configtx

package
v0.2.1 Latest Latest
Warning

This package is not in the latest version of its module.

Go to latest
Published: Jun 23, 2023 License: Apache-2.0 Imports: 30 Imported by: 14

Documentation

Overview

Package configtx provides utilities to create and modify a channel configuration transaction. Channel transactions contain the configuration data defining members and policies for a system or application channel and can be used to either create or modify existing channels. Both the creation of a new channel or modification of an existing channel outputs an unsigned transaction represented in a protobuf binary format that must be signed by the requisite number of members such that the transaction fulfills the channel's modification policy.

See https://hyperledger-fabric.readthedocs.io/en/master/configtx.html#anatomy-of-a-configuration for an in-depth description of channel configuration's anatomy.

Example (ACLs)

This example shows the addition and removal of ACLs.

baseConfig := fetchChannelConfig()
c := configtx.New(baseConfig)
a := c.Application()

acls := map[string]string{
	"peer/Propose": "/Channel/Application/Writers",
}

err := a.SetACLs(acls)
if err != nil {
	panic(err)
}

aclsToDelete := []string{"event/Block"}

err = a.RemoveACLs(aclsToDelete)
if err != nil {
	panic(err)
}
Output:

Example (AnchorPeers)

This example shows the addition of an anchor peer and the removal of an existing anchor peer.

baseConfig := fetchChannelConfig()
c := configtx.New(baseConfig)
applicationOrg1 := c.Application().Organization("Org1")

newAnchorPeer := configtx.Address{
	Host: "127.0.0.2",
	Port: 7051,
}

// Add a new anchor peer
err := applicationOrg1.AddAnchorPeer(newAnchorPeer)
if err != nil {
	panic(err)
}

oldAnchorPeer := configtx.Address{
	Host: "127.0.0.1",
	Port: 7051,
}

// Remove an anchor peer
err = applicationOrg1.RemoveAnchorPeer(oldAnchorPeer)
if err != nil {
	panic(err)
}
Output:

Example (Basic)

This example shows the basic usage of the package: modifying, computing, and signing a config update.

baseConfig := fetchSystemChannelConfig()
c := configtx.New(baseConfig)

err := c.Consortium("SampleConsortium").SetChannelCreationPolicy(configtx.Policy{
	Type: configtx.ImplicitMetaPolicyType,
	Rule: "MAJORITY Admins",
})
if err != nil {
	panic(err)
}

// Compute the delta
marshaledUpdate, err := c.ComputeMarshaledUpdate("testsyschannel")
if err != nil {
	panic(err)
}

// Collect the necessary signatures
// The example respresents a 2 peer 1 org channel, to meet the policies defined
// the transaction will be signed by both peers
configSignatures := []*cb.ConfigSignature{}

peer1SigningIdentity := createSigningIdentity()
peer2SigningIdentity := createSigningIdentity()

signingIdentities := []configtx.SigningIdentity{
	peer1SigningIdentity,
	peer2SigningIdentity,
}

for _, si := range signingIdentities {
	// Create a signature for the config update with the specified signer identity
	configSignature, err := si.CreateConfigSignature(marshaledUpdate)
	if err != nil {
		panic(err)
	}

	configSignatures = append(configSignatures, configSignature)
}

// Create the envelope with the list of config signatures
env, err := configtx.NewEnvelope(marshaledUpdate, configSignatures...)
if err != nil {
	panic(err)
}

// Sign the envelope with a signing identity
err = peer1SigningIdentity.SignEnvelope(env)
if err != nil {
	panic(err)
}
Output:

Example (OrdererEndpoints)

This example shows the addition of an orderer endpoint and the removal of an existing orderer endpoint.

baseConfig := fetchChannelConfig()
c := configtx.New(baseConfig)
ordererOrg := c.Orderer().Organization("OrdererOrg")

err := ordererOrg.SetEndpoint(
	configtx.Address{Host: "127.0.0.3", Port: 8050},
)
if err != nil {
	panic(err)
}

err = ordererOrg.RemoveEndpoint(
	configtx.Address{Host: "127.0.0.1", Port: 9050},
)
if err != nil {
	panic(err)
}
Output:

Example (Organizations)

This example shows the addition and removal of organizations from config groups.

baseConfig := fetchChannelConfig()
c := configtx.New(baseConfig)
a := c.Application()

appOrg := configtx.Organization{
	Name: "Org2",
	MSP:  baseMSP(&testing.T{}),
	Policies: map[string]configtx.Policy{
		configtx.AdminsPolicyKey: {
			Type: configtx.ImplicitMetaPolicyType,
			Rule: "MAJORITY Admins",
		},
		configtx.EndorsementPolicyKey: {
			Type: configtx.ImplicitMetaPolicyType,
			Rule: "MAJORITY Endorsement",
		},
		configtx.LifecycleEndorsementPolicyKey: {
			Type: configtx.ImplicitMetaPolicyType,
			Rule: "MAJORITY Endorsement",
		},
		configtx.ReadersPolicyKey: {
			Type: configtx.ImplicitMetaPolicyType,
			Rule: "ANY Readers",
		},
		configtx.WritersPolicyKey: {
			Type: configtx.ImplicitMetaPolicyType,
			Rule: "ANY Writers",
		},
	},
	AnchorPeers: []configtx.Address{
		{
			Host: "127.0.0.1",
			Port: 7051,
		},
	},
}

err := a.SetOrganization(appOrg)
if err != nil {
	panic(err)
}

a.RemoveOrganization("Org2")

o := c.Orderer()

// Orderer Organization
ordererOrg := appOrg
ordererOrg.Name = "OrdererOrg2"
ordererOrg.AnchorPeers = nil

err = o.SetOrganization(ordererOrg)
if err != nil {
	panic(err)
}

o.RemoveOrganization("OrdererOrg2")
Output:

Example (Policies)

This example shows the addition and removal policies from different config groups.

baseConfig := fetchChannelConfig()
c := configtx.New(baseConfig)
applicationOrg1 := c.Application().Organization("Org1")

err := applicationOrg1.SetPolicy(
	"TestPolicy",
	configtx.Policy{
		Type: configtx.ImplicitMetaPolicyType,
		Rule: "MAJORITY Endorsement",
	})
if err != nil {
	panic(err)
}

err = applicationOrg1.RemovePolicy(configtx.WritersPolicyKey)
if err != nil {
	panic(err)
}

o := c.Orderer()
ordererOrg := o.Organization("OrdererOrg")

err = ordererOrg.RemovePolicy(configtx.WritersPolicyKey)
if err != nil {
	panic(err)
}

err = ordererOrg.SetPolicy(
	"TestPolicy",
	configtx.Policy{
		Type: configtx.ImplicitMetaPolicyType,
		Rule: "MAJORITY Endorsement",
	})
if err != nil {
	panic(err)
}

err = o.RemovePolicy(configtx.WritersPolicyKey)
if err != nil {
	panic(err)
}

err = o.SetPolicy("TestPolicy", configtx.Policy{
	Type: configtx.ImplicitMetaPolicyType,
	Rule: "MAJORITY Endorsement",
})
if err != nil {
	panic(err)
}
Output:

Example (Policies2)

This example shows the bulk replacement of multiple policies for different config groups.

baseConfig := fetchChannelConfig()
c := configtx.New(baseConfig)

a := c.Application()
newAppPolicies := map[string]configtx.Policy{
	configtx.ReadersPolicyKey: {
		Type: configtx.ImplicitMetaPolicyType,
		Rule: "ANY Readers",
	},
	configtx.WritersPolicyKey: {
		Type: configtx.ImplicitMetaPolicyType,
		Rule: "ANY Writers",
	},
	configtx.AdminsPolicyKey: {
		Type: configtx.ImplicitMetaPolicyType,
		Rule: "MAJORITY Admins",
	},
	configtx.EndorsementPolicyKey: {
		Type: configtx.ImplicitMetaPolicyType,
		Rule: "MAJORITY Endorsement",
	},
	configtx.LifecycleEndorsementPolicyKey: {
		Type: configtx.ImplicitMetaPolicyType,
		Rule: "MAJORITY Endorsement",
	},
	"TestPolicy1": {
		Type: configtx.ImplicitMetaPolicyType,
		Rule: "MAJORITY Endorsement",
	},
	"TestPolicy2": {
		Type: configtx.ImplicitMetaPolicyType,
		Rule: "MAJORITY Admins",
	},
}
err := a.SetPolicies(newAppPolicies)
if err != nil {
	panic(err)
}

o := c.Orderer()
newOrdererPolicies := map[string]configtx.Policy{
	configtx.ReadersPolicyKey: {
		Type: configtx.ImplicitMetaPolicyType,
		Rule: "ANY Readers",
	},
	configtx.WritersPolicyKey: {
		Type: configtx.ImplicitMetaPolicyType,
		Rule: "ANY Writers",
	},
	configtx.AdminsPolicyKey: {
		Type: configtx.ImplicitMetaPolicyType,
		Rule: "MAJORITY Admins",
	},
	configtx.BlockValidationPolicyKey: {
		Type: configtx.ImplicitMetaPolicyType,
		Rule: "ANY Writers",
	},
	"TestPolicy1": {
		Type: configtx.ImplicitMetaPolicyType,
		Rule: "MAJORITY Admins",
	},
	"TestPolicy2": {
		Type: configtx.ImplicitMetaPolicyType,
		Rule: "MAJORITY Writers",
	},
}
err = o.SetPolicies(newOrdererPolicies)
if err != nil {
	panic(err)
}
Output:

Index

Examples

Constants

View Source
const (

	// ConsortiumKey is the key for the ConfigValue of a
	// Consortium.
	ConsortiumKey = "Consortium"

	// HashingAlgorithmKey is the key for the ConfigValue of a
	// HashingAlgorithm.
	HashingAlgorithmKey = "HashingAlgorithm"

	// BlockDataHashingStructureKey is the key for the ConfigValue
	// of a BlockDataHashingStructure.
	BlockDataHashingStructureKey = "BlockDataHashingStructure"

	// CapabilitiesKey is the key for the ConfigValue, capabilities.
	// CapabiltiesKey can be used at the channel, application, and orderer levels.
	CapabilitiesKey = "Capabilities"

	// EndpointsKey is the key for the ConfigValue, Endpoints in
	// a OrdererOrgGroup.
	EndpointsKey = "Endpoints"

	// MSPKey is the key for the ConfigValue, MSP.
	MSPKey = "MSP"

	// AdminsPolicyKey is the key used for the admin policy.
	AdminsPolicyKey = "Admins"

	// ReadersPolicyKey is the key used for the read policy.
	ReadersPolicyKey = "Readers"

	// WritersPolicyKey is the key used for the write policy.
	WritersPolicyKey = "Writers"

	// EndorsementPolicyKey is the key used for the endorsement policy.
	EndorsementPolicyKey = "Endorsement"

	// LifecycleEndorsementPolicyKey is the key used for the lifecycle endorsement
	// policy.
	LifecycleEndorsementPolicyKey = "LifecycleEndorsement"

	// BlockValidationPolicyKey is the key used for the block validation policy in
	// the OrdererOrgGroup.
	BlockValidationPolicyKey = "BlockValidation"

	// ChannelCreationPolicyKey is the key used in the consortium config to denote
	// the policy to be used in evaluating whether a channel creation request
	// is authorized.
	ChannelCreationPolicyKey = "ChannelCreationPolicy"

	// ChannelGroupKey is the group name for the channel config.
	ChannelGroupKey = "Channel"

	// ConsortiumsGroupKey is the group name for the consortiums config.
	ConsortiumsGroupKey = "Consortiums"

	// OrdererGroupKey is the group name for the orderer config.
	OrdererGroupKey = "Orderer"

	// ApplicationGroupKey is the group name for the Application config.
	ApplicationGroupKey = "Application"

	// ACLsKey is the name of the ACLs config.
	ACLsKey = "ACLs"

	// AnchorPeersKey is the key name for the AnchorPeers ConfigValue.
	AnchorPeersKey = "AnchorPeers"

	// ImplicitMetaPolicyType is the 'Type' string for implicit meta policies.
	ImplicitMetaPolicyType = "ImplicitMeta"

	// SignaturePolicyType is the 'Type' string for signature policies.
	SignaturePolicyType = "Signature"

	// OrdererAddressesKey is the key for the ConfigValue of OrdererAddresses.
	OrdererAddressesKey = "OrdererAddresses"
)
View Source
const YEAR = 365 * 24 * time.Hour

YEAR is a time duration for a standard 365 day year.

Variables

This section is empty.

Functions

func NewApplicationChannelGenesisBlock added in v0.0.5

func NewApplicationChannelGenesisBlock(channelConfig Channel, channelID string) (*cb.Block, error)

NewApplicationChannelGenesisBlock creates a genesis block using the provided application and orderer configuration and returns a block.

Example
channel := configtx.Channel{
	Orderer: configtx.Orderer{
		OrdererType: orderer.ConsensusTypeEtcdRaft,
		Organizations: []configtx.Organization{
			{
				Name: "OrdererMSP",
				Policies: map[string]configtx.Policy{
					configtx.ReadersPolicyKey: {
						Type: configtx.SignaturePolicyType,
						Rule: "OR('OrdererMSP.member')",
					},
					configtx.WritersPolicyKey: {
						Type: configtx.SignaturePolicyType,
						Rule: "OR('OrdererMSP.member')",
					},
					configtx.AdminsPolicyKey: {
						Type: configtx.SignaturePolicyType,
						Rule: "OR('OrdererMSP.admin')",
					},
				},
				OrdererEndpoints: []string{
					"host1:7050",
				},
				MSP: baseMSP(&testing.T{}),
			},
		},
		EtcdRaft: orderer.EtcdRaft{
			Consenters: []orderer.Consenter{
				{
					Address: orderer.EtcdAddress{
						Host: "host1",
						Port: 7050,
					},
					ClientTLSCert: generateCert(),
					ServerTLSCert: generateCert(),
				},
			},
			Options: orderer.EtcdRaftOptions{
				TickInterval:         "500ms",
				ElectionTick:         10,
				HeartbeatTick:        1,
				MaxInflightBlocks:    5,
				SnapshotIntervalSize: 16 * 1024 * 1024,
			},
		},
		Policies: map[string]configtx.Policy{
			configtx.ReadersPolicyKey: {
				Type: configtx.ImplicitMetaPolicyType,
				Rule: "ANY Readers",
			},
			configtx.WritersPolicyKey: {
				Type: configtx.ImplicitMetaPolicyType,
				Rule: "ANY Writers",
			},
			configtx.AdminsPolicyKey: {
				Type: configtx.ImplicitMetaPolicyType,
				Rule: "MAJORITY Admins",
			},
			configtx.BlockValidationPolicyKey: {
				Type: configtx.ImplicitMetaPolicyType,
				Rule: "ANY Writers",
			},
		},
		Capabilities: []string{"V2_0"},
		BatchSize: orderer.BatchSize{
			MaxMessageCount:   100,
			AbsoluteMaxBytes:  100,
			PreferredMaxBytes: 100,
		},
		BatchTimeout: 2 * time.Second,
		State:        orderer.ConsensusStateNormal,
	},
	Application: configtx.Application{
		Organizations: []configtx.Organization{
			{
				Name: "Org1MSP",
				Policies: map[string]configtx.Policy{
					configtx.ReadersPolicyKey: {
						Type: configtx.SignaturePolicyType,
						Rule: "OR('Org1MSP.admin', 'Org1MSP.peer'," +
							"'Org1MSP.client')",
					},
					configtx.WritersPolicyKey: {
						Type: configtx.SignaturePolicyType,
						Rule: "OR('Org1MSP.admin', 'Org1MSP.client')",
					},
					configtx.AdminsPolicyKey: {
						Type: configtx.SignaturePolicyType,
						Rule: "OR('Org1MSP.admin')",
					},
					configtx.EndorsementPolicyKey: {
						Type: configtx.SignaturePolicyType,
						Rule: "OR('Org1MSP.peer')",
					},
				},
				MSP: baseMSP(&testing.T{}),
			},
			{
				Name: "Org2MSP",
				Policies: map[string]configtx.Policy{
					configtx.ReadersPolicyKey: {
						Type: configtx.SignaturePolicyType,
						Rule: "OR('Org2MSP.admin', 'Org2MSP.peer'," +
							"'Org2MSP.client')",
					},
					configtx.WritersPolicyKey: {
						Type: configtx.SignaturePolicyType,
						Rule: "OR('Org2MSP.admin', 'Org2MSP.client')",
					},
					configtx.AdminsPolicyKey: {
						Type: configtx.SignaturePolicyType,
						Rule: "OR('Org2MSP.admin')",
					},
					configtx.EndorsementPolicyKey: {
						Type: configtx.SignaturePolicyType,
						Rule: "OR('Org2MSP.peer')",
					},
				},
				MSP: baseMSP(&testing.T{}),
			},
		},
		Capabilities: []string{"V2_0"},
		ACLs: map[string]string{
			"event/Block": "/Channel/Application/Readers",
		},
		Policies: map[string]configtx.Policy{
			configtx.ReadersPolicyKey: {
				Type: configtx.ImplicitMetaPolicyType,
				Rule: "ANY Readers",
			},
			configtx.WritersPolicyKey: {
				Type: configtx.ImplicitMetaPolicyType,
				Rule: "ANY Writers",
			},
			configtx.AdminsPolicyKey: {
				Type: configtx.ImplicitMetaPolicyType,
				Rule: "MAJORITY Admins",
			},
			configtx.EndorsementPolicyKey: {
				Type: configtx.ImplicitMetaPolicyType,
				Rule: "MAJORITY Endorsement",
			},
			configtx.LifecycleEndorsementPolicyKey: {
				Type: configtx.ImplicitMetaPolicyType,
				Rule: "MAJORITY Endorsement",
			},
		},
	},
	Capabilities: []string{"V2_0"},
	Policies: map[string]configtx.Policy{
		configtx.ReadersPolicyKey: {
			Type: configtx.ImplicitMetaPolicyType,
			Rule: "ANY Readers",
		},
		configtx.WritersPolicyKey: {
			Type: configtx.ImplicitMetaPolicyType,
			Rule: "ANY Writers",
		},
		configtx.AdminsPolicyKey: {
			Type: configtx.ImplicitMetaPolicyType,
			Rule: "MAJORITY Admins",
		},
	},
}

channelID := "testchannel"
_, err := configtx.NewApplicationChannelGenesisBlock(channel, channelID)
if err != nil {
	panic(err)
}
Output:

func NewEnvelope

func NewEnvelope(marshaledUpdate []byte, signatures ...*cb.ConfigSignature) (*cb.Envelope, error)

NewEnvelope creates an envelope with the provided marshaled config update and config signatures.

func NewMarshaledCreateChannelTx added in v0.0.4

func NewMarshaledCreateChannelTx(channelConfig Channel, channelID string) ([]byte, error)

NewMarshaledCreateChannelTx creates a create channel config update transaction using the provided application channel configuration and returns the marshaled bytes.

Example
channel := configtx.Channel{
	Consortium: "SampleConsortium",
	Application: configtx.Application{
		Organizations: []configtx.Organization{
			{
				Name: "Org1",
			},
			{
				Name: "Org2",
			},
		},
		Capabilities: []string{"V1_3"},
		ACLs: map[string]string{
			"event/Block": "/Channel/Application/Readers",
		},
		Policies: map[string]configtx.Policy{
			configtx.ReadersPolicyKey: {
				Type: configtx.ImplicitMetaPolicyType,
				Rule: "ANY Readers",
			},
			configtx.WritersPolicyKey: {
				Type: configtx.ImplicitMetaPolicyType,
				Rule: "ANY Writers",
			},
			configtx.AdminsPolicyKey: {
				Type: configtx.ImplicitMetaPolicyType,
				Rule: "MAJORITY Admins",
			},
			configtx.EndorsementPolicyKey: {
				Type: configtx.ImplicitMetaPolicyType,
				Rule: "MAJORITY Endorsement",
			},
			configtx.LifecycleEndorsementPolicyKey: {
				Type: configtx.ImplicitMetaPolicyType,
				Rule: "MAJORITY Endorsement",
			},
		},
	},
}

_, err := configtx.NewMarshaledCreateChannelTx(channel, "testchannel")
if err != nil {
	panic(err)
}
Output:

func NewSystemChannelGenesisBlock

func NewSystemChannelGenesisBlock(channelConfig Channel, channelID string) (*cb.Block, error)

NewSystemChannelGenesisBlock creates a genesis block using the provided consortiums and orderer configuration and returns a block.

Example
channel := configtx.Channel{
	Consortiums: []configtx.Consortium{
		{
			Name: "Consortium1",
			Organizations: []configtx.Organization{
				{
					Name: "Org1MSP",
					Policies: map[string]configtx.Policy{
						configtx.ReadersPolicyKey: {
							Type: configtx.SignaturePolicyType,
							Rule: "OR('Org1MSP.admin', 'Org1MSP.peer'," +
								"'Org1MSP.client')",
						},
						configtx.WritersPolicyKey: {
							Type: configtx.SignaturePolicyType,
							Rule: "OR('Org1MSP.admin', 'Org1MSP.client')",
						},
						configtx.AdminsPolicyKey: {
							Type: configtx.SignaturePolicyType,
							Rule: "OR('Org1MSP.admin')",
						},
						configtx.EndorsementPolicyKey: {
							Type: configtx.SignaturePolicyType,
							Rule: "OR('Org1MSP.peer')",
						},
					},
					MSP: baseMSP(&testing.T{}),
				},
			},
		},
	},
	Orderer: configtx.Orderer{
		Policies: map[string]configtx.Policy{
			configtx.ReadersPolicyKey: {
				Type: configtx.ImplicitMetaPolicyType,
				Rule: "ANY Readers",
			},
			configtx.WritersPolicyKey: {
				Type: configtx.ImplicitMetaPolicyType,
				Rule: "ANY Writers",
			},
			configtx.AdminsPolicyKey: {
				Type: configtx.ImplicitMetaPolicyType,
				Rule: "MAJORITY Admins",
			},
			configtx.BlockValidationPolicyKey: {
				Type: configtx.ImplicitMetaPolicyType,
				Rule: "ANY Writers",
			},
		},
		OrdererType: orderer.ConsensusTypeSolo,
		Organizations: []configtx.Organization{
			{
				Name: "OrdererMSP",
				Policies: map[string]configtx.Policy{
					configtx.ReadersPolicyKey: {
						Type: configtx.SignaturePolicyType,
						Rule: "OR('OrdererMSP.member')",
					},
					configtx.WritersPolicyKey: {
						Type: configtx.SignaturePolicyType,
						Rule: "OR('OrdererMSP.member')",
					},
					configtx.AdminsPolicyKey: {
						Type: configtx.SignaturePolicyType,
						Rule: "OR('OrdererMSP.admin')",
					},
				},
				OrdererEndpoints: []string{
					"localhost:123",
				},
				MSP: baseMSP(&testing.T{}),
			},
		},
		Capabilities: []string{"V1_3"},
		BatchSize: orderer.BatchSize{
			MaxMessageCount:   100,
			AbsoluteMaxBytes:  100,
			PreferredMaxBytes: 100,
		},
		BatchTimeout: 2 * time.Second,
		State:        orderer.ConsensusStateNormal,
	},
	Capabilities: []string{"V2_0"},
	Policies: map[string]configtx.Policy{
		configtx.ReadersPolicyKey: {
			Type: configtx.ImplicitMetaPolicyType,
			Rule: "ANY Readers",
		},
		configtx.WritersPolicyKey: {
			Type: configtx.ImplicitMetaPolicyType,
			Rule: "ANY Writers",
		},
		configtx.AdminsPolicyKey: {
			Type: configtx.ImplicitMetaPolicyType,
			Rule: "MAJORITY Admins",
		},
	},
	Consortium: "",
}

channelID := "testSystemChannel"
_, err := configtx.NewSystemChannelGenesisBlock(channel, channelID)
if err != nil {
	panic(err)
}
Output:

Types

type Address

type Address struct {
	Host string
	Port int
}

Address contains the hostname and port for an endpoint.

type Application

type Application struct {
	Organizations []Organization
	Capabilities  []string
	Policies      map[string]Policy
	ACLs          map[string]string
	ModPolicy     string
}

Application is a copy of the orderer configuration with the addition of an anchor peers list in the organization definition.

type ApplicationGroup

type ApplicationGroup struct {
	// contains filtered or unexported fields
}

ApplicationGroup encapsulates the part of the config that controls application channels.

func (*ApplicationGroup) ACLs

func (a *ApplicationGroup) ACLs() (map[string]string, error)

ACLs returns a map of ACLS for given config application.

func (*ApplicationGroup) AddCapability

func (a *ApplicationGroup) AddCapability(capability string) error

AddCapability sets capability to the provided channel config. If the provided capability already exists in current configuration, this action will be a no-op.

func (*ApplicationGroup) Capabilities

func (a *ApplicationGroup) Capabilities() ([]string, error)

Capabilities returns a map of enabled application capabilities from the updated config.

func (*ApplicationGroup) Configuration

func (a *ApplicationGroup) Configuration() (Application, error)

Configuration returns the existing application configuration values from a config transaction as an Application type. This can be used to retrieve existing values for the application prior to updating the application configuration.

func (*ApplicationGroup) Organization

func (a *ApplicationGroup) Organization(name string) *ApplicationOrg

Organization returns the application org from the updated config.

func (*ApplicationGroup) Policies

func (a *ApplicationGroup) Policies() (map[string]Policy, error)

Policies returns a map of policies for the application config group in the updatedconfig.

func (*ApplicationGroup) RemoveACLs

func (a *ApplicationGroup) RemoveACLs(acls []string) error

RemoveACLs a list of ACLs from given channel config application. Specifying acls that do not exist in the application ConfigGroup of the channel config will not return a error. Removal will panic if application group does not exist.

func (*ApplicationGroup) RemoveCapability

func (a *ApplicationGroup) RemoveCapability(capability string) error

RemoveCapability removes capability to the provided channel config.

func (*ApplicationGroup) RemoveOrganization

func (a *ApplicationGroup) RemoveOrganization(orgName string)

RemoveOrganization removes an org from the Application group. Removal will panic if the application group does not exist.

func (*ApplicationGroup) RemovePolicy

func (a *ApplicationGroup) RemovePolicy(policyName string) error

RemovePolicy removes an existing policy from an application's configuration. Removal will panic if the application group does not exist.

func (*ApplicationGroup) SetACLs

func (a *ApplicationGroup) SetACLs(acls map[string]string) error

SetACLs sets ACLS to an existing channel config application. If an ACL already exists in current configuration, it will be replaced with new ACL.

func (*ApplicationGroup) SetModPolicy added in v0.1.0

func (a *ApplicationGroup) SetModPolicy(modPolicy string) error

SetModPolicy sets the specified modification policy for the application group.

func (*ApplicationGroup) SetOrganization

func (a *ApplicationGroup) SetOrganization(org Organization) error

SetOrganization sets the organization config group for the given application org key in an existing Application configuration's Groups map. If the application org already exists in the current configuration, its value will be overwritten.

func (*ApplicationGroup) SetPolicies added in v0.0.9

func (a *ApplicationGroup) SetPolicies(policies map[string]Policy) error

SetPolicies sets the specified policies in the application group's config policy map. If the policies already exist in current configuration, the values will be replaced with new policies.

func (*ApplicationGroup) SetPolicy

func (a *ApplicationGroup) SetPolicy(policyName string, policy Policy) error

SetPolicy sets the specified policy in the application group's config policy map. If the policy already exists in current configuration, its value will be overwritten.

type ApplicationOrg

type ApplicationOrg struct {
	// contains filtered or unexported fields
}

ApplicationOrg encapsulates the parts of the config that control an application organization's configuration.

func (*ApplicationOrg) AddAnchorPeer

func (a *ApplicationOrg) AddAnchorPeer(newAnchorPeer Address) error

AddAnchorPeer adds an anchor peer to an application org's configuration in the updated config.

func (*ApplicationOrg) AnchorPeers

func (a *ApplicationOrg) AnchorPeers() ([]Address, error)

AnchorPeers returns the list of anchor peers for an application org in the updated config.

func (*ApplicationOrg) Configuration

func (a *ApplicationOrg) Configuration() (Organization, error)

Configuration returns the existing application org configuration values from the updated config.

func (*ApplicationOrg) MSP

func (a *ApplicationOrg) MSP() *OrganizationMSP

MSP returns an OrganizationMSP object that can be used to configure the organization's MSP.

func (*ApplicationOrg) Policies

func (a *ApplicationOrg) Policies() (map[string]Policy, error)

Policies returns the map of policies for a specific application org in the updated config.

func (*ApplicationOrg) RemoveAnchorPeer

func (a *ApplicationOrg) RemoveAnchorPeer(anchorPeerToRemove Address) error

RemoveAnchorPeer removes an anchor peer from an application org's configuration in the updated config.

func (*ApplicationOrg) RemovePolicy

func (a *ApplicationOrg) RemovePolicy(policyName string) error

RemovePolicy removes an existing policy from an application organization.

func (*ApplicationOrg) SetMSP

func (a *ApplicationOrg) SetMSP(updatedMSP MSP) error

SetMSP updates the MSP config for the specified application org group.

Example

This example shows the addition of a certificate to an application org's intermediate certificate list.

baseConfig := fetchChannelConfig()
c := configtx.New(baseConfig)
applicationOrg1 := c.Application().Organization("Org1")

msp, err := applicationOrg1.MSP().Configuration()
if err != nil {
	panic(err)
}

newIntermediateCert := &x509.Certificate{
	KeyUsage: x509.KeyUsageKeyEncipherment | x509.KeyUsageDigitalSignature | x509.KeyUsageCertSign,
	IsCA:     true,
}

msp.IntermediateCerts = append(msp.IntermediateCerts, newIntermediateCert)

err = applicationOrg1.SetMSP(msp)
if err != nil {
	panic(err)
}
Output:

func (*ApplicationOrg) SetModPolicy added in v0.1.0

func (a *ApplicationOrg) SetModPolicy(modPolicy string) error

SetModPolicy sets the specified modification policy for the application organization group.

func (*ApplicationOrg) SetPolicies added in v0.0.9

func (a *ApplicationOrg) SetPolicies(policies map[string]Policy) error

SetPolicies sets the specified policies in the application org group's config policy map. If the policies already exist in current configuration, the values will be replaced with new policies.

func (*ApplicationOrg) SetPolicy

func (a *ApplicationOrg) SetPolicy(policyName string, policy Policy) error

SetPolicy sets the specified policy in the application org group's config policy map. If an Organization policy already exists in current configuration, its value will be overwritten.

type BatchSizeValue added in v0.0.7

type BatchSizeValue struct {
	// contains filtered or unexported fields
}

BatchSizeValue encapsulates the configuration functions used to modify an orderer configuration's batch size values.

func (*BatchSizeValue) SetAbsoluteMaxBytes added in v0.0.7

func (b *BatchSizeValue) SetAbsoluteMaxBytes(maxBytes uint32) error

SetAbsoluteMaxBytes sets an orderer configuration's batch size max block size.

func (*BatchSizeValue) SetMaxMessageCount added in v0.0.7

func (b *BatchSizeValue) SetMaxMessageCount(maxMessageCount uint32) error

SetMaxMessageCount sets an orderer configuration's batch size max message count.

