Search in sources :

Example 1 with ArtifactSigner

use of tech.pegasys.web3signer.signing.ArtifactSigner in project web3signer by ConsenSys.

the class Eth2Runner method createArtifactSignerProvider.

@Override
protected ArtifactSignerProvider createArtifactSignerProvider(final Vertx vertx, final MetricsSystem metricsSystem) {
    return new DefaultArtifactSignerProvider(() -> {
        final List<ArtifactSigner> signers = Lists.newArrayList();
        final HashicorpConnectionFactory hashicorpConnectionFactory = new HashicorpConnectionFactory(vertx);
        try (final InterlockKeyProvider interlockKeyProvider = new InterlockKeyProvider(vertx);
            final YubiHsmOpaqueDataProvider yubiHsmOpaqueDataProvider = new YubiHsmOpaqueDataProvider();
            final AwsSecretsManagerProvider awsSecretsManagerProvider = new AwsSecretsManagerProvider(awsCacheMaximumSize)) {
            final AbstractArtifactSignerFactory artifactSignerFactory = new BlsArtifactSignerFactory(config.getKeyConfigPath(), metricsSystem, hashicorpConnectionFactory, interlockKeyProvider, yubiHsmOpaqueDataProvider, awsSecretsManagerProvider, (args) -> new BlsArtifactSigner(args.getKeyPair(), args.getOrigin(), args.getPath()));
            signers.addAll(new SignerLoader().load(config.getKeyConfigPath(), "yaml", new YamlSignerParser(List.of(artifactSignerFactory))));
        }
        if (azureKeyVaultParameters.isAzureKeyVaultEnabled()) {
            signers.addAll(loadAzureSigners());
        }
        if (keystoresParameters.isEnabled()) {
            final BlsKeystoreBulkLoader blsKeystoreBulkLoader = new BlsKeystoreBulkLoader();
            final Collection<ArtifactSigner> keystoreSigners = keystoresParameters.hasKeystoresPasswordsPath() ? blsKeystoreBulkLoader.loadKeystoresUsingPasswordDir(keystoresParameters.getKeystoresPath(), keystoresParameters.getKeystoresPasswordsPath()) : blsKeystoreBulkLoader.loadKeystoresUsingPasswordFile(keystoresParameters.getKeystoresPath(), keystoresParameters.getKeystoresPasswordFile());
            signers.addAll(keystoreSigners);
        }
        final List<Bytes> validators = signers.stream().map(ArtifactSigner::getIdentifier).map(Bytes::fromHexString).collect(Collectors.toList());
        if (validators.isEmpty()) {
            LOG.warn("No BLS keys loaded. Check that the key store has BLS key config files");
        } else {
            slashingProtectionContext.ifPresent(context -> context.getRegisteredValidators().registerValidators(validators));
        }
        return signers;
    });
}
Also used : BlsKeystoreBulkLoader(tech.pegasys.web3signer.signing.BlsKeystoreBulkLoader) HashicorpConnectionFactory(tech.pegasys.signers.hashicorp.HashicorpConnectionFactory) YamlSignerParser(tech.pegasys.web3signer.signing.config.metadata.parser.YamlSignerParser) BlsArtifactSigner(tech.pegasys.web3signer.signing.BlsArtifactSigner) AbstractArtifactSignerFactory(tech.pegasys.web3signer.signing.config.metadata.AbstractArtifactSignerFactory) SignerLoader(tech.pegasys.web3signer.signing.config.SignerLoader) InterlockKeyProvider(tech.pegasys.web3signer.signing.config.metadata.interlock.InterlockKeyProvider) AwsSecretsManagerProvider(tech.pegasys.signers.aws.AwsSecretsManagerProvider) YubiHsmOpaqueDataProvider(tech.pegasys.web3signer.signing.config.metadata.yubihsm.YubiHsmOpaqueDataProvider) Bytes(org.apache.tuweni.bytes.Bytes) ArtifactSigner(tech.pegasys.web3signer.signing.ArtifactSigner) BlsArtifactSigner(tech.pegasys.web3signer.signing.BlsArtifactSigner) DefaultArtifactSignerProvider(tech.pegasys.web3signer.signing.config.DefaultArtifactSignerProvider) BlsArtifactSignerFactory(tech.pegasys.web3signer.signing.config.metadata.BlsArtifactSignerFactory)

Example 2 with ArtifactSigner

use of tech.pegasys.web3signer.signing.ArtifactSigner in project web3signer by ConsenSys.

the class FcJsonRpc method filecoinWalletSign.

@JsonRpcMethod("Filecoin.WalletSign")
public FilecoinSignature filecoinWalletSign(@JsonRpcParam("identifier") final String filecoinAddress, @JsonRpcParam("data") final Bytes dataToSign, @JsonRpcOptional @JsonRpcParam("meta") final FilecoinMessageMsgMeta meta) {
    LOG.debug("Received FC sign request id = {}; data = {}", filecoinAddress, dataToSign);
    if (meta != null && meta.getExtra() != null) {
        final Bytes cidBytes = fcCidEncoder.createCid(meta.getExtra());
        checkArgument(dataToSign.equals(cidBytes), "Message invalid the data to sign doesn't match the CID of MsgMeta.extra");
    }
    final Optional<ArtifactSigner> signer = fcSigners.getSigner(filecoinAddress);
    final ArtifactSignature signature;
    if (signer.isPresent()) {
        signature = signer.get().sign(dataToSign);
    } else {
        throw new FilecoinSignerNotFoundException();
    }
    try (final OperationTimer.TimingContext ignored = metrics.getSigningTimer().labels(signature.getType().name()).startTimer()) {
        switch(signature.getType()) {
            case SECP256K1:
                metrics.incSecpSigningRequestCounter();
                final SecpArtifactSignature secpSig = (SecpArtifactSignature) signature;
                return new FilecoinSignature(SECP_VALUE, SecpArtifactSignature.toBytes(secpSig).toBase64String());
            case BLS:
                metrics.incBlsSigningRequestCounter();
                final BlsArtifactSignature blsSig = (BlsArtifactSignature) signature;
                return new FilecoinSignature(BLS_VALUE, blsSig.getSignatureData().toBytesCompressed().toBase64String());
            default:
                throw new IllegalArgumentException("Invalid Signature type created.");
        }
    }
}
Also used : BlsArtifactSignature(tech.pegasys.web3signer.signing.BlsArtifactSignature) SecpArtifactSignature(tech.pegasys.web3signer.signing.SecpArtifactSignature) ArtifactSignature(tech.pegasys.web3signer.signing.ArtifactSignature) Bytes(org.apache.tuweni.bytes.Bytes) OperationTimer(org.hyperledger.besu.plugin.services.metrics.OperationTimer) ArtifactSigner(tech.pegasys.web3signer.signing.ArtifactSigner) BlsArtifactSignature(tech.pegasys.web3signer.signing.BlsArtifactSignature) FilecoinSignerNotFoundException(tech.pegasys.web3signer.signing.filecoin.exceptions.FilecoinSignerNotFoundException) SecpArtifactSignature(tech.pegasys.web3signer.signing.SecpArtifactSignature) JsonRpcMethod(com.github.arteam.simplejsonrpc.core.annotation.JsonRpcMethod)

Example 3 with ArtifactSigner

use of tech.pegasys.web3signer.signing.ArtifactSigner in project web3signer by ConsenSys.

the class SignerLoaderTest method signerReturnedForMetadataFileWithPrefix.

@Test
void signerReturnedForMetadataFileWithPrefix() throws IOException {
    final String filename = "someprefix" + PUBLIC_KEY1 + "." + FILE_EXTENSION;
    final Path metadataFile = createFileInConfigsDirectory(filename, PRIVATE_KEY1);
    when(signerParser.parse(ArgumentMatchers.any())).thenReturn(artifactSigner);
    final List<ArtifactSigner> signerList = Lists.newArrayList(new SignerLoader().load(configsDirectory, FILE_EXTENSION, signerParser));
    assertThat(signerList.size()).isOne();
    assertThat(signerList.get(0).getIdentifier()).isEqualTo("0x" + PUBLIC_KEY1);
    verify(signerParser).parse(Files.readString(metadataFile, StandardCharsets.UTF_8));
}
Also used : Path(java.nio.file.Path) BlsArtifactSigner(tech.pegasys.web3signer.signing.BlsArtifactSigner) ArtifactSigner(tech.pegasys.web3signer.signing.ArtifactSigner) Test(org.junit.jupiter.api.Test)

Example 4 with ArtifactSigner

use of tech.pegasys.web3signer.signing.ArtifactSigner in project web3signer by ConsenSys.

the class BlsArtifactSignerFactoryTest method createsArtifactSignerFromKeyStoreUsingAbsolutePaths.

@Test
void createsArtifactSignerFromKeyStoreUsingAbsolutePaths() {
    final ArtifactSigner artifactSigner = artifactSignerFactory.create(new FileKeyStoreMetadata(keystoreFile, passwordFile, KeyType.BLS));
    assertThat(keystoreFile).isAbsolute();
    assertThat(passwordFile).isAbsolute();
    assertThat(artifactSigner.getIdentifier()).startsWith("0x");
    assertThat(fromIdentifier(artifactSigner.getIdentifier())).isEqualTo(blsKeyPair.getPublicKey());
}
Also used : BlsArtifactSigner(tech.pegasys.web3signer.signing.BlsArtifactSigner) ArtifactSigner(tech.pegasys.web3signer.signing.ArtifactSigner) Test(org.junit.jupiter.api.Test)

Example 5 with ArtifactSigner

use of tech.pegasys.web3signer.signing.ArtifactSigner in project web3signer by ConsenSys.

the class DefaultArtifactSignerProviderTest method signerProviderOnlyHasSingleEntryIfPassedInListHasMultipleMatchingSigners.

@Test
void signerProviderOnlyHasSingleEntryIfPassedInListHasMultipleMatchingSigners() {
    final ArtifactSigner mockSigner1 = mock(ArtifactSigner.class);
    when(mockSigner1.getIdentifier()).thenReturn(PUBLIC_KEY1);
    final ArtifactSigner mockSigner2 = mock(ArtifactSigner.class);
    when(mockSigner2.getIdentifier()).thenReturn(PUBLIC_KEY1);
    signerProvider = new DefaultArtifactSignerProvider(() -> List.of(mockSigner1, mockSigner2));
    assertThatCode(() -> signerProvider.load().get()).doesNotThrowAnyException();
    assertThat(signerProvider.availableIdentifiers()).hasSize(1);
    assertThat(signerProvider.availableIdentifiers()).containsOnly(PUBLIC_KEY1);
}
Also used : ArtifactSigner(tech.pegasys.web3signer.signing.ArtifactSigner) Test(org.junit.jupiter.api.Test)

Aggregations

ArtifactSigner (tech.pegasys.web3signer.signing.ArtifactSigner)22 Test (org.junit.jupiter.api.Test)18 BlsArtifactSigner (tech.pegasys.web3signer.signing.BlsArtifactSigner)17 Path (java.nio.file.Path)10 HashMap (java.util.HashMap)7 ParameterizedTest (org.junit.jupiter.params.ParameterizedTest)6 BLSKeyPair (tech.pegasys.teku.bls.BLSKeyPair)6 AzureSecretSigningMetadata (tech.pegasys.web3signer.signing.config.metadata.AzureSecretSigningMetadata)3 Bytes (org.apache.tuweni.bytes.Bytes)2 FileRawSigningMetadata (tech.pegasys.web3signer.signing.config.metadata.FileRawSigningMetadata)2 JsonRpcMethod (com.github.arteam.simplejsonrpc.core.annotation.JsonRpcMethod)1 IOException (java.io.IOException)1 Instant (java.time.Instant)1 AtomicLong (java.util.concurrent.atomic.AtomicLong)1 OperationTimer (org.hyperledger.besu.plugin.services.metrics.OperationTimer)1 EnumSource (org.junit.jupiter.params.provider.EnumSource)1 AwsSecretsManagerProvider (tech.pegasys.signers.aws.AwsSecretsManagerProvider)1 HashicorpConnectionFactory (tech.pegasys.signers.hashicorp.HashicorpConnectionFactory)1 ArtifactSignature (tech.pegasys.web3signer.signing.ArtifactSignature)1 BlsArtifactSignature (tech.pegasys.web3signer.signing.BlsArtifactSignature)1