-
Notifications
You must be signed in to change notification settings - Fork 0
/
user.go
99 lines (80 loc) · 2.31 KB
/
user.go
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
/*
Copyright IBM Corp. All Rights Reserved.
SPDX-License-Identifier: Apache-2.0
*/
package handlers
import (
"crypto/sha256"
"github.com/hyperledger/fabric/bccsp"
"github.com/pkg/errors"
)
// userSecretKey contains the User secret key
type userSecretKey struct {
// sk is the idemix reference to the User key
sk Big
// Exportable if true, sk can be exported via the Bytes function
exportable bool
}
func NewUserSecretKey(sk Big, exportable bool) *userSecretKey {
return &userSecretKey{sk: sk, exportable: exportable}
}
func (k *userSecretKey) Bytes() ([]byte, error) {
if k.exportable {
return k.sk.Bytes()
}
return nil, errors.New("not exportable")
}
func (k *userSecretKey) SKI() []byte {
raw, err := k.sk.Bytes()
if err != nil {
return nil
}
hash := sha256.New()
hash.Write(raw)
return hash.Sum(nil)
}
func (*userSecretKey) Symmetric() bool {
return true
}
func (*userSecretKey) Private() bool {
return true
}
func (k *userSecretKey) PublicKey() (bccsp.Key, error) {
return nil, errors.New("cannot call this method on a symmetric key")
}
type UserKeyGen struct {
// Exportable is a flag to allow an issuer secret key to be marked as Exportable.
// If a secret key is marked as Exportable, its Bytes method will return the key's byte representation.
Exportable bool
// User implements the underlying cryptographic algorithms
User User
}
func (g *UserKeyGen) KeyGen(opts bccsp.KeyGenOpts) (bccsp.Key, error) {
sk, err := g.User.NewKey()
if err != nil {
return nil, err
}
return &userSecretKey{exportable: g.Exportable, sk: sk}, nil
}
// UserKeyImporter import user keys
type UserKeyImporter struct {
// Exportable is a flag to allow a secret key to be marked as Exportable.
// If a secret key is marked as Exportable, its Bytes method will return the key's byte representation.
Exportable bool
// User implements the underlying cryptographic algorithms
User User
}
func (i *UserKeyImporter) KeyImport(raw interface{}, opts bccsp.KeyImportOpts) (k bccsp.Key, err error) {
der, ok := raw.([]byte)
if !ok {
return nil, errors.New("invalid raw, expected byte array")
}
if len(der) == 0 {
return nil, errors.New("invalid raw, it must not be nil")
}
sk, err := i.User.NewKeyFromBytes(raw.([]byte))
if err != nil {
return nil, err
}
return &userSecretKey{exportable: i.Exportable, sk: sk}, nil
}