From 946d7752daeb994d9e8e89996c50b6d39ff19412 Mon Sep 17 00:00:00 2001 From: Patrik Stas Date: Mon, 18 Dec 2023 18:07:20 +0100 Subject: [PATCH] Fix test Signed-off-by: Patrik Stas --- .../did_exchange/state_machine/helpers.rs | 40 +------ aries/aries_vcx/src/utils/didcomm_utils.rs | 105 ++++++++++-------- .../src/utils/encryption_envelope.rs | 6 +- aries/aries_vcx/src/utils/mod.rs | 2 +- aries/aries_vcx/tests/test_did_exchange.rs | 62 +++++------ did_core/did_doc/src/schema/did_doc.rs | 27 +++++ .../schema/service/extra_fields/didcommv2.rs | 1 + .../peer_did/numalgos/numalgo2/encoding.rs | 4 +- .../src/peer_did/numalgos/numalgo2/helpers.rs | 4 +- .../src/peer_did/numalgos/numalgo2/mod.rs | 4 +- 10 files changed, 127 insertions(+), 128 deletions(-) diff --git a/aries/aries_vcx/src/protocols/did_exchange/state_machine/helpers.rs b/aries/aries_vcx/src/protocols/did_exchange/state_machine/helpers.rs index e943013a74..f8c2e3a19a 100644 --- a/aries/aries_vcx/src/protocols/did_exchange/state_machine/helpers.rs +++ b/aries/aries_vcx/src/protocols/did_exchange/state_machine/helpers.rs @@ -68,14 +68,13 @@ pub async fn create_our_did_document( service_endpoint: Url, routing_keys: Vec, ) -> Result<(DidDocument, Key), AriesVcxError> { - let key_ver = generate_keypair(wallet, KeyType::Ed25519).await?; let key_enc = generate_keypair(wallet, KeyType::Ed25519).await?; let service: Service = ServiceDidCommV1::new( Uri::new("#0")?, service_endpoint, 0, - vec![ServiceKeyKind::DidKey(key_enc.clone().try_into()?)], + vec![], routing_keys .into_iter() .map(ServiceKeyKind::Value) @@ -84,12 +83,7 @@ pub async fn create_our_did_document( .try_into()?; info!("Prepared service for peer:did:2 generation: {} ", service); - let mut did_document = did_doc_from_keys( - Default::default(), - key_ver.clone(), - key_enc.clone(), - service, - )?; + let mut did_document = did_doc_from_keys(Default::default(), key_enc.clone(), service)?; info!( "Created did document for peer:did:2 generation: {} ", did_document @@ -101,19 +95,10 @@ pub async fn create_our_did_document( fn did_doc_from_keys( did: Did, - key_ver: Key, key_enc: Key, service: Service, ) -> Result { - let vm_ver_id = DidUrl::from_fragment(key_ver.short_prefixless_fingerprint())?; let vm_ka_id = DidUrl::from_fragment(key_enc.short_prefixless_fingerprint())?; - let vm_ver = VerificationMethod::builder( - vm_ver_id, - did.clone(), - VerificationMethodType::Ed25519VerificationKey2020, - ) - .add_public_key_base58(key_ver.base58()) - .build(); let vm_ka = VerificationMethod::builder( vm_ka_id, did.clone(), @@ -123,8 +108,6 @@ fn did_doc_from_keys( .build(); Ok(DidDocument::builder(did) .add_service(service) - .add_verification_method(vm_ver) - // TODO: Include just reference .add_key_agreement(vm_ka) .build()) } @@ -230,18 +213,12 @@ mod tests { #[tokio::test] async fn test_did_doc_from_keys() { - let key_ver = Key::new( - "7MV7mTpzQekW39mXdPXKnRJn79kkzMvmtaSHZWUSbvt5".into(), - KeyType::Ed25519, - ) - .unwrap(); let key_enc = Key::new( "tyntrez7bCthPqvZUDGwhYB1bSe9HzpLdSeHFpuSwst".into(), KeyType::Ed25519, ) .unwrap(); - let recipient_keys = vec![ServiceKeyKind::DidKey(key_enc.clone().try_into().unwrap())]; let service_endpoint = Url::parse("http://example.com").unwrap(); let routing_keys = vec![ ServiceKeyKind::Value("routing_key1".into()), @@ -251,7 +228,7 @@ mod tests { Uri::new("#service-0").unwrap(), service_endpoint.clone(), 0, - recipient_keys, + vec![], routing_keys, ) .try_into() @@ -259,7 +236,7 @@ mod tests { let did = Did::default(); - let result = did_doc_from_keys(did, key_ver.clone(), key_enc.clone(), service); + let result = did_doc_from_keys(did, key_enc.clone(), service); assert!