diff --git a/bftengine/src/bftengine/KeyExchangeManager.cpp b/bftengine/src/bftengine/KeyExchangeManager.cpp index 24a11ebf81..2ba70fad8a 100644 --- a/bftengine/src/bftengine/KeyExchangeManager.cpp +++ b/bftengine/src/bftengine/KeyExchangeManager.cpp @@ -25,6 +25,8 @@ namespace bftEngine::impl { using concord::util::crypto::KeyFormat; +using concord::crypto::cryptopp::Crypto; +using concord::crypto::openssl::CertificateUtils; KeyExchangeManager::KeyExchangeManager(InitData* id) : repID_{ReplicaConfig::instance().getreplicaId()}, @@ -153,18 +155,16 @@ void KeyExchangeManager::loadClientPublicKeys() { } void KeyExchangeManager::exchangeTlsKeys(const std::string& type, const SeqNum& bft_sn) { - auto keys = concord::util::cryptopp_utils::Crypto::instance().generateECDSAKeyPair( - concord::util::crypto::KeyFormat::PemFormat, concord::util::crypto::CurveType::secp384r1); + auto keys = Crypto::instance().generateECDSAKeyPair(concord::util::crypto::KeyFormat::PemFormat, + concord::util::crypto::CurveType::secp384r1); bool use_unified_certs = bftEngine::ReplicaConfig::instance().useUnifiedCertificates; const std::string base_path = bftEngine::ReplicaConfig::instance().certificatesRootPath + "/" + std::to_string(repID_); std::string root_path = (use_unified_certs) ? base_path : base_path + "/" + type; std::string cert_path = (use_unified_certs) ? root_path + "/node.cert" : root_path + "/" + type + ".cert"; - std::string prev_key_pem = concord::util::cryptopp_utils::Crypto::instance() - .RsaHexToPem(std::make_pair(SigManager::instance()->getSelfPrivKey(), "")) - .first; - auto cert = - concord::util::openssl_utils::CertificateUtils::generateSelfSignedCert(cert_path, keys.second, prev_key_pem); + std::string prev_key_pem = + Crypto::instance().RsaHexToPem(std::make_pair(SigManager::instance()->getSelfPrivKey(), "")).first; + auto cert = CertificateUtils::generateSelfSignedCert(cert_path, keys.second, prev_key_pem); // Now that we have generated new key pair and certificate, lets do the actual exchange on this replica std::string pk_path = root_path + "/pk.pem"; std::fstream nec_f(pk_path); diff --git a/bftengine/src/bftengine/SigManager.cpp b/bftengine/src/bftengine/SigManager.cpp index f9f1b8b894..26545fedaa 100644 --- a/bftengine/src/bftengine/SigManager.cpp +++ b/bftengine/src/bftengine/SigManager.cpp @@ -25,8 +25,8 @@ using namespace std; namespace bftEngine { namespace impl { -using concord::util::signerverifier::TransactionSigner; -using concord::util::signerverifier::TransactionVerifier; +using concord::signerverifier::TransactionSigner; +using concord::signerverifier::TransactionVerifier; concord::messages::keys_and_signatures::ClientsPublicKeys clientsPublicKeys_; diff --git a/bftengine/src/preprocessor/tests/preprocessor_test.cpp b/bftengine/src/preprocessor/tests/preprocessor_test.cpp index 42f15b8271..3aecc215b9 100644 --- a/bftengine/src/preprocessor/tests/preprocessor_test.cpp +++ b/bftengine/src/preprocessor/tests/preprocessor_test.cpp @@ -156,185 +156,172 @@ class DummyPreProcessor : public PreProcessor { // clang-format off #ifdef USE_CRYPTOPP -const vector privateKeys = { - { - "308204BA020100300D06092A864886F70D0101010500048204A4308204A00201000282010100C55B8F7979BF24B335017082BF33EE2960E3A0" - "68DCDB45CA3017214BFB3F32649400A2484E2108C7CD07AA7616290667AF7C7A1922C82B51CA01867EED9B60A57F5B6EE33783EC258B234748" - "8B0FA3F99B05CFFBB45F80960669594B58C993D07B94D9A89ED8266D9931EAE70BB5E9063DEA9EFAF744393DCD92F2F5054624AA048C7EE50B" - "EF374FCDCE1C8CEBCA1EF12AF492402A6F56DC9338834162F3773B119145BF4B72672E0CF2C7009EBC3D593DFE3715D942CA8749771B484F72" - "A2BC8C89F86DB52ECC40763B6298879DE686C9A2A78604A503609BA34B779C4F55E3BEB0C26B1F84D8FC4EB3C79693B25A77A158EF88292D4C" - "01F99EFE3CC912D09B020111028201001D05EF73BF149474B4F8AEA9D0D2EE5161126A69C6203EF8162184E586D4967833E1F9BF56C89F68AD" - "35D54D99D8DB4B7BB06C4EFD95E840BBD30C3FD7A5E890CEF6DB99E284576EEED07B6C8CEBB63B4B80DAD2311D1A706A5AC95DE768F017213B" - "896B9EE38D2E3C2CFCE5BDF51ABD27391761245CDB3DCB686F05EA2FF654FA91F89DA699F14ACFA7F0D8030F74DBFEC28D55C902A27E9C03AB" - "1CA2770EFC5BE541560D86FA376B1A688D92124496BB3E7A3B78A86EBF1B694683CDB32BC49431990A18B570C104E47AC6B0DE5616851F4309" - "CFE7D0E20B17C154A3D85F33C7791451FFF73BFC4CDC8C16387D184F42AD2A31FCF545C3F9A498FAAC6E94E902818100F40CF9152ED4854E1B" - "BF67C5EA185C52EBEA0C11875563AEE95037C2E61C8D988DDF71588A0B45C23979C5FBFD2C45F9416775E0A644CAD46792296FDC68A98148F7" - "BD3164D9A5E0D6A0C2DF0141D82D610D56CB7C53F3C674771ED9ED77C0B5BF3C936498218176DC9933F1215BC831E0D41285611F512F68327E" - "4FBD9E5C5902818100CF05519FD69D7C6B61324F0A201574C647792B80E5D4D56A51CF5988927A1D54DF9AE4EA656AE25961923A0EC046F1C5" - "69BAB53A64EB0E9F5AB2ABF1C9146935BA40F75E0EB68E0BE4BC29A5A0742B59DF5A55AB028F1CCC42243D2AEE4B74344CA33E72879EF2D1CD" - "D874A7F237202AC7EB57AEDCBD539DEFDA094476EAE613028180396C76D7CEC897D624A581D43714CA6DDD2802D6F2AAAE0B09B885974533E5" - "14D6167505C620C51EA41CA70E1D73D43AA5FA39DA81799922EB3173296109914B98B2C31AAE515434E734E28ED31E8D37DA99BA11C2E693B6" - "398570ABBF6778A33C0E40CC6007E23A15C9B1DE6233B6A25304B91053166D7490FCD26D1D8EAC5102818079C6E4B86020674E392CA6F6E5B2" - "44B0DEBFBF3CC36E232F7B6AE95F6538C5F5B0B57798F05CFD9DFD28D6DB8029BB6511046A9AD1F3AE3F9EC37433DFB1A74CC7E9FAEC08A79E" - "D9D1D8187F8B8FA107B08F7DAFE3633E1DCC8DC9A0C8689EB55A41E87F9B12347B6A06DB359D89D6AFC0E4CA2A9FF6E5E46EF8BA2845F39665" - "0281802A89B2BD4A665A0F07DCAFA6D9DB7669B1D1276FC3365173A53F0E0D5F9CB9C3E08E68503C62EA73EB8E0DA42CCF6B136BF4A85B0AC4" - "24730B4F3CAD8C31D34DD75EF2A39B6BCFE3985CCECC470CF479CF0E9B9D6C7CE1C6C70D853728925326A22352DF73B502D4D3CBC2A770DE27" - "6E1C5953DF7A9614C970C94D194CAE9188" - }, - { - "308204BC020100300D06092A864886F70D0101010500048204A6308204A20201000282010100CAF26C09B1F6F056F66B54AA0EA002EA236151" - "3A721A58E44472ADE74DBD833890ED9EE8E0CFF1B84C3DFE9E6226C8CEBFFEDFE71A6BCFE5A599D02FD9940997E864D400BF440BA7B1A568A5" - "ACF7688B025B5B207E5651E597141FAEF733FA9D87732B8FBA31E082BE777AEB992B00873764655C3B1F8FBF8DD2446F4F9F79883E21DBC1A1" - "7431E42AF01B9D4DE54B9880E7FB397655C79D7C3A5981CA64A32E2F05FCF0B127F4C6D349056276992B7403D36E03D14C45B6F5F66786280C" - "921236A17EE0F311821BDF925A47DCA590BB31C60646692014317BE0DD32248DF557A77F80F336C82461B659266F74F495BA5CE194043505B5" - "F0C363263BF73BB897020111028201005F8123C853BF8028EC6EBE6E2500015F1FB55366CC48A24D4D6324A915865BDE6251B4315ABC3583E7" - "A4B40E4C4E7C9D8786FFF448AB34A84DEE079E0C096DED221154B50EB69C12ADF37C8A334740416A85580F4A82F95CFBCD3C1619FA57D1A927" - "238EEE3596D41D656705754169A90B021194D08752B47EF9899DCB1DDED5DCDDA688D9FA88F9303E99CAB040D2E47DCE866717580C2CD01DB9" - "4E8FE215EAA254432E3B399B90260255DEE7FADED4643814C0DE41DE237BBB7173CFF16AC9237AADA4595FD95EB92E30D2127C7761C6A1CD75" - "C1F12F5B92B6602E1CDC06E112321B0A41C8A102D785B7C4C7D2441DA983346B81873984DD680FB4B1C9AD7102818100D5E41BE52CECFB7405" - "01B87C631DEFB3DD855EE95553A816BE8D3DFAE200086E1C12E9FBDDD8737F2CCE2CED1D82431ADC63C1B34EA59C27E98283EB20EAF8F5A29D" - "45ACE2E5C3173F396DF4356D54F3ED0CF9BBA222E3B9194CD15F88B6AB8FAFDFACACCC97D87555CD1E864D09DF795FB8BE3F9BE2CB8E52F641" - "FCEDC8E97902818100F2E6BDF9A552D35E9F695C52343D9BBF180BBEB50F6705A7836DF1BFF6A42C2D7A000432957516B555B5E1FBAC21CED5" - "D2788036AA5AB183A5859284ED409631289F8836D240111B56D6C4953FEFBE177EA137F08ADCABD5CAD07F709E83BB29B0F55AD09E65F5C656" - "8FE166FF4BE581F4F2066025E3902819EFC2DF0FA63E8F0281803EE8BCE90D36A44F4CC44551C2CC91CB7D637644A0A022610ADE3F67E81E20" - "98DB149F2BF5F45E347696FE279F446E16F586C080081297570871AE5436DBB2A2993D50BA60DA2A5221A77AB13CE3EBCF45B885AFA8286118" - "52BC3D94919F23667F058D23C3B4309AFB1E36278011F66EFE0928E58833A547FA486DC2DC8662C902818100AB75B346CF0D49E870869B8552" - "0D5EE13E26687FCEA3130CD53E8C8780EC5B6B652D3023B4CB1F1696DABDA2979F64D32B27E208784004D565C7B2B82F006A0495255117A378" - "848BC4D3D60EFFF4862EB3BD186D8F325B2D801AB44F7EF3932C7CE96D47F75707D74C2953D03BBD1A79DA1440BC56FAFC588AC75C6138391D" - "1902818100BBC05F561AEF4BDE1ECABB5CD313E6173F5E46AC85B4462A8CA689E4E84B95E66733081518DB01714B7B18E44B780DB5A6DA2612" - "506F46E4D91C8CB582AFD54C7509C9947EC754BFDD0D35FAECE2E729DBD21A62E33C3DEF556913ECF4C8D75910E860D36AFD0977FF9114ACEA" - "8F44882259C6F1D8314B653F64F4655CFD68A6" - }, - { - "308204BA020100300D06092A864886F70D0101010500048204A4308204A00201000282010100DA68B2830103028D0ECD911D20E732257F8A39" - "BC5214B670C8F1F836CD1D88E6421ABD3C47F16E37E07DCFE89FC11ECBED73896FC978B7E1519F59318F3E24BB5C8962B0EA44889C3A81021C" - "C9E8EAA94099B9305B0F7731C27CC528CFEE710066CB69229F8AA04DBD842FA8C3143CB0EF1164E45E34B114FBA610DBDFC7453DAD995743AD" - "1489AA131D0C730163ECA7317048C1AD1008ED31A32CB773D94B5317CAAF95674582DCA1AC9FEBE02079836B52E1E3C8D39571018A7657650D" - "52D2DF3363F88A690628D64DCBECB88BBA432F27C32E7BC5BC0F1D16D0A027D1D40362F8CEDBE8BED05C2BCE96F33A75CD70014626B32E5EE8" - "1EBD3116F6F1E5231B02011102820100201E749ACB716241EB96B375398B6941BFEEAE23393F480186F668444B572AB873220CC519A3812655" - "B8261AAE14DEE1C1097617F7FB2A199B0FE7783AB650B22432524731828C8F7203E9B8F08422824D43C868FE55190ED8D61CFE78EE5BE97887" - "5339CC2AF974D81AF7F32BBF361A050A165DD19E5646D9B68A02377F2FD417BE92D2722CEE33B3A0F7B111639C092B4024BB08ACEBE9F9BC28" - "C14BB611DBE627136B568493C6995D81442F09DFEFBA4378A34DEF28F3BD862F4C28BECA87A95551FC2DB48766F82752C7E8B34E8599590190" - "B12A648AC1E361FE28A3253EC615381A066BFD351C18F0B236429A950106DD4F1134A3DE6CEB1094B7CE5C7102818100EA51580294BB0FD7DA" - "FDC00364A9B3C4781F70C4BBE8BDE0D82895ADE549E