From e36ecf2930080b0b85a1109bfb1942e0241553a2 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Eike=20Ha=C3=9F?= Date: Mon, 19 Aug 2024 09:51:12 +0200 Subject: [PATCH] add noble/curves for es256 jwt verification --- client/package-lock.json | 128 +++++++++++------- client/package.json | 5 +- .../app/components/identity/DIDResolver.tsx | 14 +- 3 files changed, 92 insertions(+), 55 deletions(-) diff --git a/client/package-lock.json b/client/package-lock.json index 777b08039..a97da3717 100644 --- a/client/package-lock.json +++ b/client/package-lock.json @@ -14,13 +14,14 @@ "@fontsource/ibm-plex-mono": "^4.5.12", "@fontsource/material-icons": "^4.5.4", "@iota/crypto.js": "^1.8.6", - "@iota/identity-wasm": "^1.0.0", + "@iota/identity-wasm": "^1.3.1", "@iota/iota.js": "^1.8.6", "@iota/mam-legacy": "github:iotaledger/mam.js#fddc95f60539b9a31a4db1b5b56e0dedb8994883", "@iota/mam.js": "^1.6.2", "@iota/sdk-wasm-nova": "npm:@iota/sdk-wasm@^2.0.0-beta.1", "@iota/sdk-wasm-stardust": "npm:@iota/sdk-wasm@1.1.1", "@iota/util.js": "^1.8.6", + "@noble/curves": "^1.5.0", "classnames": "^2.3.1", "d3-array": "^3.2.1", "d3-axis": "^3.0.0", @@ -783,12 +784,13 @@ } }, "node_modules/@iota/identity-wasm": { - "version": "1.0.0", - "resolved": "https://registry.npmjs.org/@iota/identity-wasm/-/identity-wasm-1.0.0.tgz", - "integrity": "sha512-gSmDWQM5ae/QN2Apl4egDVvx2tsk2erlCG2a/QIpQK/c6dJ4F4/7LOaV4pLcnqabmbWm34BnqlEiXDVRYtAwsQ==", + "version": "1.3.1", + "resolved": "https://registry.npmjs.org/@iota/identity-wasm/-/identity-wasm-1.3.1.tgz", + "integrity": "sha512-BxWTsiV9tBNaR7rZ6Q4hfcX8CjMZq5zNXP80SF/LRDMBFZJ6De8EhGl+wZ7MCxGlYKRqrgiEf4Irh4RLerRLUw==", "dependencies": { "@noble/ed25519": "^1.7.3", "@types/node-fetch": "^2.6.2", + "base64-arraybuffer": "^1.0.2", "node-fetch": "^2.6.7" }, "engines": { @@ -846,8 +848,9 @@ "license": "MIT" }, "node_modules/@iota/sdk-wasm": { - "version": "1.1.1", - "license": "Apache-2.0", + "version": "1.1.3", + "resolved": "https://registry.npmjs.org/@iota/sdk-wasm/-/sdk-wasm-1.1.3.tgz", + "integrity": "sha512-piyl0B6gcoo7mbmX3QUCyEYtqk6UoCS2cqBYiV7FFz3fmT2DPcQJmcaDvW0nmNh5BbRR9MhPkp3MEerPm6mezA==", "peer": true, "dependencies": { "class-transformer": "^0.5.1", @@ -931,24 +934,11 @@ "resolved": "https://registry.npmjs.org/yallist/-/yallist-4.0.0.tgz", "integrity": "sha512-3wdGidZyq5PB084XLES5TpOSRA3wjXAlIWMhum2kRcv/41Sn2emQ0dycQW4uZXLejwKvg6EsvbdlVL+FYEct7A==" }, - "node_modules/@iota/sdk-wasm/node_modules/lru-cache": { - "version": "6.0.0", - "license": "ISC", - "peer": true, - "dependencies": { - "yallist": "^4.0.0" - }, - "engines": { - "node": ">=10" - } - }, "node_modules/@iota/sdk-wasm/node_modules/semver": { - "version": "7.5.4", - "license": "ISC", + "version": "7.6.3", + "resolved": "https://registry.npmjs.org/semver/-/semver-7.6.3.tgz", + "integrity": "sha512-oVekP1cKtI+CTDvHWYFUcMtsK/00wmAEfyqKfNdARm8u1wNVhSgaX7A8d4UuIlUI5e84iEwOhs7ZPYRmzU9U6A==", "peer": true, - "dependencies": { - "lru-cache": "^6.0.0" - }, "bin": { "semver": "bin/semver.js" }, @@ -956,11 +946,6 @@ "node": ">=10" } }, - "node_modules/@iota/sdk-wasm/node_modules/yallist": { - "version": "4.0.0", - "license": "ISC", - "peer": true - }, "node_modules/@iota/signing": { "version": "1.0.0-beta.30", "license": "MIT", @@ -1167,6 +1152,17 @@ "@jridgewell/sourcemap-codec": "^1.4.14" } }, + "node_modules/@noble/curves": { + "version": "1.5.0", + "resolved": "https://registry.npmjs.org/@noble/curves/-/curves-1.5.0.tgz", + "integrity": "sha512-J5EKamIHnKPyClwVrzmaf5wSdQXgdHcPZIZLu3bwnbeCx8/7NPK5q2ZBWF+5FvYGByjiQQsJYX6jfgB2wDPn3A==", + "dependencies": { + "@noble/hashes": "1.4.0" + }, + "funding": { + "url": "https://paulmillr.com/funding/" + } + }, "node_modules/@noble/ed25519": { "version": "1.7.3", "resolved": "https://registry.npmjs.org/@noble/ed25519/-/ed25519-1.7.3.tgz", @@ -1178,6 +1174,17 @@ } ] }, + "node_modules/@noble/hashes": { + "version": "1.4.0", + "resolved": "https://registry.npmjs.org/@noble/hashes/-/hashes-1.4.0.tgz", + "integrity": "sha512-V1JJ1WTRUqHHrOSh597hURcMqVKVGL/ea3kv0gSnEdsEZ0/+VyPghM1lMNGc00z7CIQorSvbKpuJkxvuHbvdbg==", + "engines": { + "node": ">= 16" + }, + "funding": { + "url": "https://paulmillr.com/funding/" + } + }, "node_modules/@nodelib/fs.scandir": { "version": "2.1.5", "dev": true, @@ -1568,9 +1575,9 @@ "integrity": "sha512-ZUGPWx5vKfN+G2/yN7pcSNLkIkXEvlwNaJEd4e0ppX7W2S8XAkdc/37hM4OUNJB9sa0p12AOvGvxL4JCPiz9DA==" }, "node_modules/@types/node-fetch": { - "version": "2.6.9", - "resolved": "https://registry.npmjs.org/@types/node-fetch/-/node-fetch-2.6.9.tgz", - "integrity": "sha512-bQVlnMLFJ2d35DkPNjEPmd9ueO/rh5EiaZt2bhqiSarPjZIuIV6bPQVqcrEyvNo+AfTrRGVazle1tl597w3gfA==", + "version": "2.6.11", + "resolved": "https://registry.npmjs.org/@types/node-fetch/-/node-fetch-2.6.11.tgz", + "integrity": "sha512-24xFj9R5+rfQJLRyM56qh+wnVSYhyXC2tkoBndtY0U+vubqNsYXGjufB2nn8Q6gt0LrARwL6UBtMCSVCwl4B1g==", "dependencies": { "@types/node": "*", "form-data": "^4.0.0" @@ -2521,6 +2528,14 @@ "dev": true, "license": "MIT" }, + "node_modules/base64-arraybuffer": { + "version": "1.0.2", + "resolved": "https://registry.npmjs.org/base64-arraybuffer/-/base64-arraybuffer-1.0.2.tgz", + "integrity": "sha512-I3yl4r9QB5ZRY3XuJVEPfc2XhZO6YweFPI+UovAzn+8/hb3oJ6lnysaFcjVpkCPfVWFUDvoZ8kmVDP7WyRtYtQ==", + "engines": { + "node": ">= 0.6.0" + } + }, "node_modules/base64-js": { "version": "1.5.1", "dev": true, @@ -11714,12 +11729,13 @@ } }, "@iota/identity-wasm": { - "version": "1.0.0", - "resolved": "https://registry.npmjs.org/@iota/identity-wasm/-/identity-wasm-1.0.0.tgz", - "integrity": "sha512-gSmDWQM5ae/QN2Apl4egDVvx2tsk2erlCG2a/QIpQK/c6dJ4F4/7LOaV4pLcnqabmbWm34BnqlEiXDVRYtAwsQ==", + "version": "1.3.1", + "resolved": "https://registry.npmjs.org/@iota/identity-wasm/-/identity-wasm-1.3.1.tgz", + "integrity": "sha512-BxWTsiV9tBNaR7rZ6Q4hfcX8CjMZq5zNXP80SF/LRDMBFZJ6De8EhGl+wZ7MCxGlYKRqrgiEf4Irh4RLerRLUw==", "requires": { "@noble/ed25519": "^1.7.3", "@types/node-fetch": "^2.6.2", + "base64-arraybuffer": "^1.0.2", "node-fetch": "^2.6.7" } }, @@ -11762,7 +11778,9 @@ "version": "1.0.0-beta.30" }, "@iota/sdk-wasm": { - "version": "1.1.1", + "version": "1.1.3", + "resolved": "https://registry.npmjs.org/@iota/sdk-wasm/-/sdk-wasm-1.1.3.tgz", + "integrity": "sha512-piyl0B6gcoo7mbmX3QUCyEYtqk6UoCS2cqBYiV7FFz3fmT2DPcQJmcaDvW0nmNh5BbRR9MhPkp3MEerPm6mezA==", "peer": true, "requires": { "class-transformer": "^0.5.1", @@ -11774,22 +11792,10 @@ "text-encoding": "^0.7.0" }, "dependencies": { - "lru-cache": { - "version": "6.0.0", - "peer": true, - "requires": { - "yallist": "^4.0.0" - } - }, "semver": { - "version": "7.5.4", - "peer": true, - "requires": { - "lru-cache": "^6.0.0" - } - }, - "yallist": { - "version": "4.0.0", + "version": "7.6.3", + "resolved": "https://registry.npmjs.org/semver/-/semver-7.6.3.tgz", + "integrity": "sha512-oVekP1cKtI+CTDvHWYFUcMtsK/00wmAEfyqKfNdARm8u1wNVhSgaX7A8d4UuIlUI5e84iEwOhs7ZPYRmzU9U6A==", "peer": true } } @@ -11988,11 +11994,24 @@ "@jridgewell/sourcemap-codec": "^1.4.14" } }, + "@noble/curves": { + "version": "1.5.0", + "resolved": "https://registry.npmjs.org/@noble/curves/-/curves-1.5.0.tgz", + "integrity": "sha512-J5EKamIHnKPyClwVrzmaf5wSdQXgdHcPZIZLu3bwnbeCx8/7NPK5q2ZBWF+5FvYGByjiQQsJYX6jfgB2wDPn3A==", + "requires": { + "@noble/hashes": "1.4.0" + } + }, "@noble/ed25519": { "version": "1.7.3", "resolved": "https://registry.npmjs.org/@noble/ed25519/-/ed25519-1.7.3.tgz", "integrity": "sha512-iR8GBkDt0Q3GyaVcIu7mSsVIqnFbkbRzGLWlvhwunacoLwt4J3swfKhfaM6rN6WY+TBGoYT1GtT1mIh2/jGbRQ==" }, + "@noble/hashes": { + "version": "1.4.0", + "resolved": "https://registry.npmjs.org/@noble/hashes/-/hashes-1.4.0.tgz", + "integrity": "sha512-V1JJ1WTRUqHHrOSh597hURcMqVKVGL/ea3kv0gSnEdsEZ0/+VyPghM1lMNGc00z7CIQorSvbKpuJkxvuHbvdbg==" + }, "@nodelib/fs.scandir": { "version": "2.1.5", "dev": true, @@ -12282,9 +12301,9 @@ "integrity": "sha512-ZUGPWx5vKfN+G2/yN7pcSNLkIkXEvlwNaJEd4e0ppX7W2S8XAkdc/37hM4OUNJB9sa0p12AOvGvxL4JCPiz9DA==" }, "@types/node-fetch": { - "version": "2.6.9", - "resolved": "https://registry.npmjs.org/@types/node-fetch/-/node-fetch-2.6.9.tgz", - "integrity": "sha512-bQVlnMLFJ2d35DkPNjEPmd9ueO/rh5EiaZt2bhqiSarPjZIuIV6bPQVqcrEyvNo+AfTrRGVazle1tl597w3gfA==", + "version": "2.6.11", + "resolved": "https://registry.npmjs.org/@types/node-fetch/-/node-fetch-2.6.11.tgz", + "integrity": "sha512-24xFj9R5+rfQJLRyM56qh+wnVSYhyXC2tkoBndtY0U+vubqNsYXGjufB2nn8Q6gt0LrARwL6UBtMCSVCwl4B1g==", "requires": { "@types/node": "*", "form-data": "^4.0.0" @@ -12919,6 +12938,11 @@ "version": "1.0.2", "dev": true }, + "base64-arraybuffer": { + "version": "1.0.2", + "resolved": "https://registry.npmjs.org/base64-arraybuffer/-/base64-arraybuffer-1.0.2.tgz", + "integrity": "sha512-I3yl4r9QB5ZRY3XuJVEPfc2XhZO6YweFPI+UovAzn+8/hb3oJ6lnysaFcjVpkCPfVWFUDvoZ8kmVDP7WyRtYtQ==" + }, "base64-js": { "version": "1.5.1", "dev": true diff --git a/client/package.json b/client/package.json index 5d8c0e1f7..bdbf76e38 100644 --- a/client/package.json +++ b/client/package.json @@ -24,13 +24,14 @@ "@fontsource/ibm-plex-mono": "^4.5.12", "@fontsource/material-icons": "^4.5.4", "@iota/crypto.js": "^1.8.6", - "@iota/identity-wasm": "^1.0.0", + "@iota/identity-wasm": "^1.3.1", "@iota/iota.js": "^1.8.6", "@iota/mam-legacy": "github:iotaledger/mam.js#fddc95f60539b9a31a4db1b5b56e0dedb8994883", "@iota/mam.js": "^1.6.2", - "@iota/sdk-wasm-stardust": "npm:@iota/sdk-wasm@1.1.1", "@iota/sdk-wasm-nova": "npm:@iota/sdk-wasm@^2.0.0-beta.1", + "@iota/sdk-wasm-stardust": "npm:@iota/sdk-wasm@1.1.1", "@iota/util.js": "^1.8.6", + "@noble/curves": "^1.5.0", "classnames": "^2.3.1", "d3-array": "^3.2.1", "d3-axis": "^3.0.0", diff --git a/client/src/app/components/identity/DIDResolver.tsx b/client/src/app/components/identity/DIDResolver.tsx index b170bd8f2..a389d5053 100644 --- a/client/src/app/components/identity/DIDResolver.tsx +++ b/client/src/app/components/identity/DIDResolver.tsx @@ -1,11 +1,14 @@ import * as identity from "@iota/identity-wasm/web"; import { DomainLinkageConfiguration, + // eslint-disable-next-line @typescript-eslint/no-unused-vars EdDSAJwsVerifier, JwtCredentialValidationOptions, JwtDomainLinkageValidator, LinkedDomainService, + IJwsVerifier, } from "@iota/identity-wasm/web"; +import { p256 } from "@noble/curves/p256"; import React, { Fragment, useEffect, useState } from "react"; import DIDDomainResolver from "./domains/DIDDomainResolver"; import { DIDResolverProps } from "./DIDResolverProps"; @@ -146,6 +149,15 @@ const IdentityStardustResolver: React.FC = ({ resolvedDID, net // } export default IdentityStardustResolver; +class EcDSAVerifier implements IJwsVerifier { + constructor() {} + verify(alg: identity.JwsAlgorithm, signingInput: Uint8Array, decodedSignature: Uint8Array, publicKey: identity.Jwk) { + // eslint-disable-next-line no-console + console.log(publicKey); + p256.verify(decodedSignature, signingInput, new Uint8Array()); + } +} + async function constructVerifiedDomains(resolvedDID: IDIDResolverResponse): Promise>> { const newVerifiedDomains = new Map>(); const origin = window?.location?.origin ?? ""; @@ -178,7 +190,7 @@ async function constructVerifiedDomains(resolvedDID: IDIDResolverResponse): Prom parsedConfigurationResource = DomainLinkageConfiguration.fromJSON(jsonResponse); try { - new JwtDomainLinkageValidator(new EdDSAJwsVerifier()).validateLinkage( + new JwtDomainLinkageValidator(new EcDSAVerifier()).validateLinkage( didDocument, parsedConfigurationResource, domain,