WIP

Merge pull request #95 from ucan-wg/minor-impro
Minor impro
2025-01-06 14:24:56 +01:00 · 2024-12-12 16:36:17 +01:00 · 2024-12-12 16:06:01 +01:00 · 2024-12-12 16:05:13 +01:00 · 2024-12-12 16:04:31 +01:00
9 changed files with 60 additions and 16 deletions
--- a/did/didtest/crypto.go
+++ b/did/didtest/crypto.go
@@ -5,10 +5,8 @@ package didtest
 import (
 	"fmt"
 	"testing"
 	"github.com/libp2p/go-libp2p/core/crypto"
 	"github.com/stretchr/testify/require"
 	"github.com/ucan-wg/go-ucan/did"
 )
@@ -92,6 +90,14 @@ func (p Persona) PrivKey() crypto.PrivKey {
 	return res
 }
 func (p Persona) PrivKeyConfig() string {
 	res, ok := privKeyB64()[p]
 	if !ok {
 		panic(fmt.Sprintf("Unknown persona: %v", p))
 	}
 	return res
 }
 // PubKey returns the Ed25519 public key for the Persona.
 func (p Persona) PubKey() crypto.PubKey {
 	return p.PrivKey().GetPublic()
@@ -99,10 +105,11 @@ func (p Persona) PubKey() crypto.PubKey {
 // PubKeyConfig returns the marshaled and encoded Ed25519 public key
 // for the Persona.
-func (p Persona) PubKeyConfig(t *testing.T) string {
+func (p Persona) PubKeyConfig() string {
 	pubKeyMar, err := crypto.MarshalPublicKey(p.PrivKey().GetPublic())
-	require.NoError(t, err)
+	if err != nil {
-
+		panic(err)
 	}
 	return crypto.ConfigEncodeKey(pubKeyMar)
 }
--- a/pkg/args/args.go
+++ b/pkg/args/args.go
@@ -92,6 +92,11 @@ func (a *Args) Include(other Iterator) {
 	}
 }
 // Len return the number of arguments.
 func (a *Args) Len() int {
 	return len(a.Keys)
 }
 // Iter iterates over the args key/values
 func (a *Args) Iter() iter.Seq2[string, ipld.Node] {
 	return func(yield func(string, ipld.Node) bool) {
--- a/pkg/args/readonly.go
+++ b/pkg/args/readonly.go
@@ -14,6 +14,10 @@ func (r ReadOnly) GetNode(key string) (ipld.Node, error) {
 	return r.args.GetNode(key)
 }
 func (r ReadOnly) Len() int {
 	return r.args.Len()
 }
 func (r ReadOnly) Iter() iter.Seq2[string, ipld.Node] {
 	return r.args.Iter()
 }
--- a/pkg/meta/meta.go
+++ b/pkg/meta/meta.go
@@ -10,8 +10,8 @@ import (
 	"github.com/ipld/go-ipld-prime"
 	"github.com/ipld/go-ipld-prime/printer"
 	"github.com/ucan-wg/go-ucan/pkg/meta/internal/crypto"
 	"github.com/ucan-wg/go-ucan/pkg/policy/literal"
 	"github.com/ucan-wg/go-ucan/pkg/secretbox"
 )
 var ErrNotFound = errors.New("key not found in meta")
@@ -63,7 +63,7 @@ func (m *Meta) GetEncryptedString(key string, encryptionKey []byte) (string, err
 		return "", err
 	}
-	decrypted, err := crypto.DecryptStringWithKey(v, encryptionKey)
+	decrypted, err := secretbox.DecryptStringWithKey(v, encryptionKey)
 	if err != nil {
 		return "", err
 	}
@@ -111,7 +111,7 @@ func (m *Meta) GetEncryptedBytes(key string, encryptionKey []byte) ([]byte, erro
 		return nil, err
 	}
-	decrypted, err := crypto.DecryptStringWithKey(v, encryptionKey)
+	decrypted, err := secretbox.DecryptStringWithKey(v, encryptionKey)
 	if err != nil {
 		return nil, err
 	}
@@ -157,12 +157,12 @@ func (m *Meta) AddEncrypted(key string, val any, encryptionKey []byte) error {
 	switch val := val.(type) {
 	case string:
-		encrypted, err = crypto.EncryptWithKey([]byte(val), encryptionKey)
+		encrypted, err = secretbox.EncryptWithKey([]byte(val), encryptionKey)
 		if err != nil {
 			return err
 		}
 	case []byte:
-		encrypted, err = crypto.EncryptWithKey(val, encryptionKey)
+		encrypted, err = secretbox.EncryptWithKey(val, encryptionKey)
 		if err != nil {
 			return err
 		}
@@ -192,6 +192,11 @@ func (m *Meta) Include(other Iterator) {
 	}
 }
 // Len returns the number of key/values.