25388E78A53EF83CF9A3D9528F70CB5A57A9A187D5AC68682F03B26C2F6A409E1554FED" - "061BDC944985102F2988A5A8CD639BA7890FD689D7171612159AAA818F5502EF80D5D13339826A98914A321B5B4512EC24AF3EE80F982D3418" - "0C85B3E38102818100EE9E7F43A98E593F72A584EEC014E0A46003116B82F5D3A21DAE4EB3F21FBC5B71D96E012B6F5FFBEACED4BEC6C147AA" - "AB6F9698F0592F3A8A6CD827ABF210497635639043D5F0B461E00914B152D6ECB3EFC9138A1B9FAEE09420AB9C2E1436B6AC36EEB8AD43709B" - "BFA0ED30FBF09C1A91BAB71410E49E11BE8E2A571C649B02818044EABF8849DCAA4E8BB40B4C4AC8802AB9EB212ACDDB0AAB8ADEC29C8EBB60" - "AF284419A0376300D3030DC0C121DB128D789DCA841C45AE0A6BC01B397B8A6F7371DC4D1740E051DBD79566919A2296C2F18BA0C86C46A8AC" - "6FE73387D7CBC0BEA682AD6C105A5C356AA557E8A553571450DC0ACA218F8C1DB2F1343FEB16CA71028180704A963DF57029FFBD7B11614B55" - "1E6B7879EA1479DD184C4A33E8CD26A585D0AE0BF7881470A5A3B9CABE77E50FA941419DEC8434DEACD04124297C14AE25C837A0A752F2BF07" - "DC6A4B4F91446337F6EB43A9EB13D0C39D96DC4B9C0D42DC55FB9C5615FC8DC5622B2D006F9E94AD76A31766ECBE26113B53A4F79B744998C1" - "028180124E2A5DAC7AC7017647FE1B6871484B7B38A3C060B992B871939C8A75BC35DB771F041910C0092E01B545E1910109AA827F34F56327" - "15E06819ADED60117FD8B9400C3F307EA022D5AC5394E65D28EF434DC068494D33ACF70B43791C1C13C35AC680E0038DB411ADEBBC067F477E" - "01E8CF793FB076AE47BD83B935B8041DC1" - }, - { - "308204BB020100300D06092A864886F70D0101010500048204A5308204A10201000282010100B4D984129ECC2F4350596DD602EB5337B78E33" - "C4D945C70C2CACFF6237037BEF897D6893079D1067F07FF023D66C77BB41F6D41215C9912D995215C6F7651F1728AAB65CF20CBE81E5E7F202" - "E474AF535E92BBC386A7A496263BC4189FD9DD5E801C3023038EFE5B5DE35AA3F70C10F87259D586C36D3DF524E9DA2140C481365985AD185E" - "1CF3E78B6B82FDD274CCD1267838A0B91F9B48544AFB2C71B158A26E6154CECB43ECEE13FFBD6CA91D8D115B6B91C55F3A88E3F389E9A2AF4B" - "C381D21F9ABF2EA16F58773514249B03A4775C6A10561AFC8CF54B551A43FD014F3C5FE12D96AC5F117645E26D125DC7430114FA60577BF7C9" - "AA1224D190B2D8A83B020111028201004FC95FEA18E19C6176459256E32B95A7A3CDCB8B8D08322B04A6ACE790BDC5BC806C087D19F2782DDB" - "0B444C0BC6710ED9564E8073061A66F0D163F5E59D8DB764C3C8ECC523BD758B13815BA1064D597C8C078AF7A450241FED30DDAFEF2CF4FC48" - "ABD336469D648B4DB70C1A2AF86D9BDC56AC6546C882BD763A963329844BF0E8C79E5E7A5C227A1CDB8473965090084BEAC728E4F86670BAE0" - "5DA589FAE1EBC98A26BF207261EECE5A92759DE516306B0B2F715370586EF45447F82CC37206F70D762AAB75215482A67FE6742E9D644AB765" - "4F02476EAE15A742FCB2266DAE437DC76FB17E1698D4987945C779A4B89F5FB3F5E1B194EFA4024BA3797F2502818100E2BDA6F0031EAA027B" - "1E8099D9D2CF408B8C9D83A22BFBAAD3BCFA952469A001C25E5E2E89DAF28636633E8D7C5E1E5FD8384767DB5B384DAB38147EA46871D5E31E" - "DC110026E42E90C44F02110A369ACF0445C617CC25CD1207F116B9AF2FA78A89E6C6345EAFD0607CB145410DD6619AC0C034B54283A0065B93" - "3550B8DACF02818100CC2FDB49EB3E45DB2EB644048C3C35E3BB50980453DB8EB54DD5595CA2DBC43A2F2912D0F696E6126AFBF5D7777BABB2" - "6AC931030B8896343BC19EA30B8EEBFECE2617A2564B3D66E29DF66708254877CC33E699501A2BA4D0D7D02F068B1DCF6C7A0794F24BEE83BE" - "2E8453D3E436C3B59D2D9BEEB5B38541EF170544EA46D502818100AD63DA02D5359110F4BCF8EE1F0A9E7CA6F30F0A4ED6570A29726544DF9C" - "10F2495738F6696B31EE29972FD59B57082B2CDFBE223E54D0B3DD49009D144FDE94808102A396B454239BE169982B25ED85712162886C8D0D" - "D90DC9D67ACA3AABF8971E28F1EBCFEFDB95140F16D764EF3B947547AFD5E791D4B9915274108D5C07028180300B42A7FB1DB61574671F1020" - "FF1BBD1D03E7888C33A91B99D7D8CA80AC2E2BCEDC7CE5DFAB08F546596705858682C09198C03CF3A7AADF1D1E7FADE49A196921725FE9F62F" - "D236537076365C4501FE11EE182412D8FB35D6C95E292EB7524EEC58F2B9A26C381EFF92797D22CC491EFD8E6515A1942A3D78ECF65B97BEA7" - "410281806625E51F70BB9E00D0260941C56B22CDCECC7EA6DBC2C28A1CDA0E1AFAACD39C5E962E40FCFC0F5BBA57A7291A1BDC5D3D29495B45" - "CE2B3BEC7748E6C351FF934537BCA246CA36B840CF68BE6D473F7EE079B0EFDFF6B1BB554B06093E18B269FC3BD3F9876376CA7C673A93F142" - "7088BF0990AB8E232F269B5DBCD446385A66" - }, - { - "308204BB020100300D06092A864886F70D0101010500048204A5308204A10201000282010100B4D984129ECC2F4350596DD602EB5337B78E33" - "C4D945C70C2CACFF6237037BEF897D6893079D1067F07FF023D66C77BB41F6D41215C9912D995215C6F7651F1728AAB65CF20CBE81E5E7F202" - "E474AF535E92BBC386A7A496263BC4189FD9DD5E801C3023038EFE5B5DE35AA3F70C10F87259D586C36D3DF524E9DA2140C481365985AD185E" - "1CF3E78B6B82FDD274CCD1267838A0B91F9B48544AFB2C71B158A26E6154CECB43ECEE13FFBD6CA91D8D115B6B91C55F3A88E3F389E9A2AF4B" - "C381D21F9ABF2EA16F58773514249B03A4775C6A10561AFC8CF54B551A43FD014F3C5FE12D96AC5F117645E26D125DC7430114FA60577BF7C9" - "AA1224D190B2D8A83B020111028201004FC95FEA18E19C6176459256E32B95A7A3CDCB8B8D08322B04A6ACE790BDC5BC806C087D19F2782DDB" - "0B444C0BC6710ED9564E8073061A66F0D163F5E59D8DB764C3C8ECC523BD758B13815BA1064D597C8C078AF7A450241FED30DDAFEF2CF4FC48" - "ABD336469D648B4DB70C1A2AF86D9BDC56AC6546C882BD763A963329844BF0E8C79E5E7A5C227A1CDB8473965090084BEAC728E4F86670BAE0" - "5DA589FAE1EBC98A26BF207261EECE5A92759DE516306B0B2F715370586EF45447F82CC37206F70D762AAB75215482A67FE6742E9D644AB765" - "4F02476EAE15A742FCB2266DAE437DC76FB17E1698D4987945C779A4B89F5FB3F5E1B194EFA4024BA3797F2502818100E2BDA6F0031EAA027B" - "1E8099D9D2CF408B8C9D83A22BFBAAD3BCFA952469A001C25E5E2E89DAF28636633E8D7C5E1E5FD8384767DB5B384DAB38147EA46871D5E31E" - "DC110026E42E90C44F02110A369ACF0445C617CC25CD1207F116B9AF2FA78A89E6C6345EAFD0607CB145410DD6619AC0C034B54283A0065B93" - "3550B8DACF02818100CC2FDB49EB3E45DB2EB644048C3C35E3BB50980453DB8EB54DD5595CA2DBC43A2F2912D0F696E6126AFBF5D7777BABB2" - "6AC931030B8896343BC19EA30B8EEBFECE2617A2564B3D66E29DF66708254877CC33E699501A2BA4D0D7D02F068B1DCF6C7A0794F24BEE83BE" - "2E8453D3E436C3B59D2D9BEEB5B38541EF170544EA46D502818100AD63DA02D5359110F4BCF8EE1F0A9E7CA6F30F0A4ED6570A29726544DF9C" - "10F2495738F6696B31EE29972FD59B57082B2CDFBE223E54D0B3DD49009D144FDE94808102A396B454239BE169982B25ED85712162886C8D0D" - "D90DC9D67ACA3AABF8971E28F1EBCFEFDB95140F16D764EF3B947547AFD5E791D4B9915274108D5C07028180300B42A7FB1DB61574671F1020" - "FF1BBD1D03E7888C33A91B99D7D8CA80AC2E2BCEDC7CE5DFAB08F546596705858682C09198C03CF3A7AADF1D1E7FADE49A196921725FE9F62F" - "D236537076365C4501FE11EE182412D8FB35D6C95E292EB7524EEC58F2B9A26C381EFF92797D22CC491EFD8E6515A1942A3D78ECF65B97BEA7" - "410281806625E51F70BB9E00D0260941C56B22CDCECC7EA6DBC2C28A1CDA0E1AFAACD39C5E962E40FCFC0F5BBA57A7291A1BDC5D3D29495B45" - "CE2B3BEC7748E6C351FF934537BCA246CA36B840CF68BE6D473F7EE079B0EFDFF6B1BB554B06093E18B269FC3BD3F9876376CA7C673A93F142" - "7088BF0990AB8E232F269B5DBCD446385A66" - }}; - -const vector publicKeys = { - { - "30820120300D06092A864886F70D01010105000382010D00308201080282010100C55B8F7979BF24B335017082BF33EE2960E3A068DCDB45CA" - "3017214BFB3F32649400A2484E2108C7CD07AA7616290667AF7C7A1922C82B51CA01867EED9B60A57F5B6EE33783EC258B2347488B0FA3F99B" - "05CFFBB45F80960669594B58C993D07B94D9A89ED8266D9931EAE70BB5E9063DEA9EFAF744393DCD92F2F5054624AA048C7EE50BEF374FCDCE" - "1C8CEBCA1EF12AF492402A6F56DC9338834162F3773B119145BF4B72672E0CF2C7009EBC3D593DFE3715D942CA8749771B484F72A2BC8C89F8" - "6DB52ECC40763B6298879DE686C9A2A78604A503609BA34B779C4F55E3BEB0C26B1F84D8FC4EB3C79693B25A77A158EF88292D4C01F99EFE3C" - "C912D09B020111" - }, - { - "30820120300D06092A864886F70D01010105000382010D00308201080282010100CAF26C09B1F6F056F66B54AA0EA002EA2361513A721A58E4" - "4472ADE74DBD833890ED9EE8E0CFF1B84C3DFE9E6226C8CEBFFEDFE71A6BCFE5A599D02FD9940997E864D400BF440BA7B1A568A5ACF7688B02" - "5B5B207E5651E597141FAEF733FA9D87732B8FBA31E082BE777AEB992B00873764655C3B1F8FBF8DD2446F4F9F79883E21DBC1A17431E42AF0" - "1B9D4DE54B9880E7FB397655C79D7C3A5981CA64A32E2F05FCF0B127F4C6D349056276992B7403D36E03D14C45B6F5F66786280C921236A17E" - "E0F311821BDF925A47DCA590BB31C60646692014317BE0DD32248DF557A77F80F336C82461B659266F74F495BA5CE194043505B5F0C363263B" - "F73BB897020111" - }, - { - "30820120300D06092A864886F70D01010105000382010D00308201080282010100DA68B2830103028D0ECD911D20E732257F8A39BC5214B670" - "C8F1F836CD1D88E6421ABD3C47F16E37E07DCFE89FC11ECBED73896FC978B7E1519F59318F3E24BB5C8962B0EA44889C3A81021CC9E8EAA940" - "99B9305B0F7731C27CC528CFEE710066CB69229F8AA04DBD842FA8C3143CB0EF1164E45E34B114FBA610DBDFC7453DAD995743AD1489AA131D" - "0C730163ECA7317048C1AD1008ED31A32CB773D94B5317CAAF95674582DCA1AC9FEBE02079836B52E1E3C8D39571018A7657650D52D2DF3363" - "F88A690628D64DCBECB88BBA432F27C32E7BC5BC0F1D16D0A027D1D40362F8CEDBE8BED05C2BCE96F33A75CD70014626B32E5EE81EBD3116F6" - "F1E5231B020111" - }, - { - "30820120300D06092A864886F70D01010105000382010D00308201080282010100B4D984129ECC2F4350596DD602EB5337B78E33C4D945C70C" - "2CACFF6237037BEF897D6893079D1067F07FF023D66C77BB41F6D41215C9912D995215C6F7651F1728AAB65CF20CBE81E5E7F202E474AF535E" - "92BBC386A7A496263BC4189FD9DD5E801C3023038EFE5B5DE35AA3F70C10F87259D586C36D3DF524E9DA2140C481365985AD185E1CF3E78B6B" - "82FDD274CCD1267838A0B91F9B48544AFB2C71B158A26E6154CECB43ECEE13FFBD6CA91D8D115B6B91C55F3A88E3F389E9A2AF4BC381D21F9A" - "BF2EA16F58773514249B03A4775C6A10561AFC8CF54B551A43FD014F3C5FE12D96AC5F117645E26D125DC7430114FA60577BF7C9AA1224D190" - "B2D8A83B020111" - }, - { - "30820120300D06092A864886F70D01010105000382010D00308201080282010100B4D984129ECC2F4350596DD602EB5337B78E33C4D945C70C" - "2CACFF6237037BEF897D6893079D1067F07FF023D66C77BB41F6D41215C9912D995215C6F7651F1728AAB65CF20CBE81E5E7F202E474AF535E" - "92BBC386A7A496263BC4189FD9DD5E801C3023038EFE5B5DE35AA3F70C10F87259D586C36D3DF524E9DA2140C481365985AD185E1CF3E78B6B" - "82FDD274CCD1267838A0B91F9B48544AFB2C71B158A26E6154CECB43ECEE13FFBD6CA91D8D115B6B91C55F3A88E3F389E9A2AF4BC381D21F9A" - "BF2EA16F58773514249B03A4775C6A10561AFC8CF54B551A43FD014F3C5FE12D96AC5F117645E26D125DC7430114FA60577BF7C9AA1224D190" - "B2D8A83B020111" - } +unordered_map