diff --git a/src/main/java/tng/trustnetwork/keydistribution/service/did/DidTrustListService.java b/src/main/java/tng/trustnetwork/keydistribution/service/did/DidTrustListService.java index b94cb70..14b691f 100644 --- a/src/main/java/tng/trustnetwork/keydistribution/service/did/DidTrustListService.java +++ b/src/main/java/tng/trustnetwork/keydistribution/service/did/DidTrustListService.java @@ -305,7 +305,9 @@ private String generateTrustList(DidSpecification specification, boolean onlyRef // Add Trusted Issuer (DID References) // TODO: Add filtering for TrustedIssuers - trustedIssuerEntities.forEach(did -> trustList.getVerificationMethod().add(did.getUrl())); + if (onlyReferences) { + trustedIssuerEntities.forEach(did -> trustList.getVerificationMethod().add(did.getUrl())); + } // Sign Document JsonWebSignature2020LdSigner signer = new JsonWebSignature2020LdSigner(byteSigner); diff --git a/src/main/java/tng/trustnetwork/keydistribution/service/did/entity/DidTrustListEntry.java b/src/main/java/tng/trustnetwork/keydistribution/service/did/entity/DidTrustListEntry.java index fa30153..6f91f73 100644 --- a/src/main/java/tng/trustnetwork/keydistribution/service/did/entity/DidTrustListEntry.java +++ b/src/main/java/tng/trustnetwork/keydistribution/service/did/entity/DidTrustListEntry.java @@ -86,8 +86,10 @@ public static class EcPublicKeyJwk extends PublicKeyJwk { */ public EcPublicKeyJwk(ECPublicKey ecPublicKey, List base64EncodedCertificates) { super("EC", base64EncodedCertificates); - valueX = Base64.getUrlEncoder().encodeToString(ecPublicKey.getW().getAffineX().toByteArray()); - valueY = Base64.getUrlEncoder().encodeToString(ecPublicKey.getW().getAffineY().toByteArray()); + valueX = Base64.getUrlEncoder().withoutPadding() + .encodeToString(ecPublicKey.getW().getAffineX().toByteArray()); + valueY = Base64.getUrlEncoder().withoutPadding() + .encodeToString(ecPublicKey.getW().getAffineY().toByteArray()); ECNamedCurveSpec curveSpec = (ECNamedCurveSpec) ecPublicKey.getParams(); switch (curveSpec.getName()) { @@ -118,7 +120,8 @@ public static class RsaPublicKeyJwk extends PublicKeyJwk { */ public RsaPublicKeyJwk(RSAPublicKey rsaPublicKey, List base64EncodedCertificates) { super("RSA", base64EncodedCertificates); - valueN = Base64.getUrlEncoder().encodeToString(rsaPublicKey.getModulus().toByteArray()); + valueN = Base64.getUrlEncoder().withoutPadding() + .encodeToString(rsaPublicKey.getModulus().toByteArray()); valueE = Base64.getUrlEncoder().encodeToString(rsaPublicKey.getPublicExponent().toByteArray()); } } diff --git a/src/test/java/tng/trustnetwork/keydistribution/service/DidTrustListServiceTest.java b/src/test/java/tng/trustnetwork/keydistribution/service/DidTrustListServiceTest.java index 940e371..75a678a 100644 --- a/src/test/java/tng/trustnetwork/keydistribution/service/DidTrustListServiceTest.java +++ b/src/test/java/tng/trustnetwork/keydistribution/service/DidTrustListServiceTest.java @@ -227,7 +227,7 @@ void testTrustList(boolean isEcAlgorithm) throws Exception { switch (parsed.getId()) { case "did:web:abc:trustlist": Assertions.assertEquals("did:web:abc:trustlist", parsed.getController()); - Assertions.assertEquals(7, parsed.getVerificationMethod().size()); + Assertions.assertEquals(4, parsed.getVerificationMethod().size()); assertVerificationMethod(getVerificationMethodByKid(parsed.getVerificationMethod(),"did:web:abc:trustlist#" + URLEncoder.encode(certDscDeKid, StandardCharsets.UTF_8)), certDscDeKid, certDscDe, certCscaDe, "did:web:abc:trustlist"); @@ -237,83 +237,62 @@ void testTrustList(boolean isEcAlgorithm) throws Exception { certDscEuKid, certDscEu, certCscaEu, "did:web:abc:trustlist"); assertVerificationMethod(getVerificationMethodByKid(parsed.getVerificationMethod(),"did:web:abc:trustlist#" + URLEncoder.encode(certCscaEuKid, StandardCharsets.UTF_8)), certCscaEuKid, certCscaEu, null, "did:web:abc:trustlist"); - - Assertions.assertTrue(parsed.getVerificationMethod().contains("did:trusted:DE:issuer")); - Assertions.assertTrue(parsed.getVerificationMethod().contains("did:trusted:EU:issuer")); - Assertions.assertTrue(parsed.getVerificationMethod().contains("did:trusted:XY:issuer")); break; + case "did:web:abc:trustlist:DCC:XEU:DSC": Assertions.assertEquals("did:web:abc:trustlist:DCC:XEU:DSC", parsed.getController()); Assertions.assertEquals(1, parsed.getVerificationMethod().size()); assertVerificationMethod(getVerificationMethodByKid(parsed.getVerificationMethod(),"did:web:abc:trustlist:DCC:XEU:DSC#" + URLEncoder.encode(certDscEuKid, StandardCharsets.UTF_8)), certDscEuKid, certDscEu, certCscaEu, "did:web:abc:trustlist:DCC:XEU:DSC"); - - Assertions.assertFalse(parsed.getVerificationMethod().contains("did:trusted:DE:issuer")); - Assertions.assertFalse(parsed.getVerificationMethod().contains("did:trusted:EU:issuer")); - Assertions.assertFalse(parsed.getVerificationMethod().contains("did:trusted:XY:issuer")); break; + case "did:web:abc:trustlist:DCC": Assertions.assertEquals("did:web:abc:trustlist:DCC", parsed.getController()); - Assertions.assertEquals(7, parsed.getVerificationMethod().size()); + Assertions.assertEquals(4, parsed.getVerificationMethod().size()); assertVerificationMethod(getVerificationMethodByKid(parsed.getVerificationMethod(),"did:web:abc:trustlist:DCC#" + URLEncoder.encode(certDscDeKid, StandardCharsets.UTF_8)), certDscDeKid, certDscDe, certCscaDe, "did:web:abc:trustlist:DCC"); assertVerificationMethod(getVerificationMethodByKid(parsed.getVerificationMethod(),"did:web:abc:trustlist:DCC#" + URLEncoder.encode(certDscEuKid, StandardCharsets.UTF_8)), certDscEuKid, certDscEu, certCscaEu, "did:web:abc:trustlist:DCC"); - - Assertions.assertTrue(parsed.getVerificationMethod().contains("did:trusted:DE:issuer")); - Assertions.assertTrue(parsed.getVerificationMethod().contains("did:trusted:EU:issuer")); - Assertions.assertTrue(parsed.getVerificationMethod().contains("did:trusted:XY:issuer")); break; + case "did:web:abc:trustlist:-:XEU": Assertions.assertEquals("did:web:abc:trustlist:-:XEU", parsed.getController()); - Assertions.assertEquals(3, parsed.getVerificationMethod().size()); + Assertions.assertEquals(2, parsed.getVerificationMethod().size()); assertVerificationMethod(getVerificationMethodByKid(parsed.getVerificationMethod(),"did:web:abc:trustlist:-:XEU#" + URLEncoder.encode(certCscaEuKid, StandardCharsets.UTF_8)), certCscaEuKid, certCscaEu, null, "did:web:abc:trustlist:-:XEU"); assertVerificationMethod(getVerificationMethodByKid(parsed.getVerificationMethod(),"did:web:abc:trustlist:-:XEU#" + URLEncoder.encode(certDscEuKid, StandardCharsets.UTF_8)), certDscEuKid, certDscEu, certCscaEu, "did:web:abc:trustlist:-:XEU"); - - Assertions.assertFalse(parsed.getVerificationMethod().contains("did:trusted:DE:issuer")); - Assertions.assertTrue(parsed.getVerificationMethod().contains("did:trusted:EU:issuer")); - Assertions.assertFalse(parsed.getVerificationMethod().contains("did:trusted:XY:issuer")); break; + case "did:web:abc:trustlist:-:DEU": Assertions.assertEquals("did:web:abc:trustlist:-:DEU", parsed.getController()); - Assertions.assertEquals(3, parsed.getVerificationMethod().size()); + Assertions.assertEquals(2, parsed.getVerificationMethod().size()); assertVerificationMethod(getVerificationMethodByKid(parsed.getVerificationMethod(),"did:web:abc:trustlist:-:DEU#" + URLEncoder.encode(certDscDeKid, StandardCharsets.UTF_8)), certDscDeKid, certDscDe, certCscaDe, "did:web:abc:trustlist:-:DEU"); assertVerificationMethod(getVerificationMethodByKid(parsed.getVerificationMethod(),"did:web:abc:trustlist:-:DEU#" + URLEncoder.encode(certCscaDeKid, StandardCharsets.UTF_8)), certCscaDeKid, certCscaDe, null, "did:web:abc:trustlist:-:DEU"); - - Assertions.assertTrue(parsed.getVerificationMethod().contains("did:trusted:DE:issuer")); - Assertions.assertFalse(parsed.getVerificationMethod().contains("did:trusted:EU:issuer")); - Assertions.assertFalse(parsed.getVerificationMethod().contains("did:trusted:XY:issuer")); break; + case "did:web:abc:trustlist:DCC:XEU:CSA": Assertions.assertEquals("did:web:abc:trustlist:DCC:XEU:CSA", parsed.getController()); Assertions.assertEquals(1, parsed.getVerificationMethod().size()); assertVerificationMethod(getVerificationMethodByKid(parsed.getVerificationMethod(),"did:web:abc:trustlist:DCC:XEU:CSA#" + URLEncoder.encode(certCscaEuKid, StandardCharsets.UTF_8)), certCscaEuKid, certCscaEu, null, "did:web:abc:trustlist:DCC:XEU:CSA"); - - Assertions.assertFalse(parsed.getVerificationMethod().contains("did:trusted:DE:issuer")); - Assertions.assertFalse(parsed.getVerificationMethod().contains("did:trusted:EU:issuer")); - Assertions.assertFalse(parsed.getVerificationMethod().contains("did:trusted:XY:issuer")); break; + case "did:web:abc:trustlist:DCC:DEU:DSC": Assertions.assertEquals("did:web:abc:trustlist:DCC:DEU:DSC", parsed.getController()); Assertions.assertEquals(1, parsed.getVerificationMethod().size()); assertVerificationMethod(getVerificationMethodByKid(parsed.getVerificationMethod(),"did:web:abc:trustlist:DCC:DEU:DSC#" + URLEncoder.encode(certDscDeKid, StandardCharsets.UTF_8)), certDscDeKid, certDscDe, certCscaDe, "did:web:abc:trustlist:DCC:DEU:DSC"); - - Assertions.assertFalse(parsed.getVerificationMethod().contains("did:trusted:DE:issuer")); - Assertions.assertFalse(parsed.getVerificationMethod().contains("did:trusted:EU:issuer")); - Assertions.assertFalse(parsed.getVerificationMethod().contains("did:trusted:XY:issuer")); break; + case "did:web:abc:trustlist:DCC:DEU:CSA": Assertions.assertEquals("did:web:abc:trustlist:DCC:DEU:CSA", parsed.getController()); Assertions.assertEquals(1, parsed.getVerificationMethod().size()); @@ -321,69 +300,52 @@ void testTrustList(boolean isEcAlgorithm) throws Exception { assertVerificationMethod(getVerificationMethodByKid(parsed.getVerificationMethod(),"did:web:abc:trustlist:DCC:DEU:CSA#" + URLEncoder.encode(certCscaDeKid, StandardCharsets.UTF_8)), certCscaDeKid, certCscaDe, null, "did:web:abc:trustlist:DCC:DEU:CSA"); - Assertions.assertFalse(parsed.getVerificationMethod().contains("did:trusted:DE:issuer")); - Assertions.assertFalse(parsed.getVerificationMethod().contains("did:trusted:EU:issuer")); - Assertions.assertFalse(parsed.getVerificationMethod().contains("did:trusted:XY:issuer")); break; + case "did:web:abc:trustlist:DCC:DEU": Assertions.assertEquals("did:web:abc:trustlist:DCC:DEU", parsed.getController()); - Assertions.assertEquals(3, parsed.getVerificationMethod().size()); + Assertions.assertEquals(2, parsed.getVerificationMethod().size()); assertVerificationMethod(getVerificationMethodByKid(parsed.getVerificationMethod(),"did:web:abc:trustlist:DCC:DEU#" + URLEncoder.encode(certDscDeKid, StandardCharsets.UTF_8)), certDscDeKid, certDscDe, certCscaDe, "did:web:abc:trustlist:DCC:DEU"); assertVerificationMethod(getVerificationMethodByKid(parsed.getVerificationMethod(),"did:web:abc:trustlist:DCC:DEU#" + URLEncoder.encode(certCscaDeKid, StandardCharsets.UTF_8)), certCscaDeKid, certCscaDe, null, "did:web:abc:trustlist:DCC:DEU"); - - Assertions.assertTrue(parsed.getVerificationMethod().contains("did:trusted:DE:issuer")); - Assertions.assertFalse(parsed.getVerificationMethod().contains("did:trusted:EU:issuer")); - Assertions.assertFalse(parsed.getVerificationMethod().contains("did:trusted:XY:issuer")); break; + case "did:web:abc:trustlist:DCC:XEU": Assertions.assertEquals("did:web:abc:trustlist:DCC:XEU", parsed.getController()); - Assertions.assertEquals(3, parsed.getVerificationMethod().size()); + Assertions.assertEquals(2, parsed.getVerificationMethod().size()); assertVerificationMethod(getVerificationMethodByKid(parsed.getVerificationMethod(),"did:web:abc:trustlist:DCC:XEU#" + URLEncoder.encode(certDscEuKid, StandardCharsets.UTF_8)), certDscEuKid, certDscEu, certCscaEu, "did:web:abc:trustlist:DCC:XEU"); assertVerificationMethod(getVerificationMethodByKid(parsed.getVerificationMethod(),"did:web:abc:trustlist:DCC:XEU#" + URLEncoder.encode(certCscaEuKid, StandardCharsets.UTF_8)), certCscaEuKid, certCscaEu, null, "did:web:abc:trustlist:DCC:XEU"); - - Assertions.assertFalse(parsed.getVerificationMethod().contains("did:trusted:DE:issuer")); - Assertions.assertTrue(parsed.getVerificationMethod().contains("did:trusted:EU:issuer")); - Assertions.assertFalse(parsed.getVerificationMethod().contains("did:trusted:XY:issuer")); break; + case "did:web:abc:trustlist:-:XEU:DSC": Assertions.assertEquals("did:web:abc:trustlist:-:XEU:DSC", parsed.getController()); Assertions.assertEquals(1, parsed.getVerificationMethod().size()); assertVerificationMethod(getVerificationMethodByKid(parsed.getVerificationMethod(),"did:web:abc:trustlist:-:XEU:DSC#" + URLEncoder.encode(certDscEuKid, StandardCharsets.UTF_8)), certDscEuKid, certDscEu, certCscaEu, "did:web:abc:trustlist:-:XEU:DSC"); - - Assertions.assertFalse(parsed.getVerificationMethod().contains("did:trusted:DE:issuer")); - Assertions.assertFalse(parsed.getVerificationMethod().contains("did:trusted:EU:issuer")); - Assertions.assertFalse(parsed.getVerificationMethod().contains("did:trusted:XY:issuer")); break; + case "did:web:abc:trustlist:-:DEU:DSC": Assertions.assertEquals("did:web:abc:trustlist:-:DEU:DSC", parsed.getController()); Assertions.assertEquals(1, parsed.getVerificationMethod().size()); assertVerificationMethod(getVerificationMethodByKid(parsed.getVerificationMethod(),"did:web:abc:trustlist:-:DEU:DSC#" + URLEncoder.encode(certDscDeKid, StandardCharsets.UTF_8)), certDscDeKid, certDscDe, certCscaDe, "did:web:abc:trustlist:-:DEU:DSC"); - - Assertions.assertFalse(parsed.getVerificationMethod().contains("did:trusted:DE:issuer")); - Assertions.assertFalse(parsed.getVerificationMethod().contains("did:trusted:EU:issuer")); - Assertions.assertFalse(parsed.getVerificationMethod().contains("did:trusted:XY:issuer")); break; + case "did:web:abc:trustlist:-:DEU:CSA": Assertions.assertEquals("did:web:abc:trustlist:-:DEU:CSA", parsed.getController()); Assertions.assertEquals(1, parsed.getVerificationMethod().size()); assertVerificationMethod(getVerificationMethodByKid(parsed.getVerificationMethod(),"did:web:abc:trustlist:-:DEU:CSA#" + URLEncoder.encode(certCscaDeKid, StandardCharsets.UTF_8)), certCscaDeKid, certCscaDe, null, "did:web:abc:trustlist:-:DEU:CSA"); - - Assertions.assertFalse(parsed.getVerificationMethod().contains("did:trusted:DE:issuer")); - Assertions.assertFalse(parsed.getVerificationMethod().contains("did:trusted:EU:issuer")); - Assertions.assertFalse(parsed.getVerificationMethod().contains("did:trusted:XY:issuer")); break; + case "did:web:abc:trustlist:-:-:CSA": Assertions.assertEquals("did:web:abc:trustlist:-:-:CSA", parsed.getController()); Assertions.assertEquals(2, parsed.getVerificationMethod().size()); @@ -392,11 +354,8 @@ void testTrustList(boolean isEcAlgorithm) throws Exception { certCscaEuKid, certCscaEu, null, "did:web:abc:trustlist:-:-:CSA"); assertVerificationMethod(getVerificationMethodByKid(parsed.getVerificationMethod(),"did:web:abc:trustlist:-:-:CSA#" + URLEncoder.encode(certCscaDeKid, StandardCharsets.UTF_8)), certCscaDeKid, certCscaDe, null, "did:web:abc:trustlist:-:-:CSA"); - - Assertions.assertFalse(parsed.getVerificationMethod().contains("did:trusted:DE:issuer")); - Assertions.assertFalse(parsed.getVerificationMethod().contains("did:trusted:EU:issuer")); - Assertions.assertFalse(parsed.getVerificationMethod().contains("did:trusted:XY:issuer")); break; + case "did:web:abc:trustlist:-:-:DSC": Assertions.assertEquals("did:web:abc:trustlist:-:-:DSC", parsed.getController()); Assertions.assertEquals(2, parsed.getVerificationMethod().size()); @@ -405,22 +364,16 @@ void testTrustList(boolean isEcAlgorithm) throws Exception { certDscEuKid, certDscEu, certCscaEu, "did:web:abc:trustlist:-:-:DSC"); assertVerificationMethod(getVerificationMethodByKid(parsed.getVerificationMethod(),"did:web:abc:trustlist:-:-:DSC#" + URLEncoder.encode(certDscDeKid, StandardCharsets.UTF_8)), certDscDeKid, certDscDe, certCscaDe, "did:web:abc:trustlist:-:-:DSC"); - - Assertions.assertFalse(parsed.getVerificationMethod().contains("did:trusted:DE:issuer")); - Assertions.assertFalse(parsed.getVerificationMethod().contains("did:trusted:EU:issuer")); - Assertions.assertFalse(parsed.getVerificationMethod().contains("did:trusted:XY:issuer")); break; + case "did:web:abc:trustlist:-:XEU:CSA": Assertions.assertEquals("did:web:abc:trustlist:-:XEU:CSA", parsed.getController()); Assertions.assertEquals(1, parsed.getVerificationMethod().size()); assertVerificationMethod(getVerificationMethodByKid(parsed.getVerificationMethod(),"did:web:abc:trustlist:-:XEU:CSA#" + URLEncoder.encode(certCscaEuKid, StandardCharsets.UTF_8)), certCscaEuKid, certCscaEu, null, "did:web:abc:trustlist:-:XEU:CSA"); - - Assertions.assertFalse(parsed.getVerificationMethod().contains("did:trusted:DE:issuer")); - Assertions.assertFalse(parsed.getVerificationMethod().contains("did:trusted:EU:issuer")); - Assertions.assertFalse(parsed.getVerificationMethod().contains("did:trusted:XY:issuer")); break; + case "did:web:abc:trustlist:DCC:-:DSC": Assertions.assertEquals("did:web:abc:trustlist:DCC:-:DSC", parsed.getController()); Assertions.assertEquals(2, parsed.getVerificationMethod().size()); @@ -429,11 +382,8 @@ void testTrustList(boolean isEcAlgorithm) throws Exception { certDscDeKid, certDscDe, certCscaDe, "did:web:abc:trustlist:DCC:-:DSC"); assertVerificationMethod(getVerificationMethodByKid(parsed.getVerificationMethod(),"did:web:abc:trustlist:DCC:-:DSC#" + URLEncoder.encode(certDscEuKid, StandardCharsets.UTF_8)), certDscEuKid, certDscEu, certCscaEu, "did:web:abc:trustlist:DCC:-:DSC"); - - Assertions.assertFalse(parsed.getVerificationMethod().contains("did:trusted:DE:issuer")); - Assertions.assertFalse(parsed.getVerificationMethod().contains("did:trusted:EU:issuer")); - Assertions.assertFalse(parsed.getVerificationMethod().contains("did:trusted:XY:issuer")); break; + case "did:web:abc:trustlist:DCC:-:CSA": Assertions.assertEquals("did:web:abc:trustlist:DCC:-:CSA", parsed.getController()); Assertions.assertEquals(2, parsed.getVerificationMethod().size()); @@ -442,27 +392,36 @@ void testTrustList(boolean isEcAlgorithm) throws Exception { certCscaDeKid, certCscaDe, null, "did:web:abc:trustlist:DCC:-:CSA"); assertVerificationMethod(getVerificationMethodByKid(parsed.getVerificationMethod(),"did:web:abc:trustlist:DCC:-:CSA#" + URLEncoder.encode(certCscaEuKid, StandardCharsets.UTF_8)), certCscaEuKid, certCscaEu, null, "did:web:abc:trustlist:DCC:-:CSA"); + break; + case "did:web:abc:trustlist:-:XY": + Assertions.assertEquals("did:web:abc:trustlist:-:XY", parsed.getController()); + Assertions.assertEquals(0, parsed.getVerificationMethod().size()); + break; + + case "did:web:abc:trustlist:DCC:XY": + Assertions.assertEquals("did:web:abc:trustlist:DCC:XY", parsed.getController()); + Assertions.assertEquals(0, parsed.getVerificationMethod().size()); + break; + + case "did:web:abc:trustlist-ref:DCC:EU": Assertions.assertFalse(parsed.getVerificationMethod().contains("did:trusted:DE:issuer")); - Assertions.assertFalse(parsed.getVerificationMethod().contains("did:trusted:EU:issuer")); + Assertions.assertTrue(parsed.getVerificationMethod().contains("did:trusted:EU:issuer")); Assertions.assertFalse(parsed.getVerificationMethod().contains("did:trusted:XY:issuer")); break; - case "did:web:abc:trustlist:-:XY": - Assertions.assertEquals("did:web:abc:trustlist:-:XY", parsed.getController()); - Assertions.assertEquals(1, parsed.getVerificationMethod().size()); + case "did:web:abc:trustlist-ref:DCC:XY": Assertions.assertFalse(parsed.getVerificationMethod().contains("did:trusted:DE:issuer")); Assertions.assertFalse(parsed.getVerificationMethod().contains("did:trusted:EU:issuer")); Assertions.assertTrue(parsed.getVerificationMethod().contains("did:trusted:XY:issuer")); break; - case "did:web:abc:trustlist:DCC:XY": - Assertions.assertEquals("did:web:abc:trustlist:DCC:XY", parsed.getController()); - Assertions.assertEquals(1, parsed.getVerificationMethod().size()); - Assertions.assertFalse(parsed.getVerificationMethod().contains("did:trusted:DE:issuer")); + case "did:web:abc:trustlist-ref:DCC:DE": + Assertions.assertTrue(parsed.getVerificationMethod().contains("did:trusted:DE:issuer")); Assertions.assertFalse(parsed.getVerificationMethod().contains("did:trusted:EU:issuer")); - Assertions.assertTrue(parsed.getVerificationMethod().contains("did:trusted:XY:issuer")); + Assertions.assertFalse(parsed.getVerificationMethod().contains("did:trusted:XY:issuer")); break; + default: if (!parsed.getId().contains("trustlist-ref")) { Assertions.fail("Unexpected Document in DID Collection! (" + parsed.getId() + ")");