Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Crashing during JsonLD signing on Android #19

Open
kenneth-leong-gt opened this issue Apr 28, 2023 · 8 comments
Open

Crashing during JsonLD signing on Android #19

kenneth-leong-gt opened this issue Apr 28, 2023 · 8 comments

Comments

@kenneth-leong-gt
Copy link

Is this library able to be used in an Android device? I am getting exception for the instantiation of com.danubetech.keyformats.crypto.provider.impl.NaClSodiumEd25519Provider when running in Android.

Full stack trace below

java.util.ServiceConfigurationError: com.danubetech.keyformats.crypto.provider.Ed25519Provider: Provider com.danubetech.keyformats.crypto.provider.impl.NaClSodiumEd25519Provider could not be instantiated
	at java.util.ServiceLoader.fail(ServiceLoader.java:233)
	at java.util.ServiceLoader.-$$Nest$smfail(Unknown Source:0)
	at java.util.ServiceLoader$LazyIterator.nextService(ServiceLoader.java:392)
	at java.util.ServiceLoader$LazyIterator.next(ServiceLoader.java:416)
	at java.util.ServiceLoader$1.next(ServiceLoader.java:494)
	at com.danubetech.keyformats.crypto.provider.Ed25519Provider.get(Ed25519Provider.java:27)
	at com.danubetech.keyformats.crypto.impl.Ed25519_EdDSA_PrivateKeySigner.sign(Ed25519_EdDSA_PrivateKeySigner.java:19)
	at com.danubetech.keyformats.crypto.ByteSigner.sign(ByteSigner.java:18)
	at info.weboftrust.ldsignatures.signer.Ed25519Signature2020LdSigner.sign(Ed25519Signature2020LdSigner.java:37)
	at info.weboftrust.ldsignatures.signer.Ed25519Signature2020LdSigner.sign(Ed25519Signature2020LdSigner.java:48)
	at info.weboftrust.ldsignatures.signer.LdSigner.sign(LdSigner.java:99)
	at info.weboftrust.ldsignatures.signer.LdSigner.sign(LdSigner.java:123)
	at com.example.FirstFragmentViewModel.webOfTrustSigner(FirstFragmentViewModel.kt:484)
	at com.example.FirstFragmentViewModel.access$webOfTrustSigner(FirstFragmentViewModel.kt:45)
	at com.example.FirstFragmentViewModel$createSignVP$1.invokeSuspend(FirstFragmentViewModel.kt:399)
	at kotlin.coroutines.jvm.internal.BaseContinuationImpl.resumeWith(ContinuationImpl.kt:33)
	at kotlinx.coroutines.DispatchedTask.run(DispatchedTask.kt:106)
	at kotlinx.coroutines.internal.LimitedDispatcher.run(LimitedDispatcher.kt:42)
	at kotlinx.coroutines.scheduling.TaskImpl.run(Tasks.kt:95)
	at kotlinx.coroutines.scheduling.CoroutineScheduler.runSafely(CoroutineScheduler.kt:570)
	at kotlinx.coroutines.scheduling.CoroutineScheduler$Worker.executeTask(CoroutineScheduler.kt:750)
	at kotlinx.coroutines.scheduling.CoroutineScheduler$Worker.runWorker(CoroutineScheduler.kt:677)
	at kotlinx.coroutines.scheduling.CoroutineScheduler$Worker.run(CoroutineScheduler.kt:664)
	Suppressed: kotlinx.coroutines.DiagnosticCoroutineContextException: [StandaloneCoroutine{Cancelling}@d91dd9a, Dispatchers.IO]
Caused by: java.lang.ExceptionInInitializerError
	at java.lang.Class.newInstance(Native Method)
	at java.util.ServiceLoader$LazyIterator.nextService(ServiceLoader.java:388)
	... 20 more
Caused by: java.lang.NullPointerException: Attempt to invoke virtual method 'java.lang.String java.net.URL.getFile()' on a null object reference
	at com.goterl.resourceloader.ResourceLoader.getFileFromFileSystem(ResourceLoader.java:234)
	at com.goterl.resourceloader.ResourceLoader.copyToTempDirectory(ResourceLoader.java:88)
	at com.goterl.resourceloader.SharedLibraryLoader.load(SharedLibraryLoader.java:53)
	at com.goterl.lazysodium.utils.LibraryLoader.loadBundledLibrary(LibraryLoader.java:134)
	at com.goterl.lazysodium.utils.LibraryLoader.loadLibrary(LibraryLoader.java:95)
	at com.goterl.lazysodium.SodiumJava.<init>(SodiumJava.java:34)
	at com.goterl.lazysodium.SodiumJava.<init>(SodiumJava.java:23)
	at com.danubetech.keyformats.crypto.provider.impl.NaClSodiumEd25519Provider.<clinit>(NaClSodiumEd25519Provider.java:15)
	... 22 more
@kenneth-leong-gt kenneth-leong-gt changed the title Crashing dusing JsonLD signing Crashing during JsonLD signing on Android Apr 28, 2023
@peacekeeper
Copy link
Member

Hello @kenneth-leong-gt thanks for your feedback. Could you please check issue danubetech/key-formats-java#11 on the "key-formats-java" library to see if that solves the problem? If not, or if that other issue discussion isn't clear, please reply back here and we'll take another look to help!

@kenneth-leong-gt
Copy link
Author

kenneth-leong-gt commented Apr 28, 2023
edited
Loading

ok seems to be working using the tink povider now. Thank you very much.

But one comment on the api for Ed25519Signature2020LdSigner constructor.

public Ed25519Signature2020LdSigner(byte[] privateKey) {

       this(new Ed25519_EdDSA_PrivateKeySigner(privateKey));
   }

It states that the param needed is the byte array for the private key, but actually it requires the private key byte array concat-ed with the public key byte array as internally its checking for 64 bytes for the byte array length. As shown in this check below.

@Override
	public byte[] sign(byte[] content, byte[] privateKey) throws GeneralSecurityException {

		if (privateKey.length != Ed25519Sign.SECRET_KEY_LEN + Ed25519Verify.PUBLIC_KEY_LEN) throw new GeneralSecurityException("Invalid private key length: " + privateKey.length); // <-------this check here

		byte[] privateKeyOnly = new byte[32];
		System.arraycopy(privateKey, 0, privateKeyOnly, 0, Ed25519Sign.SECRET_KEY_LEN);

		byte[] signatureValue = new Ed25519Sign(privateKeyOnly).sign(content);

		return signatureValue;
	}

So kinda confusing imo.

@peacekeeper
Copy link
Member

It states that the param needed is the byte array for the private key, but actually it requires the private key byte array concat-ed with the public key byte array

I agree this is confusing, however we did this to mirror what libsodium has been doing, where in several places the public and private keys are used together. Not sure what's the reason for this.

See e.g. here:

I suppose the Tink approach is better, where the "private key" is really only the private key.

@peacekeeper
Copy link
Member

I just added two commits which hopefully document the issues that were raised here a bit:

danubetech/key-formats-java@433dd83
danubetech/key-formats-java@0680972

@kenneth-leong-gt
Copy link
Author

thanks for the updates. btw are there any plans for something like ld-signatures-swift or anything for iOS?

@peacekeeper
Copy link
Member

No sorry, at the moment we don't have plans to implement this in any other lanaguge...

@peacekeeper
Copy link
Member

Can we close this issue?

@kenneth-leong-gt
Copy link
Author

yes, thanks

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@peacekeeper @kenneth-leong-gt