@twin.org/identity-connector-entity-storage 0.0.1-next.15 → 0.0.1-next.16
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/dist/cjs/index.cjs +11 -11
- package/dist/esm/index.mjs +12 -12
- package/docs/changelog.md +1 -1
- package/locales/en.json +3 -1
- package/package.json +2 -2
package/dist/cjs/index.cjs
CHANGED
|
@@ -136,7 +136,7 @@ class EntityStorageIdentityConnector {
|
|
|
136
136
|
core.Guards.stringValue(this.CLASS_NAME, "controller", controller);
|
|
137
137
|
try {
|
|
138
138
|
const did = `did:${EntityStorageIdentityConnector.NAMESPACE}:${core.Converter.bytesToHex(core.RandomHelper.generate(32), true)}`;
|
|
139
|
-
await this._vaultConnector.createKey(this.buildVaultKey(did, did), vaultModels.VaultKeyType.Ed25519);
|
|
139
|
+
await this._vaultConnector.createKey(this.buildVaultKey(did, "did"), vaultModels.VaultKeyType.Ed25519);
|
|
140
140
|
const bitString = new core.BitString(EntityStorageIdentityConnector._REVOCATION_BITS_SIZE);
|
|
141
141
|
const compressed = await core.Compression.compress(bitString.getBits(), core.CompressionType.Gzip);
|
|
142
142
|
const didDocument = {
|
|
@@ -197,7 +197,7 @@ class EntityStorageIdentityConnector {
|
|
|
197
197
|
}
|
|
198
198
|
await this.verifyDocument(didIdentityDocument);
|
|
199
199
|
const didDocument = didIdentityDocument.document;
|
|
200
|
-
const tempKeyId = `temp-${core.Converter.bytesToBase64Url(core.RandomHelper.generate(
|
|
200
|
+
const tempKeyId = `temp-vm-${core.Converter.bytesToBase64Url(core.RandomHelper.generate(16))}`;
|
|
201
201
|
const verificationPublicKey = await this._vaultConnector.createKey(this.buildVaultKey(didDocument.id, tempKeyId), vaultModels.VaultKeyType.Ed25519);
|
|
202
202
|
const jwkParams = {
|
|
203
203
|
alg: "EdDSA",
|
|
@@ -207,7 +207,7 @@ class EntityStorageIdentityConnector {
|
|
|
207
207
|
};
|
|
208
208
|
const kid = core.Converter.bytesToBase64Url(crypto.Sha256.sum256(core.Converter.utf8ToBytes(JSON.stringify(jwkParams))));
|
|
209
209
|
const methodId = `${documentId}#${verificationMethodId ?? kid}`;
|
|
210
|
-
await this._vaultConnector.renameKey(this.buildVaultKey(didDocument.id, tempKeyId), this.buildVaultKey(didDocument.id,
|
|
210
|
+
await this._vaultConnector.renameKey(this.buildVaultKey(didDocument.id, tempKeyId), this.buildVaultKey(didDocument.id, verificationMethodId ?? kid));
|
|
211
211
|
const methods = this.getAllMethods(didDocument);
|
|
212
212
|
const existingMethodIndex = methods.findIndex(m => {
|
|
213
213
|
if (core.Is.string(m.method)) {
|
|
@@ -465,7 +465,7 @@ class EntityStorageIdentityConnector {
|
|
|
465
465
|
vc: jwtVc
|
|
466
466
|
};
|
|
467
467
|
const signature = await web.Jwt.encodeWithSigner(jwtHeader, jwtPayload, async (alg, key, payload) => {
|
|
468
|
-
const sig = await this._vaultConnector.sign(this.buildVaultKey(idParts.id,
|
|
468
|
+
const sig = await this._vaultConnector.sign(this.buildVaultKey(idParts.id, idParts.hash ?? ""), payload);
|
|
469
469
|
return sig;
|
|
470
470
|
});
|
|
471
471
|
return {
|
|
@@ -713,7 +713,7 @@ class EntityStorageIdentityConnector {
|
|
|
713
713
|
jwtPayload.exp = Math.floor(Date.now() / 1000) + expiresInSeconds;
|
|
714
714
|
}
|
|
715
715
|
const signature = await web.Jwt.encodeWithSigner(jwtHeader, jwtPayload, async (alg, key, payload) => {
|
|
716
|
-
const sig = await this._vaultConnector.sign(this.buildVaultKey(idParts.id,
|
|
716
|
+
const sig = await this._vaultConnector.sign(this.buildVaultKey(idParts.id, idParts.hash ?? ""), payload);
|
|
717
717
|
return sig;
|
|
718
718
|
});
|
|
719
719
|
return {
|
|
@@ -830,11 +830,11 @@ class EntityStorageIdentityConnector {
|
|
|
830
830
|
if (!core.Is.stringValue(didMethod.publicKeyJwk?.x)) {
|
|
831
831
|
throw new core.GeneralError(this.CLASS_NAME, "publicKeyJwkMissing");
|
|
832
832
|
}
|
|
833
|
-
const signature = await this._vaultConnector.sign(this.buildVaultKey(didDocument.id,
|
|
833
|
+
const signature = await this._vaultConnector.sign(this.buildVaultKey(didDocument.id, idParts.hash ?? ""), bytes);
|
|
834
834
|
return {
|
|
835
835
|
"@context": standardsW3cDid.DidContexts.ContextVCDataIntegrity,
|
|
836
836
|
type: standardsW3cDid.DidTypes.DataIntegrityProof,
|
|
837
|
-
cryptosuite:
|
|
837
|
+
cryptosuite: standardsW3cDid.DidCryptoSuites.EdDSAJcs2022,
|
|
838
838
|
created: new Date(Date.now()).toISOString(),
|
|
839
839
|
verificationMethod: verificationMethodId,
|
|
840
840
|
proofPurpose: "assertionMethod",
|
|
@@ -862,7 +862,7 @@ class EntityStorageIdentityConnector {
|
|
|
862
862
|
if (proof.type !== standardsW3cDid.DidTypes.DataIntegrityProof) {
|
|
863
863
|
throw new core.GeneralError(this.CLASS_NAME, "proofType", { proofType: proof.type });
|
|
864
864
|
}
|
|
865
|
-
if (proof.cryptosuite !==
|
|
865
|
+
if (proof.cryptosuite !== standardsW3cDid.DidCryptoSuites.EdDSAJcs2022) {
|
|
866
866
|
throw new core.GeneralError(this.CLASS_NAME, "cryptoSuite", { cryptosuite: proof.cryptosuite });
|
|
867
867
|
}
|
|
868
868
|
const idParts = identityModels.DocumentHelper.parse(proof.verificationMethod);
|
|
@@ -889,7 +889,7 @@ class EntityStorageIdentityConnector {
|
|
|
889
889
|
if (!core.Is.stringValue(didMethod.publicKeyJwk?.x)) {
|
|
890
890
|
throw new core.GeneralError(this.CLASS_NAME, "publicKeyJwkMissing");
|
|
891
891
|
}
|
|
892
|
-
return this._vaultConnector.verify(this.buildVaultKey(didIdentityDocument.id,
|
|
892
|
+
return this._vaultConnector.verify(this.buildVaultKey(didIdentityDocument.id, idParts.hash), bytes, core.Converter.base58ToBytes(proof.proofValue));
|
|
893
893
|
}
|
|
894
894
|
catch (error) {
|
|
895
895
|
throw new core.GeneralError(this.CLASS_NAME, "verifyProofFailed", undefined, error);
|
|
@@ -950,7 +950,7 @@ class EntityStorageIdentityConnector {
|
|
|
950
950
|
async verifyDocument(didDocument) {
|
|
951
951
|
const stringifiedDocument = core.JsonHelper.canonicalize(didDocument.document);
|
|
952
952
|
const docBytes = core.Converter.utf8ToBytes(stringifiedDocument);
|
|
953
|
-
const verified = await this._vaultConnector.verify(this.buildVaultKey(didDocument.id,
|
|
953
|
+
const verified = await this._vaultConnector.verify(this.buildVaultKey(didDocument.id, "did"), docBytes, core.Converter.base64ToBytes(didDocument.signature));
|
|
954
954
|
if (!verified) {
|
|
955
955
|
throw new core.GeneralError(this.CLASS_NAME, "signatureVerificationFailed");
|
|
956
956
|
}
|
|
@@ -964,7 +964,7 @@ class EntityStorageIdentityConnector {
|
|
|
964
964
|
async updateDocument(controller, didDocument) {
|
|
965
965
|
const stringifiedDocument = core.JsonHelper.canonicalize(didDocument);
|
|
966
966
|
const docBytes = core.Converter.utf8ToBytes(stringifiedDocument);
|
|
967
|
-
const signature = await this._vaultConnector.sign(this.buildVaultKey(didDocument.id,
|
|
967
|
+
const signature = await this._vaultConnector.sign(this.buildVaultKey(didDocument.id, "did"), docBytes);
|
|
968
968
|
await this._didDocumentEntityStorage.set({
|
|
969
969
|
id: didDocument.id,
|
|
970
970
|
document: didDocument,
|
package/dist/esm/index.mjs
CHANGED
|
@@ -4,7 +4,7 @@ import { Sha256 } from '@twin.org/crypto';
|
|
|
4
4
|
import { JsonLdProcessor } from '@twin.org/data-json-ld';
|
|
5
5
|
import { EntityStorageConnectorFactory } from '@twin.org/entity-storage-models';
|
|
6
6
|
import { DocumentHelper } from '@twin.org/identity-models';
|
|
7
|
-
import { DidVerificationMethodType, DidTypes, DidContexts } from '@twin.org/standards-w3c-did';
|
|
7
|
+
import { DidVerificationMethodType, DidTypes, DidContexts, DidCryptoSuites } from '@twin.org/standards-w3c-did';
|
|
8
8
|
import { VaultConnectorFactory, VaultKeyType } from '@twin.org/vault-models';
|
|
9
9
|
import { Jwt } from '@twin.org/web';
|
|
10
10
|
|
|
@@ -134,7 +134,7 @@ class EntityStorageIdentityConnector {
|
|
|
134
134
|
Guards.stringValue(this.CLASS_NAME, "controller", controller);
|
|
135
135
|
try {
|
|
136
136
|
const did = `did:${EntityStorageIdentityConnector.NAMESPACE}:${Converter.bytesToHex(RandomHelper.generate(32), true)}`;
|
|
137
|
-
await this._vaultConnector.createKey(this.buildVaultKey(did, did), VaultKeyType.Ed25519);
|
|
137
|
+
await this._vaultConnector.createKey(this.buildVaultKey(did, "did"), VaultKeyType.Ed25519);
|
|
138
138
|
const bitString = new BitString(EntityStorageIdentityConnector._REVOCATION_BITS_SIZE);
|
|
139
139
|
const compressed = await Compression.compress(bitString.getBits(), CompressionType.Gzip);
|
|
140
140
|
const didDocument = {
|
|
@@ -195,7 +195,7 @@ class EntityStorageIdentityConnector {
|
|
|
195
195
|
}
|
|
196
196
|
await this.verifyDocument(didIdentityDocument);
|
|
197
197
|
const didDocument = didIdentityDocument.document;
|
|
198
|
-
const tempKeyId = `temp-${Converter.bytesToBase64Url(RandomHelper.generate(
|
|
198
|
+
const tempKeyId = `temp-vm-${Converter.bytesToBase64Url(RandomHelper.generate(16))}`;
|
|
199
199
|
const verificationPublicKey = await this._vaultConnector.createKey(this.buildVaultKey(didDocument.id, tempKeyId), VaultKeyType.Ed25519);
|
|
200
200
|
const jwkParams = {
|
|
201
201
|
alg: "EdDSA",
|
|
@@ -205,7 +205,7 @@ class EntityStorageIdentityConnector {
|
|
|
205
205
|
};
|
|
206
206
|
const kid = Converter.bytesToBase64Url(Sha256.sum256(Converter.utf8ToBytes(JSON.stringify(jwkParams))));
|
|
207
207
|
const methodId = `${documentId}#${verificationMethodId ?? kid}`;
|
|
208
|
-
await this._vaultConnector.renameKey(this.buildVaultKey(didDocument.id, tempKeyId), this.buildVaultKey(didDocument.id,
|
|
208
|
+
await this._vaultConnector.renameKey(this.buildVaultKey(didDocument.id, tempKeyId), this.buildVaultKey(didDocument.id, verificationMethodId ?? kid));
|
|
209
209
|
const methods = this.getAllMethods(didDocument);
|
|
210
210
|
const existingMethodIndex = methods.findIndex(m => {
|
|
211
211
|
if (Is.string(m.method)) {
|
|
@@ -463,7 +463,7 @@ class EntityStorageIdentityConnector {
|
|
|
463
463
|
vc: jwtVc
|
|
464
464
|
};
|
|
465
465
|
const signature = await Jwt.encodeWithSigner(jwtHeader, jwtPayload, async (alg, key, payload) => {
|
|
466
|
-
const sig = await this._vaultConnector.sign(this.buildVaultKey(idParts.id,
|
|
466
|
+
const sig = await this._vaultConnector.sign(this.buildVaultKey(idParts.id, idParts.hash ?? ""), payload);
|
|
467
467
|
return sig;
|
|
468
468
|
});
|
|
469
469
|
return {
|
|
@@ -711,7 +711,7 @@ class EntityStorageIdentityConnector {
|
|
|
711
711
|
jwtPayload.exp = Math.floor(Date.now() / 1000) + expiresInSeconds;
|
|
712
712
|
}
|
|
713
713
|
const signature = await Jwt.encodeWithSigner(jwtHeader, jwtPayload, async (alg, key, payload) => {
|
|
714
|
-
const sig = await this._vaultConnector.sign(this.buildVaultKey(idParts.id,
|
|
714
|
+
const sig = await this._vaultConnector.sign(this.buildVaultKey(idParts.id, idParts.hash ?? ""), payload);
|
|
715
715
|
return sig;
|
|
716
716
|
});
|
|
717
717
|
return {
|
|
@@ -828,11 +828,11 @@ class EntityStorageIdentityConnector {
|
|
|
828
828
|
if (!Is.stringValue(didMethod.publicKeyJwk?.x)) {
|
|
829
829
|
throw new GeneralError(this.CLASS_NAME, "publicKeyJwkMissing");
|
|
830
830
|
}
|
|
831
|
-
const signature = await this._vaultConnector.sign(this.buildVaultKey(didDocument.id,
|
|
831
|
+
const signature = await this._vaultConnector.sign(this.buildVaultKey(didDocument.id, idParts.hash ?? ""), bytes);
|
|
832
832
|
return {
|
|
833
833
|
"@context": DidContexts.ContextVCDataIntegrity,
|
|
834
834
|
type: DidTypes.DataIntegrityProof,
|
|
835
|
-
cryptosuite:
|
|
835
|
+
cryptosuite: DidCryptoSuites.EdDSAJcs2022,
|
|
836
836
|
created: new Date(Date.now()).toISOString(),
|
|
837
837
|
verificationMethod: verificationMethodId,
|
|
838
838
|
proofPurpose: "assertionMethod",
|
|
@@ -860,7 +860,7 @@ class EntityStorageIdentityConnector {
|
|
|
860
860
|
if (proof.type !== DidTypes.DataIntegrityProof) {
|
|
861
861
|
throw new GeneralError(this.CLASS_NAME, "proofType", { proofType: proof.type });
|
|
862
862
|
}
|
|
863
|
-
if (proof.cryptosuite !==
|
|
863
|
+
if (proof.cryptosuite !== DidCryptoSuites.EdDSAJcs2022) {
|
|
864
864
|
throw new GeneralError(this.CLASS_NAME, "cryptoSuite", { cryptosuite: proof.cryptosuite });
|
|
865
865
|
}
|
|
866
866
|
const idParts = DocumentHelper.parse(proof.verificationMethod);
|
|
@@ -887,7 +887,7 @@ class EntityStorageIdentityConnector {
|
|
|
887
887
|
if (!Is.stringValue(didMethod.publicKeyJwk?.x)) {
|
|
888
888
|
throw new GeneralError(this.CLASS_NAME, "publicKeyJwkMissing");
|
|
889
889
|
}
|
|
890
|
-
return this._vaultConnector.verify(this.buildVaultKey(didIdentityDocument.id,
|
|
890
|
+
