api

package
v0.13.0 Latest Latest
Warning

This package is not in the latest version of its module.

Go to latest
Published: Mar 29, 2018 License: Apache-2.0 Imports: 2 Imported by: 0

Documentation

Index

Constants

This section is empty.

Variables

This section is empty.

Functions

This section is empty.

Types

type AnchorPeer

type AnchorPeer struct {
	Host string // Host is the hostname/ip address of the remote peer
	Port int    // Port is the port the remote peer is listening on
}

AnchorPeer is an anchor peer's certificate and endpoint (host:port)

type ChannelNotifier

type ChannelNotifier interface {
	JoinChannel(joinMsg JoinChannelMessage, chainID common.ChainID)
}

ChannelNotifier is implemented by the gossip component and is used for the peer layer to notify the gossip component of a JoinChannel event

type JoinChannelMessage

type JoinChannelMessage interface {

	// SequenceNumber returns the sequence number of the configuration block
	// the JoinChannelMessage originated from
	SequenceNumber() uint64

	// Members returns the organizations of the channel
	Members() []OrgIdentityType

	// AnchorPeersOf returns the anchor peers of the given organization
	AnchorPeersOf(org OrgIdentityType) []AnchorPeer
}

JoinChannelMessage is the message that asserts a creation or mutation of a channel's membership list, and is the message that is gossipped among the peers

type MessageCryptoService

type MessageCryptoService interface {

	// GetPKIidOfCert returns the PKI-ID of a peer's identity
	// If any error occurs, the method return nil
	// This method does not validate peerIdentity.
	// This validation is supposed to be done appropriately during the execution flow.
	GetPKIidOfCert(peerIdentity PeerIdentityType) common.PKIidType

	// VerifyBlock returns nil if the block is properly signed, and the claimed seqNum is the
	// sequence number that the block's header contains.
	// else returns error
	VerifyBlock(chainID common.ChainID, seqNum uint64, signedBlock []byte) error

	// Sign signs msg with this peer's signing key and outputs
	// the signature if no error occurred.
	Sign(msg []byte) ([]byte, error)

	// Verify checks that signature is a valid signature of message under a peer's verification key.
	// If the verification succeeded, Verify returns nil meaning no error occurred.
	// If peerIdentity is nil, then the verification fails.
	Verify(peerIdentity PeerIdentityType, signature, message []byte) error

	// VerifyByChannel checks that signature is a valid signature of message
	// under a peer's verification key, but also in the context of a specific channel.
	// If the verification succeeded, Verify returns nil meaning no error occurred.
	// If peerIdentity is nil, then the verification fails.
	VerifyByChannel(chainID common.ChainID, peerIdentity PeerIdentityType, signature, message []byte) error

	// ValidateIdentity validates the identity of a remote peer.
	// If the identity is invalid, revoked, expired it returns an error.
	// Else, returns nil
	ValidateIdentity(peerIdentity PeerIdentityType) error
}

MessageCryptoService is the contract between the gossip component and the peer's cryptographic layer and is used by the gossip component to verify, and authenticate remote peers and data they send, as well as to verify received blocks from the ordering service.

type OrgIdentityType

type OrgIdentityType []byte

OrgIdentityType defines the identity of an organization

type PeerIdentityType

type PeerIdentityType []byte

PeerIdentityType is the peer's certificate

type PeerSecureDialOpts

type PeerSecureDialOpts func() []grpc.DialOption

PeerSecureDialOpts returns the gRPC DialOptions to use for connection level security when communicating with remote peer endpoints

type PeerSuspector

type PeerSuspector func(identity PeerIdentityType) bool

PeerSuspector returns whether a peer with a given identity is suspected as being revoked, or its CA is revoked

type SecurityAdvisor

type SecurityAdvisor interface {
	// OrgByPeerIdentity returns the OrgIdentityType
	// of a given peer identity.
	// If any error occurs, nil is returned.
	// This method does not validate peerIdentity.
	// This validation is supposed to be done appropriately during the execution flow.
	OrgByPeerIdentity(PeerIdentityType) OrgIdentityType
}

SecurityAdvisor defines an external auxiliary object that provides security and identity related capabilities

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL