BCCSP additional KeyGen and Hash Opts

This change-set introduces new options to generate keys and hash at given security level. It applies to: -ECDSA: P256, P384 curve support -RSA: 10247, 2048, 3072, 4096 key length -AES: 128, 192, 256 key length -SHA2: 256, 384 -SHA3: 256, 384 This change-set comes in the context of: https://jira.hyperledger.org/browse/FAB-354 Change-Id: I16518081281d38185c67946f84d6ae6dea2ed7ac Signed-off-by: Angelo De Caro <adc@zurich.ibm.com>
hyperledger · Nov 29, 2016 · 65cb3f2 · 65cb3f2
1 parent 61affa0
commit 65cb3f2
Show file tree

Hide file tree

Showing 10 changed files with 726 additions and 97 deletions.
diff --git a/core/crypto/bccsp/aesopts.go b/core/crypto/bccsp/aesopts.go
@@ -0,0 +1,65 @@
+/*
+Copyright IBM Corp. 2016 All Rights Reserved.
+
+Licensed under the Apache License, Version 2.0 (the "License");
+you may not use this file except in compliance with the License.
+You may obtain a copy of the License at
+
+		 http://www.apache.org/licenses/LICENSE-2.0
+
+Unless required by applicable law or agreed to in writing, software
+distributed under the License is distributed on an "AS IS" BASIS,
+WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+See the License for the specific language governing permissions and
+limitations under the License.
+*/
+
+package bccsp
+
+// AES128KeyGenOpts contains options for AES key generation at 128 security level
+type AES128KeyGenOpts struct {
+	Temporary bool
+}
+
+// Algorithm returns the key generation algorithm identifier (to be used).
+func (opts *AES128KeyGenOpts) Algorithm() string {
+	return AES128
+}
+
+// Ephemeral returns true if the key to generate has to be ephemeral,
+// false otherwise.
+func (opts *AES128KeyGenOpts) Ephemeral() bool {
+	return opts.Temporary
+}
+
+// AES192KeyGenOpts contains options for AES key generation at 192  security level
+type AES192KeyGenOpts struct {
+	Temporary bool
+}
+
+// Algorithm returns the key generation algorithm identifier (to be used).
+func (opts *AES192KeyGenOpts) Algorithm() string {
+	return AES192
+}
+
+// Ephemeral returns true if the key to generate has to be ephemeral,
+// false otherwise.
+func (opts *AES192KeyGenOpts) Ephemeral() bool {
+	return opts.Temporary
+}
+
+// AES256KeyGenOpts contains options for AES key generation at 256 security level
+type AES256KeyGenOpts struct {
+	Temporary bool
+}
+
+// Algorithm returns the key generation algorithm identifier (to be used).
+func (opts *AES256KeyGenOpts) Algorithm() string {
+	return AES256
+}
+
+// Ephemeral returns true if the key to generate has to be ephemeral,
+// false otherwise.
+func (opts *AES256KeyGenOpts) Ephemeral() bool {
+	return opts.Temporary
+}
diff --git a/core/crypto/bccsp/bccsp.go b/core/crypto/bccsp/bccsp.go
@@ -47,8 +47,7 @@ type Key interface {
 // KeyGenOpts contains options for key-generation with a CSP.
 type KeyGenOpts interface {
 
-	// Algorithm returns an identifier for the algorithm to be used
-	// to generate a key.
+	// Algorithm returns the key generation algorithm identifier (to be used).
 	Algorithm() string
 
 	// Ephemeral returns true if the key to generate has to be ephemeral,
@@ -59,8 +58,7 @@ type KeyGenOpts interface {
 // KeyDerivOpts contains options for key-derivation with a CSP.
 type KeyDerivOpts interface {
 
-	// Algorithm returns an identifier for the algorithm to be used
-	// to derive a key.
+	// Algorithm returns the key derivation algorithm identifier (to be used).
 	Algorithm() string
 
 	// Ephemeral returns true if the key to derived has to be ephemeral,
@@ -70,8 +68,8 @@ type KeyDerivOpts interface {
 
 // KeyImportOpts contains options for importing the raw material of a key with a CSP.
 type KeyImportOpts interface {
-	// Algorithm returns an identifier for the algorithm to be used
-	// to import the raw material of a key.
+
+	// Algorithm returns the key importation algorithm identifier (to be used).
 	Algorithm() string
 
