Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

wip: v3 #127

Closed
wants to merge 6 commits into from
Closed
Show file tree
Hide file tree
Changes from all commits
Commits
File filter

Filter by extension

Filter by extension


Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
519 changes: 351 additions & 168 deletions Cargo.lock

Large diffs are not rendered by default.

2 changes: 2 additions & 0 deletions Cargo.toml
Original file line number Diff line number Diff line change
Expand Up @@ -9,3 +9,5 @@ members = [
"seed-bundle-explorer",
"is-valid"
]

resolver = "2"
6 changes: 6 additions & 0 deletions core/Cargo.toml
Original file line number Diff line number Diff line change
Expand Up @@ -28,3 +28,9 @@ rev = "28e765e4369e19bc0126bb46acaacadf1303de22"

[features]
wasm-bindgen = ["rand/wasm-bindgen"]

[dev-dependencies]
tokio = { version = "1.12.0", features = [ "full" ] }
hc_seed_bundle = "0.2.3"
sodoken = "=0.0.11"
serde_json = "1.0.117"
77 changes: 35 additions & 42 deletions core/src/config.rs
Original file line number Diff line number Diff line change
@@ -1,8 +1,9 @@
use arrayref::array_ref;
use ed25519_dalek::*;
use failure::Error;
use rand::{rngs::OsRng, Rng};
use serde::*;

use crate::public_key;
pub const SEED_SIZE: usize = 32;

fn public_key_from_base64<'de, D>(deserializer: D) -> Result<PublicKey, D::Error>
Expand Down Expand Up @@ -73,35 +74,37 @@ pub enum Config {
/// The pub-key in settings is the holoport key that is used for verifying login signatures
settings: Settings,
},
#[serde(rename = "v3")]
V3 {
/// This is the Device Seed Bundle as a base64 string which is compatible with lair-keystore >=v0.0.8
/// And is encoded with a password that will be needed to be used to decrypt it
device_bundle: String,
/// Derivation path of the seed in this config that was generated for a Master Seed
device_derivation_path: String,
// The revocation key is usually the /0 derivation path of the master seed
#[serde(
deserialize_with = "public_key_from_base64",
serialize_with = "to_base64"
)]
revocation_pub_key: PublicKey,
// /1 derivation path of the device bundle base36 encoded
holoport_id: String,
// This is a HoloHash version of the holoport_id
initial_host_pub_key: String,
/// Holo registration code is used to identify and authenticate its users
registration_code: String,
/// The pub-key in settings is the holoport key that is used for verifying login signatures
settings: Settings,
},
}

impl Config {
pub fn new(
email: String,
password: String,
maybe_seed: Option<Seed>,
) -> Result<(Self, PublicKey), Error> {
let (seed, admin_keypair, holochain_public_key) =
generate_keypair(email.clone(), password, maybe_seed)?;
let admin = Admin {
email: email,
public_key: admin_keypair.public,
};

Ok((
Config::V1 {
seed,
settings: Settings { admin },
},
holochain_public_key,
))
}

pub fn new_v2(
email: String,
password: String,
registration_code: String,
derivation_path: String,
revocation_pub_key: PublicKey,
device_derivation_path: String,
device_bundle: String,
device_pub_key: PublicKey,
) -> Result<(Self, PublicKey), Error> {
Expand All @@ -110,10 +113,14 @@ impl Config {
email: email,
public_key: admin_keypair.public,
};
let holoport_id = public_key::to_base36_id(&device_pub_key);
Ok((
Config::V2 {
Config::V3 {
device_bundle,
derivation_path,
device_derivation_path,
revocation_pub_key,
holoport_id,
initial_host_pub_key: public_key::to_holochain_encoded_agent_key(&device_pub_key),
registration_code,
settings: Settings { admin: admin },
},
Expand All @@ -123,27 +130,13 @@ impl Config {

pub fn admin_public_key(&self) -> PublicKey {
match self {
Config::V1 { settings, .. } | Config::V2 { settings, .. } => settings.admin.public_key,
Config::V1 { settings, .. }
| Config::V2 { settings, .. }
| Config::V3 { settings, .. } => settings.admin.public_key,
}
}
}

