Documentation
¶
Overview ¶
Package kms provides shared utilities for KMS-based Ethereum signers.
KMS services (GCP, AWS, etc.) return signatures in DER/ASN.1 format, while Ethereum expects a 65-byte R || S || V format. This package handles the conversion between these formats.
Index ¶
- func DERToEthereumSignature(hash, derSig []byte, expectedPub *ecdsa.PublicKey) ([]byte, error)
- func NormalizeS(s *big.Int) *big.Int
- func ParseDERSignature(derSig []byte) (r, s *big.Int, err error)
- func RecoverV(hash []byte, r, s *big.Int, expectedPub *ecdsa.PublicKey) (uint8, error)
- func ValidateSecp256k1PublicKey(pub *ecdsa.PublicKey) error
Constants ¶
This section is empty.
Variables ¶
This section is empty.
Functions ¶
func DERToEthereumSignature ¶
DERToEthereumSignature converts a DER-encoded signature from a KMS service into a 65-byte Ethereum signature (R[32] || S[32] || V[1]).
It parses the DER encoding, normalizes S, recovers V, and adjusts V to 27/28.
func NormalizeS ¶
NormalizeS ensures S is in the lower half of the curve order (canonical form). Ethereum requires S <= N/2 to prevent signature malleability.
func ParseDERSignature ¶
ParseDERSignature extracts R and S values from a DER-encoded ASN.1 signature.
The expected DER format is:
0x30 <total-len> 0x02 <r-len> <r-bytes> 0x02 <s-len> <s-bytes>
func RecoverV ¶
RecoverV determines the recovery ID (V value) for an Ethereum signature by trying both possible values (0 and 1) and checking which one recovers to the expected public key.
func ValidateSecp256k1PublicKey ¶
ValidateSecp256k1PublicKey checks that the given public key is on the secp256k1 curve.
Types ¶
This section is empty.
Source Files
Directories