feat: Add verifier functionality

Author: peacekeeper

pom.xml

@@ -208,11 +208,38 @@
 			<artifactId>jsonld-common-java</artifactId>
 			<version>1.14.0</version>
 		</dependency>
+		<dependency>
+			<groupId>decentralized-identity</groupId>
+			<artifactId>uni-resolver-local</artifactId>
+			<version>0.30.0</version>
+			<optional>true</optional>
+			<exclusions>
+				<exclusion>
+					<groupId>commons-logging</groupId>
+					<artifactId>commons-logging</artifactId>
+				</exclusion>
+			</exclusions>
+		</dependency>
 		<dependency>
 			<groupId>com.danubetech</groupId>
 			<artifactId>data-integrity-java</artifactId>
 			<version>1.17.0</version>
 		</dependency>
+		<dependency>
+			<groupId>com.danubetech</groupId>
+			<artifactId>danubetech-common-java</artifactId>
+			<version>1.29.0</version>
+		</dependency>
+		<dependency>
+			<groupId>com.danubetech</groupId>
+			<artifactId>notarization-service-client</artifactId>
+			<version>0.1.0</version>
+		</dependency>
+		<dependency>
+			<groupId>com.danubetech</groupId>
+			<artifactId>revocation-service-client</artifactId>
+			<version>0.2.0</version>
+		</dependency>
 		<dependency>
 			<groupId>com.nimbusds</groupId>
 			<artifactId>nimbus-jose-jwt</artifactId>

src/main/java/com/danubetech/verifiablecredentials/verifier/VerifyingException.java

@@ -0,0 +1,33 @@
+package com.danubetech.verifiablecredentials.verifier;
+
+import com.danubetech.verifiablecredentials.verifier.result.VerifyResult;
+
+public class VerifyingException extends Exception {
+
+	private VerifyResult verifyResult;
+
+	public VerifyingException(String message) {
+		super(message);
+	}
+
+	public VerifyingException(String message, Throwable ex) {
+		super(message, ex);
+	}
+
+	public VerifyingException(VerifyResult verifyResult) {
+		this(verifyResult.getErrorMessage() == null ? "(unknown error)" : verifyResult.getErrorMessage());
+		this.verifyResult = verifyResult;
+	}
+
+	/*
+	 * Getters and setters
+	 */
+
+	public VerifyResult getVerifyResult() {
+		return verifyResult;
+	}
+
+	public void setVerifyResult(VerifyResult verifyResult) {
+		this.verifyResult = verifyResult;
+	}
+}

src/main/java/com/danubetech/verifiablecredentials/verifier/checker/AbstractChecker.java

@@ -0,0 +1,77 @@
+package com.danubetech.verifiablecredentials.verifier.checker;
+
+import com.danubetech.verifiablecredentials.verifier.VerifyingException;
+import com.danubetech.verifiablecredentials.verifier.result.VerifyResult;
+import org.slf4j.Logger;
+import org.slf4j.LoggerFactory;
+
+import java.util.LinkedHashMap;
+import java.util.Map;
+
+public abstract class AbstractChecker<I, R> implements Checker<I, R> {
+
+	private static Logger log = LoggerFactory.getLogger(AbstractChecker.class);
+
+	private final String checkName;
+
+	protected AbstractChecker(String checkName) {
+		this.checkName = checkName;
+	}
+
+	protected abstract R checkInternal(I i, VerifyResult verifyResult) throws VerifyingException;
+
+	@Override
+	public final R check(I i, VerifyResult verifyResult) {
+
+		try {
+
+			R r = this.checkInternal(i, verifyResult);
+			if (log.isDebugEnabled()) log.debug("Result for " + this.getClass().getSimpleName() + ": " + (r == null ? null : r.getClass().getSimpleName()));
+			if (r != null) this.getCheckMetadata(verifyResult);
+			return r;
+		} catch (VerifyingException ex) {
+
+			String message = ex.getMessage() != null ? ex.getMessage() : ex.getClass().getSimpleName();
+			if (log.isWarnEnabled()) log.warn("Verifying exception for " + this.getClass().getSimpleName() + ": " + message, ex);
+			this.getCheckMetadata(verifyResult);
+			this.addProblem(verifyResult, message);
+			return null;
+		} catch (Exception ex) {
+
+			String message = ex.getMessage() != null ? ex.getMessage() : ex.getClass().getSimpleName();
+			if (log.isWarnEnabled()) log.warn("Exception for " + this.getClass().getSimpleName() + ": " + message, ex);
+			this.getCheckMetadata(verifyResult);
+			this.addProblem(verifyResult, message);
+			return null;
+		}
+	}
+
+	protected final Map<String, Object> getCheckMetadata(VerifyResult verifyResult) {
+		return verifyResult.getCheckMetadata(this.getCheckName());
+	}
+
+	protected final void addProblem(VerifyResult verifyResult, String message, Map<String, Object> problemMetadata) {
+		if (problemMetadata == null) problemMetadata = new LinkedHashMap<>();
+		problemMetadata.put("check", this.getCheckName());
+		verifyResult.addProblem(message, problemMetadata);
+	}
+
+	protected final void addProblem(VerifyResult verifyResult, String message) {
+		this.addProblem(verifyResult, message, null);
+	}
+
+	protected final void addWarning(VerifyResult verifyResult, String message, Map<String, Object> warningMetadata) {
+		if (warningMetadata == null) warningMetadata = new LinkedHashMap<>();
+		warningMetadata.put("check", this.getCheckName());
+		verifyResult.addWarning(message, warningMetadata);
+	}
+
+	protected final void addWarning(VerifyResult verifyResult, String message) {
+		this.addWarning(verifyResult, message, null);
+	}
+
+	@Override
+	public String getCheckName() {
+		return this.checkName;
+	}
+}

src/main/java/com/danubetech/verifiablecredentials/verifier/checker/Checker.java

@@ -0,0 +1,9 @@
+package com.danubetech.verifiablecredentials.verifier.checker;
+
+import com.danubetech.verifiablecredentials.verifier.result.VerifyResult;
+
+public interface Checker<I, R> {
+
+	public R check(I i, VerifyResult verifyResult);
+	public String getCheckName();
+}

src/main/java/com/danubetech/verifiablecredentials/verifier/checker/ExpirationDateChecker.java

@@ -0,0 +1,33 @@
+package com.danubetech.verifiablecredentials.verifier.checker;
+
+import com.danubetech.verifiablecredentials.VerifiableCredential;
+import com.danubetech.verifiablecredentials.verifier.VerifyingException;
+import com.danubetech.verifiablecredentials.verifier.result.VerifyResult;
+import org.slf4j.Logger;
+import org.slf4j.LoggerFactory;
+
+import java.util.Date;
+
+public class ExpirationDateChecker extends AbstractChecker<VerifiableCredential, Void> implements Checker<VerifiableCredential, Void> {
+
+	private static Logger log = LoggerFactory.getLogger(ExpirationDateChecker.class);
+
+	public ExpirationDateChecker() {
+		super("expiration-date");
+	}
+
+	@Override
+	public Void checkInternal(VerifiableCredential verifiableCredential, VerifyResult verifyResult) throws VerifyingException {
+
+		if (verifiableCredential.getExpirationDate() == null) return null;
+
+		// check issuance date
+
+		if (verifiableCredential.getExpirationDate().before(new Date())) throw new VerifyingException("Expiration date is in the past.");
+		this.getCheckMetadata(verifyResult).put("verified", Boolean.TRUE);
+
+		// done
+
+		return null;
+	}
+}

src/main/java/com/danubetech/verifiablecredentials/verifier/checker/IssuanceDateChecker.java

@@ -0,0 +1,33 @@
+package com.danubetech.verifiablecredentials.verifier.checker;
+
+import com.danubetech.verifiablecredentials.VerifiableCredential;
+import com.danubetech.verifiablecredentials.verifier.VerifyingException;
+import com.danubetech.verifiablecredentials.verifier.result.VerifyResult;
+import org.slf4j.Logger;
+import org.slf4j.LoggerFactory;
+
+import java.util.Date;
+
+public class IssuanceDateChecker extends AbstractChecker<VerifiableCredential, Void> implements Checker<VerifiableCredential, Void> {
+
+	private static Logger log = LoggerFactory.getLogger(IssuanceDateChecker.class);
+
+	public IssuanceDateChecker() {
+		super("issuance-date");
+	}
+
+	@Override
+	public Void checkInternal(VerifiableCredential verifiableCredential, VerifyResult verifyResult) throws VerifyingException {
+
+		if (verifiableCredential.getIssuanceDate() == null) return null;
+
+		// check issuance date
+
+		if (verifiableCredential.getIssuanceDate().after(new Date())) throw new VerifyingException("Issuance date is in the future.");
+		this.getCheckMetadata(verifyResult).put("verified", Boolean.TRUE);
+
+		// done
+
+		return null;
+	}
+}

src/main/java/com/danubetech/verifiablecredentials/verifier/checker/JsonLDChecker.java

@@ -0,0 +1,24 @@
+package com.danubetech.verifiablecredentials.verifier.checker;
+
+import com.danubetech.verifiablecredentials.verifier.VerifyingException;
+import com.danubetech.verifiablecredentials.verifier.result.VerifyResult;
+import foundation.identity.jsonld.JsonLDObject;
+import foundation.identity.jsonld.validation.Validation;
+
+public class JsonLDChecker extends AbstractChecker<JsonLDObject, Void> implements Checker<JsonLDObject, Void> {
+
+	public JsonLDChecker() {
+
+		super("jsonld");
+	}
+
+	@Override
+	public Void checkInternal(JsonLDObject jsonLdObject, VerifyResult verifyResult) throws VerifyingException {
+
+		if (jsonLdObject == null) return null;
+
+		Validation.validate(jsonLdObject);
+
+		return null;
+	}
+}

src/main/java/com/danubetech/verifiablecredentials/verifier/checker/NotarizationChecker.java

@@ -0,0 +1,103 @@
+package com.danubetech.verifiablecredentials.verifier.checker;
+
+import com.danubetech.dataintegrity.DataIntegrityProof;
+import com.danubetech.dataintegrity.canonicalizer.RDFC10SHA256Canonicalizer;
+import com.danubetech.notarizationservice.client.ApiException;
+import com.danubetech.notarizationservice.client.NotarizationServiceClient;
+import com.danubetech.notarizationservice.client.swagger.model.BitcoinVerifyResponse;
+import com.danubetech.verifiablecredentials.VerifiableCredential;
+import com.danubetech.verifiablecredentials.proof.BlockchainHashProof2020;
+import com.danubetech.verifiablecredentials.verifier.VerifyingException;
+import com.danubetech.verifiablecredentials.verifier.result.VerifyResult;
+import foundation.identity.jsonld.JsonLDException;
+import foundation.identity.jsonld.JsonLDObject;
+import org.slf4j.Logger;
+import org.slf4j.LoggerFactory;
+
+import java.io.IOException;
+import java.util.Map;
+
+public class NotarizationChecker extends AbstractChecker<VerifiableCredential, Void> implements Checker<VerifiableCredential, Void> {
+
+	private static Logger log = LoggerFactory.getLogger(NotarizationChecker.class);
+
+	private NotarizationServiceClient notarizationServiceClient;
+
+	public NotarizationChecker(NotarizationServiceClient notarizationServiceClient) {
+
+		super("notarization");
+
+		this.notarizationServiceClient = notarizationServiceClient;
+	}
+
+	@Override
+	public Void checkInternal(VerifiableCredential verifiableCredential, VerifyResult verifyResult) throws VerifyingException {
+
+		Map<String, Object> jsonObject = verifiableCredential.getJsonObject();
+
+		// obtain the normalizedDocument document
+
+		String normalizedDocument;
+
+		try {
+
+			JsonLDObject jsonLdDocumentWithoutProof = JsonLDObject.builder().base(verifiableCredential).build();
+			jsonLdDocumentWithoutProof.setDocumentLoader(verifiableCredential.getDocumentLoader());
+			DataIntegrityProof.removeFromJsonLdObject(jsonLdDocumentWithoutProof);
+			normalizedDocument = RDFC10SHA256Canonicalizer.getInstance().canonicalize(jsonLdDocumentWithoutProof);
+		} catch (JsonLDException | IOException ex) {
+
+			throw new VerifyingException("Normalization problem: " + ex.getMessage(), ex);
+		}
+
+		// check the notarization
+
+		BlockchainHashProof2020 ldProof = BlockchainHashProof2020.getFromJsonLDObject(verifiableCredential);
+		if (log.isDebugEnabled()) log.debug("Found proof: " + ldProof);
+		if (ldProof == null) return null;
+
+		String proofValue = ldProof.getProofValue();
+		String[] proofValueParts = proofValue.split(" ");
+		String txId = proofValueParts[0];
+		String signature = proofValueParts[1];
+
+		BitcoinVerifyResponse bitcoinVerifyResponse;
+
+		try {
+
+			bitcoinVerifyResponse = this.getNotarizationServiceClient().verifyUsingPOST("SHA-256", null, null, Boolean.FALSE, signature, txId, normalizedDocument);
+			if (log.isDebugEnabled()) log.debug("Notarization service response: " + bitcoinVerifyResponse);
+		} catch (ApiException ex) {
+
+			throw new VerifyingException("Cannot check notarization: " + ex.getCode() + " - " + ex.getResponseBody(), ex);
+		}
+
+		if (Boolean.TRUE != bitcoinVerifyResponse.getVerified()) {
+
+			throw new VerifyingException("Credential notarization cannot be verified. txId: " + bitcoinVerifyResponse.getTxId() + ", notarizationBlockHeight: " + bitcoinVerifyResponse.getNotarizationBlockHeight() + ", currentBlockHeight: " + bitcoinVerifyResponse.getCurrentBlockHeight());
+		}
+
+		// CHECK METADATA
+
+		this.getCheckMetadata(verifyResult).put("txId", bitcoinVerifyResponse.getTxId());
+		this.getCheckMetadata(verifyResult).put("notarizationBlockHeight", bitcoinVerifyResponse.getNotarizationBlockHeight());
+		this.getCheckMetadata(verifyResult).put("currentBlockHeight", bitcoinVerifyResponse.getCurrentBlockHeight());
+		this.getCheckMetadata(verifyResult).put("verified", bitcoinVerifyResponse.getVerified());
+
+		// done
+
+		return null;
+	}
+
+	/*
+	 * Getters and setters
+	 */
+
+	public NotarizationServiceClient getNotarizationServiceClient() {
+		return this.notarizationServiceClient;
+	}
+
+	public void setNotarizationServiceClient(NotarizationServiceClient notarizationServiceClient) {
+		this.notarizationServiceClient = notarizationServiceClient;
+	}
+}