hyperledge工具-cryptogen
參考:http://baijiahao.baidu.com/s?id=1596614770784685300&wfr=spider&for=pc
cryptogen是Hyperledger Fabric提供的為網(wǎng)絡(luò)實體生成加密材料(公私鑰、證書等)的實用程序。這些證書代表一個身份,并允許在網(wǎng)絡(luò)實體間通信和交易時進行簽名和身份認(rèn)證。
cryptogen使用一個包含網(wǎng)絡(luò)拓?fù)涞腸rypto-config.yaml文件,為文件中定義的組織和屬于這些組織的實體生成一組證書和密鑰。每個組織都配置了唯一的根證書(ca-cert),并包含了特定實體(peers和orders),這就形成了一種典型的網(wǎng)絡(luò)結(jié)構(gòu)——每個成員都有所屬的CA。在hyperledger中文文檔學(xué)習(xí)-4-構(gòu)建第一個fabric網(wǎng)絡(luò)這個例子中就有一個crypto-config.yaml文件,如下:
# Copyright IBM Corp. All Rights Reserved. # # SPDX-License-Identifier: Apache-2.0 ## --------------------------------------------------------------------------- # "OrdererOrgs" - Definition of organizations managing orderer nodes # --------------------------------------------------------------------------- OrdererOrgs:# ---------------------------------------------------------------------------# Orderer# ---------------------------------------------------------------------------- Name: OrdererDomain: example.com# ---------------------------------------------------------------------------# "Specs" - See PeerOrgs below for complete description# ---------------------------------------------------------------------------Specs:- Hostname: orderer # --------------------------------------------------------------------------- # "PeerOrgs" - Definition of organizations managing peer nodes # --------------------------------------------------------------------------- PeerOrgs:# ---------------------------------------------------------------------------# Org1# ---------------------------------------------------------------------------- Name: Org1Domain: org1.example.comEnableNodeOUs: true# ---------------------------------------------------------------------------# "Specs"# ---------------------------------------------------------------------------# Uncomment this section to enable the explicit definition of hosts in your# configuration. Most users will want to use Template, below## Specs is an array of Spec entries. Each Spec entry consists of two fields:# - Hostname: (Required) The desired hostname, sans the domain.# - CommonName: (Optional) Specifies the template or explicit override for# the CN. By default, this is the template:## "{{.Hostname}}.{{.Domain}}"## which obtains its values from the Spec.Hostname and# Org.Domain, respectively.# ---------------------------------------------------------------------------# Specs:# - Hostname: foo # implicitly "foo.org1.example.com"# CommonName: foo27.org5.example.com # overrides Hostname-based FQDN set above# - Hostname: bar# - Hostname: baz# ---------------------------------------------------------------------------# "Template"# ---------------------------------------------------------------------------# Allows for the definition of 1 or more hosts that are created sequentially# from a template. By default, this looks like "peer%d" from 0 to Count-1.# You may override the number of nodes (Count), the starting index (Start)# or the template used to construct the name (Hostname).## Note: Template and Specs are not mutually exclusive. You may define both# sections and the aggregate nodes will be created for you. Take care with# name collisions# ---------------------------------------------------------------------------Template:Count: 2# Start: 5# Hostname: {{.Prefix}}{{.Index}} # default# ---------------------------------------------------------------------------# "Users"# ---------------------------------------------------------------------------# Count: The number of user accounts _in addition_ to Admin# ---------------------------------------------------------------------------Users:Count: 1# ---------------------------------------------------------------------------# Org2: See "Org1" for full specification# ---------------------------------------------------------------------------- Name: Org2Domain: org2.example.comEnableNodeOUs: trueTemplate:Count: 2Users:Count: 1聲明了一個排序組織,兩個節(jié)點組織,節(jié)點組織中分別一個用戶帶著有兩個節(jié)點。在這里會為每個組織都配置一個根證書。
crypto-config.yaml是cryptogen工具使用的配置文件,cryptogen工具根據(jù)該配置文件生成加密材料。
??但該文件名字并非固定,也可自定義,只需在cryptogen generate命令中指定對應(yīng)文件即可。
?
由上面可知cryptogen是一個獨立的可執(zhí)行程序,源碼能夠在github.com/hyperledger/fabric/common/tools/cryptogen/上找到,首先在構(gòu)建好的虛擬機上面查看是否成功運行了cryptogen:
vagrant@ubuntu-xenial:~/fabric-samples/first-network$ cryptogen --help cryptogen: command not found可見并沒有
那么首先我們就要編譯生成該可執(zhí)行文件,有兩種辦法:
1)在下載的hyperledger/fabric路徑下運行命令:
然后就能夠看見生成了文件夾./build/bin,并在該文件夾下生成了可執(zhí)行文件cryptogen:
vagrant@ubuntu-xenial:/opt/gopath/src/github.com/hyperledger/fabric$ make cryptogen .build/bin/cryptogen CGO_CFLAGS=" " GOBIN=/opt/gopath/src/github.com/hyperledger/fabric/.build/bin go install -tags "" -ldflags "-X github.com/hyperledger/fabric/common/tools/cryptogen/metadata.CommitSHA=325999f" github.com/hyperledger/fabric/common/tools/cryptogen Binary available as .build/bin/cryptogen然后運行:
vagrant@ubuntu-xenial:/opt/gopath/src/github.com/hyperledger/fabric$ cryptogen --help usage: cryptogen [<flags>] <command> [<args> ...]用于生成Hyperledger Fabric密鑰文件Flags:--help 顯示幫助信息--help-long 顯示詳細(xì)幫助信息--help-manCommands:help [<command>...]顯示下面命令的幫助信息.generate [<flags>]生成密鑰文件showtemplate顯示默認(rèn)的配置模版version顯示版本信息extend [<flags>]擴展現(xiàn)存網(wǎng)絡(luò)由上面可見成功編譯成功
里面的命令中最重要的是generate命令:
vagrant@ubuntu-xenial:/opt/gopath/src/github.com/hyperledger/fabric$ cryptogen help generate usage: cryptogen generate [<flags>]生成密鑰證書Flags:--help Show context-sensitive help (also try --help-longand --help-man).--output="crypto-config" 指定放置證書的輸出目錄--config=CONFIG 指定使用的配置模版,不指定則使用cryptogen showtemplate中指定的默認(rèn)模版,一般為crypto-config.yaml最常見的命令為:
cryptogen generate --config=./crypto-config.yaml即根據(jù)crypto-config.yaml文件的配置,生成組織信息及其密鑰證書等,保存在crypto-config目錄下。
2)另一種方法是直接在fabric/common/tools/cryptogen/下執(zhí)行g(shù)o build命令
?
轉(zhuǎn)載于:https://www.cnblogs.com/wanghui-garcia/p/10491836.html
總結(jié)
以上是生活随笔為你收集整理的hyperledge工具-cryptogen的全部內(nèi)容,希望文章能夠幫你解決所遇到的問題。
- 上一篇: Codeforces Round #54
- 下一篇: 爱奇艺大数据分析平台的演进之路