fabric-sdk-go: github.com/hyperledger/fabric-sdk-go/internal/github.com/hyperledger/fabric-ca/api Index | Files

package api

import "github.com/hyperledger/fabric-sdk-go/internal/github.com/hyperledger/fabric-ca/api"

Index

Package Files

client.go net.go

type AddAffiliationRequest Uses

type AddAffiliationRequest struct {
    Name   string `json:"name"`
    Force  bool   `json:"force"`
    CAName string `json:"caname,omitempty"`
}

AddAffiliationRequest represents the request to add a new affiliation to the fabric-ca-server

type AddAffiliationRequestNet Uses

type AddAffiliationRequestNet struct {
    AddAffiliationRequest
}

AddAffiliationRequestNet is a network request for adding a new affiliation

type AddIdentityRequest Uses

type AddIdentityRequest struct {
    ID             string      `json:"id" skip:"true"`
    Type           string      `json:"type" def:"user" help:"Type of identity being registered (e.g. 'peer, app, user')"`
    Affiliation    string      `json:"affiliation" help:"The identity's affiliation"`
    Attributes     []Attribute `json:"attrs" mapstructure:"attrs" `
    MaxEnrollments int         `json:"max_enrollments" mapstructure:"max_enrollments" help:"The maximum number of times the secret can be reused to enroll (default CA's Max Enrollment)"`
    // Secret is an optional password.  If not specified,
    // a random secret is generated.  In both cases, the secret
    // is returned in the RegistrationResponse.
    Secret string `json:"secret,omitempty" mask:"password" help:"The enrollment secret for the identity being added"`
    CAName string `json:"caname,omitempty" skip:"true"`
}

AddIdentityRequest represents the request to add a new identity to the fabric-ca-server

type AddIdentityRequestNet Uses

type AddIdentityRequestNet struct {
    AddIdentityRequest
}

AddIdentityRequestNet is a network request for adding a new identity

type AffiliationInfo Uses

type AffiliationInfo struct {
    Name         string            `json:"name"`
    Affiliations []AffiliationInfo `json:"affiliations,omitempty"`
    Identities   []IdentityInfo    `json:"identities,omitempty"`
}

AffiliationInfo contains the affiliation name, child affiliation info, and identities associated with this affiliation.

type AffiliationResponse Uses

type AffiliationResponse struct {
    AffiliationInfo `mapstructure:",squash"`
    CAName          string `json:"caname,omitempty"`
}

AffiliationResponse contains the response for get, add, modify, and remove an affiliation

type Attribute Uses

type Attribute struct {
    Name  string `json:"name"`
    Value string `json:"value"`
    ECert bool   `json:"ecert,omitempty"`
}

Attribute is a name and value pair

func (*Attribute) GetName Uses

func (a *Attribute) GetName() string

GetName returns the name of the attribute

func (*Attribute) GetValue Uses

func (a *Attribute) GetValue() string

GetValue returns the value of the attribute

type AttributeRequest Uses

type AttributeRequest struct {
    Name     string `json:"name"`
    Optional bool   `json:"optional,omitempty"`
}

AttributeRequest is a request for an attribute. This implements the certmgr/AttributeRequest interface.

func (*AttributeRequest) GetName Uses

func (ar *AttributeRequest) GetName() string

GetName returns the name of an attribute being requested

func (*AttributeRequest) IsRequired Uses

func (ar *AttributeRequest) IsRequired() bool

IsRequired returns true if the attribute being requested is required

type BasicKeyRequest Uses

type BasicKeyRequest struct {
    Algo string `json:"algo" yaml:"algo" help:"Specify key algorithm"`
    Size int    `json:"size" yaml:"size" help:"Specify key size"`
}

BasicKeyRequest encapsulates size and algorithm for the key to be generated

func NewBasicKeyRequest Uses

func NewBasicKeyRequest() *BasicKeyRequest

NewBasicKeyRequest returns the BasicKeyRequest object that is constructed from the object returned by the csr.NewBasicKeyRequest() function

type CSRInfo Uses

type CSRInfo struct {
    CN           string           `json:"CN"`
    Names        []csr.Name       `json:"names,omitempty"`
    Hosts        []string         `json:"hosts,omitempty"`
    KeyRequest   *BasicKeyRequest `json:"key,omitempty"`
    CA           *csr.CAConfig    `json:"ca,omitempty" hide:"true"`
    SerialNumber string           `json:"serial_number,omitempty"`
}

CSRInfo is Certificate Signing Request (CSR) Information

type CertificateResponse Uses

type CertificateResponse struct {
    Certs []string `json:"certs"`
}

CertificateResponse contains the response from Get or Delete certificate request.

type EnrollmentRequest Uses

type EnrollmentRequest struct {
    // The identity name to enroll
    Name string `json:"name" skip:"true"`
    // The secret returned via Register
    Secret string `json:"secret,omitempty" skip:"true" mask:"password"`
    // CAName is the name of the CA to connect to
    CAName string `json:"caname,omitempty" skip:"true"`
    // AttrReqs are requests for attributes to add to the certificate.
    // Each attribute is added only if the requestor owns the attribute.
    AttrReqs []*AttributeRequest `json:"attr_reqs,omitempty"`
    // Profile is the name of the signing profile to use in issuing the X509 certificate
    Profile string `json:"profile,omitempty" help:"Name of the signing profile to use in issuing the certificate"`
    // Label is the label to use in HSM operations
    Label string `json:"label,omitempty" help:"Label to use in HSM operations"`
    // CSR is Certificate Signing Request info
    CSR *CSRInfo `json:"csr,omitempty" skip:"true"` // Skipping this because we pull the CSR from the CSR flags
    // The type of the enrollment request: x509 or idemix
    // The default is a request for an X509 enrollment certificate
    Type string `def:"x509" help:"The type of enrollment request: 'x509' or 'idemix'"`
}

EnrollmentRequest is a request to enroll an identity

func (EnrollmentRequest) String Uses

func (er EnrollmentRequest) String() string

type EnrollmentRequestNet Uses

type EnrollmentRequestNet struct {
    signer.SignRequest
    CAName   string
    AttrReqs []*AttributeRequest `json:"attr_reqs,omitempty"`
}

EnrollmentRequestNet is a request to enroll an identity

type GenCRLRequest Uses

type GenCRLRequest struct {
    CAName        string    `json:"caname,omitempty" skip:"true"`
    RevokedAfter  time.Time `json:"revokedafter,omitempty"`
    RevokedBefore time.Time `json:"revokedbefore,omitempty"`
    ExpireAfter   time.Time `json:"expireafter,omitempty"`
    ExpireBefore  time.Time `json:"expirebefore,omitempty"`
}

GenCRLRequest represents a request to get CRL for the specified certificate authority

type GenCRLResponse Uses

type GenCRLResponse struct {
    // CRL is PEM-encoded certificate revocation list (CRL) that contains requested unexpired revoked certificates
    CRL []byte
}

GenCRLResponse represents a response to get CRL

type GetAllIDsResponse Uses

type GetAllIDsResponse struct {
    Identities []IdentityInfo `json:"identities"`
    CAName     string         `json:"caname,omitempty"`
}

GetAllIDsResponse is the response from the GetAllIdentities call

type GetCAInfoRequest Uses

type GetCAInfoRequest struct {
    CAName string `json:"caname,omitempty" skip:"true"`
}

GetCAInfoRequest is request to get generic CA information

type GetCRIRequest Uses

type GetCRIRequest struct {
    CAName string `json:"caname,omitempty" skip:"true"`
}

GetCRIRequest is a request to send to server to get Idemix credential revocation information

type GetCRIResponse Uses

type GetCRIResponse struct {
    // CRI is base64 encoded proto bytes of idemix.CredentialRevocationInformation
    CRI string
}

GetCRIResponse is the response from the server for get CRI request

type GetCertificatesRequest Uses

type GetCertificatesRequest struct {
    ID         string    `skip:"true"`                                    // Get certificates for this enrollment ID
    AKI        string    `help:"Get certificates for this AKI"`           // Get certificate that matches this AKI
    Serial     string    `help:"Get certificates for this serial number"` // Get certificate that matches this serial
    Revoked    TimeRange `skip:"true"`                                    // Get certificates which were revoked between the specified time range
    Expired    TimeRange `skip:"true"`                                    // Get certificates which expire between the specified time range
    NotExpired bool      `help:"Don't return expired certificates"`       // Don't return expired certificates
    NotRevoked bool      `help:"Don't return revoked certificates"`       // Don't return revoked certificates
    CAName     string    `skip:"true"`                                    // Name of CA to send request to within the server
}

GetCertificatesRequest represents the request to get certificates from the server per the enrollment ID and/or AKI and Serial. If neither ID or AKI/Serial are provided all certificates are returned which are in or under the caller's affiliation. By default all certificates are returned. However, only revoked and/or expired certificates can be requested by providing a time range.

type GetCertificatesRequestNet Uses

type GetCertificatesRequestNet struct {
    GetCertificatesRequest
}

GetCertificatesRequestNet is a network request for getting certificates

type GetIDResponse Uses

type GetIDResponse struct {
    ID             string      `json:"id" skip:"true"`
    Type           string      `json:"type" def:"user"`
    Affiliation    string      `json:"affiliation"`
    Attributes     []Attribute `json:"attrs" mapstructure:"attrs" `
    MaxEnrollments int         `json:"max_enrollments" mapstructure:"max_enrollments"`
    CAName         string      `json:"caname,omitempty"`
}

GetIDResponse is the response from the GetIdentity call

type GetTCertBatchRequest Uses

type GetTCertBatchRequest struct {
    // Number of TCerts in the batch.
    Count int `json:"count"`
    // The attribute names whose names and values are to be sealed in the issued TCerts.
    AttrNames []string `json:"attr_names,omitempty"`
    // EncryptAttrs denotes whether to encrypt attribute values or not.
    // When set to true, each issued TCert in the batch will contain encrypted attribute values.
    EncryptAttrs bool `json:"encrypt_attrs,omitempty"`
    // Certificate Validity Period.  If specified, the value used
    // is the minimum of this value and the configured validity period
    // of the TCert manager.
    ValidityPeriod time.Duration `json:"validity_period,omitempty"`
    // The pre-key to be used for key derivation.
    PreKey string `json:"prekey"`
    // DisableKeyDerivation if true disables key derivation so that a TCert is not
    // cryptographically related to an ECert.  This may be necessary when using an
    // HSM which does not support the TCert's key derivation function.
    DisableKeyDerivation bool `json:"disable_kdf,omitempty"`
    // CAName is the name of the CA to connect to
    CAName string `json:"caname,omitempty" skip:"true"`
}

GetTCertBatchRequest is input provided to identity.GetTCertBatch

type GetTCertBatchRequestNet Uses

type GetTCertBatchRequestNet struct {
    GetTCertBatchRequest
    // KeySigs is an optional array of public keys and corresponding signatures.
    // If not set, the server generates it's own keys based on a key derivation function
    // which cryptographically relates the TCerts to an ECert.
    KeySigs []KeySig `json:"key_sigs,omitempty"`
}

GetTCertBatchRequestNet is a network request for a batch of transaction certificates

type GetTCertBatchResponse Uses

type GetTCertBatchResponse struct {
    ID     *big.Int  `json:"id"`
    TS     time.Time `json:"ts"`
    Key    []byte    `json:"key"`
    TCerts []TCert   `json:"tcerts"`
}

GetTCertBatchResponse is the return value of identity.GetTCertBatch

type GetTCertBatchResponseNet Uses

type GetTCertBatchResponseNet struct {
    GetTCertBatchResponse
}

GetTCertBatchResponseNet is the network response for a batch of transaction certificates

type IdentityInfo Uses

type IdentityInfo struct {
    ID             string      `json:"id"`
    Type           string      `json:"type"`
    Affiliation    string      `json:"affiliation"`
    Attributes     []Attribute `json:"attrs" mapstructure:"attrs"`
    MaxEnrollments int         `json:"max_enrollments" mapstructure:"max_enrollments"`
}

IdentityInfo contains information about an identity

type IdentityResponse Uses

type IdentityResponse struct {
    ID             string      `json:"id" skip:"true"`
    Type           string      `json:"type,omitempty"`
    Affiliation    string      `json:"affiliation"`
    Attributes     []Attribute `json:"attrs,omitempty" mapstructure:"attrs"`
    MaxEnrollments int         `json:"max_enrollments,omitempty" mapstructure:"max_enrollments"`
    Secret         string      `json:"secret,omitempty"`
    CAName         string      `json:"caname,omitempty"`
}

IdentityResponse is the response from the any add/modify/remove identity call

type KeySig Uses

type KeySig struct {
    // Key is a public key
    Key []byte `json:"key"`
    // Sig is a signature over the PublicKey
    Sig []byte `json:"sig"`
    // Alg is the signature algorithm
    Alg string `json:"alg"`
}

KeySig is a public key, signature, and signature algorithm tuple

type ModifyAffiliationRequest Uses

type ModifyAffiliationRequest struct {
    Name    string
    NewName string `json:"name"`
    Force   bool   `json:"force"`
    CAName  string `json:"caname,omitempty"`
}

ModifyAffiliationRequest represents the request to modify an existing affiliation on the fabric-ca-server

type ModifyAffiliationRequestNet Uses

type ModifyAffiliationRequestNet struct {
    ModifyAffiliationRequest
}

ModifyAffiliationRequestNet is a network request for modifying an existing affiliation

type ModifyIdentityRequest Uses

type ModifyIdentityRequest struct {
    ID             string      `skip:"true"`
    Type           string      `json:"type" help:"Type of identity being registered (e.g. 'peer, app, user')"`
    Affiliation    string      `json:"affiliation" help:"The identity's affiliation"`
    Attributes     []Attribute `mapstructure:"attrs" json:"attrs"`
    MaxEnrollments int         `mapstructure:"max_enrollments" json:"max_enrollments" help:"The maximum number of times the secret can be reused to enroll"`
    Secret         string      `json:"secret,omitempty" mask:"password" help:"The enrollment secret for the identity"`
    CAName         string      `json:"caname,omitempty" skip:"true"`
}

ModifyIdentityRequest represents the request to modify an existing identity on the fabric-ca-server

type ModifyIdentityRequestNet Uses

type ModifyIdentityRequestNet struct {
    ModifyIdentityRequest
}

ModifyIdentityRequestNet is a network request for modifying an existing identity

type ReenrollmentRequest Uses

type ReenrollmentRequest struct {
    // Profile is the name of the signing profile to use in issuing the certificate
    Profile string `json:"profile,omitempty"`
    // Label is the label to use in HSM operations
    Label string `json:"label,omitempty"`
    // CSR is Certificate Signing Request info
    CSR *CSRInfo `json:"csr,omitempty"`
    // CAName is the name of the CA to connect to
    CAName string `json:"caname,omitempty" skip:"true"`
    // AttrReqs are requests for attributes to add to the certificate.
    // Each attribute is added only if the requestor owns the attribute.
    AttrReqs []*AttributeRequest `json:"attr_reqs,omitempty"`
}

ReenrollmentRequest is a request to reenroll an identity. This is useful to renew a certificate before it has expired.

type ReenrollmentRequestNet Uses

type ReenrollmentRequestNet struct {
    signer.SignRequest
    CAName   string
    AttrReqs []*AttributeRequest `json:"attr_reqs,omitempty"`
}

ReenrollmentRequestNet is a request to reenroll an identity. This is useful to renew a certificate before it has expired.

type RegistrationRequest Uses

type RegistrationRequest struct {
    // Name is the unique name of the identity
    Name string `json:"id" help:"Unique name of the identity"`
    // Type of identity being registered (e.g. "peer, app, user")
    Type string `json:"type" def:"client" help:"Type of identity being registered (e.g. 'peer, app, user')"`
    // Secret is an optional password.  If not specified,
    // a random secret is generated.  In both cases, the secret
    // is returned in the RegistrationResponse.
    Secret string `json:"secret,omitempty" mask:"password" help:"The enrollment secret for the identity being registered"`
    // MaxEnrollments is the maximum number of times the secret can
    // be reused to enroll.
    MaxEnrollments int `json:"max_enrollments,omitempty" help:"The maximum number of times the secret can be reused to enroll (default CA's Max Enrollment)"`
    // is returned in the response.
    // The identity's affiliation.
    // For example, an affiliation of "org1.department1" associates the identity with "department1" in "org1".
    Affiliation string `json:"affiliation" help:"The identity's affiliation"`
    // Attributes associated with this identity
    Attributes []Attribute `json:"attrs,omitempty"`
    // CAName is the name of the CA to connect to
    CAName string `json:"caname,omitempty" skip:"true"`
}

