diff --git a/src/main/java/org/eclipse/tractusx/managedidentitywallets/dao/entity/WalletKey.java b/src/main/java/org/eclipse/tractusx/managedidentitywallets/dao/entity/WalletKey.java index 3fcbbb7de..49aabf946 100644 --- a/src/main/java/org/eclipse/tractusx/managedidentitywallets/dao/entity/WalletKey.java +++ b/src/main/java/org/eclipse/tractusx/managedidentitywallets/dao/entity/WalletKey.java @@ -75,6 +75,9 @@ public class WalletKey extends MIWBaseEntity { private String keyId; + @Column(nullable = false) + private String algorithm; + public KeyPair toDto() { return new KeyPair(keyId, privateKey, publicKey); } diff --git a/src/main/java/org/eclipse/tractusx/managedidentitywallets/dao/repository/WalletKeyRepository.java b/src/main/java/org/eclipse/tractusx/managedidentitywallets/dao/repository/WalletKeyRepository.java index 8cd1db318..e93dde33a 100644 --- a/src/main/java/org/eclipse/tractusx/managedidentitywallets/dao/repository/WalletKeyRepository.java +++ b/src/main/java/org/eclipse/tractusx/managedidentitywallets/dao/repository/WalletKeyRepository.java @@ -37,7 +37,7 @@ public interface WalletKeyRepository extends BaseRepository { * @param id the id * @return the by wallet id */ - WalletKey getByWalletId(Long id); + WalletKey getByWalletIdAndAlgorithm(Long id, String alg); WalletKey findFirstByWallet_Bpn(String bpn); diff --git a/src/main/java/org/eclipse/tractusx/managedidentitywallets/service/HoldersCredentialService.java b/src/main/java/org/eclipse/tractusx/managedidentitywallets/service/HoldersCredentialService.java index 670055051..842910245 100644 --- a/src/main/java/org/eclipse/tractusx/managedidentitywallets/service/HoldersCredentialService.java +++ b/src/main/java/org/eclipse/tractusx/managedidentitywallets/service/HoldersCredentialService.java @@ -151,7 +151,7 @@ public VerifiableCredential issueCredential(Map data, String cal Validate.isFalse(callerBpn.equals(issuerWallet.getBpn())).launch(new ForbiddenException(BASE_WALLET_BPN_IS_NOT_MATCHING_WITH_REQUEST_BPN_FROM_TOKEN)); // get Key - byte[] privateKeyBytes = walletKeyService.getPrivateKeyByWalletIdentifierAsBytes(issuerWallet.getId()); + byte[] privateKeyBytes = walletKeyService.getPrivateKeyByWalletIdentifierAsBytes(issuerWallet.getId(), issuerWallet.getAlgorithm()); // check if the expiryDate is set Date expiryDate = null; diff --git a/src/main/java/org/eclipse/tractusx/managedidentitywallets/service/IssuersCredentialService.java b/src/main/java/org/eclipse/tractusx/managedidentitywallets/service/IssuersCredentialService.java index 683605f99..012e1e626 100644 --- a/src/main/java/org/eclipse/tractusx/managedidentitywallets/service/IssuersCredentialService.java +++ b/src/main/java/org/eclipse/tractusx/managedidentitywallets/service/IssuersCredentialService.java @@ -190,7 +190,7 @@ public PageImpl getCredentials(String credentialId, String */ @Transactional(isolation = Isolation.READ_UNCOMMITTED, propagation = Propagation.REQUIRED) public VerifiableCredential issueBpnCredential(Wallet baseWallet, Wallet holderWallet, boolean authority) { - byte[] privateKeyBytes = walletKeyService.getPrivateKeyByWalletIdentifierAsBytes(baseWallet.getId()); + byte[] privateKeyBytes = walletKeyService.getPrivateKeyByWalletIdentifierAsBytes(baseWallet.getId(), baseWallet.getAlgorithm()); List types = List.of(VerifiableCredentialType.VERIFIABLE_CREDENTIAL, MIWVerifiableCredentialType.BPN_CREDENTIAL); VerifiableCredentialSubject verifiableCredentialSubject = new VerifiableCredentialSubject(Map.of(StringPool.TYPE, MIWVerifiableCredentialType.BPN_CREDENTIAL, StringPool.ID, holderWallet.getDid(), @@ -233,7 +233,7 @@ public VerifiableCredential issueFrameworkCredential(IssueFrameworkCredentialReq