Skip to content

Commit

Permalink
Merge pull request #243 from qiluge/master
Browse files Browse the repository at this point in the history
fix compile bug; split verify date interface
  • Loading branch information
lucas7788 authored Jul 13, 2020
2 parents 75b95b6 + 8de9d80 commit 5ccda36
Show file tree
Hide file tree
Showing 6 changed files with 117 additions and 27 deletions.
79 changes: 65 additions & 14 deletions src/main/java/com/github/ontio/ontid/OntId2.java
Original file line number Diff line number Diff line change
Expand Up @@ -303,30 +303,65 @@ public boolean verifyCredDate(VerifiableCredential cred) throws Exception {
}
if (cred.issuanceDate != null && !cred.issuanceDate.isEmpty()) {
Date issuanceDate = formatter.parse(cred.issuanceDate);
return !issuanceDate.after(current);
return issuanceDate.before(current);
}
return true;
}

public boolean verifyCredExp(VerifiableCredential cred) throws Exception {
DateFormat formatter = new SimpleDateFormat("yyyy-MM-dd'T'HH:mm:ss'Z'");
formatter.setTimeZone(TimeZone.getTimeZone("UTC"));
Date current = new Date();
if (cred.expirationDate != null && !cred.expirationDate.isEmpty()) {
Date expiration = formatter.parse(cred.expirationDate);
return expiration.after(current);
}
return true;
}

public boolean verifyCredIssuanceDate(VerifiableCredential cred) throws Exception {
DateFormat formatter = new SimpleDateFormat("yyyy-MM-dd'T'HH:mm:ss'Z'");
formatter.setTimeZone(TimeZone.getTimeZone("UTC"));
Date current = new Date();
if (cred.issuanceDate != null && !cred.issuanceDate.isEmpty()) {
Date issuanceDate = formatter.parse(cred.issuanceDate);
return issuanceDate.before(current);
}
return true;
}

public boolean verifyJWTCredDate(String cred) throws Exception {
JWTCredential jwtCred = JWTCredential.deserializeToJWTCred(cred);
if (jwtCred.payload.exp == 0) {
return true;
}
return verifyJWTCredDate(jwtCred);
}

public boolean verifyJWTCredExp(String cred) throws Exception {
JWTCredential jwtCred = JWTCredential.deserializeToJWTCred(cred);
return verifyJWTCredExp(jwtCred);
}

public boolean verifyJWTCredIssuanceDate(String cred) throws Exception {
JWTCredential jwtCred = JWTCredential.deserializeToJWTCred(cred);
return verifyJWTCredIssuanceDate(jwtCred);
}

private boolean verifyJWTCredDate(JWTCredential jwtCred) {
return verifyJWTCredExp(jwtCred) && verifyJWTCredIssuanceDate(jwtCred);
}

// if jwtCred.payload.exp < 0, consider it is invalid
private boolean verifyJWTCredExp(JWTCredential jwtCred) {
return jwtCred.payload.exp == 0 || jwtCred.payload.exp > System.currentTimeMillis() / 1000;
}

private boolean verifyJWTCredIssuanceDate(JWTCredential jwtCred) {
long current = System.currentTimeMillis() / 1000;
if (jwtCred.payload.exp > 0 && current > jwtCred.payload.exp) {
if (jwtCred.payload.iat < 0 || jwtCred.payload.nbf < 0) {
return false;
}
if (jwtCred.payload.nbf > 0 && current < jwtCred.payload.nbf) {
if (current < jwtCred.payload.nbf) {
return false;
}
if (jwtCred.payload.iat <= 0) {
return true;
}
return current >= jwtCred.payload.iat;
}

Expand Down Expand Up @@ -437,6 +472,22 @@ public String createJWTPresentation(String[] creds, String[] context, String[] t
return jwtCred.toString();
}

// creds: old version jwt cred array
public String createPresentationFromOldCred(String[] creds, String[] context, String[] type, Object holder,
String challenge, Object domain, ProofPurpose purpose)
throws Exception {
JWTHeader header = new JWTHeader(signer.pubKey.type.getAlg(), this.signer.pubKey.id);

DateFormat formatter = new SimpleDateFormat("yyyy-MM-dd'T'HH:mm:ss'Z'");
formatter.setTimeZone(TimeZone.getTimeZone("UTC"));
String created = formatter.format(new Date());
Proof proof = new Proof(signer.pubKey.id, created, signer.pubKey.type, purpose, challenge, domain);
JWTPayload payload = new JWTPayload(genPresentationWithoutProof(null, context, type, holder), proof);
payload.vp.verifiableCredential = creds;
JWTCredential jwtCred = new JWTCredential(header, payload, signer.signer);
return jwtCred.toString();
}

private VerifiablePresentation genPresentationWithoutProof(VerifiableCredential[] creds, String[] context,
String[] type, Object holder) {
VerifiablePresentation presentation = new VerifiablePresentation();
Expand Down Expand Up @@ -567,16 +618,16 @@ public String removeJWTCred(String cred, Account payer, long gasLimit, long gasP
return "";
}

private boolean verifyPubKeyIdSignature(String ontId, String pubKeyId, byte[] needSignData,
byte[] signature) throws Exception {
public boolean verifyPubKeyIdSignature(String ontId, String pubKeyId, byte[] needSignData,
byte[] signature) throws Exception {
if (!pubKeyId.startsWith(ontId)) {
return false;
}
return verifyPubKeyIdSignature(pubKeyId, needSignData, signature);
}

private boolean verifyPubKeyIdSignature(String pubKeyId, byte[] needSignData,
byte[] signature) throws Exception {
public boolean verifyPubKeyIdSignature(String pubKeyId, byte[] needSignData,
byte[] signature) throws Exception {
String ontId = Util.getOntIdFromPubKeyURI(pubKeyId);
String allPubKeysJson = ontIdContract.sendGetPublicKeys(ontId);
ArrayList<OntIdPubKey> allPubKeys = new ArrayList<>(JSON.parseArray(allPubKeysJson, OntIdPubKey.class));
Expand All @@ -590,7 +641,7 @@ private boolean verifyPubKeyIdSignature(String pubKeyId, byte[] needSignData,
return false;
}

private boolean verifyOntIdSignature(String ontId, byte[] needSignData, byte[] signature) throws Exception {
public boolean verifyOntIdSignature(String ontId, byte[] needSignData, byte[] signature) throws Exception {
String allPubKeysJson = ontIdContract.sendGetPublicKeys(ontId);
ArrayList<OntIdPubKey> allPubKeys = new ArrayList<>(JSON.parseArray(allPubKeysJson, OntIdPubKey.class));
for (OntIdPubKey pubKey :
Expand Down
12 changes: 7 additions & 5 deletions src/main/java/com/github/ontio/ontid/jwt/JWTVP.java
Original file line number Diff line number Diff line change
Expand Up @@ -34,12 +34,14 @@ public JWTVP(VerifiablePresentation presentation, Proof proof) throws Exception
}
this.context = presentation.context;
this.type = presentation.type;
String[] verifiableCredential = new String[presentation.verifiableCredential.length];
for (int i = 0; i < presentation.verifiableCredential.length; i++) {
JWTCredential jwtCred = new JWTCredential(presentation.verifiableCredential[i]);
verifiableCredential[i] = jwtCred.toString();
if (presentation.verifiableCredential != null) {
String[] verifiableCredential = new String[presentation.verifiableCredential.length];
for (int i = 0; i < presentation.verifiableCredential.length; i++) {
JWTCredential jwtCred = new JWTCredential(presentation.verifiableCredential[i]);
verifiableCredential[i] = jwtCred.toString();
}
this.verifiableCredential = verifiableCredential;
}
this.verifiableCredential = verifiableCredential;
this.proof = proof.genJWTProof();
}
}
1 change: 1 addition & 0 deletions src/main/java/com/github/ontio/smartcontract/NeoVm.java
Original file line number Diff line number Diff line change
Expand Up @@ -25,6 +25,7 @@
import com.github.ontio.core.transaction.Transaction;
import com.github.ontio.ontid.OntId2;
import com.github.ontio.smartcontract.neovm.*;
import com.github.ontio.smartcontract.neovm.Record;
import com.github.ontio.smartcontract.neovm.abi.AbiFunction;
import com.github.ontio.sdk.exception.SDKException;
import com.github.ontio.smartcontract.neovm.abi.BuildParams;
Expand Down
24 changes: 17 additions & 7 deletions src/main/java/com/github/ontio/smartcontract/nativevm/OntId.java
Original file line number Diff line number Diff line change
Expand Up @@ -2246,18 +2246,28 @@ public boolean verifyCredNotExpired(String cred) throws Exception {
JSONObject payloadObj = JSON.parseObject(new String(payloadBytes));
long currentTime = System.currentTimeMillis() / 1000;
long expiration = payloadObj.getLong("exp");
if (expiration > 0 && expiration < currentTime) {
if (expiration < 0) {
return false;
}
long iat = payloadObj.getLong("iat");
if (iat > 0 && iat > currentTime) {
return false;
return expiration == 0 || expiration >= currentTime;
}

public boolean verifyCredIssuanceDate(String cred) throws Exception {
if ("".equals(cred)) {
throw new SDKException(ErrorCode.ParamErr("cred should not be null"));
}
String[] obj = cred.split("\\.");
if (obj.length != 3) {
throw new SDKException(ErrorCode.ParamError);
}
long nbf = payloadObj.getLong("nbf");
if (nbf > 0 && nbf > currentTime) {
byte[] payloadBytes = Base64.getDecoder().decode(obj[1].getBytes());
JSONObject payloadObj = JSON.parseObject(new String(payloadBytes));
long currentTime = System.currentTimeMillis() / 1000;
long iat = payloadObj.getLong("iat");
if (iat < 0) {
return false;
}
return true;
return iat == 0 || iat <= currentTime;
}

public boolean verifyCredSignature(String cred) throws Exception {
Expand Down
2 changes: 1 addition & 1 deletion src/main/java/demo/OntId2Demo.java
Original file line number Diff line number Diff line change
Expand Up @@ -14,7 +14,7 @@

public class OntId2Demo {
static long gasLimit = 2000000;
static long gasPrice = 500;
static long gasPrice = 2500;
static String password = "passwordtest";

public static void main(String[] args) {
Expand Down
26 changes: 26 additions & 0 deletions src/test/java/com/github/ontio/ontid/OntId2Test.java
Original file line number Diff line number Diff line change
Expand Up @@ -5,6 +5,7 @@
import com.github.ontio.account.Account;
import com.github.ontio.common.Helper;
import com.github.ontio.crypto.Digest;
import com.github.ontio.ontid.jwt.JWTCredential;
import com.github.ontio.sdk.wallet.Identity;
import junit.framework.TestCase;

Expand Down Expand Up @@ -200,6 +201,31 @@ public void testJWTPresentation() {
}
}

public void testPresentationFromOldCred() throws Exception {
String oldCred = "";
String challenge = "d1b23d3...3d23d32d2";
String[] domain = new String[]{"https://example.com"};
String presentation = owner.createPresentationFromOldCred(new String[]{oldCred}, null,
null, ownerIdentity.ontid, challenge, domain, ProofPurpose.assertionMethod);
assertNotNull(presentation);
JWTCredential jwtCred = JWTCredential.deserializeToJWTCred(presentation);
// check jws
// byte[] needSignData = jwtCred.genNeedSignData();
// byte[] signature = jwtCred.parseSignature();
// boolean presentationSigValid = verifier.verifyPubKeyIdSignature(jwtCred.header.kid, needSignData, signature);
// assertTrue(presentationSigValid);
String[] credibleOntIds = new String[]{"did:ont:AHzUfrqpNwHBfXA72D9HciNAKuCr83SzDG"};
for (String vc : jwtCred.payload.vp.verifiableCredential) {
// assertTrue(ontSdk.nativevm().ontId().verifyCredNotExpired(vc));
// assertTrue(ontSdk.nativevm().ontId().verifyCredIssuanceDate(vc));
// assertTrue(ontSdk.nativevm().ontId().verifyCredOntIdCredible(vc, credibleOntIds));
// assertTrue(ontSdk.nativevm().ontId().verifyCredSignature(vc));
// use corresponding credential record contract to verify credential status
// ontSdk.neovm().credentialRecord().setContractAddress("36bb5c053b6b839c8f6b923fe852f91239b9fccc");
// assertTrue(ontSdk.nativevm().ontId().verifyCredNotRevoked(vc));
}
}

public void testVerifyPresentationProof() {
try {
CredentialSubject subject1 = new CredentialSubject(ownerIdentity.ontid, "nnn", "sss");
Expand Down

0 comments on commit 5ccda36

Please sign in to comment.