/
pki.go
72 lines (62 loc) · 1.49 KB
/
pki.go
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
/*
Copyright IBM Corp. All Rights Reserved.
SPDX-License-Identifier: Apache-2.0
*/
package endpoint
import (
"crypto/sha256"
"crypto/x509"
"encoding/pem"
"github.com/hyperledger-labs/fabric-smart-client/pkg/utils/proto"
"github.com/hyperledger-labs/fabric-smart-client/platform/view/view"
"github.com/hyperledger/fabric-protos-go/msp"
"github.com/libp2p/go-libp2p/core/crypto"
"github.com/libp2p/go-libp2p/core/peer"
)
type pkiResolver struct {
}
func NewPKIResolver() *pkiResolver {
return &pkiResolver{}
}
func (p pkiResolver) GetPKIidOfCert(peerIdentity view.Identity) []byte {
si := &msp.SerializedIdentity{}
err := proto.Unmarshal(peerIdentity, si)
if err != nil {
return nil
}
certRaw, _ := pem.Decode(si.IdBytes)
switch {
case certRaw != nil:
cert, err := x509.ParseCertificate(certRaw.Bytes)
if err != nil {
return nil
}
raw, err := x509.MarshalPKIXPublicKey(cert.PublicKey)
if err != nil {
return nil
}
pubclikey, err := crypto.UnmarshalECDSAPublicKey(raw)
if err != nil {
return nil
}
ID, err := peer.IDFromPublicKey(pubclikey)
if err != nil {
return nil
}
return []byte(ID.String())
default:
// This can only be an idemix identity then
serialized := &msp.SerializedIdemixIdentity{}
err := proto.Unmarshal(si.IdBytes, serialized)
if err != nil {
return nil
}
h := sha256.New()
h.Write(serialized.NymX)
h.Write(serialized.NymY)
h.Write(serialized.Proof)
h.Write(serialized.Ou)
h.Write(serialized.Role)
return h.Sum(nil)
}
}