sigs

package
v0.10.1 Latest Latest
Warning

This package is not in the latest version of its module.

Go to latest
Published: Jan 11, 2019 License: Apache-2.0 Imports: 12 Imported by: 20

Documentation

Overview

Package sigs is a generated protocol buffer package.

It is generated from these files:
	x/sigs/codec.proto

It has these top-level messages:
	UserData
	StdSignature

Package sigs provides basic authentication middleware to verify the signatures on the transaction, and maintain nonces for replay protection.

Index

Constants

View Source
const BucketName = "sigs"

BucketName is where we store the accounts

View Source
const (
	CodeInvalidSequence uint32 = 20
)

ABCI Response Codes x/auth reserves 20 ~ 29.

Variables

View Source
var (
	ErrInvalidLengthCodec = fmt.Errorf("proto: negative length found during unmarshaling")
	ErrIntOverflowCodec   = fmt.Errorf("proto: integer overflow")
)
View Source
var IsInvalidSignatureErr = errors.IsInvalidSignatureErr
View Source
var SignCodeV1 = []byte{0, 0xCA, 0xFE, 0}

SignCodeV1 is the current way to prefix the bytes we use to build a signature

Functions

func BuildSignBytes

func BuildSignBytes(signBytes []byte, chainID string, seq int64) ([]byte, error)

BuildSignBytes combines all info on the actual tx before signing

As specified in https://github.com/iov-one/weave/issues/70, we use the following format:

version | len(chainID) | chainID | nonce | signBytes 4bytes | uint8 | ascii string | int64 (bigendian) | serialized transaction

This is then prehashed with sha512 before fed into the public key signing/verification step

func BuildSignBytesTx

func BuildSignBytesTx(tx SignedTx, chainID string, seq int64) ([]byte, error)

BuildSignBytesTx calculates the sign bytes given a tx

func ErrInvalidSequence

func ErrInvalidSequence(why string, args ...interface{}) error

func ErrMissingPubkey added in v0.9.0

func ErrMissingPubkey() error

func ErrPubkeyAddressMismatch added in v0.9.0

func ErrPubkeyAddressMismatch() error

func IsInvalidSequenceErr

func IsInvalidSequenceErr(err error) bool

func NewUser

func NewUser(pubkey *crypto.PublicKey) orm.Object

NewUser constructs an object from an address and pubkey

func RegisterQuery

func RegisterQuery(qr weave.QueryRouter)

RegisterQuery will register this bucket as "/auth"

func VerifySignature

func VerifySignature(db weave.KVStore, sig *StdSignature,
	signBytes []byte, chainID string) (weave.Condition, error)

VerifySignature checks one signature against signbytes, check chain and updates state in the store

func VerifyTxSignatures

func VerifyTxSignatures(store weave.KVStore, tx SignedTx,
	chainID string) ([]weave.Condition, error)

VerifyTxSignatures checks all the signatures on the tx, which must have at least one.

returns list of signer addresses (possibly empty), or error if any signature is invalid

Types

type Authenticate

type Authenticate struct{}

Authenticate implements x.Authenticator and provides authentication based on public-key signatures.

func (Authenticate) GetConditions added in v0.4.0

func (a Authenticate) GetConditions(ctx weave.Context) []weave.Condition

GetConditions returns who signed the current Context. May be empty

func (Authenticate) HasAddress added in v0.3.0

func (a Authenticate) HasAddress(ctx weave.Context, addr weave.Address) bool

HasAddress returns true if the given address had signed in the current Context.

type Bucket

type Bucket struct {
	orm.Bucket
}

Bucket extends orm.Bucket with GetOrCreate

func NewBucket

func NewBucket() Bucket

NewBucket creates the proper bucket for this extension

func (Bucket) GetOrCreate

func (b Bucket) GetOrCreate(db weave.KVStore,
	pubkey *crypto.PublicKey) (orm.Object, error)

GetOrCreate initializes a UserData if none exist for that key

type Decorator

type Decorator struct {
	// contains filtered or unexported fields
}

Decorator verifies the signatures and adds them to the context

func NewDecorator

func NewDecorator() Decorator

NewDecorator returns a default authentication decorator, which appends the chainID before checking the signature, and requires at least one signature to be present

func (Decorator) AllowMissingSigs

func (d Decorator) AllowMissingSigs() Decorator

AllowMissingSigs allows us to pass along items with no signatures

func (Decorator) Check

func (d Decorator) Check(ctx weave.Context, store weave.KVStore, tx weave.Tx,
	next weave.Checker) (weave.CheckResult, error)

Check verifies signatures before calling down the stack

func (Decorator) Deliver

func (d Decorator) Deliver(ctx weave.Context, store weave.KVStore, tx weave.Tx,
	next weave.Deliverer) (weave.DeliverResult, error)

Deliver verifies signatures before calling down the stack

type SignedTx

type SignedTx interface {
	// GetSignBytes returns the canonical byte representation of the Msg.
	// Equivalent to weave.MustMarshal(tx.GetMsg()) if Msg has a deterministic
	// serialization.
	//
	// Helpful to store original, unparsed bytes here, just in case.
	GetSignBytes() ([]byte, error)

	// Signatures returns the signature of signers who signed the Msg.
	GetSignatures() []*StdSignature
}

SignedTx represents a transaction that contains signatures, which can be verified by the auth.Decorator

type StdSignature

type StdSignature struct {
	Sequence int64             `protobuf:"varint,1,opt,name=sequence,proto3" json:"sequence,omitempty"`
	Pubkey   *crypto.PublicKey `protobuf:"bytes,2,opt,name=pubkey" json:"pubkey,omitempty"`
	// Removed Address, Pubkey is more powerful
	Signature *crypto.Signature `protobuf:"bytes,4,opt,name=signature" json:"signature,omitempty"`
}

StdSignature represents the signature, the identity of the signer (the Pubkey), and a sequence number to prevent replay attacks.

A given signer must submit transactions with the sequence number increasing by 1 each time (starting at 0)

func SignTx

func SignTx(signer crypto.Signer, tx SignedTx, chainID string,
	seq int64) (*StdSignature, error)

SignTx creates a signature for the given tx

func (*StdSignature) Descriptor

func (*StdSignature) Descriptor() ([]byte, []int)

func (*StdSignature) GetPubkey added in v0.9.0

func (m *StdSignature) GetPubkey() *crypto.PublicKey

func (*StdSignature) GetSequence

func (m *StdSignature) GetSequence() int64

func (*StdSignature) GetSignature

func (m *StdSignature) GetSignature() *crypto.Signature

func (*StdSignature) Marshal

func (m *StdSignature) Marshal() (dAtA []byte, err error)

func (*StdSignature) MarshalTo

func (m *StdSignature) MarshalTo(dAtA []byte) (int, error)

func (*StdSignature) ProtoMessage

func (*StdSignature) ProtoMessage()

func (*StdSignature) Reset

func (m *StdSignature) Reset()

func (*StdSignature) Size

func (m *StdSignature) Size() (n int)

func (*StdSignature) String

func (m *StdSignature) String() string

func (*StdSignature) Unmarshal

func (m *StdSignature) Unmarshal(dAtA []byte) error

func (*StdSignature) Validate

func (s *StdSignature) Validate() error

Validate ensures the StdSignature meets basic standards

type UserData

type UserData struct {
	Pubkey   *crypto.PublicKey `protobuf:"bytes,1,opt,name=pubkey" json:"pubkey,omitempty"`
	Sequence int64             `protobuf:"varint,2,opt,name=sequence,proto3" json:"sequence,omitempty"`
}

UserData just stores the data and is used for serialization. Key is the Address (PubKey.Permission().Address())

Note: This should not be created from outside the module, User is the entry point you want

func AsUser

func AsUser(obj orm.Object) *UserData

AsUser will safely type-cast any value from Bucket to a UserData

func (*UserData) CheckAndIncrementSequence

func (u *UserData) CheckAndIncrementSequence(check int64) error

CheckAndIncrementSequence checks if the current Sequence matches the expected value. If so, it will increase the sequence by one and return nil If not, it will not change the sequence, but return an error

func (*UserData) Copy

func (u *UserData) Copy() orm.CloneableData

Copy makes a new UserData with the same coins

func (*UserData) Descriptor

func (*UserData) Descriptor() ([]byte, []int)

func (*UserData) GetPubkey added in v0.9.0

func (m *UserData) GetPubkey() *crypto.PublicKey

func (*UserData) GetSequence

func (m *UserData) GetSequence() int64

func (*UserData) Marshal

func (m *UserData) Marshal() (dAtA []byte, err error)

func (*UserData) MarshalTo

func (m *UserData) MarshalTo(dAtA []byte) (int, error)

func (*UserData) ProtoMessage

func (*UserData) ProtoMessage()

func (*UserData) Reset

func (m *UserData) Reset()

func (*UserData) SetPubkey added in v0.9.0

func (u *UserData) SetPubkey(pubkey *crypto.PublicKey)

SetPubkey will try to set the Pubkey or panic on an illegal operation. It is illegal to reset an already set key Otherwise, we don't control (although we could verify the hash, we leave that to the controller)

func (*UserData) Size

func (m *UserData) Size() (n int)

func (*UserData) String

func (m *UserData) String() string

func (*UserData) Unmarshal

func (m *UserData) Unmarshal(dAtA []byte) error

func (*UserData) Validate

func (u *UserData) Validate() error

Validate requires that all coins are in alphabetical

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL