Shulou(Shulou.com)06/03 Report--

HyperLeger Fabric SDK development (8)-- msp 1, msp introduction 1, msp introduction

Msp supports the creation and updating of users on the Fabric network. The MSP client supports the following operations: Enroll,Reenroll,Register,Revoke and GetSigningIdentity.

Official documents:

Https://godoc.org/github.com/hyperledger/fabric-sdk-go/pkg/client/msp

2. Msp usage process

The basic process used by msp is as follows:

A. prepare the client context

B. Create a msp client

C, registered users

D, registered user

Examples of use:

Ctx: = mockClientProvider () / / Create msp clientc, err: = New (ctx) if err! = nil {fmt.Println ("failed to create msp client") return} username: = randomUsername () enrollmentSecret, err: = c.Register (& RegistrationRequest {Name: username}) if err! = nil {fmt.Printf ("Register return error% s\ n", err) return} err = c.Enroll (username, WithSecret (enrollmentSecret)) if err! = nil {fmt.Printf ("failed to enroll user:% s\ n") Err) return} fmt.Println ("enroll user is completed") / / output:// enroll user is completed II, msp Common Interface 1, Type definition var (/ / ErrUserNotFound indicates the user was not found ErrUserNotFound = errors.New ("user not found")) type AffiliationInfo struct {Name string Affiliations [] AffiliationInfo Identities [] IdentityInfo}

AffiliationInfo contains adjunct information name, child adjunct information, and identity associated with this adjunct

Type AffiliationRequest struct {/ / affiliated name Name string / / Creates parent affiliations if they do not exist Force bool / / CA name CAName string}

AffiliationRequest indicates a request to add or remove satellite information to the CA server

Type AffiliationResponse struct {AffiliationInfo CAName string}

AffiliationResponse contains responses to get, add, modify, and delete an ancillary information

Type Attribute struct {Name string Value string ECert bool}

Attribute defines additional properties to pass to the registered object

Type AttributeRequest struct {Name string Optional bool}

A request for AttributeRequest to define an attribute

/ / IdentityManager provides management of identities in a Fabric networktype IdentityManager interface {GetSigningIdentity (name string) (msp.SigningIdentity, error) CreateSigningIdentity (ops... msp.SigningIdentityOption)} / / RegistrationRequest defines the attributes required to register a user with the CAtype RegistrationRequest struct {/ / Name is the unique name of the identity Name string / / Type of identity being registered (e.g. "peer, app, user") Type string / / MaxEnrollments is the number of times the secret can be reused to enroll. / / if omitted, this defaults to max_enrollments configured on the server MaxEnrollments int / / The identity's affiliation e.g. Org1.department1 Affiliation string / / Optional attributes associated with this identity Attributes [] Attribute / / CAName is the name of the CA to connect to CAName string / / Secret is an optional password. If not specified, / / a random secret is generated. In both cases, the secret / / is returned from registration. Secret string} / / IdentityRequest represents the request to add/update identity to the fabric-ca-servertype IdentityRequest struct {/ / The enrollment ID which uniquely identifies an identity (required) ID string / / The identity's affiliation (required) Affiliation string / / Array of attributes to assign to the user Attributes [] Attribute / / Type of identity being registered (e.g. 'peer, app, user'). Default is' user'. Type string / / The maximum number of times the secret can be reused to enroll (default CA's MaxEnrollment) MaxEnrollments int / / The enrollment secret If not provided, a random secret is generated. Secret string / / Name of the CA to send the request to within the Fabric CA server (optional) CAName string} / / IdentityResponse is the response from the any read/add/modify/remove identity calltype IdentityResponse struct {/ / The enrollment ID which uniquely identifies an identity ID string / / The identity's affiliation Affiliation string / / Array of attributes assigned to the user Attributes [] Attribute / / Type of identity (e.g. 'peer, app User') Type string / / The maximum number of times the secret can be reused to enroll MaxEnrollments int / / The enrollment secret Secret string / / Name of the CA CAName string} type RemoveIdentityRequest struct {/ / The enrollment ID which uniquely identifies an identity ID string / / Force delete Force bool / / Name of the CA CAName string} / / RevocationRequest defines the attributes required to revoke credentials with the CAtype RevocationRequest struct {/ / Name of the identity whose certificates should be revoked / / If this field is omitted, then Serial and AKI must be specified. Name string / / Serial number of the certificate to be revoked / / If this is omitted, then Name must be specified Serial string / / AKI (Authority Key Identifier) of the certificate to be revoked AKI string / / Reason is the reason for revocation See https://godoc.org/golang.org/x/crypto/ocsp / / for valid values. The default value is 0 (ocsp.Unspecified). Reason string / / CAName is the name of the CA to connect to CAName string} / / RevocationResponse represents response from the server for a revocation requesttype RevocationResponse struct {/ / RevokedCerts is an array of certificates that were revoked RevokedCerts [] RevokedCert / / CRL is PEM-encoded certificate revocation list (CRL) that contains all unexpired revoked certificates CRL [] byte} / / RevokedCert represents a revoked certificatetype RevokedCert struct {/ / Serial number of the revoked certificate Serial string / / AKI of the revoked certificate AKI string} 2, Get the client instance type Client struct {orgName string caName string ctx context.Client} func New (clientProvider context.ClientProvider Opts... ClientOption) (* Client, error)

New creates a new Client instance

Examples of use:

Ctx: = mockClientProvider () / / Create msp clientc, err: = New (ctx) if err! = nil {fmt.Println ("failed to create msp client") return} if c! = nil {fmt.Println ("msp client created")} / / output:// msp client created 3, create identity

Func (c * Client) CreateIdentity (request * IdentityRequest) (* IdentityResponse, error)

CreateIdentity uses the Fabric CA server to create a new identity. The returned registration secret is used with the registration ID to register a new identity.

Parameters:

The request contains identity related information

Returns identity information containing secret

Examples of use:

/ / Create msp clientc, err: = New (mockClientProvider ()) if err! = nil {fmt.Println ("failed to create msp client") return} identity, err: = c.CreateIdentity (& IdentityRequest {ID: "123", Affiliation: "org2", Attributes: [] Attribute {{Name: "attName1", Value: "attValue1"}}) if err! = nil {fmt.Printf ("Create identity return error% s\ n") Err) return} fmt.Printf ("identity'% s' created\ n", identity.ID) / / output:// identity '123' created4, identity to create the signature

Func (c * Client) CreateSigningIdentity (opts... mspctx.SigningIdentityOption) (mspctx.SigningIdentity, error)

CreateSigningIdentity creates a signature identity with the given option.

Examples of use:

Ctx: = mockClientProvider () / / Create msp clientc Err: = New (ctx) if err! = nil {fmt.Println ("failed to create msp client") return} testPrivKey: = `- BEGIN PRIVATE KEY-MIGHAgEAMBMGByqGSM49AgEGCCqGSM49AwEHBG0wawIBAQQgp4qKKB0WCEfx7XiB5Ul+GpjM1P5rqc6RhjD5OkTgl5OhRANCAATyFT0voXX7cA4PPtNstWleaTpwjvbSJ3+tMGTG67f+TdCfDxWYMpQYxLlE8VkbEzKWDwCYvDZRMKCQfv2ErNvb-END PRIVATE KEY- `testCert: =`-BEGIN CERTIFICATE-MIICGTCCAcCgAwIBAgIRALR/1GXtEud5GQL2CZykkOkwCgYIKoZIzj0EAwIwczELMAkGA1UEBhMCVVMxEzARBgNVBAgTCkNhbGlmb3JuaWExFjAUBgNVBAcTDVNhbiBGcmFuY2lzY28xGTAXBgNVBAoTEG9yZzEuZXhhbXBsZS5jb20xHDAaBgNVBAMTE2NhLm9yZzEuZXhhbXBsZS5jb20wHhcNMTcwNzI4MTQyNzIwWhcNMjcwNzI2MTQyNzIwWjBbMQswCQYDVQQGEwJVUzETMBEGA1UECBMKQ2FsaWZvcm5pYTEWMBQGA1UEBxMNU2FuIEZyYW5jaXNjbzEfMB0GA1UEAwwWVXNlcjFAb3JnMS5leGFtcGxlLmNvbTBZMBMGByqGSM49AgEGCCqGSM49AwEHA0IABPIVPS+hdftwDg8+02y1aV5pOnCO9tInf60wZMbrt/5N0J8PFZgylBjEuUTxWRsTMpYPAJi8NlEwoJB+/YSs29ujTTBLMA4GA1UdDwEB/wQEAwIHgDAMBgNVHRMBAf8EAjAAMCsGA1UdIwQkMCKAIIeR0TY+iVFfmvoEKwaToscEu43ZXSj5fTVJornjxDUtMAoGCCqGSM49BAMCA0cAMEQCID+dZ7H5AiaiI2BjxnL3/TetJ8iFJYZyWvK//an13WV/AiARBJd/pI5A7KZgQxJhXmmR8bieXdsmTcdRvJ3TS/6HCA==-END CERTIFICATE- `/ / Create signing identity based on certificate and private keyid Err: = c.CreateSigningIdentity (msp.WithCert ([] byte (testCert)), msp.WithPrivateKey ([] byte (testPrivKey) if err! = nil {fmt.Printf ("failed when creating identity based on certificate and private key:% s\ n", err) return} if string (id.EnrollmentCertificate ())! = testCert {fmt.Printf ("certificate mismatch\ n") return} / / In this user case client might want to import keys directly into keystore// out of band instead of enrolling the user via SDK. User enrolment creates a cert// and stores it into local SDK user store, while user might not want SDK to manage certs.err = importPrivateKeyOutOfBand ([] byte (testPrivKey), c) if err! = nil {fmt.Printf ("failed to import key:% s\ n", err) return} / / Create signing identity using certificate. SDK will lookup the private key based on the certificate.id, err = c.CreateSigningIdentity (msp.WithCert ([] byte (testCert) if err! = nil {fmt.Printf ("failed when creating identity using certificate:% s\ n", err) return} if string (id.EnrollmentCertificate ())! = testCert {fmt.Printf ("certificate mismatch\ n") return} fmt.Println ("create signing identity is completed") / / output:// create signing identity is completed 5, registered user

Func (c * Client) Enroll (enrollmentID string, opts... EnrollmentOption) error

Enroll the user to receive the signed X509 certificate. Generate a new key pair for the user. The private key and enrollment certificate are issued by CA and stored in the SDK database. You can retrieve them by calling IdentityManager.GetSigningIdentity ().

Parameters:

EnrollmentID enrollment ID of registered user

Opts is an optional enrollment option

If enrollment fails, an error message is returned

Examples of use:

Ctx: = mockClientProvider () / / Create msp clientc, err: = New (ctx) if err! = nil {fmt.Println ("failed to create msp client") return} err = c.Enroll (randomUsername (), WithSecret ("enrollmentSecret") if err! = nil {fmt.Printf ("failed to enroll user:% s\ n", err) return} fmt.Println ("enroll user is completed") / / output:// enroll user is completed6, check identity

Func (c * Client) GetAllIdentities (options... RequestOption) ([] * IdentityResponse, error)

GetAllIdentities returns all identities that the caller has the right to view

Parameters:

Options contains optional request options

Returns a response containing identity

Examples of use:

/ / Create msp clientc, err: = New (mockClientProvider ()) if err! = nil {fmt.Println ("failed to create msp client") return} results, err: = c.GetAllIdentities () if err! = nil {fmt.Printf ("Get identities return error% s\ n", err) return} fmt.Printf ("% d identities retrieved\ n", len (results) / / output:// 2 identities retrieved7), view identity information

Func (c * Client) GetIdentity (ID string, options... RequestOption) (* IdentityResponse, error)

GetIdentity retrieves identity information

Parameters:

ID is a required identity ID

Options contains optional request options

Returns a response containing identity information

Examples of use:

/ / Create msp clientc, err: = New (mockClientProvider ()) if err! = nil {fmt.Println ("failed to create msp client") return} identity, err: = c.GetIdentity ("123") if err! = nil {fmt.Printf (" Get identity return error% s\ n ", err) return} fmt.Printf (" identity'% s' retrieved\ n ", identity.ID) / / output:// identity '123' retrieved8, obtain signature identity

Func (c * Client) GetSigningIdentity (id string) (mspctx.SigningIdentity, error)

GetSigningIdentity returns the signature identity of the id

Parameters:

Id is the user ID

Return the signature identity

Examples of use:

Ctx: = mockClientProvider () / / Create msp clientc, err: = New (ctx) if err! = nil {fmt.Println ("failed to create msp client") return} username: = randomUsername () err = c.Enroll (username, WithSecret ("enrollmentSecret") if err! = nil {fmt.Printf ("failed to enroll user:% s\ n", err) return} enrolledUser, err: = c.GetSigningIdentity (username) if err! = nil {fmt.Printf ("user not found% s\ n") Err) return} if enrolledUser.Identifier () .ID! = username {fmt.Println ("Enrolled username doesn't match") return} fmt.Println ("enroll user is completed") / / output:// enroll user is completed 9, modify identity

Func (c * Client) ModifyIdentity (request * IdentityRequest) (* IdentityResponse, error)

ModifyIdentity uses Fabric CA server to modify identity

Parameters:

Request contains information about identity

Returns updated identity information

Examples of use:

/ / Create msp clientc, err: = New (mockClientProvider ()) if err! = nil {fmt.Println ("failed to create msp client") return} identity, err: = c.ModifyIdentity (& IdentityRequest {ID: "123", Affiliation: "org2", Secret: "top-secret"}) if err! = nil {fmt.Printf ("Modify identity return error% s\ n", err) return} fmt.Printf ("identity'% s'\ n" Identity.ID) / / output:// identity '123' modified10, re-enroll users

Func (c * Client) Reenroll (enrollmentID string, opts... EnrollmentOption) error

Re-enroll a registered user to obtain a new signed X509 certificate

Parameters:

EnrollmentID is the registered ID of the registered user

If re-enrollment fails, an error message is returned.

Ctx: = mockClientProvider () / / Create msp clientc, err: = New (ctx) if err! = nil {fmt.Println ("failed to create msp client") return} username: = randomUsername () err = c.Enroll (username, WithSecret ("enrollmentSecret") if err! = nil {fmt.Printf ("failed to enroll user:% s\ n", err) return} err = c.Reenroll (username) if err! = nil {fmt.Printf ("failed to reenroll user:% s\ n") Err) return} fmt.Println ("reenroll user is completed") / / output:// reenroll user is completed 11, registered user

Func (c * Client) Register (request * RegistrationRequest) (string, error)

Register a user using Fabric CA

Parameters:

Request is a registration request

Return to register secret

Examples of use:

Ctx: = mockClientProvider () / / Create msp clientc, err: = New (ctx) if err! = nil {fmt.Println ("failed to create msp client") return} _, err = c.Register (& RegistrationRequest {Name: randomUsername ()}) if err! = nil {fmt.Printf ("Register return error% s\ n", err) return} fmt.Println ("register user is completed") / / output:// register user is completed 12, delete identity

Func (c * Client) RemoveIdentity (request * RemoveIdentityRequest) (* IdentityResponse, error)

RemoveIdentity uses the Fabric CA server to remove identities.

Parameters:

Request is the information that contains the identity to be deleted

Returns deleted identity information

Examples of use:

/ / Create msp clientc, err: = New (mockClientProvider ()) if err! = nil {fmt.Println ("failed to create msp client") return} identity, err: = c.RemoveIdentity (& RemoveIdentityRequest {ID: "123"}) if err! = nil {fmt.Printf ("Remove identity return error% s\ n", err) return} fmt.Printf ("identity'% s' removed\ n", identity.ID) / / output:// identity '123' removed13, revoke the user

Func (c * Client) Revoke (request * RevocationRequest) (* RevocationResponse, error)

Undo a user using Fabric CA

Parameters:

Request is to revoke the request

Returns the undo response

Examples of use:

Ctx: = mockClientProvider () / / Create msp clientc, err: = New (ctx) if err! = nil {fmt.Println ("failed to create msp client") return} _, err = c.Revoke (& RevocationRequest {Name: "testuser"}) if err! = nil {fmt.Printf ("revoke return error% s\ n", err)} fmt.Println ("revoke user is completed") / / output:// revoke user is completed 14, option to build type ClientOption func (* Client) error// WithOrg optionfunc WithOrg (orgName string) ClientOption

Returns the ClientOption containing the organization as a parameter

Examples of use:

