From 33e8a8a82164590c3d953007f9816a7f8bfeb128 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Michael=20Mur=C3=A9?= Date: Thu, 31 Jul 2025 14:43:42 +0200 Subject: [PATCH] Integrate go-varsig and go-did-it - go-varsig provides a varsig V1 implementation - go-did-it provides a complete and extensible DID implementation --- did/README.md | 31 -- did/crypto.go | 231 ----------- did/crypto_test.go | 108 ----- did/did.go | 143 ------- did/did_test.go | 41 -- did/key_spec_test.go | 82 ---- did/testvectors/bls12381.json | 231 ----------- did/testvectors/ed25519-x25519.json | 293 -------------- did/testvectors/nist-curves.json | 371 ------------------ did/testvectors/rsa.json | 106 ----- did/testvectors/secp256k1.json | 257 ------------ did/testvectors/vectors.go | 163 -------- did/testvectors/x25519.json | 80 ---- go.mod | 28 +- go.sum | 53 +-- pkg/args/builder_test.go | 1 + pkg/container/serial_test.go | 14 +- token/delegation/delegation.go | 13 +- token/delegation/delegation_test.go | 23 +- .../delegationtest/data/TokenAliceBob.dagcbor | Bin 333 -> 337 bytes .../delegationtest/data/TokenBobCarol.dagcbor | Bin 333 -> 337 bytes .../delegationtest/data/TokenCarolDan.dagcbor | Bin 333 -> 337 bytes ...kenCarolDan_InvalidExpandedCommand.dagcbor | Bin 325 -> 329 bytes .../data/TokenCarolDan_InvalidExpired.dagcbor | Bin 337 -> 341 bytes .../TokenCarolDan_InvalidInactive.dagcbor | Bin 342 -> 346 bytes .../data/TokenCarolDan_InvalidSubject.dagcbor | Bin 333 -> 337 bytes ...kenCarolDan_ValidAttenuatedCommand.dagcbor | Bin 345 -> 349 bytes .../TokenCarolDan_ValidExamplePolicy.dagcbor | Bin 392 -> 396 bytes .../delegationtest/data/TokenDanErin.dagcbor | Bin 333 -> 337 bytes ...okenDanErin_InvalidExpandedCommand.dagcbor | Bin 325 -> 329 bytes .../data/TokenDanErin_InvalidExpired.dagcbor | Bin 337 -> 341 bytes .../data/TokenDanErin_InvalidInactive.dagcbor | Bin 342 -> 346 bytes .../data/TokenDanErin_InvalidSubject.dagcbor | Bin 333 -> 337 bytes ...okenDanErin_ValidAttenuatedCommand.dagcbor | Bin 345 -> 349 bytes .../TokenDanErin_ValidExamplePolicy.dagcbor | Bin 392 -> 396 bytes .../data/TokenErinFrank.dagcbor | Bin 333 -> 337 bytes ...enErinFrank_InvalidExpandedCommand.dagcbor | Bin 325 -> 329 bytes .../TokenErinFrank_InvalidExpired.dagcbor | Bin 337 -> 341 bytes .../TokenErinFrank_InvalidInactive.dagcbor | Bin 342 -> 346 bytes .../TokenErinFrank_InvalidSubject.dagcbor | Bin 333 -> 337 bytes ...enErinFrank_ValidAttenuatedCommand.dagcbor | Bin 345 -> 349 bytes .../TokenErinFrank_ValidExamplePolicy.dagcbor | Bin 392 -> 396 bytes .../delegationtest/generator/generator.go | 14 +- .../delegationtest/generator/main.go | 2 +- token/delegation/delegationtest/token.go | 1 + token/delegation/delegationtest/token_gen.go | 46 +-- token/delegation/examples_test.go | 56 ++- token/delegation/ipld.go | 33 +- token/delegation/schema.go | 4 +- token/delegation/schema_test.go | 31 +- token/delegation/testdata/new.dagjson | 2 +- token/delegation/testdata/powerline.dagjson | 2 +- token/delegation/testdata/root.dagjson | 2 +- token/interface.go | 18 +- {did => token/internal}/didtest/crypto.go | 53 +-- token/internal/envelope/cid_test.go | 5 +- token/internal/envelope/example_test.go | 67 ++-- token/internal/envelope/ipld.go | 74 ++-- token/internal/envelope/ipld_test.go | 44 +-- .../envelope/testdata/example.dagcbor | 3 +- .../envelope/testdata/example.dagjson | 2 +- token/internal/parse/parse.go | 5 +- token/internal/parse/parse_test.go | 1 + token/internal/varsig/varsig.go | 133 ------- token/internal/varsig/varsig_test.go | 51 --- token/invocation/errors.go | 4 +- token/invocation/examples_test.go | 33 +- token/invocation/invocation.go | 8 +- token/invocation/invocation_test.go | 10 +- token/invocation/ipld.go | 33 +- token/invocation/options.go | 2 +- token/invocation/proof.go | 8 +- token/invocation/schema_test.go | 35 +- token/invocation/testdata/new.dagjson | 2 +- 74 files changed, 317 insertions(+), 2736 deletions(-) delete mode 100644 did/README.md delete mode 100644 did/crypto.go delete mode 100644 did/crypto_test.go delete mode 100644 did/did.go delete mode 100644 did/did_test.go delete mode 100644 did/key_spec_test.go delete mode 100644 did/testvectors/bls12381.json delete mode 100644 did/testvectors/ed25519-x25519.json delete mode 100644 did/testvectors/nist-curves.json delete mode 100644 did/testvectors/rsa.json delete mode 100644 did/testvectors/secp256k1.json delete mode 100644 did/testvectors/vectors.go delete mode 100644 did/testvectors/x25519.json rename {did => token/internal}/didtest/crypto.go (60%) delete mode 100644 token/internal/varsig/varsig.go delete mode 100644 token/internal/varsig/varsig_test.go diff --git a/did/README.md b/did/README.md deleted file mode 100644 index 6a35934..0000000 --- a/did/README.md +++ /dev/null @@ -1,31 +0,0 @@ -## did - -### Testing - -The test suite for this package includes test vectors provided by the -authors of the [`did:key` method specification](https://w3c-ccg.github.io/did-method-key/). -Some of these tests provide the public key associated with a `did:key` -as JWKs and an extra (test-only) dependency has been added to unmarshal -the JWK into a Go `struct`. Support for the `secp256k1` encryption -algorithm is experimental (but stable in my experience) and requires the -addition of the following build tag to properly run: - -``` -// go:build jwx_es256k -``` - -WARNING: These tests will not run by default! - -To include these tests from the CLI, execute the following command: - -``` -go test -v ./did -tags jwx_es256k -``` - -It should also be possible to configure your IDE to run these tests. For -instance, in Codium, add the following JSON snippet to your local project -configuration: - -``` -"go.testTags": "jwx_es256k", -``` \ No newline at end of file diff --git a/did/crypto.go b/did/crypto.go deleted file mode 100644 index d0065a7..0000000 --- a/did/crypto.go +++ /dev/null @@ -1,231 +0,0 @@ -package did - -import ( - "crypto/ecdsa" - "crypto/elliptic" - "crypto/rand" - "crypto/rsa" - "crypto/x509" - "errors" - "fmt" - - "github.com/decred/dcrd/dcrec/secp256k1/v4" - crypto "github.com/libp2p/go-libp2p/core/crypto" - "github.com/libp2p/go-libp2p/core/crypto/pb" - "github.com/multiformats/go-multicodec" - "github.com/multiformats/go-varint" -) - -// GenerateEd25519 generates an Ed25519 private key and the matching DID. -// This is the RECOMMENDED algorithm. -func GenerateEd25519() (crypto.PrivKey, DID, error) { - priv, pub, err := crypto.GenerateEd25519Key(rand.Reader) - if err != nil { - return nil, Undef, nil - } - did, err := FromPubKey(pub) - return priv, did, err -} - -// GenerateRSA generates a RSA private key and the matching DID. -func GenerateRSA() (crypto.PrivKey, DID, error) { - // NIST Special Publication 800-57 Part 1 Revision 5 - // Section 5.6.1.1 (Table 2) - // Paraphrased: 2048-bit RSA keys are secure until 2030 and 3072-bit keys are recommended for longer-term security. - const keyLength = 3072 - - priv, pub, err := crypto.GenerateRSAKeyPair(keyLength, rand.Reader) - if err != nil { - return nil, Undef, nil - } - did, err := FromPubKey(pub) - return priv, did, err -} - -// GenerateEd25519 generates a Secp256k1 private key and the matching DID. -func GenerateSecp256k1() (crypto.PrivKey, DID, error) { - priv, pub, err := crypto.GenerateSecp256k1Key(rand.Reader) - if err != nil { - return nil, Undef, nil - } - did, err := FromPubKey(pub) - return priv, did, err -} - -// GenerateECDSA generates an ECDSA private key and the matching DID -// for the default P256 curve. -func GenerateECDSA() (crypto.PrivKey, DID, error) { - return GenerateECDSAWithCurve(P256) -} - -// GenerateECDSAWithCurve generates an ECDSA private key and matching -// DID for the user-supplied curve -func GenerateECDSAWithCurve(code multicodec.Code) (crypto.PrivKey, DID, error) { - var curve elliptic.Curve - - switch code { - case P256: - curve = elliptic.P256() - case P384: - curve = elliptic.P384() - case P521: - curve = elliptic.P521() - default: - return nil, Undef, errors.New("unsupported ECDSA curve") - } - - priv, pub, err := crypto.GenerateECDSAKeyPairWithCurve(curve, rand.Reader) - if err != nil { - return nil, Undef, err - } - - did, err := FromPubKey(pub) - - return priv, did, err -} - -// FromPrivKey is a convenience function that returns the DID associated -// with the public key associated with the provided private key. -func FromPrivKey(privKey crypto.PrivKey) (DID, error) { - return FromPubKey(privKey.GetPublic()) -} - -// FromPubKey returns a did:key constructed from the provided public key. -func FromPubKey(pubKey crypto.PubKey) (DID, error) { - var code multicodec.Code - - switch pubKey.Type() { - case pb.KeyType_Ed25519: - code = multicodec.Ed25519Pub - case pb.KeyType_RSA: - code = RSA - case pb.KeyType_Secp256k1: - code = Secp256k1 - case pb.KeyType_ECDSA: - var err error - if code, err = codeForCurve(pubKey); err != nil { - return Undef, err - } - default: - return Undef, errors.New("unsupported key type") - } - - if pubKey.Type() == pb.KeyType_ECDSA && code == Secp256k1 { - var err error - - pubKey, err = coerceECDSAToSecp256k1(pubKey) - if err != nil { - return Undef, err - } - } - - var bytes []byte - - switch pubKey.Type() { - case pb.KeyType_ECDSA: - pkix, err := pubKey.Raw() - if err != nil { - return Undef, err - } - - publicKey, err := x509.ParsePKIXPublicKey(pkix) - if err != nil { - return Undef, err - } - - ecdsaPublicKey := publicKey.(*ecdsa.PublicKey) - - bytes = elliptic.MarshalCompressed(ecdsaPublicKey.Curve, ecdsaPublicKey.X, ecdsaPublicKey.Y) - case pb.KeyType_Ed25519, pb.KeyType_Secp256k1: - var err error - - if bytes, err = pubKey.Raw(); err != nil { - return Undef, err - } - case pb.KeyType_RSA: - var err error - - pkix, err := pubKey.Raw() - if err != nil { - return Undef, err - } - - publicKey, err := x509.ParsePKIXPublicKey(pkix) - if err != nil { - return Undef, err - } - - bytes = x509.MarshalPKCS1PublicKey(publicKey.(*rsa.PublicKey)) - } - - return DID{ - code: code, - bytes: string(append(varint.ToUvarint(uint64(code)), bytes...)), - }, nil -} - -// ToPubKey returns the crypto.PubKey encapsulated in the DID formed by -// parsing the provided string. -func ToPubKey(s string) (crypto.PubKey, error) { - id, err := Parse(s) - if err != nil { - return nil, err - } - - return id.PubKey() -} - -func codeForCurve(pubKey crypto.PubKey) (multicodec.Code, error) { - stdPub, err := crypto.PubKeyToStdKey(pubKey) - if err != nil { - return multicodec.Identity, err - } - - ecdsaPub, ok := stdPub.(*ecdsa.PublicKey) - if !ok { - return multicodec.Identity, errors.New("failed to assert type for code to curve") - } - - switch ecdsaPub.Curve { - case elliptic.P256(): - return P256, nil - case elliptic.P384(): - return P384, nil - case elliptic.P521(): - return P521, nil - case secp256k1.S256(): - return Secp256k1, nil - default: - return multicodec.Identity, fmt.Errorf("unsupported ECDSA curve: %s", ecdsaPub.Curve.Params().Name) - } -} - -// secp256k1.S256 is a valid ECDSA curve, but the go-libp2p/core/crypto -// package treats it as a different type and has a different format for -// the raw bytes of the public key. -// -// If a valid ECDSA public key was created using the secp256k1.S256 curve, -// this function will "convert" it from a crypto.ECDSAPubKey to a -// crypto.Secp256k1PublicKey. -func coerceECDSAToSecp256k1(pubKey crypto.PubKey) (crypto.PubKey, error) { - stdPub, err := crypto.PubKeyToStdKey(pubKey) - if err != nil { - return nil, err - } - - ecdsaPub, ok := stdPub.(*ecdsa.PublicKey) - if !ok { - return nil, errors.New("failed to assert type for secp256k1 coersion") - } - - ecdsaPubBytes := append([]byte{0x04}, append(ecdsaPub.X.Bytes(), ecdsaPub.Y.Bytes()...)...) - - secp256k1Pub, err := secp256k1.ParsePubKey(ecdsaPubBytes) - if err != nil { - return nil, err - } - - cryptoPub := crypto.Secp256k1PublicKey(*secp256k1Pub) - - return &cryptoPub, nil -} diff --git a/did/crypto_test.go b/did/crypto_test.go deleted file mode 100644 index c60f21b..0000000 --- a/did/crypto_test.go +++ /dev/null @@ -1,108 +0,0 @@ -package did_test - -import ( - "crypto/elliptic" - "crypto/rand" - "testing" - - "github.com/decred/dcrd/dcrec/secp256k1/v4" - "github.com/libp2p/go-libp2p/core/crypto" - "github.com/libp2p/go-libp2p/core/crypto/pb" - "github.com/multiformats/go-multicodec" - "github.com/stretchr/testify/assert" - "github.com/stretchr/testify/require" - - "github.com/ucan-wg/go-ucan/did" -) - -const ( - exampleDIDStr = "did:key:z6MkhaXgBZDvotDkL5257faiztiGiC2QtKLGpbnnEGta2doK" - examplePubKeyStr = "Lm/M42cB3HkUiODQsXRcweM6TByfzEHGO9ND274JcOY=" -) - -func TestFromPubKey(t *testing.T) { - t.Parallel() - - _, ecdsaP256, err := crypto.GenerateECDSAKeyPairWithCurve(elliptic.P256(), rand.Reader) - require.NoError(t, err) - _, ecdsaP384, err := crypto.GenerateECDSAKeyPairWithCurve(elliptic.P384(), rand.Reader) - require.NoError(t, err) - _, ecdsaP521, err := crypto.GenerateECDSAKeyPairWithCurve(elliptic.P521(), rand.Reader) - require.NoError(t, err) - _, ecdsaSecp256k1, err := crypto.GenerateECDSAKeyPairWithCurve(secp256k1.S256(), rand.Reader) - require.NoError(t, err) - _, ed25519, err := crypto.GenerateEd25519Key(rand.Reader) - require.NoError(t, err) - _, rsa, err := crypto.GenerateRSAKeyPair(2048, rand.Reader) - require.NoError(t, err) - _, secp256k1PubKey1, err := crypto.GenerateSecp256k1Key(rand.Reader) - require.NoError(t, err) - - test := func(pub crypto.PubKey, code multicodec.Code) func(t *testing.T) { - t.Helper() - - return func(t *testing.T) { - t.Parallel() - - id, err := did.FromPubKey(pub) - require.NoError(t, err) - p, err := id.PubKey() - require.NoError(t, err) - assert.Equal(t, pub, p) - } - } - - t.Run("ECDSA with P256 curve", test(ecdsaP256, did.P256)) - t.Run("ECDSA with P384 curve", test(ecdsaP384, did.P384)) - t.Run("ECDSA with P521 curve", test(ecdsaP521, did.P521)) - t.Run("Ed25519", test(ed25519, did.Ed25519)) - t.Run("RSA", test(rsa, did.RSA)) - t.Run("secp256k1", test(secp256k1PubKey1, did.Secp256k1)) - - t.Run("ECDSA with secp256k1 curve (coerced)", func(t *testing.T) { - t.Parallel() - - id, err := did.FromPubKey(ecdsaSecp256k1) - require.NoError(t, err) - p, err := id.PubKey() - require.NoError(t, err) - require.Equal(t, pb.KeyType_Secp256k1, p.Type()) - }) - - t.Run("unmarshaled example key (secp256k1)", func(t *testing.T) { - t.Parallel() - - id, err := did.FromPubKey(examplePubKey(t)) - require.NoError(t, err) - require.Equal(t, exampleDID(t), id) - }) -} - -func TestToPubKey(t *testing.T) { - t.Parallel() - - pubKey, err := did.ToPubKey(exampleDIDStr) - require.NoError(t, err) - require.Equal(t, examplePubKey(t), pubKey) -} - -func exampleDID(t *testing.T) did.DID { - t.Helper() - - id, err := did.Parse(exampleDIDStr) - require.NoError(t, err) - - return id -} - -func examplePubKey(t *testing.T) crypto.PubKey { - t.Helper() - - pubKeyCfg, err := crypto.ConfigDecodeKey(examplePubKeyStr) - require.NoError(t, err) - - pubKey, err := crypto.UnmarshalEd25519PublicKey(pubKeyCfg) - require.NoError(t, err) - - return pubKey -} diff --git a/did/did.go b/did/did.go deleted file mode 100644 index 2d77684..0000000 --- a/did/did.go +++ /dev/null @@ -1,143 +0,0 @@ -package did - -import ( - "crypto/ecdsa" - "crypto/elliptic" - "crypto/x509" - "fmt" - "strings" - - crypto "github.com/libp2p/go-libp2p/core/crypto" - mbase "github.com/multiformats/go-multibase" - "github.com/multiformats/go-multicodec" - varint "github.com/multiformats/go-varint" -) - -// Signature algorithms from the [did:key specification] -// -// [did:key specification]: https://w3c-ccg.github.io/did-method-key/#signature-method-creation-algorithm -const ( - X25519 = multicodec.X25519Pub - Ed25519 = multicodec.Ed25519Pub // UCAN required/recommended - P256 = multicodec.P256Pub // UCAN required - P384 = multicodec.P384Pub - P521 = multicodec.P521Pub - Secp256k1 = multicodec.Secp256k1Pub // UCAN required - RSA = multicodec.RsaPub -) - -// Undef can be used to represent a nil or undefined DID, using DID{} -// directly is also acceptable. -var Undef = DID{} - -// DID is a Decentralized Identifier of the did:key type, directly holding a cryptographic public key. -// [did:key format]: https://w3c-ccg.github.io/did-method-key/ -type DID struct { - code multicodec.Code - bytes string // as string instead of []byte to allow the == operator -} - -// Parse returns the DID from the string representation or an error if -// the prefix and method are incorrect, if an unknown encryption algorithm -// is specified or if the method-specific-identifier's bytes don't -// represent a public key for the specified encryption algorithm. -func Parse(str string) (DID, error) { - const keyPrefix = "did:key:" - - if !strings.HasPrefix(str, keyPrefix) { - return Undef, fmt.Errorf("must start with 'did:key'") - } - - baseCodec, bytes, err := mbase.Decode(str[len(keyPrefix):]) - if err != nil { - return Undef, err - } - if baseCodec != mbase.Base58BTC { - return Undef, fmt.Errorf("not Base58BTC encoded") - } - code, _, err := varint.FromUvarint(bytes) - if err != nil { - return Undef, err - } - switch multicodec.Code(code) { - case Ed25519, P256, Secp256k1, RSA: - return DID{bytes: string(bytes), code: multicodec.Code(code)}, nil - default: - return Undef, fmt.Errorf("unsupported did:key multicodec: 0x%x", code) - } -} - -// MustParse is like Parse but panics instead of returning an error. -func MustParse(str string) DID { - did, err := Parse(str) - if err != nil { - panic(err) - } - return did -} - -// Defined tells if the DID is defined, not equal to Undef. -func (d DID) Defined() bool { - return d.code != 0 || len(d.bytes) > 0 -} - -// PubKey returns the public key encapsulated by the did:key. -func (d DID) PubKey() (crypto.PubKey, error) { - unmarshaler, ok := map[multicodec.Code]crypto.PubKeyUnmarshaller{ - X25519: crypto.UnmarshalEd25519PublicKey, - Ed25519: crypto.UnmarshalEd25519PublicKey, - P256: ecdsaPubKeyUnmarshaler(elliptic.P256()), - P384: ecdsaPubKeyUnmarshaler(elliptic.P384()), - P521: ecdsaPubKeyUnmarshaler(elliptic.P521()), - Secp256k1: crypto.UnmarshalSecp256k1PublicKey, - RSA: rsaPubKeyUnmarshaller, - }[d.code] - if !ok { - return nil, fmt.Errorf("unsupported multicodec: %d", d.code) - } - - codeSize := varint.UvarintSize(uint64(d.code)) - return unmarshaler([]byte(d.bytes)[codeSize:]) -} - -// String formats the decentralized identity document (DID) as a string. -func (d DID) String() string { - if d == Undef { - return "(undefined)" - } - key, _ := mbase.Encode(mbase.Base58BTC, []byte(d.bytes)) - return "did:key:" + key -} - -func ecdsaPubKeyUnmarshaler(curve elliptic.Curve) crypto.PubKeyUnmarshaller { - return func(data []byte) (crypto.PubKey, error) { - x, y := elliptic.UnmarshalCompressed(curve, data) - - ecdsaPublicKey := &ecdsa.PublicKey{ - Curve: curve, - X: x, - Y: y, - } - - pkix, err := x509.MarshalPKIXPublicKey(ecdsaPublicKey) - if err != nil { - return nil, err - } - - return crypto.UnmarshalECDSAPublicKey(pkix) - } -} - -func rsaPubKeyUnmarshaller(data []byte) (crypto.PubKey, error) { - rsaPublicKey, err := x509.ParsePKCS1PublicKey(data) - if err != nil { - return nil, err - } - - pkix, err := x509.MarshalPKIXPublicKey(rsaPublicKey) - if err != nil { - return nil, err - } - - return crypto.UnmarshalRsaPublicKey(pkix) -} diff --git a/did/did_test.go b/did/did_test.go deleted file mode 100644 index 47585af..0000000 --- a/did/did_test.go +++ /dev/null @@ -1,41 +0,0 @@ -package did - -import ( - "testing" - - "github.com/stretchr/testify/require" -) - -func TestParseDIDKey(t *testing.T) { - str := "did:key:z6Mkod5Jr3yd5SC7UDueqK4dAAw5xYJYjksy722tA9Boxc4z" - d, err := Parse(str) - require.NoError(t, err) - require.Equal(t, str, d.String()) -} - -func TestMustParseDIDKey(t *testing.T) { - str := "did:key:z6Mkod5Jr3yd5SC7UDueqK4dAAw5xYJYjksy722tA9Boxc4z" - require.NotPanics(t, func() { - d := MustParse(str) - require.Equal(t, str, d.String()) - }) - str = "did:key:z7Mkod5Jr3yd5SC7UDueqK4dAAw5xYJYjksy722tA9Boxc4z" - require.Panics(t, func() { - MustParse(str) - }) -} - -func TestEquivalence(t *testing.T) { - undef0 := DID{} - undef1 := Undef - - did0, err := Parse("did:key:z6Mkod5Jr3yd5SC7UDueqK4dAAw5xYJYjksy722tA9Boxc4z") - require.NoError(t, err) - did1, err := Parse("did:key:z6Mkod5Jr3yd5SC7UDueqK4dAAw5xYJYjksy722tA9Boxc4z") - require.NoError(t, err) - - require.True(t, undef0 == undef1) - require.False(t, undef0 == did0) - require.True(t, did0 == did1) - require.False(t, undef1 == did1) -} diff --git a/did/key_spec_test.go b/did/key_spec_test.go deleted file mode 100644 index 51b8f76..0000000 --- a/did/key_spec_test.go +++ /dev/null @@ -1,82 +0,0 @@ -//go:build jwx_es256k - -package did_test - -import ( - "encoding/json" - "os" - "path/filepath" - "testing" - - "github.com/libp2p/go-libp2p/core/crypto" - "github.com/stretchr/testify/assert" - "github.com/stretchr/testify/require" - - "github.com/ucan-wg/go-ucan/did" - "github.com/ucan-wg/go-ucan/did/testvectors" -) - -// TestDidKeyVectors executes tests read from the [test vector files] provided -// as part of the DID Key method's [specification]. -// -// [test vector files]: https://github.com/w3c-ccg/did-method-key/tree/main/test-vectors -// [specification]: https://w3c-ccg.github.io/did-method-key -func TestDidKeyVectors(t *testing.T) { - t.Parallel() - - for _, f := range []string{ - // TODO: These test vectors are not supported by go-libp2p/core/crypto - // "bls12381.json", - "ed25519-x25519.json", - "nist-curves.json", - "rsa.json", - "secp256k1.json", - // This test vector only contains a DID Document - // "x25519.json", - } { - vectors := loadTestVectors(t, f) - - t.Run(f, func(t *testing.T) { - t.Parallel() - - for k, vector := range vectors { - t.Run(k, func(t *testing.T) { - // round-trip pubkey-->did-->pubkey, verified against the test vectors. - - exp := vectorPubKey(t, vector) - - id, err := did.FromPubKey(exp) - require.NoError(t, err, f, k) - act, err := id.PubKey() - require.NoError(t, err) - - assert.Equal(t, k, id.String(), f, k) - assert.Equal(t, exp, act) - }) - } - }) - } -} - -func loadTestVectors(t *testing.T, filename string) testvectors.Vectors { - t.Helper() - - data, err := os.ReadFile(filepath.Join("testvectors", filename)) - require.NoError(t, err) - - var vs testvectors.Vectors - - require.NoError(t, json.Unmarshal(data, &vs)) - - return vs -} - -func vectorPubKey(t *testing.T, v testvectors.Vector) crypto.PubKey { - t.Helper() - - pubKey, err := v.PubKey() - require.NoError(t, err) - require.NotZero(t, pubKey) - - return pubKey -} diff --git a/did/testvectors/bls12381.json b/did/testvectors/bls12381.json deleted file mode 100644 index 1731da6..0000000 --- a/did/testvectors/bls12381.json +++ /dev/null @@ -1,231 +0,0 @@ -{ - "did:key:zUC7K4ndUaGZgV7Cp2yJy6JtMoUHY6u7tkcSYUvPrEidqBmLCTLmi6d5WvwnUqejscAkERJ3bfjEiSYtdPkRSE8kSa11hFBr4sTgnbZ95SJj19PN2jdvJjyzpSZgxkyyxNnBNnY": { - "verificationKeyPair": { - "id": "#zUC7K4ndUaGZgV7Cp2yJy6JtMoUHY6u7tkcSYUvPrEidqBmLCTLmi6d5WvwnUqejscAkERJ3bfjEiSYtdPkRSE8kSa11hFBr4sTgnbZ95SJj19PN2jdvJjyzpSZgxkyyxNnBNnY", - "type": "Bls12381G2Key2020", - "controller": "did:key:zUC7K4ndUaGZgV7Cp2yJy6JtMoUHY6u7tkcSYUvPrEidqBmLCTLmi6d5WvwnUqejscAkERJ3bfjEiSYtdPkRSE8kSa11hFBr4sTgnbZ95SJj19PN2jdvJjyzpSZgxkyyxNnBNnY", - "publicKeyBase58": "25EEkQtcLKsEzQ6JTo9cg4W7NHpaurn4Wg6LaNPFq6JQXnrP91SDviUz7KrJVMJd76CtAZFsRLYzvgX2JGxo2ccUHtuHk7ELCWwrkBDfrXCFVfqJKDootee9iVaF6NpdJtBE", - "privateKeyBase58": "8TXrPTbhefHvcz2vkGsDLBZT2UMeemveLKbdh5JZCvvn" - }, - "didDocument": { - "@context": [ - "https://www.w3.org/ns/did/v1", - "https://w3id.org/security/suites/bls12381-2020/v1" - ], - "id": "did:key:zUC7K4ndUaGZgV7Cp2yJy6JtMoUHY6u7tkcSYUvPrEidqBmLCTLmi6d5WvwnUqejscAkERJ3bfjEiSYtdPkRSE8kSa11hFBr4sTgnbZ95SJj19PN2jdvJjyzpSZgxkyyxNnBNnY", - "verificationMethod": [ - { - "id": "did:key:zUC7K4ndUaGZgV7Cp2yJy6JtMoUHY6u7tkcSYUvPrEidqBmLCTLmi6d5WvwnUqejscAkERJ3bfjEiSYtdPkRSE8kSa11hFBr4sTgnbZ95SJj19PN2jdvJjyzpSZgxkyyxNnBNnY#zUC7K4ndUaGZgV7Cp2yJy6JtMoUHY6u7tkcSYUvPrEidqBmLCTLmi6d5WvwnUqejscAkERJ3bfjEiSYtdPkRSE8kSa11hFBr4sTgnbZ95SJj19PN2jdvJjyzpSZgxkyyxNnBNnY", - "type": "Bls12381G2Key2020", - "controller": "did:key:zUC7K4ndUaGZgV7Cp2yJy6JtMoUHY6u7tkcSYUvPrEidqBmLCTLmi6d5WvwnUqejscAkERJ3bfjEiSYtdPkRSE8kSa11hFBr4sTgnbZ95SJj19PN2jdvJjyzpSZgxkyyxNnBNnY", - "publicKeyBase58": "25EEkQtcLKsEzQ6JTo9cg4W7NHpaurn4Wg6LaNPFq6JQXnrP91SDviUz7KrJVMJd76CtAZFsRLYzvgX2JGxo2ccUHtuHk7ELCWwrkBDfrXCFVfqJKDootee9iVaF6NpdJtBE" - } - ], - "assertionMethod": [ - "did:key:zUC7K4ndUaGZgV7Cp2yJy6JtMoUHY6u7tkcSYUvPrEidqBmLCTLmi6d5WvwnUqejscAkERJ3bfjEiSYtdPkRSE8kSa11hFBr4sTgnbZ95SJj19PN2jdvJjyzpSZgxkyyxNnBNnY#zUC7K4ndUaGZgV7Cp2yJy6JtMoUHY6u7tkcSYUvPrEidqBmLCTLmi6d5WvwnUqejscAkERJ3bfjEiSYtdPkRSE8kSa11hFBr4sTgnbZ95SJj19PN2jdvJjyzpSZgxkyyxNnBNnY" - ], - "authentication": [ - "did:key:zUC7K4ndUaGZgV7Cp2yJy6JtMoUHY6u7tkcSYUvPrEidqBmLCTLmi6d5WvwnUqejscAkERJ3bfjEiSYtdPkRSE8kSa11hFBr4sTgnbZ95SJj19PN2jdvJjyzpSZgxkyyxNnBNnY#zUC7K4ndUaGZgV7Cp2yJy6JtMoUHY6u7tkcSYUvPrEidqBmLCTLmi6d5WvwnUqejscAkERJ3bfjEiSYtdPkRSE8kSa11hFBr4sTgnbZ95SJj19PN2jdvJjyzpSZgxkyyxNnBNnY" - ], - "capabilityInvocation": [ - "did:key:zUC7K4ndUaGZgV7Cp2yJy6JtMoUHY6u7tkcSYUvPrEidqBmLCTLmi6d5WvwnUqejscAkERJ3bfjEiSYtdPkRSE8kSa11hFBr4sTgnbZ95SJj19PN2jdvJjyzpSZgxkyyxNnBNnY#zUC7K4ndUaGZgV7Cp2yJy6JtMoUHY6u7tkcSYUvPrEidqBmLCTLmi6d5WvwnUqejscAkERJ3bfjEiSYtdPkRSE8kSa11hFBr4sTgnbZ95SJj19PN2jdvJjyzpSZgxkyyxNnBNnY" - ], - "capabilityDelegation": [ - "did:key:zUC7K4ndUaGZgV7Cp2yJy6JtMoUHY6u7tkcSYUvPrEidqBmLCTLmi6d5WvwnUqejscAkERJ3bfjEiSYtdPkRSE8kSa11hFBr4sTgnbZ95SJj19PN2jdvJjyzpSZgxkyyxNnBNnY#zUC7K4ndUaGZgV7Cp2yJy6JtMoUHY6u7tkcSYUvPrEidqBmLCTLmi6d5WvwnUqejscAkERJ3bfjEiSYtdPkRSE8kSa11hFBr4sTgnbZ95SJj19PN2jdvJjyzpSZgxkyyxNnBNnY" - ] - } - }, - "did:key:zUC77uxiMKceQoxciSy1xgk3nvP8c8NZXDnaY1xsXZaU5UmsZdnwStUke8Ca8zAdPX3MQTHEMhDTCgfdGU7UrY4RRdVhqZp8FaAaoaXFEVp2ZAM7oj3P45BuTCfc3t9FEGBAEQY": { - "verificationKeyPair": { - "id": "#zUC77uxiMKceQoxciSy1xgk3nvP8c8NZXDnaY1xsXZaU5UmsZdnwStUke8Ca8zAdPX3MQTHEMhDTCgfdGU7UrY4RRdVhqZp8FaAaoaXFEVp2ZAM7oj3P45BuTCfc3t9FEGBAEQY", - "type": "Bls12381G2Key2020", - "controller": "did:key:zUC77uxiMKceQoxciSy1xgk3nvP8c8NZXDnaY1xsXZaU5UmsZdnwStUke8Ca8zAdPX3MQTHEMhDTCgfdGU7UrY4RRdVhqZp8FaAaoaXFEVp2ZAM7oj3P45BuTCfc3t9FEGBAEQY", - "publicKeyBase58": "t5QqHdxR4C6QJWJAnk3qVd2DMr4MVFEefdP43i7fLbR5A2qJkE5bqgEtyzpNsDViGEsMKHMdpo7fKbPMhGihbfxz3Dv2Hw36XvprLHBA5DDFSphmy91oHQFdahQMei2HjoE", - "privateKeyBase58": "URWBZN9g2ZfKVdAz1L8pvVwEBqCbGBozt4p8Cootb35" - }, - "didDocument": { - "@context": [ - "https://www.w3.org/ns/did/v1", - "https://w3id.org/security/suites/bls12381-2020/v1" - ], - "id": "did:key:zUC77uxiMKceQoxciSy1xgk3nvP8c8NZXDnaY1xsXZaU5UmsZdnwStUke8Ca8zAdPX3MQTHEMhDTCgfdGU7UrY4RRdVhqZp8FaAaoaXFEVp2ZAM7oj3P45BuTCfc3t9FEGBAEQY", - "verificationMethod": [ - { - "id": "did:key:zUC77uxiMKceQoxciSy1xgk3nvP8c8NZXDnaY1xsXZaU5UmsZdnwStUke8Ca8zAdPX3MQTHEMhDTCgfdGU7UrY4RRdVhqZp8FaAaoaXFEVp2ZAM7oj3P45BuTCfc3t9FEGBAEQY#zUC77uxiMKceQoxciSy1xgk3nvP8c8NZXDnaY1xsXZaU5UmsZdnwStUke8Ca8zAdPX3MQTHEMhDTCgfdGU7UrY4RRdVhqZp8FaAaoaXFEVp2ZAM7oj3P45BuTCfc3t9FEGBAEQY", - "type": "Bls12381G2Key2020", - "controller": "did:key:zUC77uxiMKceQoxciSy1xgk3nvP8c8NZXDnaY1xsXZaU5UmsZdnwStUke8Ca8zAdPX3MQTHEMhDTCgfdGU7UrY4RRdVhqZp8FaAaoaXFEVp2ZAM7oj3P45BuTCfc3t9FEGBAEQY", - "publicKeyBase58": "t5QqHdxR4C6QJWJAnk3qVd2DMr4MVFEefdP43i7fLbR5A2qJkE5bqgEtyzpNsDViGEsMKHMdpo7fKbPMhGihbfxz3Dv2Hw36XvprLHBA5DDFSphmy91oHQFdahQMei2HjoE" - } - ], - "assertionMethod": [ - "did:key:zUC77uxiMKceQoxciSy1xgk3nvP8c8NZXDnaY1xsXZaU5UmsZdnwStUke8Ca8zAdPX3MQTHEMhDTCgfdGU7UrY4RRdVhqZp8FaAaoaXFEVp2ZAM7oj3P45BuTCfc3t9FEGBAEQY#zUC77uxiMKceQoxciSy1xgk3nvP8c8NZXDnaY1xsXZaU5UmsZdnwStUke8Ca8zAdPX3MQTHEMhDTCgfdGU7UrY4RRdVhqZp8FaAaoaXFEVp2ZAM7oj3P45BuTCfc3t9FEGBAEQY" - ], - "authentication": [ - "did:key:zUC77uxiMKceQoxciSy1xgk3nvP8c8NZXDnaY1xsXZaU5UmsZdnwStUke8Ca8zAdPX3MQTHEMhDTCgfdGU7UrY4RRdVhqZp8FaAaoaXFEVp2ZAM7oj3P45BuTCfc3t9FEGBAEQY#zUC77uxiMKceQoxciSy1xgk3nvP8c8NZXDnaY1xsXZaU5UmsZdnwStUke8Ca8zAdPX3MQTHEMhDTCgfdGU7UrY4RRdVhqZp8FaAaoaXFEVp2ZAM7oj3P45BuTCfc3t9FEGBAEQY" - ], - "capabilityInvocation": [ - "did:key:zUC77uxiMKceQoxciSy1xgk3nvP8c8NZXDnaY1xsXZaU5UmsZdnwStUke8Ca8zAdPX3MQTHEMhDTCgfdGU7UrY4RRdVhqZp8FaAaoaXFEVp2ZAM7oj3P45BuTCfc3t9FEGBAEQY#zUC77uxiMKceQoxciSy1xgk3nvP8c8NZXDnaY1xsXZaU5UmsZdnwStUke8Ca8zAdPX3MQTHEMhDTCgfdGU7UrY4RRdVhqZp8FaAaoaXFEVp2ZAM7oj3P45BuTCfc3t9FEGBAEQY" - ], - "capabilityDelegation": [ - "did:key:zUC77uxiMKceQoxciSy1xgk3nvP8c8NZXDnaY1xsXZaU5UmsZdnwStUke8Ca8zAdPX3MQTHEMhDTCgfdGU7UrY4RRdVhqZp8FaAaoaXFEVp2ZAM7oj3P45BuTCfc3t9FEGBAEQY#zUC77uxiMKceQoxciSy1xgk3nvP8c8NZXDnaY1xsXZaU5UmsZdnwStUke8Ca8zAdPX3MQTHEMhDTCgfdGU7UrY4RRdVhqZp8FaAaoaXFEVp2ZAM7oj3P45BuTCfc3t9FEGBAEQY" - ] - } - }, - "did:key:zUC7KKoJk5ttwuuc8pmQDiUmtckEPTwcaFVZe4DSFV7fURuoRnD17D3xkBK3A9tZqdADkTTMKSwNkhjo9Hs6HfgNUXo48TNRaxU6XPLSPdRgMc15jCD5DfN34ixjoVemY62JxnW": { - "verificationKeyPair": { - "id": "#zUC7KKoJk5ttwuuc8pmQDiUmtckEPTwcaFVZe4DSFV7fURuoRnD17D3xkBK3A9tZqdADkTTMKSwNkhjo9Hs6HfgNUXo48TNRaxU6XPLSPdRgMc15jCD5DfN34ixjoVemY62JxnW", - "type": "Bls12381G2Key2020", - "controller": "did:key:zUC7KKoJk5ttwuuc8pmQDiUmtckEPTwcaFVZe4DSFV7fURuoRnD17D3xkBK3A9tZqdADkTTMKSwNkhjo9Hs6HfgNUXo48TNRaxU6XPLSPdRgMc15jCD5DfN34ixjoVemY62JxnW", - "publicKeyBase58": "25VFRgQEfbJ3Pit6Z3mnZbKPK9BdQYGwdmfdcmderjYZ12BFNQYeowjMN1AYKKKcacF3UH35ZNpBqCR8y8QLeeaGLL7UKdKLcFje3VQnosesDNHsU8jBvtvYmLJusxXsSUBC", - "privateKeyBase58": "48FTGTBBhezV7Ldk5g392NSxP2hwgEgWiSZQkMoNri7E" - }, - "didDocument": { - "@context": [ - "https://www.w3.org/ns/did/v1", - "https://w3id.org/security/suites/bls12381-2020/v1" - ], - "id": "did:key:zUC7KKoJk5ttwuuc8pmQDiUmtckEPTwcaFVZe4DSFV7fURuoRnD17D3xkBK3A9tZqdADkTTMKSwNkhjo9Hs6HfgNUXo48TNRaxU6XPLSPdRgMc15jCD5DfN34ixjoVemY62JxnW", - "verificationMethod": [ - { - "id": "did:key:zUC7KKoJk5ttwuuc8pmQDiUmtckEPTwcaFVZe4DSFV7fURuoRnD17D3xkBK3A9tZqdADkTTMKSwNkhjo9Hs6HfgNUXo48TNRaxU6XPLSPdRgMc15jCD5DfN34ixjoVemY62JxnW#zUC7KKoJk5ttwuuc8pmQDiUmtckEPTwcaFVZe4DSFV7fURuoRnD17D3xkBK3A9tZqdADkTTMKSwNkhjo9Hs6HfgNUXo48TNRaxU6XPLSPdRgMc15jCD5DfN34ixjoVemY62JxnW", - "type": "Bls12381G2Key2020", - "controller": "did:key:zUC7KKoJk5ttwuuc8pmQDiUmtckEPTwcaFVZe4DSFV7fURuoRnD17D3xkBK3A9tZqdADkTTMKSwNkhjo9Hs6HfgNUXo48TNRaxU6XPLSPdRgMc15jCD5DfN34ixjoVemY62JxnW", - "publicKeyBase58": "25VFRgQEfbJ3Pit6Z3mnZbKPK9BdQYGwdmfdcmderjYZ12BFNQYeowjMN1AYKKKcacF3UH35ZNpBqCR8y8QLeeaGLL7UKdKLcFje3VQnosesDNHsU8jBvtvYmLJusxXsSUBC" - } - ], - "assertionMethod": [ - "did:key:zUC7KKoJk5ttwuuc8pmQDiUmtckEPTwcaFVZe4DSFV7fURuoRnD17D3xkBK3A9tZqdADkTTMKSwNkhjo9Hs6HfgNUXo48TNRaxU6XPLSPdRgMc15jCD5DfN34ixjoVemY62JxnW#zUC7KKoJk5ttwuuc8pmQDiUmtckEPTwcaFVZe4DSFV7fURuoRnD17D3xkBK3A9tZqdADkTTMKSwNkhjo9Hs6HfgNUXo48TNRaxU6XPLSPdRgMc15jCD5DfN34ixjoVemY62JxnW" - ], - "authentication": [ - "did:key:zUC7KKoJk5ttwuuc8pmQDiUmtckEPTwcaFVZe4DSFV7fURuoRnD17D3xkBK3A9tZqdADkTTMKSwNkhjo9Hs6HfgNUXo48TNRaxU6XPLSPdRgMc15jCD5DfN34ixjoVemY62JxnW#zUC7KKoJk5ttwuuc8pmQDiUmtckEPTwcaFVZe4DSFV7fURuoRnD17D3xkBK3A9tZqdADkTTMKSwNkhjo9Hs6HfgNUXo48TNRaxU6XPLSPdRgMc15jCD5DfN34ixjoVemY62JxnW" - ], - "capabilityInvocation": [ - "did:key:zUC7KKoJk5ttwuuc8pmQDiUmtckEPTwcaFVZe4DSFV7fURuoRnD17D3xkBK3A9tZqdADkTTMKSwNkhjo9Hs6HfgNUXo48TNRaxU6XPLSPdRgMc15jCD5DfN34ixjoVemY62JxnW#zUC7KKoJk5ttwuuc8pmQDiUmtckEPTwcaFVZe4DSFV7fURuoRnD17D3xkBK3A9tZqdADkTTMKSwNkhjo9Hs6HfgNUXo48TNRaxU6XPLSPdRgMc15jCD5DfN34ixjoVemY62JxnW" - ], - "capabilityDelegation": [ - "did:key:zUC7KKoJk5ttwuuc8pmQDiUmtckEPTwcaFVZe4DSFV7fURuoRnD17D3xkBK3A9tZqdADkTTMKSwNkhjo9Hs6HfgNUXo48TNRaxU6XPLSPdRgMc15jCD5DfN34ixjoVemY62JxnW#zUC7KKoJk5ttwuuc8pmQDiUmtckEPTwcaFVZe4DSFV7fURuoRnD17D3xkBK3A9tZqdADkTTMKSwNkhjo9Hs6HfgNUXo48TNRaxU6XPLSPdRgMc15jCD5DfN34ixjoVemY62JxnW" - ] - } - }, - "did:key:zUC7FB43ErjeTPiBLZ8wWT3aBTL7QnJ6AAZh9opgV5dKkw291mC23yTnKQ2pTcSgLbdKnVJ1ARn6XrwxWqvFg5dRFzCjwSg1j35nRgs5c2nbqkJ4auPTyPtkJ3xcABRNWaDX6QU": { - "verificationKeyPair": { - "id": "#zUC7FB43ErjeTPiBLZ8wWT3aBTL7QnJ6AAZh9opgV5dKkw291mC23yTnKQ2pTcSgLbdKnVJ1ARn6XrwxWqvFg5dRFzCjwSg1j35nRgs5c2nbqkJ4auPTyPtkJ3xcABRNWaDX6QU", - "type": "Bls12381G2Key2020", - "controller": "did:key:zUC7FB43ErjeTPiBLZ8wWT3aBTL7QnJ6AAZh9opgV5dKkw291mC23yTnKQ2pTcSgLbdKnVJ1ARn6XrwxWqvFg5dRFzCjwSg1j35nRgs5c2nbqkJ4auPTyPtkJ3xcABRNWaDX6QU", - "publicKeyBase58": "21LWABB5R6mqxvcU6LWMMt9yCAVyt8C1mHREs1EAX23fLcAEPMK4dWx59Jd6RpJ5geGt881vH9yPzZyC8WpHhS2g296mumPxJA3Aghp9jMoACE13rtTie8FYdgzgUw24eboA", - "privateKeyBase58": "86rp8w6Q7zgDdKqYxZsdTyhZogzwbcR7wf3VQrhV3xLG" - }, - "didDocument": { - "@context": [ - "https://www.w3.org/ns/did/v1", - "https://w3id.org/security/suites/bls12381-2020/v1" - ], - "id": "did:key:zUC7FB43ErjeTPiBLZ8wWT3aBTL7QnJ6AAZh9opgV5dKkw291mC23yTnKQ2pTcSgLbdKnVJ1ARn6XrwxWqvFg5dRFzCjwSg1j35nRgs5c2nbqkJ4auPTyPtkJ3xcABRNWaDX6QU", - "verificationMethod": [ - { - "id": "did:key:zUC7FB43ErjeTPiBLZ8wWT3aBTL7QnJ6AAZh9opgV5dKkw291mC23yTnKQ2pTcSgLbdKnVJ1ARn6XrwxWqvFg5dRFzCjwSg1j35nRgs5c2nbqkJ4auPTyPtkJ3xcABRNWaDX6QU#zUC7FB43ErjeTPiBLZ8wWT3aBTL7QnJ6AAZh9opgV5dKkw291mC23yTnKQ2pTcSgLbdKnVJ1ARn6XrwxWqvFg5dRFzCjwSg1j35nRgs5c2nbqkJ4auPTyPtkJ3xcABRNWaDX6QU", - "type": "Bls12381G2Key2020", - "controller": "did:key:zUC7FB43ErjeTPiBLZ8wWT3aBTL7QnJ6AAZh9opgV5dKkw291mC23yTnKQ2pTcSgLbdKnVJ1ARn6XrwxWqvFg5dRFzCjwSg1j35nRgs5c2nbqkJ4auPTyPtkJ3xcABRNWaDX6QU", - "publicKeyBase58": "21LWABB5R6mqxvcU6LWMMt9yCAVyt8C1mHREs1EAX23fLcAEPMK4dWx59Jd6RpJ5geGt881vH9yPzZyC8WpHhS2g296mumPxJA3Aghp9jMoACE13rtTie8FYdgzgUw24eboA" - } - ], - "assertionMethod": [ - "did:key:zUC7FB43ErjeTPiBLZ8wWT3aBTL7QnJ6AAZh9opgV5dKkw291mC23yTnKQ2pTcSgLbdKnVJ1ARn6XrwxWqvFg5dRFzCjwSg1j35nRgs5c2nbqkJ4auPTyPtkJ3xcABRNWaDX6QU#zUC7FB43ErjeTPiBLZ8wWT3aBTL7QnJ6AAZh9opgV5dKkw291mC23yTnKQ2pTcSgLbdKnVJ1ARn6XrwxWqvFg5dRFzCjwSg1j35nRgs5c2nbqkJ4auPTyPtkJ3xcABRNWaDX6QU" - ], - "authentication": [ - "did:key:zUC7FB43ErjeTPiBLZ8wWT3aBTL7QnJ6AAZh9opgV5dKkw291mC23yTnKQ2pTcSgLbdKnVJ1ARn6XrwxWqvFg5dRFzCjwSg1j35nRgs5c2nbqkJ4auPTyPtkJ3xcABRNWaDX6QU#zUC7FB43ErjeTPiBLZ8wWT3aBTL7QnJ6AAZh9opgV5dKkw291mC23yTnKQ2pTcSgLbdKnVJ1ARn6XrwxWqvFg5dRFzCjwSg1j35nRgs5c2nbqkJ4auPTyPtkJ3xcABRNWaDX6QU" - ], - "capabilityInvocation": [ - "did:key:zUC7FB43ErjeTPiBLZ8wWT3aBTL7QnJ6AAZh9opgV5dKkw291mC23yTnKQ2pTcSgLbdKnVJ1ARn6XrwxWqvFg5dRFzCjwSg1j35nRgs5c2nbqkJ4auPTyPtkJ3xcABRNWaDX6QU#zUC7FB43ErjeTPiBLZ8wWT3aBTL7QnJ6AAZh9opgV5dKkw291mC23yTnKQ2pTcSgLbdKnVJ1ARn6XrwxWqvFg5dRFzCjwSg1j35nRgs5c2nbqkJ4auPTyPtkJ3xcABRNWaDX6QU" - ], - "capabilityDelegation": [ - "did:key:zUC7FB43ErjeTPiBLZ8wWT3aBTL7QnJ6AAZh9opgV5dKkw291mC23yTnKQ2pTcSgLbdKnVJ1ARn6XrwxWqvFg5dRFzCjwSg1j35nRgs5c2nbqkJ4auPTyPtkJ3xcABRNWaDX6QU#zUC7FB43ErjeTPiBLZ8wWT3aBTL7QnJ6AAZh9opgV5dKkw291mC23yTnKQ2pTcSgLbdKnVJ1ARn6XrwxWqvFg5dRFzCjwSg1j35nRgs5c2nbqkJ4auPTyPtkJ3xcABRNWaDX6QU" - ] - } - }, - "did:key:zUC7FNFB7UinoJ5tqkeEELWLsytHBdHpwQ7wLVFAYRT6vqdr5uC3JPK6BVNNByj4KxvVKXoirT7VuqptSznjRCgvr7Ksuk42zyFw1GJSYNQSKCpjVcrZXoPUbR1P6zHmr97mVdA": { - "verificationKeyPair": { - "id": "#zUC7FNFB7UinoJ5tqkeEELWLsytHBdHpwQ7wLVFAYRT6vqdr5uC3JPK6BVNNByj4KxvVKXoirT7VuqptSznjRCgvr7Ksuk42zyFw1GJSYNQSKCpjVcrZXoPUbR1P6zHmr97mVdA", - "type": "Bls12381G2Key2020", - "controller": "did:key:zUC7FNFB7UinoJ5tqkeEELWLsytHBdHpwQ7wLVFAYRT6vqdr5uC3JPK6BVNNByj4KxvVKXoirT7VuqptSznjRCgvr7Ksuk42zyFw1GJSYNQSKCpjVcrZXoPUbR1P6zHmr97mVdA", - "publicKeyBase58": "21XhJ3o4ZSgDgRoyP4Pp8agXMwLycuRa1U6fM4ZzJBxH3gJEQbiuwP3Qh2zNoofNrBKPqp3FgXxGvW84cFwMD29oA7Q9w3L8Sjcc3e9mZqFgs8iWxSsDNRcbQdoYtGaxu11r", - "privateKeyBase58": "5LjJ3yibKGP4zKbNgqeiQ284g8LJYnbF7ZBve7Ke9qZ5" - }, - "didDocument": { - "@context": [ - "https://www.w3.org/ns/did/v1", - "https://w3id.org/security/suites/bls12381-2020/v1" - ], - "id": "did:key:zUC7FNFB7UinoJ5tqkeEELWLsytHBdHpwQ7wLVFAYRT6vqdr5uC3JPK6BVNNByj4KxvVKXoirT7VuqptSznjRCgvr7Ksuk42zyFw1GJSYNQSKCpjVcrZXoPUbR1P6zHmr97mVdA", - "verificationMethod": [ - { - "id": "did:key:zUC7FNFB7UinoJ5tqkeEELWLsytHBdHpwQ7wLVFAYRT6vqdr5uC3JPK6BVNNByj4KxvVKXoirT7VuqptSznjRCgvr7Ksuk42zyFw1GJSYNQSKCpjVcrZXoPUbR1P6zHmr97mVdA#zUC7FNFB7UinoJ5tqkeEELWLsytHBdHpwQ7wLVFAYRT6vqdr5uC3JPK6BVNNByj4KxvVKXoirT7VuqptSznjRCgvr7Ksuk42zyFw1GJSYNQSKCpjVcrZXoPUbR1P6zHmr97mVdA", - "type": "Bls12381G2Key2020", - "controller": "did:key:zUC7FNFB7UinoJ5tqkeEELWLsytHBdHpwQ7wLVFAYRT6vqdr5uC3JPK6BVNNByj4KxvVKXoirT7VuqptSznjRCgvr7Ksuk42zyFw1GJSYNQSKCpjVcrZXoPUbR1P6zHmr97mVdA", - "publicKeyBase58": "21XhJ3o4ZSgDgRoyP4Pp8agXMwLycuRa1U6fM4ZzJBxH3gJEQbiuwP3Qh2zNoofNrBKPqp3FgXxGvW84cFwMD29oA7Q9w3L8Sjcc3e9mZqFgs8iWxSsDNRcbQdoYtGaxu11r" - } - ], - "assertionMethod": [ - "did:key:zUC7FNFB7UinoJ5tqkeEELWLsytHBdHpwQ7wLVFAYRT6vqdr5uC3JPK6BVNNByj4KxvVKXoirT7VuqptSznjRCgvr7Ksuk42zyFw1GJSYNQSKCpjVcrZXoPUbR1P6zHmr97mVdA#zUC7FNFB7UinoJ5tqkeEELWLsytHBdHpwQ7wLVFAYRT6vqdr5uC3JPK6BVNNByj4KxvVKXoirT7VuqptSznjRCgvr7Ksuk42zyFw1GJSYNQSKCpjVcrZXoPUbR1P6zHmr97mVdA" - ], - "authentication": [ - "did:key:zUC7FNFB7UinoJ5tqkeEELWLsytHBdHpwQ7wLVFAYRT6vqdr5uC3JPK6BVNNByj4KxvVKXoirT7VuqptSznjRCgvr7Ksuk42zyFw1GJSYNQSKCpjVcrZXoPUbR1P6zHmr97mVdA#zUC7FNFB7UinoJ5tqkeEELWLsytHBdHpwQ7wLVFAYRT6vqdr5uC3JPK6BVNNByj4KxvVKXoirT7VuqptSznjRCgvr7Ksuk42zyFw1GJSYNQSKCpjVcrZXoPUbR1P6zHmr97mVdA" - ], - "capabilityInvocation": [ - "did:key:zUC7FNFB7UinoJ5tqkeEELWLsytHBdHpwQ7wLVFAYRT6vqdr5uC3JPK6BVNNByj4KxvVKXoirT7VuqptSznjRCgvr7Ksuk42zyFw1GJSYNQSKCpjVcrZXoPUbR1P6zHmr97mVdA#zUC7FNFB7UinoJ5tqkeEELWLsytHBdHpwQ7wLVFAYRT6vqdr5uC3JPK6BVNNByj4KxvVKXoirT7VuqptSznjRCgvr7Ksuk42zyFw1GJSYNQSKCpjVcrZXoPUbR1P6zHmr97mVdA" - ], - "capabilityDelegation": [ - "did:key:zUC7FNFB7UinoJ5tqkeEELWLsytHBdHpwQ7wLVFAYRT6vqdr5uC3JPK6BVNNByj4KxvVKXoirT7VuqptSznjRCgvr7Ksuk42zyFw1GJSYNQSKCpjVcrZXoPUbR1P6zHmr97mVdA#zUC7FNFB7UinoJ5tqkeEELWLsytHBdHpwQ7wLVFAYRT6vqdr5uC3JPK6BVNNByj4KxvVKXoirT7VuqptSznjRCgvr7Ksuk42zyFw1GJSYNQSKCpjVcrZXoPUbR1P6zHmr97mVdA" - ] - } - }, - "did:key:z5TcCmGLu7HrkT5FTnejDTKcH11LPMQLXMPHTRyzY4KdRvqpPLprH7s1ddWFD38cAkZoiDtofUmJVZyEweUTfwjG5H3znk3ir4tzmuDBUSNbNQ7U6jJqj5bkQLKRaQB1bpFJKGLEq3EBwsfPutL5D7p78kFeLNHznqbf5oGpik7ScaDbGLaTLh1Jtadi6VmPNNd44Cojk": { - "verificationKeyPair": { - "id": "did:key:z5TcCmGLu7HrkT5FTnejDTKcH11LPMQLXMPHTRyzY4KdRvqpPLprH7s1ddWFD38cAkZoiDtofUmJVZyEweUTfwjG5H3znk3ir4tzmuDBUSNbNQ7U6jJqj5bkQLKRaQB1bpFJKGLEq3EBwsfPutL5D7p78kFeLNHznqbf5oGpik7ScaDbGLaTLh1Jtadi6VmPNNd44Cojk#z3tEEysHYz5kkgpfDAByfDVgAuvtSFLHSqoMWmmSZBU1LZtN2sDsAS6RVQSevfxv39kyty", - "type": "JsonWebKey2020", - "controller": "did:key:z5TcCmGLu7HrkT5FTnejDTKcH11LPMQLXMPHTRyzY4KdRvqpPLprH7s1ddWFD38cAkZoiDtofUmJVZyEweUTfwjG5H3znk3ir4tzmuDBUSNbNQ7U6jJqj5bkQLKRaQB1bpFJKGLEq3EBwsfPutL5D7p78kFeLNHznqbf5oGpik7ScaDbGLaTLh1Jtadi6VmPNNd44Cojk", - "publicKeyJwk": { - "kty": "EC", - "crv": "BLS12381_G1", - "x": "im0OQGMTkh4YEhAl16hQwUQTcOaRqIqThqtSwksFK7WaH6Qywypmc3VIDyydmYTe" - }, - "privateKeyJwk": { - "kty": "EC", - "crv": "BLS12381_G1", - "x": "im0OQGMTkh4YEhAl16hQwUQTcOaRqIqThqtSwksFK7WaH6Qywypmc3VIDyydmYTe", - "d": "S7Z1TuL05WHge8od0_mW8b3sRM747caCffsLwS6JZ-c" - } - }, - "didDocument": { - "@context": [ - "https://www.w3.org/ns/did/v1", - "https://w3id.org/security/suites/jws-2020/v1" - ], - "id": "did:key:z5TcCmGLu7HrkT5FTnejDTKcH11LPMQLXMPHTRyzY4KdRvqpPLprH7s1ddWFD38cAkZoiDtofUmJVZyEweUTfwjG5H3znk3ir4tzmuDBUSNbNQ7U6jJqj5bkQLKRaQB1bpFJKGLEq3EBwsfPutL5D7p78kFeLNHznqbf5oGpik7ScaDbGLaTLh1Jtadi6VmPNNd44Cojk", - "verificationMethod": [ - { - "id": "did:key:z5TcCmGLu7HrkT5FTnejDTKcH11LPMQLXMPHTRyzY4KdRvqpPLprH7s1ddWFD38cAkZoiDtofUmJVZyEweUTfwjG5H3znk3ir4tzmuDBUSNbNQ7U6jJqj5bkQLKRaQB1bpFJKGLEq3EBwsfPutL5D7p78kFeLNHznqbf5oGpik7ScaDbGLaTLh1Jtadi6VmPNNd44Cojk#z3tEEysHYz5kkgpfDAByfDVgAuvtSFLHSqoMWmmSZBU1LZtN2sDsAS6RVQSevfxv39kyty", - "type": "JsonWebKey2020", - "controller": "did:key:z5TcCmGLu7HrkT5FTnejDTKcH11LPMQLXMPHTRyzY4KdRvqpPLprH7s1ddWFD38cAkZoiDtofUmJVZyEweUTfwjG5H3znk3ir4tzmuDBUSNbNQ7U6jJqj5bkQLKRaQB1bpFJKGLEq3EBwsfPutL5D7p78kFeLNHznqbf5oGpik7ScaDbGLaTLh1Jtadi6VmPNNd44Cojk", - "publicKeyJwk": { - "kty": "EC", - "crv": "BLS12381_G1", - "x": "im0OQGMTkh4YEhAl16hQwUQTcOaRqIqThqtSwksFK7WaH6Qywypmc3VIDyydmYTe" - } - } - ], - "assertionMethod": [ - "did:key:z5TcCmGLu7HrkT5FTnejDTKcH11LPMQLXMPHTRyzY4KdRvqpPLprH7s1ddWFD38cAkZoiDtofUmJVZyEweUTfwjG5H3znk3ir4tzmuDBUSNbNQ7U6jJqj5bkQLKRaQB1bpFJKGLEq3EBwsfPutL5D7p78kFeLNHznqbf5oGpik7ScaDbGLaTLh1Jtadi6VmPNNd44Cojk#z3tEEysHYz5kkgpfDAByfDVgAuvtSFLHSqoMWmmSZBU1LZtN2sDsAS6RVQSevfxv39kyty" - ], - "authentication": [ - "did:key:z5TcCmGLu7HrkT5FTnejDTKcH11LPMQLXMPHTRyzY4KdRvqpPLprH7s1ddWFD38cAkZoiDtofUmJVZyEweUTfwjG5H3znk3ir4tzmuDBUSNbNQ7U6jJqj5bkQLKRaQB1bpFJKGLEq3EBwsfPutL5D7p78kFeLNHznqbf5oGpik7ScaDbGLaTLh1Jtadi6VmPNNd44Cojk#z3tEEysHYz5kkgpfDAByfDVgAuvtSFLHSqoMWmmSZBU1LZtN2sDsAS6RVQSevfxv39kyty" - ], - "capabilityInvocation": [ - "did:key:z5TcCmGLu7HrkT5FTnejDTKcH11LPMQLXMPHTRyzY4KdRvqpPLprH7s1ddWFD38cAkZoiDtofUmJVZyEweUTfwjG5H3znk3ir4tzmuDBUSNbNQ7U6jJqj5bkQLKRaQB1bpFJKGLEq3EBwsfPutL5D7p78kFeLNHznqbf5oGpik7ScaDbGLaTLh1Jtadi6VmPNNd44Cojk#z3tEEysHYz5kkgpfDAByfDVgAuvtSFLHSqoMWmmSZBU1LZtN2sDsAS6RVQSevfxv39kyty" - ], - "capabilityDelegation": [ - "did:key:z5TcCmGLu7HrkT5FTnejDTKcH11LPMQLXMPHTRyzY4KdRvqpPLprH7s1ddWFD38cAkZoiDtofUmJVZyEweUTfwjG5H3znk3ir4tzmuDBUSNbNQ7U6jJqj5bkQLKRaQB1bpFJKGLEq3EBwsfPutL5D7p78kFeLNHznqbf5oGpik7ScaDbGLaTLh1Jtadi6VmPNNd44Cojk#z3tEEysHYz5kkgpfDAByfDVgAuvtSFLHSqoMWmmSZBU1LZtN2sDsAS6RVQSevfxv39kyty" - ] - } - } -} diff --git a/did/testvectors/ed25519-x25519.json b/did/testvectors/ed25519-x25519.json deleted file mode 100644 index f403ce1..0000000 --- a/did/testvectors/ed25519-x25519.json +++ /dev/null @@ -1,293 +0,0 @@ -{ - "did:key:z6MkiTBz1ymuepAQ4HEHYSF1H8quG5GLVVQR3djdX3mDooWp": { - "seed": "0000000000000000000000000000000000000000000000000000000000000000", - "verificationKeyPair": { - "id": "#z6MkiTBz1ymuepAQ4HEHYSF1H8quG5GLVVQR3djdX3mDooWp", - "type": "Ed25519VerificationKey2018", - "controller": "did:key:z6MkiTBz1ymuepAQ4HEHYSF1H8quG5GLVVQR3djdX3mDooWp", - "publicKeyBase58": "4zvwRjXUKGfvwnParsHAS3HuSVzV5cA4McphgmoCtajS" - }, - "keyAgreementKeyPair": { - "id": "#z6LShs9GGnqk85isEBzzshkuVWrVKsRp24GnDuHk8QWkARMW", - "type": "X25519KeyAgreementKey2019", - "controller": "did:key:z6MkiTBz1ymuepAQ4HEHYSF1H8quG5GLVVQR3djdX3mDooWp", - "publicKeyBase58": "7By6kV2t2d188odEM4ExAve1UithKT6dLva4dwsDT3ak", - "privateKeyBase58": "6QN8DfuN9hjgHgPvLXqgzqYE3jRRGRrmJQZkd5tL8paR" - }, - "didDocument": { - "@context": [ - "https://www.w3.org/ns/did/v1", - "https://w3id.org/security/suites/ed25519-2018/v1", - "https://w3id.org/security/suites/x25519-2019/v1" - ], - "id": "did:key:z6MkiTBz1ymuepAQ4HEHYSF1H8quG5GLVVQR3djdX3mDooWp", - "verificationMethod": [ - { - "id": "did:key:z6MkiTBz1ymuepAQ4HEHYSF1H8quG5GLVVQR3djdX3mDooWp#z6MkiTBz1ymuepAQ4HEHYSF1H8quG5GLVVQR3djdX3mDooWp", - "type": "Ed25519VerificationKey2018", - "controller": "did:key:z6MkiTBz1ymuepAQ4HEHYSF1H8quG5GLVVQR3djdX3mDooWp", - "publicKeyBase58": "4zvwRjXUKGfvwnParsHAS3HuSVzV5cA4McphgmoCtajS" - }, - { - "id": "did:key:z6MkiTBz1ymuepAQ4HEHYSF1H8quG5GLVVQR3djdX3mDooWp#z6LShs9GGnqk85isEBzzshkuVWrVKsRp24GnDuHk8QWkARMW", - "type": "X25519KeyAgreementKey2019", - "controller": "did:key:z6MkiTBz1ymuepAQ4HEHYSF1H8quG5GLVVQR3djdX3mDooWp", - "publicKeyBase58": "7By6kV2t2d188odEM4ExAve1UithKT6dLva4dwsDT3ak" - } - ], - "assertionMethod": [ - "did:key:z6MkiTBz1ymuepAQ4HEHYSF1H8quG5GLVVQR3djdX3mDooWp#z6MkiTBz1ymuepAQ4HEHYSF1H8quG5GLVVQR3djdX3mDooWp" - ], - "authentication": [ - "did:key:z6MkiTBz1ymuepAQ4HEHYSF1H8quG5GLVVQR3djdX3mDooWp#z6MkiTBz1ymuepAQ4HEHYSF1H8quG5GLVVQR3djdX3mDooWp" - ], - "capabilityInvocation": [ - "did:key:z6MkiTBz1ymuepAQ4HEHYSF1H8quG5GLVVQR3djdX3mDooWp#z6MkiTBz1ymuepAQ4HEHYSF1H8quG5GLVVQR3djdX3mDooWp" - ], - "capabilityDelegation": [ - "did:key:z6MkiTBz1ymuepAQ4HEHYSF1H8quG5GLVVQR3djdX3mDooWp#z6MkiTBz1ymuepAQ4HEHYSF1H8quG5GLVVQR3djdX3mDooWp" - ], - "keyAgreement": [ - "did:key:z6MkiTBz1ymuepAQ4HEHYSF1H8quG5GLVVQR3djdX3mDooWp#z6LShs9GGnqk85isEBzzshkuVWrVKsRp24GnDuHk8QWkARMW" - ] - } - }, - "did:key:z6MkjchhfUsD6mmvni8mCdXHw216Xrm9bQe2mBH1P5RDjVJG": { - "seed": "0000000000000000000000000000000000000000000000000000000000000001", - "verificationKeyPair": { - "id": "#z6MkjchhfUsD6mmvni8mCdXHw216Xrm9bQe2mBH1P5RDjVJG", - "type": "Ed25519VerificationKey2018", - "controller": "did:key:z6MkjchhfUsD6mmvni8mCdXHw216Xrm9bQe2mBH1P5RDjVJG", - "publicKeyBase58": "6ASf5EcmmEHTgDJ4X4ZT5vT6iHVJBXPg5AN5YoTCpGWt" - }, - "keyAgreementKeyPair": { - "id": "#z6LSrHyXiPBhUbvPUtyUCdf32sniiMGPTAesgHrtEa4FePtr", - "type": "X25519KeyAgreementKey2019", - "controller": "did:key:z6MkjchhfUsD6mmvni8mCdXHw216Xrm9bQe2mBH1P5RDjVJG", - "publicKeyBase58": "FcoNC5NqP9CePWbhfz95iHaEsCjGkZUioK9Ck7Qiw286", - "privateKeyBase58": "HBTcN2MrXNRj9xF9oi8QqYyuEPv3JLLjQKuEgW9oxVKP" - }, - "didDocument": { - "@context": [ - "https://www.w3.org/ns/did/v1", - "https://w3id.org/security/suites/ed25519-2018/v1", - "https://w3id.org/security/suites/x25519-2019/v1" - ], - "id": "did:key:z6MkjchhfUsD6mmvni8mCdXHw216Xrm9bQe2mBH1P5RDjVJG", - "verificationMethod": [ - { - "id": "did:key:z6MkjchhfUsD6mmvni8mCdXHw216Xrm9bQe2mBH1P5RDjVJG#z6MkjchhfUsD6mmvni8mCdXHw216Xrm9bQe2mBH1P5RDjVJG", - "type": "Ed25519VerificationKey2018", - "controller": "did:key:z6MkjchhfUsD6mmvni8mCdXHw216Xrm9bQe2mBH1P5RDjVJG", - "publicKeyBase58": "6ASf5EcmmEHTgDJ4X4ZT5vT6iHVJBXPg5AN5YoTCpGWt" - }, - { - "id": "did:key:z6MkjchhfUsD6mmvni8mCdXHw216Xrm9bQe2mBH1P5RDjVJG#z6LSrHyXiPBhUbvPUtyUCdf32sniiMGPTAesgHrtEa4FePtr", - "type": "X25519KeyAgreementKey2019", - "controller": "did:key:z6MkjchhfUsD6mmvni8mCdXHw216Xrm9bQe2mBH1P5RDjVJG", - "publicKeyBase58": "FcoNC5NqP9CePWbhfz95iHaEsCjGkZUioK9Ck7Qiw286" - } - ], - "assertionMethod": [ - "did:key:z6MkjchhfUsD6mmvni8mCdXHw216Xrm9bQe2mBH1P5RDjVJG#z6MkjchhfUsD6mmvni8mCdXHw216Xrm9bQe2mBH1P5RDjVJG" - ], - "authentication": [ - "did:key:z6MkjchhfUsD6mmvni8mCdXHw216Xrm9bQe2mBH1P5RDjVJG#z6MkjchhfUsD6mmvni8mCdXHw216Xrm9bQe2mBH1P5RDjVJG" - ], - "capabilityInvocation": [ - "did:key:z6MkjchhfUsD6mmvni8mCdXHw216Xrm9bQe2mBH1P5RDjVJG#z6MkjchhfUsD6mmvni8mCdXHw216Xrm9bQe2mBH1P5RDjVJG" - ], - "capabilityDelegation": [ - "did:key:z6MkjchhfUsD6mmvni8mCdXHw216Xrm9bQe2mBH1P5RDjVJG#z6MkjchhfUsD6mmvni8mCdXHw216Xrm9bQe2mBH1P5RDjVJG" - ], - "keyAgreement": [ - "did:key:z6MkjchhfUsD6mmvni8mCdXHw216Xrm9bQe2mBH1P5RDjVJG#z6LSrHyXiPBhUbvPUtyUCdf32sniiMGPTAesgHrtEa4FePtr" - ] - } - }, - "did:key:z6MknGc3ocHs3zdPiJbnaaqDi58NGb4pk1Sp9WxWufuXSdxf": { - "seed": "0000000000000000000000000000000000000000000000000000000000000002", - "verificationKeyPair": { - "id": "#z6MknGc3ocHs3zdPiJbnaaqDi58NGb4pk1Sp9WxWufuXSdxf", - "type": "Ed25519VerificationKey2018", - "controller": "did:key:z6MknGc3ocHs3zdPiJbnaaqDi58NGb4pk1Sp9WxWufuXSdxf", - "publicKeyBase58": "8pM1DN3RiT8vbom5u1sNryaNT1nyL8CTTW3b5PwWXRBH" - }, - "keyAgreementKeyPair": { - "id": "#z6LSkkqoZRC34AEpbkhZCqLDcHQVAxuLpQ7kC8XCXMVUfvjE", - "type": "X25519KeyAgreementKey2019", - "controller": "did:key:z6MknGc3ocHs3zdPiJbnaaqDi58NGb4pk1Sp9WxWufuXSdxf", - "publicKeyBase58": "A5fe37PAxhX5WNKngBpGHhC1KpNE7nwbK9oX2tqwxYxU", - "privateKeyBase58": "ACa4PPJ1LnPNq1iwS33V3Akh7WtnC71WkKFZ9ccM6sX2" - }, - "didDocument": { - "@context": [ - "https://www.w3.org/ns/did/v1", - "https://w3id.org/security/suites/ed25519-2018/v1", - "https://w3id.org/security/suites/x25519-2019/v1" - ], - "id": "did:key:z6MknGc3ocHs3zdPiJbnaaqDi58NGb4pk1Sp9WxWufuXSdxf", - "verificationMethod": [ - { - "id": "did:key:z6MknGc3ocHs3zdPiJbnaaqDi58NGb4pk1Sp9WxWufuXSdxf#z6MknGc3ocHs3zdPiJbnaaqDi58NGb4pk1Sp9WxWufuXSdxf", - "type": "Ed25519VerificationKey2018", - "controller": "did:key:z6MknGc3ocHs3zdPiJbnaaqDi58NGb4pk1Sp9WxWufuXSdxf", - "publicKeyBase58": "8pM1DN3RiT8vbom5u1sNryaNT1nyL8CTTW3b5PwWXRBH" - }, - { - "id": "did:key:z6MknGc3ocHs3zdPiJbnaaqDi58NGb4pk1Sp9WxWufuXSdxf#z6LSkkqoZRC34AEpbkhZCqLDcHQVAxuLpQ7kC8XCXMVUfvjE", - "type": "X25519KeyAgreementKey2019", - "controller": "did:key:z6MknGc3ocHs3zdPiJbnaaqDi58NGb4pk1Sp9WxWufuXSdxf", - "publicKeyBase58": "A5fe37PAxhX5WNKngBpGHhC1KpNE7nwbK9oX2tqwxYxU" - } - ], - "assertionMethod": [ - "did:key:z6MknGc3ocHs3zdPiJbnaaqDi58NGb4pk1Sp9WxWufuXSdxf#z6MknGc3ocHs3zdPiJbnaaqDi58NGb4pk1Sp9WxWufuXSdxf" - ], - "authentication": [ - "did:key:z6MknGc3ocHs3zdPiJbnaaqDi58NGb4pk1Sp9WxWufuXSdxf#z6MknGc3ocHs3zdPiJbnaaqDi58NGb4pk1Sp9WxWufuXSdxf" - ], - "capabilityInvocation": [ - "did:key:z6MknGc3ocHs3zdPiJbnaaqDi58NGb4pk1Sp9WxWufuXSdxf#z6MknGc3ocHs3zdPiJbnaaqDi58NGb4pk1Sp9WxWufuXSdxf" - ], - "capabilityDelegation": [ - "did:key:z6MknGc3ocHs3zdPiJbnaaqDi58NGb4pk1Sp9WxWufuXSdxf#z6MknGc3ocHs3zdPiJbnaaqDi58NGb4pk1Sp9WxWufuXSdxf" - ], - "keyAgreement": [ - "did:key:z6MknGc3ocHs3zdPiJbnaaqDi58NGb4pk1Sp9WxWufuXSdxf#z6LSkkqoZRC34AEpbkhZCqLDcHQVAxuLpQ7kC8XCXMVUfvjE" - ] - } - }, - "did:key:z6MkvqoYXQfDDJRv8L4wKzxYeuKyVZBfi9Qo6Ro8MiLH3kDQ": { - "seed": "0000000000000000000000000000000000000000000000000000000000000003", - "verificationKeyPair": { - "id": "#z6MkvqoYXQfDDJRv8L4wKzxYeuKyVZBfi9Qo6Ro8MiLH3kDQ", - "type": "Ed25519VerificationKey2018", - "controller": "did:key:z6MkvqoYXQfDDJRv8L4wKzxYeuKyVZBfi9Qo6Ro8MiLH3kDQ", - "publicKeyBase58": "HPYVwAQmskwT1qEEeRzhoomyfyupJGASQQtCXSNG8XS2" - }, - "keyAgreementKeyPair": { - "id": "#z6LSiUo6AEDat8Ze4nQzDo67SGuHLLwsUGkxndHGUjsywHow", - "type": "X25519KeyAgreementKey2019", - "controller": "did:key:z6MkvqoYXQfDDJRv8L4wKzxYeuKyVZBfi9Qo6Ro8MiLH3kDQ", - "publicKeyBase58": "7ocvdvQinfqtyQ3Dh9aA7ggoVCQkmfaoueZazHETDv3B", - "privateKeyBase58": "FZrzd1osCnbK6y6MJzMBW1RcVfL524sNKhSbqRwMuwHT" - }, - "didDocument": { - "@context": [ - "https://www.w3.org/ns/did/v1", - "https://w3id.org/security/suites/ed25519-2018/v1", - "https://w3id.org/security/suites/x25519-2019/v1" - ], - "id": "did:key:z6MkvqoYXQfDDJRv8L4wKzxYeuKyVZBfi9Qo6Ro8MiLH3kDQ", - "verificationMethod": [ - { - "id": "did:key:z6MkvqoYXQfDDJRv8L4wKzxYeuKyVZBfi9Qo6Ro8MiLH3kDQ#z6MkvqoYXQfDDJRv8L4wKzxYeuKyVZBfi9Qo6Ro8MiLH3kDQ", - "type": "Ed25519VerificationKey2018", - "controller": "did:key:z6MkvqoYXQfDDJRv8L4wKzxYeuKyVZBfi9Qo6Ro8MiLH3kDQ", - "publicKeyBase58": "HPYVwAQmskwT1qEEeRzhoomyfyupJGASQQtCXSNG8XS2" - }, - { - "id": "did:key:z6MkvqoYXQfDDJRv8L4wKzxYeuKyVZBfi9Qo6Ro8MiLH3kDQ#z6LSiUo6AEDat8Ze4nQzDo67SGuHLLwsUGkxndHGUjsywHow", - "type": "X25519KeyAgreementKey2019", - "controller": "did:key:z6MkvqoYXQfDDJRv8L4wKzxYeuKyVZBfi9Qo6Ro8MiLH3kDQ", - "publicKeyBase58": "7ocvdvQinfqtyQ3Dh9aA7ggoVCQkmfaoueZazHETDv3B" - } - ], - "assertionMethod": [ - "did:key:z6MkvqoYXQfDDJRv8L4wKzxYeuKyVZBfi9Qo6Ro8MiLH3kDQ#z6MkvqoYXQfDDJRv8L4wKzxYeuKyVZBfi9Qo6Ro8MiLH3kDQ" - ], - "authentication": [ - "did:key:z6MkvqoYXQfDDJRv8L4wKzxYeuKyVZBfi9Qo6Ro8MiLH3kDQ#z6MkvqoYXQfDDJRv8L4wKzxYeuKyVZBfi9Qo6Ro8MiLH3kDQ" - ], - "capabilityInvocation": [ - "did:key:z6MkvqoYXQfDDJRv8L4wKzxYeuKyVZBfi9Qo6Ro8MiLH3kDQ#z6MkvqoYXQfDDJRv8L4wKzxYeuKyVZBfi9Qo6Ro8MiLH3kDQ" - ], - "capabilityDelegation": [ - "did:key:z6MkvqoYXQfDDJRv8L4wKzxYeuKyVZBfi9Qo6Ro8MiLH3kDQ#z6MkvqoYXQfDDJRv8L4wKzxYeuKyVZBfi9Qo6Ro8MiLH3kDQ" - ], - "keyAgreement": [ - "did:key:z6MkvqoYXQfDDJRv8L4wKzxYeuKyVZBfi9Qo6Ro8MiLH3kDQ#z6LSiUo6AEDat8Ze4nQzDo67SGuHLLwsUGkxndHGUjsywHow" - ] - } - }, - "did:key:z6MkwYMhwTvsq376YBAcJHy3vyRWzBgn5vKfVqqDCgm7XVKU": { - "seed": "0000000000000000000000000000000000000000000000000000000000000005", - "verificationKeyPair": { - "id": "did:key:z6MkwYMhwTvsq376YBAcJHy3vyRWzBgn5vKfVqqDCgm7XVKU#z6MkwYMhwTvsq376YBAcJHy3vyRWzBgn5vKfVqqDCgm7XVKU", - "type": "JsonWebKey2020", - "controller": "did:key:z6MkwYMhwTvsq376YBAcJHy3vyRWzBgn5vKfVqqDCgm7XVKU", - "publicKeyJwk": { - "kty": "OKP", - "crv": "Ed25519", - "x": "_eT7oDCtAC98L31MMx9J0T-w7HR-zuvsY08f9MvKne8" - }, - "privateKeyJwk": { - "kty": "OKP", - "crv": "Ed25519", - "x": "_eT7oDCtAC98L31MMx9J0T-w7HR-zuvsY08f9MvKne8", - "d": "AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAU" - } - }, - "keyAgreementKeyPair": { - "id": "did:key:z6MkwYMhwTvsq376YBAcJHy3vyRWzBgn5vKfVqqDCgm7XVKU#z6LSmArkPSdTKjEESsExHRrSwUzYUHgDuWDewXc4nocasvFU", - "type": "JsonWebKey2020", - "controller": "did:key:z6MkwYMhwTvsq376YBAcJHy3vyRWzBgn5vKfVqqDCgm7XVKU", - "publicKeyJwk": { - "kty": "OKP", - "crv": "X25519", - "x": "jRIz3oriXDNZmnb35XQb7K1UIlz3ae1ao1YSqLeBXHs" - }, - "privateKeyJwk": { - "kty": "OKP", - "crv": "X25519", - "x": "jRIz3oriXDNZmnb35XQb7K1UIlz3ae1ao1YSqLeBXHs", - "d": "aEAAB3VBFPCQtgF3N__wRiXhMOgeiRGstpPC3gnJ1Eo" - } - }, - "didDocument": { - "@context": [ - "https://www.w3.org/ns/did/v1", - "https://w3id.org/security/suites/jws-2020/v1" - ], - "id": "did:key:z6MkwYMhwTvsq376YBAcJHy3vyRWzBgn5vKfVqqDCgm7XVKU", - "verificationMethod": [ - { - "id": "did:key:z6MkwYMhwTvsq376YBAcJHy3vyRWzBgn5vKfVqqDCgm7XVKU#z6MkwYMhwTvsq376YBAcJHy3vyRWzBgn5vKfVqqDCgm7XVKU", - "type": "JsonWebKey2020", - "controller": "did:key:z6MkwYMhwTvsq376YBAcJHy3vyRWzBgn5vKfVqqDCgm7XVKU", - "publicKeyJwk": { - "kty": "OKP", - "crv": "Ed25519", - "x": "_eT7oDCtAC98L31MMx9J0T-w7HR-zuvsY08f9MvKne8" - } - }, - { - "id": "did:key:z6MkwYMhwTvsq376YBAcJHy3vyRWzBgn5vKfVqqDCgm7XVKU#z6LSmArkPSdTKjEESsExHRrSwUzYUHgDuWDewXc4nocasvFU", - "type": "JsonWebKey2020", - "controller": "did:key:z6MkwYMhwTvsq376YBAcJHy3vyRWzBgn5vKfVqqDCgm7XVKU", - "publicKeyJwk": { - "kty": "OKP", - "crv": "X25519", - "x": "jRIz3oriXDNZmnb35XQb7K1UIlz3ae1ao1YSqLeBXHs" - } - } - ], - "assertionMethod": [ - "did:key:z6MkwYMhwTvsq376YBAcJHy3vyRWzBgn5vKfVqqDCgm7XVKU#z6MkwYMhwTvsq376YBAcJHy3vyRWzBgn5vKfVqqDCgm7XVKU" - ], - "authentication": [ - "did:key:z6MkwYMhwTvsq376YBAcJHy3vyRWzBgn5vKfVqqDCgm7XVKU#z6MkwYMhwTvsq376YBAcJHy3vyRWzBgn5vKfVqqDCgm7XVKU" - ], - "capabilityInvocation": [ - "did:key:z6MkwYMhwTvsq376YBAcJHy3vyRWzBgn5vKfVqqDCgm7XVKU#z6MkwYMhwTvsq376YBAcJHy3vyRWzBgn5vKfVqqDCgm7XVKU" - ], - "capabilityDelegation": [ - "did:key:z6MkwYMhwTvsq376YBAcJHy3vyRWzBgn5vKfVqqDCgm7XVKU#z6MkwYMhwTvsq376YBAcJHy3vyRWzBgn5vKfVqqDCgm7XVKU" - ], - "keyAgreement": [ - "did:key:z6MkwYMhwTvsq376YBAcJHy3vyRWzBgn5vKfVqqDCgm7XVKU#z6LSmArkPSdTKjEESsExHRrSwUzYUHgDuWDewXc4nocasvFU" - ] - } - } -} diff --git a/did/testvectors/nist-curves.json b/did/testvectors/nist-curves.json deleted file mode 100644 index af3059c..0000000 --- a/did/testvectors/nist-curves.json +++ /dev/null @@ -1,371 +0,0 @@ -{ - "did:key:zDnaerx9CtbPJ1q36T5Ln5wYt3MQYeGRG5ehnPAmxcf5mDZpv": { - "verificationMethod": { - "id": "#zDnaerx9CtbPJ1q36T5Ln5wYt3MQYeGRG5ehnPAmxcf5mDZpv", - "type": "JsonWebKey2020", - "controller": "did:key:zDnaerx9CtbPJ1q36T5Ln5wYt3MQYeGRG5ehnPAmxcf5mDZpv", - "publicKeyJwk": { - "kty": "EC", - "crv": "P-256", - "x": "igrFmi0whuihKnj9R3Om1SoMph72wUGeFaBbzG2vzns", - "y": "efsX5b10x8yjyrj4ny3pGfLcY7Xby1KzgqOdqnsrJIM" - }, - "privateKeyJwk": { - "kty": "EC", - "crv": "P-256", - "x": "igrFmi0whuihKnj9R3Om1SoMph72wUGeFaBbzG2vzns", - "y": "efsX5b10x8yjyrj4ny3pGfLcY7Xby1KzgqOdqnsrJIM", - "d": "gPh-VvVS8MbvKQ9LSVVmfnxnKjHn4Tqj0bmbpehRlpc" - } - }, - "didDocument": { - "@context": [ - "https://www.w3.org/ns/did/v1", - "https://w3id.org/security/suites/jws-2020/v1" - ], - "id": "did:key:zDnaerx9CtbPJ1q36T5Ln5wYt3MQYeGRG5ehnPAmxcf5mDZpv", - "verificationMethod": [ - { - "id": "did:key:zDnaerx9CtbPJ1q36T5Ln5wYt3MQYeGRG5ehnPAmxcf5mDZpv#zDnaerx9CtbPJ1q36T5Ln5wYt3MQYeGRG5ehnPAmxcf5mDZpv", - "type": "JsonWebKey2020", - "controller": "did:key:zDnaerx9CtbPJ1q36T5Ln5wYt3MQYeGRG5ehnPAmxcf5mDZpv", - "publicKeyJwk": { - "kty": "EC", - "crv": "P-256", - "x": "igrFmi0whuihKnj9R3Om1SoMph72wUGeFaBbzG2vzns", - "y": "efsX5b10x8yjyrj4ny3pGfLcY7Xby1KzgqOdqnsrJIM" - } - } - ], - "assertionMethod": [ - "did:key:zDnaerx9CtbPJ1q36T5Ln5wYt3MQYeGRG5ehnPAmxcf5mDZpv#zDnaerx9CtbPJ1q36T5Ln5wYt3MQYeGRG5ehnPAmxcf5mDZpv" - ], - "authentication": [ - "did:key:zDnaerx9CtbPJ1q36T5Ln5wYt3MQYeGRG5ehnPAmxcf5mDZpv#zDnaerx9CtbPJ1q36T5Ln5wYt3MQYeGRG5ehnPAmxcf5mDZpv" - ], - "capabilityInvocation": [ - "did:key:zDnaerx9CtbPJ1q36T5Ln5wYt3MQYeGRG5ehnPAmxcf5mDZpv#zDnaerx9CtbPJ1q36T5Ln5wYt3MQYeGRG5ehnPAmxcf5mDZpv" - ], - "capabilityDelegation": [ - "did:key:zDnaerx9CtbPJ1q36T5Ln5wYt3MQYeGRG5ehnPAmxcf5mDZpv#zDnaerx9CtbPJ1q36T5Ln5wYt3MQYeGRG5ehnPAmxcf5mDZpv" - ], - "keyAgreement": [ - "did:key:zDnaerx9CtbPJ1q36T5Ln5wYt3MQYeGRG5ehnPAmxcf5mDZpv#zDnaerx9CtbPJ1q36T5Ln5wYt3MQYeGRG5ehnPAmxcf5mDZpv" - ] - } - }, - "did:key:zDnaerDaTF5BXEavCrfRZEk316dpbLsfPDZ3WJ5hRTPFU2169": { - "verificationMethod": { - "id": "#zDnaerDaTF5BXEavCrfRZEk316dpbLsfPDZ3WJ5hRTPFU2169", - "type": "JsonWebKey2020", - "controller": "did:key:zDnaerDaTF5BXEavCrfRZEk316dpbLsfPDZ3WJ5hRTPFU2169", - "publicKeyJwk": { - "kty": "EC", - "crv": "P-256", - "x": "fyNYMN0976ci7xqiSdag3buk-ZCwgXU4kz9XNkBlNUI", - "y": "hW2ojTNfH7Jbi8--CJUo3OCbH3y5n91g-IMA9MLMbTU" - }, - "privateKeyJwk": { - "kty": "EC", - "crv": "P-256", - "x": "fyNYMN0976ci7xqiSdag3buk-ZCwgXU4kz9XNkBlNUI", - "y": "hW2ojTNfH7Jbi8--CJUo3OCbH3y5n91g-IMA9MLMbTU", - "d": "YjRs6vNvw4sYrzVVY8ipkEpDAD9PFqw1sUnvPRMA-WI" - } - }, - "didDocument": { - "@context": [ - "https://www.w3.org/ns/did/v1", - "https://w3id.org/security/suites/jws-2020/v1" - ], - "id": "did:key:zDnaerDaTF5BXEavCrfRZEk316dpbLsfPDZ3WJ5hRTPFU2169", - "verificationMethod": [ - { - "id": "did:key:zDnaerDaTF5BXEavCrfRZEk316dpbLsfPDZ3WJ5hRTPFU2169#zDnaerDaTF5BXEavCrfRZEk316dpbLsfPDZ3WJ5hRTPFU2169", - "type": "JsonWebKey2020", - "controller": "did:key:zDnaerDaTF5BXEavCrfRZEk316dpbLsfPDZ3WJ5hRTPFU2169", - "publicKeyJwk": { - "kty": "EC", - "crv": "P-256", - "x": "fyNYMN0976ci7xqiSdag3buk-ZCwgXU4kz9XNkBlNUI", - "y": "hW2ojTNfH7Jbi8--CJUo3OCbH3y5n91g-IMA9MLMbTU" - } - } - ], - "assertionMethod": [ - "did:key:zDnaerDaTF5BXEavCrfRZEk316dpbLsfPDZ3WJ5hRTPFU2169#zDnaerDaTF5BXEavCrfRZEk316dpbLsfPDZ3WJ5hRTPFU2169" - ], - "authentication": [ - "did:key:zDnaerDaTF5BXEavCrfRZEk316dpbLsfPDZ3WJ5hRTPFU2169#zDnaerDaTF5BXEavCrfRZEk316dpbLsfPDZ3WJ5hRTPFU2169" - ], - "capabilityInvocation": [ - "did:key:zDnaerDaTF5BXEavCrfRZEk316dpbLsfPDZ3WJ5hRTPFU2169#zDnaerDaTF5BXEavCrfRZEk316dpbLsfPDZ3WJ5hRTPFU2169" - ], - "capabilityDelegation": [ - "did:key:zDnaerDaTF5BXEavCrfRZEk316dpbLsfPDZ3WJ5hRTPFU2169#zDnaerDaTF5BXEavCrfRZEk316dpbLsfPDZ3WJ5hRTPFU2169" - ], - "keyAgreement": [ - "did:key:zDnaerDaTF5BXEavCrfRZEk316dpbLsfPDZ3WJ5hRTPFU2169#zDnaerDaTF5BXEavCrfRZEk316dpbLsfPDZ3WJ5hRTPFU2169" - ] - } - }, - "did:key:z82Lm1MpAkeJcix9K8TMiLd5NMAhnwkjjCBeWHXyu3U4oT2MVJJKXkcVBgjGhnLBn2Kaau9": { - "verificationMethod": { - "id": "#z82Lm1MpAkeJcix9K8TMiLd5NMAhnwkjjCBeWHXyu3U4oT2MVJJKXkcVBgjGhnLBn2Kaau9", - "type": "JsonWebKey2020", - "controller": "did:key:z82Lm1MpAkeJcix9K8TMiLd5NMAhnwkjjCBeWHXyu3U4oT2MVJJKXkcVBgjGhnLBn2Kaau9", - "publicKeyJwk": { - "kty": "EC", - "crv": "P-384", - "x": "lInTxl8fjLKp_UCrxI0WDklahi-7-_6JbtiHjiRvMvhedhKVdHBfi2HCY8t_QJyc", - "y": "y6N1IC-2mXxHreETBW7K3mBcw0qGr3CWHCs-yl09yCQRLcyfGv7XhqAngHOu51Zv" - }, - "privateKeyJwk": { - "kty": "EC", - "crv": "P-384", - "x": "lInTxl8fjLKp_UCrxI0WDklahi-7-_6JbtiHjiRvMvhedhKVdHBfi2HCY8t_QJyc", - "y": "y6N1IC-2mXxHreETBW7K3mBcw0qGr3CWHCs-yl09yCQRLcyfGv7XhqAngHOu51Zv", - "d": "hAyGZNj9031guBCdpAOaZkO-E5m-LKLYnMIq0-msrp8JLctseaOeNTHmP3uKVWwX" - } - }, - "didDocument": { - "@context": [ - "https://www.w3.org/ns/did/v1", - "https://w3id.org/security/suites/jws-2020/v1" - ], - "id": "did:key:z82Lm1MpAkeJcix9K8TMiLd5NMAhnwkjjCBeWHXyu3U4oT2MVJJKXkcVBgjGhnLBn2Kaau9", - "verificationMethod": [ - { - "id": "did:key:z82Lm1MpAkeJcix9K8TMiLd5NMAhnwkjjCBeWHXyu3U4oT2MVJJKXkcVBgjGhnLBn2Kaau9#z82Lm1MpAkeJcix9K8TMiLd5NMAhnwkjjCBeWHXyu3U4oT2MVJJKXkcVBgjGhnLBn2Kaau9", - "type": "JsonWebKey2020", - "controller": "did:key:z82Lm1MpAkeJcix9K8TMiLd5NMAhnwkjjCBeWHXyu3U4oT2MVJJKXkcVBgjGhnLBn2Kaau9", - "publicKeyJwk": { - "kty": "EC", - "crv": "P-384", - "x": "lInTxl8fjLKp_UCrxI0WDklahi-7-_6JbtiHjiRvMvhedhKVdHBfi2HCY8t_QJyc", - "y": "y6N1IC-2mXxHreETBW7K3mBcw0qGr3CWHCs-yl09yCQRLcyfGv7XhqAngHOu51Zv" - } - } - ], - "assertionMethod": [ - "did:key:z82Lm1MpAkeJcix9K8TMiLd5NMAhnwkjjCBeWHXyu3U4oT2MVJJKXkcVBgjGhnLBn2Kaau9#z82Lm1MpAkeJcix9K8TMiLd5NMAhnwkjjCBeWHXyu3U4oT2MVJJKXkcVBgjGhnLBn2Kaau9" - ], - "authentication": [ - "did:key:z82Lm1MpAkeJcix9K8TMiLd5NMAhnwkjjCBeWHXyu3U4oT2MVJJKXkcVBgjGhnLBn2Kaau9#z82Lm1MpAkeJcix9K8TMiLd5NMAhnwkjjCBeWHXyu3U4oT2MVJJKXkcVBgjGhnLBn2Kaau9" - ], - "capabilityInvocation": [ - "did:key:z82Lm1MpAkeJcix9K8TMiLd5NMAhnwkjjCBeWHXyu3U4oT2MVJJKXkcVBgjGhnLBn2Kaau9#z82Lm1MpAkeJcix9K8TMiLd5NMAhnwkjjCBeWHXyu3U4oT2MVJJKXkcVBgjGhnLBn2Kaau9" - ], - "capabilityDelegation": [ - "did:key:z82Lm1MpAkeJcix9K8TMiLd5NMAhnwkjjCBeWHXyu3U4oT2MVJJKXkcVBgjGhnLBn2Kaau9#z82Lm1MpAkeJcix9K8TMiLd5NMAhnwkjjCBeWHXyu3U4oT2MVJJKXkcVBgjGhnLBn2Kaau9" - ], - "keyAgreement": [ - "did:key:z82Lm1MpAkeJcix9K8TMiLd5NMAhnwkjjCBeWHXyu3U4oT2MVJJKXkcVBgjGhnLBn2Kaau9#z82Lm1MpAkeJcix9K8TMiLd5NMAhnwkjjCBeWHXyu3U4oT2MVJJKXkcVBgjGhnLBn2Kaau9" - ] - } - }, - "did:key:z82LkvCwHNreneWpsgPEbV3gu1C6NFJEBg4srfJ5gdxEsMGRJUz2sG9FE42shbn2xkZJh54": { - "verificationMethod": { - "id": "#z82LkvCwHNreneWpsgPEbV3gu1C6NFJEBg4srfJ5gdxEsMGRJUz2sG9FE42shbn2xkZJh54", - "type": "JsonWebKey2020", - "controller": "did:key:z82LkvCwHNreneWpsgPEbV3gu1C6NFJEBg4srfJ5gdxEsMGRJUz2sG9FE42shbn2xkZJh54", - "publicKeyJwk": { - "kty": "EC", - "crv": "P-384", - "x": "CA-iNoHDg1lL8pvX3d1uvExzVfCz7Rn6tW781Ub8K5MrDf2IMPyL0RTDiaLHC1JT", - "y": "Kpnrn8DkXUD3ge4mFxi-DKr0DYO2KuJdwNBrhzLRtfMa3WFMZBiPKUPfJj8dYNl_" - }, - "privateKeyJwk": { - "kty": "EC", - "crv": "P-384", - "x": "CA-iNoHDg1lL8pvX3d1uvExzVfCz7Rn6tW781Ub8K5MrDf2IMPyL0RTDiaLHC1JT", - "y": "Kpnrn8DkXUD3ge4mFxi-DKr0DYO2KuJdwNBrhzLRtfMa3WFMZBiPKUPfJj8dYNl_", - "d": "Xe1HHeh-UsrJPRNLR_Y06VTrWpZYBXi7a7kiRqCgwnAOlJZPwE-xzL3DIIVMavAL" - } - }, - "didDocument": { - "@context": [ - "https://www.w3.org/ns/did/v1", - "https://w3id.org/security/suites/jws-2020/v1" - ], - "id": "did:key:z82LkvCwHNreneWpsgPEbV3gu1C6NFJEBg4srfJ5gdxEsMGRJUz2sG9FE42shbn2xkZJh54", - "verificationMethod": [ - { - "id": "did:key:z82LkvCwHNreneWpsgPEbV3gu1C6NFJEBg4srfJ5gdxEsMGRJUz2sG9FE42shbn2xkZJh54#z82LkvCwHNreneWpsgPEbV3gu1C6NFJEBg4srfJ5gdxEsMGRJUz2sG9FE42shbn2xkZJh54", - "type": "JsonWebKey2020", - "controller": "did:key:z82LkvCwHNreneWpsgPEbV3gu1C6NFJEBg4srfJ5gdxEsMGRJUz2sG9FE42shbn2xkZJh54", - "publicKeyJwk": { - "kty": "EC", - "crv": "P-384", - "x": "CA-iNoHDg1lL8pvX3d1uvExzVfCz7Rn6tW781Ub8K5MrDf2IMPyL0RTDiaLHC1JT", - "y": "Kpnrn8DkXUD3ge4mFxi-DKr0DYO2KuJdwNBrhzLRtfMa3WFMZBiPKUPfJj8dYNl_" - } - } - ], - "assertionMethod": [ - "did:key:z82LkvCwHNreneWpsgPEbV3gu1C6NFJEBg4srfJ5gdxEsMGRJUz2sG9FE42shbn2xkZJh54#z82LkvCwHNreneWpsgPEbV3gu1C6NFJEBg4srfJ5gdxEsMGRJUz2sG9FE42shbn2xkZJh54" - ], - "authentication": [ - "did:key:z82LkvCwHNreneWpsgPEbV3gu1C6NFJEBg4srfJ5gdxEsMGRJUz2sG9FE42shbn2xkZJh54#z82LkvCwHNreneWpsgPEbV3gu1C6NFJEBg4srfJ5gdxEsMGRJUz2sG9FE42shbn2xkZJh54" - ], - "capabilityInvocation": [ - "did:key:z82LkvCwHNreneWpsgPEbV3gu1C6NFJEBg4srfJ5gdxEsMGRJUz2sG9FE42shbn2xkZJh54#z82LkvCwHNreneWpsgPEbV3gu1C6NFJEBg4srfJ5gdxEsMGRJUz2sG9FE42shbn2xkZJh54" - ], - "capabilityDelegation": [ - "did:key:z82LkvCwHNreneWpsgPEbV3gu1C6NFJEBg4srfJ5gdxEsMGRJUz2sG9FE42shbn2xkZJh54#z82LkvCwHNreneWpsgPEbV3gu1C6NFJEBg4srfJ5gdxEsMGRJUz2sG9FE42shbn2xkZJh54" - ], - "keyAgreement": [ - "did:key:z82LkvCwHNreneWpsgPEbV3gu1C6NFJEBg4srfJ5gdxEsMGRJUz2sG9FE42shbn2xkZJh54#z82LkvCwHNreneWpsgPEbV3gu1C6NFJEBg4srfJ5gdxEsMGRJUz2sG9FE42shbn2xkZJh54" - ] - } - }, - "did:key:z2J9gaYxrKVpdoG9A4gRnmpnRCcxU6agDtFVVBVdn1JedouoZN7SzcyREXXzWgt3gGiwpoHq7K68X4m32D8HgzG8wv3sY5j7": { - "verificationMethod": { - "id": "#z2J9gaYxrKVpdoG9A4gRnmpnRCcxU6agDtFVVBVdn1JedouoZN7SzcyREXXzWgt3gGiwpoHq7K68X4m32D8HgzG8wv3sY5j7", - "type": "JsonWebKey2020", - "controller": "did:key:z2J9gaYxrKVpdoG9A4gRnmpnRCcxU6agDtFVVBVdn1JedouoZN7SzcyREXXzWgt3gGiwpoHq7K68X4m32D8HgzG8wv3sY5j7", - "publicKeyJwk": { - "kty": "EC", - "crv": "P-521", - "x": "ASUHPMyichQ0QbHZ9ofNx_l4y7luncn5feKLo3OpJ2nSbZoC7mffolj5uy7s6KSKXFmnNWxGJ42IOrjZ47qqwqyS", - "y": "AW9ziIC4ZQQVSNmLlp59yYKrjRY0_VqO-GOIYQ9tYpPraBKUloEId6cI_vynCzlZWZtWpgOM3HPhYEgawQ703RjC" - }, - "privateKeyJwk": { - "kty": "EC", - "crv": "P-521", - "x": "ASUHPMyichQ0QbHZ9ofNx_l4y7luncn5feKLo3OpJ2nSbZoC7mffolj5uy7s6KSKXFmnNWxGJ42IOrjZ47qqwqyS", - "y": "AW9ziIC4ZQQVSNmLlp59yYKrjRY0_VqO-GOIYQ9tYpPraBKUloEId6cI_vynCzlZWZtWpgOM3HPhYEgawQ703RjC", - "d": "AHwRaNaGs0jkj_pT6PK2aHep7dJK-yxyoL2bIfVRAceq1baxoiFDo3W14c8E2YZn1k5S53r4a11flhQdaB5guJ_X" - } - }, - "didDocument": { - "@context": [ - "https://www.w3.org/ns/did/v1", - "https://w3id.org/security/suites/jws-2020/v1" - ], - "id": "did:key:z2J9gaYxrKVpdoG9A4gRnmpnRCcxU6agDtFVVBVdn1JedouoZN7SzcyREXXzWgt3gGiwpoHq7K68X4m32D8HgzG8wv3sY5j7", - "verificationMethod": [ - { - "id": "did:key:z2J9gaYxrKVpdoG9A4gRnmpnRCcxU6agDtFVVBVdn1JedouoZN7SzcyREXXzWgt3gGiwpoHq7K68X4m32D8HgzG8wv3sY5j7#z2J9gaYxrKVpdoG9A4gRnmpnRCcxU6agDtFVVBVdn1JedouoZN7SzcyREXXzWgt3gGiwpoHq7K68X4m32D8HgzG8wv3sY5j7", - "type": "JsonWebKey2020", - "controller": "did:key:z2J9gaYxrKVpdoG9A4gRnmpnRCcxU6agDtFVVBVdn1JedouoZN7SzcyREXXzWgt3gGiwpoHq7K68X4m32D8HgzG8wv3sY5j7", - "publicKeyJwk": { - "kty": "EC", - "crv": "P-521", - "x": "ASUHPMyichQ0QbHZ9ofNx_l4y7luncn5feKLo3OpJ2nSbZoC7mffolj5uy7s6KSKXFmnNWxGJ42IOrjZ47qqwqyS", - "y": "AW9ziIC4ZQQVSNmLlp59yYKrjRY0_VqO-GOIYQ9tYpPraBKUloEId6cI_vynCzlZWZtWpgOM3HPhYEgawQ703RjC" - } - } - ], - "assertionMethod": [ - "did:key:z2J9gaYxrKVpdoG9A4gRnmpnRCcxU6agDtFVVBVdn1JedouoZN7SzcyREXXzWgt3gGiwpoHq7K68X4m32D8HgzG8wv3sY5j7#z2J9gaYxrKVpdoG9A4gRnmpnRCcxU6agDtFVVBVdn1JedouoZN7SzcyREXXzWgt3gGiwpoHq7K68X4m32D8HgzG8wv3sY5j7" - ], - "authentication": [ - "did:key:z2J9gaYxrKVpdoG9A4gRnmpnRCcxU6agDtFVVBVdn1JedouoZN7SzcyREXXzWgt3gGiwpoHq7K68X4m32D8HgzG8wv3sY5j7#z2J9gaYxrKVpdoG9A4gRnmpnRCcxU6agDtFVVBVdn1JedouoZN7SzcyREXXzWgt3gGiwpoHq7K68X4m32D8HgzG8wv3sY5j7" - ], - "capabilityInvocation": [ - "did:key:z2J9gaYxrKVpdoG9A4gRnmpnRCcxU6agDtFVVBVdn1JedouoZN7SzcyREXXzWgt3gGiwpoHq7K68X4m32D8HgzG8wv3sY5j7#z2J9gaYxrKVpdoG9A4gRnmpnRCcxU6agDtFVVBVdn1JedouoZN7SzcyREXXzWgt3gGiwpoHq7K68X4m32D8HgzG8wv3sY5j7" - ], - "capabilityDelegation": [ - "did:key:z2J9gaYxrKVpdoG9A4gRnmpnRCcxU6agDtFVVBVdn1JedouoZN7SzcyREXXzWgt3gGiwpoHq7K68X4m32D8HgzG8wv3sY5j7#z2J9gaYxrKVpdoG9A4gRnmpnRCcxU6agDtFVVBVdn1JedouoZN7SzcyREXXzWgt3gGiwpoHq7K68X4m32D8HgzG8wv3sY5j7" - ], - "keyAgreement": [ - "did:key:z2J9gaYxrKVpdoG9A4gRnmpnRCcxU6agDtFVVBVdn1JedouoZN7SzcyREXXzWgt3gGiwpoHq7K68X4m32D8HgzG8wv3sY5j7#z2J9gaYxrKVpdoG9A4gRnmpnRCcxU6agDtFVVBVdn1JedouoZN7SzcyREXXzWgt3gGiwpoHq7K68X4m32D8HgzG8wv3sY5j7" - ] - } - }, - "did:key:z2J9gcGdb2nEyMDmzQYv2QZQcM1vXktvy1Pw4MduSWxGabLZ9XESSWLQgbuPhwnXN7zP7HpTzWqrMTzaY5zWe6hpzJ2jnw4f": { - "verificationMethod": { - "id": "#z2J9gcGdb2nEyMDmzQYv2QZQcM1vXktvy1Pw4MduSWxGabLZ9XESSWLQgbuPhwnXN7zP7HpTzWqrMTzaY5zWe6hpzJ2jnw4f", - "type": "JsonWebKey2020", - "controller": "did:key:z2J9gcGdb2nEyMDmzQYv2QZQcM1vXktvy1Pw4MduSWxGabLZ9XESSWLQgbuPhwnXN7zP7HpTzWqrMTzaY5zWe6hpzJ2jnw4f", - "publicKeyJwk": { - "kty": "EC", - "crv": "P-521", - "x": "AQgyFy6EwH3_u_KXPw8aTXTY7WSVytmbuJeFpq4U6LipxtSmBJe_jjRzms9qubnwm_fGoHMQlvQ1vzS2YLusR2V0", - "y": "Ab06MCcgoG7dM2I-VppdLV1k3lDoeHMvyYqHVfP05Ep2O7Zu0Qwd6IVzfZi9K0KMDud22wdnGUpUtFukZo0EeO15" - }, - "privateKeyJwk": { - "kty": "EC", - "crv": "P-521", - "x": "AQgyFy6EwH3_u_KXPw8aTXTY7WSVytmbuJeFpq4U6LipxtSmBJe_jjRzms9qubnwm_fGoHMQlvQ1vzS2YLusR2V0", - "y": "Ab06MCcgoG7dM2I-VppdLV1k3lDoeHMvyYqHVfP05Ep2O7Zu0Qwd6IVzfZi9K0KMDud22wdnGUpUtFukZo0EeO15", - "d": "AbheZ-AA58LP4BpopCGCLH8ZoMdkdJaVOS6KK2NNmDCisr5_Ifxl-qcunrkOJ0CSauA4LJyNbCWcy28Bo6zgHTXQ" - } - }, - "didDocument": { - "@context": [ - "https://www.w3.org/ns/did/v1", - "https://w3id.org/security/suites/jws-2020/v1" - ], - "id": "did:key:z2J9gcGdb2nEyMDmzQYv2QZQcM1vXktvy1Pw4MduSWxGabLZ9XESSWLQgbuPhwnXN7zP7HpTzWqrMTzaY5zWe6hpzJ2jnw4f", - "verificationMethod": [ - { - "id": "did:key:z2J9gcGdb2nEyMDmzQYv2QZQcM1vXktvy1Pw4MduSWxGabLZ9XESSWLQgbuPhwnXN7zP7HpTzWqrMTzaY5zWe6hpzJ2jnw4f#z2J9gcGdb2nEyMDmzQYv2QZQcM1vXktvy1Pw4MduSWxGabLZ9XESSWLQgbuPhwnXN7zP7HpTzWqrMTzaY5zWe6hpzJ2jnw4f", - "type": "JsonWebKey2020", - "controller": "did:key:z2J9gcGdb2nEyMDmzQYv2QZQcM1vXktvy1Pw4MduSWxGabLZ9XESSWLQgbuPhwnXN7zP7HpTzWqrMTzaY5zWe6hpzJ2jnw4f", - "publicKeyJwk": { - "kty": "EC", - "crv": "P-521", - "x": "AQgyFy6EwH3_u_KXPw8aTXTY7WSVytmbuJeFpq4U6LipxtSmBJe_jjRzms9qubnwm_fGoHMQlvQ1vzS2YLusR2V0", - "y": "Ab06MCcgoG7dM2I-VppdLV1k3lDoeHMvyYqHVfP05Ep2O7Zu0Qwd6IVzfZi9K0KMDud22wdnGUpUtFukZo0EeO15" - } - } - ], - "assertionMethod": [ - "did:key:z2J9gcGdb2nEyMDmzQYv2QZQcM1vXktvy1Pw4MduSWxGabLZ9XESSWLQgbuPhwnXN7zP7HpTzWqrMTzaY5zWe6hpzJ2jnw4f#z2J9gcGdb2nEyMDmzQYv2QZQcM1vXktvy1Pw4MduSWxGabLZ9XESSWLQgbuPhwnXN7zP7HpTzWqrMTzaY5zWe6hpzJ2jnw4f" - ], - "authentication": [ - "did:key:z2J9gcGdb2nEyMDmzQYv2QZQcM1vXktvy1Pw4MduSWxGabLZ9XESSWLQgbuPhwnXN7zP7HpTzWqrMTzaY5zWe6hpzJ2jnw4f#z2J9gcGdb2nEyMDmzQYv2QZQcM1vXktvy1Pw4MduSWxGabLZ9XESSWLQgbuPhwnXN7zP7HpTzWqrMTzaY5zWe6hpzJ2jnw4f" - ], - "capabilityInvocation": [ - "did:key:z2J9gcGdb2nEyMDmzQYv2QZQcM1vXktvy1Pw4MduSWxGabLZ9XESSWLQgbuPhwnXN7zP7HpTzWqrMTzaY5zWe6hpzJ2jnw4f#z2J9gcGdb2nEyMDmzQYv2QZQcM1vXktvy1Pw4MduSWxGabLZ9XESSWLQgbuPhwnXN7zP7HpTzWqrMTzaY5zWe6hpzJ2jnw4f" - ], - "capabilityDelegation": [ - "did:key:z2J9gcGdb2nEyMDmzQYv2QZQcM1vXktvy1Pw4MduSWxGabLZ9XESSWLQgbuPhwnXN7zP7HpTzWqrMTzaY5zWe6hpzJ2jnw4f#z2J9gcGdb2nEyMDmzQYv2QZQcM1vXktvy1Pw4MduSWxGabLZ9XESSWLQgbuPhwnXN7zP7HpTzWqrMTzaY5zWe6hpzJ2jnw4f" - ], - "keyAgreement": [ - "did:key:z2J9gcGdb2nEyMDmzQYv2QZQcM1vXktvy1Pw4MduSWxGabLZ9XESSWLQgbuPhwnXN7zP7HpTzWqrMTzaY5zWe6hpzJ2jnw4f#z2J9gcGdb2nEyMDmzQYv2QZQcM1vXktvy1Pw4MduSWxGabLZ9XESSWLQgbuPhwnXN7zP7HpTzWqrMTzaY5zWe6hpzJ2jnw4f" - ] - } - }, - "did:key:zDnaeTiq1PdzvZXUaMdezchcMJQpBdH2VN4pgrrEhMCCbmwSb": { - "verificationMethod": { - "id": "did:key:zDnaeTiq1PdzvZXUaMdezchcMJQpBdH2VN4pgrrEhMCCbmwSb#zDnaeTiq1PdzvZXUaMdezchcMJQpBdH2VN4pgrrEhMCCbmwSb", - "type": "P256Key2021", - "controller": "did:key:zDnaeTiq1PdzvZXUaMdezchcMJQpBdH2VN4pgrrEhMCCbmwSb", - "publicKeyBase58": "ekVhkcBFq3w7jULLkBVye6PwaTuMbhJYuzwFnNcgQAPV", - "privateKeyBase58": "9p4VRzdmhsnq869vQjVCTrRry7u4TtfRxhvBFJTGU2Cp" - }, - "didDocument": { - "@context": [ - "https://www.w3.org/ns/did/v1", - "https://w3id.org/security/suites/multikey-2021/v1" - ], - "id": "did:key:zDnaeTiq1PdzvZXUaMdezchcMJQpBdH2VN4pgrrEhMCCbmwSb", - "verificationMethod": [ - { - "id": "did:key:zDnaeTiq1PdzvZXUaMdezchcMJQpBdH2VN4pgrrEhMCCbmwSb#zDnaeTiq1PdzvZXUaMdezchcMJQpBdH2VN4pgrrEhMCCbmwSb", - "type": "P256Key2021", - "controller": "did:key:zDnaeTiq1PdzvZXUaMdezchcMJQpBdH2VN4pgrrEhMCCbmwSb", - "publicKeyBase58": "ekVhkcBFq3w7jULLkBVye6PwaTuMbhJYuzwFnNcgQAPV" - } - ], - "assertionMethod": [ - "did:key:zDnaeTiq1PdzvZXUaMdezchcMJQpBdH2VN4pgrrEhMCCbmwSb#zDnaeTiq1PdzvZXUaMdezchcMJQpBdH2VN4pgrrEhMCCbmwSb" - ], - "authentication": [ - "did:key:zDnaeTiq1PdzvZXUaMdezchcMJQpBdH2VN4pgrrEhMCCbmwSb#zDnaeTiq1PdzvZXUaMdezchcMJQpBdH2VN4pgrrEhMCCbmwSb" - ], - "capabilityInvocation": [ - "did:key:zDnaeTiq1PdzvZXUaMdezchcMJQpBdH2VN4pgrrEhMCCbmwSb#zDnaeTiq1PdzvZXUaMdezchcMJQpBdH2VN4pgrrEhMCCbmwSb" - ], - "capabilityDelegation": [ - "did:key:zDnaeTiq1PdzvZXUaMdezchcMJQpBdH2VN4pgrrEhMCCbmwSb#zDnaeTiq1PdzvZXUaMdezchcMJQpBdH2VN4pgrrEhMCCbmwSb" - ], - "keyAgreement": [ - "did:key:zDnaeTiq1PdzvZXUaMdezchcMJQpBdH2VN4pgrrEhMCCbmwSb#zDnaeTiq1PdzvZXUaMdezchcMJQpBdH2VN4pgrrEhMCCbmwSb" - ] - } - } -} diff --git a/did/testvectors/rsa.json b/did/testvectors/rsa.json deleted file mode 100644 index 99d6ffa..0000000 --- a/did/testvectors/rsa.json +++ /dev/null @@ -1,106 +0,0 @@ -{ - "did:key:z4MXj1wBzi9jUstyPMS4jQqB6KdJaiatPkAtVtGc6bQEQEEsKTic4G7Rou3iBf9vPmT5dbkm9qsZsuVNjq8HCuW1w24nhBFGkRE4cd2Uf2tfrB3N7h4mnyPp1BF3ZttHTYv3DLUPi1zMdkULiow3M1GfXkoC6DoxDUm1jmN6GBj22SjVsr6dxezRVQc7aj9TxE7JLbMH1wh5X3kA58H3DFW8rnYMakFGbca5CB2Jf6CnGQZmL7o5uJAdTwXfy2iiiyPxXEGerMhHwhjTA1mKYobyk2CpeEcmvynADfNZ5MBvcCS7m3XkFCMNUYBS9NQ3fze6vMSUPsNa6GVYmKx2x6JrdEjCk3qRMMmyjnjCMfR4pXbRMZa3i": { - "publicKeyJwk": { - "kty": "RSA", - "n": "sbX82NTV6IylxCh7MfV4hlyvaniCajuP97GyOqSvTmoEdBOflFvZ06kR_9D6ctt45Fk6hskfnag2GG69NALVH2o4RCR6tQiLRpKcMRtDYE_thEmfBvDzm_VVkOIYfxu-Ipuo9J_S5XDNDjczx2v-3oDh5-CIHkU46hvFeCvpUS-L8TJSbgX0kjVk_m4eIb9wh63rtmD6Uz_KBtCo5mmR4TEtcLZKYdqMp3wCjN-TlgHiz_4oVXWbHUefCEe8rFnX1iQnpDHU49_SaXQoud1jCaexFn25n-Aa8f8bc5Vm-5SeRwidHa6ErvEhTvf1dz6GoNPp2iRvm-wJ1gxwWJEYPQ", - "e": "AQAB" - }, - "privateKeyJwk": { - "kty": "RSA", - "n": "sbX82NTV6IylxCh7MfV4hlyvaniCajuP97GyOqSvTmoEdBOflFvZ06kR_9D6ctt45Fk6hskfnag2GG69NALVH2o4RCR6tQiLRpKcMRtDYE_thEmfBvDzm_VVkOIYfxu-Ipuo9J_S5XDNDjczx2v-3oDh5-CIHkU46hvFeCvpUS-L8TJSbgX0kjVk_m4eIb9wh63rtmD6Uz_KBtCo5mmR4TEtcLZKYdqMp3wCjN-TlgHiz_4oVXWbHUefCEe8rFnX1iQnpDHU49_SaXQoud1jCaexFn25n-Aa8f8bc5Vm-5SeRwidHa6ErvEhTvf1dz6GoNPp2iRvm-wJ1gxwWJEYPQ", - "e": "AQAB", - "d": "Eym3sT4KLwBzo5pl5nY83-hAti92iLQRizkrKe22RbNi9Y1kKOBatdtGaJqFVztZZu5ERGKNuTd5VdsjJeekSbXviVGRtdHNCvgmRZlWA5261AgIUPxMmKW062GmGJbKQvscFfziBgHK6tyDBd8cZavqMFHi-7ilMYF7IsFBcJKM85x_30pnfd4YwhGQIc9hzv238aOwYKg8c-MzYhEVUnL273jaiLVlfZWQ5ca-GXJHmdOb_Y4fE5gpXfPFBseqleXsMp0VuXxCEsN30LIJHYscdPtbzLD3LFbuMJglFbQqYqssqymILGqJ7Tc2mB2LmXevfqRWz5D7A_K1WzvuoQ", - "p": "ANwlk-eVXPQplCmr7VddX8MAlN5YWvfXkbJe2KOhyS7naSlfMyeW6I0z6q6MAI4h8cs9yEzwmN1oEl_6tZ_-NPd1Oda2Hq5jHx0Jq2P5exIMMbzTTHbB-LjMB4c-b1DZLOrL7ZpCS-CcEHvBz4phzHa7gqz2SrNIGozufbjS_tK5", - "q": "AM6nKRFqRgHiUtGc0xJawpXJeokGhJQFfinDlakjkptuRQNv0BOz8fRUxk6zwwYrx-T_Yk-0oAFsD8qWIgiXg8Wf0bdRW0L0dIH4c6ff3mSREXeAT2h3XDaF0F1YKns08WyYWtOuIiYWChyO9sweK7AUuaOJ-6lr6lElzTGHVf-l", - "dp": "AIHFBPK2cRzchaIq3rVpLVHdveNzYexG_nOOxVVvwRANCUiB_b2Qj3Ts7aIGlS0zhTyxJql0Cig5eNtrBjVRvBdC2t1ebaeOdoC_enBsV8fDuG3-gExg-ySz4JwwiZ2252tg2qbb_a5hULYjARwpmkVDMzyR0mbsUfpRe3q_pcbB", - "dq": "Id2bCVOVLXHdiKReor9k7A8cmaAL0gYkasu2lwVRXU9w1-NXAiOXHydVaEhlSXmbRJflkJJVNmZzIAwCf830tko-oAAhKJPPFA2XRoeVdn2fkynf2YrV_cloICP2skI23kkJeW8sAXnTJmL3ZvP6zNxYn8hZCaa5u5qqSdeX7FE", - "qi": "WKIToXXnjl7GDbz7jCNbX9nWYOE5BDNzVmwiVOnyGoTZfwJ_qtgizj7pOapxi6dT9S9mMavmeAi6LAsEe1WUWtaKSNhbNh0PUGGXlXHGlhkS8jI1ot0e-scrHAuACE567YQ4VurpNorPKtZ5UENXIn74DEmt4l5m6902VF3X5Wo" - }, - "didDocument": { - "@context": [ - "https://www.w3.org/ns/did/v1", - "https://w3id.org/security/suites/jws-2020/v1" - ], - "id": "did:key:z4MXj1wBzi9jUstyPMS4jQqB6KdJaiatPkAtVtGc6bQEQEEsKTic4G7Rou3iBf9vPmT5dbkm9qsZsuVNjq8HCuW1w24nhBFGkRE4cd2Uf2tfrB3N7h4mnyPp1BF3ZttHTYv3DLUPi1zMdkULiow3M1GfXkoC6DoxDUm1jmN6GBj22SjVsr6dxezRVQc7aj9TxE7JLbMH1wh5X3kA58H3DFW8rnYMakFGbca5CB2Jf6CnGQZmL7o5uJAdTwXfy2iiiyPxXEGerMhHwhjTA1mKYobyk2CpeEcmvynADfNZ5MBvcCS7m3XkFCMNUYBS9NQ3fze6vMSUPsNa6GVYmKx2x6JrdEjCk3qRMMmyjnjCMfR4pXbRMZa3i", - "verificationMethod": [ - { - "id": "did:key:z4MXj1wBzi9jUstyPMS4jQqB6KdJaiatPkAtVtGc6bQEQEEsKTic4G7Rou3iBf9vPmT5dbkm9qsZsuVNjq8HCuW1w24nhBFGkRE4cd2Uf2tfrB3N7h4mnyPp1BF3ZttHTYv3DLUPi1zMdkULiow3M1GfXkoC6DoxDUm1jmN6GBj22SjVsr6dxezRVQc7aj9TxE7JLbMH1wh5X3kA58H3DFW8rnYMakFGbca5CB2Jf6CnGQZmL7o5uJAdTwXfy2iiiyPxXEGerMhHwhjTA1mKYobyk2CpeEcmvynADfNZ5MBvcCS7m3XkFCMNUYBS9NQ3fze6vMSUPsNa6GVYmKx2x6JrdEjCk3qRMMmyjnjCMfR4pXbRMZa3i#z4MXj1wBzi9jUstyPMS4jQqB6KdJaiatPkAtVtGc6bQEQEEsKTic4G7Rou3iBf9vPmT5dbkm9qsZsuVNjq8HCuW1w24nhBFGkRE4cd2Uf2tfrB3N7h4mnyPp1BF3ZttHTYv3DLUPi1zMdkULiow3M1GfXkoC6DoxDUm1jmN6GBj22SjVsr6dxezRVQc7aj9TxE7JLbMH1wh5X3kA58H3DFW8rnYMakFGbca5CB2Jf6CnGQZmL7o5uJAdTwXfy2iiiyPxXEGerMhHwhjTA1mKYobyk2CpeEcmvynADfNZ5MBvcCS7m3XkFCMNUYBS9NQ3fze6vMSUPsNa6GVYmKx2x6JrdEjCk3qRMMmyjnjCMfR4pXbRMZa3i", - "type": "JsonWebKey2020", - "controller": "did:key:z4MXj1wBzi9jUstyPMS4jQqB6KdJaiatPkAtVtGc6bQEQEEsKTic4G7Rou3iBf9vPmT5dbkm9qsZsuVNjq8HCuW1w24nhBFGkRE4cd2Uf2tfrB3N7h4mnyPp1BF3ZttHTYv3DLUPi1zMdkULiow3M1GfXkoC6DoxDUm1jmN6GBj22SjVsr6dxezRVQc7aj9TxE7JLbMH1wh5X3kA58H3DFW8rnYMakFGbca5CB2Jf6CnGQZmL7o5uJAdTwXfy2iiiyPxXEGerMhHwhjTA1mKYobyk2CpeEcmvynADfNZ5MBvcCS7m3XkFCMNUYBS9NQ3fze6vMSUPsNa6GVYmKx2x6JrdEjCk3qRMMmyjnjCMfR4pXbRMZa3i", - "publicKeyJwk": { - "kty": "RSA", - "n": "sbX82NTV6IylxCh7MfV4hlyvaniCajuP97GyOqSvTmoEdBOflFvZ06kR_9D6ctt45Fk6hskfnag2GG69NALVH2o4RCR6tQiLRpKcMRtDYE_thEmfBvDzm_VVkOIYfxu-Ipuo9J_S5XDNDjczx2v-3oDh5-CIHkU46hvFeCvpUS-L8TJSbgX0kjVk_m4eIb9wh63rtmD6Uz_KBtCo5mmR4TEtcLZKYdqMp3wCjN-TlgHiz_4oVXWbHUefCEe8rFnX1iQnpDHU49_SaXQoud1jCaexFn25n-Aa8f8bc5Vm-5SeRwidHa6ErvEhTvf1dz6GoNPp2iRvm-wJ1gxwWJEYPQ", - "e": "AQAB" - } - } - ], - "authentication": [ - "did:key:z4MXj1wBzi9jUstyPMS4jQqB6KdJaiatPkAtVtGc6bQEQEEsKTic4G7Rou3iBf9vPmT5dbkm9qsZsuVNjq8HCuW1w24nhBFGkRE4cd2Uf2tfrB3N7h4mnyPp1BF3ZttHTYv3DLUPi1zMdkULiow3M1GfXkoC6DoxDUm1jmN6GBj22SjVsr6dxezRVQc7aj9TxE7JLbMH1wh5X3kA58H3DFW8rnYMakFGbca5CB2Jf6CnGQZmL7o5uJAdTwXfy2iiiyPxXEGerMhHwhjTA1mKYobyk2CpeEcmvynADfNZ5MBvcCS7m3XkFCMNUYBS9NQ3fze6vMSUPsNa6GVYmKx2x6JrdEjCk3qRMMmyjnjCMfR4pXbRMZa3i#z4MXj1wBzi9jUstyPMS4jQqB6KdJaiatPkAtVtGc6bQEQEEsKTic4G7Rou3iBf9vPmT5dbkm9qsZsuVNjq8HCuW1w24nhBFGkRE4cd2Uf2tfrB3N7h4mnyPp1BF3ZttHTYv3DLUPi1zMdkULiow3M1GfXkoC6DoxDUm1jmN6GBj22SjVsr6dxezRVQc7aj9TxE7JLbMH1wh5X3kA58H3DFW8rnYMakFGbca5CB2Jf6CnGQZmL7o5uJAdTwXfy2iiiyPxXEGerMhHwhjTA1mKYobyk2CpeEcmvynADfNZ5MBvcCS7m3XkFCMNUYBS9NQ3fze6vMSUPsNa6GVYmKx2x6JrdEjCk3qRMMmyjnjCMfR4pXbRMZa3i" - ], - "assertionMethod": [ - "did:key:z4MXj1wBzi9jUstyPMS4jQqB6KdJaiatPkAtVtGc6bQEQEEsKTic4G7Rou3iBf9vPmT5dbkm9qsZsuVNjq8HCuW1w24nhBFGkRE4cd2Uf2tfrB3N7h4mnyPp1BF3ZttHTYv3DLUPi1zMdkULiow3M1GfXkoC6DoxDUm1jmN6GBj22SjVsr6dxezRVQc7aj9TxE7JLbMH1wh5X3kA58H3DFW8rnYMakFGbca5CB2Jf6CnGQZmL7o5uJAdTwXfy2iiiyPxXEGerMhHwhjTA1mKYobyk2CpeEcmvynADfNZ5MBvcCS7m3XkFCMNUYBS9NQ3fze6vMSUPsNa6GVYmKx2x6JrdEjCk3qRMMmyjnjCMfR4pXbRMZa3i#z4MXj1wBzi9jUstyPMS4jQqB6KdJaiatPkAtVtGc6bQEQEEsKTic4G7Rou3iBf9vPmT5dbkm9qsZsuVNjq8HCuW1w24nhBFGkRE4cd2Uf2tfrB3N7h4mnyPp1BF3ZttHTYv3DLUPi1zMdkULiow3M1GfXkoC6DoxDUm1jmN6GBj22SjVsr6dxezRVQc7aj9TxE7JLbMH1wh5X3kA58H3DFW8rnYMakFGbca5CB2Jf6CnGQZmL7o5uJAdTwXfy2iiiyPxXEGerMhHwhjTA1mKYobyk2CpeEcmvynADfNZ5MBvcCS7m3XkFCMNUYBS9NQ3fze6vMSUPsNa6GVYmKx2x6JrdEjCk3qRMMmyjnjCMfR4pXbRMZa3i" - ], - "capabilityDelegation": [ - "did:key:z4MXj1wBzi9jUstyPMS4jQqB6KdJaiatPkAtVtGc6bQEQEEsKTic4G7Rou3iBf9vPmT5dbkm9qsZsuVNjq8HCuW1w24nhBFGkRE4cd2Uf2tfrB3N7h4mnyPp1BF3ZttHTYv3DLUPi1zMdkULiow3M1GfXkoC6DoxDUm1jmN6GBj22SjVsr6dxezRVQc7aj9TxE7JLbMH1wh5X3kA58H3DFW8rnYMakFGbca5CB2Jf6CnGQZmL7o5uJAdTwXfy2iiiyPxXEGerMhHwhjTA1mKYobyk2CpeEcmvynADfNZ5MBvcCS7m3XkFCMNUYBS9NQ3fze6vMSUPsNa6GVYmKx2x6JrdEjCk3qRMMmyjnjCMfR4pXbRMZa3i#z4MXj1wBzi9jUstyPMS4jQqB6KdJaiatPkAtVtGc6bQEQEEsKTic4G7Rou3iBf9vPmT5dbkm9qsZsuVNjq8HCuW1w24nhBFGkRE4cd2Uf2tfrB3N7h4mnyPp1BF3ZttHTYv3DLUPi1zMdkULiow3M1GfXkoC6DoxDUm1jmN6GBj22SjVsr6dxezRVQc7aj9TxE7JLbMH1wh5X3kA58H3DFW8rnYMakFGbca5CB2Jf6CnGQZmL7o5uJAdTwXfy2iiiyPxXEGerMhHwhjTA1mKYobyk2CpeEcmvynADfNZ5MBvcCS7m3XkFCMNUYBS9NQ3fze6vMSUPsNa6GVYmKx2x6JrdEjCk3qRMMmyjnjCMfR4pXbRMZa3i" - ], - "capabilityInvocation": [ - "did:key:z4MXj1wBzi9jUstyPMS4jQqB6KdJaiatPkAtVtGc6bQEQEEsKTic4G7Rou3iBf9vPmT5dbkm9qsZsuVNjq8HCuW1w24nhBFGkRE4cd2Uf2tfrB3N7h4mnyPp1BF3ZttHTYv3DLUPi1zMdkULiow3M1GfXkoC6DoxDUm1jmN6GBj22SjVsr6dxezRVQc7aj9TxE7JLbMH1wh5X3kA58H3DFW8rnYMakFGbca5CB2Jf6CnGQZmL7o5uJAdTwXfy2iiiyPxXEGerMhHwhjTA1mKYobyk2CpeEcmvynADfNZ5MBvcCS7m3XkFCMNUYBS9NQ3fze6vMSUPsNa6GVYmKx2x6JrdEjCk3qRMMmyjnjCMfR4pXbRMZa3i#z4MXj1wBzi9jUstyPMS4jQqB6KdJaiatPkAtVtGc6bQEQEEsKTic4G7Rou3iBf9vPmT5dbkm9qsZsuVNjq8HCuW1w24nhBFGkRE4cd2Uf2tfrB3N7h4mnyPp1BF3ZttHTYv3DLUPi1zMdkULiow3M1GfXkoC6DoxDUm1jmN6GBj22SjVsr6dxezRVQc7aj9TxE7JLbMH1wh5X3kA58H3DFW8rnYMakFGbca5CB2Jf6CnGQZmL7o5uJAdTwXfy2iiiyPxXEGerMhHwhjTA1mKYobyk2CpeEcmvynADfNZ5MBvcCS7m3XkFCMNUYBS9NQ3fze6vMSUPsNa6GVYmKx2x6JrdEjCk3qRMMmyjnjCMfR4pXbRMZa3i" - ], - "keyAgreement": [ - "did:key:z4MXj1wBzi9jUstyPMS4jQqB6KdJaiatPkAtVtGc6bQEQEEsKTic4G7Rou3iBf9vPmT5dbkm9qsZsuVNjq8HCuW1w24nhBFGkRE4cd2Uf2tfrB3N7h4mnyPp1BF3ZttHTYv3DLUPi1zMdkULiow3M1GfXkoC6DoxDUm1jmN6GBj22SjVsr6dxezRVQc7aj9TxE7JLbMH1wh5X3kA58H3DFW8rnYMakFGbca5CB2Jf6CnGQZmL7o5uJAdTwXfy2iiiyPxXEGerMhHwhjTA1mKYobyk2CpeEcmvynADfNZ5MBvcCS7m3XkFCMNUYBS9NQ3fze6vMSUPsNa6GVYmKx2x6JrdEjCk3qRMMmyjnjCMfR4pXbRMZa3i#z4MXj1wBzi9jUstyPMS4jQqB6KdJaiatPkAtVtGc6bQEQEEsKTic4G7Rou3iBf9vPmT5dbkm9qsZsuVNjq8HCuW1w24nhBFGkRE4cd2Uf2tfrB3N7h4mnyPp1BF3ZttHTYv3DLUPi1zMdkULiow3M1GfXkoC6DoxDUm1jmN6GBj22SjVsr6dxezRVQc7aj9TxE7JLbMH1wh5X3kA58H3DFW8rnYMakFGbca5CB2Jf6CnGQZmL7o5uJAdTwXfy2iiiyPxXEGerMhHwhjTA1mKYobyk2CpeEcmvynADfNZ5MBvcCS7m3XkFCMNUYBS9NQ3fze6vMSUPsNa6GVYmKx2x6JrdEjCk3qRMMmyjnjCMfR4pXbRMZa3i" - ] - } - }, - "did:key:zgghBUVkqmWS8e1ioRVp2WN9Vw6x4NvnE9PGAyQsPqM3fnfPf8EdauiRVfBTcVDyzhqM5FFC7ekAvuV1cJHawtfgB9wDcru1hPDobk3hqyedijhgWmsYfJCmodkiiFnjNWATE7PvqTyoCjcmrc8yMRXmFPnoASyT5beUd4YZxTE9VfgmavcPy3BSouNmASMQ8xUXeiRwjb7xBaVTiDRjkmyPD7NYZdXuS93gFhyDFr5b3XLg7Rfj9nHEqtHDa7NmAX7iwDAbMUFEfiDEf9hrqZmpAYJracAjTTR8Cvn6mnDXMLwayNG8dcsXFodxok2qksYF4D8ffUxMRmyyQVQhhhmdSi4YaMPqTnC1J6HTG9Yfb98yGSVaWi4TApUhLXFow2ZvB6vqckCNhjCRL2R4MDUSk71qzxWHgezKyDeyThJgdxydrn1osqH94oSeA346eipkJvKqYREXBKwgB5VL6WF4qAK6sVZxJp2dQBfCPVZ4EbsBQaJXaVK7cNcWG8tZBFWZ79gG9Cu6C4u8yjBS8Ux6dCcJPUTLtixQu4z2n5dCsVSNdnP1EEs8ZerZo5pBgc68w4Yuf9KL3xVxPnAB1nRCBfs9cMU6oL1EdyHbqrTfnjE8HpY164akBqe92LFVsk8RusaGsVPrMekT8emTq5y8v8CabuZg5rDs3f9NPEtogjyx49wiub1FecM5B7QqEcZSYiKHgF4mfkteT2": { - "publicKeyJwk": { - "kty": "RSA", - "n": "qMCkFFRFWtzUyZeK8mgJdyM6SEQcXC5E6JwCRVDld-jlJs8sXNOE_vliexq34wZRQ4hk53-JPFlvZ_QjRgIxdUxSMiZ3S5hlNVvvRaue6SMakA9ugQhnfXaWORro0UbPuHLms-bg5StDP8-8tIezu9c1H1FjwPcdbV6rAvKhyhnsM10qP3v2CPbdE0q3FOsihoKuTelImtO110E7N6fLn4U3EYbC4OyViqlrP1o_1M-R-tiM1cb4pD7XKJnIs6ryZdfOQSPBJwjNqSdN6Py_tdrFgPDTyacSSdpTVADOM2IMAoYbhV1N5APhnjOHBRFyKkF1HffQKpmXQLBqvUNNjuhmpVKWBtrTdcCKrglFXiw0cKGHKxIirjmiOlB_HYHg5UdosyE3_1Txct2U7-WBB6QXak1UgxCzgKYBDI8UPA0RlkUuHHP_Zg0fVXrXIInHO04MYxUeSps5qqyP6dJBu_v_BDn3zUq6LYFwJ_-xsU7zbrKYB4jaRlHPoCj_eDC-rSA2uQ4KXHBB8_aAqNFC9ukWxc26Ifz9dF968DLuL30bi-ZAa2oUh492Pw1bg89J7i4qTsOOfpQvGyDV7TGhKuUG3Hbumfr2w16S-_3EI2RIyd1nYsflE6ZmCkZQMG_lwDAFXaqfyGKEDouJuja4XH8r4fGWeGTrozIoniXT1HU", - "e": "AQAB" - }, - "privateKeyJwk": { - "kty": "RSA", - "n": "qMCkFFRFWtzUyZeK8mgJdyM6SEQcXC5E6JwCRVDld-jlJs8sXNOE_vliexq34wZRQ4hk53-JPFlvZ_QjRgIxdUxSMiZ3S5hlNVvvRaue6SMakA9ugQhnfXaWORro0UbPuHLms-bg5StDP8-8tIezu9c1H1FjwPcdbV6rAvKhyhnsM10qP3v2CPbdE0q3FOsihoKuTelImtO110E7N6fLn4U3EYbC4OyViqlrP1o_1M-R-tiM1cb4pD7XKJnIs6ryZdfOQSPBJwjNqSdN6Py_tdrFgPDTyacSSdpTVADOM2IMAoYbhV1N5APhnjOHBRFyKkF1HffQKpmXQLBqvUNNjuhmpVKWBtrTdcCKrglFXiw0cKGHKxIirjmiOlB_HYHg5UdosyE3_1Txct2U7-WBB6QXak1UgxCzgKYBDI8UPA0RlkUuHHP_Zg0fVXrXIInHO04MYxUeSps5qqyP6dJBu_v_BDn3zUq6LYFwJ_-xsU7zbrKYB4jaRlHPoCj_eDC-rSA2uQ4KXHBB8_aAqNFC9ukWxc26Ifz9dF968DLuL30bi-ZAa2oUh492Pw1bg89J7i4qTsOOfpQvGyDV7TGhKuUG3Hbumfr2w16S-_3EI2RIyd1nYsflE6ZmCkZQMG_lwDAFXaqfyGKEDouJuja4XH8r4fGWeGTrozIoniXT1HU", - "e": "AQAB", - "d": "TMq1H-clVG7PihkjCqJbRFLMj9wmx6_qfauYwPBKK-HYfWujdW5vxBO6Q-jpqy7RxhiISmxYCBVuw_BuKMqQtR8Q_G9StBzaWYjHfn3Vp6Poz4umLqOjbI2NWNks_ybpGbd30oAK8V5ZkO04ozJpkN4i92hzK3mIc5-z1HiTNUPMn6cStab0VCn6em_ylltV774CEcRJ3OLgid7OUspRt_rID3qyreYbOulTu5WXHIGEnZDzrciIlz1dbcVldpUhD0VAP5ZErD2uUP5oztBNcTTn0YBF8CrOALuQVdaz_t_sNS3P0kWeT1eQ0QwDskO5Hw-Aey2tFeWk1bQyLoQ1A0jsw8mDbkO2zrGfJoxmVBkueTK-q64_n1kV7W1aeJFRj4NwEWmwcrs8GSOGOn38fGB_Y3Kci04qvD6L0QZbFkAVzcJracnxbTdHCEX0jsAAPbYC8M_8PyrPJvPC4IAAWTRrSRbysb7r7viRf4A1vTK9VT7uYyxj7Kzx2cU12d9QBXYfdQ2744bUE7HqN-Vh2rHvv2l5v6vzBRoZ5_OhHHVeUYwC9LouE9lSVAObbFM-Qe1SvzbbwN91LziI7UzUc_xMAEiNwt6PpnIAWAhdvSRawEllTwUcn89udHd5UhiAcm-RQOqXIdA9Aly6d8TT8R1p-ZnQ_gbZyBZeS39AuvU=", - "p": "1p4cypsJeTyVXXc5bQpvzVenPy78OHXtGcFQnbTjW8x1GsvJ-rlHAcjUImd44pgNQNe-iYpeUg3KqfONeedNgQCFd8kP7GoVAd45mEvsGBXvjoCXOBMQlsf8UU_hm_LKhVvTvTmMGoudnNv5qYNDMCGJGzwoG-aSvROlIoXzHmDnusZ-hKsDxM9j0PPz21t99Y_Fr30Oq3FIWXPVmLYmfyZYQkxm9a9WNMkqRbwJuMwGI6V9ABsQ1dW_KJzp_aEBbJLcDr9DsWhm9ErLeAlzyaDYEai6wCtKm9em4LDwCbKhJq3hWEp1sIG-hwx1sk7N4i-b8lBijjEQE-dbSQxUlw==", - "q": "yUqMejfrttGujadj7Uf7q91KM7nbQGny4TjD-CqibcFE-s2_DExCgP1wfhUPfJr2uPQDIe4g12uaNoa5GbCSDaQwEmQpurC_5mazt-z-_tbI24hoPQm5Hq67fZz-jDE_3OccLPLIWtajJqmxHbbB5VqskMuXo8KDxPRfBQBhykmb9_5M8pY2ggZOV4shCUn5E9nOnvibvw5Wx4CBtWUtca4rhpd3mVen1d8xCe4xTG_ni_w1lwdxzU1GmRFqgTuZWzL0r2FKzJg7hju1SOEe4tKMxQ-xs2HyNaMM__SLsNmS3lsYZ8r2hqcjEMQQZI0T_O-3BjIpyg986P8j055E0w==", - "dp": "DujzJRw6P0L3OYQT6EBmXgSt6NTRzvZaX4SvnhU4CmOc6xynTpTamwQhwLYhjtRzb0LNyO5k-RxeLQpvlL1-A-1OWHEOeyUvim6u36a-ozm659KFLu8cIu2H2PpMuTHX4gXsIuRBmIKEk6YwpRcqbsiVpt-6BZ4yKZKY0Vou9rhSwQYTOhJLc7vYumaIVX_4szumxzdP8pcvKI_EkhRtfj3iudBnAsCIo6gqGKgkoMMD1iwkEALRW5m66w5jrywlVi6pvRiKkmOna2da1V8KvUJAYJGxT7JyP3tu64M_Wd0gFvjTg_fAT1_kJau27YlOAl2-Xso43poH_OoAzIVfxw==", - "dq": "XI6Z76z9BxB9mgcpTLc3wzw63XQNnB3bn7JRcjBwhdVD2at3uLjsL5HaAy-98kbzQfJ56kUr9sI0o_Po8yYc0ob3z80c3wpdAx2gb-dbDWVH8KJVhBOPestPzR--cEpJGlNuwkBU3mgplyKaHZamq8a46M-lB5jurEbN1mfpj3GvdSYKzdVCdSFfLqP76eCI1pblinW4b-6w-oVdn0JJ1icHPpkxVmJW-2Hok69iHcqrBtRO9AZpTsTEvKekeI4mIyhYGLi9AzzQyhV0c3GImTXFoutng5t7GyzBUoRpI0W4YeQzYa6TEzGRTylIfGPemATF_OReENp0TlLbb3gsHw==", - "qi": "m7uZk4AsOfJ1V2RY8lmEF518toCV7juKuS_b_OUx8B0dRG0_kbF1cH-Tmrgsya3bwkYx5HeZG81rX7SRjh-0nVPOMW3tGqU5U9f59DXqvOItJIJ6wvWvWXnuna2-NstYCotFQWadIKjk4wjEKj-a4NJt4D_F4csyeyqWOH2DiUFzBGGxxdEoD5t_HEeNXuWQ6-SiV0x5ZVMln3TSh7IOMl70Smm8HcQF5mOsWg3N0wIg-yffxPrs6r15TRuW1MfT-bZk2GLrtHF1TkIoT1e00jWK4eBl2oRxiJGONUBMTEHV85Fr0yztnA99AgHnrMbE_4ehvev4h5DEWvFyFuJN_g==" - }, - "didDocument": { - "@context": [ - "https://www.w3.org/ns/did/v1", - "https://w3id.org/security/suites/jws-2020/v1" - ], - "id": "did:key:zgghBUVkqmWS8e1ioRVp2WN9Vw6x4NvnE9PGAyQsPqM3fnfPf8EdauiRVfBTcVDyzhqM5FFC7ekAvuV1cJHawtfgB9wDcru1hPDobk3hqyedijhgWmsYfJCmodkiiFnjNWATE7PvqTyoCjcmrc8yMRXmFPnoASyT5beUd4YZxTE9VfgmavcPy3BSouNmASMQ8xUXeiRwjb7xBaVTiDRjkmyPD7NYZdXuS93gFhyDFr5b3XLg7Rfj9nHEqtHDa7NmAX7iwDAbMUFEfiDEf9hrqZmpAYJracAjTTR8Cvn6mnDXMLwayNG8dcsXFodxok2qksYF4D8ffUxMRmyyQVQhhhmdSi4YaMPqTnC1J6HTG9Yfb98yGSVaWi4TApUhLXFow2ZvB6vqckCNhjCRL2R4MDUSk71qzxWHgezKyDeyThJgdxydrn1osqH94oSeA346eipkJvKqYREXBKwgB5VL6WF4qAK6sVZxJp2dQBfCPVZ4EbsBQaJXaVK7cNcWG8tZBFWZ79gG9Cu6C4u8yjBS8Ux6dCcJPUTLtixQu4z2n5dCsVSNdnP1EEs8ZerZo5pBgc68w4Yuf9KL3xVxPnAB1nRCBfs9cMU6oL1EdyHbqrTfnjE8HpY164akBqe92LFVsk8RusaGsVPrMekT8emTq5y8v8CabuZg5rDs3f9NPEtogjyx49wiub1FecM5B7QqEcZSYiKHgF4mfkteT2", - "verificationMethod": [ - { - "id": "did:key:zgghBUVkqmWS8e1ioRVp2WN9Vw6x4NvnE9PGAyQsPqM3fnfPf8EdauiRVfBTcVDyzhqM5FFC7ekAvuV1cJHawtfgB9wDcru1hPDobk3hqyedijhgWmsYfJCmodkiiFnjNWATE7PvqTyoCjcmrc8yMRXmFPnoASyT5beUd4YZxTE9VfgmavcPy3BSouNmASMQ8xUXeiRwjb7xBaVTiDRjkmyPD7NYZdXuS93gFhyDFr5b3XLg7Rfj9nHEqtHDa7NmAX7iwDAbMUFEfiDEf9hrqZmpAYJracAjTTR8Cvn6mnDXMLwayNG8dcsXFodxok2qksYF4D8ffUxMRmyyQVQhhhmdSi4YaMPqTnC1J6HTG9Yfb98yGSVaWi4TApUhLXFow2ZvB6vqckCNhjCRL2R4MDUSk71qzxWHgezKyDeyThJgdxydrn1osqH94oSeA346eipkJvKqYREXBKwgB5VL6WF4qAK6sVZxJp2dQBfCPVZ4EbsBQaJXaVK7cNcWG8tZBFWZ79gG9Cu6C4u8yjBS8Ux6dCcJPUTLtixQu4z2n5dCsVSNdnP1EEs8ZerZo5pBgc68w4Yuf9KL3xVxPnAB1nRCBfs9cMU6oL1EdyHbqrTfnjE8HpY164akBqe92LFVsk8RusaGsVPrMekT8emTq5y8v8CabuZg5rDs3f9NPEtogjyx49wiub1FecM5B7QqEcZSYiKHgF4mfkteT2#zgghBUVkqmWS8e1ioRVp2WN9Vw6x4NvnE9PGAyQsPqM3fnfPf8EdauiRVfBTcVDyzhqM5FFC7ekAvuV1cJHawtfgB9wDcru1hPDobk3hqyedijhgWmsYfJCmodkiiFnjNWATE7PvqTyoCjcmrc8yMRXmFPnoASyT5beUd4YZxTE9VfgmavcPy3BSouNmASMQ8xUXeiRwjb7xBaVTiDRjkmyPD7NYZdXuS93gFhyDFr5b3XLg7Rfj9nHEqtHDa7NmAX7iwDAbMUFEfiDEf9hrqZmpAYJracAjTTR8Cvn6mnDXMLwayNG8dcsXFodxok2qksYF4D8ffUxMRmyyQVQhhhmdSi4YaMPqTnC1J6HTG9Yfb98yGSVaWi4TApUhLXFow2ZvB6vqckCNhjCRL2R4MDUSk71qzxWHgezKyDeyThJgdxydrn1osqH94oSeA346eipkJvKqYREXBKwgB5VL6WF4qAK6sVZxJp2dQBfCPVZ4EbsBQaJXaVK7cNcWG8tZBFWZ79gG9Cu6C4u8yjBS8Ux6dCcJPUTLtixQu4z2n5dCsVSNdnP1EEs8ZerZo5pBgc68w4Yuf9KL3xVxPnAB1nRCBfs9cMU6oL1EdyHbqrTfnjE8HpY164akBqe92LFVsk8RusaGsVPrMekT8emTq5y8v8CabuZg5rDs3f9NPEtogjyx49wiub1FecM5B7QqEcZSYiKHgF4mfkteT2", - "type": "JsonWebKey2020", - "controller": "did:key:zgghBUVkqmWS8e1ioRVp2WN9Vw6x4NvnE9PGAyQsPqM3fnfPf8EdauiRVfBTcVDyzhqM5FFC7ekAvuV1cJHawtfgB9wDcru1hPDobk3hqyedijhgWmsYfJCmodkiiFnjNWATE7PvqTyoCjcmrc8yMRXmFPnoASyT5beUd4YZxTE9VfgmavcPy3BSouNmASMQ8xUXeiRwjb7xBaVTiDRjkmyPD7NYZdXuS93gFhyDFr5b3XLg7Rfj9nHEqtHDa7NmAX7iwDAbMUFEfiDEf9hrqZmpAYJracAjTTR8Cvn6mnDXMLwayNG8dcsXFodxok2qksYF4D8ffUxMRmyyQVQhhhmdSi4YaMPqTnC1J6HTG9Yfb98yGSVaWi4TApUhLXFow2ZvB6vqckCNhjCRL2R4MDUSk71qzxWHgezKyDeyThJgdxydrn1osqH94oSeA346eipkJvKqYREXBKwgB5VL6WF4qAK6sVZxJp2dQBfCPVZ4EbsBQaJXaVK7cNcWG8tZBFWZ79gG9Cu6C4u8yjBS8Ux6dCcJPUTLtixQu4z2n5dCsVSNdnP1EEs8ZerZo5pBgc68w4Yuf9KL3xVxPnAB1nRCBfs9cMU6oL1EdyHbqrTfnjE8HpY164akBqe92LFVsk8RusaGsVPrMekT8emTq5y8v8CabuZg5rDs3f9NPEtogjyx49wiub1FecM5B7QqEcZSYiKHgF4mfkteT2", - "publicKeyJwk": { - "kty": "RSA", - "n": "qMCkFFRFWtzUyZeK8mgJdyM6SEQcXC5E6JwCRVDld-jlJs8sXNOE_vliexq34wZRQ4hk53-JPFlvZ_QjRgIxdUxSMiZ3S5hlNVvvRaue6SMakA9ugQhnfXaWORro0UbPuHLms-bg5StDP8-8tIezu9c1H1FjwPcdbV6rAvKhyhnsM10qP3v2CPbdE0q3FOsihoKuTelImtO110E7N6fLn4U3EYbC4OyViqlrP1o_1M-R-tiM1cb4pD7XKJnIs6ryZdfOQSPBJwjNqSdN6Py_tdrFgPDTyacSSdpTVADOM2IMAoYbhV1N5APhnjOHBRFyKkF1HffQKpmXQLBqvUNNjuhmpVKWBtrTdcCKrglFXiw0cKGHKxIirjmiOlB_HYHg5UdosyE3_1Txct2U7-WBB6QXak1UgxCzgKYBDI8UPA0RlkUuHHP_Zg0fVXrXIInHO04MYxUeSps5qqyP6dJBu_v_BDn3zUq6LYFwJ_-xsU7zbrKYB4jaRlHPoCj_eDC-rSA2uQ4KXHBB8_aAqNFC9ukWxc26Ifz9dF968DLuL30bi-ZAa2oUh492Pw1bg89J7i4qTsOOfpQvGyDV7TGhKuUG3Hbumfr2w16S-_3EI2RIyd1nYsflE6ZmCkZQMG_lwDAFXaqfyGKEDouJuja4XH8r4fGWeGTrozIoniXT1HU", - "e": "AQAB" - } - } - ], - "authentication": [ - "did:key:zgghBUVkqmWS8e1ioRVp2WN9Vw6x4NvnE9PGAyQsPqM3fnfPf8EdauiRVfBTcVDyzhqM5FFC7ekAvuV1cJHawtfgB9wDcru1hPDobk3hqyedijhgWmsYfJCmodkiiFnjNWATE7PvqTyoCjcmrc8yMRXmFPnoASyT5beUd4YZxTE9VfgmavcPy3BSouNmASMQ8xUXeiRwjb7xBaVTiDRjkmyPD7NYZdXuS93gFhyDFr5b3XLg7Rfj9nHEqtHDa7NmAX7iwDAbMUFEfiDEf9hrqZmpAYJracAjTTR8Cvn6mnDXMLwayNG8dcsXFodxok2qksYF4D8ffUxMRmyyQVQhhhmdSi4YaMPqTnC1J6HTG9Yfb98yGSVaWi4TApUhLXFow2ZvB6vqckCNhjCRL2R4MDUSk71qzxWHgezKyDeyThJgdxydrn1osqH94oSeA346eipkJvKqYREXBKwgB5VL6WF4qAK6sVZxJp2dQBfCPVZ4EbsBQaJXaVK7cNcWG8tZBFWZ79gG9Cu6C4u8yjBS8Ux6dCcJPUTLtixQu4z2n5dCsVSNdnP1EEs8ZerZo5pBgc68w4Yuf9KL3xVxPnAB1nRCBfs9cMU6oL1EdyHbqrTfnjE8HpY164akBqe92LFVsk8RusaGsVPrMekT8emTq5y8v8CabuZg5rDs3f9NPEtogjyx49wiub1FecM5B7QqEcZSYiKHgF4mfkteT2#zgghBUVkqmWS8e1ioRVp2WN9Vw6x4NvnE9PGAyQsPqM3fnfPf8EdauiRVfBTcVDyzhqM5FFC7ekAvuV1cJHawtfgB9wDcru1hPDobk3hqyedijhgWmsYfJCmodkiiFnjNWATE7PvqTyoCjcmrc8yMRXmFPnoASyT5beUd4YZxTE9VfgmavcPy3BSouNmASMQ8xUXeiRwjb7xBaVTiDRjkmyPD7NYZdXuS93gFhyDFr5b3XLg7Rfj9nHEqtHDa7NmAX7iwDAbMUFEfiDEf9hrqZmpAYJracAjTTR8Cvn6mnDXMLwayNG8dcsXFodxok2qksYF4D8ffUxMRmyyQVQhhhmdSi4YaMPqTnC1J6HTG9Yfb98yGSVaWi4TApUhLXFow2ZvB6vqckCNhjCRL2R4MDUSk71qzxWHgezKyDeyThJgdxydrn1osqH94oSeA346eipkJvKqYREXBKwgB5VL6WF4qAK6sVZxJp2dQBfCPVZ4EbsBQaJXaVK7cNcWG8tZBFWZ79gG9Cu6C4u8yjBS8Ux6dCcJPUTLtixQu4z2n5dCsVSNdnP1EEs8ZerZo5pBgc68w4Yuf9KL3xVxPnAB1nRCBfs9cMU6oL1EdyHbqrTfnjE8HpY164akBqe92LFVsk8RusaGsVPrMekT8emTq5y8v8CabuZg5rDs3f9NPEtogjyx49wiub1FecM5B7QqEcZSYiKHgF4mfkteT2" - ], - "assertionMethod": [ - "did:key:zgghBUVkqmWS8e1ioRVp2WN9Vw6x4NvnE9PGAyQsPqM3fnfPf8EdauiRVfBTcVDyzhqM5FFC7ekAvuV1cJHawtfgB9wDcru1hPDobk3hqyedijhgWmsYfJCmodkiiFnjNWATE7PvqTyoCjcmrc8yMRXmFPnoASyT5beUd4YZxTE9VfgmavcPy3BSouNmASMQ8xUXeiRwjb7xBaVTiDRjkmyPD7NYZdXuS93gFhyDFr5b3XLg7Rfj9nHEqtHDa7NmAX7iwDAbMUFEfiDEf9hrqZmpAYJracAjTTR8Cvn6mnDXMLwayNG8dcsXFodxok2qksYF4D8ffUxMRmyyQVQhhhmdSi4YaMPqTnC1J6HTG9Yfb98yGSVaWi4TApUhLXFow2ZvB6vqckCNhjCRL2R4MDUSk71qzxWHgezKyDeyThJgdxydrn1osqH94oSeA346eipkJvKqYREXBKwgB5VL6WF4qAK6sVZxJp2dQBfCPVZ4EbsBQaJXaVK7cNcWG8tZBFWZ79gG9Cu6C4u8yjBS8Ux6dCcJPUTLtixQu4z2n5dCsVSNdnP1EEs8ZerZo5pBgc68w4Yuf9KL3xVxPnAB1nRCBfs9cMU6oL1EdyHbqrTfnjE8HpY164akBqe92LFVsk8RusaGsVPrMekT8emTq5y8v8CabuZg5rDs3f9NPEtogjyx49wiub1FecM5B7QqEcZSYiKHgF4mfkteT2#zgghBUVkqmWS8e1ioRVp2WN9Vw6x4NvnE9PGAyQsPqM3fnfPf8EdauiRVfBTcVDyzhqM5FFC7ekAvuV1cJHawtfgB9wDcru1hPDobk3hqyedijhgWmsYfJCmodkiiFnjNWATE7PvqTyoCjcmrc8yMRXmFPnoASyT5beUd4YZxTE9VfgmavcPy3BSouNmASMQ8xUXeiRwjb7xBaVTiDRjkmyPD7NYZdXuS93gFhyDFr5b3XLg7Rfj9nHEqtHDa7NmAX7iwDAbMUFEfiDEf9hrqZmpAYJracAjTTR8Cvn6mnDXMLwayNG8dcsXFodxok2qksYF4D8ffUxMRmyyQVQhhhmdSi4YaMPqTnC1J6HTG9Yfb98yGSVaWi4TApUhLXFow2ZvB6vqckCNhjCRL2R4MDUSk71qzxWHgezKyDeyThJgdxydrn1osqH94oSeA346eipkJvKqYREXBKwgB5VL6WF4qAK6sVZxJp2dQBfCPVZ4EbsBQaJXaVK7cNcWG8tZBFWZ79gG9Cu6C4u8yjBS8Ux6dCcJPUTLtixQu4z2n5dCsVSNdnP1EEs8ZerZo5pBgc68w4Yuf9KL3xVxPnAB1nRCBfs9cMU6oL1EdyHbqrTfnjE8HpY164akBqe92LFVsk8RusaGsVPrMekT8emTq5y8v8CabuZg5rDs3f9NPEtogjyx49wiub1FecM5B7QqEcZSYiKHgF4mfkteT2" - ], - "capabilityDelegation": [ - "did:key:zgghBUVkqmWS8e1ioRVp2WN9Vw6x4NvnE9PGAyQsPqM3fnfPf8EdauiRVfBTcVDyzhqM5FFC7ekAvuV1cJHawtfgB9wDcru1hPDobk3hqyedijhgWmsYfJCmodkiiFnjNWATE7PvqTyoCjcmrc8yMRXmFPnoASyT5beUd4YZxTE9VfgmavcPy3BSouNmASMQ8xUXeiRwjb7xBaVTiDRjkmyPD7NYZdXuS93gFhyDFr5b3XLg7Rfj9nHEqtHDa7NmAX7iwDAbMUFEfiDEf9hrqZmpAYJracAjTTR8Cvn6mnDXMLwayNG8dcsXFodxok2qksYF4D8ffUxMRmyyQVQhhhmdSi4YaMPqTnC1J6HTG9Yfb98yGSVaWi4TApUhLXFow2ZvB6vqckCNhjCRL2R4MDUSk71qzxWHgezKyDeyThJgdxydrn1osqH94oSeA346eipkJvKqYREXBKwgB5VL6WF4qAK6sVZxJp2dQBfCPVZ4EbsBQaJXaVK7cNcWG8tZBFWZ79gG9Cu6C4u8yjBS8Ux6dCcJPUTLtixQu4z2n5dCsVSNdnP1EEs8ZerZo5pBgc68w4Yuf9KL3xVxPnAB1nRCBfs9cMU6oL1EdyHbqrTfnjE8HpY164akBqe92LFVsk8RusaGsVPrMekT8emTq5y8v8CabuZg5rDs3f9NPEtogjyx49wiub1FecM5B7QqEcZSYiKHgF4mfkteT2#zgghBUVkqmWS8e1ioRVp2WN9Vw6x4NvnE9PGAyQsPqM3fnfPf8EdauiRVfBTcVDyzhqM5FFC7ekAvuV1cJHawtfgB9wDcru1hPDobk3hqyedijhgWmsYfJCmodkiiFnjNWATE7PvqTyoCjcmrc8yMRXmFPnoASyT5beUd4YZxTE9VfgmavcPy3BSouNmASMQ8xUXeiRwjb7xBaVTiDRjkmyPD7NYZdXuS93gFhyDFr5b3XLg7Rfj9nHEqtHDa7NmAX7iwDAbMUFEfiDEf9hrqZmpAYJracAjTTR8Cvn6mnDXMLwayNG8dcsXFodxok2qksYF4D8ffUxMRmyyQVQhhhmdSi4YaMPqTnC1J6HTG9Yfb98yGSVaWi4TApUhLXFow2ZvB6vqckCNhjCRL2R4MDUSk71qzxWHgezKyDeyThJgdxydrn1osqH94oSeA346eipkJvKqYREXBKwgB5VL6WF4qAK6sVZxJp2dQBfCPVZ4EbsBQaJXaVK7cNcWG8tZBFWZ79gG9Cu6C4u8yjBS8Ux6dCcJPUTLtixQu4z2n5dCsVSNdnP1EEs8ZerZo5pBgc68w4Yuf9KL3xVxPnAB1nRCBfs9cMU6oL1EdyHbqrTfnjE8HpY164akBqe92LFVsk8RusaGsVPrMekT8emTq5y8v8CabuZg5rDs3f9NPEtogjyx49wiub1FecM5B7QqEcZSYiKHgF4mfkteT2" - ], - "capabilityInvocation": [ - "did:key:zgghBUVkqmWS8e1ioRVp2WN9Vw6x4NvnE9PGAyQsPqM3fnfPf8EdauiRVfBTcVDyzhqM5FFC7ekAvuV1cJHawtfgB9wDcru1hPDobk3hqyedijhgWmsYfJCmodkiiFnjNWATE7PvqTyoCjcmrc8yMRXmFPnoASyT5beUd4YZxTE9VfgmavcPy3BSouNmASMQ8xUXeiRwjb7xBaVTiDRjkmyPD7NYZdXuS93gFhyDFr5b3XLg7Rfj9nHEqtHDa7NmAX7iwDAbMUFEfiDEf9hrqZmpAYJracAjTTR8Cvn6mnDXMLwayNG8dcsXFodxok2qksYF4D8ffUxMRmyyQVQhhhmdSi4YaMPqTnC1J6HTG9Yfb98yGSVaWi4TApUhLXFow2ZvB6vqckCNhjCRL2R4MDUSk71qzxWHgezKyDeyThJgdxydrn1osqH94oSeA346eipkJvKqYREXBKwgB5VL6WF4qAK6sVZxJp2dQBfCPVZ4EbsBQaJXaVK7cNcWG8tZBFWZ79gG9Cu6C4u8yjBS8Ux6dCcJPUTLtixQu4z2n5dCsVSNdnP1EEs8ZerZo5pBgc68w4Yuf9KL3xVxPnAB1nRCBfs9cMU6oL1EdyHbqrTfnjE8HpY164akBqe92LFVsk8RusaGsVPrMekT8emTq5y8v8CabuZg5rDs3f9NPEtogjyx49wiub1FecM5B7QqEcZSYiKHgF4mfkteT2#zgghBUVkqmWS8e1ioRVp2WN9Vw6x4NvnE9PGAyQsPqM3fnfPf8EdauiRVfBTcVDyzhqM5FFC7ekAvuV1cJHawtfgB9wDcru1hPDobk3hqyedijhgWmsYfJCmodkiiFnjNWATE7PvqTyoCjcmrc8yMRXmFPnoASyT5beUd4YZxTE9VfgmavcPy3BSouNmASMQ8xUXeiRwjb7xBaVTiDRjkmyPD7NYZdXuS93gFhyDFr5b3XLg7Rfj9nHEqtHDa7NmAX7iwDAbMUFEfiDEf9hrqZmpAYJracAjTTR8Cvn6mnDXMLwayNG8dcsXFodxok2qksYF4D8ffUxMRmyyQVQhhhmdSi4YaMPqTnC1J6HTG9Yfb98yGSVaWi4TApUhLXFow2ZvB6vqckCNhjCRL2R4MDUSk71qzxWHgezKyDeyThJgdxydrn1osqH94oSeA346eipkJvKqYREXBKwgB5VL6WF4qAK6sVZxJp2dQBfCPVZ4EbsBQaJXaVK7cNcWG8tZBFWZ79gG9Cu6C4u8yjBS8Ux6dCcJPUTLtixQu4z2n5dCsVSNdnP1EEs8ZerZo5pBgc68w4Yuf9KL3xVxPnAB1nRCBfs9cMU6oL1EdyHbqrTfnjE8HpY164akBqe92LFVsk8RusaGsVPrMekT8emTq5y8v8CabuZg5rDs3f9NPEtogjyx49wiub1FecM5B7QqEcZSYiKHgF4mfkteT2" - ], - "keyAgreement": [ - "did:key:zgghBUVkqmWS8e1ioRVp2WN9Vw6x4NvnE9PGAyQsPqM3fnfPf8EdauiRVfBTcVDyzhqM5FFC7ekAvuV1cJHawtfgB9wDcru1hPDobk3hqyedijhgWmsYfJCmodkiiFnjNWATE7PvqTyoCjcmrc8yMRXmFPnoASyT5beUd4YZxTE9VfgmavcPy3BSouNmASMQ8xUXeiRwjb7xBaVTiDRjkmyPD7NYZdXuS93gFhyDFr5b3XLg7Rfj9nHEqtHDa7NmAX7iwDAbMUFEfiDEf9hrqZmpAYJracAjTTR8Cvn6mnDXMLwayNG8dcsXFodxok2qksYF4D8ffUxMRmyyQVQhhhmdSi4YaMPqTnC1J6HTG9Yfb98yGSVaWi4TApUhLXFow2ZvB6vqckCNhjCRL2R4MDUSk71qzxWHgezKyDeyThJgdxydrn1osqH94oSeA346eipkJvKqYREXBKwgB5VL6WF4qAK6sVZxJp2dQBfCPVZ4EbsBQaJXaVK7cNcWG8tZBFWZ79gG9Cu6C4u8yjBS8Ux6dCcJPUTLtixQu4z2n5dCsVSNdnP1EEs8ZerZo5pBgc68w4Yuf9KL3xVxPnAB1nRCBfs9cMU6oL1EdyHbqrTfnjE8HpY164akBqe92LFVsk8RusaGsVPrMekT8emTq5y8v8CabuZg5rDs3f9NPEtogjyx49wiub1FecM5B7QqEcZSYiKHgF4mfkteT2#zgghBUVkqmWS8e1ioRVp2WN9Vw6x4NvnE9PGAyQsPqM3fnfPf8EdauiRVfBTcVDyzhqM5FFC7ekAvuV1cJHawtfgB9wDcru1hPDobk3hqyedijhgWmsYfJCmodkiiFnjNWATE7PvqTyoCjcmrc8yMRXmFPnoASyT5beUd4YZxTE9VfgmavcPy3BSouNmASMQ8xUXeiRwjb7xBaVTiDRjkmyPD7NYZdXuS93gFhyDFr5b3XLg7Rfj9nHEqtHDa7NmAX7iwDAbMUFEfiDEf9hrqZmpAYJracAjTTR8Cvn6mnDXMLwayNG8dcsXFodxok2qksYF4D8ffUxMRmyyQVQhhhmdSi4YaMPqTnC1J6HTG9Yfb98yGSVaWi4TApUhLXFow2ZvB6vqckCNhjCRL2R4MDUSk71qzxWHgezKyDeyThJgdxydrn1osqH94oSeA346eipkJvKqYREXBKwgB5VL6WF4qAK6sVZxJp2dQBfCPVZ4EbsBQaJXaVK7cNcWG8tZBFWZ79gG9Cu6C4u8yjBS8Ux6dCcJPUTLtixQu4z2n5dCsVSNdnP1EEs8ZerZo5pBgc68w4Yuf9KL3xVxPnAB1nRCBfs9cMU6oL1EdyHbqrTfnjE8HpY164akBqe92LFVsk8RusaGsVPrMekT8emTq5y8v8CabuZg5rDs3f9NPEtogjyx49wiub1FecM5B7QqEcZSYiKHgF4mfkteT2" - ] - } - } -} diff --git a/did/testvectors/secp256k1.json b/did/testvectors/secp256k1.json deleted file mode 100644 index d7d9948..0000000 --- a/did/testvectors/secp256k1.json +++ /dev/null @@ -1,257 +0,0 @@ -{ - "did:key:zQ3shokFTS3brHcDQrn82RUDfCZESWL1ZdCEJwekUDPQiYBme": { - "seed": "9085d2bef69286a6cbb51623c8fa258629945cd55ca705cc4e66700396894e0c", - "verificationKeyPair": { - "id": "#zQ3shokFTS3brHcDQrn82RUDfCZESWL1ZdCEJwekUDPQiYBme", - "type": "EcdsaSecp256k1VerificationKey2019", - "controller": "did:key:zQ3shokFTS3brHcDQrn82RUDfCZESWL1ZdCEJwekUDPQiYBme", - "publicKeyBase58": "23o6Sau8NxxzXcgSc3PLcNxrzrZpbLeBn1izfv3jbKhuv", - "privateKeyBase58": "AjA4cyPUbbfW5wr6iZeRbJLhgH3qDt6q6LMkRw36KpxT" - }, - "didDocument": { - "@context": [ - "https://www.w3.org/ns/did/v1", - "https://w3id.org/security/suites/secp256k1-2019/v1" - ], - "id": "did:key:zQ3shokFTS3brHcDQrn82RUDfCZESWL1ZdCEJwekUDPQiYBme", - "verificationMethod": [ - { - "id": "did:key:zQ3shokFTS3brHcDQrn82RUDfCZESWL1ZdCEJwekUDPQiYBme#zQ3shokFTS3brHcDQrn82RUDfCZESWL1ZdCEJwekUDPQiYBme", - "type": "EcdsaSecp256k1VerificationKey2019", - "controller": "did:key:zQ3shokFTS3brHcDQrn82RUDfCZESWL1ZdCEJwekUDPQiYBme", - "publicKeyBase58": "23o6Sau8NxxzXcgSc3PLcNxrzrZpbLeBn1izfv3jbKhuv" - } - ], - "assertionMethod": [ - "did:key:zQ3shokFTS3brHcDQrn82RUDfCZESWL1ZdCEJwekUDPQiYBme#zQ3shokFTS3brHcDQrn82RUDfCZESWL1ZdCEJwekUDPQiYBme" - ], - "authentication": [ - "did:key:zQ3shokFTS3brHcDQrn82RUDfCZESWL1ZdCEJwekUDPQiYBme#zQ3shokFTS3brHcDQrn82RUDfCZESWL1ZdCEJwekUDPQiYBme" - ], - "capabilityInvocation": [ - "did:key:zQ3shokFTS3brHcDQrn82RUDfCZESWL1ZdCEJwekUDPQiYBme#zQ3shokFTS3brHcDQrn82RUDfCZESWL1ZdCEJwekUDPQiYBme" - ], - "capabilityDelegation": [ - "did:key:zQ3shokFTS3brHcDQrn82RUDfCZESWL1ZdCEJwekUDPQiYBme#zQ3shokFTS3brHcDQrn82RUDfCZESWL1ZdCEJwekUDPQiYBme" - ], - "keyAgreement": [ - "did:key:zQ3shokFTS3brHcDQrn82RUDfCZESWL1ZdCEJwekUDPQiYBme#zQ3shokFTS3brHcDQrn82RUDfCZESWL1ZdCEJwekUDPQiYBme" - ] - } - }, - "did:key:zQ3shtxV1FrJfhqE1dvxYRcCknWNjHc3c5X1y3ZSoPDi2aur2": { - "seed": "f0f4df55a2b3ff13051ea814a8f24ad00f2e469af73c363ac7e9fb999a9072ed", - "verificationKeyPair": { - "id": "#zQ3shtxV1FrJfhqE1dvxYRcCknWNjHc3c5X1y3ZSoPDi2aur2", - "type": "EcdsaSecp256k1VerificationKey2019", - "controller": "did:key:zQ3shtxV1FrJfhqE1dvxYRcCknWNjHc3c5X1y3ZSoPDi2aur2", - "publicKeyBase58": "291KzQhqCPC18PqH83XKhxv1HdqrdnxyS7dh15t2uNRzJ", - "privateKeyBase58": "HDbR1D5W3CoNbUKYzUbHH2PRF1atshtVupXgXTQhNB9E" - }, - "didDocument": { - "@context": [ - "https://www.w3.org/ns/did/v1", - "https://w3id.org/security/suites/secp256k1-2019/v1" - ], - "id": "did:key:zQ3shtxV1FrJfhqE1dvxYRcCknWNjHc3c5X1y3ZSoPDi2aur2", - "verificationMethod": [ - { - "id": "did:key:zQ3shtxV1FrJfhqE1dvxYRcCknWNjHc3c5X1y3ZSoPDi2aur2#zQ3shtxV1FrJfhqE1dvxYRcCknWNjHc3c5X1y3ZSoPDi2aur2", - "type": "EcdsaSecp256k1VerificationKey2019", - "controller": "did:key:zQ3shtxV1FrJfhqE1dvxYRcCknWNjHc3c5X1y3ZSoPDi2aur2", - "publicKeyBase58": "291KzQhqCPC18PqH83XKhxv1HdqrdnxyS7dh15t2uNRzJ" - } - ], - "assertionMethod": [ - "did:key:zQ3shtxV1FrJfhqE1dvxYRcCknWNjHc3c5X1y3ZSoPDi2aur2#zQ3shtxV1FrJfhqE1dvxYRcCknWNjHc3c5X1y3ZSoPDi2aur2" - ], - "authentication": [ - "did:key:zQ3shtxV1FrJfhqE1dvxYRcCknWNjHc3c5X1y3ZSoPDi2aur2#zQ3shtxV1FrJfhqE1dvxYRcCknWNjHc3c5X1y3ZSoPDi2aur2" - ], - "capabilityInvocation": [ - "did:key:zQ3shtxV1FrJfhqE1dvxYRcCknWNjHc3c5X1y3ZSoPDi2aur2#zQ3shtxV1FrJfhqE1dvxYRcCknWNjHc3c5X1y3ZSoPDi2aur2" - ], - "capabilityDelegation": [ - "did:key:zQ3shtxV1FrJfhqE1dvxYRcCknWNjHc3c5X1y3ZSoPDi2aur2#zQ3shtxV1FrJfhqE1dvxYRcCknWNjHc3c5X1y3ZSoPDi2aur2" - ], - "keyAgreement": [ - "did:key:zQ3shtxV1FrJfhqE1dvxYRcCknWNjHc3c5X1y3ZSoPDi2aur2#zQ3shtxV1FrJfhqE1dvxYRcCknWNjHc3c5X1y3ZSoPDi2aur2" - ] - } - }, - "did:key:zQ3shZc2QzApp2oymGvQbzP8eKheVshBHbU4ZYjeXqwSKEn6N": { - "seed": "6b0b91287ae3348f8c2f2552d766f30e3604867e34adc37ccbb74a8e6b893e02", - "verificationKeyPair": { - "id": "#zQ3shZc2QzApp2oymGvQbzP8eKheVshBHbU4ZYjeXqwSKEn6N", - "type": "EcdsaSecp256k1VerificationKey2019", - "controller": "did:key:zQ3shZc2QzApp2oymGvQbzP8eKheVshBHbU4ZYjeXqwSKEn6N", - "publicKeyBase58": "oesQ92MLiAkt2pjBcJFbW7H4DvzKJv22cotjYbmC2JEe", - "privateKeyBase58": "8CrrWVdzDnvaS7vS5dd2HetFSebwEN46XEFrNDdtWZSZ" - }, - "didDocument": { - "@context": [ - "https://www.w3.org/ns/did/v1", - "https://w3id.org/security/suites/secp256k1-2019/v1" - ], - "id": "did:key:zQ3shZc2QzApp2oymGvQbzP8eKheVshBHbU4ZYjeXqwSKEn6N", - "verificationMethod": [ - { - "id": "did:key:zQ3shZc2QzApp2oymGvQbzP8eKheVshBHbU4ZYjeXqwSKEn6N#zQ3shZc2QzApp2oymGvQbzP8eKheVshBHbU4ZYjeXqwSKEn6N", - "type": "EcdsaSecp256k1VerificationKey2019", - "controller": "did:key:zQ3shZc2QzApp2oymGvQbzP8eKheVshBHbU4ZYjeXqwSKEn6N", - "publicKeyBase58": "oesQ92MLiAkt2pjBcJFbW7H4DvzKJv22cotjYbmC2JEe" - } - ], - "assertionMethod": [ - "did:key:zQ3shZc2QzApp2oymGvQbzP8eKheVshBHbU4ZYjeXqwSKEn6N#zQ3shZc2QzApp2oymGvQbzP8eKheVshBHbU4ZYjeXqwSKEn6N" - ], - "authentication": [ - "did:key:zQ3shZc2QzApp2oymGvQbzP8eKheVshBHbU4ZYjeXqwSKEn6N#zQ3shZc2QzApp2oymGvQbzP8eKheVshBHbU4ZYjeXqwSKEn6N" - ], - "capabilityInvocation": [ - "did:key:zQ3shZc2QzApp2oymGvQbzP8eKheVshBHbU4ZYjeXqwSKEn6N#zQ3shZc2QzApp2oymGvQbzP8eKheVshBHbU4ZYjeXqwSKEn6N" - ], - "capabilityDelegation": [ - "did:key:zQ3shZc2QzApp2oymGvQbzP8eKheVshBHbU4ZYjeXqwSKEn6N#zQ3shZc2QzApp2oymGvQbzP8eKheVshBHbU4ZYjeXqwSKEn6N" - ], - "keyAgreement": [ - "did:key:zQ3shZc2QzApp2oymGvQbzP8eKheVshBHbU4ZYjeXqwSKEn6N#zQ3shZc2QzApp2oymGvQbzP8eKheVshBHbU4ZYjeXqwSKEn6N" - ] - } - }, - "did:key:zQ3shadCps5JLAHcZiuX5YUtWHHL8ysBJqFLWvjZDKAWUBGzy": { - "seed": "c0a6a7c560d37d7ba81ecee9543721ff48fea3e0fb827d42c1868226540fac15", - "verificationKeyPair": { - "id": "#zQ3shadCps5JLAHcZiuX5YUtWHHL8ysBJqFLWvjZDKAWUBGzy", - "type": "EcdsaSecp256k1VerificationKey2019", - "controller": "did:key:zQ3shadCps5JLAHcZiuX5YUtWHHL8ysBJqFLWvjZDKAWUBGzy", - "publicKeyBase58": "pg3p1vprqePgUoqfAQ1TTgxhL6zLYhHyzooR1pqLxo9F", - "privateKeyBase58": "Dy2fnt8ba4NmbRBXas9bo1BtYgpYFr6ThpFhJbuA3PRn" - }, - "didDocument": { - "@context": [ - "https://www.w3.org/ns/did/v1", - "https://w3id.org/security/suites/secp256k1-2019/v1" - ], - "id": "did:key:zQ3shadCps5JLAHcZiuX5YUtWHHL8ysBJqFLWvjZDKAWUBGzy", - "verificationMethod": [ - { - "id": "did:key:zQ3shadCps5JLAHcZiuX5YUtWHHL8ysBJqFLWvjZDKAWUBGzy#zQ3shadCps5JLAHcZiuX5YUtWHHL8ysBJqFLWvjZDKAWUBGzy", - "type": "EcdsaSecp256k1VerificationKey2019", - "controller": "did:key:zQ3shadCps5JLAHcZiuX5YUtWHHL8ysBJqFLWvjZDKAWUBGzy", - "publicKeyBase58": "pg3p1vprqePgUoqfAQ1TTgxhL6zLYhHyzooR1pqLxo9F" - } - ], - "assertionMethod": [ - "did:key:zQ3shadCps5JLAHcZiuX5YUtWHHL8ysBJqFLWvjZDKAWUBGzy#zQ3shadCps5JLAHcZiuX5YUtWHHL8ysBJqFLWvjZDKAWUBGzy" - ], - "authentication": [ - "did:key:zQ3shadCps5JLAHcZiuX5YUtWHHL8ysBJqFLWvjZDKAWUBGzy#zQ3shadCps5JLAHcZiuX5YUtWHHL8ysBJqFLWvjZDKAWUBGzy" - ], - "capabilityInvocation": [ - "did:key:zQ3shadCps5JLAHcZiuX5YUtWHHL8ysBJqFLWvjZDKAWUBGzy#zQ3shadCps5JLAHcZiuX5YUtWHHL8ysBJqFLWvjZDKAWUBGzy" - ], - "capabilityDelegation": [ - "did:key:zQ3shadCps5JLAHcZiuX5YUtWHHL8ysBJqFLWvjZDKAWUBGzy#zQ3shadCps5JLAHcZiuX5YUtWHHL8ysBJqFLWvjZDKAWUBGzy" - ], - "keyAgreement": [ - "did:key:zQ3shadCps5JLAHcZiuX5YUtWHHL8ysBJqFLWvjZDKAWUBGzy#zQ3shadCps5JLAHcZiuX5YUtWHHL8ysBJqFLWvjZDKAWUBGzy" - ] - } - }, - "did:key:zQ3shptjE6JwdkeKN4fcpnYQY3m9Cet3NiHdAfpvSUZBFoKBj": { - "seed": "175a232d440be1e0788f25488a73d9416c04b6f924bea6354bf05dd2f1a75133", - "verificationKeyPair": { - "id": "#zQ3shptjE6JwdkeKN4fcpnYQY3m9Cet3NiHdAfpvSUZBFoKBj", - "type": "EcdsaSecp256k1VerificationKey2019", - "controller": "did:key:zQ3shptjE6JwdkeKN4fcpnYQY3m9Cet3NiHdAfpvSUZBFoKBj", - "publicKeyBase58": "24waDFAUAS16UpZwQQTXVEAmm17rQRjadjuAeBDW8aqL1", - "privateKeyBase58": "2aA6WgZnPiVMBX3LvKSTg3KaFKyzfKpvEacixB3yyTgv" - }, - "didDocument": { - "@context": [ - "https://www.w3.org/ns/did/v1", - "https://w3id.org/security/suites/secp256k1-2019/v1" - ], - "id": "did:key:zQ3shptjE6JwdkeKN4fcpnYQY3m9Cet3NiHdAfpvSUZBFoKBj", - "verificationMethod": [ - { - "id": "did:key:zQ3shptjE6JwdkeKN4fcpnYQY3m9Cet3NiHdAfpvSUZBFoKBj#zQ3shptjE6JwdkeKN4fcpnYQY3m9Cet3NiHdAfpvSUZBFoKBj", - "type": "EcdsaSecp256k1VerificationKey2019", - "controller": "did:key:zQ3shptjE6JwdkeKN4fcpnYQY3m9Cet3NiHdAfpvSUZBFoKBj", - "publicKeyBase58": "24waDFAUAS16UpZwQQTXVEAmm17rQRjadjuAeBDW8aqL1" - } - ], - "assertionMethod": [ - "did:key:zQ3shptjE6JwdkeKN4fcpnYQY3m9Cet3NiHdAfpvSUZBFoKBj#zQ3shptjE6JwdkeKN4fcpnYQY3m9Cet3NiHdAfpvSUZBFoKBj" - ], - "authentication": [ - "did:key:zQ3shptjE6JwdkeKN4fcpnYQY3m9Cet3NiHdAfpvSUZBFoKBj#zQ3shptjE6JwdkeKN4fcpnYQY3m9Cet3NiHdAfpvSUZBFoKBj" - ], - "capabilityInvocation": [ - "did:key:zQ3shptjE6JwdkeKN4fcpnYQY3m9Cet3NiHdAfpvSUZBFoKBj#zQ3shptjE6JwdkeKN4fcpnYQY3m9Cet3NiHdAfpvSUZBFoKBj" - ], - "capabilityDelegation": [ - "did:key:zQ3shptjE6JwdkeKN4fcpnYQY3m9Cet3NiHdAfpvSUZBFoKBj#zQ3shptjE6JwdkeKN4fcpnYQY3m9Cet3NiHdAfpvSUZBFoKBj" - ], - "keyAgreement": [ - "did:key:zQ3shptjE6JwdkeKN4fcpnYQY3m9Cet3NiHdAfpvSUZBFoKBj#zQ3shptjE6JwdkeKN4fcpnYQY3m9Cet3NiHdAfpvSUZBFoKBj" - ] - } - }, - "did:key:zQ3shjmnWpSDEbYKpaFm4kTs9kXyqG6N2QwCYHNPP4yubqgJS": { - "verificationKeyPair": { - "id": "did:key:zQ3shjmnWpSDEbYKpaFm4kTs9kXyqG6N2QwCYHNPP4yubqgJS#zQ3shjmnWpSDEbYKpaFm4kTs9kXyqG6N2QwCYHNPP4yubqgJS", - "type": "JsonWebKey2020", - "controller": "did:key:zQ3shjmnWpSDEbYKpaFm4kTs9kXyqG6N2QwCYHNPP4yubqgJS", - "publicKeyJwk": { - "kty": "EC", - "crv": "secp256k1", - "x": "TEIJN9vnTq1EXMkqzo7yN_867-foKc2pREv45Fw_QA8", - "y": "9yiymlzdxKCiRbYq7p-ArRB-C1ytjHE-eb7RDTi6rVc" - }, - "privateKeyJwk": { - "kty": "EC", - "crv": "secp256k1", - "x": "TEIJN9vnTq1EXMkqzo7yN_867-foKc2pREv45Fw_QA8", - "y": "9yiymlzdxKCiRbYq7p-ArRB-C1ytjHE-eb7RDTi6rVc", - "d": "J5yKm7OXFsXDEutteGYeT0CAfQJwIlHLSYkQxKtgiyo" - } - }, - "didDocument": { - "@context": [ - "https://www.w3.org/ns/did/v1", - "https://w3id.org/security/suites/jws-2020/v1" - ], - "id": "did:key:zQ3shjmnWpSDEbYKpaFm4kTs9kXyqG6N2QwCYHNPP4yubqgJS", - "verificationMethod": [ - { - "id": "did:key:zQ3shjmnWpSDEbYKpaFm4kTs9kXyqG6N2QwCYHNPP4yubqgJS#zQ3shjmnWpSDEbYKpaFm4kTs9kXyqG6N2QwCYHNPP4yubqgJS", - "type": "JsonWebKey2020", - "controller": "did:key:zQ3shjmnWpSDEbYKpaFm4kTs9kXyqG6N2QwCYHNPP4yubqgJS", - "publicKeyJwk": { - "kty": "EC", - "crv": "secp256k1", - "x": "TEIJN9vnTq1EXMkqzo7yN_867-foKc2pREv45Fw_QA8", - "y": "9yiymlzdxKCiRbYq7p-ArRB-C1ytjHE-eb7RDTi6rVc" - } - } - ], - "assertionMethod": [ - "did:key:zQ3shjmnWpSDEbYKpaFm4kTs9kXyqG6N2QwCYHNPP4yubqgJS#zQ3shjmnWpSDEbYKpaFm4kTs9kXyqG6N2QwCYHNPP4yubqgJS" - ], - "authentication": [ - "did:key:zQ3shjmnWpSDEbYKpaFm4kTs9kXyqG6N2QwCYHNPP4yubqgJS#zQ3shjmnWpSDEbYKpaFm4kTs9kXyqG6N2QwCYHNPP4yubqgJS" - ], - "capabilityInvocation": [ - "did:key:zQ3shjmnWpSDEbYKpaFm4kTs9kXyqG6N2QwCYHNPP4yubqgJS#zQ3shjmnWpSDEbYKpaFm4kTs9kXyqG6N2QwCYHNPP4yubqgJS" - ], - "capabilityDelegation": [ - "did:key:zQ3shjmnWpSDEbYKpaFm4kTs9kXyqG6N2QwCYHNPP4yubqgJS#zQ3shjmnWpSDEbYKpaFm4kTs9kXyqG6N2QwCYHNPP4yubqgJS" - ], - "keyAgreement": [ - "did:key:zQ3shjmnWpSDEbYKpaFm4kTs9kXyqG6N2QwCYHNPP4yubqgJS#zQ3shjmnWpSDEbYKpaFm4kTs9kXyqG6N2QwCYHNPP4yubqgJS" - ] - } - } -} diff --git a/did/testvectors/vectors.go b/did/testvectors/vectors.go deleted file mode 100644 index 6e3cc2d..0000000 --- a/did/testvectors/vectors.go +++ /dev/null @@ -1,163 +0,0 @@ -//go:build jwx_es256k - -package testvectors - -import ( - "crypto/ecdsa" - "crypto/ed25519" - "crypto/elliptic" - "crypto/rsa" - "crypto/x509" - "encoding/json" - "errors" - - "github.com/decred/dcrd/dcrec/secp256k1/v4" - "github.com/lestrrat-go/jwx/v2/jwk" - "github.com/libp2p/go-libp2p/core/crypto" - "github.com/mr-tron/base58" -) - -type Vectors map[string]Vector - -// This is pretty gross but the structure allows the repeated Verifier, -// PublicKeyJwk and PublicKeyBase58 account for the fact that the test -// files are very inconsistent. -type Vector struct { - VerificationKeyPair Verifier - VerificationMethod Verifier - PublicKeyJwk json.RawMessage - DidDocument json.RawMessage // TODO: if we start producing DID documents, we should test this too -} - -type Verifier struct { - ID string - Type string - PublicKeyBase58 string - PublicKeyJwk json.RawMessage -} - -func (v Vector) PubKey() (crypto.PubKey, error) { - // If the public key is in base58 - if pubB58 := v.PubKeyBase58(); len(pubB58) > 0 { - pubBytes, err := base58.Decode(pubB58) - if err != nil { - return nil, err - } - - t, err := v.PubKeyType() - if err != nil { - return nil, err - } - - var unmarshaler crypto.PubKeyUnmarshaller - - switch t { - case "Ed25519VerificationKey2018": - unmarshaler = crypto.UnmarshalEd25519PublicKey - case "EcdsaSecp256k1VerificationKey2019": - unmarshaler = crypto.UnmarshalSecp256k1PublicKey - // This is weak as it assumes the P256 curve - that's all the vectors contain (for now) - case "P256Key2021": - unmarshaler = compressedEcdsaPublicKeyUnmarshaler - default: - return nil, errors.New("failed to resolve unmarshaler") - } - - return unmarshaler(pubBytes) - } - - // If the public key is in a JWK - if pubJwk := v.PubKeyJwk(); len(pubJwk) > 0 { - key, err := jwk.ParseKey(pubJwk) - if err != nil { - return nil, err - } - - var a any - - if err := key.Raw(&a); err != nil { - return nil, err - } - - switch a.(type) { - case *ecdsa.PublicKey: - epub := a.(*ecdsa.PublicKey) - - if epub.Curve == secp256k1.S256() { - bytes := append([]byte{0x04}, append(epub.X.Bytes(), epub.Y.Bytes()...)...) - - return crypto.UnmarshalSecp256k1PublicKey(bytes) - } - - asn1, err := x509.MarshalPKIXPublicKey(epub) - if err != nil { - return nil, err - } - - return crypto.UnmarshalECDSAPublicKey(asn1) - case ed25519.PublicKey: - return crypto.UnmarshalEd25519PublicKey(a.(ed25519.PublicKey)) - case *rsa.PublicKey: - asn1, err := x509.MarshalPKIXPublicKey(a.(*rsa.PublicKey)) - if err != nil { - return nil, err - } - - return crypto.UnmarshalRsaPublicKey(asn1) - default: - return nil, errors.New("unsupported key type") - } - } - - // If we don't find a public key at all - return nil, errors.New("vector's public key not found") -} - -func (v Vector) PubKeyBase58() string { - if len(v.VerificationKeyPair.PublicKeyBase58) > 0 { - return v.VerificationKeyPair.PublicKeyBase58 - } - - return v.VerificationMethod.PublicKeyBase58 -} - -func (v Vector) PubKeyJwk() json.RawMessage { - if len(v.VerificationKeyPair.PublicKeyJwk) > 0 { - return v.VerificationKeyPair.PublicKeyJwk - } - - if len(v.VerificationMethod.PublicKeyJwk) > 0 { - return v.VerificationMethod.PublicKeyJwk - } - - return v.PublicKeyJwk -} - -func (v Vector) PubKeyType() (string, error) { - if len(v.VerificationKeyPair.Type) > 0 { - return v.VerificationKeyPair.Type, nil - } - - if len(v.VerificationMethod.Type) > 0 { - return v.VerificationMethod.Type, nil - } - - return "", errors.New("vector's type not found") -} - -func compressedEcdsaPublicKeyUnmarshaler(data []byte) (crypto.PubKey, error) { - x, y := elliptic.UnmarshalCompressed(elliptic.P256(), data) - - ecdsaPublicKey := ecdsa.PublicKey{ - Curve: elliptic.P256(), - X: x, - Y: y, - } - - asn1, err := x509.MarshalPKIXPublicKey(&ecdsaPublicKey) - if err != nil { - return nil, err - } - - return crypto.UnmarshalECDSAPublicKey(asn1) -} diff --git a/did/testvectors/x25519.json b/did/testvectors/x25519.json deleted file mode 100644 index 6d02e43..0000000 --- a/did/testvectors/x25519.json +++ /dev/null @@ -1,80 +0,0 @@ -{ - "didDocument": { - "did:key:z6LSeu9HkTHSfLLeUs2nnzUSNedgDUevfNQgQjQC23ZCit6F": { - "@context": [ - "https://www.w3.org/ns/did/v1", - "https://w3id.org/security/suites/x25519-2019/v1" - ], - "id": "did:key:z6LSeu9HkTHSfLLeUs2nnzUSNedgDUevfNQgQjQC23ZCit6F", - "verificationMethod": [ - { - "id": "did:key:z6LSeu9HkTHSfLLeUs2nnzUSNedgDUevfNQgQjQC23ZCit6F#z6LSeu9HkTHSfLLeUs2nnzUSNedgDUevfNQgQjQC23ZCit6F", - "type": "X25519KeyAgreementKey2019", - "controller": "did:key:z6LSeu9HkTHSfLLeUs2nnzUSNedgDUevfNQgQjQC23ZCit6F", - "publicKeyBase58": "4Dy8E9UaZscuPUf2GLxV44RCNL7oxmEXXkgWXaug1WKV" - } - ], - "keyAgreement": [ - "did:key:z6LSeu9HkTHSfLLeUs2nnzUSNedgDUevfNQgQjQC23ZCit6F#z6LSeu9HkTHSfLLeUs2nnzUSNedgDUevfNQgQjQC23ZCit6F" - ] - }, - "did:key:z6LStiZsmxiK4odS4Sb6JmdRFuJ6e1SYP157gtiCyJKfrYha": { - "@context": [ - "https://www.w3.org/ns/did/v1", - "https://w3id.org/security/suites/x25519-2019/v1" - ], - "id": "did:key:z6LStiZsmxiK4odS4Sb6JmdRFuJ6e1SYP157gtiCyJKfrYha", - "verificationMethod": [ - { - "id": "did:key:z6LStiZsmxiK4odS4Sb6JmdRFuJ6e1SYP157gtiCyJKfrYha#z6LStiZsmxiK4odS4Sb6JmdRFuJ6e1SYP157gtiCyJKfrYha", - "type": "X25519KeyAgreementKey2019", - "controller": "did:key:z6LStiZsmxiK4odS4Sb6JmdRFuJ6e1SYP157gtiCyJKfrYha", - "publicKeyBase58": "J3PiFeuSyLugy4DKn87TwK5cnruRgPtxouzXUqg99Avp" - } - ], - "keyAgreement": [ - "did:key:z6LStiZsmxiK4odS4Sb6JmdRFuJ6e1SYP157gtiCyJKfrYha#z6LStiZsmxiK4odS4Sb6JmdRFuJ6e1SYP157gtiCyJKfrYha" - ] - }, - "did:key:z6LSoMdmJz2Djah2P4L9taDmtqeJ6wwd2HhKZvNToBmvaczQ": { - "@context": [ - "https://www.w3.org/ns/did/v1", - "https://w3id.org/security/suites/x25519-2019/v1" - ], - "id": "did:key:z6LSoMdmJz2Djah2P4L9taDmtqeJ6wwd2HhKZvNToBmvaczQ", - "verificationMethod": [ - { - "id": "did:key:z6LSoMdmJz2Djah2P4L9taDmtqeJ6wwd2HhKZvNToBmvaczQ#z6LSoMdmJz2Djah2P4L9taDmtqeJ6wwd2HhKZvNToBmvaczQ", - "type": "X25519KeyAgreementKey2019", - "controller": "did:key:z6LSoMdmJz2Djah2P4L9taDmtqeJ6wwd2HhKZvNToBmvaczQ", - "publicKeyBase58": "CgTbngDMe7yHHfxPMvhpaFRpFoQWKgXAgwenJj8PsFDe" - } - ], - "keyAgreement": [ - "did:key:z6LSoMdmJz2Djah2P4L9taDmtqeJ6wwd2HhKZvNToBmvaczQ#z6LSoMdmJz2Djah2P4L9taDmtqeJ6wwd2HhKZvNToBmvaczQ" - ] - }, - "did:key:z6LSrzxMVydCourtpA6JLEYupT7ZUQ34hLfQZfRN5H47zLdz": { - "@context": [ - "https://www.w3.org/ns/did/v1", - "https://w3id.org/security/suites/jws-2020/v1" - ], - "id": "did:key:z6LSrzxMVydCourtpA6JLEYupT7ZUQ34hLfQZfRN5H47zLdz", - "verificationMethod": [ - { - "id": "did:key:z6LSrzxMVydCourtpA6JLEYupT7ZUQ34hLfQZfRN5H47zLdz#z6LSrzxMVydCourtpA6JLEYupT7ZUQ34hLfQZfRN5H47zLdz", - "type": "JsonWebKey2020", - "controller": "did:key:z6LSrzxMVydCourtpA6JLEYupT7ZUQ34hLfQZfRN5H47zLdz", - "publicKeyJwk": { - "kty": "OKP", - "crv": "X25519", - "x": "467ap28wHJGEXJAb4mLrokqq8A-txA_KmoQTcj31XzU" - } - } - ], - "keyAgreement": [ - "did:key:z6LSrzxMVydCourtpA6JLEYupT7ZUQ34hLfQZfRN5H47zLdz#z6LSrzxMVydCourtpA6JLEYupT7ZUQ34hLfQZfRN5H47zLdz" - ] - } - } -} diff --git a/go.mod b/go.mod index 0a4a91f..0d2e68f 100644 --- a/go.mod +++ b/go.mod @@ -1,42 +1,34 @@ module github.com/ucan-wg/go-ucan -go 1.23 +go 1.24.4 + +toolchain go1.24.5 require ( - github.com/decred/dcrd/dcrec/secp256k1/v4 v4.3.0 + github.com/MetaMask/go-did-it v0.0.0-20250730165819-a7ebe989e01b github.com/ipfs/go-cid v0.5.0 github.com/ipld/go-ipld-prime v0.21.0 - github.com/lestrrat-go/jwx/v2 v2.1.3 - github.com/libp2p/go-libp2p v0.33.0 - github.com/mr-tron/base58 v1.2.0 github.com/multiformats/go-multibase v0.2.0 github.com/multiformats/go-multicodec v0.9.0 github.com/multiformats/go-multihash v0.2.3 - github.com/multiformats/go-varint v0.0.7 github.com/stretchr/testify v1.10.0 - golang.org/x/crypto v0.32.0 - gotest.tools/v3 v3.5.1 + github.com/ucan-wg/go-varsig v1.0.0-pre6 + golang.org/x/crypto v0.40.0 ) require ( github.com/davecgh/go-spew v1.1.1 // indirect - github.com/goccy/go-json v0.10.3 // indirect - github.com/google/go-cmp v0.5.9 // indirect + github.com/decred/dcrd/dcrec/secp256k1/v4 v4.4.0 // indirect github.com/klauspost/cpuid/v2 v2.2.9 // indirect - github.com/lestrrat-go/blackmagic v1.0.2 // indirect - github.com/lestrrat-go/httpcc v1.0.1 // indirect - github.com/lestrrat-go/httprc v1.0.6 // indirect - github.com/lestrrat-go/iter v1.0.2 // indirect - github.com/lestrrat-go/option v1.0.1 // indirect github.com/minio/sha256-simd v1.0.1 // indirect + github.com/mr-tron/base58 v1.2.0 // indirect github.com/multiformats/go-base32 v0.1.0 // indirect github.com/multiformats/go-base36 v0.2.0 // indirect + github.com/multiformats/go-varint v0.0.7 // indirect github.com/pmezard/go-difflib v1.0.0 // indirect github.com/polydawn/refmt v0.89.0 // indirect - github.com/segmentio/asm v1.2.0 // indirect github.com/spaolacci/murmur3 v1.1.0 // indirect - golang.org/x/sys v0.29.0 // indirect - google.golang.org/protobuf v1.36.0 // indirect + golang.org/x/sys v0.34.0 // indirect gopkg.in/check.v1 v1.0.0-20190902080502-41f04d3bba15 // indirect gopkg.in/yaml.v3 v3.0.1 // indirect lukechampine.com/blake3 v1.3.0 // indirect diff --git a/go.sum b/go.sum index 1ae6098..347fd47 100644 --- a/go.sum +++ b/go.sum @@ -1,17 +1,16 @@ github.com/BurntSushi/toml v0.3.1/go.mod h1:xHWCNGjB5oqiDr8zfno3MHue2Ht5sIBksp03qcyfWMU= +github.com/MetaMask/go-did-it v0.0.0-20250730165819-a7ebe989e01b h1:5whMOaNgR+pkjdfk5Vvj8m5WYQRkfCHzO0ZI0Vu+jpw= +github.com/MetaMask/go-did-it v0.0.0-20250730165819-a7ebe989e01b/go.mod h1:82WNXsHTCp5ZXmBokhCwInrNaQYeIZsS7SnvwQwVaTo= github.com/cpuguy83/go-md2man/v2 v2.0.0-20190314233015-f79a8a8ca69d/go.mod h1:maD7wRr/U5Z6m/iR4s+kqSMx2CaBsrgA7czyZG/E6dU= -github.com/davecgh/go-spew v1.1.0/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38= github.com/davecgh/go-spew v1.1.1 h1:vj9j/u1bqnvCEfJOwUhtlOARqs3+rkHYY13jYWTU97c= github.com/davecgh/go-spew v1.1.1/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38= -github.com/decred/dcrd/crypto/blake256 v1.0.1 h1:7PltbUIQB7u/FfZ39+DGa/ShuMyJ5ilcvdfma9wOH6Y= -github.com/decred/dcrd/crypto/blake256 v1.0.1/go.mod h1:2OfgNZ5wDpcsFmHmCK5gZTPcCXqlm2ArzUIkw9czNJo= -github.com/decred/dcrd/dcrec/secp256k1/v4 v4.3.0 h1:rpfIENRNNilwHwZeG5+P150SMrnNEcHYvcCuK6dPZSg= -github.com/decred/dcrd/dcrec/secp256k1/v4 v4.3.0/go.mod h1:v57UDF4pDQJcEfFUCRop3lJL149eHGSe9Jvczhzjo/0= +github.com/decred/dcrd/crypto/blake256 v1.1.0 h1:zPMNGQCm0g4QTY27fOCorQW7EryeQ/U0x++OzVrdms8= +github.com/decred/dcrd/crypto/blake256 v1.1.0/go.mod h1:2OfgNZ5wDpcsFmHmCK5gZTPcCXqlm2ArzUIkw9czNJo= +github.com/decred/dcrd/dcrec/secp256k1/v4 v4.4.0 h1:NMZiJj8QnKe1LgsbDayM4UoHwbvwDRwnI3hwNaAHRnc= +github.com/decred/dcrd/dcrec/secp256k1/v4 v4.4.0/go.mod h1:ZXNYxsqcloTdSy/rNShjYzMhyjf0LaoftYK0p+A3h40= github.com/frankban/quicktest v1.14.6 h1:7Xjx+VpznH+oBnejlPUj8oUpdxnVs4f8XU8WnHkI4W8= github.com/frankban/quicktest v1.14.6/go.mod h1:4ptaffx2x8+WTWXmUCuVU6aPUX1/Mz7zb5vbUoiM6w0= github.com/go-yaml/yaml v2.1.0+incompatible/go.mod h1:w2MrLa16VYP0jy6N7M5kHaCkaLENm+P+Tv+MfurjSw0= -github.com/goccy/go-json v0.10.3 h1:KZ5WoDbxAIgm2HNbYckL0se1fHD6rz5j4ywS6ebzDqA= -github.com/goccy/go-json v0.10.3/go.mod h1:oq7eo15ShAhp70Anwd5lgX2pLfOS3QCiwU/PULtXL6M= github.com/google/go-cmp v0.5.9 h1:O2Tfq5qg4qc4AmwVlvv0oLiVAGB7enBSJ2x2DqQFi38= github.com/google/go-cmp v0.5.9/go.mod h1:17dUlkBOakJ0+DkrSSNjCkIjxS6bF9zb3elmeNGIjoY= github.com/gopherjs/gopherjs v0.0.0-20181017120253-0766667cb4d1 h1:EGx4pi6eqNxGaHF6qqu48+N2wcFQ5qg5FXgOdqsJ5d8= @@ -28,22 +27,6 @@ github.com/kr/pretty v0.3.1 h1:flRD4NNwYAUpkphVc1HcthR4KEIFJ65n8Mw5qdRn3LE= github.com/kr/pretty v0.3.1/go.mod h1:hoEshYVHaxMs3cyo3Yncou5ZscifuDolrwPKZanG3xk= github.com/kr/text v0.2.0 h1:5Nx0Ya0ZqY2ygV366QzturHI13Jq95ApcVaJBhpS+AY= github.com/kr/text v0.2.0/go.mod h1:eLer722TekiGuMkidMxC/pM04lWEeraHUUmBw8l2grE= -github.com/lestrrat-go/blackmagic v1.0.2 h1:Cg2gVSc9h7sz9NOByczrbUvLopQmXrfFx//N+AkAr5k= -github.com/lestrrat-go/blackmagic v1.0.2/go.mod h1:UrEqBzIR2U6CnzVyUtfM6oZNMt/7O7Vohk2J0OGSAtU= -github.com/lestrrat-go/httpcc v1.0.1 h1:ydWCStUeJLkpYyjLDHihupbn2tYmZ7m22BGkcvZZrIE= -github.com/lestrrat-go/httpcc v1.0.1/go.mod h1:qiltp3Mt56+55GPVCbTdM9MlqhvzyuL6W/NMDA8vA5E= -github.com/lestrrat-go/httprc v1.0.6 h1:qgmgIRhpvBqexMJjA/PmwSvhNk679oqD1RbovdCGW8k= -github.com/lestrrat-go/httprc v1.0.6/go.mod h1:mwwz3JMTPBjHUkkDv/IGJ39aALInZLrhBp0X7KGUZlo= -github.com/lestrrat-go/iter v1.0.2 h1:gMXo1q4c2pHmC3dn8LzRhJfP1ceCbgSiT9lUydIzltI= -github.com/lestrrat-go/iter v1.0.2/go.mod h1:Momfcq3AnRlRjI5b5O8/G5/BvpzrhoFTZcn06fEOPt4= -github.com/lestrrat-go/jwx/v2 v2.1.3 h1:Ud4lb2QuxRClYAmRleF50KrbKIoM1TddXgBrneT5/Jo= -github.com/lestrrat-go/jwx/v2 v2.1.3/go.mod h1:q6uFgbgZfEmQrfJfrCo90QcQOcXFMfbI/fO0NqRtvZo= -github.com/lestrrat-go/option v1.0.1 h1:oAzP2fvZGQKWkvHa1/SAcFolBEca1oN+mQ7eooNBEYU= -github.com/lestrrat-go/option v1.0.1/go.mod h1:5ZHFbivi4xwXxhxY9XHDe2FHo6/Z7WWmtT7T5nBBp3I= -github.com/libp2p/go-buffer-pool v0.1.0 h1:oK4mSFcQz7cTQIfqbe4MIj9gLW+mnanjyFtc6cdF0Y8= -github.com/libp2p/go-buffer-pool v0.1.0/go.mod h1:N+vh8gMqimBzdKkSMVuydVDq+UV5QTWy5HSiZacSbPg= -github.com/libp2p/go-libp2p v0.33.0 h1:yTPSr8sJRbfeEYXyeN8VPVSlTlFjtMUwGDRniwaf/xQ= -github.com/libp2p/go-libp2p v0.33.0/go.mod h1:RIJFRQVUBKy82dnW7J5f1homqqv6NcsDJAl3e7CRGfE= github.com/minio/sha256-simd v1.0.1 h1:6kaan5IFmwTNynnKKpDHe6FWHohJOHhCPchzK49dzMM= github.com/minio/sha256-simd v1.0.1/go.mod h1:Pz6AKMiUdngCLpeTL/RJY1M9rUuPMYujV5xJjtbRSN8= github.com/mr-tron/base58 v1.2.0 h1:T/HDJBh4ZCPbU39/+c3rRvE0uKBQlU27+QI8LJ4t64o= @@ -52,8 +35,6 @@ github.com/multiformats/go-base32 v0.1.0 h1:pVx9xoSPqEIQG8o+UbAe7DNi51oej1NtK+aG github.com/multiformats/go-base32 v0.1.0/go.mod h1:Kj3tFY6zNr+ABYMqeUNeGvkIC/UYgtWibDcT0rExnbI= github.com/multiformats/go-base36 v0.2.0 h1:lFsAbNOGeKtuKozrtBsAkSVhv1p9D0/qedU9rQyccr0= github.com/multiformats/go-base36 v0.2.0/go.mod h1:qvnKE++v+2MWCfePClUEjE78Z7P2a1UV0xHgWc0hkp4= -github.com/multiformats/go-multiaddr v0.12.2 h1:9G9sTY/wCYajKa9lyfWPmpZAwe6oV+Wb1zcmMS1HG24= -github.com/multiformats/go-multiaddr v0.12.2/go.mod h1:GKyaTYjZRdcUhyOetrxTk9z0cW+jA/YrnqTOvKgi44M= github.com/multiformats/go-multibase v0.2.0 h1:isdYCVLvksgWlMW9OZRYJEa9pZETFivncJHmHnnd87g= github.com/multiformats/go-multibase v0.2.0/go.mod h1:bFBZX4lKCA/2lyOFSAoKH5SS6oPyjtnzK/XTFDPkNuk= github.com/multiformats/go-multicodec v0.9.0 h1:pb/dlPnzee/Sxv/j4PmkDRxCOi3hXTz3IbPKOXWJkmg= @@ -69,8 +50,6 @@ github.com/polydawn/refmt v0.89.0/go.mod h1:/zvteZs/GwLtCgZ4BL6CBsk9IKIlexP43ObX github.com/rogpeppe/go-internal v1.9.0 h1:73kH8U+JUqXU8lRuOHeVHaa/SZPifC7BkcraZVejAe8= github.com/rogpeppe/go-internal v1.9.0/go.mod h1:WtVeX8xhTBvf0smdhujwtBcq4Qrzq/fJaraNFVN+nFs= github.com/russross/blackfriday/v2 v2.0.1/go.mod h1:+Rmxgy9KzJVeS9/2gXHxylqXiyQDYRxCVz55jmeOWTM= -github.com/segmentio/asm v1.2.0 h1:9BQrFxC+YOHJlTlHGkTrFWf59nbL3XnCoFLTwDCI7ys= -github.com/segmentio/asm v1.2.0/go.mod h1:BqMnlJP91P8d+4ibuonYZw9mfnzI9HfxselHZr5aAcs= github.com/shurcooL/sanitized_anchor_name v1.0.0/go.mod h1:1NzhyTcUVG4SuEtjjoZeVRXNmyL/1OwPU0+IJeTBvfc= github.com/smartystreets/assertions v1.2.0 h1:42S6lae5dvLc7BrLu/0ugRtcFVjoJNMC/N3yZFZkDFs= github.com/smartystreets/assertions v1.2.0/go.mod h1:tcbTF8ujkAEcZ8TElKY+i30BzYlVhC/LOxJk7iOWnoo= @@ -78,37 +57,29 @@ github.com/smartystreets/goconvey v1.7.2 h1:9RBaZCeXEQ3UselpuwUQHltGVXvdwm6cv1hg github.com/smartystreets/goconvey v1.7.2/go.mod h1:Vw0tHAZW6lzCRk3xgdin6fKYcG+G3Pg9vgXWeJpQFMM= github.com/spaolacci/murmur3 v1.1.0 h1:7c1g84S4BPRrfL5Xrdp6fOJ206sU9y293DDHaoy0bLI= github.com/spaolacci/murmur3 v1.1.0/go.mod h1:JwIasOWyU6f++ZhiEuf87xNszmSA2myDM2Kzu9HwQUA= -github.com/stretchr/objx v0.1.0/go.mod h1:HFkY916IF+rwdDfMAkV7OtwuqBVzrE8GR6GFx+wExME= -github.com/stretchr/testify v1.6.1/go.mod h1:6Fq8oRcR53rry900zMqJjRRixrwX3KX962/h/Wwjteg= -github.com/stretchr/testify v1.7.1/go.mod h1:6Fq8oRcR53rry900zMqJjRRixrwX3KX962/h/Wwjteg= github.com/stretchr/testify v1.10.0 h1:Xv5erBjTwe/5IxqUQTdXv5kgmIvbHo3QQyRwhJsOfJA= github.com/stretchr/testify v1.10.0/go.mod h1:r2ic/lqez/lEtzL7wO/rwa5dbSLXVDPFyf8C91i36aY= +github.com/ucan-wg/go-varsig v1.0.0-pre6 h1:go023KQG4fGaLskEUpn7Ftqg3PvW4iO2HaeWEjwIH+k= +github.com/ucan-wg/go-varsig v1.0.0-pre6/go.mod h1:Sakln6IPooDPH+ClQ0VvR09TuwUhHcfLqcPiPkMZGh0= github.com/urfave/cli v1.22.10/go.mod h1:Gos4lmkARVdJ6EkW0WaNv/tZAAMe9V7XWyB60NtXRu0= github.com/warpfork/go-wish v0.0.0-20220906213052-39a1cc7a02d0 h1:GDDkbFiaK8jsSDJfjId/PEGEShv6ugrt4kYsC5UIDaQ= github.com/warpfork/go-wish v0.0.0-20220906213052-39a1cc7a02d0/go.mod h1:x6AKhvSSexNrVSrViXSHUEbICjmGXhtgABaHIySUSGw= golang.org/x/crypto v0.0.0-20190308221718-c2843e01d9a2/go.mod h1:djNgcEr1/C05ACkg1iLfiJU5Ep61QUkGW8qpdssI0+w= -golang.org/x/crypto v0.32.0 h1:euUpcYgM8WcP71gNpTqQCn6rC2t6ULUPiOzfWaXVVfc= -golang.org/x/crypto v0.32.0/go.mod h1:ZnnJkOaASj8g0AjIduWNlq2NRxL0PlBrbKVyZ6V/Ugc= -golang.org/x/exp v0.0.0-20240213143201-ec583247a57a h1:HinSgX1tJRX3KsL//Gxynpw5CTOAIPhgL4W8PNiIpVE= -golang.org/x/exp v0.0.0-20240213143201-ec583247a57a/go.mod h1:CxmFvTBINI24O/j8iY7H1xHzx2i4OsyguNBmN/uPtqc= +golang.org/x/crypto v0.40.0 h1:r4x+VvoG5Fm+eJcxMaY8CQM7Lb0l1lsmjGBQ6s8BfKM= +golang.org/x/crypto v0.40.0/go.mod h1:Qr1vMER5WyS2dfPHAlsOj01wgLbsyWtFn/aY+5+ZdxY= golang.org/x/net v0.0.0-20190311183353-d8887717615a/go.mod h1:t9HGtf8HONx5eT2rtn7q6eTqICYqUVnKs3thJo3Qplg= golang.org/x/sys v0.0.0-20190215142949-d0b11bdaac8a/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY= -golang.org/x/sys v0.29.0 h1:TPYlXGxvx1MGTn2GiZDhnjPA9wZzZeGKHHmKhHYvgaU= -golang.org/x/sys v0.29.0/go.mod h1:/VUhepiaJMQUp4+oa/7Zr1D23ma6VTLIYjOOTFZPUcA= +golang.org/x/sys v0.34.0 h1:H5Y5sJ2L2JRdyv7ROF1he/lPdvFsd0mJHFw2ThKHxLA= +golang.org/x/sys v0.34.0/go.mod h1:BJP2sWEmIv4KK5OTEluFJCKSidICx8ciO85XgH3Ak8k= golang.org/x/text v0.3.0/go.mod h1:NqM8EUOU14njkJ3fqMW+pc6Ldnwhi/IjpwHt7yyuwOQ= golang.org/x/tools v0.0.0-20190328211700-ab21143f2384/go.mod h1:LCzVGOaR6xXOjkQ3onu1FJEFr0SW1gC7cKk1uF8kGRs= -google.golang.org/protobuf v1.36.0 h1:mjIs9gYtt56AzC4ZaffQuh88TZurBGhIJMBZGSxNerQ= -google.golang.org/protobuf v1.36.0/go.mod h1:9fA7Ob0pmnwhb644+1+CVWFRbNajQ6iRojtC/QF5bRE= gopkg.in/check.v1 v0.0.0-20161208181325-20d25e280405/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0= gopkg.in/check.v1 v1.0.0-20190902080502-41f04d3bba15 h1:YR8cESwS4TdDjEe65xsg0ogRM/Nc3DYOhEAlW+xobZo= gopkg.in/check.v1 v1.0.0-20190902080502-41f04d3bba15/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0= gopkg.in/yaml.v2 v2.2.2/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= gopkg.in/yaml.v2 v2.4.0 h1:D8xgwECY7CYvx+Y2n4sBz93Jn9JRvxdiyyo8CTfuKaY= gopkg.in/yaml.v2 v2.4.0/go.mod h1:RDklbk79AGWmwhnvt/jBztapEOGDOx6ZbXqjP6csGnQ= -gopkg.in/yaml.v3 v3.0.0-20200313102051-9f266ea9e77c/go.mod h1:K4uyk7z7BCEPqu6E+C64Yfv1cQ7kz7rIZviUmN+EgEM= gopkg.in/yaml.v3 v3.0.1 h1:fxVm/GzAzEWqLHuvctI91KS9hhNmmWOoWu0XTYJS7CA= gopkg.in/yaml.v3 v3.0.1/go.mod h1:K4uyk7z7BCEPqu6E+C64Yfv1cQ7kz7rIZviUmN+EgEM= -gotest.tools/v3 v3.5.1 h1:EENdUnS3pdur5nybKYIh2Vfgc8IUNBjxDPSjtiJcOzU= -gotest.tools/v3 v3.5.1/go.mod h1:isy3WKz7GK6uNw/sbHzfKBLvlvXwUyV06n6brMxxopU= lukechampine.com/blake3 v1.3.0 h1:sJ3XhFINmHSrYCgl958hscfIa3bw8x4DqMP3u1YvoYE= lukechampine.com/blake3 v1.3.0/go.mod h1:0OFRp7fBtAylGVCO40o87sbupkyIGgbpv1+M1k1LM6k= diff --git a/pkg/args/builder_test.go b/pkg/args/builder_test.go index 2f586f3..9e8c60d 100644 --- a/pkg/args/builder_test.go +++ b/pkg/args/builder_test.go @@ -6,6 +6,7 @@ import ( "github.com/ipld/go-ipld-prime" "github.com/stretchr/testify/assert" "github.com/stretchr/testify/require" + "github.com/ucan-wg/go-ucan/pkg/args" ) diff --git a/pkg/container/serial_test.go b/pkg/container/serial_test.go index 347bdbc..97ba511 100644 --- a/pkg/container/serial_test.go +++ b/pkg/container/serial_test.go @@ -9,11 +9,12 @@ import ( "testing" "time" + "github.com/MetaMask/go-did-it" + "github.com/MetaMask/go-did-it/controller/did-key" + "github.com/MetaMask/go-did-it/crypto/ed25519" "github.com/ipfs/go-cid" - "github.com/libp2p/go-libp2p/core/crypto" "github.com/stretchr/testify/require" - "github.com/ucan-wg/go-ucan/did" "github.com/ucan-wg/go-ucan/pkg/command" "github.com/ucan-wg/go-ucan/pkg/policy" "github.com/ucan-wg/go-ucan/pkg/policy/literal" @@ -172,15 +173,12 @@ func BenchmarkContainerSerialisation(b *testing.B) { } } -func randDID() (crypto.PrivKey, did.DID) { - privKey, _, err := crypto.GenerateEd25519Key(rand.Reader) - if err != nil { - panic(err) - } - d, err := did.FromPrivKey(privKey) +func randDID() (ed25519.PrivateKey, did.DID) { + _, privKey, err := ed25519.GenerateKeyPair() if err != nil { panic(err) } + d := didkeyctl.FromPrivateKey(privKey) return privKey, d } diff --git a/token/delegation/delegation.go b/token/delegation/delegation.go index 5e2007e..565cba0 100644 --- a/token/delegation/delegation.go +++ b/token/delegation/delegation.go @@ -16,7 +16,8 @@ import ( "strings" "time" - "github.com/ucan-wg/go-ucan/did" + "github.com/MetaMask/go-did-it" + "github.com/ucan-wg/go-ucan/pkg/command" "github.com/ucan-wg/go-ucan/pkg/meta" "github.com/ucan-wg/go-ucan/pkg/policy" @@ -102,7 +103,7 @@ func Root(iss did.DID, aud did.DID, cmd command.Command, pol policy.Policy, opts // // You can read it as "(issuer) allows (audience) to perform (cmd+pol) on anything". func Powerline(iss did.DID, aud did.DID, cmd command.Command, pol policy.Policy, opts ...Option) (*Token, error) { - return New(iss, aud, cmd, pol, did.Undef, opts...) + return New(iss, aud, cmd, pol, nil, opts...) } // Issuer returns the did.DID representing the Token's issuer. @@ -156,12 +157,12 @@ func (t *Token) Expiration() *time.Time { // IsRoot tells if the token is a root delegation. func (t *Token) IsRoot() bool { - return t.issuer == t.subject + return t.issuer.Equal(t.subject) } // IsPowerline tells if the token is a powerline delegation. func (t *Token) IsPowerline() bool { - return t.subject == did.Undef + return t.subject == nil } // IsValidNow verifies that the token can be used at the current time, based on expiration or "not before" fields. @@ -189,7 +190,7 @@ func (t *Token) String() string { switch { case t.issuer == t.subject: kind = " (root delegation)" - case t.subject == did.Undef: + case t.subject == nil: kind = " (powerline delegation)" default: kind = " (normal delegation)" @@ -212,7 +213,7 @@ func (t *Token) validate() error { var errs error requiredDID := func(id did.DID, fieldname string) { - if !id.Defined() { + if id == nil { errs = errors.Join(errs, fmt.Errorf(`a valid did is required for %s: %s`, fieldname, id.String())) } } diff --git a/token/delegation/delegation_test.go b/token/delegation/delegation_test.go index e5c388e..09dd312 100644 --- a/token/delegation/delegation_test.go +++ b/token/delegation/delegation_test.go @@ -1,19 +1,28 @@ package delegation_test import ( + _ "embed" "encoding/base64" "testing" "time" "github.com/stretchr/testify/require" - "gotest.tools/v3/golden" - "github.com/ucan-wg/go-ucan/did/didtest" "github.com/ucan-wg/go-ucan/pkg/command" "github.com/ucan-wg/go-ucan/pkg/policy" "github.com/ucan-wg/go-ucan/token/delegation" + "github.com/ucan-wg/go-ucan/token/internal/didtest" ) +//go:embed testdata/new.dagjson +var newDagJson []byte + +//go:embed testdata/powerline.dagjson +var powerlineDagJson []byte + +//go:embed testdata/root.dagjson +var rootDagJson []byte + const ( nonce = "6roDhGi0kiNriQAz7J3d+bOeoI/tj8ENikmQNbtjnD0" @@ -63,12 +72,10 @@ func TestConstructors(t *testing.T) { data, err := tkn.ToDagJson(didtest.PersonaAlice.PrivKey()) require.NoError(t, err) - golden.Assert(t, string(data), "new.dagjson") + require.Equal(t, newDagJson, data) }) t.Run("Root", func(t *testing.T) { - t.Parallel() - tkn, err := delegation.Root(didtest.PersonaAlice.DID(), didtest.PersonaBob.DID(), cmd, pol, delegation.WithNonce([]byte(nonce)), delegation.WithExpiration(exp), @@ -83,12 +90,10 @@ func TestConstructors(t *testing.T) { data, err := tkn.ToDagJson(didtest.PersonaAlice.PrivKey()) require.NoError(t, err) - golden.Assert(t, string(data), "root.dagjson") + require.Equal(t, rootDagJson, data) }) t.Run("Powerline", func(t *testing.T) { - t.Parallel() - tkn, err := delegation.Powerline(didtest.PersonaAlice.DID(), didtest.PersonaBob.DID(), cmd, pol, delegation.WithNonce([]byte(nonce)), delegation.WithExpiration(exp), @@ -103,7 +108,7 @@ func TestConstructors(t *testing.T) { data, err := tkn.ToDagJson(didtest.PersonaAlice.PrivKey()) require.NoError(t, err) - golden.Assert(t, string(data), "powerline.dagjson") + require.Equal(t, powerlineDagJson, data) }) } diff --git a/token/delegation/delegationtest/data/TokenAliceBob.dagcbor b/token/delegation/delegationtest/data/TokenAliceBob.dagcbor index 2122c4d06d05135f9e6fe8dc1190f77b9d9c26c4..b5cfb5a7908ccbb1f54b3da2bbbcf4a2fd45ff91 100644 GIT binary patch delta 266 zcmX@hbdkxgDZ*hww}xizqI#PP0mm&;ey27p7EDz85s6eA|W#0(dcw~Q10G<3?m0&-oWq9T*hGs_M0 zOG6CvfkbhLo0ErEa7nRcenCc9v0r*}P;O*J=)^_3^`)iR*+#|LE)hO~dFFoJ#;zHb zS-yEGk!fWvP8Ai|CFup3DPE3+N#?%B1<3{ZISt9hrAZYQDVZr&*{PLQRc5}~q!^K! Xm!FrM>chau#LU9V#?Haa$;Ax-^0sDG diff --git a/token/delegation/delegationtest/data/TokenBobCarol.dagcbor b/token/delegation/delegationtest/data/TokenBobCarol.dagcbor index 8d68e2bd1b8a69edd800e8ae047f5bd0ad66da11..401b4f51ca919dce1599f38a16ed7d9216513b07 100644 GIT binary patch delta 266 zcmV+l0rmdP0?`6af>=Px9Ab5e5AqA11E>mM8iUOcd~zMEk}U>`>JewBa-Z8fzX>a%};kVQ5G+0qp_p0TYo*C@gAMMpZaSbY@L) zbysdRO+`^TaxyY{S8;hmPBC_2dPjFQXEtzpV`+M6PF9hgEq`V-S9C*nP(*ZLZF5?7 zLP|k2Wm8sTMK^X@by84yHB)PCG)Q4@QFb^nX)$APZ)|{Lb9G{PIAm#LI%{QlI(jxu zYi?C~F>O<7G;nrPHepp&NM&n7NMuz|b~i{uXheBLLRwKWS2I?1YGXBVLuGDnZewLk Q009C61O)~M2m=WU3krB(g#Z8m delta 262 zcmV+h0r~#X0?h(Sf>=ORn$Rpv$qAvvQ3V$E852lSt&b8iHFGwr{#B0>*!57$Cgya| z8?df%(lOS3+wC-!VP%J(5%ng-mId5=iR&!2gV^VEdcvWL?Z)|{Lb9G{PIAm#LI%{QlI(jxuYjt&N zYcg|dL|9BwZZ}R#Geu}QYE5orS!Q-bLU?#=P>yo>cWA$bKkn{b7&h$zoUS9JR{g5O{zes9W)qlhdtox-*K za2G2L@@bXPBnK3IY|nybDWXOPXz~}VQ5G+0qp_p0TYo*C@gVIMQ2oYRy8O<7G;nrPHepp&NM&n7NMuz|b~i{uXheBLLRwKWS2I?1YGXBVLuGDnZewLk Q009C61O)~M2m=WU3;!o!g#Z8m delta 262 zcmV+h0r~#X0?h(Sf>=N(HZO8g0kA^zqvxq0=Q2i7V4NzsABU_FNhG@@t&?vm=NLZt zvT@plx1p@QuP)IJkxj1)mr#@=4E)ji3jYP7VQ54&?E#TaC@gMbH+gDIZ((^gM`21# zYdCo^MK(5XP-{a$Hf3rvYe6?=Nfua7H_5Xo;XpVatKk^+El?B$E|r!`$T*8L}rOGA*1Xt2!U zkh6in3+DuIx$O9oen5jL7ox}cy5(v1Hc}3vVQ5G+0qp_p0TYo*C@gVIMQ2oYRy8uJKf>=QLF}%jx$Wz2W@wg?fs{*i--&gWbm%DYLglsP+w(k(Sy!k?H zumAoejC+91xTs}Dq$^DWCh`$#>$5WPP>~0sVQ54&?E#TaC@gMbH+gDIZ((^gM`21# zYdCo^MK(5XP-{a$Hf3rvYe6?F#rGn diff --git a/token/delegation/delegationtest/data/TokenCarolDan_InvalidExpired.dagcbor b/token/delegation/delegationtest/data/TokenCarolDan_InvalidExpired.dagcbor index 37f437ed3f29d4fafd2d417f410d9365fcd5f819..1dcb97ea96135a31e147e06ed9267795431f29f6 100644 GIT binary patch delta 288 zcmcb}bd|}kDZ=4L)aR_M66OuHx&L~NH(fJ~jg3z_woK$e;bxsLOj8{9{_EMkKWyTL zd2-9u)-_yd(D*o|Z9b=<*Ou!YU1EHa8eEGKGdxTf-vXiVL@y1ULLb-kkg_mSi&E2+ zB%{#cjO+rVki2|%6Qh*E^x&k5)O3r0U`r>rlBks6iSwlEGrA-8CubHHS6HNErdVaC zR$5h=`DSN@yMM78w~;g%?&j`x%xcR=Jm(rJEI0C1+M;`h_JI zXDl5?2!^0P-gDol;Kk8;uIBV6mA?QS(=q> aTIigbm!FrM>chau#LU9V#?HaX#SH*%Hfr(! delta 288 zcmV+*0pI@B0?`6Wf>=OZzl-uB+$xaNM_AYF{DBk#B-UdB8Sj~)Y;g(E3Cb=)o@R^j zr42-}OWx!0^!yqoQlP3+=W;pZ=$a%_{sIJ|VQ54&?E#TaD1UBZH+gDIZ((^gM`21# zYdCo^MK(5XP-{a$Hf3rvYe6?MU` zV`X@78fRE3N@Hnrb9gvpX=FNUWqCS!Hce}1b#P;7Xf;T8bx2`oQ#V<2c||y4Om$%~ zO>#JJGHFXrQVM8!c2jmzL3257k^dJzb#-fNGIMK0SWHoFH%?14MQAx{O>SgaW_CnE mczA1cXK-m`N=PCUL*t?`r2iY&}`tId1baBi=xyF*{kX}V8nq*4}^a=OVXbCyt+dIx8E?s_!`*snG9BoKaO?HqnrGt=S5&ITKSrgHI z)4fzYy6`-O3jm4mqs380hy>H@Ijc`*7Yz=gVQ54&?E#TaC@gMbH+gDIZ((^gM`21# zYdCo^MK(5XP-{a$Hf3rvYe6?=Nqu_wuecEohki~O#pCymFF{}Nu5gqe`ERNv#fy)XyIPT~@9 zs(f^^ZjzT&tZ*%>8cx#a77F%Jkl8=PQu`~N#ddzQHwLC5DpCUqF$)(vr7HBWEJlD60Lp)$);%5om ztTG`((6<$w_Mh*K?RI$@xwmvLQ71k4vC9vlVQ54&?E#TaC@gMbH+gDIZ((^gM`21# zYdCo^MK(5XP-{a$Hf3rvYe6?2tcQJ2uR55RFbyRayMnXtRQ*?7VZ*XW=O)sqA46O*RjuF>1hf&0QXc4YbPbkNJHfmC0WFZ=CGU*}_0n zgZp9?+YrZj&9w0PSue%|(USKn*1-IHZlwUCVQ5G+0qp_p0TYo*C@gVIMQ2oYRy8O<7G;nrPHepp&NM&n7NMuz|b~i{uXheBLLRwKWS2I?1YGXBVLuGDnZewLk Q009C61O)~M2m=WU3-+pJRsaA1 delta 262 zcmV+h0r~#j0@(sef>=PeY<~4Zkrbiy{?KtVT3(csq(B#$>dRpw>?+J?r$=OE>qb578qS|uB&!v&;;bGuqu;IqSl6KkG|;Hp^rm(+L63^+ zTbBR-B0*|*`irpPxGV5Sho$8lUsI6V>5&hjVQ5G+0qp_p0TYo*C@gVIMQ2oYRy8=Nq;(IyJCcxkv@Zxa+C(QJazzX-&7dCcyzB1_=xiZJ`Wgrhs z;A?*A0EjrFdT0G(od4*79h~GSd`^pUK?Ve(VQ54&?E#TaC@gMbH+gDIZ((^gM`21# zYdCo^MK(5XP-{a$Hf3rvYe6?=O=okD)~Jaim6+U7mgtV@X5-{R?LreW@32xqG@jHkg*bakJV zwj+-0mr!5wVqh%8V0758m!Lx>z~hrq-$)6fVQ5G+0qp_p0TYo*C@gR_RZ&e>O*M3I zSXfwbGEr+cVNFF-OjR^#LpL}}P;EC;M`U9%K}&K@YD1BpEq`%LMQ2oYRy8O<7G;nrPHepp&NM&n7NMuz|b~i{uXheBLLRwKWS2I?1YGXBVLuGDnZewLk Q009C61O)~M2m=WU3sUG~l>h($ delta 262 zcmV+h0r~#X0?h(Sf>=Oqqu!$9$Qne}B1jNUGsQ_nW+s!_Mg8Wun{^7nJ*( zMObxNV>dK)Vp&T;ZFqWkO=QDTJiQ66sK^_WWW)Y&}h4#OHkA;K9{;~xl@`yavm9iCM~n| z_J223X*z!hN9u~}ClJd{UWE&_*oq^;dA$mvVQ5G+0qp_p0TYo*C@gR_RZ&e>O*M3I zSXfwbGEr+cVNFF-OjR^#LpL}}P;EC;M`U9%K}&K@YD1BpB`k4FMQ2oYRy8XqW}N^ delta 262 zcmV+h0r~#P0>uJKf>=Q3>hK?20Kb^EbMf1Tu3)RBX`N46Vs}1oNVU)syzkCmt6B3* z{8MUst^@>UQ6B)`fTF|T!8J*( zMObxNV>dK)Vp&T;ZFqWkOrR)HEf@D6}{uyTB+UFW=q7D5WqxIH@8v-69~^(#fqPDkV6% zAU~%exwte5)rh>%D#P61ER%w=V6()~P>=Nf)qym`63s9;%xvl9qz?WiJwa8}rm#c06ErEEr2Zf2ZQmsi zB+O&2p1C1eiJdBx8I~l*r~eNT!?p5a#vBKtVQ54&?E#TaD1T=%SZy;mc|uloO>J*( zMObxNV>dK)Vp&T;ZFqWkOMU` zV`X@78fRE3N@Hnrb9gvpX=FNUWqCS!Hce}8VmEneOmAU%HAi7eOlvrKF-0~uZ%}JP zK{jP-GiyONWeRIJYBgSgaW_CnE mczA1cXK-m`N=OUw|sFg6~3K?5~z;8LJnf~xEdUTJO!HPO*M3I zSXfwbGEr+cVNFF-OjR^#LpL}}P;EC;M`U9%K}&K@YD1BpEi7?NMQ2oYRy8=O+)^6U?+X}vLMfWdgi@4*o7FB%!(048GJV)sdBr7B$l_uOB za@ua+$OUX{#eI?L1@!boYrWFSOy;yAkf95rVQ54&?E#TaC@g0(SZy;mc|uloO>J*( zMObxNV>dK)Vp&T;ZFqWkO=QIHPc4pY-m@29%U9z$N=#Qp6Jk%@^<9%!TI8_yVK}8^qtI0gfdT@eVQ5G+0qp_p0TYo*C@gR_RZ&e>O*M3I zSXfwbGEr+cVNFF-OjR^#LpL}}P;EC;M`U9%K}&K@YD1BpEq`%LMQ2oYRy8=PI@ZRfPr8LKxQ2)I!uy8n<7;l4Dics?@QQZD>o;J2;aM`Ml z!ip;0t+|C-%WLp7MqKDCP&`cj46c1|UjYoFVQ54&?E#TaC@g0(SZy;mc|uloO>J*( zMObxNV>dK)Vp&T;ZFqWkO2tcQJ2uR55RFbyRayMnXtRQ*?7VZ*XWHq)$ diff --git a/token/delegation/delegationtest/data/TokenDanErin_ValidAttenuatedCommand.dagcbor b/token/delegation/delegationtest/data/TokenDanErin_ValidAttenuatedCommand.dagcbor index 639958545ec1698075a0c3b7c53f4427bad73755..08601732fde6d66cd8983beae6b20e9bd4dfadcf 100644 GIT binary patch delta 266 zcmV+l0rmdb0^I^mf>=O?DQlRS&z)--XUHE|Gg%u5U1K~&$ut|%Zn@=hr|n21=Z2&~ zCH+CPU_bA%cnM^F+D&_@J!yNP^;HIv>-YnrVQ5G+0qp_p0TYo*C@gR_RZ&e>O*M3I zSXfwbGEr+cVNFF-OjR^#LpL}}P;EC;M`U9%K}&K@YD1BpIe&3XMQ2oYRy8O<7G;nrPHepp&NM&n7NMuz|b~i{uXheBLLRwKWS2I?1YGXBVLuGDnZewLk Q009C61O)~M2m=WU3$`v_%K!iX delta 262 zcmV+h0r~#j0@(sef>=O}VTxpDjV#!o8D%;UG%r}~zt+D94*m0-F(aruOJ(Lq|9s|O zNyV_izJ*( zMObxNV>dK)Vp&T;ZFqWkO=Poo~K!*_@OOAhh$rO#uevtC%+@NUtcEp+AB=EY+>S8R2+s~ zn3KTzLaoi)Bs!@ry7O*M3I zSXfwbGEr+cVNFF-OjR^#LpL}}P;EC;M`U9%K}&K@YD1BpEi7?NMQ2oYRy8=O67=aq~cUf*Wt^_%hz{;VH>NuT|v!ezpf}yX-z+5N#{v>h- z%OV9ayGFkD4cvCJ*( zMObxNV>dK)Vp&T;ZFqWkO~rCjbBd diff --git a/token/delegation/delegationtest/data/TokenErinFrank.dagcbor b/token/delegation/delegationtest/data/TokenErinFrank.dagcbor index 1c854820e82300f77eb1b7e025d1f977fb51e1cf..e59391bb9c698f87d1b94f1b684d481a0621d056 100644 GIT binary patch delta 266 zcmX@hbdkxgDZ=3;m(=6M$9FU~aV_q|>Kqx%XOGBs7G_xYWH8n9PDKH?+ z!?!f4#3P`@ry|19Com)`I3+!xv?M7z!#T4!!`WowJl*;N)6hWQa9`7sf{2KSLZiTJ z^F&|QV4qNvOlNZo?|@wMVE2?{BS-HdzbxnEg8ZC@rdiYg delta 262 zcmV+h0r~#X0?h(Sf>=NfKY-9(k;V`R>2L=n5`uSB-6pg0G!Wmc%1Ml^+JUzcs8Jd? z7p%vPr4RWwGcK4r%Gjr;IIt;Tzan1Df<^$MVQ54&?E#TaC@g6>cUVSMS8+KrRbqE) zQDJd-SwlufV`Ft?SY&ofOl@~lNM?9VOH4CRM?;aKEq`Y+SZy;mc|uloO>J*(MObxN zV>dK)Vp&T;ZFqWkO=O5L(W>VPOq#`3&wn>=s?Vw;%0Aq*STl=a77Drz zVXqSRRQ>QzXEVfWH+mW9)Vck4D4;8%k{}GCVQ5G+0qp_p0TYo*C@gU`X?RdYWnofc zQBYP$O?6^)NKkZ4cvwM9QB+z}WM@!ybYg30LuqqpLo|_|B`k0?RZ&e>O*M3ISXfwb zGEr+cVNFF-OjR^#LpL}}P;EC;M`U9%K}&K@YD1Cl7e8)QdNFNNYBX?mQ#N5$RY+xP wLr7#*PuJKf>=PgcUVSMS8+KrRbqE) zQDJd-SwlufV`Ft?SY&ofOl@~lNM?9VOH4CRM?;aKC4Xl!SZy;mc|uloO>J*(MObxN zV>dK)Vp&T;ZFqWkOy$w#~OlNf7avLwwfnQPuX z@Oz_*s;10o&$UhgHJ{!ku-kY?I2@JG;$4)O;bFq~76^qWdTHnsnr2o6xTYosB?ShA zdH9wlm3Rb{_*6tV`UHkV1*fD3l$IoAXEWooF`qM(H*frIkUL9!XhOz#VR|s z(yGeLH@mH=qaN{t^(yV0D ZLg&=H{Ji8;9|lGyW)@a9b`DN1ZU8oNXAb}X delta 288 zcmV+*0pI@B0?`6Wf>=Oh-kQ1Fd5vY>&;R;P#CBrZ;jL2WTmHLPK0<;y);P1>^kf(^ z!_@T%aanyOY19fOiz_;vFKa;krs?QL)T<1lVQ54&?E#TaD1T`MU` zV`X@78fRE3N@Hnrb9gvpX=FNUWqCS!Hce}1GFWXhH+e!SgaW_CnE mczA1cXK-m`N=Pg>V=(LnW*YECwhZ+E9`Z8rz>tlgX9%_VJ$N0T2mf;_eC*I ziuThkn5=h!g&fy=URgBtOw2!+eO*M3ISXfwb zGEr+cVNFF-OjR^#LpL}}P;EC;M`U9%K}&K@YD1CtAU|$ZdNFNNYBX?mQ#N5$RY+xP wLr7#*P=Nz_?)kbcUGe>V$zb7`4;2B*{mIQ;c9PVFO8e#drYs%J)j&1 zcUVSMS8+KrRbqE) zQDJd-SwlufV`Ft?SY&ofOl@~lNM?9VOH4CRM?;aKEi7j;SZy;mc|uloO>J*(MObxN zV>dK)Vp&T;ZFqWkO=P1NejOr(uQM=1$Mm^TAf=jEiEAukp^3pIBCRh`E><~;6{}T zH9hA5ISKqdmqh)dl}mH=n)qCh`xxm4ar*|MVQ5G+0qp_p0TYo*C@gU`X?RdYWnofc zQBYP$O?6^)NKkZ4cvwM9QB+z}WM@!ybYg30LuqqpLo|_|Eq`z|RZ&e>O*M3ISXfwb zGEr+cVNFF-OjR^#LpL}}P;EC;M`U9%K}&K@YC~giZ)|{Lb9G{PIAm#LI%{QlI(jxu zYi2Z8bVGMgM08=P0&^5Of#x@nSd|f>CW5mK)bVL?136WQ5vO13U^ZWCXp_$8I zmNKrl&ScUVSMS8+KrRbqE) zQDJd-SwlufV`Ft?SY&ofOl@~lNM?9VOH4CRM?;aKEq`Y+SZy;mc|uloO>J*(MObxN zV>dK)Vp&T;ZFqWkO2tcQJ2uR55RFbyRayMnXtRQ*?7VZ*XW=O@pP|erkIb*_mjOjWKx!`rv#x@`I10zNFlh=ZZ*W41tWmnK zo==w^{y*wI4>aAPKz1rXwyAVAq`PuzCanjeVQ5G+0qp_p0TYo*C@gU`X?RdYWnofc zQBYP$O?6^)NKkZ4cvwM9QB+z}WM@!ybYg30LuqqpLo|_|Ie&09RZ&e>O*M3ISXfwb zGEr+cVNFF-OjR^#LpL}}P;EC;M`U9%K}&K@YC~giZ)|{Lb9G{PIAm#LI%{QlI(jxu zYi?C~F>O<7G;nrPHepp&NM&n7NMuz|b~i{uXheBLLRwKWS2I?1YGXBVLuGDnZewLk Q009C61O)~M2m=WU3z9frO8@`> delta 262 zcmV+h0r~#j0@(sef>=OoL`_~O33DMLa$Cq*D5fG&^CHS`1(yv6Sx({wCA}oOI3))d zA0xL_NKOJ7AlfskboykT;_G)}wQln2+tdT1VQ54&?E#TaC@g6>cUVSMS8+KrRbqE) zQDJd-SwlufV`Ft?SY&ofOl@~lNM?9VOH4CRM?;aKIe%v|SZy;mc|uloO>J*(MObxN zV>dK)Vp&T;ZFqWkO=Ob{_vIxt6G42lZU;K&Hfe-5_GAJKWGt6jT<>y4J+I6xl~r( zBbX*7n>i@#QR3JiX)xXwc&_)v0*xJec-;x2VQ5G+0qp_p0TYo*C@gU`X?RdYWnofc zQBYP$O?6^)NKkZ4cvwM9QB+z}WM@!ybYg30LuqqpLo|_|Ei7;~RZ&e>O*M3ISXfwb zGEr+cVNFF-OjR^#LpL}}P;EC;M`U9%K}&K@YD1CtQa^50dNFNNYBX?mQ#N5$RY+xP wLr7#*P=O@UPgR&R2g8SULS2i+{P!5m=fY2snTnxB9m)KE+2l&Sc|1} zf$xk=`i>^Vf);vn7w{W=hI|zv4}H+FbixdxVQ54&?E#TaC@g6>cUVSMS8+KrRbqE) zQDJd-SwlufV`Ft?SY&ofOl@~lNM?9VOH4CRM?;aKEi7j;SZy;mc|uloO>J*(MObxN zV>dK)Vp&T;ZFqWkO // Expiration (exp): diff --git a/token/delegation/ipld.go b/token/delegation/ipld.go index 0c59fe0..e35b3f1 100644 --- a/token/delegation/ipld.go +++ b/token/delegation/ipld.go @@ -1,25 +1,23 @@ package delegation import ( - "fmt" "io" + "github.com/MetaMask/go-did-it/crypto" "github.com/ipfs/go-cid" "github.com/ipld/go-ipld-prime" "github.com/ipld/go-ipld-prime/codec" "github.com/ipld/go-ipld-prime/codec/dagcbor" "github.com/ipld/go-ipld-prime/codec/dagjson" "github.com/ipld/go-ipld-prime/datamodel" - "github.com/libp2p/go-libp2p/core/crypto" - "github.com/ucan-wg/go-ucan/did" "github.com/ucan-wg/go-ucan/token/internal/envelope" ) // ToSealed wraps the delegation token in an envelope, generates the // signature, encodes the result to DAG-CBOR and calculates the CID of // the resulting binary data. -func (t *Token) ToSealed(privKey crypto.PrivKey) ([]byte, cid.Cid, error) { +func (t *Token) ToSealed(privKey crypto.PrivateKeySigningBytes) ([]byte, cid.Cid, error) { data, err := t.ToDagCbor(privKey) if err != nil { return nil, cid.Undef, err @@ -34,7 +32,7 @@ func (t *Token) ToSealed(privKey crypto.PrivKey) ([]byte, cid.Cid, error) { } // ToSealedWriter is the same as ToSealed but accepts an io.Writer. -func (t *Token) ToSealedWriter(w io.Writer, privKey crypto.PrivKey) (cid.Cid, error) { +func (t *Token) ToSealedWriter(w io.Writer, privKey crypto.PrivateKeySigningBytes) (cid.Cid, error) { cidWriter := envelope.NewCIDWriter(w) if err := t.ToDagCborWriter(cidWriter, privKey); err != nil { @@ -81,7 +79,7 @@ func FromSealedReader(r io.Reader) (*Token, cid.Cid, error) { // Encode marshals a Token to the format specified by the provided // codec.Encoder. -func (t *Token) Encode(privKey crypto.PrivKey, encFn codec.Encoder) ([]byte, error) { +func (t *Token) Encode(privKey crypto.PrivateKeySigningBytes, encFn codec.Encoder) ([]byte, error) { node, err := t.toIPLD(privKey) if err != nil { return nil, err @@ -91,7 +89,7 @@ func (t *Token) Encode(privKey crypto.PrivKey, encFn codec.Encoder) ([]byte, err } // EncodeWriter is the same as Encode, but accepts an io.Writer. -func (t *Token) EncodeWriter(w io.Writer, privKey crypto.PrivKey, encFn codec.Encoder) error { +func (t *Token) EncodeWriter(w io.Writer, privKey crypto.PrivateKeySigningBytes, encFn codec.Encoder) error { node, err := t.toIPLD(privKey) if err != nil { return err @@ -101,22 +99,22 @@ func (t *Token) EncodeWriter(w io.Writer, privKey crypto.PrivKey, encFn codec.En } // ToDagCbor marshals the Token to the DAG-CBOR format. -func (t *Token) ToDagCbor(privKey crypto.PrivKey) ([]byte, error) { +func (t *Token) ToDagCbor(privKey crypto.PrivateKeySigningBytes) ([]byte, error) { return t.Encode(privKey, dagcbor.Encode) } // ToDagCborWriter is the same as ToDagCbor, but it accepts an io.Writer. -func (t *Token) ToDagCborWriter(w io.Writer, privKey crypto.PrivKey) error { +func (t *Token) ToDagCborWriter(w io.Writer, privKey crypto.PrivateKeySigningBytes) error { return t.EncodeWriter(w, privKey, dagcbor.Encode) } // ToDagJson marshals the Token to the DAG-JSON format. -func (t *Token) ToDagJson(privKey crypto.PrivKey) ([]byte, error) { +func (t *Token) ToDagJson(privKey crypto.PrivateKeySigningBytes) ([]byte, error) { return t.Encode(privKey, dagjson.Encode) } // ToDagJsonWriter is the same as ToDagJson, but it accepts an io.Writer. -func (t *Token) ToDagJsonWriter(w io.Writer, privKey crypto.PrivKey) error { +func (t *Token) ToDagJsonWriter(w io.Writer, privKey crypto.PrivateKeySigningBytes) error { return t.EncodeWriter(w, privKey, dagjson.Encode) } @@ -193,18 +191,9 @@ func FromIPLD(node datamodel.Node) (*Token, error) { return tkn, err } -func (t *Token) toIPLD(privKey crypto.PrivKey) (datamodel.Node, error) { - // sanity check that privKey and issuer are matching - issPub, err := t.issuer.PubKey() - if err != nil { - return nil, err - } - if !issPub.Equals(privKey.GetPublic()) { - return nil, fmt.Errorf("private key doesn't match the issuer") - } - +func (t *Token) toIPLD(privKey crypto.PrivateKeySigningBytes) (datamodel.Node, error) { var sub *string - if t.subject != did.Undef { + if t.subject != nil { s := t.subject.String() sub = &s } diff --git a/token/delegation/schema.go b/token/delegation/schema.go index 13721e9..24d2684 100644 --- a/token/delegation/schema.go +++ b/token/delegation/schema.go @@ -14,10 +14,10 @@ import ( "github.com/ucan-wg/go-ucan/token/internal/envelope" ) -// [Tag] is the string used as a key within the SigPayload that identifies +// Tag is the string used as a key within the SigPayload that identifies // that the TokenPayload is a delegation. // -// [Tag]: https://github.com/ucan-wg/delegation/tree/v1_ipld#type-tag +// See: https://github.com/ucan-wg/delegation/tree/v1_ipld#type-tag const Tag = "ucan/dlg@1.0.0-rc.1" // TODO: update the above Tag URL once the delegation specification is merged. diff --git a/token/delegation/schema_test.go b/token/delegation/schema_test.go index f0f22dd..33f6a01 100644 --- a/token/delegation/schema_test.go +++ b/token/delegation/schema_test.go @@ -8,10 +8,9 @@ import ( "github.com/ipld/go-ipld-prime" "github.com/stretchr/testify/assert" "github.com/stretchr/testify/require" - "gotest.tools/v3/golden" - "github.com/ucan-wg/go-ucan/did/didtest" "github.com/ucan-wg/go-ucan/token/delegation" + "github.com/ucan-wg/go-ucan/token/internal/didtest" "github.com/ucan-wg/go-ucan/token/internal/envelope" ) @@ -21,7 +20,6 @@ var schemaBytes []byte func TestSchemaRoundTrip(t *testing.T) { t.Parallel() - delegationJson := golden.Get(t, "new.dagjson") privKey := didtest.PersonaAlice.PrivKey() t.Run("via buffers", func(t *testing.T) { @@ -30,7 +28,7 @@ func TestSchemaRoundTrip(t *testing.T) { // format: dagJson --> PayloadModel --> dagCbor --> PayloadModel --> dagJson // function: DecodeDagJson() Seal() Unseal() EncodeDagJson() - p1, err := delegation.FromDagJson(delegationJson) + p1, err := delegation.FromDagJson(newDagJson) require.NoError(t, err) _, newCID, err := p1.ToSealed(privKey) @@ -47,13 +45,13 @@ func TestSchemaRoundTrip(t *testing.T) { readJson, err := p2.ToDagJson(privKey) require.NoError(t, err) - assert.JSONEq(t, string(delegationJson), string(readJson)) + assert.JSONEq(t, string(newDagJson), string(readJson)) }) t.Run("via streaming", func(t *testing.T) { t.Parallel() - buf := bytes.NewBuffer(delegationJson) + buf := bytes.NewBuffer(newDagJson) // format: dagJson --> PayloadModel --> dagCbor --> PayloadModel --> dagJson // function: DecodeDagJson() Seal() Unseal() EncodeDagJson() @@ -77,17 +75,7 @@ func TestSchemaRoundTrip(t *testing.T) { readJson := &bytes.Buffer{} require.NoError(t, p2.ToDagJsonWriter(readJson, privKey)) - assert.JSONEq(t, string(delegationJson), readJson.String()) - }) - - t.Run("fails with wrong PrivKey", func(t *testing.T) { - t.Parallel() - - p1, err := delegation.FromDagJson(delegationJson) - require.NoError(t, err) - - _, _, err = p1.ToSealed(didtest.PersonaBob.PrivKey()) - require.EqualError(t, err, "private key doesn't match the issuer") + assert.JSONEq(t, string(newDagJson), readJson.String()) }) } @@ -99,11 +87,10 @@ func BenchmarkSchemaLoad(b *testing.B) { } func BenchmarkRoundTrip(b *testing.B) { - delegationJson := golden.Get(b, "new.dagjson") privKey := didtest.PersonaAlice.PrivKey() b.Run("via buffers", func(b *testing.B) { - p1, _ := delegation.FromDagJson(delegationJson) + p1, _ := delegation.FromDagJson(newDagJson) cborBytes, _, _ := p1.ToSealed(privKey) p2, _, _ := delegation.FromSealed(cborBytes) @@ -112,7 +99,7 @@ func BenchmarkRoundTrip(b *testing.B) { b.Run("FromDagJson", func(b *testing.B) { b.ReportAllocs() for i := 0; i < b.N; i++ { - _, _ = delegation.FromDagJson(delegationJson) + _, _ = delegation.FromDagJson(newDagJson) } }) @@ -139,7 +126,7 @@ func BenchmarkRoundTrip(b *testing.B) { }) b.Run("via streaming", func(b *testing.B) { - p1, _ := delegation.FromDagJsonReader(bytes.NewReader(delegationJson)) + p1, _ := delegation.FromDagJsonReader(bytes.NewReader(newDagJson)) cborBuf := &bytes.Buffer{} _, _ = p1.ToSealedWriter(cborBuf, privKey) cborBytes := cborBuf.Bytes() @@ -149,7 +136,7 @@ func BenchmarkRoundTrip(b *testing.B) { b.Run("FromDagJsonReader", func(b *testing.B) { b.ReportAllocs() - reader := bytes.NewReader(delegationJson) + reader := bytes.NewReader(newDagJson) for i := 0; i < b.N; i++ { _, _ = reader.Seek(0, 0) _, _ = delegation.FromDagJsonReader(reader) diff --git a/token/delegation/testdata/new.dagjson b/token/delegation/testdata/new.dagjson index af02131..2107b0a 100644 --- a/token/delegation/testdata/new.dagjson +++ b/token/delegation/testdata/new.dagjson @@ -1 +1 @@ -[{"/":{"bytes":"YJsl8EMLnXSFE/nKKjMxz9bHHo+Y7QeLEzukEzW1TB+m53TTiY1aOt+qUO8JaTcOKsOHt/a4Vn+YiOd5CkLdAQ"}},{"h":{"/":{"bytes":"NO0BcQ"}},"ucan/dlg@1.0.0-rc.1":{"aud":"did:key:z6MkvJPmEZZYbgiw1ouT1oouTsTFBHJSts9ophVsNgcRmYxU","cmd":"/foo/bar","exp":7258118400,"iss":"did:key:z6Mkuukk2skDXLQn7NK3Eh9jMndYfvDBxxktgpidJAqb7M3p","meta":{"bar":"barr","foo":"fooo"},"nonce":{"/":{"bytes":"NnJvRGhHaTBraU5yaVFBejdKM2QrYk9lb0kvdGo4RU5pa21RTmJ0am5EMA"}},"pol":[["==",".status","draft"],["all",".reviewer",["like",".email","*@example.com"]],["any",".tags",["or",[["==",".","news"],["==",".","press"]]]]],"sub":"did:key:z6Mkgupchh5HwuHahS7YsyE8bLua1Mr8p2iKNRhyvSvRAs9n"}}] \ No newline at end of file +[{"/":{"bytes":"7Df/QlkgvQ/j1sr2NUFryQbTxo16rsOPfDPX8evBmA0hV6Omv+sScM8HC30KHr/kXCl+DzxDg+/EOwiZ9ApNBQ"}},{"h":{"/":{"bytes":"NAHtAe0BE3E"}},"ucan/dlg@1.0.0-rc.1":{"aud":"did:key:z6Mkf4WtCwPDtamsZvBJA4eSVcE7vZuRPy5Skm4HaoQv81i1","cmd":"/foo/bar","exp":7258118400,"iss":"did:key:z6MknUz1mSj4pvS6aUUHekCHdUPv7HBhDyDBZQ2W3Vujc5qC","meta":{"bar":"barr","foo":"fooo"},"nonce":{"/":{"bytes":"NnJvRGhHaTBraU5yaVFBejdKM2QrYk9lb0kvdGo4RU5pa21RTmJ0am5EMA"}},"pol":[["==",".status","draft"],["all",".reviewer",["like",".email","*@example.com"]],["any",".tags",["or",[["==",".","news"],["==",".","press"]]]]],"sub":"did:key:z6MkjWFU8HtfMquWn5MEQ9r22zWqyCN1vazGw6g6pzciziNV"}}] \ No newline at end of file diff --git a/token/delegation/testdata/powerline.dagjson b/token/delegation/testdata/powerline.dagjson index 49e746f..1bc16c7 100644 --- a/token/delegation/testdata/powerline.dagjson +++ b/token/delegation/testdata/powerline.dagjson @@ -1 +1 @@ -[{"/":{"bytes":"i3YkPDvNSU4V8XYEluZhLH0b+NDcW/6+PtPSUHC17cmXXqgelG0K4EzWQQkS9UsYCHfkZSCn9NjGSXYMMFhaAQ"}},{"h":{"/":{"bytes":"NO0BcQ"}},"ucan/dlg@1.0.0-rc.1":{"aud":"did:key:z6MkvJPmEZZYbgiw1ouT1oouTsTFBHJSts9ophVsNgcRmYxU","cmd":"/foo/bar","exp":7258118400,"iss":"did:key:z6Mkuukk2skDXLQn7NK3Eh9jMndYfvDBxxktgpidJAqb7M3p","meta":{"bar":"barr","foo":"fooo"},"nonce":{"/":{"bytes":"NnJvRGhHaTBraU5yaVFBejdKM2QrYk9lb0kvdGo4RU5pa21RTmJ0am5EMA"}},"pol":[["==",".status","draft"],["all",".reviewer",["like",".email","*@example.com"]],["any",".tags",["or",[["==",".","news"],["==",".","press"]]]]]}}] \ No newline at end of file +[{"/":{"bytes":"pcdEo4gSPlBWE1kQUUjFOQNRLvXDw6BTLmgoIrU/o1JCAeSYiiIQFrHB1KIm0phZfMHqp5O6k6QxHuldxUARBQ"}},{"h":{"/":{"bytes":"NAHtAe0BE3E"}},"ucan/dlg@1.0.0-rc.1":{"aud":"did:key:z6Mkf4WtCwPDtamsZvBJA4eSVcE7vZuRPy5Skm4HaoQv81i1","cmd":"/foo/bar","exp":7258118400,"iss":"did:key:z6MknUz1mSj4pvS6aUUHekCHdUPv7HBhDyDBZQ2W3Vujc5qC","meta":{"bar":"barr","foo":"fooo"},"nonce":{"/":{"bytes":"NnJvRGhHaTBraU5yaVFBejdKM2QrYk9lb0kvdGo4RU5pa21RTmJ0am5EMA"}},"pol":[["==",".status","draft"],["all",".reviewer",["like",".email","*@example.com"]],["any",".tags",["or",[["==",".","news"],["==",".","press"]]]]]}}] \ No newline at end of file diff --git a/token/delegation/testdata/root.dagjson b/token/delegation/testdata/root.dagjson index 618c90f..0efd3e8 100644 --- a/token/delegation/testdata/root.dagjson +++ b/token/delegation/testdata/root.dagjson @@ -1 +1 @@ -[{"/":{"bytes":"BBabgnWqd+cjwG1td0w9BudNocmUwoR89RMZTqZHk3osCXEI/bOkko0zTvlusaE4EMBBeSzZDKzjvunLBfdiBg"}},{"h":{"/":{"bytes":"NO0BcQ"}},"ucan/dlg@1.0.0-rc.1":{"aud":"did:key:z6MkvJPmEZZYbgiw1ouT1oouTsTFBHJSts9ophVsNgcRmYxU","cmd":"/foo/bar","exp":7258118400,"iss":"did:key:z6Mkuukk2skDXLQn7NK3Eh9jMndYfvDBxxktgpidJAqb7M3p","meta":{"bar":"barr","foo":"fooo"},"nonce":{"/":{"bytes":"NnJvRGhHaTBraU5yaVFBejdKM2QrYk9lb0kvdGo4RU5pa21RTmJ0am5EMA"}},"pol":[["==",".status","draft"],["all",".reviewer",["like",".email","*@example.com"]],["any",".tags",["or",[["==",".","news"],["==",".","press"]]]]],"sub":"did:key:z6Mkuukk2skDXLQn7NK3Eh9jMndYfvDBxxktgpidJAqb7M3p"}}] \ No newline at end of file +[{"/":{"bytes":"jS5WzBU0JybWoQAJjJTgxke5U7vbwOJTYbe3bipYbmhz3Lcrl1B/68dK4xhWSv6wc3zZqXFJ7/Kw2jDLCOZWDA"}},{"h":{"/":{"bytes":"NAHtAe0BE3E"}},"ucan/dlg@1.0.0-rc.1":{"aud":"did:key:z6Mkf4WtCwPDtamsZvBJA4eSVcE7vZuRPy5Skm4HaoQv81i1","cmd":"/foo/bar","exp":7258118400,"iss":"did:key:z6MknUz1mSj4pvS6aUUHekCHdUPv7HBhDyDBZQ2W3Vujc5qC","meta":{"bar":"barr","foo":"fooo"},"nonce":{"/":{"bytes":"NnJvRGhHaTBraU5yaVFBejdKM2QrYk9lb0kvdGo4RU5pa21RTmJ0am5EMA"}},"pol":[["==",".status","draft"],["all",".reviewer",["like",".email","*@example.com"]],["any",".tags",["or",[["==",".","news"],["==",".","press"]]]]],"sub":"did:key:z6MknUz1mSj4pvS6aUUHekCHdUPv7HBhDyDBZQ2W3Vujc5qC"}}] \ No newline at end of file diff --git a/token/interface.go b/token/interface.go index 7a04f36..8e08e59 100644 --- a/token/interface.go +++ b/token/interface.go @@ -4,9 +4,9 @@ import ( "io" "time" + "github.com/MetaMask/go-did-it/crypto" "github.com/ipfs/go-cid" "github.com/ipld/go-ipld-prime/codec" - "github.com/libp2p/go-libp2p/core/crypto" ) type Token interface { @@ -23,21 +23,21 @@ type Token interface { type Marshaller interface { // ToSealed wraps the token in an envelope, generates the signature, encodes // the result to DAG-CBOR and calculates the CID of the resulting binary data. - ToSealed(privKey crypto.PrivKey) ([]byte, cid.Cid, error) + ToSealed(privKey crypto.PrivateKeySigningBytes) ([]byte, cid.Cid, error) // ToSealedWriter is the same as ToSealed but accepts an io.Writer. - ToSealedWriter(w io.Writer, privKey crypto.PrivKey) (cid.Cid, error) + ToSealedWriter(w io.Writer, privKey crypto.PrivateKeySigningBytes) (cid.Cid, error) // Encode marshals a Token to the format specified by the provided codec.Encoder. - Encode(privKey crypto.PrivKey, encFn codec.Encoder) ([]byte, error) + Encode(privKey crypto.PrivateKeySigningBytes, encFn codec.Encoder) ([]byte, error) // EncodeWriter is the same as Encode, but accepts an io.Writer. - EncodeWriter(w io.Writer, privKey crypto.PrivKey, encFn codec.Encoder) error + EncodeWriter(w io.Writer, privKey crypto.PrivateKeySigningBytes, encFn codec.Encoder) error // ToDagCbor marshals the Token to the DAG-CBOR format. - ToDagCbor(privKey crypto.PrivKey) ([]byte, error) + ToDagCbor(privKey crypto.PrivateKeySigningBytes) ([]byte, error) // ToDagCborWriter is the same as ToDagCbor, but it accepts an io.Writer. - ToDagCborWriter(w io.Writer, privKey crypto.PrivKey) error + ToDagCborWriter(w io.Writer, privKey crypto.PrivateKeySigningBytes) error // ToDagJson marshals the Token to the DAG-JSON format. - ToDagJson(privKey crypto.PrivKey) ([]byte, error) + ToDagJson(privKey crypto.PrivateKeySigningBytes) ([]byte, error) // ToDagJsonWriter is the same as ToDagJson, but it accepts an io.Writer. - ToDagJsonWriter(w io.Writer, privKey crypto.PrivKey) error + ToDagJsonWriter(w io.Writer, privKey crypto.PrivateKeySigningBytes) error } // Bundle carries together a decoded token with its Cid and raw signed data. diff --git a/did/didtest/crypto.go b/token/internal/didtest/crypto.go similarity index 60% rename from did/didtest/crypto.go rename to token/internal/didtest/crypto.go index c340344..9836d4d 100644 --- a/did/didtest/crypto.go +++ b/token/internal/didtest/crypto.go @@ -4,20 +4,23 @@ package didtest import ( + "encoding/base64" "fmt" - "github.com/libp2p/go-libp2p/core/crypto" - - "github.com/ucan-wg/go-ucan/did" + "github.com/MetaMask/go-did-it" + didkeyctl "github.com/MetaMask/go-did-it/controller/did-key" + "github.com/MetaMask/go-did-it/crypto" + "github.com/MetaMask/go-did-it/crypto/ed25519" ) const ( - alicePrivKeyB64 = "CAESQHdNJLBBiuc1AdwPHBkubB2KS1p0cv2JEF7m8tfwtrcm5ajaYPm+XmVCmtcHOF2lGDlmaiDA7emfwD3IrcyES0M=" - bobPrivKeyB64 = "CAESQHBz+AIop1g+9iBDj+ufUc/zm9/ry7c6kDFO8Wl/D0+H63V9hC6s9l4npf3pYEFCjBtlR0AMNWMoFQKSlYNKo20=" - carolPrivKeyB64 = "CAESQPrCgkcHnYFXDT9AlAydhPECBEivEuuVx9dJxLjVvDTmJIVNivfzg6H4mAiPfYS+5ryVVUZTHZBzvMuvvvG/Ks0=" - danPrivKeyB64 = "CAESQCgNhzofKhC+7hW6x+fNd7iMPtQHeEmKRhhlduf/I7/TeOEFYAEflbJ0sAhMeDJ/HQXaAvsWgHEbJ3ZLhP8q2B0=" - erinPrivKeyB64 = "CAESQKhCJo5UBpQcthko8DKMFsbdZ+qqQ5oc01CtLCqrE90dF2GfRlrMmot3WPHiHGCmEYi5ZMEHuiSI095e/6O4Bpw=" - frankPrivKeyB64 = "CAESQDlXPKsy3jHh7OWTWQqyZF95Ueac5DKo7xD0NOBE5F2BNr1ZVxRmJ2dBELbOt8KP9sOACcO9qlCB7uMA1UQc7sk=" + // all are ed25519 as base64 + alicePrivKeyB64 = "zth/9cTSUVwlLzfEWwLCcOkaEmjrRGPOI6mOJksWAYZ3Toe7ymxAzDeiseyxbmEpJ81qYM3dZ8XrXqgonnTTEw==" + bobPrivKeyB64 = "+p1REV3MkUnLhUMbFe9RcSsmo33TT/FO85yaV+c6fiYJCBsdiwfMwodlkzSAG3sHQIuZj8qnJ678oJucYy7WEg==" + carolPrivKeyB64 = "aSu3vTwE7z3pXaTaAhVLeizuqnZUJZQHTCSLMLxyZh5LDoZQn80uoQgMEdsbOhR+zIqrjBn5WviGurDkKYVfug==" + danPrivKeyB64 = "s1zM1av6og3o0UMNbEs/RyezS7Nk/jbSYL2Z+xPEw9Cho/KuEAa75Sf4yJHclLwpKXNucbrZ2scE8Iy8K05KWQ==" + erinPrivKeyB64 = "+qHpaAR3iivWMEl+pkXmq+uJeHtqFiY++XOXtZ9Tu/WPABCO+eRFrTCLJykJEzAPGFmkJF8HQ7DMwOH7Ry3Aqw==" + frankPrivKeyB64 = "4k/1N0+Fq73DxmNbGis9PY2KgKxWmtDWhmi1E6sBLuGd7DS0TWjCn1Xa3lXkY49mFszMjhWC+V6DCBf7R68u4Q==" ) // Persona is a generic participant used for cryptographic testing. @@ -36,17 +39,17 @@ const ( PersonaFrank ) -var privKeys map[Persona]crypto.PrivKey +var privKeys map[Persona]crypto.PrivateKeySigningBytes func init() { - privKeys = make(map[Persona]crypto.PrivKey, 6) - for persona, privKeyCfg := range privKeyB64() { - privKeyMar, err := crypto.ConfigDecodeKey(privKeyCfg) + privKeys = make(map[Persona]crypto.PrivateKeySigningBytes, 6) + for persona, pB64 := range privKeyB64() { + privBytes, err := base64.StdEncoding.DecodeString(pB64) if err != nil { return } - privKey, err := crypto.UnmarshalPrivateKey(privKeyMar) + privKey, err := ed25519.PrivateKeyFromBytes(privBytes) if err != nil { return } @@ -57,11 +60,7 @@ func init() { // DID returns a did.DID based on the Persona's Ed25519 public key. func (p Persona) DID() did.DID { - d, err := did.FromPrivKey(p.PrivKey()) - if err != nil { - panic(err) - } - return d + return didkeyctl.FromPrivateKey(p.PrivKey()) } // Name returns the username of the Persona. @@ -82,7 +81,7 @@ func (p Persona) Name() string { } // PrivKey returns the Ed25519 private key for the Persona. -func (p Persona) PrivKey() crypto.PrivKey { +func (p Persona) PrivKey() crypto.PrivateKeySigningBytes { res, ok := privKeys[p] if !ok { panic(fmt.Sprintf("Unknown persona: %v", p)) @@ -99,18 +98,8 @@ func (p Persona) PrivKeyConfig() string { } // PubKey returns the Ed25519 public key for the Persona. -func (p Persona) PubKey() crypto.PubKey { - return p.PrivKey().GetPublic() -} - -// PubKeyConfig returns the marshaled and encoded Ed25519 public key -// for the Persona. -func (p Persona) PubKeyConfig() string { - pubKeyMar, err := crypto.MarshalPublicKey(p.PrivKey().GetPublic()) - if err != nil { - panic(err) - } - return crypto.ConfigEncodeKey(pubKeyMar) +func (p Persona) PubKey() crypto.PublicKey { + return p.PrivKey().Public() } func privKeyB64() map[Persona]string { diff --git a/token/internal/envelope/cid_test.go b/token/internal/envelope/cid_test.go index 9b2d91c..cc9f975 100644 --- a/token/internal/envelope/cid_test.go +++ b/token/internal/envelope/cid_test.go @@ -9,7 +9,6 @@ import ( "github.com/multiformats/go-multihash" "github.com/stretchr/testify/assert" "github.com/stretchr/testify/require" - "gotest.tools/v3/golden" "github.com/ucan-wg/go-ucan/token/internal/envelope" ) @@ -17,11 +16,11 @@ import ( func TestCidFromBytes(t *testing.T) { t.Parallel() - expData := golden.Get(t, "example.dagcbor") + expData := exampleDagCbor expHash, err := multihash.Sum(expData, uint64(multicodec.Sha2_256), -1) require.NoError(t, err) - data, err := envelope.ToDagCbor(examplePrivKey(t), newExample(t)) + data, err := envelope.ToDagCbor(examplePrivKey(t), newExample()) require.NoError(t, err) id, err := envelope.CIDFromBytes(data) diff --git a/token/internal/envelope/example_test.go b/token/internal/envelope/example_test.go index 8644727..3257c95 100644 --- a/token/internal/envelope/example_test.go +++ b/token/internal/envelope/example_test.go @@ -7,6 +7,8 @@ import ( "sync" "testing" + "github.com/MetaMask/go-did-it/crypto" + "github.com/MetaMask/go-did-it/crypto/ed25519" "github.com/ipld/go-ipld-prime" "github.com/ipld/go-ipld-prime/codec/dagcbor" "github.com/ipld/go-ipld-prime/datamodel" @@ -14,32 +16,30 @@ import ( "github.com/ipld/go-ipld-prime/node/basicnode" "github.com/ipld/go-ipld-prime/node/bindnode" "github.com/ipld/go-ipld-prime/schema" - "github.com/libp2p/go-libp2p/core/crypto" "github.com/stretchr/testify/require" - "gotest.tools/v3/golden" "github.com/ucan-wg/go-ucan/token/internal/envelope" ) const ( - exampleCID = "zdpuAyw6R5HvKSPzztuzXNYFx3ZGoMHMuAsXL6u3xLGQriRXQ" - exampleDID = "did:key:z6MkpuK2Amsu1RqcLGgmHHQHhvmeXCCBVsM4XFSg2cCyg4Nh" - exampleGreeting = "world" - examplePrivKeyCfg = "CAESQP9v2uqECTuIi45dyg3znQvsryvf2IXmOF/6aws6aCehm0FVrj0zHR5RZSDxWNjcpcJqsGym3sjCungX9Zt5oA4=" - exampleSignatureStr = "PZV6A2aI7n+MlyADqcqmWhkuyNrgUCDz+qSLSnI9bpasOwOhKUTx95m5Nu5CO/INa1LqzHGioD9+PVf6qdtTBg" - exampleTag = "ucan/example@v1.0.0-rc.1" - exampleTypeName = "Example" - exampleVarsigHeaderStr = "NO0BcQ" + exampleCID = "zdpuAn4jksvc1gc9PLDqHw2NoFq8CBkRVTTo2xFuW2JUPS5DY" + exampleDID = "did:key:z6MkuqvEtTW9L1E91CY3GmL83muetLAA2h8A5fUHjJgqq2Ab" + exampleGreeting = "world" + examplePrivKeyB64 = "V4hh1lcFV43Y6vyOBEVOFTwl1XS/DR0F/kYcz5i6W/DkrUTG8yx09lOwSf36NCHPKSFYv/T1R3WKjNfndgVucA==" + exampleTag = "ucan/example@v1.0.0-rc.1" invalidSignatureStr = "PZV6A2aI7n+MlyADqcqmWhkuyNrgUCDz+qSLSnI9bpasOwOhKUTx95m5Nu5CO/INa1LqzHGioD9+PVf6qdtTBK" - - exampleDAGCBORFilename = "example.dagcbor" - exampleDAGJSONFilename = "example.dagjson" ) //go:embed testdata/example.ipldsch var schemaBytes []byte +//go:embed testdata/example.dagcbor +var exampleDagCbor []byte + +//go:embed testdata/example.dagjson +var exampleDagJson []byte + var ( once sync.Once ts *schema.TypeSystem @@ -59,7 +59,7 @@ func mustLoadSchema() *schema.TypeSystem { } func exampleType() schema.Type { - return mustLoadSchema().TypeByName(exampleTypeName) + return mustLoadSchema().TypeByName("Example") } var _ envelope.Tokener = (*Example)(nil) @@ -69,9 +69,7 @@ type Example struct { Issuer string } -func newExample(t *testing.T) *Example { - t.Helper() - +func newExample() *Example { return &Example{ Hello: exampleGreeting, Issuer: exampleDID, @@ -86,45 +84,30 @@ func (*Example) Tag() string { return exampleTag } -func exampleGoldenNode(t *testing.T) datamodel.Node { +func examplePrivKey(t *testing.T) crypto.PrivateKeySigningBytes { t.Helper() - cbor := golden.Get(t, exampleDAGCBORFilename) - - node, err := ipld.Decode(cbor, dagcbor.Decode) + privBytes, err := base64.StdEncoding.DecodeString(examplePrivKeyB64) require.NoError(t, err) - return node -} - -func examplePrivKey(t *testing.T) crypto.PrivKey { - t.Helper() - - privKeyEnc, err := crypto.ConfigDecodeKey(examplePrivKeyCfg) - require.NoError(t, err) - - privKey, err := crypto.UnmarshalPrivateKey(privKeyEnc) + privKey, err := ed25519.PrivateKeyFromBytes(privBytes) require.NoError(t, err) return privKey } -func exampleSignature(t *testing.T) []byte { - t.Helper() - - sig, err := base64.RawStdEncoding.DecodeString(exampleSignatureStr) - require.NoError(t, err) - - return sig -} - -func invalidNodeFromGolden(t *testing.T) datamodel.Node { +// nodeWithInvalidSignature creates an IPLD node of a token, with an invalid signature +func nodeWithInvalidSignature(t *testing.T) datamodel.Node { t.Helper() invalidSig, err := base64.RawStdEncoding.DecodeString(invalidSignatureStr) require.NoError(t, err) - envelNode := exampleGoldenNode(t) + cbor := exampleDagCbor + + envelNode, err := ipld.Decode(cbor, dagcbor.Decode) + require.NoError(t, err) + sigPayloadNode, err := envelNode.LookupByIndex(1) require.NoError(t, err) diff --git a/token/internal/envelope/ipld.go b/token/internal/envelope/ipld.go index 5b6ed15..fdd5981 100644 --- a/token/internal/envelope/ipld.go +++ b/token/internal/envelope/ipld.go @@ -3,7 +3,7 @@ // a verified [TokenPayload]. // // Encoding functions in this package require a private key as a -// parameter so the VarsigHeader can be set and so that a +// parameter so the VarsigBytes can be set and so that a // cryptographic signature can be generated. // // Decoding functions in this package likewise perform the signature @@ -40,10 +40,10 @@ import ( "github.com/ipld/go-ipld-prime/node/basicnode" "github.com/ipld/go-ipld-prime/node/bindnode" "github.com/ipld/go-ipld-prime/schema" - "github.com/libp2p/go-libp2p/core/crypto" + "github.com/ucan-wg/go-varsig" - "github.com/ucan-wg/go-ucan/did" - "github.com/ucan-wg/go-ucan/token/internal/varsig" + "github.com/MetaMask/go-did-it" + "github.com/MetaMask/go-did-it/crypto" ) const ( @@ -132,7 +132,7 @@ func FromIPLD[T Tokener](node datamodel.Node) (T, error) { } // This needs to be done before converting this node to its schema - // representation (afterwards, the field might be renamed os it's safer + // representation (afterwards, the field might be renamed, so it's safer // to use the wire name). issuerNode, err := info.tokenPayloadNode.LookupByString("iss") if err != nil { @@ -162,7 +162,7 @@ func FromIPLD[T Tokener](node datamodel.Node) (T, error) { } // Check that the issuer's DID contains a public key with a type that - // matches the VarsigHeader and then verify the SigPayload. + // matches the VarsigBytes and then verify the SigPayload. issuer, err := issuerNode.AsString() if err != nil { return zero, err @@ -173,28 +173,36 @@ func FromIPLD[T Tokener](node datamodel.Node) (T, error) { return zero, err } - issuerPubKey, err := issuerDID.PubKey() + // TODO: pass resolution options + issuerDoc, err := issuerDID.Document() if err != nil { return zero, err } - issuerVarsigHeader, err := varsig.Encode(issuerPubKey.Type()) + vsig, err := varsig.Decode(info.VarsigBytes) + if err != nil { + return zero, fmt.Errorf("failed to decode varsig: %w", err) + } + + var data []byte + + switch vsig.PayloadEncoding() { + case varsig.PayloadEncodingDAGCBOR: + // TODO: can we use the already serialized CBOR data here, instead of encoding again the payload? + data, err = ipld.Encode(info.sigPayloadNode, dagcbor.Encode) + case varsig.PayloadEncodingDAGJSON: + data, err = ipld.Encode(info.sigPayloadNode, dagjson.Encode) + default: + return zero, errors.New("unsupported payload encoding") + } if err != nil { return zero, err } - if string(info.VarsigHeader) != string(issuerVarsigHeader) { - return zero, errors.New("the VarsigHeader key type doesn't match the issuer's key type") - } + // TODO: use CapabilityDelegation() or CapabilityInvocation() - // TODO: can we use the already serialized CBOR data here, instead of encoding again the payload? - data, err := ipld.Encode(info.sigPayloadNode, dagcbor.Encode) - if err != nil { - return zero, err - } - - ok, err = issuerPubKey.Verify(data, info.Signature) - if err != nil || !ok { + ok, _ = did.TryAllVerifyBytes(issuerDoc.CapabilityDelegation(), data, info.Signature, crypto.WithVarsig(vsig)) + if !ok { return zero, errors.New("failed to verify the token's signature") } @@ -203,7 +211,7 @@ func FromIPLD[T Tokener](node datamodel.Node) (T, error) { // Encode marshals a Tokener to the format specified by the provided // codec.Encoder. -func Encode(privKey crypto.PrivKey, token Tokener, encFn codec.Encoder) ([]byte, error) { +func Encode(privKey crypto.PrivateKeySigningBytes, token Tokener, encFn codec.Encoder) ([]byte, error) { node, err := ToIPLD(privKey, token) if err != nil { return nil, err @@ -214,7 +222,7 @@ func Encode(privKey crypto.PrivKey, token Tokener, encFn codec.Encoder) ([]byte, // EncodeWriter is the same as Encode but outputs to an io.Writer instead // of encoding into a []byte. -func EncodeWriter(w io.Writer, privKey crypto.PrivKey, token Tokener, encFn codec.Encoder) error { +func EncodeWriter(w io.Writer, privKey crypto.PrivateKeySigningBytes, token Tokener, encFn codec.Encoder) error { node, err := ToIPLD(privKey, token) if err != nil { return err @@ -224,38 +232,36 @@ func EncodeWriter(w io.Writer, privKey crypto.PrivKey, token Tokener, encFn code } // ToDagCbor marshals the Tokener to the DAG-CBOR format. -func ToDagCbor(privKey crypto.PrivKey, token Tokener) ([]byte, error) { +func ToDagCbor(privKey crypto.PrivateKeySigningBytes, token Tokener) ([]byte, error) { return Encode(privKey, token, dagcbor.Encode) } // ToDagCborWriter is the same as ToDagCbor but outputs to an io.Writer // instead of encoding into a []byte. -func ToDagCborWriter(w io.Writer, privKey crypto.PrivKey, token Tokener) error { +func ToDagCborWriter(w io.Writer, privKey crypto.PrivateKeySigningBytes, token Tokener) error { return EncodeWriter(w, privKey, token, dagcbor.Encode) } // ToDagJson marshals the Tokener to the DAG-JSON format. -func ToDagJson(privKey crypto.PrivKey, token Tokener) ([]byte, error) { +func ToDagJson(privKey crypto.PrivateKeySigningBytes, token Tokener) ([]byte, error) { return Encode(privKey, token, dagjson.Encode) } // ToDagJsonWriter is the same as ToDagJson but outputs to an io.Writer // instead of encoding into a []byte. -func ToDagJsonWriter(w io.Writer, privKey crypto.PrivKey, token Tokener) error { +func ToDagJsonWriter(w io.Writer, privKey crypto.PrivateKeySigningBytes, token Tokener) error { return EncodeWriter(w, privKey, token, dagjson.Encode) } // ToIPLD wraps the Tokener in an IPLD datamodel.Node. -func ToIPLD(privKey crypto.PrivKey, token Tokener) (datamodel.Node, error) { +func ToIPLD(privKey crypto.PrivateKeySigningBytes, token Tokener) (datamodel.Node, error) { tokenPayloadNode := bindnode.Wrap(token, token.Prototype().Type()).Representation() - varsigHeader, err := varsig.Encode(privKey.Type()) - if err != nil { - return nil, err - } + opts := []crypto.SigningOption{crypto.WithPayloadEncoding(varsig.PayloadEncodingDAGCBOR)} + vsig := privKey.Varsig(opts...) sigPayloadNode, err := qp.BuildMap(basicnode.Prototype.Any, 2, func(ma datamodel.MapAssembler) { - qp.MapEntry(ma, VarsigHeaderKey, qp.Bytes(varsigHeader)) + qp.MapEntry(ma, VarsigHeaderKey, qp.Bytes(vsig.Encode())) qp.MapEntry(ma, token.Tag(), qp.Node(tokenPayloadNode)) }) @@ -264,7 +270,7 @@ func ToIPLD(privKey crypto.PrivKey, token Tokener) (datamodel.Node, error) { return nil, err } - signature, err := privKey.Sign(data) + signature, err := privKey.SignToBytes(data, opts...) if err != nil { return nil, err } @@ -315,7 +321,7 @@ func FindTag(node datamodel.Node) (string, error) { type Info struct { Tag string Signature []byte - VarsigHeader []byte + VarsigBytes []byte sigPayloadNode datamodel.Node // private, we don't want to expose that tokenPayloadNode datamodel.Node // private, we don't want to expose that } @@ -367,7 +373,7 @@ func Inspect(node datamodel.Node) (Info, error) { switch { case key == VarsigHeaderKey: foundVarsigHeader = true - res.VarsigHeader, err = v.AsBytes() + res.VarsigBytes, err = v.AsBytes() if err != nil { return Info{}, err } diff --git a/token/internal/envelope/ipld_test.go b/token/internal/envelope/ipld_test.go index 3aca88e..28155e3 100644 --- a/token/internal/envelope/ipld_test.go +++ b/token/internal/envelope/ipld_test.go @@ -3,15 +3,16 @@ package envelope_test import ( "bytes" "crypto/sha256" + _ "embed" "encoding/base64" "os" "testing" + _ "github.com/MetaMask/go-did-it/verifiers/did-key" "github.com/ipld/go-ipld-prime" "github.com/ipld/go-ipld-prime/codec/dagcbor" "github.com/stretchr/testify/assert" "github.com/stretchr/testify/require" - "gotest.tools/v3/golden" "github.com/ucan-wg/go-ucan/token/internal/envelope" ) @@ -22,9 +23,7 @@ func TestDecode(t *testing.T) { t.Run("via FromDagCbor", func(t *testing.T) { t.Parallel() - data := golden.Get(t, "example.dagcbor") - - tkn, err := envelope.FromDagCbor[*Example](data) + tkn, err := envelope.FromDagCbor[*Example](exampleDagCbor) require.NoError(t, err) assert.Equal(t, exampleGreeting, tkn.Hello) assert.Equal(t, exampleDID, tkn.Issuer) @@ -33,9 +32,7 @@ func TestDecode(t *testing.T) { t.Run("via FromDagJson", func(t *testing.T) { t.Parallel() - data := golden.Get(t, "example.dagjson") - - tkn, err := envelope.FromDagJson[*Example](data) + tkn, err := envelope.FromDagJson[*Example](exampleDagJson) require.NoError(t, err) assert.Equal(t, exampleGreeting, tkn.Hello) assert.Equal(t, exampleDID, tkn.Issuer) @@ -48,17 +45,17 @@ func TestEncode(t *testing.T) { t.Run("via ToDagCbor", func(t *testing.T) { t.Parallel() - data, err := envelope.ToDagCbor(examplePrivKey(t), newExample(t)) + data, err := envelope.ToDagCbor(examplePrivKey(t), newExample()) require.NoError(t, err) - golden.AssertBytes(t, data, exampleDAGCBORFilename) + require.Equal(t, exampleDagCbor, data) }) t.Run("via ToDagJson", func(t *testing.T) { t.Parallel() - data, err := envelope.ToDagJson(examplePrivKey(t), newExample(t)) + data, err := envelope.ToDagJson(examplePrivKey(t), newExample()) require.NoError(t, err) - golden.Assert(t, string(data), exampleDAGJSONFilename) + require.Equal(t, exampleDagJson, data) }) } @@ -68,14 +65,14 @@ func TestRoundtrip(t *testing.T) { t.Run("via FromDagCbor/ToDagCbor", func(t *testing.T) { t.Parallel() - dataIn := golden.Get(t, exampleDAGCBORFilename) + dataIn := exampleDagCbor tkn, err := envelope.FromDagCbor[*Example](dataIn) require.NoError(t, err) assert.Equal(t, exampleGreeting, tkn.Hello) assert.Equal(t, exampleDID, tkn.Issuer) - dataOut, err := envelope.ToDagCbor(examplePrivKey(t), newExample(t)) + dataOut, err := envelope.ToDagCbor(examplePrivKey(t), newExample()) require.NoError(t, err) assert.Equal(t, dataIn, dataOut) }) @@ -83,7 +80,7 @@ func TestRoundtrip(t *testing.T) { t.Run("via FromDagCborReader/ToDagCborWriter", func(t *testing.T) { t.Parallel() - data := golden.Get(t, exampleDAGCBORFilename) + data := exampleDagCbor tkn, err := envelope.FromDagCborReader[*Example](bytes.NewReader(data)) require.NoError(t, err) @@ -91,21 +88,21 @@ func TestRoundtrip(t *testing.T) { assert.Equal(t, exampleDID, tkn.Issuer) w := &bytes.Buffer{} - require.NoError(t, envelope.ToDagCborWriter(w, examplePrivKey(t), newExample(t))) + require.NoError(t, envelope.ToDagCborWriter(w, examplePrivKey(t), newExample())) assert.Equal(t, data, w.Bytes()) }) t.Run("via FromDagJson/ToDagJson", func(t *testing.T) { t.Parallel() - dataIn := golden.Get(t, exampleDAGJSONFilename) + dataIn := exampleDagJson tkn, err := envelope.FromDagJson[*Example](dataIn) require.NoError(t, err) assert.Equal(t, exampleGreeting, tkn.Hello) assert.Equal(t, exampleDID, tkn.Issuer) - dataOut, err := envelope.ToDagJson(examplePrivKey(t), newExample(t)) + dataOut, err := envelope.ToDagJson(examplePrivKey(t), newExample()) require.NoError(t, err) assert.Equal(t, dataIn, dataOut) }) @@ -113,7 +110,7 @@ func TestRoundtrip(t *testing.T) { t.Run("via FromDagJsonReader/ToDagJsonrWriter", func(t *testing.T) { t.Parallel() - data := golden.Get(t, exampleDAGJSONFilename) + data := exampleDagJson tkn, err := envelope.FromDagJsonReader[*Example](bytes.NewReader(data)) require.NoError(t, err) @@ -121,7 +118,7 @@ func TestRoundtrip(t *testing.T) { assert.Equal(t, exampleDID, tkn.Issuer) w := &bytes.Buffer{} - require.NoError(t, envelope.ToDagJsonWriter(w, examplePrivKey(t), newExample(t))) + require.NoError(t, envelope.ToDagJsonWriter(w, examplePrivKey(t), newExample())) assert.Equal(t, data, w.Bytes()) }) } @@ -129,7 +126,7 @@ func TestRoundtrip(t *testing.T) { func TestFromIPLD_with_invalid_signature(t *testing.T) { t.Parallel() - node := invalidNodeFromGolden(t) + node := nodeWithInvalidSignature(t) tkn, err := envelope.FromIPLD[*Example](node) assert.Nil(t, tkn) require.EqualError(t, err, "failed to verify the token's signature") @@ -158,18 +155,17 @@ func TestHash(t *testing.T) { func TestInspect(t *testing.T) { t.Parallel() - data := golden.Get(t, "example.dagcbor") - node, err := ipld.Decode(data, dagcbor.Decode) + node, err := ipld.Decode(exampleDagCbor, dagcbor.Decode) require.NoError(t, err) - expSig, err := base64.RawStdEncoding.DecodeString("fPqfwL3iFpbw9SvBiq0DIbUurv9o6c36R08tC/yslGrJcwV51ghzWahxdetpEf6T5LCszXX9I/K8khvnmAxjAg") + expSig, err := base64.RawStdEncoding.DecodeString("+xUwgl/5VZcTxx6iePmkrIaZAlxuelHTbeQ5lQIgIV3ZgHS+Jf5BUERB0fvmFfiIfa5A3yMPfEA/7rswYsRRCg") require.NoError(t, err) info, err := envelope.Inspect(node) require.NoError(t, err) assert.Equal(t, expSig, info.Signature) assert.Equal(t, "ucan/example@v1.0.0-rc.1", info.Tag) - assert.Equal(t, []byte{0x34, 0xed, 0x1, 0x71}, info.VarsigHeader) + assert.Equal(t, []byte{0x34, 0x1, 0xed, 0x1, 0xed, 0x1, 0x13, 0x71}, info.VarsigBytes) } func FuzzInspect(f *testing.F) { diff --git a/token/internal/envelope/testdata/example.dagcbor b/token/internal/envelope/testdata/example.dagcbor index d18e26e..4b3c025 100644 --- a/token/internal/envelope/testdata/example.dagcbor +++ b/token/internal/envelope/testdata/example.dagcbor @@ -1 +1,2 @@ -‚X@|úŸÀ½â–ðõ+ÁŠ­!µ.®ÿhéÍúGO- ü¬”jÉsyÖsY¨quëiþ“ä°¬Íuý#ò¼’ç˜ c¢ahD4íqxucan/example@v1.0.0-rc.1¢cissx8did:key:z6MkpuK2Amsu1RqcLGgmHHQHhvmeXCCBVsM4XFSg2cCyg4Nhehelloeworld \ No newline at end of file +‚X@û0‚_ùU—Ç¢xù¤¬†™\nzQÓmä9• !]Ù€t¾%þAPDAÑûæøˆ}®@ß#|@?î»0bÄQ +¢ahH4ííqxucan/example@v1.0.0-rc.1¢cissx8did:key:z6MkuqvEtTW9L1E91CY3GmL83muetLAA2h8A5fUHjJgqq2Abehelloeworld \ No newline at end of file diff --git a/token/internal/envelope/testdata/example.dagjson b/token/internal/envelope/testdata/example.dagjson index 3db25a5..af5c2f4 100644 --- a/token/internal/envelope/testdata/example.dagjson +++ b/token/internal/envelope/testdata/example.dagjson @@ -1 +1 @@ -[{"/":{"bytes":"fPqfwL3iFpbw9SvBiq0DIbUurv9o6c36R08tC/yslGrJcwV51ghzWahxdetpEf6T5LCszXX9I/K8khvnmAxjAg"}},{"h":{"/":{"bytes":"NO0BcQ"}},"ucan/example@v1.0.0-rc.1":{"hello":"world","iss":"did:key:z6MkpuK2Amsu1RqcLGgmHHQHhvmeXCCBVsM4XFSg2cCyg4Nh"}}] \ No newline at end of file +[{"/":{"bytes":"+xUwgl/5VZcTxx6iePmkrIaZAlxuelHTbeQ5lQIgIV3ZgHS+Jf5BUERB0fvmFfiIfa5A3yMPfEA/7rswYsRRCg"}},{"h":{"/":{"bytes":"NAHtAe0BE3E"}},"ucan/example@v1.0.0-rc.1":{"hello":"world","iss":"did:key:z6MkuqvEtTW9L1E91CY3GmL83muetLAA2h8A5fUHjJgqq2Ab"}}] \ No newline at end of file diff --git a/token/internal/parse/parse.go b/token/internal/parse/parse.go index 27af240..04de474 100644 --- a/token/internal/parse/parse.go +++ b/token/internal/parse/parse.go @@ -4,13 +4,14 @@ import ( "fmt" "time" - "github.com/ucan-wg/go-ucan/did" + "github.com/MetaMask/go-did-it" + "github.com/ucan-wg/go-ucan/pkg/policy/limits" ) func OptionalDID(s *string) (did.DID, error) { if s == nil { - return did.Undef, nil + return nil, nil } return did.Parse(*s) } diff --git a/token/internal/parse/parse_test.go b/token/internal/parse/parse_test.go index 9db6474..df380b5 100644 --- a/token/internal/parse/parse_test.go +++ b/token/internal/parse/parse_test.go @@ -4,6 +4,7 @@ import ( "testing" "github.com/stretchr/testify/require" + "github.com/ucan-wg/go-ucan/pkg/policy/limits" ) diff --git a/token/internal/varsig/varsig.go b/token/internal/varsig/varsig.go deleted file mode 100644 index 4645a90..0000000 --- a/token/internal/varsig/varsig.go +++ /dev/null @@ -1,133 +0,0 @@ -// Package varsig implements the portion of the [varsig specification] -// that's needed for the UCAN [Envelope]. -// -// While the [Envelope] specification has a field that's labelled -// "VarsigHeader", this field is actually the prefix, header and segments -// of the body excluding the signature itself (which is a different field -// in the [Envelope]). -// -// Given that [go-ucan] supports a limited number of public key types, -// and that the signature isn't part of the resulting field, the values -// that are used are constants. Note that for key types that are fully -// specified in the [did:key], the [VarsigHeader] field isn't technically -// needed and could theoretically conflict with the DID. -// -// Treating these values as constants has no impact when issuing or -// delegating tokens. When decoding tokens, simply matching the strings -// will allow us to detect errors but won't provide as much detail (e.g. -// we can't indicate that the signature was incorrectly generated from -// a DAG-JSON encoding.) -// -// [varsig specification]: https://github.com/ChainAgnostic/varsig -// [Envelope]:https://github.com/ucan-wg/spec#envelope -// [go-ucan]: https://github.com/ucan-wg/go-ucan -package varsig - -import ( - "encoding/binary" - "errors" - "fmt" - - "github.com/libp2p/go-libp2p/core/crypto/pb" - "github.com/multiformats/go-multicodec" -) - -const ( - Prefix = 0x34 -) - -// ErrUnknownHeader is returned when it's not possible to decode the -// provided string into a libp2p public key type. -var ErrUnknownHeader = errors.New("could not decode unknown header") - -// ErrUnknownKeyType is returned when value provided is not a valid -// libp2p public key type. -var ErrUnknownKeyType = errors.New("could not encode unsupported key type") - -var ( - decMap = headerToKeyType() - encMap = keyTypeToHeader() -) - -// Decode returns either the pb.KeyType associated with the provided Header -// or an error. -// -// Currently, only the four key types supported by the [go-libp2p/core/crypto] -// library are supported. -// -// [go-libp2p/core/crypto]: github.com/libp2p/go-libp2p/core/crypto -func Decode(header []byte) (pb.KeyType, error) { - keyType, ok := decMap[string(header)] - if !ok { - return -1, fmt.Errorf("%w: %s", ErrUnknownHeader, header) - } - - return keyType, nil -} - -// Encode returns either the header associated with the provided pb.KeyType -// or an error indicating the header was unknown. -// -// Currently, only the four key types supported by the [go-libp2p/core/crypto] -// library are supported. -// -// [go-libp2p/core/crypto]: github.com/libp2p/go-libp2p/core/crypto -func Encode(keyType pb.KeyType) ([]byte, error) { - header, ok := encMap[keyType] - if !ok { - return nil, fmt.Errorf("%w: %s", ErrUnknownKeyType, keyType.String()) - } - - return []byte(header), nil -} - -func keyTypeToHeader() map[pb.KeyType]string { - const rsaSigLen = 0x100 - - return map[pb.KeyType]string{ - pb.KeyType_RSA: header( - Prefix, - multicodec.RsaPub, - multicodec.Sha2_256, - rsaSigLen, - multicodec.DagCbor, - ), - pb.KeyType_Ed25519: header( - Prefix, - multicodec.Ed25519Pub, - multicodec.DagCbor, - ), - pb.KeyType_Secp256k1: header( - Prefix, - multicodec.Secp256k1Pub, - multicodec.Sha2_256, - multicodec.DagCbor, - ), - pb.KeyType_ECDSA: header( - Prefix, - multicodec.Es256, - multicodec.Sha2_256, - multicodec.DagCbor, - ), - } -} - -func headerToKeyType() map[string]pb.KeyType { - out := make(map[string]pb.KeyType, len(encMap)) - - for keyType, header := range encMap { - out[header] = keyType - } - - return out -} - -func header(vals ...multicodec.Code) string { - var buf []byte - - for _, val := range vals { - buf = binary.AppendUvarint(buf, uint64(val)) - } - - return string(buf) -} diff --git a/token/internal/varsig/varsig_test.go b/token/internal/varsig/varsig_test.go deleted file mode 100644 index 3b5387a..0000000 --- a/token/internal/varsig/varsig_test.go +++ /dev/null @@ -1,51 +0,0 @@ -package varsig_test - -import ( - "encoding/base64" - "fmt" - "testing" - - "github.com/libp2p/go-libp2p/core/crypto/pb" - "github.com/stretchr/testify/assert" - - "github.com/ucan-wg/go-ucan/token/internal/varsig" -) - -func TestDecode(t *testing.T) { - t.Parallel() - - notAHeader := base64.RawStdEncoding.EncodeToString([]byte("not a header")) - keyType, err := varsig.Decode([]byte(notAHeader)) - assert.Equal(t, pb.KeyType(-1), keyType) - assert.ErrorIs(t, err, varsig.ErrUnknownHeader) -} - -func ExampleDecode() { - hdr, err := base64.RawStdEncoding.DecodeString("NIUkEoACcQ") - if err != nil { - fmt.Println(err.Error()) - - return - } - - keyType, _ := varsig.Decode(hdr) - fmt.Println(keyType.String()) - // Output: - // RSA -} - -func TestEncode(t *testing.T) { - t.Parallel() - - header, err := varsig.Encode(pb.KeyType(99)) - assert.Nil(t, header) - assert.ErrorIs(t, err, varsig.ErrUnknownKeyType) -} - -func ExampleEncode() { - header, _ := varsig.Encode(pb.KeyType_RSA) - fmt.Println(base64.RawStdEncoding.EncodeToString(header)) - - // Output: - // NIUkEoACcQ -} diff --git a/token/invocation/errors.go b/token/invocation/errors.go index 9ea0d8b..730b693 100644 --- a/token/invocation/errors.go +++ b/token/invocation/errors.go @@ -4,13 +4,13 @@ import "errors" // Loading errors var ( - // ErrMissingDelegation + // ErrMissingDelegation is returned when a loader can't find a delegation ErrMissingDelegation = errors.New("loader missing delegation for proof chain") ) // Time bound errors var ( - // ErrTokenExpired is returned if a token is invalid at execution time + // ErrTokenInvalidNow is returned if a token is invalid at execution time ErrTokenInvalidNow = errors.New("token has expired") ) diff --git a/token/invocation/examples_test.go b/token/invocation/examples_test.go index c4f896b..ba03eb8 100644 --- a/token/invocation/examples_test.go +++ b/token/invocation/examples_test.go @@ -7,14 +7,15 @@ import ( "fmt" "time" + "github.com/MetaMask/go-did-it" + didkeyctl "github.com/MetaMask/go-did-it/controller/did-key" + "github.com/MetaMask/go-did-it/crypto/ed25519" "github.com/ipfs/go-cid" "github.com/ipld/go-ipld-prime" "github.com/ipld/go-ipld-prime/codec/dagcbor" "github.com/ipld/go-ipld-prime/codec/dagjson" "github.com/ipld/go-ipld-prime/node/basicnode" - "github.com/libp2p/go-libp2p/core/crypto" - "github.com/ucan-wg/go-ucan/did" "github.com/ucan-wg/go-ucan/pkg/command" "github.com/ucan-wg/go-ucan/token/invocation" ) @@ -60,18 +61,18 @@ func ExampleNew() { fmt.Println(json) // Expected CID and DAG-JSON output: - // CID: bafyreid2n5q45vk4osned7k5huocbe3mxbisonh5vujepqftc5ftr543ae + // CID: bafyreicgyuf6g7geoupyzpo3lgvyvsyhtc6tvnhiajkoo7lmy6woavkhra // Token (pretty DAG-JSON): // [ // { // "/": { - // "bytes": "gvyL7kdSkgmaDpDU/Qj9ohRwxYLCHER52HFMSFEqQqEcQC9qr4JCPP1f/WybvGGuVzYiA0Hx4JO+ohNz8BxUAA" + // "bytes": "nWYKygq0TTooQGdQsfQWwMOCuX7+KYNRSyW8h4AcRoTIJHsYyG/mpU3iBhAdsAGhi8Brnm+/Z0tC2KoC/KUlDA" // } // }, // { // "h": { // "/": { - // "bytes": "NO0BcQ" + // "bytes": "NAHtAe0BE3E" // } // }, // "ucan/inv@1.0.0-rc.1": { @@ -91,8 +92,8 @@ func ExampleNew() { // "uri": "https://example.com/blog/posts" // }, // "cmd": "/crud/create", - // "exp": 1729788921, - // "iss": "did:key:z6MkhniGGyP88eZrq2dpMvUPdS2RQMhTUAWzcu6kVGUvEtCJ", + // "exp": 1753965273, + // "iss": "did:key:z6MknZNRLJ8zD2x5QhFuPsXYKAJ8PJpCe76bC5p7bGZXC5HD", // "meta": { // "env": "development", // "tags": [ @@ -103,7 +104,7 @@ func ExampleNew() { // }, // "nonce": { // "/": { - // "bytes": "2xXPoZwWln1TfXIp" + // "bytes": "y4kwaLuEHOPBUgrl" // } // }, // "prf": [ @@ -117,7 +118,7 @@ func ExampleNew() { // "/": "bafyreibkb66tpo2ixqx3fe5hmekkbuasrod6olt5bwm5u5pi726mduuwlq" // } // ], - // "sub": "did:key:z6MktWuvPvBe5UyHnDGuEdw8aJ5qrhhwLG6jy7cQYM6ckP6P" + // "sub": "did:key:z6MkqEBN9zEGU9Euh9toLGFkTaSguXPavv55yS9m3VnwWeMW" // } // } // ] @@ -144,18 +145,22 @@ func prettyDAGJSON(data []byte) (string, error) { return out.String(), nil } -func setupExampleNew() (privKey crypto.PrivKey, iss, sub did.DID, cmd command.Command, args map[string]any, prf []cid.Cid, meta map[string]any, errs error) { +func setupExampleNew() (privKey ed25519.PrivateKey, iss, sub did.DID, cmd command.Command, args map[string]any, prf []cid.Cid, meta map[string]any, errs error) { var err error - privKey, iss, err = did.GenerateEd25519() + _, privKey, err = ed25519.GenerateKeyPair() if err != nil { - errs = errors.Join(errs, fmt.Errorf("failed to generate Issuer identity: %w", err)) + errs = errors.Join(errs, fmt.Errorf("failed to generate Ed25519 keypair: %w", err)) + return } + iss = didkeyctl.FromPrivateKey(privKey) - _, sub, err = did.GenerateEd25519() + _, privKeySub, err := ed25519.GenerateKeyPair() if err != nil { - errs = errors.Join(errs, fmt.Errorf("failed to generate Subject identity: %w", err)) + errs = errors.Join(errs, fmt.Errorf("failed to generate Ed25519 keypair: %w", err)) + return } + sub = didkeyctl.FromPrivateKey(privKeySub) cmd, err = command.Parse("/crud/create") if err != nil { diff --git a/token/invocation/invocation.go b/token/invocation/invocation.go index 2796120..6696214 100644 --- a/token/invocation/invocation.go +++ b/token/invocation/invocation.go @@ -14,9 +14,9 @@ import ( "strings" "time" + "github.com/MetaMask/go-did-it" "github.com/ipfs/go-cid" - "github.com/ucan-wg/go-ucan/did" "github.com/ucan-wg/go-ucan/pkg/args" "github.com/ucan-wg/go-ucan/pkg/command" "github.com/ucan-wg/go-ucan/pkg/meta" @@ -169,7 +169,7 @@ func (t *Token) Arguments() args.ReadOnly { return t.arguments.ReadOnly() } -// Proof() returns the ordered list of cid.Cid which reference the +// Proof returns the ordered list of cid.Cid which reference the // delegation Tokens that authorize this invocation. // Ordering is from the leaf Delegation (with aud matching the invocation's iss) // to the root delegation. @@ -210,7 +210,7 @@ func (t *Token) IsValidNow() bool { return t.IsValidAt(time.Now()) } -// IsValidNow verifies that the token can be used at the given time, based on expiration or "not before" fields. +// IsValidAt verifies that the token can be used at the given time, based on expiration or "not before" fields. // This does NOT do any other kind of verifications. func (t *Token) IsValidAt(ti time.Time) bool { if t.expiration != nil && ti.After(*t.expiration) { @@ -241,7 +241,7 @@ func (t *Token) validate() error { var errs error requiredDID := func(id did.DID, fieldname string) { - if !id.Defined() { + if id == nil { errs = errors.Join(errs, fmt.Errorf(`a valid did is required for %s: %s`, fieldname, id.String())) } } diff --git a/token/invocation/invocation_test.go b/token/invocation/invocation_test.go index 16ec980..6d34a4c 100644 --- a/token/invocation/invocation_test.go +++ b/token/invocation/invocation_test.go @@ -1,23 +1,25 @@ package invocation_test import ( + _ "embed" "testing" "github.com/ipfs/go-cid" "github.com/stretchr/testify/require" - "github.com/ucan-wg/go-ucan/did/didtest" "github.com/ucan-wg/go-ucan/pkg/args" "github.com/ucan-wg/go-ucan/pkg/command" "github.com/ucan-wg/go-ucan/pkg/policy/policytest" "github.com/ucan-wg/go-ucan/token/delegation/delegationtest" + "github.com/ucan-wg/go-ucan/token/internal/didtest" "github.com/ucan-wg/go-ucan/token/invocation" ) +//go:embed testdata/new.dagjson +var newDagJson []byte + const ( - missingPrivKeyCfg = "CAESQMjRvrEIjpPYRQKmkAGw/pV0XgE958rYa4vlnKJjl1zz/sdnGnyV1xKLJk8D39edyjhHWyqcpgFnozQK62SG16k=" - missingTknCIDStr = "bafyreigwypmw6eul6vadi6g6lnfbsfo2zck7gfzsbjoroqs3djhnzzc7mm" - missingDIDStr = "did:key:z6MkwboxFsH3kEuehBZ5fLkRmxi68yv1u38swA4r9Jm2VRma" + missingTknCIDStr = "bafyreigwypmw6eul6vadi6g6lnfbsfo2zck7gfzsbjoroqs3djhnzzc7mm" ) var emptyArguments = args.New() diff --git a/token/invocation/ipld.go b/token/invocation/ipld.go index 0158de7..677a4f2 100644 --- a/token/invocation/ipld.go +++ b/token/invocation/ipld.go @@ -1,25 +1,23 @@ package invocation import ( - "fmt" "io" + "github.com/MetaMask/go-did-it/crypto" "github.com/ipfs/go-cid" "github.com/ipld/go-ipld-prime" "github.com/ipld/go-ipld-prime/codec" "github.com/ipld/go-ipld-prime/codec/dagcbor" "github.com/ipld/go-ipld-prime/codec/dagjson" "github.com/ipld/go-ipld-prime/datamodel" - "github.com/libp2p/go-libp2p/core/crypto" - "github.com/ucan-wg/go-ucan/did" "github.com/ucan-wg/go-ucan/token/internal/envelope" ) // ToSealed wraps the invocation token in an envelope, generates the // signature, encodes the result to DAG-CBOR and calculates the CID of // the resulting binary data. -func (t *Token) ToSealed(privKey crypto.PrivKey) ([]byte, cid.Cid, error) { +func (t *Token) ToSealed(privKey crypto.PrivateKeySigningBytes) ([]byte, cid.Cid, error) { data, err := t.ToDagCbor(privKey) if err != nil { return nil, cid.Undef, err @@ -34,7 +32,7 @@ func (t *Token) ToSealed(privKey crypto.PrivKey) ([]byte, cid.Cid, error) { } // ToSealedWriter is the same as ToSealed but accepts an io.Writer. -func (t *Token) ToSealedWriter(w io.Writer, privKey crypto.PrivKey) (cid.Cid, error) { +func (t *Token) ToSealedWriter(w io.Writer, privKey crypto.PrivateKeySigningBytes) (cid.Cid, error) { cidWriter := envelope.NewCIDWriter(w) if err := t.ToDagCborWriter(cidWriter, privKey); err != nil { @@ -81,7 +79,7 @@ func FromSealedReader(r io.Reader) (*Token, cid.Cid, error) { // Encode marshals a Token to the format specified by the provided // codec.Encoder. -func (t *Token) Encode(privKey crypto.PrivKey, encFn codec.Encoder) ([]byte, error) { +func (t *Token) Encode(privKey crypto.PrivateKeySigningBytes, encFn codec.Encoder) ([]byte, error) { node, err := t.toIPLD(privKey) if err != nil { return nil, err @@ -91,7 +89,7 @@ func (t *Token) Encode(privKey crypto.PrivKey, encFn codec.Encoder) ([]byte, err } // EncodeWriter is the same as Encode, but accepts an io.Writer. -func (t *Token) EncodeWriter(w io.Writer, privKey crypto.PrivKey, encFn codec.Encoder) error { +func (t *Token) EncodeWriter(w io.Writer, privKey crypto.PrivateKeySigningBytes, encFn codec.Encoder) error { node, err := t.toIPLD(privKey) if err != nil { return err @@ -101,22 +99,22 @@ func (t *Token) EncodeWriter(w io.Writer, privKey crypto.PrivKey, encFn codec.En } // ToDagCbor marshals the Token to the DAG-CBOR format. -func (t *Token) ToDagCbor(privKey crypto.PrivKey) ([]byte, error) { +func (t *Token) ToDagCbor(privKey crypto.PrivateKeySigningBytes) ([]byte, error) { return t.Encode(privKey, dagcbor.Encode) } // ToDagCborWriter is the same as ToDagCbor, but it accepts an io.Writer. -func (t *Token) ToDagCborWriter(w io.Writer, privKey crypto.PrivKey) error { +func (t *Token) ToDagCborWriter(w io.Writer, privKey crypto.PrivateKeySigningBytes) error { return t.EncodeWriter(w, privKey, dagcbor.Encode) } // ToDagJson marshals the Token to the DAG-JSON format. -func (t *Token) ToDagJson(privKey crypto.PrivKey) ([]byte, error) { +func (t *Token) ToDagJson(privKey crypto.PrivateKeySigningBytes) ([]byte, error) { return t.Encode(privKey, dagjson.Encode) } // ToDagJsonWriter is the same as ToDagJson, but it accepts an io.Writer. -func (t *Token) ToDagJsonWriter(w io.Writer, privKey crypto.PrivKey) error { +func (t *Token) ToDagJsonWriter(w io.Writer, privKey crypto.PrivateKeySigningBytes) error { return t.EncodeWriter(w, privKey, dagjson.Encode) } @@ -193,19 +191,10 @@ func FromIPLD(node datamodel.Node) (*Token, error) { return tkn, err } -func (t *Token) toIPLD(privKey crypto.PrivKey) (datamodel.Node, error) { - // sanity check that privKey and issuer are matching - issPub, err := t.issuer.PubKey() - if err != nil { - return nil, err - } - if !issPub.Equals(privKey.GetPublic()) { - return nil, fmt.Errorf("private key doesn't match the issuer") - } - +func (t *Token) toIPLD(privKey crypto.PrivateKeySigningBytes) (datamodel.Node, error) { var aud *string - if t.audience != did.Undef { + if t.audience != nil { a := t.audience.String() aud = &a } diff --git a/token/invocation/options.go b/token/invocation/options.go index 55d1a29..5788c57 100644 --- a/token/invocation/options.go +++ b/token/invocation/options.go @@ -3,9 +3,9 @@ package invocation import ( "time" + "github.com/MetaMask/go-did-it" "github.com/ipfs/go-cid" - "github.com/ucan-wg/go-ucan/did" "github.com/ucan-wg/go-ucan/pkg/args" ) diff --git a/token/invocation/proof.go b/token/invocation/proof.go index 7f91427..d94bc6a 100644 --- a/token/invocation/proof.go +++ b/token/invocation/proof.go @@ -59,7 +59,7 @@ func (t *Token) verifyProofs(delegations []*delegation.Token) error { cmd := t.command iss := t.issuer sub := t.subject - if t.audience.Defined() { + if t.audience != nil { sub = t.audience } @@ -68,13 +68,13 @@ func (t *Token) verifyProofs(delegations []*delegation.Token) error { dlg := delegations[i] // The Subject of each delegation must equal the invocation's Subject (or Audience if defined). - 4f - if dlg.Subject() != sub { + if !dlg.Subject().Equal(sub) { return fmt.Errorf("%w: delegation %s, expected %s, got %s", ErrWrongSub, dlgCid, sub, dlg.Subject()) } // The first proof must be issued to the Invoker (audience DID). - 4c // The Issuer of each delegation must be the Audience in the next one. - 4d - if dlg.Audience() != iss { + if !dlg.Audience().Equal(iss) { return fmt.Errorf("%w: delegation %s, expected %s, got %s", ErrBrokenChain, dlgCid, iss, dlg.Audience()) } iss = dlg.Issuer() @@ -87,7 +87,7 @@ func (t *Token) verifyProofs(delegations []*delegation.Token) error { } // The last prf value must be a root delegation (have the issuer field match the Subject field) - 4e - if last := delegations[len(delegations)-1]; last.Issuer() != last.Subject() { + if last := delegations[len(delegations)-1]; !last.Issuer().Equal(last.Subject()) { return fmt.Errorf("%w: expected %s, got %s", ErrLastNotRoot, last.Subject(), last.Issuer()) } diff --git a/token/invocation/schema_test.go b/token/invocation/schema_test.go index 581979f..5a8c271 100644 --- a/token/invocation/schema_test.go +++ b/token/invocation/schema_test.go @@ -2,27 +2,26 @@ package invocation_test import ( "bytes" + "encoding/base64" "testing" - "github.com/libp2p/go-libp2p/core/crypto" + "github.com/MetaMask/go-did-it/crypto" + "github.com/MetaMask/go-did-it/crypto/ed25519" "github.com/stretchr/testify/assert" "github.com/stretchr/testify/require" - "gotest.tools/v3/golden" - "github.com/ucan-wg/go-ucan/did/didtest" "github.com/ucan-wg/go-ucan/token/internal/envelope" "github.com/ucan-wg/go-ucan/token/invocation" ) const ( - issuerPrivKeyCfg = "CAESQK45xBfqIxRp7ZdRdck3tIJZKocCqvANQc925dCJhFwO7DJNA2j94zkF0TNx5mpXV0s6utfkFdHddWTaPVU6yZc=" - newCID = "zdpuAqY6Zypg4UnpbSUgDvYGneyFaTKaZevzxgSxV4rmv3Fpp" + issuerPrivKeyCfg = "BeAgktAj8irGgWjp4PGk/fV67e5CcML/KRmmHSldco3etP5lRiuYQ+VVO/39ol3XXruJC8deSuBxoEXzgdYpYw==" + newCID = "zdpuB1NjhETofEUp5iYzoHjSc2KKgZvSoT6FBaLMoVzzsxiR1" ) func TestSchemaRoundTrip(t *testing.T) { t.Parallel() - invocationJson := golden.Get(t, "new.dagjson") privKey := privKey(t, issuerPrivKeyCfg) t.Run("via buffers", func(t *testing.T) { @@ -31,7 +30,7 @@ func TestSchemaRoundTrip(t *testing.T) { // format: dagJson --> PayloadModel --> dagCbor --> PayloadModel --> dagJson // function: DecodeDagJson() Seal() Unseal() EncodeDagJson() - p1, err := invocation.FromDagJson(invocationJson) + p1, err := invocation.FromDagJson(newDagJson) require.NoError(t, err) cborBytes, id, err := p1.ToSealed(privKey) @@ -45,13 +44,13 @@ func TestSchemaRoundTrip(t *testing.T) { readJson, err := p2.ToDagJson(privKey) require.NoError(t, err) - assert.JSONEq(t, string(invocationJson), string(readJson)) + assert.JSONEq(t, string(newDagJson), string(readJson)) }) t.Run("via streaming", func(t *testing.T) { t.Parallel() - buf := bytes.NewBuffer(invocationJson) + buf := bytes.NewBuffer(newDagJson) // format: dagJson --> PayloadModel --> dagCbor --> PayloadModel --> dagJson // function: DecodeDagJson() Seal() Unseal() EncodeDagJson() @@ -71,25 +70,15 @@ func TestSchemaRoundTrip(t *testing.T) { readJson := &bytes.Buffer{} require.NoError(t, p2.ToDagJsonWriter(readJson, privKey)) - assert.JSONEq(t, string(invocationJson), readJson.String()) - }) - - t.Run("fails with wrong PrivKey", func(t *testing.T) { - t.Parallel() - - p1, err := invocation.FromDagJson(invocationJson) - require.NoError(t, err) - - _, _, err = p1.ToSealed(didtest.PersonaBob.PrivKey()) - require.EqualError(t, err, "private key doesn't match the issuer") + assert.JSONEq(t, string(newDagJson), readJson.String()) }) } -func privKey(t require.TestingT, privKeyCfg string) crypto.PrivKey { - privKeyMar, err := crypto.ConfigDecodeKey(privKeyCfg) +func privKey(t require.TestingT, privKeyCfg string) crypto.PrivateKeySigningBytes { + privBytes, err := base64.StdEncoding.DecodeString(privKeyCfg) require.NoError(t, err) - privKey, err := crypto.UnmarshalPrivateKey(privKeyMar) + privKey, err := ed25519.PrivateKeyFromBytes(privBytes) require.NoError(t, err) return privKey diff --git a/token/invocation/testdata/new.dagjson b/token/invocation/testdata/new.dagjson index c6a9b3f..00b1b1f 100644 --- a/token/invocation/testdata/new.dagjson +++ b/token/invocation/testdata/new.dagjson @@ -1 +1 @@ -[{"/":{"bytes":"o/vTvTs8SEkD9QL/eNhhW0fAng/SGBouywCbUnOfsF2RFHxaV02KTCyzgDxlJLZ2XN/Vk5igLmlKL3QIXMaeCQ"}},{"h":{"/":{"bytes":"NO0BcQ"}},"ucan/inv@1.0.0-rc.1":{"args":{"headers":{"Content-Type":"application/json"},"payload":{"body":"UCAN is great","draft":true,"title":"UCAN for Fun and Profit","topics":["authz","journal"]},"uri":"https://example.com/blog/posts"},"cmd":"/crud/create","exp":1730812145,"iss":"did:key:z6MkvMGkN5nbUQLBVqJhr13Zdqyh9rR1VuF16PuZbfocBxpv","meta":{"env":"development","tags":["blog","post","pr#123"]},"nonce":{"/":{"bytes":"q1AH6MJrqoTH6av7"}},"prf":[{"/":"bafyreigx3qxd2cndpe66j2mdssj773ecv7tqd7wovcnz5raguw6lj7sjoe"},{"/":"bafyreib34ira254zdqgehz6f2bhwme2ja2re3ltcalejv4x4tkcveujvpa"},{"/":"bafyreibkb66tpo2ixqx3fe5hmekkbuasrod6olt5bwm5u5pi726mduuwlq"}],"sub":"did:key:z6MkuFj35aiTL7YQiVMobuSeUQju92g7wZzufS3HAc6NFFcQ"}}] \ No newline at end of file +[{"/":{"bytes":"tRKNRahqwdyR6OpytuGIdcYI7HxXvKI5I594zznCLbN2C6WP5f8FIfIQlo0Nnqg4xFgKjJGAbIEVqeCZdib1Dw"}},{"h":{"/":{"bytes":"NAHtAe0BE3E"}},"ucan/inv@1.0.0-rc.1":{"args":{"headers":{"Content-Type":"application/json"},"payload":{"body":"UCAN is great","draft":true,"title":"UCAN for Fun and Profit","topics":["authz","journal"]},"uri":"https://example.com/blog/posts"},"cmd":"/crud/create","exp":1753965668,"iss":"did:key:z6MkuScdGeTmbWubyoWWpPmX9wkwdZAshkTcLKb1bf4Cyj8N","meta":{"env":"development","tags":["blog","post","pr#123"]},"nonce":{"/":{"bytes":"BBR5znl7VpRof4ac"}},"prf":[{"/":"bafyreigx3qxd2cndpe66j2mdssj773ecv7tqd7wovcnz5raguw6lj7sjoe"},{"/":"bafyreib34ira254zdqgehz6f2bhwme2ja2re3ltcalejv4x4tkcveujvpa"},{"/":"bafyreibkb66tpo2ixqx3fe5hmekkbuasrod6olt5bwm5u5pi726mduuwlq"}],"sub":"did:key:z6MkuQU8kqxCAUeurotHyrnMgkMUBtJN8ozYxkwctnop4zzB"}}] \ No newline at end of file