/
signing.test.ts
136 lines (117 loc) · 4.87 KB
/
signing.test.ts
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
/* eslint-env jest */
import * as signing from '../src/signing.js'
import type { PublicKey, DagJWS } from '../src/signing.js'
import { toBase64url } from '../src/utils'
import { fixtures } from './__fixtures__/signing.fixtures'
import { CID, bytes } from 'multiformats'
import { ES256KSigner, Signer, createJWS, verifyJWS } from 'did-jwt'
import stringify from 'fast-json-stable-stringify'
import { fromString } from 'uint8arrays'
export async function createDagJWS(
cid: CID,
signer: Signer,
protectedHeader?: Record<string, any>
): Promise<DagJWS> {
// TODO - this function only supports single signature for now
cid = CID.asCID(cid)
if (!cid) throw new Error('A CID has to be used as a payload')
const payload = toBase64url(cid.bytes)
if (protectedHeader) protectedHeader = JSON.parse(stringify(protectedHeader))
const jws = await createJWS(payload, signer, protectedHeader)
const dagJws = signing.fromSplit(jws.split('.'))
dagJws.link = cid
return dagJws
}
function verifyDagJWS(jws: DagJWS, publicKeys: Array<PublicKey>): Array<PublicKey> {
// TODO - this function should probably use multikeys
const pubkeys = []
for (const signObj of jws.signatures) {
const jwsString = `${signObj.protected}.${jws.payload}.${signObj.signature}`
pubkeys.push(verifyJWS(jwsString, publicKeys))
}
return pubkeys
}
describe('Signing support', () => {
let signer1, signer2
beforeAll(() => {
signer1 = ES256KSigner(fromString(fixtures.keys[0].priv, 'base16'))
signer2 = ES256KSigner(fromString(fixtures.keys[1].priv, 'base16'))
})
describe('fromSplit', () => {
it('Converts split jws to a general jws', () => {
const compact = fixtures.compact
expect(signing.fromSplit(compact.split('.'))).toEqual(fixtures.general)
})
})
describe('decode', () => {
it('Decodes general encoding, one signature', () => {
let decoded
decoded = signing.decode(fixtures.encodedJws.oneSig[0])
expect(decoded).toEqual(fixtures.dagJws.oneSig[0])
decoded = signing.decode(fixtures.encodedJws.oneSig[1])
expect(decoded).toEqual(fixtures.dagJws.oneSig[1])
})
it('Decodes general encoding, multiple signatures', () => {
const decoded = signing.decode(fixtures.encodedJws.multipleSig)
expect(decoded).toEqual(fixtures.dagJws.multipleSig)
})
})
describe('encode', () => {
it('Encodes dag encoding, one signature', () => {
let encoded
encoded = signing.encode(fixtures.dagJws.oneSig[0])
expect(encoded).toEqual(fixtures.encodedJws.oneSig[0])
encoded = signing.encode(fixtures.dagJws.oneSig[1])
expect(encoded).toEqual(fixtures.encodedJws.oneSig[1])
})
it('Encodes dag encoding, multiple signatures', () => {
const encoded = signing.encode(fixtures.dagJws.multipleSig)
expect(encoded).toEqual(fixtures.encodedJws.multipleSig)
})
it('Throws if payload is not a CID', async () => {
const payload = toBase64url(bytes.fromString(JSON.stringify({ json: 'payload' })))
const notDagJws = Object.assign({}, fixtures.dagJws.oneSig[0], { payload })
expect(() => signing.encode(notDagJws)).toThrow('Not a valid DagJWS')
})
})
describe('verifyDagJWS', () => {
it('Verifies single correct signatures', () => {
let pubkey
pubkey = verifyDagJWS(fixtures.dagJws.oneSig[0], [fixtures.keys[0].pub])
expect(pubkey).toEqual([fixtures.keys[0].pub])
pubkey = verifyDagJWS(fixtures.dagJws.oneSig[1], [fixtures.keys[1].pub])
expect(pubkey).toEqual([fixtures.keys[1].pub])
})
it('Verifies multiple correct signatures', () => {
const pubkeys = verifyDagJWS(fixtures.dagJws.multipleSig, [
fixtures.keys[0].pub,
fixtures.keys[1].pub,
])
expect(pubkeys).toEqual([fixtures.keys[0].pub, fixtures.keys[1].pub])
})
it('Verify throw error with wrong pubkey', () => {
let fn
fn = (): void => verifyDagJWS(fixtures.dagJws.oneSig[0], [fixtures.keys[1].pub])
expect(fn).toThrowError(/Signature invalid/)
fn = (): void => verifyDagJWS(fixtures.dagJws.multipleSig, [fixtures.keys[0].pub])
expect(fn).toThrowError(/Signature invalid/)
})
})
describe('createDagJWS', () => {
it('Throws if payload is not a CID', async () => {
const msg = 'A CID has to be used as a payload'
let notCID = 'foireufhiuh'
await expect(createDagJWS(notCID, signer1)).rejects.toThrowError(msg)
notCID = { my: 'payload' }
await expect(createDagJWS(notCID, signer1)).rejects.toThrowError(msg)
})
it('Creates DagJWS with CID as payload', async () => {
const cid = CID.parse('bafybeig6xv5nwphfmvcnektpnojts33jqcuam7bmye2pb54adnrtccjlsu')
let dagJws
dagJws = await createDagJWS(cid, signer1)
expect(dagJws).toEqual(fixtures.dagJws.oneSig[0])
dagJws = await createDagJWS(cid, signer2)
expect(dagJws).toEqual(fixtures.dagJws.oneSig[1])
})
})
})