1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
|
<?php
namespace Zotlabs\Lib;
use Mmccook\JsonCanonicalizator\JsonCanonicalizatorFactory;
use StephenHill\Base58;
class JcsEddsa2022 {
/**
* Sign arbitrary data with the keys of the provided channel.
*
* @param $data The data to be signed.
* @param array $channel A channel as an array of key/value pairs.
*
* @return An array with the following fields:
* - `type`: The type of signature, always `DataIntegrityProof`.
* - `cryptosuite`: The cryptographic algorithm used, always `eddsa-jcs-2022`.
* - `created`: The UTC date and timestamp when the signature was created.
* - `verificationMethod`: The channel URL and the public key separated by a `#`.
* - `proofPurpose`: The purpose of the signature, always `assertionMethod`.
* - `proofValue`: The signature itself.
*
* @throws JcsEddsa2022SignatureException if the channel is missing, or
* don't have valid keys.
*/
public function sign($data, $channel): array {
if (!is_array($channel) || !isset($channel['channel_epubkey'], $channel['channel_eprvkey'])) {
throw new JcsEddsa2022SignException('Invalid or missing channel provided.');
}
$base58 = new Base58();
$pubkey = (new Multibase())->publicKey($channel['channel_epubkey']);
$options = [
'type' => 'DataIntegrityProof',
'cryptosuite' => 'eddsa-jcs-2022',
'created' => datetime_convert('UTC', 'UTC', 'now', ATOM_TIME),
'verificationMethod' => channel_url($channel) . '#' . $pubkey,
'proofPurpose' => 'assertionMethod',
];
$optionsHash = $this->hash($this->signableOptions($options), true);
$dataHash = $this->hash($this->signableData($data), true);
$options['proofValue'] = 'z' . $base58->encode(sodium_crypto_sign_detached($optionsHash . $dataHash,
sodium_base642bin($channel['channel_eprvkey'], SODIUM_BASE64_VARIANT_ORIGINAL_NO_PADDING)));
return $options;
}
public function verify($data, $publicKey) {
$base58 = new Base58();
$encodedSignature = $data['proof']['proofValue'] ?? '';
if (!str_starts_with($encodedSignature,'z')) {
return false;
}
$encodedSignature = substr($encodedSignature, 1);
$optionsHash = $this->hash($this->signableOptions($data['proof']), true);
$dataHash = $this->hash($this->signableData($data),true);
try {
$result = sodium_crypto_sign_verify_detached($base58->decode($encodedSignature), $optionsHash . $dataHash,
(new Multibase())->decode($publicKey, true));
}
catch (\Exception $e) {
logger('verify exception:' . $e->getMessage());
}
logger('SignatureVerify (eddsa-jcs-2022) ' . (($result) ? 'true' : 'false'));
return $result;
}
public function signableData($data) {
$signableData = [];
if ($data) {
foreach ($data as $k => $v) {
if (!in_array($k, ['proof', 'signature'])) {
$signableData[$k] = $v;
}
}
}
return $signableData;
}
public function signableOptions($options) {
$signableOptions = [];
if ($options) {
foreach ($options as $k => $v) {
if ($k !== 'proofValue') {
$signableOptions[$k] = $v;
}
}
}
return $signableOptions;
}
public function hash($obj, $binary = false) {
return hash('sha256', $this->canonicalize($obj), $binary);
}
public function canonicalize($data) {
$canonicalization = JsonCanonicalizatorFactory::getInstance();
return $canonicalization->canonicalize($data);
}
}
|
