Documentation
¶
Overview ¶
Package msp is a generated protocol buffer package.
It is generated from these files:
identities.proto
It has these top-level messages:
SerializedIdentity
Index ¶
- func GetLocalMspConfig(dir string) (*msp.MSPConfig, error)
- func NewSerializedIdentity(mspID string, certPEM []byte) ([]byte, error)
- type Attribute
- type AttributeName
- type AttributeProofSpec
- type Common
- type Identity
- type IdentityIdentifier
- type ImportRequest
- type MSP
- type MSPManager
- type ProviderType
- type SerializedIdentity
- type SignatureOpts
- type SigningIdentity
Constants ¶
This section is empty.
Variables ¶
This section is empty.
Functions ¶
func NewSerializedIdentity ¶
NewSerializedIdentity returns a serialized identity having as content the passed mspID and x509 certificate in PEM format. This method does not check the validity of certificate nor any consistency of the mspID with it.
Types ¶
type Attribute ¶
type Attribute interface {
Key() AttributeName
Value() []byte
Serialise() []byte
}
Attribute is an arbitrary name/value pair
type AttributeName ¶
type AttributeName struct {
// contains filtered or unexported fields
}
AttributeName defines the name of an attribute assuming a namespace defined by the entity that certifies this attributes' ownership.
type AttributeProofSpec ¶
type Common ¶
type Common interface {
// DeserializeIdentity deserializes an identity.
// Deserialization will fail if the identity is associated to
// an msp that is different from this one that is performing
// the deserialization.
DeserializeIdentity(serializedIdentity []byte) (Identity, error)
}
Common is implemented by both MSPManger and MSP
type Identity ¶
type Identity interface {
// GetIdentifier returns the identifier of that identity
GetIdentifier() *IdentityIdentifier
// GetMSPIdentifier returns the MSP Id for this instance
GetMSPIdentifier() string
// Validate uses the rules that govern this identity to validate it.
// E.g., if it is a fabric TCert implemented as identity, validate
// will check the TCert signature against the assumed root certificate
// authority.
Validate() error
// TODO: Fix this comment
// GetOrganizationUnits returns the participant this identity is related to
// as long as this is public information. In certain implementations
// this could be implemented by certain attributes that are publicly
// associated to that identity, or the identifier of the root certificate
// authority that has provided signatures on this certificate.
// Examples:
// - ParticipantID of a fabric-tcert that was signed by TCA under name
// "Organization 1", would be "Organization 1".
// - ParticipantID of an alternative implementation of tcert signed by a public
// CA used by organization "Organization 1", could be provided in the clear
// as part of that tcert structure that this call would be able to return.
// TODO: check if we need a dedicated type for participantID properly namespaced by the associated provider identifier.
GetOrganizationUnits() string
// Verify a signature over some message using this identity as reference
Verify(msg []byte, sig []byte) error
// VerifyOpts a signature over some message using this identity as reference
VerifyOpts(msg []byte, sig []byte, opts SignatureOpts) error
// VerifyAttributes verifies attributes given a proof
VerifyAttributes(proof []byte, spec *AttributeProofSpec) error
// Serialize converts an identity to bytes
Serialize() ([]byte, error)
// SatisfiesPrincipal checks whether this instance matches
// the description supplied in MSPPrincipal. The check may
// involve a byte-by-byte comparison (if the principal is
// a serialized identity) or may require MSP validation
SatisfiesPrincipal(principal *common.MSPPrincipal) error
}
Identity interface defining operations associated to a "certificate". That is, the public part of the identity could be thought to be a certificate, and offers solely signature verification capabilities. This is to be used at the peer side when verifying certificates that transactions are signed with, and verifying signatures that correspond to these certificates.///
type IdentityIdentifier ¶
type IdentityIdentifier struct {
// The identifier of the associated membership service provider
Mspid string
// The identifier for an identity within a provider
Id string
}
IdentityIdentifier is a holder for the identifier of a specific identity, naturally namespaced, by its provider identifier.
type ImportRequest ¶
type ImportRequest struct {
// IdentityProvider to enroll with
Idp string
// The certificate to import
IdentityDesc []byte
// Key reference associated to the key of the imported member
KeyReference []string
}
ImportRequest is data required when importing a member or
enrollment identity that was created off-band
type MSP ¶
type MSP interface {
// Common interface needs to be implemented by MSP
Common
// Setup the MSP instance according to configuration information
Setup(config *msp.MSPConfig) error
// GetType returns the provider type
GetType() ProviderType
// GetIdentifier returns the provider identifier
GetIdentifier() (string, error)
// GetSigningIdentity returns a signing identity corresponding to the provided identifier
GetSigningIdentity(identifier *IdentityIdentifier) (SigningIdentity, error)
// GetDefaultSigningIdentity returns the default signing identity
GetDefaultSigningIdentity() (SigningIdentity, error)
// Validate checks whether the supplied identity is valid
Validate(id Identity) error
// SatisfiesPrincipal checks whether the identity matches
// the description supplied in MSPPrincipal. The check may
// involve a byte-by-byte comparison (if the principal is
// a serialized identity) or may require MSP validation
SatisfiesPrincipal(id Identity, principal *common.MSPPrincipal) error
}
MSP is the minimal Membership Service Provider Interface to be implemented to accommodate peer functionality
func NewBccspMsp ¶
NewBccspMsp returns an MSP instance backed up by a BCCSP crypto provider. It handles x.509 certificates and can generate identities and signing identities backed by certificates and keypairs
func NewNoopMsp ¶
func NewNoopMsp() MSP
type MSPManager ¶
type MSPManager interface {
// Common interface needs to be implemented by MSPManager
Common
// Setup the MSP manager instance according to configuration information
Setup(msps []*msp.MSPConfig) error
// GetMSPs Provides a list of Membership Service providers
GetMSPs() (map[string]MSP, error)
}
MSPManager is an interface defining a manager of one or more MSPs. This essentially acts as a mediator to MSP calls and routes MSP related calls to the appropriate MSP. This object is immutable, it is initialized once and never changed.
func NewMSPManager ¶
func NewMSPManager() MSPManager
NewMSPManager returns a new MSP manager instance; note that this instance is not initialized until the Setup method is called
type ProviderType ¶
type ProviderType int
ProviderType indicates the type of an identity provider
const ( FABRIC ProviderType = iota // MSP is of FABRIC type OTHER // MSP is of OTHER TYPE )
The ProviderTYpe of a member relative to the member API
type SerializedIdentity ¶
type SerializedIdentity struct {
// The identifier of the associated membership service provider
Mspid string `protobuf:"bytes,1,opt,name=Mspid" json:"Mspid,omitempty"`
// the Identity, serialized according to the rules of its MPS
IdBytes []byte `protobuf:"bytes,2,opt,name=IdBytes,proto3" json:"IdBytes,omitempty"`
}
This struct represents an Identity (with its MSP identifier) to be used to serialize it and deserialize it
func (*SerializedIdentity) Descriptor ¶
func (*SerializedIdentity) Descriptor() ([]byte, []int)
func (*SerializedIdentity) ProtoMessage ¶
func (*SerializedIdentity) ProtoMessage()
func (*SerializedIdentity) Reset ¶
func (m *SerializedIdentity) Reset()
func (*SerializedIdentity) String ¶
func (m *SerializedIdentity) String() string
type SignatureOpts ¶
SignatureOpts are signature options
type SigningIdentity ¶
type SigningIdentity interface {
// Extends Identity
Identity
// Sign the message
Sign(msg []byte) ([]byte, error)
// SignOpts the message with options
SignOpts(msg []byte, opts SignatureOpts) ([]byte, error)
// GetAttributeProof creates a proof for a set of attributes
GetAttributeProof(spec *AttributeProofSpec) (proof []byte, err error)
// GetPublicVersion returns the public parts of this identity
GetPublicVersion() Identity
// Renew this identity
Renew() error
}
SigningIdentity is an extension of Identity to cover signing capabilities. E.g., signing identity should be requested in the case of a client who wishes to sign transactions, or fabric endorser who wishes to sign proposal processing outcomes.
Source Files
Directories