Skip to content

Commit

Permalink
Merge pull request #8 from ryosuke-wakaba/bugfix/include-jwt-vc-in-jw…
Browse files Browse the repository at this point in the history 
…t-vp

Include credentials in `jwt_vc_json` format within `jwt_vp_json` VP i…
  • Loading branch information
@sadamu
sadamu authored Jun 6, 2024
2 parents 92274e1 + e0484b6 commit 6e4642c
Show file tree
Hide file tree
Showing 11 changed files with 352 additions and 115 deletions.
51 changes: 51 additions & 0 deletions app/src/androidTest/java/com/ownd_project/tw2023_wallet_android/JwtVpJsonGeneratorTest.kt
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,51 @@
package com.ownd_project.tw2023_wallet_android

import androidx.test.ext.junit.runners.AndroidJUnit4
import com.fasterxml.jackson.module.kotlin.jacksonObjectMapper
import com.ownd_project.tw2023_wallet_android.oid.HeaderOptions
import com.ownd_project.tw2023_wallet_android.oid.JwtVpJsonPayloadOptions
import com.ownd_project.tw2023_wallet_android.ui.shared.JwtVpJsonGeneratorImpl
import com.ownd_project.tw2023_wallet_android.utils.KeyPairUtil
import junit.framework.TestCase
import org.junit.Assert.assertEquals
import org.junit.Before
import org.junit.Test
import org.junit.runner.RunWith

@RunWith(AndroidJUnit4::class)
class JwtVpJsonGeneratorTest {

private lateinit var jwtVpJsonGenerator: JwtVpJsonGeneratorImpl
private val keyAlias = "testKeyAlias"

@Before
fun setUp() {
jwtVpJsonGenerator = JwtVpJsonGeneratorImpl(keyAlias)
if (!KeyPairUtil.isKeyPairExist(keyAlias)) {
KeyPairUtil.generateSignVerifyKeyPair(keyAlias)
}
}

@Test
fun testGenerateJwt() {
val vcJwt = "testVcJwt"
val headerOptions = HeaderOptions()
val payloadOptions = JwtVpJsonPayloadOptions(
iss = "issuer",
jti = "testJti",
aud = "testAud",
nonce = "testNonce"
)

val vpToken = jwtVpJsonGenerator.generateJwt(vcJwt, headerOptions, payloadOptions)

assert(!vpToken.isEmpty())

val decodedJwt = KeyPairUtil.decodeJwt(vpToken)
val header = decodedJwt.first

val jwk = header.get("jwk") as Map<String, String>
val result = KeyPairUtil.verifyJwt(jwk, vpToken)
TestCase.assertTrue(result)
}
}
140 changes: 32 additions & 108 deletions app/src/main/java/com/ownd_project/tw2023_wallet_android/oid/OpenIdProvider.kt
View file
Original file line number Diff line number Diff line change
Expand Up @@ -14,32 +14,21 @@ import com.fasterxml.jackson.databind.PropertyNamingStrategies
import com.fasterxml.jackson.databind.module.SimpleModule
import com.fasterxml.jackson.module.kotlin.convertValue
import com.fasterxml.jackson.module.kotlin.jacksonObjectMapper
import com.ownd_project.tw2023_wallet_android.signature.toBase64Url
import com.ownd_project.tw2023_wallet_android.utils.SigningOption
import com.ownd_project.tw2023_wallet_android.utils.KeyUtil
import okhttp3.FormBody
import okhttp3.OkHttpClient
import okhttp3.Request
import org.bouncycastle.jce.spec.ECNamedCurveSpec
import java.math.BigInteger
import java.net.URI
import java.net.URLEncoder
import java.security.KeyPair
import java.security.PublicKey
import java.security.interfaces.ECPublicKey
import java.security.interfaces.RSAPublicKey
import java.security.spec.ECParameterSpec
import java.security.spec.ECPoint
import java.util.Base64
import java.util.UUID

data class ProviderOption(
val expiresIn: Int = 600,
val signingAlgo: String = "ES256K",
val signingCurve: String = "P-256",
)

