Huge News!Announcing our $40M Series B led by Abstract Ventures.Learn More
Socket
Sign inDemoInstall
Socket
Sign inDemoInstall

@github-did/lib

Package Overview
Dependencies
Maintainers
2
Versions
6
Alerts
File Explorer

Advanced tools

License
Socket logo

Install Socket

Detect and block malicious and high-risk dependencies

Install

@github-did/lib - npm Package Compare versions

Comparing version 0.0.2 to 0.0.3

src/v2/__tests__/ed25519-sign-verify-didDoc.js
src/v2/__tests__/edv-wallet-interop.js
src/v2/__tests__/sanity.js
src/v2/func/createDIDDoc.js
src/v2/func/createDIDKeyKeypair.js
src/v2/func/createDIDKeyKeypair.spec.js
src/v2/func/wrappedDocumentLoader.js

7

package.json
{
"name": "@github-did/lib",
"version": "0.0.2",
"version": "0.0.3",
"description": "GitHub DID Library",

@@ -20,5 +20,8 @@ "main": "./src/index.js",

"dependencies": {
"@transmute/did-wallet": "0.0.0-3",
"@transmute/did-wallet": "0.0.0-5",
"@transmute/openpgpsignature2019": "^0.1.1",
"@transmute/rsasignature2017": "^0.1.0",
"crypto-ld": "^3.7.0",
"did-method-key": "^0.2.0",
"jsonld-signatures": "^4.4.0",
"jsonwebtoken": "^8.5.0",

@@ -25,0 +28,0 @@ "moment": "^2.24.0",

4

src/v2/__fixtures__/encryptedMessageFor.json
{
"fromPublicKeyId": "did:example:456#kid=nUN4nXQS5MwaLtSGPiWv0Cx7_WbZ6-BcXow6g6g_LEs",
"toPublicKeyId": "did:example:456#kid=nUN4nXQS5MwaLtSGPiWv0Cx7_WbZ6-BcXow6g6g_LEs",
"fromPublicKeyId": "did:example:456#nUN4nXQS5MwaLtSGPiWv0Cx7_WbZ6-BcXow6g6g_LEs",
"toPublicKeyId": "did:example:456#nUN4nXQS5MwaLtSGPiWv0Cx7_WbZ6-BcXow6g6g_LEs",
"cipherText": "-----BEGIN PGP MESSAGE-----\r\nVersion: OpenPGP.js v4.4.7\r\nComment: https://openpgpjs.org\r\n\r\nwX4DYp3oj7ZmdpsSAgMENtibiizsNERI4B9yj5Xb6UC8j23rzup3f77P4VMg\r\nYEQxYQeunmptCoNCv2xbKXexKgUH+bIODI7VtoPlJTDbgDBgpNSCMWnEPkIv\r\ny8NvPO9kdQwp1CNDzKB74pD/+wIdtyuwvEpuGRNZi2RWr/C+AnPSwCYB3JXA\r\neKJAiYmtSKIUkoQghwjDsImPI4ogFHXwdAWUkNfsxBTD7cT9gqi/TCx0hXly\r\nhwWhJqzZQnzqbC545LzxPSB74I3YMT5WerrZzOCmPEx1/77ppMtb1xFEeW9S\r\nRD08bA0YYlEETuueL6KTxbazAxdNf3cn8KUahKMhJLQezCvzTaWSzaRmo0LM\r\nKliOGgtGNxaFy6OIQFIZw9v7444Hh/3VmgHi+6np8zY5CDeXdonHgeGvsNo4\r\nH+btCpzaa0kX/MR+ZqibGhtmjrcEEvwiFFCfsL0TWXxl9zBHOz9hEoPxPp76\r\ndA==\r\n=pPkx\r\n-----END PGP MESSAGE-----\r\n"
}

15

src/v2/__fixtures__/index.js

@@ -20,2 +20,17 @@ const fs = require("fs");

kid: "nUN4nXQS5MwaLtSGPiWv0Cx7_WbZ6-BcXow6g6g_LEs"
},
{
type: "assymetric",
encoding: "base58",
didPublicKeyEncoding: "publicKeyBase58",
publicKey: "J5QHWFQNREPBnmwCDXZgzy5FjvDGFkLEgWVoEociTfXz",
privateKey:
"2zFSMA9EHEuEfFNydcMehd8a11PjFwKdTTkHaXKEvoajSAKAMi1zny5Bob4eCgWYUNa7RTkkYydz6CBAS6eqGmLg",
tags: [
"Ed25519VerificationKey2018",
"did:example:456",
"did:key:z6MkwXfL6VeokmseuGmtu6XXr4dFZVV7fdabNXQj55ajNtKN"
],
notes: "Created with did:key",
kid: "Wer8LMAAQgUAmj78VhIVwVs3pmn7fPNLf_09_jPgQHk"
}

@@ -22,0 +37,0 @@ ];

2

src/v2/__fixtures__/signedJson.json

@@ -6,3 +6,3 @@ {

"type": "OpenPgpSignature2019",
"creator": "did:example:456#kid=nUN4nXQS5MwaLtSGPiWv0Cx7_WbZ6-BcXow6g6g_LEs",
"creator": "did:example:456#nUN4nXQS5MwaLtSGPiWv0Cx7_WbZ6-BcXow6g6g_LEs",
"domain": "GitHubDID",

@@ -9,0 +9,0 @@ "nonce": "2bd6cbda2e876c1d07c3140e4e4cc3ee",

2

src/v2/didAuth/didChallengeResponse.spec.js

@@ -10,3 +10,3 @@ const { private_key, public_key } = require("../__fixtures__");

