Skip to content

Commit

Permalink
feat(sdk): Update the assertion support to match go sdk (#117)
Browse files Browse the repository at this point in the history
  • Loading branch information
@sujankota
sujankota committed Aug 19, 2024
1 parent 943751f commit f9badb3
Show file tree
Hide file tree
Showing 8 changed files with 451 additions and 280 deletions.
4 changes: 2 additions & 2 deletions cmdline/src/main/java/io/opentdf/platform/Command.java
View file
Original file line number Diff line number Diff line change
Expand Up @@ -91,7 +91,7 @@ void decrypt(@Option(names = {"-f", "--file"}, required = true) Path tdfPath) th
var sdk = buildSDK();
try (var in = FileChannel.open(tdfPath, StandardOpenOption.READ)) {
try (var stdout = new BufferedOutputStream(System.out)) {
var reader = new TDF().loadTDF(in, new Config.AssertionConfig(), sdk.getServices().kas());
var reader = new TDF().loadTDF(in, sdk.getServices().kas());
reader.readPayload(stdout);
}
}
Expand All @@ -103,7 +103,7 @@ void readMetadata(@Option(names = {"-f", "--file"}, required = true) Path tdfPat

try (var in = FileChannel.open(tdfPath, StandardOpenOption.READ)) {
try (var stdout = new PrintWriter(System.out)) {
var reader = new TDF().loadTDF(in, new Config.AssertionConfig(), sdk.getServices().kas());
var reader = new TDF().loadTDF(in, sdk.getServices().kas());
stdout.write(reader.getMetadata() == null ? "" : reader.getMetadata());
}
}
Expand Down
87 changes: 0 additions & 87 deletions sdk/src/main/java/io/opentdf/platform/sdk/Assertion.java
View file

This file was deleted.

103 changes: 103 additions & 0 deletions sdk/src/main/java/io/opentdf/platform/sdk/AssertionConfig.java
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,103 @@
package io.opentdf.platform.sdk;

import com.nimbusds.jose.JWSSigner;

import java.util.Objects;


public class AssertionConfig {

public enum Type {
HandlingAssertion("handling"),
BaseAssertion("base");

private final String type;

Type(String assertionType) {
this.type = assertionType;
}

@Override
public String toString() {
return type;
}
}

public enum Scope {
TrustedDataObj("tdo"),
Payload("payload");

private final String scope;

Scope(String scope) {
this.scope = scope;
}
}

public enum AssertionKeyAlg {
RS256,
HS256,
NotDefined;
}

public enum AppliesToState {
Encrypted("encrypted"),
Unencrypted("unencrypted");

private final String state;

AppliesToState(String state) {
this.state = state;
}
}

public enum BindingMethod {
JWS("jws");

private String method;

BindingMethod(String method) {
this.method = method;
}
}

static public class AssertionKey {
public Object key;
public AssertionKeyAlg alg = AssertionKeyAlg.NotDefined;

public AssertionKey(AssertionKeyAlg alg, Object key) {
this.alg = alg;
this.key = key;
}

public boolean isDefined() {
return alg != AssertionKeyAlg.NotDefined;
}
}

static public class Statement {
public String format;
public String schema;
public String value;

@Override
public boolean equals(Object o) {
if (this == o) return true;
if (o == null || getClass() != o.getClass()) return false;
Statement statement = (Statement) o;
return Objects.equals(format, statement.format) && Objects.equals(schema, statement.schema) && Objects.equals(value, statement.value);
}

@Override
public int hashCode() {
return Objects.hash(format, schema, value);
}
}

public String id;
public Type type;
public Scope scope;
public AppliesToState appliesToState;
public Statement statement;
public AssertionKey assertionKey;
}
71 changes: 39 additions & 32 deletions sdk/src/main/java/io/opentdf/platform/sdk/Config.java
View file
Original file line number Diff line number Diff line change
Expand Up @@ -4,11 +4,7 @@
import io.opentdf.platform.sdk.nanotdf.NanoTDFType;
import io.opentdf.platform.sdk.nanotdf.SymmetricAndPayloadConfig;

import com.nimbusds.jose.jwk.RSAKey;
import java.security.Key;
import java.util.ArrayList;
import java.util.Collections;
import java.util.List;
import java.util.*;
import java.util.function.Consumer;

public class Config {
Expand Down Expand Up @@ -36,23 +32,43 @@ public static class KASInfo {
public String KID;
}

public static class AssertionConfig {
public enum KeyType {
RS256,
HS256PayloadKey,
HS256UserDefined;

public static class AssertionVerificationKeys {
public AssertionConfig.AssertionKey defaultKey;
public Map<String, AssertionConfig.AssertionKey> keys = new HashMap<>();

Boolean isEmpty() {
return this.defaultKey == null && this.keys.isEmpty();
}

public RSAKey rs256PrivateKeyForSigning;
public RSAKey rs256PublicKeyForVerifying;
public byte[] hs256SymmetricKey;
public KeyType keyType;
AssertionConfig.AssertionKey getKey(String key) {
var assertionKey = keys.get(key);
if (assertionKey != null) {
return assertionKey;
}

public AssertionConfig() {
this.keyType = KeyType.HS256PayloadKey;
return defaultKey;
}
}

public static class TDFReaderConfig {
// Optional Map of Assertion Verification Keys
AssertionVerificationKeys assertionVerificationKeys;
}

@SafeVarargs
public static TDFReaderConfig newTDFReaderConfig(Consumer<TDFReaderConfig>... options) {
TDFReaderConfig config = new TDFReaderConfig();
for (Consumer<TDFReaderConfig> option : options) {
option.accept(config);
}
return config;
}

public static Consumer<TDFReaderConfig> withAssertionVerificationKeys(AssertionVerificationKeys assertionVerificationKeys) {
return (TDFReaderConfig config) -> config.assertionVerificationKeys = assertionVerificationKeys;
}

public static class SplitStep {
public String kas;
public String splitID;
Expand All @@ -74,8 +90,7 @@ public static class TDFConfig {
public IntegrityAlgorithm segmentIntegrityAlgorithm;
public List<String> attributes;
public List<KASInfo> kasInfoList;
public List<Assertion> assertionList;
public AssertionConfig assertionConfig;
public List<io.opentdf.platform.sdk.AssertionConfig> assertionConfigList;
public String mimeType;
public List<SplitStep> splitPlan;

Expand All @@ -87,7 +102,7 @@ public TDFConfig() {
this.segmentIntegrityAlgorithm = IntegrityAlgorithm.GMAC;
this.attributes = new ArrayList<>();
this.kasInfoList = new ArrayList<>();
this.assertionList = new ArrayList<>();
this.assertionConfigList = new ArrayList<>();
this.mimeType = DEFAULT_MIME_TYPE;
this.splitPlan = new ArrayList<>();
}
Expand All @@ -114,31 +129,23 @@ public static Consumer<TDFConfig> withKasInformation(KASInfo... kasInfoList) {
};
}

public static Consumer<TDFConfig> WithAssertions(Assertion... assertionList) {
public static Consumer<TDFConfig> withAssertionConfig(io.opentdf.platform.sdk.AssertionConfig... assertionList) {
return (TDFConfig config) -> {
Collections.addAll(config.assertionList, assertionList);
Collections.addAll(config.assertionConfigList, assertionList);
};
}

public static Consumer<TDFConfig> WithAssertion(Assertion assertion) {
return (TDFConfig config) -> config.assertionList.add(assertion);
}

public static Consumer<TDFConfig> withMetaData(String metaData) {
return (TDFConfig config) -> config.metaData = metaData;
}

public static Consumer<TDFConfig> withAssertionConfig(AssertionConfig assertionConfig) {
return (TDFConfig config) -> config.assertionConfig = assertionConfig;
}

public static Consumer<TDFConfig> withSegmentSize(int size) {
return (TDFConfig config) -> config.defaultSegmentSize = size;
}

public static Consumer<TDFConfig> withDisableEncryption() {
return (TDFConfig config) -> config.enableEncryption = false;
}
// public static Consumer<TDFConfig> withDisableEncryption() {
// return (TDFConfig config) -> config.enableEncryption = false;
// }

public static Consumer<TDFConfig> withMimeType(String mimeType) {
return (TDFConfig config) -> config.mimeType = mimeType;
Expand Down
Loading

0 comments on commit f9badb3

Please sign in to comment.