@digitalbazaar/did-method-key
Advanced tools
@digitalbazaar/did-method-key - npm Package Compare versions
Comparing version 1.0.0 to 1.1.0
| # did:key driver ChangeLog | ||
| ## 1.1.0 - 2021-05-04 | ||
| ### Added | ||
| - Add `didKeyDriver.publicKeyToDidDoc({keyPair})` method. (This used to be | ||
| the `keyToDidDoc()` method, in `<= v0.7.0`, removed in v1.0 and brought back | ||
| by popular demand.) | ||
| ## 1.0.0 - 2021-04-09 | ||
| ### Changed | ||
| - **BREAKING**: Rename npm package from `did-method-key` to | ||
| - **BREAKING**: Rename npm package from `did-method-key` to | ||
| `@digitalbazaar/did-method-key`. | ||
@@ -11,2 +18,6 @@ - **BREAKING**: Return `{didDocument, keyPairs, methodFor}` from `generate()`. | ||
| `Ed25519VerificationKey2020` and `X25519KeyAgreementKey2020` crypto suites. | ||
| - **BREAKING**: DID Document context changed from `'https://w3id.org/did/v0.11'` | ||
| to the DID WG-published `https://www.w3.org/ns/did/v1`, plus the contexts | ||
| for the `Ed25519VerificationKey2020` and `X25519KeyAgreementKey2020` crypto | ||
| suites. See the "Example DID Document" section of the README. | ||
| - **BREAKING**: Rename `computeKeyId()` -> `computeId()`. | ||
@@ -17,3 +28,57 @@ - Avoid mutation of ed25519 key passed into keyToDidDoc. | ||
| - **BREAKING**: Move the lru-cache to `did-io`'s `CachedResolver` class. | ||
| - **BREAKING**: `keyToDidDoc` driver method removed. (See Upgrading notes | ||
| for alternatives.) | ||
| - **BREAKING**: The `publicKey` property of the DID Document has been deprecated | ||
| by the DID Data Model, and is now renamed to `verificationMethod`. | ||
| ### Upgrading from <= v.0.7.0 | ||
| **1)** Check for the changed `generate()` return signature. The usage is now: | ||
| ```js | ||
| const {didDocument, keyPairs, methodFor} = await didKeyDriver.generate(); | ||
| ``` | ||
| Note that `keyPairs` is a js `Map` instance containing the public/private key | ||
| pairs for both the signing key and the X25519 key agreement key. | ||
| And the `methodFor` convenience function allows you to fetch a particular | ||
| public/private key pair for a given purpose. For example: | ||
| ```js | ||
| const {didDocument, keyPairs, methodFor} = await didKeyDriver.generate(); | ||
| const authenticationKeyPair = methodFor({purpose: 'authentication'}); | ||
| const keyAgreementKeyPair = methodFor({purpose: 'keyAgreement'}); | ||
| ``` | ||
| **2)** Make sure to adjust your `documentLoader` to handle the new contexts. | ||
| **3)** The `keyToDidDoc` function has been renamed to `publicKeyToDidDoc()` (as | ||
| of v1.1), and the return signature has changed. | ||
| ```js | ||
| // For example, if you have a key description object (such as that returned by | ||
| // a KMS system's "generate key" operation): | ||
| const publicKeyDescription = { | ||
| "@context": "https://w3id.org/security/suites/ed25519-2020/v1", | ||
| "id": "did:key:z6MkuBLrjSGt1PPADAvuv6rmvj4FfSAfffJotC6K8ZEorYmv#z6MkuBLrjSGt1PPADAvuv6rmvj4FfSAfffJotC6K8ZEorYmv", | ||
| "type": "Ed25519VerificationKey2020", | ||
| "controller": "did:key:z6MkuBLrjSGt1PPADAvuv6rmvj4FfSAfffJotC6K8ZEorYmv", | ||
| "publicKeyMultibase": "zFj5p9C2Sfqth6g6DEXtw5dWFqrtpFn4TCBBPJHGnwKzY" | ||
| }; | ||
