feat: Dp did key improvements (#318)

* feat: adding option to not resolve dids for presentation * feat: Adding basic logic to support new did key method * fix: fix tests and typos * fix: work in progress * fix: cleanup * fix: preparing for publish * fix: clean up * fix: missed declaration * fix: making lint happy * fix: resolver not for prod * fix: skip tests for url resolver * fix: skip resolution for polygon cause of registry issue * fix: update HANGLEOGs * fix: trying new codeclimate version * fix: put back previous code climate version * fix: trying code climate version 3.0 * fix: playing with code climatre --------- Co-authored-by: Denys <denys.p@affinidi.com>
affinidi · Aug 17, 2023 · 315ee5f · 315ee5f
1 parent 4ce2efa
commit 315ee5f
Show file tree

Hide file tree

Showing 44 changed files with 564 additions and 90 deletions.
diff --git a/.github/workflows/codeclimate-workflow-pr.yaml b/.github/workflows/codeclimate-workflow-pr.yaml
@@ -43,17 +43,17 @@ jobs:
         run: npm run build
       - name: Lint packages
         run: npm run lint
-      - uses: paambaati/codeclimate-action@v2.6.0
+      - uses: paambaati/codeclimate-action@v2.7.1
         env:
           CC_TEST_REPORTER_ID: ${{secrets.CC_TEST_REPORTER_ID}}
           TEST_SECRETS: ${{secrets.INTEGRATION_TEST_SECRETS}}
           TESTMAIL_API_KEY: ${{secrets.TESTMAIL_API_KEY}}
           TESTMAIL_NS: ${{secrets.TESTMAIL_NS}}
         with:
           coverageCommand: npm run test:coverage:codeclimate
-      - name: Generate and Upload Test Coverage
-        run: |
-            $GITHUB_WORKSPACE/tmp/cc-test-reporter sum-coverage $GITHUB_WORKSPACE/tmp/codeclimate.*.json -p $(ls -1q $GITHUB_WORKSPACE/tmp/codeclimate.*.json | wc -l) -d -o tmp/codeclimate.total.json
-            $GITHUB_WORKSPACE/tmp/cc-test-reporter upload-coverage -i $GITHUB_WORKSPACE/tmp/codeclimate.total.json
-        env:
-          CC_TEST_REPORTER_ID: ${{secrets.CC_TEST_REPORTER_ID}}
+      # - name: Generate and Upload Test Coverage
+      #   run: |
+      #       $GITHUB_WORKSPACE/tmp/cc-test-reporter sum-coverage $GITHUB_WORKSPACE/tmp/codeclimate.*.json -p $(ls -1q $GITHUB_WORKSPACE/tmp/codeclimate.*.json | wc -l) -d -o tmp/codeclimate.total.json
+      #       $GITHUB_WORKSPACE/tmp/cc-test-reporter upload-coverage -i $GITHUB_WORKSPACE/tmp/codeclimate.total.json
+      #   env:
+      #     CC_TEST_REPORTER_ID: ${{secrets.CC_TEST_REPORTER_ID}}
diff --git a/.github/workflows/codeclimate-workflow.yaml b/.github/workflows/codeclimate-workflow.yaml
@@ -39,18 +39,18 @@ jobs:
         run: npm run build
       - name: Lint packages
         run: npm run lint
-      - uses: paambaati/codeclimate-action@v2.6.0
+      - uses: paambaati/codeclimate-action@v2.7.1
         env:
           CC_TEST_REPORTER_ID: ${{secrets.CC_TEST_REPORTER_ID}}
           TEST_SECRETS: ${{secrets.INTEGRATION_TEST_SECRETS}}
           TESTMAIL_API_KEY: ${{secrets.TESTMAIL_API_KEY}}
           TESTMAIL_NS: ${{secrets.TESTMAIL_NS}}
         with:
           coverageCommand: npm run test:coverage:codeclimate
-      - name: Generate and Upload Test Coverage
-        run: |
-            $GITHUB_WORKSPACE/tmp/cc-test-reporter sum-coverage $GITHUB_WORKSPACE/tmp/codeclimate.*.json -p $(ls -1q $GITHUB_WORKSPACE/tmp/codeclimate.*.json | wc -l) -d -o tmp/codeclimate.total.json
-            $GITHUB_WORKSPACE/tmp/cc-test-reporter upload-coverage -i $GITHUB_WORKSPACE/tmp/codeclimate.total.json
-        env:
-          CC_TEST_REPORTER_ID: ${{secrets.CC_TEST_REPORTER_ID}}
+      # - name: Generate and Upload Test Coverage
+      #   run: |
+      #       $GITHUB_WORKSPACE/tmp/cc-test-reporter sum-coverage $GITHUB_WORKSPACE/tmp/codeclimate.*.json -p $(ls -1q $GITHUB_WORKSPACE/tmp/codeclimate.*.json | wc -l) -d -o tmp/codeclimate.total.json
+      #       $GITHUB_WORKSPACE/tmp/cc-test-reporter upload-coverage -i $GITHUB_WORKSPACE/tmp/codeclimate.total.json
+      #   env:
+      #     CC_TEST_REPORTER_ID: ${{secrets.CC_TEST_REPORTER_ID}}
 
