@interop/did-web-resolver 2.0.0 → 2.2.1

package/README.md

@@ -21,7 +21,7 @@ TBD
 ## Background
 
 A `did:web` method driver for use with in-browser and server-side on Node.js
-with the [`did-io`](https://github.com/digitalbazaar/did-io) resolver library. 
+with the [`did-io`](https://github.com/digitalcredentials/did-io) resolver library. 
 
 Draft spec (W3C CCG Work Item):
 
@@ -37,9 +37,9 @@ Other implementations:
 
 ```js
 import { Ed25519VerificationKey2020 }
-  from '@digitalbazaar/ed25519-verification-key-2020'
+  from '@digitalcredentials/ed25519-verification-key-2020'
 import { X25519KeyAgreementKey2020 }
-  from '@digitalbazaar/x25519-key-agreement-key-2020'
+  from '@digitalcredentials/x25519-key-agreement-key-2020'
 import { CryptoLD } from 'crypto-ld'
 
 import * as didWeb from '@interop/did-web-resolver'
@@ -51,16 +51,47 @@ cryptoLd.use(X25519KeyAgreementKey2020)
 const didWebDriver = didWeb.driver({ cryptoLd })
 
 // Optionally use it with the CachedResolver from did-io
-import {CachedResolver} from '@digitalbazaar/did-io';
+import {CachedResolver} from '@digitalcredentials/did-io';
 const resolver = new CachedResolver()
 resolver.use(didWebDriver)
 ```
 
