| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -1,6 +1,69 @@ | ||
| # Concord-BFT replica keyfile private_replica_0. | ||
| # For replica 0 in a 4-replica cluster. | ||
|
|
||
| num_replicas: 4 | ||
| f_val: 1 | ||
| c_val: 0 | ||
| replica_id: 0 | ||
|
|
||
| # RSA non-threshold replica public keys | ||
| rsa_public_keys: | ||
| - 30820120300D06092A864886F70D01010105000382010D00308201080282010100A2F61615AAE619C54D4BD687A7D4E3D027A7505EA18BF0B82CC04B356BE0974C398B8F15E56099E5CE8B6222F24AC1C5F9B0C5DE3F3035C9759F0F09D0C2068719FE519EA2009E80F8DF4B6E7F03C2E0D6F064FC2E985867FCE66CAC8A9952ABA8056113292445DBC1297A6EE33729239C65D523D8CDFDB38848958940C33C74525E0155D99FF97D4C4D4317D33191763756ED0D3674D8037514572A418A0169151888ACA8EC31B631C04ED158E1B15A396C60D76292FEBBBDD3784D83ECB044ED767696AACDB6323EB1FB60746318AEBB9A5CC6DE339A92E17C2C0CA82B3C85F92DB9CE3DBF8653BDE53F4BF084D8F8C7CA5BEF4E0051FE05BAA8CF6DBC2399020111 | ||
| - 30820120300D06092A864886F70D01010105000382010D00308201080282010100B9C99EB540BCA677AB730EE058019D2432B384BF445053A7DC7E975873AEA9F3D5E2A77D80259F7819781C159A3B4FD24F2BCF02D4F4ED05EFDA782460AEB5CAE567228D9AA02B1DAAA1DD788CCC5DD88980B4418946D61BCB6A600302F9F9032469D82C419D1DA958CCA3DC25AA9602CAF85F4B6FC0A5ED0D3415FD47FB1F5775C0F648414319411B31D592454539A2D85ADD5CED0D0E819F66C8F4B63B4F31B57053116F4E4A35EB0D87F1094E9DC46B59FE2BB613B4A2E718DBDF52D1BE5EAD7F95552F8B406CD599A23732627BA4E0BD3C1A97BB14BB6F18785C6DE24E93C065A7372F3E954E5DC57386CE6D8AC815795A5B1BD7754473063AEC7B956409020111 | ||
| - 30820120300D06092A864886F70D01010105000382010D00308201080282010100B55EC87F1BB8FE06BAF17EF6C290B60AF008DE4D04D2EFC096B19D0E27E309328637A7BC5A591EF1F4CBDF7F21352BE9B144C1CF57CB56A99AD1E1859B0B0418EAB38F1B44A73C5D584E801FFE82788E22B29ADEEF07D6CA586467B8597F99BC9476D98E791806FD3B4D36568D30F5713183563A4B7FA94D452608F9CC1FB2E2A1E8AFAA9F858D33C28B7059CBA97F5E33EECD7B17DE456B5CE4143F720092C35B78026027221954DBCAAEAD8D82F7BACFF86782EC1182CBDA8E78AD13CE1A0C0323223CF435AEFDE3ABDD33C51294885C0CA3FEC50B64B7E5792032D72EDBA2D0D6071ECE706CA03B4F48690DC58FC977D67C31B60D8B1C59FE1EC054754C8B020111 | ||
| - 30820120300D06092A864886F70D01010105000382010D00308201080282010100C21ABAD2260E05E5DCBCCFC462608532EE1F2EC4C0C660E46BEACE4D4A435A45D31859D58B86FB853E28272D76D433FA2A975FC006967C76A8837B405C366D3E3A9DDC807E2DC6E0DB4472916A6149EF2EA65E7E89E77818DFDF4A9F38421F84C2CC507388A9A3B05D2DB3E2C99DFA325A5BB39387129CBEEBB1DA7DE621FFA1E0BB5ACF49562ED0DFBD03FD29A0F2FDE1011C62FD2B572B65F842CA01EBC5E182D4B92B46892F997DEB2169629E228F17BFDD25CCEA07EA5F3ABFB917D2A6C9CE9E026B9BC24EF58C48D3C7907B8EF6E5BA8554A9AF0FCCF7DDCB66DAC24939551D9747D726567336A7A1C7E3F8261F600E0597D80DA107C46E957D5E4DF4B5020111 | ||
|
|
||
| # Execution threshold cryptosystem public configuration. | ||
| execution_cryptosystem_type: threshold-bls | ||
| execution_cryptosystem_subtype_parameter: BN-P254 | ||
| execution_cryptosystem_num_signers: 4 | ||
| execution_cryptosystem_threshold: 2 | ||
| execution_cryptosystem_public_key: 020d24a4e139d5a7d732b7112801b83b8c66db857af5aa0a6964f7d86f9fe2e9d91505dc5d67eb28e1df123363ce1b116eed9f410639bcc96b24da654ad8fe979f | ||
| execution_cryptosystem_verification_keys: | ||
| - 0212e1aa988094ee9c2263dd98048cb06d48bd818bbbf1205ffa6339658738d0112269849ea1ac55fe0f4986dc81fcfc80eed11152e3027669094b571ead277bbf | ||
| - 02042c10e830d8adbb92c464be5e8e043c982eed82cb45ca4b460f9d82aa183f18054d2580702c7a8475e0735bf228da3d15df3280691e854fc88e49fcee43c465 | ||
| - 0310f9a22eb94e068e7948f7a0ad64ed8371cb07b75ae52c74e3587cc690d9d7ee15160cc695f452ff71250eb05621c75996ac8580b967ec0588d26758a375a1ea | ||
| - 0302dda9f185850009b08a2f22cb637a15c9a2da677a11302267035e704179f4d70bda229a4fb6ae9af30ee8e82f608931657d501392905787b5ebe6597173e27d | ||
|
|
||
| # Slow path commit threshold cryptosystem public configuration. | ||
| slow_commit_cryptosystem_type: threshold-bls | ||
| slow_commit_cryptosystem_subtype_parameter: BN-P254 | ||
| slow_commit_cryptosystem_num_signers: 4 | ||
| slow_commit_cryptosystem_threshold: 3 | ||
| slow_commit_cryptosystem_public_key: 02058ed8ae8b55cc3b674f8c05940554c32d35203c4d6fa0c7e54e91287e2f559105b3c0048be1bf32143825b1e96ce734d7cd8e39b28893ecfed01868fa37dbb4 | ||
| slow_commit_cryptosystem_verification_keys: | ||
| - 02093a80ed694ac9ee5096f37900762638be765f0d4517569761c1146509bb12671f5b1f30c1c4f987bc36216b4f69bed4ac1b54c7f094b9f01c4c8a538cc45ce8 | ||
| - 03242eff0e8a8639cc840d4438bec151de2e6840949d16dc006b0862cfd9bef2c3003a1783a4d8a1f2c2f195f5ec733e0e23a00b5da1d5eb5705b201b652bc23d9 | ||
| - 02204af450f399b20f3cc8285a3513fc0c39518f33e3f827eab68b16ac97be56aa085777893ed29d37a60fd77c69abdbfd05a3f6d51c9b25d3a9f33f4afbcdc061 | ||
| - 031bb32eada4d3f2e6fd6b63b5ad84af83babb1e4d569e6ab2ecdb0bb26bd07dba251cfd58721d0bb369044c470a5cea721006740eda5d909e850c259a09f10583 | ||
|
|
||
| # Commit threshold cryptosystem public configuration. | ||
| commit_cryptosystem_type: threshold-bls | ||
| commit_cryptosystem_subtype_parameter: BN-P254 | ||
| commit_cryptosystem_num_signers: 4 | ||
| commit_cryptosystem_threshold: 4 | ||
| commit_cryptosystem_public_key: 031c28db8b612135328f04e2a31b85f65bc33bf4e1fb32d7df48939173a2d745c20f793682b23578eb4975d22a7af3b7bd61916e66f0dcbbcaefa118ad5fd7bd5d | ||
| commit_cryptosystem_verification_keys: | ||
| - 020de71ba1cd8c4a683e9d783013b92add014452826b3a4fc054e25dc651ee1d300df27b81a605cfb35dbf1ab9cbd7ce2a6e1778fa3a7c30766387eb5984ba5270 | ||
| - 03214a84285abf66a34c32dba5896ff4edc4c6f17a8333c39ac404fe0494c30f21191a5c5f509f3fd8e70c0630a0f6f33443b4ed8893fb3842fc12f3f8ff8c0d7f | ||
| - 031923249ea9ed334dffdc6569240d90ce57a194279135816bf43eba08c7fff455183e29aa1607a11a78ffad4b107f24548a01453f49cd5e9fcbd8dbf9f114f045 | ||
| - 0220d2253a629acc970521c2569170fdbe7f9ec9ed3a30405dd5d017ef056e785f12422f7cac5069e7d101eb017e8a98555d697356ebcccdad4c4f1bee4a4476f8 | ||
|
|
||
| # Optimistic fast path commit threshold cryptosystem public configuration. | ||
| optimistic_commit_cryptosystem_type: multisig-bls | ||
| optimistic_commit_cryptosystem_subtype_parameter: BN-P254 | ||
| optimistic_commit_cryptosystem_num_signers: 4 | ||
| optimistic_commit_cryptosystem_threshold: 4 | ||
| optimistic_commit_cryptosystem_public_key: 0214fbcbb456f0bccd68a3ee42dd28255bea4c0b3aeb5abf820a3ae1d14405251e19bad72b6fb2c0fbceae2cfa7ab33e320d36b68bcbbcc51282b7486f43160a12 | ||
| optimistic_commit_cryptosystem_verification_keys: | ||
| - 020322fb834b84cc171f0da4c9bd1d9de18a141bfcd5817b82a59823571831cc2a1a02ce331ebfe01b51f7b001137ec9e28eca27a99f5dcec164b26aa07006f795 | ||
| - 020fb53bc712704671bc1ae6a19b729093d352fc1add47e9804733ef5dcf1849b0164a6e6a1fc3bf07aa5adf7f355525d8cd8f4d8f0b0c9723fd2bc800fdb715be | ||
| - 031b92e9dbf44ae5e87593e5ca6983fcca579ff22f28ea7e3dfd6ea8c98f19717609438156c91eac41ff2126274b0dcdfee0c1145754594ca3c7ec4ba4b2d6949e | ||
| - 02047f862a912d3c979c17a40284df584216361b8b3e95a36a6424e6c9dbfa326f08b3e556260d723591fe14e41bfae702197f721734dcb674a6f7a53aabc52a6c | ||
|
|
||
| # Private keys for this replica | ||
| rsa_private_key: 308204BB020100300D06092A864886F70D0101010500048204A5308204A10201000282010100A2F61615AAE619C54D4BD687A7D4E3D027A7505EA18BF0B82CC04B356BE0974C398B8F15E56099E5CE8B6222F24AC1C5F9B0C5DE3F3035C9759F0F09D0C2068719FE519EA2009E80F8DF4B6E7F03C2E0D6F064FC2E985867FCE66CAC8A9952ABA8056113292445DBC1297A6EE33729239C65D523D8CDFDB38848958940C33C74525E0155D99FF97D4C4D4317D33191763756ED0D3674D8037514572A418A0169151888ACA8EC31B631C04ED158E1B15A396C60D76292FEBBBDD3784D83ECB044ED767696AACDB6323EB1FB60746318AEBB9A5CC6DE339A92E17C2C0CA82B3C85F92DB9CE3DBF8653BDE53F4BF084D8F8C7CA5BEF4E0051FE05BAA8CF6DBC2399020111028201000CC801BB6CC6C0C42E3824E7809D3F0B4E6779C125C4B381E5646A4A76E4704236B59CCA806BF7FDF214F8A35E4C2346BE400F84E1D195C986B7245115648D0F9DA583E448F0FD5F72E4563ADCC9144DDEA9715508AC937B9B5D5DDB562A249A03238F24A3DAB0255067A535DF9FEF25EE261AC18E7E96686F14C06F2837783127A66512C762CBBCA3998D1049EC27CD0A59D6FEA6663A26F53D603E309F88B4CCA5F65B0DD224529157BDA47BB47FEDB4CDC6A4F3CAC018B220E92160B279BCC47395ED2A28AEFA505BA47C2AF75CCD109AEFA03539F7BAE755721756E3E91963D716C580B917B3946E2DB6DF3A49002D4C694E9A1D096461D24F3B15AF462102818100D49FEA8906064167D7D199A25C499FBE35992972A0EE46B1931301DF2668F91C538F0B690D46CCA8D86F37048E247CAD207034551A78B9A0FE2CEBDEE8ABAC6FA87E8239FAC5116D7C4ED84487A560BD7D5945132297E51B70E77BB9FA540402FF5FC6AB75CABA0BBC1B1742ACF5D0915C1E2D724292B510C8773405D165E12B02818100C4348E1D656E12704E95E2E5C864F641BDC44E6BCBEF2BE12B32CA322F2EF94B9045783AAB6E15F09C3265DBA17FD59657BC87CB23C133DFE082F0050A5D73AE7C363CCCD681EDCD41D2B1ECC8EBD8BAAA89A87914F89EE86B1341A919FD5C7F40D790CC9EBCDE165D4D612DA567E5A52A1DEFD2DE7B652D5E0A029847DB844B0281807090E593D6034FCD905FE7EC8B36094694D89D78EBC970B85CEBF1EE9BDD38968697060A7070C6B3BDE08689F0E623E32F4A760EEFE58F735963137602B53D2C0DE89F4BDF1D0939F684182447D00609F7112491A8E700D24AD4E726393B89A73BE7692D98B69EBAEB1D66AAD409AAA74EE2CCC405207DF9D38A66D5E7540DCB028180229FDCD802D7306E2BFC55379BD594DE6CC84A1305DEE9A034CCBA451762A476BF1B5173C3E6401B66DBB79F3A9E16A20F7B9F7E337C7290EB6266977A4CBA0FBB9119C9CB80572438CAD41ABA0B8099696396337C2BDFCEA97BDE6922B43D7FDE44289C947BAEB8A70DA7BCC2D619777FE72A52637F2FF8F27A3CB17617ADEF028181008C2D4CE4A6A30D3734B88C682B245BD2FEC21A43D96E5DFBB3039270EC0610CF6EE50869CF28F272B6CEEF32510247D5337112CED3CB91DB2646425AA8E7AC558DE5240570AD000CB5944A198FCC4ED3020A31110BB0D55B894EAEAE14623827CB6FC65FE4CFF8D699538F6B514591E6E414380EC9A3F606A3084D59CD31F5C3 | ||
