feat: create Keymaster Java implementation

.eslintignore

@@ -1,4 +1,4 @@
 **/data/
 **/build/
 **/dist/
-
+java/

java/.gitignore

@@ -0,0 +1,19 @@
+.gradle/
+/build/
+**/build/
+**/out/
+
+# IDEs
+.idea/
+*.iml
+*.ipr
+*.iws
+.vscode/
+
+# OS
+.DS_Store
+Thumbs.db
+
+# Logs
+*.log
+.gradle-user/

java/README.md

@@ -0,0 +1,74 @@
+# Java Libraries
+
+This folder contains the Java implementations of Keymaster and the Gatekeeper REST client.
+
+Modules:
+- `cid` — minimal CID validation.
+- `crypto` — crypto primitives.
+- `gatekeeper` — Gatekeeper REST client.
+- `keymaster` — wallet + credential operations.
+
+Compatibility and runtime
+- JDK 17 is required (targeted bytecode and test runtime).
+- Dependencies are pure-Java artifacts (OkHttp, Jackson, Bouncy Castle, Tink, bitcoinj).
+- Gatekeeper default base URL is `http://localhost:4224` (see `GatekeeperClientOptions`).
+
+Quickstart (Gradle)
+```gradle
+dependencies {
+    implementation("org.keychain:cid:<version>")
+    implementation("org.keychain:crypto:<version>")
+    implementation("org.keychain:gatekeeper:<version>")
+    implementation("org.keychain:keymaster:<version>")
+}
+```
+
+Quickstart (Java)
+```java
+import java.nio.file.Path;
+import java.nio.file.Paths;
+import java.util.HashMap;
+import java.util.List;
+import java.util.Map;
+import org.keychain.gatekeeper.GatekeeperClient;
+import org.keychain.gatekeeper.GatekeeperClientOptions;
+import org.keychain.keymaster.Keymaster;
+import org.keychain.keymaster.model.WalletEncFile;
+import org.keychain.keymaster.store.WalletJson;
+import org.keychain.keymaster.store.WalletStore;
+
+Path dataDir = Paths.get(System.getProperty("user.home"), ".keymaster");
+WalletStore<WalletEncFile> store = new WalletJson<>(WalletEncFile.class, dataDir, "wallet.json");
+
+GatekeeperClientOptions options = new GatekeeperClientOptions();
+options.baseUrl = "http://localhost:4224";
+GatekeeperClient gatekeeper = new GatekeeperClient(options);
+
+Keymaster keymaster = new Keymaster(store, gatekeeper, "passphrase");
+
+String aliceDid = keymaster.createId("Alice", "hyperswarm");
+System.out.println("DID: " + aliceDid);
+
+Map<String, Object> emailSchema = new HashMap<>();
+emailSchema.put("$schema", "http://json-schema.org/draft-07/schema#");
+Map<String, Object> properties = new HashMap<>();
+Map<String, Object> email = new HashMap<>();
+email.put("format", "email");
+email.put("type", "string");
+properties.put("email", email);
+emailSchema.put("properties", properties);
+emailSchema.put("required", List.of("email"));
+emailSchema.put("type", "object");
+
+String schemaDid = keymaster.createSchema(emailSchema, "hyperswarm");
+Map<String, Object> bound = keymaster.bindCredential(schemaDid, aliceDid);
+String credentialDid = keymaster.issueCredential(bound);
+
+keymaster.publishCredential(credentialDid, true);
+```
+
+See each module README for usage details:
+- `java/cid/README.md`
+- `java/crypto/README.md`
+- `java/gatekeeper/README.md`
+- `java/keymaster/README.md`

