@twin.org/standards-w3c-did 0.0.1-next.29 → 0.0.1-next.30
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/dist/cjs/index.cjs +48 -5
- package/dist/esm/index.mjs +48 -5
- package/dist/types/signerVerifiers/dataIntegrityProofSignerVerifier.d.ts +1 -1
- package/dist/types/utils/proofHelper.d.ts +9 -0
- package/docs/changelog.md +1 -1
- package/docs/reference/classes/ProofHelper.md +38 -0
- package/package.json +1 -1
package/dist/cjs/index.cjs
CHANGED
|
@@ -2,8 +2,8 @@
|
|
|
2
2
|
|
|
3
3
|
var core = require('@twin.org/core');
|
|
4
4
|
var crypto = require('@twin.org/crypto');
|
|
5
|
-
var web = require('@twin.org/web');
|
|
6
5
|
var dataJsonLd = require('@twin.org/data-json-ld');
|
|
6
|
+
var web = require('@twin.org/web');
|
|
7
7
|
|
|
8
8
|
// Copyright 2024 IOTA Stiftung.
|
|
9
9
|
// SPDX-License-Identifier: Apache-2.0.
|
|
@@ -172,9 +172,12 @@ class DataIntegrityProofSignerVerifier {
|
|
|
172
172
|
if (!core.Is.uint8Array(rawKeys.privateKey)) {
|
|
173
173
|
throw new core.GeneralError(this.CLASS_NAME, "missingPrivateKey");
|
|
174
174
|
}
|
|
175
|
+
const unsecuredDocumentClone = core.ObjectHelper.clone(unsecuredDocument);
|
|
176
|
+
const signedProof = core.ObjectHelper.clone(unsignedProof);
|
|
177
|
+
unsecuredDocumentClone["@context"] = dataJsonLd.JsonLdProcessor.combineContexts(unsecuredDocumentClone["@context"], DidContexts.ContextDataIntegrity);
|
|
178
|
+
signedProof["@context"] = unsecuredDocumentClone["@context"];
|
|
175
179
|
const combinedHash = await this.createHash(unsecuredDocument, unsignedProof);
|
|
176
180
|
const signature = crypto.Ed25519.sign(rawKeys.privateKey, combinedHash);
|
|
177
|
-
const signedProof = core.ObjectHelper.clone(unsignedProof);
|
|
178
181
|
signedProof.proofValue = `z${core.Converter.bytesToBase58(signature)}`;
|
|
179
182
|
return signedProof;
|
|
180
183
|
}
|
|
@@ -217,9 +220,8 @@ class DataIntegrityProofSignerVerifier {
|
|
|
217
220
|
cryptoSuite: proofOptionsClone.cryptosuite
|
|
218
221
|
});
|
|
219
222
|
}
|
|
220
|
-
|
|
221
|
-
|
|
222
|
-
}
|
|
223
|
+
unsecuredDocumentClone["@context"] = dataJsonLd.JsonLdProcessor.combineContexts(unsecuredDocumentClone["@context"], DidContexts.ContextDataIntegrity);
|
|
224
|
+
proofOptionsClone["@context"] = unsecuredDocumentClone["@context"];
|
|
223
225
|
const transformedDocument = core.JsonHelper.canonicalize(unsecuredDocumentClone);
|
|
224
226
|
const transformedDocumentHash = crypto.Sha256.sum256(core.Converter.utf8ToBytes(transformedDocument));
|
|
225
227
|
const transformedProofOptions = core.JsonHelper.canonicalize(proofOptionsClone);
|
|
@@ -249,10 +251,13 @@ class JsonWebSignature2020SignerVerifier {
|
|
|
249
251
|
core.Guards.object(this.CLASS_NAME, "unsecuredDocument", unsecuredDocument);
|
|
250
252
|
core.Guards.object(this.CLASS_NAME, "unsignedProof", unsignedProof);
|
|
251
253
|
core.Guards.object(this.CLASS_NAME, "signKey", signKey);
|
|
254
|
+
const unsecuredDocumentClone = core.ObjectHelper.clone(unsecuredDocument);
|
|
255
|
+
unsecuredDocumentClone["@context"] = dataJsonLd.JsonLdProcessor.combineContexts(unsecuredDocumentClone["@context"], DidContexts.ContextSecurityJws2020);
|
|
252
256
|
const hash = await this.createHash(unsecuredDocument, unsignedProof);
|
|
253
257
|
const cryptoKey = await web.Jwk.toCryptoKey(signKey);
|
|
254
258
|
const signature = await web.Jws.create(cryptoKey, hash);
|
|
255
259
|
const signedProof = core.ObjectHelper.clone(unsignedProof);
|
|
260
|
+
signedProof["@context"] = unsecuredDocumentClone["@context"];
|
|
256
261
|
signedProof.jws = signature;
|
|
257
262
|
return signedProof;
|
|
258
263
|
}
|
|
@@ -470,6 +475,44 @@ class ProofHelper {
|
|
|
470
475
|
const signerVerifier = ProofHelper.createSignerVerifier(signedProof.type);
|
|
471
476
|
return signerVerifier.verifyProof(securedDocument, signedProof, verifyKey);
|
|
472
477
|
}
|
|
478
|
+
/**
|
|
479
|
+
* Create an unsigned proof.