| execution_cryptosystem_private_key: 4681477801847123361755406387245152534550480451118126810777244852088086838231 | ||
| slow_commit_cryptosystem_private_key: 5713946288136062254062075275438026344483994821978045988384345788085926825955 | ||
| commit_cryptosystem_private_key: 6798518601337957613964853113267953965674312235544877846438744457040151693440 | ||
| optimistic_commit_cryptosystem_private_key: 9536283277718764239334725784840732393108097010967748970007452155896211818841 |
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -1,6 +1,69 @@ | ||
| # Concord-BFT replica keyfile private_replica_1. | ||
| # For replica 1 in a 4-replica cluster. | ||
|
|
||
| num_replicas: 4 | ||
| f_val: 1 | ||
| c_val: 0 | ||
| replica_id: 1 | ||
|
|
||
| # RSA non-threshold replica public keys | ||
| rsa_public_keys: | ||
| - 30820120300D06092A864886F70D01010105000382010D00308201080282010100A2F61615AAE619C54D4BD687A7D4E3D027A7505EA18BF0B82CC04B356BE0974C398B8F15E56099E5CE8B6222F24AC1C5F9B0C5DE3F3035C9759F0F09D0C2068719FE519EA2009E80F8DF4B6E7F03C2E0D6F064FC2E985867FCE66CAC8A9952ABA8056113292445DBC1297A6EE33729239C65D523D8CDFDB38848958940C33C74525E0155D99FF97D4C4D4317D33191763756ED0D3674D8037514572A418A0169151888ACA8EC31B631C04ED158E1B15A396C60D76292FEBBBDD3784D83ECB044ED767696AACDB6323EB1FB60746318AEBB9A5CC6DE339A92E17C2C0CA82B3C85F92DB9CE3DBF8653BDE53F4BF084D8F8C7CA5BEF4E0051FE05BAA8CF6DBC2399020111 | ||
| - 30820120300D06092A864886F70D01010105000382010D00308201080282010100B9C99EB540BCA677AB730EE058019D2432B384BF445053A7DC7E975873AEA9F3D5E2A77D80259F7819781C159A3B4FD24F2BCF02D4F4ED05EFDA782460AEB5CAE567228D9AA02B1DAAA1DD788CCC5DD88980B4418946D61BCB6A600302F9F9032469D82C419D1DA958CCA3DC25AA9602CAF85F4B6FC0A5ED0D3415FD47FB1F5775C0F648414319411B31D592454539A2D85ADD5CED0D0E819F66C8F4B63B4F31B57053116F4E4A35EB0D87F1094E9DC46B59FE2BB613B4A2E718DBDF52D1BE5EAD7F95552F8B406CD599A23732627BA4E0BD3C1A97BB14BB6F18785C6DE24E93C065A7372F3E954E5DC57386CE6D8AC815795A5B1BD7754473063AEC7B956409020111 | ||
| - 30820120300D06092A864886F70D01010105000382010D00308201080282010100B55EC87F1BB8FE06BAF17EF6C290B60AF008DE4D04D2EFC096B19D0E27E309328637A7BC5A591EF1F4CBDF7F21352BE9B144C1CF57CB56A99AD1E1859B0B0418EAB38F1B44A73C5D584E801FFE82788E22B29ADEEF07D6CA586467B8597F99BC9476D98E791806FD3B4D36568D30F5713183563A4B7FA94D452608F9CC1FB2E2A1E8AFAA9F858D33C28B7059CBA97F5E33EECD7B17DE456B5CE4143F720092C35B78026027221954DBCAAEAD8D82F7BACFF86782EC1182CBDA8E78AD13CE1A0C0323223CF435AEFDE3ABDD33C51294885C0CA3FEC50B64B7E5792032D72EDBA2D0D6071ECE706CA03B4F48690DC58FC977D67C31B60D8B1C59FE1EC054754C8B020111 | ||
| - 30820120300D06092A864886F70D01010105000382010D00308201080282010100C21ABAD2260E05E5DCBCCFC462608532EE1F2EC4C0C660E46BEACE4D4A435A45D31859D58B86FB853E28272D76D433FA2A975FC006967C76A8837B405C366D3E3A9DDC807E2DC6E0DB4472916A6149EF2EA65E7E89E77818DFDF4A9F38421F84C2CC507388A9A3B05D2DB3E2C99DFA325A5BB39387129CBEEBB1DA7DE621FFA1E0BB5ACF49562ED0DFBD03FD29A0F2FDE1011C62FD2B572B65F842CA01EBC5E182D4B92B46892F997DEB2169629E228F17BFDD25CCEA07EA5F3ABFB917D2A6C9CE9E026B9BC24EF58C48D3C7907B8EF6E5BA8554A9AF0FCCF7DDCB66DAC24939551D9747D726567336A7A1C7E3F8261F600E0597D80DA107C46E957D5E4DF4B5020111 | ||
|
|
||
| # Execution threshold cryptosystem public configuration. | ||
| execution_cryptosystem_type: threshold-bls | ||
| execution_cryptosystem_subtype_parameter: BN-P254 | ||
| execution_cryptosystem_num_signers: 4 | ||
| execution_cryptosystem_threshold: 2 | ||
| execution_cryptosystem_public_key: 020d24a4e139d5a7d732b7112801b83b8c66db857af5aa0a6964f7d86f9fe2e9d91505dc5d67eb28e1df123363ce1b116eed9f410639bcc96b24da654ad8fe979f | ||
| execution_cryptosystem_verification_keys: | ||
| - 0212e1aa988094ee9c2263dd98048cb06d48bd818bbbf1205ffa6339658738d0112269849ea1ac55fe0f4986dc81fcfc80eed11152e3027669094b571ead277bbf | ||
| - 02042c10e830d8adbb92c464be5e8e043c982eed82cb45ca4b460f9d82aa183f18054d2580702c7a8475e0735bf228da3d15df3280691e854fc88e49fcee43c465 | ||
| - 0310f9a22eb94e068e7948f7a0ad64ed8371cb07b75ae52c74e3587cc690d9d7ee15160cc695f452ff71250eb05621c75996ac8580b967ec0588d26758a375a1ea | ||
| - 0302dda9f185850009b08a2f22cb637a15c9a2da677a11302267035e704179f4d70bda229a4fb6ae9af30ee8e82f608931657d501392905787b5ebe6597173e27d | ||
|
|
||
| # Slow path commit threshold cryptosystem public configuration. | ||
| slow_commit_cryptosystem_type: threshold-bls | ||
| slow_commit_cryptosystem_subtype_parameter: BN-P254 | ||
| slow_commit_cryptosystem_num_signers: 4 | ||
| slow_commit_cryptosystem_threshold: 3 | ||
| slow_commit_cryptosystem_public_key: 02058ed8ae8b55cc3b674f8c05940554c32d35203c4d6fa0c7e54e91287e2f559105b3c0048be1bf32143825b1e96ce734d7cd8e39b28893ecfed01868fa37dbb4 | ||
| slow_commit_cryptosystem_verification_keys: | ||
| - 02093a80ed694ac9ee5096f37900762638be765f0d4517569761c1146509bb12671f5b1f30c1c4f987bc36216b4f69bed4ac1b54c7f094b9f01c4c8a538cc45ce8 | ||
| - 03242eff0e8a8639cc840d4438bec151de2e6840949d16dc006b0862cfd9bef2c3003a1783a4d8a1f2c2f195f5ec733e0e23a00b5da1d5eb5705b201b652bc23d9 | ||
| - 02204af450f399b20f3cc8285a3513fc0c39518f33e3f827eab68b16ac97be56aa085777893ed29d37a60fd77c69abdbfd05a3f6d51c9b25d3a9f33f4afbcdc061 | ||
| - 031bb32eada4d3f2e6fd6b63b5ad84af83babb1e4d569e6ab2ecdb0bb26bd07dba251cfd58721d0bb369044c470a5cea721006740eda5d909e850c259a09f10583 | ||
|
|
||
| # Commit threshold cryptosystem public configuration. | ||
| commit_cryptosystem_type: threshold-bls | ||
| commit_cryptosystem_subtype_parameter: BN-P254 | ||
| commit_cryptosystem_num_signers: 4 | ||
| commit_cryptosystem_threshold: 4 | ||
| commit_cryptosystem_public_key: 031c28db8b612135328f04e2a31b85f65bc33bf4e1fb32d7df48939173a2d745c20f793682b23578eb4975d22a7af3b7bd61916e66f0dcbbcaefa118ad5fd7bd5d | ||
| commit_cryptosystem_verification_keys: | ||
| - 020de71ba1cd8c4a683e9d783013b92add014452826b3a4fc054e25dc651ee1d300df27b81a605cfb35dbf1ab9cbd7ce2a6e1778fa3a7c30766387eb5984ba5270 | ||
| - 03214a84285abf66a34c32dba5896ff4edc4c6f17a8333c39ac404fe0494c30f21191a5c5f509f3fd8e70c0630a0f6f33443b4ed8893fb3842fc12f3f8ff8c0d7f | ||
| - 031923249ea9ed334dffdc6569240d90ce57a194279135816bf43eba08c7fff455183e29aa1607a11a78ffad4b107f24548a01453f49cd5e9fcbd8dbf9f114f045 | ||
| - 0220d2253a629acc970521c2569170fdbe7f9ec9ed3a30405dd5d017ef056e785f12422f7cac5069e7d101eb017e8a98555d697356ebcccdad4c4f1bee4a4476f8 | ||
|
|
||
| # Optimistic fast path commit threshold cryptosystem public configuration. | ||
| optimistic_commit_cryptosystem_type: multisig-bls | ||
| optimistic_commit_cryptosystem_subtype_parameter: BN-P254 | ||
| optimistic_commit_cryptosystem_num_signers: 4 | ||
| optimistic_commit_cryptosystem_threshold: 4 | ||
| optimistic_commit_cryptosystem_public_key: 0214fbcbb456f0bccd68a3ee42dd28255bea4c0b3aeb5abf820a3ae1d14405251e19bad72b6fb2c0fbceae2cfa7ab33e320d36b68bcbbcc51282b7486f43160a12 | ||
| optimistic_commit_cryptosystem_verification_keys: | ||
| - 020322fb834b84cc171f0da4c9bd1d9de18a141bfcd5817b82a59823571831cc2a1a02ce331ebfe01b51f7b001137ec9e28eca27a99f5dcec164b26aa07006f795 | ||
| - 020fb53bc712704671bc1ae6a19b729093d352fc1add47e9804733ef5dcf1849b0164a6e6a1fc3bf07aa5adf7f355525d8cd8f4d8f0b0c9723fd2bc800fdb715be | ||
| - 031b92e9dbf44ae5e87593e5ca6983fcca579ff22f28ea7e3dfd6ea8c98f19717609438156c91eac41ff2126274b0dcdfee0c1145754594ca3c7ec4ba4b2d6949e | ||
| - 02047f862a912d3c979c17a40284df584216361b8b3e95a36a6424e6c9dbfa326f08b3e556260d723591fe14e41bfae702197f721734dcb674a6f7a53aabc52a6c | ||
|
|
||
| # Private keys for this replica | ||
| rsa_private_key: 308204BA020100300D06092A864886F70D0101010500048204A4308204A00201000282010100B9C99EB540BCA677AB730EE058019D2432B384BF445053A7DC7E975873AEA9F3D5E2A77D80259F7819781C159A3B4FD24F2BCF02D4F4ED05EFDA782460AEB5CAE567228D9AA02B1DAAA1DD788CCC5DD88980B4418946D61BCB6A600302F9F9032469D82C419D1DA958CCA3DC25AA9602CAF85F4B6FC0A5ED0D3415FD47FB1F5775C0F648414319411B31D592454539A2D85ADD5CED0D0E819F66C8F4B63B4F31B57053116F4E4A35EB0D87F1094E9DC46B59FE2BB613B4A2E718DBDF52D1BE5EAD7F95552F8B406CD599A23732627BA4E0BD3C1A97BB14BB6F18785C6DE24E93C065A7372F3E954E5DC57386CE6D8AC815795A5B1BD7754473063AEC7B9564090201110282010008324E87FF1761B274BD8BF34F2D3F673E78DC71D99A21CEEF5FF016B9CF3C342B518763A789307279981F5B4E5570B2B0AB583110ECB01A9D67C18922620F8CB74C1459121DA78C9A59F6F27EAEA9C98D98806C4D95F2DB9444B1698B6CE91A7DD77E3E301239C7789F9DD13DE5A4BC5BC73161721B529D481CA69DFF693252D7955B724A1BAF25BA3C97DB29494D4E13AB2D1760507240DC1B82ABCA7BE3054FE892F584B99950902F31D70D7DA26DDC3B498863C2A7F49DF97F96FAE138DED4805BFC3DBEED2B92C90096DA48D2735483C75E4AD966341A72D4BD8112B97EF888B3ABB3196432AE1EDD0EFA4B354EE1456940FCA5198899E56E560DD89C7D02818100D170CEA6859B980AE2A56A1EAC17A668EA7F0B8EBC051BA3D63CA5CFD8EF78C90BAB48DF45ECEE56EE537990242B1C2031D46BAF8DB4C6BCC5BB32CE577AA7FD547589304DD8E5BB5B007204B2628DF32D5D5BA3D607ED1B82C30401AAC28B70E89559E90AA4FDEBD2782555155CB1F345B9DC84156921136D6F2B230DCFA26D02818100E316B9832BDEA9DF10844EB69C0565A5855E7E66FF3DD51FA1653BEEEFA911F0412D5C75139D1E12388C4F565E03CA94B99B0FBDFDCD643D79F107B2C4BB62A688573C7A14CAB02B2622782C818D4B7B8D0A3972CBC8C5AD94D548E8AACCABE4D66064C4F3AF62E5CB3C66338FBD75D8DD9A2C15FD2566C36546A02ADE97E68D0281807B334C61F43D687EDFAC98C6BF9570F26BD24308AAD5D406058D163E0723743A06DD39ECBFB88C3322C7B0EB6091D44F2C5ED5EECBD3C032CEAA5A1F0648269504815FC20FACC35F2678BB8A4AD08FBC38CD8133329B402E4CEB2F8882908E426AB234E36FAC59214EA106E6C14595DA6540275CC14CE647A9C8EC32BCD47DA90281806ADD8479F686E68716D4D9BF587B02A83EC30E4E963B371DF1990D25257CBD25C45194EBCCFEA4BD47C98EBF3B4D1409C0C170D1E0D9201CEE1712AE7AB288C6D6BFA3FD36F5F88CC6A6CF2400BAF658425F2A17E76D8A3391554F7C8C9C8D2064E2114D9FDA106C2367B79FCB2BFB38E0C105AFFEA8305BF36C879BB40B3F5102818004F815D801C868F08E71B595E7B050E2539EC78F5673EC165D49699A942BBD8DA3C0D6EDB27C448EF62E65BDD46EC247663D410D20995B05C7BB8823C464846329F74370C1B821CB2ABA4E51DB83869EC8E5455A1D41F15BB67CB65AFE8C2883D08974B1EEA99282CD3B1DDFBE213523032B8E44E7C649E6D14348A6169055E4 | ||
| execution_cryptosystem_private_key: 14991831654610688606890052632997236039711231583608467688338524740439307485857 | ||
| slow_commit_cryptosystem_private_key: 12808602575807384160464102567671972960286707046483574707369229571091479303781 | ||
| commit_cryptosystem_private_key: 2542944741026621257838986975981418110477519106405321844033100892640963583616 | ||
| optimistic_commit_cryptosystem_private_key: 1898929273882552010740990889013359392802440236614290035997754166259466767419 |
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -1,6 +1,69 @@ | ||
| # Concord-BFT replica keyfile private_replica_2. | ||
| # For replica 2 in a 4-replica cluster. | ||
|
|
||
| num_replicas: 4 | ||
| f_val: 1 | ||
| c_val: 0 | ||
| replica_id: 2 | ||
|
|
||
| # RSA non-threshold replica public keys | ||
| rsa_public_keys: | ||
| - 30820120300D06092A864886F70D01010105000382010D00308201080282010100A2F61615AAE619C54D4BD687A7D4E3D027A7505EA18BF0B82CC04B356BE0974C398B8F15E56099E5CE8B6222F24AC1C5F9B0C5DE3F3035C9759F0F09D0C2068719FE519EA2009E80F8DF4B6E7F03C2E0D6F064FC2E985867FCE66CAC8A9952ABA8056113292445DBC1297A6EE33729239C65D523D8CDFDB38848958940C33C74525E0155D99FF97D4C4D4317D33191763756ED0D3674D8037514572A418A0169151888ACA8EC31B631C04ED158E1B15A396C60D76292FEBBBDD3784D83ECB044ED767696AACDB6323EB1FB60746318AEBB9A5CC6DE339A92E17C2C0CA82B3C85F92DB9CE3DBF8653BDE53F4BF084D8F8C7CA5BEF4E0051FE05BAA8CF6DBC2399020111 | ||
| - 30820120300D06092A864886F70D01010105000382010D00308201080282010100B9C99EB540BCA677AB730EE058019D2432B384BF445053A7DC7E975873AEA9F3D5E2A77D80259F7819781C159A3B4FD24F2BCF02D4F4ED05EFDA782460AEB5CAE567228D9AA02B1DAAA1DD788CCC5DD88980B4418946D61BCB6A600302F9F9032469D82C419D1DA958CCA3DC25AA9602CAF85F4B6FC0A5ED0D3415FD47FB1F5775C0F648414319411B31D592454539A2D85ADD5CED0D0E819F66C8F4B63B4F31B57053116F4E4A35EB0D87F1094E9DC46B59FE2BB613B4A2E718DBDF52D1BE5EAD7F95552F8B406CD599A23732627BA4E0BD3C1A97BB14BB6F18785C6DE24E93C065A7372F3E954E5DC57386CE6D8AC815795A5B1BD7754473063AEC7B956409020111 | ||
| - 30820120300D06092A864886F70D01010105000382010D00308201080282010100B55EC87F1BB8FE06BAF17EF6C290B60AF008DE4D04D2EFC096B19D0E27E309328637A7BC5A591EF1F4CBDF7F21352BE9B144C1CF57CB56A99AD1E1859B0B0418EAB38F1B44A73C5D584E801FFE82788E22B29ADEEF07D6CA586467B8597F99BC9476D98E791806FD3B4D36568D30F5713183563A4B7FA94D452608F9CC1FB2E2A1E8AFAA9F858D33C28B7059CBA97F5E33EECD7B17DE456B5CE4143F720092C35B78026027221954DBCAAEAD8D82F7BACFF86782EC1182CBDA8E78AD13CE1A0C0323223CF435AEFDE3ABDD33C51294885C0CA3FEC50B64B7E5792032D72EDBA2D0D6071ECE706CA03B4F48690DC58FC977D67C31B60D8B1C59FE1EC054754C8B020111 | ||
| - 30820120300D06092A864886F70D01010105000382010D00308201080282010100C21ABAD2260E05E5DCBCCFC462608532EE1F2EC4C0C660E46BEACE4D4A435A45D31859D58B86FB853E28272D76D433FA2A975FC006967C76A8837B405C366D3E3A9DDC807E2DC6E0DB4472916A6149EF2EA65E7E89E77818DFDF4A9F38421F84C2CC507388A9A3B05D2DB3E2C99DFA325A5BB39387129CBEEBB1DA7DE621FFA1E0BB5ACF49562ED0DFBD03FD29A0F2FDE1011C62FD2B572B65F842CA01EBC5E182D4B92B46892F997DEB2169629E228F17BFDD25CCEA07EA5F3ABFB917D2A6C9CE9E026B9BC24EF58C48D3C7907B8EF6E5BA8554A9AF0FCCF7DDCB66DAC24939551D9747D726567336A7A1C7E3F8261F600E0597D80DA107C46E957D5E4DF4B5020111 | ||
|
|
||
| # Execution threshold cryptosystem public configuration. | ||
| execution_cryptosystem_type: threshold-bls | ||
| execution_cryptosystem_subtype_parameter: BN-P254 | ||
| execution_cryptosystem_num_signers: 4 | ||
| execution_cryptosystem_threshold: 2 | ||
| execution_cryptosystem_public_key: 020d24a4e139d5a7d732b7112801b83b8c66db857af5aa0a6964f7d86f9fe2e9d91505dc5d67eb28e1df123363ce1b116eed9f410639bcc96b24da654ad8fe979f | ||
| execution_cryptosystem_verification_keys: | ||
| - 0212e1aa988094ee9c2263dd98048cb06d48bd818bbbf1205ffa6339658738d0112269849ea1ac55fe0f4986dc81fcfc80eed11152e3027669094b571ead277bbf | ||
| - 02042c10e830d8adbb92c464be5e8e043c982eed82cb45ca4b460f9d82aa183f18054d2580702c7a8475e0735bf228da3d15df3280691e854fc88e49fcee43c465 | ||
| - 0310f9a22eb94e068e7948f7a0ad64ed8371cb07b75ae52c74e3587cc690d9d7ee15160cc695f452ff71250eb05621c75996ac8580b967ec0588d26758a375a1ea | ||
| - 0302dda9f185850009b08a2f22cb637a15c9a2da677a11302267035e704179f4d70bda229a4fb6ae9af30ee8e82f608931657d501392905787b5ebe6597173e27d | ||
|
|
||
| # Slow path commit threshold cryptosystem public configuration. | ||
| slow_commit_cryptosystem_type: threshold-bls | ||
| slow_commit_cryptosystem_subtype_parameter: BN-P254 | ||
| slow_commit_cryptosystem_num_signers: 4 | ||
| slow_commit_cryptosystem_threshold: 3 | ||
| slow_commit_cryptosystem_public_key: 02058ed8ae8b55cc3b674f8c05940554c32d35203c4d6fa0c7e54e91287e2f559105b3c0048be1bf32143825b1e96ce734d7cd8e39b28893ecfed01868fa37dbb4 | ||
| slow_commit_cryptosystem_verification_keys: | ||
| - 02093a80ed694ac9ee5096f37900762638be765f0d4517569761c1146509bb12671f5b1f30c1c4f987bc36216b4f69bed4ac1b54c7f094b9f01c4c8a538cc45ce8 | ||
| - 03242eff0e8a8639cc840d4438bec151de2e6840949d16dc006b0862cfd9bef2c3003a1783a4d8a1f2c2f195f5ec733e0e23a00b5da1d5eb5705b201b652bc23d9 | ||
| - 02204af450f399b20f3cc8285a3513fc0c39518f33e3f827eab68b16ac97be56aa085777893ed29d37a60fd77c69abdbfd05a3f6d51c9b25d3a9f33f4afbcdc061 | ||
| - 031bb32eada4d3f2e6fd6b63b5ad84af83babb1e4d569e6ab2ecdb0bb26bd07dba251cfd58721d0bb369044c470a5cea721006740eda5d909e850c259a09f10583 | ||
|
|
||
| # Commit threshold cryptosystem public configuration. | ||
| commit_cryptosystem_type: threshold-bls | ||
| commit_cryptosystem_subtype_parameter: BN-P254 | ||
| commit_cryptosystem_num_signers: 4 | ||
| commit_cryptosystem_threshold: 4 | ||
| commit_cryptosystem_public_key: 031c28db8b612135328f04e2a31b85f65bc33bf4e1fb32d7df48939173a2d745c20f793682b23578eb4975d22a7af3b7bd61916e66f0dcbbcaefa118ad5fd7bd5d | ||
| commit_cryptosystem_verification_keys: | ||
| - 020de71ba1cd8c4a683e9d783013b92add014452826b3a4fc054e25dc651ee1d300df27b81a605cfb35dbf1ab9cbd7ce2a6e1778fa3a7c30766387eb5984ba5270 | ||
| - 03214a84285abf66a34c32dba5896ff4edc4c6f17a8333c39ac404fe0494c30f21191a5c5f509f3fd8e70c0630a0f6f33443b4ed8893fb3842fc12f3f8ff8c0d7f | ||
| - 031923249ea9ed334dffdc6569240d90ce57a194279135816bf43eba08c7fff455183e29aa1607a11a78ffad4b107f24548a01453f49cd5e9fcbd8dbf9f114f045 | ||
| - 0220d2253a629acc970521c2569170fdbe7f9ec9ed3a30405dd5d017ef056e785f12422f7cac5069e7d101eb017e8a98555d697356ebcccdad4c4f1bee4a4476f8 | ||
|
|
||
| # Optimistic fast path commit threshold cryptosystem public configuration. | ||
| optimistic_commit_cryptosystem_type: multisig-bls | ||
| optimistic_commit_cryptosystem_subtype_parameter: BN-P254 | ||
| optimistic_commit_cryptosystem_num_signers: 4 | ||
| optimistic_commit_cryptosystem_threshold: 4 | ||
| optimistic_commit_cryptosystem_public_key: 0214fbcbb456f0bccd68a3ee42dd28255bea4c0b3aeb5abf820a3ae1d14405251e19bad72b6fb2c0fbceae2cfa7ab33e320d36b68bcbbcc51282b7486f43160a12 | ||
| optimistic_commit_cryptosystem_verification_keys: | ||
| - 020322fb834b84cc171f0da4c9bd1d9de18a141bfcd5817b82a59823571831cc2a1a02ce331ebfe01b51f7b001137ec9e28eca27a99f5dcec164b26aa07006f795 | ||
| - 020fb53bc712704671bc1ae6a19b729093d352fc1add47e9804733ef5dcf1849b0164a6e6a1fc3bf07aa5adf7f355525d8cd8f4d8f0b0c9723fd2bc800fdb715be | ||
| - 031b92e9dbf44ae5e87593e5ca6983fcca579ff22f28ea7e3dfd6ea8c98f19717609438156c91eac41ff2126274b0dcdfee0c1145754594ca3c7ec4ba4b2d6949e | ||
| - 02047f862a912d3c979c17a40284df584216361b8b3e95a36a6424e6c9dbfa326f08b3e556260d723591fe14e41bfae702197f721734dcb674a6f7a53aabc52a6c | ||
|
|
||
| # Private keys for this replica | ||
| rsa_private_key: 308204BC020100300D06092A864886F70D0101010500048204A6308204A20201000282010100B55EC87F1BB8FE06BAF17EF6C290B60AF008DE4D04D2EFC096B19D0E27E309328637A7BC5A591EF1F4CBDF7F21352BE9B144C1CF57CB56A99AD1E1859B0B0418EAB38F1B44A73C5D584E801FFE82788E22B29ADEEF07D6CA586467B8597F99BC9476D98E791806FD3B4D36568D30F5713183563A4B7FA94D452608F9CC1FB2E2A1E8AFAA9F858D33C28B7059CBA97F5E33EECD7B17DE456B5CE4143F720092C35B78026027221954DBCAAEAD8D82F7BACFF86782EC1182CBDA8E78AD13CE1A0C0323223CF435AEFDE3ABDD33C51294885C0CA3FEC50B64B7E5792032D72EDBA2D0D6071ECE706CA03B4F48690DC58FC977D67C31B60D8B1C59FE1EC054754C8B020111028201005559C7C358570E2148EA1DA14C8055AACB4F77ABC608E94B92357715B86AD726D5BFD676C11AE162CD8D1DE17909F68C172F6A43749BEC8C0C9F00B758052F1AC8CCF80CD50367B374D9A5B4B40129AC4C9048E1616D19C8A21121C02A1DEDFE63FBB1AC75387BC2764273EC7EADA0ADBCF282EE41A57CD9117B4F849C4B270071E30F780477C435574AD2208CC91F3752EFB8FFCB4A52AE575C0AC21FD1633DE8EC01B5F7FA0C8DAE5CD8C943CF998828A02D86911DFAD14CFEEC187C5F65155677FC1C6C1C24C76CF59871E697917F676D436559028093543C85DD77682471CB8B00611F394EB31019362D2B98508350EA5C1575225957BBDEADED6DB0D7F102818100E6367210E6535D7A93CCCD0B27240732518A6621D63E8587AA04CC56110EAA097CDC3B76C1176241F7755239F40F70B7D16A810134428541FC51A0B08E918EB26BC2DF903D5B343C31261CE0D085BD5E8B9BB1FD31EE5C425E743AEDF8B3BAF093FDD39B8E76EF46ABEEE590AFF422534AA24CDBE4DD3F4BB929EF62C948677B02818100C9AFBCBAAFB3AEC7D53FA4C9795A15D65226FE39B1A1D031393BB10CDD54F5D64FA64346B7175C65D1D00FC7E95A60C1A83985C3C36F488D1A9F22487CF1D48C3FA14AF0511EAC99EAFBDC60EA8AC1FB14A8C2CA35F7B73C740448CE40BDD3406C50D2B4DD9FB61D0D2ACFB8612DC25F21422BA838474DF6319AFDC502151A3102818100876B52280F03DCA2750F0F33BCABC7FF7B425A32058E306DEB8A5A14828118BA49727D54EA0DC153FAF9B7E5DADBE7F3A85CC45B0FAEA8BD673F133AAE37811DA8CCFBFA7E71E27DC28EE3CF89B8150A703D77C21D5F0917FB536DF5651E6DF6EDA45E5B80FAAADE4704FF8249626E8B59142D360E27CAE13FBE50947666D375028180472EF750F2B7E355968EEEDDB25C07B50DEFA5054DC0A3D523423E7D02D2B11E7676EA916DCC027E4A0D32BF0710D6DAF0144D5426DBFB7D18746673EFDCE19AE947FC54D1561ECCE986118B9E12DB0D5295EA657C758BF73801831B9E611D62081C869A301A40467D1E2B32042E449A0BBD00597D4657C04DBE3B72B570DC1102818100B5130AB112580F43B252AD881425679EAA78D37C925664E4218EDCDEEAE1EF976AC084DA60A8B27E2CC2E604166B5E2DE2BCC7573EAE9EC0820AEF3DE5BC24A485A62826EA66D99F29FB5773A34236BC54EA5579FAFEC8FEA62311B51C83ACAF12E6B60BF677E7E4DCE03B9ED9A76DE74784157416C51F8D9ACB1274B9670DD6 | ||
| execution_cryptosystem_private_key: 8504076776358421567083894736517585635112403112694055816871425764624957917534 | ||
| slow_commit_cryptosystem_private_key: 8741252438524156776027803973937400511687985424963596749532357738237931171959 | ||
| commit_cryptosystem_private_key: 8802427667512181050444223619266739265908410210191712114555705994338146024288 | ||
| optimistic_commit_cryptosystem_private_key: 9236185114513455157724050468710908007724321945838330740309448661407027883097 |
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -1,6 +1,69 @@ | ||
| # Concord-BFT replica keyfile private_replica_3. | ||
| # For replica 3 in a 4-replica cluster. | ||
|
|
||
| num_replicas: 4 | ||
| f_val: 1 | ||
| c_val: 0 | ||
| replica_id: 3 | ||
|
|
||
| # RSA non-threshold replica public keys | ||
| rsa_public_keys: | ||
| - 30820120300D06092A864886F70D01010105000382010D00308201080282010100A2F61615AAE619C54D4BD687A7D4E3D027A7505EA18BF0B82CC04B356BE0974C398B8F15E56099E5CE8B6222F24AC1C5F9B0C5DE3F3035C9759F0F09D0C2068719FE519EA2009E80F8DF4B6E7F03C2E0D6F064FC2E985867FCE66CAC8A9952ABA8056113292445DBC1297A6EE33729239C65D523D8CDFDB38848958940C33C74525E0155D99FF97D4C4D4317D33191763756ED0D3674D8037514572A418A0169151888ACA8EC31B631C04ED158E1B15A396C60D76292FEBBBDD3784D83ECB044ED767696AACDB6323EB1FB60746318AEBB9A5CC6DE339A92E17C2C0CA82B3C85F92DB9CE3DBF8653BDE53F4BF084D8F8C7CA5BEF4E0051FE05BAA8CF6DBC2399020111 | ||
| - 30820120300D06092A864886F70D01010105000382010D00308201080282010100B9C99EB540BCA677AB730EE058019D2432B384BF445053A7DC7E975873AEA9F3D5E2A77D80259F7819781C159A3B4FD24F2BCF02D4F4ED05EFDA782460AEB5CAE567228D9AA02B1DAAA1DD788CCC5DD88980B4418946D61BCB6A600302F9F9032469D82C419D1DA958CCA3DC25AA9602CAF85F4B6FC0A5ED0D3415FD47FB1F5775C0F648414319411B31D592454539A2D85ADD5CED0D0E819F66C8F4B63B4F31B57053116F4E4A35EB0D87F1094E9DC46B59FE2BB613B4A2E718DBDF52D1BE5EAD7F95552F8B406CD599A23732627BA4E0BD3C1A97BB14BB6F18785C6DE24E93C065A7372F3E954E5DC57386CE6D8AC815795A5B1BD7754473063AEC7B956409020111 | ||
| - 30820120300D06092A864886F70D01010105000382010D00308201080282010100B55EC87F1BB8FE06BAF17EF6C290B60AF008DE4D04D2EFC096B19D0E27E309328637A7BC5A591EF1F4CBDF7F21352BE9B144C1CF57CB56A99AD1E1859B0B0418EAB38F1B44A73C5D584E801FFE82788E22B29ADEEF07D6CA586467B8597F99BC9476D98E791806FD3B4D36568D30F5713183563A4B7FA94D452608F9CC1FB2E2A1E8AFAA9F858D33C28B7059CBA97F5E33EECD7B17DE456B5CE4143F720092C35B78026027221954DBCAAEAD8D82F7BACFF86782EC1182CBDA8E78AD13CE1A0C0323223CF435AEFDE3ABDD33C51294885C0CA3FEC50B64B7E5792032D72EDBA2D0D6071ECE706CA03B4F48690DC58FC977D67C31B60D8B1C59FE1EC054754C8B020111 | ||
| - 30820120300D06092A864886F70D01010105000382010D00308201080282010100C21ABAD2260E05E5DCBCCFC462608532EE1F2EC4C0C660E46BEACE4D4A435A45D31859D58B86FB853E28272D76D433FA2A975FC006967C76A8837B405C366D3E3A9DDC807E2DC6E0DB4472916A6149EF2EA65E7E89E77818DFDF4A9F38421F84C2CC507388A9A3B05D2DB3E2C99DFA325A5BB39387129CBEEBB1DA7DE621FFA1E0BB5ACF49562ED0DFBD03FD29A0F2FDE1011C62FD2B572B65F842CA01EBC5E182D4B92B46892F997DEB2169629E228F17BFDD25CCEA07EA5F3ABFB917D2A6C9CE9E026B9BC24EF58C48D3C7907B8EF6E5BA8554A9AF0FCCF7DDCB66DAC24939551D9747D726567336A7A1C7E3F8261F600E0597D80DA107C46E957D5E4DF4B5020111 | ||
|
|
||
| # Execution threshold cryptosystem public configuration. | ||
| execution_cryptosystem_type: threshold-bls | ||
| execution_cryptosystem_subtype_parameter: BN-P254 | ||
| execution_cryptosystem_num_signers: 4 | ||
| execution_cryptosystem_threshold: 2 | ||
| execution_cryptosystem_public_key: 020d24a4e139d5a7d732b7112801b83b8c66db857af5aa0a6964f7d86f9fe2e9d91505dc5d67eb28e1df123363ce1b116eed9f410639bcc96b24da654ad8fe979f | ||
| execution_cryptosystem_verification_keys: | ||
| - 0212e1aa988094ee9c2263dd98048cb06d48bd818bbbf1205ffa6339658738d0112269849ea1ac55fe0f4986dc81fcfc80eed11152e3027669094b571ead277bbf | ||
| - 02042c10e830d8adbb92c464be5e8e043c982eed82cb45ca4b460f9d82aa183f18054d2580702c7a8475e0735bf228da3d15df3280691e854fc88e49fcee43c465 | ||
| - 0310f9a22eb94e068e7948f7a0ad64ed8371cb07b75ae52c74e3587cc690d9d7ee15160cc695f452ff71250eb05621c75996ac8580b967ec0588d26758a375a1ea | ||
| - 0302dda9f185850009b08a2f22cb637a15c9a2da677a11302267035e704179f4d70bda229a4fb6ae9af30ee8e82f608931657d501392905787b5ebe6597173e27d | ||
|
|
||