fn generate_keypair(
email: String,
password: String,
maybe_seed: Option<Seed>,
) -> Result<(Seed, Keypair, PublicKey), Error> {
let master_seed = match maybe_seed {
None => OsRng::new()?.gen::<Seed>(),
Some(s) => s,
};
let master_secret_key = SecretKey::from_bytes(&master_seed)?;
let master_public_key = PublicKey::from(&master_secret_key);

let admin_keypair = admin_keypair_from(master_public_key, &email, &password)?;
Ok((master_seed, admin_keypair, master_public_key))
}

pub fn admin_keypair_from(
holochain_public_key: PublicKey,
email: &str,
Expand Down
77 changes: 77 additions & 0 deletions core/tests/configuration.rs
Original file line number Diff line number Diff line change
@@ -0,0 +1,77 @@
#[cfg(test)]
mod tests {

use ed25519_dalek::PublicKey;
use hpos_config_core::Config;

#[tokio::test(flavor = "multi_thread")]
async fn test_hpos_config() -> Result<(), String> {
// emulate the UI

let master = hc_seed_bundle::UnlockedSeedBundle::new_random()
.await
.unwrap();

let passphrase = sodoken::BufRead::from(b"test-passphrase".to_vec());
let revocation_bundle = master.derive(0).await.unwrap();
let revocation_pub_key = revocation_bundle.get_sign_pub_key().read_lock().to_vec();

let device_derivation_path = 2;
let device_bundle = master.derive(device_derivation_path).await.unwrap();
let device_bundle_encoded_bytes = device_bundle
.lock()
.add_pwhash_cipher(passphrase)
.lock()
.await
.unwrap();
let device_bundle_base64 = base64::encode(&device_bundle_encoded_bytes);

// derive the holoport ID

let holoport_id = device_bundle.derive(1).await.unwrap();

let holoport_id = holoport_id.get_sign_pub_key().read_lock().to_vec();

// initialize a new Config struct
let email = "[email protected]".to_string();
let password = "password".to_string();
let registration_code = "registration-code".to_string();
let revocation_pub_key = PublicKey::from_bytes(&revocation_pub_key).unwrap();
let holoport_id = PublicKey::from_bytes(&holoport_id).unwrap();
let hpos_config = Config::new(
email.clone(),
password,
registration_code,
revocation_pub_key,
device_derivation_path.to_string(),
device_bundle_base64.clone(),
holoport_id,
)
.unwrap();

assert_eq!(hpos_config.1, holoport_id.clone());

println!("{}", serde_json::to_string_pretty(&hpos_config.0).unwrap());

if let Config::V3 {
device_bundle,
device_derivation_path,
revocation_pub_key,
holoport_id,
initial_host_pub_key: _,
registration_code,
settings,
} = hpos_config.0
{
assert_eq!(device_bundle, device_bundle_base64,);
assert_eq!(device_derivation_path, device_derivation_path.to_string());
assert_eq!(revocation_pub_key, revocation_pub_key);
assert_eq!(holoport_id, holoport_id);
assert_eq!(registration_code, registration_code);
assert_eq!(settings.admin.email, email);
return Ok(());
} else {
return Err("Expected V3 variant".to_string());
}
}
}
69 changes: 0 additions & 69 deletions default.nix

This file was deleted.

4 changes: 3 additions & 1 deletion gen-cli/src/main.rs
Original file line number Diff line number Diff line change
Expand Up @@ -28,6 +28,7 @@ struct Args {
flag_email: String,
flag_password: String,
flag_registration_code: String,
flag_revocation_pub_key: PublicKey,
flag_derivation_path: String,
flag_device_bundle: String,
flag_seed_from: Option<PathBuf>,
Expand All @@ -52,10 +53,11 @@ fn main() -> Result<(), Error> {

let secret_key = SecretKey::from_bytes(&seed)?;

let (config, public_key) = Config::new_v2(
let (config, public_key) = Config::new(
args.flag_email,
args.flag_password,
args.flag_registration_code,
args.flag_revocation_pub_key,
args.flag_derivation_path,
args.flag_device_bundle,
PublicKey::from(&secret_key),
Expand Down
2 changes: 2 additions & 0 deletions gen-web/src/index.js
Original file line number Diff line number Diff line change
Expand Up @@ -614,6 +614,8 @@
* @param {Object} seed {derivationPath, deviceRoot, pubKey}
*/
const generateBlob = (user, seed) => {
// todo: update this fn by passing the revocation_pub_key
// todo: seed pubkey should be derived from the seed, not the deviceRoot pubKey itself
const configData = config(user.email, user.password, user.registrationCode, seed.derivationPath.toString(), seed.deviceRoot, seed.pubKey)
const configBlob = new Blob([configData.config], { type: 'application/json' })

