1

I am using Hyperledger Fabric V1.4 on my project. I have enrolled and registered users. And now I want to transfer files between users while remain private, which means I need to encrypt the file so that only the receiver can see. For example, user A wants to send a file to user B. The basic workflow I'm thinking right now is that:

  1. User A and B register in the Hyperledger Network and get public/private keys.
  2. User A uploads a file in IPFS and gets a hash from IPFS. (Since everyone with the hash can access the file, we need to encrypt the file hash.)
  3. Encrypt the file hash with user B's public key.
  4. Send the encrypted hash to user B.
  5. User B receives the encrypted hash and uses B's private key to decrypt the hash, and gets the IPFS file hash. Then B can view the hash using IPFS.

Problems I'm having:

  1. In step 3, how to get a user's public key? I only found ways to get certificate and private key. Or can I get public key from the certificate?
  2. Is there an algorithm to encrypt files/strings using Hyperledger-generated public and private keys?

Thank you!

BQZic
  • 11
  • 1

1 Answers1

1

Yes it is possible something similar, but with ECDSA it does not work this way. You do not encrypt with the user B's public key. What you do is to derive a symmetric key from user B's public key and user A's private key in a way the same symmetric key is derived from user A's public key and user B's private key. It is known as ECDH. I haven't here an example in Javascript (you can search it the same way I would), but to understand it, take a look a give a try to the example (with OpenSSL) in https://jameshfisher.com/2017/04/14/openssl-ecc/.

You can get the public key from the certificate (it is embedded in the certificate) or derive it from the private key. Choose your way.

NOTE: I find more secure encrypting the content before storing it in IPFS and share the hash than encrypting the hash.

EDIT: For nodejs, you can try this: https://www.npmjs.com/package/eccrypto. It seems it includes also some similar to what you were looking for initially.

kekomal
  • 2,179
  • 11
  • 12
  • I couldn't find a way to derive public key from certificate or private key. I tried node-forge but it failed. Do you have any recommendations? – BQZic Mar 03 '20 at 01:17