 func (m *Meta) Len() int {
 	return len(m.Values)
 }
 // Iter iterates over the meta key/values
 func (m *Meta) Iter() iter.Seq2[string, ipld.Node] {
 	return func(yield func(string, ipld.Node) bool) {
--- a/pkg/meta/readonly.go
+++ b/pkg/meta/readonly.go
@@ -43,6 +43,10 @@ func (r ReadOnly) GetNode(key string) (ipld.Node, error) {
 	return r.meta.GetNode(key)
 }
 func (r ReadOnly) Len() int {
 	return r.meta.Len()
 }
 func (r ReadOnly) Iter() iter.Seq2[string, ipld.Node] {
 	return r.meta.Iter()
 }
--- a/pkg/meta/internal/crypto/secretbox.go
+++ b/pkg/meta/internal/crypto/secretbox.go
@@ -1,4 +1,4 @@
-package crypto
+package secretbox
 import (
 	"crypto/rand"
--- a/pkg/meta/internal/crypto/secretbox_test.go
+++ b/pkg/meta/internal/crypto/secretbox_test.go
@@ -1,4 +1,4 @@
-package crypto
+package secretbox
 import (
 	"bytes"
--- a/token/delegation/delegation.go
+++ b/token/delegation/delegation.go
@@ -172,6 +172,25 @@ func (t *Token) IsValidAt(ti time.Time) bool {
 	return true
 }
 // Covers indicate if this token has the power to allow the given sub-delegation.
 // This function only verifies the principals alignment
 func (t *Token) Covers(subDelegation *Token) bool {
 	// The Subject of each delegation must equal the invocation's Subject (or Audience if defined). - 4f
 	if t.Subject() != sub {
 		return fmt.Errorf("%w: delegation %s, expected %s, got %s", ErrWrongSub, dlgCid, sub, dlg.Subject())
 	}
 	// The Issuer of each delegation must be the Audience in the next one. - 4d
 	if t.Audience() != subDelegation.Issuer() {
 		return fmt.Errorf("%w: delegation %s, expected %s, got %s", ErrBrokenChain, dlgCid, iss, dlg.Audience())
 	}
 	// The command of each delegation must "allow" the one before it. - 4g
 	if !dlg.Command().Covers(cmd) {
 		return fmt.Errorf("%w: delegation %s, %s doesn't cover %s", ErrCommandNotCovered, dlgCid, dlg.Command(), cmd)
 	}
 }
 func (t *Token) String() string {
 	var res strings.Builder
--- a/token/invocation/proof.go
+++ b/token/invocation/proof.go
@@ -37,9 +37,9 @@ import (
 //  4. When the proof chain is being validated (verifyProofs below):
 //     a. There must be at least one delegation in the proof chain.
 //     b. All referenced delegations must be available.
-//     c. The first proof must be issued to the Invoker (audience DID).
+//     c. The first proof must be issued to the Invoker.
-//     d. The Issuer of each delegation must be the Audience in the next one.
+//     d. The Issuer of each delegation must be the Audience in the parent delegation.
-//     e. The last token must be a root delegation.
+//     e. The chain must terminate with a root delegation.
 //     f. The Subject of each delegation must equal the invocation's Subject (or Audience if defined)
 //     g. The command of each delegation must "allow" the one before it.
 //
@@ -72,7 +72,7 @@ func (t *Token) verifyProofs(delegations []*delegation.Token) error {
 			return fmt.Errorf("%w: delegation %s, expected %s, got %s", ErrWrongSub, dlgCid, sub, dlg.Subject())
 		}
-		// The first proof must be issued to the Invoker (audience DID). - 4c
+		// The first proof must be issued to the Invoker. - 4c
 		// The Issuer of each delegation must be the Audience in the next one. - 4d
 		if dlg.Audience() != iss {
 			return fmt.Errorf("%w: delegation %s, expected %s, got %s", ErrBrokenChain, dlgCid, iss, dlg.Audience())
Author	SHA1	Message	Date
Michael Muré	fb97653529	WIP	2025-01-06 14:24:56 +01:00
Michael Muré	95bdbc4fc5	Merge pull request #95 from ucan-wg/minor-impro Minor impro	2024-12-12 16:36:17 +01:00
Michael Muré	416345dba9	args,meta: add a Len()	2024-12-12 16:06:01 +01:00
Michael Muré	042d6dc52f	didtest: complete the set of function, finish removing the dependency on testing.T	2024-12-12 16:05:13 +01:00
Michael Muré	8bb3a4f4d0	expose secretbox, notably for the GenerateKey() function that should be public	2024-12-12 16:04:31 +01:00