github.com/hyperledger/aries-framework-go@v0.3.2/pkg/doc/verifiable/embedded_proof_test.go (about) 1 /* 2 Copyright SecureKey Technologies Inc. All Rights Reserved. 3 SPDX-License-Identifier: Apache-2.0 4 */ 5 6 package verifiable 7 8 import ( 9 "testing" 10 11 "github.com/stretchr/testify/require" 12 13 "github.com/hyperledger/aries-framework-go/pkg/doc/signature/suite" 14 "github.com/hyperledger/aries-framework-go/pkg/doc/signature/suite/ed25519signature2018" 15 "github.com/hyperledger/aries-framework-go/pkg/doc/signature/verifier" 16 "github.com/hyperledger/aries-framework-go/pkg/kms" 17 ) 18 19 func Test_parseEmbeddedProof(t *testing.T) { 20 t.Run("parse linked data proof with \"Ed25519Signature2018\" proof type", func(t *testing.T) { 21 s, err := getProofType(map[string]interface{}{ 22 "type": ed25519Signature2018, 23 }) 24 require.NoError(t, err) 25 require.Equal(t, ed25519Signature2018, s) 26 27 s, err = getProofType(map[string]interface{}{ 28 "type": jsonWebSignature2020, 29 }) 30 require.NoError(t, err) 31 require.Equal(t, jsonWebSignature2020, s) 32 33 s, err = getProofType(map[string]interface{}{ 34 "type": ecdsaSecp256k1Signature2019, 35 }) 36 require.NoError(t, err) 37 require.Equal(t, ecdsaSecp256k1Signature2019, s) 38 }) 39 40 t.Run("parse embedded proof without \"type\" element", func(t *testing.T) { 41 _, err := getProofType(map[string]interface{}{}) 42 require.Error(t, err) 43 require.EqualError(t, err, "proof type is missing") 44 }) 45 46 t.Run("parse embedded proof with unsupported type", func(t *testing.T) { 47 _, err := getProofType(map[string]interface{}{ 48 "type": "SomethingUnsupported", 49 }) 50 require.Error(t, err) 51 require.EqualError(t, err, "unsupported proof type: SomethingUnsupported") 52 }) 53 } 54 55 func Test_checkEmbeddedProof(t *testing.T) { 56 r := require.New(t) 57 nonJSONBytes := []byte("not JSON") 58 defaultOpts := &embeddedProofCheckOpts{} 59 60 t.Run("Happy path - single proof", func(t *testing.T) { 61 vc, publicKeyFetcher := createVCWithLinkedDataProof(t) 62 vcBytes := vc.byteJSON(t) 63 64 vSuite := ed25519signature2018.New(suite.WithVerifier(ed25519signature2018.NewPublicKeyVerifier())) 65 err := checkEmbeddedProof(vcBytes, &embeddedProofCheckOpts{ 66 publicKeyFetcher: publicKeyFetcher, 67 ldpSuites: []verifier.SignatureSuite{vSuite}, 68 jsonldCredentialOpts: jsonldCredentialOpts{jsonldDocumentLoader: createTestDocumentLoader(t)}, 69 }) 70 71 require.NoError(t, err) 72 }) 73 74 t.Run("Happy path - two proofs", func(t *testing.T) { 75 vc, publicKeyFetcher := createVCWithTwoLinkedDataProofs(t) 76 vcBytes := vc.byteJSON(t) 77 78 vSuite := ed25519signature2018.New(suite.WithVerifier(ed25519signature2018.NewPublicKeyVerifier())) 79 err := checkEmbeddedProof(vcBytes, &embeddedProofCheckOpts{ 80 publicKeyFetcher: publicKeyFetcher, 81 ldpSuites: []verifier.SignatureSuite{vSuite}, 82 jsonldCredentialOpts: jsonldCredentialOpts{jsonldDocumentLoader: createTestDocumentLoader(t)}, 83 }) 84 85 require.NoError(t, err) 86 }) 87 88 t.Run("Does not check the embedded proof if credentialOpts.disabledProofCheck", func(t *testing.T) { 89 err := checkEmbeddedProof(nonJSONBytes, &embeddedProofCheckOpts{disabledProofCheck: true}) 90 r.NoError(err) 91 }) 92 93 t.Run("error on checking non-JSON embedded proof", func(t *testing.T) { 94 err := checkEmbeddedProof(nonJSONBytes, defaultOpts) 95 r.Error(err) 96 r.Contains(err.Error(), "embedded proof is not JSON") 97 }) 98 99 t.Run("check embedded proof without \"proof\" element", func(t *testing.T) { 100 docWithoutProof := `{ 101 "@context": "https://www.w3.org/2018/credentials/v1" 102 }` 103 err := checkEmbeddedProof([]byte(docWithoutProof), defaultOpts) 104 r.NoError(err) 105 }) 106 107 t.Run("error on not map \"proof\" element", func(t *testing.T) { 108 docWithNotMapProof := `{ 109 "@context": "https://www.w3.org/2018/credentials/v1", 110 "proof": "some string proof" 111 }` 112 err := checkEmbeddedProof([]byte(docWithNotMapProof), defaultOpts) 113 r.Error(err) 114 r.EqualError(err, "check embedded proof: invalid proof type") 115 }) 116 117 t.Run("error on not map \"proof\" element", func(t *testing.T) { 118 docWithNotMapProof := `{ 119 "@context": "https://www.w3.org/2018/credentials/v1", 120 "proof": "some string proof" 121 }` 122 err := checkEmbeddedProof([]byte(docWithNotMapProof), defaultOpts) 123 r.Error(err) 124 r.EqualError(err, "check embedded proof: invalid proof type") 125 }) 126 127 t.Run("error on not map \"proof\" element inside proofs array", func(t *testing.T) { 128 docWithNotMapProof := ` 129 { 130 "@context": "https://www.w3.org/2018/credentials/v1", 131 "proof": [ 132 { 133 "created": "2020-04-17T16:54:24+03:00", 134 "proofPurpose": "assertionMethod", 135 "proofValue": "Lxx69YOV08JglTEmAmdVZgsJdBnCw7oWvfGNaTEKdg-_8qMVAKy1u0oTvWZuhAjTbowjuf1oRtu_1N--PA4TBg", 136 "type": "Ed25519Signature2018", 137 "verificationMethod": "did:example:123456#key1" 138 }, 139 "some string proof" 140 ] 141 142 } 143 ` 144 err := checkEmbeddedProof([]byte(docWithNotMapProof), defaultOpts) 145 r.Error(err) 146 r.EqualError(err, "check embedded proof: invalid proof type") 147 }) 148 149 t.Run("error on not supported type of embedded proof", func(t *testing.T) { 150 docWithNotSupportedProof := `{ 151 "@context": "https://www.w3.org/2018/credentials/v1", 152 "proof": { 153 "type": "SomethingUnsupported" 154 } 155 }` 156 err := checkEmbeddedProof([]byte(docWithNotSupportedProof), defaultOpts) 157 r.Error(err) 158 r.EqualError(err, "check embedded proof: unsupported proof type: SomethingUnsupported") 159 }) 160 161 t.Run("error on invalid proof of Linked Data embedded proof", func(t *testing.T) { 162 docWithNotSupportedProof := `{ 163 "@context": "https://www.w3.org/2018/credentials/v1", 164 "proof": { 165 "type": "Ed25519Signature2018", 166 "created": "2020-01-21T12:59:31+02:00", 167 "creator": "John", 168 "proofValue": "invalid value" 169 } 170 }` 171 err := checkEmbeddedProof([]byte(docWithNotSupportedProof), 172 &embeddedProofCheckOpts{publicKeyFetcher: SingleKey([]byte("pub key bytes"), kms.ED25519)}) 173 r.Error(err) 174 r.Contains(err.Error(), "check embedded proof") 175 }) 176 177 t.Run("no public key fetcher defined", func(t *testing.T) { 178 docWithNotSupportedProof := `{ 179 "@context": "https://www.w3.org/2018/credentials/v1", 180 "proof": { 181 "type": "Ed25519Signature2018", 182 "created": "2020-01-21T12:59:31+02:00", 183 "creator": "John", 184 "proofValue": "invalid value" 185 } 186 }` 187 err := checkEmbeddedProof([]byte(docWithNotSupportedProof), defaultOpts) 188 r.Error(err) 189 r.EqualError(err, "public key fetcher is not defined") 190 }) 191 } 192 193 func Test_getSuites(t *testing.T) { 194 createProofOfTypeFunc := func(suiteType string) map[string]interface{} { 195 return map[string]interface{}{ 196 "type": suiteType, 197 } 198 } 199 200 proofs := []map[string]interface{}{ 201 createProofOfTypeFunc(ed25519Signature2018), 202 createProofOfTypeFunc(jsonWebSignature2020), 203 createProofOfTypeFunc(ecdsaSecp256k1Signature2019), 204 createProofOfTypeFunc(bbsBlsSignature2020), 205 } 206 207 suites, err := getSuites(proofs, &embeddedProofCheckOpts{}) 208 require.NoError(t, err) 209 require.Len(t, suites, 4) 210 }