github.com/hyperledger/aries-framework-go@v0.3.2/pkg/doc/verifiable/linked_data_proof_test.go (about) 1 /* 2 Copyright SecureKey Technologies Inc. All Rights Reserved. 3 SPDX-License-Identifier: Apache-2.0 4 */ 5 6 package verifiable 7 8 import ( 9 "crypto/ed25519" 10 "crypto/rand" 11 "errors" 12 "testing" 13 "time" 14 15 "github.com/stretchr/testify/require" 16 17 "github.com/hyperledger/aries-framework-go/pkg/doc/jose/jwk/jwksupport" 18 "github.com/hyperledger/aries-framework-go/pkg/doc/signature/jsonld" 19 "github.com/hyperledger/aries-framework-go/pkg/doc/signature/suite" 20 "github.com/hyperledger/aries-framework-go/pkg/doc/signature/suite/ecdsasecp256k1signature2019" 21 "github.com/hyperledger/aries-framework-go/pkg/doc/signature/suite/ed25519signature2018" 22 "github.com/hyperledger/aries-framework-go/pkg/doc/signature/verifier" 23 "github.com/hyperledger/aries-framework-go/pkg/kms" 24 ) 25 26 func Test_keyResolverAdapter_Resolve(t *testing.T) { 27 t.Run("successful public key resolving", func(t *testing.T) { 28 pubKey, _, err := ed25519.GenerateKey(rand.Reader) 29 require.NoError(t, err) 30 kra := &keyResolverAdapter{pubKeyFetcher: SingleKey(pubKey, kms.ED25519)} 31 resolvedPubKey, err := kra.Resolve("did1#key1") 32 require.NoError(t, err) 33 require.Equal(t, []byte(pubKey), resolvedPubKey.Value) 34 }) 35 36 t.Run("error wrong key format", func(t *testing.T) { 37 kra := &keyResolverAdapter{pubKeyFetcher: func(issuerID, keyID string) (*verifier.PublicKey, error) { 38 return nil, nil 39 }} 40 resolvedPubKey, err := kra.Resolve("any") 41 require.Error(t, err) 42 require.EqualError(t, err, "wrong id [any] to resolve") 43 require.Nil(t, resolvedPubKey) 44 }) 45 46 t.Run("error at public key resolving (e.g. not found)", func(t *testing.T) { 47 kra := &keyResolverAdapter{pubKeyFetcher: func(issuerID, keyID string) (*verifier.PublicKey, error) { 48 return nil, errors.New("no key found") 49 }} 50 resolvedPubKey, err := kra.Resolve("did1#key1") 51 require.Error(t, err) 52 require.EqualError(t, err, "no key found") 53 require.Nil(t, resolvedPubKey) 54 }) 55 } 56 57 // This example is generated using https://transmute-industries.github.io/vc-greeting-card 58 func TestLinkedDataProofSignerAndVerifier(t *testing.T) { 59 vcJSON := ` 60 { 61 "@context": [ 62 "https://www.w3.org/2018/credentials/v1", 63 "https://www.w3.org/2018/credentials/examples/v1" 64 ], 65 "id": "https://example.com/credentials/1872", 66 "type": [ 67 "VerifiableCredential", 68 "UniversityDegreeCredential" 69 ], 70 "issuer": "did:key:z6Mkj7of2aaooXhTJvJ5oCL9ZVcAS472ZBuSjYyXDa4bWT32", 71 "issuanceDate": "2020-01-17T15:14:09.724Z", 72 "credentialSubject": { 73 "id": "did:example:ebfeb1f712ebc6f1c276e12ec21", 74 "degree": { 75 "type": "BachelorDegree" 76 }, 77 "name": "Jayden Doe", 78 "spouse": "did:example:c276e12ec21ebfeb1f712ebc6f1" 79 } 80 } 81 ` 82 83 ed25519Signer, err := newCryptoSigner(kms.ED25519Type) 84 require.NoError(t, err) 85 86 vcWithEd25519Proof := prepareVCWithEd25519LDP(t, vcJSON, ed25519Signer) 87 88 vcWithEd25519ProofBytes, err := vcWithEd25519Proof.MarshalJSON() 89 require.NoError(t, err) 90 91 ecdsaSigner, err := newCryptoSigner(kms.ECDSASecp256k1TypeIEEEP1363) 92 require.NoError(t, err) 93 vcWithSecp256k1Proof := prepareVCWithSecp256k1LDP(t, vcJSON, ecdsaSigner) 94 95 vcWithSecp256k1ProofBytes, err := vcWithSecp256k1Proof.MarshalJSON() 96 require.NoError(t, err) 97 require.NotEmpty(t, vcWithSecp256k1ProofBytes) 98 99 t.Run("Single signature suite", func(t *testing.T) { 100 verifierSuite := ed25519signature2018.New( 101 suite.WithVerifier(ed25519signature2018.NewPublicKeyVerifier()), 102 suite.WithCompactProof()) 103 vcDecoded, err := parseTestCredential(t, vcWithEd25519ProofBytes, 104 WithEmbeddedSignatureSuites(verifierSuite), 105 WithPublicKeyFetcher(SingleKey(ed25519Signer.PublicKeyBytes(), kms.ED25519))) 106 require.NoError(t, err) 107 require.Equal(t, vcWithEd25519Proof, vcDecoded) 108 }) 109 110 t.Run("Several signature suites", func(t *testing.T) { 111 verifierSuites := []verifier.SignatureSuite{ 112 ed25519signature2018.New( 113 suite.WithVerifier(ed25519signature2018.NewPublicKeyVerifier()), 114 suite.WithCompactProof()), 115 ecdsasecp256k1signature2019.New( 116 suite.WithVerifier(ecdsasecp256k1signature2019.NewPublicKeyVerifier())), 117 } 118 119 vcDecoded, err := parseTestCredential(t, vcWithEd25519ProofBytes, 120 WithEmbeddedSignatureSuites(verifierSuites...), 121 WithPublicKeyFetcher(SingleKey(ed25519Signer.PublicKeyBytes(), kms.ED25519))) 122 require.NoError(t, err) 123 require.Equal(t, vcWithEd25519Proof, vcDecoded) 124 125 j, err := jwksupport.JWKFromKey(ecdsaSigner.PublicKey()) 126 require.NoError(t, err) 127 128 vcDecoded, err = parseTestCredential(t, vcWithSecp256k1ProofBytes, 129 WithEmbeddedSignatureSuites(verifierSuites...), 130 WithPublicKeyFetcher(func(issuerID, keyID string) (*verifier.PublicKey, error) { 131 return &verifier.PublicKey{ 132 Type: "EcdsaSecp256k1VerificationKey2019", 133 Value: ecdsaSigner.PublicKeyBytes(), 134 JWK: j, 135 }, nil 136 })) 137 require.NoError(t, err) 138 require.Equal(t, vcWithSecp256k1Proof, vcDecoded) 139 }) 140 141 t.Run("no signature suite defined", func(t *testing.T) { 142 vcDecoded, err := parseTestCredential(t, vcWithEd25519ProofBytes, 143 WithPublicKeyFetcher(SingleKey(ed25519Signer.PublicKeyBytes(), kms.ED25519))) 144 require.NoError(t, err) 145 require.NotNil(t, vcDecoded) 146 }) 147 } 148 149 func prepareVCWithEd25519LDP(t *testing.T, vcJSON string, signer Signer) *Credential { 150 vc, err := ParseCredential([]byte(vcJSON), 151 WithJSONLDDocumentLoader(createTestDocumentLoader(t)), 152 WithDisabledProofCheck()) 153 require.NoError(t, err) 154 155 ed25519SignerSuite := ed25519signature2018.New( 156 suite.WithSigner(signer), 157 suite.WithCompactProof()) 158 159 created, err := time.Parse(time.RFC3339, "2018-03-15T00:00:00Z") 160 require.NoError(t, err) 161 162 err = vc.AddLinkedDataProof(&LinkedDataProofContext{ 163 SignatureType: "Ed25519Signature2018", 164 Suite: ed25519SignerSuite, 165 SignatureRepresentation: SignatureJWS, 166 Created: &created, 167 VerificationMethod: "did:example:123456#key1", 168 }, jsonld.WithDocumentLoader(createTestDocumentLoader(t))) 169 require.NoError(t, err) 170 171 require.Len(t, vc.Proofs, 1) 172 173 return vc 174 } 175 176 func prepareVCWithSecp256k1LDP(t *testing.T, vcJSON string, signer Signer) *Credential { 177 vc, err := ParseCredential([]byte(vcJSON), 178 WithJSONLDDocumentLoader(createTestDocumentLoader(t)), 179 WithDisabledProofCheck()) 180 require.NoError(t, err) 181 182 ed25519SignerSuite := ecdsasecp256k1signature2019.New( 183 suite.WithSigner(signer)) 184 185 err = vc.AddLinkedDataProof(&LinkedDataProofContext{ 186 SignatureType: "EcdsaSecp256k1Signature2019", 187 Suite: ed25519SignerSuite, 188 SignatureRepresentation: SignatureJWS, 189 VerificationMethod: "did:example:123456#key1", 190 }, jsonld.WithDocumentLoader(createTestDocumentLoader(t))) 191 require.NoError(t, err) 192 193 require.Len(t, vc.Proofs, 1) 194 195 return vc 196 }