Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Add SHA256withRSA-PSS pair. Add SHA384withECDSA pair. Overhaul hashin… #1

Open
wants to merge 23 commits into
base: main
Choose a base branch
from
Open
Show file tree
Hide file tree
Changes from 14 commits
Commits
Show all changes
23 commits
Select commit Hold shift + click to select a range
ba6373a
Add SHA256withRSA-PSS pair. Add SHA384withECDSA pair. Overhaul hashin…
J3imip Nov 28, 2024
1e746cd
Refactor supported signature and hash algorithms validation
J3imip Nov 29, 2024
1348272
Remove boilerplate code, refactor algorithm pairs logic
J3imip Nov 29, 2024
1cab0e8
Add document sod save logic. Add vault for storing signature key. Add…
J3imip Dec 4, 2024
317a777
Refactor docs, overhaul register handler. Minor improvements
J3imip Dec 9, 2024
c66629b
Render non-null responses only
J3imip Dec 9, 2024
7ae0355
Add branches to docs deployment
J3imip Dec 10, 2024
59beeef
Trigger workflow
J3imip Dec 10, 2024
79271e3
Implement zk proof verification flow. Refactor registration to use EC…
J3imip Dec 10, 2024
3641ff0
Unmarshal signature as ASN.1 object. Add hash unique constraint
J3imip Dec 10, 2024
9adb395
Remove unused comments
J3imip Dec 10, 2024
6bff281
Truncate 0x hex prefix. Support nullable AaSignature
J3imip Dec 10, 2024
0d60b06
Add AaSignature validation
J3imip Dec 10, 2024
0789f9d
Make AaSignature optional in migrations
J3imip Dec 10, 2024
b7b63cd
Minor improvements
J3imip Dec 10, 2024
56c62e4
Refactor ECDSA signature verification
J3imip Dec 10, 2024
1340304
Add skaffold ci
J3imip Dec 11, 2024
002f0b1
Update build branches
J3imip Dec 11, 2024
56bac90
Remove werf
J3imip Dec 11, 2024
0c0c987
Change router endpoint. Update README.md
J3imip Dec 11, 2024
4c9f24c
Update docs
J3imip Dec 11, 2024
cb354a2
Increase document sod data limits
J3imip Dec 11, 2024
76fa5ee
Parse signature as raw hex
J3imip Dec 11, 2024
File filter

Filter by extension

Filter by extension


Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
1 change: 1 addition & 0 deletions .github/workflows/deploy-gh-pages.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -11,6 +11,7 @@ on:
# - v*
branches:
- main
- feature/*

jobs:
deploy_pages:
Expand Down
8 changes: 4 additions & 4 deletions Dockerfile
Original file line number Diff line number Diff line change
Expand Up @@ -3,15 +3,15 @@ FROM golang:1.21.6-alpine as buildbase
RUN apk add git build-base

WORKDIR /go/src/github.com/rarimo/passport-identity-provider
COPY vendor .
COPY . .
RUN go mod tidy

RUN GOOS=linux go build -o /usr/local/bin/identity-provider-service /go/src/github.com/rarimo/passport-identity-provider
RUN GOOS=linux go build -o /usr/local/bin/incognito-light-registrator /go/src/github.com/rarimo/passport-identity-provider


FROM alpine:3.9

COPY --from=buildbase /usr/local/bin/identity-provider-service /usr/local/bin/identity-provider-service
COPY --from=buildbase /usr/local/bin/incognito-light-registrator /usr/local/bin/incognito-light-registrator
RUN apk add --no-cache ca-certificates

ENTRYPOINT ["identity-provider-service"]
ENTRYPOINT ["incognito-light-registrator"]
29 changes: 8 additions & 21 deletions config.yaml
Original file line number Diff line number Diff line change
@@ -1,33 +1,20 @@
vault:
address: "http://127.0.0.1:8200"
mount_path: "secret_data"

network:
eth_rpc:
state_contract:

verifier:
verification_keys_paths:
sha1: "./sha1_verification_key.json"
sha256: "./sha256_verification_key.json"
sha1: "./verification_keys/registerIdentityLight160.json"
sha224: "./verification_keys/registerIdentityLight224.json"
sha256: "./verification_keys/registerIdentityLight256.json"
sha384: "./verification_keys/registerIdentityLight384.json"
sha512: "./verification_keys/registerIdentityLight512.json"
master_certs_path: "./masterList.dev.pem"
allowed_age: 18
multi_acc_min_limit: 10
multi_acc_max_limit: 30
registration_timeout: 1h

