mirror of
https://github.com/corda/corda.git
synced 2024-12-30 01:39:04 +00:00
deriveKeyPair renaming
This commit is contained in:
parent
3cabdf4430
commit
61a24897fe
@ -587,7 +587,7 @@ object Crypto {
|
||||
* @throws IllegalArgumentException if the requested signature scheme is not supported.
|
||||
* @throws UnsupportedOperationException if deterministic key generation is not supported for this particular scheme.
|
||||
*/
|
||||
fun deterministicKeyPair(signatureScheme: SignatureScheme, privateKey: PrivateKey, seed: ByteArray): KeyPair {
|
||||
fun deriveKeyPair(signatureScheme: SignatureScheme, privateKey: PrivateKey, seed: ByteArray): KeyPair {
|
||||
require(isSupportedSignatureScheme(signatureScheme)) { "Unsupported key/algorithm for schemeCodeName: ${signatureScheme.schemeCodeName}" }
|
||||
when (signatureScheme) {
|
||||
ECDSA_SECP256R1_SHA256, ECDSA_SECP256K1_SHA256 -> return deriveKeyPairECDSA(signatureScheme.algSpec as ECParameterSpec, privateKey, seed)
|
||||
@ -605,8 +605,8 @@ object Crypto {
|
||||
* @throws IllegalArgumentException if the requested signature scheme is not supported.
|
||||
* @throws UnsupportedOperationException if deterministic key generation is not supported for this particular scheme.
|
||||
*/
|
||||
fun deterministicKeyPair(privateKey: PrivateKey, seed: ByteArray): KeyPair {
|
||||
return deterministicKeyPair(findSignatureScheme(privateKey), privateKey, seed)
|
||||
fun deriveKeyPair(privateKey: PrivateKey, seed: ByteArray): KeyPair {
|
||||
return deriveKeyPair(findSignatureScheme(privateKey), privateKey, seed)
|
||||
}
|
||||
|
||||
// Given the domain parameters, this routine deterministically generates an ECDSA key pair
|
||||
|
@ -662,7 +662,7 @@ class CryptoUtilsTest {
|
||||
@Test
|
||||
fun `ECDSA secp256R1 deterministic key generation`() {
|
||||
val (priv, pub) = Crypto.generateKeyPair(Crypto.ECDSA_SECP256R1_SHA256)
|
||||
val (dpriv, dpub) = Crypto.deterministicKeyPair(priv, "seed-1".toByteArray())
|
||||
val (dpriv, dpub) = Crypto.deriveKeyPair(priv, "seed-1".toByteArray())
|
||||
|
||||
// Check scheme.
|
||||
assertEquals(priv.algorithm, dpriv.algorithm)
|
||||
@ -687,15 +687,15 @@ class CryptoUtilsTest {
|
||||
assertNotEquals(pub, dpub)
|
||||
|
||||
// A new keyPair is always generated per different seed.
|
||||
val (dpriv2, dpub2) = Crypto.deterministicKeyPair(priv, "seed-2".toByteArray())
|
||||
val (dpriv2, dpub2) = Crypto.deriveKeyPair(priv, "seed-2".toByteArray())
|
||||
assertNotEquals(dpriv, dpriv2)
|
||||
assertNotEquals(dpub, dpub2)
|
||||
|
||||
// Check if the same input always produces the same output (i.e. deterministically generated).
|
||||
val (dpriv_1, dpub_1) = Crypto.deterministicKeyPair(priv, "seed-1".toByteArray())
|
||||
val (dpriv_1, dpub_1) = Crypto.deriveKeyPair(priv, "seed-1".toByteArray())
|
||||
assertEquals(dpriv, dpriv_1)
|
||||
assertEquals(dpub, dpub_1)
|
||||
val (dpriv_2, dpub_2) = Crypto.deterministicKeyPair(priv, "seed-2".toByteArray())
|
||||
val (dpriv_2, dpub_2) = Crypto.deriveKeyPair(priv, "seed-2".toByteArray())
|
||||
assertEquals(dpriv2, dpriv_2)
|
||||
assertEquals(dpub2, dpub_2)
|
||||
}
|
||||
@ -703,7 +703,7 @@ class CryptoUtilsTest {
|
||||
@Test
|
||||
fun `ECDSA secp256K1 deterministic key generation`() {
|
||||
val (priv, pub) = Crypto.generateKeyPair(Crypto.ECDSA_SECP256K1_SHA256)
|
||||
val (dpriv, dpub) = Crypto.deterministicKeyPair(priv, "seed-1".toByteArray())
|
||||
val (dpriv, dpub) = Crypto.deriveKeyPair(priv, "seed-1".toByteArray())
|
||||
|
||||
// Check scheme.
