如何在超级账本结构中将新参与者认证到渠道中 | 如何在超级账本结构中将新参与者认证到渠道中

本文介绍了如何在超级账本结构中将新参与者认证到渠道中的处理方法，对大家解决问题具有一定的参考价值，需要的朋友们下面随着小编来一起学习吧！

问题描述

我遇到了Hyperledger架构客户端，该客户端具有将新成员认证到区块链网络中的方法/功能.但是我不确定如何才能在区块链网络的通道中对新用户进行身份验证.

I came across Hyperledger fabric client which has methods/functions to authenticate new members into blockchain network. But I am not sure how I can authenticate new users into a channel in blockchain network.

我可以在超级账本结构中使用频道配置(configtx)邀请/将新参与者注册到频道中吗?

Can i use channel configuration(configtx) in hyperledger fabric to invite/register new participants into a channel?

链接到通道配置: http://hyperledger- fabric.readthedocs.io/en/latest/configtx.html#channel-creation

推荐答案

您可以使用fabric-ca. Fabric-ca提供了几种用于用户管理的API.您可以通过fabric-ca注册，撤消，注册或重新注册用户.而且fabric-ca的文档位于此处.

you can use fabric-ca. Fabric-ca provides several apis for user management. You may register, revoke, enroll, reenroll users by fabric-ca. And the documents for fabric-ca is here.

设置fabric-ca服务器后，您可以使用SDK(当前为node-sdk和java-sdk)或fabric-ca客户端与fabric-ca服务器进行交互. java-sdk的示例是此处. node-sdk的示例为此处.

After you setup your fabric-ca server, you can interactive with fabric-ca server with SDK (currently node-sdk and java-sdk) or fabric-ca client. A sample for java-sdk is here. A sample for node-sdk is here.

在链码方面，每次用户从客户端调用调用或查询时，您都可以阅读证书.以下是示例代码.

And on chaincode side, you can read the cert when each time the user call invoke or query from client. The following is a sample code.

import(
    "crypto/x509"
    "encoding/pem"
    "bytes"
    "strings"
    "github.com/hyperledger/fabric/core/chaincode/shim"
)

func parseCert(stub){
    creator, err := identityService.Stub.GetCreator()
    if err != nil {
        logger.Debug("Error received on GetCreator", err)
        vm.PushErrorObjectVa(duktape.ErrError, "%s", err.Error())
        vm.Throw()
        return
    }
    certStart := bytes.IndexAny(creator, "----BEGIN CERTIFICATE-----")
    if certStart == -1 {
        logger.Debug("No certificate found")
        return
    }
    certText := creator[certStart:]
    block, _ := pem.Decode(certText)
    if block == nil {
        logger.Debug("Error received on pem.Decode of certificate",  certText)
        return
    }

    ucert, err := x509.ParseCertificate(block.Bytes)
    if err != nil {
        logger.Debug("Error received on ParseCertificate", err)
        return
    }

    logger.Debug("Common Name", ucert.Subject.CommonName)

}

这篇关于如何在超级账本结构中将新参与者认证到渠道中的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持！