return this._vaultConnector.verify(this.buildVaultKey(didIdentityDocument.id, idParts.hash), bytes, Converter.base58ToBytes(proof.proofValue));
|
|
891
891
|
}
|
|
892
892
|
catch (error) {
|
|
893
893
|
throw new GeneralError(this.CLASS_NAME, "verifyProofFailed", undefined, error);
|
|
@@ -948,7 +948,7 @@ class EntityStorageIdentityConnector {
|
|
|
948
948
|
async verifyDocument(didDocument) {
|
|
949
949
|
const stringifiedDocument = JsonHelper.canonicalize(didDocument.document);
|
|
950
950
|
const docBytes = Converter.utf8ToBytes(stringifiedDocument);
|
|
951
|
-
const verified = await this._vaultConnector.verify(this.buildVaultKey(didDocument.id,
|
|
951
|
+
const verified = await this._vaultConnector.verify(this.buildVaultKey(didDocument.id, "did"), docBytes, Converter.base64ToBytes(didDocument.signature));
|
|
952
952
|
if (!verified) {
|
|
953
953
|
throw new GeneralError(this.CLASS_NAME, "signatureVerificationFailed");
|
|
954
954
|
}
|
|
@@ -962,7 +962,7 @@ class EntityStorageIdentityConnector {
|
|
|
962
962
|
async updateDocument(controller, didDocument) {
|
|
963
963
|
const stringifiedDocument = JsonHelper.canonicalize(didDocument);
|
|
964
964
|
const docBytes = Converter.utf8ToBytes(stringifiedDocument);
|
|
965
|
-
const signature = await this._vaultConnector.sign(this.buildVaultKey(didDocument.id,
|
|
965
|
+
const signature = await this._vaultConnector.sign(this.buildVaultKey(didDocument.id, "did"), docBytes);
|
|
966
966
|
await this._didDocumentEntityStorage.set({
|
|
967
967
|
id: didDocument.id,
|
|
968
968
|
document: didDocument,
|
package/docs/changelog.md
CHANGED
package/locales/en.json
CHANGED
|
@@ -26,7 +26,9 @@
|
|
|
26
26
|
"methodMissing": "The verification method specified does not exist",
|
|
27
27
|
"verifyProofFailed": "Verifying the signature for the data failed",
|
|
28
28
|
"revokeVerifiableCredentialsFailed": "Revoking verifiable credentials failed",
|
|
29
|
-
"unrevokeVerifiableCredentialsFailed": "Unrevoking verifiable credentials failed"
|
|
29
|
+
"unrevokeVerifiableCredentialsFailed": "Unrevoking verifiable credentials failed",
|
|
30
|
+
"proofType": "The proof type must be DataIntegrityProof, it is currently {proofType}",
|
|
31
|
+
"cryptosuite": "The proof cryptosuite must be eddsa-jcs-2022, it is currently {cryptosuite}"
|
|
30
32
|
},
|
|
31
33
|
"entityStorageIdentityProfileConnector": {
|
|
32
34
|
"alreadyExists": "The identity profile already exists for the identity \"{existingId}\"",
|
package/package.json
CHANGED
|
@@ -1,6 +1,6 @@
|
|
|
1
1
|
{
|
|
2
2
|
"name": "@twin.org/identity-connector-entity-storage",
|
|
3
|
-
"version": "0.0.1-next.
|
|
3
|
+
"version": "0.0.1-next.16",
|
|
4
4
|
"description": "Identity connector implementation using entity storage",
|
|
5
5
|
"repository": {
|
|
6
6
|
"type": "git",
|
|
@@ -19,7 +19,7 @@
|
|
|
19
19
|
"@twin.org/data-core": "next",
|
|
20
20
|
"@twin.org/data-json-ld": "next",
|
|
21
21
|
"@twin.org/entity": "next",
|
|
22
|
-
"@twin.org/identity-models": "0.0.1-next.
|
|
22
|
+
"@twin.org/identity-models": "0.0.1-next.16",
|
|
23
23
|
"@twin.org/nameof": "next",
|
|
24
24
|
"@twin.org/standards-w3c-did": "next",
|
|
25
25
|
"@twin.org/vault-models": "next",
|