buildProof method
FutureOr<Map<String, dynamic> >
buildProof(
- dynamic data,
- WalletStore wallet,
- String did, {
- String? challenge,
- String? domain,
- String? proofPurpose,
override
Build a LinkedDataProof / DataIntegrityProof
Implementation
@override
FutureOr<Map<String, dynamic>> buildProof(
data, WalletStore wallet, String did,
{String? challenge, String? domain, String? proofPurpose}) async {
var proofOptions = {
'@context': jsonWebSignature2020ContextIri,
'type': typeName,
'proofPurpose': proofPurpose ?? 'assertionMethod',
'verificationMethod': '$did#${did.split(':')[2]}',
'created': DateTime.now().toUtc().toIso8601String()
};
if (domain != null) {
proofOptions['domain'] = domain;
}
if (challenge != null) {
proofOptions['challenge'] = challenge;
}
List<int> hash = await _dataToHash(data);
var pOptionsHash = sha256
.convert(utf8.encode(await JsonLdProcessor.normalize(proofOptions,
options:
JsonLdOptions(safeMode: true, documentLoader: loadDocument))))
.bytes;
var payload = pOptionsHash + hash;
String alg;
Identifier c, a;
if (did.startsWith('did:key:zQ3s')) {
c = curves.p256k;
alg = 'ES256K';
a = algorithms.signing.ecdsa.sha256;
} else if (did.startsWith('did:key:z82')) {
c = curves.p384;
alg = 'ES384';
a = algorithms.signing.ecdsa.sha384;
} else if (did.startsWith('did:key:z2J9')) {
c = curves.p521;
alg = 'ES512';
a = algorithms.signing.ecdsa.sha512;
} else {
c = curves.p256;
alg = 'ES256';
a = algorithms.signing.ecdsa.sha256;
}
var critical = <String, dynamic>{};
critical['b64'] = false;
var header = buildJwsHeader(alg: alg, extra: critical);
var headerEnc = removePaddingFromBase64(header);
var hashToSign = utf8.encode('$headerEnc.') + payload;
// proofOptions.remove('@context');
var privateKeyHex = await wallet.getPrivateKeyForCredentialDid(did);
privateKeyHex ??= await wallet.getPrivateKeyForConnectionDid(did);
if (privateKeyHex == null) throw Exception('Could not find a private key');
var privateKey = EcPrivateKey(
eccPrivateKey: web3_crypto.hexToInt(privateKeyHex), curve: c);
var signer = privateKey.createSigner(a);
var sig = signer.sign(hashToSign);
proofOptions['jws'] = '$headerEnc.'
'.${base64UrlEncode(sig.data)}';
return proofOptions;
}