public class HFCAClient extends Object
Modifier and Type | Field and Description |
---|---|
static String |
DEFAULT_PROFILE_NAME
Default profile name.
|
static String |
HFCA_ATTRIBUTE_HFAFFILIATIONMGR
HFCA_ATTRIBUTE_HFAFFILIATIONMGR is a boolean attribute that allows an identity to manage affiliations
|
static String |
HFCA_ATTRIBUTE_HFGENCRL
HFCA_ATTRIBUTE_HFGENCRL is an attribute that allows an identity to generate a CRL
|
static String |
HFCA_ATTRIBUTE_HFINTERMEDIATECA
HFCA_ATTRIBUTE_HFINTERMEDIATECA is a boolean attribute that allows an identity to enroll as an intermediate CA
|
static String |
HFCA_ATTRIBUTE_HFREGISTRARATTRIBUTES
HFCA_ATTRIBUTE_HFREGISTRARATTRIBUTES is an attribute that has a list of attributes that the registrar is allowed to register
for an identity
|
static String |
HFCA_ATTRIBUTE_HFREGISTRARDELEGATEROLES
HFCA_ATTRIBUTE_HFREGISTRARDELEGATEROLES is an attribute that allows a registrar to give the roles specified
to a registree for its 'hf.Registrar.Roles' attribute
|
static String |
HFCA_ATTRIBUTE_HFREGISTRARROLES
HFCA_ATTRIBUTE_HFREGISTRARROLES is an attribute that allows a registrar to manage identities of the specified roles
|
static String |
HFCA_ATTRIBUTE_HFREVOKER
HFCA_ATTRIBUTE_HFREVOKER is a boolean attribute that allows an identity to revoker a user and/or certificates
|
static String |
HFCA_TYPE_CLIENT
HFCA_TYPE_CLIENT indicates that an identity is acting as a client
|
static String |
HFCA_TYPE_ORDERER
HFCA_TYPE_ORDERER indicates that an identity is acting as an orderer
|
static String |
HFCA_TYPE_PEER
HFCA_TYPE_PEER indicates that an identity is acting as a peer
|
static String |
HFCA_TYPE_USER
HFCA_TYPE_USER indicates that an identity is acting as a user
|
Modifier and Type | Method and Description |
---|---|
static HFCAClient |
createNewInstance(NetworkConfig.CAInfo caInfo)
Create HFCAClient from a NetworkConfig.CAInfo using default crypto suite.
|
static HFCAClient |
createNewInstance(NetworkConfig.CAInfo caInfo,
org.hyperledger.fabric.sdk.security.CryptoSuite cryptoSuite)
Create HFCAClient from a NetworkConfig.CAInfo
|
static HFCAClient |
createNewInstance(String url,
Properties properties) |
static HFCAClient |
createNewInstance(String name,
String url,
Properties properties) |
Enrollment |
enroll(String user,
String secret)
Enroll the user with member service
|
Enrollment |
enroll(String user,
String secret,
EnrollmentRequest req)
Enroll the user with member service
|
String |
generateCRL(User registrar,
Date revokedBefore,
Date revokedAfter,
Date expireBefore,
Date expireAfter)
Generate certificate revocation list.
|
String |
getCAName()
The Certificate Authority name.
|
org.hyperledger.fabric.sdk.security.CryptoSuite |
getCryptoSuite() |
HFCAAffiliation |
getHFCAAffiliations(User registrar)
gets all affiliations that the registrar is allowed to see
|
HFCACertificateResponse |
getHFCACertificates(User registrar,
HFCACertificateRequest req)
Gets all certificates that the registrar is allowed to see and based on filter parameters that
are part of the certificate request.
|
Collection<HFCAIdentity> |
getHFCAIdentities(User registrar)
gets all identities that the registrar is allowed to see
|
int |
getStatusCode()
The Status Code level of client, HTTP status codes above this value will return in a
exception, otherwise, the status code will be return the status code and appropriate error
will be logged.
|
Enrollment |
idemixEnroll(Enrollment enrollment,
String mspID)
idemixEnroll returns an Identity Mixer Enrollment, which supports anonymity and unlinkability
|
HFCAInfo |
info()
Return information on the Fabric Certificate Authority.
