8815523478

Committed 24 Apr 2024 10:47AM UTC coverage: 31.599% (-0.3%) from 31.912%

Build Type

Committed by

Commit Message

chore: resolve conflict

Signed-off-by: Pat Losoponkul <pat.losoponkul@iohk.io>

Pull Request Pull Request #966: feat: key management for Ed25519 and X25519

Run Details

110 of 386 new or added lines in 22 files covered. (28.5%)

471 existing lines in 130 files now uncovered.

4652 of 14722 relevant lines covered (31.6%)

0.32 hits per line

Source File
Press 'n' to go to next uncovered line, 'b' for previous

63.51

/pollux/lib/vc-jwt/src/main/scala/io/iohk/atala/pollux/vc/jwt/Proof.scala

package io.iohk.atala.pollux.vc.jwt

import com.nimbusds.jose.crypto.bc.BouncyCastleProviderSingleton
import io.circe.*
import io.circe.syntax.*
import cats.implicits.*
import java.time.{Instant, ZoneOffset}
import zio.*
import io.iohk.atala.shared.utils.Json as JsonUtils
import io.iohk.atala.shared.utils.Base64Utils
import scodec.bits.ByteVector
import scala.util.Try
import java.security.*
import java.security.spec.X509EncodedKeySpec

sealed trait Proof {
  val id: Option[String] = None
  val `type`: String
  val proofPurpose: String
  val verificationMethod: String
  val created: Option[Instant] = None
  val domain: Option[String] = None
  val challenge: Option[String] = None
  val proofValue: String
  val previousProof: Option[String] = None
  val nonce: Option[String] = None
}

object Proof {
  given decodeProof: Decoder[Proof] = new Decoder[Proof] {
    final def apply(c: HCursor): Decoder.Result[Proof] = {
      val decoders: List[Decoder[Proof]] = List(
        Decoder[EddsaJcs2022Proof].widen
          // Note: Add another proof types here when available
      )

      decoders.foldLeft(
        Left[DecodingFailure, Proof](DecodingFailure("Cannot decode as Proof", c.history)): Decoder.Result[Proof]
      ) { (acc, decoder) =>
        acc.orElse(decoder.tryDecode(c))
      }
    }
  }
}

object EddsaJcs2022ProofGenerator {
  private val provider = BouncyCastleProviderSingleton.getInstance
  def generateProof(payload: Json, sk: PrivateKey, pk: PublicKey): Task[EddsaJcs2022Proof] = {
    for {
      canonicalizedJsonString <- ZIO.fromEither(JsonUtils.canonicalizeToJcs(payload.spaces2))
      canonicalizedJson <- ZIO.fromEither(parser.parse(canonicalizedJsonString))
      dataToSign = canonicalizedJson.noSpaces.getBytes
      signature = sign(sk, dataToSign)
      base58BtsEncodedSignature = MultiBaseString(
        header = MultiBaseString.Header.Base58Btc,
        data = ByteVector.view(signature).toBase58
      ).toMultiBaseString
      created = Instant.now()
      multiKey = MultiKey(publicKeyMultibase =
        Some(MultiBaseString(header = MultiBaseString.Header.Base64Url, data = Base64Utils.encodeURL(pk.getEncoded)))
      )
      verificationMethod = Base64Utils.createDataUrl(
        multiKey.asJson.dropNullValues.noSpaces.getBytes,
        "application/json"
      )
    } yield EddsaJcs2022Proof(
      proofValue = base58BtsEncodedSignature,
      maybeCreated = Some(created),
      verificationMethod = verificationMethod
    )
  }

  def verifyProof(payload: Json, proofValue: String, pk: MultiKey): Task[Boolean] = {

    val res = for {
      canonicalizedJsonString <- ZIO
        .fromEither(JsonUtils.canonicalizeToJcs(payload.spaces2))
        .mapError(_.getMessage)
      canonicalizedJson <- ZIO
        .fromEither(parser.parse(canonicalizedJsonString))
        .mapError(_.getMessage)
      dataToVerify = canonicalizedJson.noSpaces.getBytes
      signature <- ZIO.fromEither(MultiBaseString.fromString(proofValue).flatMap(_.getBytes))
      publicKeyBytes <- ZIO.fromEither(
        pk.publicKeyMultibase.toRight("No public key provided inside MultiKey").flatMap(_.getBytes)
      )
      javaPublicKey <- ZIO.fromEither(recoverPublicKey(publicKeyBytes))
      isValid = verify(javaPublicKey, signature, dataToVerify)

