fix: Update support for EcdsaSecp256r1Signature2019

Addresses #2

Author: peacekeeper

src/main/java/com/danubetech/dataintegrity/signer/EcdsaSecp256r1Signature2019LdSigner.java

@@ -9,11 +9,12 @@
 import com.danubetech.dataintegrity.util.JWSUtil;
 import com.danubetech.keyformats.crypto.ByteSigner;
 import com.danubetech.keyformats.crypto.impl.P_256_ES256_PrivateKeySigner;
+import com.danubetech.keyformats.jose.JWSAlgorithm;
 import com.nimbusds.jose.JOSEException;
-import com.nimbusds.jose.JWSAlgorithm;
 import com.nimbusds.jose.JWSHeader;
 import com.nimbusds.jose.JWSSigner;
 import com.nimbusds.jose.util.Base64URL;
+import io.ipfs.multibase.Multibase;
 
 import java.security.GeneralSecurityException;
 import java.security.interfaces.ECPrivateKey;
@@ -39,26 +40,16 @@ public Canonicalizer getCanonicalizer(DataIntegrityProof dataIntegrityProof) {
 
     public static void sign(DataIntegrityProof.Builder<? extends DataIntegrityProof.Builder<?>> ldProofBuilder, byte[] signingInput, ByteSigner signer) throws GeneralSecurityException {
 
-        // build the JWS and sign
+        // sign
 
-        String jws;
+        String proofValue;
 
-        try {
-
-            JWSHeader jwsHeader = new JWSHeader.Builder(JWSAlgorithm.ES256).base64URLEncodePayload(false).criticalParams(Collections.singleton("b64")).build();
-            byte[] jwsSigningInput = JWSUtil.getJwsSigningInput(jwsHeader, signingInput);
-
-            JWSSigner jwsSigner = new JWSSignerAdapter(signer, JWSAlgorithm.ES256);
-            Base64URL signature = jwsSigner.sign(jwsHeader, jwsSigningInput);
-            jws = JWSUtil.serializeDetachedJws(jwsHeader, signature);
-        } catch (JOSEException ex) {
-
-            throw new GeneralSecurityException("JOSE signing problem: " + ex.getMessage(), ex);
-        }
+        byte[] bytes = signer.sign(signingInput, JWSAlgorithm.ES256);
+        proofValue = Multibase.encode(Multibase.Base.Base58BTC, bytes);
 
         // done
 
-        ldProofBuilder.jws(jws);
+        ldProofBuilder.proofValue(proofValue);
     }
 
     @Override

src/main/java/com/danubetech/dataintegrity/verifier/EcdsaSecp256r1Signature2019LdVerifier.java

@@ -1,22 +1,17 @@
 package com.danubetech.dataintegrity.verifier;
 
 import com.danubetech.dataintegrity.DataIntegrityProof;
-import com.danubetech.dataintegrity.adapter.JWSVerifierAdapter;
 import com.danubetech.dataintegrity.canonicalizer.Canonicalizer;
 import com.danubetech.dataintegrity.canonicalizer.URDNA2015Canonicalizer;
 import com.danubetech.dataintegrity.suites.DataIntegritySuites;
 import com.danubetech.dataintegrity.suites.EcdsaSecp256r1Signature2019DataIntegritySuite;
-import com.danubetech.dataintegrity.util.JWSUtil;
 import com.danubetech.keyformats.crypto.ByteVerifier;
 import com.danubetech.keyformats.crypto.impl.P_256_ES256_PublicKeyVerifier;
-import com.nimbusds.jose.JOSEException;
-import com.nimbusds.jose.JWSAlgorithm;
-import com.nimbusds.jose.JWSObject;
-import com.nimbusds.jose.JWSVerifier;
+import com.danubetech.keyformats.jose.JWSAlgorithm;
+import io.ipfs.multibase.Multibase;
 
 import java.security.GeneralSecurityException;
 import java.security.interfaces.ECPublicKey;
-import java.text.ParseException;
 
 public class EcdsaSecp256r1Signature2019LdVerifier extends LdVerifier<EcdsaSecp256r1Signature2019DataIntegritySuite> {
 
@@ -38,24 +33,15 @@ public Canonicalizer getCanonicalizer(DataIntegrityProof dataIntegrityProof) {
 
     public static boolean verify(byte[] signingInput, DataIntegrityProof dataIntegrityProof, ByteVerifier verifier) throws GeneralSecurityException {
 
-        // build the JWS and verify
+        // verify
 
-        String jws = dataIntegrityProof.getJws();
-        if (jws == null) throw new GeneralSecurityException("No 'jws' in proof.");
+        String proofValue = dataIntegrityProof.getProofValue();
+        if (proofValue == null) throw new GeneralSecurityException("No 'proofValue' in proof.");
 
         boolean verify;
 
-        try {
-
-            JWSObject detachedJwsObject = JWSObject.parse(jws);
-            byte[] jwsSigningInput = JWSUtil.getJwsSigningInput(detachedJwsObject.getHeader(), signingInput);
-
-            JWSVerifier jwsVerifier = new JWSVerifierAdapter(verifier, JWSAlgorithm.ES256);
-            verify = jwsVerifier.verify(detachedJwsObject.getHeader(), jwsSigningInput, detachedJwsObject.getSignature());
-        } catch (JOSEException | ParseException ex) {
-
-            throw new GeneralSecurityException("JOSE verification problem: " + ex.getMessage(), ex);
-        }
+        byte[] bytes = Multibase.decode(proofValue);
+        verify = verifier.verify(signingInput, bytes, JWSAlgorithm.ES256);
 
         // done
 

src/test/resources/com/danubetech/dataintegrity/signed.bad.EcdsaSecp256r1Signature2019.jsonld

@@ -11,6 +11,6 @@
         "created": "2017-10-24T05:33:31Z",
         "expires": "2027-10-24T05:33:31Z",
         "domain": "example.com",
-        "jws": "eyJiNjQiOmZhbHNlLCJjcml0IjpbImI2NCJdLCJhbGciOiJFUzI1NiJ9..75Io3jKMviPqbX1CxfkxZohSEZ1LTY-MJ8u_a5Fr8PCVQvW46eSrAIt6ekP4ItZltwJazScn2MymZo9_vvj1ZA"
+        "proofValue": "z3J2bPbGmBtrHMWmzKiL4PmN6kokD3oZPXt5JjkqfkYXpjzoR6e3s6MM7YnsYTaTPr2HgeL5hJ77Ek3hm4Aq5ddh3"
     }
 }

src/test/resources/com/danubetech/dataintegrity/signed.good.EcdsaSecp256r1Signature2019.jsonld

@@ -11,6 +11,6 @@
         "created": "2017-10-24T05:33:31Z",
         "expires": "2027-10-24T05:33:31Z",
         "domain": "example.com",
-        "jws": "eyJiNjQiOmZhbHNlLCJjcml0IjpbImI2NCJdLCJhbGciOiJFUzI1NiJ9..75Io3jKMviPqbX1CxfkxZohSEZ1LTY-MJ8u_a5Fr8PCVQvW46eSrAIt6ekP4ItZltwJazScn2MymZo9_vvj1ZA"
+        "proofValue": "z3J2bPbGmBtrHMWmzKiL4PmN6kokD3oZPXt5JjkqfkYXpjzoR6e3s6MM7YnsYTaTPr2HgeL5hJ77Ek3hm4Aq5ddh3"
     }
 }