lib

package
v1.3.2 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Jul 29, 2022 License: Apache-2.0 Imports: 32 Imported by: 0

Documentation

Index

Constants

This section is empty.

Variables

This section is empty.

Functions

func BytesToX509Cert 

func BytesToX509Cert(bytes []byte) (*x509.Certificate, error)

BytesToX509Cert converts bytes (PEM or DER) to an X509 certificate

func GetCertID 

func GetCertID(bytes []byte) (string, string, error)

GetCertID returns both the serial number and AKI (Authority Key ID) for the certificate

func IsGMConfig 

func IsGMConfig() bool

func LoadPEMCertPool 

func LoadPEMCertPool(certFiles []string) (*sm2.CertPool, error)

LoadPEMCertPool loads a pool of PEM certificates from list of files

func NormalizeURL 

func NormalizeURL(addr string) (*url.URL, error)

NormalizeURL normalizes a URL (from cfssl)

func ParseSm2CertificateRequest2X509 

func ParseSm2CertificateRequest2X509(sm2req *sm2.CertificateRequest) *x509.CertificateRequest

SM2证书请求 转换 X509 证书请求

func SetProviderName 

func SetProviderName(name string)

func UnmarshalConfig 

func UnmarshalConfig(config interface{}, vp *viper.Viper, configFile string,
	server bool) error

UnmarshalConfig unmarshals a configuration file

Types

type CAConfig 

type CAConfig struct {
}

CAConfig ...

type CertificateDecoder 

type CertificateDecoder struct {
	// contains filtered or unexported fields
}

CertificateDecoder is needed to keep track of state, to see how many certificates have been returned for each enrollment ID.

func (*CertificateDecoder) CertificateDecoder 

func (cd *CertificateDecoder) CertificateDecoder(decoder *json.Decoder) error

CertificateDecoder decodes streams of data coming from the server

func (*CertificateDecoder) StoreCert 

func (cd *CertificateDecoder) StoreCert(enrollmentID, storePath string, cert []byte) error

StoreCert stores the certificate on the file system

type CertificateStatus 

type CertificateStatus string

CertificateStatus represents status of an enrollment certificate 

const (
	// Revoked is the status of a revoked certificate
	Revoked CertificateStatus = "revoked"
	// Good is the status of a active certificate
	Good = "good"
)

type Client 

type Client struct {
	// The client's home directory
	HomeDir string `json:"homeDir,omitempty"`
	// The client's configuration
	Config *ClientConfig
	// contains filtered or unexported fields
}

Client is the fabric-ca client object

func (*Client) Enroll 

func (c *Client) Enroll(req *api.EnrollmentRequest) (*EnrollmentResponse, error)

Enroll enrolls a new identity @param req The enrollment request

func (*Client) GenCSR 

func (c *Client) GenCSR(req *api.CSRInfo, id string) ([]byte, core.Key, error)

GenCSR generates a CSR (Certificate Signing Request)

func (*Client) GetCAInfo 

func (c *Client) GetCAInfo(req *api.GetCAInfoRequest) (*GetCAInfoResponse, error)

GetCAInfo returns generic CA information

func (*Client) GetCSP 

func (c *Client) GetCSP() core.CryptoSuite

GetCSP returns BCCSP instance associated with this client

func (*Client) Init 

func (c *Client) Init() error

Init initializes the client

func (*Client) NewIdentity 

func (c *Client) NewIdentity(creds []credential.Credential) (*Identity, error)

NewIdentity creates a new identity

func (*Client) NewX509Identity 

func (c *Client) NewX509Identity(name string, creds []credential.Credential) x509cred.Identity

NewX509Identity creates a new identity

func (*Client) SendReq 

func (c *Client) SendReq(req *http.Request, result interface{}) (err error)

SendReq sends a request to the fabric-ca-server and fills in the result

func (*Client) StreamResponse 

func (c *Client) StreamResponse(req *http.Request, stream string, cb func(*json.Decoder) error) (err error)

StreamResponse reads the response as it comes back from the server

type ClientConfig 

type ClientConfig struct {
	URL        string `def:"http://localhost:7054" opt:"u" help:"URL of fabric-ca-server"`
	MSPDir     string `def:"msp" opt:"M" help:"Membership Service Provider directory"`
	TLS        tls.ClientTLSConfig
	Enrollment api.EnrollmentRequest
	CSR        api.CSRInfo
	ID         api.RegistrationRequest
	Revoke     api.RevocationRequest
	CAInfo     api.GetCAInfoRequest
	CAName     string           `help:"Name of CA"`
	CSP        core.CryptoSuite `mapstructure:"bccsp" hide:"true"`
	ServerName string           `help:"CA server name to be used in case of host name override"`

	Debug    bool   `opt:"d" help:"Enable debug level logging" hide:"true"`
	LogLevel string `help:"Set logging level (info, warning, debug, error, fatal, critical)"`
}

ClientConfig is the fabric-ca client's config

type EnrollmentResponse 

type EnrollmentResponse struct {
	Identity *Identity
	CAInfo   GetCAInfoResponse
}

