func generateKey() primitives.PrivateKey { kg, _ := newKeyGenerator() kgparams, _ := newKeyGeneratorParameter(rand.Reader, primitives.GetDefaultCurve()) kg.Init(kgparams) privKey, _ := kg.GenerateKey() return privKey }
func newKeyGeneratorFromCurve(r io.Reader, curve elliptic.Curve) (primitives.KeyGenerator, error) { if r == nil { r = rand.Reader } if curve == nil { curve = primitives.GetDefaultCurve() } kg, err := newKeyGenerator() if err != nil { return nil, err } kgp, err := newKeyGeneratorParameter(r, curve) if err != nil { return nil, err } err = kg.Init(kgp) if err != nil { return nil, err } return kg, nil }
func (ca *CA) createCAKeyPair(name string) *ecdsa.PrivateKey { caLogger.Debug("Creating CA key pair.") curve := primitives.GetDefaultCurve() priv, err := ecdsa.GenerateKey(curve, rand.Reader) if err == nil { raw, _ := x509.MarshalECPrivateKey(priv) cooked := pem.EncodeToMemory( &pem.Block{ Type: "ECDSA PRIVATE KEY", Bytes: raw, }) err = ioutil.WriteFile(ca.path+"/"+name+".priv", cooked, 0644) if err != nil { caLogger.Panic(err) } raw, _ = x509.MarshalPKIXPublicKey(&priv.PublicKey) cooked = pem.EncodeToMemory( &pem.Block{ Type: "ECDSA PUBLIC KEY", Bytes: raw, }) err = ioutil.WriteFile(ca.path+"/"+name+".pub", cooked, 0644) if err != nil { caLogger.Panic(err) } } if err != nil { caLogger.Panic(err) } return priv }
func newPrivateKey(r io.Reader, curve elliptic.Curve) (primitives.PrivateKey, error) { if r == nil { r = rand.Reader } if curve == nil { curve = primitives.GetDefaultCurve() } kg, err := newKeyGeneratorFromCurve(r, curve) if err != nil { return nil, err } return kg.GenerateKey() }
func TestMain(m *testing.M) { setupTestConfig() curve := primitives.GetDefaultCurve() fmt.Printf("Default Curve %v \n", curve) // Init PKI initPKI() go startPKI() defer cleanup() time.Sleep(time.Second * 10) fmt.Println("Running tests....") ret := m.Run() fmt.Println("End running tests....") cleanupFiles() os.Exit(ret) }
func TestKG(t *testing.T) { kg, err := newKeyGenerator() if err != nil { t.Fatal(err) } kgparams, err := newKeyGeneratorParameter(rand.Reader, primitives.GetDefaultCurve()) if err != nil { t.Fatal(err) } err = kg.Init(kgparams) if err != nil { t.Fatal(err) } privKey, err := kg.GenerateKey() if err != nil { t.Fatal(err) } if privKey == nil { t.Fatal("Private Key is nil") } }
func (spi *spiImpl) NewDefaultPrivateKey(r io.Reader) (primitives.PrivateKey, error) { return spi.NewPrivateKey(r, primitives.GetDefaultCurve()) }
func (client *clientImpl) encryptTxVersion1_2(tx *obc.Transaction) error { // Create (PK_C,SK_C) pair ccPrivateKey, err := client.eciesSPI.NewPrivateKey(rand.Reader, primitives.GetDefaultCurve()) if err != nil { client.Errorf("Failed generate chaincode keypair: [%s]", err) return err } // Prepare message to the validators var ( stateKey []byte privBytes []byte ) switch tx.Type { case obc.Transaction_CHAINCODE_DEPLOY: // Prepare chaincode stateKey and privateKey stateKey, err = primitives.GenAESKey() if err != nil { client.Errorf("Failed creating state key: [%s]", err) return err } privBytes, err = client.eciesSPI.SerializePrivateKey(ccPrivateKey) if err != nil { client.Errorf("Failed serializing chaincode key: [%s]", err) return err } break case obc.Transaction_CHAINCODE_QUERY: // Prepare chaincode stateKey and privateKey stateKey = primitives.HMACAESTruncated(client.queryStateKey, append([]byte{6}, tx.Nonce...)) privBytes, err = client.eciesSPI.SerializePrivateKey(ccPrivateKey) if err != nil { client.Errorf("Failed serializing chaincode key: [%s]", err) return err } break case obc.Transaction_CHAINCODE_INVOKE: // Prepare chaincode stateKey and privateKey stateKey = make([]byte, 0) privBytes, err = client.eciesSPI.SerializePrivateKey(ccPrivateKey) if err != nil { client.Errorf("Failed serializing chaincode key: [%s]", err) return err } break } // Encrypt message to the validators cipher, err := client.eciesSPI.NewAsymmetricCipherFromPublicKey(client.chainPublicKey) if err != nil { client.Errorf("Failed creating new encryption scheme: [%s]", err) return err } msgToValidators, err := asn1.Marshal(chainCodeValidatorMessage1_2{privBytes, stateKey}) if err != nil { client.Errorf("Failed preparing message to the validators: [%s]", err) return err } encMsgToValidators, err := cipher.Process(msgToValidators) if err != nil { client.Errorf("Failed encrypting message to the validators: [%s]", err) return err } tx.ToValidators = encMsgToValidators // Encrypt the rest of the fields // Init with chainccode pk cipher, err = client.eciesSPI.NewAsymmetricCipherFromPublicKey(ccPrivateKey.GetPublicKey()) if err != nil { client.Errorf("Failed initiliazing encryption scheme: [%s]", err) return err } // Encrypt chaincodeID using pkC encryptedChaincodeID, err := cipher.Process(tx.ChaincodeID) if err != nil { client.Errorf("Failed encrypting chaincodeID: [%s]", err) return err } tx.ChaincodeID = encryptedChaincodeID // Encrypt payload using pkC encryptedPayload, err := cipher.Process(tx.Payload) if err != nil { client.Errorf("Failed encrypting payload: [%s]", err) return err } tx.Payload = encryptedPayload // Encrypt metadata using pkC if len(tx.Metadata) != 0 { encryptedMetadata, err := cipher.Process(tx.Metadata) if err != nil { client.Errorf("Failed encrypting metadata: [%s]", err) return err } tx.Metadata = encryptedMetadata } return nil }
// NewECA sets up a new ECA. // func NewECA() *ECA { eca := &ECA{NewCA("eca", initializeECATables), nil, nil, nil} { // read or create global symmetric encryption key var cooked string raw, err := ioutil.ReadFile(eca.path + "/obc.aes") if err != nil { rand := rand.Reader key := make([]byte, 32) // AES-256 rand.Read(key) cooked = base64.StdEncoding.EncodeToString(key) err = ioutil.WriteFile(eca.path+"/obc.aes", []byte(cooked), 0644) if err != nil { Panic.Panicln(err) } } else { cooked = string(raw) } eca.obcKey, err = base64.StdEncoding.DecodeString(cooked) if err != nil { Panic.Panicln(err) } } { // read or create global ECDSA key pair for ECIES var priv *ecdsa.PrivateKey cooked, err := ioutil.ReadFile(eca.path + "/obc.ecies") if err == nil { block, _ := pem.Decode(cooked) priv, err = x509.ParseECPrivateKey(block.Bytes) if err != nil { Panic.Panicln(err) } } else { priv, err = ecdsa.GenerateKey(primitives.GetDefaultCurve(), rand.Reader) if err != nil { Panic.Panicln(err) } raw, _ := x509.MarshalECPrivateKey(priv) cooked = pem.EncodeToMemory( &pem.Block{ Type: "ECDSA PRIVATE KEY", Bytes: raw, }) err := ioutil.WriteFile(eca.path+"/obc.ecies", cooked, 0644) if err != nil { Panic.Panicln(err) } } eca.obcPriv = cooked raw, _ := x509.MarshalPKIXPublicKey(&priv.PublicKey) eca.obcPub = pem.EncodeToMemory( &pem.Block{ Type: "ECDSA PUBLIC KEY", Bytes: raw, }) } eca.populateAffiliationGroupsTable() eca.populateUsersTable() return eca }
func TestSPI(t *testing.T) { spi := NewSPI() ecdsaKey, err := ecdsa.GenerateKey(primitives.GetDefaultCurve(), rand.Reader) var a interface{} a = ecdsaKey switch t := a.(type) { case *ecdsa.PrivateKey: fmt.Printf("a2 [%s]\n", t) break case elliptic.Curve: fmt.Printf("a1 [%s]\n", t) break default: fmt.Printf("a3 [%s]\n", t) } fmt.Printf("[%s]\n", ecdsaKey) if err != nil { t.Fatal(err) } _, err = x509.MarshalECPrivateKey(ecdsaKey) if err != nil { t.Fatal(err) } fmt.Printf("[%s]\n", ecdsaKey) privateKey, err := spi.NewPrivateKey(nil, ecdsaKey) if err != nil { t.Fatal(err) } fmt.Printf("[%s]\n", privateKey.(*secretKeyImpl).priv) _, err = x509.MarshalECPrivateKey(privateKey.(*secretKeyImpl).priv) if err != nil { t.Fatal(err) } rawKey, err := spi.SerializePrivateKey(privateKey) if err != nil { t.Fatal(err) } privateKey, err = spi.DeserializePrivateKey(rawKey) if err != nil { t.Fatal(err) } // Encrypt cipher, err := spi.NewAsymmetricCipherFromPublicKey(privateKey.GetPublicKey()) if err != nil { t.Fatal(err) } msg := []byte("Hello World!!!") ct, err := cipher.Process(msg) if err != nil { t.Fatal(err) } // Decrypt cipher, err = spi.NewAsymmetricCipherFromPrivateKey(privateKey) if err != nil { t.Fatal(err) } plain, err := cipher.Process(ct) if err != nil { t.Fatal(err) } if !reflect.DeepEqual(msg, plain) { t.Fatal("Decrypted different message") } }
// NewECDSAKey generates a new ECDSA Key func NewECDSAKey() (*ecdsa.PrivateKey, error) { return ecdsa.GenerateKey(primitives.GetDefaultCurve(), rand.Reader) }