    } yield isValid

    res.mapError(e => Throwable(e))
  }

  private def sign(privateKey: PrivateKey, data: Array[Byte]): Array[Byte] = {

    val signer = Signature.getInstance("SHA256withECDSA", provider)
    signer.initSign(privateKey)
    signer.update(data)
    signer.sign()
  }

  private def recoverPublicKey(pkBytes: Array[Byte]): Either[String, PublicKey] = {
    val keyFactory = KeyFactory.getInstance("EC", provider)
    val x509KeySpec = X509EncodedKeySpec(pkBytes)
    Try(keyFactory.generatePublic(x509KeySpec)).toEither.left.map(_.getMessage)
  }

  private def verify(publicKey: PublicKey, signature: Array[Byte], data: Array[Byte]): Boolean = {
    val verifier = Signature.getInstance("SHA256withECDSA", provider)
    verifier.initVerify(publicKey)
    verifier.update(data)
    verifier.verify(signature)
  }
}
case class EddsaJcs2022Proof(proofValue: String, verificationMethod: String, maybeCreated: Option[Instant])
    extends Proof {
  override val created: Option[Instant] = maybeCreated
  override val `type`: String = "DataIntegrityProof"
  override val proofPurpose: String = "assertionMethod"
  val cryptoSuite: String = "eddsa-jcs-2022"
}

object EddsaJcs2022Proof {

  given proofEncoder: Encoder[EddsaJcs2022Proof] =
    (proof: EddsaJcs2022Proof) =>
      Json
        .obj(
          ("id", proof.id.asJson),
          ("type", proof.`type`.asJson),
          ("proofPurpose", proof.proofPurpose.asJson),
          ("verificationMethod", proof.verificationMethod.asJson),
          ("created", proof.created.map(_.atOffset(ZoneOffset.UTC)).asJson),
          ("domain", proof.domain.asJson),
          ("challenge", proof.challenge.asJson),
          ("proofValue", proof.proofValue.asJson),
          ("cryptoSuite", proof.cryptoSuite.asJson),
          ("previousProof", proof.previousProof.asJson),
          ("nonce", proof.nonce.asJson),
          ("cryptoSuite", proof.cryptoSuite.asJson),
        )

  given proofDecoder: Decoder[EddsaJcs2022Proof] =
    (c: HCursor) =>
      for {
        id <- c.downField("id").as[Option[String]]
        `type` <- c.downField("type").as[String]
        proofPurpose <- c.downField("proofPurpose").as[String]
        verificationMethod <- c.downField("verificationMethod").as[String]
        created <- c.downField("created").as[Option[Instant]]
        domain <- c.downField("domain").as[Option[String]]
        challenge <- c.downField("challenge").as[Option[String]]
        proofValue <- c.downField("proofValue").as[String]
        previousProof <- c.downField("previousProof").as[Option[String]]
        nonce <- c.downField("nonce").as[Option[String]]
        cryptoSuite <- c.downField("cryptoSuite").as[String]
      } yield {
        EddsaJcs2022Proof(
          proofValue = proofValue,
          verificationMethod = verificationMethod,
          maybeCreated = created
        )
      }
}

1	package io.iohk.atala.pollux.vc.jwt
2
3	import com.nimbusds.jose.crypto.bc.BouncyCastleProviderSingleton
4	import io.circe.*
5	import io.circe.syntax.*
6	import cats.implicits.*
7	import java.time.{Instant, ZoneOffset}
8	import zio.*
9	import io.iohk.atala.shared.utils.Json as JsonUtils
10	import io.iohk.atala.shared.utils.Base64Utils
11	import scodec.bits.ByteVector
12	import scala.util.Try
13	import java.security.*
14	import java.security.spec.X509EncodedKeySpec
15
16	sealed trait Proof {
17	val id: Option[String] = None
18	val `type`: String
19	val proofPurpose: String
20	val verificationMethod: String
21	val created: Option[Instant] = None
22	val domain: Option[String] = None
23	val challenge: Option[String] = None
24	val proofValue: String
25	val previousProof: Option[String] = None
26	val nonce: Option[String] = None
27	}
28
29	object Proof {
30	given decodeProof: Decoder[Proof] = new Decoder[Proof] {	1✔
31	final def apply(c: HCursor): Decoder.Result[Proof] = {	1✔
32	val decoders: List[Decoder[Proof]] = List(	1✔
33	Decoder[EddsaJcs2022Proof].widen
34	// Note: Add another proof types here when available
35	)
36
37	decoders.foldLeft(	×
38	Left[DecodingFailure, Proof](DecodingFailure("Cannot decode as Proof", c.history)): Decoder.Result[Proof]	1✔
39	) { (acc, decoder) =>	1✔
40	acc.orElse(decoder.tryDecode(c))
41	}
42	}
43	}
44	}
45
46	object EddsaJcs2022ProofGenerator {	1✔
47	private val provider = BouncyCastleProviderSingleton.getInstance	1✔
48	def generateProof(payload: Json, sk: PrivateKey, pk: PublicKey): Task[EddsaJcs2022Proof] = {	1✔
49	for {	×
UNCOV 50	canonicalizedJsonString <- ZIO.fromEither(JsonUtils.canonicalizeToJcs(payload.spaces2))	×
51	canonicalizedJson <- ZIO.fromEither(parser.parse(canonicalizedJsonString))	×
52	dataToSign = canonicalizedJson.noSpaces.getBytes	×
53	signature = sign(sk, dataToSign)
54	base58BtsEncodedSignature = MultiBaseString(
55	header = MultiBaseString.Header.Base58Btc,	×
56	data = ByteVector.view(signature).toBase58	×
57	).toMultiBaseString	×
58	created = Instant.now()	×
59	multiKey = MultiKey(publicKeyMultibase =	×
60	Some(MultiBaseString(header = MultiBaseString.Header.Base64Url, data = Base64Utils.encodeURL(pk.getEncoded)))
61	)	×
62	verificationMethod = Base64Utils.createDataUrl(	×
63	multiKey.asJson.dropNullValues.noSpaces.getBytes,
64	"application/json"
65	)
66	} yield EddsaJcs2022Proof(
67	proofValue = base58BtsEncodedSignature,
68	maybeCreated = Some(created),
69	verificationMethod = verificationMethod
70	)
71	}
72		1✔
73	def verifyProof(payload: Json, proofValue: String, pk: MultiKey): Task[Boolean] = {
74		1✔
75	val res = for {	×
76	canonicalizedJsonString <- ZIO	×
77	.fromEither(JsonUtils.canonicalizeToJcs(payload.spaces2))	×
78	.mapError(_.getMessage)	×
79	canonicalizedJson <- ZIO	×
80	.fromEither(parser.parse(canonicalizedJsonString))	×
81	.mapError(_.getMessage)	×
82	dataToVerify = canonicalizedJson.noSpaces.getBytes	1✔
83	signature <- ZIO.fromEither(MultiBaseString.fromString(proofValue).flatMap(_.getBytes))	1✔
84	publicKeyBytes <- ZIO.fromEither(	×
85	pk.publicKeyMultibase.toRight("No public key provided inside MultiKey").flatMap(_.getBytes)
86	)	×
87	javaPublicKey <- ZIO.fromEither(recoverPublicKey(publicKeyBytes))	×
88	isValid = verify(javaPublicKey, signature, dataToVerify)
89
90	} yield isValid
91		1✔
92	res.mapError(e => Throwable(e))
93	}
94		1✔
95	private def sign(privateKey: PrivateKey, data: Array[Byte]): Array[Byte] = {
96		1✔
97	val signer = Signature.getInstance("SHA256withECDSA", provider)	1✔
98	signer.initSign(privateKey)	1✔
99	signer.update(data)	1✔
100	signer.sign()
101	}
102		1✔
103	private def recoverPublicKey(pkBytes: Array[Byte]): Either[String, PublicKey] = {	1✔
104	val keyFactory = KeyFactory.getInstance("EC", provider)	1✔
105	val x509KeySpec = X509EncodedKeySpec(pkBytes)	1✔
106	Try(keyFactory.generatePublic(x509KeySpec)).toEither.left.map(_.getMessage)
107	}
108		1✔
109	private def verify(publicKey: PublicKey, signature: Array[Byte], data: Array[Byte]): Boolean = {	1✔
110	val verifier = Signature.getInstance("SHA256withECDSA", provider)	1✔
111	verifier.initVerify(publicKey)	1✔
112	verifier.update(data)	1✔
113	verifier.verify(signature)
114	}
115	}
116	case class EddsaJcs2022Proof(proofValue: String, verificationMethod: String, maybeCreated: Option[Instant])
117	extends Proof {
118	override val created: Option[Instant] = maybeCreated
119	override val `type`: String = "DataIntegrityProof"
120	override val proofPurpose: String = "assertionMethod"
121	val cryptoSuite: String = "eddsa-jcs-2022"
122	}
123
124	object EddsaJcs2022Proof {
125
126	given proofEncoder: Encoder[EddsaJcs2022Proof] =
127	(proof: EddsaJcs2022Proof) =>
128	Json	1✔
129	.obj(	1✔
130	("id", proof.id.asJson),	1✔
131	("type", proof.`type`.asJson),	1✔
132	("proofPurpose", proof.proofPurpose.asJson),	1✔
133	("verificationMethod", proof.verificationMethod.asJson),	1✔
134	("created", proof.created.map(_.atOffset(ZoneOffset.UTC)).asJson),	1✔
135	("domain", proof.domain.asJson),	1✔
136	("challenge", proof.challenge.asJson),	1✔
137	("proofValue", proof.proofValue.asJson),	1✔
138	("cryptoSuite", proof.cryptoSuite.asJson),	1✔
139	("previousProof", proof.previousProof.asJson),	1✔
140	("nonce", proof.nonce.asJson),	1✔
141	("cryptoSuite", proof.cryptoSuite.asJson),
142	)
143
144	given proofDecoder: Decoder[EddsaJcs2022Proof] =
145	(c: HCursor) =>	1✔
146	for {	×
147	id <- c.downField("id").as[Option[String]]	1✔
148	`type` <- c.downField("type").as[String]	×
149	proofPurpose <- c.downField("proofPurpose").as[String]	×
150	verificationMethod <- c.downField("verificationMethod").as[String]	×
151	created <- c.downField("created").as[Option[Instant]]	1✔
152	domain <- c.downField("domain").as[Option[String]]	×
153	challenge <- c.downField("challenge").as[Option[String]]	1✔
154	proofValue <- c.downField("proofValue").as[String]	1✔
155	previousProof <- c.downField("previousProof").as[Option[String]]	1✔
156	nonce <- c.downField("nonce").as[Option[String]]	1✔
157	cryptoSuite <- c.downField("cryptoSuite").as[String]
158	} yield {
159	EddsaJcs2022Proof(
160	proofValue = proofValue,
161	verificationMethod = verificationMethod,
162	maybeCreated = created
163	)
164	}
165	}

input-output-hk / atala-prism-building-blocks / 8815523478

Source File Press 'n' to go to next uncovered line, 'b' for previous

Source File
Press 'n' to go to next uncovered line, 'b' for previous