diff --git a/types/encryption.go b/types/encryption.go deleted file mode 100644 index 25717fd72..000000000 --- a/types/encryption.go +++ /dev/null @@ -1,117 +0,0 @@ -package types - -import ( - "crypto/rand" - "crypto/rsa" - "crypto/x509" - "encoding/pem" - "github.com/pkg/errors" -) - -var keySize = 2048 - -// GenerateKey using rsa random generate keys -func GenerateKey() ([]byte, []byte, error) { - // generate random private key (secret) - sk, err := rsa.GenerateKey(rand.Reader, keySize) - if err != nil { - return nil, nil, errors.Wrap(err, "Failed to generate private key") - } - - // convert to bytes - skPem := PrivateKeyToPem(sk) - pkPem, err := GetPublicKeyPem(sk) - if err != nil { - return nil, nil, errors.Wrap(err, "Failed to marshal public key") - } - return skPem, pkPem, nil -} - -// Decrypt with secret key (base64) and bytes, return the encrypted key string -func Decrypt(sk *rsa.PrivateKey, cipherText []byte) ([]byte, error) { - decrypted, err := rsa.DecryptPKCS1v15(rand.Reader, sk, cipherText) - if err != nil { - return nil, errors.Wrap(err, "Failed to decrypt key") - } - return decrypted, nil -} - -// Encrypt with secret key (base64) the bytes, return the encrypted key string -func Encrypt(pk *rsa.PublicKey, plainText []byte) ([]byte, error) { - encrypted, err := rsa.EncryptPKCS1v15(rand.Reader, pk, plainText) - if err != nil { - return nil, errors.Wrap(err, "Failed to decrypt key") - } - return encrypted, nil -} - -// PemToPrivateKey return rsa private key from pem -func PemToPrivateKey(skPem []byte) (*rsa.PrivateKey, error) { - block, _ := pem.Decode(skPem) - // nolint - enc := x509.IsEncryptedPEMBlock(block) - b := block.Bytes - if enc { - var err error - // nolint - b, err = x509.DecryptPEMBlock(block, nil) - if err != nil { - return nil, errors.Wrap(err, "Failed to decrypt private key") - } - } - parsedSk, err := x509.ParsePKCS1PrivateKey(b) - if err != nil { - return nil, errors.Wrap(err, "Failed to parse private key") - } - return parsedSk, nil -} - -// PemToPublicKey return rsa public key from pem -func PemToPublicKey(pkPem []byte) (*rsa.PublicKey, error) { - block, _ := pem.Decode(pkPem) - // nolint - enc := x509.IsEncryptedPEMBlock(block) - b := block.Bytes - if enc { - var err error - // nolint - b, err = x509.DecryptPEMBlock(block, nil) - if err != nil { - return nil, errors.Wrap(err, "Failed to decrypt private key") - } - } - parsedPk, err := x509.ParsePKIXPublicKey(b) - if err != nil { - return nil, errors.Wrap(err, "Failed to parse public key") - } - if ret, ok := parsedPk.(*rsa.PublicKey); ok { - return ret, nil - } - return nil, errors.Wrap(err, "Failed to parse public key") -} - -// PrivateKeyToPem converts privateKey to pem encoded -func PrivateKeyToPem(sk *rsa.PrivateKey) []byte { - return pem.EncodeToMemory( - &pem.Block{ - Type: "RSA PRIVATE KEY", - Bytes: x509.MarshalPKCS1PrivateKey(sk), - }, - ) -} - -// GetPublicKeyPem get public key from private key and return []byte represent the public key -func GetPublicKeyPem(sk *rsa.PrivateKey) ([]byte, error) { - pkBytes, err := x509.MarshalPKIXPublicKey(&sk.PublicKey) - if err != nil { - return nil, errors.Wrap(err, "Failed to marshal private key") - } - pemByte := pem.EncodeToMemory( - &pem.Block{ - Type: "RSA PUBLIC KEY", - Bytes: pkBytes, - }, - ) - - return pemByte, nil -} diff --git a/types/spectest/all_tests.go b/types/spectest/all_tests.go index baca65b89..0ff85ca1f 100644 --- a/types/spectest/all_tests.go +++ b/types/spectest/all_tests.go @@ -6,7 +6,6 @@ import ( "github.com/bloxapp/ssv-spec/types/spectest/tests/beacon" "github.com/bloxapp/ssv-spec/types/spectest/tests/consensusdata" consensusdataproposer "github.com/bloxapp/ssv-spec/types/spectest/tests/consensusdata/proposer" - "github.com/bloxapp/ssv-spec/types/spectest/tests/encryption" "github.com/bloxapp/ssv-spec/types/spectest/tests/partialsigmessage" "github.com/bloxapp/ssv-spec/types/spectest/tests/share" "github.com/bloxapp/ssv-spec/types/spectest/tests/ssvmsg" @@ -46,9 +45,6 @@ var AllTests = []SpecTest{ //share.NoPartialQuorum(), //share.NoPartialQuorumDuplicate(), - encryption.SimpleEncrypt(), - encryption.EncryptBLSSK(), - consensusdata.InvalidDuty(), consensusdata.ProposerConsensusDataEncoding(), diff --git a/types/spectest/run_test.go b/types/spectest/run_test.go index e930ad5bc..0d1ad901b 100644 --- a/types/spectest/run_test.go +++ b/types/spectest/run_test.go @@ -14,7 +14,6 @@ import ( "github.com/bloxapp/ssv-spec/types/spectest/tests/beacon" "github.com/bloxapp/ssv-spec/types/spectest/tests/consensusdata" consensusdataproposer "github.com/bloxapp/ssv-spec/types/spectest/tests/consensusdata/proposer" - "github.com/bloxapp/ssv-spec/types/spectest/tests/encryption" "github.com/bloxapp/ssv-spec/types/spectest/tests/partialsigmessage" "github.com/bloxapp/ssv-spec/types/spectest/tests/share" "github.com/bloxapp/ssv-spec/types/spectest/tests/ssvmsg" @@ -84,12 +83,6 @@ func TestJson(t *testing.T) { typedTest := &ssvmsg.EncodingTest{} require.NoError(t, json.Unmarshal(byts, &typedTest)) typedTest.Run(t) - case reflect.TypeOf(&encryption.EncryptionSpecTest{}).String(): - byts, err := json.Marshal(test) - require.NoError(t, err) - typedTest := &encryption.EncryptionSpecTest{} - require.NoError(t, json.Unmarshal(byts, &typedTest)) - typedTest.Run(t) case reflect.TypeOf(&beacon.DepositDataSpecTest{}).String(): byts, err := json.Marshal(test) require.NoError(t, err) diff --git a/types/spectest/tests/encryption/encrypt_bls_sk.go b/types/spectest/tests/encryption/encrypt_bls_sk.go deleted file mode 100644 index e6119b016..000000000 --- a/types/spectest/tests/encryption/encrypt_bls_sk.go +++ /dev/null @@ -1,27 +0,0 @@ -package encryption - -import ( - "fmt" - "github.com/bloxapp/ssv-spec/types" - "github.com/herumi/bls-eth-go-binary/bls" -) - -// EncryptBLSSK tests encrypting a BLS private key -func EncryptBLSSK() *EncryptionSpecTest { - types.InitBLS() - blsSK := &bls.SecretKey{} - blsSK.SetByCSPRNG() - - sk, pk, _ := types.GenerateKey() - pkObj, _ := types.PemToPublicKey(pk) - cipher, _ := types.Encrypt(pkObj, blsSK.Serialize()) - - fmt.Printf("cipher L: %d\n", len(cipher)) - return &EncryptionSpecTest{ - Name: "bls secret key encryption", - SKPem: sk, - PKPem: pk, - PlainText: blsSK.Serialize(), - CipherText: cipher, - } -} diff --git a/types/spectest/tests/encryption/encryption.go b/types/spectest/tests/encryption/encryption.go deleted file mode 100644 index 1cfbdc5b7..000000000 --- a/types/spectest/tests/encryption/encryption.go +++ /dev/null @@ -1,19 +0,0 @@ -package encryption - -import ( - "github.com/bloxapp/ssv-spec/types" -) - -// SimpleEncrypt tests simple rsa encrypt -func SimpleEncrypt() *EncryptionSpecTest { - sk, pk, _ := types.GenerateKey() - pkObj, _ := types.PemToPublicKey(pk) - cipher, _ := types.Encrypt(pkObj, []byte("hello world")) - return &EncryptionSpecTest{ - Name: "simple encryption", - SKPem: sk, - PKPem: pk, - PlainText: []byte("hello world"), - CipherText: cipher, - } -} diff --git a/types/spectest/tests/encryption/test.go b/types/spectest/tests/encryption/test.go deleted file mode 100644 index 4ef5d97a2..000000000 --- a/types/spectest/tests/encryption/test.go +++ /dev/null @@ -1,47 +0,0 @@ -package encryption - -import ( - "github.com/bloxapp/ssv-spec/types" - "github.com/stretchr/testify/require" - "testing" -) - -type EncryptionSpecTest struct { - Name string - SKPem []byte - PKPem []byte - PlainText []byte - CipherText []byte -} - -func (test *EncryptionSpecTest) TestName() string { - return "encryption " + test.Name -} - -func (test *EncryptionSpecTest) Run(t *testing.T) { - // get sk from pem - sk, err := types.PemToPrivateKey(test.SKPem) - require.NoError(t, err) - - // get pk from sk and compare to test pk - pkFromSK, err := types.GetPublicKeyPem(sk) - require.NoError(t, err) - require.EqualValues(t, test.PKPem, pkFromSK) - - pk, err := types.PemToPublicKey(test.PKPem) - require.NoError(t, err) - - // encrypt - cipher, err := types.Encrypt(pk, test.PlainText) - require.NoError(t, err) - - // decrypt and compare to plain text - plain, err := types.Decrypt(sk, cipher) - require.NoError(t, err) - require.EqualValues(t, test.PlainText, plain) - - // decrypt test's cipher and compare to plain text - plain2, err := types.Decrypt(sk, test.CipherText) - require.NoError(t, err) - require.EqualValues(t, test.PlainText, plain2) -}