Interface SecurityModule

public interface SecurityModule
Provides a generic interface for classes which wrap/hide a cryptographic private key. This interface ensures cryptographic functions required by Ethereum are available to the application at large, without releasing the content of the private key.

  • Method Summary

    Modifier and Type
    Method
    Description
    org.apache.tuweni.bytes.Bytes32
    calculateECDHKeyAgreement(PublicKey partyKey)
    Perform ECDH key agreement calculations.
    default org.apache.tuweni.bytes.Bytes
    calculateECDHKeyAgreementCompressed(PublicKey partyKey)
    Perform ECDH key agreement returning the compressed EC point.
    PublicKey
    getPublicKey()
    The public key associated with this security module.
    Signature
    sign(org.apache.tuweni.bytes.Bytes32 dataHash)
    Produces a signature for the given hash.

  • Method Details

    • sign

      Signature sign(org.apache.tuweni.bytes.Bytes32 dataHash) throws SecurityModuleException
      Produces a signature for the given hash.
      Parameters:
      dataHash - The Keccack hash of a set of data, which is to be signed.
      Returns:
      the signature (R, S) generated by signing the hash with the node key
      Throws:
      SecurityModuleException - if sign fails

    • getPublicKey

      PublicKey getPublicKey() throws SecurityModuleException
      The public key associated with this security module.
      Returns:
      the public key associated with the key stored behind this interface.
      Throws:
      SecurityModuleException - if getPublicKey fails

    • calculateECDHKeyAgreement

      org.apache.tuweni.bytes.Bytes32 calculateECDHKeyAgreement(PublicKey partyKey) throws SecurityModuleException
      Perform ECDH key agreement calculations.
      Parameters:
      partyKey - the key with which an agreement is to be created.
      Returns:
      The bytes forming the agreement
      Throws:
      SecurityModuleException - if calculateECDHKeyAgreement fails

    • calculateECDHKeyAgreementCompressed

      default org.apache.tuweni.bytes.Bytes calculateECDHKeyAgreementCompressed(PublicKey partyKey) throws SecurityModuleException
      Perform ECDH key agreement returning the compressed EC point.

      Returns the full compressed EC point (SEC1 compressed format: prefix byte + x-coordinate) from the ECDH scalar multiplication. This is required by protocols such as DiscV5 which use the compressed point as input keying material for HKDF key derivation.

      The default implementation throws SecurityModuleException. Implementations that need to support DiscV5 must override this method.

      Parameters:
      partyKey - the key with which an agreement is to be created.
      Returns:
      the compressed EC point in SEC1 format
      Throws:
      SecurityModuleException - if the operation is not supported or fails