Move signature suites to identity::signatures module
This commit is contained in:
parent
f4aebdfdb2
commit
db00ad1623
8 changed files with 36 additions and 35 deletions
|
@ -6,15 +6,13 @@ use crate::activitypub::vocabulary::{
|
||||||
PROPERTY_VALUE,
|
PROPERTY_VALUE,
|
||||||
};
|
};
|
||||||
use crate::errors::ValidationError;
|
use crate::errors::ValidationError;
|
||||||
use crate::ethereum::identity::{
|
use crate::ethereum::identity::verify_eip191_identity_proof;
|
||||||
ETHEREUM_EIP191_PROOF,
|
|
||||||
verify_eip191_identity_proof,
|
|
||||||
};
|
|
||||||
use crate::frontend::get_subscription_page_url;
|
use crate::frontend::get_subscription_page_url;
|
||||||
use crate::identity::{
|
use crate::identity::{
|
||||||
claims::create_identity_claim,
|
claims::create_identity_claim,
|
||||||
did::Did,
|
did::Did,
|
||||||
minisign::{verify_minisign_identity_proof, IDENTITY_PROOF_MINISIGN},
|
minisign::verify_minisign_identity_proof,
|
||||||
|
signatures::{PROOF_TYPE_ID_EIP191, PROOF_TYPE_ID_MINISIGN},
|
||||||
};
|
};
|
||||||
use crate::models::profiles::types::{
|
use crate::models::profiles::types::{
|
||||||
ExtraField,
|
ExtraField,
|
||||||
|
@ -54,7 +52,7 @@ pub fn parse_identity_proof(
|
||||||
.ok_or(ValidationError("missing signature"))?;
|
.ok_or(ValidationError("missing signature"))?;
|
||||||
match did {
|
match did {
|
||||||
Did::Key(ref did_key) => {
|
Did::Key(ref did_key) => {
|
||||||
if proof_type != IDENTITY_PROOF_MINISIGN {
|
if proof_type != PROOF_TYPE_ID_MINISIGN {
|
||||||
return Err(ValidationError("unknown proof type"));
|
return Err(ValidationError("unknown proof type"));
|
||||||
};
|
};
|
||||||
verify_minisign_identity_proof(
|
verify_minisign_identity_proof(
|
||||||
|
@ -64,7 +62,7 @@ pub fn parse_identity_proof(
|
||||||
).map_err(|_| ValidationError("invalid identity proof"))?;
|
).map_err(|_| ValidationError("invalid identity proof"))?;
|
||||||
},
|
},
|
||||||
Did::Pkh(ref did_pkh) => {
|
Did::Pkh(ref did_pkh) => {
|
||||||
if proof_type != ETHEREUM_EIP191_PROOF {
|
if proof_type != PROOF_TYPE_ID_EIP191 {
|
||||||
return Err(ValidationError("unknown proof type"));
|
return Err(ValidationError("unknown proof type"));
|
||||||
};
|
};
|
||||||
verify_eip191_identity_proof(
|
verify_eip191_identity_proof(
|
||||||
|
|
|
@ -3,9 +3,6 @@ use crate::identity::did_pkh::DidPkh;
|
||||||
use super::signatures::recover_address;
|
use super::signatures::recover_address;
|
||||||
use super::utils::address_to_string;
|
use super::utils::address_to_string;
|
||||||
|
|
||||||
// Version 00
|
|
||||||
pub const ETHEREUM_EIP191_PROOF: &str = "ethereum-eip191-00";
|
|
||||||
|
|
||||||
/// Verifies proof of address ownership
|
/// Verifies proof of address ownership
|
||||||
pub fn verify_eip191_identity_proof(
|
pub fn verify_eip191_identity_proof(
|
||||||
did: &DidPkh,
|
did: &DidPkh,
|
||||||
|
|
|
@ -9,8 +9,6 @@ use ed25519_dalek::{
|
||||||
|
|
||||||
use super::did_key::{DidKey, MulticodecError};
|
use super::did_key::{DidKey, MulticodecError};
|
||||||
|
|
||||||
pub const IDENTITY_PROOF_MINISIGN: &str = "MinisignSignatureDemo0";
|
|
||||||
|
|
||||||
const MINISIGN_SIGNATURE_CODE: [u8; 2] = *b"Ed";
|
const MINISIGN_SIGNATURE_CODE: [u8; 2] = *b"Ed";
|
||||||
const MINISIGN_SIGNATURE_HASHED_CODE: [u8; 2] = *b"ED";
|
const MINISIGN_SIGNATURE_HASHED_CODE: [u8; 2] = *b"ED";
|
||||||
|
|
||||||
|
|
|
@ -3,3 +3,4 @@ pub mod did;
|
||||||
pub mod did_key;
|
pub mod did_key;
|
||||||
pub mod did_pkh;
|
pub mod did_pkh;
|
||||||
pub mod minisign;
|
pub mod minisign;
|
||||||
|
pub mod signatures;
|
||||||
|
|
16
src/identity/signatures.rs
Normal file
16
src/identity/signatures.rs
Normal file
|
@ -0,0 +1,16 @@
|
||||||
|
/// Signature suites
|
||||||
|
|
||||||
|
// Identity proof, version 00
|
||||||
|
pub const PROOF_TYPE_ID_EIP191: &str = "ethereum-eip191-00";
|
||||||
|
|
||||||
|
// Identity proof, version 2022A
|
||||||
|
pub const PROOF_TYPE_ID_MINISIGN: &str = "MitraMinisignSignature2022A";
|
||||||
|
|
||||||
|
// Similar to https://identity.foundation/JcsEd25519Signature2020/
|
||||||
|
// - Canonicalization algorithm: JCS
|
||||||
|
// - Digest algorithm: SHA-256
|
||||||
|
// - Signature algorithm: RSASSA-PKCS1-v1_5
|
||||||
|
pub const PROOF_TYPE_JCS_RSA: &str = "JcsRsaSignature2022";
|
||||||
|
|
||||||
|
// Similar to EthereumPersonalSignature2021 but with JCS
|
||||||
|
pub const PROOF_TYPE_JCS_EIP191: &str ="JcsEip191Signature2022";
|
|
@ -3,25 +3,18 @@ use rsa::RsaPrivateKey;
|
||||||
use serde::{Deserialize, Serialize};
|
use serde::{Deserialize, Serialize};
|
||||||
use serde_json::Value;
|
use serde_json::Value;
|
||||||
|
|
||||||
use crate::identity::did_pkh::DidPkh;
|
use crate::identity::{
|
||||||
|
did_pkh::DidPkh,
|
||||||
|
signatures::{PROOF_TYPE_JCS_EIP191, PROOF_TYPE_JCS_RSA},
|
||||||
|
};
|
||||||
use crate::utils::canonicalization::{
|
use crate::utils::canonicalization::{
|
||||||
canonicalize_object,
|
canonicalize_object,
|
||||||
CanonicalizationError,
|
CanonicalizationError,
|
||||||
};
|
};
|
||||||
use crate::utils::crypto::sign_message;
|
use crate::utils::crypto::sign_message;
|
||||||
|
|
||||||
pub const PROOF_KEY: &str = "proof";
|
pub(super) const PROOF_KEY: &str = "proof";
|
||||||
|
pub(super) const PROOF_PURPOSE: &str = "assertionMethod";
|
||||||
// Similar to https://identity.foundation/JcsEd25519Signature2020/
|
|
||||||
// - Canonicalization algorithm: JCS
|
|
||||||
// - Digest algorithm: SHA-256
|
|
||||||
// - Signature algorithm: RSASSA-PKCS1-v1_5
|
|
||||||
pub const PROOF_TYPE_JCS_RSA: &str = "JcsRsaSignature2022";
|
|
||||||
|
|
||||||
// Similar to EthereumPersonalSignature2021 but with JCS
|
|
||||||
pub const PROOF_TYPE_JCS_EIP191: &str ="JcsEip191Signature2022";
|
|
||||||
|
|
||||||
pub const PROOF_PURPOSE: &str = "assertionMethod";
|
|
||||||
|
|
||||||
/// Data Integrity Proof
|
/// Data Integrity Proof
|
||||||
/// https://w3c.github.io/vc-data-integrity/
|
/// https://w3c.github.io/vc-data-integrity/
|
||||||
|
|
|
@ -5,7 +5,10 @@ use crate::ethereum::{
|
||||||
signatures::recover_address,
|
signatures::recover_address,
|
||||||
utils::address_to_string,
|
utils::address_to_string,
|
||||||
};
|
};
|
||||||
use crate::identity::did_pkh::DidPkh;
|
use crate::identity::{
|
||||||
|
did_pkh::DidPkh,
|
||||||
|
signatures::{PROOF_TYPE_JCS_EIP191, PROOF_TYPE_JCS_RSA},
|
||||||
|
};
|
||||||
use crate::utils::canonicalization::{
|
use crate::utils::canonicalization::{
|
||||||
canonicalize_object,
|
canonicalize_object,
|
||||||
CanonicalizationError,
|
CanonicalizationError,
|
||||||
|
@ -13,8 +16,6 @@ use crate::utils::canonicalization::{
|
||||||
use crate::utils::crypto::verify_signature;
|
use crate::utils::crypto::verify_signature;
|
||||||
use super::create::{
|
use super::create::{
|
||||||
IntegrityProof,
|
IntegrityProof,
|
||||||
PROOF_TYPE_JCS_EIP191,
|
|
||||||
PROOF_TYPE_JCS_RSA,
|
|
||||||
PROOF_KEY,
|
PROOF_KEY,
|
||||||
PROOF_PURPOSE,
|
PROOF_PURPOSE,
|
||||||
};
|
};
|
||||||
|
|
|
@ -20,10 +20,7 @@ use crate::errors::{DatabaseError, HttpError, ValidationError};
|
||||||
use crate::ethereum::contracts::ContractSet;
|
use crate::ethereum::contracts::ContractSet;
|
||||||
use crate::ethereum::eip4361::verify_eip4361_signature;
|
use crate::ethereum::eip4361::verify_eip4361_signature;
|
||||||
use crate::ethereum::gate::is_allowed_user;
|
use crate::ethereum::gate::is_allowed_user;
|
||||||
use crate::ethereum::identity::{
|
use crate::ethereum::identity::verify_eip191_identity_proof;
|
||||||
ETHEREUM_EIP191_PROOF,
|
|
||||||
verify_eip191_identity_proof,
|
|
||||||
};
|
|
||||||
use crate::identity::{
|
use crate::identity::{
|
||||||
claims::create_identity_claim,
|
claims::create_identity_claim,
|
||||||
did::Did,
|
did::Did,
|
||||||
|
@ -31,8 +28,8 @@ use crate::identity::{
|
||||||
minisign::{
|
minisign::{
|
||||||
minisign_key_to_did,
|
minisign_key_to_did,
|
||||||
verify_minisign_identity_proof,
|
verify_minisign_identity_proof,
|
||||||
IDENTITY_PROOF_MINISIGN,
|
|
||||||
},
|
},
|
||||||
|
signatures::{PROOF_TYPE_ID_EIP191, PROOF_TYPE_ID_MINISIGN},
|
||||||
};
|
};
|
||||||
use crate::json_signatures::{
|
use crate::json_signatures::{
|
||||||
create::{add_integrity_proof, IntegrityProof},
|
create::{add_integrity_proof, IntegrityProof},
|
||||||
|
@ -358,7 +355,7 @@ async fn create_identity_proof(
|
||||||
&message,
|
&message,
|
||||||
&proof_data.signature,
|
&proof_data.signature,
|
||||||
).map_err(|_| ValidationError("invalid signature"))?;
|
).map_err(|_| ValidationError("invalid signature"))?;
|
||||||
IDENTITY_PROOF_MINISIGN
|
PROOF_TYPE_ID_MINISIGN
|
||||||
},
|
},
|
||||||
Did::Pkh(ref did_pkh) => {
|
Did::Pkh(ref did_pkh) => {
|
||||||
if did_pkh.chain_id != ChainId::ethereum_mainnet() {
|
if did_pkh.chain_id != ChainId::ethereum_mainnet() {
|
||||||
|
@ -379,7 +376,7 @@ async fn create_identity_proof(
|
||||||
&message,
|
&message,
|
||||||
&proof_data.signature,
|
&proof_data.signature,
|
||||||
)?;
|
)?;
|
||||||
ETHEREUM_EIP191_PROOF
|
PROOF_TYPE_ID_EIP191
|
||||||
},
|
},
|
||||||
};
|
};
|
||||||
|
|
||||||
|
|
Loading…
Reference in a new issue