diff --git a/certify-core/src/main/java/io/mosip/certify/core/constants/SignatureAlg.java b/certify-core/src/main/java/io/mosip/certify/core/constants/SignatureAlg.java index b5903d77..1bd89988 100644 --- a/certify-core/src/main/java/io/mosip/certify/core/constants/SignatureAlg.java +++ b/certify-core/src/main/java/io/mosip/certify/core/constants/SignatureAlg.java @@ -11,5 +11,7 @@ public class SignatureAlg { public static final String ED25519_SIGNATURE_SUITE = "Ed25519Signature2018"; + public static final String ED25519_SIGNATURE_SUITE_2020 = "Ed25519Signature2020"; + // RS256, PS256, ES256 --> JWSAlgorithm.RS256.getName(); } diff --git a/certify-integration-api/src/main/java/io/mosip/certify/api/spi/VCSigner.java b/certify-integration-api/src/main/java/io/mosip/certify/api/spi/VCSigner.java index 724ae57f..174105a9 100644 --- a/certify-integration-api/src/main/java/io/mosip/certify/api/spi/VCSigner.java +++ b/certify-integration-api/src/main/java/io/mosip/certify/api/spi/VCSigner.java @@ -1,11 +1,10 @@ package io.mosip.certify.api.spi; import io.mosip.certify.api.dto.VCResult; -import java.util.Map; /** * VCSigner can sign any VC provided a vcHash & Signer inputs */ public interface VCSigner { - VCResult perform(String templatedVC, Map params); + VCResult perform(String templatedVC); } diff --git a/certify-service/src/main/java/io/mosip/certify/services/CertifyIssuanceServiceImpl.java b/certify-service/src/main/java/io/mosip/certify/services/CertifyIssuanceServiceImpl.java index d28ce076..1e3700e1 100644 --- a/certify-service/src/main/java/io/mosip/certify/services/CertifyIssuanceServiceImpl.java +++ b/certify-service/src/main/java/io/mosip/certify/services/CertifyIssuanceServiceImpl.java @@ -166,25 +166,7 @@ private VCResult getVerifiableCredential(CredentialRequest credentialRequest, templateParams.put(VelocityTemplatingConstants.SVG_TEMPLATE, svg); } String templatedVC = vcFormatter.format(jsonObject, templateParams); - Map vcSignerParams = new HashMap<>(); - // TODO: Collate this into simpler APIs where just key-type is specified - if (VCSignAlgo.equals(SignatureAlg.RSA_SIGNATURE_SUITE)) { - vcSignerParams.put(KeyManagerConstants.VC_SIGN_ALGO, - SignatureAlg.RSA_SIGNATURE_SUITE); - vcSignerParams.put(KeyManagerConstants.PUBLIC_KEY_URL, hostedKey); - vcSignerParams.put(KeyManagerConstants.KEY_APP_ID, KeyManagerConstants.CERTIFY_MOCK_RSA); - vcSignerParams.put(KeyManagerConstants.KEY_REF_ID, KeyManagerConstants.EMPTY_REF_ID); - // Change it to PS256 as per --> https://w3c.github.io/vc-jws-2020/#dfn-jsonwebsignature2020 - vcSignerParams.put(KeyManagerConstants.KEYMGR_SIGN_ALGO, JWSAlgorithm.RS256.getName()); - } else if (VCSignAlgo.equals(SignatureAlg.ED25519_SIGNATURE_SUITE)) { - // https://w3c-ccg.github.io/lds-ed25519-2018/ - vcSignerParams.put(KeyManagerConstants.VC_SIGN_ALGO, SignatureAlg.ED25519_SIGNATURE_SUITE); - vcSignerParams.put(KeyManagerConstants.PUBLIC_KEY_URL, hostedKey); - vcSignerParams.put(KeyManagerConstants.KEY_REF_ID, KeyManagerConstants.ED25519_REF_ID); - vcSignerParams.put(KeyManagerConstants.KEY_APP_ID, KeyManagerConstants.CERTIFY_MOCK_ED25519); - vcSignerParams.put(KeyManagerConstants.KEYMGR_SIGN_ALGO, JWSAlgorithm.EdDSA.getName()); - } - vcResult = vcSigner.perform(templatedVC, vcSignerParams); + vcResult = vcSigner.perform(templatedVC); } catch(DataProviderExchangeException e) { throw new CertifyException(e.getErrorCode()); } diff --git a/certify-service/src/main/java/io/mosip/certify/services/KeyManagerConstants.java b/certify-service/src/main/java/io/mosip/certify/services/KeyManagerConstants.java index c46ebf73..26f26cf1 100644 --- a/certify-service/src/main/java/io/mosip/certify/services/KeyManagerConstants.java +++ b/certify-service/src/main/java/io/mosip/certify/services/KeyManagerConstants.java @@ -6,11 +6,6 @@ package io.mosip.certify.services; public class KeyManagerConstants { - public static final String VC_SIGN_ALGO = "VCsignAlgo"; - public static final String PUBLIC_KEY_URL = "publicKeyURL"; - public static final String KEY_APP_ID = "keyAppId"; - public static final String KEY_REF_ID = "keyRefId"; - public static final String KEYMGR_SIGN_ALGO = "KeyMgrSignAlgo"; public static final String CERTIFY_MOCK_RSA = "CERTIFY_MOCK_RSA"; public static final String CERTIFY_MOCK_ED25519 = "CERTIFY_MOCK_ED25519"; public static final String ROOT_KEY = "ROOT"; diff --git a/certify-service/src/main/java/io/mosip/certify/services/KeymanagerLibSigner.java b/certify-service/src/main/java/io/mosip/certify/services/KeymanagerLibSigner.java index c81d9778..f513f223 100644 --- a/certify-service/src/main/java/io/mosip/certify/services/KeymanagerLibSigner.java +++ b/certify-service/src/main/java/io/mosip/certify/services/KeymanagerLibSigner.java @@ -8,17 +8,15 @@ import foundation.identity.jsonld.JsonLDException; import foundation.identity.jsonld.JsonLDObject; import info.weboftrust.ldsignatures.LdProof; -import info.weboftrust.ldsignatures.canonicalizer.URDNA2015Canonicalizer; +import info.weboftrust.ldsignatures.canonicalizer.Canonicalizer; import io.mosip.certify.api.dto.VCResult; import io.mosip.certify.api.spi.VCSigner; import io.mosip.certify.core.constants.*; import io.mosip.certify.core.exception.CertifyException; -import io.mosip.kernel.signature.dto.JWSSignatureRequestDto; -import io.mosip.kernel.signature.dto.JWTSignatureResponseDto; -import io.mosip.kernel.signature.service.SignatureService; +import io.mosip.certify.services.ldsigner.ProofSignatureStrategy; import lombok.extern.slf4j.Slf4j; -import org.json.JSONArray; import org.springframework.beans.factory.annotation.Autowired; +import org.springframework.beans.factory.annotation.Value; import org.springframework.stereotype.Service; import java.io.IOException; @@ -39,28 +37,26 @@ * These are the known external requirements: * - the public key must be pre-hosted for the VC & should be available * so long that VC should be verifiable - * - the VC should have a validFrom or issuanceDate in a specific UTC format + * - the VC should have a validFrom or issuanceDate in a specific UTC format, + * if missing it uses current time for proof creation timestamp. */ @Slf4j @Service public class KeymanagerLibSigner implements VCSigner { @Autowired - SignatureService signatureService; + ProofSignatureStrategy signProps; + @Value("${mosip.certify.issuer.pub.key}") + private String hostedKey; @Override - public VCResult perform(String templatedVC, Map keyMgrInput) { + public VCResult perform(String templatedVC) { // Can the below lines be done at Templating side itself ? VCResult VC = new VCResult<>(); JsonLDObject j = JsonLDObject.fromJson(templatedVC); j.setDocumentLoader(null); // NOTE: other aspects can be configured via keyMgrInput map String validFrom; - String signatureAlgorithm = keyMgrInput.get(KeyManagerConstants.VC_SIGN_ALGO); - String publicKeyURL = keyMgrInput.get(KeyManagerConstants.PUBLIC_KEY_URL); - String keyAppId = keyMgrInput.get(KeyManagerConstants.KEY_APP_ID); - String keyRefId = keyMgrInput.get(KeyManagerConstants.KEY_REF_ID); - String keyManagerSignAlgo = keyMgrInput.get(KeyManagerConstants.KEYMGR_SIGN_ALGO); if (j.getJsonObject().containsKey(VCDM1Constants.ISSUANCE_DATE)) { validFrom = j.getJsonObject().get(VCDM1Constants.ISSUANCE_DATE).toString(); } else if (j.getJsonObject().containsKey(VCDM2Constants.VALID_FROM)){ @@ -76,12 +72,12 @@ public VCResult perform(String templatedVC, Map ke .parse(validFrom, DateTimeFormatter.ofPattern(Constants.UTC_DATETIME_PATTERN)) .atZone(ZoneId.systemDefault()).toInstant()); - LdProof vcLdProof = LdProof.builder().defaultContexts(false).defaultTypes(false).type(signatureAlgorithm) + LdProof vcLdProof = LdProof.builder().defaultContexts(false).defaultTypes(false).type(signProps.getName()) .created(createDate).proofPurpose(VCDMConstants.ASSERTION_METHOD) - .verificationMethod(URI.create(publicKeyURL)) + .verificationMethod(URI.create(hostedKey)) .build(); // 1. Canonicalize - URDNA2015Canonicalizer canonicalizer = new URDNA2015Canonicalizer(); + Canonicalizer canonicalizer = signProps.getCanonicalizer(); byte[] vcSignBytes = null; try { vcSignBytes = canonicalizer.canonicalize(vcLdProof, j); @@ -89,29 +85,12 @@ public VCResult perform(String templatedVC, Map ke log.error("Error during canonicalization", e.getMessage()); throw new CertifyException("Error during canonicalization"); } - - // 2. VC Sign - String vcEncodedData = Base64.getUrlEncoder().encodeToString(vcSignBytes); - JWSSignatureRequestDto payload = new JWSSignatureRequestDto(); - payload.setDataToSign(vcEncodedData); - payload.setApplicationId(keyAppId); - payload.setReferenceId(keyRefId); // alg, empty = RSA - payload.setIncludePayload(false); - payload.setIncludeCertificate(false); - payload.setIncludeCertHash(true); - payload.setValidateJson(false); - payload.setB64JWSHeaderParam(false); - payload.setCertificateUrl(""); - payload.setSignAlgorithm(keyManagerSignAlgo); // RSSignature2018 --> RS256, PS256, ES256 - // TODO: Should this be a well defined Certify Exception for better comms b/w Certify & Support team? - JWTSignatureResponseDto jwsSignedData = signatureService.jwsSign(payload); - String sign = jwsSignedData.getJwtSignedData(); - LdProof ldProofWithJWS = LdProof.builder().base(vcLdProof).defaultContexts(false) - .jws(sign).build(); + String vcEncodedHash = Base64.getUrlEncoder().encodeToString(vcSignBytes); + String sign = signProps.getProof(vcEncodedHash); + LdProof ldProofWithJWS = signProps.buildProof(vcLdProof, sign); ldProofWithJWS.addToJsonLDObject(j); VC.setCredential(j); return VC; - // TODO: Check if this is really a VC // MOSIP ref: https://github.com/mosip/id-authentication/blob/master/authentication/authentication-service/src/main/java/io/mosip/authentication/service/kyc/impl/VciServiceImpl.java#L281 } } diff --git a/certify-service/src/main/java/io/mosip/certify/services/ldsigner/Ed25519ProofSignature2018.java b/certify-service/src/main/java/io/mosip/certify/services/ldsigner/Ed25519ProofSignature2018.java new file mode 100644 index 00000000..3594c23b --- /dev/null +++ b/certify-service/src/main/java/io/mosip/certify/services/ldsigner/Ed25519ProofSignature2018.java @@ -0,0 +1,59 @@ +package io.mosip.certify.services.ldsigner; + +import com.danubetech.keyformats.jose.JWSAlgorithm; +import info.weboftrust.ldsignatures.LdProof; +import info.weboftrust.ldsignatures.canonicalizer.Canonicalizer; +import info.weboftrust.ldsignatures.canonicalizer.URDNA2015Canonicalizer; +import io.mosip.certify.core.constants.SignatureAlg; +import io.mosip.certify.services.KeyManagerConstants; +import io.mosip.kernel.signature.dto.JWSSignatureRequestDto; +import io.mosip.kernel.signature.dto.JWTSignatureResponseDto; +import io.mosip.kernel.signature.service.SignatureService; +import org.springframework.beans.factory.annotation.Autowired; +import org.springframework.boot.autoconfigure.condition.ConditionalOnProperty; +import org.springframework.stereotype.Component; + +/** + * Ed25519SignatureAlgorithm2018 as per https://w3c-ccg.github.io/lds-ed25519-2018/ + */ +@Component +@ConditionalOnProperty(name = "mosip.certify.issuer.vc-sign-algo", havingValue = SignatureAlg.ED25519_SIGNATURE_SUITE) +public class Ed25519ProofSignature2018 implements ProofSignatureStrategy { + @Autowired + SignatureService signatureService; + + Canonicalizer canonicalizer = new URDNA2015Canonicalizer(); + + @Override + public String getName() { + return SignatureAlg.ED25519_SIGNATURE_SUITE; + } + + @Override + public Canonicalizer getCanonicalizer() { + return canonicalizer; + } + + @Override + public String getProof(String vcEncodedHash) { + JWSSignatureRequestDto payload = new JWSSignatureRequestDto(); + payload.setDataToSign(vcEncodedHash); + payload.setApplicationId(KeyManagerConstants.CERTIFY_MOCK_ED25519); + payload.setReferenceId(KeyManagerConstants.ED25519_REF_ID); // alg, empty = RSA + payload.setIncludePayload(false); + payload.setIncludeCertificate(false); + payload.setIncludeCertHash(true); + payload.setValidateJson(false); + payload.setB64JWSHeaderParam(false); + payload.setCertificateUrl(""); + payload.setSignAlgorithm(JWSAlgorithm.EdDSA); // RSSignature2018 --> RS256, PS256, ES256 + JWTSignatureResponseDto jwsSignedData = signatureService.jwsSign(payload); + return jwsSignedData.getJwtSignedData(); + } + + @Override + public LdProof buildProof(LdProof vcLdProof, String sign) { + return LdProof.builder().base(vcLdProof).defaultContexts(false) + .jws(sign).build(); + } +} diff --git a/certify-service/src/main/java/io/mosip/certify/services/ldsigner/Ed25519ProofSignature2020.java b/certify-service/src/main/java/io/mosip/certify/services/ldsigner/Ed25519ProofSignature2020.java new file mode 100644 index 00000000..f48f4716 --- /dev/null +++ b/certify-service/src/main/java/io/mosip/certify/services/ldsigner/Ed25519ProofSignature2020.java @@ -0,0 +1,56 @@ +package io.mosip.certify.services.ldsigner; + +import com.danubetech.keyformats.jose.JWSAlgorithm; +import info.weboftrust.ldsignatures.LdProof; +import info.weboftrust.ldsignatures.canonicalizer.Canonicalizer; +import info.weboftrust.ldsignatures.canonicalizer.URDNA2015Canonicalizer; +import io.mosip.certify.core.constants.SignatureAlg; +import io.mosip.certify.services.KeyManagerConstants; +import io.mosip.kernel.signature.dto.SignRequestDtoV2; +import io.mosip.kernel.signature.dto.SignResponseDto; +import io.mosip.kernel.signature.service.SignatureServicev2; +import org.springframework.beans.factory.annotation.Autowired; +import org.springframework.boot.autoconfigure.condition.ConditionalOnProperty; +import org.springframework.stereotype.Component; + +/** + * Ed25519SignatureAlgorithm2020 as per + * https://www.w3.org/community/reports/credentials/CG-FINAL-di-eddsa-2020-20220724/ + */ +@Component +@ConditionalOnProperty(name = "mosip.certify.issuer.vc-sign-algo", havingValue = SignatureAlg.ED25519_SIGNATURE_SUITE_2020) +public class Ed25519ProofSignature2020 implements ProofSignatureStrategy { + + @Autowired + SignatureServicev2 signatureService; + + Canonicalizer canonicalizer = new URDNA2015Canonicalizer(); + + @Override + public String getName() { + return SignatureAlg.ED25519_SIGNATURE_SUITE_2020; + } + + @Override + public Canonicalizer getCanonicalizer() { + return canonicalizer; + } + + @Override + public String getProof(String vcEncodedHash) { + SignRequestDtoV2 srd = new SignRequestDtoV2(); + srd.setApplicationId(KeyManagerConstants.CERTIFY_MOCK_ED25519); + srd.setReferenceId(KeyManagerConstants.ED25519_REF_ID); + srd.setDataToSign(vcEncodedHash); + srd.setResponseEncodingFormat("base58btc"); + srd.setSignAlgorithm(JWSAlgorithm.EdDSA); + SignResponseDto s = signatureService.signv2(srd); + return s.getSignature(); + } + + @Override + public LdProof buildProof(LdProof vcLdProof, String sign) { + return LdProof.builder().base(vcLdProof).defaultContexts(false) + .proofValue(sign).build(); + } +} diff --git a/certify-service/src/main/java/io/mosip/certify/services/ldsigner/ProofSignatureStrategy.java b/certify-service/src/main/java/io/mosip/certify/services/ldsigner/ProofSignatureStrategy.java new file mode 100644 index 00000000..3625c1b9 --- /dev/null +++ b/certify-service/src/main/java/io/mosip/certify/services/ldsigner/ProofSignatureStrategy.java @@ -0,0 +1,37 @@ +package io.mosip.certify.services.ldsigner; + +import info.weboftrust.ldsignatures.LdProof; +import info.weboftrust.ldsignatures.canonicalizer.Canonicalizer; + +import java.util.Map; + +/** + * ProofSignatureStrategy is a helper class for KeymanagerLibSigner + * to better deal with multiple signature algorithms for JSON-LD VCs. + */ +public interface ProofSignatureStrategy { + /** + * @return returns the name of the Algorithm + */ + String getName(); + + /** + * @return the Canonicalizer which will be used to Canonicalize the templated VC + */ + Canonicalizer getCanonicalizer(); + + /** + * getProof takes canonicalized VC hash and returns proof using a competent + * SignatureService implementation + * @param vcEncodedHash + * @return + */ + String getProof(String vcEncodedHash); + /** + * buildProof takes a proof String and attaches it to a proof object as per algorithm + * @param vcLdProof the proof object of the VC + * @param sign should be a string, can be a detached JWS, another proofString based on implementors choice + * @return + */ + LdProof buildProof(LdProof vcLdProof, String sign); +} diff --git a/certify-service/src/main/java/io/mosip/certify/services/ldsigner/RsaProofSignature2018.java b/certify-service/src/main/java/io/mosip/certify/services/ldsigner/RsaProofSignature2018.java new file mode 100644 index 00000000..f24ef4c4 --- /dev/null +++ b/certify-service/src/main/java/io/mosip/certify/services/ldsigner/RsaProofSignature2018.java @@ -0,0 +1,60 @@ +package io.mosip.certify.services.ldsigner; + +import com.danubetech.keyformats.jose.JWSAlgorithm; +import info.weboftrust.ldsignatures.LdProof; +import info.weboftrust.ldsignatures.canonicalizer.Canonicalizer; +import info.weboftrust.ldsignatures.canonicalizer.URDNA2015Canonicalizer; +import io.mosip.certify.core.constants.SignatureAlg; +import io.mosip.certify.services.KeyManagerConstants; +import io.mosip.kernel.signature.dto.JWSSignatureRequestDto; +import io.mosip.kernel.signature.dto.JWTSignatureResponseDto; +import io.mosip.kernel.signature.service.SignatureService; +import org.springframework.beans.factory.annotation.Autowired; +import org.springframework.boot.autoconfigure.condition.ConditionalOnProperty; +import org.springframework.stereotype.Component; + +import java.nio.charset.StandardCharsets; +import java.util.Base64; + +@Component +@ConditionalOnProperty(name = "mosip.certify.issuer.vc-sign-algo", havingValue = SignatureAlg.RSA_SIGNATURE_SUITE) +public class RsaProofSignature2018 implements ProofSignatureStrategy { + @Autowired + SignatureService signatureService; + + Canonicalizer canonicalizer = new URDNA2015Canonicalizer(); + + @Override + public String getName() { + return SignatureAlg.RSA_SIGNATURE_SUITE; + } + + @Override + public Canonicalizer getCanonicalizer() { + return canonicalizer; + } + + @Override + public String getProof(String vcEncodedHash) { + String vcEncodedData = Base64.getUrlEncoder().encodeToString(vcEncodedHash.getBytes(StandardCharsets.UTF_8)); + JWSSignatureRequestDto payload = new JWSSignatureRequestDto(); + payload.setDataToSign(vcEncodedData); + payload.setApplicationId(KeyManagerConstants.CERTIFY_MOCK_RSA); + payload.setReferenceId(KeyManagerConstants.EMPTY_REF_ID); // alg, empty = RSA + payload.setIncludePayload(false); + payload.setIncludeCertificate(false); + payload.setIncludeCertHash(true); + payload.setValidateJson(false); + payload.setB64JWSHeaderParam(false); + payload.setCertificateUrl(""); + payload.setSignAlgorithm(JWSAlgorithm.RS256); // RSSignature2018 --> RS256, PS256, ES256 + JWTSignatureResponseDto jwsSignedData = signatureService.jwsSign(payload); + return jwsSignedData.getJwtSignedData(); + } + + @Override + public LdProof buildProof(LdProof vcLdProof, String sign) { + return LdProof.builder().base(vcLdProof).defaultContexts(false) + .jws(sign).build(); + } +} diff --git a/certify-service/src/test/java/io/mosip/certify/services/KeymanagerLibSignerTest.java b/certify-service/src/test/java/io/mosip/certify/services/KeymanagerLibSignerTest.java index 42193e65..c0fff3fc 100644 --- a/certify-service/src/test/java/io/mosip/certify/services/KeymanagerLibSignerTest.java +++ b/certify-service/src/test/java/io/mosip/certify/services/KeymanagerLibSignerTest.java @@ -1,10 +1,12 @@ package io.mosip.certify.services; -import com.nimbusds.jose.JWSAlgorithm; import foundation.identity.jsonld.JsonLDObject; +import info.weboftrust.ldsignatures.LdProof; +import info.weboftrust.ldsignatures.canonicalizer.URDNA2015Canonicalizer; import io.mosip.certify.api.dto.VCResult; -import io.mosip.certify.core.constants.SignatureAlg; import io.mosip.certify.core.constants.VCDMConstants; +import io.mosip.certify.services.ldsigner.ProofSignatureStrategy; +import io.mosip.certify.services.ldsigner.RsaProofSignature2018; import io.mosip.kernel.signature.dto.JWTSignatureResponseDto; import org.junit.Assert; import org.junit.Before; @@ -14,18 +16,21 @@ import org.mockito.Mock; import io.mosip.kernel.signature.service.SignatureService; import org.mockito.junit.MockitoJUnitRunner; - -import java.util.HashMap; -import java.util.Map; - +import org.springframework.test.util.ReflectionTestUtils; import static org.mockito.ArgumentMatchers.any; +import static org.mockito.ArgumentMatchers.anyString; +import static org.mockito.Mockito.verify; import static org.mockito.Mockito.when; +import java.sql.Ref; +import java.util.Map; + @RunWith(MockitoJUnitRunner.class) public class KeymanagerLibSignerTest { - @Mock - private SignatureService signatureService; + SignatureService signatureService; + @Mock + ProofSignatureStrategy signProps; @InjectMocks private KeymanagerLibSigner signer; private static final String VC_1 = """ @@ -34,6 +39,7 @@ public class KeymanagerLibSignerTest { "https://www.w3.org/ns/credentials/v2" ], "validFrom": "2024-09-22T23:06:22.123Z", + "validUntil": "2034-09-22T23:06:22.123Z", "type": [ "VerifiableCredential", "MyPrototypeCredential" @@ -49,6 +55,7 @@ public class KeymanagerLibSignerTest { "https://www.w3.org/ns/credentials/v2" ], "validFrom": "2024-09-22T23:06:22.123Z", + "validUntil": "2034-09-22T23:06:22.123Z", "type": [ "VerifiableCredential", "MyPrototypeCredential" @@ -60,6 +67,7 @@ public class KeymanagerLibSignerTest { @Before public void setup() { + ReflectionTestUtils.setField(signer, "hostedKey", "https://example.com/sample.pub.key.json/"); } @Test @@ -67,30 +75,25 @@ public void testPerformSuccess_VC2() { // Mock Templated VC and Key Manager Input String VCs[] = new String[]{VC_1, VC_2}; for (String templatedVC : VCs) { - - Map keyMgrInput = new HashMap<>(); - keyMgrInput.put(KeyManagerConstants.PUBLIC_KEY_URL, "https://example.com/sample.pub.key.json/"); - keyMgrInput.put(KeyManagerConstants.KEY_APP_ID, KeyManagerConstants.CERTIFY_MOCK_RSA); - keyMgrInput.put(KeyManagerConstants.KEY_REF_ID, KeyManagerConstants.EMPTY_REF_ID); - keyMgrInput.put(KeyManagerConstants.VC_SIGN_ALGO, SignatureAlg.RSA_SIGNATURE_SUITE); - keyMgrInput.put(KeyManagerConstants.KEYMGR_SIGN_ALGO, JWSAlgorithm.RS256.getName()); - - // Mock Signature Service Response + // Prepare a FakeSignature2018 implementation JWTSignatureResponseDto jwsSignedData = new JWTSignatureResponseDto(); jwsSignedData.setJwtSignedData("mocked-jws"); when(signatureService.jwsSign(any())).thenReturn(jwsSignedData); - // Perform the test - VCResult vcResult = signer.perform(templatedVC, keyMgrInput); + when(signProps.getName()).thenReturn("FakeSignature2018"); + when(signProps.getCanonicalizer()).thenReturn(new URDNA2015Canonicalizer()); + when(signProps.getProof(anyString())).thenReturn("fake-jws-proof"); + LdProof l = LdProof.builder().jws("fake-jws-proof").type("FakeSignature2018").proofPurpose("assertionMethod").build(); + when(signProps.buildProof(any(), any())).thenReturn(l); + + // invoke + VCResult vcResult = signer.perform(templatedVC); - // Assertions - Assert.assertNotNull(vcResult); + // test + assert vcResult != null; JsonLDObject credential = vcResult.getCredential(); - Assert.assertNotNull(credential); - Assert.assertNotNull(credential.getJsonObject().get(VCDMConstants.PROOF)); - Assert.assertNotNull(vcResult.getCredential().getJsonObject().containsKey("proof")); + Assert.assertNotNull(credential.getJsonObject().containsKey("proof")); Map proof = (Map) credential.getJsonObject().get("proof"); - Assert.assertTrue(proof.containsKey("jws")); - Assert.assertEquals("mocked-jws", proof.get("jws")); + Assert.assertEquals("fake-jws-proof", proof.get("jws")); } } diff --git a/certify-service/src/test/resources/application-test.properties b/certify-service/src/test/resources/application-test.properties index 2a031b4c..0c6aeaa1 100644 --- a/certify-service/src/test/resources/application-test.properties +++ b/certify-service/src/test/resources/application-test.properties @@ -8,6 +8,7 @@ mosip.certify.integration.scan-base-package=io.mosip.certify mosip.certify.integration.audit-plugin=TestAuditPlugin mosip.certify.integration.vci-plugin=TestVCIPluginImpl mosip.certify.issuer=PluginIssuer +mosip.certify.issuer.vc-sign-algo=Ed25519Signature2018 # mosip.certify.issuer.vc-sign-algo:Ed25519Signature2018 for CertifyIssuer test ## ------------------------------------------ Discovery openid-configuration ------------------------------------------- diff --git a/pom.xml b/pom.xml index 68c97a0e..aecc473e 100644 --- a/pom.xml +++ b/pom.xml @@ -100,7 +100,7 @@ 21 0.6.5 1.3.0-beta.1 - 1.3.0-beta.1 + 1.3.0-beta.2-SNAPSHOT 0.5.0 2.5.0 1.7