From e23b2a7a2ccd4aa86089ab0dec8c1807461efa4e Mon Sep 17 00:00:00 2001 From: Henry Tsai Date: Mon, 18 Sep 2023 12:54:38 -0700 Subject: [PATCH] Replaced SignatureInput with Signer --- README.md | 8 +- src/core/dwn-error.ts | 4 +- src/core/message.ts | 4 +- src/index.ts | 1 - src/interfaces/events-get.ts | 6 +- src/interfaces/hooks-write.ts | 6 +- src/interfaces/messages-get.ts | 6 +- src/interfaces/permissions-grant.ts | 12 +- src/interfaces/permissions-request.ts | 6 +- src/interfaces/permissions-revoke.ts | 6 +- src/interfaces/protocols-configure.ts | 6 +- src/interfaces/protocols-query.ts | 9 +- src/interfaces/records-delete.ts | 6 +- src/interfaces/records-query.ts | 8 +- src/interfaces/records-read.ts | 10 +- src/interfaces/records-write.ts | 71 ++++---- src/interfaces/snapshots-create.ts | 6 +- src/jose/jws/general/builder.ts | 17 +- src/types/jws-types.ts | 34 ---- src/types/signer.ts | 19 ++- src/utils/jws.ts | 26 ++- src/utils/private-key-signer.ts | 40 ++++- tests/dwn.spec.ts | 2 +- tests/handlers/permissions-grant.spec.ts | 8 +- tests/handlers/protocols-configure.spec.ts | 8 +- tests/handlers/protocols-query.spec.ts | 4 +- tests/handlers/records-delete.spec.ts | 30 ++-- tests/handlers/records-query.spec.ts | 4 +- tests/handlers/records-read.spec.ts | 108 ++++++------ tests/handlers/records-write.spec.ts | 58 +++---- tests/interfaces/events-get.spec.ts | 14 +- tests/interfaces/messages-get.spec.ts | 20 +-- tests/interfaces/permissions-grant.spec.ts | 50 ++---- tests/interfaces/permissions-request.spec.ts | 10 +- tests/interfaces/protocols-configure.spec.ts | 24 +-- tests/interfaces/protocols-query.spec.ts | 18 +- tests/interfaces/records-delete.spec.ts | 10 +- tests/interfaces/records-query.spec.ts | 30 ++-- tests/interfaces/records-read.spec.ts | 28 +-- tests/interfaces/records-write.spec.ts | 171 +++++++++---------- tests/interfaces/snapshots-create.spec.ts | 4 +- tests/jose/jws/general.spec.ts | 38 ++--- tests/utils/test-data-generator.ts | 54 +++--- 43 files changed, 493 insertions(+), 511 deletions(-) diff --git a/README.md b/README.md index e35a98c9b..86f3c4f25 100644 --- a/README.md +++ b/README.md @@ -3,7 +3,7 @@ # Decentralized Web Node (DWN) SDK Code Coverage -![Statements](https://img.shields.io/badge/statements-97.69%25-brightgreen.svg?style=flat) ![Branches](https://img.shields.io/badge/branches-94.87%25-brightgreen.svg?style=flat) ![Functions](https://img.shields.io/badge/functions-94.16%25-brightgreen.svg?style=flat) ![Lines](https://img.shields.io/badge/lines-97.69%25-brightgreen.svg?style=flat) +![Statements](https://img.shields.io/badge/statements-97.54%25-brightgreen.svg?style=flat) ![Branches](https://img.shields.io/badge/branches-94.52%25-brightgreen.svg?style=flat) ![Functions](https://img.shields.io/badge/functions-94.2%25-brightgreen.svg?style=flat) ![Lines](https://img.shields.io/badge/lines-97.54%25-brightgreen.svg?style=flat) - [Introduction](#introduction) - [Installation](#installation) @@ -92,7 +92,7 @@ DWN SDK includes a polyfilled distribution that can imported in a `module` scrip dataFormat: 'application/json', published: true, schema: 'yeeter/post', - authorizationSignatureInput: Jws.createSignatureInput(didKey) + authorizationSigner: Jws.createSigner(didKey) }); // get the DWN to process the RecordsWrite @@ -191,7 +191,7 @@ const recordsWrite = await RecordsWrite.create({ dataFormat: 'application/json', published: true, schema: 'yeeter/post', - authorizationSignatureInput: Jws.createSignatureInput(didKey) + authorizationSigner: Jws.createSigner(didKey) }); // get the DWN to process the RecordsWrite @@ -249,7 +249,7 @@ const signer = new CustomSigner(); const options: RecordsWriteOptions = { ... - authorizationSignatureInput : { + authorizationSigner : { signer, protectedHeader: { alg: 'EdDSA', kid: 'did:example:alice#key1' } // see https://www.iana.org/assignments/jose/jose.xhtml for valid signature `alg` values } diff --git a/src/core/dwn-error.ts b/src/core/dwn-error.ts index e50b3b6b1..0d6b8137c 100644 --- a/src/core/dwn-error.ts +++ b/src/core/dwn-error.ts @@ -31,6 +31,8 @@ export enum DwnErrorCode { PermissionsGrantUnauthorizedGrant = 'PermissionsGrantUnauthorizedGrant', PermissionsRevokeMissingPermissionsGrant = 'PermissionsRevokeMissingPermissionsGrant', PermissionsRevokeUnauthorizedRevoke = 'PermissionsRevokeUnauthorizedRevoke', + PrivateKeySignerUnableToDeduceAlgorithm = 'PrivateKeySignerUnableToDeduceAlgorithm', + PrivateKeySignerUnableToDeduceKeyId = 'PrivateKeySignerUnableToDeduceKeyId', PrivateKeySignerUnsupportedCurve = 'PrivateKeySignerUnsupportedCurve', ProtocolAuthorizationActionNotAllowed = 'ProtocolAuthorizationActionNotAllowed', ProtocolAuthorizationIncorrectDataFormat = 'ProtocolAuthorizationIncorrectDataFormat', @@ -57,7 +59,7 @@ export enum DwnErrorCode { RecordsWriteGetEntryIdUndefinedAuthor = 'RecordsWriteGetEntryIdUndefinedAuthor', RecordsWriteDataCidMismatch = 'RecordsWriteDataCidMismatch', RecordsWriteDataSizeMismatch = 'RecordsWriteDataSizeMismatch', - RecordsWriteMissingAuthorizationSignatureInput = 'RecordsWriteMissingAuthorizationSignatureInput', + RecordsWriteMissingauthorizationSigner = 'RecordsWriteMissingauthorizationSigner', RecordsWriteMissingDataInPrevious = 'RecordsWriteMissingDataInPrevious', RecordsWriteMissingDataAssociation = 'RecordsWriteMissingDataAssociation', RecordsWriteMissingDataStream = 'RecordsWriteMissingDataStream', diff --git a/src/core/message.ts b/src/core/message.ts index f334d111d..c070fa0ab 100644 --- a/src/core/message.ts +++ b/src/core/message.ts @@ -1,5 +1,5 @@ import type { GeneralJws } from '../types/jws-types.js'; -import type { SignatureInput } from '../types/jws-types.js'; +import type { Signer } from '../types/signer.js'; import type { BaseAuthorizationPayload, Descriptor, GenericMessage } from '../types/message-types.js'; import { Cid } from '../utils/cid.js'; @@ -138,7 +138,7 @@ export abstract class Message { */ public static async signAsAuthorization( descriptor: Descriptor, - signatureInput: SignatureInput, + signatureInput: Signer, permissionsGrantId?: string, ): Promise { const descriptorCid = await Cid.computeCid(descriptor); diff --git a/src/index.ts b/src/index.ts index ca5b6e14f..615d5b4e9 100644 --- a/src/index.ts +++ b/src/index.ts @@ -47,7 +47,6 @@ export { RecordsDelete, RecordsDeleteOptions } from './interfaces/records-delete export { RecordsRead, RecordsReadOptions } from './interfaces/records-read.js'; export { SnapshotsCreate, SnapshotsCreateOptions } from './interfaces/snapshots-create.js'; export { Secp256k1 } from './utils/secp256k1.js'; -export { SignatureInput } from './types/jws-types.js'; export { Signer } from './types/signer.js'; export { DataStoreLevel } from './store/data-store-level.js'; export { EventLogLevel } from './event-log/event-log-level.js'; diff --git a/src/interfaces/events-get.ts b/src/interfaces/events-get.ts index b687df3a9..47f350e68 100644 --- a/src/interfaces/events-get.ts +++ b/src/interfaces/events-get.ts @@ -1,4 +1,4 @@ -import type { SignatureInput } from '../types/jws-types.js'; +import type { Signer } from '../types/signer.js'; import type { EventsGetDescriptor, EventsGetMessage } from '../types/event-types.js'; import { getCurrentTimeInHighPrecision } from '../utils/time.js'; @@ -7,7 +7,7 @@ import { DwnInterfaceName, DwnMethodName, Message } from '../core/message.js'; export type EventsGetOptions = { watermark?: string; - authorizationSignatureInput: SignatureInput; + authorizationSigner: Signer; messageTimestamp?: string; }; @@ -31,7 +31,7 @@ export class EventsGet extends Message { descriptor.watermark = options.watermark; } - const authorization = await Message.signAsAuthorization(descriptor, options.authorizationSignatureInput); + const authorization = await Message.signAsAuthorization(descriptor, options.authorizationSigner); const message = { descriptor, authorization }; Message.validateJsonSchema(message); diff --git a/src/interfaces/hooks-write.ts b/src/interfaces/hooks-write.ts index c291a6b26..273fadb32 100644 --- a/src/interfaces/hooks-write.ts +++ b/src/interfaces/hooks-write.ts @@ -1,4 +1,4 @@ -import type { SignatureInput } from '../types/jws-types.js'; +import type { Signer } from '../types/signer.js'; import type { HooksWriteDescriptor, HooksWriteMessage } from '../types/hooks-types.js'; import { getCurrentTimeInHighPrecision } from '../utils/time.js'; @@ -19,7 +19,7 @@ export type HooksWriteOptions = { filter: { method: string, }, - authorizationSignatureInput: SignatureInput; + authorizationSigner: Signer; }; /** @@ -43,7 +43,7 @@ export class HooksWrite extends Message { // Error: `undefined` is not supported by the IPLD Data Model and cannot be encoded removeUndefinedProperties(descriptor); - const authorization = await Message.signAsAuthorization(descriptor, options.authorizationSignatureInput); + const authorization = await Message.signAsAuthorization(descriptor, options.authorizationSigner); const message = { descriptor, authorization }; Message.validateJsonSchema(message); diff --git a/src/interfaces/messages-get.ts b/src/interfaces/messages-get.ts index 20072150c..b1d49c56a 100644 --- a/src/interfaces/messages-get.ts +++ b/src/interfaces/messages-get.ts @@ -1,4 +1,4 @@ -import type { SignatureInput } from '../types/jws-types.js'; +import type { Signer } from '../types/signer.js'; import type { MessagesGetDescriptor, MessagesGetMessage } from '../types/messages-types.js'; import { Cid } from '../utils/cid.js'; @@ -8,7 +8,7 @@ import { DwnInterfaceName, DwnMethodName, Message } from '../core/message.js'; export type MessagesGetOptions = { messageCids: string[]; - authorizationSignatureInput: SignatureInput; + authorizationSigner: Signer; messageTimestamp?: string; }; @@ -30,7 +30,7 @@ export class MessagesGet extends Message { messageTimestamp : options?.messageTimestamp ?? getCurrentTimeInHighPrecision(), }; - const authorization = await Message.signAsAuthorization(descriptor, options.authorizationSignatureInput); + const authorization = await Message.signAsAuthorization(descriptor, options.authorizationSigner); const message = { descriptor, authorization }; Message.validateJsonSchema(message); diff --git a/src/interfaces/permissions-grant.ts b/src/interfaces/permissions-grant.ts index 3253423f0..16a1a59af 100644 --- a/src/interfaces/permissions-grant.ts +++ b/src/interfaces/permissions-grant.ts @@ -1,5 +1,5 @@ import type { PermissionsRequest } from './permissions-request.js'; -import type { SignatureInput } from '../types/jws-types.js'; +import type { Signer } from '../types/signer.js'; import type { PermissionConditions, PermissionScope, RecordsPermissionScope } from '../types/permissions-types.js'; import type { PermissionsGrantDescriptor, PermissionsGrantMessage } from '../types/permissions-types.js'; @@ -19,7 +19,7 @@ export type PermissionsGrantOptions = { permissionsRequestId?: string; scope: PermissionScope; conditions?: PermissionConditions; - authorizationSignatureInput: SignatureInput; + authorizationSigner: Signer; }; export type CreateFromPermissionsRequestOverrides = { @@ -60,7 +60,7 @@ export class PermissionsGrant extends Message { // Error: `undefined` is not supported by the IPLD Data Model and cannot be encoded removeUndefinedProperties(descriptor); - const authorization = await Message.signAsAuthorization(descriptor, options.authorizationSignatureInput); + const authorization = await Message.signAsAuthorization(descriptor, options.authorizationSigner); const message: PermissionsGrantMessage = { descriptor, authorization }; Message.validateJsonSchema(message); @@ -72,12 +72,12 @@ export class PermissionsGrant extends Message { /** * generates a PermissionsGrant using the provided PermissionsRequest * @param permissionsRequest - * @param authorizationSignatureInput - the private key and additional signature material of the grantor + * @param authorizationSigner - the private key and additional signature material of the grantor * @param overrides - overrides that will be used instead of the properties in `permissionsRequest` */ public static async createFromPermissionsRequest( permissionsRequest: PermissionsRequest, - authorizationSignatureInput: SignatureInput, + authorizationSigner: Signer, overrides: CreateFromPermissionsRequestOverrides, ): Promise { const descriptor = permissionsRequest.message.descriptor; @@ -90,7 +90,7 @@ export class PermissionsGrant extends Message { permissionsRequestId : await Message.getCid(permissionsRequest.message), scope : overrides.scope ?? descriptor.scope, conditions : overrides.conditions ?? descriptor.conditions, - authorizationSignatureInput, + authorizationSigner, }); } diff --git a/src/interfaces/permissions-request.ts b/src/interfaces/permissions-request.ts index 34b7c4215..e154a9c02 100644 --- a/src/interfaces/permissions-request.ts +++ b/src/interfaces/permissions-request.ts @@ -1,4 +1,4 @@ -import type { SignatureInput } from '../types/jws-types.js'; +import type { Signer } from '../types/signer.js'; import type { PermissionConditions, PermissionScope } from '../types/permissions-types.js'; import type { PermissionsRequestDescriptor, PermissionsRequestMessage } from '../types/permissions-types.js'; @@ -15,7 +15,7 @@ export type PermissionsRequestOptions = { grantedFor: string; scope: PermissionScope; conditions?: PermissionConditions; - authorizationSignatureInput: SignatureInput; + authorizationSigner: Signer; }; export class PermissionsRequest extends Message { @@ -43,7 +43,7 @@ export class PermissionsRequest extends Message { // Error: `undefined` is not supported by the IPLD Data Model and cannot be encoded removeUndefinedProperties(descriptor); - const auth = await Message.signAsAuthorization(descriptor, options.authorizationSignatureInput); + const auth = await Message.signAsAuthorization(descriptor, options.authorizationSigner); const message: PermissionsRequestMessage = { descriptor, authorization: auth }; Message.validateJsonSchema(message); diff --git a/src/interfaces/permissions-revoke.ts b/src/interfaces/permissions-revoke.ts index 43635e97e..4817150d8 100644 --- a/src/interfaces/permissions-revoke.ts +++ b/src/interfaces/permissions-revoke.ts @@ -1,4 +1,4 @@ -import type { SignatureInput } from '../types/jws-types.js'; +import type { Signer } from '../types/signer.js'; import type { PermissionsGrantMessage, PermissionsRevokeDescriptor, PermissionsRevokeMessage } from '../types/permissions-types.js'; import { getCurrentTimeInHighPrecision } from '../utils/time.js'; @@ -9,7 +9,7 @@ import { DwnInterfaceName, DwnMethodName, Message } from '../core/message.js'; export type PermissionsRevokeOptions = { messageTimestamp?: string; permissionsGrantId: string; - authorizationSignatureInput: SignatureInput; + authorizationSigner: Signer; }; export class PermissionsRevoke extends Message { @@ -27,7 +27,7 @@ export class PermissionsRevoke extends Message { permissionsGrantId : options.permissionsGrantId, }; - const authorization = await Message.signAsAuthorization(descriptor, options.authorizationSignatureInput); + const authorization = await Message.signAsAuthorization(descriptor, options.authorizationSigner); const message: PermissionsRevokeMessage = { descriptor, authorization }; Message.validateJsonSchema(message); diff --git a/src/interfaces/protocols-configure.ts b/src/interfaces/protocols-configure.ts index cdda8b70a..8bdbfcd8d 100644 --- a/src/interfaces/protocols-configure.ts +++ b/src/interfaces/protocols-configure.ts @@ -1,4 +1,4 @@ -import type { SignatureInput } from '../types/jws-types.js'; +import type { Signer } from '../types/signer.js'; import type { ProtocolDefinition, ProtocolsConfigureDescriptor, ProtocolsConfigureMessage } from '../types/protocols-types.js'; import { getCurrentTimeInHighPrecision } from '../utils/time.js'; @@ -9,7 +9,7 @@ import { normalizeProtocolUrl, normalizeSchemaUrl, validateProtocolUrlNormalized export type ProtocolsConfigureOptions = { messageTimestamp? : string; definition : ProtocolDefinition; - authorizationSignatureInput: SignatureInput; + authorizationSigner: Signer; permissionsGrantId?: string; }; @@ -32,7 +32,7 @@ export class ProtocolsConfigure extends Message { definition : ProtocolsConfigure.normalizeDefinition(options.definition) }; - const authorization = await Message.signAsAuthorization(descriptor, options.authorizationSignatureInput, options.permissionsGrantId); + const authorization = await Message.signAsAuthorization(descriptor, options.authorizationSigner, options.permissionsGrantId); const message = { descriptor, authorization }; Message.validateJsonSchema(message); diff --git a/src/interfaces/protocols-query.ts b/src/interfaces/protocols-query.ts index 3fbb0dd13..3c8127139 100644 --- a/src/interfaces/protocols-query.ts +++ b/src/interfaces/protocols-query.ts @@ -1,5 +1,6 @@ +import type { GeneralJws } from '../types/jws-types.js'; import type { MessageStore } from '../types/message-store.js'; -import type { GeneralJws, SignatureInput } from '../types/jws-types.js'; +import type { Signer } from '../types/signer.js'; import type { ProtocolsQueryDescriptor, ProtocolsQueryFilter, ProtocolsQueryMessage } from '../types/protocols-types.js'; import { getCurrentTimeInHighPrecision } from '../utils/time.js'; @@ -14,7 +15,7 @@ import { DwnError, DwnErrorCode } from '../core/dwn-error.js'; export type ProtocolsQueryOptions = { messageTimestamp?: string; filter?: ProtocolsQueryFilter, - authorizationSignatureInput?: SignatureInput; + authorizationSigner?: Signer; permissionsGrantId?: string; }; @@ -46,8 +47,8 @@ export class ProtocolsQuery extends Message { // only generate the `authorization` property if signature input is given let authorization: GeneralJws | undefined; - if (options.authorizationSignatureInput !== undefined) { - authorization = await Message.signAsAuthorization(descriptor, options.authorizationSignatureInput, options.permissionsGrantId); + if (options.authorizationSigner !== undefined) { + authorization = await Message.signAsAuthorization(descriptor, options.authorizationSigner, options.permissionsGrantId); } const message = { descriptor, authorization }; diff --git a/src/interfaces/records-delete.ts b/src/interfaces/records-delete.ts index 04f4e4f08..2a0366eec 100644 --- a/src/interfaces/records-delete.ts +++ b/src/interfaces/records-delete.ts @@ -2,7 +2,7 @@ import type { RecordsDeleteDescriptor, RecordsDeleteMessage } from '../types/rec import { getCurrentTimeInHighPrecision } from '../utils/time.js'; import { Message } from '../core/message.js'; -import type { SignatureInput } from '../types/jws-types.js'; +import type { Signer } from '../types/signer.js'; import { authorize, validateAuthorizationIntegrity } from '../core/auth.js'; import { DwnInterfaceName, DwnMethodName } from '../core/message.js'; @@ -10,7 +10,7 @@ import { DwnInterfaceName, DwnMethodName } from '../core/message.js'; export type RecordsDeleteOptions = { recordId: string; messageTimestamp?: string; - authorizationSignatureInput: SignatureInput; + authorizationSigner: Signer; }; export class RecordsDelete extends Message { @@ -38,7 +38,7 @@ export class RecordsDelete extends Message { messageTimestamp : options.messageTimestamp ?? currentTime }; - const authorization = await Message.signAsAuthorization(descriptor, options.authorizationSignatureInput); + const authorization = await Message.signAsAuthorization(descriptor, options.authorizationSigner); const message: RecordsDeleteMessage = { descriptor, authorization }; Message.validateJsonSchema(message); diff --git a/src/interfaces/records-query.ts b/src/interfaces/records-query.ts index 105d302c8..1e67ecd6c 100644 --- a/src/interfaces/records-query.ts +++ b/src/interfaces/records-query.ts @@ -1,5 +1,5 @@ import type { Pagination } from '../types/message-types.js'; -import type { SignatureInput } from '../types/jws-types.js'; +import type { Signer } from '../types/signer.js'; import type { RecordsFilter, RecordsQueryDescriptor, RecordsQueryMessage } from '../types/records-types.js'; import { getCurrentTimeInHighPrecision } from '../utils/time.js'; @@ -22,7 +22,7 @@ export type RecordsQueryOptions = { filter: RecordsFilter; dateSort?: DateSort; pagination?: Pagination; - authorizationSignatureInput?: SignatureInput; + authorizationSigner?: Signer; }; export class RecordsQuery extends Message { @@ -57,8 +57,8 @@ export class RecordsQuery extends Message { removeUndefinedProperties(descriptor); // only generate the `authorization` property if signature input is given - const authorizationSignatureInput = options.authorizationSignatureInput; - const authorization = authorizationSignatureInput ? await Message.signAsAuthorization(descriptor, authorizationSignatureInput) : undefined; + const authorizationSigner = options.authorizationSigner; + const authorization = authorizationSigner ? await Message.signAsAuthorization(descriptor, authorizationSigner) : undefined; const message = { descriptor, authorization }; Message.validateJsonSchema(message); diff --git a/src/interfaces/records-read.ts b/src/interfaces/records-read.ts index 1bdd793a4..2af5a6d78 100644 --- a/src/interfaces/records-read.ts +++ b/src/interfaces/records-read.ts @@ -1,7 +1,7 @@ import type { GenericMessage } from '../types/message-types.js'; import type { MessageStore } from '../types/message-store.js'; import type { RecordsWrite } from './records-write.js'; -import type { SignatureInput } from '../types/jws-types.js'; +import type { Signer } from '../types/signer.js'; import type { RecordsFilter , RecordsReadDescriptor, RecordsReadMessage } from '../types/records-types.js'; import { getCurrentTimeInHighPrecision } from '../utils/time.js'; @@ -16,7 +16,7 @@ import { DwnInterfaceName, DwnMethodName } from '../core/message.js'; export type RecordsReadOptions = { filter: RecordsFilter; date?: string; - authorizationSignatureInput?: SignatureInput; + authorizationSigner?: Signer; permissionsGrantId?: string; }; @@ -39,7 +39,7 @@ export class RecordsRead extends Message { * @throws {DwnError} when a combination of required RecordsReadOptions are missing */ public static async create(options: RecordsReadOptions): Promise { - const { filter, authorizationSignatureInput, permissionsGrantId } = options; + const { filter, authorizationSigner, permissionsGrantId } = options; const currentTime = getCurrentTimeInHighPrecision(); const descriptor: RecordsReadDescriptor = { @@ -53,8 +53,8 @@ export class RecordsRead extends Message { // only generate the `authorization` property if signature input is given let authorization = undefined; - if (authorizationSignatureInput !== undefined) { - authorization = await Message.signAsAuthorization(descriptor, authorizationSignatureInput, permissionsGrantId); + if (authorizationSigner !== undefined) { + authorization = await Message.signAsAuthorization(descriptor, authorizationSigner, permissionsGrantId); } const message: RecordsReadMessage = { descriptor, authorization }; diff --git a/src/interfaces/records-write.ts b/src/interfaces/records-write.ts index f96516236..9f388ecd5 100644 --- a/src/interfaces/records-write.ts +++ b/src/interfaces/records-write.ts @@ -1,6 +1,8 @@ +import type { GeneralJws } from '../types/jws-types.js'; import type { GenericMessage } from '../types/message-types.js'; import type { MessageStore } from '../types/message-store.js'; import type { PublicJwk } from '../types/jose-types.js'; +import type { Signer } from '../types/signer.js'; import type { EncryptedKey, EncryptionProperty, @@ -11,7 +13,6 @@ import type { RecordsWriteMessage, UnsignedRecordsWriteMessage } from '../types/records-types.js'; -import type { GeneralJws, SignatureInput } from '../types/jws-types.js'; import { Cid } from '../utils/cid.js'; import { Encoder } from '../utils/encoder.js'; @@ -20,7 +21,7 @@ import { EncryptionAlgorithm } from '../utils/encryption.js'; import { GeneralJwsBuilder } from '../jose/jws/general/builder.js'; import { getCurrentTimeInHighPrecision } from '../utils/time.js'; import { Jws } from '../utils/jws.js'; -import { KeyDerivationScheme } from '../index.js'; +import { KeyDerivationScheme } from '../utils/hd-key.js'; import { Message } from '../core/message.js'; import { ProtocolAuthorization } from '../core/protocol-authorization.js'; import { RecordsGrantAuthorization } from '../core/records-grant-authorization.js'; @@ -47,8 +48,8 @@ export type RecordsWriteOptions = { published?: boolean; datePublished?: string; dataFormat: string; - authorizationSignatureInput?: SignatureInput; - attestationSignatureInputs?: SignatureInput[]; + authorizationSigner?: Signer; + attestationSigners?: Signer[]; encryptionInput?: EncryptionInput; permissionsGrantId?: string; }; @@ -111,8 +112,8 @@ export type CreateFromOptions = { published?: boolean; messageTimestamp?: string; datePublished?: string; - authorizationSignatureInput?: SignatureInput; - attestationSignatureInputs?: SignatureInput[]; + authorizationSigner?: Signer; + attestationSigners?: Signer[]; encryptionInput?: EncryptionInput; }; @@ -120,12 +121,12 @@ export class RecordsWrite { private _message: InternalRecordsWriteMessage; /** * Valid JSON message representing this RecordsWrite. - * @throws `DwnErrorCode.RecordsWriteMissingAuthorizationSignatureInput` if the message is not signed yet. + * @throws `DwnErrorCode.RecordsWriteMissingauthorizationSigner` if the message is not signed yet. */ public get message(): RecordsWriteMessage { if (this._message.authorization === undefined) { throw new DwnError( - DwnErrorCode.RecordsWriteMissingAuthorizationSignatureInput, + DwnErrorCode.RecordsWriteMissingauthorizationSigner, 'This RecordsWrite is not yet signed, JSON message cannot be generated from an incomplete state.' ); } @@ -246,7 +247,7 @@ export class RecordsWrite { // `attestation` generation const descriptorCid = await Cid.computeCid(descriptor); - const attestation = await RecordsWrite.createAttestation(descriptorCid, options.attestationSignatureInputs); + const attestation = await RecordsWrite.createAttestation(descriptorCid, options.attestationSigners); // `encryption` generation const encryption = await RecordsWrite.createEncryptionProperty(descriptor, options.encryptionInput); @@ -265,8 +266,8 @@ export class RecordsWrite { const recordsWrite = new RecordsWrite(message); - if (options.authorizationSignatureInput !== undefined) { - await recordsWrite.sign(options.authorizationSignatureInput, options.permissionsGrantId); + if (options.authorizationSigner !== undefined) { + await recordsWrite.sign(options.authorizationSigner, options.permissionsGrantId); } return recordsWrite; @@ -313,25 +314,25 @@ export class RecordsWrite { const createOptions: RecordsWriteOptions = { // immutable properties below, just inherit from the message given - recipient : unsignedMessage.descriptor.recipient, - recordId : unsignedMessage.recordId, - dateCreated : unsignedMessage.descriptor.dateCreated, - contextId : unsignedMessage.contextId, - protocol : unsignedMessage.descriptor.protocol, - protocolPath : unsignedMessage.descriptor.protocolPath, - parentId : unsignedMessage.descriptor.parentId, - schema : unsignedMessage.descriptor.schema, - dataFormat : unsignedMessage.descriptor.dataFormat, + recipient : unsignedMessage.descriptor.recipient, + recordId : unsignedMessage.recordId, + dateCreated : unsignedMessage.descriptor.dateCreated, + contextId : unsignedMessage.contextId, + protocol : unsignedMessage.descriptor.protocol, + protocolPath : unsignedMessage.descriptor.protocolPath, + parentId : unsignedMessage.descriptor.parentId, + schema : unsignedMessage.descriptor.schema, + dataFormat : unsignedMessage.descriptor.dataFormat, // mutable properties below - messageTimestamp : options.messageTimestamp ?? currentTime, + messageTimestamp : options.messageTimestamp ?? currentTime, published, datePublished, - data : options.data, - dataCid : options.data ? undefined : unsignedMessage.descriptor.dataCid, // if data not given, use base message dataCid - dataSize : options.data ? undefined : unsignedMessage.descriptor.dataSize, // if data not given, use base message dataSize - // finally still need input for signing - authorizationSignatureInput : options.authorizationSignatureInput, - attestationSignatureInputs : options.attestationSignatureInputs + data : options.data, + dataCid : options.data ? undefined : unsignedMessage.descriptor.dataCid, // if data not given, use base message dataCid + dataSize : options.data ? undefined : unsignedMessage.descriptor.dataSize, // if data not given, use base message dataSize + // finally still need signers + authorizationSigner : options.authorizationSigner, + attestationSigners : options.attestationSigners }; const recordsWrite = await RecordsWrite.create(createOptions); @@ -360,8 +361,8 @@ export class RecordsWrite { /** * Signs the RecordsWrite. */ - public async sign(signatureInput: SignatureInput, permissionsGrantId?: string): Promise { - const author = Jws.extractDid(signatureInput.protectedHeader.kid); + public async sign(signer: Signer, permissionsGrantId?: string): Promise { + const author = Jws.extractDid(signer.keyId); const descriptor = this._message.descriptor; const descriptorCid = await Cid.computeCid(descriptor); @@ -381,7 +382,7 @@ export class RecordsWrite { descriptorCid, this._message.attestation, this._message.encryption, - signatureInput, + signer, permissionsGrantId ); @@ -627,15 +628,15 @@ export class RecordsWrite { /** * Creates the `attestation` property of a RecordsWrite message if given signature inputs; returns `undefined` otherwise. */ - public static async createAttestation(descriptorCid: string, signatureInputs?: SignatureInput[]): Promise { - if (signatureInputs === undefined || signatureInputs.length === 0) { + public static async createAttestation(descriptorCid: string, signers?: Signer[]): Promise { + if (signers === undefined || signers.length === 0) { return undefined; } const attestationPayload: RecordsWriteAttestationPayload = { descriptorCid }; const attestationPayloadBytes = Encoder.objectToBytes(attestationPayload); - const builder = await GeneralJwsBuilder.create(attestationPayloadBytes, signatureInputs); + const builder = await GeneralJwsBuilder.create(attestationPayloadBytes, signers); return builder.getJws(); } @@ -648,7 +649,7 @@ export class RecordsWrite { descriptorCid: string, attestation: GeneralJws | undefined, encryption: EncryptionProperty | undefined, - signatureInput: SignatureInput, + signer: Signer, permissionsGrantId: string | undefined, ): Promise { const authorizationPayload: RecordsWriteAuthorizationPayload = { @@ -666,7 +667,7 @@ export class RecordsWrite { const authorizationPayloadBytes = Encoder.objectToBytes(authorizationPayload); - const builder = await GeneralJwsBuilder.create(authorizationPayloadBytes, [signatureInput]); + const builder = await GeneralJwsBuilder.create(authorizationPayloadBytes, [signer]); return builder.getJws(); } diff --git a/src/interfaces/snapshots-create.ts b/src/interfaces/snapshots-create.ts index 71d5c408b..eb738b1fd 100644 --- a/src/interfaces/snapshots-create.ts +++ b/src/interfaces/snapshots-create.ts @@ -1,4 +1,4 @@ -import type { SignatureInput } from '../types/jws-types.js'; +import type { Signer } from '../types/signer.js'; import type { SnapshotDefinition, SnapshotsCreateDescriptor, SnapshotsCreateMessage } from '../types/snapshots-types.js'; import { Cid } from '../utils/cid.js'; @@ -10,7 +10,7 @@ import { DwnInterfaceName, DwnMethodName, Message } from '../core/message.js'; export type SnapshotsCreateOptions = { messageTimestamp? : string; definition : SnapshotDefinition; - authorizationSignatureInput: SignatureInput; + authorizationSigner: Signer; }; export class SnapshotsCreate extends Message { @@ -32,7 +32,7 @@ export class SnapshotsCreate extends Message { definitionCid }; - const authorization = await Message.signAsAuthorization(descriptor, options.authorizationSignatureInput); + const authorization = await Message.signAsAuthorization(descriptor, options.authorizationSigner); const message = { descriptor, authorization }; Message.validateJsonSchema(message); diff --git a/src/jose/jws/general/builder.ts b/src/jose/jws/general/builder.ts index 6f98a1cca..c3b9d32e4 100644 --- a/src/jose/jws/general/builder.ts +++ b/src/jose/jws/general/builder.ts @@ -1,4 +1,5 @@ -import type { GeneralJws, SignatureInput } from '../../../types/jws-types.js'; +import type { GeneralJws } from '../../../types/jws-types.js'; +import type { Signer } from '../../../types/signer.js'; import { Encoder } from '../../../utils/encoder.js'; @@ -9,7 +10,7 @@ export class GeneralJwsBuilder { this.jws = jws; } - static async create(payload: Uint8Array, signatureInputs: SignatureInput[] = []): Promise { + static async create(payload: Uint8Array, signers: Signer[] = []): Promise { const jws: GeneralJws = { payload : Encoder.bytesToBase64Url(payload), signatures : [] @@ -17,16 +18,18 @@ export class GeneralJwsBuilder { const builder = new GeneralJwsBuilder(jws); - for (const signatureInput of signatureInputs) { - await builder.addSignature(signatureInput); + for (const signer of signers) { + await builder.addSignature(signer); } return builder; } - async addSignature(signatureInput: SignatureInput): Promise { - const { signer, protectedHeader } = signatureInput; - + async addSignature(signer: Signer): Promise { + const protectedHeader = { + kid : signer.keyId, + alg : signer.algorithm + }; const protectedHeaderString = JSON.stringify(protectedHeader); const protectedHeaderBase64UrlString = Encoder.stringToBase64Url(protectedHeaderString); diff --git a/src/types/jws-types.ts b/src/types/jws-types.ts index b9f1e5357..25e8b7327 100644 --- a/src/types/jws-types.ts +++ b/src/types/jws-types.ts @@ -1,4 +1,3 @@ -import type { Signer } from '../types/signer.js'; /** * General JWS definition. Payload is returned as an empty * string when JWS Unencoded Payload Option @@ -27,36 +26,3 @@ export type SignatureEntry = { */ signature: string }; - -export type JwsHeaderParameters = { - /** - * JWS "alg" (Algorithm) Header Parameter. - * - * This parameter is not used by the DWN but is unfortunately a required header property for a JWS as per: - * https://datatracker.ietf.org/doc/html/rfc7515#section-4.1.1 - * - * Valid signature algorithm values can be found at https://www.iana.org/assignments/jose/jose.xhtml - */ - alg: string - - /** - * JWS "kid" (Key ID) Parameter. - * - * This property is not a required property per JWS specification, but is required for DWN authentication. - * This needs to be a fully-qualified ID (ie. prefixed with DID) so that author can be parsed out for processing such as `recordId` computation. - */ - kid: string -}; - -/** - * Input required to sign a DWN message. - */ -export type SignatureInput = { - protectedHeader: JwsHeaderParameters - - /** - * Signer used to produce the signature. - * You can use `PrivateKeySigner` if you have the private key readily available. - */ - signer: Signer -}; \ No newline at end of file diff --git a/src/types/signer.ts b/src/types/signer.ts index 3f5d964b6..b718a0fa6 100644 --- a/src/types/signer.ts +++ b/src/types/signer.ts @@ -1,7 +1,24 @@ /** - * A signer interface that can signing over arbitrary bytes. + * A signer that is capable of generating a digital signature over any given bytes. */ export interface Signer { + /** + * The ID of the key used by this signer. + * This needs to be a fully-qualified ID (ie. prefixed with DID) so that author can be parsed out for processing such as `recordId` computation. + * This value will be used as the "kid" parameter in JWS produced. + * While this property is not a required property per JWS specification, it is required for DWN authentication. + */ + keyId: string + + /** + * The name of the signature algorithm used by this signer. + * This value will be used as the "alg" parameter in JWS produced. + * This parameter is not used by the DWN but is unfortunately a required header property for a JWS as per: + * https://datatracker.ietf.org/doc/html/rfc7515#section-4.1.1 + * Valid signature algorithm values can be found at https://www.iana.org/assignments/jose/jose.xhtml + */ + algorithm: string; + /** * Signs the given content and returns the signature as bytes. */ diff --git a/src/utils/jws.ts b/src/utils/jws.ts index f874c9b8f..ae56a0eab 100644 --- a/src/utils/jws.ts +++ b/src/utils/jws.ts @@ -1,5 +1,6 @@ +import type { GeneralJws } from '../types/jws-types.js'; import type { SignatureEntry } from '../types/jws-types.js'; -import type { GeneralJws, SignatureInput } from '../types/jws-types.js'; +import type { Signer } from '../types/signer.js'; import type { KeyMaterial, PublicJwk } from '../types/jose-types.js'; import isPlainObject from 'lodash/isPlainObject.js'; @@ -74,25 +75,20 @@ export class Jws { } /** - * Creates a SignatureInput[] from the given Personas. + * Creates a Signer[] from the given Personas. */ - public static createSignatureInputs(keyMaterials: KeyMaterial[]): SignatureInput[] { - const signatureInputs = keyMaterials.map((keyMaterial) => Jws.createSignatureInput(keyMaterial)); + public static createSigners(keyMaterials: KeyMaterial[]): Signer[] { + const signatureInputs = keyMaterials.map((keyMaterial) => Jws.createSigner(keyMaterial)); return signatureInputs; } /** - * Creates a SignatureInput from the given Persona. + * Creates a Signer from the given Persona. */ - public static createSignatureInput(keyMaterial: KeyMaterial): SignatureInput { - const signatureInput = { - signer : new PrivateKeySigner(keyMaterial.keyPair.privateJwk), - protectedHeader : { - alg : keyMaterial.keyPair.privateJwk.alg as string, - kid : keyMaterial.keyId - } - }; - - return signatureInput; + public static createSigner(keyMaterial: KeyMaterial): Signer { + const privateJwk = keyMaterial.keyPair.privateJwk; + const keyId = keyMaterial.keyId; + const signer = new PrivateKeySigner({ privateJwk, keyId }); + return signer; } } diff --git a/src/utils/private-key-signer.ts b/src/utils/private-key-signer.ts index 2ea50fb36..919561f82 100644 --- a/src/utils/private-key-signer.ts +++ b/src/utils/private-key-signer.ts @@ -4,19 +4,53 @@ import type { Signer } from '../types/signer.js'; import { signatureAlgorithms } from '../jose/algorithms/signing/signature-algorithms.js'; import { DwnError, DwnErrorCode } from '../index.js'; +export type PrivateKeySignerOptions = { + privateJwk: PrivateJwk; + + /** + * If not specified, the constructor will attempt to default/fall back to the `kid` value in the given `privateJwk`. + */ + keyId?: string; + + /** + * If not specified, the constructor will attempt to default/fall back to the `alg` value in the given `privateJwk`. + */ + algorithm?: string; +}; + /** * A signer that signs using a private key. */ export class PrivateKeySigner implements Signer { + public keyId; + public algorithm; + private privateJwk: PrivateJwk; private signatureAlgorithm; - public constructor(private privateJwk: PrivateJwk) { - this.signatureAlgorithm = signatureAlgorithms[privateJwk.crv]; + public constructor(options: PrivateKeySignerOptions) { + if (options.keyId === undefined && options.privateJwk.kid === undefined) { + throw new DwnError( + DwnErrorCode.PrivateKeySignerUnableToDeduceKeyId, + `Unable to deduce the key ID` + ); + } + + if (options.algorithm === undefined && options.privateJwk.alg === undefined) { + throw new DwnError( + DwnErrorCode.PrivateKeySignerUnableToDeduceAlgorithm, + `Unable to deduce the signature algorithm` + ); + } + + this.keyId = options.keyId ?? options.privateJwk.kid!; + this.algorithm = options.algorithm ?? options.privateJwk.alg!; + this.privateJwk = options.privateJwk; + this.signatureAlgorithm = signatureAlgorithms[options.privateJwk.crv]; if (!this.signatureAlgorithm) { throw new DwnError( DwnErrorCode.PrivateKeySignerUnsupportedCurve, - `Unsupported crv ${privateJwk.crv}, crv must be one of ${Object.keys(signatureAlgorithms)}` + `Unsupported crv ${options.privateJwk.crv}, crv must be one of ${Object.keys(signatureAlgorithms)}` ); } } diff --git a/tests/dwn.spec.ts b/tests/dwn.spec.ts index 1cad50e08..ff3c8e712 100644 --- a/tests/dwn.spec.ts +++ b/tests/dwn.spec.ts @@ -154,7 +154,7 @@ export function testDwnClass(): void { filter: { recordId: 'recordId-doesnt-matter', }, - authorizationSignatureInput: Jws.createSignatureInput(alice) + authorizationSigner: Jws.createSigner(alice) }); (recordsRead.message as any).descriptor.method = 'Write'; // Will cause interface and method check to fail const reply = await dwn.handleRecordsRead(alice.did, recordsRead.message); diff --git a/tests/handlers/permissions-grant.spec.ts b/tests/handlers/permissions-grant.spec.ts index 3f32ca396..fb8b989f9 100644 --- a/tests/handlers/permissions-grant.spec.ts +++ b/tests/handlers/permissions-grant.spec.ts @@ -171,7 +171,7 @@ export function testPermissionsGrantHandler(): void { }; schemaAndProtocolGrant.message.authorization = await Message.signAsAuthorization( schemaAndProtocolGrant.message.descriptor, - Jws.createSignatureInput(alice) + Jws.createSigner(alice) ); const schemaAndProtocolGrantReply = await dwn.processMessage(alice.did, schemaAndProtocolGrant.message); expect(schemaAndProtocolGrantReply.status.code).to.eq(400); @@ -189,7 +189,7 @@ export function testPermissionsGrantHandler(): void { }; schemaAndContextIdGrant.message.authorization = await Message.signAsAuthorization( schemaAndContextIdGrant.message.descriptor, - Jws.createSignatureInput(alice) + Jws.createSigner(alice) ); const schemaAndContextIdGrantReply = await dwn.processMessage(alice.did, schemaAndProtocolGrant.message); expect(schemaAndContextIdGrantReply.status.code).to.eq(400); @@ -207,7 +207,7 @@ export function testPermissionsGrantHandler(): void { }; schemaAndProtocolPathGrant.message.authorization = await Message.signAsAuthorization( schemaAndProtocolPathGrant.message.descriptor, - Jws.createSignatureInput(alice) + Jws.createSigner(alice) ); const schemaAndProtocolPathGrantReply = await dwn.processMessage(alice.did, schemaAndProtocolGrant.message); expect(schemaAndProtocolPathGrantReply.status.code).to.eq(400); @@ -239,7 +239,7 @@ export function testPermissionsGrantHandler(): void { }; contextIdAndProtocolPathGrant.message.authorization = await Message.signAsAuthorization( contextIdAndProtocolPathGrant.message.descriptor, - Jws.createSignatureInput(alice) + Jws.createSigner(alice) ); const contextIdAndProtocolPathGrantReply = await dwn.processMessage(alice.did, contextIdAndProtocolPathGrant.message); expect(contextIdAndProtocolPathGrantReply.status.code).to.eq(400); diff --git a/tests/handlers/protocols-configure.spec.ts b/tests/handlers/protocols-configure.spec.ts index 9d378e5d2..2fe0da175 100644 --- a/tests/handlers/protocols-configure.spec.ts +++ b/tests/handlers/protocols-configure.spec.ts @@ -80,8 +80,8 @@ export function testProtocolsConfigureHandler(): void { // intentionally create more than one signature, which is not allowed const extraRandomPersona = await TestDataGenerator.generatePersona(); - const signatureInput1 = Jws.createSignatureInput(author); - const signatureInput2 = Jws.createSignatureInput(extraRandomPersona); + const signatureInput1 = Jws.createSigner(author); + const signatureInput2 = Jws.createSigner(extraRandomPersona); const authorizationPayloadBytes = Encoder.objectToBytes(protocolsConfigure.authorizationPayload!); @@ -233,7 +233,7 @@ export function testProtocolsConfigureHandler(): void { // Re-create auth because we altered the descriptor after signing protocolsConfig.message.authorization = await Message.signAsAuthorization( protocolsConfig.message.descriptor, - Jws.createSignatureInput(alice) + Jws.createSigner(alice) ); // Send records write message @@ -257,7 +257,7 @@ export function testProtocolsConfigureHandler(): void { // Re-create auth because we altered the descriptor after signing protocolsConfig.message.authorization = await Message.signAsAuthorization( protocolsConfig.message.descriptor, - Jws.createSignatureInput(alice) + Jws.createSigner(alice) ); // Send records write message diff --git a/tests/handlers/protocols-query.spec.ts b/tests/handlers/protocols-query.spec.ts index a503f1f9d..2840a2477 100644 --- a/tests/handlers/protocols-query.spec.ts +++ b/tests/handlers/protocols-query.spec.ts @@ -151,7 +151,7 @@ export function testProtocolsQueryHandler(): void { // Re-create auth because we altered the descriptor after signing protocolsQuery.message.authorization = await Message.signAsAuthorization( protocolsQuery.message.descriptor, - Jws.createSignatureInput(alice) + Jws.createSigner(alice) ); // Send records write message @@ -169,7 +169,7 @@ export function testProtocolsQueryHandler(): void { const authorizationPayload = { ...protocolsQuery.authorizationPayload }; authorizationPayload.descriptorCid = incorrectDescriptorCid; const authorizationPayloadBytes = Encoder.objectToBytes(authorizationPayload); - const signatureInput = Jws.createSignatureInput(author); + const signatureInput = Jws.createSigner(author); const jwsBuilder = await GeneralJwsBuilder.create(authorizationPayloadBytes, [signatureInput]); message.authorization = jwsBuilder.getJws(); diff --git a/tests/handlers/records-delete.spec.ts b/tests/handlers/records-delete.spec.ts index badf9be22..fade57a4b 100644 --- a/tests/handlers/records-delete.spec.ts +++ b/tests/handlers/records-delete.spec.ts @@ -77,8 +77,8 @@ export function testRecordsDeleteHandler(): void { // testing delete const recordsDelete = await RecordsDelete.create({ - recordId : message.recordId, - authorizationSignatureInput : Jws.createSignatureInput(alice) + recordId : message.recordId, + authorizationSigner : Jws.createSigner(alice) }); const deleteReply = await dwn.processMessage(alice.did, recordsDelete.message); @@ -91,8 +91,8 @@ export function testRecordsDeleteHandler(): void { // testing deleting a deleted record const recordsDelete2 = await RecordsDelete.create({ - recordId : message.recordId, - authorizationSignatureInput : Jws.createSignatureInput(alice) + recordId : message.recordId, + authorizationSigner : Jws.createSigner(alice) }); const recordsDelete2Reply = await dwn.processMessage(alice.did, recordsDelete2.message); @@ -137,7 +137,7 @@ export function testRecordsDeleteHandler(): void { filter: { recordId: aliceAssociateData.message.recordId, }, - authorizationSignatureInput: Jws.createSignatureInput(alice) + authorizationSigner: Jws.createSigner(alice) }); const aliceRead1Reply = await dwn.handleRecordsRead(alice.did, aliceRead1.message); @@ -163,7 +163,7 @@ export function testRecordsDeleteHandler(): void { filter: { recordId: bobAssociateData.message.recordId, }, - authorizationSignatureInput: Jws.createSignatureInput(bob) + authorizationSigner: Jws.createSigner(bob) }); const bobRead1Reply = await dwn.handleRecordsRead(bob.did, bobRead1.message); @@ -178,8 +178,8 @@ export function testRecordsDeleteHandler(): void { // testing deleting a non-existent record const recordsDelete = await RecordsDelete.create({ - recordId : 'nonExistentRecordId', - authorizationSignatureInput : Jws.createSignatureInput(alice) + recordId : 'nonExistentRecordId', + authorizationSigner : Jws.createSigner(alice) }); const deleteReply = await dwn.processMessage(alice.did, recordsDelete.message); @@ -197,8 +197,8 @@ export function testRecordsDeleteHandler(): void { // generate subsequent write and delete with the delete having an earlier timestamp // NOTE: creating RecordsDelete first ensures it has an earlier `messageTimestamp` time const recordsDelete = await RecordsDelete.create({ - recordId : initialWriteData.message.recordId, - authorizationSignatureInput : Jws.createSignatureInput(alice) + recordId : initialWriteData.message.recordId, + authorizationSigner : Jws.createSigner(alice) }); await minimalSleep(); const subsequentWriteData = await TestDataGenerator.generateFromRecordsWrite({ @@ -291,8 +291,8 @@ export function testRecordsDeleteHandler(): void { expect(writeReply.status.code).to.equal(202); const recordsDelete = await RecordsDelete.create({ - recordId : message.recordId, - authorizationSignatureInput : Jws.createSignatureInput(alice) + recordId : message.recordId, + authorizationSigner : Jws.createSigner(alice) }); const deleteReply = await dwn.processMessage(alice.did, recordsDelete.message); @@ -322,15 +322,15 @@ export function testRecordsDeleteHandler(): void { const newWrite = await RecordsWrite.createFrom({ unsignedRecordsWriteMessage : recordsWrite.message, published : true, - authorizationSignatureInput : Jws.createSignatureInput(author) + authorizationSigner : Jws.createSigner(author) }); const newWriteReply = await dwn.processMessage(author.did, newWrite.message); expect(newWriteReply.status.code).to.equal(202); const recordsDelete = await RecordsDelete.create({ - recordId : message.recordId, - authorizationSignatureInput : Jws.createSignatureInput(author) + recordId : message.recordId, + authorizationSigner : Jws.createSigner(author) }); const deleteReply = await dwn.processMessage(author.did, recordsDelete.message); diff --git a/tests/handlers/records-query.spec.ts b/tests/handlers/records-query.spec.ts index dbee373e2..eca250ab5 100644 --- a/tests/handlers/records-query.spec.ts +++ b/tests/handlers/records-query.spec.ts @@ -918,7 +918,7 @@ export function testRecordsQueryHandler(): void { // Re-create auth because we altered the descriptor after signing recordsQuery.message.authorization = await Message.signAsAuthorization( recordsQuery.message.descriptor, - Jws.createSignatureInput(alice) + Jws.createSigner(alice) ); // Send records write message @@ -942,7 +942,7 @@ export function testRecordsQueryHandler(): void { // Re-create auth because we altered the descriptor after signing recordsQuery.message.authorization = await Message.signAsAuthorization( recordsQuery.message.descriptor, - Jws.createSignatureInput(alice) + Jws.createSigner(alice) ); // Send records write message diff --git a/tests/handlers/records-read.spec.ts b/tests/handlers/records-read.spec.ts index c04699bdc..36b7e0457 100644 --- a/tests/handlers/records-read.spec.ts +++ b/tests/handlers/records-read.spec.ts @@ -81,7 +81,7 @@ export function testRecordsReadHandler(): void { filter: { recordId: message.recordId, }, - authorizationSignatureInput: Jws.createSignatureInput(alice) + authorizationSigner: Jws.createSigner(alice) }); const readReply = await dwn.handleRecordsRead(alice.did, recordsRead.message); @@ -108,7 +108,7 @@ export function testRecordsReadHandler(): void { filter: { recordId: message.recordId, }, - authorizationSignatureInput: Jws.createSignatureInput(bob) + authorizationSigner: Jws.createSigner(bob) }); const readReply = await dwn.processMessage(alice.did, recordsRead.message); @@ -153,7 +153,7 @@ export function testRecordsReadHandler(): void { filter: { recordId: message.recordId, }, - authorizationSignatureInput: Jws.createSignatureInput(bob) + authorizationSigner: Jws.createSigner(bob) }); const readReply = await dwn.handleRecordsRead(alice.did, recordsRead.message); @@ -180,7 +180,7 @@ export function testRecordsReadHandler(): void { filter: { recordId: message.recordId, }, - authorizationSignatureInput: Jws.createSignatureInput(bob) + authorizationSigner: Jws.createSigner(bob) }); const readReply = await dwn.handleRecordsRead(alice.did, recordsRead.message); @@ -228,7 +228,7 @@ export function testRecordsReadHandler(): void { filter: { recordId: imageRecordsWrite.message.recordId, }, - authorizationSignatureInput: Jws.createSignatureInput(bob) + authorizationSigner: Jws.createSigner(bob) }); const imageReadReply = await dwn.processMessage(alice.did, imageRecordsRead.message); expect(imageReadReply.status.code).to.equal(200); @@ -312,7 +312,7 @@ export function testRecordsReadHandler(): void { filter: { recordId: emailRecordsWrite.message.recordId, }, - authorizationSignatureInput: Jws.createSignatureInput(bob) + authorizationSigner: Jws.createSigner(bob) }); const bobReadReply = await dwn.processMessage(alice.did, bobRecordsRead.message); expect(bobReadReply.status.code).to.equal(200); @@ -322,7 +322,7 @@ export function testRecordsReadHandler(): void { filter: { recordId: emailRecordsWrite.message.recordId, }, - authorizationSignatureInput: Jws.createSignatureInput(imposterBob) + authorizationSigner: Jws.createSigner(imposterBob) }); const imposterReadReply = await dwn.processMessage(alice.did, imposterRecordsRead.message); expect(imposterReadReply.status.code).to.equal(401); @@ -367,7 +367,7 @@ export function testRecordsReadHandler(): void { filter: { recordId: emailRecordsWrite.message.recordId, }, - authorizationSignatureInput: Jws.createSignatureInput(bob) + authorizationSigner: Jws.createSigner(bob) }); const bobReadReply = await dwn.processMessage(alice.did, bobRecordsRead.message); expect(bobReadReply.status.code).to.equal(200); @@ -377,7 +377,7 @@ export function testRecordsReadHandler(): void { filter: { recordId: emailRecordsWrite.message.recordId, }, - authorizationSignatureInput: Jws.createSignatureInput(imposterBob) + authorizationSigner: Jws.createSigner(imposterBob) }); const imposterReadReply = await dwn.processMessage(alice.did, imposterRecordsRead.message); expect(imposterReadReply.status.code).to.equal(401); @@ -414,7 +414,7 @@ export function testRecordsReadHandler(): void { protocol : protocolDefinition.protocol, protocolPath : 'foo', }, - authorizationSignatureInput: Jws.createSignatureInput(alice), + authorizationSigner: Jws.createSigner(alice), }); const fooPathReply = await dwn.handleRecordsRead(alice.did, fooPathRead.message); @@ -463,7 +463,7 @@ export function testRecordsReadHandler(): void { protocol : protocolDefinition.protocol, protocolPath : 'foo', }, - authorizationSignatureInput: Jws.createSignatureInput(alice), + authorizationSigner: Jws.createSigner(alice), }); const fooPathReply = await dwn.handleRecordsRead(alice.did, fooPathRead.message); expect(fooPathReply.status.code).to.equal(400); @@ -505,8 +505,8 @@ export function testRecordsReadHandler(): void { filter: { recordId: recordsWrite.message.recordId, }, - authorizationSignatureInput : Jws.createSignatureInput(bob), - permissionsGrantId : await Message.getCid(permissionsGrant.message), + authorizationSigner : Jws.createSigner(bob), + permissionsGrantId : await Message.getCid(permissionsGrant.message), }); const recordsReadReply = await dwn.processMessage(alice.did, recordsRead.message); expect(recordsReadReply.status.code).to.equal(401); @@ -547,8 +547,8 @@ export function testRecordsReadHandler(): void { filter: { recordId: message.recordId, }, - authorizationSignatureInput : Jws.createSignatureInput(bob), - permissionsGrantId : await Message.getCid(permissionsGrant.message), + authorizationSigner : Jws.createSigner(bob), + permissionsGrantId : await Message.getCid(permissionsGrant.message), }); const readReply = await dwn.processMessage(alice.did, recordsRead.message); expect(readReply.status.code).to.equal(200); @@ -601,7 +601,7 @@ export function testRecordsReadHandler(): void { recordId: recordsWrite.message.recordId, }, - authorizationSignatureInput: Jws.createSignatureInput(bob), + authorizationSigner: Jws.createSigner(bob), }); const recordsReadWithoutGrantReply = await dwn.processMessage(alice.did, recordsReadWithoutGrant.message); expect(recordsReadWithoutGrantReply.status.code).to.equal(401); @@ -612,8 +612,8 @@ export function testRecordsReadHandler(): void { filter: { recordId: recordsWrite.message.recordId, }, - authorizationSignatureInput : Jws.createSignatureInput(bob), - permissionsGrantId : await Message.getCid(permissionsGrant.message), + authorizationSigner : Jws.createSigner(bob), + permissionsGrantId : await Message.getCid(permissionsGrant.message), }); const recordsReadWithGrantReply = await dwn.processMessage(alice.did, recordsReadWithGrant.message); expect(recordsReadWithGrantReply.status.code).to.equal(200); @@ -665,7 +665,7 @@ export function testRecordsReadHandler(): void { filter: { recordId: recordsWrite.message.recordId, }, - authorizationSignatureInput: Jws.createSignatureInput(bob), + authorizationSigner: Jws.createSigner(bob), }); const recordsReadWithoutGrantReply = await dwn.processMessage(alice.did, recordsReadWithoutGrant.message); expect(recordsReadWithoutGrantReply.status.code).to.equal(401); @@ -676,8 +676,8 @@ export function testRecordsReadHandler(): void { filter: { recordId: recordsWrite.message.recordId, }, - authorizationSignatureInput : Jws.createSignatureInput(bob), - permissionsGrantId : await Message.getCid(permissionsGrant.message), + authorizationSigner : Jws.createSigner(bob), + permissionsGrantId : await Message.getCid(permissionsGrant.message), }); const recordsReadWithGrantReply = await dwn.processMessage(alice.did, recordsReadWithGrant.message); expect(recordsReadWithGrantReply.status.code).to.equal(200); @@ -729,8 +729,8 @@ export function testRecordsReadHandler(): void { filter: { recordId: recordsWrite.message.recordId, }, - authorizationSignatureInput : Jws.createSignatureInput(bob), - permissionsGrantId : await Message.getCid(permissionsGrant.message), + authorizationSigner : Jws.createSigner(bob), + permissionsGrantId : await Message.getCid(permissionsGrant.message), }); const recordsReadWithoutGrantReply = await dwn.processMessage(alice.did, recordsReadWithoutGrant.message); expect(recordsReadWithoutGrantReply.status.code).to.equal(401); @@ -783,8 +783,8 @@ export function testRecordsReadHandler(): void { filter: { recordId: recordsWrite.message.recordId, }, - authorizationSignatureInput : Jws.createSignatureInput(bob), - permissionsGrantId : await Message.getCid(permissionsGrant.message), + authorizationSigner : Jws.createSigner(bob), + permissionsGrantId : await Message.getCid(permissionsGrant.message), }); const recordsReadWithoutGrantReply = await dwn.processMessage(alice.did, recordsReadWithoutGrant.message); expect(recordsReadWithoutGrantReply.status.code).to.equal(401); @@ -837,8 +837,8 @@ export function testRecordsReadHandler(): void { filter: { recordId: recordsWrite.message.recordId, }, - authorizationSignatureInput : Jws.createSignatureInput(bob), - permissionsGrantId : await Message.getCid(permissionsGrant.message), + authorizationSigner : Jws.createSigner(bob), + permissionsGrantId : await Message.getCid(permissionsGrant.message), }); const recordsReadWithoutGrantReply = await dwn.processMessage(alice.did, recordsReadWithoutGrant.message); expect(recordsReadWithoutGrantReply.status.code).to.equal(200); @@ -890,8 +890,8 @@ export function testRecordsReadHandler(): void { filter: { recordId: recordsWrite.message.recordId, }, - authorizationSignatureInput : Jws.createSignatureInput(bob), - permissionsGrantId : await Message.getCid(permissionsGrant.message), + authorizationSigner : Jws.createSigner(bob), + permissionsGrantId : await Message.getCid(permissionsGrant.message), }); const recordsReadWithoutGrantReply = await dwn.processMessage(alice.did, recordsReadWithoutGrant.message); expect(recordsReadWithoutGrantReply.status.code).to.equal(401); @@ -944,8 +944,8 @@ export function testRecordsReadHandler(): void { filter: { recordId: recordsWrite.message.recordId, }, - authorizationSignatureInput : Jws.createSignatureInput(bob), - permissionsGrantId : await Message.getCid(permissionsGrant.message), + authorizationSigner : Jws.createSigner(bob), + permissionsGrantId : await