feat: Better support for cryptosuites

Author: peacekeeper

src/main/java/com/danubetech/dataintegrity/signer/DataIntegrityProofLdSigner.java

@@ -27,7 +27,7 @@ public DataIntegrityProofLdSigner() {
     public Canonicalizer getCanonicalizer(DataIntegrityProof dataIntegrityProof) {
         String cryptosuite = dataIntegrityProof.getCryptosuite();
         if (cryptosuite == null) return RDFC10Canonicalizer.getInstance();
-        Canonicalizer canonicalizer = DataIntegrityProofDataIntegritySuite.findCanonicalizerByCryptosuite(cryptosuite);
+        Canonicalizer canonicalizer = DataIntegritySuites.DATA_INTEGRITY_SUITE_DATAINTEGRITYPROOF.findCanonicalizerByCryptosuite(cryptosuite);
         if (canonicalizer == null) throw new IllegalArgumentException("Unknown cryptosuite: " + cryptosuite);
         return canonicalizer;
     }
@@ -40,11 +40,11 @@ public static void sign(DataIntegrityProof.Builder<? extends DataIntegrityProof.
 
         algorithm = signer.getAlgorithm();
         if (cryptosuite != null) {
-            if (! DataIntegrityProofDataIntegritySuite.findCryptosuitesByJwsAlgorithm(algorithm).contains(cryptosuite)) {
+            if (! DataIntegritySuites.DATA_INTEGRITY_SUITE_DATAINTEGRITYPROOF.findCryptosuitesByJwsAlgorithm(algorithm).contains(cryptosuite)) {
                 throw new GeneralSecurityException("Algorithm " + algorithm + " is not supported by cryptosuite " + cryptosuite);
             }
         } else {
-            cryptosuite = DataIntegrityProofDataIntegritySuite.findDefaultCryptosuiteByJwsAlgorithm(algorithm);
+            cryptosuite = DataIntegritySuites.DATA_INTEGRITY_SUITE_DATAINTEGRITYPROOF.findDefaultCryptosuiteByJwsAlgorithm(algorithm);
             ldProofBuilder.cryptosuite(cryptosuite);
         }
         if (log.isDebugEnabled()) log.debug("Determined algorithm {} and cryptosuite: {}", algorithm, cryptosuite);

src/main/java/com/danubetech/dataintegrity/signer/LdSigner.java

@@ -135,7 +135,7 @@ public DataIntegrityProof sign(JsonLDObject jsonLdObject) throws IOException, Ge
         return this.sign(jsonLdObject, true, false);
     }
 
-    public DataIntegritySuite getDataIntegritySuite() {
+    public DATAINTEGRITYSUITE getDataIntegritySuite() {
         return this.dataIntegritySuite;
     }
 

src/main/java/com/danubetech/dataintegrity/signer/LdSignerRegistry.java

@@ -2,6 +2,8 @@
 
 import com.danubetech.dataintegrity.suites.DataIntegritySuite;
 import com.danubetech.dataintegrity.suites.DataIntegritySuites;
+import org.slf4j.Logger;
+import org.slf4j.LoggerFactory;
 
 import java.lang.reflect.InvocationTargetException;
 import java.lang.reflect.ParameterizedType;
@@ -11,6 +13,8 @@
 
 public class LdSignerRegistry {
 
+    private static final Logger log = LoggerFactory.getLogger(LdSignerRegistry.class);
+
     public static final List<Class<? extends LdSigner<? extends DataIntegritySuite>>> LD_SIGNERS = List.of(
             RsaSignature2018LdSigner.class,
             Ed25519Signature2018LdSigner.class,
@@ -44,6 +48,7 @@ public static LdSigner<? extends DataIntegritySuite> getLdSignerByDataIntegrityS
         } catch (InstantiationException | IllegalAccessException | InvocationTargetException | NoSuchMethodException ex) {
             throw new RuntimeException(ex.getMessage(), ex);
         }
+        if (log.isDebugEnabled()) log.debug("Found LD signer " + ldSigner.getClass() + " for data integrity suite " + dataIntegritySuiteTerm);
         return ldSigner;
     }
 

src/main/java/com/danubetech/dataintegrity/suites/DataIntegrityProofDataIntegritySuite.java

