From 363390486fed9ce05126750373faf177dfa57601 Mon Sep 17 00:00:00 2001 From: Simon Mueller Date: Fri, 22 Dec 2023 17:21:34 +0100 Subject: [PATCH] Update Kmp-Crypto --- kmp-crypto | 2 +- .../lib/aries/IssueCredentialProtocol.kt | 2 +- .../wallet/lib/aries/MessageWrapper.kt | 2 +- .../lib/aries/DummyCredentialDataProvider.kt | 4 ++-- .../lib/aries/PresentProofMessengerTest.kt | 2 +- .../lib/aries/PresentProofProtocolTest.kt | 2 +- .../wallet/lib/oidc/OidcSiopVerifier.kt | 2 +- .../wallet/lib/oidc/OidcSiopWallet.kt | 6 +++--- .../lib/oidc/DummyCredentialDataProvider.kt | 2 +- .../lib/oidc/OidcSiopIsoProtocolTest.kt | 2 +- .../wallet/lib/oidc/OidcSiopProtocolTest.kt | 2 +- .../lib/oidc/OidcSiopSdJwtProtocolTest.kt | 2 +- .../asitplus/wallet/lib/agent/HolderAgent.kt | 4 ++-- .../asitplus/wallet/lib/agent/IssuerAgent.kt | 19 +++---------------- .../wallet/lib/agent/VerifierAgent.kt | 2 +- .../asitplus/wallet/lib/cbor/CoseService.kt | 2 +- .../at/asitplus/wallet/lib/jws/JwsService.kt | 2 +- .../wallet/lib/agent/AgentRevocationTest.kt | 2 +- .../lib/agent/DummyCredentialDataProvider.kt | 2 +- .../wallet/lib/agent/ValidatorVcTest.kt | 2 +- .../wallet/lib/agent/DefaultCryptoService.kt | 5 ++--- .../wallet/lib/agent/DefaultCryptoService.kt | 14 +++++--------- 22 files changed, 33 insertions(+), 51 deletions(-) diff --git a/kmp-crypto b/kmp-crypto index 1ba0f17b5..adf02cf64 160000 --- a/kmp-crypto +++ b/kmp-crypto @@ -1 +1 @@ -Subproject commit 1ba0f17b5a4372542d72dfb72192ee810b9b972d +Subproject commit adf02cf64bf2bdb74336b25dd3c82251f8f6245f diff --git a/vclib-aries/src/commonMain/kotlin/at/asitplus/wallet/lib/aries/IssueCredentialProtocol.kt b/vclib-aries/src/commonMain/kotlin/at/asitplus/wallet/lib/aries/IssueCredentialProtocol.kt index 53424256a..e87e8aac5 100644 --- a/vclib-aries/src/commonMain/kotlin/at/asitplus/wallet/lib/aries/IssueCredentialProtocol.kt +++ b/vclib-aries/src/commonMain/kotlin/at/asitplus/wallet/lib/aries/IssueCredentialProtocol.kt @@ -232,7 +232,7 @@ class IssueCredentialProtocol( // TODO Is there a way to transport the format, i.e. JWT-VC or SD-JWT? val cryptoPublicKey = - requestCredentialAttachment.credentialManifest.subject?.let { kotlin.runCatching { CryptoPublicKey.fromKeyId(it) }.getOrNull()} + requestCredentialAttachment.credentialManifest.subject?.let { kotlin.runCatching { CryptoPublicKey.fromDid(it) }.getOrNull()} ?: senderKey.toCryptoPublicKey().getOrNull() ?: return problemReporter.problemInternal(lastMessage.threadId, "no-sender-key") val issuedCredentials = issuer?.issueCredential( diff --git a/vclib-aries/src/commonMain/kotlin/at/asitplus/wallet/lib/aries/MessageWrapper.kt b/vclib-aries/src/commonMain/kotlin/at/asitplus/wallet/lib/aries/MessageWrapper.kt index 8755bdaf6..79aba5a4a 100644 --- a/vclib-aries/src/commonMain/kotlin/at/asitplus/wallet/lib/aries/MessageWrapper.kt +++ b/vclib-aries/src/commonMain/kotlin/at/asitplus/wallet/lib/aries/MessageWrapper.kt @@ -59,7 +59,7 @@ class MessageWrapper( val message = JsonWebMessage.deserialize(payloadString) ?: return ReceivedMessage.Error .also { Napier.w("Could not parse plain message") } - return ReceivedMessage.Success(message, joseObject.header.publicKey?.toJsonWebKey()?.getOrNull()!!) + return ReceivedMessage.Success(message, joseObject.header.publicKey?.toJsonWebKey()) } return ReceivedMessage.Error .also { Napier.w("ContentType not matching") } diff --git a/vclib-aries/src/commonTest/kotlin/at/asitplus/wallet/lib/aries/DummyCredentialDataProvider.kt b/vclib-aries/src/commonTest/kotlin/at/asitplus/wallet/lib/aries/DummyCredentialDataProvider.kt index 1630b2730..496d36891 100644 --- a/vclib-aries/src/commonTest/kotlin/at/asitplus/wallet/lib/aries/DummyCredentialDataProvider.kt +++ b/vclib-aries/src/commonTest/kotlin/at/asitplus/wallet/lib/aries/DummyCredentialDataProvider.kt @@ -2,6 +2,7 @@ package at.asitplus.wallet.lib.aries import at.asitplus.KmmResult import at.asitplus.crypto.datatypes.CryptoPublicKey +import at.asitplus.crypto.datatypes.jws.jwkId import at.asitplus.crypto.datatypes.jws.toJsonWebKey import at.asitplus.wallet.lib.agent.ClaimToBeIssued import at.asitplus.wallet.lib.agent.CredentialToBeIssued @@ -31,8 +32,7 @@ class DummyCredentialDataProvider( if (credentialScheme != ConstantIndex.AtomicAttribute2023) { return KmmResult.failure(UnsupportedOperationException("no data")) } - val subjectId = subjectPublicKey.toJsonWebKey() - .fold(onSuccess = { it.keyId!! }, onFailure = { return KmmResult.failure(it) }) + val subjectId = subjectPublicKey.didEncoded val expiration = clock.now() + defaultLifetime val claims = listOf( ClaimToBeIssued("given-name", "Susanne"), diff --git a/vclib-aries/src/commonTest/kotlin/at/asitplus/wallet/lib/aries/PresentProofMessengerTest.kt b/vclib-aries/src/commonTest/kotlin/at/asitplus/wallet/lib/aries/PresentProofMessengerTest.kt index 638d14bdd..7048130b1 100644 --- a/vclib-aries/src/commonTest/kotlin/at/asitplus/wallet/lib/aries/PresentProofMessengerTest.kt +++ b/vclib-aries/src/commonTest/kotlin/at/asitplus/wallet/lib/aries/PresentProofMessengerTest.kt @@ -35,7 +35,7 @@ class PresentProofMessengerTest : FreeSpec() { issuerCryptoService = DefaultCryptoService() holderCredentialStore = InMemorySubjectCredentialStore() holder = HolderAgent.newDefaultInstance(holderCryptoService, subjectCredentialStore = holderCredentialStore) - verifier = VerifierAgent.newDefaultInstance(verifierCryptoService.jsonWebKey.identifier) + verifier = VerifierAgent.newDefaultInstance(verifierCryptoService.publicKey.didEncoded) issuer = IssuerAgent.newDefaultInstance(issuerCryptoService, dataProvider = DummyCredentialDataProvider()) verifierChallenge = uuid4().toString() holderServiceEndpoint = "https://example.com/present-proof?${uuid4()}" diff --git a/vclib-aries/src/commonTest/kotlin/at/asitplus/wallet/lib/aries/PresentProofProtocolTest.kt b/vclib-aries/src/commonTest/kotlin/at/asitplus/wallet/lib/aries/PresentProofProtocolTest.kt index dc024dab0..2dd78a5b0 100644 --- a/vclib-aries/src/commonTest/kotlin/at/asitplus/wallet/lib/aries/PresentProofProtocolTest.kt +++ b/vclib-aries/src/commonTest/kotlin/at/asitplus/wallet/lib/aries/PresentProofProtocolTest.kt @@ -21,7 +21,7 @@ class PresentProofProtocolTest : FreeSpec({ holderCryptoService = DefaultCryptoService() verifierCryptoService = DefaultCryptoService() holder = HolderAgent.newDefaultInstance(holderCryptoService) - verifier = VerifierAgent.newDefaultInstance(verifierCryptoService.jsonWebKey.identifier) + verifier = VerifierAgent.newDefaultInstance(verifierCryptoService.publicKey.didEncoded) holderProtocol = PresentProofProtocol.newHolderInstance( holder = holder, serviceEndpoint = "https://example.com/", diff --git a/vclib-openid/src/commonMain/kotlin/at/asitplus/wallet/lib/oidc/OidcSiopVerifier.kt b/vclib-openid/src/commonMain/kotlin/at/asitplus/wallet/lib/oidc/OidcSiopVerifier.kt index 26f84df38..583b1fc08 100644 --- a/vclib-openid/src/commonMain/kotlin/at/asitplus/wallet/lib/oidc/OidcSiopVerifier.kt +++ b/vclib-openid/src/commonMain/kotlin/at/asitplus/wallet/lib/oidc/OidcSiopVerifier.kt @@ -180,7 +180,7 @@ class OidcSiopVerifier( ) val metadata = RelyingPartyMetadata( redirectUris = arrayOf(relyingPartyUrl), - jsonWebKeySet = JsonWebKeySet(arrayOf(agentPublicKey.toJsonWebKey().getOrNull()!!)), + jsonWebKeySet = JsonWebKeySet(arrayOf(agentPublicKey.toJsonWebKey())), subjectSyntaxTypesSupported = arrayOf(URN_TYPE_JWK_THUMBPRINT, PREFIX_DID_KEY), vpFormats = vpFormats, ) diff --git a/vclib-openid/src/commonMain/kotlin/at/asitplus/wallet/lib/oidc/OidcSiopWallet.kt b/vclib-openid/src/commonMain/kotlin/at/asitplus/wallet/lib/oidc/OidcSiopWallet.kt index 99ca34ec2..4fb18726f 100644 --- a/vclib-openid/src/commonMain/kotlin/at/asitplus/wallet/lib/oidc/OidcSiopWallet.kt +++ b/vclib-openid/src/commonMain/kotlin/at/asitplus/wallet/lib/oidc/OidcSiopWallet.kt @@ -221,9 +221,9 @@ class OidcSiopWallet( val now = clock.now() // we'll assume jwk-thumbprint val idToken = IdToken( - issuer = agentPublicKey.toJsonWebKey().getOrNull()!!.jwkThumbprint, - subject = agentPublicKey.toJsonWebKey().getOrNull()!!.jwkThumbprint, - subjectJwk = agentPublicKey.toJsonWebKey().getOrNull()!!, + issuer = agentPublicKey.toJsonWebKey().jwkThumbprint, + subject = agentPublicKey.toJsonWebKey().jwkThumbprint, + subjectJwk = agentPublicKey.toJsonWebKey(), audience = params.redirectUrl, issuedAt = now, expiration = now + 60.seconds, diff --git a/vclib-openid/src/commonTest/kotlin/at/asitplus/wallet/lib/oidc/DummyCredentialDataProvider.kt b/vclib-openid/src/commonTest/kotlin/at/asitplus/wallet/lib/oidc/DummyCredentialDataProvider.kt index 827b9e65c..c9715bcab 100644 --- a/vclib-openid/src/commonTest/kotlin/at/asitplus/wallet/lib/oidc/DummyCredentialDataProvider.kt +++ b/vclib-openid/src/commonTest/kotlin/at/asitplus/wallet/lib/oidc/DummyCredentialDataProvider.kt @@ -39,7 +39,7 @@ class DummyCredentialDataProvider( val expiration = clock.now() + defaultLifetime val credentials = mutableListOf() if (credentialScheme == ConstantIndex.AtomicAttribute2023) { - val subjectId = subjectPublicKey.toJsonWebKey().getOrNull()!!.identifier + val subjectId = subjectPublicKey.didEncoded val claims = listOfNotNull( optionalClaim(claimNames, "given-name", "Susanne"), optionalClaim(claimNames, "family-name", "Meier"), diff --git a/vclib-openid/src/commonTest/kotlin/at/asitplus/wallet/lib/oidc/OidcSiopIsoProtocolTest.kt b/vclib-openid/src/commonTest/kotlin/at/asitplus/wallet/lib/oidc/OidcSiopIsoProtocolTest.kt index e730426fe..9cdf7df66 100644 --- a/vclib-openid/src/commonTest/kotlin/at/asitplus/wallet/lib/oidc/OidcSiopIsoProtocolTest.kt +++ b/vclib-openid/src/commonTest/kotlin/at/asitplus/wallet/lib/oidc/OidcSiopIsoProtocolTest.kt @@ -35,7 +35,7 @@ class OidcSiopIsoProtocolTest : FreeSpec({ relyingPartyUrl = "https://example.com/rp/${uuid4()}" walletUrl = "https://example.com/wallet/${uuid4()}" holderAgent = HolderAgent.newDefaultInstance(holderCryptoService) - verifierAgent = VerifierAgent.newDefaultInstance(verifierCryptoService.jsonWebKey.identifier) + verifierAgent = VerifierAgent.newDefaultInstance(verifierCryptoService.publicKey.didEncoded) runBlocking { val issuerAgent = IssuerAgent.newDefaultInstance( DefaultCryptoService(), diff --git a/vclib-openid/src/commonTest/kotlin/at/asitplus/wallet/lib/oidc/OidcSiopProtocolTest.kt b/vclib-openid/src/commonTest/kotlin/at/asitplus/wallet/lib/oidc/OidcSiopProtocolTest.kt index 898674cff..7c287d493 100644 --- a/vclib-openid/src/commonTest/kotlin/at/asitplus/wallet/lib/oidc/OidcSiopProtocolTest.kt +++ b/vclib-openid/src/commonTest/kotlin/at/asitplus/wallet/lib/oidc/OidcSiopProtocolTest.kt @@ -37,7 +37,7 @@ class OidcSiopProtocolTest : FreeSpec({ relyingPartyUrl = "https://example.com/rp/${uuid4()}" walletUrl = "https://example.com/wallet/${uuid4()}" holderAgent = HolderAgent.newDefaultInstance(holderCryptoService) - verifierAgent = VerifierAgent.newDefaultInstance(verifierCryptoService.jsonWebKey.identifier) + verifierAgent = VerifierAgent.newDefaultInstance(verifierCryptoService.publicKey.didEncoded) runBlocking { holderAgent.storeCredentials( IssuerAgent.newDefaultInstance( diff --git a/vclib-openid/src/commonTest/kotlin/at/asitplus/wallet/lib/oidc/OidcSiopSdJwtProtocolTest.kt b/vclib-openid/src/commonTest/kotlin/at/asitplus/wallet/lib/oidc/OidcSiopSdJwtProtocolTest.kt index be23019ce..007a093ad 100644 --- a/vclib-openid/src/commonTest/kotlin/at/asitplus/wallet/lib/oidc/OidcSiopSdJwtProtocolTest.kt +++ b/vclib-openid/src/commonTest/kotlin/at/asitplus/wallet/lib/oidc/OidcSiopSdJwtProtocolTest.kt @@ -30,7 +30,7 @@ class OidcSiopSdJwtProtocolTest : FreeSpec({ relyingPartyUrl = "https://example.com/rp/${uuid4()}" walletUrl = "https://example.com/wallet/${uuid4()}" holderAgent = HolderAgent.newDefaultInstance(holderCryptoService) - verifierAgent = VerifierAgent.newDefaultInstance(verifierCryptoService.jsonWebKey.identifier) + verifierAgent = VerifierAgent.newDefaultInstance(verifierCryptoService.publicKey.didEncoded) runBlocking { holderAgent.storeCredentials( IssuerAgent.newDefaultInstance( diff --git a/vclib/src/commonMain/kotlin/at/asitplus/wallet/lib/agent/HolderAgent.kt b/vclib/src/commonMain/kotlin/at/asitplus/wallet/lib/agent/HolderAgent.kt index a32618f56..9241aad18 100644 --- a/vclib/src/commonMain/kotlin/at/asitplus/wallet/lib/agent/HolderAgent.kt +++ b/vclib/src/commonMain/kotlin/at/asitplus/wallet/lib/agent/HolderAgent.kt @@ -39,7 +39,7 @@ class HolderAgent( subjectCredentialStore = subjectCredentialStore, jwsService = DefaultJwsService(cryptoService), coseService = DefaultCoseService(cryptoService), - identifier = cryptoService.publicKey.keyId, + identifier = cryptoService.publicKey.didEncoded, ) /** @@ -53,7 +53,7 @@ class HolderAgent( subjectCredentialStore = subjectCredentialStore, jwsService = DefaultJwsService(cryptoService), coseService = DefaultCoseService(cryptoService), - identifier = cryptoService.publicKey.keyId, + identifier = cryptoService.publicKey.didEncoded, ) } diff --git a/vclib/src/commonMain/kotlin/at/asitplus/wallet/lib/agent/IssuerAgent.kt b/vclib/src/commonMain/kotlin/at/asitplus/wallet/lib/agent/IssuerAgent.kt index a15c67d4c..306530acf 100644 --- a/vclib/src/commonMain/kotlin/at/asitplus/wallet/lib/agent/IssuerAgent.kt +++ b/vclib/src/commonMain/kotlin/at/asitplus/wallet/lib/agent/IssuerAgent.kt @@ -63,7 +63,7 @@ class IssuerAgent( jwsService = DefaultJwsService(cryptoService), coseService = DefaultCoseService(cryptoService), dataProvider = dataProvider, - identifier = cryptoService.jsonWebKey.identifier, + identifier = cryptoService.publicKey.didEncoded, timePeriodProvider = timePeriodProvider, clock = clock, ) @@ -225,16 +225,7 @@ class IssuerAgent( val vcId = "urn:uuid:${uuid4()}" val expirationDate = credential.expiration val timePeriod = timePeriodProvider.getTimePeriodFor(issuanceDate) - val subjectId = subjectPublicKey.toJsonWebKey().getOrElse { - return Issuer.IssuedCredentialResult( - failed = listOf( - Issuer.FailedAttribute( - scheme.vcType, - DataSourceProblem("subjectPublicKey transformation error") - ) - ) - ).also { Napier.w("subjectPublicKey could not be transformed to a JWK") } - }.keyId ?: return Issuer.IssuedCredentialResult( + val subjectId = subjectPublicKey.toJsonWebKey().keyId ?: return Issuer.IssuedCredentialResult( failed = listOf( Issuer.FailedAttribute( scheme.vcType, @@ -268,9 +259,7 @@ class IssuerAgent( disclosureDigests = disclosureDigests, type = arrayOf(VcDataModelConstants.VERIFIABLE_CREDENTIAL, scheme.vcType), selectiveDisclosureAlgorithm = "sha-256", - confirmationKey = subjectPublicKey.toJsonWebKey().getOrElse { return Issuer.IssuedCredentialResult( - failed = listOf(Issuer.FailedAttribute(scheme.vcType, DataSourceProblem("confirmationKey transformation failed"))) - ).also { Napier.w("Could not transform subjectPublicKey to JWK") } }, + confirmationKey = subjectPublicKey.toJsonWebKey(), credentialStatus = credentialStatus, ).serialize().encodeToByteArray() // TODO Which content type to use for SD-JWT inside an JWS? @@ -372,6 +361,4 @@ class IssuerAgent( expiration = expirationDate, jwtId = id ) - - } diff --git a/vclib/src/commonMain/kotlin/at/asitplus/wallet/lib/agent/VerifierAgent.kt b/vclib/src/commonMain/kotlin/at/asitplus/wallet/lib/agent/VerifierAgent.kt index b7c1f8dcc..f5d46d1c5 100644 --- a/vclib/src/commonMain/kotlin/at/asitplus/wallet/lib/agent/VerifierAgent.kt +++ b/vclib/src/commonMain/kotlin/at/asitplus/wallet/lib/agent/VerifierAgent.kt @@ -41,7 +41,7 @@ class VerifierAgent private constructor( */ fun newRandomInstance(): VerifierAgent = VerifierAgent( validator = Validator.newDefaultInstance(), - identifier = DefaultCryptoService().jsonWebKey.identifier, + identifier = DefaultCryptoService().publicKey.didEncoded, ) } diff --git a/vclib/src/commonMain/kotlin/at/asitplus/wallet/lib/cbor/CoseService.kt b/vclib/src/commonMain/kotlin/at/asitplus/wallet/lib/cbor/CoseService.kt index 54f76780f..1df0582da 100644 --- a/vclib/src/commonMain/kotlin/at/asitplus/wallet/lib/cbor/CoseService.kt +++ b/vclib/src/commonMain/kotlin/at/asitplus/wallet/lib/cbor/CoseService.kt @@ -52,7 +52,7 @@ class DefaultCoseService(private val cryptoService: CryptoService) : CoseService ): KmmResult { var copyProtectedHeader = protectedHeader.copy(algorithm = cryptoService.algorithm.toCoseAlgorithm()) if (addKeyId) copyProtectedHeader = - copyProtectedHeader.copy(kid = cryptoService.jsonWebKey.identifier.encodeToByteArray()) + copyProtectedHeader.copy(kid = cryptoService.publicKey.didEncoded.encodeToByteArray()) val copyUnprotectedHeader = if (addCertificate) { (unprotectedHeader ?: CoseHeader()).copy(certificateChain = cryptoService.certificate.encodeToDer()) diff --git a/vclib/src/commonMain/kotlin/at/asitplus/wallet/lib/jws/JwsService.kt b/vclib/src/commonMain/kotlin/at/asitplus/wallet/lib/jws/JwsService.kt index 33e4a1f59..9fab82cc4 100644 --- a/vclib/src/commonMain/kotlin/at/asitplus/wallet/lib/jws/JwsService.kt +++ b/vclib/src/commonMain/kotlin/at/asitplus/wallet/lib/jws/JwsService.kt @@ -67,7 +67,7 @@ class DefaultJwsService(private val cryptoService: CryptoService) : JwsService { ): JwsSigned? { val jwsHeader = JwsHeader( algorithm = cryptoService.algorithm.toJwsAlgorithm(), - keyId = cryptoService.publicKey.keyId, + keyId = cryptoService.publicKey.didEncoded, type = type, contentType = contentType ) diff --git a/vclib/src/commonTest/kotlin/at/asitplus/wallet/lib/agent/AgentRevocationTest.kt b/vclib/src/commonTest/kotlin/at/asitplus/wallet/lib/agent/AgentRevocationTest.kt index e5fc0f778..c26643593 100644 --- a/vclib/src/commonTest/kotlin/at/asitplus/wallet/lib/agent/AgentRevocationTest.kt +++ b/vclib/src/commonTest/kotlin/at/asitplus/wallet/lib/agent/AgentRevocationTest.kt @@ -34,7 +34,7 @@ class AgentRevocationTest : FreeSpec({ dataProvider = DummyCredentialDataProvider() ) verifierCryptoService = DefaultCryptoService() - verifier = VerifierAgent.newDefaultInstance(verifierCryptoService.jsonWebKey.identifier) + verifier = VerifierAgent.newDefaultInstance(verifierCryptoService.publicKey.didEncoded) expectedRevokedIndexes = issuerCredentialStore.revokeRandomCredentials() } diff --git a/vclib/src/commonTest/kotlin/at/asitplus/wallet/lib/agent/DummyCredentialDataProvider.kt b/vclib/src/commonTest/kotlin/at/asitplus/wallet/lib/agent/DummyCredentialDataProvider.kt index cabda6978..3dc42c350 100644 --- a/vclib/src/commonTest/kotlin/at/asitplus/wallet/lib/agent/DummyCredentialDataProvider.kt +++ b/vclib/src/commonTest/kotlin/at/asitplus/wallet/lib/agent/DummyCredentialDataProvider.kt @@ -30,7 +30,7 @@ class DummyCredentialDataProvider( ClaimToBeIssued("family-name", "Meier"), ClaimToBeIssued("date-of-birth", "1990-01-01"), ) - val subjectId = subjectPublicKey.toJsonWebKey().getOrNull()!!.identifier + val subjectId = subjectPublicKey.didEncoded val credentials = when (representation) { ConstantIndex.CredentialRepresentation.SD_JWT -> listOf( CredentialToBeIssued.VcSd( diff --git a/vclib/src/commonTest/kotlin/at/asitplus/wallet/lib/agent/ValidatorVcTest.kt b/vclib/src/commonTest/kotlin/at/asitplus/wallet/lib/agent/ValidatorVcTest.kt index 5af0881b8..65a4abc7e 100644 --- a/vclib/src/commonTest/kotlin/at/asitplus/wallet/lib/agent/ValidatorVcTest.kt +++ b/vclib/src/commonTest/kotlin/at/asitplus/wallet/lib/agent/ValidatorVcTest.kt @@ -42,7 +42,7 @@ class ValidatorVcTest : FreeSpec() { ) issuerJwsService = DefaultJwsService(issuerCryptoService) verifierCryptoService = DefaultCryptoService() - verifier = VerifierAgent.newDefaultInstance(verifierCryptoService.jsonWebKey.identifier) + verifier = VerifierAgent.newDefaultInstance(verifierCryptoService.publicKey.didEncoded) } "credentials are valid for" { diff --git a/vclib/src/iosMain/kotlin/at/asitplus/wallet/lib/agent/DefaultCryptoService.kt b/vclib/src/iosMain/kotlin/at/asitplus/wallet/lib/agent/DefaultCryptoService.kt index 01578ad14..3eaab06a7 100644 --- a/vclib/src/iosMain/kotlin/at/asitplus/wallet/lib/agent/DefaultCryptoService.kt +++ b/vclib/src/iosMain/kotlin/at/asitplus/wallet/lib/agent/DefaultCryptoService.kt @@ -72,7 +72,7 @@ actual class DefaultCryptoService : CryptoService { override val certificate: X509Certificate override val jsonWebKey: JsonWebKey - get() = publicKey.toJsonWebKey().getOrNull()!! + get() = publicKey.toJsonWebKey() override val coseKey: CoseKey get() = publicKey.toCoseKey(CoseAlgorithm.ES256).getOrNull()!! @@ -221,8 +221,7 @@ actual class DefaultVerifierCryptoService : VerifierCryptoService { data class DefaultEphemeralKeyHolder(val publicKey: SecKeyRef, val privateKey: SecKeyRef? = null) : EphemeralKeyHolder { - override val publicJsonWebKey = CryptoPublicKey.Ec.fromAnsiX963Bytes((CFBridgingRelease(SecKeyCopyExternalRepresentation(publicKey, null)) as NSData).toByteArray()).toJsonWebKey().getOrThrow() - + override val publicJsonWebKey = CryptoPublicKey.Ec.fromAnsiX963Bytes((CFBridgingRelease(SecKeyCopyExternalRepresentation(publicKey, null)) as NSData).toByteArray()).toJsonWebKey() } inline fun MemScope.toData(array: ByteArray): NSData = diff --git a/vclib/src/jvmMain/kotlin/at/asitplus/wallet/lib/agent/DefaultCryptoService.kt b/vclib/src/jvmMain/kotlin/at/asitplus/wallet/lib/agent/DefaultCryptoService.kt index d858f7545..f7c43c922 100644 --- a/vclib/src/jvmMain/kotlin/at/asitplus/wallet/lib/agent/DefaultCryptoService.kt +++ b/vclib/src/jvmMain/kotlin/at/asitplus/wallet/lib/agent/DefaultCryptoService.kt @@ -58,7 +58,7 @@ actual open class DefaultCryptoService : CryptoService { this.privateKey = keyPair.private this.algorithm = CryptoAlgorithm.ES256 this.publicKey = CryptoPublicKey.fromJcaPublicKey(keyPair.public).getOrThrow() - this.jsonWebKey = publicKey.toJsonWebKey().getOrThrow() + this.jsonWebKey = publicKey.toJsonWebKey() this.coseKey = publicKey.toCoseKey(algorithm.toCoseAlgorithm()).getOrThrow() this.certificate = generateSelfSignedCertificate() } @@ -73,7 +73,7 @@ actual open class DefaultCryptoService : CryptoService { this.privateKey = keyPair.private this.algorithm = algorithm this.publicKey = CryptoPublicKey.fromJcaPublicKey(keyPair.public).getOrThrow() - this.jsonWebKey = publicKey.toJsonWebKey().getOrThrow() + this.jsonWebKey = publicKey.toJsonWebKey() this.coseKey = publicKey.toCoseKey(algorithm.toCoseAlgorithm()).getOrThrow() this.certificate = certificate?.let { X509Certificate.decodeFromDer(it.encoded) } ?: generateSelfSignedCertificate() @@ -110,11 +110,7 @@ actual open class DefaultCryptoService : CryptoService { initSign(privateKey) update(input) }.sign() - //In Java EC signatures are returned as DER-encoded, RSA signatures however are raw bytearrays - if (algorithm.isEc) - CryptoSignature.decodeFromDer(sig) - else - CryptoSignature.RSAorHMAC(sig) + CryptoSignature.parseFromJca(sig, algorithm) }.wrap() override fun encrypt( @@ -207,8 +203,8 @@ open class JvmEphemeralKeyHolder(private val ecCurve: EcCurve) : EphemeralKeyHol val keyPair: KeyPair = KeyPairGenerator.getInstance("EC").also { it.initialize(ecCurve.keyLengthBits.toInt()) }.genKeyPair() - override val publicJsonWebKey by lazy { - CryptoPublicKey.fromJcaPublicKey(keyPair.public).transform { it.toJsonWebKey() }.getOrNull() + override val publicJsonWebKey: JsonWebKey? by lazy { + CryptoPublicKey.fromJcaPublicKey(keyPair.public).map { it.toJsonWebKey() }.getOrNull() } }