mirror of
https://github.com/onsonr/sonr.git
synced 2025-03-10 21:09:11 +00:00
Prad Nukala
31bcc21c35
- **refactor: remove unused auth components** - **refactor: improve devbox configuration and deployment process** - **refactor: improve devnet and testnet setup** - **fix: update templ version to v0.2.778** - **refactor: rename pkl/net.matrix to pkl/matrix.net** - **refactor: migrate webapp components to nebula** - **refactor: protobuf types** - **chore: update dependencies for improved security and stability** - **feat: implement landing page and vault gateway servers** - **refactor: Migrate data models to new module structure and update related files** - **feature/1121-implement-ucan-validation** - **refactor: Replace hardcoded constants with model types in attns.go** - **feature/1121-implement-ucan-validation** - **chore: add origin Host struct and update main function to handle multiple hosts** - **build: remove unused static files from dwn module** - **build: remove unused static files from dwn module** - **refactor: Move DWN models to common package** - **refactor: move models to pkg/common** - **refactor: move vault web app assets to embed module** - **refactor: update session middleware import path** - **chore: configure port labels and auto-forwarding behavior** - **feat: enhance devcontainer configuration** - **feat: Add UCAN middleware for Echo with flexible token validation** - **feat: add JWT middleware for UCAN authentication** - **refactor: update package URI and versioning in PklProject files** - **fix: correct sonr.pkl import path** - **refactor: move JWT related code to auth package** - **feat: introduce vault configuration retrieval and management** - **refactor: Move vault components to gateway module and update file paths** - **refactor: remove Dexie and SQLite database implementations** - **feat: enhance frontend with PWA features and WASM integration** - **feat: add Devbox features and streamline Dockerfile** - **chore: update dependencies to include TigerBeetle** - **chore(deps): update go version to 1.23** - **feat: enhance devnet setup with PATH environment variable and updated PWA manifest** - **fix: upgrade tigerbeetle-go dependency and remove indirect dependency** - **feat: add PostgreSQL support to devnet and testnet deployments** - **refactor: rename keyshare cookie to token cookie** - **feat: upgrade Go version to 1.23.3 and update dependencies** - **refactor: update devnet and testnet configurations** - **feat: add IPFS configuration for devnet** - **I'll help you update the ipfs.config.pkl to include all the peers from the shell script. Here's the updated configuration:** - **refactor: move mpc package to crypto directory** - **feat: add BIP32 support for various cryptocurrencies** - **feat: enhance ATN.pkl with additional capabilities** - **refactor: simplify smart account and vault attenuation creation** - **feat: add new capabilities to the Attenuation type** - **refactor: Rename MPC files for clarity and consistency** - **feat: add DIDKey support for cryptographic operations** - **feat: add devnet and testnet deployment configurations** - **fix: correct key derivation in bip32 package** - **refactor: rename crypto/bip32 package to crypto/accaddr** - **fix: remove duplicate indirect dependency** - **refactor: move vault package to root directory** - **refactor: update routes for gateway and vault** - **refactor: remove obsolete web configuration file** - **refactor: remove unused TigerBeetle imports and update host configuration** - **refactor: adjust styles directory path** - **feat: add broadcastTx and simulateTx functions to gateway** - **feat: add PinVault handler**
94 lines
2.4 KiB
Go
Executable File
94 lines
2.4 KiB
Go
Executable File
//
|
|
// Copyright Coinbase, Inc. All Rights Reserved.
|
|
//
|
|
// SPDX-License-Identifier: Apache-2.0
|
|
//
|
|
|
|
package internal
|
|
|
|
import (
|
|
"bytes"
|
|
"crypto/sha256"
|
|
"fmt"
|
|
|
|
"golang.org/x/crypto/hkdf"
|
|
)
|
|
|
|
// Hash computes the HKDF over many values
|
|
// iteratively such that each value is hashed separately
|
|
// and based on preceding values
|
|
//
|
|
// The first value is computed as okm_0 = KDF(f || value) where
|
|
// f is a byte slice of 32 0xFF
|
|
// salt is zero-filled byte slice with length equal to the hash output length
|
|
// info is the protocol name
|
|
// okm is the 32 byte output
|
|
//
|
|
// The each subsequent iteration is computed by as okm_i = KDF(f_i || value || okm_{i-1})
|
|
// where f_i = 2^b - 1 - i such that there are 0xFF bytes prior to the value.
|
|
// f_1 changes the first byte to 0xFE, f_2 to 0xFD. The previous okm is appended to the value
|
|
// to provide cryptographic domain separation.
|
|
// See https://signal.org/docs/specifications/x3dh/#cryptographic-notation
|
|
// and https://signal.org/docs/specifications/xeddsa/#hash-functions
|
|
// for more details.
|
|
// This uses the KDF function similar to X3DH for each `value`
|
|
// But changes the key just like XEdDSA where the prefix bytes change by a single bit
|
|
func Hash(info []byte, values ...[]byte) ([]byte, error) {
|
|
// Don't accept any nil arguments
|
|
if anyNil(values...) {
|
|
return nil, ErrNilArguments
|
|
}
|
|
|
|
salt := make([]byte, 32)
|
|
okm := make([]byte, 32)
|
|
f := bytes.Repeat([]byte{0xFF}, 32)
|
|
|
|
for _, b := range values {
|
|
ikm := append(f, b...)
|
|
ikm = append(ikm, okm...)
|
|
kdf := hkdf.New(sha256.New, ikm, salt, info)
|
|
n, err := kdf.Read(okm)
|
|
if err != nil {
|
|
return nil, err
|
|
}
|
|
if n != len(okm) {
|
|
return nil, fmt.Errorf("unable to read expected number of bytes want=%v got=%v", len(okm), n)
|
|
}
|
|
ByteSub(f)
|
|
}
|
|
return okm, nil
|
|
}
|
|
|
|
func anyNil(values ...[]byte) bool {
|
|
for _, x := range values {
|
|
if x == nil {
|
|
return true
|
|
}
|
|
}
|
|
return false
|
|
}
|
|
|
|
// ByteSub is a constant time algorithm for subtracting
|
|
// 1 from the array as if it were a big number.
|
|
// 0 is considered a wrap which resets to 0xFF
|
|
func ByteSub(b []byte) {
|
|
m := byte(1)
|
|
for i := 0; i < len(b); i++ {
|
|
b[i] -= m
|
|
|
|
// If b[i] > 0, s == 0
|
|
// If b[i] == 0, s == 1
|
|
// Computing IsNonZero(b[i])
|
|
s1 := int8(b[i]) >> 7
|
|
s2 := -int8(b[i]) >> 7
|
|
s := byte((s1 | s2) + 1)
|
|
|
|
// If s == 0, don't subtract anymore
|
|
// s == 1, continue subtracting
|
|
m = s & m
|
|
// If s == 0 this does nothing
|
|
// If s == 1 reset this value to 0xFF
|
|
b[i] |= -s
|
|
}
|
|
}
|