11407164708

Committed 18 Oct 2024 04:02PM UTC coverage: 48.619% (-0.1%) from 48.741%

Build Type

Committed by

Commit Message

build: add job Update Dependency Graph

Signed-off-by: FabioPinheiro <fabiomgpinheiro@gmail.com>

Pull Request Pull Request #1400: build: add job Update Dependency Graph

Run Details

7867 of 16181 relevant lines covered (48.62%)

0.49 hits per line

Source File
Press 'n' to go to next uncovered line, 'b' for previous

66.67

/pollux/vc-jwt/src/main/scala/org/hyperledger/identus/pollux/vc/jwt/DidJWT.scala

package org.hyperledger.identus.pollux.vc.jwt

import com.nimbusds.jose.{JOSEObjectType, JWSAlgorithm, JWSHeader}
import com.nimbusds.jose.crypto.{ECDSASigner, Ed25519Signer}
import com.nimbusds.jose.crypto.bc.BouncyCastleProviderSingleton
import com.nimbusds.jose.jwk.{Curve, ECKey}
import com.nimbusds.jwt.{JWTClaimsSet, SignedJWT}
import io.circe.*
import org.hyperledger.identus.shared.crypto.{Ed25519KeyPair, Secp256k1PrivateKey}
import org.hyperledger.identus.shared.models.KeyId
import zio.*

import java.security.*
import java.security.interfaces.ECPublicKey

opaque type JWT = String

object JWT {
  def apply(value: String): JWT = value

  extension (jwt: JWT) {
    def value: String = jwt
  }
}

object JwtSignerImplicits {
  import com.nimbusds.jose.JWSSigner

  implicit class JwtSignerProviderSecp256k1(secp256k1PrivateKey: Secp256k1PrivateKey) {
    def asJwtSigner: JWSSigner = {
      val ecdsaSigner = ECDSASigner(secp256k1PrivateKey.toJavaPrivateKey, Curve.SECP256K1)
      val bouncyCastleProvider = BouncyCastleProviderSingleton.getInstance
      ecdsaSigner.getJCAContext.setProvider(bouncyCastleProvider)
      ecdsaSigner
    }
  }
}

trait Signer {
  def encode(claim: Json): JWT

  def generateProofForJson(payload: Json, pk: PublicKey): Task[Proof]
}

// works with java 7, 8, 11 & bouncycastle provider
// https://connect2id.com/products/nimbus-jose-jwt/jca-algorithm-support#alg-support-table
class ES256KSigner(privateKey: PrivateKey, keyId: Option[KeyId] = None) extends Signer {
  lazy val signer: ECDSASigner = {
    val ecdsaSigner = ECDSASigner(privateKey, Curve.SECP256K1)
    val bouncyCastleProvider = BouncyCastleProviderSingleton.getInstance
    ecdsaSigner.getJCAContext.setProvider(bouncyCastleProvider)
    ecdsaSigner
  }

  override def generateProofForJson(payload: Json, pk: PublicKey): Task[Proof] = {
    val err = Throwable("Public key must be secp256k1 EC public key")
    pk match
      case pk: ECPublicKey =>
        EcdsaSecp256k1Signature2019ProofGenerator.generateProof(payload, signer, pk)
      case _ => ZIO.fail(err)
  }

  override def encode(claim: Json): JWT = {
    val claimSet = JWTClaimsSet.parse(claim.noSpaces)
    val signedJwt = SignedJWT(
      keyId
        .map(kid => new JWSHeader.Builder(JWSAlgorithm.ES256K).`type`(JOSEObjectType.JWT).keyID(kid.value))
        .getOrElse(new JWSHeader.Builder(JWSAlgorithm.ES256K).`type`(JOSEObjectType.JWT))
        .build(),
      claimSet
    )
    signedJwt.sign(signer)
    JWT(signedJwt.serialize())
  }
}

class EdSigner(ed25519KeyPair: Ed25519KeyPair, keyId: Option[KeyId] = None) extends Signer {
  lazy val signer: Ed25519Signer = {
    val ed25519Signer = Ed25519Signer(ed25519KeyPair.toOctetKeyPair)
    ed25519Signer
  }

  override def generateProofForJson(payload: Json, pk: PublicKey): Task[Proof] = {
    EddsaJcs2022ProofGenerator.generateProof(payload, ed25519KeyPair)
  }

  override def encode(claim: Json): JWT = {
    val claimSet = JWTClaimsSet.parse(claim.noSpaces)

    val signedJwt = SignedJWT(
      keyId
        .map(kid => new JWSHeader.Builder(JWSAlgorithm.EdDSA).`type`(JOSEObjectType.JWT).keyID(kid.value))
        .getOrElse(new JWSHeader.Builder(JWSAlgorithm.EdDSA).`type`(JOSEObjectType.JWT))
        .build(),
      claimSet
    )
    signedJwt.sign(signer)
    JWT(signedJwt.serialize())
  }
}

def toJWKFormat(holderJwk: ECKey): JsonWebKey = {
  JsonWebKey(
    kty = "EC",
    crv = Some(holderJwk.getCurve.getName),
    x = Some(holderJwk.getX.toJSONString),
    y = Some(holderJwk.getY.toJSONString),
    d = Some(holderJwk.getD.toJSONString)
  )
}

1	package org.hyperledger.identus.pollux.vc.jwt
2
3	import com.nimbusds.jose.{JOSEObjectType, JWSAlgorithm, JWSHeader}
4	import com.nimbusds.jose.crypto.{ECDSASigner, Ed25519Signer}
5	import com.nimbusds.jose.crypto.bc.BouncyCastleProviderSingleton
6	import com.nimbusds.jose.jwk.{Curve, ECKey}
7	import com.nimbusds.jwt.{JWTClaimsSet, SignedJWT}
8	import io.circe.*
9	import org.hyperledger.identus.shared.crypto.{Ed25519KeyPair, Secp256k1PrivateKey}
10	import org.hyperledger.identus.shared.models.KeyId
11	import zio.*
12
13	import java.security.*
14	import java.security.interfaces.ECPublicKey
15
16	opaque type JWT = String
17
18	object JWT {
19	def apply(value: String): JWT = value	1✔
20
21	extension (jwt: JWT) {
22	def value: String = jwt	1✔
23	}
24	}
25
26	object JwtSignerImplicits {
27	import com.nimbusds.jose.JWSSigner
28
29	implicit class JwtSignerProviderSecp256k1(secp256k1PrivateKey: Secp256k1PrivateKey) {	1✔
30	def asJwtSigner: JWSSigner = {	1✔
31	val ecdsaSigner = ECDSASigner(secp256k1PrivateKey.toJavaPrivateKey, Curve.SECP256K1)	1✔
32	val bouncyCastleProvider = BouncyCastleProviderSingleton.getInstance	1✔
33	ecdsaSigner.getJCAContext.setProvider(bouncyCastleProvider)	1✔
34	ecdsaSigner
35	}
36	}
37	}
38
39	trait Signer {
40	def encode(claim: Json): JWT
41
42	def generateProofForJson(payload: Json, pk: PublicKey): Task[Proof]
43	}
44
45	// works with java 7, 8, 11 & bouncycastle provider
46	// https://connect2id.com/products/nimbus-jose-jwt/jca-algorithm-support#alg-support-table
47	class ES256KSigner(privateKey: PrivateKey, keyId: Option[KeyId] = None) extends Signer {	1✔
48	lazy val signer: ECDSASigner = {
49	val ecdsaSigner = ECDSASigner(privateKey, Curve.SECP256K1)	1✔
50	val bouncyCastleProvider = BouncyCastleProviderSingleton.getInstance	1✔
51	ecdsaSigner.getJCAContext.setProvider(bouncyCastleProvider)	1✔
52	ecdsaSigner
53	}
54
55	override def generateProofForJson(payload: Json, pk: PublicKey): Task[Proof] = {	1✔
56	val err = Throwable("Public key must be secp256k1 EC public key")	1✔
57	pk match
58	case pk: ECPublicKey =>	1✔
59	EcdsaSecp256k1Signature2019ProofGenerator.generateProof(payload, signer, pk)	1✔
60	case _ => ZIO.fail(err)	×
61	}
62
63	override def encode(claim: Json): JWT = {	1✔
64	val claimSet = JWTClaimsSet.parse(claim.noSpaces)	1✔
65	val signedJwt = SignedJWT(	1✔
66	keyId
67	.map(kid => new JWSHeader.Builder(JWSAlgorithm.ES256K).`type`(JOSEObjectType.JWT).keyID(kid.value))	×
68	.getOrElse(new JWSHeader.Builder(JWSAlgorithm.ES256K).`type`(JOSEObjectType.JWT))	1✔
69	.build(),	1✔
70	claimSet
71	)
72	signedJwt.sign(signer)	1✔
73	JWT(signedJwt.serialize())	1✔
74	}
75	}
76
77	class EdSigner(ed25519KeyPair: Ed25519KeyPair, keyId: Option[KeyId] = None) extends Signer {	×
78	lazy val signer: Ed25519Signer = {
79	val ed25519Signer = Ed25519Signer(ed25519KeyPair.toOctetKeyPair)	×
80	ed25519Signer
81	}
82
83	override def generateProofForJson(payload: Json, pk: PublicKey): Task[Proof] = {	×
84	EddsaJcs2022ProofGenerator.generateProof(payload, ed25519KeyPair)	×
85	}
86
87	override def encode(claim: Json): JWT = {	×
88	val claimSet = JWTClaimsSet.parse(claim.noSpaces)	×
89
90	val signedJwt = SignedJWT(	×
91	keyId
92	.map(kid => new JWSHeader.Builder(JWSAlgorithm.EdDSA).`type`(JOSEObjectType.JWT).keyID(kid.value))	×
93	.getOrElse(new JWSHeader.Builder(JWSAlgorithm.EdDSA).`type`(JOSEObjectType.JWT))	×
94	.build(),	×
95	claimSet
96	)
97	signedJwt.sign(signer)	×
98	JWT(signedJwt.serialize())	×
99	}
100	}
101
102	def toJWKFormat(holderJwk: ECKey): JsonWebKey = {	1✔
103	JsonWebKey(	1✔
104	kty = "EC",
105	crv = Some(holderJwk.getCurve.getName),	1✔
106	x = Some(holderJwk.getX.toJSONString),	1✔
107	y = Some(holderJwk.getY.toJSONString),	1✔
108	d = Some(holderJwk.getD.toJSONString)	1✔
109	)
110	}

hyperledger / identus-cloud-agent / 11407164708

Source File Press 'n' to go to next uncovered line, 'b' for previous

Source File
Press 'n' to go to next uncovered line, 'b' for previous