Search in sources :

Example 1 with BlsArtifactSignature

use of tech.pegasys.web3signer.signing.BlsArtifactSignature in project web3signer by ConsenSys.

the class FcBlsSigningAcceptanceTest method receiveASignatureWhenSubmitSigningRequestToFilecoinEndpoint.

@Test
void receiveASignatureWhenSubmitSigningRequestToFilecoinEndpoint() {
    final String configFilename = publicKey.toString().substring(2);
    final Path keyConfigFile = testDirectory.resolve(configFilename + ".yaml");
    metadataFileHelpers.createUnencryptedYamlFileAt(keyConfigFile, PRIVATE_KEY, KeyType.BLS);
    setupFilecoinSigner();
    final ValueNode id = JsonNodeFactory.instance.numberNode(1);
    final ObjectMapper mapper = JsonMapper.builder().build();
    final Map<String, String> metaData = Map.of("type", "message", "extra", DATA.toBase64String());
    final JsonNode params = mapper.convertValue(List.of(identifier.encode(FilecoinNetwork.MAINNET), CID.toBase64String(), metaData), JsonNode.class);
    final Request request = new Request("2.0", "Filecoin.WalletSign", params, id);
    final Response response = given().baseUri(signer.getUrl()).body(request).post(JSON_RPC_PATH);
    response.then().statusCode(200).contentType(ContentType.JSON).body("jsonrpc", equalTo("2.0"), "id", equalTo(id.asInt()));
    final BlsArtifactSignature expectedSignature = signatureGenerator.sign(CID);
    final Map<String, Object> result = response.body().jsonPath().get("result");
    assertThat(result.get("Type")).isEqualTo(2);
    assertThat(result.get("Data")).isEqualTo(expectedSignature.getSignatureData().toBytesCompressed().toBase64String());
}
Also used : Path(java.nio.file.Path) Response(io.restassured.response.Response) BlsArtifactSignature(tech.pegasys.web3signer.signing.BlsArtifactSignature) ValueNode(com.fasterxml.jackson.databind.node.ValueNode) Request(com.github.arteam.simplejsonrpc.core.domain.Request) JsonNode(com.fasterxml.jackson.databind.JsonNode) ObjectMapper(com.fasterxml.jackson.databind.ObjectMapper) Test(org.junit.jupiter.api.Test)

Example 2 with BlsArtifactSignature

use of tech.pegasys.web3signer.signing.BlsArtifactSignature in project web3signer by ConsenSys.

the class FcJsonRpc method filecoinWalletSign.

@JsonRpcMethod("Filecoin.WalletSign")
public FilecoinSignature filecoinWalletSign(@JsonRpcParam("identifier") final String filecoinAddress, @JsonRpcParam("data") final Bytes dataToSign, @JsonRpcOptional @JsonRpcParam("meta") final FilecoinMessageMsgMeta meta) {
    LOG.debug("Received FC sign request id = {}; data = {}", filecoinAddress, dataToSign);
    if (meta != null && meta.getExtra() != null) {
        final Bytes cidBytes = fcCidEncoder.createCid(meta.getExtra());
        checkArgument(dataToSign.equals(cidBytes), "Message invalid the data to sign doesn't match the CID of MsgMeta.extra");
    }
    final Optional<ArtifactSigner> signer = fcSigners.getSigner(filecoinAddress);
    final ArtifactSignature signature;
    if (signer.isPresent()) {
        signature = signer.get().sign(dataToSign);
    } else {
        throw new FilecoinSignerNotFoundException();
    }
    try (final OperationTimer.TimingContext ignored = metrics.getSigningTimer().labels(signature.getType().name()).startTimer()) {
        switch(signature.getType()) {
            case SECP256K1:
                metrics.incSecpSigningRequestCounter();
                final SecpArtifactSignature secpSig = (SecpArtifactSignature) signature;
                return new FilecoinSignature(SECP_VALUE, SecpArtifactSignature.toBytes(secpSig).toBase64String());
            case BLS:
                metrics.incBlsSigningRequestCounter();
                final BlsArtifactSignature blsSig = (BlsArtifactSignature) signature;
                return new FilecoinSignature(BLS_VALUE, blsSig.getSignatureData().toBytesCompressed().toBase64String());
            default:
                throw new IllegalArgumentException("Invalid Signature type created.");
        }
    }
}
Also used : BlsArtifactSignature(tech.pegasys.web3signer.signing.BlsArtifactSignature) SecpArtifactSignature(tech.pegasys.web3signer.signing.SecpArtifactSignature) ArtifactSignature(tech.pegasys.web3signer.signing.ArtifactSignature) Bytes(org.apache.tuweni.bytes.Bytes) OperationTimer(org.hyperledger.besu.plugin.services.metrics.OperationTimer) ArtifactSigner(tech.pegasys.web3signer.signing.ArtifactSigner) BlsArtifactSignature(tech.pegasys.web3signer.signing.BlsArtifactSignature) FilecoinSignerNotFoundException(tech.pegasys.web3signer.signing.filecoin.exceptions.FilecoinSignerNotFoundException) SecpArtifactSignature(tech.pegasys.web3signer.signing.SecpArtifactSignature) JsonRpcMethod(com.github.arteam.simplejsonrpc.core.annotation.JsonRpcMethod)

Example 3 with BlsArtifactSignature

use of tech.pegasys.web3signer.signing.BlsArtifactSignature in project web3signer by ConsenSys.

the class FcJsonRpc method filecoinWalletVerify.

