Example 1 with BlsArtifactSignature
use of tech.pegasys.web3signer.signing.BlsArtifactSignature in project web3signer by ConsenSys.
the class FcBlsSigningAcceptanceTest method receiveASignatureWhenSubmitSigningRequestToFilecoinEndpoint.
@Test
void receiveASignatureWhenSubmitSigningRequestToFilecoinEndpoint() {
final String configFilename = publicKey.toString().substring(2);
final Path keyConfigFile = testDirectory.resolve(configFilename + ".yaml");
metadataFileHelpers.createUnencryptedYamlFileAt(keyConfigFile, PRIVATE_KEY, KeyType.BLS);
setupFilecoinSigner();
final ValueNode id = JsonNodeFactory.instance.numberNode(1);
final ObjectMapper mapper = JsonMapper.builder().build();
final Map<String, String> metaData = Map.of("type", "message", "extra", DATA.toBase64String());
final JsonNode params = mapper.convertValue(List.of(identifier.encode(FilecoinNetwork.MAINNET), CID.toBase64String(), metaData), JsonNode.class);
final Request request = new Request("2.0", "Filecoin.WalletSign", params, id);
final Response response = given().baseUri(signer.getUrl()).body(request).post(JSON_RPC_PATH);
response.then().statusCode(200).contentType(ContentType.JSON).body("jsonrpc", equalTo("2.0"), "id", equalTo(id.asInt()));
final BlsArtifactSignature expectedSignature = signatureGenerator.sign(CID);
final Map<String, Object> result = response.body().jsonPath().get("result");
assertThat(result.get("Type")).isEqualTo(2);
assertThat(result.get("Data")).isEqualTo(expectedSignature.getSignatureData().toBytesCompressed().toBase64String());
}
Also used :
Path(java.nio.file.Path)
Response(io.restassured.response.Response)
BlsArtifactSignature(tech.pegasys.web3signer.signing.BlsArtifactSignature)
ValueNode(com.fasterxml.jackson.databind.node.ValueNode)
Request(com.github.arteam.simplejsonrpc.core.domain.Request)
JsonNode(com.fasterxml.jackson.databind.JsonNode)
ObjectMapper(com.fasterxml.jackson.databind.ObjectMapper)
Test(org.junit.jupiter.api.Test)
Example 2 with BlsArtifactSignature
use of tech.pegasys.web3signer.signing.BlsArtifactSignature in project web3signer by ConsenSys.
the class FcJsonRpc method filecoinWalletSign.
@JsonRpcMethod("Filecoin.WalletSign")
public FilecoinSignature filecoinWalletSign(@JsonRpcParam("identifier") final String filecoinAddress, @JsonRpcParam("data") final Bytes dataToSign, @JsonRpcOptional @JsonRpcParam("meta") final FilecoinMessageMsgMeta meta) {
LOG.debug("Received FC sign request id = {}; data = {}", filecoinAddress, dataToSign);
if (meta != null && meta.getExtra() != null) {
final Bytes cidBytes = fcCidEncoder.createCid(meta.getExtra());
checkArgument(dataToSign.equals(cidBytes), "Message invalid the data to sign doesn't match the CID of MsgMeta.extra");
}
final Optional<ArtifactSigner> signer = fcSigners.getSigner(filecoinAddress);
final ArtifactSignature signature;
if (signer.isPresent()) {
signature = signer.get().sign(dataToSign);
} else {
throw new FilecoinSignerNotFoundException();
}
try (final OperationTimer.TimingContext ignored = metrics.getSigningTimer().labels(signature.getType().name()).startTimer()) {
switch(signature.getType()) {
case SECP256K1:
metrics.incSecpSigningRequestCounter();
final SecpArtifactSignature secpSig = (SecpArtifactSignature) signature;
return new FilecoinSignature(SECP_VALUE, SecpArtifactSignature.toBytes(secpSig).toBase64String());
case BLS:
metrics.incBlsSigningRequestCounter();
final BlsArtifactSignature blsSig = (BlsArtifactSignature) signature;
return new FilecoinSignature(BLS_VALUE, blsSig.getSignatureData().toBytesCompressed().toBase64String());
default:
throw new IllegalArgumentException("Invalid Signature type created.");
}
}
}
Also used :
BlsArtifactSignature(tech.pegasys.web3signer.signing.BlsArtifactSignature)
SecpArtifactSignature(tech.pegasys.web3signer.signing.SecpArtifactSignature)
ArtifactSignature(tech.pegasys.web3signer.signing.ArtifactSignature)
Bytes(org.apache.tuweni.bytes.Bytes)
OperationTimer(org.hyperledger.besu.plugin.services.metrics.OperationTimer)
ArtifactSigner(tech.pegasys.web3signer.signing.ArtifactSigner)
BlsArtifactSignature(tech.pegasys.web3signer.signing.BlsArtifactSignature)
FilecoinSignerNotFoundException(tech.pegasys.web3signer.signing.filecoin.exceptions.FilecoinSignerNotFoundException)
SecpArtifactSignature(tech.pegasys.web3signer.signing.SecpArtifactSignature)
JsonRpcMethod(com.github.arteam.simplejsonrpc.core.annotation.JsonRpcMethod)
Example 3 with BlsArtifactSignature
use of tech.pegasys.web3signer.signing.BlsArtifactSignature in project web3signer by ConsenSys.
the class FcJsonRpc method filecoinWalletVerify.
@JsonRpcMethod("Filecoin.WalletVerify")
public boolean filecoinWalletVerify(@JsonRpcParam("address") final String filecoinAddress, @JsonRpcParam("data") final Bytes dataToVerify, @JsonRpcParam("signature") final FilecoinSignature filecoinSignature) {
final FilecoinAddress address = FilecoinAddress.fromString(filecoinAddress);
final Bytes signature = Bytes.fromBase64String(filecoinSignature.getData());
switch(address.getProtocol()) {
case SECP256K1:
checkArgument(filecoinSignature.getType() == SECP_VALUE, "Invalid signature type");
return FilecoinVerify.verify(address, dataToVerify, SecpArtifactSignature.fromBytes(signature));
case BLS:
checkArgument(filecoinSignature.getType() == BLS_VALUE, "Invalid signature type");
return FilecoinVerify.verify(address, dataToVerify, new BlsArtifactSignature(BLSSignature.fromBytesCompressed(signature)));
default:
throw new IllegalArgumentException("Invalid address protocol type");
}
}
Also used :
Bytes(org.apache.tuweni.bytes.Bytes)
BlsArtifactSignature(tech.pegasys.web3signer.signing.BlsArtifactSignature)
FilecoinAddress(tech.pegasys.web3signer.signing.filecoin.FilecoinAddress)
JsonRpcMethod(com.github.arteam.simplejsonrpc.core.annotation.JsonRpcMethod)
Example 4 with BlsArtifactSignature
use of tech.pegasys.web3signer.signing.BlsArtifactSignature in project web3signer by ConsenSys.
the class Eth2Runner method registerEth2Routes.
private void registerEth2Routes(final RouterBuilder routerBuilder, final ArtifactSignerProvider blsSignerProvider, final LogErrorHandler errorHandler, final MetricsSystem metricsSystem, final Optional<SlashingProtectionContext> slashingProtectionContext) {
final ObjectMapper objectMapper = SigningObjectMapperFactory.createObjectMapper();
// security handler for keymanager endpoints
routerBuilder.securityHandler("bearerAuth", context -> {
// TODO Auth token security logic
final boolean authorized = true;
if (authorized) {
context.next();
} else {
context.response().setStatusCode(401).end("{ message: \"permission denied\" }");
}
});
addPublicKeysListHandler(routerBuilder, blsSignerProvider, ETH2_LIST.name(), errorHandler);
final SignerForIdentifier<BlsArtifactSignature> blsSigner = new SignerForIdentifier<>(blsSignerProvider, this::formatBlsSignature, BLS);
routerBuilder.operation(ETH2_SIGN.name()).handler(new BlockingHandlerDecorator(new Eth2SignForIdentifierHandler(blsSigner, new HttpApiMetrics(metricsSystem, BLS), new SlashingProtectionMetrics(metricsSystem), slashingProtectionContext.map(SlashingProtectionContext::getSlashingProtection), objectMapper, eth2Spec), false)).failureHandler(errorHandler);
addReloadHandler(routerBuilder, blsSignerProvider, RELOAD.name(), errorHandler);
if (isKeyManagerApiEnabled) {
routerBuilder.operation(KEYMANAGER_LIST.name()).handler(new BlockingHandlerDecorator(new ListKeystoresHandler(blsSignerProvider, objectMapper), false)).failureHandler(errorHandler);
final ValidatorManager validatorManager = createValidatorManager(blsSignerProvider, objectMapper);
routerBuilder.operation(KEYMANAGER_IMPORT.name()).handler(new BlockingHandlerDecorator(new ImportKeystoresHandler(objectMapper, config.getKeyConfigPath(), slashingProtectionContext.map(SlashingProtectionContext::getSlashingProtection), blsSignerProvider, validatorManager), false)).failureHandler(errorHandler);
routerBuilder.operation(KEYMANAGER_DELETE.name()).handler(new BlockingHandlerDecorator(new DeleteKeystoresHandler(objectMapper, slashingProtectionContext.map(SlashingProtectionContext::getSlashingProtection), blsSignerProvider, validatorManager), false)).failureHandler(errorHandler);
}
}
Also used :
FileValidatorManager(tech.pegasys.web3signer.signing.FileValidatorManager)
DbValidatorManager(tech.pegasys.web3signer.slashingprotection.DbValidatorManager)
ValidatorManager(tech.pegasys.web3signer.signing.ValidatorManager)
ListKeystoresHandler(tech.pegasys.web3signer.core.service.http.handlers.keymanager.list.ListKeystoresHandler)
DeleteKeystoresHandler(tech.pegasys.web3signer.core.service.http.handlers.keymanager.delete.DeleteKeystoresHandler)
SlashingProtectionMetrics(tech.pegasys.web3signer.core.metrics.SlashingProtectionMetrics)
SignerForIdentifier(tech.pegasys.web3signer.core.service.http.handlers.signing.SignerForIdentifier)
BlockingHandlerDecorator(io.vertx.ext.web.impl.BlockingHandlerDecorator)
BlsArtifactSignature(tech.pegasys.web3signer.signing.BlsArtifactSignature)
SlashingProtectionContext(tech.pegasys.web3signer.slashingprotection.SlashingProtectionContext)
ImportKeystoresHandler(tech.pegasys.web3signer.core.service.http.handlers.keymanager.imports.ImportKeystoresHandler)
ObjectMapper(com.fasterxml.jackson.databind.ObjectMapper)
Eth2SignForIdentifierHandler(tech.pegasys.web3signer.core.service.http.handlers.signing.eth2.Eth2SignForIdentifierHandler)
HttpApiMetrics(tech.pegasys.web3signer.core.service.http.metrics.HttpApiMetrics)
Example 5 with BlsArtifactSignature
use of tech.pegasys.web3signer.signing.BlsArtifactSignature in project web3signer by ConsenSys.
the class FilecoinVerifyTest method verifiesBlsSignatureWasSignedWithKey.
@Test
void verifiesBlsSignatureWasSignedWithKey() {
final Bytes message = Bytes.fromBase64String(DATA);
final BlsArtifactSignature artifactSignature = new BlsArtifactSignature(BLSSignature.fromBytesCompressed(Bytes.fromBase64String(BLS_SIGNATURE)));
final FilecoinAddress filecoinAddress = FilecoinAddress.fromString("t3sjhgtrk5fdio52k5lzanh7yy4mj4rqbiowd6odddzprrxejgbjbl2irr3gmpbf7epigf45oy7asljj3v3lva");
assertThat(FilecoinVerify.verify(filecoinAddress, message, artifactSignature)).isTrue();
}
Also used :
Bytes(org.apache.tuweni.bytes.Bytes)
BlsArtifactSignature(tech.pegasys.web3signer.signing.BlsArtifactSignature)
Test(org.junit.jupiter.api.Test)
Aggregations
BlsArtifactSignature (tech.pegasys.web3signer.signing.BlsArtifactSignature)5
Bytes (org.apache.tuweni.bytes.Bytes)3
ObjectMapper (com.fasterxml.jackson.databind.ObjectMapper)2
JsonRpcMethod (com.github.arteam.simplejsonrpc.core.annotation.JsonRpcMethod)2
Test (org.junit.jupiter.api.Test)2
JsonNode (com.fasterxml.jackson.databind.JsonNode)1
ValueNode (com.fasterxml.jackson.databind.node.ValueNode)1
Request (com.github.arteam.simplejsonrpc.core.domain.Request)1
Response (io.restassured.response.Response)1
BlockingHandlerDecorator (io.vertx.ext.web.impl.BlockingHandlerDecorator)1
Path (java.nio.file.Path)1
OperationTimer (org.hyperledger.besu.plugin.services.metrics.OperationTimer)1
SlashingProtectionMetrics (tech.pegasys.web3signer.core.metrics.SlashingProtectionMetrics)1
DeleteKeystoresHandler (tech.pegasys.web3signer.core.service.http.handlers.keymanager.delete.DeleteKeystoresHandler)1
ImportKeystoresHandler (tech.pegasys.web3signer.core.service.http.handlers.keymanager.imports.ImportKeystoresHandler)1
ListKeystoresHandler (tech.pegasys.web3signer.core.service.http.handlers.keymanager.list.ListKeystoresHandler)1
SignerForIdentifier (tech.pegasys.web3signer.core.service.http.handlers.signing.SignerForIdentifier)1
Eth2SignForIdentifierHandler (tech.pegasys.web3signer.core.service.http.handlers.signing.eth2.Eth2SignForIdentifierHandler)1
HttpApiMetrics (tech.pegasys.web3signer.core.service.http.metrics.HttpApiMetrics)1
ArtifactSignature (tech.pegasys.web3signer.signing.ArtifactSignature)1
