Documentation
¶
Index ¶
- Variables
- func AuthenticatedBytesToSign(req *SignRequest) ([]byte, error)
- type Config
- type Policy
- type PolicyHook
- type PolicyHookReply
- type PolicyHookReplyPayload
- type PolicyHookRequest
- type PublicKey
- type PublicKeyPolicy
- type SignInterceptor
- type SignInterceptorOptions
- type SignRequest
- type Signatory
- func (s *Signatory) GetPublicKey(ctx context.Context, keyHash crypt.PublicKeyHash) (*PublicKey, error)
- func (s *Signatory) Import(ctx context.Context, importerName string, secretKey string, ...) (*PublicKey, error)
- func (s *Signatory) ListPublicKeys(ctx context.Context) ([]*PublicKey, error)
- func (s *Signatory) Ready(ctx context.Context) (bool, error)
- func (s *Signatory) Sign(ctx context.Context, req *SignRequest) (crypt.Signature, error)
- func (s *Signatory) Unlock(ctx context.Context) error
Constants ¶
This section is empty.
Variables ¶
View Source
var ( // ErrVaultNotFound error return when a vault is not found ErrVaultNotFound = errors.Wrap(stderr.New("this key not found in any vault"), http.StatusNotFound) // ErrNotSafeToSign error returned when an operation is a potential duplicate ErrNotSafeToSign = errors.Wrap(stderr.New("not safe to sign"), http.StatusForbidden) )
Functions ¶
func AuthenticatedBytesToSign ¶
func AuthenticatedBytesToSign(req *SignRequest) ([]byte, error)
Types ¶
type Config ¶
type Config struct {
Policy Policy
Vaults map[string]*config.VaultConfig
Interceptor SignInterceptor
Watermark watermark.Watermark
Logger log.FieldLogger
VaultFactory vault.Factory
PolicyHook *PolicyHook
}
Config represents Signatory configuration
type Policy ¶
type Policy = hashmap.PublicKeyHashMap[*PublicKeyPolicy]
func PreparePolicy ¶
func PreparePolicy(src config.TezosConfig) (out Policy, err error)
PreparePolicy prepares policy data by hashing keys etc
type PolicyHook ¶
type PolicyHook struct {
Address string
Auth auth.AuthorizedKeysStorage
}
type PolicyHookReply ¶
type PolicyHookReply struct {
Payload json.RawMessage `json:"payload"`
Signature string `json:"signature"`
}
type PolicyHookReplyPayload ¶
type PolicyHookRequest ¶
type PublicKey ¶
type PublicKey struct {
vault.KeyReference
Hash crypt.PublicKeyHash
Policy *PublicKeyPolicy
Active bool
}
PublicKey contains public key with its hash
type PublicKeyPolicy ¶
type PublicKeyPolicy struct {
AllowedRequests []string
AllowedOps []string
LogPayloads bool
AuthorizedKeyHashes []crypt.PublicKeyHash
AuthorizedJwtUsers []string
}
PublicKeyPolicy contains policy data related to the key
type SignInterceptor ¶
type SignInterceptor func(opt *SignInterceptorOptions, sing func() error) error
SignInterceptor is an observer function for signing request
type SignInterceptorOptions ¶
type SignInterceptorOptions struct {
Address crypt.PublicKeyHash
Vault string
Req string
Stat operationsStat
}
SignInterceptorOptions contains SignInterceptor arguments to avoid confusion
type SignRequest ¶
type SignRequest struct {
ClientPublicKeyHash crypt.PublicKeyHash // optional, see policy
PublicKeyHash crypt.PublicKeyHash
Source net.IP // optional caller address
Message []byte
}
SignRequest represents a sign request which may be authenticated with the client key
type Signatory ¶
type Signatory struct {
// contains filtered or unexported fields
}
Signatory is a struct coordinate signatory action and select vault according to the key being used
func (*Signatory) GetPublicKey ¶
func (s *Signatory) GetPublicKey(ctx context.Context, keyHash crypt.PublicKeyHash) (*PublicKey, error)
GetPublicKey retrieve the public key from a vault
func (*Signatory) Import ¶
func (s *Signatory) Import(ctx context.Context, importerName string, secretKey string, passCB func() ([]byte, error), opt utils.Options) (*PublicKey, error)
Import a keyPair inside the vault
func (*Signatory) ListPublicKeys ¶
ListPublicKeys retrieve the list of all public keys supported by the current configuration
Source Files
Directories
Click to show internal directories.
Click to hide internal directories.