@JsonRpcMethod("Filecoin.WalletVerify")
public boolean filecoinWalletVerify(@JsonRpcParam("address") final String filecoinAddress, @JsonRpcParam("data") final Bytes dataToVerify, @JsonRpcParam("signature") final FilecoinSignature filecoinSignature) {
    final FilecoinAddress address = FilecoinAddress.fromString(filecoinAddress);
    final Bytes signature = Bytes.fromBase64String(filecoinSignature.getData());
    switch(address.getProtocol()) {
        case SECP256K1:
            checkArgument(filecoinSignature.getType() == SECP_VALUE, "Invalid signature type");
            return FilecoinVerify.verify(address, dataToVerify, SecpArtifactSignature.fromBytes(signature));
        case BLS:
            checkArgument(filecoinSignature.getType() == BLS_VALUE, "Invalid signature type");
            return FilecoinVerify.verify(address, dataToVerify, new BlsArtifactSignature(BLSSignature.fromBytesCompressed(signature)));
        default:
            throw new IllegalArgumentException("Invalid address protocol type");
    }
}
Also used : Bytes(org.apache.tuweni.bytes.Bytes) BlsArtifactSignature(tech.pegasys.web3signer.signing.BlsArtifactSignature) FilecoinAddress(tech.pegasys.web3signer.signing.filecoin.FilecoinAddress) JsonRpcMethod(com.github.arteam.simplejsonrpc.core.annotation.JsonRpcMethod)

Example 4 with BlsArtifactSignature

use of tech.pegasys.web3signer.signing.BlsArtifactSignature in project web3signer by ConsenSys.

the class Eth2Runner method registerEth2Routes.

private void registerEth2Routes(final RouterBuilder routerBuilder, final ArtifactSignerProvider blsSignerProvider, final LogErrorHandler errorHandler, final MetricsSystem metricsSystem, final Optional<SlashingProtectionContext> slashingProtectionContext) {
    final ObjectMapper objectMapper = SigningObjectMapperFactory.createObjectMapper();
    // security handler for keymanager endpoints
    routerBuilder.securityHandler("bearerAuth", context -> {
        // TODO Auth token security logic
        final boolean authorized = true;
        if (authorized) {
            context.next();
        } else {
            context.response().setStatusCode(401).end("{ message: \"permission denied\" }");
        }
    });
    addPublicKeysListHandler(routerBuilder, blsSignerProvider, ETH2_LIST.name(), errorHandler);
    final SignerForIdentifier<BlsArtifactSignature> blsSigner = new SignerForIdentifier<>(blsSignerProvider, this::formatBlsSignature, BLS);
    routerBuilder.operation(ETH2_SIGN.name()).handler(new BlockingHandlerDecorator(new Eth2SignForIdentifierHandler(blsSigner, new HttpApiMetrics(metricsSystem, BLS), new SlashingProtectionMetrics(metricsSystem), slashingProtectionContext.map(SlashingProtectionContext::getSlashingProtection), objectMapper, eth2Spec), false)).failureHandler(errorHandler);
    addReloadHandler(routerBuilder, blsSignerProvider, RELOAD.name(), errorHandler);
    if (isKeyManagerApiEnabled) {
        routerBuilder.operation(KEYMANAGER_LIST.name()).handler(new BlockingHandlerDecorator(new ListKeystoresHandler(blsSignerProvider, objectMapper), false)).failureHandler(errorHandler);
        final ValidatorManager validatorManager = createValidatorManager(blsSignerProvider, objectMapper);
        routerBuilder.operation(KEYMANAGER_IMPORT.name()).handler(new BlockingHandlerDecorator(new ImportKeystoresHandler(objectMapper, config.getKeyConfigPath(), slashingProtectionContext.map(SlashingProtectionContext::getSlashingProtection), blsSignerProvider, validatorManager), false)).failureHandler(errorHandler);
        routerBuilder.operation(KEYMANAGER_DELETE.name()).handler(new BlockingHandlerDecorator(new DeleteKeystoresHandler(objectMapper, slashingProtectionContext.map(SlashingProtectionContext::getSlashingProtection), blsSignerProvider, validatorManager), false)).failureHandler(errorHandler);
    }
}
Also used : FileValidatorManager(tech.pegasys.web3signer.signing.FileValidatorManager) DbValidatorManager(tech.pegasys.web3signer.slashingprotection.DbValidatorManager) ValidatorManager(tech.pegasys.web3signer.signing.ValidatorManager) ListKeystoresHandler(tech.pegasys.web3signer.core.service.http.handlers.keymanager.list.ListKeystoresHandler) DeleteKeystoresHandler(tech.pegasys.web3signer.core.service.http.handlers.keymanager.delete.DeleteKeystoresHandler) SlashingProtectionMetrics(tech.pegasys.web3signer.core.metrics.SlashingProtectionMetrics) SignerForIdentifier(tech.pegasys.web3signer.core.service.http.handlers.signing.SignerForIdentifier) BlockingHandlerDecorator(io.vertx.ext.web.impl.BlockingHandlerDecorator) BlsArtifactSignature(tech.pegasys.web3signer.signing.BlsArtifactSignature) SlashingProtectionContext(tech.pegasys.web3signer.slashingprotection.SlashingProtectionContext) ImportKeystoresHandler(tech.pegasys.web3signer.core.service.http.handlers.keymanager.imports.ImportKeystoresHandler) ObjectMapper(com.fasterxml.jackson.databind.ObjectMapper) Eth2SignForIdentifierHandler(tech.pegasys.web3signer.core.service.http.handlers.signing.eth2.Eth2SignForIdentifierHandler) HttpApiMetrics(tech.pegasys.web3signer.core.service.http.metrics.HttpApiMetrics)

