From 5d5f3f7588548a3b8dd2b3eba762ad9f66bd642c Mon Sep 17 00:00:00 2001
From: Markus Gylling <markus.gylling@gmail.com>
Date: Wed, 29 Jun 2022 23:00:37 +0200
Subject: [PATCH] add URDNA2015

---
 inspector-vc/pom.xml                          | 30 +++++++++-
 .../inspect/vc/probe/ProofVerifierProbe.java  | 60 +++++++++++++++++--
 2 files changed, 85 insertions(+), 5 deletions(-)

diff --git a/inspector-vc/pom.xml b/inspector-vc/pom.xml
index f253160..3e4ca11 100644
--- a/inspector-vc/pom.xml
+++ b/inspector-vc/pom.xml
@@ -35,6 +35,34 @@
 			<groupId>org.springframework</groupId>
 			<artifactId>spring-core</artifactId>
 			<version>5.0.12.RELEASE</version>
-		</dependency>		
+		</dependency>	
+		<!-- https://mvnrepository.com/artifact/com.apicatalog/titanium-json-ld  -->
+		<dependency>
+			<groupId>com.apicatalog</groupId>
+			<artifactId>titanium-json-ld</artifactId>
+			<version>1.3.1</version>
+		</dependency>
+		<!-- https://mvnrepository.com/artifact/io.setl/rdf-urdna -->
+		<!-- https://github.com/setl/rdf-urdna -->
+		<dependency>
+			<groupId>io.setl</groupId>
+			<artifactId>rdf-urdna</artifactId>
+			<version>1.1</version>
+			<exclusions>
+				<exclusion>
+					<groupId>junit</groupId>
+					<artifactId>junit</artifactId>
+				</exclusion>
+				<exclusion>
+					<groupId>com.apicatalog</groupId>
+					<artifactId>titanium-json-ld</artifactId>
+				</exclusion>
+			</exclusions>
+		</dependency>	
+		<dependency>
+			<groupId>org.glassfish</groupId>
+			<artifactId>jakarta.json</artifactId>
+			<version>2.0.1</version>
+		</dependency>
 	</dependencies>
 </project>
\ No newline at end of file
diff --git a/inspector-vc/src/main/java/org/oneedtech/inspect/vc/probe/ProofVerifierProbe.java b/inspector-vc/src/main/java/org/oneedtech/inspect/vc/probe/ProofVerifierProbe.java
index 1618148..e3073aa 100644
--- a/inspector-vc/src/main/java/org/oneedtech/inspect/vc/probe/ProofVerifierProbe.java
+++ b/inspector-vc/src/main/java/org/oneedtech/inspect/vc/probe/ProofVerifierProbe.java
@@ -1,5 +1,9 @@
 package org.oneedtech.inspect.vc.probe;
 
+import static org.oneedtech.inspect.core.probe.RunContext.Key.JACKSON_OBJECTMAPPER;
+
+import java.io.ByteArrayOutputStream;
+import java.io.StringReader;
 import java.security.KeyFactory;
 import java.security.Security;
 import java.security.Signature;
@@ -15,6 +19,18 @@ import org.oneedtech.inspect.core.probe.RunContext;
 import org.oneedtech.inspect.core.report.ReportItems;
 import org.oneedtech.inspect.vc.Credential;
 
+import com.apicatalog.jsonld.JsonLd;
+import com.apicatalog.jsonld.StringUtils;
+import com.apicatalog.jsonld.document.JsonDocument;
+import com.apicatalog.jsonld.http.media.MediaType;
+import com.apicatalog.rdf.Rdf;
+import com.apicatalog.rdf.RdfDataset;
+import com.fasterxml.jackson.databind.JsonNode;
+import com.fasterxml.jackson.databind.ObjectMapper;
+import com.fasterxml.jackson.databind.node.ObjectNode;
+
+import io.setl.rdf.normalization.RdfNormalize;
+
 /**
  * A Probe that verifies credential proofs 
  * @author mlyon
@@ -27,13 +43,45 @@ public class ProofVerifierProbe extends Probe<Credential> {
 	
 	@Override
 	public ReportItems run(Credential crd, RunContext ctx) throws Exception {
-
-		//TODO @Miles -- if proofs fail, report OutCome.Fatal
-								
+		
+		try {
+			String canonical = canonicalize(crd, C14n.URDNA2015, MediaType.N_QUADS, ctx);
+			//System.out.println(canonical);
+			
+			//TODO if proofs fail, report OutCome.Fatal
+			//return fatal("msg", ctx);
+			
+		} catch (Exception e) {
+			return exception(e.getMessage(), crd.getResource());
+		}										
 		return success(ctx);
 	}
 
-	public boolean validate(String pubkey, String signature, String timestamp, String message) throws Exception {
+	private String canonicalize(Credential crd, C14n algo, MediaType mediaType, RunContext ctx) throws Exception {
+		
+		//clone the incoming credential object so we can modify it freely
+		ObjectMapper mapper = (ObjectMapper)ctx.get(JACKSON_OBJECTMAPPER);
+		JsonNode copy = mapper.readTree(crd.asJson().toString());
+		
+		//remove proof
+		((ObjectNode)copy).remove("proof");
+				
+		//create JSON-P Json-LD instance
+		JsonDocument jsonLdDoc = JsonDocument.of(new StringReader(copy.toString()));
+				
+		//create rdf and normalize
+		RdfDataset dataSet = JsonLd.toRdf(jsonLdDoc).ordered(true).get();
+		RdfDataset normalized = RdfNormalize.normalize(dataSet);
+		
+		//serialize to string
+		ByteArrayOutputStream os = new ByteArrayOutputStream();
+        Rdf.createWriter(mediaType, os).write(normalized);
+        String result = StringUtils.stripTrailing(os.toString());
+                
+		return result;
+	}
+
+	private boolean validate(String pubkey, String signature, String timestamp, String message) throws Exception {
 		//TODO: continue this implementation.
 		//Pulled in bouncy castle library and made sure this sample compiled only.
 		final var provider = new BouncyCastleProvider();
@@ -49,6 +97,10 @@ public class ProofVerifierProbe extends Probe<Credential> {
 		signedData.update(message.getBytes());
 		return signedData.verify(Hex.decode(signature));
 	}
+	
+	private enum C14n {
+		URDNA2015
+	}
 
 	public static final String ID = ProofVerifierProbe.class.getSimpleName();
 }