diff --git a/blockDB_1408/000025.log b/blockDB_1408/000025.log deleted file mode 100644 index 5d9d595..0000000 Binary files a/blockDB_1408/000025.log and /dev/null differ diff --git a/blockDB_1408/000027.ldb b/blockDB_1408/000027.ldb deleted file mode 100644 index 9375999..0000000 Binary files a/blockDB_1408/000027.ldb and /dev/null differ diff --git a/blockDB_1408/000066.ldb b/blockDB_1408/000066.ldb new file mode 100644 index 0000000..9606f12 Binary files /dev/null and b/blockDB_1408/000066.ldb differ diff --git a/blockDB_1408/000067.ldb b/blockDB_1408/000067.ldb new file mode 100644 index 0000000..4ae1abc Binary files /dev/null and b/blockDB_1408/000067.ldb differ diff --git a/blockDB_1408/000070.ldb b/blockDB_1408/000070.ldb new file mode 100644 index 0000000..7cb49f5 Binary files /dev/null and b/blockDB_1408/000070.ldb differ diff --git a/blockDB_1408/000071.log b/blockDB_1408/000071.log new file mode 100644 index 0000000..20f94a0 Binary files /dev/null and b/blockDB_1408/000071.log differ diff --git a/blockDB_1408/CURRENT b/blockDB_1408/CURRENT index 8b15215..f74be16 100644 --- a/blockDB_1408/CURRENT +++ b/blockDB_1408/CURRENT @@ -1 +1 @@ -MANIFEST-000026 +MANIFEST-000072 diff --git a/blockDB_1408/CURRENT.bak b/blockDB_1408/CURRENT.bak index 7fbb623..5893b8f 100644 --- a/blockDB_1408/CURRENT.bak +++ b/blockDB_1408/CURRENT.bak @@ -1 +1 @@ -MANIFEST-000023 +MANIFEST-000069 diff --git a/blockDB_1408/LOG b/blockDB_1408/LOG index b254c20..417f950 100644 --- a/blockDB_1408/LOG +++ b/blockDB_1408/LOG @@ -119,3 +119,198 @@ 17:03:47.581763 table@remove removed @14 17:03:47.659984 db@close closing 17:03:47.659984 db@close done T·0s +=============== Apr 24, 2024 (CST) =============== +17:09:09.011462 log@legend F·NumFile S·FileSize N·Entry C·BadEntry B·BadBlock Ke·KeyError D·DroppedEntry L·Level Q·SeqNum T·TimeElapsed +17:09:09.012460 version@stat F·[0 1] S·68KiB[0B 68KiB] Sc·[0.00 0.00] +17:09:09.012460 db@open opening +17:09:09.013458 journal@recovery F·1 +17:09:09.013458 journal@recovery recovering @25 +17:09:09.019458 memdb@flush created L0@28 N·16 S·67KiB "blo..\xe3\x12},v152":"blo..n\x01\x03,d148" +17:09:09.020457 version@stat F·[1 1] S·136KiB[67KiB 68KiB] Sc·[0.25 0.00] +17:09:09.034593 db@janitor F·4 G·0 +17:09:09.034593 db@open done T·22.1328ms +17:09:09.961728 db@close closing +17:09:09.961728 db@close done T·0s +=============== Apr 24, 2024 (CST) =============== +17:09:27.104288 log@legend F·NumFile S·FileSize N·Entry C·BadEntry B·BadBlock Ke·KeyError D·DroppedEntry L·Level Q·SeqNum T·TimeElapsed +17:09:27.104288 version@stat F·[1 1] S·136KiB[67KiB 68KiB] Sc·[0.25 0.00] +17:09:27.104288 db@open opening +17:09:27.105307 journal@recovery F·1 +17:09:27.105307 journal@recovery recovering @29 +17:09:27.111293 memdb@flush created L0@31 N·18 S·75KiB "blo..\xe3\x12},d158":"blo..n\x01\x04,v174" +17:09:27.112284 version@stat F·[2 1] S·212KiB[143KiB 68KiB] Sc·[0.50 0.00] +17:09:27.128890 db@janitor F·5 G·0 +17:09:27.128890 db@open done T·23.583ms +17:09:27.807201 db@close closing +17:09:27.807201 db@close done T·0s +=============== Apr 24, 2024 (CST) =============== +17:09:56.641158 log@legend F·NumFile S·FileSize N·Entry C·BadEntry B·BadBlock Ke·KeyError D·DroppedEntry L·Level Q·SeqNum T·TimeElapsed +17:09:56.642191 version@stat F·[2 1] S·212KiB[143KiB 68KiB] Sc·[0.50 0.00] +17:09:56.642191 db@open opening +17:09:56.642191 journal@recovery F·1 +17:09:56.642709 journal@recovery recovering @32 +17:09:56.648645 memdb@flush created L0@34 N·18 S·71KiB "blo..\xc2~\x17,v190":"blo..n\x01\x04,d186" +17:09:56.649171 version@stat F·[3 1] S·283KiB[214KiB 68KiB] Sc·[0.75 0.00] +17:09:56.662903 db@janitor F·6 G·0 +17:09:56.662903 db@open done T·20.7126ms +17:09:57.364677 db@close closing +17:09:57.364677 db@close done T·0s +=============== Apr 24, 2024 (CST) =============== +17:10:26.012152 log@legend F·NumFile S·FileSize N·Entry C·BadEntry B·BadBlock Ke·KeyError D·DroppedEntry L·Level Q·SeqNum T·TimeElapsed +17:10:26.013152 version@stat F·[3 1] S·283KiB[214KiB 68KiB] Sc·[0.75 0.00] +17:10:26.013152 db@open opening +17:10:26.013152 journal@recovery F·1 +17:10:26.013152 journal@recovery recovering @35 +17:10:26.018226 memdb@flush created L0@37 N·16 S·62KiB "blo..\xc2~\x17,d196":"blo..n\x01\x03,d203" +17:10:26.019153 version@stat F·[4 1] S·345KiB[276KiB 68KiB] Sc·[1.00 0.00] +17:10:26.032151 db@janitor F·7 G·0 +17:10:26.032151 db@open done T·18.999ms +17:10:26.032151 table@compaction L0·4 -> L1·1 S·345KiB Q·212 +17:10:26.038263 table@build created L1@40 N·8 S·61KiB "blo..\xfai\x9f,v205":"blo..n\x01\x03,v210" +17:10:26.038263 version@stat F·[0 1] S·61KiB[0B 61KiB] Sc·[0.00 0.00] +17:10:26.043269 table@compaction committed F-4 S-283KiB Ke·0 D·68 T·11.1186ms +17:10:26.043269 table@remove removed @37 +17:10:26.043269 table@remove removed @34 +17:10:26.044270 table@remove removed @31 +17:10:26.044270 table@remove removed @28 +17:10:26.044270 table@remove removed @27 +17:10:26.124762 db@close closing +17:10:26.124762 db@close done T·0s +=============== Apr 24, 2024 (CST) =============== +17:17:45.763187 log@legend F·NumFile S·FileSize N·Entry C·BadEntry B·BadBlock Ke·KeyError D·DroppedEntry L·Level Q·SeqNum T·TimeElapsed +17:17:45.763187 version@stat F·[0 1] S·61KiB[0B 61KiB] Sc·[0.00 0.00] +17:17:45.763187 db@open opening +17:17:45.764184 journal@recovery F·1 +17:17:45.764184 journal@recovery recovering @38 +17:17:45.770184 memdb@flush created L0@41 N·16 S·65KiB "blo..rD2,v228":"blo..n\x01\x03,d220" +17:17:45.770184 version@stat F·[1 1] S·127KiB[65KiB 61KiB] Sc·[0.25 0.00] +17:17:45.782298 db@janitor F·4 G·0 +17:17:45.782298 db@open done T·19.1116ms +17:17:46.502609 db@close closing +17:17:46.503125 db@close done T·516.6µs +=============== Apr 24, 2024 (CST) =============== +17:18:00.236070 log@legend F·NumFile S·FileSize N·Entry C·BadEntry B·BadBlock Ke·KeyError D·DroppedEntry L·Level Q·SeqNum T·TimeElapsed +17:18:00.240071 version@stat F·[1 1] S·127KiB[65KiB 61KiB] Sc·[0.25 0.00] +17:18:00.240071 db@open opening +17:18:00.241069 journal@recovery F·1 +17:18:00.241069 journal@recovery recovering @42 +17:18:00.247082 memdb@flush created L0@44 N·18 S·73KiB "blo..\xbfl9,v245":"blo..n\x01\x04,v246" +17:18:00.247082 version@stat F·[2 1] S·200KiB[139KiB 61KiB] Sc·[0.50 0.00] +17:18:00.262002 db@janitor F·5 G·0 +17:18:00.262002 db@open done T·21.9309ms +17:18:01.046339 db@close closing +17:18:01.046359 db@close done T·20.6µs +=============== Apr 24, 2024 (CST) =============== +17:18:06.080866 log@legend F·NumFile S·FileSize N·Entry C·BadEntry B·BadBlock Ke·KeyError D·DroppedEntry L·Level Q·SeqNum T·TimeElapsed +17:18:06.081874 version@stat F·[2 1] S·200KiB[139KiB 61KiB] Sc·[0.50 0.00] +17:18:06.081874 db@open opening +17:18:06.082876 journal@recovery F·1 +17:18:06.083867 journal@recovery recovering @45 +17:18:06.089950 memdb@flush created L0@47 N·18 S·66KiB "blo..\xbfl9,d249":"blo..n\x01\x04,d258" +17:18:06.089950 version@stat F·[3 1] S·267KiB[205KiB 61KiB] Sc·[0.75 0.00] +17:18:06.104660 db@janitor F·6 G·0 +17:18:06.104660 db@open done T·22.7862ms +17:18:06.878774 db@close closing +17:18:06.878774 db@close done T·0s +=============== Apr 24, 2024 (CST) =============== +17:18:13.274556 log@legend F·NumFile S·FileSize N·Entry C·BadEntry B·BadBlock Ke·KeyError D·DroppedEntry L·Level Q·SeqNum T·TimeElapsed +17:18:13.275625 version@stat F·[3 1] S·267KiB[205KiB 61KiB] Sc·[0.75 0.00] +17:18:13.275625 db@open opening +17:18:13.275625 journal@recovery F·1 +17:18:13.277563 journal@recovery recovering @48 +17:18:13.282557 memdb@flush created L0@50 N·18 S·72KiB "blo..z\x1a\a,v285":"blo..n\x01\x04,v284" +17:18:13.282557 version@stat F·[4 1] S·339KiB[278KiB 61KiB] Sc·[1.00 0.00] +17:18:13.296389 db@janitor F·7 G·0 +17:18:13.296389 db@open done T·20.7636ms +17:18:13.296389 table@compaction L0·4 -> L1·1 S·339KiB Q·286 +17:18:13.306110 table@build created L1@53 N·10 S·72KiB "blo..z\x1a\a,v285":"blo..n\x01\x04,v284" +17:18:13.306632 version@stat F·[0 1] S·72KiB[0B 72KiB] Sc·[0.00 0.00] +17:18:13.312772 table@compaction committed F-4 S-267KiB Ke·0 D·68 T·16.3828ms +17:18:13.313291 table@remove removed @50 +17:18:13.313291 table@remove removed @47 +17:18:13.313967 table@remove removed @44 +17:18:13.314517 table@remove removed @41 +17:18:13.315068 table@remove removed @40 +17:18:14.055220 db@close closing +17:18:14.055220 db@close done T·0s +=============== Apr 24, 2024 (CST) =============== +19:54:20.229269 log@legend F·NumFile S·FileSize N·Entry C·BadEntry B·BadBlock Ke·KeyError D·DroppedEntry L·Level Q·SeqNum T·TimeElapsed +19:54:20.231394 version@stat F·[0 1] S·72KiB[0B 72KiB] Sc·[0.00 0.00] +19:54:20.231394 db@open opening +19:54:20.231911 journal@recovery F·1 +19:54:20.232433 journal@recovery recovering @51 +19:54:20.237479 memdb@flush created L0@54 N·18 S·66KiB "blo..z\x1a\a,d287":"blo..n\x01\x04,d296" +19:54:20.238010 version@stat F·[1 1] S·138KiB[66KiB 72KiB] Sc·[0.25 0.00] +19:54:20.252522 db@janitor F·4 G·0 +19:54:20.252522 db@open done T·21.1286ms +19:54:20.928773 db@close closing +19:54:20.929279 db@close done T·505.8µs +=============== Apr 24, 2024 (CST) =============== +19:54:31.119695 log@legend F·NumFile S·FileSize N·Entry C·BadEntry B·BadBlock Ke·KeyError D·DroppedEntry L·Level Q·SeqNum T·TimeElapsed +19:54:31.120697 version@stat F·[1 1] S·138KiB[66KiB 72KiB] Sc·[0.25 0.00] +19:54:31.120697 db@open opening +19:54:31.121692 journal@recovery F·1 +19:54:31.121692 journal@recovery recovering @55 +19:54:31.126713 memdb@flush created L0@57 N·18 S·51KiB "blo..\x1d\"\n,d306":"blo..n\x01\x04,v322" +19:54:31.128805 version@stat F·[2 1] S·189KiB[117KiB 72KiB] Sc·[0.50 0.00] +19:54:31.143830 db@janitor F·5 G·0 +19:54:31.144354 db@open done T·23.6573ms +19:54:31.864438 db@close closing +19:54:31.864958 db@close done T·520.5µs +=============== Apr 24, 2024 (CST) =============== +19:55:26.323881 log@legend F·NumFile S·FileSize N·Entry C·BadEntry B·BadBlock Ke·KeyError D·DroppedEntry L·Level Q·SeqNum T·TimeElapsed +19:55:26.324880 version@stat F·[2 1] S·189KiB[117KiB 72KiB] Sc·[0.50 0.00] +19:55:26.324880 db@open opening +19:55:26.324880 journal@recovery F·1 +19:55:26.325881 journal@recovery recovering @58 +19:55:26.330881 memdb@flush created L0@60 N·20 S·50KiB "blo..d)\",v344":"blo..n\x01\x04,d334" +19:55:26.331882 version@stat F·[3 1] S·239KiB[167KiB 72KiB] Sc·[0.75 0.00] +19:55:26.344884 db@janitor F·6 G·0 +19:55:26.345696 db@open done T·20.0031ms +19:55:27.102793 db@close closing +19:55:27.102793 db@close done T·0s +=============== Apr 24, 2024 (CST) =============== +19:57:45.814044 log@legend F·NumFile S·FileSize N·Entry C·BadEntry B·BadBlock Ke·KeyError D·DroppedEntry L·Level Q·SeqNum T·TimeElapsed +19:57:45.815129 version@stat F·[3 1] S·239KiB[167KiB 72KiB] Sc·[0.75 0.00] +19:57:45.815129 db@open opening +19:57:45.815129 journal@recovery F·1 +19:57:45.815655 journal@recovery recovering @61 +19:57:45.820025 memdb@flush created L0@63 N·20 S·52KiB "blo..®L,v359":"blo..n\x01\x04,d355" +19:57:45.821083 version@stat F·[4 1] S·292KiB[219KiB 72KiB] Sc·[1.00 0.00] +19:57:45.835150 db@janitor F·7 G·0 +19:57:45.835150 db@open done T·20.021ms +19:57:45.835150 table@compaction L0·4 -> L1·1 S·292KiB Q·366 +19:57:45.842602 table@build created L1@66 N·10 S·51KiB "blo..®L,v359":"blo..n\x01\x04,v364" +19:57:45.842602 version@stat F·[0 1] S·51KiB[0B 51KiB] Sc·[0.00 0.00] +19:57:45.848596 table@compaction committed F-4 S-240KiB Ke·0 D·76 T·13.4461ms +19:57:45.857776 table@remove removed @63 +19:57:45.860782 table@remove removed @60 +19:57:45.862452 table@remove removed @57 +19:57:45.862961 table@remove removed @54 +19:57:45.862961 table@remove removed @53 +19:57:46.565770 db@close closing +19:57:46.565770 db@close done T·0s +=============== Apr 24, 2024 (CST) =============== +19:57:53.449209 log@legend F·NumFile S·FileSize N·Entry C·BadEntry B·BadBlock Ke·KeyError D·DroppedEntry L·Level Q·SeqNum T·TimeElapsed +19:57:53.450209 version@stat F·[0 1] S·51KiB[0B 51KiB] Sc·[0.00 0.00] +19:57:53.450209 db@open opening +19:57:53.450209 journal@recovery F·1 +19:57:53.451210 journal@recovery recovering @64 +19:57:53.456210 memdb@flush created L0@67 N·20 S·53KiB "blo..®L,d367":"blo..n\x01\x04,d376" +19:57:53.456210 version@stat F·[1 1] S·104KiB[53KiB 51KiB] Sc·[0.25 0.00] +19:57:53.471209 db@janitor F·4 G·0 +19:57:53.471209 db@open done T·21.0005ms +19:57:54.209030 db@close closing +19:57:54.209552 db@close done T·522.3µs +=============== Apr 24, 2024 (CST) =============== +20:00:01.493972 log@legend F·NumFile S·FileSize N·Entry C·BadEntry B·BadBlock Ke·KeyError D·DroppedEntry L·Level Q·SeqNum T·TimeElapsed +20:00:01.496111 version@stat F·[1 1] S·104KiB[53KiB 51KiB] Sc·[0.25 0.00] +20:00:01.496728 db@open opening +20:00:01.497884 journal@recovery F·1 +20:00:01.500072 journal@recovery recovering @68 +20:00:01.504961 memdb@flush created L0@70 N·20 S·54KiB "blo..\x85\x7f\xd9,d388":"blo..n\x01\x04,d397" +20:00:01.505478 version@stat F·[2 1] S·159KiB[107KiB 51KiB] Sc·[0.50 0.00] +20:00:01.520372 db@janitor F·5 G·0 +20:00:01.520372 db@open done T·23.644ms +20:00:02.325750 db@close closing +20:00:02.326281 db@close done T·530.5µs diff --git a/blockDB_1408/MANIFEST-000026 b/blockDB_1408/MANIFEST-000026 deleted file mode 100644 index c692f6f..0000000 Binary files a/blockDB_1408/MANIFEST-000026 and /dev/null differ diff --git a/blockDB_1408/MANIFEST-000072 b/blockDB_1408/MANIFEST-000072 new file mode 100644 index 0000000..10f1606 Binary files /dev/null and b/blockDB_1408/MANIFEST-000072 differ diff --git a/cert/ca.crt b/cert/ca.crt deleted file mode 100644 index deb01e4..0000000 --- a/cert/ca.crt +++ /dev/null @@ -1,20 +0,0 @@ ------BEGIN CERTIFICATE----- -MIIDMTCCAhkCFHzFTRahViooKMdq5muZolMXXgx0MA0GCSqGSIb3DQEBCwUAMFUx -CzAJBgNVBAYTAmNuMQswCQYDVQQIDAJqeDELMAkGA1UEBwwCbmMxDDAKBgNVBAoM -A2xrcTEMMAoGA1UECwwDbGtxMRAwDgYDVQQDDAdsa3EuY29tMB4XDTIzMDQyMDEx -MzcyOVoXDTI0MDQxOTExMzcyOVowVTELMAkGA1UEBhMCY24xCzAJBgNVBAgMAmp4 -MQswCQYDVQQHDAJuYzEMMAoGA1UECgwDbGtxMQwwCgYDVQQLDANsa3ExEDAOBgNV -BAMMB2xrcS5jb20wggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCw8am5 -yyW8kWzJ4ib3wUQecDctXWaTLBC2Gry6ygaRIWSEgSIB7skoXET7a5hJ87S8sKj9 -3P+OKiLIYntHEW1jXxH9jlUiJV73jhD+4LguVXrHZgFF0e3JoGG4P5SR3jHfU/aj -JRryltvSLR5ZMSGvac2AyQLiAA2OaLipQIeYkVCHhuMsBE7nGaEIlyu43Q6njfwp -/QkeJ7zz3TQduP8zICR/4HGksa/bkA7JzSlmvGsjgAtD8/gXvZhKfRYEdD/1Xy/R -GjBTWSDyr0HyH9/iP25AiL28fPdQe0FZZVbicE3lX873ya1whQQZCjepMz3bEG6g -ydq+MJIRFq19qt0hAgMBAAEwDQYJKoZIhvcNAQELBQADggEBAC1LvQ9ly5aOMCDd -TBYd1AYjWyKKEJw5B76+eN+eIxNhkpPlLV0GBY8vrwPf+2utXUm9WuRWOnie8hVP -yTVvk998/gY+LJRalDs9oK5mD7o06FsZe6QPtg75kqTYTPSgSRBd7rKcIOdRx1l6 -IRM2uK5VjkwdP58GRhkcU6mg2HAWw5m8CYleFC/E0CLnoBxEp6gNJrWkja3yhWjg -1RphpPCA8edeCSMcAXg7WzDq/4aUAtE0JlK3gU/FEzhjYlsXsk97twJvg49GR0fG -qPpYw5jcWXvopPBgTq0s/l9wNREvDAhvW8Je/VaOTwrcIO7D7hWDS40p/EQdK+Gw -oD8gNK0= ------END CERTIFICATE----- diff --git a/cert/ca.csr b/cert/ca.csr deleted file mode 100644 index 7457e7c..0000000 --- a/cert/ca.csr +++ /dev/null @@ -1,16 +0,0 @@ ------BEGIN CERTIFICATE REQUEST----- -MIICmjCCAYICAQAwVTELMAkGA1UEBhMCY24xCzAJBgNVBAgMAmp4MQswCQYDVQQH -DAJuYzEMMAoGA1UECgwDbGtxMQwwCgYDVQQLDANsa3ExEDAOBgNVBAMMB2xrcS5j -b20wggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCw8am5yyW8kWzJ4ib3 -wUQecDctXWaTLBC2Gry6ygaRIWSEgSIB7skoXET7a5hJ87S8sKj93P+OKiLIYntH -EW1jXxH9jlUiJV73jhD+4LguVXrHZgFF0e3JoGG4P5SR3jHfU/ajJRryltvSLR5Z -MSGvac2AyQLiAA2OaLipQIeYkVCHhuMsBE7nGaEIlyu43Q6njfwp/QkeJ7zz3TQd -uP8zICR/4HGksa/bkA7JzSlmvGsjgAtD8/gXvZhKfRYEdD/1Xy/RGjBTWSDyr0Hy -H9/iP25AiL28fPdQe0FZZVbicE3lX873ya1whQQZCjepMz3bEG6gydq+MJIRFq19 -qt0hAgMBAAGgADANBgkqhkiG9w0BAQsFAAOCAQEAYIBaAB/Uh1KX90MWUEUOO6/q -aYWMJvNEOISzOiMwHOl9yGlfvW2Uk0FvqEhYP/j7Zdr0LJLenC72ThD6Dj1jYdUd -J2VwOCgJyVJapHu7nXakpULdSLCx8X1WYZttjwaB602W8pykA8832BsEANeKfOoR -j8v1E2ZetZeXIu/zxRcAkok++owF3JiDH2s+q6qfTkXkSIZD1o+ELN31pCfYdlCC -w96FkAxO8chTeR9D0mq9aHXDSd9yhI5iIMImd+zmkGF7JqAartXlKadQpcDaDU4v -af17yavUxpXIrXYqeh+TW4J31BCkFBgW2rdxlP+OYwy5prswxNqDn2+pKRgYfw== ------END CERTIFICATE REQUEST----- diff --git a/cert/ca.key b/cert/ca.key deleted file mode 100644 index 3d3879d..0000000 --- a/cert/ca.key +++ /dev/null @@ -1,30 +0,0 @@ ------BEGIN ENCRYPTED PRIVATE KEY----- -MIIFHDBOBgkqhkiG9w0BBQ0wQTApBgkqhkiG9w0BBQwwHAQIpxv3A9x12nMCAggA -MAwGCCqGSIb3DQIJBQAwFAYIKoZIhvcNAwcECJGP0xkXZMLsBIIEyBnyKoNreuKI -Qqn1w8kUC5WgRghNa4lC5yC1//EoIvH2oYx+K4thNAgkC/d27CpAoVAFaSiv5XJ+ -p7Qfm4s4JZPm3vJeQSg7TtE5sf35G87zW0CboTEkxX5cYlIgDXv0EPrGqgdMRY20 -wCxJp/YSGRBBgPuUk/rmsBmnALux5lMFuCsPgO898TcoS8mL/5STh3gbJqGLGnMZ -Vk8OmKh8JRtwQT50VLf4nzug2Ro2yVbSp4dm7f/H5wSYZhfnI1oNDNOar4bHqhwn -KZeSSQuW9afdUUl00LKTUM5Mh4QyC9Qr8dnkulz9vVQGHbybpga56o/5QA9oxZuF -8lgsm8KnOR31r8wnrYW7igp2bW2S9rhaQooc8ltRF1WbCSJvM5pKu9+ta0DSyVs1 -gWaMyxSceieQwdvXuhW2s6ZuwpzvXB5uAr/spKO8lSOxwSD7qdHfUDUj4M6Go+d8 -jKD1T9xS4v4bmRyaYtNwvb9EESHZJJ/Y5qA6oDGCSe2uNp//T8VJ63RIBBoi742K -La43Iwoe33fSpZ8334YUike260949HPUiXgNbueGT/ID+ggZcU/cTjbWVzfUSZfM -bJ3fr6h5Q+0J5iQfddr/YDwS2Raa3tgmkZ0JNg6K3WfUlDwgV6G70V8HDmSP1oKc -piLzCLkqfW1/deVdoBHOvBm52zhl4tu3cfoAZhVT8J4iyzecDfr01ZPqYx0WreFH -j5/WBKqODUNUYJDlW7DLrSlOxAeO85Wj+sqQpb+B9d4lYuTAHRtmAjwkiBX3sM3A -8bMh43EgH36aavXn+ep93CDGZTJ37sHsuVH+eCy/ZotyKYUI2V9on8zpNeDZgmxP -l6W8Js97n0zG4/abaGpts8vECVFcQrqWMBVAAjDMoAETFvBYbsYxQ/VoHTrmgmxI -WxrIINi4limhet/x+UZRSmxhoy6J3HNB7tiIgMwyPP9vfwpLAJtMEZuM2x/aZcPj -+cV6MG/9rLod/HqAPknG5Rn9vWCSzZrssYsnioEDCyF7aYBoUuNAaGpaNHI/JGHY -HpakLkHnOmIczM/h6h8n7VB5pu62MIibvzbos6O05mnkhMuGUTVXEWcbwqWG65dr -N17yRQUNZpd72UmhRLXH5AyTZMYyFckJyVHrcrBkAyGqN8pm5o9SVyvkJ5Tj03fr -FfLSmrFkEJvq5zrwhattOJZ8zxxiTikHauSXpf99iclE23dIpaxtMfDtBXUsprWT -RDUMgrqWMrjjVe6fejIqJdaTaiJfMiikKbEHrgJ/7Lfsu4ebqpy5XT7L+OlILzK8 -TEHbJoPuqp6V+f++Jh09me003RtEnyYKyXu/5dVbfVkspy3jsKjfxkFV46nBaGyh -ZhrZ/GvLA6VcxUlkPYzK01pecuuk48+gWvJJGv7acYJ58DmtvvWxPdvtuylo/4gW -H7a44mRxWEk70dh/NBUFxVYzkvvRSaYALPvl9XNFEZYhugVH9wd96iVimArg0mM1 -Io3oddWdBNTQjkEDn2McWpvkM3yliMbVUxPK9uawMatPbk6G/j/LebRgV+oMLSt1 -IWXvQ3vD1TfagfpknsrnGoChdRaiO2bhv6mBht90eGuriJyglJzEu/WbFahivCv2 -KIVePL1gGC817GHUjXXtVg== ------END ENCRYPTED PRIVATE KEY----- diff --git a/cert/ca.srl b/cert/ca.srl deleted file mode 100644 index b66c5a6..0000000 --- a/cert/ca.srl +++ /dev/null @@ -1 +0,0 @@ -60C8840AB8EBA6989ED40D19ADD86852083D427F diff --git a/cert/client.key