issuer:
base_url: "http://localhost:3002/v1"
did: ""
claim_type: "VotingCredential"
credential_schema: "https://bafybeibbniic63etdbcn5rs5ir5bhelym6ogv46afj35keatzhn2eqnioi.ipfs.w3s.link/VotingCredential.json"
disableTimeChecks: false
disableNameChecks: false

log:
level: debug
disable_sentry: true

db:
url: postgres://voting:voting@localhost:35432/voting?sslmode=disable
url: postgres://ilr:ilr@localhost:5432/ilr?sslmode=disable

listener:
addr: :8000
Expand Down
16 changes: 0 additions & 16 deletions docs/spec/components/schemas/Claim.yaml

This file was deleted.

37 changes: 37 additions & 0 deletions docs/spec/components/schemas/DocumentSod.yaml
Original file line number Diff line number Diff line change
@@ -0,0 +1,37 @@
type: object
required:
- hash_algorithm
- signature_algorithm
- signed_attributes
- signature
- encapsulated_content
- pem_file
- dg15
properties:
hash_algorithm:
type: string
description: The hash algorithm used to hash the content
signature_algorithm:
type: string
description: The signature algorithm used to sign the content
signed_attributes:
type: string
description: The signed attributes, for e.g. 104 bytes-long hex string
signature:
type: string
description: Signature corresponding to the algorithm
aa_signature:
type: string
description: The active authentication signature
encapsulated_content:
type: string
description: The encapsulated content, for e.g. 186 bytes-long hex string
pem_file:
type: string
description: The PEM file containing the public key
dg15:
type: string
description: The Data Group 15, hex string



11 changes: 11 additions & 0 deletions docs/spec/components/schemas/DocumentSodKey.yaml
Original file line number Diff line number Diff line change
@@ -0,0 +1,11 @@
type: object
required:
- id
- type
properties:
id:
type: string
type:
type: string
enum:
- document-sod
16 changes: 0 additions & 16 deletions docs/spec/components/schemas/GistData.yaml

This file was deleted.

29 changes: 0 additions & 29 deletions docs/spec/components/schemas/GistProof.yaml

This file was deleted.

18 changes: 18 additions & 0 deletions docs/spec/components/schemas/Register.yaml
Original file line number Diff line number Diff line change
@@ -0,0 +1,18 @@
allOf:
- $ref: '#/components/schemas/RegisterKey'
- type: object
required:
- attributes
properties:
attributes:
type: object
required:
- zk_proof
- document_sod
properties:
zk_proof:
type: object
format: types.ZKProof
description: Zero-knowledge proof with dg1 public input
document_sod:
$ref: '#/components/schemas/DocumentSod'
Original file line number Diff line number Diff line change
Expand Up @@ -8,4 +8,4 @@ properties:
type:
type: string
enum:
- claims
- register
20 changes: 20 additions & 0 deletions docs/spec/components/schemas/Signature.yaml
Original file line number Diff line number Diff line change
@@ -0,0 +1,20 @@
allOf:
- $ref: '#/components/schemas/SignatureKey'
- type: object
required:
- attributes
properties:
attributes:
type: object
required:
- signature
- document_hash
properties:
signature:
type: string
example: 7768792064696420796F75206576656E206465636F6465642069743F
description: ECDSA signature of the document hash
document_hash:
type: string
example: 7768792064696420796F75206576656E206465636F6465642069743F
description: Poseidon hash of the document
Original file line number Diff line number Diff line change
Expand Up @@ -8,4 +8,4 @@ properties:
type:
type: string
enum:
- gist_datas
- signature

This file was deleted.

Original file line number Diff line number Diff line change
@@ -1,14 +1,19 @@
get:
post:
tags:
- GIST
summary: The GIST data retrieving
operationId: gist-data
parameters:
- in: query
name: user_did
required: true
schema:
type: string
- Register
summary: Register
operationId: register
requestBody:
content:
application/json:
schema:
type: object
required:
- data
properties:
data:
type: object
$ref: '#/components/schemas/Register'
responses:
'200':
description: Success
Expand All @@ -19,7 +24,7 @@ get:
properties:
data:
type: object
$ref: '#/components/schemas/GistData'
$ref: '#/components/schemas/Signature'
'500':
description: Internal Error
content:
Expand Down
Loading
Loading