Skip to content

Commit

Permalink
refactor: provide service with ready to use keys
Browse files Browse the repository at this point in the history
  • Loading branch information
@jilio
jilio committed Oct 1, 2024
1 parent 7c9a20e commit 67631a4
Show file tree
Hide file tree
Showing 2 changed files with 43 additions and 54 deletions.
45 changes: 41 additions & 4 deletions cmd/api/main.go
View file
Original file line number Diff line number Diff line change
Expand Up @@ -2,14 +2,20 @@ package main

import (
"context"
"crypto/ecdsa"
"encoding/hex"
"errors"
"fmt"
"io/fs"
"net/http"
"os"
"os/signal"
"syscall"

"github.com/dgraph-io/badger/v4"
"github.com/ethereum/go-ethereum/crypto"
"github.com/galactica-corp/guardians-sdk/pkg/keymanagement"
"github.com/iden3/go-iden3-crypto/babyjub"
"github.com/joho/godotenv"
log "github.com/sirupsen/logrus"
"gopkg.in/yaml.v3"
Expand Down Expand Up @@ -38,8 +44,8 @@ func main() {
}

configPath := os.Getenv("CONFIG_PATH")
privKey := os.Getenv("PRIVATE_KEY")
signingKey := os.Getenv("SIGNING_KEY")
ethereumPrivateKey := os.Getenv("PRIVATE_KEY")
certSigningKey := os.Getenv("SIGNING_KEY")

yamlFile, err := os.ReadFile(configPath)
if err != nil {
Expand All @@ -52,13 +58,23 @@ func main() {
log.Fatalf("unmarshal: %v", err)
}

providerKey, err := crypto.HexToECDSA(ethereumPrivateKey)
if err != nil {
log.Fatalf("prepare provider key: %v", err)
}

signingKey, err := prepareBabyJubSigningKey(certSigningKey, providerKey)
if err != nil {
log.Fatalf("prepare signing key: %v", err)
}

certGenerator, err := zkcert.NewService(
privKey,
providerKey,
signingKey,
cfg.RegistryAddress,
cfg.Node,
cfg.MerkleProofService.URL,
cfg.MerkleProofService.TLS,
signingKey,
)
if err != nil {
log.Fatalf("failed to create cert generator %v", err)
Expand Down Expand Up @@ -97,3 +113,24 @@ func main() {
<-waiting
log.Info("🏁 finished.")
}

func prepareBabyJubSigningKey(certSigningKey string, privateKey *ecdsa.PrivateKey) (babyjub.PrivateKey, error) {
var signingKey babyjub.PrivateKey
if certSigningKey != "" {
keyBytes, err := hex.DecodeString(certSigningKey)
if err != nil {
return signingKey, fmt.Errorf("invalid hex string: %w", err)
}
if len(keyBytes) != 32 {
return signingKey, fmt.Errorf("invalid key length: expected 32 bytes, got %d", len(keyBytes))
}
copy(signingKey[:], keyBytes)
} else {
var err error
signingKey, err = keymanagement.DeriveEdDSAKeyFromEthereumPrivateKey(privateKey)
if err != nil {
return signingKey, fmt.Errorf("inferring signing key: %w", err)
}
}
return signingKey, nil
}
52 changes: 2 additions & 50 deletions internal/zkcert/generator.go
View file
Original file line number Diff line number Diff line change
Expand Up @@ -4,7 +4,6 @@ import (
"context"
"crypto/ecdsa"
"crypto/rand"
"encoding/hex"
"errors"
"fmt"
"math"
Expand Down Expand Up @@ -38,12 +37,12 @@ type Service struct {
}

func NewService(
ethereumPrivateKey string,
providerKey *ecdsa.PrivateKey,
signingKey babyjub.PrivateKey,
registryAddress common.Address,
rpcURL string,
merkleProofURL string,
merkleProofTLS bool,
certSigningKey string,
) (*Service, error) {
ctx, cancel := context.WithTimeout(context.Background(), 2*time.Minute)
defer cancel()
Expand All @@ -63,16 +62,6 @@ func NewService(
return nil, fmt.Errorf("load record registry: %w", err)
}

providerKey, err := crypto.HexToECDSA(ethereumPrivateKey)
if err != nil {
return nil, fmt.Errorf("prepare provider key: %w", err)
}

signingKey, err := prepareBabyJubSigningKey(certSigningKey, ethereumPrivateKey)
if err != nil {
return nil, fmt.Errorf("prepare signing key: %w", err)
}

taskQueue := tq.NewQueue(100)

return &Service{
Expand Down Expand Up @@ -352,40 +341,3 @@ func generateRandomSalt() (int64, error) {

return randomSalt, nil
}

func inferBabyJubSigningKeyFromEthereumPrivateKey(ethereumPrivateKey string) (babyjub.PrivateKey, error) {
privateKey := []byte(ethereumPrivateKey)
res := make([]byte, hex.DecodedLen(len(privateKey)))

var byteErr hex.InvalidByteError
if _, err := hex.Decode(res, privateKey); errors.As(err, &byteErr) {
return babyjub.PrivateKey{}, fmt.Errorf("invalid hex character %q in private key", byte(byteErr))
} else if err != nil {
return babyjub.PrivateKey{}, errors.New("invalid hex data for private key")
}

signingKey := babyjub.PrivateKey(res)

return signingKey, nil
}

func prepareBabyJubSigningKey(certSigningKey string, ethereumPrivateKey string) (babyjub.PrivateKey, error) {
var signingKey babyjub.PrivateKey
if certSigningKey != "" {
keyBytes, err := hex.DecodeString(certSigningKey)
if err != nil {
return signingKey, fmt.Errorf("invalid hex string: %w", err)
}
if len(keyBytes) != 32 {
return signingKey, fmt.Errorf("invalid key length: expected 32 bytes, got %d", len(keyBytes))
}
copy(signingKey[:], keyBytes)
} else {
var err error
signingKey, err = inferBabyJubSigningKeyFromEthereumPrivateKey(ethereumPrivateKey)
if err != nil {
return signingKey, fmt.Errorf("inferring signing key: %w", err)
}
}
return signingKey, nil
}

0 comments on commit 67631a4

Please sign in to comment.