 ### Generating a new DID
 
+#### Generating from seed
+
+If you have a deterministic secret seed (created with [`did-cli`](https://github.com/digitalcredentials/did-cli),
+for example) and would like to generate a `did:web` document from it:
+
 ```js
-const { didDocument, keyPairs, methodFor } = await didWebDriver.generate()
+const url = 'https://example.com'
+const seed = 'z1AhV1bADy7RepJ64mvH7Kk7htFNGc7EA1WA5nGzLSTWc6o'
 
+const { didDocument, keyPairs, methodFor } = await didWebDriver.generate({ url, seed })
+// didDocument
+{
+  '@context': [
+    'https://www.w3.org/ns/did/v1',
+    'https://w3id.org/security/suites/ed25519-2020/v1',
+    'https://w3id.org/security/suites/x25519-2020/v1'
+  ],
+  id: 'did:web:example.com',
+  assertionMethod: [{
+    id: 'did:web:example.com#z6MkmDMjfkjs9XPCN1LfoQQRHz1mJ8PEdiVYC66XKhj3wGyB',
+    type: 'Ed25519VerificationKey2020',
+    controller: 'did:web:example.com',
+    publicKeyMultibase: 'z6MkmDMjfkjs9XPCN1LfoQQRHz1mJ8PEdiVYC66XKhj3wGyB'
+  }]
+}
+```
+
+#### Generating new random keys
+
+Invoking `generate()` by itself will create new keypairs for each proof purpose.
+
+```js
+const { didDocument, keyPairs, methodFor } = await didWebDriver.generate()
+// didDocument
 {
   '@context': [
     'https://www.w3.org/ns/did/v1',

package/dist/DidWebResolver.js

@@ -2,11 +2,13 @@
 
 Object.defineProperty(exports, '__esModule', { value: true });
 
-var httpClient = require('@digitalbazaar/http-client');
-var didIo = require('@digitalbazaar/did-io');
+var httpClient = require('@digitalcredentials/http-client');
+var didIo = require('@digitalcredentials/did-io');
 var ed25519Context = require('ed25519-signature-2020-context');
 var x25519Context = require('x25519-key-agreement-2020-context');
 var didContext = require('did-context');
+var bnid = require('@digitalcredentials/bnid');
+var whatwgUrl = require('whatwg-url');
 
 function _interopDefaultLegacy (e) { return e && typeof e === 'object' && 'default' in e ? e : { 'default': e }; }
 
@@ -53,7 +55,7 @@ function didFromUrl ({ url } = {}) {
 
   let parsedUrl;
   try {
-    parsedUrl = new URL(url);
+    parsedUrl = new whatwgUrl.URL(url);
   } catch (error) {
     throw new TypeError(`Invalid url: "${url}".`)
   }
@@ -87,7 +89,7 @@ function urlFromDid ({ did } = {}) {
   try {
     // URI-decode the url (in case it contained a port number,
     // for example, `did:web:localhost%3A8080`
-    parsedUrl = new URL('https://' + decodeURIComponent(urlNoProtocol));
+    parsedUrl = new whatwgUrl.URL('https://' + decodeURIComponent(urlNoProtocol));
   } catch (error) {
     throw new TypeError(`Cannot construct url from did: "${did}".`)
   }
@@ -132,7 +134,7 @@ function urlFromDid ({ did } = {}) {
  *   DID Document initialized with keys, as well as the map of the corresponding
  *   key pairs (by key id).
  */
-async function initKeys ({ didDocument, cryptoLd, keyMap = {} } = {}) {
+async function initKeys ({ didDocument, cryptoLd, keyMap } = {}) {
   const doc = { ...didDocument };
   if (!doc.id) {
     throw new TypeError(
@@ -196,7 +198,7 @@ class DidWebResolver {
    * @param [id] {string} - A did:web DID. If absent, will be converted from url
    * @param [url] {string}
    *
-   * @param [keyMap=DEFAULT_KEY_MAP] {object} A hashmap of key types by purpose.
+   * @param [keyMap] {object} A hashmap of key types by purpose.
    *
    * @parma [cryptoLd] {object} CryptoLD instance with support for supported
    *   crypto suites installed.
@@ -206,9 +208,27 @@ class DidWebResolver {
    *   with the corresponding key pairs used to generate it (for storage in a
    *   KMS).
    */
-  async generate ({ id, url, keyMap = this.keyMap, cryptoLd = this.cryptoLd } = {}) {
+  async generate ({ id, url, seed, keyMap, cryptoLd = this.cryptoLd } = {}) {
+    if (!id && !url) {
+      throw new TypeError('A "url" or an "id" parameter is required.')
+    }
+    if (seed && keyMap) {
+      throw new TypeError(
+        'Either a "seed" or a "keyMap" param must be provided, but not both.'
+      )
+    }
+
     const did = id || didFromUrl({ url });
 
+    if (seed) {
+      const keyPair = await _keyPairFromSecretSeed({
+        seed, controller: did, cryptoLd
+      });
+      keyMap = { assertionMethod: keyPair };
+    } else {
+      keyMap = keyMap || this.keyMap;
+    }
+
     // Compose the DID Document
     let didDocument = {
       '@context': [
@@ -330,6 +350,30 @@ class DidWebResolver {
   }
 }
 
+/**
+ * @param options {object}
+ * @param options.seed {string|Uint8Array}
+ * @param controller {string}
+ * @param cryptoLd {object}
+ *
+ * @return {Promise<LDKeyPair>}
+ */
+async function _keyPairFromSecretSeed ({ seed, controller, cryptoLd } = {}) {
+  let seedBytes;
+  if (typeof seed === 'string') {
+    // Currently only supports base58 multibase / identity multihash encoding.
+    if (!seed.startsWith('z1A')) {
+      throw new TypeError('"seed" parameter must be a multibase/multihash encoded string, or a Uint8Array.')
+    }
+    seedBytes = bnid.decodeSecretKeySeed({ secretKeySeed: seed });
+  } else {
+    seedBytes = new Uint8Array(seed);
+  }
+  return cryptoLd.generate({
+    controller, seed: seedBytes, type: 'Ed25519VerificationKey2020'
+  })
+}
+
 exports.DidWebResolver = DidWebResolver;
 exports.didFromUrl = didFromUrl;
 exports.initKeys = initKeys;

package/package.json

@@ -1,7 +1,7 @@
 {
   "name": "@interop/did-web-resolver",
   "description": "A did:web method Decentralized Identifier (DID) resolver for the did-io library.",
-  "version": "2.0.0",
+  "version": "2.2.1",
   "author": {
     "name": "Dmitri Zagidulin",
     "url": "https://github.com/dmitrizagidulin/"
@@ -39,14 +39,17 @@
     ".": {
       "require": "./dist/index.js",
       "import": "./dist/esm/index.js"
-    }
+    },
+    "./package.json": "./package.json"
   },
   "dependencies": {
-    "@digitalbazaar/did-io": "digitalbazaar/did-io#noesm",
-    "@digitalbazaar/http-client": "digitalbazaar/http-client#noesm",
-    "did-context": "digitalbazaar/did-context#nofs",
+    "@digitalcredentials/bnid": "^2.1.1",
+    "@digitalcredentials/did-io": "^1.0.2",
+    "@digitalcredentials/http-client": "^1.2.2",
+    "did-context": "^3.1.1",
     "ed25519-signature-2020-context": "^1.1.0",
-    "x25519-key-agreement-2020-context": "digitalbazaar/x25519-key-agreement-2020-context#nofs"
+    "whatwg-url": "^11.0.0",
+    "x25519-key-agreement-2020-context": "^1.0.0"
   },
   "devDependencies": {
     "@babel/core": "^7.16.7",
@@ -54,14 +57,14 @@
     "@babel/plugin-transform-runtime": "^7.16.7",
     "@babel/preset-env": "^7.16.7",
     "@babel/runtime": "^7.16.7",
-    "@digitalbazaar/ed25519-verification-key-2020": "^3.2.0",
-    "@digitalbazaar/x25519-key-agreement-key-2020": "^2.0.0",
+    "@digitalcredentials/ed25519-verification-key-2020": "^3.2.2",
+    "@digitalcredentials/x25519-key-agreement-key-2020": "^2.0.2",
     "babel-loader": "^8.2.3",
     "chai": "^4.3.4",
     "cross-env": "^7.0.3",
     "crypto-ld": "^6.0.0",
-    "esm": "^3.2.25",
     "dirty-chai": "^2.0.1",
+    "esm": "^3.2.25",
     "karma": "^6.3.9",
     "karma-babel-preprocessor": "^8.0.1",
     "karma-chai": "^0.1.0",
@@ -72,10 +75,10 @@
     "karma-webpack": "^5.0.0",
     "mocha": "^8.4.0",
     "nyc": "^15.1.0",
-    "sinon": "^12.0.1",
-    "standard": "^16.0.4",
     "rimraf": "^3.0.2",
     "rollup": "^2.62.0",
+    "sinon": "^12.0.1",
+    "standard": "^16.0.4",
     "webpack": "^5.65.0"
   },
   "nyc": {

package/src/DidWebResolver.js

@@ -1,8 +1,10 @@
-import { httpClient } from '@digitalbazaar/http-client'
-import * as didIo from '@digitalbazaar/did-io'
+import { httpClient } from '@digitalcredentials/http-client'
+import * as didIo from '@digitalcredentials/did-io'
 import ed25519Context from 'ed25519-signature-2020-context'
