Skip to content
This repository has been archived by the owner on Apr 5, 2023. It is now read-only.

feat: router creates its own orb DID for didcomm v2 #86

Merged
merged 1 commit into from
Jan 10, 2022
Merged

feat: router creates its own orb DID for didcomm v2 #86

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
1 commit
Select commit
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
11 changes: 5 additions & 6 deletions cmd/hub-router/go.mod
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -7,16 +7,15 @@ module github.com/trustbloc/hub-router/cmd/hub-router
go 1.15

require (
github.com/cenkalti/backoff/v4 v4.1.1
github.com/gorilla/mux v1.7.4
github.com/cenkalti/backoff/v4 v4.1.2
github.com/gorilla/mux v1.8.0
github.com/hyperledger/aries-framework-go v0.1.8-0.20211231170827-1f7d634dfcec
github.com/hyperledger/aries-framework-go-ext/component/storage/mongodb v0.0.0-20210913191140-6a8013cdda32
github.com/hyperledger/aries-framework-go-ext/component/storage/mysql v0.0.0-20210813123233-e22ddceee0b1
github.com/hyperledger/aries-framework-go-ext/component/storage/mongodb v0.0.0-20211219215001-23cd75276fdc
github.com/hyperledger/aries-framework-go/component/storageutil v0.0.0-20211020135731-5ab9da9e29ab
github.com/hyperledger/aries-framework-go/spi v0.0.0-20211020135731-5ab9da9e29ab
github.com/hyperledger/aries-framework-go/spi v0.0.0-20211206182816-9cdcbcd09dc2
github.com/phayes/freeport v0.0.0-20180830031419-95f893ade6f2
github.com/rs/cors v1.7.0
github.com/spf13/cobra v1.0.0
github.com/spf13/cobra v1.1.3
github.com/stretchr/testify v1.7.0
github.com/trustbloc/edge-core v0.1.7
github.com/trustbloc/hub-router v0.0.0-00010101000000-000000000000
Expand Down
651 changes: 618 additions & 33 deletions cmd/hub-router/go.sum
View file
Open in desktop

Large diffs are not rendered by default.

191 changes: 156 additions & 35 deletions cmd/hub-router/startcmd/start.go
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -18,10 +18,9 @@ import (
"github.com/cenkalti/backoff/v4"
"github.com/gorilla/mux"
"github.com/hyperledger/aries-framework-go-ext/component/storage/mongodb"
"github.com/hyperledger/aries-framework-go-ext/component/storage/mysql"
"github.com/hyperledger/aries-framework-go/component/storageutil/mem"
arieslog "github.com/hyperledger/aries-framework-go/pkg/common/log"
"github.com/hyperledger/aries-framework-go/pkg/controller/rest/kms"
kmsrest "github.com/hyperledger/aries-framework-go/pkg/controller/rest/kms"
"github.com/hyperledger/aries-framework-go/pkg/didcomm/messaging/msghandler"
"github.com/hyperledger/aries-framework-go/pkg/didcomm/packer"
"github.com/hyperledger/aries-framework-go/pkg/didcomm/packer/anoncrypt"
Expand All @@ -33,13 +32,16 @@ import (
"github.com/hyperledger/aries-framework-go/pkg/framework/aries"
"github.com/hyperledger/aries-framework-go/pkg/framework/aries/api"
"github.com/hyperledger/aries-framework-go/pkg/framework/aries/defaults"
"github.com/hyperledger/aries-framework-go/pkg/framework/context"
"github.com/hyperledger/aries-framework-go/pkg/kms"
"github.com/hyperledger/aries-framework-go/spi/storage"
"github.com/rs/cors"
"github.com/spf13/cobra"
"github.com/trustbloc/edge-core/pkg/log"
cmdutils "github.com/trustbloc/edge-core/pkg/utils/cmd"
tlsutils "github.com/trustbloc/edge-core/pkg/utils/tls"

hubaries "github.com/trustbloc/hub-router/pkg/aries"
"github.com/trustbloc/hub-router/pkg/restapi/operation"
)

Expand Down Expand Up @@ -99,11 +101,38 @@ const (
tlsServeKeyPathFlagUsage = "Path to the private key to use when serving HTTPS." +
" Alternatively, this can be set with the following environment variable: " + tlsServeKeyPathFlagEnvKey
tlsServeKeyPathFlagEnvKey = "HUB_ROUTER_TLS_SERVE_KEY"
)

// DIDComm config.
const (
didcommV2FlagName = "use-didcomm-v2"
didcommV2FlagUsage = "Use DIDComm V2. Possible values [true] [false]. Defaults to false if not set." +
" Alternatively, this can be set with the following environment variable: " + didcommV2EnvKey
didcommV2EnvKey = "USE_DIDCOMM_V2"
didcommV2EnvKey = "HUB_ROUTER_DIDCOMM_V2"

// default verification key type flag.
keyTypeFlagName = "key-type"
keyTypeEnvKey = "HUB_ROUTER_KEY_TYPE"
keyTypeUsage = "Default key type for router." +
" This flag sets the verification (and for DIDComm V1 encryption as well) key type used for key creation " +
"in the router. Alternatively, this can be set with the following environment variable: " +
keyTypeEnvKey

// default key agreement type flag.
keyAgreementTypeFlagName = "key-agreement-type"
keyAgreementTypeEnvKey = "HUB_ROUTER_KEY_AGREEMENT_TYPE"
keyAgreementTypeUsage = "Default key agreement type for router." +
" Default encryption (used in DIDComm V2) key type used for key agreement creation in the router." +
" Alternatively, this can be set with the following environment variable: " +
keyAgreementTypeEnvKey
)

// Public DID config
const (
orbDomainsFlagName = "orb-domains"
orbDomainsFlagUsage = "Comma-separated list of orb DID domains." +
" Alternatively, this can be set with the following environment variable: " + orbDomainsEnvKey
orbDomainsEnvKey = "HUB_ROUTER_ORB_DOMAINS"
)

// Storage config.
Expand All @@ -113,18 +142,16 @@ const (
datasourcePersistentFlagName = "dsn-p"
datasourcePersistentFlagUsage = "Persistent datasource Name with credentials if required." +
" Format must be <driver>:[//]<driver-specific-dsn>." +
" Examples: 'mysql://root:secret@tcp(localhost:3306)/hubrouter', 'mem://test'," +
" 'mongodb://mongodb.example.com:27017'." +
" Supported drivers are [mem, mysql, mongodb]." +
" Examples: 'mongodb://mongodb.example.com:27017'." +
" Supported drivers are [mem, mongodb]." +
" Alternatively, this can be set with the following environment variable: " + datasourcePersistentEnvKey
datasourcePersistentEnvKey = "HUB_ROUTER_DSN_PERSISTENT"

datasourceTransientFlagName = "dsn-t"
datasourceTransientFlagUsage = "Datasource Name with credentials if required." +
" Format must be <driver>:[//]<driver-specific-dsn>." +
" Examples: 'mysql://root:secret@tcp(localhost:3306)/hubrouter', 'mem://test'," +
" 'mongodb://mongodb.example.com:27017'." +
" Supported drivers are [mem, mysql, mongodb]." +
" Examples: 'mongodb://mongodb.example.com:27017'." +
" Supported drivers are [mem, mongodb]." +
" Alternatively, this can be set with the following environment variable: " + datasourceTransientEnvKey
datasourceTransientEnvKey = "HUB_ROUTER_DSN_TRANSIENT"

Expand Down Expand Up @@ -152,17 +179,13 @@ const (
// Database types.
const (
databaseTypeMemOption = "mem"
databaseTypeMySQLOption = "mysql"
databaseTypeMongoDBOption = "mongodb"
)

var logger = log.New("hub-router")

// nolint:gochecknoglobals // we map the <driver> portion of datasource URLs to this map's keys
var supportedStorageProviders = map[string]func(string, string) (storage.Provider, error){
databaseTypeMySQLOption: func(dsn, prefix string) (storage.Provider, error) {
return mysql.NewProvider(dsn, mysql.WithDBPrefix(prefix))
},
databaseTypeMemOption: func(
_, _ string) (storage.Provider, error) { // nolint:unparam // memstorage provider never returns error
return mem.NewProvider(), nil
Expand All @@ -185,6 +208,8 @@ type didCommParameters struct {
wsHostInternal string
wsHostExternal string
useDIDCommV2 bool
keyType string
keyAgreementType string
}

type datasourceParams struct {
Expand All @@ -194,10 +219,15 @@ type datasourceParams struct {
}

type hubRouterParameters struct {
hostURL string
tlsParams *tlsParameters
datasourceParams *datasourceParams
didCommParameters *didCommParameters
hostURL string
tlsParams *tlsParameters
datasourceParams *datasourceParams
didCommParameters *didCommParameters
orbClientParameters *orbClientParameters
}

type orbClientParameters struct {
domains []string
}

type server interface {
Expand Down Expand Up @@ -260,6 +290,11 @@ func createFlags(startCmd *cobra.Command) {
startCmd.Flags().StringP(didCommWSHostFlagName, "", "", didCommWSHostFlagUsage)
startCmd.Flags().StringP(didCommWSHostExternalFlagName, "", "", didCommWSHostExternalFlagUsage)
startCmd.Flags().StringP(didcommV2FlagName, "", "", didcommV2FlagUsage)
startCmd.Flags().StringP(keyTypeFlagName, "", "", keyTypeUsage)
startCmd.Flags().StringP(keyAgreementTypeFlagName, "", "", keyAgreementTypeUsage)

// orb client
startCmd.Flags().StringArrayP(orbDomainsFlagName, "", []string{}, orbDomainsFlagUsage)

startCmd.Flags().StringP(logLevelFlagName, "", "INFO", logLevelFlagUsage)
}
Expand All @@ -286,6 +321,11 @@ func getHubRouterParameters(cmd *cobra.Command) (*hubRouterParameters, error) {
return nil, err
}

orbParams, err := getOrbClientParameters(cmd)
if err != nil {
return nil, err
}

logLevel, err := cmdutils.GetUserSetVarFromString(cmd, logLevelFlagName, logLevelEnvKey, true)
if err != nil {
return nil, err
Expand All @@ -303,10 +343,11 @@ func getHubRouterParameters(cmd *cobra.Command) (*hubRouterParameters, error) {
logger.Infof("logger level set to %s", logLevel)

return &hubRouterParameters{
hostURL: hostURL,
tlsParams: tlsParams,
datasourceParams: dsParams,
didCommParameters: didCommParameters,
hostURL: hostURL,
tlsParams: tlsParams,
datasourceParams: dsParams,
didCommParameters: didCommParameters,
orbClientParameters: orbParams,
}, nil
}

Expand Down Expand Up @@ -409,6 +450,16 @@ func getDIDCommParams(cmd *cobra.Command) (*didCommParameters, error) {
return nil, err
}

keyType, err := cmdutils.GetUserSetVarFromString(cmd, keyTypeFlagName, keyTypeEnvKey, true)
if err != nil {
return nil, err
}

keyAgreementType, err := cmdutils.GetUserSetVarFromString(cmd, keyAgreementTypeFlagName, keyAgreementTypeEnvKey, true)
if err != nil {
return nil, err
}

useDIDCommV2String, err := cmdutils.GetUserSetVarFromString(cmd, didcommV2FlagName, didcommV2EnvKey, true)
if err != nil {
return nil, err
Expand All @@ -429,6 +480,20 @@ func getDIDCommParams(cmd *cobra.Command) (*didCommParameters, error) {
wsHostInternal: wsHostInternal,
wsHostExternal: wsHostExternal,
useDIDCommV2: useDIDCommV2,
keyType: keyType,
keyAgreementType: keyAgreementType,
}, nil
}

func getOrbClientParameters(cmd *cobra.Command) (*orbClientParameters, error) {
orbDomains, err := cmdutils.GetUserSetVarFromArrayString(cmd, orbDomainsFlagName,
orbDomainsEnvKey, false)
if err != nil {
return nil, err
}

return &orbClientParameters{
domains: orbDomains,
}, nil
}

Expand Down Expand Up @@ -463,7 +528,8 @@ func setAriesFrameworkLogLevel(logLevel string) error {
return nil
}

func startHubRouter(params *hubRouterParameters, srv server) error {
func startHubRouter( // nolint:gocyclo // initialization apart from aries
params *hubRouterParameters, srv server) error {
switch {
case params.tlsParams.serveCertPath != "" && params.tlsParams.serveKeyPath == "":
return errors.New("cert path and key path are mandatory : missing key path")
Expand All @@ -478,14 +544,41 @@ func startHubRouter(params *hubRouterParameters, srv server) error {

msgRegistrar := msghandler.NewRegistrar()

framework, err := createAriesAgent(params, &tls.Config{RootCAs: rootCAs, MinVersion: tls.VersionTLS12}, msgRegistrar)
tlsConfig := &tls.Config{RootCAs: rootCAs, MinVersion: tls.VersionTLS12}

framework, err := createAriesAgent(params, tlsConfig, msgRegistrar)
if err != nil {
return err
}

ctx, err := framework.Context()
if err != nil {
return fmt.Errorf("aries-framework - get aries context : %w", err)
}

publicDID := ""

if params.didCommParameters.useDIDCommV2 {
didCommEndpoint := params.didCommParameters.httpHostExternal
if didCommEndpoint == "" {
didCommEndpoint = params.didCommParameters.httpHostInternal
}

