jep-api/main.py at main · hjs-spec/jep-api · GitHub

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310
311
312
313
314
315
316
"""JEP v0.6 API seed.

This FastAPI service is a small reference API seed for JEP v0.6-style
event creation and verification.

Implemented:
- J/D/T/V event creation
- JEP wire version "1"
- JEP-Core-0.6 profile labels
- JCS-compatible seed canonicalization
- algorithm-tagged event hash
- detached JWS Compact Serialization shape
- Ed25519 signing and verification
- ext/ext_crit extension framework
- TTL and digest-only privacy extensions
- JEP-style validation result object
- replay cache separation for verification consumption

This is an implementation seed, not a production security service.
"""

from __future__ import annotations

import base64
import hashlib
import json
import time
import uuid
from typing import Any, Dict, List, Optional

from fastapi import FastAPI, HTTPException
from pydantic import BaseModel, Field
from cryptography.hazmat.primitives.asymmetric.ed25519 import Ed25519PrivateKey, Ed25519PublicKey


JEP_CORE_PROFILE = "jep-core-0.6"
JEP_WIRE_VERSION = "1"

EXT_TTL = "https://jep.org/ttl"
EXT_DIGEST_ONLY = "https://jep.org/priv/digest-only"
KNOWN_EXTENSIONS = {EXT_TTL, EXT_DIGEST_ONLY}

# Demo in-memory stores.
EVENT_STORE: Dict[str, Dict[str, Any]] = {}
CONSUMED_NONCES: set[str] = set()

# Demo process-local signing key. Production deployments must use a managed key.
SIGNING_KEY = Ed25519PrivateKey.generate()
VERIFY_KEY = SIGNING_KEY.public_key()
DEMO_KID = "did:example:jep-api#key-1"
DEMO_WHO = "did:example:jep-api"


def b64u(data: bytes) -> str:
    return base64.urlsafe_b64encode(data).decode("ascii").rstrip("=")


def b64u_decode(data: str) -> bytes:
    return base64.urlsafe_b64decode(data + "=" * (-len(data) % 4))


def jcs_seed(obj: Any) -> bytes:
    """JCS-compatible canonicalization for seed objects.

    This is sufficient for deterministic seed vectors. Production
    implementations should use a complete RFC 8785 JCS implementation.
    """
    return json.dumps(obj, sort_keys=True, separators=(",", ":"), ensure_ascii=False).encode("utf-8")


def sha256_digest(data: bytes) -> str:
    return "sha256:" + hashlib.sha256(data).hexdigest()


def event_hash(event: Dict[str, Any]) -> str:
    return sha256_digest(jcs_seed(event))


def detached_jws_sign(unsigned_event: Dict[str, Any]) -> str:
    protected = {
        "alg": "Ed25519",
        "kid": DEMO_KID,
        "typ": "jep-event+jws",
        "jep": JEP_WIRE_VERSION,
    }
    protected_b64 = b64u(jcs_seed(protected))
    payload_b64 = b64u(jcs_seed(unsigned_event))
    signing_input = f"{protected_b64}.{payload_b64}".encode("ascii")
    signature = SIGNING_KEY.sign(signing_input)
    return f"{protected_b64}..{b64u(signature)}"


def detached_jws_verify(event: Dict[str, Any]) -> tuple[bool, Optional[Dict[str, Any]]]:
    sig = event.get("sig")
    if not isinstance(sig, str) or sig.count(".") != 2:
        return False, error("ERR_SIGNATURE_CONTAINER_INVALID", "sig is not detached JWS Compact Serialization", 1)

    protected_b64, empty, signature_b64 = sig.split(".")
    if empty != "":
        return False, error("ERR_SIGNATURE_CONTAINER_INVALID", "JWS payload segment must be empty", 1)

    try:
        protected = json.loads(b64u_decode(protected_b64))
    except Exception as exc:
        return False, error("ERR_SIGNATURE_CONTAINER_INVALID", f"Invalid protected header: {exc}", 1)

    if protected.get("alg") != "Ed25519":
        return False, error("ERR_UNSUPPORTED_SIGNATURE_ALG", f"Unsupported alg: {protected.get('alg')}", 1)

    unsigned = {k: v for k, v in event.items() if k != "sig"}
    payload_b64 = b64u(jcs_seed(unsigned))
    signing_input = f"{protected_b64}.{payload_b64}".encode("ascii")

    try:
        VERIFY_KEY.verify(b64u_decode(signature_b64), signing_input)
        return True, None
    except Exception as exc:
        return False, error("ERR_SIGNATURE_INVALID", str(exc), 1)


def error(code: str, message: str, level: int = 0, recoverable: bool = False) -> Dict[str, Any]:
    return {"code": code, "message": message, "level": level, "recoverable": recoverable}


def validation_result(
    valid: bool,
    level: int,
    mode: str,
    event: Optional[Dict[str, Any]] = None,
    errors: Optional[List[Dict[str, Any]]] = None,
    warnings: Optional[List[Dict[str, Any]]] = None,
    scopes: Optional[List[str]] = None,
) -> Dict[str, Any]:
    return {
        "valid": valid,
        "level": level,
        "mode": mode,
        "profile": JEP_CORE_PROFILE,
        "scopes": scopes or [],
        "event_hash": event_hash(event) if event else None,
        "warnings": warnings or [],
        "errors": errors or [],
    }


class CreateEventRequest(BaseModel):
    verb: str = Field(..., pattern="^(J|D|T|V)$")
    who: str = Field(default=DEMO_WHO)
    what: Any
    aud: Optional[str] = "https://api.example.org"
    ref: Optional[str] = None
    ttl_minutes: Optional[int] = None
    digest_only_who: bool = False
    ext: Dict[str, Any] = Field(default_factory=dict)
    ext_crit: List[str] = Field(default_factory=list)


class VerifyEventRequest(BaseModel):
    event: Dict[str, Any]
    mode: str = "archival"
    consume_nonce: bool = False


class EventResponse(BaseModel):
    event: Dict[str, Any]
    event_hash: str
    validation: Dict[str, Any]


app = FastAPI(
    title="JEP v0.6 API Seed",
    version="0.6.0",
    description="FastAPI seed for JEP v0.6 event creation and verification.",
)


@app.get("/")
def root() -> Dict[str, Any]:
    return {
        "name": "JEP v0.6 API Seed",
        "profile": JEP_CORE_PROFILE,
        "wire_format": JEP_WIRE_VERSION,
        "public_key": {
            "kty": "OKP",
            "crv": "Ed25519",
            "kid": DEMO_KID,
            "x": b64u(VERIFY_KEY.public_bytes_raw()),
        },
        "endpoints": ["/health", "/events/create", "/events/verify"],
    }


@app.get("/health")
def health() -> Dict[str, Any]:
    return {"ok": True, "profile": JEP_CORE_PROFILE}


@app.post("/events/create", response_model=EventResponse)
def create_event(req: CreateEventRequest) -> Dict[str, Any]:
    now = int(time.time())

    who = req.who
    ext = dict(req.ext or {})
    ext_crit = list(req.ext_crit or [])

    if req.digest_only_who:
        salt = b64u(hashlib.sha256(str(uuid.uuid4()).encode()).digest()[:16])
        who_digest = sha256_digest(f"{who}:{salt}".encode("utf-8"))
        ext.setdefault(EXT_DIGEST_ONLY, {})["who_digest"] = who_digest
        ext[EXT_DIGEST_ONLY]["salt_hint"] = "not disclosed"
        if EXT_DIGEST_ONLY not in ext_crit:
            ext_crit.append(EXT_DIGEST_ONLY)

    if req.ttl_minutes is not None:
        ext.setdefault(EXT_TTL, {})["ttl_minutes"] = req.ttl_minutes
        ext[EXT_TTL]["expires_at"] = now + req.ttl_minutes * 60
        if EXT_TTL not in ext_crit:
            ext_crit.append(EXT_TTL)

    event = {
        "jep": JEP_WIRE_VERSION,
        "verb": req.verb,
        "who": who,
        "when": now,
        "what": req.what,
        "nonce": str(uuid.uuid4()),
        "aud": req.aud,
        "ref": req.ref,
    }

    if ext:
        event["ext"] = ext
    if ext_crit:
        event["ext_crit"] = ext_crit

    event["sig"] = detached_jws_sign(event)

    h = event_hash(event)
    EVENT_STORE[h] = event

    result = validate_event(event, mode="archival", consume_nonce=False)
    return {"event": event, "event_hash": h, "validation": result}


@app.post("/events/verify")
def verify_event(req: VerifyEventRequest) -> Dict[str, Any]:
    return validate_event(req.event, mode=req.mode, consume_nonce=req.consume_nonce)


def validate_event(event: Dict[str, Any], mode: str = "archival", consume_nonce: bool = False) -> Dict[str, Any]:
    required = ["jep", "verb", "who", "when", "nonce", "sig"]
    for field in required:
        if field not in event:
            return validation_result(False, 0, mode, errors=[
                error("ERR_MISSING_REQUIRED_FIELD", f"Missing {field}", 0)
            ])

    if event.get("jep") != JEP_WIRE_VERSION:
        return validation_result(False, 0, mode, event=event, errors=[
            error("ERR_UNSUPPORTED_JEP_VERSION", "jep must be '1'", 0)
        ])

    if event.get("verb") not in {"J", "D", "T", "V"}:
        return validation_result(False, 0, mode, event=event, errors=[
            error("ERR_UNKNOWN_VERB", "verb must be J/D/T/V", 0)
        ])

    if not isinstance(event.get("when"), int):
        return validation_result(False, 0, mode, event=event, errors=[
            error("ERR_INVALID_TIMESTAMP", "when must be integer seconds", 0)
        ])

    if event.get("verb") in {"J", "D", "T"} and "what" not in event:
        return validation_result(False, 0, mode, event=event, errors=[
            error("ERR_MISSING_REQUIRED_FIELD", f"{event.get('verb')} requires what", 0)
        ])

    if event.get("verb") == "V" and (not event.get("ref")):
        return validation_result(False, 0, mode, event=event, errors=[
            error("ERR_MISSING_REQUIRED_FIELD", "V requires ref", 0)
        ])

    if consume_nonce:
        nonce = event.get("nonce")
        if nonce in CONSUMED_NONCES:
            return validation_result(False, 1, mode, event=event, errors=[
                error("ERR_NONCE_REPLAY", "nonce already consumed", 2)
            ], scopes=["syntax"])
        CONSUMED_NONCES.add(nonce)

    ok, sig_error = detached_jws_verify(event)
    if not ok:
        return validation_result(False, 0, mode, event=event, errors=[sig_error], scopes=["syntax"])

    warnings: List[Dict[str, Any]] = []
    for ext_id in event.get("ext_crit", []) or []:
        if ext_id not in KNOWN_EXTENSIONS and not ext_id.startswith("https://jac.org/") and not ext_id.startswith("https://hjs.org/"):
            return validation_result(False, 2, mode, event=event, errors=[
                error("ERR_UNKNOWN_CRITICAL_EXTENSION", f"Unknown critical extension: {ext_id}", 3)
            ], scopes=["syntax", "cryptographic"])

    ext = event.get("ext", {})
    ttl = ext.get(EXT_TTL, {})
    if isinstance(ttl, dict) and ttl.get("expires_at") and int(time.time()) > int(ttl["expires_at"]):
        return validation_result(False, 3, mode, event=event, errors=[
            error("ERR_POLICY_REJECTED", "event TTL expired", 4)
        ], scopes=["syntax", "cryptographic", "extension_processing"])

    return validation_result(
        True,
        1,
        mode,
        event=event,
        warnings=warnings,
        scopes=["syntax", "cryptographic"],
    )