|
|
480
|
+
* @param proofType The type of proof to create.
|
|
481
|
+
* @param verificationMethodId The verification method id.
|
|
482
|
+
* @param otherParams Other parameters for the proof.
|
|
483
|
+
* @returns The created proof.
|
|
484
|
+
* @throws GeneralError if the proof type is not supported.
|
|
485
|
+
*/
|
|
486
|
+
static createUnsignedProof(proofType, verificationMethodId,
|
|
487
|
+
// eslint-disable-next-line @typescript-eslint/no-explicit-any
|
|
488
|
+
otherParams) {
|
|
489
|
+
let proof;
|
|
490
|
+
if (proofType === ProofTypes.DataIntegrityProof) {
|
|
491
|
+
proof = {
|
|
492
|
+
"@context": DidContexts.ContextDataIntegrity,
|
|
493
|
+
type: ProofTypes.DataIntegrityProof,
|
|
494
|
+
cryptosuite: DidCryptoSuites.EdDSAJcs2022,
|
|
495
|
+
created: new Date(Date.now()).toISOString(),
|
|
496
|
+
verificationMethod: verificationMethodId,
|
|
497
|
+
proofPurpose: "assertionMethod",
|
|
498
|
+
...otherParams
|
|
499
|
+
};
|
|
500
|
+
}
|
|
501
|
+
else if (proofType === ProofTypes.JsonWebSignature2020) {
|
|
502
|
+
proof = {
|
|
503
|
+
"@context": DidContexts.ContextSecurityJws2020,
|
|
504
|
+
type: ProofTypes.JsonWebSignature2020,
|
|
505
|
+
created: new Date(Date.now()).toISOString(),
|
|
506
|
+
verificationMethod: verificationMethodId,
|
|
507
|
+
proofPurpose: "assertionMethod",
|
|
508
|
+
...otherParams
|
|
509
|
+
};
|
|
510
|
+
}
|
|
511
|
+
if (core.Is.empty(proof)) {
|
|
512
|
+
throw new core.GeneralError(ProofHelper.CLASS_NAME, "unsupportedProofType", { proofType });
|
|
513
|
+
}
|
|
514
|
+
return proof;
|
|
515
|
+
}
|
|
473
516
|
}
|
|
474
517
|
|
|
475
518
|
exports.DataIntegrityProofSignerVerifier = DataIntegrityProofSignerVerifier;
|
package/dist/esm/index.mjs
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
import { Guards, Is, GeneralError, ObjectHelper, Converter, JsonHelper, Uint8ArrayHelper } from '@twin.org/core';
|
|
2
2
|
import { Ed25519, Sha256 } from '@twin.org/crypto';
|
|
3
|
-
import { Jwk, Jws } from '@twin.org/web';
|
|
4
3
|
import { JsonLdProcessor } from '@twin.org/data-json-ld';
|
|
4
|
+
import { Jwk, Jws } from '@twin.org/web';
|
|
5
5
|
|
|
6
6
|
// Copyright 2024 IOTA Stiftung.
|
|
7
7
|
// SPDX-License-Identifier: Apache-2.0.
