Skip to content

Commit

Permalink
fix : Alignment on did controller and exception handling during publi…
Browse files Browse the repository at this point in the history 
…cKey generation to continue the export. (#47)

* commit : Alignment on did controller and exception handling during publickey generation to continue the export.

* Update DidTrustListService logger for pulbickey export generation
  • Loading branch information
@dattatrayamote
dattatrayamote authored Oct 22, 2024
1 parent f4a3e42 commit 640362f
Show file tree
Hide file tree
Showing 2 changed files with 59 additions and 35 deletions.
49 changes: 37 additions & 12 deletions src/main/java/tng/trustnetwork/keydistribution/service/did/DidTrustListService.java
View file
Original file line number Diff line number Diff line change
Expand Up @@ -130,6 +130,15 @@ public String getDocumentId(boolean ref) {
+ String.join(SEPARATOR_DID_PATH, path));
}

public String getControllerId(boolean ref) {
//Example Id: did:web:tng-cdn-dev.who.int:trustlist:v.2.0.0:DDCC:XXA:DSC
//Controller Id: did:web:tng-cdn-dev.who.int:trustlist:v.2.0.0:DDCC:XXA
return configProperties.getDid().getDidId()
+ SEPARATOR_DID_PATH + getListPathElement(ref)
+ (path.size() <= 1 ? "" : SEPARATOR_DID_PATH
+ String.join(SEPARATOR_DID_PATH, path.subList(0, path.size() - 1)));
}

public String getEntryId(String kid) {
//Example: did:web:tng-cdn-dev.who.int:trustlist:v.2.0.0:DDCC:XXA:DSC#kidkidkid
return getDocumentId(false) + SEPARATOR_DID_ID + kid;
Expand Down Expand Up @@ -470,7 +479,7 @@ private String generateTrustList(DidSpecification specification, boolean onlyRef
DidTrustList trustList = new DidTrustList();
trustList.setContext(DID_CONTEXTS);
trustList.setId(specification.getDocumentId(onlyReferences));
trustList.setController(specification.getDocumentId(onlyReferences));
trustList.setController(specification.getControllerId(onlyReferences));
trustList.setVerificationMethod(new ArrayList<>());

// Add Certificates
Expand Down Expand Up @@ -525,18 +534,34 @@ private String generateTrustList(DidSpecification specification, boolean onlyRef

PublicKey publicKey = parsedCertificate.getPublicKey();
DidTrustListEntry.PublicKeyJwk publicKeyJwk = null;
if (publicKey instanceof RSAPublicKey rsaPublicKey) {
publicKeyJwk = new DidTrustListEntry.RsaPublicKeyJwk(
rsaPublicKey, List.of(signerInformationEntity.getRawData()));

} else if (publicKey instanceof ECPublicKey ecPublicKey) {
publicKeyJwk = new DidTrustListEntry.EcPublicKeyJwk(
ecPublicKey, List.of(signerInformationEntity.getRawData()));
try {
if (publicKey instanceof RSAPublicKey rsaPublicKey) {
publicKeyJwk = new DidTrustListEntry.RsaPublicKeyJwk(
rsaPublicKey, List.of(signerInformationEntity.getRawData()));

} else {
log.error("Public Key is not RSA or EC Public Key for cert {} of country {}",
signerInformationEntity.getKid(),
signerInformationEntity.getCountry());
} else if (publicKey instanceof ECPublicKey ecPublicKey) {
publicKeyJwk = new DidTrustListEntry.EcPublicKeyJwk(
ecPublicKey, List.of(signerInformationEntity.getRawData()));

} else {
log.error("Public Key is not RSA or EC Public Key for cert {} of country {}",
signerInformationEntity.getKid(),
signerInformationEntity.getCountry());

continue;
}

} catch (Exception ex) {
String failedFor = " Domain -- " + signerInformationEntity.getDomain() + ","
+ " Country -- " + signerInformationEntity.getCountry() + ","
+ " Group -- " + signerInformationEntity.getGroup() + ","
+ " KID -- " + signerInformationEntity.getKid();

log.error("PublicKey Export Generation Failed for : [" + failedFor + " ]"
+ "\n" + " Exception : " + ex.getMessage());

continue;
}

addTrustListEntry(trustList, specification, signerInformationEntity, publicKeyJwk);
Expand Down Expand Up @@ -596,7 +621,7 @@ private void addTrustListEntry(DidTrustList trustList,
DidTrustListEntry trustListEntry = new DidTrustListEntry();
trustListEntry.setType("JsonWebKey2020");
trustListEntry.setId(specification.generateTrustListVerificationId(signerInformationEntity));
trustListEntry.setController(specification.getDocumentId(false));
trustListEntry.setController(specification.getControllerId(false));
publicKeyJwk.setKid(encodeKid(signerInformationEntity.getKid()));
trustListEntry.setPublicKeyJwk(publicKeyJwk);

Expand Down
45 changes: 22 additions & 23 deletions src/test/java/tng/trustnetwork/keydistribution/service/DidTrustListServiceTest.java
View file
Original file line number Diff line number Diff line change
Expand Up @@ -240,7 +240,7 @@ void testTrustList(boolean isEcAlgorithm) throws Exception {
certCscaEuKid, certCscaEu, null, "did:web:abc:trustlist");
break;
case "did:web:abc:trustlist:-":
Assertions.assertEquals("did:web:abc:trustlist:-", parsed.getController());
Assertions.assertEquals("did:web:abc:trustlist", parsed.getController());
Assertions.assertEquals(4, parsed.getVerificationMethod().size());

assertVerificationMethod(getVerificationMethodByKid(parsed.getVerificationMethod(),"did:web:abc:trustlist:-",encodeKid(certDscDeKid)),
Expand All @@ -254,7 +254,7 @@ void testTrustList(boolean isEcAlgorithm) throws Exception {
break;

case "did:web:abc:trustlist:-:-":
Assertions.assertEquals("did:web:abc:trustlist:-:-", parsed.getController());
Assertions.assertEquals("did:web:abc:trustlist:-", parsed.getController());
Assertions.assertEquals(4, parsed.getVerificationMethod().size());

assertVerificationMethod(getVerificationMethodByKid(parsed.getVerificationMethod(),"did:web:abc:trustlist:-:-",encodeKid(certDscDeKid)),
Expand All @@ -264,7 +264,7 @@ void testTrustList(boolean isEcAlgorithm) throws Exception {
break;

case "did:web:abc:trustlist:DCC:-":
Assertions.assertEquals("did:web:abc:trustlist:DCC:-", parsed.getController());
Assertions.assertEquals("did:web:abc:trustlist:DCC", parsed.getController());
Assertions.assertEquals(4, parsed.getVerificationMethod().size());

assertVerificationMethod(getVerificationMethodByKid(parsed.getVerificationMethod(),"did:web:abc:trustlist:DCC:-",encodeKid(certDscDeKid)),
Expand All @@ -275,15 +275,15 @@ void testTrustList(boolean isEcAlgorithm) throws Exception {


case "did:web:abc:trustlist:DCC:XEU:DSC":
Assertions.assertEquals("did:web:abc:trustlist:DCC:XEU:DSC", parsed.getController());
Assertions.assertEquals("did:web:abc:trustlist:DCC:XEU", parsed.getController());
Assertions.assertEquals(1, parsed.getVerificationMethod().size());

assertVerificationMethod(getVerificationMethodByKid(parsed.getVerificationMethod(),"did:web:abc:trustlist:DCC:XEU:DSC",encodeKid(certDscEuKid)),
certDscEuKid, certDscEu, certCscaEu, "did:web:abc:trustlist:DCC:XEU:DSC");
break;

case "did:web:abc:trustlist:DCC":
Assertions.assertEquals("did:web:abc:trustlist:DCC", parsed.getController());
Assertions.assertEquals("did:web:abc:trustlist", parsed.getController());
Assertions.assertEquals(4, parsed.getVerificationMethod().size());

assertVerificationMethod(getVerificationMethodByKid(parsed.getVerificationMethod(),"did:web:abc:trustlist:DCC", encodeKid(certDscDeKid)),
Expand All @@ -293,7 +293,7 @@ void testTrustList(boolean isEcAlgorithm) throws Exception {
break;

case "did:web:abc:trustlist:-:XEU":
Assertions.assertEquals("did:web:abc:trustlist:-:XEU", parsed.getController());
Assertions.assertEquals("did:web:abc:trustlist:-", parsed.getController());
Assertions.assertEquals(2, parsed.getVerificationMethod().size());

assertVerificationMethod(getVerificationMethodByKid(parsed.getVerificationMethod(),"did:web:abc:trustlist:-:XEU",encodeKid(certCscaEuKid)),
Expand All @@ -303,7 +303,7 @@ void testTrustList(boolean isEcAlgorithm) throws Exception {
break;

case "did:web:abc:trustlist:-:DEU":
Assertions.assertEquals("did:web:abc:trustlist:-:DEU", parsed.getController());
Assertions.assertEquals("did:web:abc:trustlist:-", parsed.getController());
Assertions.assertEquals(2, parsed.getVerificationMethod().size());

assertVerificationMethod(getVerificationMethodByKid(parsed.getVerificationMethod(),"did:web:abc:trustlist:-:DEU",encodeKid(certDscDeKid)),
Expand All @@ -313,23 +313,23 @@ void testTrustList(boolean isEcAlgorithm) throws Exception {
break;

case "did:web:abc:trustlist:DCC:XEU:CSA":
Assertions.assertEquals("did:web:abc:trustlist:DCC:XEU:CSA", parsed.getController());
Assertions.assertEquals("did:web:abc:trustlist:DCC:XEU", parsed.getController());
Assertions.assertEquals(1, parsed.getVerificationMethod().size());

assertVerificationMethod(getVerificationMethodByKid(parsed.getVerificationMethod(),"did:web:abc:trustlist:DCC:XEU:CSA",encodeKid(certCscaEuKid)),
certCscaEuKid, certCscaEu, null, "did:web:abc:trustlist:DCC:XEU:CSA");
break;

case "did:web:abc:trustlist:DCC:DEU:DSC":
Assertions.assertEquals("did:web:abc:trustlist:DCC:DEU:DSC", parsed.getController());
Assertions.assertEquals("did:web:abc:trustlist:DCC:DEU", parsed.getController());
Assertions.assertEquals(1, parsed.getVerificationMethod().size());

assertVerificationMethod(getVerificationMethodByKid(parsed.getVerificationMethod(),"did:web:abc:trustlist:DCC:DEU:DSC",encodeKid(certDscDeKid)),
certDscDeKid, certDscDe, certCscaDe, "did:web:abc:trustlist:DCC:DEU:DSC");
break;

case "did:web:abc:trustlist:DCC:DEU:CSA":
Assertions.assertEquals("did:web:abc:trustlist:DCC:DEU:CSA", parsed.getController());
Assertions.assertEquals("did:web:abc:trustlist:DCC:DEU", parsed.getController());
Assertions.assertEquals(1, parsed.getVerificationMethod().size());

assertVerificationMethod(getVerificationMethodByKid(parsed.getVerificationMethod(),"did:web:abc:trustlist:DCC:DEU:CSA",encodeKid(certCscaDeKid)),
Expand All @@ -338,7 +338,7 @@ void testTrustList(boolean isEcAlgorithm) throws Exception {
break;

case "did:web:abc:trustlist:DCC:DEU":
Assertions.assertEquals("did:web:abc:trustlist:DCC:DEU", parsed.getController());
Assertions.assertEquals("did:web:abc:trustlist:DCC", parsed.getController());
Assertions.assertEquals(2, parsed.getVerificationMethod().size());

assertVerificationMethod(getVerificationMethodByKid(parsed.getVerificationMethod(),"did:web:abc:trustlist:DCC:DEU",encodeKid(certDscDeKid)),
Expand All @@ -348,7 +348,7 @@ void testTrustList(boolean isEcAlgorithm) throws Exception {
break;

case "did:web:abc:trustlist:DCC:XEU":
Assertions.assertEquals("did:web:abc:trustlist:DCC:XEU", parsed.getController());
Assertions.assertEquals("did:web:abc:trustlist:DCC", parsed.getController());
Assertions.assertEquals(2, parsed.getVerificationMethod().size());

assertVerificationMethod(getVerificationMethodByKid(parsed.getVerificationMethod(),"did:web:abc:trustlist:DCC:XEU",encodeKid(certDscEuKid)),
Expand All @@ -358,31 +358,31 @@ void testTrustList(boolean isEcAlgorithm) throws Exception {
break;

case "did:web:abc:trustlist:-:XEU:DSC":
Assertions.assertEquals("did:web:abc:trustlist:-:XEU:DSC", parsed.getController());
Assertions.assertEquals("did:web:abc:trustlist:-:XEU", parsed.getController());
Assertions.assertEquals(1, parsed.getVerificationMethod().size());

assertVerificationMethod(getVerificationMethodByKid(parsed.getVerificationMethod(),"did:web:abc:trustlist:-:XEU:DSC",encodeKid(certDscEuKid)),
certDscEuKid, certDscEu, certCscaEu, "did:web:abc:trustlist:-:XEU:DSC");
break;

case "did:web:abc:trustlist:-:DEU:DSC":
Assertions.assertEquals("did:web:abc:trustlist:-:DEU:DSC", parsed.getController());
Assertions.assertEquals("did:web:abc:trustlist:-:DEU", parsed.getController());
Assertions.assertEquals(1, parsed.getVerificationMethod().size());

assertVerificationMethod(getVerificationMethodByKid(parsed.getVerificationMethod(),"did:web:abc:trustlist:-:DEU:DSC",encodeKid(certDscDeKid)),
certDscDeKid, certDscDe, certCscaDe, "did:web:abc:trustlist:-:DEU:DSC");
break;

case "did:web:abc:trustlist:-:DEU:CSA":
Assertions.assertEquals("did:web:abc:trustlist:-:DEU:CSA", parsed.getController());
Assertions.assertEquals("did:web:abc:trustlist:-:DEU", parsed.getController());
Assertions.assertEquals(1, parsed.getVerificationMethod().size());

