corda / net.corda.core.node.services / KeyManagementService

KeyManagementService

interface KeyManagementService

The KMS is responsible for storing and using private keys to sign things. An implementation of this may, for example, call out to a hardware security module that enforces various auditing and frequency-of-use requirements.

The current interface is obviously not usable for those use cases: this is just where we'd put a real signing interface if/when one is developed.

Properties

keys abstract val keys: Map<PublicKey, PrivateKey>

Returns a snapshot of the current pubkey->privkey mapping.

Functions

freshKey abstract fun freshKey(): KeyPair

Generates a new random key and adds it to the exposed map.

toKeyPair open fun toKeyPair(publicKey: PublicKey): KeyPairopen fun toKeyPair(publicKeys: Iterable<PublicKey>): KeyPair

Returns the first KeyPair matching any of the publicKeys

toPrivate open fun toPrivate(publicKey: PublicKey): PrivateKey

Inheritors

E2ETestKeyManagementService class E2ETestKeyManagementService : SingletonSerializeAsToken, KeyManagementService

A simple in-memory KMS that doesn't bother saving keys to disk. A real implementation would:

PersistentKeyManagementService class PersistentKeyManagementService : SingletonSerializeAsToken, KeyManagementService

A persistent re-implementation of E2ETestKeyManagementService to support node re-start.