DPKI is a project aiming to completely decentralize the Public Key Infrastructure process using blockchain. The project merges the concept of blockchains decentralized storage with the PKI's ability to generate certificate and now uses each of the peers on a network as both a unique intermediate certificate authority as well as a validator of each peer. Any peer who joins the network will become an intermediate signing CA and in order to guarrantee security is constantly validated by other peers in order for certificates produced to be legitimate and unaltered.
- Hierachy Certificate Authority, where each CA is a peer in a decentralized distributed network
- Each Peer owns a seperate database validated by a decentralized, distributed blockhcain
- Intermediate CA's can be revoked and replaced without much hassle
- Revocation system has an easily accessible webpage to search and query, solving the lack of use bloated CRL
- Registration Authority uses inspiration from letscrypt, client are required to produce a new page with a certain secret to prove ownership
DPKI requires Node.js and Docker and Docker Compose to run and requires linux to run.
Git clone and Library set up
$ git clone https://github.com/RHUL-CS-Projects/FullUnit_1920_KeyurCanji.git
$ cd ./FullUnit_1920_KeyurCanji/basic-block/basic-network/
$ sh installLib.shSet up docker-compose and hyperledger fabric binaries
$ cd ../../../
$ sudo curl -sSL https://bit.ly/2ysbOFE | bash -s -- 1.4.3 1.4.3 0.4.15Starting and setting up the network
$ cd ./FullUnit_1920_KeyurCanji/basic-block/basic-network/basic-network
$ sh start.shCouldn't connect to Docker daemon at http+docker://localhost - is it running Requires relogging and potentially restarting
$ sudo usermod -aG docker $USER
$ sudo ln -s /usr/local/bin/docker-compose /usr/bin/docker-compose
$ sudo service docker restartOnly couchdb instances starting
$ sudo setenforce 0 Single Peer exiting early Both secret keys can be found here /basic-network/crypto-config/peerOrganizations/org1.example.com/ca/ and /basic-network/crypto-config/peerOrganizations/org2.example.com/ca/
$ ./generate.sh
$ vi docker-compose.yml
change this line - FABRIC_CA_SERVER_TLS_KEYFILE=/etc/hyperledger/fabric-ca-server-config/{secret}Starting express server for clients to access the system from web apps
$ cd ./web/client
$ node app.js
$ gnome-terminal
$ cd ../admin
$ node app.js- To open the client web app on device starting service IP is localhost:3000/index, to access from different device on the same network ipaddress:3000/index
- To open admin page the IP is localhost:4000/admin, admin page is only accessible from device starting the system to prevent clients from accessing admin pages
To run these test the dependencies needed are mocha Selenium Tests
$ cd ./Tests
$ mocha chaincodeTests.js --timeout 10000Chaincode Tests
$ mocha chaincodeTests.js --timeout 5000Other Tests
$ mocha filename.jsThe list below represent all the technologies used in this project
| Plugin | README |
|---|---|
| Hyperledger Fabric | [plugins/dropbox/README.md][PlDb] |
| Node js | [plugins/github/README.md][PlGh] |
| Docker | [plugins/googledrive/README.md][PlGd] |
Property of Royal Holloway University of London, Final Year Dissertation for Computer Science with Information Security