replicaPrivKeys = { + {replica_0, "308204BA020100300D06092A864886F70D0101010500048204A4308204A00201000282010100C55B8F7979BF24B335017082BF33EE2960E3A0" + "68DCDB45CA3017214BFB3F32649400A2484E2108C7CD07AA7616290667AF7C7A1922C82B51CA01867EED9B60A57F5B6EE33783EC258B234748" + "8B0FA3F99B05CFFBB45F80960669594B58C993D07B94D9A89ED8266D9931EAE70BB5E9063DEA9EFAF744393DCD92F2F5054624AA048C7EE50B" + "EF374FCDCE1C8CEBCA1EF12AF492402A6F56DC9338834162F3773B119145BF4B72672E0CF2C7009EBC3D593DFE3715D942CA8749771B484F72" + "A2BC8C89F86DB52ECC40763B6298879DE686C9A2A78604A503609BA34B779C4F55E3BEB0C26B1F84D8FC4EB3C79693B25A77A158EF88292D4C" + "01F99EFE3CC912D09B020111028201001D05EF73BF149474B4F8AEA9D0D2EE5161126A69C6203EF8162184E586D4967833E1F9BF56C89F68AD" + "35D54D99D8DB4B7BB06C4EFD95E840BBD30C3FD7A5E890CEF6DB99E284576EEED07B6C8CEBB63B4B80DAD2311D1A706A5AC95DE768F017213B" + "896B9EE38D2E3C2CFCE5BDF51ABD27391761245CDB3DCB686F05EA2FF654FA91F89DA699F14ACFA7F0D8030F74DBFEC28D55C902A27E9C03AB" + "1CA2770EFC5BE541560D86FA376B1A688D92124496BB3E7A3B78A86EBF1B694683CDB32BC49431990A18B570C104E47AC6B0DE5616851F4309" + "CFE7D0E20B17C154A3D85F33C7791451FFF73BFC4CDC8C16387D184F42AD2A31FCF545C3F9A498FAAC6E94E902818100F40CF9152ED4854E1B" + "BF67C5EA185C52EBEA0C11875563AEE95037C2E61C8D988DDF71588A0B45C23979C5FBFD2C45F9416775E0A644CAD46792296FDC68A98148F7" + "BD3164D9A5E0D6A0C2DF0141D82D610D56CB7C53F3C674771ED9ED77C0B5BF3C936498218176DC9933F1215BC831E0D41285611F512F68327E" + "4FBD9E5C5902818100CF05519FD69D7C6B61324F0A201574C647792B80E5D4D56A51CF5988927A1D54DF9AE4EA656AE25961923A0EC046F1C5" + "69BAB53A64EB0E9F5AB2ABF1C9146935BA40F75E0EB68E0BE4BC29A5A0742B59DF5A55AB028F1CCC42243D2AEE4B74344CA33E72879EF2D1CD" + "D874A7F237202AC7EB57AEDCBD539DEFDA094476EAE613028180396C76D7CEC897D624A581D43714CA6DDD2802D6F2AAAE0B09B885974533E5" + "14D6167505C620C51EA41CA70E1D73D43AA5FA39DA81799922EB3173296109914B98B2C31AAE515434E734E28ED31E8D37DA99BA11C2E693B6" + "398570ABBF6778A33C0E40CC6007E23A15C9B1DE6233B6A25304B91053166D7490FCD26D1D8EAC5102818079C6E4B86020674E392CA6F6E5B2" + "44B0DEBFBF3CC36E232F7B6AE95F6538C5F5B0B57798F05CFD9DFD28D6DB8029BB6511046A9AD1F3AE3F9EC37433DFB1A74CC7E9FAEC08A79E" + "D9D1D8187F8B8FA107B08F7DAFE3633E1DCC8DC9A0C8689EB55A41E87F9B12347B6A06DB359D89D6AFC0E4CA2A9FF6E5E46EF8BA2845F39665" + "0281802A89B2BD4A665A0F07DCAFA6D9DB7669B1D1276FC3365173A53F0E0D5F9CB9C3E08E68503C62EA73EB8E0DA42CCF6B136BF4A85B0AC4" + "24730B4F3CAD8C31D34DD75EF2A39B6BCFE3985CCECC470CF479CF0E9B9D6C7CE1C6C70D853728925326A22352DF73B502D4D3CBC2A770DE27" + "6E1C5953DF7A9614C970C94D194CAE9188"}, + {replica_1, "308204BC020100300D06092A864886F70D0101010500048204A6308204A20201000282010100CAF26C09B1F6F056F66B54AA0EA002EA236151" + "3A721A58E44472ADE74DBD833890ED9EE8E0CFF1B84C3DFE9E6226C8CEBFFEDFE71A6BCFE5A599D02FD9940997E864D400BF440BA7B1A568A5" + "ACF7688B025B5B207E5651E597141FAEF733FA9D87732B8FBA31E082BE777AEB992B00873764655C3B1F8FBF8DD2446F4F9F79883E21DBC1A1" + "7431E42AF01B9D4DE54B9880E7FB397655C79D7C3A5981CA64A32E2F05FCF0B127F4C6D349056276992B7403D36E03D14C45B6F5F66786280C" + "921236A17EE0F311821BDF925A47DCA590BB31C60646692014317BE0DD32248DF557A77F80F336C82461B659266F74F495BA5CE194043505B5" + "F0C363263BF73BB897020111028201005F8123C853BF8028EC6EBE6E2500015F1FB55366CC48A24D4D6324A915865BDE6251B4315ABC3583E7" + "A4B40E4C4E7C9D8786FFF448AB34A84DEE079E0C096DED221154B50EB69C12ADF37C8A334740416A85580F4A82F95CFBCD3C1619FA57D1A927" + "238EEE3596D41D656705754169A90B021194D08752B47EF9899DCB1DDED5DCDDA688D9FA88F9303E99CAB040D2E47DCE866717580C2CD01DB9" + "4E8FE215EAA254432E3B399B90260255DEE7FADED4643814C0DE41DE237BBB7173CFF16AC9237AADA4595FD95EB92E30D2127C7761C6A1CD75" + "C1F12F5B92B6602E1CDC06E112321B0A41C8A102D785B7C4C7D2441DA983346B81873984DD680FB4B1C9AD7102818100D5E41BE52CECFB7405" + "01B87C631DEFB3DD855EE95553A816BE8D3DFAE200086E1C12E9FBDDD8737F2CCE2CED1D82431ADC63C1B34EA59C27E98283EB20EAF8F5A29D" + "45ACE2E5C3173F396DF4356D54F3ED0CF9BBA222E3B9194CD15F88B6AB8FAFDFACACCC97D87555CD1E864D09DF795FB8BE3F9BE2CB8E52F641" + "FCEDC8E97902818100F2E6BDF9A552D35E9F695C52343D9BBF180BBEB50F6705A7836DF1BFF6A42C2D7A000432957516B555B5E1FBAC21CED5" + "D2788036AA5AB183A5859284ED409631289F8836D240111B56D6C4953FEFBE177EA137F08ADCABD5CAD07F709E83BB29B0F55AD09E65F5C656" + "8FE166FF4BE581F4F2066025E3902819EFC2DF0FA63E8F0281803EE8BCE90D36A44F4CC44551C2CC91CB7D637644A0A022610ADE3F67E81E20" + "98DB149F2BF5F45E347696FE279F446E16F586C080081297570871AE5436DBB2A2993D50BA60DA2A5221A77AB13CE3EBCF45B885AFA8286118" + "52BC3D94919F23667F058D23C3B4309AFB1E36278011F66EFE0928E58833A547FA486DC2DC8662C902818100AB75B346CF0D49E870869B8552" + "0D5EE13E26687FCEA3130CD53E8C8780EC5B6B652D3023B4CB1F1696DABDA2979F64D32B27E208784004D565C7B2B82F006A0495255117A378" + "848BC4D3D60EFFF4862EB3BD186D8F325B2D801AB44F7EF3932C7CE96D47F75707D74C2953D03BBD1A79DA1440BC56FAFC588AC75C6138391D" + "1902818100BBC05F561AEF4BDE1ECABB5CD313E6173F5E46AC85B4462A8CA689E4E84B95E66733081518DB01714B7B18E44B780DB5A6DA2612" + "506F46E4D91C8CB582AFD54C7509C9947EC754BFDD0D35FAECE2E729DBD21A62E33C3DEF556913ECF4C8D75910E860D36AFD0977FF9114ACEA" + "8F44882259C6F1D8314B653F64F4655CFD68A6"}, + {replica_2, "308204BA020100300D06092A864886F70D0101010500048204A4308204A00201000282010100DA68B2830103028D0ECD911D20E732257F8A39" + "BC5214B670C8F1F836CD1D88E6421ABD3C47F16E37E07DCFE89FC11ECBED73896FC978B7E1519F59318F3E24BB5C8962B0EA44889C3A81021C" + "C9E8EAA94099B9305B0F7731C27CC528CFEE710066CB69229F8AA04DBD842FA8C3143CB0EF1164E45E34B114FBA610DBDFC7453DAD995743AD" + "1489AA131D0C730163ECA7317048C1AD1008ED31A32CB773D94B5317CAAF95674582DCA1AC9FEBE02079836B52E1E3C8D39571018A7657650D" + "52D2DF3363F88A690628D64DCBECB88BBA432F27C32E7BC5BC0F1D16D0A027D1D40362F8CEDBE8BED05C2BCE96F33A75CD70014626B32E5EE8" + "1EBD3116F6F1E5231B02011102820100201E749ACB716241EB96B375398B6941BFEEAE23393F480186F668444B572AB873220CC519A3812655" + "B8261AAE14DEE1C1097617F7FB2A199B0FE7783AB650B22432524731828C8F7203E9B8F08422824D43C868FE55190ED8D61CFE78EE5BE97887" + "5339CC2AF974D81AF7F32BBF361A050A165DD19E5646D9B68A02377F2FD417BE92D2722CEE33B3A0F7B111639C092B4024BB08ACEBE9F9BC28" + "C14BB611DBE627136B568493C6995D81442F09DFEFBA4378A34DEF28F3BD862F4C28BECA87A95551FC2DB48766F82752C7E8B34E8599590190" + "B12A648AC1E361FE28A3253EC615381A066BFD351C18F0B236429A950106DD4F1134A3DE6CEB1094B7CE5C7102818100EA51580294BB0FD7DA" + "FDC00364A9B3C4781F70C4BBE8BDE0D82895ADE549E25388E78A53EF83CF9A3D9528F70CB5A57A9A187D5AC68682F03B26C2F6A409E1554FED" + "061BDC944985102F2988A5A8CD639BA7890FD689D7171612159AAA818F5502EF80D5D13339826A98914A321B5B4512EC24AF3EE80F982D3418" + "0C85B3E38102818100EE9E7F43A98E593F72A584EEC014E0A46003116B82F5D3A21DAE4EB3F21FBC5B71D96E012B6F5FFBEACED4BEC6C147AA" + "AB6F9698F0592F3A8A6CD827ABF210497635639043D5F0B461E00914B152D6ECB3EFC9138A1B9FAEE09420AB9C2E1436B6AC36EEB8AD43709B" + "BFA0ED30FBF09C1A91BAB71410E49E11BE8E2A571C649B02818044EABF8849DCAA4E8BB40B4C4AC8802AB9EB212ACDDB0AAB8ADEC29C8EBB60" + "AF284419A0376300D3030DC0C121DB128D789DCA841C45AE0A6BC01B397B8A6F7371DC4D1740E051DBD79566919A2296C2F18BA0C86C46A8AC" + "6FE73387D7CBC0BEA682AD6C105A5C356AA557E8A553571450DC0ACA218F8C1DB2F1343FEB16CA71028180704A963DF57029FFBD7B11614B55" + "1E6B7879EA1479DD184C4A33E8CD26A585D0AE0BF7881470A5A3B9CABE77E50FA941419DEC8434DEACD04124297C14AE25C837A0A752F2BF07" + "DC6A4B4F91446337F6EB43A9EB13D0C39D96DC4B9C0D42DC55FB9C5615FC8DC5622B2D006F9E94AD76A31766ECBE26113B53A4F79B744998C1" + "028180124E2A5DAC7AC7017647FE1B6871484B7B38A3C060B992B871939C8A75BC35DB771F041910C0092E01B545E1910109AA827F34F56327" + "15E06819ADED60117FD8B9400C3F307EA022D5AC5394E65D28EF434DC068494D33ACF70B43791C1C13C35AC680E0038DB411ADEBBC067F477E" + "01E8CF793FB076AE47BD83B935B8041DC1"}, + {replica_3, "308204BB020100300D06092A864886F70D0101010500048204A5308204A10201000282010100B4D984129ECC2F4350596DD602EB5337B78E33" + "C4D945C70C2CACFF6237037BEF897D6893079D1067F07FF023D66C77BB41F6D41215C9912D995215C6F7651F1728AAB65CF20CBE81E5E7F202" + "E474AF535E92BBC386A7A496263BC4189FD9DD5E801C3023038EFE5B5DE35AA3F70C10F87259D586C36D3DF524E9DA2140C481365985AD185E" + "1CF3E78B6B82FDD274CCD1267838A0B91F9B48544AFB2C71B158A26E6154CECB43ECEE13FFBD6CA91D8D115B6B91C55F3A88E3F389E9A2AF4B" + "C381D21F9ABF2EA16F58773514249B03A4775C6A10561AFC8CF54B551A43FD014F3C5FE12D96AC5F117645E26D125DC7430114FA60577BF7C9" + "AA1224D190B2D8A83B020111028201004FC95FEA18E19C6176459256E32B95A7A3CDCB8B8D08322B04A6ACE790BDC5BC806C087D19F2782DDB" + "0B444C0BC6710ED9564E8073061A66F0D163F5E59D8DB764C3C8ECC523BD758B13815BA1064D597C8C078AF7A450241FED30DDAFEF2CF4FC48" + "ABD336469D648B4DB70C1A2AF86D9BDC56AC6546C882BD763A963329844BF0E8C79E5E7A5C227A1CDB8473965090084BEAC728E4F86670BAE0" + "5DA589FAE1EBC98A26BF207261EECE5A92759DE516306B0B2F715370586EF45447F82CC37206F70D762AAB75215482A67FE6742E9D644AB765" + "4F02476EAE15A742FCB2266DAE437DC76FB17E1698D4987945C779A4B89F5FB3F5E1B194EFA4024BA3797F2502818100E2BDA6F0031EAA027B" + "1E8099D9D2CF408B8C9D83A22BFBAAD3BCFA952469A001C25E5E2E89DAF28636633E8D7C5E1E5FD8384767DB5B384DAB38147EA46871D5E31E" + "DC110026E42E90C44F02110A369ACF0445C617CC25CD1207F116B9AF2FA78A89E6C6345EAFD0607CB145410DD6619AC0C034B54283A0065B93" + "3550B8DACF02818100CC2FDB49EB3E45DB2EB644048C3C35E3BB50980453DB8EB54DD5595CA2DBC43A2F2912D0F696E6126AFBF5D7777BABB2" + "6AC931030B8896343BC19EA30B8EEBFECE2617A2564B3D66E29DF66708254877CC33E699501A2BA4D0D7D02F068B1DCF6C7A0794F24BEE83BE" + "2E8453D3E436C3B59D2D9BEEB5B38541EF170544EA46D502818100AD63DA02D5359110F4BCF8EE1F0A9E7CA6F30F0A4ED6570A29726544DF9C" + "10F2495738F6696B31EE29972FD59B57082B2CDFBE223E54D0B3DD49009D144FDE94808102A396B454239BE169982B25ED85712162886C8D0D" + "D90DC9D67ACA3AABF8971E28F1EBCFEFDB95140F16D764EF3B947547AFD5E791D4B9915274108D5C07028180300B42A7FB1DB61574671F1020" + "FF1BBD1D03E7888C33A91B99D7D8CA80AC2E2BCEDC7CE5DFAB08F546596705858682C09198C03CF3A7AADF1D1E7FADE49A196921725FE9F62F" + "D236537076365C4501FE11EE182412D8FB35D6C95E292EB7524EEC58F2B9A26C381EFF92797D22CC491EFD8E6515A1942A3D78ECF65B97BEA7" + "410281806625E51F70BB9E00D0260941C56B22CDCECC7EA6DBC2C28A1CDA0E1AFAACD39C5E962E40FCFC0F5BBA57A7291A1BDC5D3D29495B45" + "CE2B3BEC7748E6C351FF934537BCA246CA36B840CF68BE6D473F7EE079B0EFDFF6B1BB554B06093E18B269FC3BD3F9876376CA7C673A93F142" + "7088BF0990AB8E232F269B5DBCD446385A66"}, + {replica_4, "308204BB020100300D06092A864886F70D0101010500048204A5308204A10201000282010100B4D984129ECC2F4350596DD602EB5337B78E33" + "C4D945C70C2CACFF6237037BEF897D6893079D1067F07FF023D66C77BB41F6D41215C9912D995215C6F7651F1728AAB65CF20CBE81E5E7F202" + "E474AF535E92BBC386A7A496263BC4189FD9DD5E801C3023038EFE5B5DE35AA3F70C10F87259D586C36D3DF524E9DA2140C481365985AD185E" + "1CF3E78B6B82FDD274CCD1267838A0B91F9B48544AFB2C71B158A26E6154CECB43ECEE13FFBD6CA91D8D115B6B91C55F3A88E3F389E9A2AF4B" + "C381D21F9ABF2EA16F58773514249B03A4775C6A10561AFC8CF54B551A43FD014F3C5FE12D96AC5F117645E26D125DC7430114FA60577BF7C9" + "AA1224D190B2D8A83B020111028201004FC95FEA18E19C6176459256E32B95A7A3CDCB8B8D08322B04A6ACE790BDC5BC806C087D19F2782DDB" + "0B444C0BC6710ED9564E8073061A66F0D163F5E59D8DB764C3C8ECC523BD758B13815BA1064D597C8C078AF7A450241FED30DDAFEF2CF4FC48" + "ABD336469D648B4DB70C1A2AF86D9BDC56AC6546C882BD763A963329844BF0E8C79E5E7A5C227A1CDB8473965090084BEAC728E4F86670BAE0" + "5DA589FAE1EBC98A26BF207261EECE5A92759DE516306B0B2F715370586EF45447F82CC37206F70D762AAB75215482A67FE6742E9D644AB765" + "4F02476EAE15A742FCB2266DAE437DC76FB17E1698D4987945C779A4B89F5FB3F5E1B194EFA4024BA3797F2502818100E2BDA6F0031EAA027B" + "1E8099D9D2CF408B8C9D83A22BFBAAD3BCFA952469A001C25E5E2E89DAF28636633E8D7C5E1E5FD8384767DB5B384DAB38147EA46871D5E31E" + "DC110026E42E90C44F02110A369ACF0445C617CC25CD1207F116B9AF2FA78A89E6C6345EAFD0607CB145410DD6619AC0C034B54283A0065B93" + "3550B8DACF02818100CC2FDB49EB3E45DB2EB644048C3C35E3BB50980453DB8EB54DD5595CA2DBC43A2F2912D0F696E6126AFBF5D7777BABB2" + "6AC931030B8896343BC19EA30B8EEBFECE2617A2564B3D66E29DF66708254877CC33E699501A2BA4D0D7D02F068B1DCF6C7A0794F24BEE83BE" + "2E8453D3E436C3B59D2D9BEEB5B38541EF170544EA46D502818100AD63DA02D5359110F4BCF8EE1F0A9E7CA6F30F0A4ED6570A29726544DF9C" + "10F2495738F6696B31EE29972FD59B57082B2CDFBE223E54D0B3DD49009D144FDE94808102A396B454239BE169982B25ED85712162886C8D0D" + "D90DC9D67ACA3AABF8971E28F1EBCFEFDB95140F16D764EF3B947547AFD5E791D4B9915274108D5C07028180300B42A7FB1DB61574671F1020" + "FF1BBD1D03E7888C33A91B99D7D8CA80AC2E2BCEDC7CE5DFAB08F546596705858682C09198C03CF3A7AADF1D1E7FADE49A196921725FE9F62F" + "D236537076365C4501FE11EE182412D8FB35D6C95E292EB7524EEC58F2B9A26C381EFF92797D22CC491EFD8E6515A1942A3D78ECF65B97BEA7" + "410281806625E51F70BB9E00D0260941C56B22CDCECC7EA6DBC2C28A1CDA0E1AFAACD39C5E962E40FCFC0F5BBA57A7291A1BDC5D3D29495B45" + "CE2B3BEC7748E6C351FF934537BCA246CA36B840CF68BE6D473F7EE079B0EFDFF6B1BB554B06093E18B269FC3BD3F9876376CA7C673A93F142" + "7088BF0990AB8E232F269B5DBCD446385A66"} +}; + +unordered_map replicaPubKeys = { + {replica_0, "30820120300D06092A864886F70D01010105000382010D00308201080282010100C55B8F7979BF24B335017082BF33EE2960E3A068DCDB45CA" + "3017214BFB3F32649400A2484E2108C7CD07AA7616290667AF7C7A1922C82B51CA01867EED9B60A57F5B6EE33783EC258B2347488B0FA3F99B" + "05CFFBB45F80960669594B58C993D07B94D9A89ED8266D9931EAE70BB5E9063DEA9EFAF744393DCD92F2F5054624AA048C7EE50BEF374FCDCE" + "1C8CEBCA1EF12AF492402A6F56DC9338834162F3773B119145BF4B72672E0CF2C7009EBC3D593DFE3715D942CA8749771B484F72A2BC8C89F8" + "6DB52ECC40763B6298879DE686C9A2A78604A503609BA34B779C4F55E3BEB0C26B1F84D8FC4EB3C79693B25A77A158EF88292D4C01F99EFE3C" + "C912D09B020111"}, + {replica_1, "30820120300D06092A864886F70D01010105000382010D00308201080282010100CAF26C09B1F6F056F66B54AA0EA002EA2361513A721A58E4" + "4472ADE74DBD833890ED9EE8E0CFF1B84C3DFE9E6226C8CEBFFEDFE71A6BCFE5A599D02FD9940997E864D400BF440BA7B1A568A5ACF7688B02" + "5B5B207E5651E597141FAEF733FA9D87732B8FBA31E082BE777AEB992B00873764655C3B1F8FBF8DD2446F4F9F79883E21DBC1A17431E42AF0" + "1B9D4DE54B9880E7FB397655C79D7C3A5981CA64A32E2F05FCF0B127F4C6D349056276992B7403D36E03D14C45B6F5F66786280C921236A17E" + "E0F311821BDF925A47DCA590BB31C60646692014317BE0DD32248DF557A77F80F336C82461B659266F74F495BA5CE194043505B5F0C363263B" + "F73BB897020111"}, + {replica_2, "30820120300D06092A864886F70D01010105000382010D00308201080282010100DA68B2830103028D0ECD911D20E732257F8A39BC5214B670" + "C8F1F836CD1D88E6421ABD3C47F16E37E07DCFE89FC11ECBED73896FC978B7E1519F59318F3E24BB5C8962B0EA44889C3A81021CC9E8EAA940" + "99B9305B0F7731C27CC528CFEE710066CB69229F8AA04DBD842FA8C3143CB0EF1164E45E34B114FBA610DBDFC7453DAD995743AD1489AA131D" + "0C730163ECA7317048C1AD1008ED31A32CB773D94B5317CAAF95674582DCA1AC9FEBE02079836B52E1E3C8D39571018A7657650D52D2DF3363" + "F88A690628D64DCBECB88BBA432F27C32E7BC5BC0F1D16D0A027D1D40362F8CEDBE8BED05C2BCE96F33A75CD70014626B32E5EE81EBD3116F6" + "F1E5231B020111"}, + {replica_3, "30820120300D06092A864886F70D01010105000382010D00308201080282010100B4D984129ECC2F4350596DD602EB5337B78E33C4D945C70C" + "2CACFF6237037BEF897D6893079D1067F07FF023D66C77BB41F6D41215C9912D995215C6F7651F1728AAB65CF20CBE81E5E7F202E474AF535E" + "92BBC386A7A496263BC4189FD9DD5E801C3023038EFE5B5DE35AA3F70C10F87259D586C36D3DF524E9DA2140C481365985AD185E1CF3E78B6B" + "82FDD274CCD1267838A0B91F9B48544AFB2C71B158A26E6154CECB43ECEE13FFBD6CA91D8D115B6B91C55F3A88E3F389E9A2AF4BC381D21F9A" + "BF2EA16F58773514249B03A4775C6A10561AFC8CF54B551A43FD014F3C5FE12D96AC5F117645E26D125DC7430114FA60577BF7C9AA1224D190" + "B2D8A83B020111"}, + {replica_4, "30820120300D06092A864886F70D01010105000382010D00308201080282010100B4D984129ECC2F4350596DD602EB5337B78E33C4D945C70C" + "2CACFF6237037BEF897D6893079D1067F07FF023D66C77BB41F6D41215C9912D995215C6F7651F1728AAB65CF20CBE81E5E7F202E474AF535E" + "92BBC386A7A496263BC4189FD9DD5E801C3023038EFE5B5DE35AA3F70C10F87259D586C36D3DF524E9DA2140C481365985AD185E1CF3E78B6B" + "82FDD274CCD1267838A0B91F9B48544AFB2C71B158A26E6154CECB43ECEE13FFBD6CA91D8D115B6B91C55F3A88E3F389E9A2AF4BC381D21F9A" + "BF2EA16F58773514249B03A4775C6A10561AFC8CF54B551A43FD014F3C5FE12D96AC5F117645E26D125DC7430114FA60577BF7C9AA1224D190" + "B2D8A83B020111"}, + {replica_5, "30820120300D06092A864886F70D01010105000382010D00308201080282010100B4D984129ECC2F4350596DD602EB5337B78E33C4D945C70C" + "2CACFF6237037BEF897D6893079D1067F07FF023D66C77BB41F6D41215C9912D995215C6F7651F1728AAB65CF20CBE81E5E7F202E474AF535E" + "92BBC386A7A496263BC4189FD9DD5E801C3023038EFE5B5DE35AA3F70C10F87259D586C36D3DF524E9DA2140C481365985AD185E1CF3E78B6B" + "82FDD274CCD1267838A0B91F9B48544AFB2C71B158A26E6154CECB43ECEE13FFBD6CA91D8D115B6B91C55F3A88E3F389E9A2AF4BC381D21F9A" + "BF2EA16F58773514249B03A4775C6A10561AFC8CF54B551A43FD014F3C5FE12D96AC5F117645E26D125DC7430114FA60577BF7C9AA1224D190" + "B2D8A83B020111"} }; #elif USE_EDDSA_OPENSSL -const vector privateKeys = { - {"61498efe1764b89357a02e2887d224154006ceacf26269f8695a4af561453eef"}, - {"247a74ab3620ec6b9f5feab9ee1f86521da3fa2804ad45bb5bf2c5b21ef105bc"}, - {"fb539bc3d66deda55524d903da26dbec1f4b6abf41ec5db521e617c64eb2c341"}, - {"55ea66e855b83ec4a02bd8fcce6bb4426ad3db2a842fa2a2a6777f13e40a4717"}, - {"f2f3d43da68329bfe31419636072e27cfd1a8fff259be4bfada667080eb00556"} +unordered_map replicaPrivKeys = { + {replica_0, "61498efe1764b89357a02e2887d224154006ceacf26269f8695a4af561453eef"}, + {replica_1, "247a74ab3620ec6b9f5feab9ee1f86521da3fa2804ad45bb5bf2c5b21ef105bc"}, + {replica_2, "fb539bc3d66deda55524d903da26dbec1f4b6abf41ec5db521e617c64eb2c341"}, + {replica_3, "55ea66e855b83ec4a02bd8fcce6bb4426ad3db2a842fa2a2a6777f13e40a4717"}, + {replica_4, "f2f3d43da68329bfe31419636072e27cfd1a8fff259be4bfada667080eb00556"} }; -const vector publicKeys = { - {"386f4fb049a5d8bb0706d3793096c8f91842ce380dfc342a2001d50dfbc901f4"}, - {"3f9e7dbde90477c24c1bacf14e073a356c1eca482d352d9cc0b16560a4e7e469"}, - {"2311c6013ff657844669d8b803b2e1ed33fe06eed445f966a800a8fbb8d790e8"}, - {"1ba7449655784fc9ce193a7887de1e4d3d35f7c82b802440c4f28bf678a34b34"}, - {"c426c524c92ad9d0b740f68ee312abf0298051a7e0364a867b940e9693ae6095"} +unordered_map replicaPubKeys = { + {replica_0, "386f4fb049a5d8bb0706d3793096c8f91842ce380dfc342a2001d50dfbc901f4"}, + {replica_1, "3f9e7dbde90477c24c1bacf14e073a356c1eca482d352d9cc0b16560a4e7e469"}, + {replica_2, "2311c6013ff657844669d8b803b2e1ed33fe06eed445f966a800a8fbb8d790e8"}, + {replica_3, "1ba7449655784fc9ce193a7887de1e4d3d35f7c82b802440c4f28bf678a34b34"}, + {replica_4, "c426c524c92ad9d0b740f68ee312abf0298051a7e0364a867b940e9693ae6095"} }; #endif // clang-format on @@ -350,17 +337,16 @@ void setUpConfiguration_4() { replicaConfig.numOfExternalClients = 15; replicaConfig.clientBatchingEnabled = true; - replicaConfig.publicKeysOfReplicas.insert(pair(replica_0, publicKeys[replica_0])); - replicaConfig.publicKeysOfReplicas.insert(pair(replica_1, publicKeys[replica_1])); - replicaConfig.publicKeysOfReplicas.insert(pair(replica_2, publicKeys[replica_2])); - replicaConfig.publicKeysOfReplicas.insert(pair(replica_3, publicKeys[replica_3])); - replicaConfig.replicaPrivateKey = privateKeys[0]; + for (NodeIdType i = replica_0; i <= replica_3; ++i) { + replicaConfig.publicKeysOfReplicas.insert(pair(i, replicaPubKeys[i])); + } + replicaConfig.replicaPrivateKey = replicaPrivKeys[replica_0]; for (auto i = 0; i < replicaConfig.numReplicas; i++) { replicaConfig.replicaId = i; replicasInfo[i] = std::make_unique(replicaConfig, true, true); sigManager[i].reset(SigManager::initInTesting(i, - privateKeys[i], + replicaPrivKeys[i], replicaConfig.publicKeysOfReplicas, concord::util::crypto::KeyFormat::HexaDecimalStrippedFormat, nullptr, @@ -376,8 +362,8 @@ void setUpConfiguration_7() { replicaConfig.numReplicas = numOfReplicas_7; replicaConfig.fVal = fVal_7; - replicaConfig.publicKeysOfReplicas.insert(pair(replica_4, publicKeys[4])); - replicaConfig.replicaPrivateKey = privateKeys[4]; + replicaConfig.publicKeysOfReplicas.insert(pair(replica_4, replicaPubKeys[replica_4])); + replicaConfig.replicaPrivateKey = replicaPrivKeys[replica_4]; } void setUpCommunication() { diff --git a/bftengine/tests/SigManager/SigManager_test.cpp b/bftengine/tests/SigManager/SigManager_test.cpp index 953ed31003..4873047130 100644 --- a/bftengine/tests/SigManager/SigManager_test.cpp +++ b/bftengine/tests/SigManager/SigManager_test.cpp @@ -34,8 +34,8 @@ constexpr size_t RANDOM_DATA_SIZE = 1000U; std::default_random_engine generator; -using concord::util::signerverifier::TransactionSigner; -using concord::util::signerverifier::TransactionVerifier; +using concord::signerverifier::TransactionSigner; +using concord::signerverifier::TransactionVerifier; #ifdef USE_CRYPTOPP constexpr char ALGO_NAME[] = "rsa"; diff --git a/bftengine/tests/clientsManager/ClientsManager_test.cpp b/bftengine/tests/clientsManager/ClientsManager_test.cpp index c18642da13..36b890d1fe 100644 --- a/bftengine/tests/clientsManager/ClientsManager_test.cpp +++ b/bftengine/tests/clientsManager/ClientsManager_test.cpp @@ -43,12 +43,12 @@ using std::unique_ptr; using std::vector; #ifdef USE_CRYPTOPP -using concord::util::cryptopp_utils::Crypto; +using concord::crypto::cryptopp::Crypto; #elif USE_EDDSA_OPENSSL -using concord::util::openssl_utils::Crypto; +using concord::crypto::openssl::Crypto; #endif -using concord::util::signerverifier::TransactionSigner; +using concord::signerverifier::TransactionSigner; // Testing values to be used for certain Concord-BFT configuration that ClientsManager and/or its dependencies may // reference. diff --git a/client/bftclient/src/bft_client.cpp b/client/bftclient/src/bft_client.cpp index 6f383fd91c..2c40370c56 100644 --- a/client/bftclient/src/bft_client.cpp +++ b/client/bftclient/src/bft_client.cpp @@ -23,7 +23,7 @@ using namespace concord::secretsmanager; using namespace bftEngine; using namespace bftEngine::impl; using concord::util::crypto::KeyFormat; -using concord::util::signerverifier::TransactionSigner; +using concord::signerverifier::TransactionSigner; namespace bft::client { diff --git a/client/bftclient/test/bft_client_api_tests.cpp b/client/bftclient/test/bft_client_api_tests.cpp index c348825eab..370434dab2 100644 --- a/client/bftclient/test/bft_client_api_tests.cpp +++ b/client/bftclient/test/bft_client_api_tests.cpp @@ -43,7 +43,7 @@ using namespace bftEngine; using namespace placeholders; using namespace concord::secretsmanager; using concord::util::crypto::KeyFormat; -using concord::util::signerverifier::TransactionVerifier; +using concord::signerverifier::TransactionVerifier; using namespace CryptoPP; using ReplicaId_t = bft::client::ReplicaId; diff --git a/client/reconfiguration/src/default_handlers.cpp b/client/reconfiguration/src/default_handlers.cpp index 4a8fc20a84..1a8b879858 100644 --- a/client/reconfiguration/src/default_handlers.cpp +++ b/client/reconfiguration/src/default_handlers.cpp @@ -23,6 +23,9 @@ namespace fs = std::experimental::filesystem; namespace concord::client::reconfiguration::handlers { +using concord::crypto::cryptopp::Crypto; +using concord::crypto::openssl::CertificateUtils; + template bool validateInputState(const State& state, std::optional init_block = std::nullopt) { concord::messages::ClientStateReply crep; @@ -65,14 +68,13 @@ void ClientTlsKeyExchangeHandler::exchangeTlsKeys(const std::string& pkey_path, const std::string& cert_path, const uint64_t blockid) { // Generate new key pair - auto new_cert_keys = concord::util::cryptopp_utils::Crypto::instance().generateECDSAKeyPair( - concord::util::crypto::KeyFormat::PemFormat, concord::util::crypto::CurveType::secp384r1); + auto new_cert_keys = Crypto::instance().generateECDSAKeyPair(concord::util::crypto::KeyFormat::PemFormat, + concord::util::crypto::CurveType::secp384r1); std::string master_key = sm_->decryptFile(master_key_path_).value_or(std::string()); if (master_key.empty()) master_key = psm_.decryptFile(master_key_path_).value_or(std::string()); if (master_key.empty()) LOG_FATAL(getLogger(), "unable to read the node master key"); - auto cert = concord::util::openssl_utils::CertificateUtils::generateSelfSignedCert( - cert_path, new_cert_keys.second, master_key); + auto cert = CertificateUtils::generateSelfSignedCert(cert_path, new_cert_keys.second, master_key); sm_->encryptFile(pkey_path, new_cert_keys.first); psm_.encryptFile(cert_path, cert); @@ -152,9 +154,9 @@ bool ClientMasterKeyExchangeHandler::validate(const State& state) const { bool ClientMasterKeyExchangeHandler::execute(const State& state, WriteState& out) { LOG_INFO(getLogger(), "execute transaction signing key exchange request"); // Generate new key pair - auto hex_keys = concord::util::cryptopp_utils::Crypto::instance().generateRsaKeyPair( - 2048, concord::util::crypto::KeyFormat::HexaDecimalStrippedFormat); - auto pem_keys = concord::util::cryptopp_utils::Crypto::instance().RsaHexToPem(hex_keys); + auto hex_keys = + Crypto::instance().generateRsaKeyPair(2048, concord::util::crypto::KeyFormat::HexaDecimalStrippedFormat); + auto pem_keys = Crypto::instance().RsaHexToPem(hex_keys); concord::messages::ReconfigurationRequest rreq; concord::messages::ClientExchangePublicKey creq; diff --git a/communication/src/AsyncTlsConnection.cpp b/communication/src/AsyncTlsConnection.cpp index 50d5b30ec7..cefe382799 100644 --- a/communication/src/AsyncTlsConnection.cpp +++ b/communication/src/AsyncTlsConnection.cpp @@ -31,6 +31,9 @@ namespace bft::communication::tls { +using concord::crypto::cryptopp::Crypto; +using concord::crypto::openssl::CertificateUtils; + void AsyncTlsConnection::startReading() { auto self = shared_from_this(); asio::post(strand_, [this, self] { readMsgSizeHeader(); }); @@ -430,7 +433,7 @@ std::pair AsyncTlsConnection::checkCertificate(X509* received_cer uint32_t peerId = UINT32_MAX; std::string conn_type; // (1) First, try to verify the certificate against the latest saved certificate - bool res = concord::util::openssl_utils::CertificateUtils::verifyCertificate( + bool res = CertificateUtils::verifyCertificate( received_cert, config_.certificatesRootPath_, peerId, conn_type, config_.useUnifiedCertificates_); if (expected_peer_id.has_value() && peerId != expected_peer_id.value()) return std::make_pair(false, peerId); if (res) return std::make_pair(res, peerId); @@ -439,14 +442,12 @@ std::pair AsyncTlsConnection::checkCertificate(X509* received_cer "public key"); std::string pem_pub_key = StateControl::instance().getPeerPubKey(peerId); if (pem_pub_key.empty()) return std::make_pair(false, peerId); - if (concord::util::cryptopp_utils::Crypto::instance().getFormat(pem_pub_key) != - concord::util::crypto::KeyFormat::PemFormat) { - pem_pub_key = concord::util::cryptopp_utils::Crypto::instance() - .RsaHexToPem(std::make_pair("", StateControl::instance().getPeerPubKey(peerId))) - .second; + if (Crypto::instance().getFormat(pem_pub_key) != concord::util::crypto::KeyFormat::PemFormat) { + pem_pub_key = + Crypto::instance().RsaHexToPem(std::make_pair("", StateControl::instance().getPeerPubKey(peerId))).second; } // (2) Try to validate the certificate against the peer's public key - res = concord::util::openssl_utils::CertificateUtils::verifyCertificate(received_cert, pem_pub_key); + res = CertificateUtils::verifyCertificate(received_cert, pem_pub_key); if (!res) return std::make_pair(false, peerId); // (3) If valid, exchange the stored certificate diff --git a/kvbc/src/pruning_handler.cpp b/kvbc/src/pruning_handler.cpp index cfe46797f5..d4edf92f36 100644 --- a/kvbc/src/pruning_handler.cpp +++ b/kvbc/src/pruning_handler.cpp @@ -21,8 +21,8 @@ namespace concord::kvbc::pruning { using concord::util::crypto::KeyFormat; -using concord::util::signerverifier::TransactionSigner; -using concord::util::signerverifier::TransactionVerifier; +using concord::signerverifier::TransactionSigner; +using concord::signerverifier::TransactionVerifier; void PruningSigner::sign(concord::messages::LatestPrunableBlock& block) { std::ostringstream oss; diff --git a/kvbc/src/reconfiguration_kvbc_handler.cpp b/kvbc/src/reconfiguration_kvbc_handler.cpp index 07141c17f4..ec09f994ad 100644 --- a/kvbc/src/reconfiguration_kvbc_handler.cpp +++ b/kvbc/src/reconfiguration_kvbc_handler.cpp @@ -34,6 +34,7 @@ namespace concord::kvbc::reconfiguration { +using concord::crypto::cryptopp::Crypto; using bftEngine::impl::DbCheckpointManager; using bftEngine::impl::SigManager; using concord::kvbc::KvbAppFilter; @@ -1247,7 +1248,7 @@ bool InternalPostKvReconfigurationHandler::handle(const concord::messages::Clien } std::string path = bftEngine::ReplicaConfig::instance().clientsKeysPrefix + "/" + std::to_string(group_id) + "/transaction_signing_pub.pem"; - auto pem_key = concord::util::cryptopp_utils::Crypto::instance().RsaHexToPem(std::make_pair("", command.pub_key)); + auto pem_key = Crypto::instance().RsaHexToPem(std::make_pair("", command.pub_key)); concord::secretsmanager::SecretsManagerPlain sm; sm.encryptFile(path, pem_key.second); LOG_INFO(getLogger(), KVLOG(path, pem_key.second, sender_id)); diff --git a/kvbc/tools/db_editor/include/kv_blockchain_db_editor.hpp b/kvbc/tools/db_editor/include/kv_blockchain_db_editor.hpp index 988f3d0de6..1fbb50e51b 100644 --- a/kvbc/tools/db_editor/include/kv_blockchain_db_editor.hpp +++ b/kvbc/tools/db_editor/include/kv_blockchain_db_editor.hpp @@ -30,7 +30,7 @@ #include "bcstatetransfer/SimpleBCStateTransfer.hpp" #include "bftengine/PersistentStorageImp.hpp" #include "bftengine/DbMetadataStorage.hpp" -#include "cryptopp_utils.hpp" +#include "sign_verify_utils.hpp" #include "json_output.hpp" #include "bftengine/ReplicaSpecificInfoManager.hpp" @@ -44,6 +44,7 @@ namespace concord::kvbc::tools::db_editor { using namespace categorization; +using concord::signerverifier::TransactionVerifier; inline const auto kToolName = "kv_blockchain_db_editor"s; inline KeyValueBlockchain getAdapter(const std::string &path, const bool read_only = false) { @@ -353,7 +354,7 @@ struct VerifyBlockRequests { out << "\t\t\"signature_digest\": \"" << hex_digest << "\",\n"; out << "\t\t\"persistency_type\": \"" << persistencyType(req.requestPersistencyType) << "\",\n"; std::string verification_result; - auto verifier = std::make_unique( + auto verifier = std::make_unique( client_keys.ids_to_keys[req.clientId].key, (concord::util::crypto::KeyFormat)client_keys.ids_to_keys[req.clientId].format); @@ -1036,7 +1037,6 @@ struct VerifyDbCheckpoint { using CheckpointDesc = bftEngine::bcst::impl::DataStore::CheckpointDesc; using BlockHashData = std::tuple; // using IVerifier = concord::util::cryptointerface::IVerifier; - using RSAVerifier = concord::util::cryptopp_utils::RSAVerifier; using KeyFormat = concord::util::crypto::KeyFormat; using ReplicaId = uint16_t; const bool read_only = true; @@ -1084,7 +1084,7 @@ struct VerifyDbCheckpoint { auto format = cmd.format; transform(format.begin(), format.end(), format.begin(), ::tolower); auto key_format = ((format == "hex") ? KeyFormat::HexaDecimalStrippedFormat : KeyFormat::PemFormat); - replica_keys.emplace(repId, std::make_unique(cmd.key, key_format)); + replica_keys.emplace(repId, std::make_unique(cmd.key, key_format)); }, *val); } diff --git a/kvbc/tools/object_store_utility/integrity_checker.cpp b/kvbc/tools/object_store_utility/integrity_checker.cpp index f081ea815e..dbfc73057b 100644 --- a/kvbc/tools/object_store_utility/integrity_checker.cpp +++ b/kvbc/tools/object_store_utility/integrity_checker.cpp @@ -37,13 +37,18 @@ void IntegrityChecker::initKeysConfig(const fs::path& keys_file) { config.fVal = parser.get_value("f_val"); config.cVal = parser.get_value("c_val"); config.publicKeysOfReplicas.clear(); - auto rsaPublicKeys = parser.get_values("rsa_public_keys"); - if (rsaPublicKeys.size() < config.numReplicas) +#ifdef USE_CRYPTOPP + auto txnSignerPublicKeys = parser.get_values("rsa_public_keys"); +#elif USE_EDDSA_OPENSSL + auto txnSignerPublicKeys = parser.get_values("eddsa_public_keys"); +#endif + + if (txnSignerPublicKeys.size() < config.numReplicas) throw std::runtime_error("number of replicas and number of replicas don't match: " + keys_file.string()); for (size_t i = 0; i < config.numReplicas; ++i) - config.publicKeysOfReplicas.insert(std::pair(i, rsaPublicKeys[i])); + config.publicKeysOfReplicas.insert(std::pair(i, txnSignerPublicKeys[i])); config.replicaId = config.numReplicas; // "my" replica id shouldn't match one of the regular replicas diff --git a/reconfiguration/src/reconfiguration_handler.cpp b/reconfiguration/src/reconfiguration_handler.cpp index 295587bb8b..2025475a33 100644 --- a/reconfiguration/src/reconfiguration_handler.cpp +++ b/reconfiguration/src/reconfiguration_handler.cpp @@ -28,11 +28,11 @@ using namespace concord::messages; using concord::util::crypto::KeyFormat; #if USE_CRYPTOPP -using concord::util::cryptopp_utils::ECDSAVerifier; +using concord::crypto::cryptopp::ECDSAVerifier; #else #include "openssl_utils.hpp" -using concord::util::openssl_utils::EdDSAVerifier; +using concord::crypto::openssl::EdDSAVerifier; #endif namespace concord::reconfiguration { diff --git a/tests/apollo/util/bft.py b/tests/apollo/util/bft.py index f23d22d5fc..da38c6bd99 100644 --- a/tests/apollo/util/bft.py +++ b/tests/apollo/util/bft.py @@ -503,16 +503,30 @@ def _generate_operator_keys(self): if self.builddir is None: return with open(self.builddir + "/operator_pub.pem", 'w') as f: + # EdDSA public key. + f.write("-----BEGIN PUBLIC KEY-----\n" + "MCowBQYDK2VwAyEAq6x6mTckhvzscZmDtRAwgneYpIE3sqkdLdaZ4B5JBbw=\n" + "-----END PUBLIC KEY-----") + """ + # ECDSA public key. f.write("-----BEGIN PUBLIC KEY-----\n" "MFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAENEMHcbJgnnYxfa1zDlIF7lzp/Ioa" "NfwGuJpAg84an5FdPALwZwBp/m/X3d8kwmfZEytqt2PGMNhHMkovIaRI1A==\n" "-----END PUBLIC KEY-----") + """ with open(self.builddir + "/operator_priv.pem", 'w') as f: + # EdDSA private key. + f.write("-----BEGIN PRIVATE KEY-----\n" + "MC4CAQAwBQYDK2VwBCIEIIIyaCtHzqPqMdvvcTIp+ZtOGccurc7e8qMPs8+jt0xo\n" + "-----END PRIVATE KEY-----") + """ + # ECDSA private key. f.write("-----BEGIN EC PRIVATE KEY-----\n" "MHcCAQEEIEWf8ZTkCWbdA9WrMSNGCC7GQxvSXiDlU6dlZAi6JaCboAoGCCqGSM49" "AwEHoUQDQgAENEMHcbJgnnYxfa1zDlIF7lzp/IoaNfwGuJpAg84an5FdPALwZwBp" "/m/X3d8kwmfZEytqt2PGMNhHMkovIaRI1A==\n" "-----END EC PRIVATE KEY-----") + """ def generate_tls_certs(self, num_to_generate, start_index=0): """ diff --git a/tests/apollo/util/operator.py b/tests/apollo/util/operator.py index 6ec8f65c78..721654b36c 100644 --- a/tests/apollo/util/operator.py +++ b/tests/apollo/util/operator.py @@ -20,24 +20,37 @@ sys.path.append(os.path.abspath("../../util/pyclient")) +from cryptography.hazmat.primitives import serialization + import bft_client -from ecdsa import SigningKey -from ecdsa import SECP256k1 -import hashlib +#from ecdsa import SigningKey +#from ecdsa import SECP256k1 +#import hashlib import util.eliot_logging as log - class Operator: def __init__(self, config, client, priv_key_dir): self.config = config self.client = client - with open(priv_key_dir + "/operator_priv.pem") as f: - self.private_key = SigningKey.from_pem(f.read(), hashlib.sha256) - def _sign_reconf_msg(self, msg): - return self.private_key.sign_deterministic(msg.serialize()) + # Read ECDSA signing key. + # with open(priv_key_dir + "/operator_priv.pem") as f: + # self.private_key = SigningKey.from_pem(f.read(), hashlib.sha256) + # Read EdDSA signing key. + txn_signing_key_path = priv_key_dir + "/operator_priv.pem" + if txn_signing_key_path: + with open(txn_signing_key_path, 'rb') as f: + self.private_key = serialization.load_pem_private_key(f.read(), password=None) + + def _sign_reconf_msg(self, msg): + signature = b'' + if self.private_key: + signature = self.private_key.sign(bytes(msg.serialize())) + return signature + # Return ECDSA signature. + # return self.private_key.sign_deterministic(msg.serialize()) def _construct_basic_reconfiguration_request(self, command): reconf_msg = cmf_msgs.ReconfigurationRequest() @@ -49,10 +62,10 @@ def _construct_basic_reconfiguration_request(self, command): return reconf_msg def _construct_reconfiguration_wedge_command(self): - wedge_cmd = cmf_msgs.WedgeCommand() - wedge_cmd.sender = 1000 - wedge_cmd.noop = False - return self._construct_basic_reconfiguration_request(wedge_cmd) + wedge_cmd = cmf_msgs.WedgeCommand() + wedge_cmd.sender = 1000 + wedge_cmd.noop = False + return self._construct_basic_reconfiguration_request(wedge_cmd) def _construct_reconfiguration_latest_prunebale_block_command(self): lpab_cmd = cmf_msgs.LatestPrunableBlockRequest() diff --git a/tools/GenerateConcordKeys.cpp b/tools/GenerateConcordKeys.cpp index 6798a1389f..800c29f8cf 100644 --- a/tools/GenerateConcordKeys.cpp +++ b/tools/GenerateConcordKeys.cpp @@ -24,7 +24,7 @@ #include "KeyfileIOUtils.hpp" #include "openssl_utils.hpp" -using concord::util::openssl_utils::Crypto; +using concord::crypto::openssl::Crypto; // Helper functions and static state to this executable's main function. diff --git a/tools/TestGeneratedKeys.cpp b/tools/TestGeneratedKeys.cpp index b76e0743ea..eb78980fa4 100644 --- a/tools/TestGeneratedKeys.cpp +++ b/tools/TestGeneratedKeys.cpp @@ -21,8 +21,8 @@ #include "KeyfileIOUtils.hpp" #include "sign_verify_utils.hpp" -using concord::util::signerverifier::TransactionSigner; -using concord::util::signerverifier::TransactionVerifier; +using concord::signerverifier::TransactionSigner; +using concord::signerverifier::TransactionVerifier; using concord::util::crypto::KeyFormat; // How often to output status when testing cryptosystems, measured as an diff --git a/util/bench/benchmarkSignVerify.cpp b/util/bench/benchmarkSignVerify.cpp index 9ff86935f4..05e61b6458 100644 --- a/util/bench/benchmarkSignVerify.cpp +++ b/util/bench/benchmarkSignVerify.cpp @@ -26,10 +26,10 @@ #include "openssl_utils.hpp" #include "cryptopp_utils.hpp" -using concord::util::cryptopp_utils::RSASigner; -using concord::util::cryptopp_utils::RSAVerifier; -using concord::util::openssl_utils::EdDSASigner; -using concord::util::openssl_utils::EdDSAVerifier; +using concord::crypto::cryptopp::RSASigner; +using concord::crypto::cryptopp::RSAVerifier; +using concord::crypto::openssl::EdDSASigner; +using concord::crypto::openssl::EdDSAVerifier; std::default_random_engine generator; @@ -261,11 +261,12 @@ void rsaVerifierBenchmark(picobench::state& s) { /** * @brief Construct a new PICOBENCH object. + * Take one of the fastest samples out of 3 samples. */ -PICOBENCH(edDSASignerBenchmark).label("EdDSA-Signer").samples(10).iterations({50000, 1000000}); -PICOBENCH(rsaSignerBenchmark).label("RSA-Signer").samples(10).iterations({50000, 1000000}); -PICOBENCH(edDSAVerifierBenchmark).label("EdDSA-Verifier").samples(10).iterations({50000, 1000000}); -PICOBENCH(rsaVerifierBenchmark).label("RSA-Verifier").samples(10).iterations({50000, 1000000}); +PICOBENCH(edDSASignerBenchmark).label("EdDSA-Signer").samples(3).iterations({1, 10, 100, 1000, 10000, 50000}); +PICOBENCH(rsaSignerBenchmark).label("RSA-Signer").samples(3).iterations({1, 10, 100, 1000, 10000, 50000}); +PICOBENCH(edDSAVerifierBenchmark).label("EdDSA-Verifier").samples(3).iterations({1, 10, 100, 1000, 10000, 50000}); +PICOBENCH(rsaVerifierBenchmark).label("RSA-Verifier").samples(3).iterations({1, 10, 100, 1000, 10000, 50000}); /** * @brief Entry function. diff --git a/util/include/cryptopp_utils.hpp b/util/include/cryptopp_utils.hpp index ff9c52b22a..a4225c07c3 100644 --- a/util/include/cryptopp_utils.hpp +++ b/util/include/cryptopp_utils.hpp @@ -22,7 +22,7 @@ using concord::util::crypto::CurveType; using concord::util::cryptointerface::ISigner; using concord::util::cryptointerface::IVerifier; -namespace concord::util::cryptopp_utils { +namespace concord::crypto::cryptopp { class ECDSAVerifier : public IVerifier { public: @@ -100,4 +100,4 @@ class Crypto { class Impl; std::unique_ptr impl_; }; -} // namespace concord::util::cryptopp_utils \ No newline at end of file +} // namespace concord::crypto::cryptopp \ No newline at end of file diff --git a/util/include/openssl_utils.hpp b/util/include/openssl_utils.hpp index f57ea0c2c9..2507b6fcfa 100644 --- a/util/include/openssl_utils.hpp +++ b/util/include/openssl_utils.hpp @@ -34,9 +34,9 @@ using concord::util::crypto::KeyFormat; using concord::util::cryptointerface::ISigner; using concord::util::cryptointerface::IVerifier; -namespace concord::util::openssl_utils { +namespace concord::crypto::openssl { -constexpr static size_t SIG_LENGTH{64}; +constexpr static size_t EdDSA_SIG_LENGTH{64}; // Deleter classes. class EVP_PKEY_Deleter { @@ -98,7 +98,7 @@ class EdDSASigner : public ISigner { private: unique_ptr edPkey_; - size_t sigLen_{SIG_LENGTH}; + size_t sigLen_{EdDSA_SIG_LENGTH}; string keyStr_; }; @@ -134,7 +134,7 @@ class EdDSAVerifier : public IVerifier { private: unique_ptr edPkey_; - mutable size_t sigLen_{SIG_LENGTH}; + mutable size_t sigLen_{EdDSA_SIG_LENGTH}; string keyStr_; }; @@ -148,10 +148,19 @@ class Crypto { Crypto() = default; ~Crypto() = default; - /* - * Generates an EdDSA asymmetric key pair (private-public key pair). - * @return Private-Public key pair. + /** + * @brief Generates an EdDSA asymmetric key pair (private-public key pair). + * + * @return pair Private-Public key pair. + */ + pair generateEdDSAKeyPair(const KeyFormat fmt = KeyFormat::HexaDecimalStrippedFormat) const; + + /** + * @brief Generates an EdDSA PEM file from hexadecimal key pair (private-public key pair). + * + * @param key_pair Key pair in hexa-decimal format. + * @return pair */ - pair generateEdDSAKeyPair() const; + pair EdDSAHexToPem(const std::pair& hex_key_pair) const; }; -} // namespace concord::util::openssl_utils +} // namespace concord::crypto::openssl diff --git a/util/include/sign_verify_utils.hpp b/util/include/sign_verify_utils.hpp index 69f578510d..c532ca4b9b 100644 --- a/util/include/sign_verify_utils.hpp +++ b/util/include/sign_verify_utils.hpp @@ -15,12 +15,12 @@ #include "openssl_utils.hpp" -namespace concord::util::signerverifier { +namespace concord::signerverifier { #ifdef USE_CRYPTOPP -using TransactionSigner = concord::util::cryptopp_utils::RSASigner; -using TransactionVerifier = concord::util::cryptopp_utils::RSAVerifier; +using TransactionSigner = concord::crypto::cryptopp::RSASigner; +using TransactionVerifier = concord::crypto::cryptopp::RSAVerifier; #elif USE_EDDSA_OPENSSL -using TransactionSigner = concord::util::openssl_utils::EdDSASigner; -using TransactionVerifier = concord::util::openssl_utils::EdDSAVerifier; +using TransactionSigner = concord::crypto::openssl::EdDSASigner; +using TransactionVerifier = concord::crypto::openssl::EdDSAVerifier; #endif -} // namespace concord::util::signerverifier \ No newline at end of file +} // namespace concord::signerverifier \ No newline at end of file diff --git a/util/src/cryptopp_utils.cpp b/util/src/cryptopp_utils.cpp index 74e3c76bfe..f2e4aa10b0 100644 --- a/util/src/cryptopp_utils.cpp +++ b/util/src/cryptopp_utils.cpp @@ -25,7 +25,7 @@ using namespace CryptoPP; -namespace concord::util::cryptopp_utils { +namespace concord::crypto::cryptopp { class ECDSAVerifier::Impl { std::unique_ptr::Verifier> verifier_; @@ -272,4 +272,4 @@ KeyFormat Crypto::getFormat(const std::string& key) const { Crypto::Crypto() : impl_{new Impl()} {} Crypto::~Crypto() = default; -} // namespace concord::util::cryptopp_utils +} // namespace concord::crypto::cryptopp diff --git a/util/src/openssl_utils.cpp b/util/src/openssl_utils.cpp index 0a69552768..7c24d9285d 100644 --- a/util/src/openssl_utils.cpp +++ b/util/src/openssl_utils.cpp @@ -19,7 +19,7 @@ #include #include -namespace concord::util::openssl_utils { +namespace concord::crypto::openssl { class BIO_Deleter { public: @@ -214,7 +214,7 @@ string EdDSASigner::sign(const string& dataToSign) { ConcordAssertNE(edCtx, nullptr); ConcordAssertEQ(1, EVP_DigestSignInit(edCtx.get(), nullptr, nullptr, nullptr, edPkey_.get())); - string signature(64, 0); + string signature(EdDSA_SIG_LENGTH, 0); ConcordAssertEQ(1, EVP_DigestSign(edCtx.get(), reinterpret_cast(signature.data()), @@ -266,7 +266,7 @@ EdDSAVerifier::EdDSAVerifier(const string& strPubKey, KeyFormat fmt) : keyStr_{s bool EdDSAVerifier::verify(const string& dataToVerify, const string& sigToVerify) const { sigLen_ = sigToVerify.size(); - ConcordAssertEQ(sigLen_, SIG_LENGTH); + ConcordAssertEQ(sigLen_, EdDSA_SIG_LENGTH); unique_ptr edCtx(EVP_MD_CTX_new()); @@ -288,7 +288,7 @@ uint32_t EdDSAVerifier::signatureLength() const { return sigLen_; } string EdDSAVerifier::getPubKey() const { return keyStr_; } -pair Crypto::generateEdDSAKeyPair() const { +pair Crypto::generateEdDSAKeyPair(const KeyFormat fmt) const { unique_ptr edPkey; unique_ptr edPkeyCtx(EVP_PKEY_CTX_new_id(NID_ED25519, nullptr)); @@ -298,15 +298,71 @@ pair Crypto::generateEdDSAKeyPair() const { ConcordAssertEQ( 1, EVP_PKEY_keygen(edPkeyCtx.get(), reinterpret_cast(&edPkey))); // Generate EdDSA key 'edPkey'. - unsigned char privKey[64]{}; - unsigned char pubKey[64]{}; - size_t privlen{64}; - size_t publen{64}; + unsigned char privKey[EdDSA_SIG_LENGTH]{}; + unsigned char pubKey[EdDSA_SIG_LENGTH]{}; + size_t privlen{EdDSA_SIG_LENGTH}; + size_t publen{EdDSA_SIG_LENGTH}; ConcordAssertEQ(1, EVP_PKEY_get_raw_private_key(edPkey.get(), privKey, &privlen)); ConcordAssertEQ(1, EVP_PKEY_get_raw_public_key(edPkey.get(), pubKey, &publen)); - return make_pair(concordUtils::bufferToHex(reinterpret_cast(privKey), (const size_t)privlen, false), - concordUtils::bufferToHex(reinterpret_cast(pubKey), (const size_t)publen, false)); + pair keyPair; + keyPair.first = concordUtils::bufferToHex(reinterpret_cast(privKey), (const size_t)privlen, false); + keyPair.second = concordUtils::bufferToHex(reinterpret_cast(pubKey), (const size_t)publen, false); + + if (KeyFormat::PemFormat == fmt) { + keyPair = EdDSAHexToPem(keyPair); + } + return keyPair; +} + +pair Crypto::EdDSAHexToPem(const std::pair& hex_key_pair) const { + auto privKey = concordUtils::hexToASCII(hex_key_pair.first); + auto pubKey = concordUtils::hexToASCII(hex_key_pair.second); + + unique_ptr ed_privKey( + EVP_PKEY_new_raw_private_key(NID_ED25519, nullptr, (const unsigned char*)privKey.data(), privKey.size())); + unique_ptr ed_pubKey( + EVP_PKEY_new_raw_public_key(NID_ED25519, nullptr, (const unsigned char*)pubKey.data(), pubKey.size())); + + ConcordAssertNE(nullptr, ed_privKey); + ConcordAssertNE(nullptr, ed_pubKey); + + const char* const tempPrivPem = "/tmp/concordTempPrivKey.pem"; + const char* const tempPubPem = "/tmp/concordTempPubKey.pem"; + + FILE* fp = fopen(tempPrivPem, "w"); + PEM_write_PrivateKey(fp, ed_privKey.get(), nullptr, nullptr, 0, nullptr, nullptr); + fclose(fp); + + fp = fopen(tempPubPem, "w"); + PEM_write_PUBKEY(fp, ed_pubKey.get()); + fclose(fp); + + string privPemString, pubPemString; + + // Read private key from pem file. + std::ifstream privPem(tempPrivPem); + string temp; + if (privPem.is_open()) { + while (privPem.good()) { + getline(privPem, temp); + privPemString += temp + '\n'; + } + } + + // Read public key from pem file. + std::ifstream pubPem(tempPubPem); + if (pubPem.is_open()) { + while (pubPem.good()) { + getline(pubPem, temp); + pubPemString += temp + '\n'; + } + } + + remove(tempPrivPem); + remove(tempPubPem); + + return make_pair(privPemString, pubPemString); } -} // namespace concord::util::openssl_utils +} // namespace concord::crypto::openssl diff --git a/util/test/CMakeLists.txt b/util/test/CMakeLists.txt index 36f6c7ab0e..ed5d2ed5f7 100644 --- a/util/test/CMakeLists.txt +++ b/util/test/CMakeLists.txt @@ -75,9 +75,13 @@ add_executable(RawMemoryPool_test