hd-auth/hd-auth-wallet
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

Verifying service produced challenge

Browse Source
This commit is contained in:
Kgothatso 2019-11-26 22:42:57 +02:00
parent 0a17e78fdc
commit 4d16737b23
2 changed files with 55 additions and 40 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

89
lib/commands/add-lock.js
View File

@ -28,48 +28,59 @@ module.exports.handler = (argv) => {
persistence().LoadDB() persistence().LoadDB()
.then(db => { .then(db => {
// TODO validate lock definition has all the parameters we need // TODO validate lock definition has all the parameters we need
// TODO: Verify challenge comes from a service we know... // TODO: validate serviceExtendedPublicKey
return db.ExtendedPublicKey.findOne({ const verification = cryptoUtil.verifyChallenge(
where: { registerationMessage.serviceExtendedPublicKey,
xpub: challenge.xpub challenge
}, );
include: [ if(verification) {
{ return db.ExtendedPublicKey.findOne({
association: db.ExtendedPublicKey.Key // TODO: update this to wallet where: {
xpub: challenge.xpub
},
include: [
{
association: db.ExtendedPublicKey.Key // TODO: update this to wallet
}
]
}).then(extendedPublicKey => {
if (extendedPublicKey) {
const encryptedKey = extendedPublicKey.key.encryptedPrivateKey;
const iv = extendedPublicKey.key.iv;
const password = "vanished";
const walletXpriv = cryptoUtil.decrypt(encryptedKey, password, iv);
var challengeDerivationPath = `${extendedPublicKey.derivationPath}/${challenge.derivationPath.split("c/")[1]}`;
const signature = cryptoUtil.signMessage(walletXpriv, challengeDerivationPath, challenge.message)
// TODO: save lock
return db.Lock.create({
userIdentifier: registerationMessage.userIdentifier,
url: registerationMessage.url,
serviceExtendedPublicKey: registerationMessage.serviceExtendedPublicKey,
signature: signature.toString('hex'),
message: challenge.message,
extendedPublicKeyId: extendedPublicKey.id
})
} else {
console.error("Sorry we can't create a lock with xpub: ", challenge.xpub);
return null;
}
}).then(lock => {
if(lock) {
console.log("Lock: ", lock.id);
console.log("Signature: ", lock.signature);
} else {
console.error("Failed to create the lock.");
} }
]
}).then(extendedPublicKey => {
if (extendedPublicKey) {
const encryptedKey = extendedPublicKey.key.encryptedPrivateKey;
const password = "vanished";
const walletXpriv = cryptoUtil.decrypt(encryptedKey, password);
var challengeDerivationPath = `${extendedPublicKey.derivationPath}/${challenge.derivationPath.split("c/")[1]}`; })
} else {
console.error("Challenge not signed by service");
}
const signature = cryptoUtil.signMessage(walletXpriv, challengeDerivationPath, challenge.message)
// TODO: save lock
return db.Lock.create({
userIdentifier: registerationMessage.userIdentifier,
url: registerationMessage.url,
signature: signature.toString('hex'),
message: challenge.message,
extendedPublicKeyId: extendedPublicKey.id
})
} else {
console.error("Sorry we can't create a lock with xpub: ", challenge.xpub);
return null;
}
}).then(lock => {
if(lock) {
console.log("Lock: ", lock.id);
console.log("Signature: ", lock.signature);
} else {
console.error("Failed to create the lock.");
}
})
}) })
} }

4
lib/core/persistence/models/lock.js
View File

@ -16,6 +16,10 @@ module.exports = function (sequelize, DataTypes, options) {
type: DataTypes.STRING, type: DataTypes.STRING,
allowNull: false allowNull: false
}, },
serviceExtendedPublicKey: {
type: DataTypes.STRING,
allowNull: false
},
signature: { signature: {
// Derivation from the master key... // Derivation from the master key...
// TODO: Add validation... // TODO: Add validation...