github.com/darrenli6/fabric-sdk-example@v0.0.0-20220109053535-94b13b56df8c/protos/msp/msp_config.proto

github.com/darrenli6/fabric-sdk-example@v0.0.0-20220109053535-94b13b56df8c/protos/msp/msp_config.proto (about)

     1  /*
     2  Copyright IBM Corp. 2016 All Rights Reserved.
     3  
     4  Licensed under the Apache License, Version 2.0 (the "License");
     5  you may not use this file except in compliance with the License.
     6  You may obtain a copy of the License at
     7  
     8                   http://www.apache.org/licenses/LICENSE-2.0
     9  
    10  Unless required by applicable law or agreed to in writing, software
    11  distributed under the License is distributed on an "AS IS" BASIS,
    12  WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
    13  See the License for the specific language governing permissions and
    14  limitations under the License.
    15  */
    16  
    17  syntax = "proto3";
    18  
    19  option go_package = "github.com/hyperledger/fabric/protos/msp";
    20  option java_package = "org.hyperledger.fabric.protos.msp";
    21  option java_outer_classname = "MspConfigPackage";
    22  
    23  package msp;
    24  
    25  // MSPConfig collects all the configuration information for
    26  // an MSP. The Config field should be unmarshalled in a way
    27  // that depends on the Type
    28  message MSPConfig {
    29      // Type holds the type of the MSP; the default one would
    30      // be of type FABRIC implementing an X.509 based provider
    31      int32 type = 1;
    32  
    33      // Config is MSP dependent configuration info
    34      bytes config = 2;
    35  }
    36  
    37  // FabricMSPConfig collects all the configuration information for
    38  // a Fabric MSP.
    39  // Here we assume a default certificate validation policy, where
    40  // any certificate signed by any of the listed rootCA certs would
    41  // be considered as valid under this MSP.
    42  // This MSP may or may not come with a signing identity. If it does,
    43  // it can also issue signing identities. If it does not, it can only
    44  // be used to validate and verify certificates.
    45  message FabricMSPConfig {
    46      // Name holds the identifier of the MSP; MSP identifier
    47      // is chosen by the application that governs this MSP.
    48      // For example, and assuming the default implementation of MSP,
    49      // that is X.509-based and considers a single Issuer,
    50      // this can refer to the Subject OU field or the Issuer OU field.
    51      string name = 1;
    52  
    53      // List of root certificates trusted by this MSP
    54      // they are used upon certificate validation (see
    55      // comment for IntermediateCerts below)
    56      repeated bytes root_certs = 2;
    57  
    58      // List of intermediate certificates trusted by this MSP;
    59      // they are used upon certificate validation as follows:
    60      // validation attempts to build a path from the certificate
    61      // to be validated (which is at one end of the path) and
    62      // one of the certs in the RootCerts field (which is at
    63      // the other end of the path). If the path is longer than
    64      // 2, certificates in the middle are searched within the
    65      // IntermediateCerts pool
    66      repeated bytes intermediate_certs = 3;
    67  
    68      // Identity denoting the administrator of this MSP
    69      repeated bytes admins = 4;
    70  
    71      // Identity revocation list
    72      repeated bytes revocation_list = 5;
    73  
    74      // SigningIdentity holds information on the signing identity
    75      // this peer is to use, and which is to be imported by the
    76      // MSP defined before
    77      SigningIdentityInfo signing_identity = 6;
    78  
    79      // OrganizationalUnitIdentifiers holds one or more
    80      // fabric organizational unit identifiers that belong to
    81      // this MSP configuration
    82      repeated FabricOUIdentifier organizational_unit_identifiers = 7;
    83  
    84      // FabricCryptoConfig contains the configuration parameters
    85      // for the cryptographic algorithms used by this MSP
    86      FabricCryptoConfig crypto_config = 8;
    87  
    88      // List of TLS root certificates trusted by this MSP.
    89      // They are returned by GetTLSRootCerts.
    90      repeated bytes tls_root_certs = 9;
    91  
    92      // List of TLS intermediate certificates trusted by this MSP;
    93      // They are returned by GetTLSIntermediateCerts.
    94      repeated bytes tls_intermediate_certs = 10;
    95  }
    96  
    97  // FabricCryptoConfig contains configuration parameters
    98  // for the cryptographic algorithms used by the MSP
    99  // this configuration refers to
   100  message FabricCryptoConfig {
   101  
   102      // SignatureHashFamily is a string representing the hash family to be used
   103      // during sign and verify operations.
   104      // Allowed values are "SHA2" and "SHA3".
   105      string signature_hash_family = 1;
   106  
   107      // IdentityIdentifierHashFunction is a string representing the hash function
   108      // to be used during the computation of the identity identifier of an MSP identity.
   109      // Allowed values are "SHA256", "SHA384" and "SHA3_256", "SHA3_384".
   110      string identity_identifier_hash_function = 2;
   111  
   112  }
   113  
   114  // SigningIdentityInfo represents the configuration information
   115  // related to the signing identity the peer is to use for generating
   116  // endorsements
   117  message SigningIdentityInfo {
   118      // PublicSigner carries the public information of the signing
   119      // identity. For an X.509 provider this would be represented by
   120      // an X.509 certificate
   121      bytes public_signer = 1;
   122  
   123      // PrivateSigner denotes a reference to the private key of the
   124      // peer's signing identity
   125      KeyInfo private_signer = 2;
   126  }
   127  
   128  // KeyInfo represents a (secret) key that is either already stored
   129  // in the bccsp/keystore or key material to be imported to the
   130  // bccsp key-store. In later versions it may contain also a
   131  // keystore identifier
   132  message KeyInfo {
   133      // Identifier of the key inside the default keystore; this for
   134      // the case of Software BCCSP as well as the HSM BCCSP would be
   135      // the SKI of the key
   136      string key_identifier = 1;
   137  
   138      // KeyMaterial (optional) for the key to be imported; this is
   139      // properly encoded key bytes, prefixed by the type of the key
   140      bytes key_material = 2;
   141  }
   142  
   143  // FabricOUIdentifier represents an organizational unit and
   144  // its related chain of trust identifier.
   145  message FabricOUIdentifier {
   146  
   147      // Certificate represents the second certificate in a certification chain.
   148      // (Notice that the first certificate in a certification chain is supposed
   149      // to be the certificate of an identity).
   150      // It must correspond to the certificate of root or intermediate CA
   151      // recognized by the MSP this message belongs to.
   152      // Starting from this certificate, a certification chain is computed
   153      // and boud to the OrganizationUnitIdentifier specified
   154      bytes certificate = 1;
   155  
   156      // OrganizationUnitIdentifier defines the organizational unit under the
   157      // MSP identified with MSPIdentifier
   158      string organizational_unit_identifier = 2;
   159  }