java/build.gradle

@@ -0,0 +1,31 @@
+allprojects {
+    repositories {
+        mavenCentral()
+        maven { url = 'https://jitpack.io' }
+    }
+}
+
+subprojects {
+    apply plugin: 'java-library'
+
+    java {
+        toolchain {
+            languageVersion = JavaLanguageVersion.of(11)
+        }
+    }
+
+    tasks.withType(JavaCompile).configureEach {
+        options.encoding = 'UTF-8'
+        options.release = 11
+    }
+
+    tasks.withType(Test).configureEach {
+        useJUnitPlatform()
+    }
+
+    dependencies {
+        testImplementation 'org.junit.jupiter:junit-jupiter:5.10.2'
+        testRuntimeOnly 'org.junit.jupiter:junit-jupiter-engine:5.10.2'
+        testRuntimeOnly 'org.junit.platform:junit-platform-launcher:1.10.2'
+    }
+}

java/cid/README.md

@@ -0,0 +1,15 @@
+# CID (Java)
+
+Minimal CID validator used by Keymaster for DID checks.
+
+## Usage
+
+```java
+import org.keychain.cid.Cid;
+
+boolean ok = Cid.isValid("bafybeigdyrzt5sfp7udm7hu76uh7y26nf3efuylqabf3oclgtqy55fbzdi");
+```
+
+Notes:
+- Supports CIDv0 (base58btc) and CIDv1 (base32 lower-case).
+- Intended for validation only (no full CID object model yet).

java/cid/build.gradle

@@ -0,0 +1,2 @@
+dependencies {
+}

java/cid/src/main/java/org/keychain/cid/Base32Lower.java

@@ -0,0 +1,56 @@
+package org.keychain.cid;
+
+import java.io.ByteArrayOutputStream;
+import java.util.Arrays;
+
+public final class Base32Lower {
+    private static final String ALPHABET = "abcdefghijklmnopqrstuvwxyz234567";
+    private static final int[] INDEXES = new int[128];
+
+    static {
+        Arrays.fill(INDEXES, -1);
+        for (int i = 0; i < ALPHABET.length(); i += 1) {
+            char c = ALPHABET.charAt(i);
+            INDEXES[c] = i;
+            INDEXES[Character.toUpperCase(c)] = i;
+        }
+    }
+
+    private Base32Lower() {
+    }
+
+    public static byte[] decode(String input) {
+        if (input == null || input.isEmpty()) {
+            throw new IllegalArgumentException("input");
+        }
+
+        ByteArrayOutputStream out = new ByteArrayOutputStream();
+        int buffer = 0;
+        int bitsLeft = 0;
+
+        for (int i = 0; i < input.length(); i += 1) {
+            char c = input.charAt(i);
+            if (c == '=') {
+                continue;
+            }
+            if (c >= 128 || INDEXES[c] < 0) {
+                throw new IllegalArgumentException("input");
+            }
+
+            buffer = (buffer << 5) | INDEXES[c];
+            bitsLeft += 5;
+
+            while (bitsLeft >= 8) {
+                bitsLeft -= 8;
+                out.write((buffer >> bitsLeft) & 0xFF);
+                if (bitsLeft > 0) {
+                    buffer &= (1 << bitsLeft) - 1;
+                } else {
+                    buffer = 0;
+                }
+            }
+        }
+
+        return out.toByteArray();
+    }
+}

