// CreateNonceOrPanic generates a nonce using the crypto/primitives package
// and panics if this operation fails.
func CreateNonceOrPanic() []byte {
	nonce, err := primitives.GetRandomNonce()
	if err != nil {
		panic(fmt.Errorf("Cannot generate random nonce: %s", err))
	return nonce
// CreateNonce generates a nonce using the crypto/primitives package.
func CreateNonce() ([]byte, error) {
	nonce, err := primitives.GetRandomNonce()
	if err != nil {
		return nil, fmt.Errorf("Cannot generate random nonce: %s", err)
	return nonce, nil
func (client *clientImpl) createTransactionNonce() ([]byte, error) {
	nonce, err := primitives.GetRandomNonce()
	if err != nil {
		client.error("Failed creating nonce [%s].", err.Error())
		return nil, err

	return nonce, err
func (client *clientImpl) registerCryptoEngine() (err error) {
	// Store query state key
	client.queryStateKey, err = primitives.GetRandomNonce()
	if err != nil {
		log.Error("Failed generating query state key: [%s].", err.Error())

	err = client.ks.storeKey(client.conf.getQueryStateKeyFilename(), client.queryStateKey)
	if err != nil {
		log.Error("Failed storing query state key: [%s].", err.Error())

func (client *clientImpl) createDeployTx(chaincodeDeploymentSpec *obc.ChaincodeDeploymentSpec, uuid string, nonce []byte, tCert tCert, attrs ...string) (*obc.Transaction, error) {
	// Create a new transaction
	tx, err := obc.NewChaincodeDeployTransaction(chaincodeDeploymentSpec, uuid)
	if err != nil {
		client.Errorf("Failed creating new transaction [%s].", err.Error())
		return nil, err

	// Copy metadata from ChaincodeSpec
	tx.Metadata, err = getMetadata(chaincodeDeploymentSpec.GetChaincodeSpec(), tCert, attrs...)
	if err != nil {
		client.Errorf("Failed creating new transaction [%s].", err.Error())
		return nil, err

	if nonce == nil {
		tx.Nonce, err = primitives.GetRandomNonce()
		if err != nil {
			client.Errorf("Failed creating nonce [%s].", err.Error())
			return nil, err
	} else {
		// TODO: check that it is a well formed nonce
		tx.Nonce = nonce

	// Handle confidentiality
	if chaincodeDeploymentSpec.ChaincodeSpec.ConfidentialityLevel == obc.ConfidentialityLevel_CONFIDENTIAL {
		// 1. set confidentiality level and nonce
		tx.ConfidentialityLevel = obc.ConfidentialityLevel_CONFIDENTIAL

		// 2. set confidentiality protocol version
		tx.ConfidentialityProtocolVersion = client.conf.GetConfidentialityProtocolVersion()

		// 3. encrypt tx
		err = client.encryptTx(tx)
		if err != nil {
			client.Errorf("Failed encrypting payload [%s].", err.Error())
			return nil, err


	return tx, nil
func (client *clientImpl) createExecuteTx(chaincodeInvocation *obc.ChaincodeInvocationSpec, uuid string, nonce []byte) (*obc.Transaction, error) {
	/// Create a new transaction
	tx, err := obc.NewChaincodeExecute(chaincodeInvocation, uuid, obc.Transaction_CHAINCODE_INVOKE)
	if err != nil {
		client.error("Failed creating new transaction [%s].", err.Error())
		return nil, err

	// Copy metadata from ChaincodeSpec
	tx.Metadata = chaincodeInvocation.ChaincodeSpec.Metadata

	if nonce == nil {
		tx.Nonce, err = primitives.GetRandomNonce()
		if err != nil {
			client.error("Failed creating nonce [%s].", err.Error())
			return nil, err
	} else {
		// TODO: check that it is a well formed nonce
		tx.Nonce = nonce

	// Handle confidentiality
	if chaincodeInvocation.ChaincodeSpec.ConfidentialityLevel == obc.ConfidentialityLevel_CONFIDENTIAL {
		// 1. set confidentiality level and nonce
		tx.ConfidentialityLevel = obc.ConfidentialityLevel_CONFIDENTIAL

		// 2. set confidentiality protocol version
		tx.ConfidentialityProtocolVersion = "1.2"

		// 3. encrypt tx
		err = client.encryptTx(tx)
		if err != nil {
			client.error("Failed encrypting payload [%s].", err.Error())
			return nil, err


	return tx, nil
// CreateChaincodeProposal creates a proposal from given input
func CreateChaincodeProposal(txid string, chainID string, cis *peer.ChaincodeInvocationSpec, creator []byte) (*peer.Proposal, error) {
	ccHdrExt := &peer.ChaincodeHeaderExtension{ChaincodeID: cis.ChaincodeSpec.ChaincodeID}
	ccHdrExtBytes, err := proto.Marshal(ccHdrExt)
	if err != nil {
		return nil, err

	cisBytes, err := proto.Marshal(cis)
	if err != nil {
		return nil, err

	ccPropPayload := &peer.ChaincodeProposalPayload{Input: cisBytes}
	ccPropPayloadBytes, err := proto.Marshal(ccPropPayload)
	if err != nil {
		return nil, err

	// generate a random nonce
	nonce, err := primitives.GetRandomNonce()
	if err != nil {
		return nil, err

	hdr := &common.Header{ChainHeader: &common.ChainHeader{Type: int32(common.HeaderType_ENDORSER_TRANSACTION),
		TxID:      txid,
		ChainID:   chainID,
		Extension: ccHdrExtBytes},
		SignatureHeader: &common.SignatureHeader{Nonce: nonce, Creator: creator}}

	hdrBytes, err := proto.Marshal(hdr)
	if err != nil {
		return nil, err

	return &peer.Proposal{Header: hdrBytes, Payload: ccPropPayloadBytes}, nil