10793991050

Committed 10 Sep 2024 01:56PM UTC coverage: 48.504% (-4.5%) from 52.962%

Build Type

push

Committed by

Commit Message

build: sbt and plugins dependency update (#1337)

Signed-off-by: Hyperledger Bot <hyperledger-bot@hyperledger.org>
Signed-off-by: Yurii Shynbuiev <yurii.shynbuiev@iohk.io>
Co-authored-by: Hyperledger Bot <hyperledger-bot@hyperledger.org>
Co-authored-by: Yurii Shynbuiev <yurii.shynbuiev@iohk.io>

Run Details

7406 of 15269 relevant lines covered (48.5%)

0.49 hits per line

Source File
Press 'n' to go to next uncovered line, 'b' for previous

69.05

/pollux/vc-jwt/src/main/scala/org/hyperledger/identus/pollux/vc/jwt/DidJWT.scala

package org.hyperledger.identus.pollux.vc.jwt

import com.nimbusds.jose.{JOSEObjectType, JWSAlgorithm, JWSHeader}
import com.nimbusds.jose.crypto.{ECDSASigner, Ed25519Signer}
import com.nimbusds.jose.crypto.bc.BouncyCastleProviderSingleton
import com.nimbusds.jose.jwk.{Curve, ECKey}
import com.nimbusds.jwt.{JWTClaimsSet, SignedJWT}
import io.circe.*
import org.hyperledger.identus.shared.crypto.{Ed25519KeyPair, Secp256k1PrivateKey}
import org.hyperledger.identus.shared.models.KeyId
import zio.*

import java.security.*
import java.security.interfaces.ECPublicKey

opaque type JWT = String

object JWT {
  def apply(value: String): JWT = value

  extension (jwt: JWT) {
    def value: String = jwt
  }
}

object JwtSignerImplicits {
  import com.nimbusds.jose.JWSSigner

  implicit class JwtSignerProviderSecp256k1(secp256k1PrivateKey: Secp256k1PrivateKey) {
    def asJwtSigner: JWSSigner = {
      val ecdsaSigner = ECDSASigner(secp256k1PrivateKey.toJavaPrivateKey, Curve.SECP256K1)
      val bouncyCastleProvider = BouncyCastleProviderSingleton.getInstance
      ecdsaSigner.getJCAContext.setProvider(bouncyCastleProvider)
      ecdsaSigner
    }
  }
}

trait Signer {
  def encode(claim: Json): JWT

  def generateProofForJson(payload: Json, pk: PublicKey): Task[Proof]

}

// works with java 7, 8, 11 & bouncycastle provider
// https://connect2id.com/products/nimbus-jose-jwt/jca-algorithm-support#alg-support-table
class ES256KSigner(privateKey: PrivateKey, keyId: Option[KeyId] = None) extends Signer {
  lazy val signer: ECDSASigner = {
    val ecdsaSigner = ECDSASigner(privateKey, Curve.SECP256K1)
    val bouncyCastleProvider = BouncyCastleProviderSingleton.getInstance
    ecdsaSigner.getJCAContext.setProvider(bouncyCastleProvider)
    ecdsaSigner
  }

  override def generateProofForJson(payload: Json, pk: PublicKey): Task[Proof] = {
    val err = Throwable("Public key must be secp256k1 EC public key")
    pk match
      case pk: ECPublicKey =>
        EcdsaSecp256k1Signature2019ProofGenerator.generateProof(payload, signer, pk)
      case _ => ZIO.fail(err)
  }

  override def encode(claim: Json): JWT = {
    val claimSet = JWTClaimsSet.parse(claim.noSpaces)
    val signedJwt = SignedJWT(
      keyId
        .map(kid => new JWSHeader.Builder(JWSAlgorithm.ES256K).`type`(JOSEObjectType.JWT).keyID(kid.value))
        .getOrElse(new JWSHeader.Builder(JWSAlgorithm.ES256K).`type`(JOSEObjectType.JWT))
        .build(),
      claimSet
    )
    signedJwt.sign(signer)
    JWT(signedJwt.serialize())
  }
}

class EdSigner(ed25519KeyPair: Ed25519KeyPair, keyId: Option[KeyId] = None) extends Signer {
  lazy val signer: Ed25519Signer = {
    val ed25519Signer = Ed25519Signer(ed25519KeyPair.toOctetKeyPair)
    ed25519Signer
  }

  override def generateProofForJson(payload: Json, pk: PublicKey): Task[Proof] = {
    EddsaJcs2022ProofGenerator.generateProof(payload, ed25519KeyPair)
  }

  override def encode(claim: Json): JWT = {
    val claimSet = JWTClaimsSet.parse(claim.noSpaces)

    val signedJwt = SignedJWT(
      keyId
        .map(kid => new JWSHeader.Builder(JWSAlgorithm.EdDSA).`type`(JOSEObjectType.JWT).keyID(kid.value))
        .getOrElse(new JWSHeader.Builder(JWSAlgorithm.EdDSA).`type`(JOSEObjectType.JWT))
        .build(),
      claimSet
    )
    signedJwt.sign(signer)
    JWT(signedJwt.serialize())
  }
}

def toJWKFormat(holderJwk: ECKey): JsonWebKey = {
  JsonWebKey(
    kty = "EC",
    crv = Some(holderJwk.getCurve.getName),
    x = Some(holderJwk.getX.toJSONString),
    y = Some(holderJwk.getY.toJSONString),
    d = Some(holderJwk.getD.toJSONString)
  )
}

1	package org.hyperledger.identus.pollux.vc.jwt
2
3	import com.nimbusds.jose.{JOSEObjectType, JWSAlgorithm, JWSHeader}
4	import com.nimbusds.jose.crypto.{ECDSASigner, Ed25519Signer}
5	import com.nimbusds.jose.crypto.bc.BouncyCastleProviderSingleton
6	import com.nimbusds.jose.jwk.{Curve, ECKey}
7	import com.nimbusds.jwt.{JWTClaimsSet, SignedJWT}
8	import io.circe.*
9	import org.hyperledger.identus.shared.crypto.{Ed25519KeyPair, Secp256k1PrivateKey}
10	import org.hyperledger.identus.shared.models.KeyId
11	import zio.*
12
13	import java.security.*
14	import java.security.interfaces.ECPublicKey
15
16	opaque type JWT = String
17
18	object JWT {
19	def apply(value: String): JWT = value	1✔
20
21	extension (jwt: JWT) {
22	def value: String = jwt	1✔
23	}
24	}
25
26	object JwtSignerImplicits {
27	import com.nimbusds.jose.JWSSigner
28
29	implicit class JwtSignerProviderSecp256k1(secp256k1PrivateKey: Secp256k1PrivateKey) {	1✔
30	def asJwtSigner: JWSSigner = {	1✔
31	val ecdsaSigner = ECDSASigner(secp256k1PrivateKey.toJavaPrivateKey, Curve.SECP256K1)	1✔
32	val bouncyCastleProvider = BouncyCastleProviderSingleton.getInstance	1✔
33	ecdsaSigner.getJCAContext.setProvider(bouncyCastleProvider)	1✔
34	ecdsaSigner
35	}
36	}
37	}
38
39	trait Signer {
40	def encode(claim: Json): JWT
41
42	def generateProofForJson(payload: Json, pk: PublicKey): Task[Proof]
43
44	}
45
46	// works with java 7, 8, 11 & bouncycastle provider
47	// https://connect2id.com/products/nimbus-jose-jwt/jca-algorithm-support#alg-support-table
48	class ES256KSigner(privateKey: PrivateKey, keyId: Option[KeyId] = None) extends Signer {	1✔
49	lazy val signer: ECDSASigner = {
50	val ecdsaSigner = ECDSASigner(privateKey, Curve.SECP256K1)	1✔
51	val bouncyCastleProvider = BouncyCastleProviderSingleton.getInstance	1✔
52	ecdsaSigner.getJCAContext.setProvider(bouncyCastleProvider)	1✔
53	ecdsaSigner
54	}
55
56	override def generateProofForJson(payload: Json, pk: PublicKey): Task[Proof] = {	1✔
57	val err = Throwable("Public key must be secp256k1 EC public key")	1✔
58	pk match
59	case pk: ECPublicKey =>	1✔
60	EcdsaSecp256k1Signature2019ProofGenerator.generateProof(payload, signer, pk)	1✔
61	case _ => ZIO.fail(err)	×
62	}
63
64	override def encode(claim: Json): JWT = {	1✔
65	val claimSet = JWTClaimsSet.parse(claim.noSpaces)	1✔
66	val signedJwt = SignedJWT(	1✔
67	keyId
68	.map(kid => new JWSHeader.Builder(JWSAlgorithm.ES256K).`type`(JOSEObjectType.JWT).keyID(kid.value))	1✔
69	.getOrElse(new JWSHeader.Builder(JWSAlgorithm.ES256K).`type`(JOSEObjectType.JWT))	1✔
70	.build(),	1✔
71	claimSet
72	)
73	signedJwt.sign(signer)	1✔
74	JWT(signedJwt.serialize())	1✔
75	}
76	}
77
78	class EdSigner(ed25519KeyPair: Ed25519KeyPair, keyId: Option[KeyId] = None) extends Signer {	×
79	lazy val signer: Ed25519Signer = {
80	val ed25519Signer = Ed25519Signer(ed25519KeyPair.toOctetKeyPair)	×
81	ed25519Signer
82	}
83
84	override def generateProofForJson(payload: Json, pk: PublicKey): Task[Proof] = {	×
85	EddsaJcs2022ProofGenerator.generateProof(payload, ed25519KeyPair)	×
86	}
87
88	override def encode(claim: Json): JWT = {	×
89	val claimSet = JWTClaimsSet.parse(claim.noSpaces)	×
90
91	val signedJwt = SignedJWT(	×
92	keyId
93	.map(kid => new JWSHeader.Builder(JWSAlgorithm.EdDSA).`type`(JOSEObjectType.JWT).keyID(kid.value))	×
94	.getOrElse(new JWSHeader.Builder(JWSAlgorithm.EdDSA).`type`(JOSEObjectType.JWT))	×
95	.build(),	×
96	claimSet
97	)
98	signedJwt.sign(signer)	×
99	JWT(signedJwt.serialize())	×
100	}
101	}
102
103	def toJWKFormat(holderJwk: ECKey): JsonWebKey = {	1✔
104	JsonWebKey(	1✔
105	kty = "EC",
106	crv = Some(holderJwk.getCurve.getName),	1✔
107	x = Some(holderJwk.getX.toJSONString),	1✔
108	y = Some(holderJwk.getY.toJSONString),	1✔
109	d = Some(holderJwk.getD.toJSONString)	1✔
110	)
111	}

hyperledger / identus-cloud-agent / 10793991050

Source File Press 'n' to go to next uncovered line, 'b' for previous

Source File
Press 'n' to go to next uncovered line, 'b' for previous