Skip to content

Commit a079ce4

Browse files
authored
Merge pull request #220 from bsv-blockchain/fix-auth-fetch-hanging-process
fix: auth fetch hanging process and certificates exchange between peers
2 parents 12f2b74 + 4ffd5db commit a079ce4

19 files changed

+2019
-1731
lines changed

auth/certificates/certificate.go

Lines changed: 43 additions & 5 deletions
Original file line numberDiff line numberDiff line change
@@ -7,19 +7,20 @@ package certificates
77

88
import (
99
"context"
10+
"encoding/hex"
1011
"errors"
1112
"fmt"
1213

1314
ec "github.com/bsv-blockchain/go-sdk/primitives/ec"
1415
"github.com/bsv-blockchain/go-sdk/transaction"
16+
"github.com/bsv-blockchain/go-sdk/util"
1517
"github.com/bsv-blockchain/go-sdk/wallet"
1618
"github.com/bsv-blockchain/go-sdk/wallet/serializer"
1719
)
1820

1921
var (
20-
ErrInvalidCertificate = errors.New("invalid-certificate")
21-
ErrAlreadySigned = errors.New("certificate has already been signed")
22-
ErrNotSigned = errors.New("certificate is not signed")
22+
ErrAlreadySigned = errors.New("certificate has already been signed")
23+
ErrNotSigned = errors.New("certificate is not signed")
2324
)
2425

2526
// Certificate represents an Identity Certificate as per the Wallet interface specifications.
@@ -44,7 +45,44 @@ type Certificate struct {
4445
Fields map[wallet.CertificateFieldNameUnder50Bytes]wallet.StringBase64 `json:"fields"`
4546

4647
// Certificate signature by the certifier's private key
47-
Signature []byte `json:"signature,omitempty"`
48+
Signature util.ByteString `json:"signature,omitempty"`
49+
}
50+
51+
type SignatureHex []byte
52+
53+
func (s *SignatureHex) UnmarshalJSON(bytes []byte) error {
54+
if len(bytes) == 0 {
55+
*s = nil
56+
return nil
57+
}
58+
59+
if len(bytes) < 2 {
60+
return fmt.Errorf("signature hex must be JSON string type %s", bytes)
61+
}
62+
63+
if bytes[0] != '"' || bytes[len(bytes)-1] != '"' {
64+
return fmt.Errorf("signature hex must be JSON string type %s", bytes)
65+
}
66+
67+
bytes = bytes[1 : len(bytes)-1]
68+
69+
if len(bytes)%2 != 0 {
70+
return fmt.Errorf("signature hex must have even size %s", bytes)
71+
}
72+
73+
var err error
74+
*s, err = hex.DecodeString(string(bytes))
75+
if err != nil {
76+
return fmt.Errorf("failed to decode signature hex: %w", err)
77+
}
78+
return nil
79+
}
80+
81+
func (s SignatureHex) MarshalJSON() ([]byte, error) {
82+
if len(s) == 0 {
83+
return []byte(""), nil
84+
}
85+
return []byte("\"" + hex.EncodeToString(s) + "\""), nil
4886
}
4987

5088
// NewCertificate creates a new certificate with the given fields
@@ -294,7 +332,7 @@ func FromWalletCertificate(walletCert *wallet.Certificate) (*Certificate, error)
294332
// so the keyID is formed by concatenating the serialNumber and fieldName.
295333
func GetCertificateEncryptionDetails(fieldName string, serialNumber string) (wallet.Protocol, string) {
296334
protocolID := wallet.Protocol{
297-
SecurityLevel: wallet.SecurityLevelEveryApp,
335+
SecurityLevel: wallet.SecurityLevelEveryAppAndCounterparty,
298336
Protocol: "certificate field encryption",
299337
}
300338

auth/certificates/certificate_test.go

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -445,7 +445,7 @@ func TestCertificate(t *testing.T) {
445445

446446
// Verify signature can be serialized back to same bytes
447447
serializedSig := walletCert.Signature.Serialize()
448-
assert.Equal(t, certificate.Signature, serializedSig)
448+
assert.EqualValues(t, certificate.Signature, serializedSig)
449449
})
450450

451451
t.Run("FromWalletCertificate should convert wallet.Certificate to Certificate correctly", func(t *testing.T) {

auth/certificates/verifiable.go

Lines changed: 9 additions & 8 deletions
Original file line numberDiff line numberDiff line change
@@ -112,15 +112,16 @@ func (vc *VerifiableCertificate) DecryptFields(
112112
// Use the certificate's serial number as required for verifier keyring decryption.
113113
protocolID, keyID := GetCertificateEncryptionDetails(string(fieldName), string(vc.SerialNumber))
114114

115+
args := wallet.EncryptionArgs{
116+
ProtocolID: protocolID,
117+
KeyID: keyID,
118+
Counterparty: subjectCounterparty,
119+
Privileged: privileged,
120+
PrivilegedReason: privilegedReason,
121+
}
115122
decryptResult, err := verifierWallet.Decrypt(ctx, wallet.DecryptArgs{
116-
EncryptionArgs: wallet.EncryptionArgs{
117-
ProtocolID: protocolID,
118-
KeyID: keyID,
119-
Counterparty: subjectCounterparty,
120-
Privileged: privileged,
121-
PrivilegedReason: privilegedReason,
122-
},
123-
Ciphertext: encryptedKeyBytes,
123+
EncryptionArgs: args,
124+
Ciphertext: encryptedKeyBytes,
124125
}, "")
125126
if err != nil {
126127
// Wrap error from the wallet's Decrypt method, matching TS error style

auth/clients/authhttp/authhttp.go

Lines changed: 3 additions & 3 deletions
Original file line numberDiff line numberDiff line change
@@ -266,7 +266,7 @@ func (a *AuthFetch) Fetch(ctx context.Context, urlStr string, config *Simplified
266266
}
267267

268268
// Set up listener for response
269-
var listenerID int
269+
var listenerID int32
270270
listenerID = peerToUse.Peer.ListenForGeneralMessages(func(senderPublicKey *ec.PublicKey, payload []byte) error {
271271
// Create a reader
272272
responseReader := util.NewReader(payload)
@@ -492,7 +492,7 @@ func (a *AuthFetch) SendCertificateRequest(ctx context.Context, baseURL string,
492492
})
493493

494494
// Set up certificate received listener
495-
var callbackID int
495+
var callbackID int32
496496
callbackID = peerToUse.Peer.ListenForCertificatesReceived(func(senderPublicKey *ec.PublicKey, certs []*certificates.VerifiableCertificate) error {
497497
peerToUse.Peer.StopListeningForCertificatesReceived(callbackID)
498498
a.certificatesReceived = append(a.certificatesReceived, certs...)
@@ -682,7 +682,7 @@ func (a *AuthFetch) handleFetchAndValidate(urlStr string, config *SimplifiedFetc
682682
func (a *AuthFetch) handlePaymentAndRetry(ctx context.Context, urlStr string, config *SimplifiedFetchRequestOptions, originalResponse *http.Response) (*http.Response, error) {
683683
// Make sure the server is using the correct payment version
684684
paymentVersion := originalResponse.Header.Get("x-bsv-payment-version")
685-
if paymentVersion == "" || paymentVersion != PaymentVersion {
685+
if paymentVersion != PaymentVersion {
686686
return nil, fmt.Errorf("unsupported x-bsv-payment-version response header. Client version: %s, Server version: %s",
687687
PaymentVersion, paymentVersion)
688688
}

0 commit comments

Comments
 (0)