From 23822cdf09852b3a3d71de887890a3ad3bc7e474 Mon Sep 17 00:00:00 2001 From: AJ ONeal Date: Mon, 17 Aug 2020 23:14:09 +0000 Subject: [PATCH] wip: ready new-account for email and google verification --- go.mod | 1 + go.sum | 2 + mockid/api/verify.go | 12 +- mockid/hashcash.go | 101 ++++++ mockid/mockid.go | 56 +--- mockid/nonce.go | 64 ++++ mockid/route.go | 273 ++++++++++----- .../root/hashcash/.gitignore | 19 ++ .../root/hashcash/LICENSE | 312 ++++++++++++++++++ .../root/hashcash/README.md | 41 +++ .../git.rootprojects.org/root/hashcash/go.mod | 3 + .../root/hashcash/hashcash.go | 284 ++++++++++++++++ vendor/modules.txt | 2 + xkeypairs/jose.go | 46 +++ 14 files changed, 1089 insertions(+), 127 deletions(-) create mode 100644 mockid/hashcash.go create mode 100644 mockid/nonce.go create mode 100644 vendor/git.rootprojects.org/root/hashcash/.gitignore create mode 100644 vendor/git.rootprojects.org/root/hashcash/LICENSE create mode 100644 vendor/git.rootprojects.org/root/hashcash/README.md create mode 100644 vendor/git.rootprojects.org/root/hashcash/go.mod create mode 100644 vendor/git.rootprojects.org/root/hashcash/hashcash.go create mode 100644 xkeypairs/jose.go diff --git a/go.mod b/go.mod index e972ab7..56e1951 100644 --- a/go.mod +++ b/go.mod @@ -3,6 +3,7 @@ module git.coolaj86.com/coolaj86/go-mockid go 1.13 require ( + git.rootprojects.org/root/hashcash v1.0.1 git.rootprojects.org/root/keypairs v0.5.2 github.com/google/uuid v1.1.1 github.com/joho/godotenv v1.3.0 diff --git a/go.sum b/go.sum index 8e4308a..e3c4c0e 100644 --- a/go.sum +++ b/go.sum @@ -1,3 +1,5 @@ +git.rootprojects.org/root/hashcash v1.0.1 h1:PkzwZu4CR5q/hwAntJdvcmNhmP0ONhetMo7rYhIZhZ0= +git.rootprojects.org/root/hashcash v1.0.1/go.mod h1:HdoULUe94o1NVMES5K6aP3p8QGQiIia73F1HNZ1+FkQ= git.rootprojects.org/root/keypairs v0.5.2 h1:jr+drUUm/REaCDJTl5gT3kF2PwlXygcLsBZlqoKTZZw= git.rootprojects.org/root/keypairs v0.5.2/go.mod h1:WGI8PadOp+4LjUuI+wNlSwcJwFtY8L9XuNjuO3213HA= github.com/davecgh/go-spew v1.1.1 h1:vj9j/u1bqnvCEfJOwUhtlOARqs3+rkHYY13jYWTU97c= diff --git a/mockid/api/verify.go b/mockid/api/verify.go index 95223c5..61411b1 100644 --- a/mockid/api/verify.go +++ b/mockid/api/verify.go @@ -19,7 +19,7 @@ func Verify(w http.ResponseWriter, r *http.Request) { return } - var jws *xkeypairs.JWS + jws := &xkeypairs.JWS{} authzParts := strings.Split(r.Header.Get("Authorization"), " ") lenAuthz := len(authzParts) @@ -27,11 +27,9 @@ func Verify(w http.ResponseWriter, r *http.Request) { jwt := authzParts[1] jwsParts := strings.Split(jwt, ".") if 3 == len(jwsParts) { - jws = &xkeypairs.JWS{ - Protected: jwsParts[0], - Payload: jwsParts[1], - Signature: jwsParts[2], - } + jws.Protected = jwsParts[0] + jws.Payload = jwsParts[1] + jws.Signature = jwsParts[2] } } @@ -41,7 +39,7 @@ func Verify(w http.ResponseWriter, r *http.Request) { return } decoder := json.NewDecoder(r.Body) - err := decoder.Decode(&jws) + err := decoder.Decode(jws) if nil != err && io.EOF != err { log.Printf("json decode error: %s", err) http.Error(w, "Bad Request: invalid JWS body", http.StatusBadRequest) diff --git a/mockid/hashcash.go b/mockid/hashcash.go new file mode 100644 index 0000000..4505313 --- /dev/null +++ b/mockid/hashcash.go @@ -0,0 +1,101 @@ +package mockid + +import ( + "errors" + "net/http" + "sync" + "time" + + "git.rootprojects.org/root/hashcash" +) + +var hashcashes = &hashcashDB{ + db: sync.Map{}, +} + +func NewHashcash(sub string, exp time.Time) *hashcash.Hashcash { + + h := hashcash.New(hashcash.Hashcash{ + Subject: sub, + ExpiresAt: exp, + }) + + // ignoring the error because this implementation is backed by an in-memory map + _ = hashcashes.Store(h.Nonce, h) + + return h +} + +var ErrNotFound = errors.New("not found") + +func UseHashcash(hc string) error { + phony, err := hashcash.Parse(hc) + if nil != err { + return err + } + + hi, ok, _ := hashcashes.Load(phony.Nonce) + if !ok { + return ErrNotFound + } + mccoy := hi.(*hashcash.Hashcash) + mccopy := *mccoy + + mccopy.Solution = phony.Solution + if err := mccopy.Verify("*"); nil != err { + return err + } + + _ = hashcashes.Delete(mccoy.Nonce) + return nil +} + +func issueHashcash(w http.ResponseWriter, r *http.Request) *hashcash.Hashcash { + h := NewHashcash(r.Host, time.Now().Add(5*time.Minute)) + w.Header().Set("Hashcash-Challenge", h.String()) + return h +} + +func requireHashcash(next http.HandlerFunc) http.HandlerFunc { + return func(w http.ResponseWriter, r *http.Request) { + hc := r.Header.Get("Hashcash") + _ = issueHashcash(w, r) + if err := UseHashcash(hc); nil != err { + http.Error(w, "Bad Request", http.StatusBadRequest) + return + } + + next(w, r) + } +} + +type hashcashDB struct { + db sync.Map +} + +func (h *hashcashDB) Load(key interface{}) (value interface{}, ok bool, err error) { + v, ok := h.db.Load(key) + return v, ok, nil +} + +func (h *hashcashDB) Store(key interface{}, value interface{}) (err error) { + h.db.Store(key, value) + return nil +} + +func (h *hashcashDB) Delete(key interface{}) (err error) { + h.db.Delete(key) + return nil +} + +func (h *hashcashDB) vacuum() (err error) { + now := time.Now().UTC() + h.db.Range(func(key interface{}, val interface{}) bool { + v := val.(*hashcash.Hashcash) + if v.ExpiresAt.Sub(now) < 0 { + h.db.Delete(key) + } + return true + }) + return nil +} diff --git a/mockid/mockid.go b/mockid/mockid.go index 559e4b1..9879c9e 100644 --- a/mockid/mockid.go +++ b/mockid/mockid.go @@ -11,11 +11,9 @@ import ( "fmt" "io" "math/big" - "net/http" "net/url" "os" "strconv" - "sync" "time" "git.coolaj86.com/coolaj86/go-mockid/xkeypairs" @@ -34,6 +32,13 @@ type PublicJWK struct { Y string `json:"y"` } +type KVDB interface { + Load(key interface{}) (value interface{}, ok bool, err error) + Store(key interface{}) (value interface{}, err error) + Delete(key interface{}) (err error) + vacuum() (err error) +} + type InspectableToken struct { Public keypairs.PublicKey `json:"jwk"` Protected map[string]interface{} `json:"protected"` @@ -57,9 +62,6 @@ func (t *InspectableToken) MarshalJSON() ([]byte, error) { var defaultFrom string var defaultReplyTo string -//var nonces map[string]int64 -//var nonCh chan string -var nonces sync.Map var salt []byte func Init() { @@ -82,6 +84,13 @@ func Init() { } }() */ + + go func() { + for { + time.Sleep(15 * time.Second) + hashcashes.vacuum() + } + }() } func GenToken(host string, privkey keypairs.PrivateKey, query url.Values) (string, string, string) { @@ -164,40 +173,3 @@ func JOSEVerify(pubkey keypairs.PublicKey, hash []byte, sig []byte) bool { return false } } - -func issueNonce(w http.ResponseWriter, r *http.Request) { - b := make([]byte, 16) - _, _ = rand.Read(b) - nonce := base64.RawURLEncoding.EncodeToString(b) - //nonCh <- nonce - nonces.Store(nonce, time.Now()) - - w.Header().Set("Replay-Nonce", nonce) -} - -func requireNonce(next http.HandlerFunc) http.HandlerFunc { - return func(w http.ResponseWriter, r *http.Request) { - nonce := r.Header.Get("Replay-Nonce") - // TODO expire nonces every so often - //t := nonces[nonce] - var t time.Time - tmp, ok := nonces.Load(nonce) - if ok { - t = tmp.(time.Time) - } - if !ok || time.Now().Sub(t) > 15*time.Minute { - http.Error( - w, - `{ "error": "invalid or expired nonce", "error_code": "ENONCE" }`, - http.StatusBadRequest, - ) - return - } - - //delete(nonces, nonce) - nonces.Delete(nonce) - issueNonce(w, r) - - next(w, r) - } -} diff --git a/mockid/nonce.go b/mockid/nonce.go new file mode 100644 index 0000000..0167237 --- /dev/null +++ b/mockid/nonce.go @@ -0,0 +1,64 @@ +package mockid + +import ( + "crypto/rand" + "encoding/base64" + "net/http" + "sync" + "time" +) + +//var nonces map[string]int64 +//var nonCh chan string +var nonces sync.Map + +func issueNonce(w http.ResponseWriter, r *http.Request) { + b := make([]byte, 16) + _, _ = rand.Read(b) + nonce := base64.RawURLEncoding.EncodeToString(b) + //nonCh <- nonce + nonces.Store(nonce, time.Now()) + + w.Header().Set("Replay-Nonce", nonce) +} + +func requireNonce(next http.HandlerFunc) http.HandlerFunc { + return func(w http.ResponseWriter, r *http.Request) { + nonce := r.Header.Get("Replay-Nonce") + // TODO expire nonces every so often + //t := nonces[nonce] + + if !useNonce(nonce) { + http.Error( + w, + `{ "error": "invalid or expired nonce", "error_code": "ENONCE" }`, + http.StatusBadRequest, + ) + return + } + + issueNonce(w, r) + next(w, r) + } +} + +func checkNonce(nonce string) bool { + var t time.Time + tmp, ok := nonces.Load(nonce) + if ok { + t = tmp.(time.Time) + } + if ok && time.Now().Sub(t) <= 15*time.Minute { + return true + } + return false +} + +func useNonce(nonce string) bool { + if checkNonce(nonce) { + //delete(nonces, nonce) + nonces.Delete(nonce) + return true + } + return false +} diff --git a/mockid/route.go b/mockid/route.go index 63913e5..5dd6127 100644 --- a/mockid/route.go +++ b/mockid/route.go @@ -6,6 +6,7 @@ import ( "crypto/sha512" "encoding/base64" "encoding/json" + "errors" "fmt" "io/ioutil" "log" @@ -23,94 +24,150 @@ import ( "github.com/google/uuid" ) +type HTTPResponse struct { + Error string `json:"error"` + Success bool `json:"success"` +} + // Route returns an HTTP Mux containing the full API func Route(jwksPrefix string, privkey keypairs.PrivateKey) http.Handler { Init() // TODO get from main() - tokPrefix := jwksPrefix + tokenPrefix = jwksPrefix pubkey := keypairs.NewPublicKey(privkey.Public()) - http.HandleFunc("/api/new-nonce", func(w http.ResponseWriter, r *http.Request) { - baseURL := getBaseURL(r) - /* - res.statusCode = 200; - res.setHeader("Cache-Control", "max-age=0, no-cache, no-store"); - // TODO - //res.setHeader("Date", "Sun, 10 Mar 2019 08:04:45 GMT"); - // is this the expiration of the nonce itself? methinks maybe so - //res.setHeader("Expires", "Sun, 10 Mar 2019 08:04:45 GMT"); - // TODO use one of the registered domains - //var indexURL = "https://acme-staging-v02.api.letsencrypt.org/index" - */ - //var port = (state.config.ipc && state.config.ipc.port || state._ipc.port || undefined); - //var indexURL = "http://localhost:" + port + "/index"; - indexURL := baseURL + "/index" + http.HandleFunc("/api/new-hashcash", func(w http.ResponseWriter, r *http.Request) { + if "POST" != r.Method { + http.Error(w, "Method Not Allowed", http.StatusMethodNotAllowed) + return + } + + indexURL := getBaseURL(r) + "/api/directory" w.Header().Set("Link", "<"+indexURL+">;rel=\"index\"") + + w.Header().Set("Date", time.Now().Format(http.TimeFormat)) + // disable caching in every possible way + w.Header().Set("Expires", time.Now().Format(http.TimeFormat)) w.Header().Set("Cache-Control", "max-age=0, no-cache, no-store") w.Header().Set("Pragma", "no-cache") - //res.setHeader("Strict-Transport-Security", "max-age=604800"); + w.Header().Set("Strict-Transport-Security", "max-age=604800") w.Header().Set("X-Frame-Options", "DENY") - issueNonce(w, r) + + h := issueHashcash(w, r) + b, _ := json.Marshal(h) + w.Write(b) }) - http.HandleFunc("/api/new-account", requireNonce(func(w http.ResponseWriter, r *http.Request) { - // Try to decode the request body into the struct. If there is an error, - // respond to the client with the error message and a 400 status code. - data := map[string]string{} - err := json.NewDecoder(r.Body).Decode(&data) - if nil != err { - http.Error(w, err.Error(), http.StatusBadRequest) + http.HandleFunc("/api/new-nonce", requireHashcash(func(w