Skip to main content

ClusterSigner

zlayer_secrets

Struct ClusterSigner 

Source 
pub struct ClusterSigner { /* private fields */ }
Expand description

Ed25519 keypair used to sign cluster join tokens.

Cloning is intentionally not implemented: each ClusterSigner owns its signing material and should be passed by reference through the daemon (typically Arc<ClusterSigner>).

Implementations§

Source§

impl ClusterSigner

Source

pub fn generate() -> Self

Generate a fresh keypair from the OS CSPRNG.

The seed is drawn directly from the OS via rand::rngs::OsRng (workspace rand 0.9) and fed to SigningKey::from_bytes. We avoid SigningKey::generate here because ed25519-dalek 2.x requires rand_core 0.6’s CryptoRngCore trait, while the workspace pins rand 0.9 (whose OsRng implements rand_core 0.9’s TryRngCore). Filling 32 bytes via the workspace rand is equivalent: an Ed25519 signing key is just 32 random bytes.

§Panics

Panics if the OS CSPRNG fails. This matches the behavior of SigningKey::generate(&mut OsRng) and is appropriate because key generation cannot proceed without entropy.

Source

pub async fn load_or_generate(path: &Path) -> Result<Self, SecretsError>

Load the keypair from the on-disk keystore at path if present; otherwise generate a fresh one, persist it as a JSON keystore with mode 0600, and return it. Returns the ClusterSigner for the currently-active key.

If the file exists in the legacy raw-32-byte format (Wave 1), it is transparently migrated to the JSON keystore layout in place. The migration is idempotent.

The parent directory of path is created if it does not exist (mkdir -p semantics).

§Errors
  • SecretsError::Storage if the parent directory cannot be created, if the file cannot be read or written, or if the file exists but is neither valid keystore JSON nor a 32-byte legacy seed.
  • SecretsError::Storage if Unix file permissions cannot be set.
Source

pub fn verifying_key(&self) -> VerifyingKey

The public verifying key.

Source

pub fn public_key_b64(&self) -> String

URL-safe no-pad base64 of the 32-byte verifying key.

Source

pub fn key_id(&self) -> String

First 8 hex chars of SHA-256(verifying_key bytes). Short, greppable identifier for log lines and token headers.

Source

pub fn sign(&self, msg: &[u8]) -> [u8; 64]

Sign a message. Returns the raw 64-byte Ed25519 signature.

Trait Implementations§

Source§

impl Debug for ClusterSigner

Source§

fn fmt(&self, f: &mut Formatter<'_>) -> Result

Redacts the private key material. Only the short, public key_id is printed so signing keys never leak via accidental {:?} formatting.

Auto Trait Implementations§

Blanket Implementations§

Source§

impl<T> Any for T
where T: 'static + ?Sized,

Source§

fn type_id(&self) -> TypeId

Gets the TypeId of self. Read more
Source§

impl<'a, T, E> AsTaggedExplicit<'a, E> for T
where T: 'a,

Source§

fn explicit(self, class: Class, tag: u32) -> TaggedParser<'a, Explicit, Self, E>

Source§

impl<'a, T, E> AsTaggedImplicit<'a, E> for T
where T: 'a,

Source§

fn implicit( self, class: Class, constructed: bool, tag: u32, ) -> TaggedParser<'a, Implicit, Self, E>

Source§

impl<T> Borrow<T> for T
where T: ?Sized,

Source§

fn borrow(&self) -> &T

Immutably borrows from an owned value. Read more
Source§

impl<T> BorrowMut<T> for T
where T: ?Sized,

Source§

fn borrow_mut(&mut self) -> &mut T

Mutably borrows from an owned value. Read more
Source§

impl<T> From<T> for T

Source§

fn from(t: T) -> T

Returns the argument unchanged.

Source§

impl<T> Instrument for T

Source§

fn instrument(self, span: Span) -> Instrumented<Self>

Instruments this type with the provided Span, returning an Instrumented wrapper. Read more
Source§

fn in_current_span(self) -> Instrumented<Self>

Instruments this type with the current Span, returning an Instrumented wrapper. Read more
Source§

impl<T, U> Into<U> for T
where U: From<T>,

Source§

fn into(self) -> U

Calls U::from(self).

That is, this conversion is whatever the implementation of From<T> for U chooses to do.

Source§

impl<T> IntoEither for T

Source§

fn into_either(self, into_left: bool) -> Either<Self, Self>

Converts self into a Left variant of Either<Self, Self> if into_left is true. Converts self into a Right variant of Either<Self, Self> otherwise. Read more
Source§

fn into_either_with<F>(self, into_left: F) -> Either<Self, Self>
where F: FnOnce(&Self) -> bool,

Converts self into a Left variant of Either<Self, Self> if into_left(&self) returns true. Converts self into a Right variant of Either<Self, Self> otherwise. Read more
Source§

impl<T> PolicyExt for T
where T: ?Sized,

Source§

fn and<P, B, E>(self, other: P) -> And<T, P>
where T: Sized + Policy<B, E>, P: Policy<B, E>,

Create a new Policy that returns Action::Follow only if self and other return Action::Follow. Read more
Source§

fn or<P, B, E>(self, other: P) -> Or<T, P>
where T: Sized + Policy<B, E>, P: Policy<B, E>,

Create a new Policy that returns Action::Follow if either self or other returns Action::Follow. Read more
Source§

impl<T> Same for T

Source§

type Output = T

Should always be Self
Source§

impl<T, U> TryFrom<U> for T
where U: Into<T>,

Source§

type Error = Infallible

The type returned in the event of a conversion error.
Source§

fn try_from(value: U) -> Result<T, <T as TryFrom<U>>::Error>

Performs the conversion.
Source§

impl<T, U> TryInto<U> for T
where U: TryFrom<T>,

Source§

type Error = <U as TryFrom<T>>::Error

The type returned in the event of a conversion error.
Source§

fn try_into(self) -> Result<U, <U as TryFrom<T>>::Error>

Performs the conversion.
Source§

impl<V, T> VZip<V> for T
where V: MultiLane<T>,

Source§

fn vzip(self) -> V

Source§

impl<T> WithSubscriber for T

Source§

fn with_subscriber<S>(self, subscriber: S) -> WithDispatch<Self>
where S: Into<Dispatch>,

Attaches the provided Subscriber to this type, returning a WithDispatch wrapper. Read more
Source§

fn with_current_subscriber(self) -> WithDispatch<Self>

Attaches the current default Subscriber to this type, returning a WithDispatch wrapper. Read more