The gcEVM employs the ECDSA signature scheme to acquire the user AES key utilized for data encryption and decryption.
The SDK provides a signing functionality to facilitate this process.
Below are the function signatures for signing, provided in Python, JavaScript, and Go languages:
defsign(message,key)
functionsign(message, key)
The function signs the message using the given ECDSA private key.
Input parameters:
message: The message to sign
key: ECDSA private key
Output:
The generated signature
Example usage - Onboard user
As described in the previous page, when executing the onboard_user script, the user AES key is obtained. During this process, it's necessary to apply a signature to the RSA public key.
Below are examples demonstrating the usage of the sign function in both Python and JavaScript languages:
# Generate new RSA key pairprivate_key, public_key =generate_rsa_keypair()# Sign the RSA public key using ECDSA private keysignedEK =sign(public_key, bytes.fromhex(signing_key[2:]))# Call the getUserKey function to get the encrypted AES keyreceipt = soda_helper.call_contract_transaction("onboard_user", "getUserKey", func_args=[public_key, signedEK])if receipt isNone:print("Failed to call the transaction function")returnencryptedKey = contract.functions.getSavedUserKey().call()# Decrypt the aes key using the RSA private keydecrypted_aes_key =decrypt_rsa(private_key, encryptedKey)
// Generate RSA keys and sign the public key using ECDSA private keyconst { publicKey,privateKey } =generateRSAKeyPair();constsignedEK=sign(publicKey,Buffer.from(SIGNING_KEY.slice(2),'hex'));// Call the getUserKey function to get the encrypted AES keyawaitsodaHelper.callContractTransaction("onboard_user","getUserKey", [publicKey, signedEK]);constencryptedKey=awaitsodaHelper.callContractView("onboard_user","getSavedUserKey")// Decrypt the AES key using the RSA private keyconstbuf=Buffer.from(encryptedKey.substring(2),'hex');constdecryptedAESKey=decryptRSA(privateKey, buf);
