github.com/s7techlab/cckit@v0.10.5/extensions/encryption/event.go (about) 1 package encryption 2 3 import ( 4 "encoding/base64" 5 6 "github.com/hyperledger/fabric-protos-go/peer" 7 "github.com/pkg/errors" 8 9 "github.com/s7techlab/cckit/router" 10 "github.com/s7techlab/cckit/state" 11 ) 12 13 // EventWithTransientKey creates encrypted event wrapper with provided key for symmetric encryption/decryption 14 func EventWithTransientKey(c router.Context) (state.Event, error) { 15 key, err := KeyFromTransient(c) 16 if err != nil { 17 return nil, err 18 } 19 return Event(c, key) 20 } 21 22 // EventWithTransientKeyIfProvided returns encrypted event wrapper if key for symmetric 23 // encryption/decryption is provided, otherwise return default event wrapper 24 func EventWithTransientKeyIfProvided(c router.Context) (state.Event, error) { 25 key, err := KeyFromTransient(c) 26 switch err { 27 case nil: 28 return Event(c, key) 29 case ErrKeyNotDefinedInTransientMap: 30 //default event wrapper without encryption 31 return c.Event(), nil 32 } 33 return nil, err 34 } 35 36 // Event encrypting the events before setEvent() 37 func Event(c router.Context, key []byte) (state.Event, error) { 38 //current state 39 s := c.Event() 40 s.UseSetTransformer(ToBytesEncryptor(key)) 41 s.UseNameTransformer(StringEncryptor(key)) 42 return s, nil 43 } 44 45 // EncryptStringWith returns state.StringTransformer encrypting string with provided key 46 func StringEncryptor(key []byte) state.StringTransformer { 47 return func(s string) (encrypted string, err error) { 48 var ( 49 enc []byte 50 ) 51 if enc, err = Encrypt(key, []byte(s)); err != nil { 52 return ``, err 53 } 54 55 return base64.StdEncoding.EncodeToString(enc), nil 56 } 57 } 58 59 // EncryptEvent encrypts event payload and event name. Event name also base64 encoded. 60 // ChaincodeId and TxId remains unencrypted 61 func EncryptEvent(encKey []byte, event *peer.ChaincodeEvent) (encrypted *peer.ChaincodeEvent, err error) { 62 var ( 63 encName, encPayload []byte 64 ) 65 66 if encName, err = Encrypt(encKey, []byte(event.EventName)); err != nil { 67 return nil, err 68 } 69 70 if encPayload, err = Encrypt(encKey, event.Payload); err != nil { 71 return nil, err 72 } 73 74 return &peer.ChaincodeEvent{ 75 ChaincodeId: event.ChaincodeId, 76 TxId: event.TxId, 77 EventName: base64.StdEncoding.EncodeToString(encName), 78 Payload: encPayload, 79 }, nil 80 } 81 82 // DecryptEvent 83 func DecryptEvent(encKey []byte, event *peer.ChaincodeEvent) (decrypted *peer.ChaincodeEvent, err error) { 84 var ( 85 encNameBytes, decName, decPayload []byte 86 ) 87 88 if encNameBytes, err = base64.StdEncoding.DecodeString(event.EventName); err != nil { 89 return nil, errors.Wrap(err, `event name base64 decoding`) 90 } 91 92 if decName, err = Decrypt(encKey, encNameBytes); err != nil { 93 return nil, err 94 } 95 96 if decPayload, err = Decrypt(encKey, event.Payload); err != nil { 97 return nil, err 98 } 99 100 return &peer.ChaincodeEvent{ 101 ChaincodeId: event.ChaincodeId, 102 TxId: event.TxId, 103 EventName: string(decName), 104 Payload: decPayload, 105 }, nil 106 }