Verify eddsa-2022 proofs

This commit is contained in:
Xavi Aracil 2023-05-29 11:15:18 +02:00
parent c55bbf808a
commit dfa159035f

View File

@ -12,6 +12,7 @@ import org.oneedtech.inspect.core.probe.RunContext;
import org.oneedtech.inspect.core.report.ReportItems;
import org.oneedtech.inspect.vc.VerifiableCredential;
import org.oneedtech.inspect.vc.W3CVCHolder;
import org.oneedtech.inspect.vc.verification.Ed25519Signature2022LdVerifier;
import com.apicatalog.jsonld.StringUtils;
import com.apicatalog.jsonld.document.Document;
@ -22,6 +23,7 @@ import com.apicatalog.multicodec.Multicodec.Codec;
import info.weboftrust.ldsignatures.LdProof;
import info.weboftrust.ldsignatures.verifier.Ed25519Signature2020LdVerifier;
import info.weboftrust.ldsignatures.verifier.LdVerifier;
import jakarta.json.JsonArray;
import jakarta.json.JsonObject;
import jakarta.json.JsonString;
@ -55,23 +57,18 @@ public class EmbeddedProofProbe extends Probe<VerifiableCredential> {
}
// get proof of standard type and purpose
Optional<LdProof> selectedProof = proofs.stream().filter(
proof -> proof.isType("Ed25519Signature2020") && proof.getProofPurpose().equals("assertionMethod"))
Optional<LdProof> selectedProof = proofs.stream()
.filter(proof -> proof.getProofPurpose().equals("assertionMethod"))
.filter(proof -> proof.isType("Ed25519Signature2020") ||
(proof.isType("DataIntegrityProof") && proof.getJsonObject().containsKey("cryptosuite") && proof.getJsonObject().get("cryptosuite").equals("eddsa-2022")))
.findFirst();
if (!selectedProof.isPresent()) {
return error("No proof with type \"Ed25519Signature2020\" or proof purpose \"assertionMethod\" found", ctx);
return error("No proof with type any of (\"Ed25519Signature2020\", \"DataIntegrityProof\" with cryptosuite attr of \"eddsa-2022\") or proof purpose \"assertionMethod\" found", ctx);
}
LdProof proof = selectedProof.get();
if (!proof.isType("Ed25519Signature2020")) {
return error("Unknown proof type: " + proof.getType(), ctx);
}
if (!proof.getProofPurpose().equals("assertionMethod")) {
return error("Invalid proof purpose: " + proof.getProofPurpose(), ctx);
}
URI method = proof.getVerificationMethod();
// The verification method must dereference to an Ed25519VerificationKey2020.
@ -245,7 +242,8 @@ public class EmbeddedProofProbe extends Probe<VerifiableCredential> {
// Extract the publicKey bytes from the Multicodec
byte[] publicKey = Multicodec.decode(Codec.Ed25519PublicKey, publicKeyMulticodec);
Ed25519Signature2020LdVerifier verifier = new Ed25519Signature2020LdVerifier(publicKey);
// choose verifier
LdVerifier<?> verifier = getVerifier(proof, publicKey);
try {
boolean verify = verifier.verify(credentialHolder.getCredential(), proof);
@ -259,6 +257,12 @@ public class EmbeddedProofProbe extends Probe<VerifiableCredential> {
return success(ctx);
}
private LdVerifier<?> getVerifier(LdProof proof, byte[] publicKey) {
return proof.isType("Ed25519Signature2020")
? new Ed25519Signature2020LdVerifier(publicKey)
: new Ed25519Signature2022LdVerifier(publicKey);
}
private Boolean IsValidPublicKeyMultibase(String publicKeyMultibase) {
try {
byte[] publicKeyMulticodec = Multibase.decode(publicKeyMultibase);