diff --git a/common-libs/common/CHANGELOG.md b/common-libs/common/CHANGELOG.md
@@ -1,3 +1,5 @@
+# release 3.3.0 (2023-08-16)
+* Add support for the did key method and public Key JWK format
 # release 3.2.0 (2023-05-30)
 * remove metrics service
 # release 3.1.0 (2023-03-14)

diff --git a/common-libs/common/package-lock.json b/common-libs/common/package-lock.json
diff --git a/common-libs/common/package.json b/common-libs/common/package.json
@@ -1,6 +1,6 @@
 {
   "name": "@affinidi/common",
-  "version": "3.2.0",
+  "version": "3.3.0",
   "description": "Common utilities and types for Affinidi SDKs",
   "main": "dist/index.js",
   "typings": "dist/index.d.ts",
@@ -107,4 +107,4 @@
     "typescript": "^4.3.2"
   },
   "gitHead": "39b8ae64eb5e37ddae2f80438b320adaefae8ef6"
-}
+}
diff --git a/common-libs/common/src/Affinity.ts b/common-libs/common/src/Affinity.ts
@@ -37,6 +37,7 @@ export class Affinity {
         cacheMaxSize: options.cacheMaxSize,
         cacheTtlInMin: options.cacheTtlInMin,
         resolveLegacyElemLocally: options.resolveLegacyElemLocally,
+        resolveKeyLocally: options.resolveKeyLocally,
       })
     this._digestService = new DigestService()
     this._platformCryptographyTools = platformCryptographyTools
@@ -181,6 +182,10 @@ export class Affinity {
     }
   }
 
+  async checkCredentialStatus(credential: any): Promise<{ verified: boolean; error?: string }> {
+    return this._checkCredentialStatus(credential)
+  }
+
   async _checkCredentialStatus(credential: any): Promise<{ verified: boolean; error?: string }> {
     if (credential.credentialStatus) {
       // We don't need to have `revocationList.checkStatus` verify the VC because we already do that
@@ -298,10 +303,18 @@ export class Affinity {
     return this._keyManager.signCredential(unsignedCredentialInput, keySuiteType)
   }
 
+  _getProvidedDidDocument(didDocuments: any, controller: string, didDocument: any) {
+    const controllerDid = parse(controller).did
+    const providedDidDocument = didDocuments[controllerDid] || didDocuments[controller] || didDocument
+
+    return providedDidDocument
+  }
+
   async validatePresentation(
     vp: any,
     didDocument?: any,
     challenge?: string,
+    didDocuments: any = {},
   ): Promise<{ result: true; data: VPV1 } | { result: false; error: string }> {
     const result = await validateVPV1({
       documentLoader: this._createDocumentLoader(),
@@ -310,17 +323,19 @@ export class Affinity {
           throw new Error(`Unsupported proofType: ${proofType}`)
         }
 
-        const resolvedDidDocument = await this._resolveDidIfNoDidDocument(controller, didDocument)
+        const providedDidDocument = this._getProvidedDidDocument(didDocuments, controller, didDocument)
+        const resolvedDidDocument = await this._resolveDidIfNoDidDocument(controller, providedDidDocument)
         const publicKey = DidDocumentService.getPublicKey(verificationMethod, resolvedDidDocument)
         const factory = this._platformCryptographyTools.verifySuiteFactories[proofType]
 
         return factory(publicKey, verificationMethod, controller)
       },
       getProofPurposeOptions: async ({ proofPurpose, controller }) => {
+        const providedDidDocument = this._getProvidedDidDocument(didDocuments, controller, didDocument)
         switch (proofPurpose) {
           case 'authentication':
           case 'assertionMethod': {
-            const resolvedDidDoc = await this._resolveDidIfNoDidDocument(controller, didDocument)
+            const resolvedDidDoc = await this._resolveDidIfNoDidDocument(controller, providedDidDocument)
 
             // TODO: workaround, for now polygon dids has only verificationMethod
             // it could be changed in future as polygon is under developing

diff --git a/common-libs/common/src/_defaultConfig.ts b/common-libs/common/src/_defaultConfig.ts
@@ -4,6 +4,7 @@ export const POLYGON_TESTNET_DID_METHOD = 'polygon:testnet'
 export const ELEM_DID_METHOD = 'elem'
 export const ELEM_ANCHORED_DID_METHOD = 'elem-anchored'
 export const WEB_DID_METHOD = 'web'
+export const KEY_DID_METHOD = 'key'
 export const DEFAULT_DID_METHOD = JOLO_DID_METHOD
 export const SUPPORTED_DID_METHODS = [
   JOLO_DID_METHOD,
@@ -12,4 +13,5 @@ export const SUPPORTED_DID_METHODS = [
   POLYGON_DID_METHOD,
   POLYGON_TESTNET_DID_METHOD,
   WEB_DID_METHOD,
+  KEY_DID_METHOD,
 ] as const
diff --git a/common-libs/common/src/dto/shared.dto.ts b/common-libs/common/src/dto/shared.dto.ts
@@ -17,6 +17,7 @@ export class AffinityOptions {
   cacheMaxSize?: number
   cacheTtlInMin?: number
   resolveLegacyElemLocally?: boolean
+  resolveKeyLocally?: boolean
   beforeDocumentLoader?: DocumentLoader
 
   keyManager?: KeyManager

diff --git a/common-libs/common/src/services/DidDocumentService/KeyDidDocumentLocalResolver.ts b/common-libs/common/src/services/DidDocumentService/KeyDidDocumentLocalResolver.ts
@@ -0,0 +1,35 @@
+import { Resolver } from 'did-resolver'
+import { DidDocument } from '../../shared/interfaces'
+import KeyDidDocumentService from './KeyDidDocumentService'
+import { decodeBase58 } from '../../utils/ethUtils'
+
+const MULTIBASE_ENCODED_BASE58_IDENTIFIER = 'z' // z represents the multibase encoding scheme of base58 encoding, https://github.com/multiformats/multibase/blob/master/multibase.csv#L18
+
+const pubKeyFromDid = (did: string): { publicKey: Buffer; fingerprint: string } => {
+  const fingerprint = did.split(':')[2]
+  const encoded = fingerprint.replace(MULTIBASE_ENCODED_BASE58_IDENTIFIER, '')
+  const decoded = decodeBase58(encoded)
+
+  const publicKey = decoded.slice(2, decoded.length)
+
+  return { publicKey, fingerprint }
+}
+
+const resolveKeyDID = async (did: string) => {
+  const { publicKey, fingerprint } = pubKeyFromDid(did)
+  const didDocument = KeyDidDocumentService.buildDidDocumentFromPubKey(publicKey, fingerprint)
+
+  return didDocument
+}
+
+export const resolveKeyDIDWithParams = async (did: string, isDidJson: boolean = false) => {
+  const { publicKey, fingerprint } = pubKeyFromDid(did)
+  const didDocument = KeyDidDocumentService.buildDidDocumentFromPubKey(publicKey, fingerprint, isDidJson)
+
+  return didDocument
+}
+
+export const resolveDidKeyLocal = (did: string) => {
+  const resolver = new Resolver({ key: resolveKeyDID })
+  return resolver.resolve(did) as Promise<DidDocument>
+}
diff --git a/common-libs/common/src/services/DidDocumentService/KeyDidDocumentService.ts b/common-libs/common/src/services/DidDocumentService/KeyDidDocumentService.ts
@@ -0,0 +1,103 @@
+import { KeyVault } from './KeyVault'
+import { encodeBase58 } from '../../utils/ethUtils'
+import DidDocumentService from './index'
+
+const SECP256K1_MULTICODEC_IDENTIFIER = 0xe7 // 0xe7 indicates a Secp256k1 public key
+const VARIABLE_INTEGER_TRAILING_BYTE = 0x01 // 0x01 indicates the end of the leading bytes according to variable integer spec, https://github.com/multiformats/multibase/blob/master/multibase.csv#L18
+const MULTIBASE_ENCODED_BASE58_IDENTIFIER = 'z' // z represents the multibase encoding scheme of base58 encoding, https://github.com/multiformats/multibase/blob/master/multibase.csv#L18
+
+export default class KeyDidDocumentService {
+  private _keyProvider
+
+  constructor(keyProvider: KeyVault) {
+    this._keyProvider = keyProvider
+  }
+
+  _fingerprintFromPubKey(publicKey: Buffer): string {
+    const unitArray = new Uint8Array(2 + publicKey.length)
+    unitArray[0] = SECP256K1_MULTICODEC_IDENTIFIER
+    unitArray[1] = VARIABLE_INTEGER_TRAILING_BYTE
+    unitArray.set(publicKey, 2)
+
+    const buffer = Buffer.from(unitArray)
+
+    return `${MULTIBASE_ENCODED_BASE58_IDENTIFIER}${encodeBase58(buffer)}`
+  }
+
+  getMyDid(): string {
+    const publicKey = this._keyProvider.primaryPublicKey
+    const fingerprint = this._fingerprintFromPubKey(publicKey)
+    return `did:key:${fingerprint}`
+  }
+
+  _getFingerPrintFromDid(did: string): string {
+    const fingerprint = did.split(':')[2]
+
+    return fingerprint
+  }
+
+  getKeyId() {
+    const did = this.getMyDid()
+    const fingerprint = this._getFingerPrintFromDid(did)
+
+    return `${did}#${fingerprint}`
+  }
+
+  static buildDidDocumentFromPubKey(pubKeyBytes: Buffer, fingerprint: string, isDidJson: boolean = false) {
+    const did = `did:key:${fingerprint}`
+    const keyId = `${did}#${fingerprint}`
+    let publicKey: any = {
+      id: keyId,
+      type: 'Secp256k1VerificationKey2018',
+      controller: did,
+      publicKeyBase58: encodeBase58(pubKeyBytes),
+    }
+
+    if (isDidJson) {
+      const publicKeyJwk = DidDocumentService.getPublicKeyJwkFromPublicKey(pubKeyBytes)
+      publicKey = {
+        id: keyId,
+        type: 'JsonWebKey2020',
+        controller: did,
+        publicKeyJwk,
+      }
+    }
+
+    return {
+      '@context': ['https://www.w3.org/ns/did/v1', 'https://w3id.org/security/suites/jws-2020/v1'],
+      id: did,
+      // verificationMethod: [publicKey],
+      publicKey: [publicKey],
+      authentication: [keyId],
+      assertionMethod: [keyId],
+      capabilityDelegation: [keyId],
+      capabilityInvocation: [keyId],
+      keyAgreement: [keyId],
+    }
+  }
+
+  async _buildDidDocumentInformation(isDidJson: boolean = false) {
+    const did = this.getMyDid()
+    const fingerprint = this._getFingerPrintFromDid(did)
+    const publicKey = this._keyProvider.primaryPublicKey
+
+    const didDocument = KeyDidDocumentService.buildDidDocumentFromPubKey(publicKey, fingerprint, isDidJson)
+
+    return { did, didDocument, fingerprint }
+  }
+
+  async buildDidDocumentForRegister() {
+    const { did, didDocument, fingerprint } = await this._buildDidDocumentInformation()
+
+    return {
+      did,
+      didDocument,
+      keyId: `${did}#${fingerprint}`,
+    }
+  }
+
+  async getDidDocument() {
+    const { didDocument } = await this._buildDidDocumentInformation()
+    return didDocument
+  }
+}