From dc3bbe9652408ba210333e766158b7d4b1db85e3 Mon Sep 17 00:00:00 2001
From: Maxence Lange <maxence@artificial-owl.com>
Date: Fri, 4 Jan 2019 09:32:50 -0100
Subject: set nonce

Signed-off-by: Maxence Lange <maxence@artificial-owl.com>
---
 lib/Model/LinkedDataSignature.php | 24 ++++++++++++++++++++++++
 1 file changed, 24 insertions(+)

(limited to 'lib/Model')

diff --git a/lib/Model/LinkedDataSignature.php b/lib/Model/LinkedDataSignature.php
index 689a5091..4e862b67 100644
--- a/lib/Model/LinkedDataSignature.php
+++ b/lib/Model/LinkedDataSignature.php
@@ -56,6 +56,9 @@ class LinkedDataSignature implements JsonSerializable {
 	/** @var string */
 	private $created = '';
 
+	/** @var string */
+	private $nonce = '';
+
 	/** @var string */
 	private $signatureValue = '';
 
@@ -111,6 +114,26 @@ class LinkedDataSignature implements JsonSerializable {
 		return $this;
 	}
 
+
+	/**
+	 * @return string
+	 */
+	public function getNonce(): string {
+		return $this->nonce;
+	}
+
+	/**
+	 * @param string $nonce
+	 *
+	 * @return LinkedDataSignature
+	 */
+	public function setNonce(string $nonce): LinkedDataSignature {
+		$this->nonce = $nonce;
+
+		return $this;
+	}
+
+
 	/**
 	 * @return string
 	 */
@@ -293,6 +316,7 @@ class LinkedDataSignature implements JsonSerializable {
 
 		$this->setType($this->get('type', $signature, ''));
 		$this->setCreator($this->get('creator', $signature, ''));
+		$this->setNonce($this->get('nonce', $signature, ''));
 		$this->setCreated($this->get('created', $signature, ''));
 		$this->setSignatureValue($this->get('signatureValue', $signature, ''));
 
-- 
cgit v1.2.3


From 721a060b485fdbe448a68088c94db89a46236fb6 Mon Sep 17 00:00:00 2001
From: Maxence Lange <maxence@artificial-owl.com>
Date: Fri, 4 Jan 2019 09:34:57 -0100
Subject: add nonce to hash

Signed-off-by: Maxence Lange <maxence@artificial-owl.com>
---
 lib/Model/LinkedDataSignature.php | 25 ++++++++++++++++++++-----
 1 file changed, 20 insertions(+), 5 deletions(-)

(limited to 'lib/Model')

diff --git a/lib/Model/LinkedDataSignature.php b/lib/Model/LinkedDataSignature.php
index 4e862b67..0244e6ba 100644
--- a/lib/Model/LinkedDataSignature.php
+++ b/lib/Model/LinkedDataSignature.php
@@ -260,19 +260,23 @@ class LinkedDataSignature implements JsonSerializable {
 
 		$header = [
 			'@context' => 'https://w3id.org/identity/v1',
+			'nonce'    => $this->getNonce(),
 			'creator'  => $this->getCreator(),
 			'created'  => $this->getCreated()
 		];
 
-		$hash = $this->hashedCanonicalize($header) . $this->hashedCanonicalize($this->getObject());
-		$signed = base64_decode($this->getSignatureValue());
+		$hashHeader = $this->hashedCanonicalize($header, true);
+		$hashObject = $this->hashedCanonicalize($this->getObject());
 
 		$algo = OPENSSL_ALGO_SHA256;
 		if ($this->getType() === 'RsaSignature2017') {
 			$algo = OPENSSL_ALGO_SHA256;
 		}
 
-		if (openssl_verify($hash, $signed, $this->getPublicKey(), $algo) === 1) {
+		if (openssl_verify(
+				$hashHeader . $hashObject, base64_decode($this->getSignatureValue()),
+				$this->getPublicKey(), $algo
+			) === 1) {
 			return true;
 		}
 
@@ -282,10 +286,21 @@ class LinkedDataSignature implements JsonSerializable {
 	/**
 	 * @param array $data
 	 *
+	 * @param bool $removeEmptyValue
+	 *
 	 * @return string
 	 */
-	private function hashedCanonicalize(array $data): string {
-		$object = json_decode(json_encode($data), false);
+	private function hashedCanonicalize(array $data, bool $removeEmptyValue = false): string {
+		if ($removeEmptyValue) {
+			$data = array_filter(
+				$data,
+				function($v) {
+					return ($v !== '');
+				}
+			);
+		}
+
+		$object = json_decode(json_encode($data, JSON_UNESCAPED_SLASHES | JSON_UNESCAPED_UNICODE));
 		$res = jsonld_normalize(
 			$object,
 			[
-- 
cgit v1.2.3


From 89cd8fa88c6fbafa75e69535911f713e9c56c946 Mon Sep 17 00:00:00 2001
From: Maxence Lange <maxence@artificial-owl.com>
Date: Fri, 4 Jan 2019 10:14:30 -0100
Subject: only valid base64

Signed-off-by: Maxence Lange <maxence@artificial-owl.com>
---
 lib/Model/LinkedDataSignature.php | 9 +++++----
 1 file changed, 5 insertions(+), 4 deletions(-)

(limited to 'lib/Model')

diff --git a/lib/Model/LinkedDataSignature.php b/lib/Model/LinkedDataSignature.php
index 0244e6ba..abf4406d 100644
--- a/lib/Model/LinkedDataSignature.php
+++ b/lib/Model/LinkedDataSignature.php
@@ -273,10 +273,11 @@ class LinkedDataSignature implements JsonSerializable {
 			$algo = OPENSSL_ALGO_SHA256;
 		}
 
-		if (openssl_verify(
-				$hashHeader . $hashObject, base64_decode($this->getSignatureValue()),
-				$this->getPublicKey(), $algo
-			) === 1) {
+		$signed = base64_decode($this->getSignatureValue());
+		if ($signed !== false
+			&& openssl_verify(
+				   $hashHeader . $hashObject, $signed, $this->getPublicKey(), $algo
+			   ) === 1) {
 			return true;
 		}
 
-- 
cgit v1.2.3