func (*BatchSizeValue) SetPreferredMaxBytes added in v0.0.7

func (b *BatchSizeValue) SetPreferredMaxBytes(maxBytes uint32) error

SetPreferredMaxBytes sets an orderer configuration's batch size preferred size of blocks.

type Channel

type Channel struct {
	Consortium   string
	Application  Application
	Orderer      Orderer
	Consortiums  []Consortium
	Capabilities []string
	Policies     map[string]Policy
	ModPolicy    string
}

Channel is a channel configuration.

type ChannelGroup

type ChannelGroup struct {
	// contains filtered or unexported fields
}

ChannelGroup encapsulates the parts of the config that control channels. This type implements retrieval of the various channel config values.

func (*ChannelGroup) AddCapability

func (c *ChannelGroup) AddCapability(capability string) error

AddCapability adds capability to the provided channel config. If the provided capability already exists in current configuration, this action will be a no-op.

func (*ChannelGroup) Capabilities

func (c *ChannelGroup) Capabilities() ([]string, error)

Capabilities returns a map of enabled channel capabilities from a config transaction's updated config.

func (*ChannelGroup) Configuration

func (c *ChannelGroup) Configuration() (Channel, error)

Configuration returns a channel configuration value from a config transaction.

func (*ChannelGroup) Policies

func (c *ChannelGroup) Policies() (map[string]Policy, error)

Policies returns a map of policies for channel configuration.

func (*ChannelGroup) RemoveCapability

func (c *ChannelGroup) RemoveCapability(capability string) error

RemoveCapability removes capability to the provided channel config.

func (*ChannelGroup) RemoveLegacyOrdererAddresses added in v0.0.5

func (c *ChannelGroup) RemoveLegacyOrdererAddresses()

RemoveLegacyOrdererAddresses removes the deprecated top level orderer addresses config key and value from the channel config. In fabric 1.4, top level orderer addresses were migrated to the org level orderer endpoints While top-level orderer addresses are still supported, the organization value is preferred.

func (*ChannelGroup) RemovePolicy

func (c *ChannelGroup) RemovePolicy(policyName string) error

RemovePolicy removes an existing channel level policy.

func (*ChannelGroup) SetModPolicy added in v0.1.0

func (c *ChannelGroup) SetModPolicy(modPolicy string) error

SetModPolicy sets the specified modification policy for the channel group.

func (*ChannelGroup) SetPolicies added in v0.0.9

func (c *ChannelGroup) SetPolicies(policies map[string]Policy) error

SetPolicies sets the specified policies in the channel group's config policy map. If the policies already exist in current configuration, the values will be replaced with new policies.

func (*ChannelGroup) SetPolicy

func (c *ChannelGroup) SetPolicy(policyName string, policy Policy) error

SetPolicy sets the specified policy in the channel group's config policy map. If the policy already exists in current configuration, its value will be overwritten.

type ConfigTx

type ConfigTx struct {
	// contains filtered or unexported fields
}

ConfigTx wraps a config transaction.

func New

func New(config *cb.Config) ConfigTx

New creates a new ConfigTx from a Config protobuf. New will panic if given an empty config.

func (*ConfigTx) Application

func (c *ConfigTx) Application() *ApplicationGroup

Application returns the application group the updated config.

func (*ConfigTx) Channel

func (c *ConfigTx) Channel() *ChannelGroup

Channel returns the channel group from the updated config.

func (*ConfigTx) ComputeMarshaledUpdate added in v0.0.4

func (c *ConfigTx) ComputeMarshaledUpdate(channelID string) ([]byte, error)

ComputeMarshaledUpdate computes the ConfigUpdate from a base and modified config transaction and returns the marshaled bytes.

func (*ConfigTx) Consortium

func (c *ConfigTx) Consortium(name string) *ConsortiumGroup

Consortium returns a consortium group from the updated config.

func (*ConfigTx) Consortiums

func (c *ConfigTx) Consortiums() *ConsortiumsGroup

Consortiums returns the consortiums group from the updated config.

func (*ConfigTx) Orderer

func (c *ConfigTx) Orderer() *OrdererGroup

Orderer returns the orderer group from the updated config.

func (*ConfigTx) OriginalConfig

func (c *ConfigTx) OriginalConfig() *cb.Config

OriginalConfig returns the original unedited config.

func (*ConfigTx) UpdatedConfig

func (c *ConfigTx) UpdatedConfig() *cb.Config

UpdatedConfig returns the modified config.

type Consortium

type Consortium struct {
	Name          string
	Organizations []Organization
}

Consortium is a group of non-orderer organizations used in channel transactions.

type ConsortiumGroup

type ConsortiumGroup struct {
	// contains filtered or unexported fields
}

ConsortiumGroup encapsulates the parts of the config that control a specific consortium. This type implements retrieval of the various consortium config values.

func (*ConsortiumGroup) Configuration

func (c *ConsortiumGroup) Configuration() (Consortium, error)

Configuration returns the configuration for a consortium group.

func (*ConsortiumGroup) Organization

func (c *ConsortiumGroup) Organization(name string) *ConsortiumOrg

Organization returns the consortium org from the original config.

func (*ConsortiumGroup) RemoveOrganization

func (c *ConsortiumGroup) RemoveOrganization(name string)

RemoveOrganization removes an org from a consortium group. Removal will panic if either the consortiums group or consortium group does not exist.

func (*ConsortiumGroup) SetChannelCreationPolicy

func (c *ConsortiumGroup) SetChannelCreationPolicy(policy Policy) error

SetChannelCreationPolicy sets the ConsortiumChannelCreationPolicy for the given configuration Group. If the policy already exists in current configuration, its value will be overwritten.

func (*ConsortiumGroup) SetOrganization

func (c *ConsortiumGroup) SetOrganization(org Organization) error

SetOrganization sets the organization config group for the given org key in an existing Consortium configuration's Groups map. If the consortium org already exists in the current configuration, its value will be overwritten.

type ConsortiumOrg

type ConsortiumOrg struct {
	// contains filtered or unexported fields
}

ConsortiumOrg encapsulates the parts of the config that control a consortium organization's configuration.

func (*ConsortiumOrg) Configuration

func (c *ConsortiumOrg) Configuration() (Organization, error)

Configuration retrieves an existing org's configuration from a consortium organization config group in the updated config.

func (*ConsortiumOrg) MSP

func (c *ConsortiumOrg) MSP() *OrganizationMSP

MSP returns an OrganizationMSP object that can be used to configure the organization's MSP.

func (*ConsortiumOrg) Policies

func (c *ConsortiumOrg) Policies() (map[string]Policy, error)

Policies returns a map of policies for a specific consortium org.

func (*ConsortiumOrg) RemovePolicy

func (c *ConsortiumOrg) RemovePolicy(name string)

RemovePolicy removes an existing policy from a consortium's organization. Removal will panic if either the consortiums group, consortium group, or consortium org group does not exist.

func (*ConsortiumOrg) SetMSP

func (c *ConsortiumOrg) SetMSP(updatedMSP MSP) error

SetMSP updates the MSP config for the specified consortium org group.

