refactor: grouped the logic for document json-ld canonization under a…

… common function
hypersign-protocol · Nov 8, 2023 · ce0091b · ce0091b
1 parent 915af78
commit ce0091b
Show file tree

Hide file tree

Showing 5 changed files with 73 additions and 130 deletions.
diff --git a/cmd/hid-noded/cmd/debug_extensions.go b/cmd/hid-noded/cmd/debug_extensions.go
@@ -338,22 +338,22 @@ func signDidDocCmd() *cobra.Command {
 			case types.Ed25519Signature2020:
 				var didDocBytes []byte
 				if len(didDoc.Context) > 0 {
-					didDocBytes, err = ldcontext.EdDSACryptoSuite2020Canonize(&didDoc, &didDocProof)
+					didDocBytes, err = ldcontext.Ed25519Signature2020Normalize(&didDoc, &didDocProof)
 					if err != nil {
 						return err
 					}
 				} else {
 					didDocBytes = didDoc.GetSignBytes()
 				}
-				
+
 				signature, err = hidnodecli.GetEd25519Signature2020(argPrivateKey, didDocBytes[:])
 				if err != nil {
 					return err
 				}
 			case types.EcdsaSecp256k1Signature2019:
 				var didDocBytes []byte
 				if len(didDoc.Context) > 0 {
-					didDocBytes, err = ldcontext.EcdsaSecp256k1Signature2019Canonize(&didDoc, &didDocProof)
+					didDocBytes, err = ldcontext.EcdsaSecp256k1Signature2019Normalize(&didDoc, &didDocProof)
 					if err != nil {
 						return err
 					}
@@ -368,7 +368,7 @@ func signDidDocCmd() *cobra.Command {
 			case types.EcdsaSecp256k1RecoverySignature2020:
 				var didDocBytes []byte
 				if len(didDoc.Context) > 0 {
-					didDocBytes, err = ldcontext.EcdsaSecp256k1RecoverySignature2020Canonize(&didDoc, &didDocProof)
+					didDocBytes, err = ldcontext.EcdsaSecp256k1RecoverySignature2020Normalize(&didDoc, &didDocProof)
 					if err != nil {
 						return err
 					}
@@ -383,7 +383,7 @@ func signDidDocCmd() *cobra.Command {
 			case types.BbsBlsSignature2020:
 				var didDocBytes []byte
 				if len(didDoc.Context) > 0 {
-					didDocBytes, err = ldcontext.BbsBlsSignature2020Canonize(&didDoc, &didDocProof)
+					didDocBytes, err = ldcontext.BbsBlsSignature2020Normalize(&didDoc, &didDocProof)
 					if err != nil {
 						return err
 					}

diff --git a/x/ssi/client/cli/tx_ssi.go b/x/ssi/client/cli/tx_ssi.go
@@ -97,7 +97,7 @@ func CmdRegisterDID() *cobra.Command {
 					},
 				}
 
-				didDocCanonizedHash, err := ldcontext.EcdsaSecp256k1Signature2019Canonize(&didDoc, didDocumentProofs[0])
+				didDocCanonizedHash, err := ldcontext.EcdsaSecp256k1Signature2019Normalize(&didDoc, didDocumentProofs[0])
 				if err != nil {
 					return err
 				}
@@ -119,7 +119,7 @@ func CmdRegisterDID() *cobra.Command {
 				if err != nil {
 					return err
 				}
-				didDocumentProofs[0].ProofValue = base64.StdEncoding.EncodeToString(signatureBytes)				
+				didDocumentProofs[0].ProofValue = base64.StdEncoding.EncodeToString(signatureBytes)
 			}
 
 			// Submit RegisterDID Tx

diff --git a/x/ssi/ld-context/normalize.go b/x/ssi/ld-context/normalize.go
@@ -1,33 +1,35 @@
 package ldcontext
 
 import (
+	"crypto/sha256"
+
 	"github.com/hypersign-protocol/hid-node/x/ssi/types"
 )
 
-// NormalizeByVerificationMethodType canonizes DID Document based on the input Verification
+// NormalizeByVerificationMethodType normalizes DID Document based on the input Verification
 // Method type
 func NormalizeByVerificationMethodType(didDoc *types.DidDocument, vmType string, didDocumentProof *types.DocumentProof) ([]byte, error) {
 	switch vmType {
 	case types.Ed25519VerificationKey2020:
-		didDocBytes, err := EdDSACryptoSuite2020Canonize(didDoc, didDocumentProof)
+		didDocBytes, err := Ed25519Signature2020Normalize(didDoc, didDocumentProof)
 		if err != nil {
 			return nil, err
 		}
 		return didDocBytes, nil
 	case types.EcdsaSecp256k1RecoveryMethod2020:
-		didDocBytes, err := EcdsaSecp256k1RecoverySignature2020Canonize(didDoc, didDocumentProof)
+		didDocBytes, err := EcdsaSecp256k1RecoverySignature2020Normalize(didDoc, didDocumentProof)
 		if err != nil {
 			return nil, err
 		}
 		return didDocBytes, nil
 	case types.Bls12381G2Key2020:
-		didDocBytes, err := BbsBlsSignature2020Canonize(didDoc, didDocumentProof)
+		didDocBytes, err := BbsBlsSignature2020Normalize(didDoc, didDocumentProof)
 		if err != nil {
 			return nil, err
 		}
 		return didDocBytes, nil
 	case types.EcdsaSecp256k1VerificationKey2019:
-		didDocBytes, err := EcdsaSecp256k1Signature2019Canonize(didDoc, didDocumentProof)
+		didDocBytes, err := EcdsaSecp256k1Signature2019Normalize(didDoc, didDocumentProof)
 		if err != nil {
 			return nil, err
 		}
@@ -36,3 +38,55 @@ func NormalizeByVerificationMethodType(didDoc *types.DidDocument, vmType string,
 		return didDoc.GetSignBytes(), nil
 	}
 }
+
+// normalizeDocumentWithProof normalizes the DidDocument along with Document Proof
+// Read more: https://w3c.github.io/vc-di-eddsa/#representation-ed25519signature2020
+func normalizeDocumentWithProof(didDoc *types.DidDocument, didDocProof *types.DocumentProof) ([]byte, error) {
+	jsonLdDid := NewJsonLdDid(didDoc)
+	canonizedDidDocument, err := jsonLdDid.NormalizeWithURDNA2015()
+	if err != nil {
+		return nil, err
+	}
+	canonizedDidDocumentHash := sha256.Sum256([]byte(canonizedDidDocument))
+
+	jsonLdDocumentProof := NewJsonLdDocumentProof(didDocProof, didDoc.Context)
+	canonizedDocumentProof, err := jsonLdDocumentProof.NormalizeWithURDNA2015()
+	if err != nil {
+		return nil, err
+	}
+	canonizedDocumentProofHash := sha256.Sum256([]byte(canonizedDocumentProof))
+
+	var finalNormalizedHash []byte = []byte{}
+	// NOTE: The order is: ProofHash + DocumentHash
+	finalNormalizedHash = append(finalNormalizedHash, canonizedDocumentProofHash[:]...)
+	finalNormalizedHash = append(finalNormalizedHash, canonizedDidDocumentHash[:]...)
+
+	return finalNormalizedHash, nil
+}
+
+// Ed25519Signature2020Normalize normalizes DID Document in accordance with
+// EdDSA Cryptosuite v2020 (https://www.w3.org/community/reports/credentials/CG-FINAL-di-eddsa-2020-20220724/)
+func Ed25519Signature2020Normalize(didDoc *types.DidDocument, didDocProof *types.DocumentProof) ([]byte, error) {
+	return normalizeDocumentWithProof(didDoc, didDocProof)
+}
+
+// EcdsaSecp256k1RecoverySignature2020Normalize normalizes DID Document in accordance with
+// the Identity Foundation draft on EcdsaSecp256k1RecoverySignature2020
+// Read more: https://identity.foundation/EcdsaSecp256k1RecoverySignature2020/
+func EcdsaSecp256k1RecoverySignature2020Normalize(didDoc *types.DidDocument, didDocProof *types.DocumentProof) ([]byte, error) {
+	return normalizeDocumentWithProof(didDoc, didDocProof)
+}
+
+// BbsBlsSignature2020Normalize normalizes the DID Document for the
+// BbsBlsSignature2020 signature type
+// Read more: https://identity.foundation/bbs-signature/draft-irtf-cfrg-bbs-signatures.html
+func BbsBlsSignature2020Normalize(didDoc *types.DidDocument, didDocProof *types.DocumentProof) ([]byte, error) {
+	return normalizeDocumentWithProof(didDoc, didDocProof)
+}
+
+// EcdsaSecp256k1Signature2019Normalize normalizes the DID Document for the
+// EcdsaSecp256k1Signature2019 signature type
+// Read more: https://w3c-ccg.github.io/lds-ecdsa-secp256k1-2019/
+func EcdsaSecp256k1Signature2019Normalize(didDoc *types.DidDocument, didDocProof *types.DocumentProof) ([]byte, error) {
+	return normalizeDocumentWithProof(didDoc, didDocProof)
+}
diff --git a/x/ssi/ld-context/suite.go b/x/ssi/ld-context/suite.go
diff --git a/x/ssi/verification/client_spec.go b/x/ssi/verification/client_spec.go
@@ -67,7 +67,7 @@ func getDocBytesByClientSpec(ssiMsg types.SsiMsg, extendedVm *types.ExtendedVeri
 		}
 
 		if didDoc, ok := ssiMsg.(*types.DidDocument); ok && len(didDoc.Context) > 0 {
-			canonizedDidDocHash, err := ldcontext.EcdsaSecp256k1Signature2019Canonize(didDoc, extendedVm.Proof)
+			canonizedDidDocHash, err := ldcontext.EcdsaSecp256k1Signature2019Normalize(didDoc, extendedVm.Proof)
 			if err != nil {
 				return nil, err
 			}
@@ -77,18 +77,18 @@ func getDocBytesByClientSpec(ssiMsg types.SsiMsg, extendedVm *types.ExtendedVeri
 		return getCosmosADR036SignDocBytes(ssiMsg.GetSignBytes(), signerAddress)
 	case types.CLIENT_SPEC_TYPE_ETH_PERSONAL_SIGN:
 		if didDoc, ok := ssiMsg.(*types.DidDocument); ok && len(didDoc.Context) > 0 {
-			canonizedDidDocHash, err := ldcontext.EcdsaSecp256k1RecoverySignature2020Canonize(didDoc, extendedVm.Proof)
+			canonizedDidDocHash, err := ldcontext.EcdsaSecp256k1RecoverySignature2020Normalize(didDoc, extendedVm.Proof)
 			if err != nil {
 				return nil, err
 			}
 
-			// TODO: This is temporary fix eth.personal.sign() client function, since it only signs JSON 
+			// TODO: This is temporary fix eth.personal.sign() client function, since it only signs JSON
 			// stringified document and hence the following struct was used to sign from the Client end.
-			return json.Marshal(struct{
-				DidId string `json:"didId"`
+			return json.Marshal(struct {
+				DidId        string `json:"didId"`
 				DidDocDigest string `json:"didDocDigest"`
-			} {
-				DidId: didDoc.Id,
+			}{
+				DidId:        didDoc.Id,
 				DidDocDigest: hex.EncodeToString(canonizedDidDocHash),
 			})
 		}