webauthn + refactor

README.md

@@ -14,9 +14,9 @@ KeyPair.fromPem(string); // => KeyPair
 Managing identities.
 
 ```ts
-identity = Identity.fromPublicKey(key); // => Identity
-identity = Identity.fromString(string); // => Identity
-anonymous = new Identity(); // => Anonymous Identity
+identity = Address.fromPublicKey(key); // => Address
+identity = Address.fromString(string); // => Address
+anonymous = new Address(); // => Anonymous Address
 
 identity.toString(keys); // => "mw7aekyjtsx2hmeadrua5cpitgy7pykjkok3gyth3ggsio4zwa"
 identity.toHex(keys); // => "01e736fc9624ff8ca7956189b6c1b66f55f533ed362ca48c884cd20065";

package.json

@@ -17,6 +17,7 @@
     "crc": "^3.8.0",
     "jest": "^27.4.5",
     "js-sha3": "^0.8.0",
+    "js-sha512": "^0.8.0",
     "node-forge": "^0.10.0",
     "ts-jest": "^27.1.1",
     "typescript": "^4.4.4",
@@ -25,6 +26,7 @@
   "scripts": {
     "test": "jest",
     "build": "tsc",
+    "watch": "npm run clean && npm run build -- -w",
     "clean": "rm -rf ./dist",
     "postinstall": "tsc"
   },
@@ -46,6 +48,7 @@
   "jest": {
     "preset": "ts-jest",
     "testEnvironment": "node",
+    "maxWorkers": 1,
     "testMatch": [
       "**/?(*.)+(spec|test).[jt]s?(x)"
     ],

src/const.ts

@@ -0,0 +1,2 @@
+export const ONE_SECOND = 1000
+export const ONE_MINUTE = 60000

src/identity/address.ts

@@ -0,0 +1,81 @@
+import base32Decode from "base32-decode"
+import base32Encode from "base32-encode"
+import crc from "crc"
+
+export const ANON_IDENTITY = "maa"
+export class Address {
+  bytes: Uint8Array
+
+  constructor(bytes?: Buffer) {
+    this.bytes = new Uint8Array(bytes ? bytes : [0x00])
+  }
+
+  static anonymous(): Address {
+    return new Address()
+  }
+
+  static fromHex(hex: string): Address {
+    return new Address(Buffer.from(hex, "hex"))
+  }
+
+  static fromString(string: string): Address {
+    if (string === ANON_IDENTITY) {
+      return new Address()
+    }
+    const base32Address = string.slice(1, -2).toUpperCase()
+    const base32Checksum = string.slice(-2).toUpperCase()
+    const identity = base32Decode(base32Address, "RFC4648")
+    const checksum = base32Decode(base32Checksum, "RFC4648")
+
+    const check = Buffer.allocUnsafe(3)
+    check.writeUInt16BE(crc.crc16(Buffer.from(identity)), 0)
+
+    if (Buffer.compare(Buffer.from(checksum), check.slice(0, 1)) !== 0) {
+      throw new Error("Invalid Checksum")
+    }
+
+    return new Address(Buffer.from(identity))
+  }
+
+  isAnonymous(): boolean {
+    return Buffer.compare(this.toBuffer(), Buffer.from([0x00])) === 0
+  }
+
+  toBuffer(): Buffer {
+    return Buffer.from(this.bytes)
+  }
+
+  toString(): string {
+    if (this.isAnonymous()) {
+      return ANON_IDENTITY
+    }
+    const identity = this.toBuffer()
+    const checksum = Buffer.allocUnsafe(3)
+    checksum.writeUInt16BE(crc.crc16(identity), 0)
+
+    const leader = "m"
+    const base32Address = base32Encode(identity, "RFC4648", {
+      padding: false,
+    })
+    const base32Checksum = base32Encode(checksum, "RFC4648").slice(0, 2)
+    return (leader + base32Address + base32Checksum).toLowerCase()
+  }
+
+  toHex(): string {
+    if (this.isAnonymous()) {
+      return "00"
+    }
+    return Buffer.from(this.bytes).toString("hex")
+  }
+
+  withSubresource(id: number): Address {
+    let bytes = Buffer.from(this.bytes.slice(0, 29))
+    bytes[0] = 0x80 + ((id & 0x7f000000) >> 24)
+    const subresourceBytes = Buffer.from([
+      (id & 0x00ff0000) >> 16,
+      (id & 0x0000ff00) >> 8,
+      id & 0x000000ff,
+    ])
+    return new Address(Buffer.concat([bytes, subresourceBytes]))
+  }
+}

src/identity/anonymous/anonymous-identity.ts

@@ -0,0 +1,20 @@
+import { Identity } from "../types"
+import { EMPTY } from "../../message/cose"
+import { Address } from "../address"
+
+export class AnonymousIdentity extends Identity {
+  async sign() {
+    return EMPTY
+  }
+  async verify() {
+    return false
+  }
+
+  async getAddress(): Promise<Address> {
+    return Address.anonymous()
+  }
+
+  toJSON(): { dataType: string } {
+    return { dataType: this.constructor.name }
+  }
+}

src/identity/anonymous/index.ts

@@ -0,0 +1 @@