@@ -10,6 +10,7 @@
 import java.net.URI;
 import java.util.List;
 import java.util.Map;
+import java.util.stream.Collectors;
 
 public class DataIntegrityProofDataIntegritySuite extends DataIntegritySuite {
 
@@ -36,22 +37,29 @@ public class DataIntegrityProofDataIntegritySuite extends DataIntegritySuite {
 				"DataIntegrityProof",
 				URI.create("https://w3id.org/security#DataIntegrityProof"),
 				Map.of(KeyTypeName.Ed25519, List.of(JWSAlgorithm.EdDSA),
-						KeyTypeName.secp256k1, List.of(JWSAlgorithm.ES256K),
+						KeyTypeName.secp256k1, List.of(JWSAlgorithm.ES256K, JWSAlgorithm.ES256KS),
 						KeyTypeName.P_256, List.of(JWSAlgorithm.ES256),
 						KeyTypeName.P_384, List.of(JWSAlgorithm.ES384),
 						KeyTypeName.P_521, List.of(JWSAlgorithm.ES512)),
                 List.of(LDSecurityContexts.JSONLD_CONTEXT_W3ID_DATAINTEGRITY_V2));
 	}
 
-	public static Canonicalizer findCanonicalizerByCryptosuite(String cryptosuite) {
+	@Override
+	public List<String> findJwsAlgorithmsForKeyTypeName(KeyTypeName keyTypeName, String cryptosuite) {
+		List<String> jwsAlgorithms = super.findJwsAlgorithmsForKeyTypeName(keyTypeName, cryptosuite);
+		jwsAlgorithms = jwsAlgorithms.stream().filter(jwsAlgorithm -> this.findCryptosuitesByJwsAlgorithm(jwsAlgorithm).contains(cryptosuite)).collect(Collectors.toList());
+		return jwsAlgorithms;
+	}
+
+	public Canonicalizer findCanonicalizerByCryptosuite(String cryptosuite) {
 		return CANONICALIZERS_BY_CRYPTOSUITE.get(cryptosuite);
 	}
 
-	public static List<String> findCryptosuitesByJwsAlgorithm(String jwsAlgorithm) {
+	public List<String> findCryptosuitesByJwsAlgorithm(String jwsAlgorithm) {
 		return CRYPTOSUITES_BY_JWS_ALGORITHM.get(jwsAlgorithm);
 	}
 
-	public static String findDefaultCryptosuiteByJwsAlgorithm(String jwsAlgorithm) {
+	public String findDefaultCryptosuiteByJwsAlgorithm(String jwsAlgorithm) {
 		List<String> foundCryptosuiteByJwsAlgorithm = findCryptosuitesByJwsAlgorithm(jwsAlgorithm);
 		return foundCryptosuiteByJwsAlgorithm == null ? null : foundCryptosuiteByJwsAlgorithm.get(0);
 	}

src/main/java/com/danubetech/dataintegrity/suites/DataIntegritySuite.java

@@ -29,34 +29,42 @@ public List<String> findJwsAlgorithmsForKeyTypeName(KeyTypeName keyTypeName) {
 		return this.getKeyTypeNamesAndJwsAlgorithms().get(keyTypeName);
 	}
 
+	public List<String> findJwsAlgorithmsForKeyTypeName(KeyTypeName keyTypeName, String cryptosuite) {
+		return this.findJwsAlgorithmsForKeyTypeName(keyTypeName);
+	}
+
 	public String findDefaultJwsAlgorithmForKeyTypeName(KeyTypeName keyTypeName) {
 		List<String> foundAlgorithmsForKeyTypeName = this.findJwsAlgorithmsForKeyTypeName(keyTypeName);
 		return (foundAlgorithmsForKeyTypeName == null || foundAlgorithmsForKeyTypeName.isEmpty()) ? null : foundAlgorithmsForKeyTypeName.get(0);
 	}
 
+	public String findDefaultJwsAlgorithmForKeyTypeName(KeyTypeName keyTypeName, String cryptosuite) {
+		return this.findDefaultJwsAlgorithmForKeyTypeName(keyTypeName);
+	}
+
 	public URI getDefaultSupportedJsonLDContext() {
 		List<URI> supportedJsonLDContexts = this.getSupportedJsonLDContexts();
 		return (supportedJsonLDContexts == null || supportedJsonLDContexts.isEmpty()) ? null : supportedJsonLDContexts.get(0);
 	}
 
 	public String getTerm() {
-		return term;
+		return this.term;
 	}
 
 	public URI getId() {
-		return id;
+		return this.id;
 	}
 
 	public URI getType() {
-		return type;
+		return this.type;
 	}
 
 	public Map<KeyTypeName, List<String>> getKeyTypeNamesAndJwsAlgorithms() {
-		return keyTypeNamesAndJwsAlgorithms;
+		return this.keyTypeNamesAndJwsAlgorithms;
 	}
 
 	public List<URI> getSupportedJsonLDContexts() {
-		return supportedJsonLDContexts;
+		return this.supportedJsonLDContexts;
 	}
 
 	@Override

src/main/java/com/danubetech/dataintegrity/suites/DataIntegritySuites.java

@@ -1,11 +1,15 @@
 package com.danubetech.dataintegrity.suites;
 
 import com.danubetech.keyformats.jose.KeyTypeName;
+import org.slf4j.Logger;
+import org.slf4j.LoggerFactory;
 
 import java.util.*;
 
 public class DataIntegritySuites {
 
+	private static final Logger log = LoggerFactory.getLogger(DataIntegritySuites.class);
+
 	public static final RsaSignature2018DataIntegritySuite DATA_INTEGRITY_SUITE_RSASIGNATURE2018 = new RsaSignature2018DataIntegritySuite();
 	public static final Ed25519Signature2018DataIntegritySuite DATA_INTEGRITY_SUITE_ED25519SIGNATURE2018 = new Ed25519Signature2018DataIntegritySuite();
 	public static final Ed25519Signature2020DataIntegritySuite DATA_INTEGRITY_SUITE_ED25519SIGNATURE2020 = new Ed25519Signature2020DataIntegritySuite();
@@ -75,6 +79,8 @@ public static List<DataIntegritySuite> findDataIntegritySuitesByKeyTypeName(KeyT
 
 	public static DataIntegritySuite findDefaultDataIntegritySuiteByKeyTypeName(KeyTypeName keyTypeName) {
 		List<DataIntegritySuite> foundDataIntegritySuitesByKeyTypeName = findDataIntegritySuitesByKeyTypeName(keyTypeName);
-		return foundDataIntegritySuitesByKeyTypeName == null ? null : foundDataIntegritySuitesByKeyTypeName.get(0);
+		DataIntegritySuite dataIntegritySuite = foundDataIntegritySuitesByKeyTypeName == null ? null : foundDataIntegritySuitesByKeyTypeName.get(0);
+		if (log.isDebugEnabled()) log.debug("Found default data integrity suite for key type " + keyTypeName.getValue() + ": " + dataIntegritySuite);
+		return dataIntegritySuite;
 	}
 }

src/main/java/com/danubetech/dataintegrity/verifier/DataIntegrityProofLdVerifier.java

@@ -27,7 +27,7 @@ public DataIntegrityProofLdVerifier() {
     public Canonicalizer getCanonicalizer(DataIntegrityProof dataIntegrityProof) {
         String cryptosuite = dataIntegrityProof.getCryptosuite();
         if (cryptosuite == null) return RDFC10Canonicalizer.getInstance();
-        Canonicalizer canonicalizer = DataIntegrityProofDataIntegritySuite.findCanonicalizerByCryptosuite(cryptosuite);
+        Canonicalizer canonicalizer = DataIntegritySuites.DATA_INTEGRITY_SUITE_DATAINTEGRITYPROOF.findCanonicalizerByCryptosuite(cryptosuite);
         if (canonicalizer == null) throw new IllegalArgumentException("Unknown cryptosuite: " + cryptosuite);
         return canonicalizer;
     }
@@ -42,7 +42,7 @@ public static boolean verify(byte[] signingInput, DataIntegrityProof dataIntegri
         String algorithm;
 
         algorithm = verifier.getAlgorithm();
-        if (! DataIntegrityProofDataIntegritySuite.findCryptosuitesByJwsAlgorithm(algorithm).contains(cryptosuite)) {
+        if (! DataIntegritySuites.DATA_INTEGRITY_SUITE_DATAINTEGRITYPROOF.findCryptosuitesByJwsAlgorithm(algorithm).contains(cryptosuite)) {
             throw new GeneralSecurityException("Algorithm " + algorithm + " is not supported by cryptosuite " + cryptosuite);
         }
         if (log.isDebugEnabled()) log.debug("Determined algorithm {} and cryptosuite: {}", algorithm, cryptosuite);

src/main/java/com/danubetech/dataintegrity/verifier/LdVerifier.java

@@ -81,7 +81,7 @@ public boolean verify(JsonLDObject jsonLdObject) throws IOException, GeneralSecu
         return this.verify(jsonLdObject, dataIntegrityProof);
     }
 
-    public DataIntegritySuite getDataIntegritySuite() {
+    public DATAINTEGRITYSUITE getDataIntegritySuite() {
         return this.dataIntegritySuite;
     }
 

src/main/java/com/danubetech/dataintegrity/verifier/LdVerifierRegistry.java

@@ -1,7 +1,10 @@
 package com.danubetech.dataintegrity.verifier;
 
+import com.danubetech.dataintegrity.signer.LdSignerRegistry;
 import com.danubetech.dataintegrity.suites.DataIntegritySuite;
 import com.danubetech.dataintegrity.suites.DataIntegritySuites;
+import org.slf4j.Logger;
+import org.slf4j.LoggerFactory;
 
 import java.lang.reflect.InvocationTargetException;
 import java.lang.reflect.ParameterizedType;
@@ -11,6 +14,8 @@
 
 public class LdVerifierRegistry {
 
+    private static final Logger log = LoggerFactory.getLogger(LdVerifierRegistry.class);
+
     public static final List<Class<? extends LdVerifier<? extends DataIntegritySuite>>> LD_VERIFIERS = List.of(
             RsaSignature2018LdVerifier.class,
             Ed25519Signature2018LdVerifier.class,
@@ -35,15 +40,16 @@ public class LdVerifierRegistry {
         }
     }
 
-    public static LdVerifier<? extends DataIntegritySuite> getLdVerifierByDataIntegritySuiteTerm(String dataInegritySuiteTerm) {
-        Class<? extends LdVerifier<? extends DataIntegritySuite>> ldVerifierClass = LD_VERIFIERS_BY_DATA_INTEGRITY_SUITE_TERM.get(dataInegritySuiteTerm);
+    public static LdVerifier<? extends DataIntegritySuite> getLdVerifierByDataIntegritySuiteTerm(String dataIntegritySuiteTerm) {
+        Class<? extends LdVerifier<? extends DataIntegritySuite>> ldVerifierClass = LD_VERIFIERS_BY_DATA_INTEGRITY_SUITE_TERM.get(dataIntegritySuiteTerm);
         if (ldVerifierClass == null) throw new IllegalArgumentException();
         LdVerifier<? extends DataIntegritySuite> ldVerifier;
         try {
             ldVerifier = ldVerifierClass.getConstructor().newInstance();
         } catch (InstantiationException | IllegalAccessException | InvocationTargetException | NoSuchMethodException ex) {
             throw new RuntimeException(ex.getMessage(), ex);
         }
+        if (log.isDebugEnabled()) log.debug("Found LD verifier " + ldVerifier.getClass() + " for data integrity suite " + dataIntegritySuiteTerm);
         return ldVerifier;
     }