wip

Author: peacekeeper

pom.xml

@@ -187,7 +187,7 @@
 		<dependency>
 			<groupId>com.danubetech</groupId>
 			<artifactId>key-formats-java</artifactId>
-			<version>1.20.0</version>
+			<version>1.21-SNAPSHOT</version>
 		</dependency>
 		<dependency>
 			<groupId>io.setl</groupId>

src/main/java/com/danubetech/dataintegrity/signer/BbsBlsSignature2020LdSigner.java

@@ -27,7 +27,7 @@ public BbsBlsSignature2020LdSigner() {
         this((ByteSigner) null);
     }
 
-    public Canonicalizer getCanonicalizer() {
+    public Canonicalizer getCanonicalizer(DataIntegrityProof dataIntegrityProof) {
         return URDNA2015Canonicalizer.getInstance();
     }
 

src/main/java/com/danubetech/dataintegrity/signer/DataIntegrityProofLdSigner.java

@@ -33,24 +33,32 @@ public Canonicalizer getCanonicalizer(DataIntegrityProof dataIntegrityProof) {
 
     public static void sign(DataIntegrityProof.Builder<? extends DataIntegrityProof.Builder<?>> ldProofBuilder, byte[] signingInput, ByteSigner signer) throws GeneralSecurityException {
 
-        // sign
+        // determine algorithm and cryptosuite
 
-        String proofValue;
+        String algorithm;
         String cryptosuite;
 
+        algorithm = signer.getAlgorithm();
         cryptosuite = ldProofBuilder.build().getCryptosuite();
         if (cryptosuite != null) {
+            if (! DataIntegrityProofDataIntegritySuite.findCryptosuitesByJwsAlgorithm(algorithm).contains(cryptosuite)) {
+                throw new GeneralSecurityException("Algorithm " + algorithm + " is not supported by cryptosuite " + cryptosuite);
+            }
         } else {
-            cryptosuite = DataIntegrityProofDataIntegritySuite.findDefaultCryptosuiteByJwsAlgorithm(signer.getAlgorithm());
+            cryptosuite = DataIntegrityProofDataIntegritySuite.findDefaultCryptosuiteByJwsAlgorithm(algorithm);
+            ldProofBuilder.cryptosuite(cryptosuite);
         }
 
-        byte[] bytes = signer.sign(signingInput, signer.getAlgorithm());
+        // sign
+
+        String proofValue;
+
+        byte[] bytes = signer.sign(signingInput, algorithm);
         proofValue = Multibase.encode(Multibase.Base.Base58BTC, bytes);
 
         // done
 
         ldProofBuilder.proofValue(proofValue);
-        ldProofBuilder.cryptosuite(cryptosuite);
     }
 
     @Override

src/main/java/com/danubetech/dataintegrity/signer/EcdsaKoblitzSignature2016LdSigner.java

@@ -33,7 +33,7 @@ public EcdsaKoblitzSignature2016LdSigner() {
         this((ByteSigner) null);
     }
 
-    public Canonicalizer getCanonicalizer() {
+    public Canonicalizer getCanonicalizer(DataIntegrityProof dataIntegrityProof) {
         return URDNA2015Canonicalizer.getInstance();
     }
 

src/main/java/com/danubetech/dataintegrity/signer/EcdsaSecp256k1Signature2019LdSigner.java

@@ -33,7 +33,7 @@ public EcdsaSecp256k1Signature2019LdSigner() {
         this((ByteSigner) null);
     }
 
-    public Canonicalizer getCanonicalizer() {
+    public Canonicalizer getCanonicalizer(DataIntegrityProof dataIntegrityProof) {
         return URDNA2015Canonicalizer.getInstance();
     }
 

src/main/java/com/danubetech/dataintegrity/signer/Ed25519Signature2018LdSigner.java

@@ -32,7 +32,7 @@ public Ed25519Signature2018LdSigner() {
         this((ByteSigner) null);
     }
 
-    public Canonicalizer getCanonicalizer() {
+    public Canonicalizer getCanonicalizer(DataIntegrityProof dataIntegrityProof) {
         return URDNA2015Canonicalizer.getInstance();
     }
 

src/main/java/com/danubetech/dataintegrity/signer/Ed25519Signature2020LdSigner.java

@@ -26,7 +26,7 @@ public Ed25519Signature2020LdSigner() {
         this((ByteSigner) null);
     }
 
-    public Canonicalizer getCanonicalizer() {
+    public Canonicalizer getCanonicalizer(DataIntegrityProof dataIntegrityProof) {
         return URDNA2015Canonicalizer.getInstance();
     }
 

src/main/java/com/danubetech/dataintegrity/signer/JcsEcdsaSecp256k1Signature2019LdSigner.java

@@ -29,7 +29,7 @@ public JcsEcdsaSecp256k1Signature2019LdSigner() {
         this((ByteSigner) null);
     }
 
-    public Canonicalizer getCanonicalizer() {
+    public Canonicalizer getCanonicalizer(DataIntegrityProof dataIntegrityProof) {
         return JCSCanonicalizer.getInstance();
     }
 

src/main/java/com/danubetech/dataintegrity/signer/JcsEd25519Signature2020LdSigner.java

@@ -27,7 +27,7 @@ public JcsEd25519Signature2020LdSigner() {
         this((ByteSigner) null);
     }
 
-    public Canonicalizer getCanonicalizer() {
+    public Canonicalizer getCanonicalizer(DataIntegrityProof dataIntegrityProof) {
         return JCSCanonicalizer.getInstance();
     }
 

src/main/java/com/danubetech/dataintegrity/signer/JsonWebSignature2020LdSigner.java

@@ -1,19 +1,18 @@
 package com.danubetech.dataintegrity.signer;
 
 import com.danubetech.dataintegrity.DataIntegrityProof;
+import com.danubetech.dataintegrity.adapter.JWSSignerAdapter;
 import com.danubetech.dataintegrity.canonicalizer.Canonicalizer;
-import com.danubetech.dataintegrity.canonicalizer.JCSCanonicalizer;
+import com.danubetech.dataintegrity.canonicalizer.URDNA2015Canonicalizer;
+import com.danubetech.dataintegrity.suites.DataIntegritySuites;
+import com.danubetech.dataintegrity.suites.JsonWebSignature2020DataIntegritySuite;
+import com.danubetech.dataintegrity.util.JWSUtil;
 import com.danubetech.keyformats.crypto.ByteSigner;
 import com.nimbusds.jose.JOSEException;
 import com.nimbusds.jose.JWSAlgorithm;
 import com.nimbusds.jose.JWSHeader;
 import com.nimbusds.jose.JWSSigner;
 import com.nimbusds.jose.util.Base64URL;
-import com.danubetech.dataintegrity.adapter.JWSSignerAdapter;
-import com.danubetech.dataintegrity.canonicalizer.URDNA2015Canonicalizer;
-import com.danubetech.dataintegrity.suites.JsonWebSignature2020DataIntegritySuite;
-import com.danubetech.dataintegrity.suites.DataIntegritySuites;
-import com.danubetech.dataintegrity.util.JWSUtil;
 
 import java.security.GeneralSecurityException;
 import java.util.Collections;
@@ -28,22 +27,26 @@ public JsonWebSignature2020LdSigner() {
         this(null);
     }
 
-    public Canonicalizer getCanonicalizer() {
+    public Canonicalizer getCanonicalizer(DataIntegrityProof dataIntegrityProof) {
         return URDNA2015Canonicalizer.getInstance();
     }
 
     public static void sign(DataIntegrityProof.Builder<? extends DataIntegrityProof.Builder<?>> ldProofBuilder, byte[] signingInput, ByteSigner signer) throws GeneralSecurityException {
 
+        // determine algorithm
+
+        String algorithm = signer.getAlgorithm();
+
         // build the JWS and sign
 
         String jws;
 
         try {
 
-            JWSHeader jwsHeader = new JWSHeader.Builder(JWSAlgorithm.parse(signer.getAlgorithm())).base64URLEncodePayload(false).criticalParams(Collections.singleton("b64")).build();
+            JWSHeader jwsHeader = new JWSHeader.Builder(JWSAlgorithm.parse(algorithm)).base64URLEncodePayload(false).criticalParams(Collections.singleton("b64")).build();
             byte[] jwsSigningInput = JWSUtil.getJwsSigningInput(jwsHeader, signingInput);
 
-            JWSSigner jwsSigner = new JWSSignerAdapter(signer, JWSAlgorithm.parse(signer.getAlgorithm()));
+            JWSSigner jwsSigner = new JWSSignerAdapter(signer, JWSAlgorithm.parse(algorithm));
             Base64URL signature = jwsSigner.sign(jwsHeader, jwsSigningInput);
             jws = JWSUtil.serializeDetachedJws(jwsHeader, signature);
         } catch (JOSEException ex) {