(result.is_ok()); let did_doc = result.unwrap(); @@ -280,10 +257,6 @@ mod tests { .collect::>() }) .unwrap(); - assert_eq!( - recipient_keys, - vec!["did:key:z6s8D3GAEHVteQMfhS4qBibNXjqS5D79NykfpGdF2VLmAtEysDRs6PEVBChSTTZ"] - ); assert_eq!( ddo_service.extra_field_routing_keys().unwrap(), vec![ @@ -292,10 +265,7 @@ mod tests { ] ); - assert_eq!(did_doc.verification_method().len(), 1); - let verification_method = did_doc.verification_method().first().unwrap(); - assert_eq!(verification_method.public_key().unwrap(), key_ver); - + println!("did_doc: {}", did_doc); assert_eq!(did_doc.key_agreement().len(), 1); match did_doc.key_agreement().first().unwrap() { VerificationMethodKind::Resolved(key_agreement) => { diff --git a/aries/aries_vcx/src/utils/didcomm_utils.rs b/aries/aries_vcx/src/utils/didcomm_utils.rs index 761a12d497..834728934c 100644 --- a/aries/aries_vcx/src/utils/didcomm_utils.rs +++ b/aries/aries_vcx/src/utils/didcomm_utils.rs @@ -1,10 +1,17 @@ -use did_doc::schema::{did_doc::DidDocument, service::extra_fields::ServiceKeyKind}; +use did_doc::schema::{ + did_doc::{diddoc_resolve_first_key_agreement, DidDocument}, + service::extra_fields::ServiceKeyKind, +}; +use public_key::Key; use crate::errors::error::{AriesVcxError, AriesVcxErrorKind, VcxResult}; -fn service_key_to_naked_key(key: &ServiceKeyKind, did_document: &DidDocument) -> VcxResult { +fn resolve_service_key_to_typed_key( + key: &ServiceKeyKind, + did_document: &DidDocument, +) -> VcxResult { match key { - ServiceKeyKind::DidKey(did_key) => Ok(did_key.key().base58()), + ServiceKeyKind::DidKey(did_key) => Ok(did_key.key().clone()), ServiceKeyKind::Reference(reference) => { let verification_method = did_document.dereference_key(reference).ok_or_else(|| { AriesVcxError::from_msg( @@ -18,44 +25,48 @@ fn service_key_to_naked_key(key: &ServiceKeyKind, did_document: &DidDocument) -> format!("Unable to get public key from verification method: {}", err), ) })?; - Ok(key.base58()) + Ok(key) } - ServiceKeyKind::Value(value) => Ok(String::from(value)), + ServiceKeyKind::Value(value) => Ok(Key::new( + value.as_bytes().to_vec(), + public_key::KeyType::Ed25519, + )?), } } -pub fn get_sender_verkey(did_document: &DidDocument) -> VcxResult { - let service = did_document - .service() - .first() - .ok_or_else(|| { - AriesVcxError::from_msg( - AriesVcxErrorKind::InvalidState, - "No Service object found on our did document", - ) - })? - .clone(); - let sender_vk = service - .extra_field_recipient_keys() - .map_err(|err| { - AriesVcxError::from_msg( - AriesVcxErrorKind::InvalidState, - format!( - "Recipient key field found in our did document but had unexpected format, \ - err: {err:?}" - ), - ) - })? - .first() - .ok_or_else(|| { - AriesVcxError::from_msg( - AriesVcxErrorKind::InvalidState, - "Recipient key field but did not have any keys", - ) - })? - .clone(); - let naked_sender_vk = service_key_to_naked_key(&sender_vk, did_document)?; - Ok(naked_sender_vk) +pub fn resolve_base58_key_agreement(did_document: &DidDocument) -> VcxResult { + // note: we possibly don't want to support this, instead rely on key_agreement field + // let service = did_document + // .service() + // .first() + // .ok_or_else(|| { + // AriesVcxError::from_msg( + // AriesVcxErrorKind::InvalidState, + // "No Service object found on our did document", + // ) + // })? + // .clone(); + // let key_base58 = match service.extra_field_recipient_keys() { + // Ok(recipient_keys) => { + // match recipient_keys.first() { + // None => { + // return Err(AriesVcxError::from_msg( + // AriesVcxErrorKind::InvalidState, + // "Recipient key field but did not have any keys", + // )) + // } + // Some(key) => { + // // service_key_to_naked_key(&key, did_document)? + // unimplemented!("Support for 'recipientKeys' has been dropped") + // } + // } + // } + // Err(_err) => { + // + // } + // }; + let key_base58 = diddoc_resolve_first_key_agreement(did_document)?; + Ok(key_base58.base58()) } pub fn get_routing_keys(our_did_doc: &DidDocument) -> VcxResult> { @@ -69,15 +80,15 @@ pub fn get_routing_keys(our_did_doc: &DidDocument) -> VcxResult> { ) })? .clone(); - let routing_keys = service.extra_field_routing_keys().map_err(|err| { - AriesVcxError::from_msg( - AriesVcxErrorKind::InvalidState, - format!("No routing_keys found: {}", err), - ) - })?; - let mut naked_routing_keys = Vec::new(); - for key in routing_keys.iter() { - naked_routing_keys.push(service_key_to_naked_key(key, our_did_doc)?); + match service.extra_field_routing_keys() { + Ok(routing_keys) => { + let mut naked_routing_keys = Vec::new(); + for key in routing_keys.iter() { + naked_routing_keys + .push(resolve_service_key_to_typed_key(key, our_did_doc)?.base58()); + } + Ok(naked_routing_keys) + } + Err(_err) => Ok(Vec::new()), } - Ok(naked_routing_keys) } diff --git a/aries/aries_vcx/src/utils/encryption_envelope.rs b/aries/aries_vcx/src/utils/encryption_envelope.rs index 8aa740d6eb..7e668537ac 100644 --- a/aries/aries_vcx/src/utils/encryption_envelope.rs +++ b/aries/aries_vcx/src/utils/encryption_envelope.rs @@ -10,7 +10,7 @@ use uuid::Uuid; use crate::{ errors::error::prelude::*, - utils::didcomm_utils::{get_routing_keys, get_sender_verkey}, + utils::didcomm_utils::{get_routing_keys, resolve_base58_key_agreement}, }; #[derive(Debug)] @@ -50,8 +50,8 @@ impl EncryptionEnvelope { their_did_doc: &DidDocument, ) -> VcxResult { // get first service, from service get (possibly resolve) recipient key and routing keys - let sender_vk = get_sender_verkey(our_did_doc)?; - let recipient_key = get_sender_verkey(their_did_doc)?; + let sender_vk = resolve_base58_key_agreement(our_did_doc)?; + let recipient_key = resolve_base58_key_agreement(their_did_doc)?; let routing_keys = get_routing_keys(their_did_doc)?; EncryptionEnvelope::create_from_keys( diff --git a/aries/aries_vcx/src/utils/mod.rs b/aries/aries_vcx/src/utils/mod.rs index 5f93511cc6..c396924759 100644 --- a/aries/aries_vcx/src/utils/mod.rs +++ b/aries/aries_vcx/src/utils/mod.rs @@ -20,6 +20,6 @@ pub mod qualifier; #[macro_use] pub mod encryption_envelope; -mod didcomm_utils; +pub mod didcomm_utils; pub mod serialization; pub mod validation; diff --git a/aries/aries_vcx/tests/test_did_exchange.rs b/aries/aries_vcx/tests/test_did_exchange.rs index cd25811897..dd53b8674d 100644 --- a/aries/aries_vcx/tests/test_did_exchange.rs +++ b/aries/aries_vcx/tests/test_did_exchange.rs @@ -13,11 +13,14 @@ use aries_vcx::{ }, states::{requester::request_sent::RequestSent, responder::response_sent::ResponseSent}, transition::transition_result::TransitionResult, - } + }, + utils::{didcomm_utils::resolve_base58_key_agreement, encryption_envelope::EncryptionEnvelope}, }; use aries_vcx_core::ledger::indy_vdr_ledger::DefaultIndyLedgerRead; use did_doc::schema::{ - did_doc::DidDocument, service::typed::didcommv1::ServiceDidCommV1, types::uri::Uri, + did_doc::{diddoc_resolve_first_key_agreement, DidDocument}, + service::typed::didcommv1::ServiceDidCommV1, + types::uri::Uri, }; use did_parser::Did; use did_peer::{ @@ -39,21 +42,9 @@ use crate::utils::test_agent::{ pub mod utils; -fn assert_verification_method(a: DidDocument, b: DidDocument) { - let a_key = a - .verification_method() - .first() - .unwrap() - .public_key() - .unwrap() - .base58(); - let b_key = b - .verification_method() - .first() - .unwrap() - .public_key() - .unwrap() - .base58(); +fn assert_key_agreement(a: DidDocument, b: DidDocument) { + let a_key = diddoc_resolve_first_key_agreement(&a).unwrap(); + let b_key = diddoc_resolve_first_key_agreement(&b).unwrap(); assert_eq!(a_key, b_key); } @@ -171,11 +162,13 @@ async fn did_exchange_test() -> Result<(), Box> { let responder = responder.receive_complete(complete).unwrap(); - assert_verification_method( + info!("Asserting did document of requester"); + assert_key_agreement( requester.our_did_doc().clone(), responder.their_did_doc().clone(), ); - assert_verification_method( + info!("Asserting did document of responder"); + assert_key_agreement( responder.our_did_doc().clone(), requester.their_did_doc().clone(), ); @@ -189,21 +182,22 @@ async fn did_exchange_test() -> Result<(), Box> { requester.their_did_doc() ); - // let data= "Hello world"; - // let m = EncryptionEnvelope::create( - // &agent_invitee.wallet, - // data.as_bytes(), - // &requester.our_did_doc(), - // &requester.their_did_doc() - // ).await?; - // - // info!("Encrypted message: {:?}", m); - // - // let unpacked = EncryptionEnvelope::auth_unpack( - // &agent_invitee.wallet, - // m.0, - // "disabled" - // ).await?; + let data = "Hello world"; + let m = EncryptionEnvelope::create( + &agent_invitee.wallet, + data.as_bytes(), + requester.our_did_doc(), + requester.their_did_doc(), + ) + .await?; + + info!("Encrypted message: {:?}", m); + + let expected_sender_vk = resolve_base58_key_agreement(&requesters_did_document)?; + let unpacked = + EncryptionEnvelope::auth_unpack(&agent_invitee.wallet, m.0, &expected_sender_vk).await?; + + info!("Unpacked message: {:?}", unpacked); Ok(()) } diff --git a/did_core/did_doc/src/schema/did_doc.rs b/did_core/did_doc/src/schema/did_doc.rs index 5309cb4b39..ad44d088f7 100644 --- a/did_core/did_doc/src/schema/did_doc.rs +++ b/did_core/did_doc/src/schema/did_doc.rs @@ -2,6 +2,7 @@ use std::collections::HashMap; use did_parser::{Did, DidUrl}; use display_as_json::Display; +use public_key::Key; use serde::{Deserialize, Serialize}; use serde_json::Value; @@ -107,6 +108,32 @@ impl DidDocument { } } +pub fn diddoc_resolve_first_key_agreement( + did_document: &DidDocument, +) -> Result { + let vm = did_document.key_agreement().first().ok_or_else(|| { + DidDocumentBuilderError::CustomError( + "Expected to find key agreement on did document".to_string(), + ) + })?; + + let key = match vm { + VerificationMethodKind::Resolved(verification_method) => { + verification_method.public_key()? + } + VerificationMethodKind::Resolvable(reference) => { + match did_document.dereference_key(reference) { + None => Err(DidDocumentBuilderError::CustomError(format!