cfssl to generating certificates

Signed-off-by: Aditya Joshi <[email protected]>
hyperledger · Sep 27, 2023 · e63c7d5 · e63c7d5
1 parent 6e71f63
commit e63c7d5
Show file tree

Hide file tree

Showing 9 changed files with 469 additions and 0 deletions.
diff --git a/test-network/network.sh b/test-network/network.sh
@@ -90,6 +90,19 @@ function checkPrereqs() {
     fi
   done
 
+  ## check for cfssl binaries
+  if [ "$CRYPTO" == "cfssl" ]; then
+
+    cfssl version > /dev/null 2>&1
+    if [[ $? -ne 0 ]]; then
+      errorln "cfssl binary not found.."
+      errorln
+      errorln "Follow the instructions to install the cfssl and cfssljson binaries:"
+      errorln "https://github.com/cloudflare/cfssl#installation"
+      exit 1
+    fi
+  fi
+
   ## Check for fabric-ca
   if [ "$CRYPTO" == "Certificate Authorities" ]; then
 
@@ -182,6 +195,26 @@ function createOrgs() {
 
   fi
 
+  # Create crypto material using cfssl
+  if [ "$CRYPTO" == "cfssl" ]; then
+
+    . organizations/cfssl/registerEnroll.sh
+    #function_name cert-type   CN   org
+    peer_cert peer peer0.org1.example.com org1
+    peer_cert admin [email protected] org1
+
+    infoln "Creating Org2 Identities"
+    #function_name cert-type   CN   org
+    peer_cert peer peer0.org2.example.com org2
+    peer_cert admin [email protected] org2
+
+    infoln "Creating Orderer Org Identities"
+    #function_name cert-type   CN   
+    orderer_cert orderer orderer.example.com
+    orderer_cert admin [email protected]
+
+  fi 
+
   # Create crypto material using Fabric CA
   if [ "$CRYPTO" == "Certificate Authorities" ]; then
     infoln "Generating certificates using Fabric CA"
@@ -452,6 +485,9 @@ while [[ $# -ge 1 ]] ; do
   -ca )
     CRYPTO="Certificate Authorities"
     ;;
+  -cfssl )
+    CRYPTO="cfssl"
+    ;;
   -r )
     MAX_RETRY="$2"
     shift

diff --git a/test-network/organizations/cfssl/admin-csr-template.json b/test-network/organizations/cfssl/admin-csr-template.json
@@ -0,0 +1,22 @@
+{
+    "CN": "{USER}",
+    "key": {
+        "algo": "ecdsa",
+        "size": 256
+    },
+    "names": [
+        {
+            "C": "IN",
+            "ST": "Delhi",
+            "L": "Aero city",
+            "O": "cfssl",
+            "OU": "admin"
+        }
+    ],
+    "hosts": [
+        "{USER}",
+        "localhost",
+        "127.0.0.1",
+        "0.0.0.0"
+    ]
+}
diff --git a/test-network/organizations/cfssl/ca-orderer.json b/test-network/organizations/cfssl/ca-orderer.json
@@ -0,0 +1,21 @@
+{
+    "CN": "cfssl-orderer-ca",
+    "key": {
+        "algo": "ecdsa",
+        "size": 256
+    },
+    "names": [
+        {
+            "C": "IN",
+            "ST": "Delhi",
+            "L": "Aero city",
+            "O": "cfssl",
+            "OU": "client"
+        }
+    ],
+    "hosts": [
+        "localhost",
+        "127.0.0.1",
+        "0.0.0.0"
+    ]
+}
diff --git a/test-network/organizations/cfssl/ca-peer.json b/test-network/organizations/cfssl/ca-peer.json
@@ -0,0 +1,21 @@
+{
+    "CN": "cfssl-peer-ca",
+    "key": {
+        "algo": "ecdsa",
+        "size": 256
+    },
+    "names": [
+        {
+            "C": "IN",
+            "ST": "Delhi",
+            "L": "Aero city",
+            "O": "cfssl",
+            "OU": "Fabric"
+        }
+    ],
+    "hosts": [
+        "localhost",
+        "127.0.0.1",
+        "0.0.0.0"
+    ]
+}
diff --git a/test-network/organizations/cfssl/cert-signing-config.json b/test-network/organizations/cfssl/cert-signing-config.json
@@ -0,0 +1,27 @@
+{
+    "signing": {
+        "default": {
+            "expiry": "175200h"
+        },
+        "profiles": {
+            "sign": {
+                "usages": [
+                    "signing",
+                    "key encipherment",
+                    "cert sign",
+                    "digital signature"
+                ],
+                "expiry": "175200h"
+            },
+            "tls": {
+                "usages": [
+                    "signing",
+                    "key encipherment",
+                    "server auth",
+                    "client auth"
+                ],
+                "expiry": "175200h"
+            }
+        }
+    }
+}
diff --git a/test-network/organizations/cfssl/client-csr-template.json b/test-network/organizations/cfssl/client-csr-template.json
@@ -0,0 +1,22 @@
+{
+    "CN": "{USER}",
+    "key": {
+        "algo": "ecdsa",
+        "size": 256
+    },
+    "names": [
+        {
+            "C": "IN",
+            "ST": "Delhi",
+            "L": "Aero city",
+            "O": "cfssl",
+            "OU": "client"
+        }
+    ],
+    "hosts": [
+        "{USER}",
+        "localhost",
+        "127.0.0.1",
+        "0.0.0.0"
+    ]
+}
diff --git a/test-network/organizations/cfssl/orderer-csr-template.json b/test-network/organizations/cfssl/orderer-csr-template.json
@@ -0,0 +1,22 @@
+{
+    "CN": "{USER}",
+    "key": {
+        "algo": "ecdsa",
+        "size": 256
+    },
+    "names": [
+        {
+            "C": "IN",
+            "ST": "Delhi",
+            "L": "Aero city",
+            "O": "cfssl",
+            "OU": "orderer"
+        }
+    ],
+    "hosts": [
+        "{USER}",
+        "localhost",
+        "127.0.0.1",
+        "0.0.0.0"
+    ]
+}
diff --git a/test-network/organizations/cfssl/peer-csr-template.json b/test-network/organizations/cfssl/peer-csr-template.json
@@ -0,0 +1,22 @@
+{
+    "CN": "{USER}",
+    "key": {
+        "algo": "ecdsa",
+        "size": 256
+    },
+    "names": [
+        {
+            "C": "IN",
+            "ST": "Delhi",
+            "L": "Aero city",
+            "O": "cfssl",
+            "OU": "peer"
+        }
+    ],
+    "hosts": [
+        "{USER}",
+        "localhost",
+        "127.0.0.1",
+        "0.0.0.0"
+    ]
+}