github.com/Hnampk/fabric@v2.1.1+incompatible/docs/source/idemixgen.rst

github.com/Hnampk/fabric@v2.1.1+incompatible/docs/source/idemixgen.rst (about)

     1  Identity Mixer MSP configuration generator (idemixgen)
     2  ======================================================
     3  
     4  This document describes the usage for the ``idemixgen`` utility, which can be
     5  used to create configuration files for the identity mixer based MSP.
     6  Two commands are available, one for creating a fresh CA key pair, and one
     7  for creating an MSP config using a previously generated CA key.
     8  
     9  Directory Structure
    10  -------------------
    11  
    12  The ``idemixgen`` tool will create directories with the following structure:
    13  
    14  .. code:: bash
    15  
    16      - /ca/
    17          IssuerSecretKey
    18          IssuerPublicKey
    19          RevocationKey
    20      - /msp/
    21          IssuerPublicKey
    22          RevocationPublicKey
    23      - /user/
    24          SignerConfig
    25  
    26  The ``ca`` directory contains the issuer secret key (including the revocation key) and should only be present
    27  for a CA. The ``msp`` directory contains the information required to set up an
    28  MSP verifying idemix signatures. The ``user`` directory specifies a default
    29  signer.
    30  
    31  CA Key Generation
    32  -----------------
    33  
    34  CA (issuer) keys suitable for identity mixer can be created using command
    35  ``idemixgen ca-keygen``. This will create directories ``ca`` and ``msp`` in the
    36  working directory.
    37  
    38  Adding a Default Signer
    39  -----------------------
    40  After generating the ``ca`` and ``msp`` directories with
    41  ``idemixgen ca-keygen``, a default signer specified in the ``user`` directory
    42  can be added to the config with ``idemixgen signerconfig``.
    43  
    44  .. code:: bash
    45  
    46      $ idemixgen signerconfig -h
    47      usage: idemixgen signerconfig [<flags>]
    48  
    49      Generate a default signer for this Idemix MSP
    50  
    51      Flags:
    52          -h, --help               Show context-sensitive help (also try --help-long and --help-man).
    53          -u, --org-unit=ORG-UNIT  The Organizational Unit of the default signer
    54          -a, --admin              Make the default signer admin
    55          -e, --enrollment-id=ENROLLMENT-ID
    56                                   The enrollment id of the default signer
    57          -r, --revocation-handle=REVOCATION-HANDLE
    58                                   The handle used to revoke this signer
    59  
    60  For example, we can create a default signer that is a member of organizational
    61  unit "OrgUnit1", with enrollment identity "johndoe", revocation handle "1234",
    62  and that is an admin, with the following command:
    63  
    64  .. code:: bash
    65  
    66      idemixgen signerconfig -u OrgUnit1 --admin -e "johndoe" -r 1234
    67  
    68  .. Licensed under Creative Commons Attribution 4.0 International License
    69     https://creativecommons.org/licenses/by/4.0/