taccatisid
taccatisid
Using https://consensys.github.io/quorum-key-manager/#tag/Secrets as backing store - implement KeyVaultService for QKM - implement KeyPairConfig for QKM including configuration of keys via secret ids - implement KeyGenerator for QKM - handle QKM...
Instead of retrieving secret key material from QKM, generate the key pairs on QKM itself and do all public key cryptography in QKM so that the private key never leaves...
- load keys, local certificate, and CA certificate on startup - initiate TLS session using local cert and verifying the remote certificate against the configured CA see https://docs.quorum-key-manager.consensys.net/en/latest/HowTo/Authenticate/TLS/
see https://docs.quorum-key-manager.consensys.net/en/latest/HowTo/Authenticate/OIDC/
- add support for configuration of secret API key (via config file or environment variable) - add HTTP-Header to all QKM RPC requests see https://docs.quorum-key-manager.consensys.net/en/latest/HowTo/Authenticate/API-Key/
Add docker/tessera.qkm.Dockerfile similar to docker/tessera.qkm.Dockerfile
Quorum key manager should be supported as vault service and possibly later on as HSM.
Signed-off-by: Taccat Isid ## Checklist - ~~A link to the issue/user story that the pull request relates to~~ - [x] How to recreate the problem without the fix - [x]...
## Checklist - ~~A link to the issue/user story that the pull request relates to~~ - [x] How to recreate the problem without the fix - [x] Design of the...