use of tech.pegasys.web3signer.signing.ArtifactSigner in project web3signer by ConsenSys.
the class Eth2Runner method createArtifactSignerProvider.
@Override
protected ArtifactSignerProvider createArtifactSignerProvider(final Vertx vertx, final MetricsSystem metricsSystem) {
return new DefaultArtifactSignerProvider(() -> {
final List<ArtifactSigner> signers = Lists.newArrayList();
final HashicorpConnectionFactory hashicorpConnectionFactory = new HashicorpConnectionFactory(vertx);
try (final InterlockKeyProvider interlockKeyProvider = new InterlockKeyProvider(vertx);
final YubiHsmOpaqueDataProvider yubiHsmOpaqueDataProvider = new YubiHsmOpaqueDataProvider();
final AwsSecretsManagerProvider awsSecretsManagerProvider = new AwsSecretsManagerProvider(awsCacheMaximumSize)) {
final AbstractArtifactSignerFactory artifactSignerFactory = new BlsArtifactSignerFactory(config.getKeyConfigPath(), metricsSystem, hashicorpConnectionFactory, interlockKeyProvider, yubiHsmOpaqueDataProvider, awsSecretsManagerProvider, (args) -> new BlsArtifactSigner(args.getKeyPair(), args.getOrigin(), args.getPath()));
signers.addAll(new SignerLoader().load(config.getKeyConfigPath(), "yaml", new YamlSignerParser(List.of(artifactSignerFactory))));
}
if (azureKeyVaultParameters.isAzureKeyVaultEnabled()) {
signers.addAll(loadAzureSigners());
}
if (keystoresParameters.isEnabled()) {
final BlsKeystoreBulkLoader blsKeystoreBulkLoader = new BlsKeystoreBulkLoader();
final Collection<ArtifactSigner> keystoreSigners = keystoresParameters.hasKeystoresPasswordsPath() ? blsKeystoreBulkLoader.loadKeystoresUsingPasswordDir(keystoresParameters.getKeystoresPath(), keystoresParameters.getKeystoresPasswordsPath()) : blsKeystoreBulkLoader.loadKeystoresUsingPasswordFile(keystoresParameters.getKeystoresPath(), keystoresParameters.getKeystoresPasswordFile());
signers.addAll(keystoreSigners);
}
final List<Bytes> validators = signers.stream().map(ArtifactSigner::getIdentifier).map(Bytes::fromHexString).collect(Collectors.toList());
if (validators.isEmpty()) {
LOG.warn("No BLS keys loaded. Check that the key store has BLS key config files");
} else {
slashingProtectionContext.ifPresent(context -> context.getRegisteredValidators().registerValidators(validators));
}
return signers;
});
}
use of tech.pegasys.web3signer.signing.ArtifactSigner in project web3signer by ConsenSys.
the class FcJsonRpc method filecoinWalletSign.
@JsonRpcMethod("Filecoin.WalletSign")
public FilecoinSignature filecoinWalletSign(@JsonRpcParam("identifier") final String filecoinAddress, @JsonRpcParam("data") final Bytes dataToSign, @JsonRpcOptional @JsonRpcParam("meta") final FilecoinMessageMsgMeta meta) {
LOG.debug("Received FC sign request id = {}; data = {}", filecoinAddress, dataToSign);
if (meta != null && meta.getExtra() != null) {
final Bytes cidBytes = fcCidEncoder.createCid(meta.getExtra());
checkArgument(dataToSign.equals(cidBytes), "Message invalid the data to sign doesn't match the CID of MsgMeta.extra");
}
final Optional<ArtifactSigner> signer = fcSigners.getSigner(filecoinAddress);
final ArtifactSignature signature;
if (signer.isPresent()) {
signature = signer.get().sign(dataToSign);
} else {
throw new FilecoinSignerNotFoundException();
}
try (final OperationTimer.TimingContext ignored = metrics.getSigningTimer().labels(signature.getType().name()).startTimer()) {
switch(signature.getType()) {
case SECP256K1:
metrics.incSecpSigningRequestCounter();
final SecpArtifactSignature secpSig = (SecpArtifactSignature) signature;
return new FilecoinSignature(SECP_VALUE, SecpArtifactSignature.toBytes(secpSig).toBase64String());
case BLS:
metrics.incBlsSigningRequestCounter();
final BlsArtifactSignature blsSig = (BlsArtifactSignature) signature;
return new FilecoinSignature(BLS_VALUE, blsSig.getSignatureData().toBytesCompressed().toBase64String());
default:
throw new IllegalArgumentException("Invalid Signature type created.");
}
}
}
use of tech.pegasys.web3signer.signing.ArtifactSigner in project web3signer by ConsenSys.
the class SignerLoaderTest method signerReturnedForMetadataFileWithPrefix.
@Test
void signerReturnedForMetadataFileWithPrefix() throws IOException {
final String filename = "someprefix" + PUBLIC_KEY1 + "." + FILE_EXTENSION;
final Path metadataFile = createFileInConfigsDirectory(filename, PRIVATE_KEY1);
when(signerParser.parse(ArgumentMatchers.any())).thenReturn(artifactSigner);
final List<ArtifactSigner> signerList = Lists.newArrayList(new SignerLoader().load(configsDirectory, FILE_EXTENSION, signerParser));
assertThat(signerList.size()).isOne();
assertThat(signerList.get(0).getIdentifier()).isEqualTo("0x" + PUBLIC_KEY1);
verify(signerParser).parse(Files.readString(metadataFile, StandardCharsets.UTF_8));
}
use of tech.pegasys.web3signer.signing.ArtifactSigner in project web3signer by ConsenSys.
the class BlsArtifactSignerFactoryTest method createsArtifactSignerFromKeyStoreUsingAbsolutePaths.
@Test
void createsArtifactSignerFromKeyStoreUsingAbsolutePaths() {
final ArtifactSigner artifactSigner = artifactSignerFactory.create(new FileKeyStoreMetadata(keystoreFile, passwordFile, KeyType.BLS));
assertThat(keystoreFile).isAbsolute();
assertThat(passwordFile).isAbsolute();
assertThat(artifactSigner.getIdentifier()).startsWith("0x");
assertThat(fromIdentifier(artifactSigner.getIdentifier())).isEqualTo(blsKeyPair.getPublicKey());
}
use of tech.pegasys.web3signer.signing.ArtifactSigner in project web3signer by ConsenSys.
the class DefaultArtifactSignerProviderTest method signerProviderOnlyHasSingleEntryIfPassedInListHasMultipleMatchingSigners.
@Test
void signerProviderOnlyHasSingleEntryIfPassedInListHasMultipleMatchingSigners() {
final ArtifactSigner mockSigner1 = mock(ArtifactSigner.class);
when(mockSigner1.getIdentifier()).thenReturn(PUBLIC_KEY1);
final ArtifactSigner mockSigner2 = mock(ArtifactSigner.class);
when(mockSigner2.getIdentifier()).thenReturn(PUBLIC_KEY1);
signerProvider = new DefaultArtifactSignerProvider(() -> List.of(mockSigner1, mockSigner2));
assertThatCode(() -> signerProvider.load().get()).doesNotThrowAnyException();
assertThat(signerProvider.availableIdentifiers()).hasSize(1);
assertThat(signerProvider.availableIdentifiers()).containsOnly(PUBLIC_KEY1);
}
Aggregations