add db vectors and improve code handling

Signed-off-by: PatStLouis <[email protected]>

Author: PatStLouis

tests/90-algorithms-jcs.js

@@ -3,18 +3,23 @@
  * SPDX-License-Identifier: BSD-3-Clause
  */
 import {
+  assertAllUtf8,
   assertDataIntegrityProof,
   assertSecuredCredential
 } from './assertions.js';
 import {
-  baseCredential,
+  generateCredential,
   getProofs,
+  isValidDatetime,
   secureCredential,
   setupReportableTestSuite,
-  setupRow
+  setupRow,
+  verifyFail,
+  verifySuccess
 } from './helpers.js';
 import canonicalize from 'json-canon';
 import chai from 'chai';
+import {ecdsaJcsVectors} from './vectors.js';
 import {endpoints} from 'vc-test-suite-implementations';
 import {expect} from 'chai';
 
@@ -34,7 +39,7 @@ const {match: verifiers} = endpoints.filterByTag({
   property: 'verifiers'
 });
 
-describe('Create Proof (ecdsa-jcs-2019)', function() {
+describe('Algorithms - Create Proof (ecdsa-jcs-2019)', function() {
   setupReportableTestSuite(this);
   this.implemented = [...issuers.keys()];
   for(const [columnId, {endpoints}] of issuers) {
@@ -44,7 +49,7 @@ describe('Create Proof (ecdsa-jcs-2019)', function() {
       let proof;
       before(async function() {
         securedCredential = await secureCredential(
-          {issuer, vc: baseCredential()});
+          {issuer, vc: generateCredential()});
         proof = getProofs(securedCredential)[0];
       });
       beforeEach(setupRow);
@@ -86,18 +91,162 @@ describe('Algorithms - Verify Proof (ecdsa-jcs-2019)', function() {
   setupReportableTestSuite(this);
   for(const [columnId, {endpoints}] of verifiers) {
     describe(columnId, function() {
-      const [issuer] = issuers.get(columnId).endpoints;
       const [verifier] = endpoints;
+      beforeEach(setupRow);
+      it('The following algorithm specifies how to verify a ' +
+        'data integrity proof given an secured data document. ' +
+        'Required inputs are an secured data document (map securedDocument). ' +
+        'This algorithm returns a verification result.',
+      async function() {
+        this.test.link = 'https://www.w3.org/TR/vc-di-ecdsa/#verify-proof-ecdsa-rdfc-2019';
+        for(const curve of verifier.settings.supportedEcdsaKeyTypes) {
+          const testVector = structuredClone(ecdsaJcsVectors[curve]);
+          await verifySuccess(verifier, testVector);
+
+          // Slice the proof
+          testVector.proof.proofValue =
+            testVector.proof.proofValue.slice(0, -1);
+          await verifyFail(verifier, testVector);
+        }
+      });
+    });
+  }
+});
+
+describe('Algorithms - Transformation', function() {
+  setupReportableTestSuite(this);
+  this.implemented = [...issuers.keys()];
+  for(const [columnId, {endpoints}] of issuers) {
+    describe(columnId, function() {
+      const [issuer] = endpoints;
       let securedCredential;
+      let proof;
       before(async function() {
         securedCredential = await secureCredential(
-          {issuer, vc: baseCredential()});
+          {issuer, vc: generateCredential()});
+        proof = getProofs(securedCredential)[0];
       });
       beforeEach(setupRow);
-      it('',
-        async function() {
-          this.test.link = 'https://www.w3.org/TR/vc-di-ecdsa/#verify-proof-ecdsa-rdfc-2019';
-        });
+      it('The proof options MUST contain a type identifier for the ' +
+        'cryptographic suite (type) and MAY contain a cryptosuite ' +
+        'identifier (cryptosuite).',
+      async function() {
+        this.test.link = 'https://www.w3.org/TR/vc-di-ecdsa/#proof-serialization-ecdsa-jcs-2019';
+        should.exist(proof.type,
+          'Expected a type identifier on the proof.');
+      });
+      it('The transformation options MUST contain a type identifier ' +
+            'for the cryptographic suite (type) and a cryptosuite identifier ' +
+            '(cryptosuite).',
+      async function() {
+        this.test.link = 'https://www.w3.org/TR/vc-di-ecdsa/#transformation-ecdsa-jcs-2019';
+        should.exist(proof.type, 'Expected a type identifier on ' +
+                                'the proof.');
+        should.exist(proof.cryptosuite,
+          'Expected a cryptosuite identifier on the proof.');
+      });
+      it('Whenever this algorithm encodes strings, ' +
+        'it MUST use UTF-8 encoding.',
+      async function() {
+        this.test.link = 'https://www.w3.org/TR/vc-di-ecdsa/#transformation-ecdsa-jcs-2019';
+        assertAllUtf8(proof);
+      });
+      it('If options.type is not set to the string DataIntegrityProof or ' +
+        'options.cryptosuite is not set to the string ecdsa-jcs-2019, ' +
+        'an error MUST be raised and SHOULD convey an error type ' +
+        'of PROOF_TRANSFORMATION_ERROR.',
+      async function() {
+        this.test.link = 'https://www.w3.org/TR/vc-di-ecdsa/#transformation-ecdsa-jcs-2019';
+        should.exist(proof.type,
+          'Expected a type identifier on the proof.');
+        should.exist(proof.cryptosuite,
+          'Expected a cryptosuite identifier on the proof.');
+        proof.type.should.equal('DataIntegrityProof',
+          'Expected DataIntegrityProof type.');
+        proof.cryptosuite.should.equal('ecdsa-jcs-2019',
+          'Expected ecdsa-jcs-2019 cryptosuite.');
+      });
+    });
+  }
+});
+
+describe('ecdsa-jcs-2019 - Algorithms - Proof Configuration', function() {
+  setupReportableTestSuite(this);
+  this.implemented = [...issuers.keys()];
+  for(const [columnId, {endpoints}] of issuers) {
+    describe(columnId, function() {
+      const [issuer] = endpoints;
+      let securedCredential;
+      let proof;
+      before(async function() {
+        securedCredential = await secureCredential(
+          {issuer, vc: generateCredential()});
+        proof = getProofs(securedCredential)[0];
+      });
+      beforeEach(setupRow);
+      it('The proof options MUST contain a type identifier for the ' +
+            'cryptographic suite (type) and MUST contain a cryptosuite ' +
+            'identifier (cryptosuite).',
+      async function() {
+        this.test.link = 'https://www.w3.org/TR/vc-di-ecdsa/#proof-configuration-ecdsa-jcs-2019';
+        should.exist(proof.type,
+          'Expected a type identifier on the proof.');
+        should.exist(proof.cryptosuite,
+          'Expected a cryptosuite identifier on the proof.');
+      });
+      it('If proofConfig.type is not set to DataIntegrityProof ' +
+            'and/or proofConfig.cryptosuite is not set to ecdsa-jcs-2019, ' +
+            'an error MUST be raised and SHOULD convey an error type ' +
+            'of PROOF_GENERATION_ERROR.',
+      async function() {
+        this.test.link = 'https://www.w3.org/TR/vc-di-ecdsa/#proof-configuration-ecdsa-jcs-2019';
+        should.exist(proof.type,
+          'Expected a type identifier on the proof.');
+        should.exist(proof.cryptosuite,
+          'Expected a cryptosuite identifier on the proof.');
+        proof.type.should.equal('DataIntegrityProof',
+          'Expected DataIntegrityProof type.');
+        proof.cryptosuite.should.equal('ecdsa-jcs-2019',
+          'Expected ecdsa-jcs-2019 cryptosuite.');
+      });
+      it('If proofConfig.created is set and if the value is not a ' +
+            'valid [XMLSCHEMA11-2] datetime, an error MUST be raised and ' +
+            'SHOULD convey an error type of PROOF_GENERATION_ERROR.',
+      async function() {
+        this.test.link = 'https://www.w3.org/TR/vc-di-ecdsa/#proof-configuration-ecdsa-jcs-2019';
+        if(proof?.created) {
+          isValidDatetime(proof.created).should.equal(
+            true,
+            'Expected created value to be a valid datetime string.'
+          );
+        }
+      });
+    });
+  }
+});
+
+describe('ecdsa-jcs-2019 - Algorithms - Proof Serialization', function() {
+  setupReportableTestSuite(this);
+  this.implemented = [...issuers.keys()];
+  for(const [columnId, {endpoints}] of issuers) {
+    describe(columnId, function() {
+      const [issuer] = endpoints;
+      let securedCredential;
+      let proof;
+      before(async function() {
+        securedCredential = await secureCredential(
+          {issuer, vc: generateCredential()});
+        proof = getProofs(securedCredential)[0];
+      });
+      beforeEach(setupRow);
+      it('The proof options MUST contain a type identifier for the ' +
+        'cryptographic suite (type) and MAY contain a cryptosuite identifier ' +
+        '(cryptosuite).',
+      async function() {
+        this.test.link = 'https://www.w3.org/TR/vc-di-ecdsa/#proof-serialization-ecdsa-jcs-2019';
+        should.exist(proof.type,
+          'Expected a type identifier on the proof.');
+      });
     });
   }
 });

tests/assertions.js

@@ -196,6 +196,15 @@ export function assertSecuredCredential(securedCredential) {
     'Expected credential to have a single proof.');
 }
 