b/cert/client.key deleted file mode 100644 index bdbb440..0000000 --- a/cert/client.key +++ /dev/null @@ -1,5 +0,0 @@ ------BEGIN PRIVATE KEY----- -MIGHAgEAMBMGByqGSM49AgEGCCqGSM49AwEHBG0wawIBAQQg1fh58x4bws3t1TFN -0GcADksdwO1l1s1kwK3IFUWjjLqhRANCAAQPGF/kRKeQWAfvMjQWouotiPUtON4U -nms74/jTGXfq26TkuQdZQt6NCYiOMH+vKnBnQh5oRh67iiRlJIGFiM4h ------END PRIVATE KEY----- diff --git a/cert/client.pem b/cert/client.pem deleted file mode 100644 index 85efbcb..0000000 --- a/cert/client.pem +++ /dev/null @@ -1,20 +0,0 @@ ------BEGIN CERTIFICATE----- -MIIDOjCCAiKgAwIBAgIUZK9fVbUhDMEXSzRMt6J6qphmL6MwDQYJKoZIhvcNAQEL -BQAwVTELMAkGA1UEBhMCY24xCzAJBgNVBAgMAmp4MQswCQYDVQQHDAJuYzEMMAoG -A1UECgwDbGtxMQwwCgYDVQQLDANsa3ExEDAOBgNVBAMMB2xrcS5jb20wHhcNMjMw -NDIxMDY0MzMzWhcNMjQwNDIwMDY0MzMzWjBVMQswCQYDVQQGEwJjbjELMAkGA1UE -CAwCangxCzAJBgNVBAcMAm5jMQwwCgYDVQQKDANsa3ExDDAKBgNVBAsMA2xrcTEQ -MA4GA1UEAwwHbGtxLmNvbTBZMBMGByqGSM49AgEGCCqGSM49AwEHA0IABA8YX+RE -p5BYB+8yNBai6i2I9S043hSeazvj+NMZd+rbpOS5B1lC3o0JiI4wf68qcGdCHmhG -HruKJGUkgYWIziGjgcwwgckwFAYDVR0RBA0wC4IJKi5sa3EuY29tMAkGA1UdEwQC -MAAwCwYDVR0PBAQDAgXgMB0GA1UdDgQWBBSwqmiRumIWLB/Pt1m4NwNZj787PDB6 -BgNVHSMEczBxoVmkVzBVMQswCQYDVQQGEwJjbjELMAkGA1UECAwCangxCzAJBgNV -BAcMAm5jMQwwCgYDVQQKDANsa3ExDDAKBgNVBAsMA2xrcTEQMA4GA1UEAwwHbGtx -LmNvbYIUfMVNFqFWKigox2rma5miUxdeDHQwDQYJKoZIhvcNAQELBQADggEBAH5W -8x6bxo3Z6ufOjwEmMWv+yZQO4vWY79dLcP+Hfo0r6cKW7wDcgvr6Jr8X2c3UY1At -AzgND+ogJMiFenhpPhxEDg4dknDLD4I5eDNA0NB3pZOdZupX2WKnm6U3LUvvUA9p -6Q7OZAaPatTDfzBzZ7U0CZUkDGntBf11rTQ6hE2ynHOXTXeLPcFBYgMe4/YPILc5 -L4pr2Oa6yefG71LqOY0HibCUWXwWASHDbox58jsZ5NJE4mDPFoMPhnCWeFitDw3J -21Fn4LO94skfLjhSoUPgsoCcT0nWgG1B5NYHftXQWEMVf30EVAULhL9Ysc8wJp6V -yuq0foxCk0N8wvNCjKE= ------END CERTIFICATE----- diff --git a/cert/client_prikey.txt b/cert/client_prikey.txt new file mode 100644 index 0000000..4aaa52f --- /dev/null +++ b/cert/client_prikey.txt @@ -0,0 +1 @@ +client123 \ No newline at end of file diff --git a/cert/client_pubkey.txt b/cert/client_pubkey.txt new file mode 100644 index 0000000..4aaa52f --- /dev/null +++ b/cert/client_pubkey.txt @@ -0,0 +1 @@ +client123 \ No newline at end of file diff --git a/cert/openssl.cnf b/cert/openssl.cnf deleted file mode 100644 index 10eee8d..0000000 --- a/cert/openssl.cnf +++ /dev/null @@ -1,396 +0,0 @@ -# -# OpenSSL example configuration file. -# See doc/man5/config.pod for more info. -# -# This is mostly being used for generation of certificate requests, -# but may be used for auto loading of providers - -# Note that you can include other files from the main configuration -# file using the .include directive. -#.include filename - -# This definition stops the following lines choking if HOME isn't -# defined. -HOME = . - -# Use this in order to automatically load providers. -openssl_conf = openssl_init - -# Comment out the next line to ignore configuration errors -config_diagnostics = 1 - -# Extra OBJECT IDENTIFIER info: -# oid_file = $ENV::HOME/.oid -oid_section = new_oids - -# To use this configuration file with the "-extfile" option of the -# "openssl x509" utility, name here the section containing the -# X.509v3 extensions to use: -# extensions = -# (Alternatively, use a configuration file that has only -# X.509v3 extensions in its main [= default] section.) - -[ new_oids ] -# We can add new OIDs in here for use by 'ca', 'req' and 'ts'. -# Add a simple OID like this: -# testoid1=1.2.3.4 -# Or use config file substitution like this: -# testoid2=${testoid1}.5.6 - -# Policies used by the TSA examples. -tsa_policy1 = 1.2.3.4.1 -tsa_policy2 = 1.2.3.4.5.6 -tsa_policy3 = 1.2.3.4.5.7 - -# For FIPS -# Optionally include a file that is generated by the OpenSSL fipsinstall -# application. This file contains configuration data required by the OpenSSL -# fips provider. It contains a named section e.g. [fips_sect] which is -# referenced from the [provider_sect] below. -# Refer to the OpenSSL security policy for more information. -# .include fipsmodule.cnf - -[openssl_init] -providers = provider_sect - -# List of providers to load -[provider_sect] -default = default_sect -# The fips section name should match the section name inside the -# included fipsmodule.cnf. -# fips = fips_sect - -# If no providers are activated explicitly, the default one is activated implicitly. -# See man 7 OSSL_PROVIDER-default for more details. -# -# If you add a section explicitly activating any other provider(s), you most -# probably need to explicitly activate the default provider, otherwise it -# becomes unavailable in openssl. As a consequence applications depending on -# OpenSSL may not work correctly which could lead to significant system -# problems including inability to remotely access the system. -[default_sect] -# activate = 1 - - -#################################################################### -[ ca ] -default_ca = CA_default # The default ca section - -#################################################################### -[ CA_default ] - -dir = ./demoCA # Where everything is kept -certs = $dir/certs # Where the issued certs are kept -crl_dir = $dir/crl # Where the issued crl are kept -database = $dir/index.txt # database index file. -#unique_subject = no # Set to 'no' to allow creation of - # several certs with same subject. -new_certs_dir = $dir/newcerts # default place for new certs. - -certificate = $dir/cacert.pem # The CA certificate -serial = $dir/serial # The current serial number -crlnumber = $dir/crlnumber # the current crl number - # must be commented out to leave a V1 CRL -crl = $dir/crl.pem # The current CRL -private_key = $dir/private/cakey.pem # The private key - -x509_extensions = usr_cert # The extensions to add to the cert - -# Comment out the following two lines for the "traditional" -# (and highly broken) format. -name_opt = ca_default # Subject Name options -cert_opt = ca_default # Certificate field options - -# Extension copying option: use with caution. -copy_extensions = copy - -# Extensions to add to a CRL. Note: Netscape communicator chokes on V2 CRLs -# so this is commented out by default to leave a V1 CRL. -# crlnumber must also be commented out to leave a V1 CRL. -# crl_extensions = crl_ext - -default_days = 365 # how long to certify for -default_crl_days= 30 # how long before next CRL -default_md = default # use public key default MD -preserve = no # keep passed DN ordering - -# A few difference way of specifying how similar the request should look -# For type CA, the listed attributes must be the same, and the optional -# and supplied fields are just that :-) -policy = policy_match - -# For the CA policy -[ policy_match ] -countryName = match -stateOrProvinceName = match -organizationName = match -organizationalUnitName = optional -commonName = supplied -emailAddress = optional - -# For the 'anything' policy -# At this point in time, you must list all acceptable 'object' -# types. -[ policy_anything ] -countryName = optional -stateOrProvinceName = optional -localityName = optional -organizationName = optional -organizationalUnitName = optional -commonName = supplied -emailAddress = optional - -#################################################################### -[ req ] -default_bits = 2048 -default_keyfile = privkey.pem -distinguished_name = req_distinguished_name -attributes = req_attributes -x509_extensions = v3_ca # The extensions to add to the self signed cert - -# Passwords for private keys if not present they will be prompted for -# input_password = secret -# output_password = secret - -# This sets a mask for permitted string types. There are several options. -# default: PrintableString, T61String, BMPString. -# pkix : PrintableString, BMPString (PKIX recommendation before 2004) -# utf8only: only UTF8Strings (PKIX recommendation after 2004). -# nombstr : PrintableString, T61String (no BMPStrings or UTF8Strings). -# MASK:XXXX a literal mask value. -# WARNING: ancient versions of Netscape crash on BMPStrings or UTF8Strings. -string_mask = utf8only - -req_extensions = v3_req # The extensions to add to a certificate request - -[ req_distinguished_name ] -countryName = Country Name (2 letter code) -countryName_default = AU -countryName_min = 2 -countryName_max = 2 - -stateOrProvinceName = State or Province Name (full name) -stateOrProvinceName_default = Some-State - -localityName = Locality Name (eg, city) - -0.organizationName = Organization Name (eg, company) -0.organizationName_default = Internet Widgits Pty Ltd - -# we can do this but it is not needed normally :-) -#1.organizationName = Second Organization Name (eg, company) -#1.organizationName_default = World Wide Web Pty Ltd - -organizationalUnitName = Organizational Unit Name (eg, section) -#organizationalUnitName_default = - -commonName = Common Name (e.g. server FQDN or YOUR name) -commonName_max = 64 - -emailAddress = Email Address -emailAddress_max = 64 - -# SET-ex3 = SET extension number 3 - -[ req_attributes ] -challengePassword = A challenge password -challengePassword_min = 4 -challengePassword_max = 20 - -unstructuredName = An optional company name - -[ usr_cert ] - -# These extensions are added when 'ca' signs a request. - -# This goes against PKIX guidelines but some CAs do it and some software -# requires this to avoid interpreting an end user certificate as a CA. - -basicConstraints=CA:FALSE - -# This is typical in keyUsage for a client certificate. -# keyUsage = nonRepudiation, digitalSignature, keyEncipherment - -# PKIX recommendations harmless if included in all certificates. -subjectKeyIdentifier=hash -authorityKeyIdentifier=keyid,issuer - -# This stuff is for subjectAltName and issuerAltname. -# Import the email address. -# subjectAltName=email:copy -# An alternative to produce certificates that aren't -# deprecated according to PKIX. -# subjectAltName=email:move - -# Copy subject details -# issuerAltName=issuer:copy - -# This is required for TSA certificates. -# extendedKeyUsage = critical,timeStamping - -[ v3_req ] - -subjectAltName = @alt_names - -# Extensions to add to a certificate request - -basicConstraints = CA:FALSE -keyUsage = nonRepudiation, digitalSignature, keyEncipherment - -[ alt_names ] - -DNS.1 = *.lkq.com - -[ v3_ca ] - - -# Extensions for a typical CA - - -# PKIX recommendation. - -subjectKeyIdentifier=hash - -authorityKeyIdentifier=keyid:always,issuer - -basicConstraints = critical,CA:true - -# Key usage: this is typical for a CA certificate. However since it will -# prevent it being used as an test self-signed certificate it is best -# left out by default. -# keyUsage = cRLSign, keyCertSign - -# Include email address in subject alt name: another PKIX recommendation -# subjectAltName=email:copy -# Copy issuer details -# issuerAltName=issuer:copy - -# DER hex encoding of an extension: beware experts only! -# obj=DER:02:03 -# Where 'obj' is a standard or added object -# You can even override a supported extension: -# basicConstraints= critical, DER:30:03:01:01:FF - -[ crl_ext ] - -# CRL extensions. -# Only issuerAltName and authorityKeyIdentifier make any sense in a CRL. - -# issuerAltName=issuer:copy -authorityKeyIdentifier=keyid:always - -[ proxy_cert_ext ] -# These extensions should be added when creating a proxy certificate - -# This goes against PKIX guidelines but some CAs do it and some software -# requires this to avoid interpreting an end user certificate as a CA. - -basicConstraints=CA:FALSE - -# This is typical in keyUsage for a client certificate. -# keyUsage = nonRepudiation, digitalSignature, keyEncipherment - -# PKIX recommendations harmless if included in all certificates. -subjectKeyIdentifier=hash -authorityKeyIdentifier=keyid,issuer - -# This stuff is for subjectAltName and issuerAltname. -# Import the email address. -# subjectAltName=email:copy -# An alternative to produce certificates that aren't -# deprecated according to PKIX. -# subjectAltName=email:move - -# Copy subject details -# issuerAltName=issuer:copy - -# This really needs to be in place for it to be a proxy certificate. -proxyCertInfo=critical,language:id-ppl-anyLanguage,pathlen:3,policy:foo - -#################################################################### -[ tsa ] - -default_tsa = tsa_config1 # the default TSA section - -[ tsa_config1 ] - -# These are used by the TSA reply generation only. -dir = ./demoCA # TSA root directory -serial = $dir/tsaserial # The current serial number (mandatory) -crypto_device = builtin # OpenSSL engine to use for signing -signer_cert = $dir/tsacert.pem # The TSA signing certificate - # (optional) -certs = $dir/cacert.pem # Certificate chain to include in reply - # (optional) -signer_key = $dir/private/tsakey.pem # The TSA private key (optional) -signer_digest = sha256 # Signing digest to use. (Optional) -default_policy = tsa_policy1 # Policy if request did not specify it - # (optional) -other_policies = tsa_policy2, tsa_policy3 # acceptable policies (optional) -digests = sha1, sha256, sha384, sha512 # Acceptable message digests (mandatory) -accuracy = secs:1, millisecs:500, microsecs:100 # (optional) -clock_precision_digits = 0 # number of digits after dot. (optional) -ordering = yes # Is ordering defined for timestamps? - # (optional, default: no) -tsa_name = yes # Must the TSA name be included in the reply? - # (optional, default: no) -ess_cert_id_chain = no # Must the ESS cert id chain be included? - # (optional, default: no) -ess_cert_id_alg = sha1 # algorithm to compute certificate - # identifier (optional, default: sha1) - -[insta] # CMP using Insta Demo CA -# Message transfer -server = pki.certificate.fi:8700 -# proxy = # set this as far as needed, e.g., http://192.168.1.1:8080 -# tls_use = 0 -path = pkix/ - -# Server authentication -recipient = "/C=FI/O=Insta Demo/CN=Insta Demo CA" # or set srvcert or issuer -ignore_keyusage = 1 # potentially needed quirk -unprotected_errors = 1 # potentially needed quirk -extracertsout = insta.extracerts.pem - -# Client authentication -ref = 3078 # user identification -secret = pass:insta # can be used for both client and server side - -# Generic message options -cmd = ir # default operation, can be overridden on cmd line with, e.g., kur - -# Certificate enrollment -subject = "/CN=openssl-cmp-test" -newkey = insta.priv.pem -out_trusted = insta.ca.crt -certout = insta.cert.pem - -[pbm] # Password-based protection for Insta CA -# Server and client authentication -ref = $insta::ref # 3078 -secret = $insta::secret # pass:insta - -[signature] # Signature-based protection for Insta CA -# Server authentication -trusted = insta.ca.crt # does not include keyUsage digitalSignature - -# Client authentication -secret = # disable PBM -key = $insta::newkey # insta.priv.pem -cert = $insta::certout # insta.cert.pem - -[ir] -cmd = ir - -[cr] -cmd = cr - -[kur] -# Certificate update -cmd = kur -oldcert = $insta::certout # insta.cert.pem - -[rr] -# Certificate revocation -cmd = rr -oldcert = $insta::certout # insta.cert.pem diff --git a/cert/order.key b/cert/order.key deleted file mode 100644 index aae7cf7..0000000 --- a/cert/order.key +++ /dev/null @@ -1,5 +0,0 @@ ------BEGIN PRIVATE KEY----- -MIGHAgEAMBMGByqGSM49AgEGCCqGSM49AwEHBG0wawIBAQQgERNVfrHYBvEo7cyr -1ecjo69iC+1TaeDZMTqsJfanN0WhRANCAAT1SidjZizkN8UvqtD0v4uaU6D1ah9S -Opw7P+iFkmTEWDDizgnC63BAZm6ktiBfGKyKxoe7Itt7JbMOmvzhPHuo ------END PRIVATE KEY----- diff --git a/cert/order.pem b/cert/order.pem deleted file mode 100644 index cea7150..0000000 --- a/cert/order.pem +++ /dev/null @@ -1,20 +0,0 @@ ------BEGIN CERTIFICATE----- -MIIDOjCCAiKgAwIBAgIUYMiECrjrppie1A0ZrdhoUgg9Qn8wDQYJKoZIhvcNAQEL -BQAwVTELMAkGA1UEBhMCY24xCzAJBgNVBAgMAmp4MQswCQYDVQQHDAJuYzEMMAoG -A1UECgwDbGtxMQwwCgYDVQQLDANsa3ExEDAOBgNVBAMMB2xrcS5jb20wHhcNMjMw -NTA2MTAyNDU2WhcNMjQwNTA1MTAyNDU2WjBVMQswCQYDVQQGEwJjbjELMAkGA1UE -CAwCangxCzAJBgNVBAcMAm5jMQwwCgYDVQQKDANsa3ExDDAKBgNVBAsMA2xrcTEQ -MA4GA1UEAwwHbGtxLmNvbTBZMBMGByqGSM49AgEGCCqGSM49AwEHA0IABPVKJ2Nm -LOQ3xS+q0PS/i5pToPVqH1I6nDs/6IWSZMRYMOLOCcLrcEBmbqS2IF8YrIrGh7si -23slsw6a/OE8e6ijgcwwgckwFAYDVR0RBA0wC4IJKi5sa3EuY29tMAkGA1UdEwQC -MAAwCwYDVR0PBAQDAgXgMB0GA1UdDgQWBBQi8uNBmiX8UnnPuzMmUuC+DjWwuzB6 -BgNVHSMEczBxoVmkVzBVMQswCQYDVQQGEwJjbjELMAkGA1UECAwCangxCzAJBgNV -BAcMAm5jMQwwCgYDVQQKDANsa3ExDDAKBgNVBAsMA2xrcTEQMA4GA1UEAwwHbGtx -LmNvbYIUfMVNFqFWKigox2rma5miUxdeDHQwDQYJKoZIhvcNAQELBQADggEBACLj -GyEREOa2XXmlDaBdxc8MV/nS3+frM2s2Dgh9c2ps65fDWPwh1fww8CGa4346i7Kq -Nl+auJ9yI35qcKwh6qXT5av9jqyEKYkixGmHoJ2DmwZoMPF2kfwihJvYOrP91mpr -2zns2T658LlmgSnYvL2TdfyHmOea+VMNnCD+bD9fe/NLMDcxOOhG5aQ9AyI6LiXu -2rVHqZmBgQ4xLyw5NTanavFvzn+A9qDElfnHbcOqiezBxp11cnQw0kLUxNt6/Zte -DBMyrEHUowaFGB59nIVo/uPBw/4LHRRxH48mQWVD03sP5LLVQ9G6XO8ZJIBdS/1I -8+Np8mrJ7by/H2ZLWpY= ------END CERTIFICATE----- diff --git a/cert/order_prikey.txt b/cert/order_prikey.txt new file mode 100644 index 0000000..e69de29 diff --git a/cert/order_pubkey.txt b/cert/order_pubkey.txt new file mode 100644 index 0000000..115b620 --- /dev/null +++ b/cert/order_pubkey.txt @@ -0,0 +1 @@ +order123 \ No newline at end of file diff --git a/cert/peer.key b/cert/peer.key deleted file mode 100644 index 335d2b1..0000000 --- a/cert/peer.key +++ /dev/null @@ -1,5 +0,0 @@ ------BEGIN PRIVATE KEY----- -MIGHAgEAMBMGByqGSM49AgEGCCqGSM49AwEHBG0wawIBAQQgd29Vz1rvQL3wcU5K -REu+DuvRnBmKg4hDaFxDWx3UIsGhRANCAASfaFMEhvnjNfxV8DKe5jrcunMXtpPI -DTyBmfB5OuQllvxBrVgbr8U0q7w8XgFgtvPaGAyKTsng0bXPBpIZbsZK ------END PRIVATE KEY----- diff --git a/cert/peer.pem b/cert/peer.pem deleted file mode 100644 index f378b6c..0000000 --- a/cert/peer.pem +++ /dev/null @@ -1,20 +0,0 @@ ------BEGIN CERTIFICATE----- -MIIDOjCCAiKgAwIBAgIUZK9fVbUhDMEXSzRMt6J6qphmL6QwDQYJKoZIhvcNAQEL -BQAwVTELMAkGA1UEBhMCY24xCzAJBgNVBAgMAmp4MQswCQYDVQQHDAJuYzEMMAoG -A1UECgwDbGtxMQwwCgYDVQQLDANsa3ExEDAOBgNVBAMMB2xrcS5jb20wHhcNMjMw -NDIxMTAyODUyWhcNMjQwNDIwMTAyODUyWjBVMQswCQYDVQQGEwJjbjELMAkGA1UE -CAwCangxCzAJBgNVBAcMAm5jMQwwCgYDVQQKDANsa3ExDDAKBgNVBAsMA2xrcTEQ -MA4GA1UEAwwHbGtxLmNvbTBZMBMGByqGSM49AgEGCCqGSM49AwEHA0IABJ9oUwSG -+eM1/FXwMp7mOty6cxe2k8gNPIGZ8Hk65CWW/EGtWBuvxTSrvDxeAWC289oYDIpO -yeDRtc8GkhluxkqjgcwwgckwFAYDVR0RBA0wC4IJKi5sa3EuY29tMAkGA1UdEwQC -MAAwCwYDVR0PBAQDAgXgMB0GA1UdDgQWBBTYvjZd9vUb4QyBwz2ZpQqPC43/TTB6 -BgNVHSMEczBxoVmkVzBVMQswCQYDVQQGEwJjbjELMAkGA1UECAwCangxCzAJBgNV -BAcMAm5jMQwwCgYDVQQKDANsa3ExDDAKBgNVBAsMA2xrcTEQMA4GA1UEAwwHbGtx -LmNvbYIUfMVNFqFWKigox2rma5miUxdeDHQwDQYJKoZIhvcNAQELBQADggEBACGG -rIrE8V9v5MHlrPhjIgsggpAuYHHkg9ktY3ME4owa0NIZfr8P8DGuZVWzPXkLh6Ur -7xd3iWPvEQenYSmyWeavqYsgvJlcK8A322qbF3Ma34yJL073pGGqfOnqAxvf20y1 -eZOJ/39xwAeBiZOu90AewgpVpDUa7dlggNBlBRsw3vfQPYqUqxdVoykVVtcidfbJ -1hhz2Y/q13Kj6Bfb54/rso3PFNUeiOZpBeBZ67y+hKdcADnHKkisxzlFBndZ7s3T -aDQgLaAWp2zE/5IjpxYLK26++JMg9LYiWIt/T6UPI4/3djUHfTts867+KEKMUD/A -4e1rBNd2+MY2zkO7i8g= ------END CERTIFICATE----- diff --git a/cert/peer_prikey.txt b/cert/peer_prikey.txt new file mode 100644 index 0000000..e69de29 diff --git a/cert/peer_pubkey.txt b/cert/peer_pubkey.txt new file mode 100644 index 0000000..317b03e --- /dev/null +++ b/cert/peer_pubkey.txt @@ -0,0 +1 @@ +peer123 \ No newline at end of file diff --git a/common/kgc/sign.go b/common/kgc/sign.go new file mode 100644 index 0000000..0d4d438 --- /dev/null +++ b/common/kgc/sign.go @@ -0,0 +1,7 @@ +package kgc + +func Certificateless_Sign(pri_key []byte, digest []byte) (signature []byte, err error) { + + signed_data := append(pri_key, digest...) + return signed_data, nil +} diff --git a/common/kgc/util.go b/common/kgc/util.go new file mode 100644 index 0000000..05f2118 --- /dev/null +++ b/common/kgc/util.go @@ -0,0 +1,51 @@ +package kgc + +import ( + "fmt" + "io/ioutil" + "os" + pb "schain/proto" + "schain/proto/util" +) + +func readTxtFile(filePath string) ([]byte, error) { + // 打开文件 + file, err := os.Open(filePath) + if err != nil { + return nil, err + } + defer file.Close() + + // 读取文件内容 + content, err := ioutil.ReadAll(file) + if err != nil { + return nil, err + } + + return content, nil +} + +func LoadPriKey(file string) []byte { + content, err := readTxtFile(file) + if err != nil { + fmt.Println("load privatekey error") + } + return content +} + +func LoadPubKey(file string) []byte { + content, err := readTxtFile(file) + if err != nil { + fmt.Println("load publickey error") + } + return content +} + +func InitIdentity(IdentityPath string, mspID string) ([]byte, error) { + pubkey, _ := readTxtFile(IdentityPath) + sId := &pb.Creator{ + Mspid: mspID, + IdBytes: pubkey, + } + return util.MarshalOrPanic(sId), nil +} diff --git a/common/kgc/verify.go b/common/kgc/verify.go new file mode 100644 index 0000000..26804e7 --- /dev/null +++ b/common/kgc/verify.go @@ -0,0 +1,28 @@ +package kgc + +import ( + "bytes" + "crypto/sha256" + "schain/proto/util" +) + +func Certificateless_Verify(creatorBytes []byte, signature, msg []byte) error { + + creator, err := util.UnmarshalCreator(creatorBytes) + + if err != nil { + return err + } + + publicKey := creator.IdBytes + + digest := sha256.Sum256(msg) + + data := append(publicKey, digest[:]...) + + if equal := bytes.Equal(data, signature); equal { + return nil + } + + return err +} diff --git a/common/signer/signer.go b/common/signer/signer.go index c209911..25555c1 100644 --- a/common/signer/signer.go +++ b/common/signer/signer.go @@ -1,9 +1,8 @@ package signer import ( - "crypto" + "bytes" "crypto/ecdsa" - "crypto/rand" "crypto/sha256" "crypto/x509" "encoding/asn1" @@ -12,6 +11,7 @@ import ( "os" "strings" + kgc "schain/common/kgc" pb "schain/proto" "schain/proto/util" @@ -27,9 +27,9 @@ type Config struct { // Signer 用户的签名,包含公钥、私钥和用户的身份 type Signer struct { - privateKey *ecdsa.PrivateKey - publicKeyKey *ecdsa.PublicKey - creator []byte + privateKey []byte + publicKey []byte + creator []byte } type ECDSASignature struct { @@ -38,26 +38,27 @@ type ECDSASignature struct { // NewSigner 根据配置创建一个用户签名 func NewSigner(conf *Config) (*Signer, error) { - sId, err := serializeIdentity(conf.IdentityPath, conf.MSPID) + sId, err := kgc.InitIdentity(conf.IdentityPath, conf.MSPID) if err != nil { return nil, errors.WithStack(err) } //加载私钥 - privateKey, err := loadPrivateKey(conf.KeyPath) + privateKey := kgc.LoadPriKey(conf.KeyPath) if err != nil { return nil, errors.WithStack(err) } //加载公钥,需要先调取用户证书,再从证书中获取公钥 - publicKey, err := loadPublicKey(conf.IdentityPath) + //无证书方案直接调取公钥即可 + publicKey := kgc.LoadPubKey(conf.IdentityPath) if err != nil { return nil, errors.WithStack(err) } return &Signer{ - creator: sId, - privateKey: privateKey, - publicKeyKey: publicKey, + creator: sId, + privateKey: privateKey, + publicKey: publicKey, }, nil } @@ -166,16 +167,33 @@ func (si *Signer) Serialize() ([]byte, error) { // 返回一个长度为 32 的字节数组,表示计算得到的 SHA256 校验和 func (si *Signer) Sign(msg []byte) ([]byte, error) { digest := sha256.Sum256(msg) - return signECDSA(si.privateKey, digest[:]) + return kgc.Certificateless_Sign(si.privateKey, digest[:]) + + //return signECDSA(si.privateKey, digest[:]) } -// 验证 ECDSA 签名 +// 验证 ECDSA 签名,此处用不到 func (si *Signer) Verify(signature, msg []byte) bool { //计算消息的哈希值 digest := sha256.Sum256(msg) - return verifyECDSA(si.publicKeyKey, signature, digest[:]) + key := ecdsa.PublicKey{} + return verifyECDSA(&key, signature, digest[:]) } +func verifyECDSA(pubKey *ecdsa.PublicKey, signature, digest []byte) bool { + + // 解析 ASN.1 编码的签名数据 + var sig ECDSASignature + _, err := asn1.Unmarshal(signature, &sig) + if err != nil { + return false + } + + // 使用 ECDSA 签名算法对消息的哈希值进行验证 + return ecdsa.Verify(pubKey, digest, sig.R, sig.S) +} + +/* // Verify 验证签名是否正确 func Verify(creatorBytes []byte, signature, msg []byte) error { creator, err := util.UnmarshalCreator(creatorBytes) @@ -195,7 +213,30 @@ func Verify(creatorBytes []byte, signature, msg []byte) error { return nil } +*/ +func Verify(creatorBytes []byte, signature, msg []byte) error { + + creator, err := util.UnmarshalCreator(creatorBytes) + + if err != nil { + return err + } + + publicKey := creator.IdBytes + + digest := sha256.Sum256(msg) + + data := append(publicKey, digest[:]...) + + if equal := bytes.Equal(data, signature); equal { + return nil + } + + return err +} + +/* // 根据文件加载用户的私钥 func loadPrivateKey(file string) (*ecdsa.PrivateKey, error) { b, err := os.ReadFile(file) @@ -260,16 +301,4 @@ func signECDSA(k *ecdsa.PrivateKey, digest []byte) (signature []byte, err error) return asn1.Marshal(ECDSASignature{R: r, S: s}) } - -func verifyECDSA(pubKey *ecdsa.PublicKey, signature, digest []byte) bool { - - // 解析 ASN.1 编码的签名数据 - var sig ECDSASignature - _, err := asn1.Unmarshal(signature, &sig) - if err != nil { - return false - } - - // 使用 ECDSA 签名算法对消息的哈希值进行验证 - return ecdsa.Verify(pubKey, digest, sig.R, sig.S) -} +*/ diff --git a/config/config.go b/config/config.go index 673c694..c4e68e2 100644 --- a/config/config.go +++ b/config/config.go @@ -9,7 +9,7 @@ import ( // GetClientConf 获取客户端的信息配置 func GetClientConf() (*signer.Config, error) { - viper.SetDefault("client.MSPID", "*.lkq.com") + viper.SetDefault("client.MSPID", "*.wxy.com") viper.SetDefault("client.IdentityPath", "cert/client.pem") viper.SetDefault("client.KeyPath", "cert/client.key") @@ -28,7 +28,7 @@ func GetClientConf() (*signer.Config, error) { // GetPeerConf 获取Peer节点的信息配置 func GetPeerConf() (*signer.Config, error) { - viper.SetDefault("peer.MSPID", "*.lkq.com") + viper.SetDefault("peer.MSPID", "*.wxy.com") viper.SetDefault("peer.IdentityPath", "cert/peer.pem") viper.SetDefault("peer.KeyPath", "cert/peer.key") @@ -47,7 +47,7 @@ func GetPeerConf() (*signer.Config, error) { // GetOrderConf 获取Order节点的配置信息 func GetOrderConf() (*signer.Config, error) { - viper.SetDefault("order.MSPID", "*.lkq.com") + viper.SetDefault("order.MSPID", "*.wxy.com") viper.SetDefault("order.IdentityPath", "cert/order.pem") viper.SetDefault("order.KeyPath", "cert/order.key") diff --git a/config/config.yaml b/config/config.yaml index 0512f23..0b8764b 100644 --- a/config/config.yaml +++ b/config/config.yaml @@ -37,18 +37,24 @@ client: MSPID: "*.wxy.com" IdentityPath: "cert/client.pem" KeyPath: "cert/client.key" + ClientPubPath: "cert/client_pubkey.txt" + ClientPriPath: "cert/client_prikey.txt" peer: address: ":1408" MSPID: "*.wxy.com" IdentityPath: "cert/peer.pem" KeyPath: "cert/peer.key" + PeerPubPath: "cert/peer_pubkey.txt" + PeerPriPath: "cert/peer_prikey.txt" order: address: ":1409" MSPID: "*.wxy.com" IdentityPath: "cert/order.pem" KeyPath: "cert/order.key" + OrderPubPath: "cert/order_pubkey.txt" + OrderPriPath: "cert/order_prikey.txt" -ca: - crt: "cert/ca.crt" \ No newline at end of file +#ca: +# crt: "cert/ca.crt" \ No newline at end of file diff --git a/config/context.go b/config/context.go index 402c816..2d8045c 100644 --- a/config/context.go +++ b/config/context.go @@ -24,7 +24,7 @@ var OrderAddress string // OrderConf Order节点签名配置 var OrderConf *signer.Config -// CaCrt 根证书地址 +// CaCrt 根证书地址(无证书模式下禁用) var CaCrt string type Organization struct { @@ -77,17 +77,17 @@ func init() { ProjectPath = pwd + "/" configFilePath = pwd + "/config/" - ClientConf, err = GetClientConf() + ClientConf, err = KGCClientConf() if err != nil { panic(errors.New("client conf acquisition failed")) } - PeerConf, err = GetPeerConf() + PeerConf, err = KGCPeerConf() if err != nil { panic(errors.New("peer conf acquisition failed")) } - OrderConf, err = GetOrderConf() + OrderConf, err = KGCOrderConf() if err != nil { panic(errors.New("order conf acquisition failed")) } @@ -110,7 +110,7 @@ func init() { OrderAddress = viper.GetString("order.address") // GetCaCrt 获取ca节点的ca.crt - CaCrt = ProjectPath + viper.GetString("ca.crt") + //CaCrt = ProjectPath + viper.GetString("ca.crt") Organizations, err = GetOrganizations() if err != nil { diff --git a/config/kgc_config.go b/config/kgc_config.go new file mode 100644 index 0000000..4178332 --- /dev/null +++ b/config/kgc_config.go @@ -0,0 +1,64 @@ +package config + +import ( + "schain/common/signer" + + "github.com/spf13/viper" +) + +// GetClientConf 获取客户端的信息配置 +func KGCClientConf() (*signer.Config, error) { + viper.SetDefault("client.MSPID", "*.wxy.com") + viper.SetDefault("client.ClientPubPath", "cert/client_pubkey.txt") + viper.SetDefault("client.ClientPriPath", "cert/client_prikey.txt") + + viper.AddConfigPath(configFilePath) + viper.SetConfigName("config") + if err := viper.ReadInConfig(); err != nil { + panic(err) + } + + return &signer.Config{ + MSPID: viper.GetString("client.MSPID"), + IdentityPath: ProjectPath + viper.GetString("client.ClientPubPath"), + KeyPath: ProjectPath + viper.GetString("client.ClientPriPath"), + }, nil +} + +// GetPeerConf 获取Peer节点的信息配置 +func KGCPeerConf() (*signer.Config, error) { + viper.SetDefault("peer.MSPID", "*.wxy.com") + viper.SetDefault("peer.PeerPubPath", "cert/peer_pubkey.txt") + viper.SetDefault("peer.PeerPriPath", "cert/peer_prikey.txt") + + viper.AddConfigPath(configFilePath) + viper.SetConfigName("config") + if err := viper.ReadInConfig(); err != nil { + return nil, err + } + + return &signer.Config{ + MSPID: viper.GetString("peer.MSPID"), + IdentityPath: ProjectPath + viper.GetString("peer.PeerPubPath"), + KeyPath: ProjectPath + viper.GetString("peer.PeerPriPath"), + }, nil +} + +// GetOrderConf 获取Order节点的配置信息 +func KGCOrderConf() (*signer.Config, error) { + viper.SetDefault("order.MSPID", "*.wxy.com") + viper.SetDefault("order.OrderPubPath", "cert/order_pubkey.txt") + viper.SetDefault("order.OrderPriPath", "cert/order_prikey.txt") + + viper.AddConfigPath(configFilePath) + viper.SetConfigName("config") + if err := viper.ReadInConfig(); err != nil { + return nil, err + } + + return &signer.Config{ + MSPID: viper.GetString("order.MSPID"), + IdentityPath: ProjectPath + viper.GetString("order.OrderPubPath"), + KeyPath: ProjectPath + viper.GetString("order.OrderPriPath"), + }, nil +} diff --git a/peer/shim/validate.go b/peer/shim/validate.go index 5e800be..4b65bb2 100644 --- a/peer/shim/validate.go +++ b/peer/shim/validate.go @@ -47,7 +47,7 @@ func validateEndorserTransaction(payload *pb.Payload, hdr *pb.SignatureHeader) ( tx, err := util.UnmarshalTransaction(payload.Data) if err != nil { return nil, errors.New("transaction Unmarshal fail") - + } if tx == nil { diff --git a/proto/util/txutils.go b/proto/util/txutils.go index fed79f9..ea1276f 100644 --- a/proto/util/txutils.go +++ b/proto/util/txutils.go @@ -118,6 +118,8 @@ func CreateSignedTx( } // check that the signer is the same that is referenced in the header + + // 验证了一次签名 signerBytes, err := signer.Serialize() if err != nil { return nil, err