http.ResponseWriter, r *http.Request) { + indexURL := getBaseURL(r) + "/api/directory" + w.Header().Set("Link", "<"+indexURL+">;rel=\"index\"") + + w.Header().Set("Date", time.Now().Format(http.TimeFormat)) + // disable caching in every possible way + w.Header().Set("Expires", time.Now().Format(http.TimeFormat)) + w.Header().Set("Cache-Control", "max-age=0, no-cache, no-store") + w.Header().Set("Pragma", "no-cache") + w.Header().Set("Strict-Transport-Security", "max-age=604800") + + w.Header().Set("X-Frame-Options", "DENY") + + issueNonce(w, r) + })) + + http.HandleFunc("/api/test-hashcash", func(w http.ResponseWriter, r *http.Request) { + if err := UseHashcash(r.Header.Get("Hashcash")); nil != err { + b, _ := json.Marshal(&HTTPResponse{ + Error: err.Error(), + }) + w.Write(b) return } - // TODO check DNS for MX records - parts := strings.Split(data["to"], ", <>\n\r\t") - to := parts[0] - if len(parts) > 1 || !strings.Contains(to, "@") { - http.Error(w, "invalid email address", http.StatusBadRequest) + b, _ := json.Marshal(&HTTPResponse{ + Success: true, + }) + w.Write(b) + }) + + type NewAccount struct { + Contact []string `json:"contact"` + TermsOfServiceAgreed bool `json:"termsOfServiceAgreed"` + } + + http.HandleFunc("/api/new-account", func(w http.ResponseWriter, r *http.Request) { + myURL := getBaseURL(r) + r.URL.Path + + jws := &xkeypairs.JWS{} + + decoder := json.NewDecoder(r.Body) + if err := decoder.Decode(jws); nil != err { + http.Error(w, "Bad Request", http.StatusBadRequest) + return + } + defer r.Body.Close() + + if err := jws.DecodeComponents(); nil != err { + http.Error(w, "Bad Request", http.StatusBadRequest) + fmt.Fprintf(w, `{"error":%q}`+"\n", err) return } - // TODO expect JWK in JWS/JWT - // TODO place validated JWK into file with token - - token, err := uuid.NewRandom() - if nil != err { - // nothing else to do if we run out of random - // or are on a platform that doesn't support random - panic(fmt.Errorf("random bytes read failure: %w", err)) - } - token64 := base64.RawURLEncoding.EncodeToString([]byte(token[:])) - // hash token to prevent fs read timing attacks - hash := sha1.Sum(append(token[:], salt...)) - tokname := base64.RawURLEncoding.EncodeToString(hash[:]) - if err := ioutil.WriteFile( - filepath.Join(tokPrefix, tokname+".tok.txt"), - []byte(`{"comment":"I have no idea..."}`), - os.FileMode(0600), - ); nil != err { - http.Error(w, "database connection failed when writing verification token", http.StatusInternalServerError) + kid, _ := jws.Header["kid"].(string) + if "" != kid { + http.Error(w, "Bad Request", http.StatusBadRequest) + fmt.Fprintf(w, `{"error":"jws must include protected jwk, which is mutually exclusive from kid"}`+"\n") return } - subject := "Verify New Account" - // TODO go tpl - // TODO determine OS and Browser from user agent + + alg, _ := jws.Header["alg"].(string) + if !strings.HasSuffix(alg, "256") { + http.Error(w, "Bad Request", http.StatusBadRequest) + fmt.Fprintf(w, `{"error":"invalid jws protected algorithm"}`+"\n") + return + } + + nonce, _ := jws.Header["nonce"].(string) + if !useNonce(nonce) { + http.Error(w, "Bad Request", http.StatusBadRequest) + fmt.Fprintf(w, `{"error":"invalid jws protected nonce"}`+"\n") + return + } + + jwsURL, _ := jws.Header["url"].(string) + if myURL != jwsURL { + http.Error(w, "Bad Request", http.StatusBadRequest) + fmt.Fprintf(w, `{"error":"invalid jws protected target URL"}`+"\n") + return + } + + ok, err := xkeypairs.VerifyClaims(nil, jws) + if nil != err || !ok { + if nil != err { + log.Printf("jws verify error: %s", err) + } + http.Error(w, "Bad Request", http.StatusBadRequest) + fmt.Fprintf(w, `{"error":"could not verify JWS claims"}`+"\n") + return + } + + contacts, _ := jws.Claims["contact"].([]string) + contact := "" + if 1 == len(contacts) { + contact = contacts[0] + } + baseURL := getBaseURL(r) - text := fmt.Sprintf( - "It looks like you just tried to register a new Pocket ID account.\n\n Verify account: %s/verify/%s\n\nNot you? Just ignore this message.", - baseURL, token64, - ) - _, err = SendSimpleMessage(to, defaultFrom, subject, text, defaultReplyTo) - if nil != err { - // TODO neuter mailgun output - http.Error(w, err.Error(), http.StatusBadRequest) + if err := startVerification(baseURL, contact); nil != err { + http.Error(w, "Bad Request", http.StatusBadRequest) + msg, _ := json.Marshal(err.Error()) + fmt.Fprintf(w, `{"error":%s}`+"\n", msg) return } fmt.Fprintf(w, `{ "success": true, "error": "" }%s`, "\n") - })) + }) // TODO use chi http.HandleFunc("/verify/", requireNonce(func(w http.ResponseWriter, r *http.Request) { @@ -119,24 +176,13 @@ func Route(jwksPrefix string, privkey keypairs.PrivateKey) http.Handler { http.Error(w, "invalid url path", http.StatusBadRequest) return } - token64 := parts[2] - token, err := base64.RawURLEncoding.DecodeString(token64) - if err != nil || 0 == len(token) { - http.Error(w, "invalid url path", http.StatusBadRequest) - return - } - // hash token to prevent fs read timing attacks - hash := sha1.Sum(append(token, salt...)) - tokname := base64.RawURLEncoding.EncodeToString(hash[:]) - tokfile := filepath.Join(tokPrefix, tokname+".tok.txt") - _, err = ioutil.ReadFile(tokfile) - if nil != err { - http.Error(w, "database connection failed when reading verification token", http.StatusInternalServerError) - return - } + token := parts[2] - // TODO promote JWK to public... and related to an ID or email?? - os.Remove(tokfile) + if err := checkOTP(token); nil != err { + http.Error(w, "Internal Server Error", http.StatusInternalServerError) + fmt.Fprintf(w, "%s", err) + return + } fmt.Fprintf(w, `{ "success": true, "error": "" }%s`, "\n") })) @@ -374,6 +420,77 @@ func Route(jwksPrefix string, privkey keypairs.PrivateKey) http.Handler { return http.DefaultServeMux } +var tokenPrefix string + +func newOTP() (string, error) { + rnd, err := uuid.NewRandom() + if nil != err { + // nothing else to do if we run out of random + // or are on a platform that doesn't support random + panic(fmt.Errorf("random bytes read failure: %w", err)) + } + token := base64.RawURLEncoding.EncodeToString(rnd[:]) + + // We hash the random value to prevent DB / FS / compare timing attacks + tokenID := sha1.Sum([]byte(token)) + tokenName := base64.RawURLEncoding.EncodeToString(tokenID[:]) + if err := ioutil.WriteFile( + filepath.Join(tokenPrefix, tokenName+".tok.txt"), + []byte(`{"comment":"TODO: metadata goes here"}`), + // keep it secret, keep it safe + os.FileMode(0600), + ); nil != err { + return "", errors.New("database connection failed when writing verification token") + } + return token, nil +} + +func checkOTP(token string) error { + // We hash the random value to prevent DB / FS / compare timing attacks + tokenID := sha1.Sum([]byte(token)) + tokenName := base64.RawURLEncoding.EncodeToString(tokenID[:]) + tokfile := filepath.Join(tokenPrefix, tokenName+".tok.txt") + if _, err := ioutil.ReadFile(tokfile); nil != err { + return errors.New("database connection failed when reading verification token") + } + + // TODO promote JWK to public... and related to an ID or email?? + _ = os.Remove(tokfile) + return nil +} + +func startVerification(baseURL, contact string) error { + email := strings.Replace(contact, "mailto:", "", -1) + if "" == email { + return errors.New("missing contact:[\"mailto:me@example.com\"]") + } + + // TODO check DNS for MX records + if !strings.Contains(email, "@") || strings.Contains(email, " \t\n") { + return errors.New("invalid email address") + } + + // TODO expect JWK in JWS/JWT + // TODO place validated JWK into file with token + + token, err := newOTP() + if nil != err { + return err + } + subject := "Verify New Account" + // TODO go tpl + // TODO determine OS and Browser from user agent + text := fmt.Sprintf( + "It looks like you just tried to register a new Pocket ID account.\n\n Verify account: %s/verify/%s\n\nNot you? Just ignore this message.", + baseURL, token, + ) + if _, err = SendSimpleMessage(email, defaultFrom, subject, text, defaultReplyTo); nil != err { + return err + } + + return nil +} + func getBaseURL(r *http.Request) string { var scheme string if nil != r.TLS || "https" == r.Header.Get("X-Forwarded-Proto") { diff --git a/vendor/git.rootprojects.org/root/hashcash/.gitignore b/vendor/git.rootprojects.org/root/hashcash/.gitignore new file mode 100644 index 0000000..fdf0efe --- /dev/null +++ b/vendor/git.rootprojects.org/root/hashcash/.gitignore @@ -0,0 +1,19 @@ +cmd/hashcash/hashcash + +# ---> Go +# Binaries for programs and plugins +*.exe +*.exe~ +*.dll +*.so +*.dylib + +# Test binary, built with `go test -c` +*.test + +# Output of the go coverage tool, specifically when used with LiteIDE +*.out + +# Dependency directories (remove the comment below to include it) +# vendor/ + diff --git a/vendor/git.rootprojects.org/root/hashcash/LICENSE b/vendor/git.rootprojects.org/root/hashcash/LICENSE new file mode 100644 index 0000000..09f2798 --- /dev/null +++ b/vendor/git.rootprojects.org/root/hashcash/LICENSE @@ -0,0 +1,312 @@ +Mozilla Public License Version 2.0 + + 1. Definitions + +1.1. "Contributor" means each individual or legal entity that creates, contributes +to the creation of, or owns Covered Software. + +1.2. "Contributor Version" means the combination of the Contributions of others +(if any) used by a Contributor and that particular Contributor's Contribution. + + 1.3. "Contribution" means Covered Software of a particular Contributor. + +1.4. "Covered Software" means Source Code Form to which the initial Contributor +has attached the notice in Exhibit A, the Executable Form of such Source Code +Form, and Modifications of such Source Code Form, in each case including portions +thereof. + + 1.5. "Incompatible With Secondary Licenses" means + +(a) that the initial Contributor has attached the notice described in Exhibit +B to the Covered Software; or + +(b) that the Covered Software was made available under the terms of version +1.1 or earlier of the License, but not also under the terms of a Secondary +License. + +1.6. "Executable Form" means any form of the work other than Source Code Form. + +1.7. "Larger Work" means a work that combines Covered Software with other +material, in a separate file or files, that is not Covered Software. + + 1.8. "License" means this document. + +1.9. "Licensable" means having the right to grant, to the maximum extent possible, +whether at the time of the initial grant or subsequently, any and all of the +rights conveyed by this License. + + 1.10. "Modifications" means any of the following: + +(a) any file in Source Code Form that results from an addition to, deletion +from, or modification of the contents of Covered Software; or + +(b) any new file in Source Code Form that contains any Covered Software. + +1.11. "Patent Claims" of a Contributor means any patent claim(s), including +without limitation, method, process, and apparatus claims, in any patent Licensable +by such Contributor that would be infringed, but for the grant of the License, +by the making, using, selling, offering for sale, having made, import, or +transfer of either its Contributions or its Contributor Version. + +1.12. "Secondary License" means either the GNU General Public License, Version +2.0, the GNU Lesser General Public License, Version 2.1, the GNU Affero General +Public License, Version 3.0, or any later versions of those licenses. + +1.13. "Source Code Form" means the form of the work preferred for making modifications. + +1.14. "You" (or "Your") means an individual or a legal entity exercising rights +under this License. For legal entities, "You" includes any entity that controls, +is controlled by, or is under common control with You. For purposes of this +definition, "control" means (a) the power, direct or indirect, to cause the +direction or management of such entity, whether by contract or otherwise, +or (b) ownership of more than fifty percent (50%) of the outstanding shares +or beneficial ownership of such entity. + + 2. License Grants and Conditions + + 2.1. Grants + +Each Contributor hereby grants You a world-wide, royalty-free, non-exclusive +license: + +(a) under intellectual property rights (other than patent or trademark) Licensable +by such Contributor to use, reproduce, make available, modify, display, perform, +distribute, and otherwise exploit its Contributions, either on an unmodified +basis, with Modifications, or as part of a Larger Work; and + +(b) under Patent Claims of such Contributor to make, use, sell, offer for +sale, have made, import, and otherwise transfer either its Contributions or +its Contributor Version. + + 2.2. Effective Date + +The licenses granted in Section 2.1 with respect to any Contribution become +effective for each Contribution on the date the Contributor first distributes +such Contribution. + + 2.3. Limitations on Grant Scope + +The licenses granted in this Section 2 are the only rights granted under this +License. No additional rights or licenses will be implied from the distribution +or licensing of Covered Software under this License. Notwithstanding Section +2.1(b) above, no patent license is granted by a Contributor: + +(a) for any code that a Contributor has removed from Covered Software; or + +(b) for infringements caused by: (i) Your and any other third party's modifications +of Covered Software, or (ii) the combination of its Contributions with other +software (except as part of its Contributor Version); or + +(c) under Patent Claims infringed by Covered Software in the absence of its +Contributions. + +This License does not grant any rights in the trademarks, service marks, or +logos of any Contributor (except as may be necessary to comply with the notice +requirements in Section 3.4). + + 2.4. Subsequent Licenses + +No Contributor makes additional grants as a result of Your choice to distribute +the Covered Software under a subsequent version of this License (see Section +10.2) or under the terms of a Secondary License (if permitted under the terms +of Section 3.3). + + 2.5. Representation + +Each Contributor represents that the Contributor believes its Contributions +are its original creation(s) or it has sufficient rights to grant the rights +to its Contributions conveyed by this License. + + 2.6. Fair Use + +This License is not intended to limit any rights You have under applicable +copyright doctrines of fair use, fair dealing, or other equivalents. + + 2.7. Conditions + +Sections 3.1, 3.2, 3.3, and 3.4 are conditions of the licenses granted in +Section 2.1. + + 3. Responsibilities + + 3.1. Distribution of Source Form + +All distribution of Covered Software in Source Code Form, including any Modifications +that You create or to which You contribute, must be under the terms of this +License. You must inform recipients that the Source Code Form of the Covered +Software is governed by the terms of this License, and how they can obtain +a copy of this License. You may not attempt to alter or restrict the recipients' +rights in the Source Code Form. + + 3.2. Distribution of Executable Form + + If You distribute Covered Software in Executable Form then: + +(a) such Covered Software must also be made available in Source Code Form, +as described in Section 3.1, and You must inform recipients of the Executable +Form how they can obtain a copy of such Source Code Form by reasonable means +in a timely manner, at a charge no more than the cost of distribution to the +recipient; and + +(b) You may distribute such Executable Form under the terms of this License, +or sublicense it under different terms, provided that the license for the +Executable Form does not attempt to limit or alter the recipients' rights +in the Source Code Form under this License. + + 3.3. Distribution of a Larger Work + +You may create and distribute a Larger Work under terms of Your choice, provided +that You also comply with the requirements of this License for the Covered +Software. If the Larger Work is a combination of Covered Software with a work +governed by one or more Secondary Licenses, and the Covered Software is not +Incompatible With Secondary Licenses, this License permits You to additionally +distribute such Covered Software under the terms of such Secondary License(s), +so that the recipient of the Larger Work may, at their option, further distribute +the Covered Software under the terms of either this License or such Secondary +License(s). + + 3.4. Notices + +You may not remove or alter the substance of any license notices (including +copyright notices, patent notices, disclaimers of warranty, or limitations +of liability) contained within the Source Code Form of the Covered Software, +except that You may alter any license notices to the extent required to remedy +known factual inaccuracies. + + 3.5. Application of Additional Terms + +You may choose to offer, and to charge a fee for, warranty, support, indemnity +or liability obligations to one or more recipients of Covered