feat: Add support for EcdsaSecp384r1Signature2019

Author: peacekeeper

README.md

@@ -11,7 +11,8 @@ It provides an implementation of the following cryptographic suites for [Linked
  - [Ed25519Signature2018](https://w3c-ccg.github.io/lds-ed25519-2018/)
  - [Ed25519Signature2020](https://www.w3.org/community/reports/credentials/CG-FINAL-di-eddsa-2020-20220724/)
  - [EcdsaSecp256k1Signature2019](https://w3c-ccg.github.io/lds-ecdsa-secp256k1-2019/)
-- [EcdsaSecp256r1Signature2019](https://www.w3.org/community/reports/credentials/CG-FINAL-di-ecdsa-2019-20220724/)
+ - [EcdsaSecp256r1Signature2019](https://www.w3.org/community/reports/credentials/CG-FINAL-di-ecdsa-2019-20220724/)
+ - [EcdsaSecp384r1Signature2019](https://www.w3.org/community/reports/credentials/CG-FINAL-di-ecdsa-2019-20220724/)
  - [RsaSignature2018](https://w3c-ccg.github.io/lds-rsa2018/)
  - [JcsEd25519Signature2020](https://identity.foundation/JcsEd25519Signature2020/)
  - JcsEcdsaSecp256k1Signature2019

src/main/java/com/danubetech/dataintegrity/canonicalizer/Canonicalizers.java

@@ -8,11 +8,13 @@
 public class Canonicalizers {
 
 	public static final JCSSHA256Canonicalizer CANONICALIZER_JCSCANONICALIZER = new JCSSHA256Canonicalizer();
-	public static final URDNA2015Canonicalizer CANONICALIZER_URDNA2015CANONICALIZER = new URDNA2015Canonicalizer();
+	public static final URDNA2015SHA256Canonicalizer CANONICALIZER_URDNA2015SHA256CANONICALIZER = new URDNA2015SHA256Canonicalizer();
+	public static final URDNA2015SHA384Canonicalizer CANONICALIZER_URDNA2015SHA384CANONICALIZER = new URDNA2015SHA384Canonicalizer();
 
 	public static final List<? extends Canonicalizer> CANONICALIZERS = List.of(
 			CANONICALIZER_JCSCANONICALIZER,
-			CANONICALIZER_URDNA2015CANONICALIZER
+			CANONICALIZER_URDNA2015SHA256CANONICALIZER,
+			CANONICALIZER_URDNA2015SHA384CANONICALIZER
 	);
 
 	private static final Map<Class<? extends Canonicalizer>, Canonicalizer> CANONICALIZERS_BY_CANONICALIZER_CLASS;

…anonicalizer/URDNA2015Canonicalizer.java …alizer/URDNA2015SHA256Canonicalizer.javasrc/main/java/com/danubetech/dataintegrity/canonicalizer/URDNA2015Canonicalizer.java renamed to src/main/java/com/danubetech/dataintegrity/canonicalizer/URDNA2015SHA256Canonicalizer.java src/main/java/com/danubetech/dataintegrity/canonicalizer/URDNA2015Canonicalizer.java renamed to src/main/java/com/danubetech/dataintegrity/canonicalizer/URDNA2015SHA256Canonicalizer.java

@@ -17,17 +17,17 @@
 import java.security.NoSuchAlgorithmException;
 import java.util.List;
 
-public class URDNA2015Canonicalizer extends Canonicalizer {
+public class URDNA2015SHA256Canonicalizer extends Canonicalizer {
 
     private static final Logger log = LoggerFactory.getLogger(RDFC10Canonicalizer.class);
 
-    public static final URDNA2015Canonicalizer INSTANCE = new URDNA2015Canonicalizer();
+    public static final URDNA2015SHA256Canonicalizer INSTANCE = new URDNA2015SHA256Canonicalizer();
 
-    public URDNA2015Canonicalizer() {
+    public URDNA2015SHA256Canonicalizer() {
         super(List.of("urdna2015"));
     }
 
-    public static URDNA2015Canonicalizer getInstance() {
+    public static URDNA2015SHA256Canonicalizer getInstance() {
         return INSTANCE;
     }
 

src/main/java/com/danubetech/dataintegrity/canonicalizer/URDNA2015SHA384Canonicalizer.java

@@ -0,0 +1,87 @@
+package com.danubetech.dataintegrity.canonicalizer;
+
+import com.apicatalog.rdf.RdfDataset;
+import com.apicatalog.rdf.io.nquad.NQuadsWriter;
+import com.danubetech.dataintegrity.DataIntegrityProof;
+import com.danubetech.dataintegrity.util.SHAUtil;
+import foundation.identity.jsonld.JsonLDException;
+import foundation.identity.jsonld.JsonLDObject;
+import io.setl.rdf.normalization.RdfNormalize;
+import org.apache.commons.codec.binary.Hex;
+import org.slf4j.Logger;
+import org.slf4j.LoggerFactory;
+
+import java.io.IOException;
+import java.io.StringWriter;
+import java.security.GeneralSecurityException;
+import java.security.NoSuchAlgorithmException;
+import java.util.List;
+
+public class URDNA2015SHA384Canonicalizer extends Canonicalizer {
+
+    private static final Logger log = LoggerFactory.getLogger(RDFC10Canonicalizer.class);
+
+    public static final URDNA2015SHA384Canonicalizer INSTANCE = new URDNA2015SHA384Canonicalizer();
+
+    public URDNA2015SHA384Canonicalizer() {
+        super(List.of("urdna2015"));
+    }
+
+    public static URDNA2015SHA384Canonicalizer getInstance() {
+        return INSTANCE;
+    }
+
+    @Override
+    public String canonicalize(JsonLDObject jsonLDObject) throws JsonLDException, IOException, NoSuchAlgorithmException {
+
+        RdfDataset rdfDataset = jsonLDObject.toDataset();
+        rdfDataset = RdfNormalize.normalize(rdfDataset, "urdna2015");
+        StringWriter stringWriter = new StringWriter();
+        NQuadsWriter nQuadsWriter = new NQuadsWriter(stringWriter);
+        nQuadsWriter.write(rdfDataset);
+        return stringWriter.getBuffer().toString();
+    }
+
+    @Override
+    public byte[] canonicalize(DataIntegrityProof dataIntegrityProof, JsonLDObject jsonLdObject) throws IOException, GeneralSecurityException, JsonLDException {
+
+        // construct the LD object without proof
+
+        JsonLDObject jsonLdObjectWithoutProof = JsonLDObject.builder()
+                .base(jsonLdObject)
+                .build();
+        jsonLdObjectWithoutProof.setDocumentLoader(jsonLdObject.getDocumentLoader());
+        DataIntegrityProof.removeFromJsonLdObject(jsonLdObjectWithoutProof);
+
+        // construct the LD proof without proof values
+
+        DataIntegrityProof dataIntegrityProofWithoutProofValues = DataIntegrityProof.builder()
+                .base(dataIntegrityProof)
+                .defaultContexts(false)
+                .build();
+        dataIntegrityProofWithoutProofValues.setDocumentLoader(jsonLdObject.getDocumentLoader());
+        DataIntegrityProof.removeLdProofValues(dataIntegrityProofWithoutProofValues);
+
+        // canonicalize the LD object and LD proof options
+
+        jsonLdObjectWithoutProof.setDocumentLoader(jsonLdObject.getDocumentLoader());
+        String canonicalizedJsonLdObjectWithoutProof = this.canonicalize(jsonLdObjectWithoutProof);
+        byte[] canonicalizedJsonLdObjectWithoutProofHash = SHAUtil.sha256(canonicalizedJsonLdObjectWithoutProof);
+        if (log.isDebugEnabled()) log.debug("Canonicalized LD object without proof: {}", canonicalizedJsonLdObjectWithoutProof);
+        if (log.isDebugEnabled()) log.debug("Hashed canonicalized LD object without proof: {}", Hex.encodeHexString(canonicalizedJsonLdObjectWithoutProofHash));
+
+        dataIntegrityProofWithoutProofValues.setDocumentLoader(jsonLdObject.getDocumentLoader());
+        String canonicalizedLdProofWithoutProofValues = this.canonicalize(dataIntegrityProofWithoutProofValues);
+        byte[] canonicalizedLdProofWithoutProofValuesHash = SHAUtil.sha256(canonicalizedLdProofWithoutProofValues);
+        if (log.isDebugEnabled()) log.debug("Canonicalized LD proof without proof value: {}", canonicalizedLdProofWithoutProofValues);
+        if (log.isDebugEnabled()) log.debug("Hashed canonicalized LD proof without proof value: {}", Hex.encodeHexString(canonicalizedLdProofWithoutProofValuesHash));
+
+        // construct the canonicalization result
+
+        byte[] canonicalizationResult = new byte[64];
+        System.arraycopy(canonicalizedLdProofWithoutProofValuesHash, 0, canonicalizationResult, 0, 32);
+        System.arraycopy(canonicalizedJsonLdObjectWithoutProofHash, 0, canonicalizationResult, 32, 32);
+
+        return canonicalizationResult;
+    }
+}

src/main/java/com/danubetech/dataintegrity/signer/BbsBlsSignature2020LdSigner.java

@@ -3,7 +3,7 @@
 import bbs.signatures.KeyPair;
 import com.danubetech.dataintegrity.DataIntegrityProof;
 import com.danubetech.dataintegrity.canonicalizer.Canonicalizer;
-import com.danubetech.dataintegrity.canonicalizer.URDNA2015Canonicalizer;
+import com.danubetech.dataintegrity.canonicalizer.URDNA2015SHA256Canonicalizer;
 import com.danubetech.dataintegrity.suites.BbsBlsSignature2020DataIntegritySuite;
 import com.danubetech.dataintegrity.suites.DataIntegritySuites;
 import com.danubetech.keyformats.crypto.ByteSigner;
@@ -28,7 +28,7 @@ public BbsBlsSignature2020LdSigner() {
     }
 
     public Canonicalizer getCanonicalizer(DataIntegrityProof dataIntegrityProof) {
-        return URDNA2015Canonicalizer.getInstance();
+        return URDNA2015SHA256Canonicalizer.getInstance();
     }
 
     public static void sign(DataIntegrityProof.Builder<? extends DataIntegrityProof.Builder<?>> ldProofBuilder, byte[] signingInput, ByteSigner signer) throws GeneralSecurityException {

src/main/java/com/danubetech/dataintegrity/signer/EcdsaKoblitzSignature2016LdSigner.java

@@ -3,7 +3,7 @@
 import com.danubetech.dataintegrity.DataIntegrityProof;
 import com.danubetech.dataintegrity.adapter.JWSSignerAdapter;
 import com.danubetech.dataintegrity.canonicalizer.Canonicalizer;
-import com.danubetech.dataintegrity.canonicalizer.URDNA2015Canonicalizer;
+import com.danubetech.dataintegrity.canonicalizer.URDNA2015SHA256Canonicalizer;
 import com.danubetech.dataintegrity.suites.DataIntegritySuites;
 import com.danubetech.dataintegrity.suites.EcdsaKoblitzSignature2016DataIntegritySuite;
 import com.danubetech.dataintegrity.util.JWSUtil;
@@ -34,7 +34,7 @@ public EcdsaKoblitzSignature2016LdSigner() {
     }
 
     public Canonicalizer getCanonicalizer(DataIntegrityProof dataIntegrityProof) {
-        return URDNA2015Canonicalizer.getInstance();
+        return URDNA2015SHA256Canonicalizer.getInstance();
     }
 
     public static void sign(DataIntegrityProof.Builder<? extends DataIntegrityProof.Builder<?>> ldProofBuilder, byte[] signingInput, ByteSigner signer) throws GeneralSecurityException {

src/main/java/com/danubetech/dataintegrity/signer/EcdsaSecp256k1Signature2019LdSigner.java

