Skip to content

Add support for external signing#53

Open
ximinez wants to merge 2 commits intoripple:masterfrom
ximinez:signing
Open

Add support for external signing#53
ximinez wants to merge 2 commits intoripple:masterfrom
ximinez:signing

Conversation

@ximinez
Copy link
Contributor

@ximinez ximinez commented Apr 9, 2024

This change, if merged, adds support for external signing tools, such as an HSM (Hardware Security Module).

Additionally:

Outline of steps to use this new functionality:

One-time setup

  1. Obtain the public key of the external tool, it can be encoded in the rippled format (e.g. nHBQi...), hex encoded, or base-64 encoded. Either way, the key must be 33 bytes decoded, and the first byte must be 0xED for an ed25519 key, and 0x02 or 0x03 for a secp256k1 key.
  2. Run validator-keys create_external <encoded_public_key>

Usage

  1. Run validator-keys start_token. This will return a hex encoded string to sign.
  2. Sign the string from step 3 using the external tool. The resulting signature must be hex encoded or base-64 encoded.
  3. Run validator-keys finish_token <encoded_signature>
  4. The result will be a token that can be copied to your rippled.cfg file just as if it was generated with create_token.

The steps to revoke a key are identical to the Usage steps, except using the start_revoke_keys and finish_revoke_keys commands.

For testing, if you don't have an HSM handy, you can accomplish the same thing in Usage step 2 using validator-keys --keyfile <path to a key file generated with create_keys> sign_hex <partial token output from Usage step 1>

@ximinez ximinez requested a review from thejohnfreeman April 9, 2024 21:00
@ximinez
Add support for external signing
502ac80 
* Also add a "sign_hex" command to sign non-printable data.
* Include unit tests for external signing support functions.
* Because this is a significant change, and this project is not updated
  often, increment the version number.
* Resolves ripple#48
@ximinez ximinez removed the request for review from thejohnfreeman July 16, 2025 20:12
@bthomee bthomee requested a review from legleux July 21, 2025 16:40
legleux
legleux approved these changes Jul 30, 2025
View reviewed changes
Copy link
Collaborator

@legleux legleux left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

This is pretty cool and seems very useful!

@bthomee bthomee requested a review from intelliot September 29, 2025 15:47
@ximinez
Merge remote-tracking branch 'upstream/master' into signing
fc174ac 
* upstream/master:
  Update rippled version and remove reference to Ripple's defunct Conan recipies. (58)
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@legleux legleux legleux approved these changes

@intelliot intelliot Awaiting requested review from intelliot

Assignees

No one assigned

Labels

enhancement

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

Support signing via a third party signer

2 participants

@ximinez @legleux