use schema to determine assertion binder and validator

cshamrick · cshamrick · commit d6cbb906c062 · 2025-11-12T09:09:14.000-06:00
Signed-off-by: Scott Hamrick &lt;2623452+cshamrick@users.noreply.github.com&gt;
diff --git a/sdk/src/main/java/io/opentdf/platform/sdk/Config.java b/sdk/src/main/java/io/opentdf/platform/sdk/Config.java
@@ -205,7 +205,7 @@ public static class TDFConfig {
         public boolean hexEncodeRootAndSegmentHashes;
         public boolean renderVersionInfoInManifest;
         public boolean systemMetadataAssertion;
-        public List<AssertionBinder> binders = new ArrayList<>();
+        public Map<String, AssertionBinder> binders = new HashMap<>();
 
         public TDFConfig() {
             this.autoconfigure = true;
@@ -304,8 +304,8 @@ public static Consumer<TDFConfig> withAssertionConfig(io.opentdf.platform.sdk.As
         };
     }
 
-    public static Consumer<TDFConfig> withAssertionBinder(AssertionBinder binder) {
-        return (TDFConfig config) -> config.binders.add(binder);
+    public static Consumer<TDFConfig> withAssertionBinder(String schema, AssertionBinder binder) {
+        return (TDFConfig config) -> config.binders.put(schema, binder);
     }
 
     public static Consumer<TDFConfig> withMetaData(String metaData) {
diff --git a/sdk/src/main/java/io/opentdf/platform/sdk/TDF.java b/sdk/src/main/java/io/opentdf/platform/sdk/TDF.java
@@ -505,6 +505,8 @@ TDFObject createTDF(InputStream payload, OutputStream outputStream, Config.TDFCo
         }
 
         for (var assertionConfig : tdfConfig.assertionConfigList) {
+
+
             var assertion = new Manifest.Assertion();
             assertion.id = assertionConfig.id;
             assertion.type = assertionConfig.type.toString();
@@ -538,22 +540,20 @@ TDFObject createTDF(InputStream payload, OutputStream outputStream, Config.TDFCo
                     assertionHashAsHex,
                     encodedHash);
             try {
-                assertion.sign(hashValues, assertionSigningKey);
+                if (tdfConfig.binders.containsKey(assertionConfig.statement.schema)) {
+                    var binder = tdfConfig.binders.get(assertionConfig.statement.schema);
+                    binder.bind(tdfObject.manifest, completeHash);
+                    signedAssertions.add(assertion);
+                } else {
+                    assertion.sign(hashValues, assertionSigningKey);
+                }
+
             } catch (KeyLengthException e) {
                 throw new SDKException("error signing assertion hash", e);
             }
             signedAssertions.add(assertion);
         }
 
-        for (var binder : tdfConfig.binders) {
-            try {
-                var assertion = binder.bind(tdfObject.manifest, aggregateHash.toByteArray());
-                signedAssertions.add(assertion);
-            } catch (SDK.AssertionException e) {
-                throw new SDKException("error binding assertion", e);
-            }
-        }
-
         tdfObject.manifest.assertions = signedAssertions;
         String manifestAsStr = gson.toJson(tdfObject.manifest);
 
@@ -735,7 +735,7 @@ Reader loadTDF(SeekableByteChannel tdf, Config.TDFReaderConfig tdfReaderConfig)
                 break;
             }
 
-            AssertionValidator validator = tdfReaderConfig.validators.get(assertion.type);
+            AssertionValidator validator = tdfReaderConfig.validators.get(assertion.statement.schema);
 
             if (validator != null) {
                 try {
