Example 1 with ArtifactSigner
use of tech.pegasys.web3signer.signing.ArtifactSigner in project web3signer by ConsenSys.
the class Eth2Runner method createArtifactSignerProvider.
@Override
protected ArtifactSignerProvider createArtifactSignerProvider(final Vertx vertx, final MetricsSystem metricsSystem) {
return new DefaultArtifactSignerProvider(() -> {
final List<ArtifactSigner> signers = Lists.newArrayList();
final HashicorpConnectionFactory hashicorpConnectionFactory = new HashicorpConnectionFactory(vertx);
try (final InterlockKeyProvider interlockKeyProvider = new InterlockKeyProvider(vertx);
final YubiHsmOpaqueDataProvider yubiHsmOpaqueDataProvider = new YubiHsmOpaqueDataProvider();
final AwsSecretsManagerProvider awsSecretsManagerProvider = new AwsSecretsManagerProvider(awsCacheMaximumSize)) {
final AbstractArtifactSignerFactory artifactSignerFactory = new BlsArtifactSignerFactory(config.getKeyConfigPath(), metricsSystem, hashicorpConnectionFactory, interlockKeyProvider, yubiHsmOpaqueDataProvider, awsSecretsManagerProvider, (args) -> new BlsArtifactSigner(args.getKeyPair(), args.getOrigin(), args.getPath()));
signers.addAll(new SignerLoader().load(config.getKeyConfigPath(), "yaml", new YamlSignerParser(List.of(artifactSignerFactory))));
}
if (azureKeyVaultParameters.isAzureKeyVaultEnabled()) {
signers.addAll(loadAzureSigners());
}
if (keystoresParameters.isEnabled()) {
final BlsKeystoreBulkLoader blsKeystoreBulkLoader = new BlsKeystoreBulkLoader();
final Collection<ArtifactSigner> keystoreSigners = keystoresParameters.hasKeystoresPasswordsPath() ? blsKeystoreBulkLoader.loadKeystoresUsingPasswordDir(keystoresParameters.getKeystoresPath(), keystoresParameters.getKeystoresPasswordsPath()) : blsKeystoreBulkLoader.loadKeystoresUsingPasswordFile(keystoresParameters.getKeystoresPath(), keystoresParameters.getKeystoresPasswordFile());
signers.addAll(keystoreSigners);
}
final List<Bytes> validators = signers.stream().map(ArtifactSigner::getIdentifier).map(Bytes::fromHexString).collect(Collectors.toList());
if (validators.isEmpty()) {
LOG.warn("No BLS keys loaded. Check that the key store has BLS key config files");
} else {
slashingProtectionContext.ifPresent(context -> context.getRegisteredValidators().registerValidators(validators));
}
return signers;
});
}
Also used :
BlsKeystoreBulkLoader(tech.pegasys.web3signer.signing.BlsKeystoreBulkLoader)
HashicorpConnectionFactory(tech.pegasys.signers.hashicorp.HashicorpConnectionFactory)
YamlSignerParser(tech.pegasys.web3signer.signing.config.metadata.parser.YamlSignerParser)
BlsArtifactSigner(tech.pegasys.web3signer.signing.BlsArtifactSigner)
AbstractArtifactSignerFactory(tech.pegasys.web3signer.signing.config.metadata.AbstractArtifactSignerFactory)
SignerLoader(tech.pegasys.web3signer.signing.config.SignerLoader)
InterlockKeyProvider(tech.pegasys.web3signer.signing.config.metadata.interlock.InterlockKeyProvider)
AwsSecretsManagerProvider(tech.pegasys.signers.aws.AwsSecretsManagerProvider)
YubiHsmOpaqueDataProvider(tech.pegasys.web3signer.signing.config.metadata.yubihsm.YubiHsmOpaqueDataProvider)
Bytes(org.apache.tuweni.bytes.Bytes)
ArtifactSigner(tech.pegasys.web3signer.signing.ArtifactSigner)
BlsArtifactSigner(tech.pegasys.web3signer.signing.BlsArtifactSigner)
DefaultArtifactSignerProvider(tech.pegasys.web3signer.signing.config.DefaultArtifactSignerProvider)
BlsArtifactSignerFactory(tech.pegasys.web3signer.signing.config.metadata.BlsArtifactSignerFactory)
Example 2 with ArtifactSigner
use of tech.pegasys.web3signer.signing.ArtifactSigner in project web3signer by ConsenSys.
the class FcJsonRpc method filecoinWalletSign.
@JsonRpcMethod("Filecoin.WalletSign")
public FilecoinSignature filecoinWalletSign(@JsonRpcParam("identifier") final String filecoinAddress, @JsonRpcParam("data") final Bytes dataToSign, @JsonRpcOptional @JsonRpcParam("meta") final FilecoinMessageMsgMeta meta) {
LOG.debug("Received FC sign request id = {}; data = {}", filecoinAddress, dataToSign);
if (meta != null && meta.getExtra() != null) {
final Bytes cidBytes = fcCidEncoder.createCid(meta.getExtra());
checkArgument(dataToSign.equals(cidBytes), "Message invalid the data to sign doesn't match the CID of MsgMeta.extra");
}
final Optional<ArtifactSigner> signer = fcSigners.getSigner(filecoinAddress);
final ArtifactSignature signature;
if (signer.isPresent()) {
signature = signer.get().sign(dataToSign);
} else {
throw new FilecoinSignerNotFoundException();
}
try (final OperationTimer.TimingContext ignored = metrics.getSigningTimer().labels(signature.getType().name()).startTimer()) {
switch(signature.getType()) {
case SECP256K1:
metrics.incSecpSigningRequestCounter();
final SecpArtifactSignature secpSig = (SecpArtifactSignature) signature;
return new FilecoinSignature(SECP_VALUE, SecpArtifactSignature.toBytes(secpSig).toBase64String());
case BLS:
metrics.incBlsSigningRequestCounter();
final BlsArtifactSignature blsSig = (BlsArtifactSignature) signature;
return new FilecoinSignature(BLS_VALUE, blsSig.getSignatureData().toBytesCompressed().toBase64String());
default:
throw new IllegalArgumentException("Invalid Signature type created.");
}
}
}
Also used :
BlsArtifactSignature(tech.pegasys.web3signer.signing.BlsArtifactSignature)
SecpArtifactSignature(tech.pegasys.web3signer.signing.SecpArtifactSignature)
ArtifactSignature(tech.pegasys.web3signer.signing.ArtifactSignature)
Bytes(org.apache.tuweni.bytes.Bytes)
OperationTimer(org.hyperledger.besu.plugin.services.metrics.OperationTimer)
ArtifactSigner(tech.pegasys.web3signer.signing.ArtifactSigner)
BlsArtifactSignature(tech.pegasys.web3signer.signing.BlsArtifactSignature)
FilecoinSignerNotFoundException(tech.pegasys.web3signer.signing.filecoin.exceptions.FilecoinSignerNotFoundException)
SecpArtifactSignature(tech.pegasys.web3signer.signing.SecpArtifactSignature)
JsonRpcMethod(com.github.arteam.simplejsonrpc.core.annotation.JsonRpcMethod)
Example 3 with ArtifactSigner
use of tech.pegasys.web3signer.signing.ArtifactSigner in project web3signer by ConsenSys.
the class SignerLoaderTest method signerReturnedForMetadataFileWithPrefix.
@Test
void signerReturnedForMetadataFileWithPrefix() throws IOException {
final String filename = "someprefix" + PUBLIC_KEY1 + "." + FILE_EXTENSION;
final Path metadataFile = createFileInConfigsDirectory(filename, PRIVATE_KEY1);
when(signerParser.parse(ArgumentMatchers.any())).thenReturn(artifactSigner);
final List<ArtifactSigner> signerList = Lists.newArrayList(new SignerLoader().load(configsDirectory, FILE_EXTENSION, signerParser));
assertThat(signerList.size()).isOne();
assertThat(signerList.get(0).getIdentifier()).isEqualTo("0x" + PUBLIC_KEY1);
verify(signerParser).parse(Files.readString(metadataFile, StandardCharsets.UTF_8));
}
Also used :
Path(java.nio.file.Path)
BlsArtifactSigner(tech.pegasys.web3signer.signing.BlsArtifactSigner)
ArtifactSigner(tech.pegasys.web3signer.signing.ArtifactSigner)
Test(org.junit.jupiter.api.Test)
Example 4 with ArtifactSigner
use of tech.pegasys.web3signer.signing.ArtifactSigner in project web3signer by ConsenSys.
the class BlsArtifactSignerFactoryTest method createsArtifactSignerFromKeyStoreUsingAbsolutePaths.
@Test
void createsArtifactSignerFromKeyStoreUsingAbsolutePaths() {
final ArtifactSigner artifactSigner = artifactSignerFactory.create(new FileKeyStoreMetadata(keystoreFile, passwordFile, KeyType.BLS));
assertThat(keystoreFile).isAbsolute();
assertThat(passwordFile).isAbsolute();
assertThat(artifactSigner.getIdentifier()).startsWith("0x");
assertThat(fromIdentifier(artifactSigner.getIdentifier())).isEqualTo(blsKeyPair.getPublicKey());
}
Also used :
BlsArtifactSigner(tech.pegasys.web3signer.signing.BlsArtifactSigner)
ArtifactSigner(tech.pegasys.web3signer.signing.ArtifactSigner)
Test(org.junit.jupiter.api.Test)
Example 5 with ArtifactSigner
use of tech.pegasys.web3signer.signing.ArtifactSigner in project web3signer by ConsenSys.
the class DefaultArtifactSignerProviderTest method signerProviderOnlyHasSingleEntryIfPassedInListHasMultipleMatchingSigners.
@Test
void signerProviderOnlyHasSingleEntryIfPassedInListHasMultipleMatchingSigners() {
final ArtifactSigner mockSigner1 = mock(ArtifactSigner.class);
when(mockSigner1.getIdentifier()).thenReturn(PUBLIC_KEY1);
final ArtifactSigner mockSigner2 = mock(ArtifactSigner.class);
when(mockSigner2.getIdentifier()).thenReturn(PUBLIC_KEY1);
signerProvider = new DefaultArtifactSignerProvider(() -> List.of(mockSigner1, mockSigner2));
assertThatCode(() -> signerProvider.load().get()).doesNotThrowAnyException();
assertThat(signerProvider.availableIdentifiers()).hasSize(1);
assertThat(signerProvider.availableIdentifiers()).containsOnly(PUBLIC_KEY1);
}
Also used :
ArtifactSigner(tech.pegasys.web3signer.signing.ArtifactSigner)
Test(org.junit.jupiter.api.Test)
Aggregations
ArtifactSigner (tech.pegasys.web3signer.signing.ArtifactSigner)22
Test (org.junit.jupiter.api.Test)18
BlsArtifactSigner (tech.pegasys.web3signer.signing.BlsArtifactSigner)17
Path (java.nio.file.Path)10
HashMap (java.util.HashMap)7
ParameterizedTest (org.junit.jupiter.params.ParameterizedTest)6
BLSKeyPair (tech.pegasys.teku.bls.BLSKeyPair)6
AzureSecretSigningMetadata (tech.pegasys.web3signer.signing.config.metadata.AzureSecretSigningMetadata)3
Bytes (org.apache.tuweni.bytes.Bytes)2
FileRawSigningMetadata (tech.pegasys.web3signer.signing.config.metadata.FileRawSigningMetadata)2
JsonRpcMethod (com.github.arteam.simplejsonrpc.core.annotation.JsonRpcMethod)1
IOException (java.io.IOException)1
Instant (java.time.Instant)1
AtomicLong (java.util.concurrent.atomic.AtomicLong)1
OperationTimer (org.hyperledger.besu.plugin.services.metrics.OperationTimer)1
EnumSource (org.junit.jupiter.params.provider.EnumSource)1
AwsSecretsManagerProvider (tech.pegasys.signers.aws.AwsSecretsManagerProvider)1
HashicorpConnectionFactory (tech.pegasys.signers.hashicorp.HashicorpConnectionFactory)1
ArtifactSignature (tech.pegasys.web3signer.signing.ArtifactSignature)1
BlsArtifactSignature (tech.pegasys.web3signer.signing.BlsArtifactSignature)1