class OpenIdProvider(val uri: String, val option: ProviderOption = ProviderOption()) {
class OpenIdProvider(val uri: String, val option: SigningOption = SigningOption(signingAlgo = "ES256K")) {
private lateinit var keyPair: KeyPair
private lateinit var keyBinding: KeyBinding
private lateinit var jwtVpJsonGenerator: JwtVpJsonGenerator
private lateinit var siopRequest: ProcessSIOPRequestResult

companion object {
Expand Down Expand Up @@ -107,6 +96,9 @@ class OpenIdProvider(val uri: String, val option: ProviderOption = ProviderOptio
fun setKeyBinding(keyBinding: KeyBinding) {
this.keyBinding = keyBinding
}
fun setJwtVpJsonGenerator(jwtVpJsonGenerator: JwtVpJsonGenerator) {
this.jwtVpJsonGenerator = jwtVpJsonGenerator
}

fun getSiopRequest(): ProcessSIOPRequestResult {
return this.siopRequest
Expand All @@ -131,14 +123,23 @@ class OpenIdProvider(val uri: String, val option: ProviderOption = ProviderOptio
}
registerModule(module)
}
val decodedJwt = com.auth0.jwt.JWT.decode(requestObjectJwt)
val payloadJson = String(Base64.getUrlDecoder().decode(decodedJwt.payload))
val payload = objectMapper.readValue(payloadJson, RequestObjectPayloadImpl::class.java)

val clientScheme = payload.clientIdScheme?: authorizationRequestPayload.clientIdScheme

return if (requestIsSigned) {
val jwksUrl =
registrationMetadata.jwksUri ?: throw IllegalStateException("JWKS URLが見つかりません。")
val jwtValidationResult =
if (clientScheme == "x509_san_dns") {
JWT.verifyJwtX509SanDns(requestObjectJwt)
} else {
val jwksUrl = registrationMetadata.jwksUri ?: throw IllegalStateException("JWKS URLが見つかりません。")
JWT.verifyJwtWithJwks(requestObjectJwt, jwksUrl)
}

val result = try {
// JWTを検証
val jwtValidationResult = JWT.verifyJwtWithJwks(requestObjectJwt, jwksUrl)
val payloadJson = String(Base64.getUrlDecoder().decode(jwtValidationResult.payload))
val payload = objectMapper.readValue(payloadJson, RequestObjectPayloadImpl::class.java)

Expand Down Expand Up @@ -204,7 +205,7 @@ class OpenIdProvider(val uri: String, val option: ProviderOption = ProviderOptio
val nonce = authRequest.nonce
val SEC_IN_MS = 1000

val subJwk = generatePublicKeyJwk(keyPair, option)
val subJwk = KeyUtil.keyPairToPublicJwk(keyPair, option)
// todo: support rsa key
val jwk = object : ECPublicJwk {
override val kty = subJwk["kty"]!!
Expand All @@ -221,7 +222,7 @@ class OpenIdProvider(val uri: String, val option: ProviderOption = ProviderOptio
iss = sub,
aud = Audience.Single(authRequest.clientId!!),
iat = (System.currentTimeMillis() / SEC_IN_MS).toLong(),
exp = (System.currentTimeMillis() / SEC_IN_MS + option.expiresIn).toLong(),
exp = (System.currentTimeMillis() / SEC_IN_MS + 600).toLong(),
sub = sub,
nonce = nonce as? String,
subJwk = subJwk,
Expand Down Expand Up @@ -399,104 +400,27 @@ class OpenIdProvider(val uri: String, val option: ProviderOption = ProviderOptio
val disclosedClaims = payload.mapNotNull { (key, _) ->
DisclosedClaim(id = credential.id, types = credential.types, name = key)
}
val pathNested = Path(format = credential.format, path = "$")
val dm = DescriptorMap(
id = credential.inputDescriptor.id,
format = credential.format,
path = "$",
pathNested = pathNested
val vpToken = this.jwtVpJsonGenerator.generateJwt(
credential.credential,
HeaderOptions(),
JwtVpJsonPayloadOptions(
aud = authRequest.clientId!!,
nonce = authRequest.nonce!!
)
)
// todo check credential is matched condition specified by input_descriptor

return Triple(
first = credential.credential,
second = dm,
first = vpToken,
second = JwtVpJsonPresentation.genDescriptorMap(presentationDefinition.inputDescriptors[0].id),
third = disclosedClaims
)

} catch (error: Exception) {
throw error
}
}
}

fun generatePublicKeyJwk(keyPair: KeyPair, option: ProviderOption): Map<String, String> {
val publicKey: PublicKey = keyPair.public

return when (publicKey) {
is RSAPublicKey -> generateRsaPublicKeyJwk(publicKey)
is ECPublicKey -> generateEcPublicKeyJwk(publicKey, option)
else -> throw IllegalArgumentException("Unsupported Key Type: ${publicKey::class.java.name}")
}
}

fun correctBytes(value: BigInteger): ByteArray {
/*
BigInteger の toByteArray() メソッドは、数値をバイト配列に変換しますが、
この数値が正の場合、最上位バイトが符号ビットとして解釈されることを避けるために、追加のゼロバイトが先頭に挿入されることがあります。
これは、数値が正で、最上位バイトが 0x80 以上の場合(つまり、最上位ビットが 1 の場合)に起こります。
その結果、期待していた 32 バイトではなく 33 バイトの配列が得られることがあります。
期待する 32 バイトの配列を得るには、返されたバイト配列から余分なゼロバイトを取り除くか、
または正確なバイト長を指定して配列を生成する必要があります。
*/
val bytes = value.toByteArray()
return if (bytes.size == 33 && bytes[0] == 0.toByte()) bytes.copyOfRange(
1,
bytes.size
) else bytes
}

fun generateEcPublicKeyJwk(ecPublicKey: ECPublicKey, option: ProviderOption): Map<String, String> {
val ecPoint: ECPoint = ecPublicKey.w
val x = correctBytes(ecPoint.affineX).toBase64Url()
val y = correctBytes(ecPoint.affineY).toBase64Url()

// return """{"kty":"EC","crv":"P-256","x":"$x","y":"$y"}""" // crvは適宜変更してください
return mapOf(
"kty" to "EC",
"crv" to option.signingCurve,
"x" to x,
"y" to y
)
}

fun generateRsaPublicKeyJwk(rsaPublicKey: RSAPublicKey): Map<String, String> {
val n = Base64.getUrlEncoder().encodeToString(rsaPublicKey.modulus.toByteArray())
val e = Base64.getUrlEncoder().encodeToString(rsaPublicKey.publicExponent.toByteArray())

// return """{"kty":"RSA","n":"$n","e":"$e"}"""
return mapOf(
"kty" to "RSA",
"n" to n,
"e" to e
)
}

fun getCurveName(ecPublicKey: ECPublicKey): String {
val params = ecPublicKey.params

return when (params) {
is ECNamedCurveSpec -> {
// Bouncy Castle の ECNamedCurveSpec の場合
params.name
}

is ECParameterSpec -> {
val curve = params.curve
// 標準の Java ECParameterSpec の場合
// ここでは、標準の Java API では曲線名を直接取得できないため、
// 曲線のオーダーのビット長などに基づいて推定する方法を採用する
when (params.order.bitLength()) {
256 -> "P-256"
384 -> "P-384"
521 -> "P-521"
else -> "不明なカーブ"
}
}

else -> "サポートされていないパラメータタイプ"
}
}

fun mergeOAuth2AndOpenIdInRequestPayload(
payload: AuthorizationRequestPayload,
requestObject: RequestObjectPayload? = null
Expand Down
108 changes: 108 additions & 0 deletions app/src/main/java/com/ownd_project/tw2023_wallet_android/oid/Presentation.kt
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,108 @@
package com.ownd_project.tw2023_wallet_android.oid

import com.fasterxml.jackson.annotation.JsonInclude

@JsonInclude(JsonInclude.Include.NON_NULL)
data class VpJwtPayload(
val iss: String?,
val jti: String?,
val aud: String?,
val nbf: Long?,
val iat: Long?,
val exp: Long?,
val nonce: String?,
val vp: Map<String, Any>
)
// https://www.rfc-editor.org/rfc/rfc7515.html
data class HeaderOptions(
val alg: String = "ES256",
val typ: String = "JWT",
val jwk: String? = null
)

data class JwtVpJsonPayloadOptions(
val iss: String? = null,
val jti: String? = null,
val aud: String,
val nbf: Long? = null,
val iat: Long? = null,
val exp: Long? = null,
val nonce: String
)

object JwtVpJsonPresentation {
fun genDescriptorMap(
inputDescriptorId: String,
pathIndex: Int? = -1,
pathNestedIndex: Int? = 0
): DescriptorMap {

/*
a non-normative example of the content of the presentation_submission parameter:
```
{
"definition_id": "example_jwt_vc",
"id": "example_jwt_vc_presentation_submission",
"descriptor_map": [
{
"id": "id_credential",
"path": "$",
"format": "jwt_vp_json",
"path_nested": {
"path": "$.vp.verifiableCredential[0]",
"format": "jwt_vc_json"
}
}
]
}
```
*/
return DescriptorMap(
id = inputDescriptorId,
path = if (pathIndex == -1) "$" else "$[${pathIndex}]",
format = "jwt_vp_json",
pathNested = Path(
format = "jwt_vc_json",
path = "$.vp.verifiableCredential[${pathNestedIndex}]"
)
)
}
}

// https://openid.net/specs/openid-4-verifiable-presentations-1_0-20.html#name-presentation-response
interface JwtVpJsonGenerator {
/*
a non-normative example of the payload of the Verifiable Presentation in the vp_token parameter
```
{
"iss": "did:example:ebfeb1f712ebc6f1c276e12ec21",
"jti": "urn:uuid:3978344f-8596-4c3a-a978-8fcaba3903c5",
"aud": "https://client.example.org/cb",
"nbf": 1541493724,
"iat": 1541493724,
"exp": 1573029723,
"nonce": "n-0S6_WzA2Mj",
"vp": {
"@context": [
"https://www.w3.org/2018/credentials/v1"
],
"type": [
"VerifiablePresentation"
],
"verifiableCredential": [
"eyJhb...ssw5c"
]
}
}
```
Note: The VP's nonce claim contains the value of the nonce of the presentation request and the aud claim contains the Client Identifier of the Verifier.
This allows the Verifier to detect replay of a Presentation as recommended in Section 12.1.
*/
fun generateJwt(
vcJwt: String,
headerOptions: HeaderOptions,
payloadOptions: JwtVpJsonPayloadOptions
): String

fun getJwk(): Map<String, String>
}
11 changes: 8 additions & 3 deletions app/src/main/java/com/ownd_project/tw2023_wallet_android/oid/URL.kt
View file
Original file line number Diff line number Diff line change
@@ -1,6 +1,9 @@
package com.ownd_project.tw2023_wallet_android.oid

import com.auth0.jwt.JWT
import com.fasterxml.jackson.databind.DeserializationFeature
import com.fasterxml.jackson.databind.ObjectMapper
import com.fasterxml.jackson.databind.PropertyNamingStrategies
import com.fasterxml.jackson.module.kotlin.jacksonObjectMapper
import com.fasterxml.jackson.module.kotlin.readValue
import kotlinx.coroutines.Dispatchers
Expand Down Expand Up @@ -73,11 +76,13 @@ suspend fun parseAndResolve(uri: String): ParseAndResolveResult {
println("request jwt: $requestObjectJwt")

println("get client metadata")
val mapper = jacksonObjectMapper()
val decodedJwt = JWT.decode(requestObjectJwt)
val clientMetadata = decodedJwt.getClaim("client_metadata")?.let {
val json = mapper.writeValueAsString(it.asString())
mapper.readValue<RPRegistrationMetadataPayload>(json)
val mapper: ObjectMapper = jacksonObjectMapper().apply {
propertyNamingStrategy = PropertyNamingStrategies.SNAKE_CASE
configure(DeserializationFeature.READ_ENUMS_USING_TO_STRING, true)
}
if (!it.isMissing && !it.isNull) mapper.readValue<RPRegistrationMetadataPayload>(it.toString()) else null
}
println("client metadata: $clientMetadata")
val clientMetadataUri = decodedJwt.getClaim("client_metadata_uri").asString()?: authorizationRequestPayload.clientMetadataUri
Expand Down
Loading

0 comments on commit 6e4642c

Please sign in to comment.