func (ks *keyStore) loadPrivateKey(alias string) (interface{}, error) { path := ks.conf.getPathForAlias(alias) ks.log.Debug("Loading private key [%s] at [%s]...", alias, path) raw, err := ioutil.ReadFile(path) if err != nil { ks.log.Error("Failed loading private key [%s]: [%s].", alias, err.Error()) return nil, err } privateKey, err := utils.PEMtoPrivateKey(raw, ks.pwd) if err != nil { ks.log.Error("Failed parsing private key [%s]: [%s].", alias, err.Error()) return nil, err } return privateKey, nil }
func (node *nodeImpl) loadEnrollmentKey(pwd []byte) error { node.log.Debug("Loading enrollment key at [%s]...", node.conf.getEnrollmentKeyPath()) rawEnrollPrivKey, err := ioutil.ReadFile(node.conf.getEnrollmentKeyPath()) if err != nil { node.log.Error("Failed loading enrollment private key [%s].", err.Error()) return err } enrollPrivKey, err := utils.PEMtoPrivateKey(rawEnrollPrivKey, pwd) if err != nil { node.log.Error("Failed parsing enrollment private key [%s].", err.Error()) return err } node.enrollPrivKey = enrollPrivKey.(*ecdsa.PrivateKey) return nil }
func (node *nodeImpl) retrieveEnrollmentData(enrollID, enrollPWD string) error { key, enrollCertRaw, enrollChainKey, err := node.getEnrollmentCertificateFromECA(enrollID, enrollPWD) if err != nil { node.error("Failed getting enrollment certificate [id=%s]: [%s]", enrollID, err) return err } node.debug("Enrollment certificate [% x].", enrollCertRaw) node.debug("Storing enrollment data for user [%s]...", enrollID) // Store enrollment id err = ioutil.WriteFile(node.conf.getEnrollmentIDPath(), []byte(enrollID), 0700) if err != nil { node.error("Failed storing enrollment certificate [id=%s]: [%s]", enrollID, err) return err } // Store enrollment key if err := node.ks.storePrivateKey(node.conf.getEnrollmentKeyFilename(), key); err != nil { node.error("Failed storing enrollment key [id=%s]: [%s]", enrollID, err) return err } // Store enrollment cert if err := node.ks.storeCert(node.conf.getEnrollmentCertFilename(), enrollCertRaw); err != nil { node.error("Failed storing enrollment certificate [id=%s]: [%s]", enrollID, err) return err } // Code for confidentiality 1.1 //if err := node.ks.storeKey(node.conf.getEnrollmentChainKeyFilename(), enrollChainKey); err != nil { // node.error("Failed storing enrollment chain key [id=%s]: [%s]", enrollID, err) // return err // Code for confidentiality 1.2 // Store enrollment chain key if node.eType == NodeValidator { node.debug("Enrollment chain key for validator [%s]...", enrollID) // enrollChainKey is a secret key node.debug("key [%s]...", string(enrollChainKey)) key, err := utils.PEMtoPrivateKey(enrollChainKey, nil) if err != nil { node.error("Failed unmarshalling enrollment chain key [id=%s]: [%s]", enrollID, err) return err } if err := node.ks.storePrivateKey(node.conf.getEnrollmentChainKeyFilename(), key); err != nil { node.error("Failed storing enrollment chain key [id=%s]: [%s]", enrollID, err) return err } } else { node.debug("Enrollment chain key for non-validator [%s]...", enrollID) // enrollChainKey is a public key key, err := utils.PEMtoPublicKey(enrollChainKey, nil) if err != nil { node.error("Failed unmarshalling enrollment chain key [id=%s]: [%s]", enrollID, err) return err } node.debug("Key decoded from PEM [%s]...", enrollID) if err := node.ks.storePublicKey(node.conf.getEnrollmentChainKeyFilename(), key); err != nil { node.error("Failed storing enrollment chain key [id=%s]: [%s]", enrollID, err) return err } } return nil }