github.com/leonlxy/hyperledger@v1.0.0-alpha.0.20170427033203-34922035d248/protos/msp/msp_config.proto (about) 1 /* 2 Copyright IBM Corp. 2016 All Rights Reserved. 3 4 Licensed under the Apache License, Version 2.0 (the "License"); 5 you may not use this file except in compliance with the License. 6 You may obtain a copy of the License at 7 8 http://www.apache.org/licenses/LICENSE-2.0 9 10 Unless required by applicable law or agreed to in writing, software 11 distributed under the License is distributed on an "AS IS" BASIS, 12 WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 13 See the License for the specific language governing permissions and 14 limitations under the License. 15 */ 16 17 syntax = "proto3"; 18 19 option go_package = "github.com/hyperledger/fabric/protos/msp"; 20 option java_package = "org.hyperledger.fabric.protos.msp"; 21 option java_outer_classname = "MspConfigPackage"; 22 23 package msp; 24 25 // MSPConfig collects all the configuration information for 26 // an MSP. The Config field should be unmarshalled in a way 27 // that depends on the Type 28 message MSPConfig { 29 // Type holds the type of the MSP; the default one would 30 // be of type FABRIC implementing an X.509 based provider 31 int32 type = 1; 32 33 // Config is MSP dependent configuration info 34 bytes config = 2; 35 } 36 37 // FabricMSPConfig collects all the configuration information for 38 // a Fabric MSP. 39 // Here we assume a default certificate validation policy, where 40 // any certificate signed by any of the listed rootCA certs would 41 // be considered as valid under this MSP. 42 // This MSP may or may not come with a signing identity. If it does, 43 // it can also issue signing identities. If it does not, it can only 44 // be used to validate and verify certificates. 45 message FabricMSPConfig { 46 // Name holds the identifier of the MSP; MSP identifier 47 // is chosen by the application that governs this MSP. 48 // For example, and assuming the default implementation of MSP, 49 // that is X.509-based and considers a single Issuer, 50 // this can refer to the Subject OU field or the Issuer OU field. 51 string name = 1; 52 53 // List of root certificates trusted by this MSP 54 // they are used upon certificate validation (see 55 // comment for IntermediateCerts below) 56 repeated bytes root_certs = 2; 57 58 // List of intermediate certificates trusted by this MSP; 59 // they are used upon certificate validation as follows: 60 // validation attempts to build a path from the certificate 61 // to be validated (which is at one end of the path) and 62 // one of the certs in the RootCerts field (which is at 63 // the other end of the path). If the path is longer than 64 // 2, certificates in the middle are searched within the 65 // IntermediateCerts pool 66 repeated bytes intermediate_certs = 3; 67 68 // Identity denoting the administrator of this MSP 69 repeated bytes admins = 4; 70 71 // Identity revocation list 72 repeated bytes revocation_list = 5; 73 74 // SigningIdentity holds information on the signing identity 75 // this peer is to use, and which is to be imported by the 76 // MSP defined before 77 SigningIdentityInfo signing_identity = 6; 78 79 // OrganizationalUnitIdentifiers holds one or more 80 // fabric organizational unit identifiers that belong to 81 // this MSP configuration 82 repeated FabricOUIdentifier organizational_unit_identifiers = 7; 83 84 // FabricCryptoConfig contains the configuration parameters 85 // for the cryptographic algorithms used by this MSP 86 FabricCryptoConfig crypto_config = 8; 87 } 88 89 // FabricCryptoConfig contains configuration parameters 90 // for the cryptographic algorithms used by the MSP 91 // this configuration refers to 92 message FabricCryptoConfig { 93 94 // SignatureHashFamily is a string representing the hash family to be used 95 // during sign and verify operations. 96 // Allowed values are "SHA2" and "SHA3". 97 string signature_hash_family = 1; 98 99 // IdentityIdentifierHashFunction is a string representing the hash function 100 // to be used during the computation of the identity identifier of an MSP identity. 101 // Allowed values are "SHA256", "SHA384" and "SHA3_256", "SHA3_384". 102 string identity_identifier_hash_function = 2; 103 104 } 105 106 // SigningIdentityInfo represents the configuration information 107 // related to the signing identity the peer is to use for generating 108 // endorsements 109 message SigningIdentityInfo { 110 // PublicSigner carries the public information of the signing 111 // identity. For an X.509 provider this would be represented by 112 // an X.509 certificate 113 bytes public_signer = 1; 114 115 // PrivateSigner denotes a reference to the private key of the 116 // peer's signing identity 117 KeyInfo private_signer = 2; 118 } 119 120 // KeyInfo represents a (secret) key that is either already stored 121 // in the bccsp/keystore or key material to be imported to the 122 // bccsp key-store. In later versions it may contain also a 123 // keystore identifier 124 message KeyInfo { 125 // Identifier of the key inside the default keystore; this for 126 // the case of Software BCCSP as well as the HSM BCCSP would be 127 // the SKI of the key 128 string key_identifier = 1; 129 130 // KeyMaterial (optional) for the key to be imported; this is 131 // properly encoded key bytes, prefixed by the type of the key 132 bytes key_material = 2; 133 } 134 135 // FabricOUIdentifier represents an organizazional unit and 136 // its related chain of trust identifier. 137 message FabricOUIdentifier { 138 139 // CertifiersIdentifier is the hash of certificates chain of trust 140 // related to this organizational unit 141 bytes certifiers_identifier = 1; 142 143 // OrganizationUnitIdentifier defines the organizational unit under the 144 // MSP identified with MSPIdentifier 145 string organizational_unit_identifier = 2; 146 }