This repository contains two main components: a Verification Tool for signing and verifying messages, and a Vault Plugin for account management and message signing within HashiCorp Vault.
Make sure to have Node.js and Go installed on your machine before proceeding.
This tool allows you to sign a test message using either ECDSA or SR25519 cryptographic algorithms, and then verify the signed message.
npm installFirst, navigate to either the ecdsa or sr25519 directory, then run the following command to sign a test message:
go run sign.go "test message"Take note of the output, then run the following command to verify the signature:
node verify.js [output-from-previous-step]In case the above command fails, use:
node -r esm verify.js [output-from-previous-step]This plugin extends HashiCorp Vault to provide account management and message signing capabilities.
First, install Vault using the following commands:
curl -fsSL https://apt.releases.hashicorp.com/gpg | sudo apt-key add -
sudo apt-add-repository "deb [arch=amd64] https://apt.releases.hashicorp.com $(lsb_release -cs) main"
sudo apt-get update && sudo apt-get install vaultThen, navigate to the vault directory and run the setup script to build the plugin and start a local Vault server in development mode:
cd vault
sh setup.shSet the address for the local Vault server:
export VAULT_ADDR='http://127.0.0.1:8200'To create a new account (which generates an internal key pair and returns the public key):
vault write avn-vault/accounts/test_account name="test_account"To sign a message using the newly created account:
vault write avn-vault/accounts/test_account/sign message="test message"To retrieve the public key of an account:
vault read avn-vault/accounts/test_accountUtilize the Verification Tool to verify the signed message using the returned public key.