[英]Is there a way to get user private and public key in hyperledger fabric for data encryption purposes
I recently started learning hyperledger fabric, I'm working on a simple private blockchain for managing digital data, this data would be encrypted with user public key and can only be decrypted with the user private key, so my question is, is there a way to get user private and public key in hyperledger fabric for data encryption purposes我最近开始学习超级账本结构,我正在研究一个简单的私有区块链来管理数字数据,这些数据将用用户公钥加密,只能用用户私钥解密,所以我的问题是,有没有办法在超级账本结构中获取用户私钥和公钥以进行数据加密
yes, fabric uses public-key infrastructure.是的,fabric 使用公钥基础设施。 Every transaction in the fabric is signed by the user's private key. Fabric 中的每笔交易都由用户的私钥签名。 And at chaincode level, you can get the public key of the user from its E-certs.在链码级别,您可以从其电子证书中获取用户的公钥。
More about Identity from fabric docs https://hyperledger-fabric.readthedocs.io/en/release-2.0/identity/identity.html有关 Fabric 文档中身份的更多信息https://hyperledger-fabric.readthedocs.io/en/release-2.0/identity/identity.html
CID golang package to get E-cert at chaincode level https://github.com/hyperledger/fabric-chaincode-go/tree/master/pkg/cid CID golang package 获得链码级别的电子证书https://github.com/hyperledger/fabric-chaincode-go/tree/master/pkg/cid
Although MSP ECDSA keys are used to sign, you can use them to encrypt via ECDH.虽然 MSP ECDSA 密钥用于签名,但您可以使用它们通过 ECDH 进行加密。 Basically you can derive the same shared secret from public key A and private key B as from public key B and private key A, so that you use that shared secret as a symmetric AES key to encrypt.基本上,您可以从公钥 A 和私钥 B 中导出与从公钥 B 和私钥 A 中相同的共享密钥,以便使用该共享密钥作为对称 AES 密钥进行加密。
An example with openssl
: https://jameshfisher.com/2017/04/14/openssl-ecc/ . openssl
的示例: https://jameshfisher.com/2017/04/14/openssl-ecc/ 。 You don't need to create the key pairs as you already have them.您不需要创建密钥对,因为您已经拥有它们。 You can implement it in javascript with elliptic
and crypto
libraries.您可以使用elliptic
和crypto
库在 javascript 中实现它。
You manage your own private and public keys (in your client's wallet after enrolling), but you have to arrange your reliable way to distribute the other's public key.您管理自己的私钥和公钥(注册后在您客户的钱包中),但您必须安排可靠的方式来分发对方的公钥。 You can easily verify that public key if it is embedded in a valid certificate, but the way to distribute it is in your hand.如果公钥嵌入在有效证书中,您可以轻松验证它,但分发它的方式掌握在您手中。
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.