Documentation
¶
Index ¶
- Constants
- Variables
- type AmazonKms
- type BenchmarkSigner
- type FileSigner
- type GeneratedSigner
- func (gs *GeneratedSigner) PublicKey(ctx context.Context) (pubKey ecdsa.PublicKey)
- func (gs *GeneratedSigner) Sign(ctx context.Context, hash []byte) (sig []byte, err error)
- func (gs *GeneratedSigner) TypeAsString() string
- func (gs *GeneratedSigner) Verify(ctx context.Context, sig []byte, hash []byte) (valid bool, err error)
- type GuardianSigner
- type SignerType
Constants ¶
const (
GuardianKeyArmoredBlock = "WORMHOLE GUARDIAN PRIVATE KEY"
)
Variables ¶
var ( // The timeout for KMS operations. This is necessary to avoid situations where // the signing or verification is blocked indefinitely. KMS_TIMEOUT = time.Second * 15 MINIMUM_KMS_PUBKEY_LENGTH = 65 )
Functions ¶
This section is empty.
Types ¶
type AmazonKms ¶
type AmazonKms struct {
// contains filtered or unexported fields
}
AmazonKms is a signer that uses AWS KMS to sign messages. The URI is expected to be in the format amazonkms://<key-arn>.
func NewAmazonKmsSigner ¶
func NewAmazonKmsSigner(ctx context.Context, unsafeDevMode bool, keyPath string) (*AmazonKms, error)
NewAmazonKmsSigner creates a new AmazonKms signer. The keyPath is expected to be an ARN, identifying the key in AWS KMS. The region is extracted from the ARN, and the AWS KMS client is created with the region. NOTE: The public key is retrieved during signer creation, and stored as a property of the signer. This is because the public key is not expected to change during runtime.
func (*AmazonKms) TypeAsString ¶
Return the signer type as "amazonkms".
type BenchmarkSigner ¶
type BenchmarkSigner struct {
// contains filtered or unexported fields
}
The BenchmarkSigner is a signer that wraps other signers, recording the latency of signing and signature verification through prometheus histograms.
func BenchmarkWrappedSigner ¶
func BenchmarkWrappedSigner(innerSigner GuardianSigner) *BenchmarkSigner
func (*BenchmarkSigner) PublicKey ¶
func (b *BenchmarkSigner) PublicKey(ctx context.Context) ecdsa.PublicKey
func (*BenchmarkSigner) TypeAsString ¶
func (b *BenchmarkSigner) TypeAsString() string
Return the type of signer as "benchmark".
type FileSigner ¶
type FileSigner struct {
// contains filtered or unexported fields
}
FileSigner is a signer that loads a guardian key from a file. The URI is expected to be in the format file://<path-to-file>.
func NewFileSigner ¶
func NewFileSigner(ctx context.Context, unsafeDevMode bool, signerKeyPath string) (*FileSigner, error)
The FileSigner is a signer that reads a guardian key from a file (signerKeyPath). The key is expected to be armored with an OpenPGP armor block, and the key itself is expected to be a protobuf-encoded GuardianKey message.
func (*FileSigner) PublicKey ¶
func (fs *FileSigner) PublicKey(ctx context.Context) ecdsa.PublicKey
PublicKey returns the public key of the signer.
func (*FileSigner) TypeAsString ¶
func (fs *FileSigner) TypeAsString() string
Return the signer type as "file".
type GeneratedSigner ¶
type GeneratedSigner struct {
// contains filtered or unexported fields
}
The GeneratedSigner is a signer that is intended for use in tests. It uses the private key supplied to GenerateSignerWithPrivatekeyUnsafe, or defaults to generating a random private key if no private key is supplied.
func NewGeneratedSigner ¶
func NewGeneratedSigner(key *ecdsa.PrivateKey) (*GeneratedSigner, error)
NewGeneratedSigner creates a new GeneratedSigner. If key is nil, a random private key is generated. Otherwise, the private key is used as-is.
func (*GeneratedSigner) PublicKey ¶
func (gs *GeneratedSigner) PublicKey(ctx context.Context) (pubKey ecdsa.PublicKey)
func (*GeneratedSigner) TypeAsString ¶
func (gs *GeneratedSigner) TypeAsString() string
Return the signer type as "generated".
type GuardianSigner ¶
type GuardianSigner interface {
// Sign expects a keccak256 hash that needs to be signed.
Sign(ctx context.Context, hash []byte) (sig []byte, err error)
// PublicKey returns the ECDSA public key of the signer.
PublicKey(ctx context.Context) (pubKey ecdsa.PublicKey)
// Verify is a convenience function that recovers a public key from the sig/hash pair,
// and checks if the public key matches that of the guardian signer.
Verify(ctx context.Context, sig []byte, hash []byte) (valid bool, err error)
// Return the type of signer as string.
TypeAsString() string
}
GuardianSigner interface. Each function in the GuardianSigner interface expects a context to be supplied. This is because signers might interact with external services that have the potential of introducing unwanted behaviour, like timing out or hanging indefinitely. It's up to each signer implementation to decide how to handle the context.
func GenerateSignerWithPrivatekeyUnsafe ¶
func GenerateSignerWithPrivatekeyUnsafe(key *ecdsa.PrivateKey) (GuardianSigner, error)
This function is meant to be a helper function that returns a guardian signer for tests that simply require a private key. The caller can specify a private key to be used, or pass nil to have `NewGeneratedSigner` generate a random private key.
func NewGuardianSignerFromUri ¶
func NewGuardianSignerFromUri(ctx context.Context, signerUri string, unsafeDevMode bool) (GuardianSigner, error)
Create a new GuardianSigner from the given URI. The caller can also specify the unsafeDevMode flag, which signals that the signer is running in an unsafe development environment. This is used, for example, to signal the file signer that it should check whether or not the key is deterministic.
Additionally, a context is expected to be supplied, as the signer might interact with external services during construction. For example, the Amazon KMS signer validates that the ARN is valid and retrieves the public key from the service.
type SignerType ¶
type SignerType int
The types of guardian signers that are supported
const ( InvalidSignerType SignerType = iota // file://<path-to-file> FileSignerType // amazonkms://<arn> AmazonKmsSignerType )
func ParseSignerUri ¶
func ParseSignerUri(signerUri string) (signerType SignerType, signerKeyConfig string, err error)
Parse the signer URI and return the signer type and key configuration. The signer URI is expected to be in the format <signer-type>://<key-configuration>.
Source Files