 	// Ephemeral returns true if the key generated has to be ephemeral,
@@ -81,8 +79,8 @@ type KeyImportOpts interface {
 
 // HashOpts contains options for hashing with a CSP.
 type HashOpts interface {
-	// Algorithm returns an identifier for the algorithm to be used
-	// to hash.
+
+	// Algorithm returns the hash algorithm identifier (to be used).
 	Algorithm() string
 }
 

diff --git a/core/crypto/bccsp/ecdsaopts.go b/core/crypto/bccsp/ecdsaopts.go
@@ -0,0 +1,49 @@
+/*
+Copyright IBM Corp. 2016 All Rights Reserved.
+
+Licensed under the Apache License, Version 2.0 (the "License");
+you may not use this file except in compliance with the License.
+You may obtain a copy of the License at
+
+		 http://www.apache.org/licenses/LICENSE-2.0
+
+Unless required by applicable law or agreed to in writing, software
+distributed under the License is distributed on an "AS IS" BASIS,
+WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+See the License for the specific language governing permissions and
+limitations under the License.
+*/
+
+package bccsp
+
+// ECDSAP256KeyGenOpts contains options for ECDSA key generation with curve P-256.
+type ECDSAP256KeyGenOpts struct {
+	Temporary bool
+}
+
+// Algorithm returns the key generation algorithm identifier (to be used).
+func (opts *ECDSAP256KeyGenOpts) Algorithm() string {
+	return ECDSAP256
+}
+
+// Ephemeral returns true if the key to generate has to be ephemeral,
+// false otherwise.
+func (opts *ECDSAP256KeyGenOpts) Ephemeral() bool {
+	return opts.Temporary
+}
+
+// ECDSAP384KeyGenOpts contains options for ECDSA key generation with curve P-384.
+type ECDSAP384KeyGenOpts struct {
+	Temporary bool
+}
+
+// Algorithm returns the key generation algorithm identifier (to be used).
+func (opts *ECDSAP384KeyGenOpts) Algorithm() string {
+	return ECDSAP384
+}
+
+// Ephemeral returns true if the key to generate has to be ephemeral,
+// false otherwise.
+func (opts *ECDSAP384KeyGenOpts) Ephemeral() bool {
+	return opts.Temporary
+}
diff --git a/core/crypto/bccsp/factory/factory_opts.go → core/crypto/bccsp/factory/opts.go b/core/crypto/bccsp/factory/factory_opts.go → core/crypto/bccsp/factory/opts.go
diff --git a/core/crypto/bccsp/hashopts.go b/core/crypto/bccsp/hashopts.go
@@ -0,0 +1,53 @@
+/*
+Copyright IBM Corp. 2016 All Rights Reserved.
+
+Licensed under the Apache License, Version 2.0 (the "License");
+you may not use this file except in compliance with the License.
+You may obtain a copy of the License at
+
+		 http://www.apache.org/licenses/LICENSE-2.0
+
+Unless required by applicable law or agreed to in writing, software
+distributed under the License is distributed on an "AS IS" BASIS,
+WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+See the License for the specific language governing permissions and
+limitations under the License.
+*/
+
+package bccsp
+
+// SHA256Opts contains options relating to SHA-256.
+type SHA256Opts struct {
+}
+
+// Algorithm returns the hash algorithm identifier (to be used).
+func (opts *SHA256Opts) Algorithm() string {
+	return SHA256
+}
+
+// SHA384Opts contains options relating to SHA-384.
+type SHA384Opts struct {
+}
+
+// Algorithm returns the hash algorithm identifier (to be used).
+func (opts *SHA384Opts) Algorithm() string {
+	return SHA384
+}
+
+// SHA3_256Opts contains options relating to SHA3-256.
+type SHA3_256Opts struct {
+}
+
+// Algorithm returns the hash algorithm identifier (to be used).
+func (opts *SHA3_256Opts) Algorithm() string {
+	return SHA3_256
+}
+
+// SHA3_384Opts contains options relating to SHA3-384.
+type SHA3_384Opts struct {
+}
+
+// Algorithm returns the hash algorithm identifier (to be used).
+func (opts *SHA3_384Opts) Algorithm() string {
+	return SHA3_384
+}