res, e := hubaries.GetPublicDID(ctx, &hubaries.PublicDIDConfig{
TLSConfig: tlsConfig,
OrbDomains: params.orbClientParameters.domains,
DIDCommEndPoint: didCommEndpoint,
})
if e != nil {
return fmt.Errorf("creating public DID: %w", e)
}

publicDID = res
}

router := mux.NewRouter()

err = addHandlers(params, framework, router, msgRegistrar)
err = addHandlers(params, ctx, router, msgRegistrar, publicDID)
if err != nil {
return fmt.Errorf("failed to add handlers: %w", err)
}
Expand All @@ -512,32 +605,28 @@ func serveHubRouter(params *hubRouterParameters, srv server, router http.Handler
)
}

func addHandlers(params *hubRouterParameters, framework *aries.Aries, router *mux.Router,
msgRegistrar *msghandler.Registrar) error {
func addHandlers(params *hubRouterParameters, ctx *context.Provider, router *mux.Router,
msgRegistrar *msghandler.Registrar, publicDID string) error {
store, tStore, err := initStores(params.datasourceParams, "", "_txn")
if err != nil {
return err
}

ctx, err := framework.Context()
if err != nil {
return fmt.Errorf("aries-framework - get aries context : %w", err)
}

o, err := operation.New(&operation.Config{
Aries: ctx,
AriesMessenger: framework.Messenger(),
AriesMessenger: ctx.Messenger(),
MsgRegistrar: msgRegistrar,
Storage: &operation.Storage{
Persistent: store,
Transient: tStore,
},
PublicDID: publicDID,
})
if err != nil {
return fmt.Errorf("add operation handlers: %w", err)
}

kmsHandlers := kms.New(ctx).GetRESTHandlers()
kmsHandlers := kmsrest.New(ctx).GetRESTHandlers()

handlers := o.GetRESTHandlers()

Expand All @@ -552,8 +641,30 @@ func addHandlers(params *hubRouterParameters, framework *aries.Aries, router *mu
return nil
}

func createAriesAgent(parameters *hubRouterParameters, tlsConfig *tls.Config,
msgRegistrar api.MessageServiceProvider) (*aries.Aries, error) {
var (
//nolint:gochecknoglobals // translation tables copied from afgo for consistency
keyTypes = map[string]kms.KeyType{
"ed25519": kms.ED25519Type,
"ecdsap256ieee1363": kms.ECDSAP256TypeIEEEP1363,
"ecdsap256der": kms.ECDSAP256TypeDER,
"ecdsap384ieee1363": kms.ECDSAP384TypeIEEEP1363,
"ecdsap384der": kms.ECDSAP384TypeDER,
"ecdsap521ieee1363": kms.ECDSAP521TypeIEEEP1363,
"ecdsap521der": kms.ECDSAP521TypeDER,
}

//nolint:gochecknoglobals // translation tables copied from afgo for consistency
keyAgreementTypes = map[string]kms.KeyType{
"x25519kw": kms.X25519ECDHKWType,
"p256kw": kms.NISTP256ECDHKWType,
"p384kw": kms.NISTP384ECDHKWType,
"p521kw": kms.NISTP521ECDHKWType,
}
)

func createAriesAgent( // nolint:funlen // contains all aries initialization
parameters *hubRouterParameters, tlsConfig *tls.Config, msgRegistrar api.MessageServiceProvider,
) (*aries.Aries, error) {
store, tStore, err := initStores(parameters.datasourceParams, "_aries", "_ariesps")
if err != nil {
return nil, fmt.Errorf("init storage: %w", err)
Expand Down Expand Up @@ -587,6 +698,16 @@ func createAriesAgent(parameters *hubRouterParameters, tlsConfig *tls.Config,
inboundWSTransportOpt,
aries.WithOutboundTransports(outboundHTTP, outboundWS),
aries.WithMessageServiceProvider(msgRegistrar),
aries.WithKeyType(kms.ECDSAP256TypeIEEEP1363),
aries.WithKeyAgreementType(kms.NISTP256ECDHKWType),
}

if kt, ok := keyTypes[parameters.didCommParameters.keyType]; ok {
opts = append(opts, aries.WithKeyType(kt))
}

if kat, ok := keyAgreementTypes[parameters.didCommParameters.keyAgreementType]; ok {
opts = append(opts, aries.WithKeyAgreementType(kat))
}

if parameters.didCommParameters.useDIDCommV2 {
Expand Down
Loading