Example

This example shows the addition of a certificate to a consortium org's intermediate certificate list.

baseConfig := fetchSystemChannelConfig()
c := configtx.New(baseConfig)

sampleConsortiumOrg1 := c.Consortium("SampleConsortium").Organization("Org1")

msp, err := sampleConsortiumOrg1.MSP().Configuration()
if err != nil {
	panic(err)
}

newIntermediateCert := &x509.Certificate{
	KeyUsage: x509.KeyUsageKeyEncipherment | x509.KeyUsageDigitalSignature | x509.KeyUsageCertSign,
	IsCA:     true,
}

msp.IntermediateCerts = append(msp.IntermediateCerts, newIntermediateCert)

err = sampleConsortiumOrg1.SetMSP(msp)
if err != nil {
	panic(err)
}
Output:

func (*ConsortiumOrg) SetModPolicy added in v0.1.0

func (c *ConsortiumOrg) SetModPolicy(modPolicy string) error

SetModPolicy sets the specified modification policy for the consortium org group.

func (*ConsortiumOrg) SetPolicies added in v0.0.9

func (c *ConsortiumOrg) SetPolicies(policies map[string]Policy) error

SetPolicies sets the specified policies in the consortium org group's config policy map. If the policies already exist in current configuration, the values will be replaced with new policies.

func (*ConsortiumOrg) SetPolicy

func (c *ConsortiumOrg) SetPolicy(name string, policy Policy) error

SetPolicy sets the specified policy in the consortium org group's config policy map. If the policy already exists in current configuration, its value will be overwritten.

type ConsortiumsGroup

type ConsortiumsGroup struct {
	// contains filtered or unexported fields
}

ConsortiumsGroup encapsulates the parts of the config that control consortiums.

func (*ConsortiumsGroup) Configuration

func (c *ConsortiumsGroup) Configuration() ([]Consortium, error)

Configuration returns a list of consortium configurations from the updated config. Consortiums are only defined for the ordering system channel.

func (*ConsortiumsGroup) RemoveConsortium

func (c *ConsortiumsGroup) RemoveConsortium(name string)

RemoveConsortium removes a consortium from a channel configuration. Removal will panic if the consortiums group does not exist.

func (*ConsortiumsGroup) SetConsortium

func (c *ConsortiumsGroup) SetConsortium(consortium Consortium) error

SetConsortium sets the consortium in a channel configuration. If the consortium already exists in the current configuration, its value will be overwritten.

type EtcdRaftOptionsValue added in v0.0.7

type EtcdRaftOptionsValue struct {
	// contains filtered or unexported fields
}

EtcdRaftOptionsValue encapsulates the configuration functions used to modify an etcdraft configuration's options.

func (*EtcdRaftOptionsValue) SetElectionInterval added in v0.0.7

func (e *EtcdRaftOptionsValue) SetElectionInterval(interval uint32) error

SetElectionInterval sets the Etcdraft's election interval.

func (*EtcdRaftOptionsValue) SetHeartbeatTick added in v0.0.7

func (e *EtcdRaftOptionsValue) SetHeartbeatTick(tick uint32) error

SetHeartbeatTick sets the Etcdraft's heartbeat tick interval.

func (*EtcdRaftOptionsValue) SetMaxInflightBlocks added in v0.0.7

func (e *EtcdRaftOptionsValue) SetMaxInflightBlocks(maxBlks uint32) error

SetMaxInflightBlocks sets the Etcdraft's max inflight blocks.

func (*EtcdRaftOptionsValue) SetSnapshotIntervalSize added in v0.0.7

func (e *EtcdRaftOptionsValue) SetSnapshotIntervalSize(intervalSize uint32) error

SetSnapshotIntervalSize sets the Etcdraft's snapshot interval size.

func (*EtcdRaftOptionsValue) SetTickInterval added in v0.0.7

func (e *EtcdRaftOptionsValue) SetTickInterval(interval string) error

SetTickInterval sets the Etcdraft's tick interval.

type MSP

type MSP struct {
	// Name holds the identifier of the MSP; MSP identifier
	// is chosen by the application that governs this MSP.
	// For example, and assuming the default implementation of MSP,
	// that is X.509-based and considers a single Issuer,
	// this can refer to the Subject OU field or the Issuer OU field.
	Name string
	// List of root certificates trusted by this MSP
	// they are used upon certificate validation (see
	// comment for IntermediateCerts below).
	RootCerts []*x509.Certificate
	// List of intermediate certificates trusted by this MSP;
	// they are used upon certificate validation as follows:
	// validation attempts to build a path from the certificate
	// to be validated (which is at one end of the path) and
	// one of the certs in the RootCerts field (which is at
	// the other end of the path). If the path is longer than
	// 2, certificates in the middle are searched within the
	// IntermediateCerts pool.
	IntermediateCerts []*x509.Certificate
	// Identity denoting the administrator of this MSP.
	Admins []*x509.Certificate
	// Identity revocation list.
	RevocationList []*pkix.CertificateList
	// OrganizationalUnitIdentifiers holds one or more
	// fabric organizational unit identifiers that belong to
	// this MSP configuration.
	OrganizationalUnitIdentifiers []membership.OUIdentifier
	// CryptoConfig contains the configuration parameters
	// for the cryptographic algorithms used by this MSP.
	CryptoConfig membership.CryptoConfig
	// List of TLS root certificates trusted by this MSP.
	// They are returned by GetTLSRootCerts.
	TLSRootCerts []*x509.Certificate
	// List of TLS intermediate certificates trusted by this MSP;
	// They are returned by GetTLSIntermediateCerts.
	TLSIntermediateCerts []*x509.Certificate
	// Contains the configuration to distinguish clients
	// from peers from orderers based on the OUs.
	NodeOUs membership.NodeOUs
}

MSP is the configuration information for a Fabric MSP. Here we assume a default certificate validation policy, where any certificate signed by any of the listed rootCA certs would be considered as valid under this MSP. This MSP may or may not come with a signing identity. If it does, it can also issue signing identities. If it does not, it can only be used to validate and verify certificates.

func (*MSP) CreateMSPCRL added in v0.0.7

func (m *MSP) CreateMSPCRL(signingIdentity *SigningIdentity, certs ...*x509.Certificate) (*pkix.CertificateList, error)

CreateMSPCRL creates a CRL that revokes the provided certificates for the specified organization's msp signed by the provided SigningIdentity.

type Orderer

type Orderer struct {
	// OrdererType is the type of orderer
	// Options: `ConsensusTypeSolo`, `ConsensusTypeKafka` or `ConsensusTypeEtcdRaft`
	OrdererType string
	// BatchTimeout is the wait time between transactions.
	BatchTimeout  time.Duration
	BatchSize     orderer.BatchSize
	Kafka         orderer.Kafka
	EtcdRaft      orderer.EtcdRaft
	Organizations []Organization
	// MaxChannels is the maximum count of channels an orderer supports.
	MaxChannels uint64
	// Capabilities is a map of the capabilities the orderer supports.
	Capabilities []string
	Policies     map[string]Policy
	// Options: `ConsensusStateNormal` and `ConsensusStateMaintenance`
	State     orderer.ConsensusState
	ModPolicy string
}

Orderer configures the ordering service behavior for a channel.

type OrdererGroup

type OrdererGroup struct {
	// contains filtered or unexported fields
}

OrdererGroup encapsulates the parts of the config that control the orderering service behavior.

func (*OrdererGroup) AddCapability

func (o *OrdererGroup) AddCapability(capability string) error

AddCapability adds capability to the provided channel config. If the provided capability already exists in current configuration, this action will be a no-op.

func (*OrdererGroup) AddConsenter added in v0.0.6

func (o *OrdererGroup) AddConsenter(consenter orderer.Consenter) error

AddConsenter adds a consenter to an etcdraft configuration.

func (*OrdererGroup) BatchSize added in v0.0.7

func (o *OrdererGroup) BatchSize() *BatchSizeValue

BatchSize returns a BatchSizeValue that can be used to configure an orderer configuration's batch size parameters.

func (*OrdererGroup) Capabilities

func (o *OrdererGroup) Capabilities() ([]string, error)

Capabilities returns a map of enabled orderer capabilities from the updated config.

func (*OrdererGroup) Configuration

func (o *OrdererGroup) Configuration() (Orderer, error)

Configuration returns the existing orderer configuration values from the updated config in a config transaction as an Orderer type. This can be used to retrieve existing values for the orderer prior to updating the orderer configuration.

func (*OrdererGroup) EtcdRaftOptions added in v0.0.7

func (o *OrdererGroup) EtcdRaftOptions() *EtcdRaftOptionsValue

EtcdRaftOptions returns an EtcdRaftOptionsValue that can be used to configure an etcdraft configuration's options.

func (*OrdererGroup) Organization

func (o *OrdererGroup) Organization(name string) *OrdererOrg

Organization returns the orderer org from the updated config.

func (*OrdererGroup) Policies

func (o *OrdererGroup) Policies() (map[string]Policy, error)

Policies returns a map of policies for channel orderer in the updated config.

func (*OrdererGroup) RemoveCapability

func (o *OrdererGroup) RemoveCapability(capability string) error

RemoveCapability removes capability to the provided channel config.

func (*OrdererGroup) RemoveConsenter added in v0.0.6

func (o *OrdererGroup) RemoveConsenter(consenter orderer.Consenter) error

RemoveConsenter removes a consenter from an etcdraft configuration.

func (*OrdererGroup) RemoveLegacyKafkaBrokers added in v0.0.6

func (o *OrdererGroup) RemoveLegacyKafkaBrokers()

RemoveLegacyKafkaBrokers removes the legacy kafka brokers config key and value from config. In fabric 2.0, kafka was deprecated as a consensus type.

Example
baseConfig := fetchChannelConfig()
c := configtx.New(baseConfig)
ordererConfig, err := c.Orderer().Configuration()
if err != nil {
	panic(err)
}
ordererConfig.OrdererType = orderer.ConsensusTypeEtcdRaft
ordererConfig.EtcdRaft = orderer.EtcdRaft{
	Consenters: []orderer.Consenter{
		{
			Address: orderer.EtcdAddress{
				Host: "host1",
				Port: 7050,
			},
			ClientTLSCert: generateCert(),
			ServerTLSCert: generateCert(),
		},
	},
}
c.Orderer().RemoveLegacyKafkaBrokers()
Output:

func (*OrdererGroup) RemoveOrganization

func (o *OrdererGroup) RemoveOrganization(name string)

RemoveOrganization removes an org from the Orderer group. Removal will panic if the orderer group does not exist.

func (*OrdererGroup) RemovePolicy

func (o *OrdererGroup) RemovePolicy(policyName string) error

RemovePolicy removes an existing orderer policy configuration.

func (*OrdererGroup) SetBatchTimeout added in v0.0.7

func (o *OrdererGroup) SetBatchTimeout(timeout time.Duration) error

SetBatchTimeout sets the wait time between transactions.

func (*OrdererGroup) SetConfiguration

func (o *OrdererGroup) SetConfiguration(ord Orderer) error

SetConfiguration modifies an updated config's Orderer configuration via the passed in Orderer values. It skips updating OrdererOrgGroups and Policies.

Example

This example updates an existing orderer configuration.

baseConfig := fetchChannelConfig()
c := configtx.New(baseConfig)
o := c.Orderer()

// Must retrieve the current orderer configuration from block and modify
// the desired values
oConfig, err := o.Configuration()
if err != nil {
	panic(err)
}

oConfig.Kafka.Brokers = []string{"kafka0:9092", "kafka1:9092", "kafka2:9092"}
oConfig.BatchSize.MaxMessageCount = 500

err = o.SetConfiguration(oConfig)
if err != nil {
	panic(nil)
}
Output:

Example (Individual)

This example shows updating the individual orderer configuration values.

baseConfig := fetchChannelConfig()
c := configtx.New(baseConfig)
o := c.Orderer()

err := o.BatchSize().SetMaxMessageCount(500)
if err != nil {
	panic(err)
}

err = o.AddConsenter(orderer.Consenter{
	Address:       orderer.EtcdAddress{Host: "host1", Port: 7050},
	ClientTLSCert: generateCert(),
	ServerTLSCert: generateCert(),
})
if err != nil {
	panic(err)
}

err = o.EtcdRaftOptions().SetElectionInterval(50)
if err != nil {
	panic(err)
}
Output:

func (*OrdererGroup) SetConsensusState added in v0.0.7

func (o *OrdererGroup) SetConsensusState(consensusState orderer.ConsensusState) error

SetConsensusState sets the consensus state.

func (*OrdererGroup) SetEtcdRaftConsensusType added in v0.0.7

func (o *OrdererGroup) SetEtcdRaftConsensusType(consensusMetadata orderer.EtcdRaft, consensusState orderer.ConsensusState) error

SetEtcdRaftConsensusType sets the orderer consensus type to etcdraft, sets etcdraft metadata, and consensus state.

func (*OrdererGroup) SetMaxChannels added in v0.0.7

func (o *OrdererGroup) SetMaxChannels(max int) error

SetMaxChannels sets the maximum count of channels an orderer supports.

func (*OrdererGroup) SetModPolicy added in v0.1.0

func (o *OrdererGroup) SetModPolicy(modPolicy string) error

SetModPolicy sets the specified modification policy for the orderer group.

func (*OrdererGroup) SetOrganization

func (o *OrdererGroup) SetOrganization(org Organization) error

SetOrganization sets the organization config group for the given orderer org key in an existing Orderer configuration's Groups map. If the orderer org already exists in the current configuration, its value will be overwritten.

func (*OrdererGroup) SetPolicies added in v0.0.9

func (o *OrdererGroup) SetPolicies(policies map[string]Policy) error

SetPolicies sets the specified policy in the orderer group's config policy map. If the policies already exist in current configuration, the values will be replaced with new policies.

func (*OrdererGroup) SetPolicy

func (o *OrdererGroup) SetPolicy(policyName string, policy Policy) error

SetPolicy sets the specified policy in the orderer group's config policy map. If the policy already exists in current configuration, its value will be overwritten.

type OrdererOrg

type OrdererOrg struct {
	// contains filtered or unexported fields
}

OrdererOrg encapsulates the parts of the config that control an orderer organization's configuration.

func (*OrdererOrg) Configuration

func (o *OrdererOrg) Configuration() (Organization, error)

Configuration retrieves an existing org's configuration from an orderer organization config group in the updated config.

func (*OrdererOrg) MSP

func (o *OrdererOrg) MSP() *OrganizationMSP

MSP returns an OrganizationMSP object that can be used to configure the organization's MSP.

func (*OrdererOrg) Policies

func (o *OrdererOrg) Policies() (map[string]Policy, error)

Policies returns a map of policies for a specific orderer org in the updated config.

func (*OrdererOrg) RemoveEndpoint

func (o *OrdererOrg) RemoveEndpoint(endpoint Address) error

RemoveEndpoint removes an orderer's endpoint from an existing channel config transaction. Removal will panic if either the orderer group or orderer org group does not exist.

func (*OrdererOrg) RemovePolicy

func (o *OrdererOrg) RemovePolicy(policyName string) error

RemovePolicy removes an existing policy from an orderer organization.

func (*OrdererOrg) SetEndpoint

func (o *OrdererOrg) SetEndpoint(endpoint Address) error

SetEndpoint adds an orderer's endpoint to an existing channel config transaction. If the same endpoint already exists in current configuration, this will be a no-op.

func (*OrdererOrg) SetMSP

func (o *OrdererOrg) SetMSP(updatedMSP MSP) error

SetMSP updates the MSP config for the specified orderer org in the updated config.

