FediMovies/fedimovies
1
1
Fork 0
Code Issues 3 Pull requests Projects Releases Packages Activity

Add canonicalize_object function

Browse source
This commit is contained in:
silverpill 2022-10-31 20:12:19 +00:00
parent 8c1d871d9e
commit 67eb654203
4 changed files with 25 additions and 8 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

13
src/json_signatures/canonicalization.rs Normal file
View file

@ -0,0 +1,13 @@
use serde::Serialize;
#[derive(thiserror::Error, Debug)]
#[error("canonicalization error")]
pub struct CanonicalizationError(#[from] serde_json::Error);
/// JCS: https://www.rfc-editor.org/rfc/rfc8785
pub fn canonicalize_object(
object: &impl Serialize,
) -> Result<String, CanonicalizationError> {
let object_str = serde_jcs::to_string(object)?;
Ok(object_str)
}

9
src/json_signatures/create.rs
View file

@ -4,6 +4,7 @@ use serde::{Deserialize, Serialize};
use serde_json::Value; use serde_json::Value;
use crate::utils::crypto::sign_message; use crate::utils::crypto::sign_message;
use super::canonicalization::{canonicalize_object, CanonicalizationError};
/// Data Integrity Proof /// Data Integrity Proof
/// https://w3c.github.io/vc-data-integrity/ /// https://w3c.github.io/vc-data-integrity/
@ -31,6 +32,9 @@ pub enum JsonSignatureError {
#[error(transparent)] #[error(transparent)]
JsonError(#[from] serde_json::Error), JsonError(#[from] serde_json::Error),
#[error(transparent)]
CanonicalizationError(#[from] CanonicalizationError),
#[error("signing error")] #[error("signing error")]
SigningError(#[from] rsa::errors::Error), SigningError(#[from] rsa::errors::Error),
@ -44,10 +48,9 @@ pub fn sign_object(
signer_key_id: &str, signer_key_id: &str,
) -> Result<Value, JsonSignatureError> { ) -> Result<Value, JsonSignatureError> {
// Canonicalize // Canonicalize
// JCS: https://www.rfc-editor.org/rfc/rfc8785 let message = canonicalize_object(object)?;
let object_str = serde_jcs::to_string(object)?;
// Sign // Sign
let signature_b64 = sign_message(signer_key, &object_str)?; let signature_b64 = sign_message(signer_key, &message)?;
// Insert proof // Insert proof
let proof = Proof { let proof = Proof {
proof_type: PROOF_TYPE.to_string(), proof_type: PROOF_TYPE.to_string(),

1
src/json_signatures/mod.rs
View file

@ -1,2 +1,3 @@
mod canonicalization;
pub mod create; pub mod create;
pub mod verify; pub mod verify;

10
src/json_signatures/verify.rs
View file

@ -2,6 +2,7 @@ use rsa::RsaPublicKey;
use serde_json::Value; use serde_json::Value;
use crate::utils::crypto::verify_signature; use crate::utils::crypto::verify_signature;
use super::canonicalization::{canonicalize_object, CanonicalizationError};
use super::create::{Proof, PROOF_TYPE, PROOF_PURPOSE}; use super::create::{Proof, PROOF_TYPE, PROOF_PURPOSE};
pub struct SignatureData { pub struct SignatureData {
@ -21,8 +22,8 @@ pub enum JsonSignatureVerificationError {
#[error("{0}")] #[error("{0}")]
InvalidProof(&'static str), InvalidProof(&'static str),
#[error("canonicalization error")] #[error(transparent)]
CanonicalizationError, CanonicalizationError(#[from] CanonicalizationError),
#[error("invalid encoding")] #[error("invalid encoding")]
InvalidEncoding(#[from] base64::DecodeError), InvalidEncoding(#[from] base64::DecodeError),
@ -48,11 +49,10 @@ pub fn get_json_signature(
{ {
return Err(VerificationError::InvalidProof("invalid proof")); return Err(VerificationError::InvalidProof("invalid proof"));
}; };
let canon = serde_jcs::to_string(&object) let message = canonicalize_object(&object)?;
.map_err(|_| VerificationError::CanonicalizationError)?;
let signature_data = SignatureData { let signature_data = SignatureData {
key_id: proof.verification_method, key_id: proof.verification_method,
message: canon, message: message,
signature: proof.proof_value, signature: proof.proof_value,
}; };
Ok(signature_data) Ok(signature_data)