|
|
@@ -170,9 +170,12 @@ class DataIntegrityProofSignerVerifier {
|
|
|
170
170
|
if (!Is.uint8Array(rawKeys.privateKey)) {
|
|
171
171
|
throw new GeneralError(this.CLASS_NAME, "missingPrivateKey");
|
|
172
172
|
}
|
|
173
|
+
const unsecuredDocumentClone = ObjectHelper.clone(unsecuredDocument);
|
|
174
|
+
const signedProof = ObjectHelper.clone(unsignedProof);
|
|
175
|
+
unsecuredDocumentClone["@context"] = JsonLdProcessor.combineContexts(unsecuredDocumentClone["@context"], DidContexts.ContextDataIntegrity);
|
|
176
|
+
signedProof["@context"] = unsecuredDocumentClone["@context"];
|
|
173
177
|
const combinedHash = await this.createHash(unsecuredDocument, unsignedProof);
|
|
174
178
|
const signature = Ed25519.sign(rawKeys.privateKey, combinedHash);
|
|
175
|
-
const signedProof = ObjectHelper.clone(unsignedProof);
|
|
176
179
|
signedProof.proofValue = `z${Converter.bytesToBase58(signature)}`;
|
|
177
180
|
return signedProof;
|
|
178
181
|
}
|
|
@@ -215,9 +218,8 @@ class DataIntegrityProofSignerVerifier {
|
|
|
215
218
|
cryptoSuite: proofOptionsClone.cryptosuite
|
|
216
219
|
});
|
|
217
220
|
}
|
|
218
|
-
|
|
219
|
-
|
|
220
|
-
}
|
|
221
|
+
unsecuredDocumentClone["@context"] = JsonLdProcessor.combineContexts(unsecuredDocumentClone["@context"], DidContexts.ContextDataIntegrity);
|
|
222
|
+
proofOptionsClone["@context"] = unsecuredDocumentClone["@context"];
|
|
221
223
|
const transformedDocument = JsonHelper.canonicalize(unsecuredDocumentClone);
|
|
222
224
|
const transformedDocumentHash = Sha256.sum256(Converter.utf8ToBytes(transformedDocument));
|
|
223
225
|
const transformedProofOptions = JsonHelper.canonicalize(proofOptionsClone);
|
|
@@ -247,10 +249,13 @@ class JsonWebSignature2020SignerVerifier {
|
|
|
247
249
|
Guards.object(this.CLASS_NAME, "unsecuredDocument", unsecuredDocument);
|
|
248
250
|
Guards.object(this.CLASS_NAME, "unsignedProof", unsignedProof);
|
|
249
251
|
Guards.object(this.CLASS_NAME, "signKey", signKey);
|
|
252
|
+
const unsecuredDocumentClone = ObjectHelper.clone(unsecuredDocument);
|
|
253
|
+
unsecuredDocumentClone["@context"] = JsonLdProcessor.combineContexts(unsecuredDocumentClone["@context"], DidContexts.ContextSecurityJws2020);
|
|
250
254
|
const hash = await this.createHash(unsecuredDocument, unsignedProof);
|
|
251
255
|
const cryptoKey = await Jwk.toCryptoKey(signKey);
|
|
252
256
|
const signature = await Jws.create(cryptoKey, hash);
|
|
253
257
|
const signedProof = ObjectHelper.clone(unsignedProof);
|
|
258
|
+
signedProof["@context"] = unsecuredDocumentClone["@context"];
|
|
254
259
|
signedProof.jws = signature;
|
|
255
260
|
return signedProof;
|
|
256
261
|
}
|
|
@@ -468,6 +473,44 @@ class ProofHelper {
|
|
|
468
473
|
const signerVerifier = ProofHelper.createSignerVerifier(signedProof.type);
|
|
469
474
|
return signerVerifier.verifyProof(securedDocument, signedProof, verifyKey);
|
|
470
475
|
}
|
|
476
|
+
/**
|
|
477
|
+
* Create an unsigned proof.
|
|
478
|
+
* @param proofType The type of proof to create.
|
|
479
|
+
* @param verificationMethodId The verification method id.
|
|
480
|
+
* @param otherParams Other parameters for the proof.
|
|
481
|
+
* @returns The created proof.
|
|
482
|
+
* @throws GeneralError if the proof type is not supported.