Expand Down
7 changes: 6 additions & 1 deletion gen-web/src/lib.rs
Original file line number Diff line number Diff line change
Expand Up @@ -16,16 +16,19 @@
email: String,
password: String,
registration_code: String,
revocation_pub_key: Vec<u8>,
derivation_path: String,
device_bundle: String,
device_pub_key: String,
) -> Result<JsValue, Error> {
let device_pub_key: PublicKey = base64::decode_config(&device_pub_key, base64::URL_SAFE_NO_PAD)
.map(|bytes| PublicKey::from_bytes(&bytes))??;
let (config, public_key) = Config::new_v2(
let revocation_pub_key = PublicKey::from_bytes(&revocation_pub_key)?;
let (config, public_key) = Config::new(
email,
password,
registration_code,
revocation_pub_key,
derivation_path,
device_bundle,
device_pub_key,
Expand All @@ -37,7 +40,7 @@
url: public_key::to_url(&public_key)?.to_string(),
};

Ok(JsValue::from_serde(&config_data)?)

Check warning on line 43 in gen-web/src/lib.rs

View workflow job for this annotation

GitHub Actions / test (ubuntu-latest, stable)

use of deprecated associated function `wasm_bindgen::JsValue::from_serde`: causes dependency cycles, use `serde-wasm-bindgen` or `gloo_utils::format::JsValueSerdeExt` instead

Check warning on line 43 in gen-web/src/lib.rs

View workflow job for this annotation

GitHub Actions / test (ubuntu-latest, stable)

use of deprecated associated function `wasm_bindgen::JsValue::from_serde`: causes dependency cycles, use `serde-wasm-bindgen` or `gloo_utils::format::JsValueSerdeExt` instead
}

#[wasm_bindgen]
Expand All @@ -45,6 +48,7 @@
email: String,
password: String,
registration_code: String,
revocation_pub_key: Vec<u8>,
derivation_path: String,
device_bundle: String,
device_pub_key: String,
Expand All @@ -53,6 +57,7 @@
email,
password,
registration_code,
revocation_pub_key,
derivation_path,
device_bundle,
device_pub_key,
Expand Down
11 changes: 8 additions & 3 deletions into-base36-id/src/main.rs
Original file line number Diff line number Diff line change
Expand Up @@ -2,9 +2,9 @@ use anyhow::{Context, Result};
use ed25519_dalek::*;
use hpos_config_core::*;
use hpos_config_seed_bundle_explorer::unlock;
use std::fs::File;
use std::path::PathBuf;
use structopt::StructOpt;
use std::fs::File;

#[tokio::main]
async fn main() -> Result<()> {
Expand All @@ -24,8 +24,10 @@ async fn main() -> Result<()> {
..
} = Cli::from_args();

let config_file =
File::open(&config_path).context(format!("failed to open file {}", &config_path.to_string_lossy()))?;
let config_file = File::open(&config_path).context(format!(
"failed to open file {}",
&config_path.to_string_lossy()
))?;
match serde_json::from_reader(config_file)? {
Config::V1 { seed, .. } => {
let secret_key = SecretKey::from_bytes(&seed)?;
Expand All @@ -43,6 +45,9 @@ async fn main() -> Result<()> {
))?;
println!("{}", public_key::to_base36_id(&public));
}
Config::V3 { holoport_id, .. } => {
println!("{}", holoport_id);
}
}

Ok(())
Expand Down
1 change: 1 addition & 0 deletions is-valid/src/main.rs
Original file line number Diff line number Diff line change
Expand Up @@ -6,5 +6,6 @@ fn main() -> Result<()> {
match serde_json::from_reader(stdin())? {
Config::V1 { .. } => Ok(()),
Config::V2 { .. } => Ok(()),
Config::V3 { .. } => Ok(()),
}
}
4 changes: 0 additions & 4 deletions nixpkgs.nix

This file was deleted.

Loading
Loading