feat(encoding utils): added utils to work with hex. JWT signatures are now base64 encoded

We had an inconsistency, where JWT signatures were encoded as hex. This commit fixes that, ensuring
all future signatures will be correctly encoded. This commit also adds a few helper methods
(stripHexPrefix, addHexPrefix, parseHexOrBase64) which make it easier and safer to work with hex
strings.

Author: Exulansis

ts/didMethods/jolo/registrar.ts

@@ -5,7 +5,7 @@ import {
   ServiceEndpointsSection,
   PublicKeySection,
 } from '../../identity/didDocument/sections'
-import { fuelKeyWithEther } from '../../utils/helper'
+import { fuelKeyWithEther, stripHexPrefix } from '../../utils/helper'
 import { SignedCredential } from '../../credentials/signedCredential/signedCredential'
 import { IRegistrar } from '../types'
 import { claimsMetadata } from '@jolocom/protocol-ts'
@@ -18,6 +18,7 @@ import {
 import { validateDigestable } from '../../utils/validation'
 import { KEY_REFS } from './constants'
 import { publicKeyToJoloDID } from './utils'
+import { addHexPrefix } from 'ethereumjs-util'
 
 const { SIGNING_KEY_REF, ANCHOR_KEY_REF, ENCRYPTION_KEY_REF } = KEY_REFS
 
@@ -239,7 +240,7 @@ export class JolocomRegistrar implements IRegistrar {
     }
 
     const unsignedTx = await this.registrarFns.publishDidDocument(
-      Buffer.from(anchoringKey.publicKeyHex.slice(2), 'hex'),
+      Buffer.from(stripHexPrefix(anchoringKey.publicKeyHex), 'hex'),
       //@ts-ignore
       didDocument.toJSON(),
     )
@@ -251,13 +252,13 @@ export class JolocomRegistrar implements IRegistrar {
         keyRef: anchoringKey.controller[0],
         encryptionPass: password,
       },
-      Buffer.from(unsignedTx.slice(2), 'hex'),
+      Buffer.from(stripHexPrefix(unsignedTx), 'hex'),
     )
 
     return this.registrarFns
       .broadcastTransaction(unsignedTx, {
-        r: '0x' + signature.slice(0, 32).toString('hex'),
-        s: '0x' + signature.slice(32, 64).toString('hex'),
+        r: addHexPrefix(signature.slice(0, 32).toString('hex')),
+        s: addHexPrefix(signature.slice(32, 64).toString('hex')),
         recoveryParam: signature[64],
       })
       .catch(console.log)

ts/identityWallet/identityWallet.ts

@@ -319,7 +319,7 @@ export class IdentityWallet {
       await jwt.asBytes(),
     ) // TODO Also, are the signatures hex or b64?
 
-    jwt.signature = signature.toString('hex')
+    jwt.signature = signature.toString('base64')
 
     return jwt
   }

ts/linkedData/index.ts

@@ -1,5 +1,5 @@
 import { ILinkedDataSignatureAttrs } from '../linkedDataSignature/types'
-import { keyIdToDid } from '../utils/helper'
+import { keyIdToDid, parseHexOrBase64 } from '../utils/helper'
 import { sha256 } from '../utils/crypto'
 import { canonize } from 'jsonld'
 import { JsonLdObject, SignedJsonLdObject, JsonLdContext } from './types'
@@ -81,7 +81,7 @@ export const validateJsonLd = async (
 
   return verifySignatureWithIdentity(
     await normalizeSignedLdObject(json, json['@context']),
-    Buffer.from(json.proof.signatureValue, 'hex'),
+    parseHexOrBase64(json.proof.signatureValue),
     json.proof.creator,
     issuerIdentity,
   )

ts/parse/parseAndValidate.ts

@@ -9,6 +9,7 @@ import { verifySignatureWithIdentity } from '../utils/validation'
 import { ISignedCredentialAttrs } from '@jolocom/protocol-ts/dist/lib/signedCredential'
 import { SignedCredential } from '../credentials/signedCredential/signedCredential'
 import { parse } from './parse'
+import { parseHexOrBase64 } from '../utils/helper'
 
 const parseAndValidateDidDoc = async (
   didDocument: IDidDocumentAttrs,
@@ -53,7 +54,7 @@ export const parseAndValidateInteractionToken = async (
 
   const isValid = await verifySignatureWithIdentity(
     Buffer.from(Buffer.from([body, payload].join('.'))),
-    Buffer.from(signature, 'hex'),
+    parseHexOrBase64(signature),
     interactionToken.signer.keyId,
     signer,
   )

ts/utils/helper.ts

@@ -4,6 +4,27 @@ import { DidDocument } from '../identity/didDocument/didDocument'
 import { KeyTypes, PublicKeyInfo } from '@jolocom/vaulted-key-provider'
 import { IKeyMetadata } from '../identityWallet/types'
 import { ErrorCodes } from '../errors'
+import { isHexString } from 'ethers/lib/utils'
+
+/**
+ * Helper which will strip the 0x prefix from a hex string
+ * If no hex prefix is present, the unmodified string is returned
+ */
+
+export const stripHexPrefix = (hexPrefixedString: string) => {
+  return addHexPrefix(hexPrefixedString).slice(2)
+}
+
+/**
+ * Helper which will attempt to parse a string as hex first, and then,
+ * in case of failure, as base64. Returns the decoded buffer
+ */
+
+export const parseHexOrBase64 = (hexOrB64: string) => {
+  return isHexString(addHexPrefix(hexOrB64))
+    ? Buffer.from(stripHexPrefix(hexOrB64), 'hex')
+    : Buffer.from(hexOrB64, 'base64')
+}
 
 /**
  * Helper function to convert a key identifier to the owner did

ts/utils/validation.ts

@@ -4,6 +4,7 @@ import { KeyTypes, getCryptoProvider } from '@jolocom/vaulted-key-provider'
 import { cryptoUtils } from '@jolocom/native-core'
 import { Identity } from '../identity/identity'
 import { IResolver } from '../didMethods/types'
+import { parseHexOrBase64 } from './helper'
 
 export type IdentityOrResolver = Identity | IResolver
 
@@ -76,7 +77,7 @@ export const validateDigestable = async (
 
   return verifySignatureWithIdentity(
     await toValidate.asBytes(),
-    Buffer.from(toValidate.signature, 'hex'),
+    parseHexOrBase64(toValidate.signature),
     toValidate.signer.keyId,
     issuerIdentity,
   )