improve proof handling when asserting a secured credential

Signed-off-by: PatStLouis <[email protected]>

Author: PatStLouis

tests/90-algorithms-jcs.js

@@ -11,6 +11,7 @@ import {
   generateCredential,
   getProofs,
   isValidDatetime,
+  proofExists,
   secureCredential,
   setupReportableTestSuite,
   setupRow,
@@ -46,17 +47,18 @@ describe('Algorithms - Create Proof (ecdsa-jcs-2019)', function() {
     describe(columnId, function() {
       const [issuer] = endpoints;
       let securedCredential;
-      let proof;
+      let proofs;
       before(async function() {
         securedCredential = await secureCredential(
           {issuer, vc: generateCredential()});
-        proof = getProofs(securedCredential)[0];
+        proofs = getProofs(securedCredential);
       });
       beforeEach(setupRow);
       it('A data integrity proof (map), or an error, is produced as output.',
         async function() {
           this.test.link = 'https://www.w3.org/TR/vc-di-ecdsa/#create-proof-ecdsa-jcs-2019';
           assertSecuredCredential(securedCredential);
+          const proof = proofExists(proofs);
           assertDataIntegrityProof(proof, 'ecdsa-jcs-2019');
           // Since we are not sending proof options, we only do a positive test
         });
@@ -67,6 +69,7 @@ describe('Algorithms - Create Proof (ecdsa-jcs-2019)', function() {
         // NOTE, for backwards compatibility reason, this step is not mandatory
         // This feature is designed to be used with proof sets/chains,
         // when adding new context in subsequent proofs
+        const proof = proofExists(proofs);
         should.exist(proof['@context'],
           'Expected proof to have context.');
         canonicalize(proof['@context']).should.equal(
@@ -80,6 +83,7 @@ describe('Algorithms - Create Proof (ecdsa-jcs-2019)', function() {
         this.test.link = 'https://www.w3.org/TR/vc-di-ecdsa/#create-proof-ecdsa-jcs-2019';
         // Shallow multibase test
         // TODO try decoding
+        const proof = proofExists(proofs);
         should.exist(proof.proofValue,
           'Expected proof to have proofValue.');
         expect(proof.proofValue.startsWith('z')).to.be.true;
@@ -124,18 +128,19 @@ describe('Algorithms - Transformation', function() {
     describe(columnId, function() {
       const [issuer] = endpoints;
       let securedCredential;
-      let proof;
+      let proofs;
       before(async function() {
         securedCredential = await secureCredential(
           {issuer, vc: generateCredential()});
-        proof = getProofs(securedCredential)[0];
+        proofs = getProofs(securedCredential);
       });
       beforeEach(setupRow);
       it('The proof options MUST contain a type identifier for the ' +
         'cryptographic suite (type) and MAY contain a cryptosuite ' +
         'identifier (cryptosuite).',
       async function() {
         this.test.link = 'https://www.w3.org/TR/vc-di-ecdsa/#proof-serialization-ecdsa-jcs-2019';
+        const proof = proofExists(proofs);
         should.exist(proof.type,
           'Expected a type identifier on the proof.');
       });
@@ -144,6 +149,7 @@ describe('Algorithms - Transformation', function() {
         '(cryptosuite).',
       async function() {
         this.test.link = 'https://www.w3.org/TR/vc-di-ecdsa/#transformation-ecdsa-jcs-2019';
+        const proof = proofExists(proofs);
         should.exist(proof.type,
           'Expected a type identifier on  the proof.');
         should.exist(proof.cryptosuite,
@@ -153,6 +159,7 @@ describe('Algorithms - Transformation', function() {
         'it MUST use UTF-8 encoding.',
       async function() {
         this.test.link = 'https://www.w3.org/TR/vc-di-ecdsa/#transformation-ecdsa-jcs-2019';
+        const proof = proofExists(proofs);
         assertAllUtf8(proof);
       });
       it('If options.type is not set to the string DataIntegrityProof or ' +
@@ -161,6 +168,7 @@ describe('Algorithms - Transformation', function() {
         'of PROOF_TRANSFORMATION_ERROR.',
       async function() {
         this.test.link = 'https://www.w3.org/TR/vc-di-ecdsa/#transformation-ecdsa-jcs-2019';
+        const proof = proofExists(proofs);
         should.exist(proof.type,
           'Expected a type identifier on the proof.');
         should.exist(proof.cryptosuite,
@@ -181,18 +189,19 @@ describe('ecdsa-jcs-2019 - Algorithms - Proof Configuration', function() {
     describe(columnId, function() {
       const [issuer] = endpoints;
       let securedCredential;
-      let proof;
+      let proofs;
       before(async function() {
         securedCredential = await secureCredential(
           {issuer, vc: generateCredential()});
-        proof = getProofs(securedCredential)[0];
+        proofs = getProofs(securedCredential);
       });
       beforeEach(setupRow);
       it('The proof options MUST contain a type identifier for the ' +
             'cryptographic suite (type) and MUST contain a cryptosuite ' +
             'identifier (cryptosuite).',
       async function() {
         this.test.link = 'https://www.w3.org/TR/vc-di-ecdsa/#proof-configuration-ecdsa-jcs-2019';
+        const proof = proofExists(proofs);
         should.exist(proof.type,
           'Expected a type identifier on the proof.');
         should.exist(proof.cryptosuite,
@@ -204,6 +213,7 @@ describe('ecdsa-jcs-2019 - Algorithms - Proof Configuration', function() {
         'of PROOF_GENERATION_ERROR.',
       async function() {
         this.test.link = 'https://www.w3.org/TR/vc-di-ecdsa/#proof-configuration-ecdsa-jcs-2019';
+        const proof = proofExists(proofs);
         should.exist(proof.type,
           'Expected a type identifier on the proof.');
         should.exist(proof.cryptosuite,
@@ -218,6 +228,7 @@ describe('ecdsa-jcs-2019 - Algorithms - Proof Configuration', function() {
         'SHOULD convey an error type of PROOF_GENERATION_ERROR.',
       async function() {
         this.test.link = 'https://www.w3.org/TR/vc-di-ecdsa/#proof-configuration-ecdsa-jcs-2019';
+        const proof = proofExists(proofs);
         if(proof?.created) {
           isValidDatetime(proof.created).should.equal(
             true,
@@ -236,18 +247,19 @@ describe('ecdsa-jcs-2019 - Algorithms - Proof Serialization', function() {
     describe(columnId, function() {
       const [issuer] = endpoints;
       let securedCredential;
-      let proof;
+      let proofs;
       before(async function() {
         securedCredential = await secureCredential(
           {issuer, vc: generateCredential()});
-        proof = getProofs(securedCredential)[0];
+        proofs = getProofs(securedCredential);
       });
       beforeEach(setupRow);
       it('The proof options MUST contain a type identifier for the ' +
         'cryptographic suite (type) and MAY contain a cryptosuite identifier ' +
         '(cryptosuite).',
       async function() {
         this.test.link = 'https://www.w3.org/TR/vc-di-ecdsa/#proof-serialization-ecdsa-jcs-2019';
+        const proof = proofExists(proofs);
         should.exist(proof.type,
           'Expected a type identifier on the proof.');
       });

tests/90-algorithms-rdfc.js

@@ -8,7 +8,8 @@ import {
   createValidCredential,
   getProofs,
   isValidDatetime,
-  isValidUtf8,
+  proofExists,
+  secureCredential,
   setupReportableTestSuite,
   setupRow
 } from './helpers.js';
@@ -36,16 +37,12 @@ describe('ecdsa-rdfc-2019 - Algorithms - Transformation', function() {
   for(const [columnId, {endpoints}] of issuers) {
     describe(columnId, function() {
       const [issuer] = endpoints;
-      let issuedVc;
+      let securedCredential;
       let proofs;
-      let rdfc2019Proofs = [];
       before(async function() {
-        issuedVc = await createInitialVc({issuer, vc: validCredential});
-        proofs = getProofs(issuedVc);
-        if(proofs?.length) {
-          rdfc2019Proofs = proofs.filter(
-            proof => proof?.cryptosuite === cryptosuite);
-        }
+        securedCredential = await secureCredential(
+          {issuer, vc: generateCredential()});
+        proofs = getProofs(securedCredential);
       });
       beforeEach(setupRow);
       const assertBefore = () => {
@@ -60,44 +57,91 @@ describe('ecdsa-rdfc-2019 - Algorithms - Transformation', function() {
             '(cryptosuite).',
       async function() {
         this.test.link = 'https://www.w3.org/TR/vc-di-ecdsa/#transformation-ecdsa-rdfc-2019';
-        assertBefore();
-        for(const proof of rdfc2019Proofs) {
-          should.exist(proof.type, 'Expected a type identifier on ' +
-                                  'the proof.');
-          should.exist(proof.cryptosuite,
-            'Expected a cryptosuite identifier on the proof.');
-        }
+        const proof = proofExists(proofs);
+        should.exist(proof.type,
+          'Expected a type identifier on the proof.');
+        should.exist(proof.cryptosuite,
+          'Expected a cryptosuite identifier on the proof.');
       });
       it('Whenever this algorithm encodes strings, ' +
               'it MUST use UTF-8 encoding.',
       async function() {
         this.test.link = 'https://www.w3.org/TR/vc-di-ecdsa/#transformation-ecdsa-rdfc-2019';
-        assertBefore();
-        for(const proof of rdfc2019Proofs) {
-          should.exist(proof?.proofValue,
-            'Expected proofValue to exist.');
-          isValidUtf8(proof.proofValue).should.equal(
-            true,
-            'Expected proofValue value to be a valid UTF-8 encoded string.'
-          );
-        }
+        const proof = proofExists(proofs);
+        assertAllUtf8(proof);
       });
       it('If options.type is not set to the string DataIntegrityProof or ' +
               'options.cryptosuite is not set to the string ecdsa-rdfc-2019, ' +
               'an error MUST be raised and SHOULD convey an error type ' +
               'of PROOF_TRANSFORMATION_ERROR.',
       async function() {
         this.test.link = 'https://www.w3.org/TR/vc-di-ecdsa/#transformation-ecdsa-rdfc-2019';
-        assertBefore();
-        for(const proof of rdfc2019Proofs) {
-          should.exist(proof.type,
-            'Expected a type identifier on the proof.');
-          should.exist(proof.cryptosuite,
-            'Expected a cryptosuite identifier on the proof.');
-          proof.type.should.equal('DataIntegrityProof',
-            'Expected DataIntegrityProof type.');
-          proof.cryptosuite.should.equal('ecdsa-rdfc-2019',
-            'Expected ecdsa-rdfc-2019 cryptosuite.');
+        const proof = proofExists(proofs);
+        should.exist(proof.type,
+          'Expected a type identifier on the proof.');
+        should.exist(proof.cryptosuite,
+          'Expected a cryptosuite identifier on the proof.');
+        proof.type.should.equal('DataIntegrityProof',
+          'Expected DataIntegrityProof type.');
+        proof.cryptosuite.should.equal('ecdsa-rdfc-2019',
+          'Expected ecdsa-rdfc-2019 cryptosuite.');
+      });
+    });
+  }
+});
+
+describe('Algorithms - Proof Configuration (ecdsa-rdfc-2019)', function() {
+  setupReportableTestSuite(this);
+  this.implemented = [...issuers.keys()];
+  for(const [columnId, {endpoints}] of issuers) {
+    describe(columnId, function() {
+      const [issuer] = endpoints;
+      let securedCredential;
+      let proofs;
+      before(async function() {
+        securedCredential = await secureCredential(
+          {issuer, vc: generateCredential()});
+        proofs = getProofs(securedCredential);
+      });
+      beforeEach(setupRow);
+      it('The proof options MUST contain a type identifier for the ' +
+        'cryptographic suite (type) and MUST contain a cryptosuite ' +
+        'identifier (cryptosuite).',
+      async function() {
+        this.test.link = 'https://www.w3.org/TR/vc-di-ecdsa/#proof-configuration-ecdsa-rdfc-2019';
+        const proof = proofExists(proofs);
+        should.exist(proof.type,
+          'Expected a type identifier on the proof.');
+        should.exist(proof.cryptosuite,
+          'Expected a cryptosuite identifier on the proof.');
+      });
+      it('If proofConfig.type is not set to DataIntegrityProof ' +
+        'and/or proofConfig.cryptosuite is not set to ecdsa-rdfc-2019, ' +
+        'an error MUST be raised and SHOULD convey an error type ' +
+        'of PROOF_GENERATION_ERROR.',
+      async function() {
+        this.test.link = 'https://www.w3.org/TR/vc-di-ecdsa/#proof-configuration-ecdsa-rdfc-2019';
+        const proof = proofExists(proofs);
+        should.exist(proof.type,
+          'Expected a type identifier on the proof.');
+        should.exist(proof.cryptosuite,
+          'Expected a cryptosuite identifier on the proof.');
+        proof.type.should.equal('DataIntegrityProof',
+          'Expected DataIntegrityProof type.');
+        proof.cryptosuite.should.equal('ecdsa-rdfc-2019',
+          'Expected ecdsa-rdfc-2019 cryptosuite.');
+      });
+      it('If proofConfig.created is set and if the value is not a ' +
+        'valid [XMLSCHEMA11-2] datetime, an error MUST be raised and ' +
+        'SHOULD convey an error type of PROOF_GENERATION_ERROR.',
+      async function() {
+        this.test.link = 'https://www.w3.org/TR/vc-di-ecdsa/#proof-configuration-ecdsa-rdfc-2019';
+        const proof = proofExists(proofs);
+        if(proof?.created) {
+          isValidDatetime(proof.created).should.equal(
+            true,
+            'Expected created value to be a valid datetime string.'
+          );
         }
       });
     });
@@ -114,16 +158,12 @@ describe('ecdsa-rdfc-2019 - Algorithms - Proof Configuration', function() {
   for(const [columnId, {endpoints}] of issuers) {
     describe(columnId, function() {
       const [issuer] = endpoints;
-      let issuedVc;
+      let securedCredential;
       let proofs;
-      let rdfc2019Proofs = [];
       before(async function() {
-        issuedVc = await createInitialVc({issuer, vc: validCredential});
-        proofs = getProofs(issuedVc);
-        if(proofs?.length) {
-          rdfc2019Proofs = proofs.filter(
-            proof => proof?.cryptosuite === cryptosuite);
-        }
+        securedCredential = await secureCredential(
+          {issuer, vc: generateCredential()});
+        proofs = getProofs(securedCredential);
       });
       beforeEach(setupRow);
       const assertBefore = () => {
@@ -216,11 +256,9 @@ describe('ecdsa-rdfc-2019 - Algorithms - Proof Serialization', function() {
         '(cryptosuite).',
       async function() {
         this.test.link = 'https://www.w3.org/TR/vc-di-ecdsa/#proof-serialization-ecdsa-rdfc-2019';
-        assertBefore();
-        for(const proof of rdfc2019Proofs) {
-          should.exist(proof.type,
-            'Expected a type identifier on the proof.');
-        }
+        const proof = proofExists(proofs);
+        should.exist(proof.type,
+          'Expected a type identifier on the proof.');
       });
     });
   }

tests/helpers.js

@@ -288,14 +288,19 @@ export function setupRow() {
   };
 }
 
+export function proofExists(proofs) {
+  should.exist(proofs,
+    'Expected credential to have a proof.');
+  proofs.length.should.be.gte(1,
+    'Expected credential to have at least one proof.');
+  return proofs[0];
+}
+
 export function assertSecuredCredential(securedCredential) {
   should.exist(securedCredential,
     'Expected issuer to have issued a credential.');
   const proofs = getProofs(securedCredential);
-  should.exist(proofs,
-    'Expected credential to have a proof.');
-  proofs.length.should.equal(1,
-    'Expected credential to have a single proof.');
+  proofExists(proofs);
 }
 
 export async function verifySuccess(verifier, securedCredential) {