stackoom
  简体   繁体   中英

How do I get and use the public/private keys of users in Hyperledger v1.0?

 原文  2017-07-10 02:08:48       hyperledger/ hyperledger-fabric

Question

I read that in Hyperledger v1, encryption and channels can be used to enforce privacy.

I want to try the encryption approach to accomplish this. Since all registered users have private/public keys, I plan to use the public keys of users to encrypt some data (later I plan to combine this with symmetric cryptography to make it more efficient).

In addition, I plan to use the private key of the invoker of a function to perform decryption.

How do I get the public/private keys inside the chaincode? In addition, I also plan to perform encryption/decryption in NodeJS (outside the chaincode) since I'm using the NodeJS SDK for Hyperledger v1. How do I get the public/private keys through NodeJS?

2 answers

solution1
 2  2017-07-10 08:28:16

While using NodeSDK you simply load keys from theirs location on disk and to obtain signer (client) certificate you can use API from ChaincodeStubInterface interface which provided you while chaincode is invoked: 

// GetCreator returns `SignatureHeader.Creator` (e.g. an identity)
// of the `SignedProposal`. This is the identity of the agent (or user)
// submitting the transaction.
GetCreator() ([]byte, error)

solution2
 2  2017-07-11 06:31:50

First of all, I think that you should know how are those keys created. There are different ways for it, but Hyperledger Fabric gives you two tools to create these keys:

  • Cryptogen: this tool is used to generate the cryptographic material (x509 certs) for your network entities. These certificates are representative of identities, and they allow for sign/verify authentication to take place as our entities communicate and transact.
  • Fabric CA: a component of the Fabric, ie the CA that will issue certificates for each member.

Then, once you have the keys, you should manage them. The Fabric project makes it easier thanks to the MSP . When you create a channel, you define the public keys of the peers and the keys of the issuers of those certificates. Then, Fabric manages them to verify the transactions.

The Membership service provider (MSP) offers us the possibility of abstracting from all the cryptographic mechanisms and protocols of validation, authentication verification and signature.

暂无
暂无

The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.

Related Question Can I use the public/private key generated by the MSP in Hyperledger Fabric v1.0 for encrypting/decrypting data? How do we enable the use of attributes in Hyperledger v1.0 Hyperledger v1.0 channel How to deploy Hyperledger Fabric V1.0 network in production level? Hyperledger fabric v1.0: multiple orderers Privacy on Hyperledger Fabric v1.0 Java sdk Hyperledger v1.0 How do we enforce privacy while providing tracing of provenance using multiple channels in Hyperledger Fabric v1.0? Use REST API support in local development environment for Hyperledger Fabric V1.0 How to retrieve/implement user/role based execution in Hyperledger v1.0?
Related Tags
 
粤ICP备18138465号  © 2020-2024 STACKOOM.COM