1 Star 3 Fork 2

Hyperledger Fabric 国密/fabric-ca

Create your Gitee Account
Explore and code with more than 12 million developers,Free private repositories !:)
Sign up
Clone or Download
gmca.go 1.62 KB
Copy Edit Raw Blame History
Jtyoui authored 2021-07-22 18:25 . fabric-ca改造
package gmca
import (
"crypto"
x509GM "github.com/Hyperledger-TWGC/tjfoc-gm/x509"
"gitee.com/hyperledger-fabric-gm/cfssl/config"
"gitee.com/hyperledger-fabric-gm/cfssl/helpers"
"gitee.com/hyperledger-fabric-gm/cfssl/log"
"gitee.com/hyperledger-fabric-gm/cfssl/signer"
"gitee.com/hyperledger-fabric-gm/fabric-ca/lib/gmsigner"
"time"
"gitee.com/hyperledger-fabric-gm/cfssl/csr"
)
// CAPolicy contains the CA issuing policy as default policy.
var CAPolicy = func() *config.Signing {
return &config.Signing{
Default: &config.SigningProfile{
Usage: []string{"cert sign", "crl sign"},
ExpiryString: "43800h",
Expiry: 5 * helpers.OneYear,
CAConstraint: config.CAConstraint{IsCA: true},
},
}
}
func NewFromSigner(req *csr.CertificateRequest, priv crypto.Signer) (cert, csrPEM []byte, err error) {
policy := CAPolicy()
if req.CA != nil {
if req.CA.Expiry != "" {
policy.Default.ExpiryString = req.CA.Expiry
policy.Default.Expiry, err = time.ParseDuration(req.CA.Expiry)
if err != nil {
return nil, nil, err
}
}
policy.Default.CAConstraint.MaxPathLen = req.CA.PathLength
if req.CA.PathLength != 0 && req.CA.PathLenZero == true {
log.Infof("ignore invalid 'pathlenzero' value")
} else {
policy.Default.CAConstraint.MaxPathLenZero = req.CA.PathLenZero
}
}
csrPEM, err = gmsigner.GenerateGMCsr(priv, req)
if err != nil {
return nil, nil, err
}
s, err := gmsigner.NewSigner(priv, nil, x509GM.SM2WithSM3, policy)
if err != nil {
log.Errorf("failed to create signer: %v", err)
return
}
signReq := signer.SignRequest{Request: string(csrPEM)}
cert, err = s.Sign(signReq)
return
}
马建仓 AI 助手
尝试更多
代码解读
代码找茬
代码优化
1
https://gitee.com/hyperledger-fabric-gm/fabric-ca.git
git@gitee.com:hyperledger-fabric-gm/fabric-ca.git
hyperledger-fabric-gm
fabric-ca
fabric-ca
ffb137a43593

Search