EnrollmentResponse is the response from Client.Enroll and Identity.Reenroll

type GetCAInfoResponse 

type GetCAInfoResponse struct {
	// CAName is the name of the CA
	CAName string
	// CAChain is the PEM-encoded bytes of the fabric-ca-server's CA chain.
	// The 1st element of the chain is the root CA cert
	CAChain []byte
	// Idemix issuer public key of the CA
	IssuerPublicKey []byte
	// Idemix issuer revocation public key of the CA
	IssuerRevocationPublicKey []byte
	// Version of the server
	Version string
}

GetCAInfoResponse is the response from the GetCAInfo call

type Identity 

type Identity struct {
	// contains filtered or unexported fields
}

Identity is fabric-ca's implementation of an identity

func NewIdentity 

func NewIdentity(client *Client, name string, creds []credential.Credential) *Identity

NewIdentity is the constructor for identity

func (*Identity) AddAffiliation 

func (i *Identity) AddAffiliation(req *api.AddAffiliationRequest) (*api.AffiliationResponse, error)

AddAffiliation adds a new affiliation to the server

func (*Identity) AddIdentity 

func (i *Identity) AddIdentity(req *api.AddIdentityRequest) (*api.IdentityResponse, error)

AddIdentity adds a new identity to the server

func (*Identity) Delete 

func (i *Identity) Delete(endpoint string, result interface{}, queryParam map[string]string) error

Delete sends a delete request to an endpoint

func (*Identity) Get 

func (i *Identity) Get(endpoint, caname string, result interface{}) error

Get sends a get request to an endpoint

func (*Identity) GetAffiliation 

func (i *Identity) GetAffiliation(affiliation, caname string) (*api.AffiliationResponse, error)

GetAffiliation returns information about the requested affiliation

func (*Identity) GetAllAffiliations 

func (i *Identity) GetAllAffiliations(caname string) (*api.AffiliationResponse, error)

GetAllAffiliations returns all affiliations that the caller is authorized to see

func (*Identity) GetAllIdentities 

func (i *Identity) GetAllIdentities(caname string, cb func(*json.Decoder) error) error

GetAllIdentities returns all identities that the caller is authorized to see

func (*Identity) GetECert 

func (i *Identity) GetECert() *x509.Signer

GetECert returns the enrollment certificate signer for this identity Returns nil if the identity does not have a X509 credential

func (*Identity) GetIdentity 

func (i *Identity) GetIdentity(id, caname string) (*api.GetIDResponse, error)

GetIdentity returns information about the requested identity

func (*Identity) GetName 

func (i *Identity) GetName() string

GetName returns the identity name

func (*Identity) GetStreamResponse 

func (i *Identity) GetStreamResponse(endpoint string, queryParam map[string]string, stream string, cb func(*json.Decoder) error) error

GetStreamResponse sends a request to an endpoint and streams the response

func (*Identity) ModifyAffiliation 

func (i *Identity) ModifyAffiliation(req *api.ModifyAffiliationRequest) (*api.AffiliationResponse, error)

ModifyAffiliation renames an existing affiliation on the server

func (*Identity) ModifyIdentity 

func (i *Identity) ModifyIdentity(req *api.ModifyIdentityRequest) (*api.IdentityResponse, error)

ModifyIdentity modifies an existing identity on the server

func (*Identity) Post 

func (i *Identity) Post(endpoint string, reqBody []byte, result interface{}, queryParam map[string]string) error

Post sends arbitrary request body (reqBody) to an endpoint. This adds an authorization header which contains the signature of this identity over the body and non-signature part of the authorization header. The return value is the body of the response.

func (*Identity) Put 

func (i *Identity) Put(endpoint string, reqBody []byte, queryParam map[string]string, result interface{}) error

Put sends a put request to an endpoint

func (*Identity) Reenroll 

func (i *Identity) Reenroll(req *api.ReenrollmentRequest) (*EnrollmentResponse, error)

Reenroll reenrolls an existing Identity and returns a new Identity @param req The reenrollment request

func (*Identity) Register 

func (i *Identity) Register(req *api.RegistrationRequest) (rr *api.RegistrationResponse, err error)

Register registers a new identity @param req The registration request

func (*Identity) RemoveAffiliation 

func (i *Identity) RemoveAffiliation(req *api.RemoveAffiliationRequest) (*api.AffiliationResponse, error)

RemoveAffiliation removes an existing affiliation from the server

func (*Identity) RemoveIdentity 

func (i *Identity) RemoveIdentity(req *api.RemoveIdentityRequest) (*api.IdentityResponse, error)

RemoveIdentity removes a new identity from the server

func (*Identity) Revoke 

func (i *Identity) Revoke(req *api.RevocationRequest) (*api.RevocationResponse, error)

Revoke the identity associated with 'id'

type ServerConfig 

type ServerConfig struct {
	CAcfg CAConfig `skip:"true"`
}

ServerConfig ...

Source Files

View all Source files

Directories

Path Synopsis
client
credential
credential/x509

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.