api

package
v0.0.0-...-adac428 Latest Latest
Warning

This package is not in the latest version of its module.

Go to latest
Published: Dec 12, 2021 License: Apache-2.0 Imports: 4 Imported by: 0

Documentation

Index

Constants

This section is empty.

Variables

This section is empty.

Functions

This section is empty.

Types

type AnchorPeer

type AnchorPeer struct {
	Host string // Host is the hostname/ip address of the remote peer
	Port int    // Port is the port the remote peer is listening on
}

AnchorPeer is an anchor peer's certificate and endpoint (host:port)

type ChannelNotifier

type ChannelNotifier interface {
	JoinChannel(joinMsg JoinChannelMessage, chainID common.ChainID)
}

ChannelNotifier is implemented by the gossip component and is used for the peer layer to notify the gossip component of a JoinChannel event

type JoinChannelMessage

type JoinChannelMessage interface {

	// SequenceNumber returns the sequence number of the configuration block
	// the JoinChannelMessage originated from
	SequenceNumber() uint64

	// Members returns the organizations of the channel
	Members() []OrgIdentityType

	// AnchorPeersOf returns the anchor peers of the given organization
	AnchorPeersOf(org OrgIdentityType) []AnchorPeer
}

JoinChannelMessage is the message that asserts a creation or mutation of a channel's membership list, and is the message that is gossipped among the peers

type MessageCryptoService

type MessageCryptoService interface {
	// GetPKIidOfCert returns the PKI-ID of a peer's identity
	// If any error occurs, the method return nil
	// This method does not validate peerIdentity.
	// This validation is supposed to be done appropriately during the execution flow.
	GetPKIidOfCert(peerIdentity PeerIdentityType) common.PKIidType

	// VerifyBlock returns nil if the block is properly signed, and the claimed seqNum is the
	// sequence number that the block's header contains.
	// else returns error
	VerifyBlock(chainID common.ChainID, seqNum uint64, signedBlock []byte) error

	// VerifyHeader does the same as VerifyBlock, except it does not compute the block.Data.Hash() and compare it to
	// the block.Header.DataHash. This is used when the orderer delivers a block with header & metadata only.
	VerifyHeader(chainID string, signedBlock *protoscommon.Block) error

	// Sign signs msg with this peer's signing key and outputs
	// the signature if no error occurred.
	Sign(msg []byte) ([]byte, error)

	// Verify checks that signature is a valid signature of message under a peer's verification key.
	// If the verification succeeded, Verify returns nil meaning no error occurred.
	// If peerIdentity is nil, then the verification fails.
	Verify(peerIdentity PeerIdentityType, signature, message []byte) error

	// VerifyByChannel checks that signature is a valid signature of message
	// under a peer's verification key, but also in the context of a specific channel.
	// If the verification succeeded, Verify returns nil meaning no error occurred.
	// If peerIdentity is nil, then the verification fails.
	VerifyByChannel(chainID common.ChainID, peerIdentity PeerIdentityType, signature, message []byte) error

	// ValidateIdentity validates the identity of a remote peer.
	// If the identity is invalid, revoked, expired it returns an error.
	// Else, returns nil
	ValidateIdentity(peerIdentity PeerIdentityType) error

	// Expiration returns:
	// - The time when the identity expires, nil
	//   In case it can expire
	// - A zero value time.Time, nil
	//   in case it cannot expire
	// - A zero value, error in case it cannot be
	//   determined if the identity can expire or not
	Expiration(peerIdentity PeerIdentityType) (time.Time, error)
}

MessageCryptoService is the contract between the gossip component and the peer's cryptographic layer and is used by the gossip component to verify, and authenticate remote peers and data they send, as well as to verify received blocks from the ordering service.

type OrgIdentityType

type OrgIdentityType []byte

OrgIdentityType defines the identity of an organization

type PeerIdentityFilter

type PeerIdentityFilter func(info PeerIdentityInfo) bool

PeerIdentityFilter defines predicate function used to filter peer identities

type PeerIdentityInfo

type PeerIdentityInfo struct {
	PKIId        common.PKIidType
	Identity     PeerIdentityType
	Organization OrgIdentityType
}

PeerIdentityInfo aggregates a peer's identity, and also additional metadata about it

type PeerIdentitySet

type PeerIdentitySet []PeerIdentityInfo

PeerIdentitySet aggregates a PeerIdentityInfo slice

func (PeerIdentitySet) ByID

func (pis PeerIdentitySet) ByID() map[string]PeerIdentityInfo

ByOrg sorts the PeerIdentitySet by PKI-IDs of its peers

func (PeerIdentitySet) ByOrg

func (pis PeerIdentitySet) ByOrg() map[string]PeerIdentitySet

ByOrg sorts the PeerIdentitySet by organizations of its peers

func (PeerIdentitySet) Filter

Filter filters identities based on predicate, returns new PeerIdentitySet with filtered ids.

type PeerIdentityType

type PeerIdentityType []byte

PeerIdentityType is the peer's certificate

type PeerSecureDialOpts

type PeerSecureDialOpts func() []grpc.DialOption

PeerSecureDialOpts returns the gRPC DialOptions to use for connection level security when communicating with remote peer endpoints

type PeerSignature

type PeerSignature struct {
	Signature    []byte
	Message      []byte
	PeerIdentity PeerIdentityType
}

PeerSignature defines a signature of a peer on a given message

type PeerSuspector

type PeerSuspector func(identity PeerIdentityType) bool

PeerSuspector returns whether a peer with a given identity is suspected as being revoked, or its CA is revoked

type RoutingFilter

type RoutingFilter func(peerIdentity PeerIdentityType) bool

RoutingFilter defines which peers should receive a certain message, or which peers are eligible of receiving a certain message

type RoutingFilterFactory

type RoutingFilterFactory interface {
	// Peers returns a RoutingFilter for given chainID and CollectionCriteria
	Peers(common.ChainID, SubChannelSelectionCriteria) RoutingFilter
}

RoutingFilterFactory defines an object that given a CollectionCriteria and a channel, it can ascertain which peers should be aware of the data related to the CollectionCriteria.

type SecurityAdvisor

type SecurityAdvisor interface {
	// OrgByPeerIdentity returns the OrgIdentityType
	// of a given peer identity.
	// If any error occurs, nil is returned.
	// This method does not validate peerIdentity.
	// This validation is supposed to be done appropriately during the execution flow.
	OrgByPeerIdentity(PeerIdentityType) OrgIdentityType
}

SecurityAdvisor defines an external auxiliary object that provides security and identity related capabilities

type SubChannelSelectionCriteria

type SubChannelSelectionCriteria func(signature PeerSignature) bool

SubChannelSelectionCriteria describes a way of selecting peers from a sub-channel given their signatures

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL