feat: json web signature and key generation from lib

src/main/java/org/eclipse/tractusx/managedidentitywallets/service/WalletService.java

@@ -21,7 +21,6 @@
 
 package org.eclipse.tractusx.managedidentitywallets.service;
 
-import com.google.crypto.tink.subtle.Base64;
 import com.smartsensesolutions.java.commons.FilterRequest;
 import com.smartsensesolutions.java.commons.base.repository.BaseRepository;
 import com.smartsensesolutions.java.commons.base.service.BaseService;
@@ -32,14 +31,8 @@
 import lombok.RequiredArgsConstructor;
 import lombok.SneakyThrows;
 import lombok.extern.slf4j.Slf4j;
-import org.bouncycastle.crypto.params.Ed25519PrivateKeyParameters;
-import org.bouncycastle.crypto.params.Ed25519PublicKeyParameters;
-import org.bouncycastle.crypto.util.PrivateKeyFactory;
-import org.bouncycastle.crypto.util.PrivateKeyInfoFactory;
-import org.bouncycastle.crypto.util.PublicKeyFactory;
-import org.bouncycastle.crypto.util.SubjectPublicKeyInfoFactory;
-import org.bouncycastle.jcajce.provider.asymmetric.edec.KeyPairGeneratorSpi;
-import org.bouncycastle.openssl.jcajce.JcaPEMWriter;
+import org.bouncycastle.util.io.pem.PemObject;
+import org.bouncycastle.util.io.pem.PemWriter;
 import org.eclipse.tractusx.managedidentitywallets.config.MIWSettings;
 import org.eclipse.tractusx.managedidentitywallets.constant.StringPool;
 import org.eclipse.tractusx.managedidentitywallets.dao.entity.HoldersCredential;
@@ -53,10 +46,11 @@
 import org.eclipse.tractusx.managedidentitywallets.exception.ForbiddenException;
 import org.eclipse.tractusx.managedidentitywallets.utils.EncryptionUtils;
 import org.eclipse.tractusx.managedidentitywallets.utils.Validate;
-import org.eclipse.tractusx.ssi.lib.crypt.ed25519.Ed25519KeySet;
+import org.eclipse.tractusx.ssi.lib.crypt.IKeyGenerator;
+import org.eclipse.tractusx.ssi.lib.crypt.KeyPair;
+import org.eclipse.tractusx.ssi.lib.crypt.jwk.JsonWebKey;
+import org.eclipse.tractusx.ssi.lib.crypt.x21559.x21559Generator;
 import org.eclipse.tractusx.ssi.lib.did.web.DidWebFactory;
-import org.eclipse.tractusx.ssi.lib.model.MultibaseString;
-import org.eclipse.tractusx.ssi.lib.model.base.MultibaseFactory;
 import org.eclipse.tractusx.ssi.lib.model.did.*;
 import org.eclipse.tractusx.ssi.lib.model.verifiable.credential.VerifiableCredential;
 import org.eclipse.tractusx.ssi.lib.model.verifiable.credential.VerifiableCredentialType;
@@ -67,10 +61,6 @@
 import org.springframework.transaction.annotation.Transactional;
 
 import java.io.StringWriter;
-import java.security.KeyPair;
-import java.security.PrivateKey;
-import java.security.PublicKey;
-import java.security.SecureRandom;
 import java.util.ArrayList;
 import java.util.List;
 import java.util.Map;
@@ -214,29 +204,19 @@ private Wallet createWallet(CreateWalletRequest request, boolean authority) {
         validateCreateWallet(request);
 
         //create private key pair
-        Ed25519KeySet keyPair = createKeyPair();
+        IKeyGenerator keyGenerator = new x21559Generator();
+        KeyPair keyPair = keyGenerator.generateKey();
 
         //create did json
         Did did = DidWebFactory.fromHostnameAndPath(miwSettings.host(), request.getBpn());
 
-        //Extracting keys 
-        Ed25519KeySet keySet = new Ed25519KeySet(keyPair.getPrivateKey(), keyPair.getPublicKey());
-        MultibaseString publicKeyBase = MultibaseFactory.create(keySet.getPublicKey());
-
-        //Building Verification Methods:
-        List<VerificationMethod> verificationMethods = new ArrayList<>();
-        Ed25519VerificationMethodBuilder builder = new Ed25519VerificationMethodBuilder();
-        Ed25519VerificationMethod key =
-                builder
-                        .id(did.toUri())
-                        .controller(did.toUri())
-                        .publicKeyMultiBase(publicKeyBase)
-                        .build();
-        verificationMethods.add(key);
+        JsonWebKey jwk = new JsonWebKey("", keyPair.getPublicKey(), keyPair.getPrivateKey());
+        JWKVerificationMethod jwkVerificationMethod =
+                new JWKVerificationMethodBuilder().did(did).jwk(jwk).build();
 
         DidDocumentBuilder didDocumentBuilder = new DidDocumentBuilder();
         didDocumentBuilder.id(did.toUri());
-        didDocumentBuilder.verificationMethods(verificationMethods);
+        didDocumentBuilder.verificationMethods(List.of(jwkVerificationMethod));
         DidDocument didDocument = didDocumentBuilder.build();
         didDocument = DidDocument.fromJson(didDocument.toJson());
         log.debug("did document created for bpn ->{}", request.getBpn());
@@ -250,13 +230,14 @@ private Wallet createWallet(CreateWalletRequest request, boolean authority) {
                 .algorithm(StringPool.ED_25519)
                 .build());
 
+
         //Save key
         walletKeyService.getRepository().save(WalletKey.builder()
                 .walletId(wallet.getId())
                 .referenceKey("dummy ref key")  //TODO removed once vault setup is ready
                 .vaultAccessToken("dummy vault access token") ////TODO removed once vault setup is ready
-                .privateKey(encryptionUtils.encrypt(getPrivateKeyString(keyPair.getPrivateKey())))
-                .publicKey(encryptionUtils.encrypt(getPublicKeyString(keyPair.getPublicKey())))
+                .privateKey(encryptionUtils.encrypt(getPrivateKeyString(keyPair.getPrivateKey().asByte())))
+                .publicKey(encryptionUtils.encrypt(getPublicKeyString(keyPair.getPublicKey().asByte())))
                 .build());
         log.debug("Wallet created for bpn ->{}", request.getBpn());
 
@@ -293,7 +274,7 @@ private void validateCreateWallet(CreateWalletRequest request) {
         }
 
     }
-
+/*
     @SneakyThrows
     private Ed25519KeySet createKeyPair() {
         KeyPairGeneratorSpi.Ed25519 ed25519 = new KeyPairGeneratorSpi.Ed25519();
@@ -309,23 +290,24 @@ private Ed25519KeySet createKeyPair() {
         byte[] privateKeyBytes = ed25519PrivateKeyParameters.getEncoded();
         byte[] publicKeyBytes = publicKeyParameters.getEncoded();
         return new Ed25519KeySet(privateKeyBytes, publicKeyBytes);
-    }
-
+    }*/
 
     @SneakyThrows
     private String getPrivateKeyString(byte[] privateKeyBytes) {
         StringWriter stringWriter = new StringWriter();
-        JcaPEMWriter pemWriter = new JcaPEMWriter(stringWriter);
-        pemWriter.writeObject(PrivateKeyInfoFactory.createPrivateKeyInfo(new Ed25519PrivateKeyParameters(privateKeyBytes, 0)));
+        PemWriter pemWriter = new PemWriter(stringWriter);
+        pemWriter.writeObject(new PemObject("PRIVATE KEY", privateKeyBytes));
+        pemWriter.flush();
         pemWriter.close();
         return stringWriter.toString();
     }
 
     @SneakyThrows
     private String getPublicKeyString(byte[] publicKeyBytes) {
         StringWriter stringWriter = new StringWriter();
-        JcaPEMWriter pemWriter = new JcaPEMWriter(stringWriter);
-        pemWriter.writeObject(SubjectPublicKeyInfoFactory.createSubjectPublicKeyInfo(new Ed25519PublicKeyParameters(publicKeyBytes, 0)));
+        PemWriter pemWriter = new PemWriter(stringWriter);
+        pemWriter.writeObject(new PemObject("PUBLIC KEY", publicKeyBytes));
+        pemWriter.flush();
         pemWriter.close();
         return stringWriter.toString();
     }

src/main/java/org/eclipse/tractusx/managedidentitywallets/utils/CommonUtils.java

@@ -28,7 +28,7 @@
 import org.eclipse.tractusx.ssi.lib.exception.InvalidePrivateKeyFormat;
 import org.eclipse.tractusx.ssi.lib.exception.UnsupportedSignatureTypeException;
 import org.eclipse.tractusx.ssi.lib.model.did.DidDocument;
-import org.eclipse.tractusx.ssi.lib.model.proof.Proof;
+import org.eclipse.tractusx.ssi.lib.model.proof.jws.JWSSignature2020;
 import org.eclipse.tractusx.ssi.lib.model.verifiable.credential.VerifiableCredential;
 import org.eclipse.tractusx.ssi.lib.model.verifiable.credential.VerifiableCredentialBuilder;
 import org.eclipse.tractusx.ssi.lib.model.verifiable.credential.VerifiableCredentialSubject;
@@ -38,7 +38,10 @@
 
 import java.net.URI;
 import java.time.Instant;
-import java.util.*;
+import java.util.ArrayList;
+import java.util.Date;
+import java.util.List;
+import java.util.UUID;
 
 /**
  * The type Common utils.
@@ -111,12 +114,13 @@ private static VerifiableCredential createVerifiableCredential(DidDocument issue
                         .issuanceDate(Instant.now())
                         .credentialSubject(verifiableCredentialSubject);
 
-        //Ed25519 Proof Builder
-        LinkedDataProofGenerator generator = LinkedDataProofGenerator.newInstance(SignatureType.ED21559);
+
+        LinkedDataProofGenerator generator = LinkedDataProofGenerator.newInstance(SignatureType.JWS);
         URI verificationMethod = issuerDoc.getVerificationMethods().get(0).getId();
-        VerifiableCredential credential = builder.build();
-        Proof proof = generator.createProof(credential, verificationMethod,
-                new x21559PrivateKey(privateKey));
+
+        JWSSignature2020 proof =
+                (JWSSignature2020) generator.createProof(builder.build(), verificationMethod, new x21559PrivateKey(privateKey));
+
 
         //Adding Proof to VC
         builder.proof(proof);

src/test/java/org/eclipse/tractusx/managedidentitywallets/vc/HoldersCredentialTest.java

@@ -213,9 +213,7 @@ void validateCredentialsWithInvalidVC() throws com.fasterxml.jackson.core.JsonPr
             //mock setup
             LinkedDataProofValidation mock = Mockito.mock(LinkedDataProofValidation.class);
             utils.when(() -> {
-                LinkedDataProofValidation.newInstance(
-                        Mockito.eq(SignatureType.ED21559),
-                        Mockito.any(DidDocumentResolverRegistryImpl.class));
+                LinkedDataProofValidation.newInstance(Mockito.any(SignatureType.class), Mockito.any(DidDocumentResolverRegistryImpl.class));
             }).thenReturn(mock);
             Mockito.when(mock.verifiyProof(Mockito.any(VerifiableCredential.class))).thenReturn(false);
 
@@ -238,9 +236,7 @@ void validateCredentials() throws com.fasterxml.jackson.core.JsonProcessingExcep
             //mock setup
             LinkedDataProofValidation mock = Mockito.mock(LinkedDataProofValidation.class);
             utils.when(() -> {
-                LinkedDataProofValidation.newInstance(
-                        Mockito.eq(SignatureType.ED21559),
-                        Mockito.any(DidDocumentResolverRegistryImpl.class));
+                LinkedDataProofValidation.newInstance(Mockito.any(SignatureType.class), Mockito.any(DidDocumentResolverRegistryImpl.class));
             }).thenReturn(mock);
             Mockito.when(mock.verifiyProof(Mockito.any(VerifiableCredential.class))).thenReturn(true);