Software. However, +You may do so only on Your own behalf, and not on behalf of any Contributor. +You must make it absolutely clear that any such warranty, support, indemnity, +or liability obligation is offered by You alone, and You hereby agree to indemnify +every Contributor for any liability incurred by such Contributor as a result +of warranty, support, indemnity or liability terms You offer. You may include +additional disclaimers of warranty and limitations of liability specific to +any jurisdiction. + + 4. Inability to Comply Due to Statute or Regulation + +If it is impossible for You to comply with any of the terms of this License +with respect to some or all of the Covered Software due to statute, judicial +order, or regulation then You must: (a) comply with the terms of this License +to the maximum extent possible; and (b) describe the limitations and the code +they affect. Such description must be placed in a text file included with +all distributions of the Covered Software under this License. Except to the +extent prohibited by statute or regulation, such description must be sufficiently +detailed for a recipient of ordinary skill to be able to understand it. + + 5. Termination + +5.1. The rights granted under this License will terminate automatically if +You fail to comply with any of its terms. However, if You become compliant, +then the rights granted under this License from a particular Contributor are +reinstated (a) provisionally, unless and until such Contributor explicitly +and finally terminates Your grants, and (b) on an ongoing basis, if such Contributor +fails to notify You of the non-compliance by some reasonable means prior to +60 days after You have come back into compliance. Moreover, Your grants from +a particular Contributor are reinstated on an ongoing basis if such Contributor +notifies You of the non-compliance by some reasonable means, this is the first +time You have received notice of non-compliance with this License from such +Contributor, and You become compliant prior to 30 days after Your receipt +of the notice. + +5.2. If You initiate litigation against any entity by asserting a patent infringement +claim (excluding declaratory judgment actions, counter-claims, and cross-claims) +alleging that a Contributor Version directly or indirectly infringes any patent, +then the rights granted to You by any and all Contributors for the Covered +Software under Section 2.1 of this License shall terminate. + +5.3. In the event of termination under Sections 5.1 or 5.2 above, all end +user license agreements (excluding distributors and resellers) which have +been validly granted by You or Your distributors under this License prior +to termination shall survive termination. + + 6. Disclaimer of Warranty + +Covered Software is provided under this License on an "as is" basis, without +warranty of any kind, either expressed, implied, or statutory, including, +without limitation, warranties that the Covered Software is free of defects, +merchantable, fit for a particular purpose or non-infringing. The entire risk +as to the quality and performance of the Covered Software is with You. Should +any Covered Software prove defective in any respect, You (not any Contributor) +assume the cost of any necessary servicing, repair, or correction. This disclaimer +of warranty constitutes an essential part of this License. No use of any Covered +Software is authorized under this License except under this disclaimer. + + 7. Limitation of Liability + +Under no circumstances and under no legal theory, whether tort (including +negligence), contract, or otherwise, shall any Contributor, or anyone who +distributes Covered Software as permitted above, be liable to You for any +direct, indirect, special, incidental, or consequential damages of any character +including, without limitation, damages for lost profits, loss of goodwill, +work stoppage, computer failure or malfunction, or any and all other commercial +damages or losses, even if such party shall have been informed of the possibility +of such damages. This limitation of liability shall not apply to liability +for death or personal injury resulting from such party's negligence to the +extent applicable law prohibits such limitation. Some jurisdictions do not +allow the exclusion or limitation of incidental or consequential damages, +so this exclusion and limitation may not apply to You. + + 8. Litigation + +Any litigation relating to this License may be brought only in the courts +of a jurisdiction where the defendant maintains its principal place of business +and such litigation shall be governed by laws of that jurisdiction, without +reference to its conflict-of-law provisions. Nothing in this Section shall +prevent a party's ability to bring cross-claims or counter-claims. + + 9. Miscellaneous + +This License represents the complete agreement concerning the subject matter +hereof. If any provision of this License is held to be unenforceable, such +provision shall be reformed only to the extent necessary to make it enforceable. +Any law or regulation which provides that the language of a contract shall +be construed against the drafter shall not be used to construe this License +against a Contributor. + + 10. Versions of the License + + 10.1. New Versions + +Mozilla Foundation is the license steward. Except as provided in Section 10.3, +no one other than the license steward has the right to modify or publish new +versions of this License. Each version will be given a distinguishing version +number. + + 10.2. Effect of New Versions + +You may distribute the Covered Software under the terms of the version of +the License under which You originally received the Covered Software, or under +the terms of any subsequent version published by the license steward. + + 10.3. Modified Versions + +If you create software not governed by this License, and you want to create +a new license for such software, you may create and use a modified version +of this License if you rename the license and remove any references to the +name of the license steward (except to note that such modified license differs +from this License). + +10.4. Distributing Source Code Form that is Incompatible With Secondary Licenses + +If You choose to distribute Source Code Form that is Incompatible With Secondary +Licenses under the terms of this version of the License, the notice described +in Exhibit B of this License must be attached. Exhibit A - Source Code Form +License Notice + +This Source Code Form is subject to the terms of the Mozilla Public License, +v. 2.0. If a copy of the MPL was not distributed with this file, You can obtain +one at http://mozilla.org/MPL/2.0/. + +If it is not possible or desirable to put the notice in a particular file, +then You may include the notice in a location (such as a LICENSE file in a +relevant directory) where a recipient would be likely to look for such a notice. + +You may add additional accurate notices of copyright ownership. + +Exhibit B - "Incompatible With Secondary Licenses" Notice + +This Source Code Form is "Incompatible With Secondary Licenses", as defined +by the Mozilla Public License, v. 2.0. diff --git a/vendor/git.rootprojects.org/root/hashcash/README.md b/vendor/git.rootprojects.org/root/hashcash/README.md new file mode 100644 index 0000000..38cdf4c --- /dev/null +++ b/vendor/git.rootprojects.org/root/hashcash/README.md @@ -0,0 +1,41 @@ +# hashcash + +HTTP Hashcash implemented in Go. + +Explanation at https://therootcompany.com/blog/http-hashcash/ + +Go docs at https://godoc.org/git.rootprojects.org/root/hashcash + +# CLI Usage + +Install: + +```bash +go get git.rootprojects.org/root/hashcash/cmd/hashcash +``` + +Usage: + +```txt +Usage: + hashcash new [subject *] [expires in 5m] [difficulty 10] + hashcash parse + hashcash solve + hashcash verify [subject *] +``` + +Example: + +```bash +my_hc=$(hashcash new) +echo New: $my_hc +hashcash parse "$my_hc" +echo "" + +my_hc=$(hashcash solve "$my_hc") +echo Solved: $my_hc +hashcash parse "$my_hc" +echo "" + +hashcash verify "$my_hc" +``` diff --git a/vendor/git.rootprojects.org/root/hashcash/go.mod b/vendor/git.rootprojects.org/root/hashcash/go.mod new file mode 100644 index 0000000..75885ff --- /dev/null +++ b/vendor/git.rootprojects.org/root/hashcash/go.mod @@ -0,0 +1,3 @@ +module git.rootprojects.org/root/hashcash + +go 1.15 diff --git a/vendor/git.rootprojects.org/root/hashcash/hashcash.go b/vendor/git.rootprojects.org/root/hashcash/hashcash.go new file mode 100644 index 0000000..b80b367 --- /dev/null +++ b/vendor/git.rootprojects.org/root/hashcash/hashcash.go @@ -0,0 +1,284 @@ +package hashcash + +import ( + "crypto/rand" + "crypto/sha256" + "encoding/base64" + "encoding/binary" + "errors" + "strconv" + "strings" + "time" +) + +// ErrParse is returned when fewer than 6 or more than 7 segments are split +var ErrParse = errors.New("could not split the hashcash parts") + +// ErrInvalidTag is returned when the Hashcash version is unsupported +var ErrInvalidTag = errors.New("expected tag to be 'H'") + +// ErrInvalidDifficulty is returned when the difficulty is outside of the acceptable range +var ErrInvalidDifficulty = errors.New("the number of bits of difficulty is too low or too high") + +// ErrInvalidDate is returned when the date cannot be parsed as a positive int64 +var ErrInvalidDate = errors.New("invalid date") + +// ErrExpired is returned when the current time is past that of ExpiresAt +var ErrExpired = errors.New("expired hashcash") + +// ErrInvalidSubject is returned when the subject is invalid or does not match that passed to Verify() +var ErrInvalidSubject = errors.New("the subject is invalid or rejected") + +// ErrInvalidNonce is returned when the nonce +//var ErrInvalidNonce = errors.New("the nonce has been used or is invalid") + +// ErrUnsupportedAlgorithm is returned when the given algorithm is not supported +var ErrUnsupportedAlgorithm = errors.New("the given algorithm is invalid or not supported") + +// ErrInvalidSolution is returned when the given hashcash is not properly solved +var ErrInvalidSolution = errors.New("the given solution is not valid") + +// MaxDifficulty is the upper bound for all Solve() operations +var MaxDifficulty = 26 + +// Sep is the separator character to use +var Sep = ":" + +// no milliseconds +//var isoTS = "2006-01-02T15:04:05Z" + +// Hashcash represents a parsed Hashcash string +type Hashcash struct { + Tag string `json:"tag"` // Always "H" for "HTTP" + Difficulty int `json:"difficulty"` // Number of "partial pre-image" (zero) bits in the hashed code + ExpiresAt time.Time `json:"exp"` // The timestamp that the hashcash expires, as seconds since the Unix epoch + Subject string `json:"sub"` // Resource data string being transmitted, e.g., a domain or URL + Nonce string `json:"nonce"` // Unique string of random characters, encoded as url-safe base-64 + Alg string `json:"alg"` // always SHA-256 for now + Solution string `json:"solution"` // Binary counter, encoded as url-safe base-64 +} + +// New returns a Hashcash with reasonable defaults +func New(h Hashcash) *Hashcash { + h.Tag = "H" + + if 0 == h.Difficulty { + // safe for WebCrypto + h.Difficulty = 10 + } + + if h.ExpiresAt.IsZero() { + h.ExpiresAt = time.Now().Add(5 * time.Minute) + } + h.ExpiresAt = h.ExpiresAt.UTC().Truncate(time.Second) + + if "" == h.Subject { + h.Subject = "*" + } + + if "" == h.Nonce { + nonce := make([]byte, 16) + if _, err := rand.Read(nonce); nil != err { + panic(err) + return nil + } + h.Nonce = base64.RawURLEncoding.EncodeToString(nonce) + } + + if "" == h.Alg { + h.Alg = "SHA-256" + } + /* + if "SHA-256" != h.Alg { + // TODO error + } + */ + + return &h +} + +// Parse will (obviously) parse the hashcash string, without verifying any +// of the parameters. +func Parse(hc string) (*Hashcash, error) { + parts := strings.Split(hc, Sep) + n := len(parts) + if n < 6 || n > 7 { + return nil, ErrParse + } + + tag := parts[0] + if "H" != tag { + return nil, ErrInvalidTag + } + + bits, err := strconv.Atoi(parts[1]) + if nil != err || bits < 0 { + return nil, ErrInvalidDifficulty + } + + // Allow empty ExpiresAt + var exp time.Time + if "" != parts[2] { + expAt, err := strconv.ParseInt(parts[2], 10, 64) + if nil != err || expAt < 0 { + return nil, ErrInvalidDate + } + exp = time.Unix(int64(expAt), 0).UTC() + } + + /* + exp, err := time.ParseInLocation(isoTS, parts[2], time.UTC) + if nil != err { + return nil, ErrInvalidDate + } + */ + + sub := parts[3] + + nonce := parts[4] + + alg := parts[5] + + var solution string + if n > 6 { + solution = parts[6] + } + + h := &Hashcash{ + Tag: tag, + Difficulty: bits, + ExpiresAt: exp.UTC().Truncate(time.Second), + Subject: sub, + Nonce: nonce, + Alg: alg, + Solution: solution, + } + + return h, nil +} + +// String will return the formatted Hashcash, omitting the solution if it has not be solved. +func (h *Hashcash) String() string { + var solution string + if "" != h.Solution { + solution = Sep + h.Solution + } + + var expAt string + if !h.ExpiresAt.IsZero() { + expAt = strconv.FormatInt(h.ExpiresAt.UTC().Truncate(time.Second).Unix(), 10) + } + return strings.Join( + []string{ + "H", + strconv.Itoa(h.Difficulty), + //h.ExpiresAt.UTC().Format(isoTS), + expAt, + h.Subject, + h.Nonce, + h.Alg, + }, + Sep, + ) + solution +} + +// Verify the Hashcash based on Difficulty, Algorithm, ExpiresAt, Subject and, +// of course, the Solution and hash. +func (h *Hashcash) Verify(subject string) error { + if h.Difficulty < 0 { + return ErrInvalidDifficulty + } + + if "SHA-256" != h.Alg { + return ErrUnsupportedAlgorithm + } + + if !h.ExpiresAt.IsZero() && h.ExpiresAt.Sub(time.Now()) < 0 { + return ErrExpired + } + + if subject != h.Subject { + return ErrInvalidSubject + } + + bits := h.Difficulty + hash := sha256.Sum256([]byte(h.String())) + n := bits / 8 // 10 / 8 = 1 + m := bits % 8 // 10 % 8 = 2 + if m > 0 { + n++ // 10 bits = 2 bytes + } + + if !verifyBits(hash[:n], bits, n) { + return ErrInvalidSolution + } + return nil +} + +func verifyBits(hash []byte, bits, n int) bool { + for i := 0; i < n; i++ { + if bits > 8 { + bits -= 8 + if 0 != hash[i] { + return false + } + continue + } + + // (bits % 8) == bits + pad := 8 - bits + if 0 != hash[i]>>pad { + return false + } + + return true + } + + // 0 == bits + return true +} + +// Solve will search for a solution, returning an error if the difficulty is +// above the local or global MaxDifficulty, the Algorithm is unsupported. +func (h *Hashcash) Solve(maxDifficulty int) error { + if "SHA-256" != h.Alg { + return ErrUnsupportedAlgorithm + } + + if h.Difficulty < 0 { + return ErrInvalidDifficulty + } + + if h.Difficulty > maxDifficulty || h.Difficulty > MaxDifficulty { + return ErrInvalidDifficulty + } + + if "" != h.Solution { + if nil == h.Verify(h.Subject) { + return nil + } + h.Solution = "" + } + + hashcash := h.String() + bits := h.Difficulty + n := bits / 8 // 10 / 8 = 1 + m := bits % 8 // 10 % 8 = 2 + if m > 0 { + n++ // 10 bits = 2 bytes + } + + var solution uint32 = 0 + sb := make([]byte, 4) + for { + // Note: it's not actually important what method of change or encoding is used + // but incrementing by 1 on an int32 is good enough, and makes for a small base64 encoding + binary.LittleEndian.PutUint32(sb, solution) + h.Solution = base64.RawURLEncoding.EncodeToString(sb) + hash := sha256.Sum256([]byte(hashcash + Sep + h.Solution)) + if verifyBits(hash[:n], bits, n) { + return nil + } + solution++ + } +} diff --git a/vendor/modules.txt b/vendor/modules.txt index 16f1a96..e29e369 100644 --- a/vendor/modules.txt +++ b/vendor/modules.txt @@ -1,3 +1,5 @@ +# git.rootprojects.org/root/hashcash v1.0.1 +git.rootprojects.org/root/hashcash # git.rootprojects.org/root/keypairs v0.5.2 git.rootprojects.org/root/keypairs git.rootprojects.org/root/keypairs/keyfetch diff --git a/xkeypairs/jose.go b/xkeypairs/jose.go new file mode 100644 index 0000000..d2c5706 --- /dev/null +++ b/xkeypairs/jose.go @@ -0,0 +1,46 @@ +package xkeypairs + +import ( + "encoding/base64" + "encoding/json" + "errors" +) + +func (jws *JWS) DecodeComponents() error { + protected, err := base64.RawURLEncoding.DecodeString(jws.Protected) + if nil != err { + return errors.New("invalid JWS header base64Url encoding") + } + if err := json.Unmarshal([]byte(protected), &jws.Header); nil != err { + return errors.New("invalid JWS header") + } + + payload, err := base64.RawURLEncoding.DecodeString(jws.Payload) + if nil != err { + return errors.New("invalid JWS payload base64Url encoding") + } + if err := json.Unmarshal([]byte(payload), &jws.Claims); nil != err { + return errors.New("invalid JWS claims") + } + + return nil +} + +/* +func Decode(msg string) (*JWS, error) { + jws := &JWS{} + + decoder := json.NewDecoder(r.Body) + err := decoder.Decode(jws) + return jws, err +} + +func Unmarshal(msg string) (*JWS, error) { + jws := &JWS{} + + if err := json.Unmarshal([]byte(msg), jws); nil != err { + return nil, err + } + return jws, nil +} +*/