assertVerificationMethod(getVerificationMethodByKid(parsed.getVerificationMethod(),"did:web:abc:trustlist:-:DEU:CSA",encodeKid(certCscaDeKid)),
certCscaDeKid, certCscaDe, null, "did:web:abc:trustlist:-:DEU:CSA");
break;

case "did:web:abc:trustlist:-:-:CSA":
Assertions.assertEquals("did:web:abc:trustlist:-:-:CSA", parsed.getController());
Assertions.assertEquals("did:web:abc:trustlist:-:-", parsed.getController());
Assertions.assertEquals(2, parsed.getVerificationMethod().size());

assertVerificationMethod(getVerificationMethodByKid(parsed.getVerificationMethod(),"did:web:abc:trustlist:-:-:CSA",encodeKid(certCscaEuKid)),
Expand All @@ -392,7 +392,7 @@ void testTrustList(boolean isEcAlgorithm) throws Exception {
break;

case "did:web:abc:trustlist:-:-:DSC":
Assertions.assertEquals("did:web:abc:trustlist:-:-:DSC", parsed.getController());
Assertions.assertEquals("did:web:abc:trustlist:-:-", parsed.getController());
Assertions.assertEquals(2, parsed.getVerificationMethod().size());

assertVerificationMethod(getVerificationMethodByKid(parsed.getVerificationMethod(),"did:web:abc:trustlist:-:-:DSC",encodeKid(certDscEuKid)),
Expand All @@ -402,15 +402,15 @@ void testTrustList(boolean isEcAlgorithm) throws Exception {
break;

case "did:web:abc:trustlist:-:XEU:CSA":
Assertions.assertEquals("did:web:abc:trustlist:-:XEU:CSA", parsed.getController());
Assertions.assertEquals("did:web:abc:trustlist:-:XEU", parsed.getController());
Assertions.assertEquals(1, parsed.getVerificationMethod().size());

assertVerificationMethod(getVerificationMethodByKid(parsed.getVerificationMethod(),"did:web:abc:trustlist:-:XEU:CSA",encodeKid(certCscaEuKid)),
certCscaEuKid, certCscaEu, null, "did:web:abc:trustlist:-:XEU:CSA");
break;

case "did:web:abc:trustlist:DCC:-:DSC":
Assertions.assertEquals("did:web:abc:trustlist:DCC:-:DSC", parsed.getController());
Assertions.assertEquals("did:web:abc:trustlist:DCC:-", parsed.getController());
Assertions.assertEquals(2, parsed.getVerificationMethod().size());

assertVerificationMethod(getVerificationMethodByKid(parsed.getVerificationMethod(),"did:web:abc:trustlist:DCC:-:DSC",encodeKid(certDscDeKid)),
Expand All @@ -420,7 +420,7 @@ void testTrustList(boolean isEcAlgorithm) throws Exception {
break;

case "did:web:abc:trustlist:DCC:-:CSA":
Assertions.assertEquals("did:web:abc:trustlist:DCC:-:CSA", parsed.getController());
Assertions.assertEquals("did:web:abc:trustlist:DCC:-", parsed.getController());
Assertions.assertEquals(2, parsed.getVerificationMethod().size());

assertVerificationMethod(getVerificationMethodByKid(parsed.getVerificationMethod(),"did:web:abc:trustlist:DCC:-:CSA",encodeKid(certCscaDeKid)),
Expand All @@ -430,12 +430,12 @@ void testTrustList(boolean isEcAlgorithm) throws Exception {
break;

case "did:web:abc:trustlist:-:XY":
Assertions.assertEquals("did:web:abc:trustlist:-:XY", parsed.getController());
Assertions.assertEquals("did:web:abc:trustlist:-", parsed.getController());
Assertions.assertEquals(0, parsed.getVerificationMethod().size());
break;

case "did:web:abc:trustlist:DCC:XY":
Assertions.assertEquals("did:web:abc:trustlist:DCC:XY", parsed.getController());
Assertions.assertEquals("did:web:abc:trustlist:DCC", parsed.getController());
Assertions.assertEquals(0, parsed.getVerificationMethod().size());
break;

Expand Down Expand Up @@ -502,7 +502,6 @@ private void assertVerificationMethod(Object in, String kid, X509Certificate dsc

LinkedHashMap<?, ?> jsonNode = (LinkedHashMap<?, ?>) in;
Assertions.assertEquals("JsonWebKey2020", jsonNode.get("type"));
Assertions.assertEquals(parentDidId, jsonNode.get("controller"));
Assertions.assertTrue(jsonNode.get("id").toString().contains(parentDidId) && jsonNode.get("id").toString().contains(encodeKid(kid)));;


Expand Down

0 comments on commit 640362f

Please sign in to comment.