vdr/didkey/resolver.go
/*
* Copyright (C) 2023 Nuts community
*
* This program is free software: you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation, either version 3 of the License, or
* (at your option) any later version.
*
* This program is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License
* along with this program. If not, see <https://www.gnu.org/licenses/>.
*
*/
package didkey
import (
"bytes"
"crypto"
"crypto/ecdsa"
"crypto/ed25519"
"crypto/elliptic"
"crypto/x509"
"encoding/binary"
"errors"
"fmt"
"github.com/lestrrat-go/jwx/v2/x25519"
"github.com/mr-tron/base58"
"github.com/multiformats/go-multicodec"
ssi "github.com/nuts-foundation/go-did"
"github.com/nuts-foundation/go-did/did"
"github.com/nuts-foundation/nuts-node/vdr/resolver"
"io"
)
// MethodName is the name of this DID method.
const MethodName = "key"
var _ resolver.DIDResolver = &Resolver{}
var errInvalidPublicKeyLength = errors.New("invalid did:key: invalid public key length")
// NewResolver creates a new Resolver.
func NewResolver() *Resolver {
return &Resolver{}
}
type Resolver struct {
}
func (r Resolver) Resolve(id did.DID, _ *resolver.ResolveMetadata) (*did.Document, *resolver.DocumentMetadata, error) {
if id.Method != MethodName {
return nil, nil, fmt.Errorf("unsupported DID method: %s", id.Method)
}
encodedKey := id.ID
if len(encodedKey) == 0 || encodedKey[0] != 'z' {
return nil, nil, errors.New("did:key does not start with 'z'")
}
mcBytes, err := base58.DecodeAlphabet(encodedKey[1:], base58.BTCAlphabet)
if err != nil {
return nil, nil, fmt.Errorf("did:key: invalid base58btc: %w", err)
}
reader := bytes.NewReader(mcBytes)
keyType, err := binary.ReadUvarint(reader)
if err != nil {
return nil, nil, fmt.Errorf("did:key: invalid multicodec value: %w", err)
}
// See https://w3c-ccg.github.io/did-method-key/#signature-method-creation-algorithm
var key crypto.PublicKey
mcBytes, _ = io.ReadAll(reader)
keyLength := len(mcBytes)
switch multicodec.Code(keyType) {
case multicodec.Bls12_381G2Pub:
return nil, nil, errors.New("did:key: bls12381 public keys are not supported")
case multicodec.X25519Pub:
if keyLength != 32 {
return nil, nil, errInvalidPublicKeyLength
}
key = x25519.PublicKey(mcBytes)
case multicodec.Ed25519Pub:
if keyLength != 32 {
return nil, nil, errInvalidPublicKeyLength
}
key = ed25519.PublicKey(mcBytes)
case multicodec.Secp256k1Pub:
// lestrrat/jwk.FromRaw() is missing support for secp256k1
return nil, nil, errors.New("did:key: secp256k1 public keys are not supported")
case multicodec.P256Pub:
if key, err = unmarshalEC(elliptic.P256(), 33, mcBytes); err != nil {
return nil, nil, err
}
case multicodec.P384Pub:
if key, err = unmarshalEC(elliptic.P384(), 49, mcBytes); err != nil {
return nil, nil, err
}
case multicodec.P521Pub:
key, _ = unmarshalEC(elliptic.P521(), -1, mcBytes)
case multicodec.RsaPub:
rsaKey, err := x509.ParsePKCS1PublicKey(mcBytes)
if err != nil {
return nil, nil, fmt.Errorf("did:key: invalid PKCS#1 encoded RSA public key: %w", err)
}
// Safe RSA keys must be at least 2048 bits
if rsaKey.Size() < 256 {
return nil, nil, errors.New("did:key: RSA public key is too small (must be at least 2048 bits)")
}
key = rsaKey
default:
return nil, nil, fmt.Errorf("did:key: unsupported public key type: 0x%x", keyType)
}
document := did.Document{
Context: []interface{}{
ssi.MustParseURI("https://w3c-ccg.github.io/lds-jws2020/contexts/lds-jws2020-v1.json"),
did.DIDContextV1URI(),
},
ID: id,
}
keyID := did.DIDURL{DID: id}
keyID.Fragment = id.ID
vm, err := did.NewVerificationMethod(keyID, ssi.JsonWebKey2020, id, key)
if err != nil {
return nil, nil, err
}
document.AddAssertionMethod(vm)
document.AddAuthenticationMethod(vm)
document.AddKeyAgreement(vm)
document.AddCapabilityDelegation(vm)
document.AddCapabilityInvocation(vm)
return &document, &resolver.DocumentMetadata{}, nil
}
func unmarshalEC(curve elliptic.Curve, expectedLen int, pubKeyBytes []byte) (ecdsa.PublicKey, error) {
if expectedLen != -1 && len(pubKeyBytes) != expectedLen {
return ecdsa.PublicKey{}, errInvalidPublicKeyLength
}
x, y := elliptic.UnmarshalCompressed(curve, pubKeyBytes)
return ecdsa.PublicKey{Curve: curve, X: x, Y: y}, nil
}