-
Notifications
You must be signed in to change notification settings - Fork 15
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Update of the wallet provider APIs / Initalisation, authentication and configuration update #2704
Comments
I think using bearer tokens force to perform authorization at each signature, since we do not have an OAuth server that would help to obtain such tokens, using the instance key pair for authorization would be better. The securitization of the endpoints may be made using DPoP at first, adding the pin code later on. https://datatracker.ietf.org/doc/html/rfc9449 making the requests looking like:
where the DPoP would be signed with the instance private key and verified with the public key obtained while performing the wallet attestation flow. The payload of the DPoP looking like:
We would even add the salted pin code to this which would help by having a second factor. The wallet attestation flow is from a standard, we should keep it as close to the specification as possible. |
utiliser une autre clé que celle de l attestation pour l'authentificaion au portail |
remove the basic aith as the login/password could be changed by user with wallet |
Probleme du GUEST |
IN PROGRESS
This ticket is the first of a series to improve the current APIs between the wallet and the wallet provider back end with a 2FA authentication and allow the use of remote keys (HSM). Wallet uses a long life hardware key as first factor and a derivation of the user PIN as a second factor. In this process the wallet is not considered as a trusty device from the wallet provider standpoint and so after the initialization process, the PIN code is checked by the wallet provider back end for each authentication.
Generally speaking different keys are used in the wallet :
For this implementation, wallet attestation key will be a P-256 hardware device key.
The APIs specified in this ticket are :
Other tickets specify other APIs :
User can log as GUEST and in that case the login is an email starting with "guest@". As GUEST, user cannot access the following APIs :
Check the different flows https://swimlanes.io/u/Rt5vg-FWI
User initializes the wallet
Example :
configuration://[email protected]&password=KJHGFT&walett-provider=https://wlallet-provider.talao.co
Password will be only used in this initialisation process but wallet provider URL and login must be saved and attached to the wallet instance life time.
This API is opened to GUESTs.
From the wallet provider standpoint the nonce is the session identifier, the lifetime of the nonce is no more than 20 sec. The nonce is a 32 bytes random. This endpoint is exposed by the wallet provider back end without any protection but eventually with a rate limit.
response is a json
For this process PIN code is checked by the wallet to be sure it is the PIN code of the app.
Parameters are added to the body of the POST request.
Wallet generates a hardware P-256 key from the device secure element to manage the authentication with the wallet provider back end. This key is attached to the wallet instance life time. It will be used later to get a token each time the wallet needs to access the wallet provider back end. The pub key is transferred in the
jwk
attribute of the body of the call.Wallet generates a salt as a 32 bytes random stored in the secure storage and attached to the wallet instance life time.
The PIN code + salt are concatenated and hashed (sha256) then added to the wallet assertion as '
salted_pin_code
. It will be necessary to recalculate the salted_pin_code each time it is needed.Wallet generates a wallet attestation P-256 hardware key from the device secure element. This key certificate is provided by the secure element and added as
key_attestation
. This key is not attached to the wallet instance life time as the wallet can generate a new attestation if needed.The
login
andpassword
of the initial QR code are provided. Password does not need to be stored in the wallet as it could be updated later on directly in the wallet provider back end by the user.Example of the call
In response wallet receives the wallet attestation and the wallet configuration in a json :
The configuration is a jwt signed by the wallet provider back end.
The configuration file has a new attribute
walletFor
to specify if the wallet is used as an individual wallet (default as today) or a business wallet."walletFor": "np" for natural person (individual wallet)
"walletFor": "lp" for legal person (business wallet)
Example of an extract of configuration file:
For Business wallets (legal person) the data needed for the wallet is provided in the
companySignature
nested json of the configuration fileExample of an extract of the configuration file for a company using a DID on Ethereum
Example of an extract of the configuration file for a company using a HSM key
The wallet attestation is a jwt signed by the wallet provider back end.
Example of a wallet attestation signed by the wallet provider backend.
Wallet provider back end must check login/password of the user and associate hardware key for authentication and salted PIN code to the user data.
Wallet authenticates with the wallet provider backend
This API is opened to GUESTs.
Wallet requests to user the PIN code
Wallet calls the token endpoint
Wallet uses client_secret_jwt method to authenticate see https://datatracker.ietf.org/doc/html/rfc7523 to get a bearer token bound to the wallet provider authentication key. The jwt is called assertion below and provides the hardware key as first factor and the salted pin code for second factor.
Wallet uses the hardware P-256 key generated at initialisation to manage the authentication with the wallet provider back end. It will be used to get a token each time the wallet needs to access the wallet provider back end services. The token issued through this endpoint is bound to that key for future use. This key is the attribute
jwk
of the assertion payload. The assertion is signed with this key through the secure element of the smartphone.The PIN code + salt is transformed by sha256 and added to the wallet assertion '
salted_pin_code
as previously. The salted pin code is not stored in the wallet.The user login is passed in the assertion, password is not needed.
The life time of the assertion is no more than 10 sec (exp - iat).
Example of an assertion payload and header
Wallet receives a short life bearer token bound to its key. The life time of the token is 5 minutes.
NB : if the token is a jwt it must be encrypted (jwe).
If the salted_pin_code or authentication key do not fit with what has been stored the user data base at initialisation, the token endpoint return a 401 unauthorized response. User can make 3 trials maximum with new PIN code.
For GUEST, the wallet provider back end does not need to check the salted_pin_code and authentication key as they are not stored but the issued token will be restricted to a few APIs.
User updates wallet configuration
This API is opened to GUESTs.
DPoP (Demonstrating Proof of Possession) is a jwt transferred through the header of the POST request. It is used to avoid a leak of the access token as it proves that the wallet still owns the key attached to the Bearer token.
DPoP life time is very short (10 sec). DPoP is recalculated each time as it is single use.
See DPoP specifications if needed : https://www.rfc-editor.org/rfc/rfc9449.html
DPoP specific attributes :
jwk
: the key used to get the token (wallet provider back end authentication key)htm
: "POST"htu
: url of the endpoint (https://wallet-provider.talao.co/update-configuration)ath
: the sha256 hash of the access tokenDPoP is signed by the wallet provider back end authentication key.
Example of the DPoP :
No data are transferred in the body of the call for this endpoint.
Example of the call to the update-configuration endpoint :
Wallet provider back end responds with new configuration (200) or unauthorized (401) .
Example :
Wallet applies the new configuration.
The text was updated successfully, but these errors were encountered: