3. MSP interface implementation
The implementation of the MSP interface, that is, the bccspmsp struct and method. The bccspmsp is defined as follows:
Type bccspmsp struct {???? Rootcerts [] identity // list of trusted CA certificates ???? Intermediatecerts [] identity // list of trusted intermediate certificates ???? Tlsrootcerts [] [] Byte // list of trusted ca TLS certificates ???? Tlsintermediatecerts [] [] Byte // list of trusted intermediate TLS certificates ???? Certificationtreeinternalnodesmap map [String] bool // to be determined ???? Signer signingidentity // signature identity ???? Admins [] identity // manage the list of identities ???? Bccsp. bccsp // encryption service provider ???? Name string // MSP name ???? Opts * x509.verifyoptions // MSP member verification option ???? CRL [] * pkix. certificatelist // Certificate Revocation List ???? Ouidentifiers map [String] [] [] Byte // organization list ???? Cryptoconfig * M. fabriccryptoconfig // encryption options} // code in MSP/mspimpl. Go
The procedure is as follows:
Func newbccspmsp () (MSP, error) // create a bccsp instance, and create and initialize the bccspmsp instance func (MSP * bccspmsp) setup (conf1 * m. mspconfig) Error // set the MSP instance func (MSP * bccspmsp) GetType () providertype Based on mspconfig // obtain the MSP type, that is, fabricfunc (MSP * bccspmsp) getidentifier () (string, error) // obtain the MSP name func (MSP * bccspmsp) gettlsrootcerts () [] [] Byte // obtain the list of trusted ca TLS certificates MSP. tlsrootcertsfunc (MSP * bccspmsp) gettlsintermediatecerts () [] [] Byte // obtain the list of trusted intermediate TLS certificates MSP. tlsintermediatecertsfunc (MSP * bccspmsp) getdefaultsigningidentity () (signingidentity, error) /// obtain the default signature identity MSP. signerfunc (MSP * bccspmsp) getsigningidentity (identifier * identityidentifier) (signingidentity, error) // not implemented yet. You can ignore func (MSP * bccspmsp) Validate (ID identity) error // check whether the identity is valid. Retrieve MSP. validateidentity (ID) implements func (MSP * bccspmsp) deserializeidentity (serializedid [] Byte) (identity, error) // ID deserialization func (MSP * bccspmsp) satisfiesprincipal (ID identity, principal * m. mspprincipal) Error // verify that the given identity matches the type described in principal. // The Code is available in MSP/mspimpl. go
Func (MSPBccspmsp) setup (conf1M. mspconfig) error code:
Conf: = & M. fabricmspconfig {} err: = Proto. unmarshal (conf1.config, conf) // decodes conf1.config [] Byte to fabricmspconfigmsp. name = Conf. nameerr: = MSP. setupcrypto (CONF) // sets the MSP encryption option. cryptoconfigerr: = MSP. setupcas (CONF) // set the MSP member verification option MSP. opts, and add a trusted CA certificate MSP. rootcerts and the trusted intermediate certificate MSP. intermediatecertserr: = MSP. setupadmins (CONF) // sets the management identity list MSP. adminserr: = MSP. setupcrls (CONF) // sets the Certificate Revocation List MSP. crlerr: = MSP. finalizesetup CAS (CONF); Err! = Nil // set MSP. certificationtreeinternalnodesmaperr: = MSP. setupsigningidentity (CONF) // set the signature identity MSP. signererr: = MSP. setupous (CONF) // sets the organization list MSP. ouidentifierserr: = MSP. setuptlscas (CONF) // set and add the list of trusted ca TLS certificates MSP. tlsrootcerts and the list of trusted ca TLS certificates MSP. tlsintermediatecertsfor I, admin: = range MSP. admins {???? Err = Admin. Validate () // ensure that the Administrator is a valid member} // code in MSP/mspimpl. Go
Func (MSPBccspmsp) validateidentity (IDIdentity) code is as follows:
Validationchain, err: = MSP. getcertificationchainforbccspidentity (ID) // obtain the bccsp Identity Authentication chain err = MSP. validateidentityagainstchain (ID, validationchain) // verify the identity err = MSP Based on the chain. validateidentityous (ID) // verify the organization information carried in the identity is valid // code in MSP/mspimpl. go
4. mspmanager interface implementation
Struct definition:
Type mspmanagerimpl struct {???? Mspsmap map [String] MSP // MSP ing ???? Up bool // whether it is enabled properly} // the code is in MSP/mspmgrimpl. Go
Method:
Func newmspmanager () mspmanager // create mspmanagerimpl instance func (MGR * mspmanagerimpl) setup (MSPS [] MSP) Error // load MSPs into Mgr. mspsmapfunc (MGR * mspmanagerimpl) getmsps () (Map [String] MSP, error) // obtain Mgr. mspsmapfunc (MGR * mspmanagerimpl) deserializeidentity (serializedid [] Byte) (identity, error) // call MSP. deserializeidentity () implements identity deserialization // code in MSP/mspmgrimpl. go
5. Implement the identity and signingidentity Interfaces
Identity struct definition (identity ):
Type identity struct {???? Id * identityidentifier // ID (including mspid and ID, both string )???? Cert * x509.certificate // The X509 Certificate representing the identity ???? PK bccsp. Key // ID Public Key ???? MSP * bccspmsp // The MSP instance that owns this instance} // code in MSP/identities. Go
Supplemented the identityidentifier struct definition (ID ):
Type identityidentifier struct {???? Mspid string // msp id ???? Id string // ID} // code in MSP/MSP. Go
The identity struct involves the following methods:
Func newidentity (ID * identityidentifier, Cert * x509.certificate, PK bccsp. key, MSP * bccspmsp) (identity, error) // create the identity instance func newserializedidentity (mspid string, certpem [] Byte) ([] Byte, error) // create an identity serializedidentity and serialize func (ID * identity) satisfiesprincipal (principal * MSP. mspprincipal) Error // call MSP's satisfiesprincipal to check whether the identity matches the type described in principal. func (ID * identity) getidentifier () * identityidentifier // obtain the ID. idfunc (ID * identity) getmspidentifier () string // obtain the ID. id. mspidfunc (ID * identity) Validate () Error // retrieve ID. MSP. validate (ID) checks whether the identity is valid func (ID * identity) getorganizationalunits () [] * ouidentifier // gets the organizational unit func (ID * identity) Verify (MSG [] Byte, SIG [] Byte) Error // use this identity to verify the message signature func (ID * identity) serialize () ([] Byte, error) // serialize the identity func (ID * identity) gethashopt (hashfamily string) (bccsp. hashopts, error) // retrieves bccsp. gethashopt // code in MSP/identities. go
Signingidentity struct definition (Signature identity ):
Type signingidentity struct {???? Identity // embed identity ???? Signer crypto. Signer // signer interface in the crypto standard library} // code is stored in MSP/identities. Go
The signingidentity struct involves the following methods:
// Create a signingidentity instance func newsigningidentity (ID * identityidentifier, Cert * x509.certificate, PK bccsp. key, signer crypto. signer, MSP * bccspmsp) (signingidentity, error) func (ID * signingidentity) Sign (MSG [] Byte) ([] Byte, error) // signature msgfunc (ID * signingidentity) getpublicversion () Identity // get ID. identity // code in MSP/identities. go
6. mspconfig related struct and Methods
Mspconfig struct definition:
The definition of fabricmspconfig is close to that of bccspmsp. After fabricmspconfig is serialized, it is stored in mspconfig. config using [] bytes.
Type mspconfig struct {???? Type int32 ???? Config [] Byte} type fabricmspconfig struct {???? Name string // MSP name ???? Rootcerts [] [] Byte // list of trusted CA certificates ???? Intermediatecerts [] [] Byte // list of trusted intermediate certificates ???? Admins [] [] Byte // list of managed identities ???? Revocationlist [] [] Byte // Certificate Revocation List ???? Signingidentity * signingidentityinfo // signature identity ???? Organizationalunitidentifiers [] * fabricouidentifier // organization list ???? Cryptoconfig * fabriccryptoconfig // encryption options ???? Tlsrootcerts [] [] Byte // list of trusted ca TLS certificates ???? Tlsintermediatecerts [] [] Byte // list of trusted intermediate TLS certificates} // code in PROTOS/MSP/msp_config.pb.go
The method involved is as follows:
Func getlocalmspconfig (DIR string, bccspconfig * factory. factoryopts, Id string) (* MSP. mspconfig, error) // obtain the local MSP configuration // code in PROTOS/MSP/configbuilder. Go
Func getlocalmspconfig (DIR string, bccspconfigFactory. factoryopts, Id string )(MSP. mspconfig, error) implementation code is as follows:
The core code of setupbccspkeystoreconfig () is bccspconfig. swopts. filekeystore = & factory. filekeystoreopts {keystorepath: keystoredir}, which is used to set the default value when filekeystore or keystorepath is null.
Signcertdir: = filepath. join (Dir, signcerts) // signcerts is "signcerts", and signcertdir is/etc/hyperledger/fabric/MSP/signcerts/keystoredir: = filepath. join (Dir, keystore) // keystore is "keystore", and keystoredir is/etc/hyperledger/fabric/MSP/keystore/bccspconfig = setupbccspkeystoreconfig (bccspconfig, keystoredir) // set bccspconfig. swopts. ephemeral = false and bccspconfig. swopts. filekeystore = & factory. filekeystoreopts {k Eystorepath: keystoredir }???? // Bccspconfig. swopts. whether ephemeral is short-lived err: = factory. initfactories (bccspconfig) // initialize bccsp factory and create a bccsp instance signcert, err: = getpemmaterialfromdir (signcertdir) // read the PEM file sigid: = & MSP. signingidentityinfo {publicsigner: signcert [0], privatesigner: Nil} // construct signingidentityinforeturn getmspconfig (Dir, ID, sigid) // read cacerts, admincerts, tlscacerts, and config respectively. organization information in yaml to construct MSP. fabricmspconfig, which is used to construct MSP after serialization. mspconfig // code in MSP/configbuilder. go
7. Mgmt
MGMT involves the following methods:
Func loadlocalmsp (DIR string, bccspconfig * factory. factoryopts, mspid string) Error // load the local mspfunc getlocalmsp () MSP from the specified directory. MSP // retrieve MSP. newbccspmsp () Create bccspmsp instance func getlocalsigningidentityorpanic () MSP. signingidentity // getlocalmsp (). getdefaultsigningidentity () // code in MSP/MGMT. go
Func loadlocalmsp (DIR string, bccspconfig * factory. factoryopts, mspid string) error code:
Conf, err: = MSP. getlocalmspconfig (Dir, bccspconfig, mspid) // obtain the local MSP configuration and write it to MSP after serialization. mspconfig, that is, confreturn getlocalmsp (). setup (CONF) // call MSP. newbccspmsp () creates a bccspmsp instance and retrieves bccspmsp. setup (CONF) decodes Conf. config and set bccspmsp // code in MSP/MGMT. go
Blockchain tutorial fabric1.0 source code analysis MSP member relationship service provider 2