|
||||
assertEquals(priv.algorithm, dpriv.algorithm)
|
||||
@ -728,15 +728,15 @@ class CryptoUtilsTest {
|
||||
assertNotEquals(pub, dpub)
|
||||
|
||||
// A new keyPair is always generated per different seed.
|
||||
val (dpriv2, dpub2) = Crypto.deterministicKeyPair(priv, "seed-2".toByteArray())
|
||||
val (dpriv2, dpub2) = Crypto.deriveKeyPair(priv, "seed-2".toByteArray())
|
||||
assertNotEquals(dpriv, dpriv2)
|
||||
assertNotEquals(dpub, dpub2)
|
||||
|
||||
// Check if the same input always produces the same output (i.e. deterministically generated).
|
||||
val (dpriv_1, dpub_1) = Crypto.deterministicKeyPair(priv, "seed-1".toByteArray())
|
||||
val (dpriv_1, dpub_1) = Crypto.deriveKeyPair(priv, "seed-1".toByteArray())
|
||||
assertEquals(dpriv, dpriv_1)
|
||||
assertEquals(dpub, dpub_1)
|
||||
val (dpriv_2, dpub_2) = Crypto.deterministicKeyPair(priv, "seed-2".toByteArray())
|
||||
val (dpriv_2, dpub_2) = Crypto.deriveKeyPair(priv, "seed-2".toByteArray())
|
||||
assertEquals(dpriv2, dpriv_2)
|
||||
assertEquals(dpub2, dpub_2)
|
||||
}
|
||||
@ -744,7 +744,7 @@ class CryptoUtilsTest {
|
||||
@Test
|
||||
fun `EdDSA ed25519 deterministic key generation`() {
|
||||
val (priv, pub) = Crypto.generateKeyPair(Crypto.EDDSA_ED25519_SHA512)
|
||||
val (dpriv, dpub) = Crypto.deterministicKeyPair(priv, "seed-1".toByteArray())
|
||||
val (dpriv, dpub) = Crypto.deriveKeyPair(priv, "seed-1".toByteArray())
|
||||
|
||||
// Check scheme.
|
||||
assertEquals(priv.algorithm, dpriv.algorithm)
|
||||
@ -769,15 +769,15 @@ class CryptoUtilsTest {
|
||||
assertNotEquals(pub, dpub)
|
||||
|
||||
// A new keyPair is always generated per different seed.
|
||||
val (dpriv2, dpub2) = Crypto.deterministicKeyPair(priv, "seed-2".toByteArray())
|
||||
val (dpriv2, dpub2) = Crypto.deriveKeyPair(priv, "seed-2".toByteArray())
|
||||
assertNotEquals(dpriv, dpriv2)
|
||||
assertNotEquals(dpub, dpub2)
|
||||
|
||||
// Check if the same input always produces the same output (i.e. deterministically generated).
|
||||
val (dpriv_1, dpub_1) = Crypto.deterministicKeyPair(priv, "seed-1".toByteArray())
|
||||
val (dpriv_1, dpub_1) = Crypto.deriveKeyPair(priv, "seed-1".toByteArray())
|
||||
assertEquals(dpriv, dpriv_1)
|
||||
assertEquals(dpub, dpub_1)
|
||||
val (dpriv_2, dpub_2) = Crypto.deterministicKeyPair(priv, "seed-2".toByteArray())
|
||||
val (dpriv_2, dpub_2) = Crypto.deriveKeyPair(priv, "seed-2".toByteArray())
|
||||
assertEquals(dpriv2, dpriv_2)
|
||||
assertEquals(dpub2, dpub_2)
|
||||
}
|
||||
|
@ -50,7 +50,7 @@ support for more currencies to the DemoBench and Explorer tools.
|
||||
* A new RPC has been added to support fuzzy matching of X.500 names, for instance, to translate from user input to
|
||||
an unambiguous identity by searching the network map.
|
||||
|
||||
* A function for deterministic key derivation ``Crypto.deterministicKeyPair(privateKey: PrivateKey, seed: ByteArray)``
|
||||
* A function for deterministic key derivation ``Crypto.deriveKeyPair(privateKey: PrivateKey, seed: ByteArray)``
|
||||
has been implemented to support deterministic ``KeyPair`` derivation using an existing private key and a seed
|
||||
as inputs. This operation is based on the HKDF scheme and it's a variant of the hardened parent-private ->
|
||||
child-private key derivation function of the BIP32 protocol, but it doesn't utilize extension chain codes.
|
||||
|
Loading…
Reference in New Issue
Block a user