| const {didDocument} = await didKeyDriver.publicKeyToDidDoc({publicKeyDescription}); | ||
| // Or, you can start with an `LDKeyPair` instance: | ||
| const keyPair = await Ed25529VerificationKey2020.generate(); | ||
| const {didDocument} = await didKeyDriver.publicKeyToDidDoc({publicKeyDescription: keyPair}); | ||
| ``` | ||
| Don't forget that you can use the `didKeyDriver.publicMethodFor({purpose})` | ||
| method to fetch a particular key, after creating the DID Document. | ||
| ```js | ||
| const keyAgreementKey = didKeyDriver.publicMethodFor({didDocument, purpose: 'keyAgreement'}); | ||
| // Note that the resulting keyAgreementKey pair will only have the public key material, not private | ||
| ``` | ||
| ## 0.7.0 - 2020-09-23 | ||
@@ -20,0 +85,0 @@ |
@@ -142,9 +142,30 @@ /*! | ||
| /** | ||
| * Converts an Ed25519KeyPair object to a `did:key` method DID Document. | ||
| * Converts a public key object to a `did:key` method DID Document. | ||
| * Note that unlike `generate()`, a `keyPairs` map is not returned. Use | ||
| * `publicMethodFor()` to fetch keys for particular proof purposes. | ||
| * | ||
| * @param {object} options - Options hashmap. | ||
| * @typedef LDKeyPair | ||
| * @param {LDKeyPair} options.keyPair - A verification key pair to use to | ||
| * generate the DID Document. | ||
| * @param {LDKeyPair|object} options.publicKeyDescription - Public key object | ||
| * used to generate the DID document (either an LDKeyPair instance | ||
| * containing public key material, or a "key description" plain object | ||
| * (such as that generated from a KMS)). | ||
| * | ||
| * @returns {Promise<object>} Resolves with the generated DID Document. | ||
| */ | ||
| async publicKeyToDidDoc({publicKeyDescription} = {}) { | ||
| const {didDocument} = await this._keyPairToDidDocument({ | ||
| keyPair: publicKeyDescription | ||
| }); | ||
| return {didDocument}; | ||
| } | ||
| /** | ||
| * Converts an Ed25519KeyPair object to a `did:key` method DID Document. | ||
| * | ||
| * @param {object} options - Options hashmap. | ||
| * @param {LDKeyPair|object} options.keyPair - Key used to generate the DID | ||
| * document (either an LDKeyPair instance containing public key material, | ||
| * or a "key description" plain object (such as that generated from a KMS)). | ||
| * | ||
| * @returns {Promise<{didDocument: object, keyPairs: Map}>} | ||
@@ -151,0 +172,0 @@ * Resolves with the generated DID Document, along with the corresponding |
| { | ||
| "name": "@digitalbazaar/did-method-key", | ||
| "version": "1.0.0", | ||
| "version": "1.1.0", | ||
| "description": "A did:key method resolver.", | ||
@@ -5,0 +5,0 @@ "homepage": "http://github.com/digitalbazaar/did-method-key-js", |
@@ -175,2 +175,12 @@ # did:key method driver _(@digitalbazaar/did-method-key)_ | ||
| ### `publicKeyToDidDoc()` | ||
| If you already have an `Ed25519VerificationKey2020` public key object (as an | ||
| LDKeyPair instance, or a plain key description object), you can turn it into | ||
| a DID Document: | ||
| ```js | ||
| const {didDocument} = await didKeyDriver.publicKeyToDidDoc({publicKeyDescription}); | ||
| ``` | ||
| ### `get()` | ||
@@ -201,6 +211,6 @@ | ||
| "@context": "https://w3id.org/security/suites/ed25519-2020/v1", | ||
| "id": "did:key:z6MkuBLrjSGt1PPADAvuv6rmvj4FfSAfffJotC6K8ZEorYmv#z6MkuBLrjSGt1PPADAvuv6rmvj4FfSAfffJotC6K8ZEorYmv", | ||
| "type": "Ed25519VerificationKey2020", | ||
| "controller": "did:key:z6MkuBLrjSGt1PPADAvuv6rmvj4FfSAfffJotC6K8ZEorYmv", | ||
| "publicKeyMultibase": "zFj5p9C2Sfqth6g6DEXtw5dWFqrtpFn4TCBBPJHGnwKzY" | ||
| "id": "did:key:z6MkuBLrjSGt1PPADAvuv6rmvj4FfSAfffJotC6K8ZEorYmv#z6MkuBLrjSGt1PPADAvuv6rmvj4FfSAfffJotC6K8ZEorYmv", | ||
| "type": "Ed25519VerificationKey2020", | ||
| "controller": "did:key:z6MkuBLrjSGt1PPADAvuv6rmvj4FfSAfffJotC6K8ZEorYmv", | ||
| "publicKeyMultibase": "zFj5p9C2Sfqth6g6DEXtw5dWFqrtpFn4TCBBPJHGnwKzY" | ||
| } | ||
@@ -207,0 +217,0 @@ |
@@ -8,2 +8,4 @@ /*! | ||
| import {Ed25519VerificationKey2020} from | ||
| '@digitalbazaar/ed25519-verification-key-2020'; | ||
| import {driver} from '../'; | ||
@@ -102,2 +104,36 @@ | ||
| describe('publicKeyToDidDoc', () => { | ||
| it('should convert a key pair instance into a did doc', async () => { | ||
| // Note that a freshly-generated key pair does not have a controller | ||
| // or key id | ||
| const keyPair = await Ed25519VerificationKey2020.generate(); | ||
| const {didDocument} = await didKeyDriver.publicKeyToDidDoc({ | ||
| publicKeyDescription: keyPair | ||
| }); | ||
| expect(didDocument).to.exist; | ||
| expect(didDocument).to.have.property('@context'); | ||
| expect(didDocument.id).to.equal(`did:key:${keyPair.fingerprint()}`); | ||
| }); | ||
| it('should convert a plain object to a did doc', async () => { | ||
| const publicKeyDescription = { | ||
| '@context': 'https://w3id.org/security/suites/ed25519-2020/v1', | ||
| id: 'did:key:z6MkuBLrjSGt1PPADAvuv6rmvj4FfSAfffJotC6K8ZEorYmv#' + | ||
| 'z6MkuBLrjSGt1PPADAvuv6rmvj4FfSAfffJotC6K8ZEorYmv', | ||
| type: 'Ed25519VerificationKey2020', | ||
| controller: 'did:key:z6MkuBLrjSGt1PPADAvuv6rmvj4FfSAfffJotC6K8ZEorYmv', | ||
| publicKeyMultibase: 'zFj5p9C2Sfqth6g6DEXtw5dWFqrtpFn4TCBBPJHGnwKzY' | ||
| }; | ||
| const {didDocument} = await didKeyDriver | ||
| .publicKeyToDidDoc({publicKeyDescription}); | ||
| expect(didDocument).to.exist; | ||
| expect(didDocument).to.have.property('@context'); | ||
| expect(didDocument.id).to.equal( | ||
| 'did:key:z6MkuBLrjSGt1PPADAvuv6rmvj4FfSAfffJotC6K8ZEorYmv' | ||
| ); | ||
| }); | ||
| }); | ||
| describe('publicMethodFor', () => { | ||
@@ -104,0 +140,0 @@ it('should find a key for a did doc and purpose', async () => { |
New alerts
License Policy Violation
LicenseThis package is not allowed per your license policy. Review the package's license to ensure compliance.
Found 1 instance in 1 package
New author
Supply chain riskA new npm collaborator published a version of the package for the first time. New collaborators are usually benign additions to a project, but do indicate a change to the security surface area of a package.
Found 1 instance in 1 package
Fixed alerts
License Policy Violation
LicenseThis package is not allowed per your license policy. Review the package's license to ensure compliance.
Found 1 instance in 1 package
Improved metrics
- Total package byte prevSize
- increased by15.37%
41690
- Lines of code
- increased by10.92%
528
- Number of lines in readme file
- increased by3.79%
274
Worsened metrics
- Number of medium supply chain risk alerts
- increased byInfinity%
1
No dependency changes