@arcblock/vc - npm Package Compare versions

Comparing version 1.18.166 to 1.19.0

lib/index.js

@@ -36,5 +36,5 @@ /**
  * @param {String} params.endpointScope - Endpoint scope, either be public or private
- * @returns {object}
+ * @returns {Promise<object>}
  */
-function create({
+async function create({
   type,
@@ -128,3 +128,3 @@ subject,
 
-  if (verify({ vc: result, ownerDid: subject.id, trustedIssuers: [issuerDid] })) {
+  if (await verify({ vc: result, ownerDid: subject.id, trustedIssuers: [issuerDid] })) {
     return result;
@@ -147,5 +147,5 @@ }
  * @throws {Error}
- * @returns {boolean}
+ * @returns {Promise<boolean>}
  */
-function verify({ vc, ownerDid, trustedIssuers, ignoreExpired = false }) {
+async function verify({ vc, ownerDid, trustedIssuers, ignoreExpired = false }) {
   // Integrity check
@@ -202,3 +202,3 @@ if (!vc) {
   // Verify signature
-  if (issuer.verify(stringify(clone), fromBase64(signature)) !== true) {
+  if ((await issuer.verify(stringify(clone), fromBase64(signature))) !== true) {
     throw Error('Verifiable credential signature not valid');
@@ -223,5 +223,5 @@ }
  * @throws {Error}
- * @returns {boolean}
+ * @returns {Promise<boolean>}
  */
-function verifyPresentation({ presentation, trustedIssuers, challenge, ignoreExpired = false }) {
+async function verifyPresentation({ presentation, trustedIssuers, challenge, ignoreExpired = false }) {
   if (!presentation.challenge || challenge !== presentation.challenge) {
@@ -239,18 +239,20 @@ throw Error('Invalid challenge included on vc presentation');
 
-  vcList.forEach((vcStr) => {
-    const vcObj = JSON.parse(vcStr);
-    const proof = proofList.find((x) => isFromPublicKey(vcObj.credentialSubject.id, x.pk));
+  await Promise.all(
+    vcList.map(async (vcStr) => {
+      const vcObj = JSON.parse(vcStr);
+      const proof = proofList.find((x) => isFromPublicKey(vcObj.credentialSubject.id, x.pk));
 
-    if (!proof) {
-      throw Error(`VC does not have corresponding proof: ${vcStr}`);
-    }
+      if (!proof) {
+        throw Error(`VC does not have corresponding proof: ${vcStr}`);
+      }
 
-    const signature = proof.jws;
-    const holder = fromPublicKey(fromBase58(proof.pk), toTypeInfo(vcObj.credentialSubject.id));
-    if (holder.verify(stringify(clone), fromBase64(signature)) !== true) {
-      throw Error('Presentation signature invalid');
-    }
+      const signature = proof.jws;
+      const holder = fromPublicKey(fromBase58(proof.pk), toTypeInfo(vcObj.credentialSubject.id));
+      if ((await holder.verify(stringify(clone), fromBase64(signature))) !== true) {
+        throw Error('Presentation signature invalid');
+      }
 
-    verify({ vc: vcObj, ownerDid: vcObj.credentialSubject.id, trustedIssuers, ignoreExpired });
-  });
+      await verify({ vc: vcObj, ownerDid: vcObj.credentialSubject.id, trustedIssuers, ignoreExpired });
+    })
+  );
 
@@ -301,3 +303,4 @@ return true;
 
-function verifyCredentialList({ credentials, trustedIssuers }) {
+// eslint-disable-next-line require-await
+async function verifyCredentialList({ credentials, trustedIssuers }) {
   if (!credentials || !Array.isArray(credentials)) {
@@ -307,28 +310,30 @@ throw new Error('Can not verify with empty credentials list');
 
-  return credentials.map((x) => {
-    // Verify issuer
-    const issuers = Array.isArray(trustedIssuers) ? trustedIssuers : [trustedIssuers];
-    const issuerDid = issuers.find((d) => d === x.issuer.id);
-    if (!issuerDid) {
-      throw new Error('Credential not issued by trusted issuers');
-    }
-    if (!isFromPublicKey(issuerDid, x.issuer.pk)) {
-      throw new Error('Credential not issuer pk not match with issuer did');
-    }
+  return Promise.all(
+    credentials.map(async (x) => {
+      // Verify issuer
+      const issuers = Array.isArray(trustedIssuers) ? trustedIssuers : [trustedIssuers];
+      const issuerDid = issuers.find((d) => d === x.issuer.id);
+      if (!issuerDid) {
+        throw new Error('Credential not issued by trusted issuers');
+      }
+      if (!isFromPublicKey(issuerDid, x.issuer.pk)) {
+        throw new Error('Credential not issuer pk not match with issuer did');
+      }
 
-    // Construct the issuer wallet
-    const issuer = fromPublicKey(x.issuer.pk, toTypeInfo(issuerDid));
+      // Construct the issuer wallet
+      const issuer = fromPublicKey(x.issuer.pk, toTypeInfo(issuerDid));
 
-    // NOTE: we are ignoring other fields of the proof
-    const clone = cloneDeep(x);
-    const signature = clone.proof.jws;
-    delete clone.proof;
+      // NOTE: we are ignoring other fields of the proof
+      const clone = cloneDeep(x);
+      const signature = clone.proof.jws;
+      delete clone.proof;
 
-    // Verify signature
-    if (issuer.verify(stringify(clone), fromBase64(signature)) !== true) {
-      throw Error('Status credential signature not valid');
-    }
+      // Verify signature
+      if ((await issuer.verify(stringify(clone), fromBase64(signature))) !== true) {
+        throw Error('Status credential signature not valid');
+      }
 
-    return x.claim;
-  });
+      return x.claim;
+    })
+  );
 }
@@ -335,0 +340,0 @@

package.json

 {
   "name": "@arcblock/vc",
-  "version": "1.18.166",
+  "version": "1.19.0",
   "description": "Javascript lib to work with ArcBlock Verifiable Credentials",
@@ -50,6 +50,6 @@ "keywords": [
   "dependencies": {
-    "@arcblock/did": "1.18.166",
-    "@ocap/mcrypto": "1.18.166",
-    "@ocap/util": "1.18.166",
-    "@ocap/wallet": "1.18.166",
+    "@arcblock/did": "1.19.0",
+    "@ocap/mcrypto": "1.19.0",
+    "@ocap/util": "1.19.0",
+    "@ocap/wallet": "1.19.0",
     "debug": "^4.3.6",
@@ -60,3 +60,3 @@ "is-absolute-url": "^3.0.3",
   },
-  "gitHead": "58c8356b3b8c238728560e4c3fef6ed1704d3ac4"
+  "gitHead": "1b6fac03988fb18507c8ef4c21de282762005f87"
 }

New alerts

License Policy Violation

License

This package is not allowed per your license policy. Review the package's license to ensure compliance.

Found 1 instance in 1 package

Fixed alerts

License Policy Violation

License

This package is not allowed per your license policy. Review the package's license to ensure compliance.

Found 1 instance in 1 package

Improved metrics

Total package byte prevSize

16349

increased by1.5%

Lines of code

371

increased by1.37%

Dependency changes

• + Added@arcblock/did@1.19.0(transitive)

• + Added@hexagon/base64@1.1.28(transitive)

• + Added@levischuck/tiny-cbor@0.2.2(transitive)

• + Added@ocap/mcrypto@1.19.0(transitive)

• + Added@ocap/util@1.19.0(transitive)

• + Added@ocap/wallet@1.19.0(transitive)

• + Added@peculiar/asn1-android@2.3.15(transitive)

• + Added@peculiar/asn1-ecc@2.3.15(transitive)

• + Added@peculiar/asn1-rsa@2.3.15(transitive)

• + Added@peculiar/asn1-schema@2.3.15(transitive)

• + Added@peculiar/asn1-x509@2.3.15(transitive)

• + Added@simplewebauthn/server@13.0.0(transitive)

• + Addedasn1js@3.0.5(transitive)

• + Addedcross-fetch@4.1.0(transitive)

• + Addednode-fetch@2.7.0(transitive)

• + Addedpvtsutils@1.3.6(transitive)

• + Addedpvutils@1.1.3(transitive)

• + Addedtr46@0.0.3(transitive)

• + Addedtslib@2.8.1(transitive)

• + Addedwebidl-conversions@3.0.1(transitive)

• + Addedwhatwg-url@5.0.0(transitive)

• - Removed@arcblock/did@1.18.166(transitive)

• - Removed@ocap/mcrypto@1.18.166(transitive)

• - Removed@ocap/util@1.18.166(transitive)

• - Removed@ocap/wallet@1.18.166(transitive)

• Updated@arcblock/did@1.19.0

• Updated@ocap/mcrypto@1.19.0

• Updated@ocap/util@1.19.0

• Updated@ocap/wallet@1.19.0