use of tech.pegasys.web3signer.signing.config.metadata.interlock.InterlockKeyProvider in project web3signer by ConsenSys.
the class Eth2Runner method createArtifactSignerProvider.
@Override
protected ArtifactSignerProvider createArtifactSignerProvider(final Vertx vertx, final MetricsSystem metricsSystem) {
return new DefaultArtifactSignerProvider(() -> {
final List<ArtifactSigner> signers = Lists.newArrayList();
final HashicorpConnectionFactory hashicorpConnectionFactory = new HashicorpConnectionFactory(vertx);
try (final InterlockKeyProvider interlockKeyProvider = new InterlockKeyProvider(vertx);
final YubiHsmOpaqueDataProvider yubiHsmOpaqueDataProvider = new YubiHsmOpaqueDataProvider();
final AwsSecretsManagerProvider awsSecretsManagerProvider = new AwsSecretsManagerProvider(awsCacheMaximumSize)) {
final AbstractArtifactSignerFactory artifactSignerFactory = new BlsArtifactSignerFactory(config.getKeyConfigPath(), metricsSystem, hashicorpConnectionFactory, interlockKeyProvider, yubiHsmOpaqueDataProvider, awsSecretsManagerProvider, (args) -> new BlsArtifactSigner(args.getKeyPair(), args.getOrigin(), args.getPath()));
signers.addAll(new SignerLoader().load(config.getKeyConfigPath(), "yaml", new YamlSignerParser(List.of(artifactSignerFactory))));
}
if (azureKeyVaultParameters.isAzureKeyVaultEnabled()) {
signers.addAll(loadAzureSigners());
}
if (keystoresParameters.isEnabled()) {
final BlsKeystoreBulkLoader blsKeystoreBulkLoader = new BlsKeystoreBulkLoader();
final Collection<ArtifactSigner> keystoreSigners = keystoresParameters.hasKeystoresPasswordsPath() ? blsKeystoreBulkLoader.loadKeystoresUsingPasswordDir(keystoresParameters.getKeystoresPath(), keystoresParameters.getKeystoresPasswordsPath()) : blsKeystoreBulkLoader.loadKeystoresUsingPasswordFile(keystoresParameters.getKeystoresPath(), keystoresParameters.getKeystoresPasswordFile());
signers.addAll(keystoreSigners);
}
final List<Bytes> validators = signers.stream().map(ArtifactSigner::getIdentifier).map(Bytes::fromHexString).collect(Collectors.toList());
if (validators.isEmpty()) {
LOG.warn("No BLS keys loaded. Check that the key store has BLS key config files");
} else {
slashingProtectionContext.ifPresent(context -> context.getRegisteredValidators().registerValidators(validators));
}
return signers;
});
}
use of tech.pegasys.web3signer.signing.config.metadata.interlock.InterlockKeyProvider in project web3signer by ConsenSys.
the class FilecoinRunner method createArtifactSignerProvider.
@Override
protected ArtifactSignerProvider createArtifactSignerProvider(final Vertx vertx, final MetricsSystem metricsSystem) {
return new DefaultArtifactSignerProvider(() -> {
final AzureKeyVaultSignerFactory azureFactory = new AzureKeyVaultSignerFactory();
final HashicorpConnectionFactory hashicorpConnectionFactory = new HashicorpConnectionFactory(vertx);
try (final InterlockKeyProvider interlockKeyProvider = new InterlockKeyProvider(vertx);
final YubiHsmOpaqueDataProvider yubiHsmOpaqueDataProvider = new YubiHsmOpaqueDataProvider();
final AwsSecretsManagerProvider awsSecretsManagerProvider = new AwsSecretsManagerProvider(AWS_CACHE_MAXIMUM_SIZE)) {
final AbstractArtifactSignerFactory blsArtifactSignerFactory = new BlsArtifactSignerFactory(config.getKeyConfigPath(), metricsSystem, hashicorpConnectionFactory, interlockKeyProvider, yubiHsmOpaqueDataProvider, awsSecretsManagerProvider, (args) -> new FcBlsArtifactSigner(args.getKeyPair(), network));
final AbstractArtifactSignerFactory secpArtifactSignerFactory = new Secp256k1ArtifactSignerFactory(hashicorpConnectionFactory, config.getKeyConfigPath(), azureFactory, interlockKeyProvider, yubiHsmOpaqueDataProvider, signer -> new FcSecpArtifactSigner(signer, network), false);
return new SignerLoader().load(config.getKeyConfigPath(), "yaml", new YamlSignerParser(List.of(blsArtifactSignerFactory, secpArtifactSignerFactory)));
}
});
}
use of tech.pegasys.web3signer.signing.config.metadata.interlock.InterlockKeyProvider in project web3signer by ConsenSys.
the class Eth1Runner method createArtifactSignerProvider.
@Override
protected ArtifactSignerProvider createArtifactSignerProvider(final Vertx vertx, final MetricsSystem metricsSystem) {
return new DefaultArtifactSignerProvider(() -> {
final AzureKeyVaultSignerFactory azureFactory = new AzureKeyVaultSignerFactory();
final HashicorpConnectionFactory hashicorpConnectionFactory = new HashicorpConnectionFactory(vertx);
try (final InterlockKeyProvider interlockKeyProvider = new InterlockKeyProvider(vertx);
final YubiHsmOpaqueDataProvider yubiHsmOpaqueDataProvider = new YubiHsmOpaqueDataProvider()) {
final Secp256k1ArtifactSignerFactory ethSecpArtifactSignerFactory = new Secp256k1ArtifactSignerFactory(hashicorpConnectionFactory, config.getKeyConfigPath(), azureFactory, interlockKeyProvider, yubiHsmOpaqueDataProvider, EthSecpArtifactSigner::new, true);
return new SignerLoader().load(config.getKeyConfigPath(), "yaml", new YamlSignerParser(List.of(ethSecpArtifactSignerFactory)));
}
});
}
use of tech.pegasys.web3signer.signing.config.metadata.interlock.InterlockKeyProvider in project web3signer by ConsenSys.
the class BlsArtifactSignerFactoryTest method setup.
@BeforeEach
void setup() throws IOException {
vertx = Vertx.vertx();
interlockKeyProvider = new InterlockKeyProvider(vertx);
yubiHsmOpaqueDataProvider = new YubiHsmOpaqueDataProvider();
awsSecretsManagerProvider = new AwsSecretsManagerProvider(100);
artifactSignerFactory = new BlsArtifactSignerFactory(configDir, new NoOpMetricsSystem(), new HashicorpConnectionFactory(vertx), interlockKeyProvider, yubiHsmOpaqueDataProvider, awsSecretsManagerProvider, (args) -> new BlsArtifactSigner(args.getKeyPair(), args.getOrigin()));
}
Aggregations