feat: Secure atKeys with pass-phrase

sitaram-kalluri commented 1 month ago

- What I did Support the password protected of atKeys file.

- How I did it

Add pass phrase to the AtOnboardingPreference to capture the pass phrase and propagate it the at_auth and at_chops package to decrypt the atKeys.
In auth_cli_args, add parser options to capture "pass phrase" and "hashing algo type"
In at_onboarding_service_impl.dart, in "_generateAtKeysFile", check if the passPhrase is supplied. If supplied, encrypt the keys with the passphrase.
Removed the at_cli_commons dependency from at_onboarding_cli to prevent from cyclic dependency.

- How to verify it

Added a test to verify the encryption and decryption of atKeys using a passphrase with the argon2id algorithm
A functional test to verify password protected of atKeys file

- Description for the changelog

sitaram-kalluri commented 3 weeks ago

Verified backward compatibility of at_auth and at_chops packages with at_client_sdk and looks fine.

Added dependency overrides for at_chops and at_auth packages in at_functional, E2E and unit tests in at_client_sdk. Refer to the PR: https://github.com/atsign-foundation/at_client_sdk/pull/1426

sitaram-kalluri commented 4 days ago

The changes in

at_chops package are merged with PR: https://github.com/atsign-foundation/at_libraries/pull/708 and are published in v2.2.0
at_auth package are merged with PR: https://github.com/atsign-foundation/at_libraries/pull/715 and are published in v2.0.8.

At this point, this PR contains changes in at_onboarding_cli. The changes are at_cli_commons are moved to a different branch.

atsign-foundation / at_libraries