Verify eddsa-2022 proofs
This commit is contained in:
parent
c55bbf808a
commit
dfa159035f
@ -12,6 +12,7 @@ import org.oneedtech.inspect.core.probe.RunContext;
|
|||||||
import org.oneedtech.inspect.core.report.ReportItems;
|
import org.oneedtech.inspect.core.report.ReportItems;
|
||||||
import org.oneedtech.inspect.vc.VerifiableCredential;
|
import org.oneedtech.inspect.vc.VerifiableCredential;
|
||||||
import org.oneedtech.inspect.vc.W3CVCHolder;
|
import org.oneedtech.inspect.vc.W3CVCHolder;
|
||||||
|
import org.oneedtech.inspect.vc.verification.Ed25519Signature2022LdVerifier;
|
||||||
|
|
||||||
import com.apicatalog.jsonld.StringUtils;
|
import com.apicatalog.jsonld.StringUtils;
|
||||||
import com.apicatalog.jsonld.document.Document;
|
import com.apicatalog.jsonld.document.Document;
|
||||||
@ -22,6 +23,7 @@ import com.apicatalog.multicodec.Multicodec.Codec;
|
|||||||
|
|
||||||
import info.weboftrust.ldsignatures.LdProof;
|
import info.weboftrust.ldsignatures.LdProof;
|
||||||
import info.weboftrust.ldsignatures.verifier.Ed25519Signature2020LdVerifier;
|
import info.weboftrust.ldsignatures.verifier.Ed25519Signature2020LdVerifier;
|
||||||
|
import info.weboftrust.ldsignatures.verifier.LdVerifier;
|
||||||
import jakarta.json.JsonArray;
|
import jakarta.json.JsonArray;
|
||||||
import jakarta.json.JsonObject;
|
import jakarta.json.JsonObject;
|
||||||
import jakarta.json.JsonString;
|
import jakarta.json.JsonString;
|
||||||
@ -55,23 +57,18 @@ public class EmbeddedProofProbe extends Probe<VerifiableCredential> {
|
|||||||
}
|
}
|
||||||
|
|
||||||
// get proof of standard type and purpose
|
// get proof of standard type and purpose
|
||||||
Optional<LdProof> selectedProof = proofs.stream().filter(
|
Optional<LdProof> selectedProof = proofs.stream()
|
||||||
proof -> proof.isType("Ed25519Signature2020") && proof.getProofPurpose().equals("assertionMethod"))
|
.filter(proof -> proof.getProofPurpose().equals("assertionMethod"))
|
||||||
.findFirst();
|
.filter(proof -> proof.isType("Ed25519Signature2020") ||
|
||||||
|
(proof.isType("DataIntegrityProof") && proof.getJsonObject().containsKey("cryptosuite") && proof.getJsonObject().get("cryptosuite").equals("eddsa-2022")))
|
||||||
|
.findFirst();
|
||||||
|
|
||||||
if (!selectedProof.isPresent()) {
|
if (!selectedProof.isPresent()) {
|
||||||
return error("No proof with type \"Ed25519Signature2020\" or proof purpose \"assertionMethod\" found", ctx);
|
return error("No proof with type any of (\"Ed25519Signature2020\", \"DataIntegrityProof\" with cryptosuite attr of \"eddsa-2022\") or proof purpose \"assertionMethod\" found", ctx);
|
||||||
}
|
}
|
||||||
|
|
||||||
LdProof proof = selectedProof.get();
|
LdProof proof = selectedProof.get();
|
||||||
|
|
||||||
if (!proof.isType("Ed25519Signature2020")) {
|
|
||||||
return error("Unknown proof type: " + proof.getType(), ctx);
|
|
||||||
}
|
|
||||||
if (!proof.getProofPurpose().equals("assertionMethod")) {
|
|
||||||
return error("Invalid proof purpose: " + proof.getProofPurpose(), ctx);
|
|
||||||
}
|
|
||||||
|
|
||||||
URI method = proof.getVerificationMethod();
|
URI method = proof.getVerificationMethod();
|
||||||
|
|
||||||
// The verification method must dereference to an Ed25519VerificationKey2020.
|
// The verification method must dereference to an Ed25519VerificationKey2020.
|
||||||
@ -245,7 +242,8 @@ public class EmbeddedProofProbe extends Probe<VerifiableCredential> {
|
|||||||
// Extract the publicKey bytes from the Multicodec
|
// Extract the publicKey bytes from the Multicodec
|
||||||
byte[] publicKey = Multicodec.decode(Codec.Ed25519PublicKey, publicKeyMulticodec);
|
byte[] publicKey = Multicodec.decode(Codec.Ed25519PublicKey, publicKeyMulticodec);
|
||||||
|
|
||||||
Ed25519Signature2020LdVerifier verifier = new Ed25519Signature2020LdVerifier(publicKey);
|
// choose verifier
|
||||||
|
LdVerifier<?> verifier = getVerifier(proof, publicKey);
|
||||||
|
|
||||||
try {
|
try {
|
||||||
boolean verify = verifier.verify(credentialHolder.getCredential(), proof);
|
boolean verify = verifier.verify(credentialHolder.getCredential(), proof);
|
||||||
@ -259,6 +257,12 @@ public class EmbeddedProofProbe extends Probe<VerifiableCredential> {
|
|||||||
return success(ctx);
|
return success(ctx);
|
||||||
}
|
}
|
||||||
|
|
||||||
|
private LdVerifier<?> getVerifier(LdProof proof, byte[] publicKey) {
|
||||||
|
return proof.isType("Ed25519Signature2020")
|
||||||
|
? new Ed25519Signature2020LdVerifier(publicKey)
|
||||||
|
: new Ed25519Signature2022LdVerifier(publicKey);
|
||||||
|
}
|
||||||
|
|
||||||
private Boolean IsValidPublicKeyMultibase(String publicKeyMultibase) {
|
private Boolean IsValidPublicKeyMultibase(String publicKeyMultibase) {
|
||||||
try {
|
try {
|
||||||
byte[] publicKeyMulticodec = Multibase.decode(publicKeyMultibase);
|
byte[] publicKeyMulticodec = Multibase.decode(publicKeyMultibase);
|
||||||
|
Loading…
Reference in New Issue
Block a user