RawMemoryPool_test.cpp) add_test(RawMemoryPool_test RawMemoryPool_test) target_link_libraries(RawMemoryPool_test GTest::Main util) -add_executable(crypto_utils_test crypto_utils_test.cpp ) -add_test(crypto_utils_test crypto_utils_test) -target_link_libraries(crypto_utils_test GTest::Main util) +add_executable(cryptopp_utils_test cryptopp_utils_test.cpp ) +add_test(cryptopp_utils_test cryptopp_utils_test) +target_link_libraries(cryptopp_utils_test GTest::Main util) + +add_executable(openssl_utils_test openssl_utils_test.cpp ) +add_test(openssl_utils_test openssl_utils_test) +target_link_libraries(openssl_utils_test GTest::Main util) add_executable(synchronized_value_test synchronized_value_test.cpp) add_test(synchronized_value_test synchronized_value_test) diff --git a/util/test/crypto_utils_test.cpp b/util/test/cryptopp_utils_test.cpp similarity index 87% rename from util/test/crypto_utils_test.cpp rename to util/test/cryptopp_utils_test.cpp index d9fb36d39a..d2d6f83a0d 100644 --- a/util/test/crypto_utils_test.cpp +++ b/util/test/cryptopp_utils_test.cpp @@ -15,33 +15,33 @@ #include "gtest/gtest.h" #include "cryptopp_utils.hpp" #include "Logger.hpp" -using namespace concord::util::cryptopp_utils; +using namespace concord::crypto::cryptopp; namespace { -TEST(crypto_utils, generate_rsa_keys_hex_format) { +TEST(cryptopp_utils, generate_rsa_keys_hex_format) { ASSERT_NO_THROW(Crypto::instance().generateRsaKeyPair(2048, KeyFormat::HexaDecimalStrippedFormat)); auto keys = Crypto::instance().generateRsaKeyPair(2048, KeyFormat::HexaDecimalStrippedFormat); LOG_INFO(GL, keys.first << " | " << keys.second); } -TEST(crypto_utils, generate_rsa_keys_pem_format) { +TEST(cryptopp_utils, generate_rsa_keys_pem_format) { ASSERT_NO_THROW(Crypto::instance().generateRsaKeyPair(2048, KeyFormat::PemFormat)); auto keys = Crypto::instance().generateRsaKeyPair(2048, KeyFormat::PemFormat); LOG_INFO(GL, keys.first << " | " << keys.second); } -TEST(crypto_utils, generate_ECDSA_keys_pem_format) { +TEST(cryptopp_utils, generate_ECDSA_keys_pem_format) { ASSERT_NO_THROW(Crypto::instance().generateECDSAKeyPair(KeyFormat::PemFormat)); auto keys = Crypto::instance().generateECDSAKeyPair(KeyFormat::PemFormat); LOG_INFO(GL, keys.first << " | " << keys.second); } -TEST(crypto_utils, generate_ECDSA_keys_hex_format) { +TEST(cryptopp_utils, generate_ECDSA_keys_hex_format) { ASSERT_NO_THROW(Crypto::instance().generateECDSAKeyPair(KeyFormat::HexaDecimalStrippedFormat)); auto keys = Crypto::instance().generateECDSAKeyPair(KeyFormat::HexaDecimalStrippedFormat); LOG_INFO(GL, keys.first << " | " << keys.second); } -TEST(crypto_utils, test_rsa_keys_hex) { +TEST(cryptopp_utils, test_rsa_keys_hex) { auto keys = Crypto::instance().generateRsaKeyPair(2048, KeyFormat::HexaDecimalStrippedFormat); RSASigner signer(keys.first, KeyFormat::HexaDecimalStrippedFormat); RSAVerifier verifier(keys.second, KeyFormat::HexaDecimalStrippedFormat); @@ -50,7 +50,7 @@ TEST(crypto_utils, test_rsa_keys_hex) { ASSERT_TRUE(verifier.verify(data, sig)); } -TEST(crypto_utils, test_rsa_keys_pem) { +TEST(cryptopp_utils, test_rsa_keys_pem) { auto keys = Crypto::instance().generateRsaKeyPair(2048, KeyFormat::PemFormat); RSASigner signer(keys.first, KeyFormat::PemFormat); RSAVerifier verifier(keys.second, KeyFormat::PemFormat); @@ -59,7 +59,7 @@ TEST(crypto_utils, test_rsa_keys_pem) { ASSERT_TRUE(verifier.verify(data, sig)); } -TEST(crypto_utils, test_rsa_keys_combined_a) { +TEST(cryptopp_utils, test_rsa_keys_combined_a) { auto keys = Crypto::instance().generateRsaKeyPair(2048, KeyFormat::HexaDecimalStrippedFormat); auto pemKeys = Crypto::instance().RsaHexToPem(keys); RSASigner signer(keys.first, KeyFormat::HexaDecimalStrippedFormat); @@ -69,7 +69,7 @@ TEST(crypto_utils, test_rsa_keys_combined_a) { ASSERT_TRUE(verifier.verify(data, sig)); } -TEST(crypto_utils, test_rsa_keys_combined_b) { +TEST(cryptopp_utils, test_rsa_keys_combined_b) { auto keys = Crypto::instance().generateRsaKeyPair(2048, KeyFormat::HexaDecimalStrippedFormat); auto pemKeys = Crypto::instance().RsaHexToPem(keys); RSASigner signer(pemKeys.first, KeyFormat::PemFormat); @@ -79,7 +79,7 @@ TEST(crypto_utils, test_rsa_keys_combined_b) { ASSERT_TRUE(verifier.verify(data, sig)); } -TEST(crypto_utils, test_ecdsa_keys_hex) { +TEST(cryptopp_utils, test_ecdsa_keys_hex) { auto keys = Crypto::instance().generateECDSAKeyPair(KeyFormat::HexaDecimalStrippedFormat); ECDSASigner signer(keys.first, KeyFormat::HexaDecimalStrippedFormat); ECDSAVerifier verifier(keys.second, KeyFormat::HexaDecimalStrippedFormat); @@ -88,7 +88,7 @@ TEST(crypto_utils, test_ecdsa_keys_hex) { ASSERT_TRUE(verifier.verify(data, sig)); } -TEST(crypto_utils, test_ecdsa_keys_pem) { +TEST(cryptopp_utils, test_ecdsa_keys_pem) { auto keys = Crypto::instance().generateECDSAKeyPair(KeyFormat::PemFormat); ECDSASigner signer(keys.first, KeyFormat::PemFormat); ECDSAVerifier verifier(keys.second, KeyFormat::PemFormat); @@ -97,7 +97,7 @@ TEST(crypto_utils, test_ecdsa_keys_pem) { ASSERT_TRUE(verifier.verify(data, sig)); } -TEST(crypto_utils, test_ecdsa_keys_pem_combined_a) { +TEST(cryptopp_utils, test_ecdsa_keys_pem_combined_a) { auto keys = Crypto::instance().generateECDSAKeyPair(KeyFormat::HexaDecimalStrippedFormat); auto pemKeys = Crypto::instance().ECDSAHexToPem(keys); ECDSASigner signer(keys.first, KeyFormat::HexaDecimalStrippedFormat); @@ -107,7 +107,7 @@ TEST(crypto_utils, test_ecdsa_keys_pem_combined_a) { ASSERT_TRUE(verifier.verify(data, sig)); } -TEST(crypto_utils, test_ecdsa_keys_pem_combined_b) { +TEST(cryptopp_utils, test_ecdsa_keys_pem_combined_b) { auto keys = Crypto::instance().generateECDSAKeyPair(KeyFormat::HexaDecimalStrippedFormat); auto pemKeys = Crypto::instance().ECDSAHexToPem(keys); ECDSASigner signer(pemKeys.first, KeyFormat::PemFormat); diff --git a/util/test/openssl_utils_test.cpp b/util/test/openssl_utils_test.cpp new file mode 100644 index 0000000000..c3b1024712 --- /dev/null +++ b/util/test/openssl_utils_test.cpp @@ -0,0 +1,91 @@ +// Concord +// +// Copyright (c) 2022 VMware, Inc. All Rights Reserved. +// +// This product is licensed to you under the Apache 2.0 license (the "License"). +// You may not use this product except in compliance with the Apache 2.0 +// License. +// +// This product may include a number of subcomponents with separate copyright +// notices and license terms. Your use of these subcomponents is subject to the +// terms and conditions of the subcomponent's license, as noted in the LICENSE +// file. +// + +#include "gtest/gtest.h" +#include "openssl_utils.hpp" +#include "Logger.hpp" + +namespace { + +using concord::crypto::openssl::Crypto; +using concord::crypto::openssl::EdDSASigner; +using concord::crypto::openssl::EdDSAVerifier; + +TEST(openssl_utils, generate_eddsa_keys_hex_format) { + ASSERT_NO_THROW(Crypto::instance().generateEdDSAKeyPair()); + auto keys = Crypto::instance().generateEdDSAKeyPair(); + LOG_INFO(GL, keys.first << " | " << keys.second); +} + +TEST(openssl_utils, generate_eddsa_keys_pem_format) { + ASSERT_NO_THROW(Crypto::instance().generateEdDSAKeyPair()); + auto keys = Crypto::instance().generateEdDSAKeyPair(KeyFormat::PemFormat); + LOG_INFO(GL, keys.first << " | " << keys.second); +} + +TEST(openssl_utils, generate_ECDSA_keys_pem_format) { + ASSERT_NO_THROW(Crypto::instance().generateEdDSAKeyPair(KeyFormat::PemFormat)); + auto keys = Crypto::instance().generateEdDSAKeyPair(KeyFormat::PemFormat); + LOG_INFO(GL, keys.first << " | " << keys.second); +} + +TEST(openssl_utils, generate_ECDSA_keys_hex_format) { + ASSERT_NO_THROW(Crypto::instance().generateEdDSAKeyPair(KeyFormat::HexaDecimalStrippedFormat)); + auto keys = Crypto::instance().generateEdDSAKeyPair(KeyFormat::HexaDecimalStrippedFormat); + LOG_INFO(GL, keys.first << " | " << keys.second); +} + +TEST(openssl_utils, test_eddsa_keys_hex) { + auto keys = Crypto::instance().generateEdDSAKeyPair(); + EdDSASigner signer(keys.first, KeyFormat::HexaDecimalStrippedFormat); + EdDSAVerifier verifier(keys.second, KeyFormat::HexaDecimalStrippedFormat); + std::string data = "Hello VMworld"; + auto sig = signer.sign(data); + ASSERT_TRUE(verifier.verify(data, sig)); +} + +TEST(openssl_utils, test_eddsa_keys_pem) { + auto keys = Crypto::instance().generateEdDSAKeyPair(KeyFormat::PemFormat); + EdDSASigner signer(keys.first, KeyFormat::PemFormat); + EdDSAVerifier verifier(keys.second, KeyFormat::PemFormat); + std::string data = "Hello VMworld"; + auto sig = signer.sign(data); + ASSERT_TRUE(verifier.verify(data, sig)); +} + +TEST(openssl_utils, test_eddsa_keys_combined_a) { + auto keys = Crypto::instance().generateEdDSAKeyPair(); + auto pemKeys = Crypto::instance().EdDSAHexToPem(keys); + EdDSASigner signer(keys.first, KeyFormat::HexaDecimalStrippedFormat); + EdDSAVerifier verifier(pemKeys.second, KeyFormat::PemFormat); + std::string data = "Hello VMworld"; + auto sig = signer.sign(data); + ASSERT_TRUE(verifier.verify(data, sig)); +} + +TEST(openssl_utils, test_eddsa_keys_combined_b) { + auto keys = Crypto::instance().generateEdDSAKeyPair(); + auto pemKeys = Crypto::instance().EdDSAHexToPem(keys); + EdDSASigner signer(pemKeys.first, KeyFormat::PemFormat); + EdDSAVerifier verifier(keys.second, KeyFormat::HexaDecimalStrippedFormat); + std::string data = "Hello VMworld"; + auto sig = signer.sign(data); + ASSERT_TRUE(verifier.verify(data, sig)); +} +} // namespace + +int main(int argc, char** argv) { + ::testing::InitGoogleTest(&argc, argv); + return RUN_ALL_TESTS(); +}