-
Notifications
You must be signed in to change notification settings - Fork 107
/
api.go
76 lines (60 loc) · 2.4 KB
/
api.go
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
// Package api implements the key manager management API and common data types.
package api
import (
"context"
"crypto/sha512"
"github.com/oasisprotocol/curve25519-voi/primitives/x25519"
"github.com/oasisprotocol/oasis-core/go/common/crypto/signature"
memorySigner "github.com/oasisprotocol/oasis-core/go/common/crypto/signature/signers/memory"
"github.com/oasisprotocol/oasis-core/go/keymanager/churp"
"github.com/oasisprotocol/oasis-core/go/keymanager/secrets"
)
const (
// ModuleName is a unique module name for the keymanager module.
ModuleName = "keymanager"
)
var (
// InsecureRAK is the insecure hardcoded key manager public key, used
// in insecure builds when a RAK is unavailable.
InsecureRAK signature.PublicKey
// InsecureREK is the insecure hardcoded key manager public key, used
// in insecure builds when a REK is unavailable.
InsecureREK x25519.PublicKey
// TestSigners contains a list of signers with corresponding test keys, used
// in insecure builds when a RAK is unavailable.
TestSigners []signature.Signer
// RPCMethodConnect is the name of the method used to establish a Noise session.
RPCMethodConnect = ""
)
// Backend is a key manager management implementation.
type Backend interface {
// StateToGenesis returns the genesis state at specified block height.
StateToGenesis(ctx context.Context, height int64) (*Genesis, error)
// Secrets returns the key manager secrets management implementation.
Secrets() secrets.Backend
// Churp returns the key manager CHURP management implementation.
Churp() churp.Backend
}
// Genesis is the key manager management genesis state.
type Genesis = secrets.Genesis
func init() {
// Old `INSECURE_SIGNING_KEY_PKCS8`.
var oldTestKey signature.PublicKey
_ = oldTestKey.UnmarshalHex("9d41a874b80e39a40c9644e964f0e4f967100c91654bfd7666435fe906af060f")
signature.RegisterTestPublicKey(oldTestKey)
// Register all the seed derived SGX key manager test keys.
for idx, v := range []string{
"ekiden test key manager RAK seed", // DO NOT REORDER.
"ekiden key manager test multisig key 0",
"ekiden key manager test multisig key 1",
"ekiden key manager test multisig key 2",
} {
tmpSigner := memorySigner.NewTestSigner(v)
TestSigners = append(TestSigners, tmpSigner)
if idx == 0 {
InsecureRAK = tmpSigner.Public()
}
}
rek := x25519.PrivateKey(sha512.Sum512_256([]byte("ekiden test key manager REK seed")))
InsecureREK = *rek.Public()
}