apifabca

package
v1.1.0 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Apr 12, 2019 License: Apache-2.0 Imports: 2 Imported by: 0

Documentation

Index

Constants

This section is empty.

Variables

This section is empty.

Functions

This section is empty.

Types

type Attribute 

type Attribute struct {
	Key   string
	Value string
}

Attribute defines additional attributes that may be passed along during registration

type FabricCAClient 

type FabricCAClient interface {
	CAName() string
	Enroll(enrollmentID string, enrollmentSecret string) (apicryptosuite.Key, []byte, error)
	// Reenroll to renew user's enrollment certificate
	Reenroll(user User) (apicryptosuite.Key, []byte, error)
	Register(registrar User, request *RegistrationRequest) (string, error)
	Revoke(registrar User, request *RevocationRequest) (*api.RevocationResponse, error)
}

FabricCAClient is the client interface for fabric-ca

type RegistrationRequest 

type RegistrationRequest struct {
	// Name is the unique name of the identity
	Name string
	// Type of identity being registered (e.g. "peer, app, user")
	Type string
	// MaxEnrollments is the number of times the secret can  be reused to enroll.
	// if omitted, this defaults to max_enrollments configured on the server
	MaxEnrollments int
	// The identity's affiliation e.g. org1.department1
	Affiliation string
	// Optional attributes associated with this identity
	Attributes []Attribute
	// CAName is the name of the CA to connect to
	CAName string
	// Secret is an optional password.  If not specified,
	// a random secret is generated.  In both cases, the secret
	// is returned from registration.
	Secret string
}

RegistrationRequest defines the attributes required to register a user with the CA

type RevocationRequest 

type RevocationRequest struct {
	// Name of the identity whose certificates should be revoked
	// If this field is omitted, then Serial and AKI must be specified.
	Name string
	// Serial number of the certificate to be revoked
	// If this is omitted, then Name must be specified
	Serial string
	// AKI (Authority Key Identifier) of the certificate to be revoked
	AKI string
	// Reason is the reason for revocation. See https://godoc.org/golang.org/x/crypto/ocsp
	// for valid values. The default value is 0 (ocsp.Unspecified).
	Reason string
	// CAName is the name of the CA to connect to
	CAName string
}

RevocationRequest defines the attributes required to revoke credentials with the CA

type User 

type User interface {
	Name() string
	Roles() []string
	MspID() string

	// ECerts
	EnrollmentCertificate() []byte
	PrivateKey() apicryptosuite.Key

	Identity() ([]byte, error)
}

User represents users that have been enrolled and represented by an enrollment certificate (ECert) and a signing key. The ECert must have been signed by one of the CAs the blockchain network has been configured to trust. An enrolled user (having a signing key and ECert) can conduct chaincode deployments, transactions and queries with the Chain.

User ECerts can be obtained from a CA beforehand as part of deploying the application, or it can be obtained from the optional Fabric COP service via its enrollment process.

Sometimes User identities are confused with Peer identities. User identities represent signing capability because it has access to the private key, while Peer identities in the context of the application/SDK only has the certificate for verifying signatures. An application cannot use the Peer identity to sign things because the application doesn’t have access to the Peer identity’s private key.

Source Files

View all Source files

Directories

Path Synopsis
Package mock_apifabca is a generated GoMock package.
 Package mock_apifabca is a generated GoMock package.

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.