staking

package
v1.10.9 Latest Latest
Warning

This package is not in the latest version of its module.

Go to latest
Published: Dec 11, 2023 License: BSD-3-Clause Imports: 18 Imported by: 0

Documentation

Index

Constants

View Source
const (
	MaxCertificateLen = 16 * units.KiB
	MaxRSAKeyByteLen  = units.KiB
	MaxRSAKeyBitLen   = 8 * MaxRSAKeyByteLen
)

MaxRSAKeyBitLen is the maximum RSA key size in bits that we are willing to parse.

https://github.com/golang/go/blob/go1.19.12/src/crypto/tls/handshake_client.go#L860-L862

Variables

View Source
var (
	ErrCertificateTooLarge        = fmt.Errorf("staking: certificate length is greater than %d", MaxCertificateLen)
	ErrUnsupportedAlgorithm       = errors.New("staking: cannot verify signature: unsupported algorithm")
	ErrPublicKeyAlgoMismatch      = errors.New("staking: signature algorithm specified different public key type")
	ErrInvalidRSAPublicKey        = errors.New("staking: invalid RSA public key")
	ErrInvalidECDSAPublicKey      = errors.New("staking: invalid ECDSA public key")
	ErrECDSAVerificationFailure   = errors.New("staking: ECDSA verification failure")
	ErrED25519VerificationFailure = errors.New("staking: Ed25519 verification failure")
)

Functions

func CheckSignature

func CheckSignature(cert *Certificate, msg []byte, signature []byte) error

CheckSignature verifies that the signature is a valid signature over signed from the certificate.

Ref: https://github.com/golang/go/blob/go1.19.12/src/crypto/x509/x509.go#L793-L797 Ref: https://github.com/golang/go/blob/go1.19.12/src/crypto/x509/x509.go#L816-L879

func InitNodeStakingKeyPair

func InitNodeStakingKeyPair(keyPath, certPath string) error

InitNodeStakingKeyPair generates a self-signed TLS key/cert pair to use in staking. The key and files will be placed at [keyPath] and [certPath], respectively. If there is already a file at [keyPath], returns nil.

func LoadTLSCertFromBytes

func LoadTLSCertFromBytes(keyBytes, certBytes []byte) (*tls.Certificate, error)

func LoadTLSCertFromFiles

func LoadTLSCertFromFiles(keyPath, certPath string) (*tls.Certificate, error)

func NewCertAndKeyBytes

func NewCertAndKeyBytes() ([]byte, []byte, error)

Creates a new staking private key / staking certificate pair. Returns the PEM byte representations of both.

func NewTLSCert

func NewTLSCert() (*tls.Certificate, error)

func ValidateCertificate

func ValidateCertificate(cert *Certificate) error

ValidateCertificate verifies that this certificate conforms to the required staking format assuming that it was already able to be parsed.

Types

type Certificate

type Certificate struct {
	Raw                []byte
	PublicKey          any
	SignatureAlgorithm x509.SignatureAlgorithm
}

func CertificateFromX509

func CertificateFromX509(cert *x509.Certificate) *Certificate

CertificateFromX509 converts an x509 certificate into a staking certificate.

Invariant: The provided certificate must be a parseable into a staking certificate.

func ParseCertificate

func ParseCertificate(der []byte) (*Certificate, error)

ParseCertificate parses a single certificate from the given ASN.1 DER data.

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL