Skip to content

Commit

Permalink
feat: support hash param on CIP-30.
Browse files Browse the repository at this point in the history
  • Loading branch information
@matiwinnetou
matiwinnetou committed Oct 2, 2024
1 parent bd3dbec commit 8ef07a8
Show file tree
Hide file tree
Showing 3 changed files with 95 additions and 13 deletions.
62 changes: 50 additions & 12 deletions cip/cip30/src/main/java/com/bloxbean/cardano/client/cip/cip30/CIP30DataSigner.java
View file
Original file line number Diff line number Diff line change
@@ -1,6 +1,7 @@
package com.bloxbean.cardano.client.cip.cip30;

import co.nstant.in.cbor.model.ByteString;
import co.nstant.in.cbor.model.SimpleValue;
import co.nstant.in.cbor.model.UnsignedInteger;
import com.bloxbean.cardano.client.account.Account;
import com.bloxbean.cardano.client.address.Address;
Expand All @@ -20,14 +21,14 @@ public enum CIP30DataSigner {
INSTANCE();

CIP30DataSigner() {

}

/**
* Sign and create DataSignature in CIP30's signData() format
*
* @param addressBytes Address bytes
* @param payload payload bytes to sign
* @param signer signing account
* @param payload payload bytes to sign
* @param signer signing account
* @return DataSignature
* @throws DataSignError
*/
Expand All @@ -36,7 +37,38 @@ public DataSignature signData(@NonNull byte[] addressBytes, @NonNull byte[] payl
byte[] pvtKey = signer.privateKeyBytes();
byte[] pubKey = signer.publicKeyBytes();

return signData(addressBytes, payload, pvtKey, pubKey);
return signData(addressBytes, payload, pvtKey, pubKey, false);
}

/**
* Sign and create DataSignature in CIP30's signData() format
*
* @param addressBytes Address bytes
* @param payload payload bytes to sign
* @param signer signing account
* @return DataSignature
* @throws DataSignError
*/
public DataSignature signData(@NonNull byte[] addressBytes, @NonNull byte[] payload, @NonNull Account signer, boolean hashPayload)
throws DataSignError {
byte[] pvtKey = signer.privateKeyBytes();
byte[] pubKey = signer.publicKeyBytes();

return signData(addressBytes, payload, pvtKey, pubKey, hashPayload);
}

/**
* Sign and create DataSignature in CIP30's signData() format
*
* @param addressBytes Address bytes
* @param payload payload bytes to sign
* @param pvtKey private key bytes
* @param pubKey public key bytes to add
* @return DataSignature
* @throws DataSignError
*/
public DataSignature signData(@NonNull byte[] addressBytes, @NonNull byte[] payload, @NonNull byte[] pvtKey, @NonNull byte[] pubKey) throws DataSignError {
return signData(addressBytes, payload, pvtKey, pubKey, false);
}

/**
Expand All @@ -45,27 +77,32 @@ public DataSignature signData(@NonNull byte[] addressBytes, @NonNull byte[] payl
* @param payload payload bytes to sign
* @param pvtKey private key bytes
* @param pubKey public key bytes to add
* @param hashPayload hash the payload before signing
* @return DataSignature
* @throws DataSignError
*/
public DataSignature signData(@NonNull byte[] addressBytes, @NonNull byte[] payload, @NonNull byte[] pvtKey, @NonNull byte[] pubKey)
public DataSignature signData(@NonNull byte[] addressBytes, @NonNull byte[] payload, @NonNull byte[] pvtKey, @NonNull byte[] pubKey, boolean hashPayload)
throws DataSignError {
try {
HeaderMap protectedHeaderMap = new HeaderMap()
.algorithmId(ALG_EdDSA) //EdDSA
.keyId(addressBytes)
.addOtherHeader(ADDRESS_KEY, new ByteString(addressBytes));

HeaderMap unprotectedHeaderMap = new HeaderMap();
if (hashPayload) {
unprotectedHeaderMap = unprotectedHeaderMap.addOtherHeader("hashed", SimpleValue.TRUE);
}

Headers headers = new Headers()
._protected(new ProtectedHeaderMap(protectedHeaderMap))
.unprotected(new HeaderMap());
.unprotected(unprotectedHeaderMap);

COSESign1Builder coseSign1Builder = new COSESign1Builder(headers, payload, false);
COSESign1Builder coseSign1Builder = new COSESign1Builder(headers, payload, false, hashPayload);

SigStructure sigStructure = coseSign1Builder.makeDataToSign();

byte[] signature;

if (pvtKey.length >= 64) { //64 bytes expanded pvt key
signature = Configuration.INSTANCE.getSigningProvider().signExtended(sigStructure.serializeAsBytes(), pvtKey);
} else { //32 bytes pvt key
Expand All @@ -74,16 +111,17 @@ public DataSignature signData(@NonNull byte[] addressBytes, @NonNull byte[] payl

COSESign1 coseSign1 = coseSign1Builder.build(signature);

//COSEKey
COSEKey coseKey = new COSEKey()
.keyType(OKP) //OKP
.keyId(addressBytes)
.algorithmId(ALG_EdDSA) //EdDSA
.addOtherHeader(CRV_KEY, new UnsignedInteger(CRV_Ed25519)) //crv Ed25519
.addOtherHeader(X_KEY, new ByteString(pubKey)); //x pub key used to sign sig_structure

return new DataSignature(HexUtil.encodeHexString(coseSign1.serializeAsBytes()),
HexUtil.encodeHexString(coseKey.serializeAsBytes()));
String sig = HexUtil.encodeHexString(coseSign1.serializeAsBytes());
String key = HexUtil.encodeHexString(coseKey.serializeAsBytes());

return new DataSignature(sig, key);
} catch (Exception e) {
throw new DataSignError("Error signing data", e);
}
Expand All @@ -106,7 +144,7 @@ public boolean verify(@NonNull DataSignature dataSignature) {
.verify(signature, sigStructure.serializeAsBytes(), pubKey);

//Verify address
byte[] addressBytes = coseSign1.headers()._protected().getAsHeaderMap().otherHeaderAsBytes(ADDRESS_KEY);
byte[] addressBytes = coseSign1.headers()._protected().getAsHeaderMap().otherHeaderAsBytes(ADDRESS_KEY);
Address address = new Address(addressBytes);
boolean addressVerified = AddressProvider.verifyAddress(address, pubKey);

Expand Down
36 changes: 36 additions & 0 deletions cip/cip30/src/test/java/com/bloxbean/cardano/client/cip/cip30/CIP30DataSignerTest.java
View file
Original file line number Diff line number Diff line change
Expand Up @@ -12,7 +12,9 @@
import static org.assertj.core.api.Assertions.assertThat;

class CIP30DataSignerTest {

String mnemonic = "nice orient enjoy teach jump office alert inquiry apart unaware seat tumble unveil device have bullet morning eyebrow time image embody divide version uniform";

Account account = new Account(Networks.testnet(), mnemonic);

@Test
Expand Down Expand Up @@ -68,5 +70,39 @@ void verifyNamiSignature_invalidKey() {
assertThat(verified).isFalse();
}

@Test
void verifyHashedLedgerHardwareWallet() {
DataSignature dataSignature = new DataSignature()
.signature("84582aa201276761646472657373581de103d205532089ad2f7816892e2ef42849b7b52788e41b3fd43a6e01cfa166686173686564f5581c1c1afc33a1ed48205eadcbbda2fc8e61442af2e04673616f21b7d0385840954858f672e9ca51975655452d79a8f106011e9535a2ebfb909f7bbcce5d10d246ae62df2da3a7790edd8f93723cbdfdffc5341d08135b1a40e7a998e8b2ed06")
.key("a4010103272006215820c13745be35c2dfc3fa9523140030dda5b5346634e405662b1aae5c61389c55b3");

boolean verified = CIP30DataSigner.INSTANCE.verify(dataSignature);

assertThat(verified).isTrue();
}

@Test
void verifySignDataHashedPayload() throws DataSignError {
DataSignature dataSignature = new DataSignature()
.signature("845846a2012767616464726573735839003175d03902583e82037438cc86732f6e539f803f9a8b2d4ee164b9d0c77e617030631811f60a1f8a8be26d65a57ff71825b336cc6b76361da166686173686564f44b48656c6c6f20576f726c64584036c2151e1230364b0bf9e40cb65dbdca4c5decf4187e3c5511945d410ea59a1e733b5e68178c234979053ed75b0226ba826fb951c5a79fabf10bddcabda8dc05")
.key("a4010103272006215820a5f73966e73d0bb9eadc75c5857eafd054a0202d716ac6dde00303ee9c0019e3");

boolean verified = CIP30DataSigner.INSTANCE.verify(dataSignature);
assertThat(verified).isTrue();
}

@Test
void signDataHashedPayload() throws DataSignError {
byte[] payload = "Hello World".getBytes();

Address address = new Address(account.baseAddress());
DataSignature dataSignature = CIP30DataSigner.INSTANCE.signData(address.getBytes(), payload, account, true);

assertThat(dataSignature).isNotNull();
assertThat(dataSignature.signature()).isEqualTo("845882a3012704583900327d065c4c135860b9ac6a758c9ef032100a724865998a6b1b8219f3d11c3061dfc0c16e14f5b6779fef214eab7aaa3dffdc5e30c1272f0e6761646472657373583900327d065c4c135860b9ac6a758c9ef032100a724865998a6b1b8219f3d11c3061dfc0c16e14f5b6779fef214eab7aaa3dffdc5e30c1272f0ea166686173686564f5581c19790463ef4ad09bdb724e3a6550c640593d4870f6e192ac8147f35d58401c86c80f72a0703231b8e4ff08a35c99366e3119bf57cffd085be5fc0f45eebdd91f123f0d078e0da091fa453bd6c752b24292a5fcef60d8e35156187adadb0d");
assertThat(dataSignature.key()).isEqualTo("a5010102583900327d065c4c135860b9ac6a758c9ef032100a724865998a6b1b8219f3d11c3061dfc0c16e14f5b6779fef214eab7aaa3dffdc5e30c1272f0e03272006215820097c8507b71063f99e38147f09eacf76f25576a2ddfac2f40da8feee8dab2d5d");
assertThat(HexUtil.encodeHexString(dataSignature.address())).isEqualTo("00327d065c4c135860b9ac6a758c9ef032100a724865998a6b1b8219f3d11c3061dfc0c16e14f5b6779fef214eab7aaa3dffdc5e30c1272f0e");
}

}

10 changes: 9 additions & 1 deletion cip/cip8/src/main/java/com/bloxbean/cardano/client/cip/cip8/builder/COSESign1Builder.java
View file
Original file line number Diff line number Diff line change
Expand Up @@ -24,6 +24,13 @@ public COSESign1Builder(Headers headers, byte[] payload, boolean isPayloadExtern
this.isPayloadExternal = isPayloadExternal;
}

public COSESign1Builder(Headers headers, byte[] payload, boolean isPayloadExternal, boolean isHashed) {
this.headers = headers;
this.payload = payload;
this.isPayloadExternal = isPayloadExternal;
this.hashed = isHashed;
}

public SigStructure makeDataToSign() {
Headers headersCopy = headers.copy();

Expand All @@ -41,8 +48,9 @@ public COSESign1 build(byte[] signedSigStructure) {
byte[] finalPayload;
if (hashed) { //blake2b224 hash
finalPayload = Blake2bUtil.blake2bHash224(payload);
} else
} else {
finalPayload = payload.clone();
}

return new COSESign1()
.headers(allHeader)
Expand Down

0 comments on commit 8ef07a8

Please sign in to comment.