@@ -3,7 +3,7 @@
 import com.danubetech.dataintegrity.DataIntegrityProof;
 import com.danubetech.dataintegrity.adapter.JWSSignerAdapter;
 import com.danubetech.dataintegrity.canonicalizer.Canonicalizer;
-import com.danubetech.dataintegrity.canonicalizer.URDNA2015Canonicalizer;
+import com.danubetech.dataintegrity.canonicalizer.URDNA2015SHA256Canonicalizer;
 import com.danubetech.dataintegrity.suites.DataIntegritySuites;
 import com.danubetech.dataintegrity.suites.EcdsaSecp256k1Signature2019DataIntegritySuite;
 import com.danubetech.dataintegrity.util.JWSUtil;
@@ -34,7 +34,7 @@ public EcdsaSecp256k1Signature2019LdSigner() {
     }
 
     public Canonicalizer getCanonicalizer(DataIntegrityProof dataIntegrityProof) {
-        return URDNA2015Canonicalizer.getInstance();
+        return URDNA2015SHA256Canonicalizer.getInstance();
     }
 
     public static void sign(DataIntegrityProof.Builder<? extends DataIntegrityProof.Builder<?>> ldProofBuilder, byte[] signingInput, ByteSigner signer) throws GeneralSecurityException {

src/main/java/com/danubetech/dataintegrity/signer/EcdsaSecp256r1Signature2019LdSigner.java

@@ -1,24 +1,17 @@
 package com.danubetech.dataintegrity.signer;
 
 import com.danubetech.dataintegrity.DataIntegrityProof;
-import com.danubetech.dataintegrity.adapter.JWSSignerAdapter;
 import com.danubetech.dataintegrity.canonicalizer.Canonicalizer;
-import com.danubetech.dataintegrity.canonicalizer.URDNA2015Canonicalizer;
+import com.danubetech.dataintegrity.canonicalizer.URDNA2015SHA256Canonicalizer;
 import com.danubetech.dataintegrity.suites.DataIntegritySuites;
 import com.danubetech.dataintegrity.suites.EcdsaSecp256r1Signature2019DataIntegritySuite;
-import com.danubetech.dataintegrity.util.JWSUtil;
 import com.danubetech.keyformats.crypto.ByteSigner;
 import com.danubetech.keyformats.crypto.impl.P_256_ES256_PrivateKeySigner;
 import com.danubetech.keyformats.jose.JWSAlgorithm;
-import com.nimbusds.jose.JOSEException;
-import com.nimbusds.jose.JWSHeader;
-import com.nimbusds.jose.JWSSigner;
-import com.nimbusds.jose.util.Base64URL;
 import io.ipfs.multibase.Multibase;
 
 import java.security.GeneralSecurityException;
 import java.security.interfaces.ECPrivateKey;
-import java.util.Collections;
 
 public class EcdsaSecp256r1Signature2019LdSigner extends LdSigner<EcdsaSecp256r1Signature2019DataIntegritySuite> {
 
@@ -35,7 +28,7 @@ public EcdsaSecp256r1Signature2019LdSigner() {
     }
 
     public Canonicalizer getCanonicalizer(DataIntegrityProof dataIntegrityProof) {
-        return URDNA2015Canonicalizer.getInstance();
+        return URDNA2015SHA256Canonicalizer.getInstance();
     }
 
     public static void sign(DataIntegrityProof.Builder<? extends DataIntegrityProof.Builder<?>> ldProofBuilder, byte[] signingInput, ByteSigner signer) throws GeneralSecurityException {

src/main/java/com/danubetech/dataintegrity/signer/EcdsaSecp384r1Signature2019LdSigner.java

@@ -0,0 +1,53 @@
+package com.danubetech.dataintegrity.signer;
+
+import com.danubetech.dataintegrity.DataIntegrityProof;
+import com.danubetech.dataintegrity.canonicalizer.Canonicalizer;
+import com.danubetech.dataintegrity.canonicalizer.URDNA2015SHA384Canonicalizer;
+import com.danubetech.dataintegrity.suites.DataIntegritySuites;
+import com.danubetech.dataintegrity.suites.EcdsaSecp384r1Signature2019DataIntegritySuite;
+import com.danubetech.keyformats.crypto.ByteSigner;
+import com.danubetech.keyformats.crypto.impl.P_384_ES384_PrivateKeySigner;
+import com.danubetech.keyformats.jose.JWSAlgorithm;
+import io.ipfs.multibase.Multibase;
+
+import java.security.GeneralSecurityException;
+import java.security.interfaces.ECPrivateKey;
+
+public class EcdsaSecp384r1Signature2019LdSigner extends LdSigner<EcdsaSecp384r1Signature2019DataIntegritySuite> {
+
+    public EcdsaSecp384r1Signature2019LdSigner(ByteSigner signer) {
+        super(DataIntegritySuites.DATA_INTEGRITY_SUITE_ECDSASECP384R1SIGNATURE2019, signer);
+    }
+
+    public EcdsaSecp384r1Signature2019LdSigner(ECPrivateKey privateKey) {
+        this(new P_384_ES384_PrivateKeySigner(privateKey));
+    }
+
+    public EcdsaSecp384r1Signature2019LdSigner() {
+        this((ByteSigner) null);
+    }
+
+    public Canonicalizer getCanonicalizer(DataIntegrityProof dataIntegrityProof) {
+        return URDNA2015SHA384Canonicalizer.getInstance();
+    }
+
+    public static void sign(DataIntegrityProof.Builder<? extends DataIntegrityProof.Builder<?>> ldProofBuilder, byte[] signingInput, ByteSigner signer) throws GeneralSecurityException {
+
+        // sign
+
+        String proofValue;
+
+        byte[] bytes = signer.sign(signingInput, JWSAlgorithm.ES384);
+        proofValue = Multibase.encode(Multibase.Base.Base58BTC, bytes);
+
+        // done
+
+        ldProofBuilder.proofValue(proofValue);
+    }
+
+    @Override
+    public void sign(DataIntegrityProof.Builder<? extends DataIntegrityProof.Builder<?>> ldProofBuilder, byte[] signingInput) throws GeneralSecurityException {
+
+        sign(ldProofBuilder, signingInput, this.getSigner());
+    }
+}

src/main/java/com/danubetech/dataintegrity/signer/Ed25519Signature2018LdSigner.java

@@ -3,7 +3,7 @@
 import com.danubetech.dataintegrity.DataIntegrityProof;
 import com.danubetech.dataintegrity.adapter.JWSSignerAdapter;
 import com.danubetech.dataintegrity.canonicalizer.Canonicalizer;
-import com.danubetech.dataintegrity.canonicalizer.URDNA2015Canonicalizer;
+import com.danubetech.dataintegrity.canonicalizer.URDNA2015SHA256Canonicalizer;
 import com.danubetech.dataintegrity.suites.DataIntegritySuites;
 import com.danubetech.dataintegrity.suites.Ed25519Signature2018DataIntegritySuite;
 import com.danubetech.dataintegrity.util.JWSUtil;
@@ -33,7 +33,7 @@ public Ed25519Signature2018LdSigner() {
     }
 
     public Canonicalizer getCanonicalizer(DataIntegrityProof dataIntegrityProof) {
-        return URDNA2015Canonicalizer.getInstance();
+        return URDNA2015SHA256Canonicalizer.getInstance();
     }
 
     public static void sign(DataIntegrityProof.Builder<? extends DataIntegrityProof.Builder<?>> ldProofBuilder, byte[] signingInput, ByteSigner signer) throws GeneralSecurityException {