github.com/lzy4123/fabric@v2.1.1+incompatible/bccsp/idemix/handlers/nym.go

github.com/lzy4123/fabric@v2.1.1+incompatible/bccsp/idemix/handlers/nym.go (about)

     1  /*
     2  Copyright IBM Corp. All Rights Reserved.
     3  
     4  SPDX-License-Identifier: Apache-2.0
     5  */
     6  package handlers
     7  
     8  import (
     9  	"crypto/sha256"
    10  
    11  	"github.com/hyperledger/fabric/bccsp"
    12  	"github.com/pkg/errors"
    13  )
    14  
    15  // nymSecretKey contains the nym secret key
    16  type nymSecretKey struct {
    17  	// SKI of this key
    18  	ski []byte
    19  	// sk is the idemix reference to the nym secret
    20  	sk Big
    21  	// pk is the idemix reference to the nym public part
    22  	pk Ecp
    23  	// exportable if true, sk can be exported via the Bytes function
    24  	exportable bool
    25  }
    26  
    27  func computeSKI(serialise func() ([]byte, error)) ([]byte, error) {
    28  	raw, err := serialise()
    29  	if err != nil {
    30  		return nil, err
    31  	}
    32  
    33  	hash := sha256.New()
    34  	hash.Write(raw)
    35  	return hash.Sum(nil), nil
    36  
    37  }
    38  
    39  func NewNymSecretKey(sk Big, pk Ecp, exportable bool) (*nymSecretKey, error) {
    40  	ski, err := computeSKI(sk.Bytes)
    41  	if err != nil {
    42  		return nil, err
    43  	}
    44  
    45  	return &nymSecretKey{ski: ski, sk: sk, pk: pk, exportable: exportable}, nil
    46  }
    47  
    48  func (k *nymSecretKey) Bytes() ([]byte, error) {
    49  	if k.exportable {
    50  		return k.sk.Bytes()
    51  	}
    52  
    53  	return nil, errors.New("not supported")
    54  }
    55  
    56  func (k *nymSecretKey) SKI() []byte {
    57  	c := make([]byte, len(k.ski))
    58  	copy(c, k.ski)
    59  	return c
    60  }
    61  
    62  func (*nymSecretKey) Symmetric() bool {
    63  	return false
    64  }
    65  
    66  func (*nymSecretKey) Private() bool {
    67  	return true
    68  }
    69  
    70  func (k *nymSecretKey) PublicKey() (bccsp.Key, error) {
    71  	ski, err := computeSKI(k.pk.Bytes)
    72  	if err != nil {
    73  		return nil, err
    74  	}
    75  	return &nymPublicKey{ski: ski, pk: k.pk}, nil
    76  }
    77  
    78  type nymPublicKey struct {
    79  	// SKI of this key
    80  	ski []byte
    81  	// pk is the idemix reference to the nym public part
    82  	pk Ecp
    83  }
    84  
    85  func NewNymPublicKey(pk Ecp) *nymPublicKey {
    86  	return &nymPublicKey{pk: pk}
    87  }
    88  
    89  func (k *nymPublicKey) Bytes() ([]byte, error) {
    90  	return k.pk.Bytes()
    91  }
    92  
    93  func (k *nymPublicKey) SKI() []byte {
    94  	c := make([]byte, len(k.ski))
    95  	copy(c, k.ski)
    96  	return c
    97  }
    98  
    99  func (*nymPublicKey) Symmetric() bool {
   100  	return false
   101  }
   102  
   103  func (*nymPublicKey) Private() bool {
   104  	return false
   105  }
   106  
   107  func (k *nymPublicKey) PublicKey() (bccsp.Key, error) {
   108  	return k, nil
   109  }
   110  
   111  // NymKeyDerivation derives nyms
   112  type NymKeyDerivation struct {
   113  	// Exportable is a flag to allow an issuer secret key to be marked as Exportable.
   114  	// If a secret key is marked as Exportable, its Bytes method will return the key's byte representation.
   115  	Exportable bool
   116  	// User implements the underlying cryptographic algorithms
   117  	User User
   118  }
   119  
   120  func (kd *NymKeyDerivation) KeyDeriv(k bccsp.Key, opts bccsp.KeyDerivOpts) (dk bccsp.Key, err error) {
   121  	userSecretKey, ok := k.(*userSecretKey)
   122  	if !ok {
   123  		return nil, errors.New("invalid key, expected *userSecretKey")
   124  	}
   125  	nymKeyDerivationOpts, ok := opts.(*bccsp.IdemixNymKeyDerivationOpts)
   126  	if !ok {
   127  		return nil, errors.New("invalid options, expected *IdemixNymKeyDerivationOpts")
   128  	}
   129  	if nymKeyDerivationOpts.IssuerPK == nil {
   130  		return nil, errors.New("invalid options, missing issuer public key")
   131  	}
   132  	issuerPK, ok := nymKeyDerivationOpts.IssuerPK.(*issuerPublicKey)
   133  	if !ok {
   134  		return nil, errors.New("invalid options, expected IssuerPK as *issuerPublicKey")
   135  	}
   136  
   137  	Nym, RandNym, err := kd.User.MakeNym(userSecretKey.sk, issuerPK.pk)
   138  	if err != nil {
   139  		return nil, err
   140  	}
   141  
   142  	return NewNymSecretKey(RandNym, Nym, kd.Exportable)
   143  }
   144  
   145  // NymPublicKeyImporter imports nym public keys
   146  type NymPublicKeyImporter struct {
   147  	// User implements the underlying cryptographic algorithms
   148  	User User
   149  }
   150  
   151  func (i *NymPublicKeyImporter) KeyImport(raw interface{}, opts bccsp.KeyImportOpts) (k bccsp.Key, err error) {
   152  	bytes, ok := raw.([]byte)
   153  	if !ok {
   154  		return nil, errors.New("invalid raw, expected byte array")
   155  	}
   156  
   157  	if len(bytes) == 0 {
   158  		return nil, errors.New("invalid raw, it must not be nil")
   159  	}
   160  
   161  	pk, err := i.User.NewPublicNymFromBytes(bytes)
   162  	if err != nil {
   163  		return nil, err
   164  	}
   165  
   166  	return &nymPublicKey{pk: pk}, nil
   167  }