| # Slow path commit threshold cryptosystem public configuration. | ||
| slow_commit_cryptosystem_type: threshold-bls | ||
| slow_commit_cryptosystem_subtype_parameter: BN-P254 | ||
| slow_commit_cryptosystem_num_signers: 4 | ||
| slow_commit_cryptosystem_threshold: 3 | ||
| slow_commit_cryptosystem_public_key: 02058ed8ae8b55cc3b674f8c05940554c32d35203c4d6fa0c7e54e91287e2f559105b3c0048be1bf32143825b1e96ce734d7cd8e39b28893ecfed01868fa37dbb4 | ||
| slow_commit_cryptosystem_verification_keys: | ||
| - 02093a80ed694ac9ee5096f37900762638be765f0d4517569761c1146509bb12671f5b1f30c1c4f987bc36216b4f69bed4ac1b54c7f094b9f01c4c8a538cc45ce8 | ||
| - 03242eff0e8a8639cc840d4438bec151de2e6840949d16dc006b0862cfd9bef2c3003a1783a4d8a1f2c2f195f5ec733e0e23a00b5da1d5eb5705b201b652bc23d9 | ||
| - 02204af450f399b20f3cc8285a3513fc0c39518f33e3f827eab68b16ac97be56aa085777893ed29d37a60fd77c69abdbfd05a3f6d51c9b25d3a9f33f4afbcdc061 | ||
| - 031bb32eada4d3f2e6fd6b63b5ad84af83babb1e4d569e6ab2ecdb0bb26bd07dba251cfd58721d0bb369044c470a5cea721006740eda5d909e850c259a09f10583 | ||
|
|
||
| # Commit threshold cryptosystem public configuration. | ||
| commit_cryptosystem_type: threshold-bls | ||
| commit_cryptosystem_subtype_parameter: BN-P254 | ||
| commit_cryptosystem_num_signers: 4 | ||
| commit_cryptosystem_threshold: 4 | ||
| commit_cryptosystem_public_key: 031c28db8b612135328f04e2a31b85f65bc33bf4e1fb32d7df48939173a2d745c20f793682b23578eb4975d22a7af3b7bd61916e66f0dcbbcaefa118ad5fd7bd5d | ||
| commit_cryptosystem_verification_keys: | ||
| - 020de71ba1cd8c4a683e9d783013b92add014452826b3a4fc054e25dc651ee1d300df27b81a605cfb35dbf1ab9cbd7ce2a6e1778fa3a7c30766387eb5984ba5270 | ||
| - 03214a84285abf66a34c32dba5896ff4edc4c6f17a8333c39ac404fe0494c30f21191a5c5f509f3fd8e70c0630a0f6f33443b4ed8893fb3842fc12f3f8ff8c0d7f | ||
| - 031923249ea9ed334dffdc6569240d90ce57a194279135816bf43eba08c7fff455183e29aa1607a11a78ffad4b107f24548a01453f49cd5e9fcbd8dbf9f114f045 | ||
| - 0220d2253a629acc970521c2569170fdbe7f9ec9ed3a30405dd5d017ef056e785f12422f7cac5069e7d101eb017e8a98555d697356ebcccdad4c4f1bee4a4476f8 | ||
|
|
||
| # Optimistic fast path commit threshold cryptosystem public configuration. | ||
| optimistic_commit_cryptosystem_type: multisig-bls | ||
| optimistic_commit_cryptosystem_subtype_parameter: BN-P254 | ||
| optimistic_commit_cryptosystem_num_signers: 4 | ||
| optimistic_commit_cryptosystem_threshold: 4 | ||
| optimistic_commit_cryptosystem_public_key: 0214fbcbb456f0bccd68a3ee42dd28255bea4c0b3aeb5abf820a3ae1d14405251e19bad72b6fb2c0fbceae2cfa7ab33e320d36b68bcbbcc51282b7486f43160a12 | ||
| optimistic_commit_cryptosystem_verification_keys: | ||
| - 020322fb834b84cc171f0da4c9bd1d9de18a141bfcd5817b82a59823571831cc2a1a02ce331ebfe01b51f7b001137ec9e28eca27a99f5dcec164b26aa07006f795 | ||
| - 020fb53bc712704671bc1ae6a19b729093d352fc1add47e9804733ef5dcf1849b0164a6e6a1fc3bf07aa5adf7f355525d8cd8f4d8f0b0c9723fd2bc800fdb715be | ||
| - 031b92e9dbf44ae5e87593e5ca6983fcca579ff22f28ea7e3dfd6ea8c98f19717609438156c91eac41ff2126274b0dcdfee0c1145754594ca3c7ec4ba4b2d6949e | ||
| - 02047f862a912d3c979c17a40284df584216361b8b3e95a36a6424e6c9dbfa326f08b3e556260d723591fe14e41bfae702197f721734dcb674a6f7a53aabc52a6c | ||
|
|
||
| # Private keys for this replica | ||
| rsa_private_key: 308204BB020100300D06092A864886F70D0101010500048204A5308204A10201000282010100C21ABAD2260E05E5DCBCCFC462608532EE1F2EC4C0C660E46BEACE4D4A435A45D31859D58B86FB853E28272D76D433FA2A975FC006967C76A8837B405C366D3E3A9DDC807E2DC6E0DB4472916A6149EF2EA65E7E89E77818DFDF4A9F38421F84C2CC507388A9A3B05D2DB3E2C99DFA325A5BB39387129CBEEBB1DA7DE621FFA1E0BB5ACF49562ED0DFBD03FD29A0F2FDE1011C62FD2B572B65F842CA01EBC5E182D4B92B46892F997DEB2169629E228F17BFDD25CCEA07EA5F3ABFB917D2A6C9CE9E026B9BC24EF58C48D3C7907B8EF6E5BA8554A9AF0FCCF7DDCB66DAC24939551D9747D726567336A7A1C7E3F8261F600E0597D80DA107C46E957D5E4DF4B5020111028201000DB394B77E2B2791BB408722F1DCA603985687D1A73527F8079E20A2114A065F481FD6272AFA782785E4B778AB05F199302ED38F0F861ADB330C4AF57BF7CB79D9F912939C7BB3AF7EE9B9C8017C5386579F51F6DC8ED54706C477B6E8DD83BB10C320C8E88471F45AE81EC4B6E3FF97217BEE8EEE6DBCC22EC1429F79A80C0547A8D53FF47069C598EEC02DB8C2E47EE9BAEA07255D37C1AB5711C75D721309D38D18BAF5912A2CBA57671D03F1AF44A6161C856581F4A5692114EE0273EA572502A0D172F21E3AB658FD3F086930ACB893E241DA50686B37BB10C9D4C5B543B9D59BD9BE578C68D5E0E57C543767A6FAD007E7AA57F2BEF9A7639B8018B5D902818100D00F4C5B957EF8769206280B22F6CDE4D225BA434ED7AABC53686A4E72D6642679EE3A4F8799B45EFC49552CDA096C25AEAB367C0754442401041A2BD7BF0AEF18D64844F9E0FA0AA82430A3D5FCAA35523B119BAC0A790844B695A06C5388DAE7D617DF173A6C8D4C38624E0C84759D0C59C13274E7C912F32BE1615DF55E5B02818100EED44169ACF40695AC808EBFA28BD56875036EBA7255C1376C93B1F3389AA95A7E97A0832811A5C0DC7642217B5F83723830BD47FCE4B9F46237526172A9795D7ECD293A1AD0A8AB2237F4D16E02088807506E6968DC24D5C84D1D45D2D338744F4AB4DC0CBE4F6E147D371883B81EC4C7DBD468CB47E90E007F5BABBEFA862F02818100C3D229BF9BC2CBBAE3C98F198A51B2B93E41A03F59437384124427D15D0603E7FA49A04AD9FA132C38BD7D5763CCA20559199CB0F7D6D6B8796D45CEE92C4686ADF6DA9B458872DCDA7C6A039C3918AAA7BF1FA192DCAE25E6517DC429B808558EE79DFF24EBB175ED623E67934F7DC0FC90B5D522BC088A4E476AB5FE141C910281807063E28C15278AA0C9A5E8D2A6D8646D643DD9C126BEF1837E639F090B941375E1384B8903CC11C42B82F1F1A3783DDB65BC954F0D98CFFA8892811ECC8BFCE0B4244FA2DF7140508892CD8FBB4C4040037124E64F76A7EC22062BE49F7274EB709BA0678D86BBF7912BDDB12EED3BA7E594A031509A4F8E1E5A0D05870C7B6102818016BD198C7F5F203FA9415DFB02BFD716BBE98100F22D39F5B51F448E7F72D95F40BF23C5D1A098EE410E1032AAFE9D7734641377313B7637F1B72611FBF9536491D867D78CBA6A326029A342E57F81067F532A04547A0EE80077256AA9204DCA30F996421D080D79FB51624B2D564A03A81C72BF7BE82E07D4AD9606F95205AC | ||
| execution_cryptosystem_private_key: 2016321898106154527277736840037935230513574641779643945404326788810608349211 | ||
| slow_commit_cryptosystem_private_key: 10310004607302212385693983636466042908447409560822864863902109153690852646438 | ||
| commit_cryptosystem_private_key: 7228901245157859809737939329292776858548795529405492628015780027277517492253 | ||
| optimistic_commit_cryptosystem_private_key: 8692344236695863968964493903404119728571157078229370243313593471357142613619 |
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,308 @@ | ||
| // Concord | ||
| // | ||
| // Copyright (c) 2018 VMware, Inc. All Rights Reserved. | ||
| // | ||
| // This product is licensed to you under the Apache 2.0 license (the "License"). | ||
| // You may not use this product except in compliance with the Apache 2.0 License. | ||
| // | ||
| // This product may include a number of subcomponents with separate copyright | ||
| // notices and license terms. Your use of these subcomponents is subject to the | ||
| // terms and conditions of the subcomponent's license, as noted in the | ||
| // LICENSE file. | ||
|
|
||
| #include <regex> | ||
|
|
||
| #include "threshsign/ThresholdSignaturesTypes.h" | ||
| #include "threshsign/IThresholdSigner.h" | ||
| #include "threshsign/IThresholdVerifier.h" | ||
| #include "threshsign/bls/relic/BlsThresholdFactory.h" | ||
| #include "threshsign/bls/relic/PublicParametersFactory.h" | ||
|
|
||
| Cryptosystem::Cryptosystem(const std::string& sysType, | ||
| const std::string& sysSubtype, | ||
| uint16_t sysNumSigners, | ||
| uint16_t sysThreshold) { | ||
| if (!isValidCryptosystemSelection(sysType, sysSubtype, sysNumSigners, | ||
| sysThreshold)) { | ||
| throw InvalidCryptosystemException("Invalid cryptosystem selection:" | ||
| " primary type: " + sysType + ", subtype: " + sysSubtype + ", with " | ||
| + std::to_string(sysNumSigners) + " signers and threshold of " | ||
| + std::to_string(sysThreshold) + "."); | ||
| } | ||
| type = sysType; | ||
| subtype = sysSubtype; | ||
| numSigners = sysNumSigners; | ||
| threshold = sysThreshold; | ||
| signerID = NID; | ||
| } | ||
|
|
||
| // Helper function to generateNewPseudorandomKeys. | ||
| IThresholdFactory* Cryptosystem::createThresholdFactory() { | ||
| if (type == MULTISIG_BLS_SCHEME) { | ||
| return new BLS::Relic::BlsThresholdFactory( | ||
| BLS::Relic::PublicParametersFactory::getByCurveType(subtype.c_str())); | ||
| } else if (type == THRESHOLD_BLS_SCHEME) { | ||
| return new BLS::Relic::BlsThresholdFactory( | ||
| BLS::Relic::PublicParametersFactory::getByCurveType(subtype.c_str())); | ||
| } else { | ||
| // This should never occur because Cryptosystem validates its parameters | ||
| // in its constructor. | ||
| throw InvalidCryptosystemException("Using cryptosystem of unsupported" | ||
| " type: " + type + "."); | ||
| } | ||
| } | ||
|
|
||
| void Cryptosystem::generateNewPseudorandomKeys() { | ||
| std::unique_ptr<IThresholdFactory> factory(createThresholdFactory()); | ||
| std::vector<IThresholdSigner*> signers; | ||
| IThresholdVerifier* verifier; | ||
|
|
||
| std::tie(signers, verifier) | ||
| = factory->newRandomSigners(threshold, numSigners); | ||
|
|
||
| publicKey = verifier->getPublicKey().toString(); | ||
|
|
||
| verificationKeys.clear(); | ||
| verificationKeys.push_back(""); // Account for 1-indexing of signer IDs. | ||
| for (uint16_t i = 1; i <= numSigners; ++i) { | ||
| verificationKeys.push_back(verifier->getShareVerificationKey( | ||
| static_cast<ShareID>(i)).toString()); | ||
| } | ||
|
|
||
| privateKeys.clear(); | ||
| privateKeys.push_back(""); // Account for 1-indexing of signer IDs. | ||
| for (uint16_t i = 1; i <= numSigners; ++i) { | ||
| privateKeys.push_back(signers[i]->getShareSecretKey().toString()); | ||
| } | ||
|
|
||
| for (auto signer: signers) { | ||
| delete signer; | ||
| } | ||
|
|
||
| signerID = NID; | ||
|
|
||
| delete verifier; | ||
| } | ||
|
|
||
| std::string Cryptosystem::getSystemPublicKey() const { | ||
| if (publicKey.length() < 1) { | ||
| throw UninitializedCryptosystemException("A public key has not been" | ||
| " generated or loaded for this cryptosystem."); | ||
| } | ||
| return publicKey; | ||
| } | ||
|
|
||
| std::vector<std::string> Cryptosystem::getSystemVerificationKeys() const { | ||
| std::vector<std::string> output; | ||
| if (verificationKeys.size() != (numSigners + 1)) { | ||
| throw UninitializedCryptosystemException("Verification keys have not been" | ||
| " generated or loaded for this cryptosystem."); | ||
| } | ||
| // This should create a new copy of verificationKeys since we are returning by | ||
| // value. | ||
| return verificationKeys; | ||
| } | ||
|
|
||
| std::vector<std::string> Cryptosystem::getSystemPrivateKeys() const { | ||
| std::vector<std::string> output; | ||
| if (privateKeys.size() != (numSigners + 1)) { | ||
| throw UninitializedCryptosystemException("Private keys have not been" | ||
| " generated or loaded for this cryptosystem."); | ||
| } | ||
| // This should create a new copy of privateKeys since we are returning by | ||
| // value. | ||
| return privateKeys; | ||
| } | ||
|
|
||
| std::string Cryptosystem::getPrivateKey(uint16_t signerIndex) const { | ||
| if ((signerIndex < 1) || (signerIndex > numSigners)) { | ||
| throw std::out_of_range("Signer index for requested private key out of" | ||
| " range."); | ||
| } | ||
|
|
||
| if (privateKeys.size() == (numSigners + 1)) { | ||
| return privateKeys[signerIndex]; | ||
| } else if ((privateKeys.size() == 1) && (signerID == signerIndex)) { | ||
| return privateKeys.front(); | ||
| } | ||
|
|
||
| throw UninitializedCryptosystemException("Private keys have not been" | ||
| " generated or loaded for this cryptosystem."); | ||
| } | ||
|
|
||
| void Cryptosystem::loadKeys(const std::string& publicKey, | ||
| const std::vector<std::string>& verificationKeys) { | ||
| if (!isValidPublicKey(publicKey)) { | ||
| throw InvalidCryptosystemException("\"" + publicKey + "\" is not a valid" | ||
| " public key for this cryptosystem (type " + type + " and subtype " | ||
| + subtype + ")."); | ||
| } | ||
| if (verificationKeys.size() != (numSigners + 1)) { | ||
| throw InvalidCryptosystemException("Incorrect number of verification keys" | ||
| " provided: " + std::to_string(verificationKeys.size()) + " (expected " | ||
| + std::to_string(numSigners + 1) + ")."); | ||
| } | ||
| for (size_t i = 1; i <= numSigners; ++i) { | ||
| if (!isValidVerificationKey(verificationKeys[i])) { | ||
| throw InvalidCryptosystemException("\"" + verificationKeys[i] + "\" is" | ||
| " not a valid verification key for this cryptosystem (type " + type | ||
| + " and subtype " + subtype + ")."); | ||
| } | ||
| } | ||
|
|
||
| this->verificationKeys.clear(); | ||
| this->privateKeys.clear(); | ||
| this->publicKey = publicKey; | ||
|
|
||
| signerID = NID; | ||
|
|
||
| // This should make a copy of the verificationKeys vector we received as a | ||
| // parameter since this.verificationKeys is stored by value. | ||
| this->verificationKeys = verificationKeys; | ||
| } | ||
|
|
||
| void Cryptosystem::loadPrivateKey(uint16_t signerIndex, | ||
| const std::string& key) { | ||
| if ((signerIndex < 1) & (signerIndex > numSigners)) { | ||
| throw std::out_of_range("Signer index for provided private key out of" | ||
| " range."); | ||
| } | ||
| if (!isValidPrivateKey(key)) { | ||
| throw InvalidCryptosystemException("\"" + key + "\" is not a valid private" | ||
| " key for this cryptosystem (type " + type + " and subtype " + subtype | ||
| + ")."); | ||
| } | ||
|
|
||
| signerID = signerIndex; | ||
| privateKeys.clear(); | ||
| privateKeys.push_back(key); | ||
| } | ||
|
|
||
| IThresholdVerifier* Cryptosystem::createThresholdVerifier() { | ||
| if (publicKey.length() < 1) { | ||
| throw UninitializedCryptosystemException("Attempting to create a threshold" | ||
| " verifier for a cryptosystem with no public key loaded."); | ||
| } | ||
| if (verificationKeys.size() != (numSigners + 1)) { | ||
| throw UninitializedCryptosystemException("Attempting to create a threshold" | ||
| " verifier for a cryptosystem without verification keys loaded."); | ||
| } | ||
|
|
||
| IThresholdFactory* factory = createThresholdFactory(); | ||
|
|
||
| IThresholdVerifier* verifier | ||
| = factory->newVerifier(threshold, numSigners, publicKey.c_str(), | ||
| verificationKeys); | ||
|
|
||
| delete factory; | ||
| return verifier; | ||
| } | ||
|
|
||
| IThresholdSigner* Cryptosystem::createThresholdSigner() { | ||
| if (privateKeys.size() != 1) { | ||
| if (privateKeys.size() < 1) { | ||
| throw UninitializedCryptosystemException("Attempting to create a" | ||
| " threshold signer for a cryptosystem with no private keys loaded."); | ||
| } else { | ||
| throw UninitializedCryptosystemException("Attempting to create a" | ||
| " threshold signer for a cryptosystem with more than one private key" | ||
| " loaded without selecting a signer."); | ||
| } | ||
| } | ||
|
|
||
| IThresholdFactory* factory = createThresholdFactory(); | ||
|
|
||
| // Note we add 1 to the signer ID because IThresholdSigner seems to use a | ||
| // convention in which signer IDs are 1-indexed. | ||
| IThresholdSigner* signer | ||
| = factory->newSigner(signerID, privateKeys.front().c_str()); | ||
|
|
||
| delete factory; | ||
| return signer; | ||
| } | ||
|
|
||
| static const size_t expectedPublicKeyLength = 130; | ||
| static const size_t expectedVerificationKeyLength = 130; | ||
|
|
||
| bool Cryptosystem::isValidPublicKey(const std::string& key) const { | ||
| return (key.length() == expectedPublicKeyLength) | ||
| && (std::regex_match(key, std::regex("[0-9A-Fa-f]+"))); | ||
| } | ||
|
|
||
| bool Cryptosystem::isValidVerificationKey(const std::string& key) const { | ||
| return (key.length() == expectedVerificationKeyLength) | ||
| && (std::regex_match(key, std::regex("[0-9A-Fa-f]+"))); | ||
| } | ||
|
|
||
| bool Cryptosystem::isValidPrivateKey(const std::string& key) const { | ||
|
|
||
| // We currently do not validate the length of the private key's string | ||
| // representation because the length of its serialization varies slightly. | ||
|
|
||
| return std::regex_match(key, std::regex("[0-9A-Fa-f]+")); | ||
| } | ||
|
|
||
| bool Cryptosystem::isValidCryptosystemSelection(const std::string& type, | ||
| const std::string& subtype) { | ||
|
|
||
| if (type == MULTISIG_BLS_SCHEME) { | ||
| try { | ||
| BLS::Relic::BlsThresholdFactory factory( | ||
| BLS::Relic::PublicParametersFactory::getByCurveType( | ||
| subtype.c_str())); | ||
| return true; | ||
| } catch (std::exception e) { | ||
| return false; | ||
| } | ||
| } else if (type == THRESHOLD_BLS_SCHEME) { | ||
| try { | ||
| BLS::Relic::BlsThresholdFactory factory( | ||
| BLS::Relic::PublicParametersFactory::getByCurveType( | ||
| subtype.c_str())); | ||
| return true; | ||
| } catch (std::exception e) { | ||
| return false; | ||
| } | ||
| } else { | ||
| return false; | ||
| } | ||
| } | ||
|
|
||
| bool Cryptosystem::isValidCryptosystemSelection(const std::string& type, | ||
| const std::string& subtype, | ||
| uint16_t numSigners, | ||
| uint16_t threshold) { | ||
|
|
||
| // Automatically return false if numSigners and threshold are inherently | ||
| // invalid. Note we have chosen to disallow 0 as either numSigners or | ||
| // threshold, as such Cryptosystems would not be useful, but supporting them | ||
| // could introduce additional corner cases to the Cryptosystem class or code | ||
| // using it. | ||
| if ((numSigners < 1) | ||
| || (threshold < 1) | ||
| || (threshold > numSigners)) { | ||
| return false; | ||
| } | ||
|
|
||
| // Note MULTISIG_BLS scheme is not a true threshold scheme and is only | ||
| // allowable if the threshold equals the number of signers. | ||
| if ((type == MULTISIG_BLS_SCHEME) && (threshold != numSigners)) { | ||
| return false; | ||
| } else { | ||
| return isValidCryptosystemSelection(type, subtype); | ||
| } | ||
| } | ||
|
|
||
| void Cryptosystem::getAvailableCryptosystemTypes( | ||
| std::vector<std::pair<std::string, std::string>>& ret) { | ||
|
|
||
| std::pair<std::string, std::string> p; | ||
|
|
||
| p.first = MULTISIG_BLS_SCHEME; | ||
| p.second = "an elliptical curve type, for example, BN-P254"; | ||
| ret.push_back(p); | ||
|
|
||
| p.first = THRESHOLD_BLS_SCHEME; | ||
| p.second = "an elliptical curve type, for example, BN-P254"; | ||
| ret.push_back(p); | ||
| } |
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,45 @@ | ||
| project(concord_bft_tools LANGUAGES CXX) | ||
|
|
||
| add_executable(GenerateConcordKeys | ||
| GenerateConcordKeys.cpp | ||
| KeyfileIOUtils.hpp | ||
| KeyfileIOUtils.cpp) | ||
| target_include_directories(GenerateConcordKeys | ||
| PRIVATE | ||
| ${threshsign_SOURCE_DIR}/src | ||
| ${threshsign_SOURCE_DIR}/lib | ||
| ${threshsign_SOURCE_DIR}/include | ||
| ${bftengine_SOURCE_DIR}/src | ||
| ${bftengine_SOURCE_DIR}/include) | ||
| target_link_libraries(GenerateConcordKeys | ||
| PUBLIC | ||
| threshsign) | ||
| link_with_relic_library(GenerateConcordKeys) | ||
| set_target_properties(GenerateConcordKeys | ||
| PROPERTIES | ||
| RUNTIME_OUTPUT_DIRECTORY | ||
| .) | ||
|
|
||
| add_executable(TestGeneratedKeys | ||
| TestGeneratedKeys.cpp | ||
| KeyfileIOUtils.hpp | ||
| KeyfileIOUtils.cpp) | ||
| target_include_directories(TestGeneratedKeys | ||
| PRIVATE | ||
| ${threshsign_SOURCE_DIR}/src | ||
| ${threshsign_SOURCE_DIR}/lib | ||
| ${threshsign_SOURCE_DIR}/include | ||
| ${bftengine_SOURCE_DIR}/src | ||
| ${bftengine_SOURCE_DIR}/include) | ||
| target_link_libraries(TestGeneratedKeys | ||
| PUBLIC | ||
| threshsign | ||
| corebft) | ||
| link_with_relic_library(TestGeneratedKeys) | ||
| set_target_properties(TestGeneratedKeys | ||
| PROPERTIES | ||
| RUNTIME_OUTPUT_DIRECTORY | ||
| .) | ||
|
|
||
| file(COPY ${CMAKE_CURRENT_SOURCE_DIR}/testKeyGeneration.sh | ||
| DESTINATION ${CMAKE_CURRENT_BINARY_DIR}/) |
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,363 @@ | ||
| // Concord | ||
| // | ||
| // Copyright (c) 2018 VMware, Inc. All Rights Reserved. | ||
| // | ||
| // This product is licensed to you under the Apache 2.0 license (the "License"). | ||
| // You may not use this product except in compliance with the Apache 2.0 | ||
| // License. | ||
| // | ||
| // This product may include a number of subcomponents with separate copyright | ||
| // notices and license terms. Your use of these subcomponents is subject to the | ||
| // terms and conditions of the subcomponent's license, as noted in the LICENSE | ||
| // file. | ||
|
|
||
| #include <fstream> | ||
| #include <iostream> | ||
| #include <vector> | ||
|
|
||
| #include <cryptopp/dll.h> | ||
|
|
||
| #include "threshsign/ThresholdSignaturesTypes.h" | ||
| #include "KeyfileIOUtils.hpp" | ||
|
|
||
| // Helper functions and static state to this executable's main function. | ||
|
|
||
| static bool containsHelpOption(int argc, char** argv) { | ||
| for (int i = 1; i < argc; ++i) { | ||
| if (std::string(argv[i]) == "--help") { | ||
| return true; | ||
| } | ||
| } | ||
| return false; | ||
| } | ||
|
|
||
| static CryptoPP::RandomPool sGlobalRandGen; | ||
| const unsigned int rsaKeyLength = 2048; | ||
|
|
||
| static std::pair<std::string, std::string> generateRsaKey() { | ||
|
|
||
| // Uses CryptoPP implementation of RSA key generation. | ||
|
|
||
| std::pair<std::string, std::string> keyPair; | ||
|
|
||
| CryptoPP::RSAES<CryptoPP::OAEP<CryptoPP::SHA256>>::Decryptor | ||
| priv(sGlobalRandGen, rsaKeyLength); | ||
| CryptoPP::HexEncoder privEncoder(new CryptoPP::StringSink(keyPair.first)); | ||
| priv.DEREncode(privEncoder); | ||
| privEncoder.MessageEnd(); | ||
|
|
||
| CryptoPP::RSAES<CryptoPP::OAEP<CryptoPP::SHA256>>::Encryptor pub(priv); | ||
| CryptoPP::HexEncoder pubEncoder(new CryptoPP::StringSink(keyPair.second)); | ||
| pub.DEREncode(pubEncoder); | ||
| pubEncoder.MessageEnd(); | ||
|
|
||
| return keyPair; | ||
| } | ||
|
|
||
| static bool parseUInt16(uint16_t& output, | ||
| const std::string& str, | ||
| uint16_t min, | ||
| uint16_t max, | ||
| const std::string& name) { | ||
| long long unverifiedNum; | ||
| std::string errorMessage = "Invalid value given for " + name + ": " + str | ||
| + " (expected integer in range [" + std::to_string(min) + ", " | ||
| + std::to_string(max) + "], inclusive.\n"; | ||
|
|
||
| try { | ||
| unverifiedNum = std::stoll(str); | ||
| } catch (std::invalid_argument e) { | ||
| std::cout << errorMessage; | ||
| return false; | ||
| } catch (std::out_of_range e) { | ||
| std::cout << errorMessage; | ||
| return false; | ||
| } | ||
|
|
||
| if ((unverifiedNum < (long long)min) || (unverifiedNum > (long long)max)) { | ||
| std::cout << errorMessage; | ||
| return false; | ||
| } else { | ||
| output = (uint16_t)unverifiedNum; | ||
| return true; | ||
| } | ||
| } | ||
|
|
||
| /** | ||
| * Main function for the GenerateConcordKeys executable. Pseudorandomly | ||
| * generates a new set of keys for a Concord deployment with given F and C | ||
| * values and writes them to an output file. The output is formatted using | ||
| * constructs from a subset of YAML to make it both human and machine readable. | ||
| * The output includes an RSA key pair for each of the replicas for general | ||
| * communication and non-threshold cryptographic purposes and the complete key | ||
| * set for the four threshold cryptosystems used by Concord. All | ||
| * per-replica keys are given in lists in which the order corresponds to the | ||
| * replicas' order. | ||
| * | ||
| * @param argc The number of command line arguments to this main function, | ||
| * including the command this executable was launched with. | ||
| * @param argv Command line arguments to this function, with the first being the | ||
| * command this executable was launched with as is conventional. A | ||
| * description of expected and supported command line parameters is | ||
| * available by runnign the utility with the "--help" option. | ||
| * | ||
| * @return 0; currently this utility will output an error message to the command | ||
| * line if it exits unsuccessfully due to invalid command-line | ||
| * parameters, but it will not return an exit code indicating an error. | ||
| */ | ||
| int main(int argc, char** argv) { | ||
|
|
||
| std::string usageMessage = "Usage:\n" | ||
| "GenerateConcordKeys -n TOTAL_NUMBER_OF_REPLICAS \\\n" | ||
| " -f NUMBER_OF_FAULTY_REPLICAS_TO_TOLERATE -o OUTPUT_FILE_PREFIX\n" | ||
| "The generated keys will be output to a number of files, one per replica." | ||
| " The\nfiles will each be named OUTPUT_FILE_PREFIX<i>, where <i> is a" | ||
| " sequential ID for\nthe replica to which the file corresponds in the" | ||
| " range [0,\nTOTAL_NUMBER_OF_REPLICAS]. Each file contains all public" | ||
| " keys for the cluster,\nbut only the private keys for the replica with" | ||
| " the corresponding ID.\n" | ||
| "Optionally, you may also choose what types of cryptosystems to use:\n" | ||
| " --execution_cryptosys SYSTEM_TYPE PARAMETER\n" | ||
| " --slow_commit_cryptosys SYSTEM_TYPE PARAMETER\n" | ||
| " --commit_cryptosys SYSTEM_TYPE PARAMETER\n" | ||
| " --opptimistic_commit_cryptosys SYSTEM_TYPE PARAMETER\n" | ||
| "Currently, the following cryptosystem types are supported\n" | ||
| "(and take the following as parameters):\n"; | ||
|
|
||
| std::vector<std::pair<std::string, std::string>> cryptosystemTypes; | ||
| Cryptosystem::getAvailableCryptosystemTypes(cryptosystemTypes); | ||
| for (size_t i = 0; i < cryptosystemTypes.size(); ++i) { | ||
| usageMessage += " " + cryptosystemTypes[i].first + " (" | ||
| + cryptosystemTypes[i].second + ")\n"; | ||
| } | ||
|
|
||
| usageMessage += "If any of these cryptosystem selections are not made" | ||
| " explictly, a default will\nbe selected.\n\nSpecial options:\n --help :" | ||
| " display this usage message and exit.\n"; | ||
|
|
||
| // Display the usage message and exit if no arguments were given, or if --help | ||
| // was given anywhere. | ||
| if ((argc <= 1) || (containsHelpOption(argc, argv))) { | ||
| std::cout << usageMessage; | ||
| return 0; | ||
| } | ||
|
|
||
| uint16_t f; | ||
| uint16_t n; | ||
|
|
||
| // Note we have declared this stream locally to main and by value, and that, | ||
| // if the output file is successfully opened, we are relying on ofstream's | ||
| // destructor being called implicitly when main returns and this goes out of | ||
| // scope to close the stream. | ||
| std::string outputPrefix; | ||
|
|
||
| bool hasF = false; | ||
| bool hasN = false; | ||
| bool hasOutput = false; | ||
|
|
||
| std::string execType = "threshold-bls"; | ||
| std::string execParam = "BN-P254"; | ||
| std::string slowType = "threshold-bls"; | ||
| std::string slowParam = "BN-P254"; | ||
| std::string commitType = "threshold-bls"; | ||
| std::string commitParam = "BN-P254"; | ||
| std::string optType = "multisig-bls"; | ||
| std::string optParam = "BN-P254"; | ||
|
|
||
| // Read input from the command line. | ||
| // Note we ignore argv[0] because that just contains the command that was used | ||
| // to launch this executable by convention. | ||
| for (int i = 1; i < argc; ++i) { | ||
| std::string option(argv[i]); | ||
|
|
||
| if (option == "-f") { | ||
| if (i >= argc - 1) { | ||
| std::cout << "Expected an argument to -f.\n"; | ||
| return -1; | ||
| } | ||
| std::string arg = argv[i + 1]; | ||
| if (parseUInt16(f, arg, 1, UINT16_MAX, "-f")) { | ||
| hasF = true; | ||
| } else { | ||
| return -1; | ||
| } | ||
| ++i; | ||
|
|
||
| } else if (option == "-n") { | ||
| if (i >= argc - 1) { | ||
| std::cout << "Expected an argument to -n.\n"; | ||
| return -1; | ||
| } | ||
| std::string arg = argv[i + 1]; | ||
|
|
||
| // Note we do not enforce a minimum value for n here; since we require | ||
| // n > 3f and f > 0, lower bounds for n will be handled when we | ||
| // enforce the n > 3f constraint below. | ||
| if (parseUInt16(n, arg, 0, UINT16_MAX, "-n")) { | ||
| hasN = true; | ||
| } else { | ||
| return -1; | ||
| } | ||
| ++i; | ||
|
|
||
| } else if (option == "-o") { | ||
| if (i >= argc - 1) { | ||
| std::cout << "Expected an argument to -o.\n"; | ||
| return -1; | ||
| } | ||
| outputPrefix = argv[i + 1]; | ||
| hasOutput = true; | ||
| ++i; | ||
|
|
||
| } else if (option == "--execution_cryptosys") { | ||
| if (i >= argc - 2) { | ||
| std::cout << "Expected 2 arguments to --execution_cryptosys.\n"; | ||
| return -1; | ||
| } | ||
| execType = argv[i + 1]; | ||
| execParam = argv[i + 2]; | ||
| i += 2; | ||
|
|
||
| } else if (option == "--slow_commit_cryptosys") { | ||
| if (i >= argc - 2) { | ||
| std::cout << "Expected 2 arguments to --slow_commit_cryptosys.\n"; | ||
| return -1; | ||
| } | ||
| slowType = argv[i + 1]; | ||
| slowParam = argv[i + 2]; | ||
| i += 2; | ||
|
|
||
| } else if (option == "--commit_cryptosys") { | ||
| if (i >= argc - 2) { | ||
| std::cout << "Expected 2 arguments to --execution_cryptosys.\n"; | ||
| return -1; | ||
| } | ||
| commitType = argv[i + 1]; | ||
| commitParam = argv[i + 2]; | ||
| i += 2; | ||
|
|
||
| } else if (option == "--optimistic_commit_cryptosys") { | ||
| if (i >= argc - 2) { | ||
| std::cout << "Expected 2 arguments to --execution_cryptosys.\n"; | ||
| return -1; | ||
| } | ||
| optType = argv[i + 1]; | ||
| optParam = argv[i + 2]; | ||
| i += 2; | ||
|
|
||
| } else { | ||
| std::cout << "Unrecognized command line argument: " << option << "\n"; | ||
| return -1; | ||
| } | ||
| } | ||
|
|
||
| // Check that required parameters were actually given. | ||
| if (!hasF) { | ||
| std::cout << "No value given for required -f parameter.\n"; | ||
| return -1; | ||
| } | ||
| if (!hasN) { | ||
| std::cout << "No value given for required -n parameter.\n"; | ||
| return -1; | ||
| } | ||
| if (!hasOutput) { | ||
| std::cout << "No value given for required -o parameter.\n"; | ||
| return -1; | ||
| } | ||
|
|
||
| // Verify constraints between F and N and compute C. | ||
|
|
||
| // Note we check that N >= 3F + 1 using uint32_ts even though F and N are | ||
| // uint16_ts just in case 3F + 1 overflows a uint16_t. | ||
| uint32_t minN = 3 * (uint32_t)f + 1; | ||
| if ((uint32_t)n < minN) { | ||
| std::cout << "Due to the design of Byzantine fault tolerance, number of" | ||
| " replicas (-n) must be\ngreater than or equal to (3 * F + 1), where F" | ||
| " is the maximum number of faulty\nreplicas (-f).\n"; | ||
| return -1; | ||
| } | ||
|
|
||
| // We require N - 3F - 1 to be even so C can be an integer. | ||
| if (((n - (3 * f) - 1) % 2) != 0) { | ||
| std::cout << "For technical reasons stemming from our current" | ||
| " implementation of Byzantine\nfault tolerant consensus, we currently" | ||
| " require that (N - 3F - 1) be even, where\nN is the total number of" | ||
| " replicas (-n) and F is the maximum number of faulty\nreplicas (-f).\n"; | ||
| return -1; | ||
| } | ||
|
|
||
| uint16_t c = (n - (3 * f) - 1) / 2; | ||
|
|
||
| uint16_t execThresh = f + 1; | ||
| uint16_t slowThresh = f * 2 + c + 1; | ||
| uint16_t commitThresh = f * 3 + c + 1; | ||
| uint16_t optThresh = n; | ||
|
|
||
| // Verify cryptosystem selections. | ||
| if (!Cryptosystem::isValidCryptosystemSelection(execType, execParam, | ||
| n, execThresh)) { | ||
| std::cout << "Invalid selection of cryptosystem for execution cryptosystem" | ||
| " (with threshold " << execThresh << " out of " << n << "): " | ||
| << execType << " " << execParam << ".\n"; | ||
| return -1; | ||
| } | ||
| if (!Cryptosystem::isValidCryptosystemSelection(slowType, slowParam, | ||
| n, slowThresh)) { | ||
| std::cout << "Invalid selection of cryptosystem for slow path commit" | ||
| " cryptosystem (with threshold " << slowThresh << " out of " | ||
| << n << "): " << slowType << " " << slowParam << ".\n"; | ||
| return -1; | ||
| } | ||
| if (!Cryptosystem::isValidCryptosystemSelection(commitType, commitParam, | ||
| n, commitThresh)) { | ||
| std::cout << "Invalid selection of cryptosystem for commit cryptosystem" | ||
| " (with threshold " << commitThresh << " out of " << n << "): " | ||
| << commitType << " " << commitParam << ".\n"; | ||
| return -1; | ||
| } | ||
| if (!Cryptosystem::isValidCryptosystemSelection(optType, optParam, | ||
| n, optThresh)) { | ||
| std::cout << "Invalid selection of cryptosystem for optimistic fast path" | ||
| " commit cryptosystem (with threshold " << optThresh << " out of " | ||
| << n << "): " << optType << " " << optParam << ".\n"; | ||
| return -1; | ||
| } | ||
|
|
||
| // Validate that all output files are valid before possibly wasting a | ||
| // significant ammount of time generating keys that cannot be output. | ||
| std::vector<std::ofstream> outputFiles; | ||
| for (uint16_t i = 0; i < n; ++i) { | ||
| outputFiles.push_back(std::ofstream(outputPrefix + std::to_string(i))); | ||
| if (!outputFiles.back().is_open()) { | ||
| std::cout << "Could not open output file " << outputPrefix << i << ".\n"; | ||
| return -1; | ||
| } | ||
| } | ||
|
|
||
| std::vector<std::pair<std::string, std::string>> rsaKeys; | ||
| for (uint16_t i = 0; i < n; ++i) { | ||
| rsaKeys.push_back(generateRsaKey()); | ||
| } | ||
|
|
||
| Cryptosystem execSys(execType, execParam, n, execThresh); | ||
| Cryptosystem slowSys(slowType, slowParam, n, slowThresh); | ||
| Cryptosystem commitSys(commitType, commitParam, n, commitThresh); | ||
| Cryptosystem optSys(optType, optParam, n, optThresh); | ||
|
|
||
| execSys.generateNewPseudorandomKeys(); | ||
| slowSys.generateNewPseudorandomKeys(); | ||
| commitSys.generateNewPseudorandomKeys(); | ||
| optSys.generateNewPseudorandomKeys(); | ||
|
|
||
| // Output the generated keys. | ||
|
|
||
| for (uint16_t i = 0; i < n; ++i) { | ||
| if (!outputReplicaKeyfile(i, n, f, c, outputFiles[i], | ||
| outputPrefix + std::to_string(i), rsaKeys, execSys, slowSys, | ||
| commitSys, optSys)) { | ||
| return -1; | ||
| } | ||
| } | ||
|
|
||
| return 0; | ||
| } |