 import x25519Context from 'x25519-key-agreement-2020-context'
 import didContext from 'did-context'
+import { decodeSecretKeySeed } from '@digitalcredentials/bnid'
+import { URL } from 'whatwg-url'
 
 const { VERIFICATION_RELATIONSHIPS } = didIo
 
@@ -103,7 +105,7 @@ export function urlFromDid ({ did } = {}) {
  *   DID Document initialized with keys, as well as the map of the corresponding
  *   key pairs (by key id).
  */
-export async function initKeys ({ didDocument, cryptoLd, keyMap = {} } = {}) {
+export async function initKeys ({ didDocument, cryptoLd, keyMap } = {}) {
   const doc = { ...didDocument }
   if (!doc.id) {
     throw new TypeError(
@@ -167,7 +169,7 @@ export class DidWebResolver {
    * @param [id] {string} - A did:web DID. If absent, will be converted from url
    * @param [url] {string}
    *
-   * @param [keyMap=DEFAULT_KEY_MAP] {object} A hashmap of key types by purpose.
+   * @param [keyMap] {object} A hashmap of key types by purpose.
    *
    * @parma [cryptoLd] {object} CryptoLD instance with support for supported
    *   crypto suites installed.
@@ -177,9 +179,27 @@ export class DidWebResolver {
    *   with the corresponding key pairs used to generate it (for storage in a
    *   KMS).
    */
-  async generate ({ id, url, keyMap = this.keyMap, cryptoLd = this.cryptoLd } = {}) {
+  async generate ({ id, url, seed, keyMap, cryptoLd = this.cryptoLd } = {}) {
+    if (!id && !url) {
+      throw new TypeError('A "url" or an "id" parameter is required.')
+    }
+    if (seed && keyMap) {
+      throw new TypeError(
+        'Either a "seed" or a "keyMap" param must be provided, but not both.'
+      )
+    }
+
     const did = id || didFromUrl({ url })
 
+    if (seed) {
+      const keyPair = await _keyPairFromSecretSeed({
+        seed, controller: did, cryptoLd
+      })
+      keyMap = { assertionMethod: keyPair }
+    } else {
+      keyMap = keyMap || this.keyMap
+    }
+
     // Compose the DID Document
     let didDocument = {
       '@context': [
@@ -300,3 +320,27 @@ export class DidWebResolver {
     return method
   }
 }
+
+/**
+ * @param options {object}
+ * @param options.seed {string|Uint8Array}
+ * @param controller {string}
+ * @param cryptoLd {object}
+ *
+ * @return {Promise<LDKeyPair>}
+ */
+async function _keyPairFromSecretSeed ({ seed, controller, cryptoLd } = {}) {
+  let seedBytes
+  if (typeof seed === 'string') {
+    // Currently only supports base58 multibase / identity multihash encoding.
+    if (!seed.startsWith('z1A')) {
+      throw new TypeError('"seed" parameter must be a multibase/multihash encoded string, or a Uint8Array.')
+    }
+    seedBytes = decodeSecretKeySeed({ secretKeySeed: seed })
+  } else {
+    seedBytes = new Uint8Array(seed)
+  }
+  return cryptoLd.generate({
+    controller, seed: seedBytes, type: 'Ed25519VerificationKey2020'
+  })
+}

package/CHANGELOG.md

@@ -1,39 +0,0 @@
-# did-web-driver ChangeLog
-
-## 2.0.0 - 2022-01-01
-
-### Changed
-- Use rollup for build-time transpile instead of esm.
-- Use "no ESM" branches for all other deps.
-- `.get()` now also resolves keys (to match other did-io drivers).
-- **BREAKING**: Update ed25519 and X25519 dependencies to latest. You will have
-  to re-generate your `did:web` DID documents for this version, as the
-  key serialization formats have changed.
-
-## 1.1.0 - 2021-04-25
-
-### Added
-- Add `didWebDriver.publicMethodFor()`.
-
-## 1.0.1 - 2021-04-25
-
-### Fixed
-- Fix handling of hash fragments by `urlFromDid()`.
-- Add logger to constructor.
-
-## 1.0.0 - 2021-04-24
-
-### Changed
-- **BREAKING** Update to latest DID Core context
-- **BREAKING** Update to use crypto-ld v5 API, latest crypto suites
-- Add support for X25519KeyAgreementKey suite
-
-## 0.2.0 - 2020-08-01
-
-### Changed
-- **BREAKING**: Update to use crypto-ld v4 API
-
-## 0.0.1
-
-### Added
-- Initial implementation.