Evm_node_lib_dev.Gcp_kmsThe hash algorithm to be used to compute the digest sent to GCP.
val from_gcp_key :
Evm_node_config.Configuration.gcp_kms ->
Evm_node_config.Configuration.gcp_key ->
t Tezos_base.TzPervasives.tzresult Lwt.tfrom_gcp_key config key creates a new handler for the given key.
Are currently supported EC_SIGN_P256_SHA256 and EC_SIGN_SECP256K1_SHA256 keys. Returns an error when providing details about a key of an unsupported algorithm.
val gcp_key : t -> Evm_node_config.Configuration.gcp_keyGive back the key identifier
val public_key : t -> Tezos_base.TzPervasives.Signature.Public_key.tpublic_key kms returns the public key of the KMS cryptographic material encoded to be compatible with the Tezos blockchain.
val sign :
t ->
hash_algorithm ->
bytes ->
Tezos_base.TzPervasives.Signature.t Tezos_base.TzPervasives.tzresult Lwt.tsign kms algorithm payload computes the signature of payload using the requested algorithm for computing the digest.
To be noted that while GCP officially only support Sha256 digests, it will happily sign any 32-byte input which is why we can use it to sign blueprints (Blake2B) and Ethereum transactions (Keccak256). However, it means that arbitrary third-party tools recomputing the hash themselves will likely assume they need to use SHA256 to verify the signature of the original payload.
val ethereum_address_opt :
t ->
Evm_node_lib_dev_encoding.Ethereum_types.address optionethereum_address_opt kms returns the Ethereum address of the key managed by kms, if said key is compatible (EC_SIGN_SECP256K1_SHA256). Returns None otherwise.