mirror of
https://github.com/onsonr/sonr.git
synced 2025-03-10 13:07:09 +00:00
Prad Nukala
7c4586ce90
* feat: enable DID auth middleware * feat: implement passkey creation flow * feat: persist user address in cookie and retrieve user profile using address cookie * feat: implement human verification challenge during session initialization * refactor: remove unnecessary random number generation in profile creation * refactor: rename credential validation handler and update related routes * feat: improve profile validation and user experience * feat: add page rendering for profile and passkey creation * refactor: remove unused register handler and update routes * refactor: remove unused imports and simplify credential validation * fix: Correct insecure gRPC client connection * refactor: rename models files for better organization * refactor: refactor grpc client creation and management * refactor: refactor common clients package * <no value> * feat: add CapAccount, CapInterchain, CapVault enums * feat: add ChainId to ResAccount and ResInterchain * feat: add asset code to resource account enumeration * refactor: rename services package to providers * feat: implement gateway database interactions * refactor: move gateway repository to internal/gateway * refactor: Migrate database provider to use sqlx * refactor: Rename Vaults to VaultProvider in HTTPContext struct * refactor: Migrate from GORM to sqlc Queries in database context methods * refactor: Replace GORM with standard SQL and simplify database initialization * refactor: Migrate session management from GORM to sqlc with type conversion * refactor: Update import paths and model references in context package * fix: Resolve session type conversion and middleware issues * refactor: Migrate database from GORM to sqlx * refactor: Move models to pkg/common, improve code structure * refactor: move repository package to internal directory * refactor: move gateway internal packages to context directory * refactor: migrate database provider to use sqlx queries * feat: add session ID to HTTP context and use it to load session data * feat: implement vault creation API endpoint * feat: add DIDKey generation from PubKey * refactor: remove unused DIDAuth components * refactor: move DID auth controller to vault context * chore: remove unused DIDAuth package * refactor: improve clarity of enclave refresh function * feat: implement nonce-based key encryption for improved security * feat: Add Export and Import methods with comprehensive tests for Enclave * fix: Validate AES key length in keyshare encryption and decryption * fix: Resolve key length validation by hashing input keys * refactor: Update keyshare import to use protocol decoding * feat: Refactor enclave encryption to support full enclave export/import * refactor: Simplify Enclave interface methods by removing role parameter * refactor: remove unnecessary serialization from enclave interface * refactor: rename models package in gateway context * refactor: rename keystore vault constants * refactor: remove context parameter from Resolver methods * feat: add CurrentBlock context function and update related components * refactor: rename resolver.go to resolvers.go * feat: Add SQLite random() generation for session and profile initialization * refactor: Update SQL queries to use SQLite-style parameter placeholders * refactor: Replace '?' placeholders with '$n' PostgreSQL parameter syntax * <no value> * refactor: refactor gateway to use middleware for database interactions and improve modularity * feat: implement gateway for Sonr highway * refactor: Remove unused gateway context and refactor cookie/header handling * refactor: improve server initialization and middleware handling * feat: implement human verification for profile creation * feat: implement session management middleware * refactor: refactor common models and config to internal package * refactor: move env config to internal/config * refactor: move database-related code to directory * refactor: move IPFS client to common package and improve code structure * refactor: move querier to common package and rename to chain_query * refactor: move webworker model to internal/models * feat: add initial view template for Sonr.ID * docs(concepts): Add documentation for cosmos-proto * docs: move IBC transfer documentation to tools section * refactor: rename initpkl.go to pkl_init.go for better naming consistency * docs(theme): update dark mode toggle icons * refactor: update sqlite3 driver to ncruces/go-sqlite3 * feat: add Vault model and database interactions * refactor: Improve SQLite schema with better constraints and indexes * chore: update project dependencies * fix: use grpc.WithInsecure() for gRPC connection * config: set localhost as default Sonr gRPC URL * refactor: improve gateway middleware and refactor server initialization * refactor: Remove foreign key pragma from schema SQL * refactor: Remove foreign key constraints from database schema * refactor: Convert primary key columns from INTEGER to TEXT * refactor: Remove unnecessary redirect in error handling
163 lines
4.1 KiB
Go
163 lines
4.1 KiB
Go
package keys
|
|
|
|
import (
|
|
"crypto/ed25519"
|
|
"crypto/rsa"
|
|
"crypto/x509"
|
|
"fmt"
|
|
"strings"
|
|
|
|
"github.com/libp2p/go-libp2p/core/crypto"
|
|
mb "github.com/multiformats/go-multibase"
|
|
varint "github.com/multiformats/go-varint"
|
|
)
|
|
|
|
const (
|
|
// KeyPrefix indicates a decentralized identifier that uses the key method
|
|
KeyPrefix = "did:key"
|
|
// MulticodecKindRSAPubKey rsa-x509-pub https://github.com/multiformats/multicodec/pull/226
|
|
MulticodecKindRSAPubKey = 0x1205
|
|
// MulticodecKindEd25519PubKey ed25519-pub
|
|
MulticodecKindEd25519PubKey = 0xed
|
|
// MulticodecKindSecp256k1PubKey secp256k1-pub
|
|
MulticodecKindSecp256k1PubKey = 0x1206
|
|
)
|
|
|
|
// DID is a DID:key identifier
|
|
type DID struct {
|
|
crypto.PubKey
|
|
}
|
|
|
|
// NewDID constructs an Identifier from a public key
|
|
func NewDID(pub crypto.PubKey) (DID, error) {
|
|
switch pub.Type() {
|
|
case crypto.Ed25519, crypto.RSA, crypto.Secp256k1:
|
|
return DID{PubKey: pub}, nil
|
|
default:
|
|
return DID{}, fmt.Errorf("unsupported key type: %s", pub.Type())
|
|
}
|
|
}
|
|
|
|
// NewFromPubKey constructs an Identifier from a public key
|
|
func NewFromPubKey(pub PubKey) DID {
|
|
return DID{PubKey: pub}
|
|
}
|
|
|
|
// MulticodecType indicates the type for this multicodec
|
|
func (id DID) MulticodecType() uint64 {
|
|
switch id.Type() {
|
|
case crypto.RSA:
|
|
return MulticodecKindRSAPubKey
|
|
case crypto.Ed25519:
|
|
return MulticodecKindEd25519PubKey
|
|
case crypto.Secp256k1:
|
|
return MulticodecKindSecp256k1PubKey
|
|
default:
|
|
panic("unexpected crypto type")
|
|
}
|
|
}
|
|
|
|
// String returns this did:key formatted as a string
|
|
func (id DID) String() string {
|
|
raw, err := id.Raw()
|
|
if err != nil {
|
|
return ""
|
|
}
|
|
|
|
t := id.MulticodecType()
|
|
size := varint.UvarintSize(t)
|
|
data := make([]byte, size+len(raw))
|
|
n := varint.PutUvarint(data, t)
|
|
copy(data[n:], raw)
|
|
|
|
b58BKeyStr, err := mb.Encode(mb.Base58BTC, data)
|
|
if err != nil {
|
|
return ""
|
|
}
|
|
|
|
return fmt.Sprintf("%s:%s", KeyPrefix, b58BKeyStr)
|
|
}
|
|
|
|
// VerifyKey returns the backing implementation for a public key, one of:
|
|
// *rsa.PublicKey, ed25519.PublicKey
|
|
func (id DID) VerifyKey() (interface{}, error) {
|
|
rawPubBytes, err := id.Raw()
|
|
if err != nil {
|
|
return nil, err
|
|
}
|
|
switch id.Type() {
|
|
case crypto.RSA:
|
|
verifyKeyiface, err := x509.ParsePKIXPublicKey(rawPubBytes)
|
|
if err != nil {
|
|
return nil, err
|
|
}
|
|
verifyKey, ok := verifyKeyiface.(*rsa.PublicKey)
|
|
if !ok {
|
|
return nil, fmt.Errorf("public key is not an RSA key. got type: %T", verifyKeyiface)
|
|
}
|
|
return verifyKey, nil
|
|
case crypto.Ed25519:
|
|
return ed25519.PublicKey(rawPubBytes), nil
|
|
case crypto.Secp256k1:
|
|
// Handle both compressed and uncompressed Secp256k1 public keys
|
|
if len(rawPubBytes) == 65 || len(rawPubBytes) == 33 {
|
|
return rawPubBytes, nil
|
|
}
|
|
return nil, fmt.Errorf("invalid Secp256k1 public key length: %d", len(rawPubBytes))
|
|
default:
|
|
return nil, fmt.Errorf("unrecognized Public Key type: %s", id.Type())
|
|
}
|
|
}
|
|
|
|
// Parse turns a string into a key method ID
|
|
func Parse(keystr string) (DID, error) {
|
|
var id DID
|
|
if !strings.HasPrefix(keystr, KeyPrefix) {
|
|
return id, fmt.Errorf("decentralized identifier is not a 'key' type")
|
|
}
|
|
|
|
keystr = strings.TrimPrefix(keystr, KeyPrefix+":")
|
|
|
|
enc, data, err := mb.Decode(keystr)
|
|
if err != nil {
|
|
return id, fmt.Errorf("decoding multibase: %w", err)
|
|
}
|
|
|
|
if enc != mb.Base58BTC {
|
|
return id, fmt.Errorf("unexpected multibase encoding: %s", mb.EncodingToStr[enc])
|
|
}
|
|
|
|
keyType, n, err := varint.FromUvarint(data)
|
|
if err != nil {
|
|
return id, err
|
|
}
|
|
|
|
switch keyType {
|
|
case MulticodecKindRSAPubKey:
|
|
pub, err := crypto.UnmarshalRsaPublicKey(data[n:])
|
|
if err != nil {
|
|
return id, err
|
|
}
|
|
return DID{pub}, nil
|
|
case MulticodecKindEd25519PubKey:
|
|
pub, err := crypto.UnmarshalEd25519PublicKey(data[n:])
|
|
if err != nil {
|
|
return id, err
|
|
}
|
|
return DID{pub}, nil
|
|
case MulticodecKindSecp256k1PubKey:
|
|
// Handle both compressed and uncompressed formats
|
|
keyData := data[n:]
|
|
if len(keyData) != 33 && len(keyData) != 65 {
|
|
return id, fmt.Errorf("invalid Secp256k1 public key length: %d", len(keyData))
|
|
}
|
|
pub, err := crypto.UnmarshalSecp256k1PublicKey(keyData)
|
|
if err != nil {
|
|
return id, fmt.Errorf("failed to unmarshal Secp256k1 key: %w", err)
|
|
}
|
|
return DID{pub}, nil
|
|
}
|
|
|
|
return id, fmt.Errorf("unrecognized key type multicodec prefix: %x", data[0])
|
|
}
|