-
Notifications
You must be signed in to change notification settings - Fork 0
/
csp.go
126 lines (107 loc) · 2.47 KB
/
csp.go
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
/*
Copyright IBM Corp. All Rights Reserved.
SPDX-License-Identifier: Apache-2.0
*/
package csp
import (
"crypto"
"crypto/ecdsa"
"crypto/x509"
"encoding/pem"
"io/ioutil"
"os"
"path/filepath"
"strings"
"github.com/hyperledger/fabric/bccsp"
"github.com/hyperledger/fabric/bccsp/factory"
"github.com/hyperledger/fabric/bccsp/signer"
)
// LoadPrivateKey loads a private key from file in keystorePath
func LoadPrivateKey(keystorePath string) (bccsp.Key, crypto.Signer, error) {
var err error
var priv bccsp.Key
var s crypto.Signer
opts := &factory.FactoryOpts{
ProviderName: "SW",
SwOpts: &factory.SwOpts{
HashFamily: "SHA2",
SecLevel: 256,
FileKeystore: &factory.FileKeystoreOpts{
KeyStorePath: keystorePath,
},
},
}
csp, err := factory.GetBCCSPFromOpts(opts)
if err != nil {
return nil, nil, err
}
walkFunc := func(path string, info os.FileInfo, err error) error {
if strings.HasSuffix(path, "_sk") {
rawKey, err := ioutil.ReadFile(path)
if err != nil {
return err
}
block, _ := pem.Decode(rawKey)
priv, err = csp.KeyImport(block.Bytes, &bccsp.ECDSAPrivateKeyImportOpts{Temporary: true})
if err != nil {
return err
}
s, err = signer.New(csp, priv)
if err != nil {
return err
}
return nil
}
return nil
}
err = filepath.Walk(keystorePath, walkFunc)
if err != nil {
return nil, nil, err
}
return priv, s, err
}
// GeneratePrivateKey creates a private key and stores it in keystorePath
func GeneratePrivateKey(keystorePath string) (bccsp.Key,
crypto.Signer, error) {
var err error
var priv bccsp.Key
var s crypto.Signer
opts := &factory.FactoryOpts{
ProviderName: "SW",
SwOpts: &factory.SwOpts{
HashFamily: "SHA2",
SecLevel: 256,
FileKeystore: &factory.FileKeystoreOpts{
KeyStorePath: keystorePath,
},
},
}
csp, err := factory.GetBCCSPFromOpts(opts)
if err == nil {
// generate a key
priv, err = csp.KeyGen(&bccsp.ECDSAP256KeyGenOpts{Temporary: false})
if err == nil {
// create a crypto.Signer
s, err = signer.New(csp, priv)
}
}
return priv, s, err
}
func GetECPublicKey(priv bccsp.Key) (*ecdsa.PublicKey, error) {
// get the public key
pubKey, err := priv.PublicKey()
if err != nil {
return nil, err
}
// marshal to bytes
pubKeyBytes, err := pubKey.Bytes()
if err != nil {
return nil, err
}
// unmarshal using pkix
ecPubKey, err := x509.ParsePKIXPublicKey(pubKeyBytes)
if err != nil {
return nil, err
}
return ecPubKey.(*ecdsa.PublicKey), nil
}