|
|
483
|
+
*/
|
|
484
|
+
static createUnsignedProof(proofType, verificationMethodId,
|
|
485
|
+
// eslint-disable-next-line @typescript-eslint/no-explicit-any
|
|
486
|
+
otherParams) {
|
|
487
|
+
let proof;
|
|
488
|
+
if (proofType === ProofTypes.DataIntegrityProof) {
|
|
489
|
+
proof = {
|
|
490
|
+
"@context": DidContexts.ContextDataIntegrity,
|
|
491
|
+
type: ProofTypes.DataIntegrityProof,
|
|
492
|
+
cryptosuite: DidCryptoSuites.EdDSAJcs2022,
|
|
493
|
+
created: new Date(Date.now()).toISOString(),
|
|
494
|
+
verificationMethod: verificationMethodId,
|
|
495
|
+
proofPurpose: "assertionMethod",
|
|
496
|
+
...otherParams
|
|
497
|
+
};
|
|
498
|
+
}
|
|
499
|
+
else if (proofType === ProofTypes.JsonWebSignature2020) {
|
|
500
|
+
proof = {
|
|
501
|
+
"@context": DidContexts.ContextSecurityJws2020,
|
|
502
|
+
type: ProofTypes.JsonWebSignature2020,
|
|
503
|
+
created: new Date(Date.now()).toISOString(),
|
|
504
|
+
verificationMethod: verificationMethodId,
|
|
505
|
+
proofPurpose: "assertionMethod",
|
|
506
|
+
...otherParams
|
|
507
|
+
};
|
|
508
|
+
}
|
|
509
|
+
if (Is.empty(proof)) {
|
|
510
|
+
throw new GeneralError(ProofHelper.CLASS_NAME, "unsupportedProofType", { proofType });
|
|
511
|
+
}
|
|
512
|
+
return proof;
|
|
513
|
+
}
|
|
471
514
|
}
|
|
472
515
|
|
|
473
516
|
export { DataIntegrityProofSignerVerifier, DidContexts, DidCryptoSuites, DidTypes, DidVerificationMethodType, JsonWebSignature2020SignerVerifier, MultikeyHelper, ProofHelper, ProofTypes };
|
|
@@ -1,4 +1,4 @@
|
|
|
1
|
-
import type
|
|
1
|
+
import { type IJsonLdNodeObject } from "@twin.org/data-json-ld";
|
|
2
2
|
import { type IJwk } from "@twin.org/web";
|
|
3
3
|
import type { IDataIntegrityProof } from "../models/IDataIntegrityProof";
|
|
4
4
|
import type { IProof } from "../models/IProof";
|
|
@@ -35,4 +35,13 @@ export declare class ProofHelper {
|
|
|
35
35
|
* @returns True if the credential was verified.
|
|
36
36
|
*/
|
|
37
37
|
static verifyProof(securedDocument: IJsonLdNodeObject, signedProof: IProof, verifyKey: IJwk): Promise<boolean>;
|
|
38
|
+
/**
|
|
39
|
+
* Create an unsigned proof.
|
|
40
|
+
* @param proofType The type of proof to create.
|
|
41
|
+
* @param verificationMethodId The verification method id.
|
|
42
|
+
* @param otherParams Other parameters for the proof.
|
|
43
|
+
* @returns The created proof.
|
|
44
|
+
* @throws GeneralError if the proof type is not supported.
|
|
45
|
+
*/
|
|
46
|
+
static createUnsignedProof(proofType: ProofTypes, verificationMethodId: string, otherParams?: any): IProof;
|
|
38
47
|
}
|
package/docs/changelog.md
CHANGED
|
@@ -119,3 +119,41 @@ The public key to verify the proof with.
|
|
|
119
119
|
`Promise`\<`boolean`\>
|
|
120
120
|
|
|
121
121
|
True if the credential was verified.
|
|
122
|
+
|
|
123
|
+
***
|
|
124
|
+
|
|
125
|
+
### createUnsignedProof()
|
|
126
|
+
|
|
127
|
+
> `static` **createUnsignedProof**(`proofType`, `verificationMethodId`, `otherParams`?): [`IProof`](../type-aliases/IProof.md)
|
|
128
|
+
|
|
129
|
+
Create an unsigned proof.
|
|
130
|
+
|
|
131
|
+
#### Parameters
|
|
132
|
+
|
|
133
|
+
##### proofType
|
|
134
|
+
|
|
135
|
+
[`ProofTypes`](../type-aliases/ProofTypes.md)
|
|
136
|
+
|
|
137
|
+
The type of proof to create.
|
|
138
|
+
|
|
139
|
+
##### verificationMethodId
|
|
140
|
+
|
|
141
|
+
`string`
|
|
142
|
+
|
|
143
|
+
The verification method id.
|
|
144
|
+
|
|
145
|
+
##### otherParams?
|
|
146
|
+
|
|
147
|
+
`any`
|
|
148
|
+
|
|
149
|
+
Other parameters for the proof.
|
|
150
|
+
|
|
151
|
+
#### Returns
|
|
152
|
+
|
|
153
|
+
[`IProof`](../type-aliases/IProof.md)
|
|
154
|
+
|
|
155
|
+
The created proof.
|
|
156
|
+
|
|
157
|
+
#### Throws
|
|
158
|
+
|
|
159
|
+
GeneralError if the proof type is not supported.
|