Ctx: = mockClientProvider () / / Create msp clientc, err: = New (ctx WithOrg ("org1") if err! = nil {fmt.Println ("failed to create msp client") return} if c! = nil {fmt.Println ("msp client created with org")} / / output:// msp client created with org type enrollmentOptions struct {secret string profile string label string typ string attrReqs [] * AttributeRequest} / / EnrollmentOption describes a functional parameter for Enrolltype EnrollmentOption func (* enrollmentOptions) error// WithSecret enrollment optionfunc WithSecret (secret string) EnrollmentOption

Using the secret parameter, return EnrollmentOption as an option for enrollment

Examples of use:

Ctx: = mockClientProvider () / / Create msp clientc, err: = New (ctx) if err! = nil {fmt.Println ("failed to create msp client") return} err = c.Enroll (randomUsername (), WithSecret ("enrollmentSecret") if err! = nil {fmt.Printf ("failed to enroll user:% s\ n") Err) return} fmt.Println ("enroll user is completed") / / output:// enroll user is completed type requestOptions struct {CA string} / / RequestOption func for each Opts argumenttype RequestOption func (ctx context.Client, opts * requestOptions) error// WithCA allows for specifying optional CA namefunc WithCA (caname string) RequestOption

Returns RequestOption based on CA name

Examples of use:

/ / Create msp clientc, err: = New (mockClientProvider ()) if err! = nil {fmt.Println ("failed to create msp client") return} results, err: = c.GetAllIdentities (WithCA ("CA")) if err! = nil {fmt.Printf ("Get identities return error% s\ n", err) return} fmt.Printf ("% d identities retrieved\ n", len (results)) / / output:// 2 identities retrieved

Func WithType (typ string) EnrollmentOption

Returns EnrollmentOption based on the certificate type typ parameter

Examples of use:

Ctx: = mockClientProvider () / / Create msp clientc, err: = New (ctx) if err! = nil {fmt.Println ("failed to create msp client") return} err = c.Enroll (randomUsername (), WithSecret ("enrollmentSecret"), WithType ("x509") / * or idemix, which is not support now*/) if err! = nil {fmt.Printf ("failed to enroll user:% s\ n", err) return} fmt.Println ("enroll user is completed") / output:// enroll user is completed

Func WithProfile (profile string) EnrollmentOption

Use profile to return an EnrollmentOption

Examples of use:

Ctx: = mockClientProvider () / / Create msp clientc, err: = New (ctx) if err! = nil {fmt.Println ("failed to create msp client") return} err = c.Enroll (randomUsername (), WithSecret ("enrollmentSecret"), WithProfile ("tls") if err! = nil {fmt.Printf ("failed to enroll user:% s\ n", err) return} fmt.Println ("enroll user is completed") / / output:// enroll user is completed

Func WithLabel (label string) EnrollmentOption

Use the label parameter to return EnrollmentOption

Examples of use:

Ctx: = mockClientProvider () / / Create msp clientc, err: = New (ctx) if err! = nil {fmt.Println ("failed to create msp client") return} err = c.Enroll (randomUsername (), WithSecret ("enrollmentSecret"), WithLabel ("ForFabric") if err! = nil {fmt.Printf ("failed to enroll user:% s\ n", err) return} fmt.Println ("enroll user is completed") / / output:// enroll user is completed

Func WithAttributeRequests (attrReqs [] * AttributeRequest) EnrollmentOption

Use the attribute request parameter attrReqs to return EnrollmentOption

Examples of use:

Ctx: = mockClientProvider () / / Create msp clientc, err: = New (ctx) if err! = nil {fmt.Println ("failed to create msp client") return} attrs: = [] * AttributeRequest {{Name: "name1", Optional: true}, {Name: "name2", Optional: true}} err = c.Enroll (randomUsername (), WithSecret ("enrollmentSecret"), WithAttributeRequests (attrs)) if err! = nil {fmt.Printf ("failed to enroll user:% s\ n") Err) return} fmt.Println ("enroll user is completed") / / output:// enroll user is completed

Welcome to subscribe "Shulou Technology Information " to get latest news, interesting things and hot topics in the IT industry, and controls the hottest and latest Internet news, technology news and IT industry trends.