Class: Identity

Identity

This interface is shared within the peer and client API of the membership service provider. Identity interface defines operations associated to a "certificate". That is, the public part of the identity could be thought to be a certificate, and offers solely signature verification capabilities. This is to be used at the client side when validating certificates that endorsements are signed with, and verifying signatures that correspond to these certificates.

new Identity(certificate, publicKey, mspId, cryptoSuite)

Parameters:
Name Type Description
certificate string HEX string for the PEM encoded certificate
publicKey module:api.Key The public key represented by the certificate
mspId string The associated MSP's mspId that manages this identity
cryptoSuite module:api.CryptoSuite The underlying CryptoSuite implementation for the digital signature algorithm

Methods


getMSPId()

Returns the identifier of the Membser Service Provider that manages this identity in terms of being able to understand the key algorithms and have access to the trusted roots needed to validate it
Returns:
Type
string

getOrganizationUnits()

Returns the organization units this identity is related to as long as this is public information. In certain implementations this could be implemented by certain attributes that are publicly associated to that identity, or the identifier of the root certificate authority that has provided signatures on this certificate. Examples: - OrganizationUnit of a fabric-tcert that was signed by TCA under name "Organization 1", would be "Organization 1". - OrganizationUnit of an alternative implementation of tcert signed by a public CA used by organization "Organization 1", could be provided in the clear as part of that tcert structure that this call would be able to return.
Returns:
Type
string

isValid()

This uses the rules that govern this identity to validate it. E.g., if it is a fabric TCert implemented as identity, validate will check the TCert signature against the assumed root certificate authority.
Returns:
Type
boolean

serialize()

Converts this identity to bytes
Returns:
protobuf-based serialization with two fields: "mspid" and "certificate PEM bytes"
Type
Buffer

verify(msg, signature, opts)

Verify a signature over some message using this identity as reference
Parameters:
Name Type Description
msg Array.<byte> The message to be verified
signature Array.<byte> The signature generated against the message "msg"
opts Object Options include 'policy' and 'label' TODO (not implemented yet)

verifyAttributes()

Verify attributes against the given attribute spec TODO: when this method's design is finalized