Documentation ¶
Overview ¶
Package validator contains the Thales implementation of the tendermint privValidator interface.
Index ¶
- type Ed25519KeyPair
- type Hsm
- type HsmPrivValidator
- func (pv *HsmPrivValidator) GetAddress() data.Bytes
- func (pv *HsmPrivValidator) GetPubKey() crypto.PubKey
- func (pv *HsmPrivValidator) SaveToFile(filePath string) error
- func (pv *HsmPrivValidator) SignHeartbeat(chainID string, heartbeat *types.Heartbeat) error
- func (pv *HsmPrivValidator) SignProposal(chainID string, proposal *types.Proposal) error
- func (pv *HsmPrivValidator) SignVote(chainID string, vote *types.Vote) error
Constants ¶
This section is empty.
Variables ¶
This section is empty.
Functions ¶
This section is empty.
Types ¶
type Ed25519KeyPair ¶
Ed25519KeyPair is an encrypted private ed25519 elliptic curve key with a corresponding public key.
type Hsm ¶
type Hsm interface { // LoadKeys loads the encrypted private key into the HSM. LoadKeys(wrappedPrivKey []byte) error // GenerateKey creates a new ed25519 key pair in the HSM and returns // the encrypted private key and the public key. GenerateKey() (Ed25519KeyPair, error) // SignVote creates a canonical representation of the vote and signs // it in the HSM. The signing operation must fail if there is a // regression in height, round or step. SignVote(chainId string, vote *types.Vote) ([]byte, error) // SignProposal creates a canonical representation of the proposal and signs // it in the HSM. The signing operation must fail if there is a // regression in height, round or step. SignProposal(chainId string, proposal *types.Proposal) ([]byte, error) // SignHeartbeat creates a canonical representation of the heartbeat and signs // it in the HSM. SignHeartbeat(chainId string, hb *types.Heartbeat) ([]byte, error) }
Hsm defines the interface to the HSM.
type HsmPrivValidator ¶
type HsmPrivValidator struct { EncryptedPrivKey []byte PublicKey []byte Hsm Hsm `json:"-"` // contains filtered or unexported fields }
HsmPrivValidator is a Tendermint private validator that protects keys and critical blockchain logic within a Thales nShield HSM.
func LoadFromFile ¶
func LoadFromFile(filePath string, hsm Hsm) (*HsmPrivValidator, error)
LoadFromFile reads the privValidator from disk and loads the keys into the HSM.
func NewHsmPrivValidator ¶
func NewHsmPrivValidator(hsm Hsm) (HsmPrivValidator, error)
NewHsmPrivValidator constructs a new HsmPrivValidator, including generating a new key pair using the supplied Hsm interface. The key pair will not be loaded after generation.
func (*HsmPrivValidator) GetAddress ¶
func (pv *HsmPrivValidator) GetAddress() data.Bytes
GetAddress implements PrivValidator.GetAddress by simply calling GetPubKey().Address().
func (*HsmPrivValidator) GetPubKey ¶
func (pv *HsmPrivValidator) GetPubKey() crypto.PubKey
GetPubKey implements PrivValidator.GetPubKey and returns the Tendermint type that represents Ed25519 public keys.
func (*HsmPrivValidator) SaveToFile ¶
func (pv *HsmPrivValidator) SaveToFile(filePath string) error
SaveToFile persists the private validator information to disk.
func (*HsmPrivValidator) SignHeartbeat ¶
func (pv *HsmPrivValidator) SignHeartbeat(chainID string, heartbeat *types.Heartbeat) error
SignHeartbeat implements PrivValidator.SignHeartbeat by sending the signing operation to the Thales HSM.
func (*HsmPrivValidator) SignProposal ¶
func (pv *HsmPrivValidator) SignProposal(chainID string, proposal *types.Proposal) error
SignProposal implements PrivValidator.SignProposal by sending the signing operation to the Thales HSM. This method will fail if there is a regression in height, round or step.