Example 5 with BlsArtifactSignature

use of tech.pegasys.web3signer.signing.BlsArtifactSignature in project web3signer by ConsenSys.

the class FilecoinVerifyTest method verifiesBlsSignatureWasSignedWithKey.

@Test
void verifiesBlsSignatureWasSignedWithKey() {
    final Bytes message = Bytes.fromBase64String(DATA);
    final BlsArtifactSignature artifactSignature = new BlsArtifactSignature(BLSSignature.fromBytesCompressed(Bytes.fromBase64String(BLS_SIGNATURE)));
    final FilecoinAddress filecoinAddress = FilecoinAddress.fromString("t3sjhgtrk5fdio52k5lzanh7yy4mj4rqbiowd6odddzprrxejgbjbl2irr3gmpbf7epigf45oy7asljj3v3lva");
    assertThat(FilecoinVerify.verify(filecoinAddress, message, artifactSignature)).isTrue();
}
Also used : Bytes(org.apache.tuweni.bytes.Bytes) BlsArtifactSignature(tech.pegasys.web3signer.signing.BlsArtifactSignature) Test(org.junit.jupiter.api.Test)

Aggregations

BlsArtifactSignature (tech.pegasys.web3signer.signing.BlsArtifactSignature)5 Bytes (org.apache.tuweni.bytes.Bytes)3 ObjectMapper (com.fasterxml.jackson.databind.ObjectMapper)2 JsonRpcMethod (com.github.arteam.simplejsonrpc.core.annotation.JsonRpcMethod)2 Test (org.junit.jupiter.api.Test)2 JsonNode (com.fasterxml.jackson.databind.JsonNode)1 ValueNode (com.fasterxml.jackson.databind.node.ValueNode)1 Request (com.github.arteam.simplejsonrpc.core.domain.Request)1 Response (io.restassured.response.Response)1 BlockingHandlerDecorator (io.vertx.ext.web.impl.BlockingHandlerDecorator)1 Path (java.nio.file.Path)1 OperationTimer (org.hyperledger.besu.plugin.services.metrics.OperationTimer)1 SlashingProtectionMetrics (tech.pegasys.web3signer.core.metrics.SlashingProtectionMetrics)1 DeleteKeystoresHandler (tech.pegasys.web3signer.core.service.http.handlers.keymanager.delete.DeleteKeystoresHandler)1 ImportKeystoresHandler (tech.pegasys.web3signer.core.service.http.handlers.keymanager.imports.ImportKeystoresHandler)1 ListKeystoresHandler (tech.pegasys.web3signer.core.service.http.handlers.keymanager.list.ListKeystoresHandler)1 SignerForIdentifier (tech.pegasys.web3signer.core.service.http.handlers.signing.SignerForIdentifier)1 Eth2SignForIdentifierHandler (tech.pegasys.web3signer.core.service.http.handlers.signing.eth2.Eth2SignForIdentifierHandler)1 HttpApiMetrics (tech.pegasys.web3signer.core.service.http.metrics.HttpApiMetrics)1 ArtifactSignature (tech.pegasys.web3signer.signing.ArtifactSignature)1