Example 1 with AzureConfig
use of tech.pegasys.signers.secp256k1.azure.AzureConfig in project signers by ConsenSys.
the class AzureKeyVaultSignerTest method azureWithoutHashingDoesntHashData.
@Test
void azureWithoutHashingDoesntHashData() throws SignatureException {
final AzureConfig config = new AzureConfig(keyVaultName, KEY_NAME, "", clientId, clientSecret, tenantId);
final Signer azureNonHashedDataSigner = new AzureKeyVaultSignerFactory(false).createSigner(config);
final BigInteger publicKey = Numeric.toBigInt(EthPublicKeyUtils.toByteArray(azureNonHashedDataSigner.getPublicKey()));
final byte[] dataToSign = "Hello World".getBytes(UTF_8);
// manual hash before sending to remote signing
final byte[] hashedData = Hash.sha3(dataToSign);
final Signature signature = azureNonHashedDataSigner.sign(hashedData);
// Determine if Web3j thinks the signature comes from the public key used (really proves
// that the hashedData isn't hashed a second time).
final SignatureData sigData = new SignatureData(signature.getV().toByteArray(), Numeric.toBytesPadded(signature.getR(), 32), Numeric.toBytesPadded(signature.getS(), 32));
final BigInteger recoveredPublicKey = Sign.signedMessageHashToKey(hashedData, sigData);
assertThat(recoveredPublicKey).isEqualTo(publicKey);
}
Also used :
Signer(tech.pegasys.signers.secp256k1.api.Signer)
SignatureData(org.web3j.crypto.Sign.SignatureData)
Signature(tech.pegasys.signers.secp256k1.api.Signature)
BigInteger(java.math.BigInteger)
Test(org.junit.jupiter.api.Test)
Example 2 with AzureConfig
use of tech.pegasys.signers.secp256k1.azure.AzureConfig in project signers by ConsenSys.
the class AzureKeyVaultSignerTest method azureSignerCanSignTwice.
@Test
public void azureSignerCanSignTwice() {
final AzureConfig config = new AzureConfig(keyVaultName, KEY_NAME, "", clientId, clientSecret, tenantId);
final AzureKeyVaultSignerFactory factory = new AzureKeyVaultSignerFactory();
final Signer signer = factory.createSigner(config);
final byte[] dataToHash = "Hello World".getBytes(UTF_8);
signer.sign(dataToHash);
signer.sign(dataToHash);
}Example 3 with AzureConfig
use of tech.pegasys.signers.secp256k1.azure.AzureConfig in project signers by ConsenSys.
the class AzureKeyVaultSignerFactory method createSigner.
public Signer createSigner(final AzureConfig config) {
checkNotNull(config, "Config must be specified");
final AzureKeyVault vault;
try {
vault = createUsingClientSecretCredentials(config.getClientId(), config.getClientSecret(), config.getTenantId(), config.getKeyVaultName());
} catch (final Exception e) {
LOG.error("Failed to connect to vault", e);
throw new SignerInitializationException(INACCESSIBLE_KEY_ERROR, e);
}
final CryptographyClient cryptoClient;
try {
cryptoClient = vault.fetchKey(config.getKeyName(), config.getKeyVersion());
} catch (final Exception e) {
LOG.error("Unable to load key {}", e.getMessage());
throw new SignerInitializationException(INVALID_KEY_PARAMETERS_ERROR, e);
}
final JsonWebKey jsonWebKey = cryptoClient.getKey().getKey();
final String curveName = jsonWebKey.getCurveName().toString();
if (!SUPPORTED_CURVE_NAMES.contains(curveName)) {
LOG.error("Unsupported curve name: {}. Expecting one of {}.", curveName, SUPPORTED_CURVE_NAMES);
throw new SignerInitializationException(UNSUPPORTED_CURVE_NAME);
}
final Bytes rawPublicKey = Bytes.concatenate(Bytes.wrap(jsonWebKey.getX()), Bytes.wrap(jsonWebKey.getY()));
final boolean useDeprecatedCurveName = DEPRECATED_CURVE_NAME.equals(curveName);
return new AzureKeyVaultSigner(config, rawPublicKey, needsToHash, useDeprecatedCurveName);
}
Also used :
SignerInitializationException(tech.pegasys.signers.secp256k1.common.SignerInitializationException)
Bytes(org.apache.tuweni.bytes.Bytes)
JsonWebKey(com.azure.security.keyvault.keys.models.JsonWebKey)
AzureKeyVault(tech.pegasys.signers.azure.AzureKeyVault)
CryptographyClient(com.azure.security.keyvault.keys.cryptography.CryptographyClient)
SignerInitializationException(tech.pegasys.signers.secp256k1.common.SignerInitializationException)
Example 4 with AzureConfig
use of tech.pegasys.signers.secp256k1.azure.AzureConfig in project signers by ConsenSys.
the class MultiKeySignerProvider method createSigner.
@Override
public Signer createSigner(final AzureSigningMetadataFile metadataFile) {
try {
final AzureConfig config = metadataFile.getConfig();
final AzureKeyVaultSignerFactory azureFactory = new AzureKeyVaultSignerFactory();
return azureFactory.createSigner(config);
} catch (final SignerInitializationException e) {
LOG.error("Failed to construct Azure signer from " + metadataFile.getFilename());
return null;
}
}
Also used :
SignerInitializationException(tech.pegasys.signers.secp256k1.common.SignerInitializationException)
AzureConfig(tech.pegasys.signers.secp256k1.azure.AzureConfig)
AzureKeyVaultSignerFactory(tech.pegasys.signers.secp256k1.azure.AzureKeyVaultSignerFactory)
Aggregations
Test (org.junit.jupiter.api.Test)2
Signer (tech.pegasys.signers.secp256k1.api.Signer)2
SignerInitializationException (tech.pegasys.signers.secp256k1.common.SignerInitializationException)2
CryptographyClient (com.azure.security.keyvault.keys.cryptography.CryptographyClient)1
JsonWebKey (com.azure.security.keyvault.keys.models.JsonWebKey)1
BigInteger (java.math.BigInteger)1
Bytes (org.apache.tuweni.bytes.Bytes)1
SignatureData (org.web3j.crypto.Sign.SignatureData)1
AzureKeyVault (tech.pegasys.signers.azure.AzureKeyVault)1
Signature (tech.pegasys.signers.secp256k1.api.Signature)1
AzureConfig (tech.pegasys.signers.secp256k1.azure.AzureConfig)1
AzureKeyVaultSignerFactory (tech.pegasys.signers.secp256k1.azure.AzureKeyVaultSignerFactory)1