Message.getCid(permissionsGrant.message), }); const recordsReadWithoutGrantReply = await dwn.processMessage(alice.did, recordsReadWithoutGrant.message); expect(recordsReadWithoutGrantReply.status.code).to.equal(200); @@ -997,8 +997,8 @@ export function testRecordsReadHandler(): void { filter: { recordId: recordsWrite.message.recordId, }, - authorizationSignatureInput : Jws.createSignatureInput(bob), - permissionsGrantId : await Message.getCid(permissionsGrant.message), + authorizationSigner : Jws.createSigner(bob), + permissionsGrantId : await Message.getCid(permissionsGrant.message), }); const recordsReadWithoutGrantReply = await dwn.processMessage(alice.did, recordsReadWithoutGrant.message); expect(recordsReadWithoutGrantReply.status.code).to.equal(401); @@ -1042,8 +1042,8 @@ export function testRecordsReadHandler(): void { filter: { recordId: message.recordId, }, - authorizationSignatureInput : Jws.createSignatureInput(bob), - permissionsGrantId : await Message.getCid(permissionsGrant.message), + authorizationSigner : Jws.createSigner(bob), + permissionsGrantId : await Message.getCid(permissionsGrant.message), }); const readReply = await dwn.processMessage(alice.did, recordsRead.message); expect(readReply.status.code).to.equal(200); @@ -1086,8 +1086,8 @@ export function testRecordsReadHandler(): void { filter: { recordId: message.recordId, }, - authorizationSignatureInput : Jws.createSignatureInput(bob), - permissionsGrantId : await Message.getCid(permissionsGrant.message), + authorizationSigner : Jws.createSigner(bob), + permissionsGrantId : await Message.getCid(permissionsGrant.message), }); const readReply = await dwn.processMessage(alice.did, recordsRead.message); expect(readReply.status.code).to.equal(401); @@ -1103,7 +1103,7 @@ export function testRecordsReadHandler(): void { filter: { recordId: `non-existent-record-id`, }, - authorizationSignatureInput: Jws.createSignatureInput(alice) + authorizationSigner: Jws.createSigner(alice) }); const readReply = await dwn.processMessage(alice.did, recordsRead.message); @@ -1130,8 +1130,8 @@ export function testRecordsReadHandler(): void { // RecordsDelete const recordsDelete = await RecordsDelete.create({ - recordId : message.recordId, - authorizationSignatureInput : Jws.createSignatureInput(alice) + recordId : message.recordId, + authorizationSigner : Jws.createSigner(alice) }); const deleteReply = await dwn.processMessage(alice.did, recordsDelete.message); @@ -1142,7 +1142,7 @@ export function testRecordsReadHandler(): void { filter: { recordId: message.recordId, }, - authorizationSignatureInput: Jws.createSignatureInput(alice) + authorizationSigner: Jws.createSigner(alice) }); const readReply = await dwn.processMessage(alice.did, recordsRead.message); @@ -1167,7 +1167,7 @@ export function testRecordsReadHandler(): void { filter: { recordId: message.recordId, }, - authorizationSignatureInput: Jws.createSignatureInput(alice) + authorizationSigner: Jws.createSigner(alice) }); const readReply = await dwn.processMessage(alice.did, recordsRead.message); @@ -1191,7 +1191,7 @@ export function testRecordsReadHandler(): void { filter: { recordId: message.recordId, }, - authorizationSignatureInput: Jws.createSignatureInput(alice) + authorizationSigner: Jws.createSigner(alice) }); const dataStoreGet = sinon.spy(dataStore, 'get'); @@ -1222,7 +1222,7 @@ export function testRecordsReadHandler(): void { filter: { recordId: message.recordId, }, - authorizationSignatureInput: Jws.createSignatureInput(alice) + authorizationSigner: Jws.createSigner(alice) }); const dataStoreGet = sinon.spy(dataStore, 'get'); @@ -1306,7 +1306,7 @@ export function testRecordsReadHandler(): void { filter: { recordId: message.recordId, }, - authorizationSignatureInput: Jws.createSignatureInput(alice) + authorizationSigner: Jws.createSigner(alice) }); // test able to derive correct key using `schemas` scheme from root key to decrypt the message @@ -1380,9 +1380,9 @@ export function testRecordsReadHandler(): void { }; const recordsWrite = await RecordsWrite.create({ - authorizationSignatureInput : Jws.createSignatureInput(alice), + authorizationSigner : Jws.createSigner(alice), dataFormat, - data : encryptedDataBytes, + data : encryptedDataBytes, encryptionInput }); @@ -1394,7 +1394,7 @@ export function testRecordsReadHandler(): void { filter: { recordId: recordsWrite.message.recordId, }, - authorizationSignatureInput: Jws.createSignatureInput(alice) + authorizationSigner: Jws.createSigner(alice) }); @@ -1499,7 +1499,7 @@ export function testRecordsReadHandler(): void { encryptionInputForBobsDwn.keyEncryptionInputs[indexOfKeyEncryptionInputToReplace] = protocolPathDerivedKeyEncryptionInputForBobsDwn; await bobToBobRecordsWrite.encryptSymmetricEncryptionKey(encryptionInputForBobsDwn); - await bobToBobRecordsWrite.sign(Jws.createSignatureInput(bob)); + await bobToBobRecordsWrite.sign(Jws.createSigner(bob)); const dataStreamForBobsDwn = DataStream.fromBytes(encryptedDataBytes); const bobToBobWriteReply = await dwn.processMessage(bob.did, bobToBobRecordsWrite.message, dataStreamForBobsDwn); @@ -1512,7 +1512,7 @@ export function testRecordsReadHandler(): void { filter: { recordId: message.recordId, }, - authorizationSignatureInput: Jws.createSignatureInput(alice) + authorizationSigner: Jws.createSigner(alice) }); const readReply = await dwn.handleRecordsRead(alice.did, recordsRead.message); expect(readReply.status.code).to.equal(200); @@ -1554,7 +1554,7 @@ export function testRecordsReadHandler(): void { filter: { recordId: recordsWriteToBob.message.recordId, }, - authorizationSignatureInput: Jws.createSignatureInput(bob) + authorizationSigner: Jws.createSigner(bob) }); const readByBobReply = await dwn.handleRecordsRead(bob.did, recordsReadByBob.message); expect(readByBobReply.status.code).to.equal(200); @@ -1645,7 +1645,7 @@ export function testRecordsReadHandler(): void { filter: { recordId: message.recordId, }, - authorizationSignatureInput: Jws.createSignatureInput(alice) + authorizationSigner: Jws.createSigner(alice) }); const readReply = await dwn.handleRecordsRead(alice.did, recordsRead.message); expect(readReply.status.code).to.equal(200); @@ -1713,7 +1713,7 @@ export function testRecordsReadHandler(): void { filter: { recordId: 'any-id', }, - authorizationSignatureInput: Jws.createSignatureInput(alice) + authorizationSigner: Jws.createSigner(alice) }); // setting up a stub did resolver & message store @@ -1734,7 +1734,7 @@ export function testRecordsReadHandler(): void { filter: { recordId: 'any-id', }, - authorizationSignatureInput: Jws.createSignatureInput(alice) + authorizationSigner: Jws.createSigner(alice) }); // setting up a stub method resolver & message store diff --git a/tests/handlers/records-write.spec.ts b/tests/handlers/records-write.spec.ts index 499a7bd63..459f44232 100644 --- a/tests/handlers/records-write.spec.ts +++ b/tests/handlers/records-write.spec.ts @@ -291,7 +291,7 @@ export function testRecordsWriteHandler(): void { const write2 = await RecordsWrite.createFrom({ unsignedRecordsWriteMessage : message, published : true, - authorizationSignatureInput : Jws.createSignatureInput(author), + authorizationSigner : Jws.createSigner(author), }); const writeUpdateReply = await dwn.processMessage(tenant, write2.message); @@ -325,7 +325,7 @@ export function testRecordsWriteHandler(): void { const write2 = await RecordsWrite.createFrom({ unsignedRecordsWriteMessage : message, published : true, - authorizationSignatureInput : Jws.createSignatureInput(author), + authorizationSigner : Jws.createSigner(author), }); const writeUpdateReply = await dwn.processMessage(tenant, write2.message); @@ -358,7 +358,7 @@ export function testRecordsWriteHandler(): void { const write2 = await RecordsWrite.createFrom({ unsignedRecordsWriteMessage : message, published : true, - authorizationSignatureInput : Jws.createSignatureInput(author), + authorizationSigner : Jws.createSigner(author), }); const writeUpdateReply = await dwn.processMessage(tenant, write2.message); @@ -389,8 +389,8 @@ export function testRecordsWriteHandler(): void { message.descriptor.dataSize = DwnConstant.maxDataSizeAllowedToBeEncoded + 100; const descriptorCid = await Cid.computeCid(message.descriptor); const recordId = await RecordsWrite.getEntryId(alice.did, message.descriptor); - const authorizationSignatureInput = Jws.createSignatureInput(alice); - const authorization = await RecordsWrite['createAuthorization'](recordId, message.contextId, descriptorCid, message.attestation, message.encryption, authorizationSignatureInput, undefined); + const authorizationSigner = Jws.createSigner(alice); + const authorization = await RecordsWrite['createAuthorization'](recordId, message.contextId, descriptorCid, message.attestation, message.encryption, authorizationSigner, undefined); message.recordId = recordId; message.authorization = authorization; @@ -410,8 +410,8 @@ export function testRecordsWriteHandler(): void { message.descriptor.dataSize = DwnConstant.maxDataSizeAllowedToBeEncoded + 100; const descriptorCid = await Cid.computeCid(message.descriptor); const recordId = await RecordsWrite.getEntryId(alice.did, message.descriptor); - const authorizationSignatureInput = Jws.createSignatureInput(alice); - const authorization = await RecordsWrite['createAuthorization'](recordId, message.contextId, descriptorCid, message.attestation, message.encryption, authorizationSignatureInput, undefined); + const authorizationSigner = Jws.createSigner(alice); + const authorization = await RecordsWrite['createAuthorization'](recordId, message.contextId, descriptorCid, message.attestation, message.encryption, authorizationSigner, undefined); message.recordId = recordId; message.authorization = authorization; @@ -431,8 +431,8 @@ export function testRecordsWriteHandler(): void { message.descriptor.dataSize = 1; const descriptorCid = await Cid.computeCid(message.descriptor); const recordId = await RecordsWrite.getEntryId(alice.did, message.descriptor); - const authorizationSignatureInput = Jws.createSignatureInput(alice); - const authorization = await RecordsWrite['createAuthorization'](recordId, message.contextId, descriptorCid, message.attestation, message.encryption, authorizationSignatureInput, undefined); + const authorizationSigner = Jws.createSigner(alice); + const authorization = await RecordsWrite['createAuthorization'](recordId, message.contextId, descriptorCid, message.attestation, message.encryption, authorizationSigner, undefined); message.recordId = recordId; message.authorization = authorization; @@ -451,8 +451,8 @@ export function testRecordsWriteHandler(): void { message.descriptor.dataSize = 1; const descriptorCid = await Cid.computeCid(message.descriptor); const recordId = await RecordsWrite.getEntryId(alice.did, message.descriptor); - const authorizationSignatureInput = Jws.createSignatureInput(alice); - const authorization = await RecordsWrite['createAuthorization'](recordId, message.contextId, descriptorCid, message.attestation, message.encryption, authorizationSignatureInput, undefined); + const authorizationSigner = Jws.createSigner(alice); + const authorization = await RecordsWrite['createAuthorization'](recordId, message.contextId, descriptorCid, message.attestation, message.encryption, authorizationSigner, undefined); message.recordId = recordId; message.authorization = authorization; @@ -475,15 +475,15 @@ export function testRecordsWriteHandler(): void { expect(initialWriteReply.status.code).to.equal(202); const recordsDelete = await RecordsDelete.create({ - recordId : message.recordId, - authorizationSignatureInput : Jws.createSignatureInput(author), + recordId : message.recordId, + authorizationSigner : Jws.createSigner(author), }); const deleteReply = await dwn.processMessage(tenant, recordsDelete.message); expect(deleteReply.status.code).to.equal(202); const write = await RecordsWrite.createFrom({ unsignedRecordsWriteMessage : message, - authorizationSignatureInput : Jws.createSignatureInput(author), + authorizationSigner : Jws.createSigner(author), }); const withoutDataReply = await dwn.processMessage(tenant, write.message); @@ -507,15 +507,15 @@ export function testRecordsWriteHandler(): void { expect(initialWriteReply.status.code).to.equal(202); const recordsDelete = await RecordsDelete.create({ - recordId : message.recordId, - authorizationSignatureInput : Jws.createSignatureInput(author), + recordId : message.recordId, + authorizationSigner : Jws.createSigner(author), }); const deleteReply = await dwn.processMessage(tenant, recordsDelete.message); expect(deleteReply.status.code).to.equal(202); const write = await RecordsWrite.createFrom({ unsignedRecordsWriteMessage : message, - authorizationSignatureInput : Jws.createSignatureInput(author), + authorizationSigner : Jws.createSigner(author), }); const withoutDataReply = await dwn.processMessage(tenant, write.message); @@ -642,7 +642,7 @@ export function testRecordsWriteHandler(): void { filter: { recordId: write2.message.recordId, }, - authorizationSignatureInput: Jws.createSignatureInput(alice) + authorizationSigner: Jws.createSigner(alice) }); const readReply = await dwn.handleRecordsRead(alice.did, read.message); @@ -675,7 +675,7 @@ export function testRecordsWriteHandler(): void { const newWrite = await RecordsWrite.createFrom({ unsignedRecordsWriteMessage : recordsWrite.message, published : true, - authorizationSignatureInput : Jws.createSignatureInput(author) + authorizationSigner : Jws.createSigner(author) }); const newWriteReply = await dwn.processMessage(tenant, newWrite.message); @@ -712,7 +712,7 @@ export function testRecordsWriteHandler(): void { const newWrite = await RecordsWrite.createFrom({ unsignedRecordsWriteMessage : recordsWrite.message, data : newData, - authorizationSignatureInput : Jws.createSignatureInput(author) + authorizationSigner : Jws.createSigner(author) }); const newWriteReply = await dwn.processMessage(tenant, newWrite.message, DataStream.fromBytes(newData)); @@ -804,7 +804,7 @@ export function testRecordsWriteHandler(): void { const newWrite = await RecordsWrite.createFrom({ unsignedRecordsWriteMessage : recordsWrite.message, published : true, - authorizationSignatureInput : Jws.createSignatureInput(author) + authorizationSigner : Jws.createSigner(author) }); const newWriteReply = await dwn.processMessage(author.did, newWrite.message); @@ -813,7 +813,7 @@ export function testRecordsWriteHandler(): void { const newestWrite = await RecordsWrite.createFrom({ unsignedRecordsWriteMessage : recordsWrite.message, published : true, - authorizationSignatureInput : Jws.createSignatureInput(author) + authorizationSigner : Jws.createSigner(author) }); const newestWriteReply = await dwn.processMessage(author.did, newestWrite.message); @@ -1786,7 +1786,7 @@ export function testRecordsWriteHandler(): void { descriptorCid, attestation, recordsWrite.message.encryption, - Jws.createSignatureInput(alice), + Jws.createSigner(alice), undefined ); recordsWrite.message = { @@ -1851,7 +1851,7 @@ export function testRecordsWriteHandler(): void { filter: { recordId: imageRecordsWrite.message.recordId, }, - authorizationSignatureInput: Jws.createSignatureInput(bob) + authorizationSigner: Jws.createSigner(bob) }); const bobRecordsReadReply = await dwn.handleRecordsRead(alice.did, bobRecordsReadData.message); @@ -2620,7 +2620,7 @@ export function testRecordsWriteHandler(): void { const newWrite = await RecordsWrite.createFrom({ unsignedRecordsWriteMessage : message, published : true, - authorizationSignatureInput : Jws.createSignatureInput(alice), + authorizationSigner : Jws.createSigner(alice), data : updatedDataBytes, }); @@ -2646,7 +2646,7 @@ export function testRecordsWriteHandler(): void { const authorizationPayload = { ...recordsWrite.authorizationPayload }; authorizationPayload.recordId = await TestDataGenerator.randomCborSha256Cid(); // make recordId mismatch in authorization payload const authorizationPayloadBytes = Encoder.objectToBytes(authorizationPayload); - const signatureInput = Jws.createSignatureInput(author); + const signatureInput = Jws.createSigner(author); const jwsBuilder = await GeneralJwsBuilder.create(authorizationPayloadBytes, [signatureInput]); message.authorization = jwsBuilder.getJws(); @@ -2670,7 +2670,7 @@ export function testRecordsWriteHandler(): void { const authorizationPayload = { ...recordsWrite.authorizationPayload }; authorizationPayload.contextId = await TestDataGenerator.randomCborSha256Cid(); // make contextId mismatch in authorization payload const authorizationPayloadBytes = Encoder.objectToBytes(authorizationPayload); - const signatureInput = Jws.createSignatureInput(author); + const signatureInput = Jws.createSigner(author); const jwsBuilder = await GeneralJwsBuilder.create(authorizationPayloadBytes, [signatureInput]); message.authorization = jwsBuilder.getJws(); @@ -2725,7 +2725,7 @@ export function testRecordsWriteHandler(): void { it('should fail with 400 if `attestation` payload contains properties other than `descriptorCid`', async () => { const { author, message, recordsWrite, dataStream } = await TestDataGenerator.generateRecordsWrite(); const tenant = author.did; - const signatureInput = Jws.createSignatureInput(author); + const signatureInput = Jws.createSigner(author); // replace `attestation` with one that has an additional property, but go the extra mile of making sure signature is valid const descriptorCid = recordsWrite.authorizationPayload!.descriptorCid; @@ -2786,7 +2786,7 @@ export function testRecordsWriteHandler(): void { // replace valid attestation (the one signed by `authorization` with another attestation to the same message (descriptorCid) const bob = await DidKeyResolver.generate(); const descriptorCid = await Cid.computeCid(message.descriptor); - const attestationNotReferencedByAuthorization = await RecordsWrite['createAttestation'](descriptorCid, Jws.createSignatureInputs([bob])); + const attestationNotReferencedByAuthorization = await RecordsWrite['createAttestation'](descriptorCid, Jws.createSigners([bob])); message.attestation = attestationNotReferencedByAuthorization; const recordsWriteHandler = new RecordsWriteHandler(didResolver, messageStore, dataStore, eventLog); diff --git a/tests/interfaces/events-get.spec.ts b/tests/interfaces/events-get.spec.ts index 4b600813a..4925c6a75 100644 --- a/tests/interfaces/events-get.spec.ts +++ b/tests/interfaces/events-get.spec.ts @@ -10,8 +10,8 @@ describe('EventsGet Message', () => { it('creates an EventsGet message', async () => { const alice = await TestDataGenerator.generatePersona(); const eventsGet = await EventsGet.create({ - watermark : 'yolo', - authorizationSignatureInput : await Jws.createSignatureInput(alice) + watermark : 'yolo', + authorizationSigner : await Jws.createSigner(alice) }); const { message } = eventsGet; @@ -23,7 +23,7 @@ describe('EventsGet Message', () => { it('doesnt require a watermark', async () => { const alice = await TestDataGenerator.generatePersona(); const eventsGet = await EventsGet.create({ - authorizationSignatureInput: await Jws.createSignatureInput(alice) + authorizationSigner: await Jws.createSigner(alice) }); const message = eventsGet.message; @@ -37,8 +37,8 @@ describe('EventsGet Message', () => { it('parses a message into an EventsGet instance', async () => { const alice = await TestDataGenerator.generatePersona(); const eventsGet = await EventsGet.create({ - watermark : 'yolo', - authorizationSignatureInput : await Jws.createSignatureInput(alice) + watermark : 'yolo', + authorizationSigner : await Jws.createSigner(alice) }); const parsed = await EventsGet.parse(eventsGet.message); @@ -53,8 +53,8 @@ describe('EventsGet Message', () => { it('throws an exception if message is not a valid EventsGet message', async () => { const alice = await TestDataGenerator.generatePersona(); const eventsGet = await EventsGet.create({ - watermark : 'yolo', - authorizationSignatureInput : await Jws.createSignatureInput(alice) + watermark : 'yolo', + authorizationSigner : await Jws.createSigner(alice) }); const { message } = eventsGet; diff --git a/tests/interfaces/messages-get.spec.ts b/tests/interfaces/messages-get.spec.ts index 36a051b69..718894329 100644 --- a/tests/interfaces/messages-get.spec.ts +++ b/tests/interfaces/messages-get.spec.ts @@ -13,8 +13,8 @@ describe('MessagesGet Message', () => { const messageCid = await Message.getCid(message); const messagesGet = await MessagesGet.create({ - authorizationSignatureInput : await Jws.createSignatureInput(author), - messageCids : [messageCid] + authorizationSigner : await Jws.createSigner(author), + messageCids : [messageCid] }); expect(messagesGet.message.authorization).to.exist; @@ -29,8 +29,8 @@ describe('MessagesGet Message', () => { try { await MessagesGet.create({ - authorizationSignatureInput : await Jws.createSignatureInput(alice), - messageCids : [] + authorizationSigner : await Jws.createSigner(alice), + messageCids : [] }); expect.fail(); @@ -45,8 +45,8 @@ describe('MessagesGet Message', () => { try { await MessagesGet.create({ - authorizationSignatureInput : await Jws.createSignatureInput(alice), - messageCids : ['abcd'] + authorizationSigner : await Jws.createSigner(alice), + messageCids : ['abcd'] }); expect.fail(); @@ -62,8 +62,8 @@ describe('MessagesGet Message', () => { let messageCid = await Message.getCid(message); const messagesGet = await MessagesGet.create({ - authorizationSignatureInput : await Jws.createSignatureInput(author), - messageCids : [messageCid] + authorizationSigner : await Jws.createSigner(author), + messageCids : [messageCid] }); const parsed = await MessagesGet.parse(messagesGet.message); @@ -80,8 +80,8 @@ describe('MessagesGet Message', () => { const messageCid = await Message.getCid(recordsWriteMessage); const messagesGet = await MessagesGet.create({ - authorizationSignatureInput : await Jws.createSignatureInput(author), - messageCids : [messageCid] + authorizationSigner : await Jws.createSigner(author), + messageCids : [messageCid] }); const message = messagesGet.toJSON() as MessagesGetMessage; diff --git a/tests/interfaces/permissions-grant.spec.ts b/tests/interfaces/permissions-grant.spec.ts index 93aea725b..33f783d41 100644 --- a/tests/interfaces/permissions-grant.spec.ts +++ b/tests/interfaces/permissions-grant.spec.ts @@ -16,13 +16,7 @@ describe('PermissionsGrant', () => { describe('create()', async () => { it('creates a PermissionsGrant message', async () => { const { privateJwk } = await Secp256k1.generateKeyPair(); - const authorizationSignatureInput = { - signer : new PrivateKeySigner(privateJwk), - protectedHeader : { - alg : privateJwk.alg as string, - kid : 'did:jank:bob' - } - }; + const authorizationSigner = new PrivateKeySigner({ privateJwk, keyId: 'did:jank:bob' }); const { message } = await PermissionsGrant.create({ dateExpires : getCurrentTimeInHighPrecision(), @@ -31,7 +25,7 @@ describe('PermissionsGrant', () => { grantedTo : 'did:jank:alice', grantedFor : 'did:jank:bob', scope : { interface: DwnInterfaceName.Records, method: DwnMethodName.Write }, - authorizationSignatureInput + authorizationSigner }); expect(message.descriptor.grantedTo).to.equal('did:jank:alice'); @@ -44,20 +38,14 @@ describe('PermissionsGrant', () => { describe('scope validations', () => { it('ensures that `schema` and protocol related fields `protocol`, `contextId` or `protocolPath`', async () => { const { privateJwk } = await Secp256k1.generateKeyPair(); - const authorizationSignatureInput = { - signer : new PrivateKeySigner(privateJwk), - protectedHeader : { - alg : privateJwk.alg as string, - kid : 'did:jank:bob' - } - }; + const authorizationSigner = new PrivateKeySigner({ privateJwk, keyId: 'did:jank:bob' }); const permissionsGrantOptions = { dateExpires : getCurrentTimeInHighPrecision(), grantedBy : 'did:jank:bob', grantedTo : 'did:jank:alice', grantedFor : 'did:jank:bob', - authorizationSignatureInput + authorizationSigner }; // Reject when `schema` and `protocol` are both present @@ -93,20 +81,14 @@ describe('PermissionsGrant', () => { it('ensures that `contextId` and `protocolPath` are not both present', async () => { const { privateJwk } = await Secp256k1.generateKeyPair(); - const authorizationSignatureInput = { - signer : new PrivateKeySigner(privateJwk), - protectedHeader : { - alg : privateJwk.alg as string, - kid : 'did:jank:bob' - } - }; + const authorizationSigner = new PrivateKeySigner({ privateJwk, keyId: 'did:jank:bob' }); const permissionsGrantOptions = { dateExpires : getCurrentTimeInHighPrecision(), grantedBy : 'did:jank:bob', grantedTo : 'did:jank:alice', grantedFor : 'did:jank:bob', - authorizationSignatureInput + authorizationSigner }; // Allow when `context to be present ` and `protocol` are both present @@ -129,13 +111,7 @@ describe('PermissionsGrant', () => { const bob = await TestDataGenerator.generatePersona(); const { privateJwk } = await Secp256k1.generateKeyPair(); - const authorizationSignatureInput = { - signer : new PrivateKeySigner(privateJwk), - protectedHeader : { - alg : privateJwk.alg as string, - kid : alice.did - } - }; + const authorizationSigner = new PrivateKeySigner({ privateJwk, keyId: alice.did }); const { permissionsRequest } = await TestDataGenerator.generatePermissionsRequest({ author : bob, @@ -146,7 +122,7 @@ describe('PermissionsGrant', () => { }); const dateExpires = Temporal.Now.instant().add({ hours: 24 }).toString({ smallestUnit: 'microseconds' }); - const permissionsGrant = await PermissionsGrant.createFromPermissionsRequest(permissionsRequest, authorizationSignatureInput, { dateExpires }); + const permissionsGrant = await PermissionsGrant.createFromPermissionsRequest(permissionsRequest, authorizationSigner, { dateExpires }); expect(permissionsGrant.author).to.eq(alice.did); expect(permissionsGrant.message.descriptor.description).to.eq(permissionsRequest.message.descriptor.description); @@ -164,13 +140,7 @@ describe('PermissionsGrant', () => { const carol = await DidKeyResolver.generate(); const { privateJwk } = await Secp256k1.generateKeyPair(); - const authorizationSignatureInput = { - signer : new PrivateKeySigner(privateJwk), - protectedHeader : { - alg : privateJwk.alg as string, - kid : alice.did - } - }; + const authorizationSigner = new PrivateKeySigner({ privateJwk, keyId: `${alice.did}#key1` }); const { permissionsRequest } = await TestDataGenerator.generatePermissionsRequest(); @@ -191,7 +161,7 @@ describe('PermissionsGrant', () => { } }; - const permissionsGrant = await PermissionsGrant.createFromPermissionsRequest(permissionsRequest, authorizationSignatureInput, overrides); + const permissionsGrant = await PermissionsGrant.createFromPermissionsRequest(permissionsRequest, authorizationSigner, overrides); expect(permissionsGrant.author).to.eq(alice.did); expect(permissionsGrant.message.descriptor.description).to.eq(description); diff --git a/tests/interfaces/permissions-request.spec.ts b/tests/interfaces/permissions-request.spec.ts index b1a7650f0..56197ac9f 100644 --- a/tests/interfaces/permissions-request.spec.ts +++ b/tests/interfaces/permissions-request.spec.ts @@ -12,13 +12,7 @@ describe('PermissionsRequest', () => { describe('create', () => { it('creates a PermissionsRequest message', async () => { const { privateJwk } = await Secp256k1.generateKeyPair(); - const authorizationSignatureInput = { - signer : new PrivateKeySigner(privateJwk), - protectedHeader : { - alg : privateJwk.alg as string, - kid : 'did:jank:bob' - } - }; + const authorizationSigner = new PrivateKeySigner({ privateJwk, keyId: 'did:jank:bob' }); const { message } = await PermissionsRequest.create({ description : 'drugs', @@ -30,7 +24,7 @@ describe('PermissionsRequest', () => { method : DwnMethodName.Write, protocol : 'some-protocol', }, - authorizationSignatureInput + authorizationSigner }); expect(message.descriptor.grantedTo).to.equal('did:jank:alice'); diff --git a/tests/interfaces/protocols-configure.spec.ts b/tests/interfaces/protocols-configure.spec.ts index 2250ae6a2..f0ec1ee0d 100644 --- a/tests/interfaces/protocols-configure.spec.ts +++ b/tests/interfaces/protocols-configure.spec.ts @@ -19,9 +19,9 @@ describe('ProtocolsConfigure', () => { const currentTime = getCurrentTimeInHighPrecision(); const definition = { ...dexProtocolDefinition }; const protocolsConfigure = await ProtocolsConfigure.create({ - messageTimestamp : currentTime, + messageTimestamp : currentTime, definition, - authorizationSignatureInput : Jws.createSignatureInput(alice), + authorizationSigner : Jws.createSigner(alice), }); expect(protocolsConfigure.message.descriptor.messageTimestamp).to.equal(currentTime); @@ -32,10 +32,10 @@ describe('ProtocolsConfigure', () => { const definition = { ...dexProtocolDefinition, protocol: 'example.com/' }; const options = { - recipient : alice.did, - data : TestDataGenerator.randomBytes(10), - dataFormat : 'application/json', - authorizationSignatureInput : Jws.createSignatureInput(alice), + recipient : alice.did, + data : TestDataGenerator.randomBytes(10), + dataFormat : 'application/json', + authorizationSigner : Jws.createSigner(alice), definition, }; const protocolsConfig = await ProtocolsConfigure.create(options); @@ -52,12 +52,12 @@ describe('ProtocolsConfigure', () => { nonnormalizedDexProtocol.types.ask.schema = 'ask'; const options = { - recipient : alice.did, - data : TestDataGenerator.randomBytes(10), - dataFormat : 'application/json', - authorizationSignatureInput : Jws.createSignatureInput(alice), - protocol : 'example.com/', - definition : nonnormalizedDexProtocol + recipient : alice.did, + data : TestDataGenerator.randomBytes(10), + dataFormat : 'application/json', + authorizationSigner : Jws.createSigner(alice), + protocol : 'example.com/', + definition : nonnormalizedDexProtocol }; const protocolsConfig = await ProtocolsConfigure.create(options); diff --git a/tests/interfaces/protocols-query.spec.ts b/tests/interfaces/protocols-query.spec.ts index 3a068e9b2..efba55f6c 100644 --- a/tests/interfaces/protocols-query.spec.ts +++ b/tests/interfaces/protocols-query.spec.ts @@ -18,9 +18,9 @@ describe('ProtocolsQuery', () => { const currentTime = getCurrentTimeInHighPrecision(); const protocolsQuery = await ProtocolsQuery.create({ - filter : { protocol: 'anyValue' }, - messageTimestamp : currentTime, - authorizationSignatureInput : Jws.createSignatureInput(alice), + filter : { protocol: 'anyValue' }, + messageTimestamp : currentTime, + authorizationSigner : Jws.createSigner(alice), }); expect(protocolsQuery.message.descriptor.messageTimestamp).to.equal(currentTime); @@ -31,12 +31,12 @@ describe('ProtocolsQuery', () => { const alice = await TestDataGenerator.generatePersona(); const options = { - recipient : alice.did, - data : TestDataGenerator.randomBytes(10), - dataFormat : 'application/json', - authorizationSignatureInput : Jws.createSignatureInput(alice), - filter : { protocol: 'example.com/' }, - definition : dexProtocolDefinition + recipient : alice.did, + data : TestDataGenerator.randomBytes(10), + dataFormat : 'application/json', + authorizationSigner : Jws.createSigner(alice), + filter : { protocol: 'example.com/' }, + definition : dexProtocolDefinition }; const protocolsConfig = await ProtocolsQuery.create(options); diff --git a/tests/interfaces/records-delete.spec.ts b/tests/interfaces/records-delete.spec.ts index f137a8015..8ae854ad4 100644 --- a/tests/interfaces/records-delete.spec.ts +++ b/tests/interfaces/records-delete.spec.ts @@ -15,9 +15,9 @@ describe('RecordsDelete', () => { const currentTime = getCurrentTimeInHighPrecision(); const recordsDelete = await RecordsDelete.create({ - recordId : 'anything', - authorizationSignatureInput : Jws.createSignatureInput(alice), - messageTimestamp : currentTime + recordId : 'anything', + authorizationSigner : Jws.createSigner(alice), + messageTimestamp : currentTime }); expect(recordsDelete.message.descriptor.messageTimestamp).to.equal(currentTime); @@ -27,8 +27,8 @@ describe('RecordsDelete', () => { const alice = await TestDataGenerator.generatePersona(); const recordsDelete = await RecordsDelete.create({ - recordId : 'anything', - authorizationSignatureInput : Jws.createSignatureInput(alice) + recordId : 'anything', + authorizationSigner : Jws.createSigner(alice) }); expect(recordsDelete.message.descriptor.messageTimestamp).to.exist; diff --git a/tests/interfaces/records-query.spec.ts b/tests/interfaces/records-query.spec.ts index 8e02a6bdf..9c8ee3561 100644 --- a/tests/interfaces/records-query.spec.ts +++ b/tests/interfaces/records-query.spec.ts @@ -18,9 +18,9 @@ describe('RecordsQuery', () => { const currentTime = getCurrentTimeInHighPrecision(); const recordsQuery = await RecordsQuery.create({ - filter : { schema: 'anything' }, - messageTimestamp : currentTime, - authorizationSignatureInput : Jws.createSignatureInput(alice), + filter : { schema: 'anything' }, + messageTimestamp : currentTime, + authorizationSigner : Jws.createSigner(alice), }); expect(recordsQuery.message.descriptor.messageTimestamp).to.equal(currentTime); @@ -30,12 +30,12 @@ describe('RecordsQuery', () => { const alice = await TestDataGenerator.generatePersona(); const options = { - recipient : alice.did, - data : TestDataGenerator.randomBytes(10), - dataFormat : 'application/json', - authorizationSignatureInput : Jws.createSignatureInput(alice), - filter : { protocol: 'example.com/' }, - definition : dexProtocolDefinition + recipient : alice.did, + data : TestDataGenerator.randomBytes(10), + dataFormat : 'application/json', + authorizationSigner : Jws.createSigner(alice), + filter : { protocol: 'example.com/' }, + definition : dexProtocolDefinition }; const recordsQuery = await RecordsQuery.create(options); @@ -48,12 +48,12 @@ describe('RecordsQuery', () => { const alice = await TestDataGenerator.generatePersona(); const options = { - recipient : alice.did, - data : TestDataGenerator.randomBytes(10), - dataFormat : 'application/json', - authorizationSignatureInput : Jws.createSignatureInput(alice), - filter : { schema: 'example.com/' }, - definition : dexProtocolDefinition + recipient : alice.did, + data : TestDataGenerator.randomBytes(10), + dataFormat : 'application/json', + authorizationSigner : Jws.createSigner(alice), + filter : { schema: 'example.com/' }, + definition : dexProtocolDefinition }; const recordsQuery = await RecordsQuery.create(options); diff --git a/tests/interfaces/records-read.spec.ts b/tests/interfaces/records-read.spec.ts index 1f40fc977..100b4c8e7 100644 --- a/tests/interfaces/records-read.spec.ts +++ b/tests/interfaces/records-read.spec.ts @@ -21,8 +21,8 @@ describe('RecordsRead', () => { filter: { recordId: 'anything', }, - authorizationSignatureInput : Jws.createSignatureInput(alice), - date : currentTime + authorizationSigner : Jws.createSigner(alice), + date : currentTime }); expect(recordsRead.message.descriptor.messageTimestamp).to.equal(currentTime); @@ -32,12 +32,12 @@ describe('RecordsRead', () => { const alice = await TestDataGenerator.generatePersona(); const options = { - recipient : alice.did, - data : TestDataGenerator.randomBytes(10), - dataFormat : 'application/json', - authorizationSignatureInput : Jws.createSignatureInput(alice), - filter : { protocol: 'example.com/' }, - definition : dexProtocolDefinition + recipient : alice.did, + data : TestDataGenerator.randomBytes(10), + dataFormat : 'application/json', + authorizationSigner : Jws.createSigner(alice), + filter : { protocol: 'example.com/' }, + definition : dexProtocolDefinition }; const recordsQuery = await RecordsRead.create(options); @@ -50,12 +50,12 @@ describe('RecordsRead', () => { const alice = await TestDataGenerator.generatePersona(); const options = { - recipient : alice.did, - data : TestDataGenerator.randomBytes(10), - dataFormat : 'application/json', - authorizationSignatureInput : Jws.createSignatureInput(alice), - filter : { schema: 'example.com/' }, - definition : dexProtocolDefinition + recipient : alice.did, + data : TestDataGenerator.randomBytes(10), + dataFormat : 'application/json', + authorizationSigner : Jws.createSigner(alice), + filter : { schema: 'example.com/' }, + definition : dexProtocolDefinition }; const recordsQuery = await RecordsRead.create(options); diff --git a/tests/interfaces/records-write.spec.ts b/tests/interfaces/records-write.spec.ts index 0a6428477..54c99f867 100644 --- a/tests/interfaces/records-write.spec.ts +++ b/tests/interfaces/records-write.spec.ts @@ -23,11 +23,11 @@ describe('RecordsWrite', () => { const alice = await TestDataGenerator.generatePersona(); const options = { - data : TestDataGenerator.randomBytes(10), - dataFormat : 'application/json', - dateCreated : '2022-10-14T10:20:30.405060Z', - recordId : await TestDataGenerator.randomCborSha256Cid(), - authorizationSignatureInput : Jws.createSignatureInput(alice) + data : TestDataGenerator.randomBytes(10), + dataFormat : 'application/json', + dateCreated : '2022-10-14T10:20:30.405060Z', + recordId : await TestDataGenerator.randomCborSha256Cid(), + authorizationSigner : Jws.createSigner(alice) }; const recordsWrite = await RecordsWrite.create(options); @@ -47,11 +47,11 @@ describe('RecordsWrite', () => { const alice = await TestDataGenerator.generatePersona(); const options = { - data : TestDataGenerator.randomBytes(10), - dataFormat : 'application/json', - recordId : await TestDataGenerator.randomCborSha256Cid(), - published : true, - authorizationSignatureInput : Jws.createSignatureInput(alice) + data : TestDataGenerator.randomBytes(10), + dataFormat : 'application/json', + recordId : await TestDataGenerator.randomCborSha256Cid(), + published : true, + authorizationSigner : Jws.createSigner(alice) }; const recordsWrite = await RecordsWrite.create(options); @@ -65,13 +65,13 @@ describe('RecordsWrite', () => { // testing `data` and `dataCid` both defined const options1 = { - recipient : alice.did, - data : TestDataGenerator.randomBytes(10), - dataCid : await TestDataGenerator.randomCborSha256Cid(), - dataFormat : 'application/json', - recordId : await TestDataGenerator.randomCborSha256Cid(), - published : true, - authorizationSignatureInput : Jws.createSignatureInput(alice) + recipient : alice.did, + data : TestDataGenerator.randomBytes(10), + dataCid : await TestDataGenerator.randomCborSha256Cid(), + dataFormat : 'application/json', + recordId : await TestDataGenerator.randomCborSha256Cid(), + published : true, + authorizationSigner : Jws.createSigner(alice) }; const createPromise1 = RecordsWrite.create(options1); @@ -79,14 +79,14 @@ describe('RecordsWrite', () => { // testing `data` and `dataCid` both undefined const options2 = { - recipient : alice.did, + recipient : alice.did, // intentionally showing both `data` and `dataCid` are undefined // data : TestDataGenerator.randomBytes(10), // dataCid : await TestDataGenerator.randomCborSha256Cid(), - dataFormat : 'application/json', - recordId : await TestDataGenerator.randomCborSha256Cid(), - published : true, - authorizationSignatureInput : Jws.createSignatureInput(alice) + dataFormat : 'application/json', + recordId : await TestDataGenerator.randomCborSha256Cid(), + published : true, + authorizationSigner : Jws.createSigner(alice) }; const createPromise2 = RecordsWrite.create(options2); @@ -97,27 +97,27 @@ describe('RecordsWrite', () => { const alice = await TestDataGenerator.generatePersona(); const options1 = { - recipient : alice.did, - dataCid : await TestDataGenerator.randomCborSha256Cid(), + recipient : alice.did, + dataCid : await TestDataGenerator.randomCborSha256Cid(), // dataSize : 123, // intentionally missing - dataFormat : 'application/json', - recordId : await TestDataGenerator.randomCborSha256Cid(), - published : true, - authorizationSignatureInput : Jws.createSignatureInput(alice) + dataFormat : 'application/json', + recordId : await TestDataGenerator.randomCborSha256Cid(), + published : true, + authorizationSigner : Jws.createSigner(alice) }; const createPromise1 = RecordsWrite.create(options1); await expect(createPromise1).to.be.rejectedWith('`dataCid` and `dataSize` must both be defined or undefined at the same time'); const options2 = { - recipient : alice.did, - data : TestDataGenerator.randomBytes(10), + recipient : alice.did, + data : TestDataGenerator.randomBytes(10), // dataCid : await TestDataGenerator.randomCborSha256Cid(), // intentionally missing - dataSize : 123, - dataFormat : 'application/json', - recordId : await TestDataGenerator.randomCborSha256Cid(), - published : true, - authorizationSignatureInput : Jws.createSignatureInput(alice) + dataSize : 123, + dataFormat : 'application/json', + recordId : await TestDataGenerator.randomCborSha256Cid(), + published : true, + authorizationSigner : Jws.createSigner(alice) }; const createPromise2 = RecordsWrite.create(options2); @@ -128,13 +128,13 @@ describe('RecordsWrite', () => { const alice = await TestDataGenerator.generatePersona(); const options = { - recipient : alice.did, - data : TestDataGenerator.randomBytes(10), - dataFormat : 'application/json', - authorizationSignatureInput : Jws.createSignatureInput(alice), - protocol : 'example.com/', - protocolPath : 'example', - schema : 'http://foo.bar/schema' + recipient : alice.did, + data : TestDataGenerator.randomBytes(10), + dataFormat : 'application/json', + authorizationSigner : Jws.createSigner(alice), + protocol : 'example.com/', + protocolPath : 'example', + schema : 'http://foo.bar/schema' }; const recordsWrite = await RecordsWrite.create(options); @@ -147,29 +147,29 @@ describe('RecordsWrite', () => { const alice = await TestDataGenerator.generatePersona(); const options1 = { - recipient : alice.did, - protocol : 'http://example.com', + recipient : alice.did, + protocol : 'http://example.com', // protocolPath : 'foo/bar', // intentionally missing - dataCid : await TestDataGenerator.randomCborSha256Cid(), - dataSize : 123, - dataFormat : 'application/json', - recordId : await TestDataGenerator.randomCborSha256Cid(), - authorizationSignatureInput : Jws.createSignatureInput(alice) + dataCid : await TestDataGenerator.randomCborSha256Cid(), + dataSize : 123, + dataFormat : 'application/json', + recordId : await TestDataGenerator.randomCborSha256Cid(), + authorizationSigner : Jws.createSigner(alice) }; const createPromise1 = RecordsWrite.create(options1); await expect(createPromise1).to.be.rejectedWith('`protocol` and `protocolPath` must both be defined or undefined at the same time'); const options2 = { - recipient : alice.did, + recipient : alice.did, // protocol : 'http://example.com', // intentionally missing - protocolPath : 'foo/bar', - data : TestDataGenerator.randomBytes(10), - dataCid : await TestDataGenerator.randomCborSha256Cid(), - dataSize : 123, - dataFormat : 'application/json', - recordId : await TestDataGenerator.randomCborSha256Cid(), - authorizationSignatureInput : Jws.createSignatureInput(alice) + protocolPath : 'foo/bar', + data : TestDataGenerator.randomBytes(10), + dataCid : await TestDataGenerator.randomCborSha256Cid(), + dataSize : 123, + dataFormat : 'application/json', + recordId : await TestDataGenerator.randomCborSha256Cid(), + authorizationSigner : Jws.createSigner(alice) }; const createPromise2 = RecordsWrite.create(options2); @@ -180,15 +180,15 @@ describe('RecordsWrite', () => { const alice = await TestDataGenerator.generatePersona(); const options: RecordsWriteOptions = { - schema : 'http://any-schema.com', - protocol : 'http://example.com', - protocolPath : 'foo/bar', - parentId : await TestDataGenerator.randomCborSha256Cid(), - dataCid : await TestDataGenerator.randomCborSha256Cid(), - dataSize : 123, - dataFormat : 'application/json', - recordId : await TestDataGenerator.randomCborSha256Cid(), - authorizationSignatureInput : Jws.createSignatureInput(alice) + schema : 'http://any-schema.com', + protocol : 'http://example.com', + protocolPath : 'foo/bar', + parentId : await TestDataGenerator.randomCborSha256Cid(), + dataCid : await TestDataGenerator.randomCborSha256Cid(), + dataSize : 123, + dataFormat : 'application/json', + recordId : await TestDataGenerator.randomCborSha256Cid(), + authorizationSigner : Jws.createSigner(alice) }; const createPromise = RecordsWrite.create(options); @@ -200,25 +200,24 @@ describe('RecordsWrite', () => { // create a custom signer const hardCodedSignature = Encoder.stringToBytes('some_hard_coded_signature'); class CustomSigner implements Signer { + public keyId = 'did:example:alice#key1'; + public algorithm = 'unused'; public async sign (_content: Uint8Array): Promise { return hardCodedSignature; } } - const signer = new CustomSigner(); + const authorizationSigner = new CustomSigner(); const options: RecordsWriteOptions = { - schema : 'http://any-schema.com', - protocol : 'http://example.com', - protocolPath : 'foo/bar', - dataCid : await TestDataGenerator.randomCborSha256Cid(), - dataSize : 123, - dataFormat : 'application/json', - recordId : await TestDataGenerator.randomCborSha256Cid(), - authorizationSignatureInput : { - signer, - protectedHeader: { alg: 'unused', kid: 'did:example:alice#key1' } - } + schema : 'http://any-schema.com', + protocol : 'http://example.com', + protocolPath : 'foo/bar', + dataCid : await TestDataGenerator.randomCborSha256Cid(), + dataSize : 123, + dataFormat : 'application/json', + recordId : await TestDataGenerator.randomCborSha256Cid(), + authorizationSigner }; const recordsWrite = await RecordsWrite.create(options); @@ -243,9 +242,9 @@ describe('RecordsWrite', () => { // intentionally generating a record that is not protocol-based const createPromise = RecordsWrite.create({ - authorizationSignatureInput : Jws.createSignatureInput(alice), - dataFormat : 'application/json', - data : TestDataGenerator.randomBytes(10), + authorizationSigner : Jws.createSigner(alice), + dataFormat : 'application/json', + data : TestDataGenerator.randomBytes(10), encryptionInput }); @@ -269,9 +268,9 @@ describe('RecordsWrite', () => { // intentionally generating a record that is without `schema` const createPromise = RecordsWrite.create({ - authorizationSignatureInput : Jws.createSignatureInput(alice), - dataFormat : 'application/octet-stream', - data : TestDataGenerator.randomBytes(10), + authorizationSigner : Jws.createSigner(alice), + dataFormat : 'application/octet-stream', + data : TestDataGenerator.randomBytes(10), encryptionInput }); @@ -288,7 +287,7 @@ describe('RecordsWrite', () => { const write = await RecordsWrite.createFrom({ unsignedRecordsWriteMessage : recordsWrite.message, datePublished : getCurrentTimeInHighPrecision(), - authorizationSignatureInput : Jws.createSignatureInput(author) + authorizationSigner : Jws.createSigner(author) }); expect(write.message.descriptor.published).to.be.true; @@ -324,7 +323,7 @@ describe('RecordsWrite', () => { expect(recordsWrite.author).to.not.exist; expect(recordsWrite.authorizationPayload).to.not.exist; - expect(() => recordsWrite.message).to.throw(DwnErrorCode.RecordsWriteMissingAuthorizationSignatureInput); + expect(() => recordsWrite.message).to.throw(DwnErrorCode.RecordsWriteMissingauthorizationSigner); }); }); }); diff --git a/tests/interfaces/snapshots-create.spec.ts b/tests/interfaces/snapshots-create.spec.ts index 6b5dc57e5..5f19b5a0c 100644 --- a/tests/interfaces/snapshots-create.spec.ts +++ b/tests/interfaces/snapshots-create.spec.ts @@ -30,9 +30,9 @@ describe('SnapshotsCreate', () => { }; const snapshotsCreate = await SnapshotsCreate.create({ - messageTimestamp : currentTime, + messageTimestamp : currentTime, definition, - authorizationSignatureInput : Jws.createSignatureInput(alice), + authorizationSigner : Jws.createSigner(alice), }); expect(snapshotsCreate.message.descriptor.messageTimestamp).to.equal(currentTime); diff --git a/tests/jose/jws/general.spec.ts b/tests/jose/jws/general.spec.ts index 4e026fb81..b642e7c24 100644 --- a/tests/jose/jws/general.spec.ts +++ b/tests/jose/jws/general.spec.ts @@ -23,16 +23,16 @@ describe('General JWS Sign/Verify', () => { it('should sign and verify secp256k1 signature using a key vector correctly', async () => { const { privateJwk, publicJwk } = await secp256k1.generateKeyPair(); const payloadBytes = new TextEncoder().encode('anyPayloadValue'); - const protectedHeader = { alg: 'ES256K', kid: 'did:jank:alice#key1' }; + const keyId = 'did:jank:alice#key1'; - const jwsBuilder = await GeneralJwsBuilder.create(payloadBytes, [{ signer: new PrivateKeySigner(privateJwk), protectedHeader }]); + const jwsBuilder = await GeneralJwsBuilder.create(payloadBytes, [new PrivateKeySigner({ privateJwk, keyId })]); const jws = jwsBuilder.getJws(); const mockResolutionResult = { didResolutionMetadata : {}, didDocument : { verificationMethod: [{ - id : 'did:jank:alice#key1', + id : keyId, type : 'JsonWebKey2020', controller : 'did:jank:alice', publicKeyJwk : publicJwk @@ -57,9 +57,9 @@ describe('General JWS Sign/Verify', () => { it('should sign and verify ed25519 signature using a key vector correctly', async () => { const { privateJwk, publicJwk } = await Ed25519.generateKeyPair(); const payloadBytes = new TextEncoder().encode('anyPayloadValue'); - const protectedHeader = { alg: 'EdDSA', kid: 'did:jank:alice#key1' }; + const keyId = 'did:jank:alice#key1'; - const jwsBuilder = await GeneralJwsBuilder.create(payloadBytes, [{ signer: new PrivateKeySigner(privateJwk), protectedHeader }]); + const jwsBuilder = await GeneralJwsBuilder.create(payloadBytes, [new PrivateKeySigner({ privateJwk, keyId })]); const jws = jwsBuilder.getJws(); const mockResolutionResult = { @@ -96,7 +96,7 @@ describe('General JWS Sign/Verify', () => { did : 'did:jank:alice', privateJwk : secp256k1Keys.privateJwk, jwkPublic : secp256k1Keys.publicJwk, - protectedHeader : { alg: 'ES256K', kid: 'did:jank:alice#key1' }, + keyId : 'did:jank:alice#key1', mockResolutionResult : { didResolutionMetadata : {}, didDocument : { @@ -115,7 +115,7 @@ describe('General JWS Sign/Verify', () => { did : 'did:jank:bob', privateJwk : ed25519Keys.privateJwk, jwkPublic : ed25519Keys.publicJwk, - protectedHeader : { alg: 'EdDSA', kid: 'did:jank:bob#key1' }, + keyId : 'did:jank:bob#key1', mockResolutionResult : { didResolutionMetadata : {}, didDocument : { @@ -130,13 +130,13 @@ describe('General JWS Sign/Verify', () => { } }; - const signatureInputs = [ - { signer: new PrivateKeySigner(alice.privateJwk), protectedHeader: alice.protectedHeader }, - { signer: new PrivateKeySigner(bob.privateJwk), protectedHeader: bob.protectedHeader }, + const signers = [ + new PrivateKeySigner({ privateJwk: alice.privateJwk, keyId: alice.keyId }), + new PrivateKeySigner({ privateJwk: bob.privateJwk, keyId: bob.keyId }) ]; const payloadBytes = new TextEncoder().encode('anyPayloadValue'); - const jwsBuilder = await GeneralJwsBuilder.create(payloadBytes, signatureInputs); + const jwsBuilder = await GeneralJwsBuilder.create(payloadBytes, signers); const jws = jwsBuilder.getJws(); const resolveStub = sinon.stub(); @@ -149,25 +149,25 @@ describe('General JWS Sign/Verify', () => { }); const verifier = new GeneralJwsVerifier(jws); - const verificatonResult = await verifier.verify(resolverStub); + const verificationResult = await verifier.verify(resolverStub); - expect(verificatonResult.signers.length).to.equal(2); - expect(verificatonResult.signers).to.include(alice.did); - expect(verificatonResult.signers).to.include(bob.did); + expect(verificationResult.signers.length).to.equal(2); + expect(verificationResult.signers).to.include(alice.did); + expect(verificationResult.signers).to.include(bob.did); }); it('should not verify the same signature more than once', async () => { const { privateJwk: privateJwkEd25519, publicJwk: publicJwkEd25519 } = await Ed25519.generateKeyPair(); const { privateJwk: privateJwkSecp256k1, publicJwk: publicJwkSecp256k1 } = await secp256k1.generateKeyPair(); const payloadBytes = new TextEncoder().encode('anyPayloadValue'); - const protectedHeaderEd25519 = { alg: 'EdDSA', kid: 'did:jank:alice#key1' }; - const protectedHeaderSecp256k1 = { alg: 'ES256K', kid: 'did:jank:alice#key2' }; + const keyId1 = 'did:jank:alice#key1'; + const keyId2 = 'did:jank:alice#key2'; const jwsBuilder = await GeneralJwsBuilder.create( payloadBytes, [ - { signer: new PrivateKeySigner(privateJwkEd25519), protectedHeader: protectedHeaderEd25519 }, - { signer: new PrivateKeySigner(privateJwkSecp256k1), protectedHeader: protectedHeaderSecp256k1 } + new PrivateKeySigner({ privateJwk: privateJwkEd25519, keyId: keyId1 }), + new PrivateKeySigner({ privateJwk: privateJwkSecp256k1, keyId: keyId2 }) ] ); const jws = jwsBuilder.getJws(); diff --git a/tests/utils/test-data-generator.ts b/tests/utils/test-data-generator.ts index dbd980d8a..fb01e5261 100644 --- a/tests/utils/test-data-generator.ts +++ b/tests/utils/test-data-generator.ts @@ -326,12 +326,12 @@ export class TestDataGenerator { // TODO: #451 - Remove reference and use of dataStream everywhere in tests - https://github.com/TBD54566975/dwn-sdk-js/issues/451 const dataStream = undefined; - const authorizationSignatureInput = Jws.createSignatureInput(author); + const authorizationSigner = Jws.createSigner(author); const options: ProtocolsConfigureOptions = { messageTimestamp : input?.messageTimestamp, definition, - authorizationSignatureInput, + authorizationSigner, permissionsGrantId : input?.permissionsGrantId }; @@ -352,12 +352,12 @@ export class TestDataGenerator { // generate author persona if not given const author = input?.author ?? await TestDataGenerator.generatePersona(); - const authorizationSignatureInput = Jws.createSignatureInput(author); + const authorizationSigner = Jws.createSigner(author); const options: ProtocolsQueryOptions = { messageTimestamp : input?.messageTimestamp, filter : input?.filter, - authorizationSignatureInput, + authorizationSigner, permissionsGrantId : input?.permissionsGrantId, }; removeUndefinedProperties(options); @@ -383,8 +383,8 @@ export class TestDataGenerator { public static async generateRecordsWrite(input?: GenerateRecordsWriteInput): Promise { const author = input?.author ?? await TestDataGenerator.generatePersona(); - const authorizationSignatureInput = Jws.createSignatureInput(author); - const attestationSignatureInputs = Jws.createSignatureInputs(input?.attesters ?? []); + const authorizationSigner = Jws.createSigner(author); + const attestationSigners = Jws.createSigners(input?.attesters ?? []); const dataCid = input?.dataCid; const dataSize = input?.dataSize; @@ -411,8 +411,8 @@ export class TestDataGenerator { data : dataBytes, dataCid, dataSize, - authorizationSignatureInput, - attestationSignatureInputs, + authorizationSigner, + attestationSigners, encryptionInput : input?.encryptionInput, permissionsGrantId : input?.permissionsGrantId, }; @@ -540,7 +540,7 @@ export class TestDataGenerator { }; await recordsWrite.encryptSymmetricEncryptionKey(encryptionInput); - await recordsWrite.sign(Jws.createSignatureInput(author)); + await recordsWrite.sign(Jws.createSigner(author)); return { message, dataStream: dataStream!, recordsWrite, encryptedDataBytes, encryptionInput }; } @@ -566,7 +566,7 @@ export class TestDataGenerator { published, datePublished, messageTimestamp : input.messageTimestamp, - authorizationSignatureInput : Jws.createSignatureInput(input.author) + authorizationSigner : Jws.createSigner(input.author) }; const recordsWrite = await RecordsWrite.createFrom(options); @@ -594,14 +594,14 @@ export class TestDataGenerator { author = await TestDataGenerator.generatePersona(); } - let authorizationSignatureInput = undefined; + let authorizationSigner = undefined; if (author !== undefined) { - authorizationSignatureInput = Jws.createSignatureInput(author); + authorizationSigner = Jws.createSigner(author); } const options: RecordsQueryOptions = { messageTimestamp : input?.messageTimestamp, - authorizationSignatureInput, + authorizationSigner, filter : input?.filter ?? { schema: TestDataGenerator.randomString(10) }, // must have one filter property if no filter is given dateSort : input?.dateSort, pagination : input?.pagination @@ -624,8 +624,8 @@ export class TestDataGenerator { const author = input?.author ?? await DidKeyResolver.generate(); const recordsDelete = await RecordsDelete.create({ - recordId : input?.recordId ?? await TestDataGenerator.randomCborSha256Cid(), - authorizationSignatureInput : Jws.createSignatureInput(author) + recordId : input?.recordId ?? await TestDataGenerator.randomCborSha256Cid(), + authorizationSigner : Jws.createSigner(author) }); return { @@ -641,11 +641,11 @@ export class TestDataGenerator { public static async generateHooksWrite(input?: GenerateHooksWriteInput): Promise { const author = input?.author ?? await TestDataGenerator.generatePersona(); - const authorizationSignatureInput = Jws.createSignatureInput(author); + const authorizationSigner = Jws.createSigner(author); const options: HooksWriteOptions = { messageTimestamp : input?.messageTimestamp, - authorizationSignatureInput, + authorizationSigner, filter : input?.filter ?? { method: 'RecordsWrite' }, // hardcode to filter on `RecordsWrite` if no filter is given }; removeUndefinedProperties(options); @@ -673,8 +673,8 @@ export class TestDataGenerator { interface : DwnInterfaceName.Records, method : DwnMethodName.Write }, - conditions : input?.conditions, - authorizationSignatureInput : Jws.createSignatureInput(author) + conditions : input?.conditions, + authorizationSigner : Jws.createSigner(author) }); return { @@ -702,8 +702,8 @@ export class TestDataGenerator { interface : DwnInterfaceName.Records, method : DwnMethodName.Write }, - conditions : input?.conditions, - authorizationSignatureInput : Jws.createSignatureInput(author) + conditions : input?.conditions, + authorizationSigner : Jws.createSigner(author) }); return { @@ -718,10 +718,10 @@ export class TestDataGenerator { */ public static async generatePermissionsRevoke(input?: GeneratePermissionsRevokeInput): Promise { const author = input?.author ?? await TestDataGenerator.generatePersona(); - const authorizationSignatureInput = Jws.createSignatureInput(author); + const authorizationSigner = Jws.createSigner(author); const permissionsRevoke = await PermissionsRevoke.create({ - authorizationSignatureInput, + authorizationSigner, permissionsGrantId : input?.permissionsGrantId ?? await TestDataGenerator.randomCborSha256Cid(), messageTimestamp : input?.dateCreated }); @@ -735,9 +735,9 @@ export class TestDataGenerator { public static async generateEventsGet(input?: GenerateEventsGetInput): Promise { const author = input?.author ?? await TestDataGenerator.generatePersona(); - const authorizationSignatureInput = Jws.createSignatureInput(author); + const authorizationSigner = Jws.createSigner(author); - const options: EventsGetOptions = { authorizationSignatureInput }; + const options: EventsGetOptions = { authorizationSigner }; if (input?.watermark) { options.watermark = input.watermark; } @@ -753,10 +753,10 @@ export class TestDataGenerator { public static async generateMessagesGet(input: GenerateMessagesGetInput): Promise { const author = input?.author ?? await TestDataGenerator.generatePersona(); - const authorizationSignatureInput = Jws.createSignatureInput(author); + const authorizationSigner = Jws.createSigner(author); const options: MessagesGetOptions = { - authorizationSignatureInput, + authorizationSigner, messageCids: input.messageCids };