-
Notifications
You must be signed in to change notification settings - Fork 506
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
Change highlights: - Internal bccsp is not directly referred anywhere in SDK including internal fabric-ca. - All bccsp call is going through cryptosuitebridge - Internal bccsp is still referred in some mocks and integration-test for testdata. Change-Id: I267361869ace224842ebf3ebeffad551aed6c0ef Signed-off-by: Sudesh Shetty <sudesh.shetty@securekey.com>
- Loading branch information
1 parent
e9fa53a
commit 26b3d2e
Showing
29 changed files
with
886 additions
and
183 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
172 changes: 172 additions & 0 deletions
172
internal/github.com/hyperledger/fabric-ca/sdkpatch/cryptosuitebridge/cryptosuitebridge.go
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,172 @@ | ||
/* | ||
Copyright SecureKey Technologies Inc. All Rights Reserved. | ||
SPDX-License-Identifier: Apache-2.0 | ||
*/ | ||
/* | ||
Notice: This file has been modified for Hyperledger Fabric SDK Go usage. | ||
Please review third_party pinning scripts and patches for more details. | ||
*/ | ||
|
||
package cryptosuitebridge | ||
|
||
import ( | ||
"crypto" | ||
"crypto/ecdsa" | ||
|
||
"github.com/hyperledger/fabric-sdk-go/api/apicryptosuite" | ||
"github.com/hyperledger/fabric-sdk-go/internal/github.com/hyperledger/fabric/bccsp" | ||
"github.com/hyperledger/fabric-sdk-go/internal/github.com/hyperledger/fabric/bccsp/factory" | ||
cspsigner "github.com/hyperledger/fabric-sdk-go/internal/github.com/hyperledger/fabric/bccsp/signer" | ||
"github.com/hyperledger/fabric-sdk-go/internal/github.com/hyperledger/fabric/bccsp/sw" | ||
"github.com/hyperledger/fabric-sdk-go/internal/github.com/hyperledger/fabric/bccsp/utils" | ||
cryptosuite "github.com/hyperledger/fabric-sdk-go/pkg/cryptosuite/bccsp" | ||
) | ||
|
||
const ( | ||
ECDSA = bccsp.ECDSA | ||
ECDSAP256 = bccsp.ECDSAP256 | ||
ECDSAP384 = bccsp.ECDSAP384 | ||
ECDSAReRand = bccsp.ECDSAReRand | ||
RSA = bccsp.RSA | ||
RSA1024 = bccsp.RSA1024 | ||
RSA2048 = bccsp.RSA2048 | ||
RSA3072 = bccsp.RSA3072 | ||
RSA4096 = bccsp.RSA4096 | ||
AES = bccsp.AES | ||
AES128 = bccsp.AES128 | ||
AES192 = bccsp.AES192 | ||
AES256 = bccsp.AES256 | ||
HMAC = bccsp.HMAC | ||
HMACTruncated256 = bccsp.HMACTruncated256 | ||
SHA = bccsp.SHA | ||
SHA2 = bccsp.SHA2 | ||
SHA3 = bccsp.SHA3 | ||
SHA256 = bccsp.SHA256 | ||
SHA384 = bccsp.SHA384 | ||
SHA3_256 = bccsp.SHA3_256 | ||
SHA3_384 = bccsp.SHA3_384 | ||
X509Certificate = bccsp.X509Certificate | ||
) | ||
|
||
// FactoryOpts holds configuration information used to initialize bccsp factory implementations | ||
type FactoryOpts struct { | ||
*factory.FactoryOpts | ||
} | ||
|
||
//GetBCCSPFromOpts is a bridge for factory.GetBCCSPFromOpts(config) | ||
func GetBCCSPFromOpts(config *FactoryOpts) (apicryptosuite.CryptoSuite, error) { | ||
bccsp, err := factory.GetBCCSPFromOpts(getFactoryOpts(config)) | ||
if err != nil { | ||
return nil, err | ||
} | ||
return cryptosuite.GetSuite(bccsp), nil | ||
} | ||
|
||
//InitFactories is a bridge for bccsp factory.InitFactories(config) | ||
func InitFactories(config *FactoryOpts) error { | ||
return factory.InitFactories(getFactoryOpts(config)) | ||
} | ||
|
||
// PEMtoPrivateKey is a bridge for bccsp utils.PEMtoPrivateKey() | ||
func PEMtoPrivateKey(raw []byte, pwd []byte) (interface{}, error) { | ||
return utils.PEMtoPrivateKey(raw, pwd) | ||
} | ||
|
||
// PrivateKeyToDER marshals is bridge for utils.PrivateKeyToDER | ||
func PrivateKeyToDER(privateKey *ecdsa.PrivateKey) ([]byte, error) { | ||
return utils.PrivateKeyToDER(privateKey) | ||
} | ||
|
||
// NewCspsigner is a bridge for bccsp signer.New call | ||
func NewCspsigner(csp apicryptosuite.CryptoSuite, key apicryptosuite.Key) (crypto.Signer, error) { | ||
return cspsigner.New(csp, key) | ||
} | ||
|
||
//NewEmptySwOpts creates new empty bccsp factory.SwOpts | ||
func NewSwOpts() *factory.SwOpts { | ||
return &factory.SwOpts{} | ||
} | ||
|
||
//NewEmptyFileKeystoreOpts creates new empty bccsp factory.FileKeystoreOpts | ||
func NewFileKeystoreOpts() *factory.FileKeystoreOpts { | ||
return &factory.FileKeystoreOpts{} | ||
} | ||
|
||
//GetFactoryDefaultCryptoSuite creates new cryptosuite from bccsp factory default | ||
func GetDefault() apicryptosuite.CryptoSuite { | ||
return cryptosuite.GetSuite(factory.GetDefault()) | ||
} | ||
|
||
//SignatureToLowS is a bridge for bccsp sw.SignatureToLowS() | ||
func SignatureToLowS(k *ecdsa.PublicKey, signature []byte) ([]byte, error) { | ||
return sw.SignatureToLowS(k, signature) | ||
} | ||
|
||
//GetHashOpt is a bridge for bccsp util GetHashOpt | ||
func GetHashOpt(hashFunction string) (apicryptosuite.HashOpts, error) { | ||
return bccsp.GetHashOpt(hashFunction) | ||
} | ||
|
||
func getFactoryOpts(config *FactoryOpts) *factory.FactoryOpts { | ||
if config == nil { | ||
return nil | ||
} | ||
return &factory.FactoryOpts{ | ||
SwOpts: config.SwOpts, | ||
ProviderName: config.ProviderName, | ||
Pkcs11Opts: config.Pkcs11Opts, | ||
PluginOpts: config.PluginOpts, | ||
} | ||
} | ||
|
||
//GetSHAOpts returns options for computing SHA. | ||
func GetSHAOpts() apicryptosuite.HashOpts { | ||
return &bccsp.SHAOpts{} | ||
} | ||
|
||
//GetSHA256Opts returns options relating to SHA-256. | ||
func GetSHA256Opts() apicryptosuite.HashOpts { | ||
return &bccsp.SHA256Opts{} | ||
} | ||
|
||
//GetRSA2048KeyGenOpts returns options for RSA key generation at 2048 security. | ||
func GetRSA2048KeyGenOpts(ephemeral bool) apicryptosuite.KeyGenOpts { | ||
return &bccsp.RSA2048KeyGenOpts{Temporary: ephemeral} | ||
} | ||
|
||
//GetRSA3072KeyGenOpts returns options for RSA key generation at 3072 security. | ||
func GetRSA3072KeyGenOpts(ephemeral bool) apicryptosuite.KeyGenOpts { | ||
return &bccsp.RSA3072KeyGenOpts{Temporary: ephemeral} | ||
} | ||
|
||
//GetRSA4096KeyGenOpts returns options for RSA key generation at 4096 security. | ||
func GetRSA4096KeyGenOpts(ephemeral bool) apicryptosuite.KeyGenOpts { | ||
return &bccsp.RSA4096KeyGenOpts{Temporary: ephemeral} | ||
} | ||
|
||
// GetECDSAKeyGenOpts returns options for ECDSA key generation. | ||
func GetECDSAKeyGenOpts(ephemeral bool) apicryptosuite.KeyGenOpts { | ||
return &bccsp.ECDSAKeyGenOpts{Temporary: ephemeral} | ||
} | ||
|
||
//GetECDSAP256KeyGenOpts returns options for ECDSA key generation with curve P-256. | ||
func GetECDSAP256KeyGenOpts(ephemeral bool) apicryptosuite.KeyGenOpts { | ||
return &bccsp.ECDSAP256KeyGenOpts{Temporary: ephemeral} | ||
} | ||
|
||
//GetECDSAP384KeyGenOpts options for ECDSA key generation with curve P-384. | ||
func GetECDSAP384KeyGenOpts(ephemeral bool) apicryptosuite.KeyGenOpts { | ||
return &bccsp.ECDSAP384KeyGenOpts{Temporary: ephemeral} | ||
} | ||
|
||
//GetX509PublicKeyImportOpts options for importing public keys from an x509 certificate | ||
func GetX509PublicKeyImportOpts(ephemeral bool) apicryptosuite.KeyImportOpts { | ||
return &bccsp.X509PublicKeyImportOpts{Temporary: ephemeral} | ||
} | ||
|
||
//GetECDSAPrivateKeyImportOpts options for ECDSA secret key importation in DER format | ||
// or PKCS#8 format. | ||
func GetECDSAPrivateKeyImportOpts(ephemeral bool) apicryptosuite.KeyImportOpts { | ||
return &bccsp.ECDSAPrivateKeyImportOpts{Temporary: ephemeral} | ||
} |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Oops, something went wrong.