( + "Unable to dereference key: {}", + reference + )))?, + Some(verification_method) => verification_method.public_key()?, + } + } + }; + Ok(key) +} + #[derive(Default, Debug)] pub struct DidDocumentBuilder { id: Did, diff --git a/did_core/did_doc/src/schema/service/extra_fields/didcommv2.rs b/did_core/did_doc/src/schema/service/extra_fields/didcommv2.rs index 279423b78b..c113f0c9f5 100644 --- a/did_core/did_doc/src/schema/service/extra_fields/didcommv2.rs +++ b/did_core/did_doc/src/schema/service/extra_fields/didcommv2.rs @@ -7,6 +7,7 @@ use crate::schema::service::extra_fields::{ServiceAcceptType, ServiceKeyKind}; #[serde(rename_all = "camelCase")] #[serde(deny_unknown_fields)] pub struct ExtraFieldsDidCommV2 { + #[serde(skip_serializing_if = "Vec::is_empty")] routing_keys: Vec, #[serde(default)] accept: Vec, diff --git a/did_core/did_methods/did_peer/src/peer_did/numalgos/numalgo2/encoding.rs b/did_core/did_methods/did_peer/src/peer_did/numalgos/numalgo2/encoding.rs index 31b9201624..e8c25c1152 100644 --- a/did_core/did_methods/did_peer/src/peer_did/numalgos/numalgo2/encoding.rs +++ b/did_core/did_methods/did_peer/src/peer_did/numalgos/numalgo2/encoding.rs @@ -128,15 +128,15 @@ mod tests { use did_doc::schema::{ service::{ extra_fields::{didcommv2::ExtraFieldsDidCommV2, ServiceKeyKind}, + typed::ServiceType, Service, }, types::uri::Uri, + utils::OneOrList, verification_method::{VerificationMethod, VerificationMethodType}, }; use did_parser::DidUrl; use pretty_assertions::assert_eq; - use did_doc::schema::service::typed::ServiceType; - use did_doc::schema::utils::OneOrList; use super::*; use crate::{ diff --git a/did_core/did_methods/did_peer/src/peer_did/numalgos/numalgo2/helpers.rs b/did_core/did_methods/did_peer/src/peer_did/numalgos/numalgo2/helpers.rs index e271235731..80296d8857 100644 --- a/did_core/did_methods/did_peer/src/peer_did/numalgos/numalgo2/helpers.rs +++ b/did_core/did_methods/did_peer/src/peer_did/numalgos/numalgo2/helpers.rs @@ -1,7 +1,5 @@ use base64::{engine::general_purpose::STANDARD_NO_PAD, Engine}; -use did_doc::schema::{ - did_doc::DidDocumentBuilder, -}; +use did_doc::schema::did_doc::DidDocumentBuilder; use did_parser::Did; use public_key::Key; diff --git a/did_core/did_methods/did_peer/src/peer_did/numalgos/numalgo2/mod.rs b/did_core/did_methods/did_peer/src/peer_did/numalgos/numalgo2/mod.rs index 81476cd232..56a69c7c3d 100644 --- a/did_core/did_methods/did_peer/src/peer_did/numalgos/numalgo2/mod.rs +++ b/did_core/did_methods/did_peer/src/peer_did/numalgos/numalgo2/mod.rs @@ -5,9 +5,7 @@ use sha256::digest; use crate::{ error::DidPeerError, peer_did::{ - numalgos::{ - numalgo2::helpers::didpeer_elements_to_diddoc, numalgo3::Numalgo3, Numalgo, - }, + numalgos::{numalgo2::helpers::didpeer_elements_to_diddoc, numalgo3::Numalgo3, Numalgo}, FromDidDoc, PeerDid, }, resolver::options::PublicKeyEncoding,