validateAccess(callerBPN, baseWallet); // get Key - byte[] privateKeyBytes = walletKeyService.getPrivateKeyByWalletIdentifierAsBytes(baseWallet.getId()); + byte[] privateKeyBytes = walletKeyService.getPrivateKeyByWalletIdentifierAsBytes(baseWallet.getId(), baseWallet.getAlgorithm()); //if base wallet issue credentials to itself boolean isSelfIssued = isSelfIssued(holderWallet.getBpn()); @@ -284,7 +284,7 @@ public VerifiableCredential issueDismantlerCredential(IssueDismantlerCredentialR //check duplicate isCredentialExit(holderWallet.getDid(), MIWVerifiableCredentialType.DISMANTLER_CREDENTIAL); - byte[] privateKeyBytes = walletKeyService.getPrivateKeyByWalletIdentifierAsBytes(issuerWallet.getId()); + byte[] privateKeyBytes = walletKeyService.getPrivateKeyByWalletIdentifierAsBytes(issuerWallet.getId(), issuerWallet.getAlgorithm()); //if base wallet issue credentials to itself boolean isSelfIssued = isSelfIssued(request.getBpn()); @@ -335,7 +335,7 @@ public VerifiableCredential issueMembershipCredential(IssueMembershipCredentialR validateAccess(callerBPN, issuerWallet); - byte[] privateKeyBytes = walletKeyService.getPrivateKeyByWalletIdentifierAsBytes(issuerWallet.getId()); + byte[] privateKeyBytes = walletKeyService.getPrivateKeyByWalletIdentifierAsBytes(issuerWallet.getId(), issuerWallet.getAlgorithm()); List types = List.of(VerifiableCredentialType.VERIFIABLE_CREDENTIAL, VerifiableCredentialType.MEMBERSHIP_CREDENTIAL); //if base wallet issue credentials to itself @@ -392,7 +392,7 @@ public VerifiableCredential issueCredentialUsingBaseWallet(String holderDid, Map validateAccess(callerBpn, issuerWallet); // get issuer Key - byte[] privateKeyBytes = walletKeyService.getPrivateKeyByWalletIdentifierAsBytes(issuerWallet.getId()); + byte[] privateKeyBytes = walletKeyService.getPrivateKeyByWalletIdentifierAsBytes(issuerWallet.getId(), issuerWallet.getAlgorithm()); boolean isSelfIssued = isSelfIssued(holderWallet.getBpn()); diff --git a/src/main/java/org/eclipse/tractusx/managedidentitywallets/service/JwtPresentationFactoryService.java b/src/main/java/org/eclipse/tractusx/managedidentitywallets/service/JwtPresentationFactoryService.java new file mode 100644 index 000000000..4306a8263 --- /dev/null +++ b/src/main/java/org/eclipse/tractusx/managedidentitywallets/service/JwtPresentationFactoryService.java @@ -0,0 +1,106 @@ +/* + * ******************************************************************************* + * Copyright (c) 2021,2024 Contributors to the Eclipse Foundation + * + * See the NOTICE file(s) distributed with this work for additional + * information regarding copyright ownership. + * + * This program and the accompanying materials are made available under the + * terms of the Apache License, Version 2.0 which is available at + * https://www.apache.org/licenses/LICENSE-2.0. + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT + * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the + * License for the specific language governing permissions and limitations + * under the License. + * + * SPDX-License-Identifier: Apache-2.0 + * ****************************************************************************** + */ + +package org.eclipse.tractusx.managedidentitywallets.service; + +import com.fasterxml.jackson.databind.ObjectMapper; +import com.nimbusds.jose.Algorithm; +import com.nimbusds.jose.JOSEObjectType; +import com.nimbusds.jose.JWSAlgorithm; +import com.nimbusds.jose.JWSHeader; +import com.nimbusds.jose.JWSSigner; +import com.nimbusds.jose.crypto.ECDSASigner; +import com.nimbusds.jose.jwk.ECKey; +import com.nimbusds.jose.util.Base64URL; +import com.nimbusds.jwt.JWTClaimsSet; +import com.nimbusds.jwt.SignedJWT; +import lombok.RequiredArgsConstructor; +import