示例#1
0
func (client *clientImpl) createTransactionNonce() ([]byte, error) {
	nonce, err := utils.GetRandomBytes(utils.NonceSize)
	if err != nil {
		client.node.log.Error("Failed creating nonce [%s].", err.Error())
		return nil, err
	}

	return nonce, err
}
示例#2
0
func (se *queryStateEncryptor) Encrypt(msg []byte) ([]byte, error) {
	nonce, err := utils.GetRandomBytes(se.nonceSize)
	if err != nil {
		se.log.Error("Failed getting randomness [%s].", err.Error())
		return nil, err
	}

	// Seal will append the output to the first argument; the usage
	// here appends the ciphertext to the nonce. The final parameter
	// is any additional data to be authenticated.
	out := se.gcmEnc.Seal(nonce, nonce, msg, nil)

	return out, nil
}
示例#3
0
func (client *clientImpl) registerCryptoEngine() (err error) {
	// Store query state key
	client.queryStateKey, err = utils.GetRandomBytes(utils.NonceSize)
	if err != nil {
		log.Error("Failed generating query state key: [%s].", err.Error())
		return
	}

	err = client.ks.storeKey(client.conf.getQueryStateKeyFilename(), client.queryStateKey)
	if err != nil {
		log.Error("Failed storing query state key: [%s].", err.Error())
		return
	}

	return
}
示例#4
0
func (client *clientImpl) createExecuteTx(chaincodeInvocation *obc.ChaincodeInvocationSpec, uuid string, nonce []byte) (*obc.Transaction, error) {
	/// Create a new transaction
	tx, err := obc.NewChaincodeExecute(chaincodeInvocation, uuid, obc.Transaction_CHAINCODE_EXECUTE)
	if err != nil {
		client.error("Failed creating new transaction [%s].", err.Error())
		return nil, err
	}

	// Copy metadata from ChaincodeSpec
	tx.Metadata = chaincodeInvocation.ChaincodeSpec.Metadata

	if nonce == nil {
		tx.Nonce, err = utils.GetRandomBytes(utils.NonceSize)
		if err != nil {
			client.error("Failed creating nonce [%s].", err.Error())
			return nil, err
		}
	} else {
		// TODO: check that it is a well formed nonce
		tx.Nonce = nonce
	}

	// Handle confidentiality
	if chaincodeInvocation.ChaincodeSpec.ConfidentialityLevel == obc.ConfidentialityLevel_CONFIDENTIAL {
		// 1. set confidentiality level and nonce
		tx.ConfidentialityLevel = obc.ConfidentialityLevel_CONFIDENTIAL

		// 2. set confidentiality protocol version
		tx.ConfidentialityProtocolVersion = "1.2"

		// 3. encrypt tx
		err = client.encryptTx(tx)
		if err != nil {
			client.error("Failed encrypting payload [%s].", err.Error())
			return nil, err

		}
	}

	return tx, nil
}
示例#5
0
func (client *clientImpl) createDeployTx(chaincodeDeploymentSpec *obc.ChaincodeDeploymentSpec, uuid string, nonce []byte) (*obc.Transaction, error) {
	// Create a new transaction
	tx, err := obc.NewChaincodeDeployTransaction(chaincodeDeploymentSpec, uuid)
	if err != nil {
		client.node.log.Error("Failed creating new transaction [%s].", err.Error())
		return nil, err
	}

	// Copy metadata from ChaincodeSpec
	tx.Metadata = chaincodeDeploymentSpec.ChaincodeSpec.Metadata

	// Handle confidentiality
	if chaincodeDeploymentSpec.ChaincodeSpec.ConfidentialityLevel == obc.ConfidentialityLevel_CONFIDENTIAL {
		// 1. set confidentiality level and nonce
		tx.ConfidentialityLevel = obc.ConfidentialityLevel_CONFIDENTIAL
		if nonce == nil {
			tx.Nonce, err = utils.GetRandomBytes(utils.NonceSize)
			if err != nil {
				client.node.log.Error("Failed creating nonce [%s].", err.Error())
				return nil, err
			}
		} else {
			// TODO: check that it is a well formed nonce
			tx.Nonce = nonce
		}

		// 2. encrypt tx
		err = client.encryptTx(tx)
		if err != nil {
			client.node.log.Error("Failed encrypting payload [%s].", err.Error())
			return nil, err

		}
	}

	return tx, nil
}
示例#6
0
// NewChaincodeDeployTransaction is used to deploy chaincode.
func (client *clientImpl) NewChaincodeDeployTransaction(chaincodeDeploymentSpec *obc.ChaincodeDeploymentSpec, uuid string) (*obc.Transaction, error) {
	// Verify that the client is initialized
	if !client.isInitialized {
		return nil, utils.ErrNotInitialized
	}

	// Create a new transaction
	tx, err := obc.NewChaincodeDeployTransaction(chaincodeDeploymentSpec, uuid)
	if err != nil {
		client.node.log.Error("Failed creating new transaction [%s].", err.Error())
		return nil, err
	}

	if chaincodeDeploymentSpec.ChaincodeSpec.ConfidentialityLevel == obc.ConfidentialityLevel_CONFIDENTIAL {
		// 1. set confidentiality level and nonce
		tx.ConfidentialityLevel = obc.ConfidentialityLevel_CONFIDENTIAL
		tx.Nonce, err = utils.GetRandomBytes(utils.NonceSize)
		if err != nil {
			client.node.log.Error("Failed creating nonce [%s].", err.Error())
			return nil, err
		}

		// 2. encrypt tx
		err = client.encryptTx(tx)
		if err != nil {
			client.node.log.Error("Failed encrypting payload [%s].", err.Error())
			return nil, err

		}
	}

	// Sign the transaction

	// Implement like this: getNextTCert returns only a TCert
	// Then, invoke signWithTCert to sign the signature

	// Get next available (not yet used) transaction certificate
	// with the relative signing key.
	rawTCert, err := client.getNextTCert()
	if err != nil {
		client.node.log.Error("Failed getting next transaction certificate [%s].", err.Error())
		return nil, err
	}

	// Append the certificate to the transaction
	client.node.log.Debug("Appending certificate [%s].", utils.EncodeBase64(rawTCert))
	tx.Cert = rawTCert

	// Sign the transaction and append the signature
	// 1. Marshall tx to bytes
	rawTx, err := proto.Marshal(tx)
	if err != nil {
		client.node.log.Error("Failed marshaling tx [%s].", err.Error())
		return nil, err
	}

	// 2. Sign rawTx and check signature
	client.node.log.Debug("Signing tx [%s].", utils.EncodeBase64(rawTx))
	rawSignature, err := client.signWithTCert(rawTCert, rawTx)
	if err != nil {
		client.node.log.Error("Failed creating signature [%s].", err.Error())
		return nil, err
	}

	// 3. Append the signature
	tx.Signature = rawSignature

	client.node.log.Debug("Appending signature: [%s]", utils.EncodeBase64(rawSignature))

	return tx, nil
}