Skip to content

Commit

Permalink
temp ugly fix (#521)
Browse files Browse the repository at this point in the history
  • Loading branch information
decentralgabe authored Apr 2, 2024
1 parent 6550aee commit f282aec
Show file tree
Hide file tree
Showing 5 changed files with 57 additions and 9 deletions.
15 changes: 13 additions & 2 deletions credential/integrity/jwt.go
Original file line number Diff line number Diff line change
Expand Up @@ -44,7 +44,13 @@ func SignVerifiableCredentialJWT(signer jwx.Signer, cred credential.VerifiableCr
return nil, errors.Wrap(err, "setting KID protected header")
}
}
signed, err := jwt.Sign(t, jwt.WithKey(jwa.SignatureAlgorithm(signer.ALG), signer.PrivateKey, jws.WithProtectedHeaders(hdrs)))

// Ed25519 is not supported by the jwx library yet https://github.com/TBD54566975/ssi-sdk/issues/520
alg := signer.ALG
if alg == "Ed25519" {
alg = jwa.EdDSA.String()
}
signed, err := jwt.Sign(t, jwt.WithKey(jwa.SignatureAlgorithm(alg), signer.PrivateKey, jws.WithProtectedHeaders(hdrs)))
if err != nil {
return nil, errors.Wrap(err, "signing JWT credential")
}
Expand Down Expand Up @@ -271,7 +277,12 @@ func SignVerifiablePresentationJWT(signer jwx.Signer, parameters *JWTVVPParamete
return nil, errors.Wrap(err, "setting KID protected header")
}
}
signed, err := jwt.Sign(t, jwt.WithKey(jwa.SignatureAlgorithm(signer.ALG), signer.PrivateKey, jws.WithProtectedHeaders(hdrs)))
// Ed25519 is not supported by the jwx library yet https://github.com/TBD54566975/ssi-sdk/issues/520
alg := signer.ALG
if alg == "Ed25519" {
alg = jwa.EdDSA.String()
}
signed, err := jwt.Sign(t, jwt.WithKey(jwa.SignatureAlgorithm(alg), signer.PrivateKey, jws.WithProtectedHeaders(hdrs)))
if err != nil {
return nil, errors.Wrap(err, "signing JWT presentation")
}
Expand Down
6 changes: 5 additions & 1 deletion crypto/jwx/jwk.go
Original file line number Diff line number Diff line change
Expand Up @@ -82,9 +82,13 @@ func (k *PrivateKeyJWK) ToPrivateKey() (gocrypto.PrivateKey, error) {
if err != nil {
return nil, errors.Wrap(err, "getting alg from key and curve")
}
// Ed25519 is not supported by the jwx library yet https://github.com/TBD54566975/ssi-sdk/issues/520
if alg == jwa.Ed25519.String() {
alg = jwa.EdDSA.String()
}
k.ALG = alg
}
if IsSupportedJWXSigningVerificationAlgorithm(k.ALG) || IsSupportedKeyAgreementType(k.ALG) {
if IsSupportedJWXSigningVerificationAlgorithm(k.ALG) || IsSupportedKeyAgreementType(k.CRV) {
return k.toSupportedPrivateKey()
}
if IsExperimentalJWXSigningVerificationAlgorithm(k.ALG) {
Expand Down
25 changes: 21 additions & 4 deletions crypto/jwx/jwt.go
Original file line number Diff line number Diff line change
Expand Up @@ -179,12 +179,23 @@ func (s *Signer) SignWithDefaults(kvs map[string]any) ([]byte, error) {
return nil, errors.Wrap(err, "setting KID protected header")
}
}
return jwt.Sign(t, jwt.WithKey(jwa.SignatureAlgorithm(s.ALG), s.PrivateKey, jws.WithProtectedHeaders(hdrs)))

// Ed25519 is not supported by the jwx library yet https://github.com/TBD54566975/ssi-sdk/issues/520
alg := s.ALG
if alg == "Ed25519" {
alg = jwa.EdDSA.String()
}
return jwt.Sign(t, jwt.WithKey(jwa.SignatureAlgorithm(alg), s.PrivateKey, jws.WithProtectedHeaders(hdrs)))
}

// Verify parses a token given the verifier's known algorithm and key, and returns an error, which is nil upon success
func (v *Verifier) Verify(token string) error {
if _, err := jwt.Parse([]byte(token), jwt.WithKey(jwa.SignatureAlgorithm(v.ALG), v.publicKey)); err != nil {
alg := jwa.SignatureAlgorithm(v.ALG)
// Ed25519 is not supported by the jwx library yet https://github.com/TBD54566975/ssi-sdk/issues/520
if alg == "Ed25519" {
alg = jwa.EdDSA
}
if _, err := jwt.Parse([]byte(token), jwt.WithKey(alg, v.publicKey)); err != nil {
return errors.Wrap(err, "verifying JWT")
}
return nil
Expand All @@ -205,7 +216,12 @@ func (*Verifier) Parse(token string) (jws.Headers, jwt.Token, error) {

// VerifyAndParse attempts to turn a string into a jwt.Token and verify its signature using the verifier
func (v *Verifier) VerifyAndParse(token string) (jws.Headers, jwt.Token, error) {
parsed, err := jwt.Parse([]byte(token), jwt.WithKey(jwa.SignatureAlgorithm(v.ALG), v.publicKey))
alg := jwa.SignatureAlgorithm(v.ALG)
// Ed25519 is not supported by the jwx library yet https://github.com/TBD54566975/ssi-sdk/issues/520
if alg == "Ed25519" {
alg = jwa.EdDSA
}
parsed, err := jwt.Parse([]byte(token), jwt.WithKey(alg, v.publicKey))
if err != nil {
return nil, nil, errors.Wrap(err, "parsing and verifying JWT")
}
Expand Down Expand Up @@ -235,7 +251,7 @@ func AlgFromKeyAndCurve(kty, crv string) (string, error) {
case jwa.X25519.String():
return jwa.X25519.String(), nil
case jwa.Ed25519.String():
return jwa.EdDSA.String(), nil
return jwa.Ed25519.String(), nil
default:
return "", fmt.Errorf("unsupported OKP jwt curve: %s", curve)
}
Expand Down Expand Up @@ -277,6 +293,7 @@ func GetSupportedJWXSigningVerificationAlgorithms() []string {
jwa.ES384.String(),
jwa.ES512.String(),
jwa.EdDSA.String(),
jwa.Ed25519.String(),
}
}

Expand Down
14 changes: 12 additions & 2 deletions cryptosuite/jws2020/jsonwebkey2020.go
Original file line number Diff line number Diff line change
Expand Up @@ -182,7 +182,12 @@ func (s *JSONWebKeySigner) Sign(tbs []byte) ([]byte, error) {
if err := headers.Set(jws.CriticalKey, []string{b64}); err != nil {
return nil, err
}
return jws.Sign(nil, jws.WithKey(jwa.SignatureAlgorithm(s.ALG), s.PrivateKey), jws.WithHeaders(headers), jws.WithDetachedPayload(tbs))
// Ed25519 is not supported by the jwx library yet https://github.com/TBD54566975/ssi-sdk/issues/520
alg := s.ALG
if alg == "Ed25519" {
alg = jwa.EdDSA.String()
}
return jws.Sign(nil, jws.WithKey(jwa.SignatureAlgorithm(alg), s.PrivateKey), jws.WithHeaders(headers), jws.WithDetachedPayload(tbs))
}

func (s *JSONWebKeySigner) GetKeyID() string {
Expand Down Expand Up @@ -238,7 +243,12 @@ func (v JSONWebKeyVerifier) Verify(message, signature []byte) error {
if err != nil {
return errors.Wrap(err, "getting public key")
}
_, err = jws.Verify(signature, jws.WithKey(jwa.SignatureAlgorithm(v.ALG), pubKey), jws.WithDetachedPayload(message))
// Ed25519 is not supported by the jwx library yet https://github.com/TBD54566975/ssi-sdk/issues/520
alg := v.ALG
if alg == "Ed25519" {
alg = jwa.EdDSA.String()
}
_, err = jws.Verify(signature, jws.WithKey(jwa.SignatureAlgorithm(alg), pubKey), jws.WithDetachedPayload(message))
return err
}

Expand Down
6 changes: 6 additions & 0 deletions go.work.sum
Original file line number Diff line number Diff line change
Expand Up @@ -202,6 +202,7 @@ github.com/stretchr/objx v0.5.2/go.mod h1:FRsXN1f5AsAjCGJKqEizvkpNtU+EGNCLh3NxZ/
github.com/stretchr/testify v1.3.0/go.mod h1:M5WIy9Dh21IEIfnGCwXGc5bZfKNJtfHm1UVUgZn+9EI=
github.com/stretchr/testify v1.4.0/go.mod h1:j7eGeouHqKxXV5pUuKE4zz7dFj8WfuZ+81PSLYec5m4=
github.com/stretchr/testify v1.8.1/go.mod h1:w2LPCIKwWwSfY2zedu0+kehJoqGctiVI29o6fzry7u4=
github.com/stretchr/testify v1.8.4/go.mod h1:sz/lmYIOXD/1dqDmKjjqLyZ2RngseejIcXlSw2iwfAo=
github.com/teserakt-io/golang-ed25519 v0.0.0-20210104091850-3888c087a4c8 h1:RBkacARv7qY5laaXGlF4wFB/tk5rnthhPb8oIBGoagY=
github.com/teserakt-io/golang-ed25519 v0.0.0-20210104091850-3888c087a4c8/go.mod h1:9PdLyPiZIiW3UopXyRnPYyjUXSpiQNHRLu8fOsR3o8M=
github.com/tidwall/gjson v1.6.7 h1:Mb1M9HZCRWEcXQ8ieJo7auYyyiSux6w9XN3AdTpxJrE=
Expand Down Expand Up @@ -241,14 +242,18 @@ golang.org/x/exp v0.0.0-20190731235908-ec7cb31e5a56/go.mod h1:JhuoJpWY28nO4Vef9t
golang.org/x/image v0.0.0-20190802002840-cff245a6509b h1:+qEpEAPhDZ1o0x3tHzZTQDArnOixOzGD9HUJfcg0mb4=
golang.org/x/image v0.0.0-20190802002840-cff245a6509b/go.mod h1:FeLwcggjj3mMvU+oOTbSwawSJRM1uh48EjtB4UJZlP0=
golang.org/x/mod v0.8.0 h1:LUYupSeNrTNCGzR/hVBk2NHZO4hXcVaW1k4Qx7rjPx8=
golang.org/x/mod v0.8.0/go.mod h1:iBbtSCu2XBx23ZKBPSOrRkjjQPZFPuis4dIYUhu/chs=
golang.org/x/net v0.0.0-20180719180050-a680a1efc54d/go.mod h1:mL1N/T3taQHkDXs73rZJwtUhF3w3ftmwwsq0BUmARs4=
golang.org/x/net v0.0.0-20180906233101-161cd47e91fd/go.mod h1:mL1N/T3taQHkDXs73rZJwtUhF3w3ftmwwsq0BUmARs4=
golang.org/x/net v0.0.0-20190311183353-d8887717615a/go.mod h1:t9HGtf8HONx5eT2rtn7q6eTqICYqUVnKs3thJo3Qplg=
golang.org/x/net v0.8.0/go.mod h1:QVkue5JL9kW//ek3r6jTKnTFis1tRmNAW2P1shuFdJc=
golang.org/x/net v0.14.0 h1:BONx9s002vGdD9umnlX1Po8vOZmrgH34qlHcD1MfK14=
golang.org/x/net v0.21.0/go.mod h1:bIjVDfnllIU7BJ2DNgfnXvpSvtn8VRwhlsaeUTyUS44=
golang.org/x/oauth2 v0.0.0-20220223155221-ee480838109b h1:clP8eMhB30EHdc0bd2Twtq6kgU7yl5ub2cQLSdrv1Dg=
golang.org/x/oauth2 v0.0.0-20220223155221-ee480838109b/go.mod h1:DAh4E804XQdzx2j+YRIaUnCqCV2RuMz24cGBJ5QYIrc=
golang.org/x/sync v0.0.0-20180314180146-1d60e4601c6f/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM=
golang.org/x/sync v0.0.0-20190423024810-112230192c58 h1:8gQV6CLnAEikrhgkHFbMAEhagSSnXWGV915qUMm9mrU=
golang.org/x/sync v0.0.0-20190423024810-112230192c58/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM=
golang.org/x/sync v0.1.0 h1:wsuoTGHzEhffawBOhz5CYhcrV4IdKZbEyZjBMuTp12o=
golang.org/x/sync v0.2.0/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM=
golang.org/x/sync v0.3.0 h1:ftCYgMx6zT/asHUrPw8BLLscYtGznsLAnjq5RH9P66E=
Expand All @@ -268,6 +273,7 @@ golang.org/x/time v0.1.0 h1:xYY+Bajn2a7VBmTM5GikTmnK8ZuX8YgnQCqZpbBNtmA=
golang.org/x/time v0.1.0/go.mod h1:tRJNPiyCQ0inRvYxbN9jk5I+vvW/OXSQhTDSoE431IQ=
golang.org/x/tools v0.0.0-20190425150028-36563e24a262/go.mod h1:RgjU9mgBXZiqYHBnxXauZ1Gv1EHHAz9KjViQ78xBX0Q=
golang.org/x/tools v0.6.0 h1:BOw41kyTf3PuCW1pVQf8+Cyg8pMlkYB1oo9iJ6D/lKM=
golang.org/x/tools v0.6.0/go.mod h1:Xwgl3UAJ/d3gWutnCtw505GrjyAbvKui8lOU390QaIU=
golang.org/x/xerrors v0.0.0-20191204190536-9bdfabe68543/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0=
golang.org/x/xerrors v0.0.0-20200804184101-5ec99f83aff1 h1:go1bK/D/BFZV2I8cIQd1NKEZ+0owSTG1fDTci4IqFcE=
golang.org/x/xerrors v0.0.0-20200804184101-5ec99f83aff1/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0=
Expand Down

0 comments on commit f282aec

Please sign in to comment.