mirror of
https://github.com/onsonr/sonr.git
synced 2025-03-10 21:09:11 +00:00
Prad Nukala
89989fa102
- **refactor: move session-related code to middleware package** - **refactor: update PKL build process and adjust related configurations** - **feat: integrate base.cosmos.v1 Genesis module** - **refactor: pass session context to modal rendering functions** - **refactor: move nebula package to app directory and update templ version** - **refactor: Move home section video view to dedicated directory** - **refactor: remove unused views file** - **refactor: move styles and UI components to global scope** - **refactor: Rename images.go to cdn.go** - **feat: Add Empty State Illustrations** - **refactor: Consolidate Vault Index Logic** - **fix: References to App.wasm and remove Vault Directory embedded CDN files** - **refactor: Move CDN types to Models** - **fix: Correct line numbers in templ error messages for arch_templ.go** - **refactor: use common types for peer roles** - **refactor: move common types and ORM to a shared package** - **fix: Config import dwn** - **refactor: move nebula directory to app** - **feat: Rebuild nebula** - **fix: correct file paths in panels templates** - **feat: Remove duplicate types** - **refactor: Move dwn to pkg/core** - **refactor: Binary Structure** - **feat: Introduce Crypto Pkg** - **fix: Broken Process Start** - **feat: Update pkg/* structure** - **feat: Refactor PKL Structure** - **build: update pkl build process** - **chore: Remove Empty Files** - **refactor: remove unused macaroon package** - **feat: Add WebAwesome Components** - **refactor: consolidate build and generation tasks into a single taskfile, remove redundant makefile targets** - **refactor: refactor server and move components to pkg/core/dwn** - **build: update go modules** - **refactor: move gateway logic into dedicated hway command** - **feat: Add KSS (Krawczyk-Song-Song) MPC cryptography module** - **feat: Implement MPC-based JWT signing and UCAN token generation** - **feat: add support for MPC-based JWT signing** - **feat: Implement MPC-based UCAN capabilities for smart accounts** - **feat: add address field to keyshareSource** - **feat: Add comprehensive MPC test suite for keyshares, UCAN tokens, and token attenuations** - **refactor: improve MPC keyshare management and signing process** - **feat: enhance MPC capability hierarchy documentation** - **refactor: rename GenerateKeyshares function to NewKeyshareSource for clarity** - **refactor: remove unused Ethereum address computation** - **feat: Add HasHandle and IsAuthenticated methods to HTTPContext** - **refactor: Add context.Context support to session HTTPContext** - **refactor: Resolve context interface conflicts in HTTPContext** - **feat: Add session ID context key and helper functions** - **feat: Update WebApp Page Rendering** - **refactor: Simplify context management by using single HTTPContext key** - **refactor: Simplify HTTPContext creation and context management in session middleware** - **refactor: refactor session middleware to use a single data structure** - **refactor: Simplify HTTPContext implementation and session data handling** - **refactor: Improve session context handling and prevent nil pointer errors** - **refactor: Improve session context handling with nil safety and type support** - **refactor: improve session data injection** - **feat: add full-screen modal component and update registration flow** - **chore: add .air.toml to .gitignore** - **feat: add Air to devbox and update dependencies**
94 lines
2.4 KiB
Go
Executable File
94 lines
2.4 KiB
Go
Executable File
//
|
|
// Copyright Coinbase, Inc. All Rights Reserved.
|
|
//
|
|
// SPDX-License-Identifier: Apache-2.0
|
|
//
|
|
|
|
package internal
|
|
|
|
import (
|
|
"bytes"
|
|
"crypto/sha256"
|
|
"fmt"
|
|
|
|
"golang.org/x/crypto/hkdf"
|
|
)
|
|
|
|
// Hash computes the HKDF over many values
|
|
// iteratively such that each value is hashed separately
|
|
// and based on preceding values
|
|
//
|
|
// The first value is computed as okm_0 = KDF(f || value) where
|
|
// f is a byte slice of 32 0xFF
|
|
// salt is zero-filled byte slice with length equal to the hash output length
|
|
// info is the protocol name
|
|
// okm is the 32 byte output
|
|
//
|
|
// The each subsequent iteration is computed by as okm_i = KDF(f_i || value || okm_{i-1})
|
|
// where f_i = 2^b - 1 - i such that there are 0xFF bytes prior to the value.
|
|
// f_1 changes the first byte to 0xFE, f_2 to 0xFD. The previous okm is appended to the value
|
|
// to provide cryptographic domain separation.
|
|
// See https://signal.org/docs/specifications/x3dh/#cryptographic-notation
|
|
// and https://signal.org/docs/specifications/xeddsa/#hash-functions
|
|
// for more details.
|
|
// This uses the KDF function similar to X3DH for each `value`
|
|
// But changes the key just like XEdDSA where the prefix bytes change by a single bit
|
|
func Hash(info []byte, values ...[]byte) ([]byte, error) {
|
|
// Don't accept any nil arguments
|
|
if anyNil(values...) {
|
|
return nil, ErrNilArguments
|
|
}
|
|
|
|
salt := make([]byte, 32)
|
|
okm := make([]byte, 32)
|
|
f := bytes.Repeat([]byte{0xFF}, 32)
|
|
|
|
for _, b := range values {
|
|
ikm := append(f, b...)
|
|
ikm = append(ikm, okm...)
|
|
kdf := hkdf.New(sha256.New, ikm, salt, info)
|
|
n, err := kdf.Read(okm)
|
|
if err != nil {
|
|
return nil, err
|
|
}
|
|
if n != len(okm) {
|
|
return nil, fmt.Errorf("unable to read expected number of bytes want=%v got=%v", len(okm), n)
|
|
}
|
|
ByteSub(f)
|
|
}
|
|
return okm, nil
|
|
}
|
|
|
|
func anyNil(values ...[]byte) bool {
|
|
for _, x := range values {
|
|
if x == nil {
|
|
return true
|
|
}
|
|
}
|
|
return false
|
|
}
|
|
|
|
// ByteSub is a constant time algorithm for subtracting
|
|
// 1 from the array as if it were a big number.
|
|
// 0 is considered a wrap which resets to 0xFF
|
|
func ByteSub(b []byte) {
|
|
m := byte(1)
|
|
for i := 0; i < len(b); i++ {
|
|
b[i] -= m
|
|
|
|
// If b[i] > 0, s == 0
|
|
// If b[i] == 0, s == 1
|
|
// Computing IsNonZero(b[i])
|
|
s1 := int8(b[i]) >> 7
|
|
s2 := -int8(b[i]) >> 7
|
|
s := byte((s1 | s2) + 1)
|
|
|
|
// If s == 0, don't subtract anymore
|
|
// s == 1, continue subtracting
|
|
m = s & m
|
|
// If s == 0 this does nothing
|
|
// If s == 1 reset this value to 0xFF
|
|
b[i] |= -s
|
|
}
|
|
}
|