+export { AnonymousIdentity } from "./anonymous-identity"

src/identity/ed25519/__tests__/ed25519-identity.test.ts

@@ -0,0 +1,47 @@
+import { Ed25519KeyPairIdentity } from "../ed25519-key-pair-identity"
+
+describe("keys", () => {
+  test("getSeedWords", () => {
+    const seedWords = Ed25519KeyPairIdentity.getMnemonic()
+
+    expect(seedWords.split(" ")).toHaveLength(12)
+  })
+
+  test("fromSeedWords", async function () {
+    const seedWords = Ed25519KeyPairIdentity.getMnemonic()
+    const badWords = "abandon abandon abandon"
+
+    const alice = Ed25519KeyPairIdentity.fromMnemonic(seedWords)
+    const bob = Ed25519KeyPairIdentity.fromMnemonic(seedWords)
+
+    const aliceAddress = (await alice.getAddress()).toString()
+    const bobAddress = (await bob.getAddress()).toString()
+
+    expect(aliceAddress).toStrictEqual(bobAddress)
+    expect(() => {
+      Ed25519KeyPairIdentity.fromMnemonic(badWords)
+    }).toThrow()
+  })
+
+  test("fromPem", async function () {
+    const pem = `
+      -----BEGIN PRIVATE KEY-----
+      MC4CAQAwBQYDK2VwBCIEICT3i6WfLx4t3UF6R8aEfczyATc/jvqvOrNga2MJfA2R
+      -----END PRIVATE KEY-----`
+    const badPem = `
+      -----BEGIN PRIVATE CAT-----
+      MEOW
+      -----END PRIVATE CAT-----`
+
+    const alice = Ed25519KeyPairIdentity.fromPem(pem)
+    const bob = Ed25519KeyPairIdentity.fromPem(pem)
+
+    const aliceAddress = (await alice.getAddress()).toString()
+    const bobAddress = (await bob.getAddress()).toString()
+
+    expect(aliceAddress).toStrictEqual(bobAddress)
+    expect(() => {
+      Ed25519KeyPairIdentity.fromPem(badPem)
+    }).toThrow()
+  })
+})

src/identity/ed25519/ed25519-key-pair-identity.ts

@@ -0,0 +1,80 @@
+import forge, { pki } from "node-forge"
+import * as bip39 from "bip39"
+import { CoseKey } from "../../message/cose"
+const ed25519 = pki.ed25519
+import { PublicKeyIdentity } from "../types"
+import { Address } from "../address"
+
+export class Ed25519KeyPairIdentity extends PublicKeyIdentity {
+  publicKey: ArrayBuffer
+  protected privateKey: ArrayBuffer
+
+  protected constructor(publicKey: ArrayBuffer, privateKey: ArrayBuffer) {
+    super()
+    this.publicKey = publicKey
+    this.privateKey = privateKey
+  }
+
+  static getMnemonic(): string {
+    return bip39.generateMnemonic()
+  }
+
+  async getAddress(): Promise<Address> {
+    const coseKey = this.getCoseKey()
+    return coseKey.toAddress()
+  }
+
+  static fromMnemonic(mnemonic: string): Ed25519KeyPairIdentity {
+    const sanitized = mnemonic.trim().split(/\s+/g).join(" ")
+    if (!bip39.validateMnemonic(sanitized)) {
+      throw new Error("Invalid Mnemonic")
+    }
+    const seed = bip39.mnemonicToSeedSync(sanitized).slice(0, 32)
+    const keys = ed25519.generateKeyPair({ seed })
+    return new Ed25519KeyPairIdentity(keys.publicKey, keys.privateKey)
+  }
+
+  static fromPem(pem: string): Ed25519KeyPairIdentity {
+    try {
+      const der = forge.pem.decode(pem)[0].body
+      const asn1 = forge.asn1.fromDer(der.toString())
+      const { privateKeyBytes } = ed25519.privateKeyFromAsn1(asn1)
+      const keys = ed25519.generateKeyPair({ seed: privateKeyBytes })
+      return new Ed25519KeyPairIdentity(keys.publicKey, keys.privateKey)
+    } catch (e) {
+      throw new Error("Invalid PEM")
+    }
+  }
+
+  async sign(data: ArrayBuffer): Promise<ArrayBuffer> {
+    return ed25519.sign({
+      message: data as Uint8Array,
+      privateKey: this.privateKey as Uint8Array,
+    })
+  }
+  async verify(m: ArrayBuffer): Promise<boolean> {
+    return false
+  }
+
+  getCoseKey(): CoseKey {
+    const c = new Map()
+    c.set(1, 1) // kty: OKP
+    c.set(3, -8) // alg: EdDSA
+    c.set(-1, 6) // crv: Ed25519
+    c.set(4, [2]) // key_ops: [verify]
+    c.set(-2, this.publicKey) // x: publicKey
+    return new CoseKey(c)
+  }
+
+  toJSON(): {
+    dataType: string
+    publicKey: ArrayBuffer
+    privateKey: ArrayBuffer
+  } {
+    return {
+      dataType: this.constructor.name,
+      publicKey: this.publicKey,
+      privateKey: this.privateKey,
+    }
+  }
+}

src/identity/ed25519/index.ts

@@ -0,0 +1 @@
+export * from "./ed25519-key-pair-identity"