johnandersen777
diff --git a/‎.github/workflows/ci.yml
Lines changed: 3 additions & 1 deletion b/‎.github/workflows/ci.yml
Lines changed: 3 additions & 1 deletion
diff --git a/‎README.md
Lines changed: 2 additions & 2 deletions b/‎README.md
Lines changed: 2 additions & 2 deletions
diff --git a/‎docs/registration_policies.md
Lines changed: 2 additions & 103 deletions b/‎docs/registration_policies.md
Lines changed: 2 additions & 103 deletions
diff --git a/‎environment.yml
Lines changed: 2 additions & 0 deletions b/‎environment.yml
Lines changed: 2 additions & 0 deletions
diff --git a/‎pytest.ini
Lines changed: 8 additions & 0 deletions b/‎pytest.ini
Lines changed: 8 additions & 0 deletions
diff --git a/‎scitt_emulator/did_helpers.py
Lines changed: 195 additions & 0 deletions b/‎scitt_emulator/did_helpers.py
Lines changed: 195 additions & 0 deletions
@@ -38,7 +38,9 @@ jobs:
       with:
         activate-environment: scitt
         environment-file: environment.yml
-    - run: python -m pytest
+    - run: |
+        python -m pip install -e .
+        python -m pytest
 
   ci-cd-build-and-push-image-container:
     name: CI/CD (container)
 
@@ -91,14 +91,14 @@ They can be used with the built-in server or an external service implementation.
 
     ```sh
     ./scitt-emulator.sh client create-claim \
-        --issuer did:web:example.com \
         --content-type application/json \
         --subject 'solar' \
         --payload '{"sun": "yellow"}' \
         --out claim.cose
     ```
 
-    _**Note:** The emulator generates an ad-hoc key pair to sign the claim and does not verify claim signatures upon submission._
+    _**Note:** The emulator generates an ad-hoc key pair to sign the claim if
+``--issuer`` and ``--public-key-pem`` are not given. See [Registration Policies](docs/registration_policies.md) docs for more deatiled examples_
 
 2. View the signed claim by uploading `claim.cose` to one of the [CBOR or COSE Debugging Tools](#cose-and-cbor-debugging)
 
 
@@ -104,108 +104,7 @@ import cryptography.hazmat.primitives.serialization
 import jwcrypto.jwk
 
 from scitt_emulator.scitt import ClaimInvalidError, CWTClaims
-
-
-def did_web_to_url(
-    did_web_string, scheme=os.environ.get("DID_WEB_ASSUME_SCHEME", "https")
-):
-    return "/".join(
-        [
-            f"{scheme}:/",
-            *[urllib.parse.unquote(i) for i in did_web_string.split(":")[2:]],
-        ]
-    )
-
-
-def verify_signature(msg: Sign1Message) -> bool:
-    """
-    - TODOs
-        - Should we use audiance? I think no, just want to make sure we've
-          documented why thought if not. No usage makes sense to me becasue we
-          don't know the intended audiance, it could be federated into
-          multiple TS
-        - Can you just pass a whole public key as an issuer?
-        - Resolve DID keys (since that is what the arch says...)
-    """
-
-    # Figure out what the issuer is
-    cwt_cose_loads = cwt.cose.COSE()._loads
-    cwt_unverified_protected = cwt_cose_loads(
-        cwt_cose_loads(msg.phdr[CWTClaims]).value[2]
-    )
-    unverified_issuer = cwt_unverified_protected[1]
-
-    if unverified_issuer.startswith("did:web:"):
-        unverified_issuer = did_web_to_url(unverified_issuer)
-
-    # Load keys from issuer
-    jwk_keys = []
-    cwt_cose_keys = []
-    pycose_cose_keys = []
-
-    from cryptography.hazmat.primitives import serialization
-
-    cryptography_ssh_keys = []
-    if "://" in unverified_issuer and not unverified_issuer.startswith("file://"):
-        # TODO Logging for URLErrors
-        # Check if OIDC issuer
-        unverified_issuer_parsed_url = urllib.parse.urlparse(unverified_issuer)
-        openid_configuration_url = unverified_issuer_parsed_url._replace(
-            path="/.well-known/openid-configuration",
-        ).geturl()
-        with contextlib.suppress(urllib.request.URLError):
-            with urllib.request.urlopen(openid_configuration_url) as response:
-                if response.status == 200:
-                    openid_configuration = json.loads(response.read())
-                    jwks_uri = openid_configuration["jwks_uri"]
-                    with urllib.request.urlopen(jwks_uri) as response:
-                        if response.status == 200:
-                            jwks = json.loads(response.read())
-                            for jwk_key_as_dict in jwks["keys"]:
-                                jwk_key_as_string = json.dumps(jwk_key_as_dict)
-                                jwk_keys.append(
-                                    jwcrypto.jwk.JWK.from_json(jwk_key_as_string),
-                                )
-
-        # Try loading ssh keys. Example: https://github.com/username.keys
-        with contextlib.suppress(urllib.request.URLError):
-            with urllib.request.urlopen(unverified_issuer) as response:
-                while line := response.readline():
-                    with contextlib.suppress(
-                        (ValueError, cryptography.exceptions.UnsupportedAlgorithm)
-                    ):
-                        cryptography_ssh_keys.append(
-                            cryptography.hazmat.primitives.serialization.load_ssh_public_key(
-                                line
-                            )
-                        )
-
-    for cryptography_ssh_key in cryptography_ssh_keys:
-        jwk_keys.append(
-            jwcrypto.jwk.JWK.from_pem(
-                cryptography_ssh_key.public_bytes(
-                    encoding=serialization.Encoding.PEM,
-                    format=serialization.PublicFormat.SubjectPublicKeyInfo,
-                )
-            )
-        )
-
-    for jwk_key in jwk_keys:
-        cwt_cose_key = cwt.COSEKey.from_pem(
-            jwk_key.export_to_pem(),
-            kid=jwk_key.thumbprint(),
-        )
-        cwt_cose_keys.append(cwt_cose_key)
-        cwt_ec2_key_as_dict = cwt_cose_key.to_dict()
-        pycose_cose_key = pycose.keys.ec2.EC2Key.from_dict(cwt_ec2_key_as_dict)
-        pycose_cose_keys.append((cwt_cose_key, pycose_cose_key))
-
-    for cwt_cose_key, pycose_cose_key in pycose_cose_keys:
-        with contextlib.suppress(Exception):
-            msg.key = pycose_cose_key
-            verify_signature = msg.verify_signature()
-            if verify_signature:
-                return cwt_cose_key, pycose_cose_key
+from scitt_emulator.verify_statement import verify_statement
 
 
 def main():
@@ -220,7 +119,7 @@ def main():
             f"Claim content type does not start with application/json: {msg.phdr[pycose.headers.ContentType]!r}"
         )
 
-    cwt_cose_key, _pycose_cose_key = verify_signature(msg)
+    cwt_cose_key, _pycose_cose_key = verify_statement(msg)
     unittest.TestCase().assertTrue(
         cwt_cose_key,
         "Failed to verify signature on statement",
 
@@ -40,3 +40,5 @@ dependencies:
     - PyJWT==2.8.0
     - werkzeug==2.2.2
     - cwt==2.7.1
+    - py-multibase==1.0.3
+    - py-multicodec==0.2.1
@@ -0,0 +1,8 @@
+[pytest]
+# https://docs.pytest.org/en/7.1.x/how-to/doctest.html#using-doctest-options
+doctest_optionflags = NORMALIZE_WHITESPACE IGNORE_EXCEPTION_DETAIL
+# Alternatively, options can be enabled by an inline comment in the doc test itself:
+# >>> something_that_raises()  # doctest: +IGNORE_EXCEPTION_DETAIL
+# Traceback (most recent call last):
+# ValueError: ...
+addopts = --doctest-modules
@@ -0,0 +1,195 @@
+import os
+import ast
+import sys
+import base64
+import inspect
+import urllib.parse
+from typing import Optional, Callable, Dict, Tuple, Union
+
+import multibase
+import multicodec
+import cryptography.hazmat.primitives.asymmetric.ec
+
+
+def did_web_to_url(
+    did_web_string: str,
+    *,
+    scheme: Optional[str] = None,
+):
+    if scheme is None:
+        scheme = os.environ.get("DID_WEB_ASSUME_SCHEME", "https")
+    return "/".join(
+        [
+            f"{scheme}:/",
+            *[urllib.parse.unquote(i) for i in did_web_string.split(":")[2:]],
+        ]
+    )
+
+
+class DIDKeyInvalidPublicKeyLengthError(ValueError):
+    """
+    If the byte length of rawPublicKeyBytes does not match the expected public
+    key length for the associated multicodecValue, an invalidPublicKeyLength
+    error MUST be raised.
+    """
+
+
+class DIDKeyDecoderNotFoundError(NotImplementedError):
+    """
+    Raised when we don't have a function implemented to decode the given key
+    """
+
+
+class DIDKeyDecoderError(Exception):
+    """
+    Raised when we failed to decode a key from a did:key DID method
+    """
+
+
+class DIDKeyInvalidPublicKeyError(DIDKeyDecoderError):
+    """
+    Raised when the raw bytes of a key are invalid during decode
+    """
+
+
+DID_KEY_METHOD = "did:key:"
+
+
+def did_key_decode_public_key(multibase_value: str) -> Tuple[bytes, bytes]:
+    # 3.1.2.3
+    # Decode multibaseValue using the base58-btc multibase alphabet and set
+    # multicodecValue to the multicodec header for the decoded value.
+    multibase_value_decoded = multibase.decode(multibase_value)
+    # Implementers are cautioned to ensure that the multicodecValue is set to
+    # the result after performing varint decoding.
+    multicodec_value = multicodec.extract_prefix(multibase_value_decoded)
+    # Set the rawPublicKeyBytes to the bytes remaining after the multicodec
+    # header.
+    raw_public_key_bytes = multicodec.remove_prefix(multibase_value_decoded)
+    # Return multicodecValue and rawPublicKeyBytes as the decodedPublicKey.
+    return multicodec_value, raw_public_key_bytes
+
+
+class _MULTICODEC_VALUE_NOT_FOUND_IN_TABLE:
+    pass
+
+
+MULTICODEC_VALUE_NOT_FOUND_IN_TABLE = _MULTICODEC_VALUE_NOT_FOUND_IN_TABLE()
+
+# Multicodec hexadecimal value, public key, byte length,	Description
+MULTICODEC_HEX_SECP256K1_PUBLIC_KEY = 0xE7
+MULTICODEC_HEX_X25519_PUBLIC_KEY = 0xEC
+MULTICODEC_HEX_ED25519_PUBLIC_KEY = 0xED
+MULTICODEC_HEX_P256_PUBLIC_KEY = 0x1200
+MULTICODEC_HEX_P384_PUBLIC_KEY = 0x1201
+MULTICODEC_HEX_P521_PUBLIC_KEY = 0x1202
+MULTICODEC_HEX_RSA_PUBLIC_KEY = 0x1205
+
+MULTICODEC_VALUE_TABLE = {
+    MULTICODEC_HEX_SECP256K1_PUBLIC_KEY: 33,  # secp256k1-pub - Secp256k1 public key (compressed)
+    MULTICODEC_HEX_X25519_PUBLIC_KEY: 32,  # x25519-pub - Curve25519 public key
+    MULTICODEC_HEX_ED25519_PUBLIC_KEY: 32,  # ed25519-pub - Ed25519 public key
+    MULTICODEC_HEX_P256_PUBLIC_KEY: 33,  # p256-pub - P-256 public key (compressed)
+    MULTICODEC_HEX_P384_PUBLIC_KEY: 49,  # p384-pub - P-384 public key (compressed)
+    MULTICODEC_HEX_P521_PUBLIC_KEY: None,  # 	p521-pub - P-521 public key (compressed)
+    MULTICODEC_HEX_RSA_PUBLIC_KEY: None,  # 	rsa-pub - RSA public key. DER-encoded ASN.1 type RSAPublicKey according to IETF RFC 8017 (PKCS #1)
+}
+
+
+def did_key_signature_method_creation(
+    multibase_value: hex,
+    raw_public_key_bytes: bytes,
+) -> Union[cryptography.hazmat.primitives.asymmetric.ec.EllipticCurvePublicKey]:
+    # 3.1.2 https://w3c-ccg.github.io/did-method-key/#signature-method-creation-algorithm
+    # Initialize verificationMethod to an empty object.
+    verification_method = {}
+
+    # Set multicodecValue and rawPublicKeyBytes to the result of passing
+    # multibaseValue and options to § 3.1.3 Decode Public Key Algorithm.
+    # Ensure the proper key length of rawPublicKeyBytes based on the
+    # multicodecValue table
+    public_key_length_MUST_be = MULTICODEC_VALUE_TABLE.get(
+        multibase_value, MULTICODEC_VALUE_NOT_FOUND_IN_TABLE
+    )
+    if public_key_length_MUST_be is MULTICODEC_VALUE_NOT_FOUND_IN_TABLE:
+        raise DIDKeyDecoderNotFoundError(
+            f"multibase_value {multibase_value!r} not in MULTICODEC_VALUE_NOT_FOUND_IN_TABLE {MULTICODEC_VALUE_NOT_FOUND_IN_TABLE!r}"
+        )
+
+    # If the byte length of rawPublicKeyBytes does not match the expected public
+    # key length for the associated multicodecValue, an invalidPublicKeyLength
+    # error MUST be raised.
+    if public_key_length_MUST_be is not None and public_key_length_MUST_be != len(
+        raw_public_key_bytes
+    ):
+        raise DIDKeyInvalidPublicKeyLengthError(
+            f"public_key_length_MUST_be: {public_key_length_MUST_be } != len(raw_public_key_bytes): {len(raw_public_key_bytes)}"
+        )
+
+    # Ensure the rawPublicKeyBytes are a proper encoding of the public key type
+    # as specified by the multicodecValue. This validation is often done by a
+    # cryptographic library when importing the public key by, for example,
+    # ensuring that an Elliptic Curve public key is a specific coordinate that
+    # exists on the elliptic curve. If an invalid public key value is detected,
+    # an invalidPublicKey error MUST be raised.
+    #
+    # SPEC ISSUE: Request for feedback on implementability:  It is not clear if
+    # this particular check is implementable across all public key types. The
+    # group is accepting feedback on the implementability of this particular
+    # feature.
+    try:
+        if multibase_value in (
+            MULTICODEC_HEX_P256_PUBLIC_KEY,
+            MULTICODEC_HEX_P384_PUBLIC_KEY,
+            MULTICODEC_HEX_P521_PUBLIC_KEY,
+        ):
+            public_key = cryptography.hazmat.primitives.asymmetric.ec.EllipticCurvePublicKey.from_encoded_point(
+                cryptography.hazmat.primitives.asymmetric.ec.SECP384R1(),
+                raw_public_key_bytes,
+            )
+        else:
+            raise DIDKeyDecoderNotFoundError(
+                f"No importer for multibase_value {multibase_value!r}"
+            )
+    except Exception as e:
+        raise DIDKeyInvalidPublicKeyError(
+            f"invalid raw_public_key_bytes: {raw_public_key_bytes!r}"
+        ) from e
+
+    return public_key
+
+
+def did_key_to_cryptography_key(
+    did_key: str,
+) -> Union[cryptography.hazmat.primitives.asymmetric.ec.EllipticCurvePublicKey]:
+    """
+    References
+
+    - https://w3c-ccg.github.io/did-method-key/#p-384
+    - RFC7515: JSON Web Key (JWK): https://www.rfc-editor.org/rfc/rfc7517
+    - RFC8037: CFRG Elliptic Curve Diffie-Hellman (ECDH) and Signatures in JSON Object Signing and Encryption (JOSE): https://www.rfc-editor.org/rfc/rfc8037
+
+    Examples
+
+    - P-384: https://github.com/w3c-ccg/did-method-key/blob/f5abee840c31e92cd1ac11737e0b62103ab99d21/test-vectors/nist-curves.json#L112-L166
+
+    >>> did_key_to_cryptography_key("did:key:invalid")
+    Traceback (most recent call last):
+    DIDKeyDecoderNotFoundError: ...
+    >>> public_key = did_key_to_cryptography_key("did:key:z82Lm1MpAkeJcix9K8TMiLd5NMAhnwkjjCBeWHXyu3U4oT2MVJJKXkcVBgjGhnLBn2Kaau9")
+    >>> public_key.__class__
+    <class 'cryptography.hazmat.backends.openssl.ec._EllipticCurvePublicKey'>
+    """
+    try:
+        multibase_value, raw_public_key_bytes = did_key_decode_public_key(
+            did_key.replace(DID_KEY_METHOD, "", 1)
+        )
+    except Exception as e:
+        raise DIDKeyDecoderNotFoundError(did_key) from e
+
+    try:
+        return did_key_signature_method_creation(multibase_value, raw_public_key_bytes)
+    except Exception as e:
+        raise DIDKeyDecoderError(did_key) from e
+
+    raise DIDKeyDecoderNotFoundError(did_key)