2

I am having a blockchain application set up with Hyperledger Fabric and I want to get the public key from the caller inside the chaincode.

I use golang for the chaincode and I have managed to retrieve from the caller the certificate X509 and from that, the PublicKey in an unreadable format.

Since in the documentation says that this field (Public Key) from the Certificate structure is of type any, I am just setting it into a string using Sprintf.

And this is the output:

&{{0xc000624040} 110006408051620173868267843413892792474981993401645508314118747530986647833211 30374913908846219606392346947456049633394351895879251216926799242930673498259}

I can understand that this might be the encoding of the ECDSA signature and that this might be the actual public key. But, I am not able to clearly understand what does this exactly represent and how can I convert into a hash.

If I hash it directly, the Public Key that I have retrieved from the node js application where I used KEYUTIL to parse it from the users certificate, is different than the result that is being produced here. Why is this happening? What should be hashed in order to be the same?

Any recommendations to read something or any tip would be helpful. Thank you.

After, discussion on the comments bellow, it has been found how to properly format the Public Key so all values of the ECDSA key can be visible.

Using the KEYUTIL library in the node js there is the function of 'getKey' which retrieves the Public Key of the user and in there, there is a field called: pubkeyHex

This is stated: @param pubkeyHex hexadecimal string of public key for that. And what is is beeing displayed is: 04f3356ba599db0542d0cd5beeb6ac844aa1d194f787a9d9b1dbee3f034215ca7b4327 978ef9122386f73280c1dd7865eb2d1d7b27dcff6c23f20423ea81c13893

I thought that this is a hash as this looks like it. But, from the name of the function might be something else (hex).

So, the above is the representation of the whole Public Key in this format. And here comes the next question on how this might be produced.

Rafail K.
  • 365
  • 3
  • 14
  • 1
    Use the `%#v` verb with `fmt.Printf` to have that "output" annotated with the real type of the value being rendered. The verb `%T` prints the type of the value. After that, you can use type assertion and/or type switch to get the value of the real dynamic type out of an interface value (`interface{}` or `any`—that's what you're ostensibly dealing with). – kostix Jul 18 '22 at 11:27
  • Thank you for your answer. It was helpful. So, the type is: *ecdsa.PublicKey. And I also got the full Public Key with the curve which is something like this: &ecdsa.PublicKey{Curve:elliptic.p256Curve{CurveParams:(*elliptic.CurveParams)(0xc000032fc0)}, X:110006408051620173868267843413892792474981993401645508314118747530986647833211, Y:30374913908846219606392346947456049633394351895879251216926799242930673498259}. I cant understand how should I produce the correct hash as the final Public Key. – Rafail K. Jul 18 '22 at 12:28
  • I mean, 04f3356ba599db0542d0cd5beeb6ac844aa1d194f787a9d9b1dbee3f034215ca7b4327978ef9122386f73280c1dd7865eb2d1d7b27dcff6c23f20423ea81c13893 this is the hash produced from the Public Key using KEYUTIL in node js application from the same Public Key. – Rafail K. Jul 18 '22 at 12:32
  • I don't really understand the question: AFAIK, you're not supposed to generate hashes of keys. What use it would be in cryptography? Again AFAIK, a typical application of asymmetric cryptography is signing of a cryptographic hash of a message. May be what you call "a hash" is not really a hash but merely some serialization format? – kostix Jul 18 '22 at 12:34
  • Well, some form of hashing on keys is used: the so-called "key fingerprint" used in X.509 and SSH is a hash calculated on the key. But what you've presented does not look like key fingerprint. – kostix Jul 18 '22 at 12:35
  • Hm, that makes sense. Maybe I am wrong here in some points. Let me add some more in the question so I can explain more. – Rafail K. Jul 18 '22 at 12:38
  • Maybe that "KEYUTIL in node js application" has a manual page accessible on the web, and you could augment that information with the way you're calling that "KEYUTIL"? IOW, your question sounds like (a popular) "how could I convert such and such `curl` invocation to a Go code?"—the asker skips any attempt to understand what a `curl` encantation of interest actually does, which does not help. – kostix Jul 18 '22 at 12:39
  • 1
    A public EC key is a point on the corresponding EC curve, and consists of an X and Y coordinate. 1100... and 3037... are the *decimal* values of X and Y. The representation 0x04f335... is called uncompressed public key and consists of the concatenation of the prefix 0x04 and the *hexadecimal* values of X (=0xF335...) and Y (= 0x4327...). – Topaco Jul 18 '22 at 12:50
  • @Topaco Exactly!! This is what I was looking for. Thank you very much sharing this knowledger. This part is the unknown part and now I know :D – Rafail K. Jul 18 '22 at 12:56
  • @Topaco, out of curiosity, could you point me at a formal description of that "uncompressed public key" format? Whatever I've managed to google, leads to some bitcoin-related stuff. – kostix Jul 18 '22 at 13:06
  • 1
    https://medium.com/asecuritysite-when-bob-met-alice/02-03-or-04-so-what-are-compressed-and-uncompressed-public-keys-6abcb57efeb6 I think this one explains it well without being too much for bitcoin – Rafail K. Jul 18 '22 at 13:32
  • 1
    Or more formal [here](https://www.bsi.bund.de/SharedDocs/Downloads/EN/BSI/Publications/TechGuidelines/TR03111/BSI-TR-03111_V-2-0_pdf.pdf?__blob=publicationFile&v=1), section *3.2. Encoding Elliptic Curve Points*. – Topaco Jul 18 '22 at 13:41

0 Answers0