v0.2300.9 Latest Latest

This package is not in the latest version of its module.

Go to latest
Published: Nov 30, 2023 License: Apache-2.0 Imports: 9 Imported by: 3



Package identity encapsulates the node identity.



View Source
const (
	// NodeKeyPubFilename is the filename of the PEM encoded node public key.
	NodeKeyPubFilename = "identity_pub.pem"

	// P2PKeyPubFilename is the filename of the PEM encoded p2p public key.
	P2PKeyPubFilename = "p2p_pub.pem"

	// ConsensusKeyPubFilename is the filename of the PEM encoded consensus
	// public key.
	ConsensusKeyPubFilename = "consensus_pub.pem"

	// VRFKeyPubFilename is the filename of the PEM encoded node VRF public key.
	VRFKeyPubFilename = "vrf_pub.pem"

	// CommonName is the CommonName to use when generating TLS certificates.
	CommonName = "oasis-node"


RequiredSignerRoles is the required signer roles needed to load or provision a node identity.


func TLSCertPaths

func TLSCertPaths(dataDir string) (string, string)

TLSCertPaths returns the TLS private key and certificate paths relative to the passed data directory.

func TLSSentryClientCertPaths

func TLSSentryClientCertPaths(dataDir string) (string, string)

TLSSentryClientCertPaths returns the sentry client TLS private key and certificate paths relative to the passed data directory.


type Identity

type Identity struct {
	// NodeSigner is a node identity key signer.
	NodeSigner signature.Signer
	// P2PSigner is a node P2P link key signer.
	P2PSigner signature.Signer
	// ConsensusSigner is a node consensus key signer.
	ConsensusSigner signature.Signer
	// VRFSigner is a node VRF key signer.
	VRFSigner signature.Signer

	// TLSSentryClientCertificate is the client certificate used for
	// connecting to the sentry node's control connection.  It is never rotated.
	TLSSentryClientCertificate *tls.Certificate

	// TLSSigner is a node TLS certificate signer.
	TLSSigner signature.Signer
	// TLSCertificate is a certificate that can be used for TLS.
	TLSCertificate *tls.Certificate

Identity is a node identity.

func Load

func Load(dataDir string, signerFactory signature.SignerFactory) (*Identity, error)

Load loads an identity.

func LoadOrGenerate

func LoadOrGenerate(dataDir string, signerFactory signature.SignerFactory) (*Identity, error)

LoadOrGenerate loads or generates an identity.

func WithTLSCertificate added in v0.2300.0

func WithTLSCertificate(cert *tls.Certificate) *Identity

WithTLSCertificate creates a new identity with the specified TLS certificate, but otherwise leaves it blank.

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL