-
Notifications
You must be signed in to change notification settings - Fork 23
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
fix: incorrect parsing of public key coordinates and enable some tests again #1215
Merged
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Signed-off-by: Shota Jolbordi <[email protected]>
Signed-off-by: Shota Jolbordi <[email protected]>
shotexa
requested review from
todorkoleviohk,
amagyar-iohk,
yshyn-iohk,
patlo-iog,
mineme0110 and
CryptoKnightIOG
as code owners
June 21, 2024 15:29
Signed-off-by: Hyperledger Bot <[email protected]> Co-authored-by: Hyperledger Bot <[email protected]>
yshyn-iohk
reviewed
Jun 21, 2024
pollux/vc-jwt/src/main/scala/org/hyperledger/identus/pollux/vc/jwt/Proof.scala
Show resolved
Hide resolved
yshyn-iohk
approved these changes
Jun 21, 2024
hyperledger-bot
added a commit
that referenced
this pull request
Jul 1, 2024
# [1.37.0-snapshot.test.1](cloud-agent-v1.36.1...cloud-agent-v1.37.0-snapshot.test.1) (2024-07-01) ### Bug Fixes * avoid name and operationId conflict when creating oas client ([#1233](#1233)) ([73e8e24](73e8e24)) * incorrect parsing of public key coordinates and enable some tests again ([#1215](#1215)) ([5398a75](5398a75)) * KeyID from String to Opaque Type and presentation job cleanup ([#1190](#1190)) ([b813faf](b813faf)) * make init-script.sh idempotent [#1173](#1173) ([#1194](#1194)) ([1712062](1712062)) * migrate and repair in case of renaming issues ([#1211](#1211)) ([cb4d479](cb4d479)) * Present Error Handling (Part 1: Repo Changes) ([#1172](#1172)) ([13e2447](13e2447)) * Present Error Handling Job ([#1204](#1204)) ([3191d8b](3191d8b)) * present error handling Part 2 ([#1177](#1177)) ([9ac6e52](9ac6e52)) * Verification Policy Error Handling ([#1228](#1228)) ([6117a3c](6117a3c)) ### Features * add oidc4vci protocol MVP ([#1182](#1182)) ([3ae91dc](3ae91dc)) * add schemaId to the issuance session ([#1199](#1199)) ([97f5d83](97f5d83)) * add support for EcdsaSecp256k1Signature2019Proof and fix pk encoding for EddsaJcs2022Proof ([#1127](#1127)) ([e617ded](e617ded)) * **agent:** add browser fingerprint label to http metrics ([#1231](#1231)) ([f090554](f090554)) * ATL 6829 - Integrate ZIO failures and defects ADR in credential status list ([#1175](#1175)) ([dffad1d](dffad1d)) * ATL-6832 ZIO failures and defects in entity controller ([#1203](#1203)) ([9050094](9050094)) * ATL-6833 integrate ZIO failures and defects in wallet event controller ([#1186](#1186)) ([8bc2018](8bc2018)) * ATL-6834 Use ZIO Failures and Defects effectively in the Issue flow ([#1139](#1139)) ([ede7b77](ede7b77)) * Handle Error in Background Jobs - Improve the way we store errors and defects in DB ([#1218](#1218)) ([e3cadc9](e3cadc9)) * implement ADR Use ZIO Failures and Defects Effectively - Mercury should not throw exceptions ([#1192](#1192)) ([a4ce87f](a4ce87f)) * improve OpenAPI's PresentProof to make more consistent ([#1130](#1130)) ([bdc5d20](bdc5d20)) * Integrate ZIO failures and defects ADR in DID Registrar Controller and Mercury ([#1180](#1180)) ([d8e2120](d8e2120)) * SDJWT holder key binding ([#1185](#1185)) ([628f2f0](628f2f0)) * use kid in the jwt proof header of OID4VCI CredentialIssue request ([#1184](#1184)) ([ee53eda](ee53eda)) * use the compact format in SD-JWT ([#1169](#1169)) ([65da651](65da651)) Signed-off-by: Allain Magyar <[email protected]>
patlo-iog
pushed a commit
that referenced
this pull request
Jul 1, 2024
# [1.37.0-snapshot.test.1](cloud-agent-v1.36.1...cloud-agent-v1.37.0-snapshot.test.1) (2024-07-01) ### Bug Fixes * avoid name and operationId conflict when creating oas client ([#1233](#1233)) ([73e8e24](73e8e24)) * incorrect parsing of public key coordinates and enable some tests again ([#1215](#1215)) ([5398a75](5398a75)) * KeyID from String to Opaque Type and presentation job cleanup ([#1190](#1190)) ([b813faf](b813faf)) * make init-script.sh idempotent [#1173](#1173) ([#1194](#1194)) ([1712062](1712062)) * migrate and repair in case of renaming issues ([#1211](#1211)) ([cb4d479](cb4d479)) * Present Error Handling (Part 1: Repo Changes) ([#1172](#1172)) ([13e2447](13e2447)) * Present Error Handling Job ([#1204](#1204)) ([3191d8b](3191d8b)) * present error handling Part 2 ([#1177](#1177)) ([9ac6e52](9ac6e52)) * Verification Policy Error Handling ([#1228](#1228)) ([6117a3c](6117a3c)) ### Features * add oidc4vci protocol MVP ([#1182](#1182)) ([3ae91dc](3ae91dc)) * add schemaId to the issuance session ([#1199](#1199)) ([97f5d83](97f5d83)) * add support for EcdsaSecp256k1Signature2019Proof and fix pk encoding for EddsaJcs2022Proof ([#1127](#1127)) ([e617ded](e617ded)) * **agent:** add browser fingerprint label to http metrics ([#1231](#1231)) ([f090554](f090554)) * ATL 6829 - Integrate ZIO failures and defects ADR in credential status list ([#1175](#1175)) ([dffad1d](dffad1d)) * ATL-6832 ZIO failures and defects in entity controller ([#1203](#1203)) ([9050094](9050094)) * ATL-6833 integrate ZIO failures and defects in wallet event controller ([#1186](#1186)) ([8bc2018](8bc2018)) * ATL-6834 Use ZIO Failures and Defects effectively in the Issue flow ([#1139](#1139)) ([ede7b77](ede7b77)) * Handle Error in Background Jobs - Improve the way we store errors and defects in DB ([#1218](#1218)) ([e3cadc9](e3cadc9)) * implement ADR Use ZIO Failures and Defects Effectively - Mercury should not throw exceptions ([#1192](#1192)) ([a4ce87f](a4ce87f)) * improve OpenAPI's PresentProof to make more consistent ([#1130](#1130)) ([bdc5d20](bdc5d20)) * Integrate ZIO failures and defects ADR in DID Registrar Controller and Mercury ([#1180](#1180)) ([d8e2120](d8e2120)) * SDJWT holder key binding ([#1185](#1185)) ([628f2f0](628f2f0)) * use kid in the jwt proof header of OID4VCI CredentialIssue request ([#1184](#1184)) ([ee53eda](ee53eda)) * use the compact format in SD-JWT ([#1169](#1169)) ([65da651](65da651)) Signed-off-by: Allain Magyar <[email protected]> Signed-off-by: Pat Losoponkul <[email protected]>
patlo-iog
pushed a commit
that referenced
this pull request
Jul 1, 2024
# [1.37.0-snapshot.test.1](cloud-agent-v1.36.1...cloud-agent-v1.37.0-snapshot.test.1) (2024-07-01) ### Bug Fixes * avoid name and operationId conflict when creating oas client ([#1233](#1233)) ([73e8e24](73e8e24)) * incorrect parsing of public key coordinates and enable some tests again ([#1215](#1215)) ([5398a75](5398a75)) * KeyID from String to Opaque Type and presentation job cleanup ([#1190](#1190)) ([b813faf](b813faf)) * make init-script.sh idempotent [#1173](#1173) ([#1194](#1194)) ([1712062](1712062)) * migrate and repair in case of renaming issues ([#1211](#1211)) ([cb4d479](cb4d479)) * Present Error Handling (Part 1: Repo Changes) ([#1172](#1172)) ([13e2447](13e2447)) * Present Error Handling Job ([#1204](#1204)) ([3191d8b](3191d8b)) * present error handling Part 2 ([#1177](#1177)) ([9ac6e52](9ac6e52)) * Verification Policy Error Handling ([#1228](#1228)) ([6117a3c](6117a3c)) ### Features * add oidc4vci protocol MVP ([#1182](#1182)) ([3ae91dc](3ae91dc)) * add schemaId to the issuance session ([#1199](#1199)) ([97f5d83](97f5d83)) * add support for EcdsaSecp256k1Signature2019Proof and fix pk encoding for EddsaJcs2022Proof ([#1127](#1127)) ([e617ded](e617ded)) * **agent:** add browser fingerprint label to http metrics ([#1231](#1231)) ([f090554](f090554)) * ATL 6829 - Integrate ZIO failures and defects ADR in credential status list ([#1175](#1175)) ([dffad1d](dffad1d)) * ATL-6832 ZIO failures and defects in entity controller ([#1203](#1203)) ([9050094](9050094)) * ATL-6833 integrate ZIO failures and defects in wallet event controller ([#1186](#1186)) ([8bc2018](8bc2018)) * ATL-6834 Use ZIO Failures and Defects effectively in the Issue flow ([#1139](#1139)) ([ede7b77](ede7b77)) * Handle Error in Background Jobs - Improve the way we store errors and defects in DB ([#1218](#1218)) ([e3cadc9](e3cadc9)) * implement ADR Use ZIO Failures and Defects Effectively - Mercury should not throw exceptions ([#1192](#1192)) ([a4ce87f](a4ce87f)) * improve OpenAPI's PresentProof to make more consistent ([#1130](#1130)) ([bdc5d20](bdc5d20)) * Integrate ZIO failures and defects ADR in DID Registrar Controller and Mercury ([#1180](#1180)) ([d8e2120](d8e2120)) * SDJWT holder key binding ([#1185](#1185)) ([628f2f0](628f2f0)) * use kid in the jwt proof header of OID4VCI CredentialIssue request ([#1184](#1184)) ([ee53eda](ee53eda)) * use the compact format in SD-JWT ([#1169](#1169)) ([65da651](65da651)) Signed-off-by: Allain Magyar <[email protected]> Signed-off-by: Pat Losoponkul <[email protected]>
patlo-iog
pushed a commit
that referenced
this pull request
Jul 1, 2024
Signed-off-by: Pat Losoponkul <[email protected]> test: remove println Signed-off-by: Pat Losoponkul <[email protected]> chore(release): cut Identus Cloud agent 1.37.0-snapshot.test.1 release * avoid name and operationId conflict when creating oas client ([#1233](#1233)) ([73e8e24](73e8e24)) * incorrect parsing of public key coordinates and enable some tests again ([#1215](#1215)) ([5398a75](5398a75)) * KeyID from String to Opaque Type and presentation job cleanup ([#1190](#1190)) ([b813faf](b813faf)) * make init-script.sh idempotent [#1173](#1173) ([#1194](#1194)) ([1712062](1712062)) * migrate and repair in case of renaming issues ([#1211](#1211)) ([cb4d479](cb4d479)) * Present Error Handling (Part 1: Repo Changes) ([#1172](#1172)) ([13e2447](13e2447)) * Present Error Handling Job ([#1204](#1204)) ([3191d8b](3191d8b)) * present error handling Part 2 ([#1177](#1177)) ([9ac6e52](9ac6e52)) * Verification Policy Error Handling ([#1228](#1228)) ([6117a3c](6117a3c)) * add oidc4vci protocol MVP ([#1182](#1182)) ([3ae91dc](3ae91dc)) * add schemaId to the issuance session ([#1199](#1199)) ([97f5d83](97f5d83)) * add support for EcdsaSecp256k1Signature2019Proof and fix pk encoding for EddsaJcs2022Proof ([#1127](#1127)) ([e617ded](e617ded)) * **agent:** add browser fingerprint label to http metrics ([#1231](#1231)) ([f090554](f090554)) * ATL 6829 - Integrate ZIO failures and defects ADR in credential status list ([#1175](#1175)) ([dffad1d](dffad1d)) * ATL-6832 ZIO failures and defects in entity controller ([#1203](#1203)) ([9050094](9050094)) * ATL-6833 integrate ZIO failures and defects in wallet event controller ([#1186](#1186)) ([8bc2018](8bc2018)) * ATL-6834 Use ZIO Failures and Defects effectively in the Issue flow ([#1139](#1139)) ([ede7b77](ede7b77)) * Handle Error in Background Jobs - Improve the way we store errors and defects in DB ([#1218](#1218)) ([e3cadc9](e3cadc9)) * implement ADR Use ZIO Failures and Defects Effectively - Mercury should not throw exceptions ([#1192](#1192)) ([a4ce87f](a4ce87f)) * improve OpenAPI's PresentProof to make more consistent ([#1130](#1130)) ([bdc5d20](bdc5d20)) * Integrate ZIO failures and defects ADR in DID Registrar Controller and Mercury ([#1180](#1180)) ([d8e2120](d8e2120)) * SDJWT holder key binding ([#1185](#1185)) ([628f2f0](628f2f0)) * use kid in the jwt proof header of OID4VCI CredentialIssue request ([#1184](#1184)) ([ee53eda](ee53eda)) * use the compact format in SD-JWT ([#1169](#1169)) ([65da651](65da651)) Signed-off-by: Allain Magyar <[email protected]> Signed-off-by: Pat Losoponkul <[email protected]>
hyperledger-bot
added a commit
that referenced
this pull request
Jul 1, 2024
# [1.37.0](cloud-agent-v1.36.1...cloud-agent-v1.37.0) (2024-07-01) ### Bug Fixes * avoid name and operationId conflict when creating oas client ([#1233](#1233)) ([73e8e24](73e8e24)) * incorrect parsing of public key coordinates and enable some tests again ([#1215](#1215)) ([5398a75](5398a75)) * KeyID from String to Opaque Type and presentation job cleanup ([#1190](#1190)) ([b813faf](b813faf)) * make init-script.sh idempotent [#1173](#1173) ([#1194](#1194)) ([1712062](1712062)) * migrate and repair in case of renaming issues ([#1211](#1211)) ([cb4d479](cb4d479)) * Present Error Handling (Part 1: Repo Changes) ([#1172](#1172)) ([13e2447](13e2447)) * Present Error Handling Job ([#1204](#1204)) ([3191d8b](3191d8b)) * present error handling Part 2 ([#1177](#1177)) ([9ac6e52](9ac6e52)) * Verification Policy Error Handling ([#1228](#1228)) ([6117a3c](6117a3c)) ### Features * add oidc4vci protocol MVP ([#1182](#1182)) ([3ae91dc](3ae91dc)) * add schemaId to the issuance session ([#1199](#1199)) ([97f5d83](97f5d83)) * add support for EcdsaSecp256k1Signature2019Proof and fix pk encoding for EddsaJcs2022Proof ([#1127](#1127)) ([e617ded](e617ded)) * **agent:** add browser fingerprint label to http metrics ([#1231](#1231)) ([f090554](f090554)) * ATL 6829 - Integrate ZIO failures and defects ADR in credential status list ([#1175](#1175)) ([dffad1d](dffad1d)) * ATL-6832 ZIO failures and defects in entity controller ([#1203](#1203)) ([9050094](9050094)) * ATL-6833 integrate ZIO failures and defects in wallet event controller ([#1186](#1186)) ([8bc2018](8bc2018)) * ATL-6834 Use ZIO Failures and Defects effectively in the Issue flow ([#1139](#1139)) ([ede7b77](ede7b77)) * Handle Error in Background Jobs - Improve the way we store errors and defects in DB ([#1218](#1218)) ([e3cadc9](e3cadc9)) * implement ADR Use ZIO Failures and Defects Effectively - Mercury should not throw exceptions ([#1192](#1192)) ([a4ce87f](a4ce87f)) * improve OpenAPI's PresentProof to make more consistent ([#1130](#1130)) ([bdc5d20](bdc5d20)) * Integrate ZIO failures and defects ADR in DID Registrar Controller and Mercury ([#1180](#1180)) ([d8e2120](d8e2120)) * SDJWT holder key binding ([#1185](#1185)) ([628f2f0](628f2f0)) * use kid in the jwt proof header of OID4VCI CredentialIssue request ([#1184](#1184)) ([ee53eda](ee53eda)) * use the compact format in SD-JWT ([#1169](#1169)) ([65da651](65da651)) Signed-off-by: Allain Magyar <[email protected]>
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Description:
This PR fixes an issue with JWK coordinate generation for EcdsaSecp256k1Signature2019Proof.
JVM represents big integers in two's complement, which means that the leading byte is a sign (0 for pos and 1 for negative), because of this, the following line of code yields either a 32-byte array of a 33-byte array
Since
getAffineX
returnsBigInteger
, which is represented in two's complement, if the number is positive and it starts with one,toByteArray
function appends 0 at the beginning to signify that it is a positive number. Secp256k1 coordinates can't be negative anyway so seems like Apollo is expecting an unsigned integer in binary representation, and we ware generating a signed integer in two's complement representation, because of this, sometimes when X and Y are positive numbers that start with 1, we would get 33-byte arrays.Alternatives Considered (optional):
Link to existing ADR (Architecture Decision Record), if any. If relevant, describe other approaches explored and the selected approach. Documenting why the methods were not selected will create a knowledge base for future reference, helping prevent others from revisiting less optimal ideas.
Checklist: