forked from hyperledger/fabric
-
Notifications
You must be signed in to change notification settings - Fork 1
/
nymsigner.go
95 lines (79 loc) · 2.16 KB
/
nymsigner.go
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
/*
Copyright IBM Corp. All Rights Reserved.
SPDX-License-Identifier: Apache-2.0
*/
package handlers
import (
"github.com/hyperledger/fabric/bccsp"
"github.com/pkg/errors"
)
type NymSigner struct {
NymSignatureScheme NymSignatureScheme
}
func (s *NymSigner) Sign(k bccsp.Key, digest []byte, opts bccsp.SignerOpts) ([]byte, error) {
userSecretKey, ok := k.(*userSecretKey)
if !ok {
return nil, errors.New("invalid key, expected *userSecretKey")
}
signerOpts, ok := opts.(*bccsp.IdemixNymSignerOpts)
if !ok {
return nil, errors.New("invalid options, expected *IdemixNymSignerOpts")
}
// Issuer public key
if signerOpts.IssuerPK == nil {
return nil, errors.New("invalid options, missing issuer public key")
}
ipk, ok := signerOpts.IssuerPK.(*issuerPublicKey)
if !ok {
return nil, errors.New("invalid issuer public key, expected *issuerPublicKey")
}
// Nym
if signerOpts.Nym == nil {
return nil, errors.New("invalid options, missing nym key")
}
nymSk, ok := signerOpts.Nym.(*nymSecretKey)
if !ok {
return nil, errors.New("invalid nym key, expected *nymSecretKey")
}
sigma, err := s.NymSignatureScheme.Sign(
userSecretKey.sk,
nymSk.pk, nymSk.sk,
ipk.pk,
digest)
if err != nil {
return nil, err
}
return sigma, nil
}
type NymVerifier struct {
NymSignatureScheme NymSignatureScheme
}
func (v *NymVerifier) Verify(k bccsp.Key, signature, digest []byte, opts bccsp.SignerOpts) (bool, error) {
nymPublicKey, ok := k.(*nymPublicKey)
if !ok {
return false, errors.New("invalid key, expected *nymPublicKey")
}
signerOpts, ok := opts.(*bccsp.IdemixNymSignerOpts)
if !ok {
return false, errors.New("invalid options, expected *IdemixNymSignerOpts")
}
if signerOpts.IssuerPK == nil {
return false, errors.New("invalid options, missing issuer public key")
}
ipk, ok := signerOpts.IssuerPK.(*issuerPublicKey)
if !ok {
return false, errors.New("invalid issuer public key, expected *issuerPublicKey")
}
if len(signature) == 0 {
return false, errors.New("invalid signature, it must not be empty")
}
err := v.NymSignatureScheme.Verify(
ipk.pk,
nymPublicKey.pk,
signature,
digest)
if err != nil {
return false, err
}
return true, nil
}