java/cid/src/main/java/org/keychain/cid/Base58Btc.java

@@ -0,0 +1,68 @@
+package org.keychain.cid;
+
+import java.util.Arrays;
+
+public final class Base58Btc {
+    private static final String ALPHABET = "123456789ABCDEFGHJKLMNPQRSTUVWXYZabcdefghijkmnopqrstuvwxyz";
+    private static final int[] INDEXES = new int[128];
+
+    static {
+        Arrays.fill(INDEXES, -1);
+        for (int i = 0; i < ALPHABET.length(); i += 1) {
+            INDEXES[ALPHABET.charAt(i)] = i;
+        }
+    }
+
+    private Base58Btc() {
+    }
+
+    public static byte[] decode(String input) {
+        if (input == null || input.isEmpty()) {
+            throw new IllegalArgumentException("input");
+        }
+
+        int zeros = 0;
+        while (zeros < input.length() && input.charAt(zeros) == '1') {
+            zeros += 1;
+        }
+
+        byte[] input58 = new byte[input.length()];
+        for (int i = 0; i < input.length(); i += 1) {
+            char c = input.charAt(i);
+            if (c >= 128 || INDEXES[c] < 0) {
+                throw new IllegalArgumentException("input");
+            }
+            input58[i] = (byte) INDEXES[c];
+        }
+
+        byte[] decoded = new byte[input.length()];
+        int outputStart = decoded.length;
+        int inputStart = zeros;
+        while (inputStart < input58.length) {
+            int mod = divmod256(input58, inputStart);
+            if (input58[inputStart] == 0) {
+                inputStart += 1;
+            }
+            decoded[--outputStart] = (byte) mod;
+        }
+
+        while (outputStart < decoded.length && decoded[outputStart] == 0) {
+            outputStart += 1;
+        }
+
+        byte[] output = new byte[zeros + (decoded.length - outputStart)];
+        System.arraycopy(decoded, outputStart, output, zeros, decoded.length - outputStart);
+        return output;
+    }
+
+    private static int divmod256(byte[] number, int startAt) {
+        int remainder = 0;
+        for (int i = startAt; i < number.length; i += 1) {
+            int digit = number[i] & 0xFF;
+            int temp = remainder * 58 + digit;
+            number[i] = (byte) (temp / 256);
+            remainder = temp % 256;
+        }
+        return remainder;
+    }
+}

java/cid/src/main/java/org/keychain/cid/Cid.java

@@ -0,0 +1,64 @@
+package org.keychain.cid;
+
+public final class Cid {
+    private Cid() {
+    }
+
+    public static boolean isValid(String cid) {
+        if (cid == null || cid.isBlank()) {
+            return false;
+        }
+
+        try {
+            if (cid.startsWith("Q")) {
+                return validateV0(cid);
+            }
+            return validateV1(cid);
+        } catch (IllegalArgumentException e) {
+            return false;
+        }
+    }
+
+    private static boolean validateV0(String cid) {
+        byte[] bytes = Base58Btc.decode(cid);
+        if (bytes.length != 34) {
+            return false;
+        }
+        return (bytes[0] == 0x12) && (bytes[1] == 0x20);
+    }
+
+    private static boolean validateV1(String cid) {
+        byte[] bytes = Multibase.decode(cid);
+        if (bytes.length < 4) {
+            return false;
+        }
+
+        Varint.Decoded version = Varint.decodeUnsigned(bytes, 0);
+        if (version.value != 1) {
+            return false;
+        }
+
+        int offset = version.length;
+        Varint.Decoded codec = Varint.decodeUnsigned(bytes, offset);
+        offset += codec.length;
+        if (offset >= bytes.length) {
+            return false;
+        }
+
+        Varint.Decoded multihashCode = Varint.decodeUnsigned(bytes, offset);
+        offset += multihashCode.length;
+        if (offset >= bytes.length) {
+            return false;
+        }
+
+        Varint.Decoded digestLength = Varint.decodeUnsigned(bytes, offset);
+        offset += digestLength.length;
+
+        if (digestLength.value < 0 || digestLength.value > Integer.MAX_VALUE) {
+            return false;
+        }
+
+        int remaining = bytes.length - offset;
+        return remaining == (int) digestLength.value;
+    }
+}

java/cid/src/main/java/org/keychain/cid/Multibase.java

@@ -0,0 +1,24 @@
+package org.keychain.cid;
+
+public final class Multibase {
+    private Multibase() {
+    }
+
+    public static byte[] decode(String value) {
+        if (value == null || value.length() < 2) {
+            throw new IllegalArgumentException("value");
+        }
+
+        char prefix = value.charAt(0);
+        String payload = value.substring(1);
+
+        if (prefix == 'z') {
+            return Base58Btc.decode(payload);
+        }
+        if (prefix == 'b') {
+            return Base32Lower.decode(payload);
+        }
+
+        throw new IllegalArgumentException("value");
+    }
+}