staking

package
v1.10.19-cache-validat... Latest Latest
Warning

This package is not in the latest version of its module.

Go to latest
Published: Jan 26, 2024 License: BSD-3-Clause Imports: 21 Imported by: 32

Documentation

Index

Constants

View Source
const (
	MaxCertificateLen = 2 * units.KiB
)

Variables

View Source
var (
	ErrCertificateTooLarge                   = fmt.Errorf("staking: certificate length is greater than %d", MaxCertificateLen)
	ErrMalformedCertificate                  = errors.New("staking: malformed certificate")
	ErrMalformedTBSCertificate               = errors.New("staking: malformed tbs certificate")
	ErrMalformedVersion                      = errors.New("staking: malformed version")
	ErrMalformedSerialNumber                 = errors.New("staking: malformed serial number")
	ErrMalformedSignatureAlgorithmIdentifier = errors.New("staking: malformed signature algorithm identifier")
	ErrMalformedIssuer                       = errors.New("staking: malformed issuer")
	ErrMalformedValidity                     = errors.New("staking: malformed validity")
	ErrMalformedSPKI                         = errors.New("staking: malformed spki")
	ErrMalformedPublicKeyAlgorithmIdentifier = errors.New("staking: malformed public key algorithm identifier")
	ErrMalformedSubjectPublicKey             = errors.New("staking: malformed subject public key")
	ErrMalformedOID                          = errors.New("staking: malformed oid")
	ErrInvalidRSAPublicKey                   = errors.New("staking: invalid RSA public key")
	ErrInvalidRSAModulus                     = errors.New("staking: invalid RSA modulus")
	ErrInvalidRSAPublicExponent              = errors.New("staking: invalid RSA public exponent")
	ErrRSAModulusNotPositive                 = errors.New("staking: RSA modulus is not a positive number")
	ErrUnsupportedRSAModulusBitLen           = errors.New("staking: unsupported RSA modulus bitlen")
	ErrRSAModulusIsEven                      = errors.New("staking: RSA modulus is an even number")
	ErrUnsupportedRSAPublicExponent          = errors.New("staking: unsupported RSA public exponent")
	ErrFailedUnmarshallingEllipticCurvePoint = errors.New("staking: failed to unmarshal elliptic curve point")
	ErrUnknownPublicKeyAlgorithm             = errors.New("staking: unknown public key algorithm")
)
View Source
var (
	ErrUnsupportedAlgorithm     = errors.New("staking: cannot verify signature: unsupported algorithm")
	ErrPublicKeyAlgoMismatch    = errors.New("staking: signature algorithm specified different public key type")
	ErrInvalidECDSAPublicKey    = errors.New("staking: invalid ECDSA public key")
	ErrECDSAVerificationFailure = errors.New("staking: ECDSA verification failure")
)

Functions

func CheckSignature added in v1.10.6

func CheckSignature(cert *Certificate, msg []byte, signature []byte) error

CheckSignature verifies that the signature is a valid signature over signed from the certificate.

Ref: https://github.com/golang/go/blob/go1.19.12/src/crypto/x509/x509.go#L793-L797 Ref: https://github.com/golang/go/blob/go1.19.12/src/crypto/x509/x509.go#L816-L879

func InitNodeStakingKeyPair added in v1.4.5

func InitNodeStakingKeyPair(keyPath, certPath string) error

InitNodeStakingKeyPair generates a self-signed TLS key/cert pair to use in staking. The key and files will be placed at [keyPath] and [certPath], respectively. If there is already a file at [keyPath], returns nil.

func LoadTLSCertFromBytes added in v1.7.2

func LoadTLSCertFromBytes(keyBytes, certBytes []byte) (*tls.Certificate, error)

func LoadTLSCertFromFiles added in v1.7.2

func LoadTLSCertFromFiles(keyPath, certPath string) (*tls.Certificate, error)

func NewCertAndKeyBytes added in v1.5.3

func NewCertAndKeyBytes() ([]byte, []byte, error)

Creates a new staking private key / staking certificate pair. Returns the PEM byte representations of both.

func NewTLSCert added in v1.4.0

func NewTLSCert() (*tls.Certificate, error)

func ValidateCertificate added in v1.10.9

func ValidateCertificate(cert *Certificate) error

ValidateCertificate verifies that this certificate conforms to the required staking format assuming that it was already able to be parsed.

TODO: Remove after v1.11.x activates.

Types

type Certificate added in v1.10.9

type Certificate struct {
	Raw       []byte
	PublicKey crypto.PublicKey
	// TODO: Remove after v1.11.x activates.
	SignatureAlgorithm x509.SignatureAlgorithm
}

func CertificateFromX509 added in v1.10.9

func CertificateFromX509(cert *x509.Certificate) *Certificate

CertificateFromX509 converts an x509 certificate into a staking certificate.

Invariant: The provided certificate must be a parseable into a staking certificate.

func ParseCertificate added in v1.10.9

func ParseCertificate(der []byte) (*Certificate, error)

ParseCertificate parses a single certificate from the given ASN.1 DER data.

TODO: Remove after v1.11.x activates.

func ParseCertificatePermissive added in v1.10.18

func ParseCertificatePermissive(bytes []byte) (*Certificate, error)

ParseCertificatePermissive parses a single certificate from the given ASN.1.

This function does not validate that the certificate is valid to be used against normal TLS implementations.

Ref: https://github.com/golang/go/blob/go1.19.12/src/crypto/x509/parser.go#L789-L968

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL