@bedrock/kms 9.0.0

package/test/mocha/20-key-operations.js

@@ -0,0 +1,241 @@
+/*!
+ * Copyright (c) 2019-2022 Digital Bazaar, Inc. All rights reserved.
+ */
+import * as bedrock from '@bedrock/core';
+import * as helpers from './helpers.js';
+import {createRequire} from 'module';
+import {defaultModuleManager as moduleManager} from '@bedrock/kms';
+import {mockData} from './mock.data.js';
+const require = createRequire(import.meta.url);
+const {runOperation} = require('@digitalbazaar/webkms-switch');
+
+const {util: {clone, uuid}} = bedrock;
+
+describe('bedrock-kms', () => {
+  describe('integration with runOperation API', () => {
+    describe('GenerateKeyOperation', () => {
+      it('successfully generates a Ed25519VerificationKey2018', async () => {
+        const keystore = {
+          id: 'https://example.com/keystores/x',
+          controller: 'urn:uuid:baa943d2-7338-11ec-b1c4-10bf48838a41',
+          kmsModule: 'ssm-v1'
+        };
+        const operation = clone(
+          mockData.operations.generate({type: 'Ed25519VerificationKey2018'}));
+        operation.invocationTarget.type = 'Ed25519VerificationKey2018';
+        let error;
+        let result;
+        try {
+          result = await runOperation({operation, keystore, moduleManager});
+        } catch(e) {
+          error = e;
+        }
+        assertNoError(error);
+        should.exist(result);
+        result.should.have.keys(['keyId', 'result']);
+        result.result.should.have.keys(['keyId', 'keyDescription']);
+        const {keyDescription} = result.result;
+        keyDescription.should.have.keys(
+          ['@context', 'id', 'publicKeyBase58', 'type', 'controller']);
+        keyDescription.type.should.equal(operation.invocationTarget.type);
+        keyDescription.publicKeyBase58.should.be.a('string');
+      });
+      it('successfully generates a Ed25519VerificationKey2020', async () => {
+        const keystore = {
+          id: 'https://example.com/keystores/x',
+          controller: 'urn:uuid:baa943d2-7338-11ec-b1c4-10bf48838a41',
+          kmsModule: 'ssm-v1'
+        };
+        const operation = clone(
+          mockData.operations.generate({type: 'Ed25519VerificationKey2020'}));
+        operation.invocationTarget.type = 'Ed25519VerificationKey2020';
+        let error;
+        let result;
+        try {
+          result = await runOperation({operation, keystore, moduleManager});
+        } catch(e) {
+          error = e;
+        }
+        assertNoError(error);
+        should.exist(result);
+        result.should.have.keys(['keyId', 'result']);
+        result.result.should.have.keys(['keyId', 'keyDescription']);
+        const {keyDescription} = result.result;
+        keyDescription.should.have.keys(
+          ['@context', 'id', 'publicKeyMultibase', 'type', 'controller']);
+        keyDescription.type.should.equal(operation.invocationTarget.type);
+        keyDescription.publicKeyMultibase.should.be.a('string');
+      });
+      it('successfully generates a Sha256HmacKey2019', async () => {
+        const keystore = {
+          id: 'https://example.com/keystores/x',
+          controller: 'urn:uuid:baa943d2-7338-11ec-b1c4-10bf48838a41',
+          kmsModule: 'ssm-v1'
+        };
+        const operation = clone(
+          mockData.operations.generate({type: 'Sha256HmacKey2019'}));
+        operation.invocationTarget.type = 'Sha256HmacKey2019';
+        let error;
+        let result;
+        try {
+          result = await runOperation({operation, keystore, moduleManager});
+        } catch(e) {
+          error = e;
+        }
+        assertNoError(error);
+        should.exist(result);
+        result.should.be.an('object');
+        result.should.have.keys(['keyId', 'result']);
+        result.result.should.have.keys(['keyId', 'keyDescription']);
+        const {keyDescription} = result.result;
+        keyDescription.should.have.keys(
+          ['@context', 'id', 'type', 'controller']);
+      });
+      it('successfully generates a AesKeyWrappingKey2019', async () => {
+        const keystore = {
+          id: 'https://example.com/keystores/x',
+          controller: 'urn:uuid:baa943d2-7338-11ec-b1c4-10bf48838a41',
+          kmsModule: 'ssm-v1'
+        };
+        const operation = clone(
+          mockData.operations.generate({type: 'AesKeyWrappingKey2019'}));
+        operation.invocationTarget.type = 'AesKeyWrappingKey2019';
+        let error;
+        let result;
+        try {
+          result = await runOperation({operation, keystore, moduleManager});
+        } catch(e) {
+          error = e;
+        }
+        assertNoError(error);
+        should.exist(result);
+        result.should.be.an('object');
+        result.should.have.keys(['keyId', 'result']);
+        result.result.should.have.keys(['keyId', 'keyDescription']);
+        const {keyDescription} = result.result;
+        keyDescription.should.have.keys(
+          ['@context', 'id', 'type', 'controller']);
+      });
+      it('throws on UnknownKeyType', async () => {
+        const keystore = {
+          id: 'https://example.com/keystores/x',
+          controller: 'urn:uuid:baa943d2-7338-11ec-b1c4-10bf48838a41',
+          kmsModule: 'ssm-v1'
+        };
+        const operation = clone(
+          mockData.operations.generate({type: 'AesKeyWrappingKey2019'}));
+        operation.invocationTarget.type = 'UnknownKeyType';
+        let error;
+        let result;
+        try {
+          result = await runOperation({operation, keystore, moduleManager});
+        } catch(e) {
+          error = e;
+        }
+        should.exist(error);
+        should.not.exist(result);
+        error.message.should.include('UnknownKeyType');
+      });
+    }); // end GenerateKeyOperation
+
+    describe('SignOperation', () => {
+      it('signs a string using Ed25519VerificationKey2018', async () => {
+        const {keystore, key: {id: keyId}} = await helpers.generateKey(
+          {mockData, type: 'Ed25519VerificationKey2018'});
+        const operation = clone(mockData.operations.sign);
+        operation.invocationTarget = keyId;
+        operation.verifyData = uuid();
+        let result;
+        let error;
+        try {
+          result = await runOperation({operation, keystore, moduleManager});
+        } catch(e) {
+          error = e;
+        }
+        assertNoError(error);
+        should.exist(result);
+        result.should.be.an('object');
+        result.should.have.keys(['keyId', 'result']);
+        result.result.should.have.keys(['signatureValue']);
+        should.exist(result.result.signatureValue);
+        const {signatureValue} = result.result;
+        signatureValue.should.be.a('string');
+      });
+      it('signs a string using Ed25519VerificationKey2020', async () => {
+        const {keystore, key: {id: keyId}} = await helpers.generateKey(
+          {mockData, type: 'Ed25519VerificationKey2020'});
+        const operation = clone(mockData.operations.sign);
+        operation.invocationTarget = keyId;
+        operation.verifyData = uuid();
+        let result;
+        let error;
+        try {
+          result = await runOperation({operation, keystore, moduleManager});
+        } catch(e) {
+          error = e;
+        }
+        assertNoError(error);
+        should.exist(result);
+        result.should.be.an('object');
+        result.should.have.keys(['keyId', 'result']);
+        result.result.should.have.keys(['signatureValue']);
+        should.exist(result.result.signatureValue);
+        const {signatureValue} = result.result;
+        signatureValue.should.be.a('string');
+      });
+      it('signs a string using Sha256HmacKey2019', async () => {
+        const {keystore, key: {id: keyId}} = await helpers.generateKey(
+          {mockData, type: 'Sha256HmacKey2019'});
+        const operation = clone(mockData.operations.sign);
+        operation.invocationTarget = keyId;
+        operation.verifyData = uuid();
+        let result;
+        let error;
+        try {
+          result = await runOperation({operation, keystore, moduleManager});
+        } catch(e) {
+          error = e;
+        }
+        assertNoError(error);
+        should.exist(result);
+        result.should.be.an('object');
+        result.should.have.keys(['keyId', 'result']);
+        result.result.should.have.keys(['signatureValue']);
+        const {signatureValue} = result.result;
+        signatureValue.should.be.a('string');
+        signatureValue.should.have.length(43);
+      });
+    }); // end SignOperation
+
+    describe('VerifyOperation', () => {
+      it('verifies a string using Sha256HmacKey2019', async () => {
+        const verifyData = uuid();
+        const {keystore, key: {id: keyId}} = await helpers.generateKey(
+          {mockData, type: 'Sha256HmacKey2019'});
+        const signOperation = clone(mockData.operations.sign);
+        signOperation.invocationTarget = keyId;
+        signOperation.verifyData = verifyData;
+        const {result: {signatureValue}} = await runOperation(
+          {operation: signOperation, keystore, moduleManager});
+        const verifyOperation = clone(mockData.operations.verify);
+        verifyOperation.invocationTarget = keyId;
+        verifyOperation.verifyData = verifyData;
+        verifyOperation.signatureValue = signatureValue;
+        let result;
+        let error;
+        try {
+          result = await runOperation(
+            {operation: verifyOperation, keystore, moduleManager});
+        } catch(e) {
+          error = e;
+        }
+        assertNoError(error);
+        should.exist(result);
+        result.should.be.an('object');
+        result.should.have.keys(['keyId', 'result']);
+        result.result.should.have.keys(['verified']);
+        result.result.verified.should.be.true;
+      });
+    }); // end VerifyOperation
+  }); // end runOperation API
+}); // end bedrock-kms

package/test/mocha/30-bulk-operations.js

@@ -0,0 +1,111 @@
+/*!
+ * Copyright (c) 2019-2022 Digital Bazaar, Inc. All rights reserved.
+ */
+import * as bedrock from '@bedrock/core';
+import * as helpers from './helpers.js';
+import {createRequire} from 'module';
+import {defaultModuleManager as moduleManager} from '@bedrock/kms';
+import {mockData} from './mock.data.js';
+const require = createRequire(import.meta.url);
+const {runOperation} = require('@digitalbazaar/webkms-switch');
+
+const {util: {clone, uuid}} = bedrock;
+
+describe('bulk operations', () => {
+  describe('Ed25519VerificationKey2020', () => {
+    let mockKeyId;
+    let keystore;
+    const operationCount = 10000;
+    const vData = [];
+    before(async () => {
+      for(let i = 0; i < operationCount; ++i) {
+        let v = '';
+        for(let n = 0; n < 100; ++n) {
+          v += uuid();
+        }
+        vData.push(v);
+      }
+    });
+    before(async () => {
+      let err;
+      try {
+        ({keystore, key: {id: mockKeyId}} = await helpers.generateKey(
+          {mockData, type: 'Ed25519VerificationKey2020'}));
+      } catch(e) {
+        err = e;
+      }
+      assertNoError(err);
+    });
+    it(`performs ${operationCount} signatures`, async function() {
+      this.timeout(0);
+      const promises = [];
+      for(let i = 0; i < operationCount; ++i) {
+        const operation = clone(mockData.operations.sign);
+        operation.invocationTarget = mockKeyId;
+        operation.verifyData = vData[i];
+        promises.push(runOperation({
+          operation, keystore, moduleManager
+        }));
+      }
+      let result;
+      let err;
+      try {
+        result = await Promise.all(promises);
+      } catch(e) {
+        err = e;
+      }
+      assertNoError(err);
+      should.exist(result);
+      result.should.be.an('array');
+      result.should.have.length(operationCount);
+    });
+  });
+  describe('Sha256HmacKey2019', () => {
+    let mockKeyId;
+    let keystore;
+    const operationCount = 10000;
+    const vData = [];
+    before(async () => {
+      for(let i = 0; i < operationCount; ++i) {
+        let v = '';
+        for(let n = 0; n < 100; ++n) {
+          v += uuid();
+        }
+        vData.push(v);
+      }
+    });
+    before(async () => {
+      let err;
+      try {
+        ({keystore, key: {id: mockKeyId}} = await helpers.generateKey(
+          {mockData, type: 'Sha256HmacKey2019'}));
+      } catch(e) {
+        err = e;
+      }
+      assertNoError(err);
+    });
+    it(`performs ${operationCount} signatures`, async function() {
+      this.timeout(0);
+      const promises = [];
+      for(let i = 0; i < operationCount; ++i) {
+        const operation = clone(mockData.operations.sign);
+        operation.invocationTarget = mockKeyId;
+        operation.verifyData = vData[i];
+        promises.push(runOperation({
+          operation, keystore, moduleManager
+        }));
+      }
+      let result;
+      let err;
+      try {
+        result = await Promise.all(promises);
+      } catch(e) {
+        err = e;
+      }
+      assertNoError(err);
+      should.exist(result);
+      result.should.be.an('array');
+      result.should.have.length(operationCount);
+    });
+  });
+});

package/test/mocha/40-database.js

@@ -0,0 +1,95 @@
+/*!
+ * Copyright (c) 2018-2022 Digital Bazaar, Inc. All rights reserved.
+ */
+import * as helpers from './helpers.js';
+import {keystores} from '@bedrock/kms';
+
+describe('Keystores Database Tests', () => {
+  describe('Indexes', async () => {
+    let mockConfigAlpha;
+    beforeEach(async () => {
+      await helpers.prepareDatabase();
+      mockConfigAlpha = {
+        id: 'https://example.com/keystores/' +
+          '8b688649-d546-4e88-9027-da434bac495a',
+        kmsModule: 'ssm-v1',
+        controller: 'caf40b44-0e66-44ef-b331-23f6ca0bb837',
+        sequence: 0,
+        meterId: '6fb34a1a-e26d-49bc-bd00-66873ab0d147'
+      };
+
+      const mockConfigBeta = {
+        id: 'https://example.com/keystores/' +
+          '6821b4ec-2630-4bf3-9464-39581d2c4499',
+        kmsModule: 'ssm-v1',
+        controller: 'caf40b44-0e66-44ef-b331-23f6ca0bb837',
+        sequence: 0,
+        meterId: '6fb34a1a-e26d-49bc-bd00-66873ab0d147'
+      };
+
+      await keystores.insert({config: mockConfigAlpha});
+      // second record is inserted here in order to do proper assertions for
+      // 'nReturned', 'totalKeysExamined' and 'totalDocsExamined'.
+      await keystores.insert({config: mockConfigBeta});
+    });
+    it(`is properly indexed for 'config.controller' in find()`, async () => {
+      // finds all records that match the 'config.controller' query since it is
+      // a non unique index.
+      const {executionStats} = await keystores.find({
+        controller: mockConfigAlpha.controller,
+        query: {},
+        explain: true
+      });
+      executionStats.nReturned.should.equal(2);
+      executionStats.totalKeysExamined.should.equal(2);
+      executionStats.totalDocsExamined.should.equal(2);
+      executionStats.executionStages.inputStage.stage.should.equal('IXSCAN');
+      executionStats.executionStages.inputStage.keyPattern
+        .should.eql({'config.controller': 1});
+    });
+    it(`is properly indexed for 'config.id' in update()`, async () => {
+      mockConfigAlpha.sequence += 1;
+      const {executionStats} = await keystores.update({
+        config: mockConfigAlpha,
+        explain: true
+      });
+      executionStats.nReturned.should.equal(1);
+      executionStats.totalKeysExamined.should.equal(1);
+      executionStats.totalDocsExamined.should.equal(1);
+      executionStats.executionStages.inputStage.inputStage.stage
+        .should.equal('IXSCAN');
+      executionStats.executionStages.inputStage.inputStage.keyPattern
+        .should.eql({'config.id': 1});
+    });
+    it(`is properly indexed for 'config.meterId' in getStorageUsage()`,
+      async () => {
+        // finds all records that match the 'config.meter' query since it is
+        // a non unique index.
+        const {executionStats} = await keystores.getStorageUsage({
+          meterId: mockConfigAlpha.meterId,
+          explain: true
+        });
+        executionStats.nReturned.should.equal(2);
+        executionStats.totalKeysExamined.should.equal(2);
+        executionStats.totalDocsExamined.should.equal(2);
+        executionStats.executionStages.inputStage.inputStage.stage
+          .should.equal('IXSCAN');
+        executionStats.executionStages.inputStage.inputStage.keyPattern
+          .should.eql({'config.meterId': 1});
+      });
+    it(`is properly indexed for 'config.id' in _getUncachedRecord()`,
+      async () => {
+        const {executionStats} = await keystores._getUncachedRecord({
+          id: mockConfigAlpha.id,
+          explain: true
+        });
+        executionStats.nReturned.should.equal(1);
+        executionStats.totalKeysExamined.should.equal(1);
+        executionStats.totalDocsExamined.should.equal(1);
+        executionStats.executionStages.inputStage.inputStage.inputStage.stage
+          .should.equal('IXSCAN');
+        executionStats.executionStages.inputStage.inputStage.inputStage
+          .keyPattern.should.eql({'config.id': 1});
+      });
+  });
+});

package/test/mocha/50-document-loader.js

@@ -0,0 +1,40 @@
+/*!
+ * Copyright (c) 2021-2022 Digital Bazaar, Inc. All rights reserved.
+ */
+import {defaultDocumentLoader as documentLoader} from '@bedrock/kms';
+
+describe('defaultDocumentLoader', () => {
+  it('returns a did document from the document loader', async () => {
+    const url = 'did:key:z6MkpTHR8VNsBxYAAWHut2Geadd9jSwuBV8xRoAnwWsdvktH';
+
+    let err;
+    let result;
+    try {
+      result = await documentLoader(url);
+    } catch(e) {
+      err = e;
+    }
+
+    should.exist(result);
+    should.not.exist(err);
+    result.should.have.keys(['contextUrl', 'documentUrl', 'document']);
+    result.documentUrl.should.equal(url);
+  });
+
+  it('throws NotFoundError on document not found', async () => {
+    const url = 'https://example.com/foo.jsonld';
+
+    let err;
+    let result;
+    try {
+      result = await documentLoader(url);
+    } catch(e) {
+      err = e;
+    }
+
+    should.not.exist(result);
+    should.exist(err);
+    err.should.be.instanceOf(Error);
+    err.message.should.contain(url);
+  });
+});

package/test/mocha/cryptoLd.js

@@ -0,0 +1,22 @@
+/*!
+ * Copyright (c) 2021-2022 Digital Bazaar, Inc. All rights reserved.
+ */
+import {createRequire} from 'module';
+const require = createRequire(import.meta.url);
+const {CryptoLD} = require('crypto-ld');
+const {Ed25519VerificationKey2018} =
+  require('@digitalbazaar/ed25519-verification-key-2018');
+const {Ed25519VerificationKey2020} =
+  require('@digitalbazaar/ed25519-verification-key-2020');
+const {X25519KeyAgreementKey2019} =
+  require('@digitalbazaar/x25519-key-agreement-key-2019');
+const {X25519KeyAgreementKey2020} =
+  require('@digitalbazaar/x25519-key-agreement-key-2020');
+
+const cryptoLd = new CryptoLD();
+cryptoLd.use(Ed25519VerificationKey2018);
+cryptoLd.use(Ed25519VerificationKey2020);
+cryptoLd.use(X25519KeyAgreementKey2019);
+cryptoLd.use(X25519KeyAgreementKey2020);
+
+export {cryptoLd};

package/test/mocha/helpers.js

@@ -0,0 +1,46 @@
+/*!
+ * Copyright (c) 2019-2022 Digital Bazaar, Inc. All rights reserved.
+ */
+import * as bedrock from '@bedrock/core';
+import * as brKms from '@bedrock/kms';
+import * as database from '@bedrock/mongodb';
+import {createRequire} from 'module';
+const require = createRequire(import.meta.url);
+const {runOperation} = require('@digitalbazaar/webkms-switch');
+const {generateId} = require('bnid');
+
+const {util: {clone}} = bedrock;
+
+export async function generateKey({mockData, type}) {
+  // create a keystore
+  const mockKeystoreId = `https://example.com/keystore/${await generateId()}`;
+  const keystore = {
+    id: mockKeystoreId,
+    controller: 'urn:foo',
+    kmsModule: 'ssm-v1',
+    sequence: 0,
+  };
+  await brKms.keystores.insert({config: keystore});
+
+  const keyId = `${mockKeystoreId}/keys/${await generateId()}`;
+  const operation = clone(mockData.operations.generate({type}));
+  operation.invocationTarget.id = keyId;
+  operation.invocationTarget.type = type;
+  const moduleManager = brKms.defaultModuleManager;
+  const {result} = await runOperation({operation, keystore, moduleManager});
+  return {
+    keystore,
+    key: result.keyDescription
+  };
+}
+
+export async function prepareDatabase() {
+  await removeCollections();
+}
+
+export async function removeCollections(collectionNames = ['kms-keystore']) {
+  await database.openCollections(collectionNames);
+  for(const collectionName of collectionNames) {
+    await database.collections[collectionName].deleteMany({});
+  }
+}

