added possibility to name the user keys (#7)

pasquale95 · web-flow · commit c15db56a3382 · 2025-07-09T15:49:52.000+03:00
#### Type of change

- New feature

#### Description

This PR gives `cryptogen` to capability to create named certificates
for users within a peer organization, as it is currently done with the
`peers`.
Before this fix, it was impossible to specify the name of a user,
leading to the production of user crypto material that looked like:
```text
users/
  Admin@org1.example.com/
  User1@org1.example.com/
```
With this additional functionality, if the user specifies a user with a
Name:
```yaml
Users:
  Count: 1
  Specs:
    - Name: testuser
```
it will generate:
```text
users/
  Admin@org1.example.com/
  User1@org1.example.com/
  testuser@org1.example.com/
```
The possibility of giving names to the user credentials is crucial to
successfully handle the current deployment when using `cryptogen`, since
the Ansible scripts use the hostname to identify the path where to
locate the crypto material.

Signed-off-by: pco &lt;pasquale.convertini@ibm.com&gt;
diff --git a/cmd/cryptogen/main.go b/cmd/cryptogen/main.go
@@ -65,9 +65,15 @@ type NodeSpec struct {
 	PublicKeyAlgorithm string   `yaml:"PublicKeyAlgorithm"`
 }
 
+// UserSpec Contains User specifications needed to customize the crypto material generation.
+type UserSpec struct {
+	Name string `yaml:"Name"`
+}
+
 type UsersSpec struct {
-	Count              int    `yaml:"Count"`
-	PublicKeyAlgorithm string `yaml:"PublicKeyAlgorithm"`
+	Count              int        `yaml:"Count"`
+	PublicKeyAlgorithm string     `yaml:"PublicKeyAlgorithm"`
+	Specs              []UserSpec `yaml:"Specs"`
 }
 
 type OrgSpec struct {
@@ -209,6 +215,8 @@ PeerOrgs:
       Count: 1
     Users:
       Count: 1
+      Specs:
+        - Name: testuser
 `
 
 // command line flags
@@ -561,16 +569,20 @@ func generatePeerOrg(baseDir string, orgSpec OrgSpec) {
 	generateNodes(peersDir, orgSpec.Specs, signCA, tlsCA, msp.PEER, orgSpec.EnableNodeOUs)
 
 	publicKeyAlg := getPublicKeyAlg(orgSpec.Users.PublicKeyAlgorithm)
-	// TODO: add ability to specify usernames
-	users := []NodeSpec{}
-	for j := 1; j <= orgSpec.Users.Count; j++ {
-		user := NodeSpec{
-			CommonName:         fmt.Sprintf("%s%d@%s", userBaseName, j, orgName),
+	users := make([]NodeSpec, 0, len(orgSpec.Users.Specs)+orgSpec.Users.Count)
+	for _, s := range orgSpec.Users.Specs {
+		users = append(users, NodeSpec{
+			CommonName:         fmt.Sprintf("%s@%s", s.Name, orgName),
 			PublicKeyAlgorithm: publicKeyAlg,
-		}
-
-		users = append(users, user)
+		})
 	}
+	for j := range orgSpec.Users.Count {
+		users = append(users, NodeSpec{
+			CommonName:         fmt.Sprintf("%s%d@%s", userBaseName, j+1, orgName),
+			PublicKeyAlgorithm: publicKeyAlg,
+		})
+	}
+
 	// add an admin user
 	adminUser := NodeSpec{
 		isAdmin:            true,
