github.com/turingchain2020/turingchain@v1.1.21/executor/authority/utils/keys.go

github.com/turingchain2020/turingchain@v1.1.21/executor/authority/utils/keys.go (about)

     1  // Copyright Turing Corp. 2018 All Rights Reserved.
     2  // Use of this source code is governed by a BSD-style
     3  // license that can be found in the LICENSE file.
     4  
     5  package utils
     6  
     7  import (
     8  	"crypto/ecdsa"
     9  	"crypto/elliptic"
    10  	"crypto/sha256"
    11  	"crypto/x509"
    12  	"encoding/hex"
    13  	"encoding/pem"
    14  	"math/big"
    15  
    16  	"github.com/turingchain2020/turingchain/types"
    17  
    18  	cert_util "github.com/turingchain2020/turingchain/system/crypto/common"
    19  	secp256r1_util "github.com/turingchain2020/turingchain/system/crypto/secp256r1"
    20  	sm2_util "github.com/turingchain2020/turingchain/system/crypto/sm2"
    21  	"github.com/pkg/errors"
    22  	"github.com/tjfoc/gmsm/sm2"
    23  )
    24  
    25  // SKI 计算ski
    26  func SKI(curve elliptic.Curve, x, y *big.Int) (ski []byte) {
    27  	raw := elliptic.Marshal(curve, x, y)
    28  
    29  	hash := sha256.New()
    30  	hash.Write(raw)
    31  	return hash.Sum(nil)
    32  }
    33  
    34  // GetPublicKeySKIFromCert 从cert字节中获取公钥ski
    35  func GetPublicKeySKIFromCert(cert []byte, signType int) (string, error) {
    36  	dcert, _ := pem.Decode(cert)
    37  	if dcert == nil {
    38  		return "", errors.Errorf("Unable to decode cert bytes [%v]", cert)
    39  	}
    40  
    41  	var ski []byte
    42  	switch signType {
    43  	case secp256r1_util.ID:
    44  		x509Cert, err := x509.ParseCertificate(dcert.Bytes)
    45  		if err != nil {
    46  			return "", errors.Errorf("Unable to parse cert from decoded bytes: %s", err)
    47  		}
    48  		ecdsaPk := x509Cert.PublicKey.(*ecdsa.PublicKey)
    49  		ski = SKI(ecdsaPk.Curve, ecdsaPk.X, ecdsaPk.Y)
    50  	case sm2_util.ID:
    51  		sm2Cert, err := sm2.ParseCertificate(dcert.Bytes)
    52  		if err != nil {
    53  			return "", errors.Errorf("Unable to parse cert from decoded bytes: %s", err)
    54  		}
    55  		sm2Pk := sm2Cert.PublicKey.(*ecdsa.PublicKey)
    56  		ski = SKI(sm2Pk.Curve, sm2Pk.X, sm2Pk.Y)
    57  	default:
    58  		return "", errors.Errorf("unknow public key type")
    59  	}
    60  
    61  	return hex.EncodeToString(ski), nil
    62  }
    63  
    64  // EncodeCertToSignature 证书编码进签名
    65  func EncodeCertToSignature(signByte []byte, cert []byte, uid []byte) []byte {
    66  	var certSign cert_util.CertSignature
    67  	certSign.Signature = append(certSign.Signature, signByte...)
    68  	certSign.Cert = append(certSign.Cert, cert...)
    69  	certSign.Uid = append(certSign.Uid, uid...)
    70  	return types.Encode(&certSign)
    71  }
    72  
    73  // DecodeCertFromSignature 从签名中解码证书
    74  func DecodeCertFromSignature(signByte []byte) (*cert_util.CertSignature, error) {
    75  	var certSign cert_util.CertSignature
    76  	err := types.Decode(signByte, &certSign)
    77  	if err != nil {
    78  		return nil, err
    79  	}
    80  
    81  	return &certSign, nil
    82  }