feat: setup hw crypto (#295)

* feat: setup hw crypto

* feat: signing logic

* feat: run formatter

Author: sosweetham

infrastructure/eid-wallet/src/routes/(app)/sign/+page.svelte

@@ -1,10 +1,11 @@
 <script lang="ts">
 import { goto } from "$app/navigation";
-import { onMount, getContext } from "svelte";
 import AppNav from "$lib/fragments/AppNav/AppNav.svelte";
 import type { GlobalState } from "$lib/global";
 import { Drawer } from "$lib/ui";
 import * as Button from "$lib/ui/Button";
+import { exists, signPayload } from "@auvo/tauri-plugin-crypto-hw-api";
+import { getContext, onMount } from "svelte";
 
 const globalState = getContext<() => GlobalState>("globalState")();
 
@@ -15,7 +16,14 @@ interface SigningData {
 }
 
 let signingData: SigningData | null = $state(null);
-let decodedData: any = $state(null);
+let decodedData: {
+    pollId: string;
+    voteData: {
+        optionId?: number;
+        ranks?: Record<string, number>;
+    };
+    userId: string;
+} | null = $state(null);
 let signingStatus: "pending" | "signing" | "success" | "error" =
     $state("pending");
 let errorMessage = $state("");
@@ -71,14 +79,35 @@ async function handleSign() {
         // For now, we'll simulate the signing process
         await new Promise((resolve) => setTimeout(resolve, 2000)); // Simulate signing delay
 
+        // check if default key pair exists
+        const keyExists = exists("default");
+
+        if (!keyExists) {
+            // this would only indicate that it is an old evault/wallet
+            // ask them to delete and make a new one maybe or some fallback
+            // behaviour if we need it
+            throw new Error("Default key pair does not exist");
+        }
+
         // Create the signed payload
-        const signedPayload = {
+        const signedPayload: {
+            sessionId: string;
+            publicKey: string; // Use eName as public key for now
+            message: string;
+            signature?: string;
+        } = {
             sessionId: signingData.session,
-            signature: "simulated_signature_" + Date.now(), // In real implementation, this would be the actual signature
             publicKey: vault.ename, // Use eName as public key for now
             message: messageToSign,
         };
 
+        const signature = await signPayload(
+            "default",
+            JSON.stringify(signedPayload),
+        );
+
+        signedPayload.signature = signature;
+
         // Send the signed payload to the redirect URI
         const response = await fetch(signingData.redirect_uri, {
             method: "POST",

infrastructure/eid-wallet/src/routes/(auth)/onboarding/+page.svelte

@@ -9,6 +9,7 @@ import { GlobalState } from "$lib/global";
 import { ButtonAction, Drawer } from "$lib/ui";
 import { capitalize } from "$lib/utils";
 import {
+    exists,
     generate,
     getPublicKey,
     // signPayload, verifySignature
@@ -86,10 +87,17 @@ let uri: string;
 
 let error: string | null = $state(null);
 
-onMount(() => {
+onMount(async () => {
     globalState = getContext<() => GlobalState>("globalState")();
     // handle verification logic + sec user data in the store
 
+    // check if default keypair exists
+    const keyExists = await exists("default");
+    if (!keyExists) {
+        // if not, generate it
+        await generateApplicationKeyPair();
+    }
+
     handleContinue = async () => {
         loading = true;
         const {
@@ -103,6 +111,7 @@ onMount(() => {
                 registryEntropy,
                 namespace: uuidv4(),
                 verificationId,
+                publicKey: await getApplicationPublicKey(),
             })
             .catch(() => {
                 loading = false;

infrastructure/eid-wallet/src/routes/(auth)/verify/+page.svelte

@@ -9,6 +9,12 @@ import { GlobalState } from "$lib/global";
 import { ButtonAction } from "$lib/ui";
 import Drawer from "$lib/ui/Drawer/Drawer.svelte";
 import { capitalize } from "$lib/utils";
+import {
+    exists,
+    generate,
+    getPublicKey,
+    // signPayload, verifySignature
+} from "@auvo/tauri-plugin-crypto-hw-api";
 import axios from "axios";
 import { getContext, onMount } from "svelte";
 import { Shadow } from "svelte-loading-spinners";
@@ -135,12 +141,43 @@ function watchEventStream(id: string) {
     };
 }
 
+// IMO, call this function early, check if hardware even supports the app
+// docs: https://github.com/auvoid/tauri-plugin-crypto-hw/blob/48d0b9db7083f9819766e7b3bfd19e39de9a77f3/examples/tauri-app/src/App.svelte#L13
+async function generateApplicationKeyPair() {
+    let res: string | undefined;
+    try {
+        res = await generate("default");
+        console.log(res);
+    } catch (e) {
+        // Put hardware crypto missing error here
+        console.log(e);
+    }
+    return res;
+}
+
+async function getApplicationPublicKey() {
+    let res: string | undefined;
+    try {
+        res = await getPublicKey("default");
+        console.log(res);
+    } catch (e) {
+        console.log(e);
+    }
+    return res; // check getPublicKey doc comments (multibase hex format)
+}
+
 let handleContinue: () => Promise<void>;
 
 onMount(() => {
     globalState = getContext<() => GlobalState>("globalState")();
     // handle verification logic + sec user data in the store
 
+    // check if default key pair exists
+    const keyExists = exists("default");
+    if (!keyExists) {
+        generateApplicationKeyPair();
+    }
+
     handleContinue = async () => {
         if ($status !== "approved") return verifStep.set(0);
         if (!globalState) throw new Error("Global state is not defined");
@@ -171,6 +208,7 @@ onMount(() => {
                 registryEntropy,
                 namespace: uuidv4(),
                 verificationId: $verificaitonId,
+                publicKey: await getApplicationPublicKey(),
             },
         );
         if (data.success === true) {