mirror of
https://github.com/onsonr/sonr.git
synced 2025-03-10 21:09:11 +00:00
Prad Nukala
ac8c153b28
* refactor: remove redundant branch trigger for scheduled releases * refactor: simplify process-compose commands and improve logging * refactor: remove redundant command * refactor: remove unused error variables and simplify database configuration * feat: introduce task runner for project automation * refactor: Remove hardcoded action and method from form components * refactor: move server setup to main.go and add prometheus metrics * refactor: move index handlers to render handlers * refactor: improve user identification logic in gateway and vault handlers * refactor: rename TitleDescription to TitleDesc for consistency * feat: integrate go-useragent library for enhanced user agent parsing * feat: enhance initial view rendering based on device type * feat: Add support for PostgreSQL database * fix: Use formatPsqlDSN() to properly set PostgreSQL DSN from command flags * feat: Add PostgreSQL support with fallback to SQLite in NewGormDB * feat: Add PostgreSQL connection validation with SQLite fallback * chore: update golang.org/x/crypto dependency to v0.31.0 * feat: add PKL-based configuration initialization * refactor: improve file naming consistency in cmd/sonrd * refactor: Improve init-pkl command with safer config file generation and error handling * fix: add logging for pkl evaluation results * refactor: Move credential handling to gateway context * refactor: Migrate session models to gateway package * refactor: rename models and update User model * chore: initial commit for address and pubkey functionality * refactor: move pubkey package to keys package * refactor: Rename models and add resolver service * feat: add gRPC clients for bank, DID, DWN, and SVC modules * refactor: Migrate title and description components from text package to hero package * refactor: improve file naming conventions * feat: add user credential validation * refactor: rename registration handlers and routes for clarity * <no value> * refactor: Decouple database and IPFS interactions from server setup * refactor: Migrate configuration from class-based to TOML-based structure * refactor: move network configuration files to sonr.net module * feature/1120-leverage-service-authorization * fix: correct DID identifier creation function name * feat: add compressed and uncompressed public keys to keyset * refactor: move address packages to crypto/address * feat: implement pubkey verification * refactor: remove ECDSA-related functions from keyshare and protocol modules * feat: Implement ECDSA signature serialization * <no value> * feat: add vault service for IPFS token storage * refactor: update ucan codec to use new DID generation method * refactor: refactor key management and move address parsers to keys package * refactor: rename key parsers and move to parsers package * fix: resolved import issues with the new spec * feat: improve user onboarding experience by updating button text and functionality * refactor: update point marshaling and unmarshaling methods to use JSON * refactor: remove unnecessary DID method from PubKey * refactor: Rename and refactor MPC key generation functions * test: Add comprehensive test suite for keyshare generation and validation * test: Fix keyshare role validation and encoding tests * feat: Update key share role tests with enclave initialization validation * test(mpc): refactor tests to focus on public API and remove internal role checks * refactor: Remove unnecessary role check in initKeyEnclave function * fix: Enforce strict order for validator and user keyshares in enclave initialization * fix: Update codec_test to match latest codec implementation * refactor: Update KeyEnclave to use string-based key shares and improve error handling * fix: Refactor MPC enclave to use string-based encoding and simplify key management * refactor: Remove redundant keyshare decoding tests in codec_test.go * fix: Resolve type conversion issues in MPC crypto enclave initialization * fix: Convert CID to byte slice in addEnclaveIPFS function * fix: Resolve type conversion and constant definition errors in MPC crypto utils * refactor: Simplify KeyShare encoding and role handling in MPC codec * fix: Resolve JSON unmarshaling type mismatch in KeyShare.Message() * fix: Refactor KeyEnclave to use struct and Enclave interface * fix: Resolve type and naming conflicts in MPC crypto package * refactor: Update codec_test.go to use new KeyEnclave struct fields * refactor: remove keyshare encoding and decoding logic * refactor: Remove unused JSON marshaling functions for curve points * fix: Improve signature serialization and deserialization in MPC crypto This commit addresses several issues with signature handling: - Fixed signature length to 65 bytes - Added proper padding for R and S values - Added nil and zero value checks - Improved error messages for signature parsing The changes ensure more robust signature encoding and decoding, preventing potential nil pointer and invalid signature issues. * fix: Update signature serialization to match protocol test approach * refactor: Simplify KeyEnclave struct and improve message handling * fix: Improve signature serialization and verification in MPC crypto module * refactor: Simplify enclave validation using IsValid method in test * refactor: Add marshaling and comprehensive tests for KeyEnclave * feat: Add JSON marshaling support for Point in KeyEnclave * refactor: Rename KeyEnclave to Enclave and update related functions * refactor: Update PubKey verification to use SHA3-256 hashing * test: Add comprehensive tests for DID and PubKey implementations * refactor: simplify DID key retrieval * test: refactor CI workflow and remove unused DIDAuth middleware * The changes look good! The updated workflows will now: 1. Run tests on push to master 2. Bump the version if the commit doesn't already start with 'bump:' 3. Trigger a release workflow automatically with the new version tag 4. Create and publish the release A few things to note: - Make sure you have the `peter-evans/repository-dispatch` action installed/available - The `commitizen-tools/commitizen-action` should output the new tag for this to work - Ensure your release workflow can handle the repository dispatch event Would you like me to review or suggest any additional modifications to the workflows? * ci(github actions): add build stage dependency for tests * fix(workflow): update workflow to trigger on PR edits * test: Update unit test dependencies * ci: Add GoReleaser dry-run check for merge group events * test: remove unnecessary dependencies between test jobs * ci: Make race and coverage tests depend on build tests
158 lines
4.0 KiB
Go
158 lines
4.0 KiB
Go
package keys
|
|
|
|
import (
|
|
"crypto/ed25519"
|
|
"crypto/rsa"
|
|
"crypto/x509"
|
|
"fmt"
|
|
"strings"
|
|
|
|
"github.com/libp2p/go-libp2p/core/crypto"
|
|
mb "github.com/multiformats/go-multibase"
|
|
varint "github.com/multiformats/go-varint"
|
|
)
|
|
|
|
const (
|
|
// KeyPrefix indicates a decentralized identifier that uses the key method
|
|
KeyPrefix = "did:key"
|
|
// MulticodecKindRSAPubKey rsa-x509-pub https://github.com/multiformats/multicodec/pull/226
|
|
MulticodecKindRSAPubKey = 0x1205
|
|
// MulticodecKindEd25519PubKey ed25519-pub
|
|
MulticodecKindEd25519PubKey = 0xed
|
|
// MulticodecKindSecp256k1PubKey secp256k1-pub
|
|
MulticodecKindSecp256k1PubKey = 0x1206
|
|
)
|
|
|
|
// DID is a DID:key identifier
|
|
type DID struct {
|
|
crypto.PubKey
|
|
}
|
|
|
|
// NewDID constructs an Identifier from a public key
|
|
func NewDID(pub crypto.PubKey) (DID, error) {
|
|
switch pub.Type() {
|
|
case crypto.Ed25519, crypto.RSA, crypto.Secp256k1:
|
|
return DID{PubKey: pub}, nil
|
|
default:
|
|
return DID{}, fmt.Errorf("unsupported key type: %s", pub.Type())
|
|
}
|
|
}
|
|
|
|
// MulticodecType indicates the type for this multicodec
|
|
func (id DID) MulticodecType() uint64 {
|
|
switch id.Type() {
|
|
case crypto.RSA:
|
|
return MulticodecKindRSAPubKey
|
|
case crypto.Ed25519:
|
|
return MulticodecKindEd25519PubKey
|
|
case crypto.Secp256k1:
|
|
return MulticodecKindSecp256k1PubKey
|
|
default:
|
|
panic("unexpected crypto type")
|
|
}
|
|
}
|
|
|
|
// String returns this did:key formatted as a string
|
|
func (id DID) String() string {
|
|
raw, err := id.Raw()
|
|
if err != nil {
|
|
return ""
|
|
}
|
|
|
|
t := id.MulticodecType()
|
|
size := varint.UvarintSize(t)
|
|
data := make([]byte, size+len(raw))
|
|
n := varint.PutUvarint(data, t)
|
|
copy(data[n:], raw)
|
|
|
|
b58BKeyStr, err := mb.Encode(mb.Base58BTC, data)
|
|
if err != nil {
|
|
return ""
|
|
}
|
|
|
|
return fmt.Sprintf("%s:%s", KeyPrefix, b58BKeyStr)
|
|
}
|
|
|
|
// VerifyKey returns the backing implementation for a public key, one of:
|
|
// *rsa.PublicKey, ed25519.PublicKey
|
|
func (id DID) VerifyKey() (interface{}, error) {
|
|
rawPubBytes, err := id.Raw()
|
|
if err != nil {
|
|
return nil, err
|
|
}
|
|
switch id.Type() {
|
|
case crypto.RSA:
|
|
verifyKeyiface, err := x509.ParsePKIXPublicKey(rawPubBytes)
|
|
if err != nil {
|
|
return nil, err
|
|
}
|
|
verifyKey, ok := verifyKeyiface.(*rsa.PublicKey)
|
|
if !ok {
|
|
return nil, fmt.Errorf("public key is not an RSA key. got type: %T", verifyKeyiface)
|
|
}
|
|
return verifyKey, nil
|
|
case crypto.Ed25519:
|
|
return ed25519.PublicKey(rawPubBytes), nil
|
|
case crypto.Secp256k1:
|
|
// Handle both compressed and uncompressed Secp256k1 public keys
|
|
if len(rawPubBytes) == 65 || len(rawPubBytes) == 33 {
|
|
return rawPubBytes, nil
|
|
}
|
|
return nil, fmt.Errorf("invalid Secp256k1 public key length: %d", len(rawPubBytes))
|
|
default:
|
|
return nil, fmt.Errorf("unrecognized Public Key type: %s", id.Type())
|
|
}
|
|
}
|
|
|
|
// Parse turns a string into a key method ID
|
|
func Parse(keystr string) (DID, error) {
|
|
var id DID
|
|
if !strings.HasPrefix(keystr, KeyPrefix) {
|
|
return id, fmt.Errorf("decentralized identifier is not a 'key' type")
|
|
}
|
|
|
|
keystr = strings.TrimPrefix(keystr, KeyPrefix+":")
|
|
|
|
enc, data, err := mb.Decode(keystr)
|
|
if err != nil {
|
|
return id, fmt.Errorf("decoding multibase: %w", err)
|
|
}
|
|
|
|
if enc != mb.Base58BTC {
|
|
return id, fmt.Errorf("unexpected multibase encoding: %s", mb.EncodingToStr[enc])
|
|
}
|
|
|
|
keyType, n, err := varint.FromUvarint(data)
|
|
if err != nil {
|
|
return id, err
|
|
}
|
|
|
|
switch keyType {
|
|
case MulticodecKindRSAPubKey:
|
|
pub, err := crypto.UnmarshalRsaPublicKey(data[n:])
|
|
if err != nil {
|
|
return id, err
|
|
}
|
|
return DID{pub}, nil
|
|
case MulticodecKindEd25519PubKey:
|
|
pub, err := crypto.UnmarshalEd25519PublicKey(data[n:])
|
|
if err != nil {
|
|
return id, err
|
|
}
|
|
return DID{pub}, nil
|
|
case MulticodecKindSecp256k1PubKey:
|
|
// Handle both compressed and uncompressed formats
|
|
keyData := data[n:]
|
|
if len(keyData) != 33 && len(keyData) != 65 {
|
|
return id, fmt.Errorf("invalid Secp256k1 public key length: %d", len(keyData))
|
|
}
|
|
pub, err := crypto.UnmarshalSecp256k1PublicKey(keyData)
|
|
if err != nil {
|
|
return id, fmt.Errorf("failed to unmarshal Secp256k1 key: %w", err)
|
|
}
|
|
return DID{pub}, nil
|
|
}
|
|
|
|
return id, fmt.Errorf("unrecognized key type multicodec prefix: %x", data[0])
|
|
}
|