Re: #hsm #fabric-sdk-node #fabric Admin user and HSM #hsm #fabric-sdk-node #fabric
|
Gari Singh <garis@...>
The Node, Java and Go SDKs all have the ability to use HSMs.
The Go SDK uses a similar config to the peer as it basically embeds the bccsp code. The Node SDK allows you to pass in a PKCS11 crypto suite: https://fabric-sdk-node.github.io/release-1.4/CryptoSuite_PKCS11.html The Java SDK definitely supports PKCS11 (I know people who use it with an HSM) but I don't really use Java so don't have the info handy. Hope this helps ----------------------------------------- Gari Singh Distinguished Engineer, CTO - IBM Blockchain IBM Middleware 550 King St Littleton, MA 01460 Cell: 978-846-7499 garis@... ----------------------------------------- -----fabric@... wrote: ----- To: fabric@... From: "Jean-Gaël Dominé" Sent by: fabric@... Date: 12/12/2019 08:24AM Subject: [EXTERNAL] Re: [Hyperledger Fabric] #hsm #fabric-sdk-node #fabric Admin user and HSM Thank you Gari for your quick reply. So from what I understand, since I created my admin user using the fabric-ca-client plugged to the HSM. If I configure the peer CLI command so that it uses the same PKCS11 configuration, it should be able to retrieve the private key in it in order to do the actions. Argh that means I need a docker image of the CLI with the HSM libs... Ok I'll test that Do you know if a similar thing is possible with the SDK? Because as far as I know, the SDK needs the admin user private key on the file system?
|
|
|