diff options
| -rw-r--r-- | Zotlabs/Lib/JcsEddsa2022.php | 25 | ||||
| -rw-r--r-- | Zotlabs/Lib/JcsEddsa2022SignException.php | 15 | ||||
| -rw-r--r-- | tests/unit/Lib/ActivityTest.php | 7 | ||||
| -rw-r--r-- | tests/unit/Lib/JcsEddsa2022Test.php | 8 |
4 files changed, 51 insertions, 4 deletions
diff --git a/Zotlabs/Lib/JcsEddsa2022.php b/Zotlabs/Lib/JcsEddsa2022.php index 14f16c94b..c56f093af 100644 --- a/Zotlabs/Lib/JcsEddsa2022.php +++ b/Zotlabs/Lib/JcsEddsa2022.php @@ -7,11 +7,28 @@ use StephenHill\Base58; class JcsEddsa2022 { - public function __construct() { - return $this; - } - + /** + * Sign arbitrary data with the keys of the provided channel. + * + * @param $data The data to be signed. + * @param array $channel A channel as an array of key/value pairs. + * + * @return An array with the following fields: + * - `type`: The type of signature, always `DataIntegrityProof`. + * - `cryptosuite`: The cryptographic algorithm used, always `eddsa-jcs-2022`. + * - `created`: The UTC date and timestamp when the signature was created. + * - `verificationMethod`: The channel URL and the public key separated by a `#`. + * - `proofPurpose`: The purpose of the signature, always `assertionMethod`. + * - `proofValue`: The signature itself. + * + * @throws JcsEddsa2022SignatureException if the channel is missing, or + * don't have valid keys. + */ public function sign($data, $channel): array { + if (!is_array($channel) || !isset($channel['channel_epubkey'], $channel['channel_eprvkey'])) { + throw new JcsEddsa2022SignException('Invalid or missing channel provided.'); + } + $base58 = new Base58(); $pubkey = (new Multibase())->publicKey($channel['channel_epubkey']); $options = [ diff --git a/Zotlabs/Lib/JcsEddsa2022SignException.php b/Zotlabs/Lib/JcsEddsa2022SignException.php new file mode 100644 index 000000000..81d02d631 --- /dev/null +++ b/Zotlabs/Lib/JcsEddsa2022SignException.php @@ -0,0 +1,15 @@ +<?php +/* + * SPDX-FileCopyrightText: 2025 The Hubzilla Community + * SPDX-FileContributor: Harald Eilertsen <haraldei@anduin.net> + * + * SPDX-License-Identifier: MIT + */ + +namespace Zotlabs\Lib; + +use Exception; + +class JcsEddsa2022SignException extends Exception +{ +} diff --git a/tests/unit/Lib/ActivityTest.php b/tests/unit/Lib/ActivityTest.php index 1857487c8..46f53ecd9 100644 --- a/tests/unit/Lib/ActivityTest.php +++ b/tests/unit/Lib/ActivityTest.php @@ -274,4 +274,11 @@ class ActivityTest extends UnitTestCase { ]; } + public function testBuildPacketWithEmptyChannel(): void { + $data = [ 'aKey' => 'aValue' ]; + $packet = json_decode(Activity::build_packet($data, []), true); + + $this->assertArrayHasKey('aKey', $packet); + $this->assertEquals('aValue', $packet['aKey']); + } } diff --git a/tests/unit/Lib/JcsEddsa2022Test.php b/tests/unit/Lib/JcsEddsa2022Test.php index d18ad01ce..7cdc655f8 100644 --- a/tests/unit/Lib/JcsEddsa2022Test.php +++ b/tests/unit/Lib/JcsEddsa2022Test.php @@ -3,6 +3,7 @@ namespace Zotlabs\Tests\Unit\Lib; use Zotlabs\Lib\JcsEddsa2022; +use Zotlabs\Lib\JcsEddsa2022SignException; use Zotlabs\Tests\Unit\UnitTestCase; class JcsEddsa2022Test extends UnitTestCase { @@ -171,4 +172,11 @@ class JcsEddsa2022Test extends UnitTestCase { $this->assertTrue($verified, 'Verify encode and decode eddsa-jcs-2022'); } + + public function testSignWithInvalidChannelShouldBeRejected(): void { + $this->expectException(JcsEddsa2022SignException::class); + + $alg = new JcsEddsa2022(); + $res = $alg->sign([], []); + } } |