org.eclipse.tractusx.ssi.lib.model.did.Did; +import org.eclipse.tractusx.ssi.lib.model.verifiable.credential.VerifiableCredential; +import org.eclipse.tractusx.ssi.lib.model.verifiable.presentation.VerifiablePresentation; +import org.eclipse.tractusx.ssi.lib.model.verifiable.presentation.VerifiablePresentationBuilder; +import org.eclipse.tractusx.ssi.lib.serialization.jsonLd.JsonLdSerializer; +import org.eclipse.tractusx.ssi.lib.serialization.jwt.SerializedVerifiablePresentation; +import org.slf4j.Logger; +import org.slf4j.LoggerFactory; + +import java.io.IOException; +import java.net.URI; +import java.security.interfaces.ECPrivateKey; +import java.util.Date; +import java.util.HashMap; +import java.util.List; +import java.util.Map; +import java.util.UUID; +import java.util.stream.Collectors; + +@RequiredArgsConstructor +public class JwtPresentationFactoryService { + private static final Logger log = LoggerFactory.getLogger(JwtPresentationFactoryService.class); + private final JsonLdSerializer jsonLdSerializer; + private final Did agentDid; + + public JwtPresentationFactoryService(Did agentDid, JsonLdSerializer jsonLdSerializer) { + this.agentDid = agentDid; + this.jsonLdSerializer = jsonLdSerializer; + } + + public SignedJWT createPresentation(Did issuer, List credentials, String audience, ECPrivateKey ecPrivateKey) throws IOException { + VerifiablePresentationBuilder verifiablePresentationBuilder = new VerifiablePresentationBuilder(); + URI uri = agentDid.toUri(); + VerifiablePresentation verifiablePresentation = verifiablePresentationBuilder.id(URI.create("" + uri + "#" + UUID.randomUUID())).type(List.of("VerifiablePresentation")).verifiableCredentials(credentials).build(); + SerializedVerifiablePresentation serializedVerifiablePresentation = jsonLdSerializer.serializePresentation(verifiablePresentation); + return create(issuer, audience, serializedVerifiablePresentation, ecPrivateKey); + } + + public SignedJWT create(Did didIssuer, String audience, SerializedVerifiablePresentation serializedPresentation, ECPrivateKey ecPrivateKey) throws IOException { + try { + String issuer = didIssuer.toString(); + String subject = didIssuer.toString(); + Map vp = (Map)(new ObjectMapper()).readValue(serializedPresentation.getJson(), HashMap.class); + JWTClaimsSet claimsSet = (new JWTClaimsSet.Builder()).issuer(issuer).subject(subject).audience(audience) + .claim("vp", vp).expirationTime(new Date((new Date()).getTime() + 60000L)).jwtID(UUID.randomUUID().toString()).build(); + return createSignedES256KJwt(ecPrivateKey, claimsSet, issuer); + } catch (Exception ex) { + log.error(ex.toString()); + throw ex; + } + } + + private static SignedJWT createSignedES256KJwt(ECPrivateKey ecPrivateKey, JWTClaimsSet claimsSet, String issuer) { + try { + JWSSigner signer = new ECDSASigner(ecPrivateKey); + if (!signer.supportedJWSAlgorithms().contains(JWSAlgorithm.ES256K)) { + throw new RuntimeException(String.format("Invalid signing method. Supported signing methods: %s", signer.supportedJWSAlgorithms().stream().map(Algorithm::getName).collect(Collectors.joining(", ")))); + } else { + JWSAlgorithm algorithm = JWSAlgorithm.ES256K; + JOSEObjectType type = JOSEObjectType.JWT; + JWSHeader header = new JWSHeader(algorithm, type, null, null, null, null, null, null, null, null, issuer, true, (Map)null, (Base64URL)null); + SignedJWT vc = new SignedJWT(header, claimsSet); + vc.sign(signer); + return vc; + } + } catch (Exception e) { + log.error(e.toString()); + throw new RuntimeException(e); + } + } +} diff --git a/src/main/java/org/eclipse/tractusx/managedidentitywallets/service/PresentationService.java b/src/main/java/org/eclipse/tractusx/managedidentitywallets/service/PresentationService.java index 07cf005ec..a9f6b8c09 100644 --- a/src/main/java/org/eclipse/tractusx/managedidentitywallets/service/PresentationService.java +++ b/src/main/java/org/eclipse/tractusx/managedidentitywallets/service/PresentationService.java @@ -30,6 +30,7 @@ import lombok.RequiredArgsConstructor; import lombok.SneakyThrows; import lombok.extern.slf4j.Slf4j; +import org.apache.commons.lang3.tuple.Pair; import org.eclipse.tractusx.managedidentitywallets.config.MIWSettings; import org.eclipse.tractusx.managedidentitywallets.constant.StringPool; import org.eclipse.tractusx.managedidentitywallets.dao.entity.HoldersCredential; @@ -40,6 +41,7 @@ import org.eclipse.tractusx.managedidentitywallets.exception.BadDataException; import org.eclipse.tractusx.managedidentitywallets.exception.MissingVcTypesException; import org.eclipse.tractusx.managedidentitywallets.exception.PermissionViolationException; +import org.eclipse.tractusx.managedidentitywallets.utils.SupportedAlgorithms; import org.eclipse.tractusx.managedidentitywallets.utils.Validate; import org.eclipse.tractusx.ssi.lib.crypt.octet.OctetKeyPairFactory; import org.eclipse.tractusx.ssi.lib.crypt.x21559.x21559PrivateKey; @@ -64,7 +66,9 @@ import org.springframework.stereotype.Service; import org.springframework.util.StringUtils; +import java.io.IOException; import java.net.URI; +import java.security.interfaces.ECPrivateKey; import java.util.ArrayList; import java.util.HashMap; import java.util.List; @@ -135,31 +139,45 @@ public Map createPresentation(Map data, boolean verifiableCredentials.add(verifiableCredential); }); - return buildVP(asJwt, audience, callerBpn, callerWallet, verifiableCredentials); + return buildVP(asJwt, audience, callerBpn, callerWallet, verifiableCredentials, false); } @SneakyThrows({ InvalidePrivateKeyFormat.class }) - private Map buildVP(boolean asJwt, String audience, String callerBpn, Wallet callerWallet, List verifiableCredentials) { + private Map buildVP(boolean asJwt, String audience, String callerBpn, Wallet callerWallet, + List verifiableCredentials, boolean fromIatp) { Map response = new HashMap<>(); - if (asJwt) { - log.debug("Creating VP as JWT for bpn ->{}", callerBpn); - Validate.isFalse(StringUtils.hasText(audience)).launch(new BadDataException("Audience needed to create VP as JWT")); + String algo; + if (asJwt && fromIatp) { + algo = SupportedAlgorithms.ES256K.name(); + Pair result = getPKey(callerWallet, algo, audience, callerBpn); + ECPrivateKey ecPrivateKey = (ECPrivateKey) result; - //Issuer of VP is holder of VC - Did vpIssuerDid = DidParser.parse(callerWallet.getDid()); + //JWT Factory + JwtPresentationFactoryService presentationFactory = new JwtPresentationFactoryService(new JsonLdSerializerImpl(), result.getLeft()); + SignedJWT presentation; + try { + presentation = presentationFactory.createPresentation(result.getLeft() + , verifiableCredentials, audience, ecPrivateKey); + } catch (IOException e) { + throw new RuntimeException(e); + } + + response.put(StringPool.VP, presentation.serialize()); + } else if (asJwt && !fromIatp){ + algo = SupportedAlgorithms.ECDSA.name(); + Pair result = getPKey(callerWallet, algo, audience, callerBpn); //JWT Factory SerializedJwtPresentationFactory presentationFactory = new SerializedJwtPresentationFactoryImpl( - new SignedJwtFactory(new OctetKeyPairFactory()), new JsonLdSerializerImpl(), vpIssuerDid); + new SignedJwtFactory(new OctetKeyPairFactory()), new JsonLdSerializerImpl(), result.getKey()); - //Build JWT - x21559PrivateKey ed25519Key = walletKeyService.getPrivateKeyByWalletIdentifier(callerWallet.getId()); + x21559PrivateKey ed25519Key = (x21559PrivateKey) result.getRight(); x21559PrivateKey privateKey = new x21559PrivateKey(ed25519Key.asByte()); - SignedJWT presentation = presentationFactory.createPresentation(vpIssuerDid - , verifiableCredentials, audience, privateKey); + SignedJWT presentation = presentationFactory.createPresentation(result.getLeft(), verifiableCredentials, audience, privateKey); response.put(StringPool.VP, presentation.serialize()); - } else { + } + else { log.debug("Creating VP as JSON-LD for bpn ->{}", callerBpn); VerifiablePresentationBuilder verifiablePresentationBuilder = new VerifiablePresentationBuilder(); @@ -176,6 +194,17 @@ private Map buildVP(boolean asJwt, String audience, String calle return response; } + private Pair getPKey (Wallet callerWallet, String algorithm, String audience, String callerBpn) { + log.debug("Creating VP as JWT for bpn ->{}", callerBpn); + Validate.isFalse(StringUtils.hasText(audience)).launch(new BadDataException("Audience needed to create VP as JWT")); + + //Issuer of VP is holder of VC + Did vpIssuerDid = DidParser.parse(callerWallet.getDid()); + + //Build JWT + return Pair.of(vpIssuerDid, walletKeyService.getPrivateKeyByWalletIdentifierAndAlgorithm(callerWallet.getId(), algorithm)); + } + /** * Validate presentation map. @@ -329,8 +358,9 @@ public Map createVpWithRequiredScopes(SignedJWT innerJWT, boolea holdersCredentials.forEach(c -> verifiableCredentials.add(c.getData())); + // if as JWT true -> get key ES256K and sign with it Map vp = buildVP(asJwt, jwtClaimsSet.getAudience().get(0), callerWallet.getBpn(), - callerWallet, verifiableCredentials); + callerWallet, verifiableCredentials, true); changeJtiStatus(jtiRecord); return vp; } diff --git a/src/main/java/org/eclipse/tractusx/managedidentitywallets/service/WalletKeyService.java b/src/main/java/org/eclipse/tractusx/managedidentitywallets/service/WalletKeyService.java index 5cdb07a94..552791122 100644 --- a/src/main/java/org/eclipse/tractusx/managedidentitywallets/service/WalletKeyService.java +++ b/src/main/java/org/eclipse/tractusx/managedidentitywallets/service/WalletKeyService.java @@ -30,11 +30,16 @@ import org.bouncycastle.util.io.pem.PemReader; import org.eclipse.tractusx.managedidentitywallets.dao.entity.WalletKey; import org.eclipse.tractusx.managedidentitywallets.dao.repository.WalletKeyRepository; +import org.eclipse.tractusx.managedidentitywallets.exception.BadDataException; import org.eclipse.tractusx.managedidentitywallets.utils.EncryptionUtils; +import org.eclipse.tractusx.managedidentitywallets.utils.SupportedAlgorithms; import org.eclipse.tractusx.ssi.lib.crypt.x21559.x21559PrivateKey; import org.springframework.stereotype.Service; import java.io.StringReader; +import java.security.KeyFactory; +import java.security.interfaces.ECPrivateKey; +import java.security.spec.PKCS8EncodedKeySpec; /** * The type Wallet key service. @@ -67,10 +72,14 @@ protected SpecificationUtil getSpecificationUtil() { * @return the byte [ ] */ @SneakyThrows - public byte[] getPrivateKeyByWalletIdentifierAsBytes(long walletId) { - return getPrivateKeyByWalletIdentifier(walletId).asByte(); + public byte[] getPrivateKeyByWalletIdentifierAsBytes(long walletId, String algorithm) { + Object privateKey = getPrivateKeyByWalletIdentifierAndAlgorithm(walletId, algorithm); + if (privateKey instanceof x21559PrivateKey) { + return ((x21559PrivateKey) privateKey).asByte(); + } else { + return ((ECPrivateKey) privateKey).getEncoded(); + } } - /** * Gets private key by wallet identifier. * @@ -79,11 +88,18 @@ public byte[] getPrivateKeyByWalletIdentifierAsBytes(long walletId) { */ @SneakyThrows - public x21559PrivateKey getPrivateKeyByWalletIdentifier(long walletId) { - WalletKey wallet = walletKeyRepository.getByWalletId(walletId); + public Object getPrivateKeyByWalletIdentifierAndAlgorithm(long walletId, String algorithm) { + WalletKey wallet = walletKeyRepository.getByWalletIdAndAlgorithm(walletId, algorithm); String privateKey = encryptionUtils.decrypt(wallet.getPrivateKey()); byte[] content = new PemReader(new StringReader(privateKey)).readPemObject().getContent(); - return new x21559PrivateKey(content); + if(SupportedAlgorithms.ECDSA.name().equals(algorithm)){ + return new x21559PrivateKey(content); + } else if (SupportedAlgorithms.ES256K.name().equals(algorithm)){ + KeyFactory kf = KeyFactory.getInstance("EC"); + return kf.generatePrivate(new PKCS8EncodedKeySpec(content)); + } else { + throw new BadDataException("not supported algorithm"); + } } } diff --git a/src/main/java/org/eclipse/tractusx/managedidentitywallets/service/WalletService.java b/src/main/java/org/eclipse/tractusx/managedidentitywallets/service/WalletService.java index 1436d5f6b..e3653c3bc 100644 --- a/src/main/java/org/eclipse/tractusx/managedidentitywallets/service/WalletService.java +++ b/src/main/java/org/eclipse/tractusx/managedidentitywallets/service/WalletService.java @@ -21,6 +21,11 @@ package org.eclipse.tractusx.managedidentitywallets.service; +import com.nimbusds.jose.jwk.Curve; +import com.nimbusds.jose.jwk.ECKey; +import com.nimbusds.jose.jwk.KeyUse; +import com.nimbusds.jose.jwk.gen.ECKeyGenerator; +import com.nimbusds.jose.crypto.bc.BouncyCastleProviderSingleton; import com.smartsensesolutions.java.commons.FilterRequest; import com.smartsensesolutions.java.commons.base.repository.BaseRepository; import com.smartsensesolutions.java.commons.base.service.BaseService; @@ -225,6 +230,12 @@ private Wallet createWallet(CreateWalletRequest request, boolean authority, Stri //create private key pair IKeyGenerator keyGenerator = new x21559Generator(); KeyPair keyPair = keyGenerator.generateKey(); + // create additional key pair ES256K + ECKey ecJwk = new ECKeyGenerator(Curve.SECP256K1) + .keyUse(KeyUse.SIGNATURE) + .keyID(UUID.randomUUID().toString()) + .provider(BouncyCastleProviderSingleton.getInstance()) + .generate(); //create did json Did did = DidWebFactory.fromHostnameAndPath(miwSettings.host(), request.getBpn()); @@ -261,20 +272,27 @@ private Wallet createWallet(CreateWalletRequest request, boolean authority, Stri .build()); - //Save key - walletKeyService.getRepository().save(WalletKey.builder() + WalletKey walletKey = WalletKey.builder() .wallet(wallet) .keyId(keyId) .referenceKey("dummy ref key, removed once vault setup is ready") .vaultAccessToken("dummy vault access token, removed once vault setup is ready") .privateKey(encryptionUtils.encrypt(getPrivateKeyString(keyPair.getPrivateKey().asByte()))) .publicKey(encryptionUtils.encrypt(getPublicKeyString(keyPair.getPublicKey().asByte()))) - .build()); + .build(); + + //Save key + walletKeyService.getRepository().save(walletKey); log.debug("Wallet created for bpn ->{}", StringEscapeUtils.escapeJava(request.getBpn())); + walletKey.setPrivateKey(encryptionUtils.encrypt(getPrivateKeyString(ecJwk.toECPrivateKey().getEncoded()))); + walletKey.setPublicKey(encryptionUtils.encrypt(getPublicKeyString(ecJwk.toECPublicKey().getEncoded()))); + // save second key + walletKeyService.getRepository().save(walletKey); + Wallet issuerWallet = walletRepository.getByBpn(miwSettings.authorityWalletBpn()); - //issue BPN credentials + //issue BPN credentials ES256K issuersCredentialService.issueBpnCredential(issuerWallet, wallet, authority); return wallet; diff --git a/src/main/java/org/eclipse/tractusx/managedidentitywallets/utils/SupportedAlgorithms.java b/src/main/java/org/eclipse/tractusx/managedidentitywallets/utils/SupportedAlgorithms.java new file mode 100644 index 000000000..a5883e1c0 --- /dev/null +++ b/src/main/java/org/eclipse/tractusx/managedidentitywallets/utils/SupportedAlgorithms.java @@ -0,0 +1,39 @@ +/* + * ******************************************************************************* + * Copyright (c) 2021,2024 Contributors to the Eclipse Foundation + * + * See the NOTICE file(s) distributed with this work for additional + * information regarding copyright ownership. + * + * This program and the accompanying materials are made available under the + * terms of the Apache License, Version 2.0 which is available at + * https://www.apache.org/licenses/LICENSE-2.0. + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT + * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the + * License for the specific language governing permissions and limitations + * under the License. + * + * SPDX-License-Identifier: Apache-2.0 + * ****************************************************************************** + */ + +package org.eclipse.tractusx.managedidentitywallets.utils; + +public enum SupportedAlgorithms { + + ECDSA("EcDSA"), + ES256K("ES256K (secp256k1)"); + + private String value; + + SupportedAlgorithms(String value){ + this.value = value; + } + + @Override + public String toString() { + return value; + } +} diff --git a/src/main/resources/db/changelog/changes/update_wallet_table.sql b/src/main/resources/db/changelog/changes/update_wallet_table.sql new file mode 100644 index 000000000..061eaca40 --- /dev/null +++ b/src/main/resources/db/changelog/changes/update_wallet_table.sql @@ -0,0 +1,25 @@ +/* + * ******************************************************************************* + * Copyright (c) 2021,2024 Contributors to the Eclipse Foundation + * + * See the NOTICE file(s) distributed with this work for additional + * information regarding copyright ownership. + * + * This program and the accompanying materials are made available under the + * terms of the Apache License, Version 2.0 which is available at + * https://www.apache.org/licenses/LICENSE-2.0. + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT + * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the + * License for the specific language governing permissions and limitations + * under the License. + * + * SPDX-License-Identifier: Apache-2.0 + * ****************************************************************************** + */ + +-- liquibase formatted sql +-- changeset andreibogus: ... + +ALTER TABLE public.wallet_key ADD algorithm varchar(255) NOT NULL; diff --git a/src/test/java/org/eclipse/tractusx/managedidentitywallets/vc/VerifiableCredentialIssuerEqualProofSignerTest.java b/src/test/java/org/eclipse/tractusx/managedidentitywallets/vc/VerifiableCredentialIssuerEqualProofSignerTest.java index 428381346..5367beede 100644 --- a/src/test/java/org/eclipse/tractusx/managedidentitywallets/vc/VerifiableCredentialIssuerEqualProofSignerTest.java +++ b/src/test/java/org/eclipse/tractusx/managedidentitywallets/vc/VerifiableCredentialIssuerEqualProofSignerTest.java @@ -107,7 +107,7 @@ private VerifiableCredential issueVC(String issuerDid, Wallet signerWallet) thro LinkedDataProofGenerator generator = LinkedDataProofGenerator.newInstance(SignatureType.JWS); URI verificationMethod = signerWallet.getDidDocument().getVerificationMethods().get(0).getId(); - byte[] privateKeyBytes = walletKeyService.getPrivateKeyByWalletIdentifierAsBytes(signerWallet.getId()); + byte[] privateKeyBytes = walletKeyService.getPrivateKeyByWalletIdentifierAsBytes(signerWallet.getId(), signerWallet.getAlgorithm()); JWSSignature2020 proof = (JWSSignature2020) generator.createProof(builder.build(), verificationMethod, new x21559PrivateKey(privateKeyBytes));