[FAB-9672] Idemix User Key Generator

This change-set does the following: - implement the idemix user key generator - tests Change-Id: Iaa2b1b1fda5eee2278cd45e235bf17489f8351a2 Signed-off-by: Angelo De Caro <adc@zurich.ibm.com>
hyperledger · Nov 4, 2018 · a8fc602 · a8fc602
1 parent 0125e23
commit a8fc602
Show file tree

Hide file tree

Showing 6 changed files with 389 additions and 0 deletions.
diff --git a/bccsp/idemix/idemix.go b/bccsp/idemix/idemix.go
@@ -27,3 +27,15 @@ type Issuer interface {
 	// NewKey generates a new idemix issuer key w.r.t the passed attribute names.
 	NewKey(AttributeNames []string) (IssuerSecretKey, error)
 }
+
+// Big represent a big integer
+type Big interface {
+	// Bytes returns the byte representation of this key
+	Bytes() ([]byte, error)
+}
+
+// User is a local interface to decouple from the idemix implementation
+type User interface {
+	// NewKey generates a new User secret key
+	NewKey() (Big, error)
+}
diff --git a/bccsp/idemix/idemix_suite_test.go b/bccsp/idemix/idemix_suite_test.go
@@ -15,6 +15,8 @@ import (
 //go:generate counterfeiter -o mock/issuer.go -fake-name Issuer . Issuer
 //go:generate counterfeiter -o mock/issuer_secret_key.go -fake-name IssuerSecretKey . IssuerSecretKey
 //go:generate counterfeiter -o mock/issuer_public_key.go -fake-name IssuerPublicKey . IssuerPublicKey
+//go:generate counterfeiter -o mock/user.go -fake-name User . User
+//go:generate counterfeiter -o mock/big.go -fake-name Big . Big
 
 func TestPlain(t *testing.T) {
 	RegisterFailHandler(Fail)

diff --git a/bccsp/idemix/mock/big.go b/bccsp/idemix/mock/big.go
diff --git a/bccsp/idemix/mock/user.go b/bccsp/idemix/mock/user.go
diff --git a/bccsp/idemix/user.go b/bccsp/idemix/user.go
@@ -0,0 +1,72 @@
+/*
+Copyright IBM Corp. All Rights Reserved.
+
+SPDX-License-Identifier: Apache-2.0
+*/
+package idemix
+
+import (
+	"crypto/sha256"
+
+	"github.com/hyperledger/fabric/bccsp"
+	"github.com/pkg/errors"
+)
+
+// userSecretKey contains the User secret key
+type userSecretKey struct {
+	// sk is the idemix reference to the User key
+	sk Big
+	// Exportable if true, sk can be exported via the Bytes function
+	exportable bool
+}
+
+func NewUserSecretKey(sk Big, exportable bool) *userSecretKey {
+	return &userSecretKey{sk: sk, exportable: exportable}
+}
+
+func (k *userSecretKey) Bytes() ([]byte, error) {
+	if k.exportable {
+		return k.sk.Bytes()
+	}
+
+	return nil, errors.New("not exportable")
+}
+
+func (k *userSecretKey) SKI() []byte {
+	raw, err := k.sk.Bytes()
+	if err != nil {
+		return nil
+	}
+	hash := sha256.New()
+	hash.Write(raw)
+	return hash.Sum(nil)
+}
+
+func (*userSecretKey) Symmetric() bool {
+	return true
+}
+
+func (*userSecretKey) Private() bool {
+	return true
+}
+
+func (k *userSecretKey) PublicKey() (bccsp.Key, error) {
+	return nil, errors.New("cannot call this method on a symmetric key")
+}
+
+type UserKeyGen struct {
+	// Exportable is a flag to allow an issuer secret key to be marked as Exportable.
+	// If a secret key is marked as Exportable, its Bytes method will return the key's byte representation.
+	Exportable bool
+	// User implements the underlying cryptographic algorithms
+	User User
+}
+
+func (g *UserKeyGen) KeyGen(opts bccsp.KeyGenOpts) (bccsp.Key, error) {
+	sk, err := g.User.NewKey()
+	if err != nil {
+		return nil, err
+	}
+
+	return &userSecretKey{exportable: g.Exportable, sk: sk}, nil
+}