decentralized-identity · KendallWeihe · May 16, 2024 · May 16, 2024 · KendallWeihe · May 16, 2024
diff --git a/crates/credentials/Cargo.toml b/crates/credentials/Cargo.toml
@@ -10,7 +10,6 @@ license-file.workspace = true
 base64 = { workspace = true }
 chrono = { workspace = true }
 keys = { path = "../keys" }
-dids = { path = "../dids" }
 hex = "0.4"
 jsonpath-rust = "0.5.1"
 jsonschema = "0.17.1"
@@ -25,6 +24,7 @@ uuid = { version = "1.8.0", features = ["v4"] }
 
 [dev-dependencies]
 crypto = { path = "../crypto" }
+dids = { path = "../dids" }
 serde_canonical_json = "1.0.0"
 tokio = { version = "1.34.0", features = ["macros", "test-util"] }
 test-helpers = { path = "../test-helpers" }
diff --git a/crates/credentials/src/vc.rs b/crates/credentials/src/vc.rs
@@ -1,10 +1,10 @@
 use core::fmt;
-use dids::{bearer::BearerDid, document::KeySelector};
-use jws::JwsError;
+use jws::{JwsError, JwsHeader};
 use jwt::{
     jws::Jwt,
     {Claims, JwtError, RegisteredClaims},
 };
+use keys::key_manager::Signer;
 use serde::{Deserialize, Serialize};
 use std::{
     collections::HashMap,
@@ -107,8 +107,8 @@ impl VerifiableCredential {
 
     pub fn sign(
         &self,
-        bearer_did: &BearerDid,
-        key_selector: &KeySelector,
+        signer: Arc<dyn Signer>,
+        jws_header: JwsHeader,
     ) -> Result<String, CredentialError> {
         let claims = VcJwtClaims {
             registered_claims: RegisteredClaims {
@@ -122,7 +122,7 @@ impl VerifiableCredential {
             vc: self.clone(),
         };
 
-        let jwt = Jwt::sign(bearer_did, key_selector, None, &claims)?;
+        let jwt = Jwt::sign(signer, jws_header, &claims)?;
 
         Ok(jwt)
     }
@@ -162,7 +162,8 @@ mod test {
     use super::*;
     use crypto::Curve;
     use dids::{
-        document::VerificationMethodType,
+        bearer::BearerDid,
+        document::{KeyIdFragment, KeySelector, VerificationMethodType},
         methods::{
             jwk::{DidJwk, DidJwkCreateOptions},
             Create,
@@ -313,7 +314,14 @@ mod test {
         let key_selector = KeySelector::MethodType {
             verification_method_type: VerificationMethodType::VerificationMethod,
         };
-        let vcjwt = vc.sign(&bearer_did, &key_selector).unwrap();
+
+        let key_id = bearer_did.document.verification_method[0].id.clone();
+        let key_alias = KeyIdFragment(key_id.clone()).splice_key_alias();
+        let signer = bearer_did.key_manager.get_signer(&key_alias).unwrap();
+
+        let jws_header = JwsHeader::from_did_document(&bearer_did.document, &key_selector).unwrap();
+
+        let vcjwt = vc.sign(signer, jws_header).unwrap();
         assert!(!vcjwt.is_empty());
 
         let verified_vc = VerifiableCredential::verify(&vcjwt).await.unwrap();

diff --git a/crates/dids/src/bearer.rs b/crates/dids/src/bearer.rs
@@ -1,5 +1,5 @@
 use crate::{
-    document::{Document, DocumentError, KeyIdFragment, KeySelector},
+    document::{Document, DocumentError},
     identifier::{Identifier, IdentifierError},
     resolver::{ResolutionError, Resolver},
 };
@@ -49,31 +49,17 @@ impl BearerDid {
                 .ok_or(ResolutionError::NotFound)?,
         })
     }
-
-    pub fn sign(
-        &self,
-        key_selector: &KeySelector,
-        payload: &[u8],
-    ) -> Result<Vec<u8>, BearerDidError> {
-        let verification_method = self.document.get_verification_method(key_selector)?;
-        let key_alias = KeyIdFragment(verification_method.id.clone()).splice_key_alias();
-        let signature = self.key_manager.sign(&key_alias, payload)?;
-        Ok(signature)
-    }
 }
 
 #[cfg(test)]
 mod test {
     use super::*;
-    use crate::{
-        document::VerificationMethodType,
-        methods::{
-            jwk::{DidJwk, DidJwkCreateOptions},
-            Create,
-        },
+    use crate::methods::{
+        jwk::{DidJwk, DidJwkCreateOptions},
+        Create,
     };
     use crypto::Curve;
-    use keys::{key::PublicKey, key_manager::local_key_manager::LocalKeyManager};
+    use keys::key_manager::local_key_manager::LocalKeyManager;
 
     #[tokio::test]
     async fn test_from_key_manager() {
@@ -97,27 +83,4 @@ mod test {
             bearer_did_private_keys[0].jwk().unwrap().d
         );
     }
-
-    #[test]
-    fn test_sign() {
-        let key_manager = Arc::new(LocalKeyManager::new());
-        let options = DidJwkCreateOptions {
-            curve: Curve::Ed25519,
-        };
-        let bearer_did = DidJwk::create(key_manager.clone(), options).unwrap();
-
-        let payload = b"hello world";
-        let key_selector = KeySelector::MethodType {
-            verification_method_type: VerificationMethodType::VerificationMethod,
-        };
-        let signature = bearer_did.sign(&key_selector, payload).unwrap();
-
-        assert_ne!(0, signature.len());
-
-        let vm = bearer_did
-            .document
-            .get_verification_method(&key_selector)
-            .unwrap();
-        vm.public_key_jwk.verify(payload, &signature).unwrap();
-    }
 }
diff --git a/crates/jws/Cargo.toml b/crates/jws/Cargo.toml
@@ -10,6 +10,7 @@ license-file.workspace = true
 base64 = { workspace = true }
 crypto = { path = "../crypto" }
 dids = { path = "../dids" }
+keys = { path = "../keys" }
 serde = { workspace = true }
 serde_json = { workspace = true }
 thiserror = { workspace = true }