package/test/mocha/mock.data.js

@@ -0,0 +1,62 @@
+/*!
+ * Copyright (c) 2019-2022 Digital Bazaar, Inc. All rights reserved.
+ */
+import * as webkmsContext from '@digitalbazaar/webkms-context';
+import * as aesContext from 'aes-key-wrapping-2019-context';
+import * as hmacContext from 'sha256-hmac-key-2019-context';
+import {cryptoLd} from './cryptoLd.js';
+
+const {CONTEXT_URL: WEBKMS_CONTEXT_URL} = webkmsContext;
+const {CONTEXT_URL: AES_2019_CONTEXT_URL} = aesContext;
+const {CONTEXT_URL: HMAC_2019_CONTEXT_URL} = hmacContext;
+
+export const mockData = {};
+const operations = mockData.operations = {};
+
+const symmetric = new Map([
+  ['AesKeyWrappingKey2019', AES_2019_CONTEXT_URL],
+  ['Sha256HmacKey2019', HMAC_2019_CONTEXT_URL]
+]);
+
+operations.generate = ({type}) => {
+  let suiteContextUrl = symmetric.get(type);
+  if(!suiteContextUrl) {
+    ({SUITE_CONTEXT: suiteContextUrl} = cryptoLd.suites.get(type) || {});
+    if(!suiteContextUrl) {
+      throw new Error(`Unknown key type: "${type}".`);
+    }
+  }
+
+  return {
+    '@context': [WEBKMS_CONTEXT_URL, suiteContextUrl],
+    type: 'GenerateKeyOperation',
+    invocationTarget: {
+      id: '',
+      type: '',
+      controller: 'https://example.com/bar'
+    },
+    proof: {
+      verificationMethod: 'https://example.com/bar'
+    }
+  };
+};
+
+operations.sign = {
+  '@context': WEBKMS_CONTEXT_URL,
+  type: 'SignOperation',
+  invocationTarget: '',
+  verifyData: '',
+  proof: {
+    verificationMethod: 'https://example.com/bar'
+  }
+};
+
+operations.verify = {
+  '@context': WEBKMS_CONTEXT_URL,
+  type: 'VerifyOperation',
+  invocationTarget: '',
+  verifyData: '',
+  proof: {
+    verificationMethod: 'https://example.com/bar'
+  }
+};

package/test/package.json

@@ -0,0 +1,49 @@
+{
+  "name": "bedrock-kms-test",
+  "version": "0.0.1-0",
+  "type": "module",
+  "description": "Bedrock KMS test",
+  "private": true,
+  "scripts": {
+    "test": "node --preserve-symlinks test.js test",
+    "coverage": "cross-env NODE_ENV=test c8 --reporter=lcov --reporter=text-summary npm test",
+    "coverage-ci": "cross-env NODE_ENV=test c8 --reporter=lcovonly npm test",
+    "coverage-report": "c8 report"
+  },
+  "dependencies": {
+    "@bedrock/core": "^5.0.0",
+    "@bedrock/did-context": "^3.0.0",
+    "@bedrock/did-io": "^7.0.0",
+    "@bedrock/https-agent": "^3.0.0",
+    "@bedrock/jsonld-document-loader": "^2.0.0",
+    "@bedrock/kms": "file:..",
+    "@bedrock/ledger-context": "^22.0.0",
+    "@bedrock/mongodb": "^9.0.0",
+    "@bedrock/package-manager": "^2.0.0",
+    "@bedrock/security-context": "^6.0.0",
+    "@bedrock/ssm-mongodb": "^8.0.1",
+    "@bedrock/test": "^7.0.0",
+    "@bedrock/veres-one-context": "^13.0.0",
+    "@digitalbazaar/ed25519-verification-key-2018": "^3.1.1",
+    "@digitalbazaar/ed25519-verification-key-2020": "^3.1.0",
+    "@digitalbazaar/webkms-context": "^2.0.0",
+    "@digitalbazaar/webkms-switch": "^9.0.3",
+    "@digitalbazaar/x25519-key-agreement-key-2019": "^5.1.1",
+    "@digitalbazaar/x25519-key-agreement-key-2020": "^2.0.0",
+    "aes-key-wrapping-2019-context": "^1.0.3",
+    "bnid": "^2.0.0",
+    "c8": "^7.11.0",
+    "cross-env": "^7.0.3",
+    "crypto-ld": "^6.0.0",
+    "sha256-hmac-key-2019-context": "^1.0.3"
+  },
+  "c8": {
+    "excludeNodeModules": false,
+    "include": [
+      "node_modules/@bedrock/kms/**"
+    ],
+    "exclude": [
+      "node_modules/@bedrock/kms/node_modules/**"
+    ]
+  }
+}

package/test/test.config.js

@@ -0,0 +1,17 @@
+/*!
+ * Copyright (c) 2019-2022 Digital Bazaar, Inc. All rights reserved.
+ */
+import {config} from '@bedrock/core';
+import {fileURLToPath} from 'url';
+import path from 'path';
+import '@bedrock/mongodb';
+
+const __dirname = path.dirname(fileURLToPath(import.meta.url));
+
+config.mocha.tests.push(path.join(__dirname, 'mocha'));
+
+// MongoDB
+config.mongodb.name = 'bedrock_kms_test';
+config.mongodb.dropCollections = {};
+config.mongodb.dropCollections.onInit = true;
+config.mongodb.dropCollections.collections = [];