RegistrationRequest for a new identity

func (*RegistrationRequest) String Uses

func (rr *RegistrationRequest) String() string

type RegistrationRequestNet Uses

type RegistrationRequestNet struct {
    RegistrationRequest
}

RegistrationRequestNet is the registration request for a new identity

type RegistrationResponse Uses

type RegistrationResponse struct {
    // The secret returned from a successful registration response
    Secret string `json:"secret"`
}

RegistrationResponse is a registration response

type RegistrationResponseNet Uses

type RegistrationResponseNet struct {
    RegistrationResponse
}

RegistrationResponseNet is a registration response

type RemoveAffiliationRequest Uses

type RemoveAffiliationRequest struct {
    Name   string
    Force  bool   `json:"force"`
    CAName string `json:"caname,omitempty"`
}

RemoveAffiliationRequest represents the request to remove an existing affiliation from the fabric-ca-server

type RemoveIdentityRequest Uses

type RemoveIdentityRequest struct {
    ID     string `skip:"true"`
    Force  bool   `json:"force"`
    CAName string `json:"caname,omitempty" skip:"true"`
}

RemoveIdentityRequest represents the request to remove an existing identity from the fabric-ca-server

type RevocationRequest Uses

type RevocationRequest struct {
    // Name of the identity whose certificates should be revoked
    // If this field is omitted, then Serial and AKI must be specified.
    Name string `json:"id,omitempty" opt:"e" help:"Identity whose certificates should be revoked"`
    // Serial number of the certificate to be revoked
    // If this is omitted, then Name must be specified
    Serial string `json:"serial,omitempty" opt:"s" help:"Serial number of the certificate to be revoked"`
    // AKI (Authority Key Identifier) of the certificate to be revoked
    AKI string `json:"aki,omitempty" opt:"a" help:"AKI (Authority Key Identifier) of the certificate to be revoked"`
    // Reason is the reason for revocation.  See https://godoc.org/golang.org/x/crypto/ocsp for
    // valid values.  The default value is 0 (ocsp.Unspecified).
    Reason string `json:"reason,omitempty" opt:"r" help:"Reason for revocation"`
    // CAName is the name of the CA to connect to
    CAName string `json:"caname,omitempty" skip:"true"`
    // GenCRL specifies whether to generate a CRL
    GenCRL bool `def:"false" skip:"true" json:"gencrl,omitempty"`
}

RevocationRequest is a revocation request for a single certificate or all certificates associated with an identity. To revoke a single certificate, both the Serial and AKI fields must be set; otherwise, to revoke all certificates and the identity associated with an enrollment ID, the Name field must be set to an existing enrollment ID. A RevocationRequest can only be performed by a user with the "hf.Revoker" attribute.

type RevocationRequestNet Uses

type RevocationRequestNet struct {
    RevocationRequest
}

RevocationRequestNet is a revocation request which flows over the network to the fabric-ca server. To revoke a single certificate, both the Serial and AKI fields must be set; otherwise, to revoke all certificates and the identity associated with an enrollment ID, the Name field must be set to an existing enrollment ID. A RevocationRequest can only be performed by a user with the "hf.Revoker" attribute.

type RevocationResponse Uses

type RevocationResponse struct {
    // RevokedCerts is an array of certificates that were revoked
    RevokedCerts []RevokedCert
    // CRL is PEM-encoded certificate revocation list (CRL) that contains all unexpired revoked certificates
    CRL []byte
}

RevocationResponse represents response from the server for a revocation request

type RevokedCert Uses

type RevokedCert struct {
    // Serial number of the revoked certificate
    Serial string
    // AKI of the revoked certificate
    AKI string
}

RevokedCert represents a revoked certificate

type TCert Uses

type TCert struct {
    Cert []byte            `json:"cert"`
    Keys map[string][]byte `json:"keys,omitempty"` //base64 encoded string as value
}

TCert encapsulates a signed transaction certificate and optionally a map of keys

type TimeRange Uses

type TimeRange struct {
    StartTime string
    EndTime   string
}

TimeRange specifies a range of time

Package api imports 5 packages (graph) and is imported by 5 packages. Updated 2018-08-21. Refresh now. Tools for package owners.