fields
}

TCertDBBlock is an object used to store the TCert in the database. A raw field is used to represent the TCert and the preK0, a string field is use to the attributesHash.

type TransactionHandler

type TransactionHandler interface {

	// GetCertificateHandler returns the certificate handler relative to the certificate mapped to this transaction
	GetCertificateHandler() (CertificateHandler, error)

	// GetBinding returns a binding to the underlying transaction
	GetBinding() ([]byte, error)

	// NewChaincodeDeployTransaction is used to deploy chaincode
	NewChaincodeDeployTransaction(chaincodeDeploymentSpec *obc.ChaincodeDeploymentSpec, uuid string, attributeNames ...string) (*obc.Transaction, error)

	// NewChaincodeExecute is used to execute chaincode's functions
	NewChaincodeExecute(chaincodeInvocation *obc.ChaincodeInvocationSpec, uuid string, attributeNames ...string) (*obc.Transaction, error)

	// NewChaincodeQuery is used to query chaincode's functions
	NewChaincodeQuery(chaincodeInvocation *obc.ChaincodeInvocationSpec, uuid string, attributeNames ...string) (*obc.Transaction, error)
}

TransactionHandler represents a single transaction that can be named by the output of the GetBinding method. This transaction is linked to a single Certificate (TCert or ECert).

Directories

Path Synopsis
proto
Package protos is a generated protocol buffer package.
Package protos is a generated protocol buffer package.
aes

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL