//ReadAttributeHeader read the header of the attributes. func ReadAttributeHeader(tcert *x509.Certificate, headerKey []byte) (map[string]int, bool, error) { var err error var headerRaw []byte encrypted := false if headerRaw, err = primitives.GetCriticalExtension(tcert, TCertAttributesHeaders); err != nil { return nil, encrypted, err } headerStr := string(headerRaw) var header map[string]int header, err = ParseAttributesHeader(headerStr) if err != nil { if headerKey == nil { return nil, false, errors.New("Is not possible read an attribute encrypted without the headerKey") } headerRaw, err = DecryptAttributeValue(headerKey, headerRaw) if err != nil { return nil, encrypted, errors.New("error decrypting header value '" + err.Error() + "''") } headerStr = string(headerRaw) header, err = ParseAttributesHeader(headerStr) if err != nil { return nil, encrypted, err } encrypted = true } return header, encrypted, nil }
//ReadTCertAttributeByPosition read the attribute stored in the position "position" of the tcert. func ReadTCertAttributeByPosition(tcert *x509.Certificate, position int) ([]byte, error) { if position <= 0 { return nil, fmt.Errorf("Invalid attribute position. Received [%v]", position) } oid := asn1.ObjectIdentifier{1, 2, 3, 4, 5, 6, 9 + position} value, err := primitives.GetCriticalExtension(tcert, oid) if err != nil { return nil, err } return value, nil }
func (peer *peerImpl) getEnrollmentCertByHashFromECA(id []byte) ([]byte, []byte, error) { // Prepare the request peer.Debugf("Reading certificate for hash [% x]", id) req := &membersrvc.Hash{Hash: id} response, err := peer.callECAReadCertificateByHash(context.Background(), req) if err != nil { peer.Errorf("Failed requesting enrollment certificate [%s].", err.Error()) return nil, nil, err } peer.Debugf("Certificate for hash [% x] = [% x][% x]", id, response.Sign, response.Enc) // Verify response.Sign x509Cert, err := primitives.DERToX509Certificate(response.Sign) if err != nil { peer.Errorf("Failed parsing signing enrollment certificate for encrypting: [%s]", err) return nil, nil, err } // Check role roleRaw, err := primitives.GetCriticalExtension(x509Cert, ECertSubjectRole) if err != nil { peer.Errorf("Failed parsing ECertSubjectRole in enrollment certificate for signing: [%s]", err) return nil, nil, err } role, err := strconv.ParseInt(string(roleRaw), 10, len(roleRaw)*8) if err != nil { peer.Errorf("Failed parsing ECertSubjectRole in enrollment certificate for signing: [%s]", err) return nil, nil, err } if membersrvc.Role(role) != membersrvc.Role_VALIDATOR && membersrvc.Role(role) != membersrvc.Role_PEER { peer.Errorf("Invalid ECertSubjectRole in enrollment certificate for signing. Not a validator or peer: [%s]", err) return nil, nil, err } return response.Sign, response.Enc, nil }
//helper function for multiple tests func enrollUser(user *User) error { ecap := &ECAP{eca} // Phase 1 of the protocol: Generate crypto material signPriv, err := primitives.NewECDSAKey() user.enrollPrivKey = signPriv if err != nil { return err } signPub, err := x509.MarshalPKIXPublicKey(&signPriv.PublicKey) if err != nil { return err } encPriv, err := primitives.NewECDSAKey() if err != nil { return err } encPub, err := x509.MarshalPKIXPublicKey(&encPriv.PublicKey) if err != nil { return err } req := &pb.ECertCreateReq{ Ts: &google_protobuf.Timestamp{Seconds: time.Now().Unix(), Nanos: 0}, Id: &pb.Identity{Id: user.enrollID}, Tok: &pb.Token{Tok: user.enrollPwd}, Sign: &pb.PublicKey{Type: pb.CryptoType_ECDSA, Key: signPub}, Enc: &pb.PublicKey{Type: pb.CryptoType_ECDSA, Key: encPub}, Sig: nil} resp, err := ecap.CreateCertificatePair(context.Background(), req) if err != nil { return err } //Phase 2 of the protocol spi := ecies.NewSPI() eciesKey, err := spi.NewPrivateKey(nil, encPriv) if err != nil { return err } ecies, err := spi.NewAsymmetricCipherFromPublicKey(eciesKey) if err != nil { return err } out, err := ecies.Process(resp.Tok.Tok) if err != nil { return err } req.Tok.Tok = out req.Sig = nil hash := primitives.NewHash() raw, _ := proto.Marshal(req) hash.Write(raw) r, s, err := ecdsa.Sign(rand.Reader, signPriv, hash.Sum(nil)) if err != nil { return err } R, _ := r.MarshalText() S, _ := s.MarshalText() req.Sig = &pb.Signature{Type: pb.CryptoType_ECDSA, R: R, S: S} resp, err = ecap.CreateCertificatePair(context.Background(), req) if err != nil { return err } // Verify we got valid crypto material back x509SignCert, err := primitives.DERToX509Certificate(resp.Certs.Sign) if err != nil { return err } _, err = primitives.GetCriticalExtension(x509SignCert, ECertSubjectRole) if err != nil { return err } x509EncCert, err := primitives.DERToX509Certificate(resp.Certs.Enc) if err != nil { return err } _, err = primitives.GetCriticalExtension(x509EncCert, ECertSubjectRole) if err != nil { return err } return nil }
func (node *nodeImpl) getEnrollmentCertificateFromECA(id, pw string) (interface{}, []byte, []byte, error) { // Get a new ECA Client sock, ecaP, err := node.getECAClient() defer sock.Close() // Run the protocol signPriv, err := primitives.NewECDSAKey() if err != nil { node.Errorf("Failed generating ECDSA key [%s].", err.Error()) return nil, nil, nil, err } signPub, err := x509.MarshalPKIXPublicKey(&signPriv.PublicKey) if err != nil { node.Errorf("Failed mashalling ECDSA key [%s].", err.Error()) return nil, nil, nil, err } encPriv, err := primitives.NewECDSAKey() if err != nil { node.Errorf("Failed generating Encryption key [%s].", err.Error()) return nil, nil, nil, err } encPub, err := x509.MarshalPKIXPublicKey(&encPriv.PublicKey) if err != nil { node.Errorf("Failed marshalling Encryption key [%s].", err.Error()) return nil, nil, nil, err } req := &membersrvc.ECertCreateReq{ Ts: ×tamp.Timestamp{Seconds: time.Now().Unix(), Nanos: 0}, Id: &membersrvc.Identity{Id: id}, Tok: &membersrvc.Token{Tok: []byte(pw)}, Sign: &membersrvc.PublicKey{Type: membersrvc.CryptoType_ECDSA, Key: signPub}, Enc: &membersrvc.PublicKey{Type: membersrvc.CryptoType_ECDSA, Key: encPub}, Sig: nil} resp, err := ecaP.CreateCertificatePair(context.Background(), req) if err != nil { node.Errorf("Failed invoking CreateCertficatePair [%s].", err.Error()) return nil, nil, nil, err } if resp.FetchResult != nil && resp.FetchResult.Status != membersrvc.FetchAttrsResult_SUCCESS { node.Warning(resp.FetchResult.Msg) } //out, err := rsa.DecryptPKCS1v15(rand.Reader, encPriv, resp.Tok.Tok) spi := ecies.NewSPI() eciesKey, err := spi.NewPrivateKey(nil, encPriv) if err != nil { node.Errorf("Failed parsing decrypting key [%s].", err.Error()) return nil, nil, nil, err } ecies, err := spi.NewAsymmetricCipherFromPublicKey(eciesKey) if err != nil { node.Errorf("Failed creating asymmetrinc cipher [%s].", err.Error()) return nil, nil, nil, err } out, err := ecies.Process(resp.Tok.Tok) if err != nil { node.Errorf("Failed decrypting toke [%s].", err.Error()) return nil, nil, nil, err } req.Tok.Tok = out req.Sig = nil hash := primitives.NewHash() raw, _ := proto.Marshal(req) hash.Write(raw) r, s, err := ecdsa.Sign(rand.Reader, signPriv, hash.Sum(nil)) if err != nil { node.Errorf("Failed signing [%s].", err.Error()) return nil, nil, nil, err } R, _ := r.MarshalText() S, _ := s.MarshalText() req.Sig = &membersrvc.Signature{Type: membersrvc.CryptoType_ECDSA, R: R, S: S} resp, err = ecaP.CreateCertificatePair(context.Background(), req) if err != nil { node.Errorf("Failed invoking CreateCertificatePair [%s].", err.Error()) return nil, nil, nil, err } // Verify response // Verify cert for signing node.Debugf("Enrollment certificate for signing [% x]", primitives.Hash(resp.Certs.Sign)) x509SignCert, err := primitives.DERToX509Certificate(resp.Certs.Sign) if err != nil { node.Errorf("Failed parsing signing enrollment certificate for signing: [%s]", err) return nil, nil, nil, err } _, err = primitives.GetCriticalExtension(x509SignCert, ECertSubjectRole) if err != nil { node.Errorf("Failed parsing ECertSubjectRole in enrollment certificate for signing: [%s]", err) return nil, nil, nil, err } err = primitives.CheckCertAgainstSKAndRoot(x509SignCert, signPriv, node.ecaCertPool) if err != nil { node.Errorf("Failed checking signing enrollment certificate for signing: [%s]", err) return nil, nil, nil, err } // Verify cert for encrypting node.Debugf("Enrollment certificate for encrypting [% x]", primitives.Hash(resp.Certs.Enc)) x509EncCert, err := primitives.DERToX509Certificate(resp.Certs.Enc) if err != nil { node.Errorf("Failed parsing signing enrollment certificate for encrypting: [%s]", err) return nil, nil, nil, err } _, err = primitives.GetCriticalExtension(x509EncCert, ECertSubjectRole) if err != nil { node.Errorf("Failed parsing ECertSubjectRole in enrollment certificate for encrypting: [%s]", err) return nil, nil, nil, err } err = primitives.CheckCertAgainstSKAndRoot(x509EncCert, encPriv, node.ecaCertPool) if err != nil { node.Errorf("Failed checking signing enrollment certificate for encrypting: [%s]", err) return nil, nil, nil, err } return signPriv, resp.Certs.Sign, resp.Pkchain, nil }
func (client *clientImpl) getTCertFromExternalDER(der []byte) (tCert, error) { // DER to x509 x509Cert, err := primitives.DERToX509Certificate(der) if err != nil { client.Debugf("Failed parsing certificate [% x]: [%s].", der, err) return nil, err } // Handle Critical Extension TCertEncTCertIndex tCertIndexCT, err := primitives.GetCriticalExtension(x509Cert, primitives.TCertEncTCertIndex) if err != nil { client.Errorf("Failed getting extension TCERT_ENC_TCERTINDEX [% x]: [%s].", der, err) return nil, err } // Handle Critical Extension TCertEncEnrollmentID TODO validate encEnrollmentID _, err = primitives.GetCriticalExtension(x509Cert, primitives.TCertEncEnrollmentID) if err != nil { client.Errorf("Failed getting extension TCERT_ENC_ENROLLMENT_ID [%s].", err.Error()) return nil, err } // Handle Critical Extension TCertAttributes // for i := 0; i < len(x509Cert.Extensions) - 2; i++ { // attributeExtensionIdentifier := append(utils.TCertEncAttributesBase, i + 9) // _ , err = utils.GetCriticalExtension(x509Cert, attributeExtensionIdentifier) // if err != nil { // client.Errorf("Failed getting extension TCERT_ATTRIBUTE_%s [%s].", i, err.Error()) // // return nil, err // } // } // Verify certificate against root if _, err := primitives.CheckCertAgainRoot(x509Cert, client.tcaCertPool); err != nil { client.Warningf("Warning verifing certificate [% x]: [%s].", der, err) return nil, err } // Try to extract the signing key from the TCert by decrypting the TCertIndex // 384-bit ExpansionValue = HMAC(Expansion_Key, TCertIndex) // Let TCertIndex = Timestamp, RandValue, 1,2,… // Timestamp assigned, RandValue assigned and counter reinitialized to 1 per batch // Decrypt ct to TCertIndex (TODO: || EnrollPub_Key || EnrollID ?) TCertOwnerEncryptKey := primitives.HMACAESTruncated(client.tCertOwnerKDFKey, []byte{1}) ExpansionKey := primitives.HMAC(client.tCertOwnerKDFKey, []byte{2}) pt, err := primitives.CBCPKCS7Decrypt(TCertOwnerEncryptKey, tCertIndexCT) if err == nil { // Compute ExpansionValue based on TCertIndex TCertIndex := pt // TCertIndex := []byte(strconv.Itoa(i)) // TODO: verify that TCertIndex has right format. client.Debugf("TCertIndex: [% x].", TCertIndex) mac := hmac.New(primitives.NewHash, ExpansionKey) mac.Write(TCertIndex) ExpansionValue := mac.Sum(nil) // Derive tpk and tsk accordingly to ExpansionValue from enrollment pk,sk // Computable by TCA / Auditor: TCertPub_Key = EnrollPub_Key + ExpansionValue G // using elliptic curve point addition per NIST FIPS PUB 186-4- specified P-384 // Compute temporary secret key tempSK := &ecdsa.PrivateKey{ PublicKey: ecdsa.PublicKey{ Curve: client.enrollPrivKey.Curve, X: new(big.Int), Y: new(big.Int), }, D: new(big.Int), } var k = new(big.Int).SetBytes(ExpansionValue) var one = new(big.Int).SetInt64(1) n := new(big.Int).Sub(client.enrollPrivKey.Params().N, one) k.Mod(k, n) k.Add(k, one) tempSK.D.Add(client.enrollPrivKey.D, k) tempSK.D.Mod(tempSK.D, client.enrollPrivKey.PublicKey.Params().N) // Compute temporary public key tempX, tempY := client.enrollPrivKey.PublicKey.ScalarBaseMult(k.Bytes()) tempSK.PublicKey.X, tempSK.PublicKey.Y = tempSK.PublicKey.Add( client.enrollPrivKey.PublicKey.X, client.enrollPrivKey.PublicKey.Y, tempX, tempY, ) // Verify temporary public key is a valid point on the reference curve isOn := tempSK.Curve.IsOnCurve(tempSK.PublicKey.X, tempSK.PublicKey.Y) if !isOn { client.Warning("Failed temporary public key IsOnCurve check. This is an foreign certificate.") return &tCertImpl{client, x509Cert, nil, []byte{}}, nil } // Check that the derived public key is the same as the one in the certificate certPK := x509Cert.PublicKey.(*ecdsa.PublicKey) if certPK.X.Cmp(tempSK.PublicKey.X) != 0 { client.Warning("Derived public key is different on X. This is an foreign certificate.") return &tCertImpl{client, x509Cert, nil, []byte{}}, nil } if certPK.Y.Cmp(tempSK.PublicKey.Y) != 0 { client.Warning("Derived public key is different on Y. This is an foreign certificate.") return &tCertImpl{client, x509Cert, nil, []byte{}}, nil } // Verify the signing capability of tempSK err = primitives.VerifySignCapability(tempSK, x509Cert.PublicKey) if err != nil { client.Warning("Failed verifing signing capability [%s]. This is an foreign certificate.", err.Error()) return &tCertImpl{client, x509Cert, nil, []byte{}}, nil } // Marshall certificate and secret key to be stored in the database if err != nil { client.Warningf("Failed marshalling private key [%s]. This is an foreign certificate.", err.Error()) return &tCertImpl{client, x509Cert, nil, []byte{}}, nil } if err = primitives.CheckCertPKAgainstSK(x509Cert, interface{}(tempSK)); err != nil { client.Warningf("Failed checking TCA cert PK against private key [%s]. This is an foreign certificate.", err.Error()) return &tCertImpl{client, x509Cert, nil, []byte{}}, nil } return &tCertImpl{client, x509Cert, tempSK, []byte{}}, nil } client.Warningf("Failed decrypting extension TCERT_ENC_TCERTINDEX [%s]. This is an foreign certificate.", err.Error()) return &tCertImpl{client, x509Cert, nil, []byte{}}, nil }
func (client *clientImpl) getTCertsFromTCA(attrhash string, attributes []string, num int) error { client.Debugf("Get [%d] certificates from the TCA...", num) // Contact the TCA TCertOwnerKDFKey, certDERs, err := client.callTCACreateCertificateSet(num, attributes) if err != nil { client.Debugf("Failed contacting TCA [%s].", err.Error()) return err } // client.debug("TCertOwnerKDFKey [%s].", utils.EncodeBase64(TCertOwnerKDFKey)) // Store TCertOwnerKDFKey and checks that every time it is always the same key if client.tCertOwnerKDFKey != nil { // Check that the keys are the same equal := bytes.Equal(client.tCertOwnerKDFKey, TCertOwnerKDFKey) if !equal { return errors.New("Failed reciving kdf key from TCA. The keys are different.") } } else { client.tCertOwnerKDFKey = TCertOwnerKDFKey // TODO: handle this situation more carefully if err := client.storeTCertOwnerKDFKey(); err != nil { client.Errorf("Failed storing TCertOwnerKDFKey [%s].", err.Error()) return err } } // Validate the Certificates obtained TCertOwnerEncryptKey := primitives.HMACAESTruncated(client.tCertOwnerKDFKey, []byte{1}) ExpansionKey := primitives.HMAC(client.tCertOwnerKDFKey, []byte{2}) j := 0 for i := 0; i < num; i++ { // DER to x509 x509Cert, err := primitives.DERToX509Certificate(certDERs[i].Cert) prek0 := certDERs[i].Prek0 if err != nil { client.Debugf("Failed parsing certificate [% x]: [%s].", certDERs[i].Cert, err) continue } // Handle Critical Extenstion TCertEncTCertIndex tCertIndexCT, err := primitives.GetCriticalExtension(x509Cert, primitives.TCertEncTCertIndex) if err != nil { client.Errorf("Failed getting extension TCERT_ENC_TCERTINDEX [% x]: [%s].", primitives.TCertEncTCertIndex, err) continue } // Verify certificate against root if _, err := primitives.CheckCertAgainRoot(x509Cert, client.tcaCertPool); err != nil { client.Warningf("Warning verifing certificate [%s].", err.Error()) continue } // Verify public key // 384-bit ExpansionValue = HMAC(Expansion_Key, TCertIndex) // Let TCertIndex = Timestamp, RandValue, 1,2,… // Timestamp assigned, RandValue assigned and counter reinitialized to 1 per batch // Decrypt ct to TCertIndex (TODO: || EnrollPub_Key || EnrollID ?) pt, err := primitives.CBCPKCS7Decrypt(TCertOwnerEncryptKey, tCertIndexCT) if err != nil { client.Errorf("Failed decrypting extension TCERT_ENC_TCERTINDEX [%s].", err.Error()) continue } // Compute ExpansionValue based on TCertIndex TCertIndex := pt // TCertIndex := []byte(strconv.Itoa(i)) client.Debugf("TCertIndex: [% x].", TCertIndex) mac := hmac.New(primitives.NewHash, ExpansionKey) mac.Write(TCertIndex) ExpansionValue := mac.Sum(nil) // Derive tpk and tsk accordingly to ExpansionValue from enrollment pk,sk // Computable by TCA / Auditor: TCertPub_Key = EnrollPub_Key + ExpansionValue G // using elliptic curve point addition per NIST FIPS PUB 186-4- specified P-384 // Compute temporary secret key tempSK := &ecdsa.PrivateKey{ PublicKey: ecdsa.PublicKey{ Curve: client.enrollPrivKey.Curve, X: new(big.Int), Y: new(big.Int), }, D: new(big.Int), } var k = new(big.Int).SetBytes(ExpansionValue) var one = new(big.Int).SetInt64(1) n := new(big.Int).Sub(client.enrollPrivKey.Params().N, one) k.Mod(k, n) k.Add(k, one) tempSK.D.Add(client.enrollPrivKey.D, k) tempSK.D.Mod(tempSK.D, client.enrollPrivKey.PublicKey.Params().N) // Compute temporary public key tempX, tempY := client.enrollPrivKey.PublicKey.ScalarBaseMult(k.Bytes()) tempSK.PublicKey.X, tempSK.PublicKey.Y = tempSK.PublicKey.Add( client.enrollPrivKey.PublicKey.X, client.enrollPrivKey.PublicKey.Y, tempX, tempY, ) // Verify temporary public key is a valid point on the reference curve isOn := tempSK.Curve.IsOnCurve(tempSK.PublicKey.X, tempSK.PublicKey.Y) if !isOn { client.Error("Failed temporary public key IsOnCurve check.") continue } // Check that the derived public key is the same as the one in the certificate certPK := x509Cert.PublicKey.(*ecdsa.PublicKey) if certPK.X.Cmp(tempSK.PublicKey.X) != 0 { client.Error("Derived public key is different on X") continue } if certPK.Y.Cmp(tempSK.PublicKey.Y) != 0 { client.Error("Derived public key is different on Y") continue } // Verify the signing capability of tempSK err = primitives.VerifySignCapability(tempSK, x509Cert.PublicKey) if err != nil { client.Errorf("Failed verifing signing capability [%s].", err.Error()) continue } // Marshall certificate and secret key to be stored in the database if err != nil { client.Errorf("Failed marshalling private key [%s].", err.Error()) continue } if err := primitives.CheckCertPKAgainstSK(x509Cert, interface{}(tempSK)); err != nil { client.Errorf("Failed checking TCA cert PK against private key [%s].", err.Error()) continue } client.Debugf("Sub index [%d]", j) j++ client.Debugf("Certificate [%d] validated.", i) prek0Cp := make([]byte, len(prek0)) copy(prek0Cp, prek0) tcertBlk := new(TCertBlock) tcertBlk.tCert = &tCertImpl{client, x509Cert, tempSK, prek0Cp} tcertBlk.attributesHash = attrhash client.tCertPool.AddTCert(tcertBlk) } if j == 0 { client.Error("No valid TCert was sent") return errors.New("No valid TCert was sent.") } return nil }
func (client *clientImpl) getTCertFromDER(certBlk *TCertDBBlock) (certBlock *TCertBlock, err error) { if client.tCertOwnerKDFKey == nil { return nil, fmt.Errorf("KDF key not initialized yet") } TCertOwnerEncryptKey := primitives.HMACAESTruncated(client.tCertOwnerKDFKey, []byte{1}) ExpansionKey := primitives.HMAC(client.tCertOwnerKDFKey, []byte{2}) // DER to x509 x509Cert, err := primitives.DERToX509Certificate(certBlk.tCertDER) if err != nil { client.Debugf("Failed parsing certificate [% x]: [%s].", certBlk.tCertDER, err) return } // Handle Critical Extenstion TCertEncTCertIndex tCertIndexCT, err := primitives.GetCriticalExtension(x509Cert, primitives.TCertEncTCertIndex) if err != nil { client.Errorf("Failed getting extension TCERT_ENC_TCERTINDEX [%v].", err.Error()) return } // Verify certificate against root if _, err = primitives.CheckCertAgainRoot(x509Cert, client.tcaCertPool); err != nil { client.Warningf("Warning verifing certificate [%s].", err.Error()) return } // Verify public key // 384-bit ExpansionValue = HMAC(Expansion_Key, TCertIndex) // Let TCertIndex = Timestamp, RandValue, 1,2,… // Timestamp assigned, RandValue assigned and counter reinitialized to 1 per batch // Decrypt ct to TCertIndex (TODO: || EnrollPub_Key || EnrollID ?) pt, err := primitives.CBCPKCS7Decrypt(TCertOwnerEncryptKey, tCertIndexCT) if err != nil { client.Errorf("Failed decrypting extension TCERT_ENC_TCERTINDEX [%s].", err.Error()) return } // Compute ExpansionValue based on TCertIndex TCertIndex := pt // TCertIndex := []byte(strconv.Itoa(i)) client.Debugf("TCertIndex: [% x].", TCertIndex) mac := hmac.New(primitives.NewHash, ExpansionKey) mac.Write(TCertIndex) ExpansionValue := mac.Sum(nil) // Derive tpk and tsk accordingly to ExpansionValue from enrollment pk,sk // Computable by TCA / Auditor: TCertPub_Key = EnrollPub_Key + ExpansionValue G // using elliptic curve point addition per NIST FIPS PUB 186-4- specified P-384 // Compute temporary secret key tempSK := &ecdsa.PrivateKey{ PublicKey: ecdsa.PublicKey{ Curve: client.enrollPrivKey.Curve, X: new(big.Int), Y: new(big.Int), }, D: new(big.Int), } var k = new(big.Int).SetBytes(ExpansionValue) var one = new(big.Int).SetInt64(1) n := new(big.Int).Sub(client.enrollPrivKey.Params().N, one) k.Mod(k, n) k.Add(k, one) tempSK.D.Add(client.enrollPrivKey.D, k) tempSK.D.Mod(tempSK.D, client.enrollPrivKey.PublicKey.Params().N) // Compute temporary public key tempX, tempY := client.enrollPrivKey.PublicKey.ScalarBaseMult(k.Bytes()) tempSK.PublicKey.X, tempSK.PublicKey.Y = tempSK.PublicKey.Add( client.enrollPrivKey.PublicKey.X, client.enrollPrivKey.PublicKey.Y, tempX, tempY, ) // Verify temporary public key is a valid point on the reference curve isOn := tempSK.Curve.IsOnCurve(tempSK.PublicKey.X, tempSK.PublicKey.Y) if !isOn { client.Error("Failed temporary public key IsOnCurve check.") return nil, fmt.Errorf("Failed temporary public key IsOnCurve check.") } // Check that the derived public key is the same as the one in the certificate certPK := x509Cert.PublicKey.(*ecdsa.PublicKey) if certPK.X.Cmp(tempSK.PublicKey.X) != 0 { client.Error("Derived public key is different on X") return nil, fmt.Errorf("Derived public key is different on X") } if certPK.Y.Cmp(tempSK.PublicKey.Y) != 0 { client.Error("Derived public key is different on Y") return nil, fmt.Errorf("Derived public key is different on Y") } // Verify the signing capability of tempSK err = primitives.VerifySignCapability(tempSK, x509Cert.PublicKey) if err != nil { client.Errorf("Failed verifing signing capability [%s].", err.Error()) return } // Marshall certificate and secret key to be stored in the database if err != nil { client.Errorf("Failed marshalling private key [%s].", err.Error()) return } if err = primitives.CheckCertPKAgainstSK(x509Cert, interface{}(tempSK)); err != nil { client.Errorf("Failed checking TCA cert PK against private key [%s].", err.Error()) return } certBlock = &TCertBlock{&tCertImpl{client, x509Cert, tempSK, certBlk.preK0}, certBlk.attributesHash} return }