|
HFCAAffiliation |
newHFCAAffiliation(String name) |
HFCACertificateRequest |
newHFCACertificateRequest() |
HFCAIdentity |
newHFCAIdentity(String enrollmentID)
Creates a new HFCA Identity object
|
Enrollment |
reenroll(User user)
Re-Enroll the user with member service
|
Enrollment |
reenroll(User user,
EnrollmentRequest req)
Re-Enroll the user with member service
|
String |
register(RegistrationRequest request,
User registrar)
Register a user.
|
void |
revoke(User revoker,
Enrollment enrollment,
String reason)
revoke one enrollment of user
|
String |
revoke(User revoker,
Enrollment enrollment,
String reason,
boolean genCRL)
revoke one enrollment of user
|
void |
revoke(User revoker,
String revokee,
String reason)
revoke one user (including his all enrollments)
|
String |
revoke(User revoker,
String revokee,
String reason,
boolean genCRL)
revoke one user (including his all enrollments)
|
void |
revoke(User revoker,
String serial,
String aki,
String reason)
revoke one certificate
|
String |
revoke(User revoker,
String serial,
String aki,
String reason,
boolean genCRL)
revoke one enrollment of user
|
void |
setCryptoSuite(org.hyperledger.fabric.sdk.security.CryptoSuite cryptoSuite) |
public static final String DEFAULT_PROFILE_NAME
public static final String HFCA_TYPE_PEER
public static final String HFCA_TYPE_ORDERER
public static final String HFCA_TYPE_CLIENT
public static final String HFCA_TYPE_USER
public static final String HFCA_ATTRIBUTE_HFREGISTRARROLES
public static final String HFCA_ATTRIBUTE_HFREGISTRARDELEGATEROLES
public static final String HFCA_ATTRIBUTE_HFREGISTRARATTRIBUTES
public static final String HFCA_ATTRIBUTE_HFINTERMEDIATECA
public static final String HFCA_ATTRIBUTE_HFREVOKER
public static final String HFCA_ATTRIBUTE_HFAFFILIATIONMGR
public static final String HFCA_ATTRIBUTE_HFGENCRL
public String getCAName()
public int getStatusCode()
public static HFCAClient createNewInstance(String url, Properties properties) throws MalformedURLException
MalformedURLException
public static HFCAClient createNewInstance(String name, String url, Properties properties) throws MalformedURLException, InvalidArgumentException
public static HFCAClient createNewInstance(NetworkConfig.CAInfo caInfo) throws MalformedURLException, InvalidArgumentException
caInfo
- created from NetworkConfig.getOrganizationInfo("org_name").getCertificateAuthorities()MalformedURLException
InvalidArgumentException
public static HFCAClient createNewInstance(NetworkConfig.CAInfo caInfo, org.hyperledger.fabric.sdk.security.CryptoSuite cryptoSuite) throws MalformedURLException, InvalidArgumentException
caInfo
- created from NetworkConfig.getOrganizationInfo("org_name").getCertificateAuthorities()cryptoSuite
- the specific cryptosuite to use.MalformedURLException
InvalidArgumentException
public void setCryptoSuite(org.hyperledger.fabric.sdk.security.CryptoSuite cryptoSuite)
public org.hyperledger.fabric.sdk.security.CryptoSuite getCryptoSuite()
public String register(RegistrationRequest request, User registrar) throws RegistrationException, InvalidArgumentException
request
- Registration request with the following fields: name, role.registrar
- The identity of the registrar (i.e. who is performing the registration).RegistrationException
- if registration fails.InvalidArgumentException
public Enrollment enroll(String user, String secret) throws EnrollmentException, InvalidArgumentException
user
- Identity name to enrollsecret
- Secret returned via registrationEnrollmentException
InvalidArgumentException
public Enrollment enroll(String user, String secret, EnrollmentRequest req) throws EnrollmentException, InvalidArgumentException
user
- Identity name to enrollsecret
- Secret returned via registrationreq
- Enrollment request with the following fields: hosts, profile, csr, label, keypairEnrollmentException
InvalidArgumentException
public HFCAInfo info() throws InfoException, InvalidArgumentException
HFCAInfo
InfoException
InvalidArgumentException
public Enrollment reenroll(User user) throws EnrollmentException, InvalidArgumentException
user
- User to be re-enrolledEnrollmentException
InvalidArgumentException
public Enrollment reenroll(User user, EnrollmentRequest req) throws EnrollmentException, InvalidArgumentException
user
- User to be re-enrolledreq
- Enrollment request with the following fields: hosts, profile, csr, labelEnrollmentException
InvalidArgumentException
public void revoke(User revoker, Enrollment enrollment, String reason) throws RevocationException, InvalidArgumentException
revoker
- admin user who has revoker attribute configured in CA-serverenrollment
- the user enrollment to be revokedreason
- revoke reason, see RFC 5280RevocationException
InvalidArgumentException
public String revoke(User revoker, Enrollment enrollment, String reason, boolean genCRL) throws RevocationException, InvalidArgumentException
revoker
- admin user who has revoker attribute configured in CA-serverenrollment
- the user enrollment to be revokedreason
- revoke reason, see RFC 5280genCRL
- generate CRL listRevocationException
InvalidArgumentException
public void revoke(User revoker, String revokee, String reason) throws RevocationException, InvalidArgumentException
revoker
- admin user who has revoker attribute configured in CA-serverrevokee
- user who is to be revokedreason
- revoke reason, see RFC 5280RevocationException
InvalidArgumentException
public String revoke(User revoker, String revokee, String reason, boolean genCRL) throws RevocationException, InvalidArgumentException
revoker
- admin user who has revoker attribute configured in CA-serverrevokee
- user who is to be revokedreason
- revoke reason, see RFC 5280genCRL
- generate CRLRevocationException
InvalidArgumentException
public void revoke(User revoker, String serial, String aki, String reason) throws RevocationException, InvalidArgumentException
revoker
- admin user who has revoker attribute configured in CA-serverserial
- serial number of the certificate to be revokedaki
- aki of the certificate to be revokereason
- revoke reason, see RFC 5280RevocationException
InvalidArgumentException
public String revoke(User revoker, String serial, String aki, String reason, boolean genCRL) throws RevocationException, InvalidArgumentException
revoker
- admin user who has revoker attribute configured in CA-serverserial
- serial number of the certificate to be revokedaki
- aki of the certificate to be revokereason
- revoke reason, see RFC 5280genCRL
- generate CRL listRevocationException
InvalidArgumentException
public String generateCRL(User registrar, Date revokedBefore, Date revokedAfter, Date expireBefore, Date expireAfter) throws InvalidArgumentException, GenerateCRLException
registrar
- admin user configured in CA-serverrevokedBefore
- Restrict certificates returned to revoked before this date if not null.revokedAfter
- Restrict certificates returned to revoked after this date if not null.expireBefore
- Restrict certificates returned to expired before this date if not null.expireAfter
- Restrict certificates returned to expired after this date if not null.InvalidArgumentException
GenerateCRLException
public HFCAIdentity newHFCAIdentity(String enrollmentID) throws InvalidArgumentException
enrollmentID
- The enrollment ID associated for this identityInvalidArgumentException
- Invalid (null) argument specifiedpublic Collection<HFCAIdentity> getHFCAIdentities(User registrar) throws IdentityException, InvalidArgumentException
registrar
- The identity of the registrar (i.e. who is performing the registration).IdentityException
- if adding an identity fails.InvalidArgumentException
- Invalid (null) argument specifiedpublic HFCAAffiliation newHFCAAffiliation(String name) throws InvalidArgumentException
name
- Name of the affiliationInvalidArgumentException
- Invalid (null) argument specifiedpublic HFCAAffiliation getHFCAAffiliations(User registrar) throws AffiliationException, InvalidArgumentException
registrar
- The identity of the registrar (i.e. who is performing the registration).AffiliationException
- if getting all affiliations failsInvalidArgumentException
public HFCACertificateRequest newHFCACertificateRequest()
public Enrollment idemixEnroll(Enrollment enrollment, String mspID) throws EnrollmentException, InvalidArgumentException
enrollment
- a x509 enrollment credentialEnrollmentException
InvalidArgumentException
public HFCACertificateResponse getHFCACertificates(User registrar, HFCACertificateRequest req) throws HFCACertificateException
registrar
- The identity of the registrar (i.e. who is performing the registration).req
- The certificate request that contains filter parametersHFCACertificateException
- Failed to process get certificate requestCopyright © 2022. All rights reserved.