+export function assertAllUtf8(proof) {
+  for(const [key, value] of Object.entries(proof)) {
+    isValidUtf8(value).should.equal(
+      true,
+      `Expected ${key} value to be a valid UTF-8 encoded string.`
+    );
+  }
+}
+
 export function assertDataIntegrityProof(proof, cryptosuite) {
   if(proof?.id) {
   }

tests/helpers.js

@@ -250,7 +250,7 @@ export function getProofs(issuedVc) {
   return proofs;
 }
 
-export function baseCredential(version = 2) {
+export function generateCredential(version = 2) {
   let credential = {
     type: ['VerifiableCredential'],
     id: `urn:uuid:${uuidv4()}`,
@@ -272,6 +272,7 @@ export function baseCredential(version = 2) {
         'https://www.w3.org/ns/credentials/v2'
       ]
     }, credential);
+    credential.credentialSubject.name = 'Alice';
   } else {
     return null;
   }
@@ -295,3 +296,20 @@ export function assertSecuredCredential(securedCredential) {
   proofs.length.should.equal(1,
     'Expected credential to have a single proof.');
 }
+
+export async function verifySuccess(verifier, securedCredential) {
+  const body = {
+    verifiableCredential: securedCredential
+  };
+  const response = await verifier.post({json: body});
+  should.exist(response.result, 'Expected a result from verifier.');
+}
+
+export async function verifyFail(verifier, securedCredential) {
+  const body = {
+    verifiableCredential: securedCredential
+  };
+  const response = await verifier.post({json: body});
+  should.exist(response.error, 'Expected an error from verifier.');
+}
+

tests/vectors.js

@@ -0,0 +1,73 @@
+/*!
+ * Copyright (c) 2024 Digital Bazaar, Inc. All rights reserved.
+ */
+/* Note: This file contains data generated from the vc-di-ecdsa specification
+test vectors. */
+
+/* eslint-disable max-len */
+/* eslint-disable quote-props */
+/* eslint-disable quotes */
+export const ecdsaJcsVectors = {
+  'P-256': {
+    "@context": [
+      "https://www.w3.org/ns/credentials/v2",
+      "https://www.w3.org/ns/credentials/examples/v2"
+    ],
+    "id": "urn:uuid:58172aac-d8ba-11ed-83dd-0b3aef56cc33",
+    "type": [
+      "VerifiableCredential",
+      "AlumniCredential"
+    ],
+    "name": "Alumni Credential",
+    "description": "A minimum viable example of an Alumni Credential.",
+    "issuer": "https://vc.example/issuers/5678",
+    "validFrom": "2023-01-01T00:00:00Z",
+    "credentialSubject": {
+      "id": "did:example:abcdefgh",
+      "alumniOf": "The School of Examples"
+    },
+    "proof": {
+      "type": "DataIntegrityProof",
+      "created": "2023-02-24T23:36:38Z",
+      "verificationMethod": "did:key:zDnaepBuvsQ8cpsWrVKw8fbpGpvPeNSjVPTWoq6cRqaYzBKVP#zDnaepBuvsQ8cpsWrVKw8fbpGpvPeNSjVPTWoq6cRqaYzBKVP",
+      "cryptosuite": "ecdsa-jcs-2019",
+      "proofPurpose": "assertionMethod",
+      "@context": [
+        "https://www.w3.org/ns/credentials/v2",
+        "https://www.w3.org/ns/credentials/examples/v2"
+      ],
+      "proofValue": "z48fSpWLud2PXMmBjRnacU3oE4WMHX4J1hx7qjc2K31x1aoVfLPCcpEincvjUg8ptbDnrYgcytmSj51Uj2Ap3a7WB"
+    }
+  },
+  'P-384': {
+    "@context": [
+      "https://www.w3.org/ns/credentials/v2",
+      "https://www.w3.org/ns/credentials/examples/v2"
+    ],
+    "id": "urn:uuid:58172aac-d8ba-11ed-83dd-0b3aef56cc33",
+    "type": [
+      "VerifiableCredential",
+      "AlumniCredential"
+    ],
+    "name": "Alumni Credential",
+    "description": "A minimum viable example of an Alumni Credential.",
+    "issuer": "https://vc.example/issuers/5678",
+    "validFrom": "2023-01-01T00:00:00Z",
+    "credentialSubject": {
+      "id": "did:example:abcdefgh",
+      "alumniOf": "The School of Examples"
+    },
+    "proof": {
+      "type": "DataIntegrityProof",
+      "created": "2023-02-24T23:36:38Z",
+      "verificationMethod": "did:key:z82LkuBieyGShVBhvtE2zoiD6Kma4tJGFtkAhxR5pfkp5QPw4LutoYWhvQCnGjdVn14kujQ#z82LkuBieyGShVBhvtE2zoiD6Kma4tJGFtkAhxR5pfkp5QPw4LutoYWhvQCnGjdVn14kujQ",
+      "cryptosuite": "ecdsa-jcs-2019",
+      "proofPurpose": "assertionMethod",
+      "@context": [
+        "https://www.w3.org/ns/credentials/v2",
+        "https://www.w3.org/ns/credentials/examples/v2"
+      ],
+      "proofValue": "zasuhHXVzmepTMgSuyWvCCY3gYbLpANXDYWSuemx7WjopwRr6DDN532dKSMoxqNeQm7BWZxqyurFLSPBDmzaHe57k7JgGRaNtJhjfYjgww19nPWdP7dYqqf1X1LvNEcZJP75"
+    }
+  }
+};