Example

This example shows the addition of a certificate to an orderer org's intermediate certificate list.

baseConfig := fetchChannelConfig()
c := configtx.New(baseConfig)
ordererOrg := c.Orderer().Organization("OrdererOrg")

msp, err := ordererOrg.MSP().Configuration()
if err != nil {
	panic(err)
}

newIntermediateCert := &x509.Certificate{
	KeyUsage: x509.KeyUsageKeyEncipherment | x509.KeyUsageDigitalSignature | x509.KeyUsageCertSign,
	IsCA:     true,
}

msp.IntermediateCerts = append(msp.IntermediateCerts, newIntermediateCert)

err = ordererOrg.SetMSP(msp)
if err != nil {
	panic(err)
}
Output:

func (*OrdererOrg) SetModPolicy added in v0.1.0

func (o *OrdererOrg) SetModPolicy(modPolicy string) error

SetModPolicy sets the specified modification policy for the orderer org group.

func (*OrdererOrg) SetPolicies added in v0.0.9

func (o *OrdererOrg) SetPolicies(policies map[string]Policy) error

SetPolicies sets the specified policies in the orderer org group's config policy map. If the policies already exist in current configuration, the values will be replaced with new policies.

func (*OrdererOrg) SetPolicy

func (o *OrdererOrg) SetPolicy(policyName string, policy Policy) error

SetPolicy sets the specified policy in the orderer org group's config policy map. If the policy already exists in current configuration, its value will be overwritten.

type Organization

type Organization struct {
	Name     string
	Policies map[string]Policy
	MSP      MSP

	// AnchorPeers contains the endpoints of anchor peers for each
	// application organization.
	AnchorPeers      []Address
	OrdererEndpoints []string
	ModPolicy        string
}

Organization is an organization in the channel configuration.

type OrganizationMSP added in v0.0.7

type OrganizationMSP struct {
	// contains filtered or unexported fields
}

OrganizationMSP encapsulates the configuration functions used to modify an organization MSP.

func (*OrganizationMSP) AddAdminCert added in v0.0.7

func (m *OrganizationMSP) AddAdminCert(cert *x509.Certificate) error

AddAdminCert adds an administator identity to the organization MSP.

func (*OrganizationMSP) AddCRL added in v0.0.7

func (m *OrganizationMSP) AddCRL(crl *pkix.CertificateList) error

AddCRL adds a CRL to the identity revocation list for the organization MSP.

func (*OrganizationMSP) AddCRLFromSigningIdentity added in v0.0.7

func (m *OrganizationMSP) AddCRLFromSigningIdentity(signingIdentity *SigningIdentity, certs ...*x509.Certificate) error

AddCRLFromSigningIdentity creates a CRL from the provided signing identity and associated certs and then adds the CRL to the identity revocation list for the organization MSP.

func (*OrganizationMSP) AddIntermediateCert added in v0.0.7

func (m *OrganizationMSP) AddIntermediateCert(cert *x509.Certificate) error

AddIntermediateCert adds an intermediate certificate trusted by the organization MSP.

func (*OrganizationMSP) AddOUIdentifier added in v0.0.7

func (m *OrganizationMSP) AddOUIdentifier(ou membership.OUIdentifier) error

AddOUIdentifier adds a custom organizational unit identifier to the organization MSP.

func (*OrganizationMSP) AddRootCert added in v0.0.7

func (m *OrganizationMSP) AddRootCert(cert *x509.Certificate) error

AddRootCert adds a root certificate trusted by the organization MSP.

func (*OrganizationMSP) AddTLSIntermediateCert added in v0.0.7

func (m *OrganizationMSP) AddTLSIntermediateCert(cert *x509.Certificate) error

AddTLSIntermediateCert adds a TLS intermediate cert trusted by the organization MSP.

func (*OrganizationMSP) AddTLSRootCert added in v0.0.7

func (m *OrganizationMSP) AddTLSRootCert(cert *x509.Certificate) error

AddTLSRootCert adds a TLS root certificate trusted by the organization MSP.

func (*OrganizationMSP) Configuration added in v0.0.7

func (m *OrganizationMSP) Configuration() (MSP, error)

Configuration returns the MSP value for a organization in the updated config.

func (*OrganizationMSP) RemoveAdminCert added in v0.0.7

func (m *OrganizationMSP) RemoveAdminCert(cert *x509.Certificate) error

RemoveAdminCert removes an administator identity from the organization MSP.

func (*OrganizationMSP) RemoveIntermediateCert added in v0.0.7

func (m *OrganizationMSP) RemoveIntermediateCert(cert *x509.Certificate) error

RemoveIntermediateCert removes a trusted intermediate certificate from the organization MSP.

func (*OrganizationMSP) RemoveOUIdentifier added in v0.0.7

func (m *OrganizationMSP) RemoveOUIdentifier(ou membership.OUIdentifier) error

RemoveOUIdentifier removes an existing organizational unit identifier from the organization MSP.

func (*OrganizationMSP) RemoveRootCert added in v0.0.7

func (m *OrganizationMSP) RemoveRootCert(cert *x509.Certificate) error

RemoveRootCert removes a trusted root certificate from the organization MSP.

func (*OrganizationMSP) RemoveTLSIntermediateCert added in v0.0.7

func (m *OrganizationMSP) RemoveTLSIntermediateCert(cert *x509.Certificate) error

RemoveTLSIntermediateCert removes a trusted TLS intermediate cert from the organization MSP.

func (*OrganizationMSP) RemoveTLSRootCert added in v0.0.7

func (m *OrganizationMSP) RemoveTLSRootCert(cert *x509.Certificate) error

RemoveTLSRootCert removes a trusted TLS root certificate from the organization MSP.

func (*OrganizationMSP) SetAdminOUIdentifier added in v0.0.7

func (m *OrganizationMSP) SetAdminOUIdentifier(adminOU membership.OUIdentifier) error

SetAdminOUIdentifier sets the NodeOUs admin ou identifier for the organization MSP.

func (*OrganizationMSP) SetClientOUIdentifier added in v0.0.7

func (m *OrganizationMSP) SetClientOUIdentifier(clientOU membership.OUIdentifier) error

SetClientOUIdentifier sets the NodeOUs client ou identifier for the organization MSP.

func (*OrganizationMSP) SetCryptoConfig added in v0.0.7

func (m *OrganizationMSP) SetCryptoConfig(cryptoConfig membership.CryptoConfig) error

SetCryptoConfig sets the configuration for the cryptographic algorithms for the organization MSP.

func (*OrganizationMSP) SetEnableNodeOUs added in v0.0.7

func (m *OrganizationMSP) SetEnableNodeOUs(isEnabled bool) error

SetEnableNodeOUs sets the NodeOUs recognition, if NodeOUs recognition is enabled then an msp identity that does not contain exactly one of the fabric Node OU Identifiers will be considered invalid.

func (*OrganizationMSP) SetOrdererOUIdentifier added in v0.0.7

func (m *OrganizationMSP) SetOrdererOUIdentifier(ordererOU membership.OUIdentifier) error

SetOrdererOUIdentifier sets the NodeOUs orderer ou identifier for the organization MSP.

func (*OrganizationMSP) SetPeerOUIdentifier added in v0.0.7

func (m *OrganizationMSP) SetPeerOUIdentifier(peerOU membership.OUIdentifier) error

SetPeerOUIdentifier sets the NodeOUs peer ou identifier for the organization MSP.

type Policy

type Policy struct {
	Type      string
	Rule      string
	ModPolicy string
}

Policy is an expression used to define rules for access to channels, chaincodes, etc.

type SigningIdentity

type SigningIdentity struct {
	Certificate *x509.Certificate
	PrivateKey  crypto.PrivateKey
	MSPID       string
}

SigningIdentity is an MSP Identity that can be used to sign configuration updates.

func (*SigningIdentity) CreateConfigSignature

func (s *SigningIdentity) CreateConfigSignature(marshaledUpdate []byte) (*cb.ConfigSignature, error)

CreateConfigSignature creates a config signature for the the given configuration update using the specified signing identity.

func (*SigningIdentity) Public

func (s *SigningIdentity) Public() crypto.PublicKey

Public returns the public key associated with this signing identity's certificate.

func (*SigningIdentity) Sign

func (s *SigningIdentity) Sign(reader io.Reader, msg []byte, opts crypto.SignerOpts) (signature []byte, err error)

Sign performs ECDSA sign with this signing identity's private key on the given message hashed using SHA-256. It ensures signatures are created with Low S values since Fabric normalizes all signatures to Low S. See https://github.com/bitcoin/bips/blob/master/bip-0146.mediawiki#low_s for more detail.

func (*SigningIdentity) SignEnvelope

func (s *SigningIdentity) SignEnvelope(e *cb.Envelope) error

SignEnvelope signs an envelope using the SigningIdentity.

Directories

Path Synopsis
internal

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL