Merge pull request ONDC-Official#68 from pratik-mazumdar/main

Verify Header Java Util

utilities/on_subscibe-service/java/Readme.md

@@ -74,5 +74,18 @@ To generate the auth header kindly use the following curl request:
 ```
 curl --location 'localhost:8080/create-header' \
 --header 'Content-Type: application/json' \
---data '{"value":{"abc":"test"},"private_key":"your_signing_private_key"}'
+--header 'Cookie: connect.sid=s%3AASiu2zTqhIjkxj8OGpBcEk9MUjWPKWhy.i%2FMc29ueVdeXM96cLCESAVB5ul2yfVrZviJDEKHKVA0' \
+--data-raw '{"value":{"test":"test"}},
+"subscriber_id" : "abc.com",
+"unique_key_id" : "ukid",
+"private_key":"private_key"}'
+```
+
+To Verify Auth Header
+```
+curl --location 'localhost:8080/verify-header' \
+--header 'Content-Type: application/json' \
+--header 'Cookie: connect.sid=s%3AASiu2zTqhIjkxj8OGpBcEk9MUjWPKWhy.i%2FMc29ueVdeXM96cLCESAVB5ul2yfVrZviJDEKHKVA0' \
+--data-raw '{"value":{"test":"test"}},"public_key":"public_key","header":"Signature keyId=\"abc.com|ukid|ed25519\",algorithm=\"ed25519\",created=\"1712239689\",expires=\"1712539689\",headers=\"(created) (expires) digest\",signature=\"Gy5wiiJYGeNOBsiXJKo4OF7fSKR65zkxa/FJjgBgenmRplhq9vNewz/ivXDFegSnrdQK9U9T19Ta55J7Aa6RBw==\""
+}'
 ```

utilities/on_subscibe-service/java/src/main/java/ondc/onboarding/utility/Routes.java

@@ -57,14 +57,36 @@ public ResponseEntity<Map<String,byte[]>> getKeys (){
     String createHeader(@RequestBody JsonNode req) throws Exception {
         long created = System.currentTimeMillis() / 1000L;
         long expires = created + 300000;
+        logger.info(toBase64(generateBlakeHash(req.get("value").toString())));
+        logger.info(req.get("value").toString());
         String hashedReq = hashMassage(req.get("value").toString(),created,expires);
         String signature = sign(Base64.getDecoder().decode(req.get("private_key").asText()),hashedReq.getBytes());
-        String subscriberId = "altiux.com";
-        String uniqueKeyId = "c9aa1b41-04e9-43e2-bd89-9ddcdecbf4cf";
+        String subscriberId = req.get("subscriber_id").asText();
+        String uniqueKeyId = req.get("unique_key_id").asText();
 
         return "Signature keyId=\"" + subscriberId + "|" + uniqueKeyId + "|" + "ed25519\"" + ",algorithm=\"ed25519\"," + "created=\"" + created + "\",expires=\"" + expires + "\",headers=\"(created) (expires)" + " digest\",signature=\"" + signature + "\"";
     }
 
+    @PostMapping("/verify-header")
+    public boolean isValidHeader(@RequestBody JsonNode req) throws Exception {
+        long currentTimestamp = System.currentTimeMillis() / 1000L;
+        String authHeader = req.get("header").asText();
+        String signature = authHeader.split(",")[5].split("=")[1].replaceAll("\"","");
+        long expires = Long.parseLong(authHeader.split(",")[3].split("=")[1].replaceAll("\"",""));
+        long created = Long.parseLong(authHeader.split(",")[2].split("=")[1].replaceAll("\"",""));
+        if ((created > currentTimestamp) || currentTimestamp > expires){
+            logger.info("Timestamp should be Created < CurrentTimestamp < Expires");
+            return false;
+        }
+        String hashedReq = hashMassage(req.get("value").toString(),created,expires);
+        logger.info(hashedReq);
+        return verify(
+                fromBase64(signature),
+                hashedReq.getBytes(),
+                fromBase64(req.get("public_key").asText())
+        );
+    }
+
     @PostMapping("/subscribe")
     public ResponseEntity<String> subscribe(@RequestBody JsonNode subscribeBody) throws NoSuchPaddingException, IllegalBlockSizeException, BadPaddingException, NoSuchAlgorithmException, InvalidKeyException, NoSuchProviderException, JSONException, IOException, InterruptedException {
 

utilities/on_subscibe-service/java/src/main/java/ondc/onboarding/utility/Utils.java

@@ -37,6 +37,10 @@ public static CryptoKeyPair generateEncDecKey() throws InvalidKeyException, NoSu
     public static String toBase64(byte[] src){
         return Base64.getEncoder().encodeToString(src);
     }
+    public static byte[] fromBase64 (String str) {
+        return Base64.getDecoder().decode(str);
+    }
+
 
     public static  String hashMassage(String req, long created,long expires) throws Exception {
         byte[] digest = generateBlakeHash(req);
@@ -64,6 +68,11 @@ public static String sign(byte[] privateKey,byte[] message) {
         return  toBase64(signature);
     }
 
+    public static boolean verify(byte[] signature,byte[] message, byte[] publicKey) {
+        //verify the given signature with
+        return Ed25519.verify(signature, 0, publicKey, 0, message, 0, message.length);
+    }
+
     public static byte[] encryptDecrypt(int mode, byte[] challenge_string,byte[] privateKey, byte[] publicKey) throws NoSuchAlgorithmException, NoSuchProviderException, InvalidKeySpecException, InvalidKeyException, NoSuchPaddingException, IllegalBlockSizeException, BadPaddingException, InvalidKeySpecException {
         if (Security.getProvider(BouncyCastleProvider.PROVIDER_NAME) == null) {
             Security.addProvider(new BouncyCastleProvider());