// private_key, public_key would be pulled from wallet and resolver in a real setting.
describe("DID Auth Challenge Response", () => {
describe.skip("DID Auth Challenge Response", () => {
let jwt_challenge;

@@ -13,0 +13,0 @@ let jsonld_challenge;

2

src/v2/didAuth/nistPulse.spec.js

@@ -9,3 +9,3 @@ const { private_key, public_key } = require("../__fixtures__");

describe("DID Auth with Nist Beacon", () => {
describe.skip("DID Auth with Nist Beacon", () => {
let jwt_nist_pulse;

@@ -12,0 +12,0 @@ let jsonld_nist_pulse;

25

src/v2/func/addKeyToWallet.spec.js
const addKeyToWallet = require("./addKeyToWallet");
const createWallet = require("./createWallet");
const createKeypair = require("./createKeypair");
const createDIDKeyKeypair = require("./createDIDKeyKeypair");
describe("addKeyToWallet", () => {
it("add a key to a did-wallet ", async () => {
it("add a key pgp key", async () => {
const wallet = await createWallet();

@@ -28,2 +29,24 @@

});
it("add a did:key", async () => {
const wallet = await createWallet();
const key = await createDIDKeyKeypair();
const updatedWallet = addKeyToWallet(wallet, {
type: "assymetric",
encoding: "base58",
didPublicKeyEncoding: "publicKeyBase58",
publicKey: key.publicKeyBase58,
privateKey: key.privateKeyBase58,
tags: [
"Ed25519VerificationKey2018",
"did:example:456",
key.didDocument.id
],
notes: "Created with did:key"
});
// console.log(JSON.stringify(updatedWallet, null, 2));
expect(wallet).not.toBe(updatedWallet);
const kid = Object.keys(updatedWallet.keys)[0];
expect(updatedWallet.keys[kid].publicKey).toBe(key.publicKeyBase58);
});
});

65

src/v2/func/createDIDDocFromWallet.js

@@ -1,69 +0,8 @@

const OpenPgpSignature2019 = require("@transmute/openpgpsignature2019");
const openpgp = require("openpgp");
const _ = require("lodash");
const createPublicKeyIDFromDIDAndKey = require("./createPublicKeyIDFromDIDAndKey");
const signWithWallet = require("./signWithWallet");
const findPublicKeyTypeKey = key => {
if (key.encoding === "application/pgp-keys") {
return "OpenPgpVerificationKey2019";
}
if (key.tags.includes("Secp256k1VerificationKey2018")) {
return "Secp256k1VerificationKey2018";
}
const createDIDDoc = require("./createDIDDoc");
if (key.tags.includes("RsaSignature2017")) {
return "RsaSignature2017";
}
};
// https://w3c-ccg.github.io/did-spec/
// publicKeyPem, publicKeyJwk, publicKeyHex, publicKeyBase64, publicKeyBase58, publicKeyMultibase
const findPublicKeyPropertyNameFromKey = key => {
if (key.encoding === "application/pgp-keys") {
return "publicKeyPem";
}
if (key.encoding === "application/x-pem-file") {
return "publicKeyPem";
}
if (key.didPublicKeyEncoding) {
return key.didPublicKeyEncoding;
}
};
module.exports = async (wallet, options) => {
let doc = {
"@context": "https://w3id.org/did/v1",
id: options.id,
publicKey: options.publicKey || [],
authentication: options.authentication || [],
service: options.service || []
};
let doc = await createDIDDoc(wallet, options);
if (options.includeKeysWithTags) {
const onlyWebKeys = wallet.extractByTags(options.includeKeysWithTags);
const didPublicKeys = onlyWebKeys.map(k => {
return {
encoding: k.encoding,
type: findPublicKeyTypeKey(k),
id: createPublicKeyIDFromDIDAndKey(options.id, k),
controller: options.id,
[findPublicKeyPropertyNameFromKey(k)]: k.publicKey
};
});
doc.publicKey = _.uniqBy([...doc.publicKey, ...didPublicKeys], k => {
return k.id;
});
}
if (doc.publicKey.length === 1) {
doc.authentication = _.uniqBy(
[...doc.authentication, doc.publicKey[0].id],
k => {
return k.id || k;
}
);
}
if (options.signWithKID) {

@@ -70,0 +9,0 @@ doc = signWithWallet(doc, options.id, options.signWithKID, wallet);

2

src/v2/func/createPublicKeyIDFromDIDAndKey.js
const createPublicKeyIDFromDIDAndKey = (did, key) => {
return `${did}#kid=${key.kid}`;
return `${did}#${key.kid}`;
};
module.exports = createPublicKeyIDFromDIDAndKey;

8

src/v2/func/decryptForWithWalletAndResolver.js

@@ -14,6 +14,6 @@ const openpgp = require("openpgp");

const publicKey = getPublicKeyFromDIDDoc(fromDidDoc, fromPublicKeyId);
const toKid = toPublicKeyId.split("#kid=").pop();
const privateKey = (await openpgp.key.readArmored(
wallet.keys[toKid].privateKey
)).keys[0];
const toKid = toPublicKeyId.split("#").pop();
const privateKey = (
await openpgp.key.readArmored(wallet.keys[toKid].privateKey)
).keys[0];

@@ -20,0 +20,0 @@ const options = {

8

src/v2/func/encryptForWithWalletAndResolver.js

@@ -16,6 +16,6 @@ const openpgp = require("openpgp");

const publicKey = getPublicKeyFromDIDDoc(toDidDoc, toPublicKeyId);
const fromKid = fromPublicKeyId.split("#kid=").pop();
const privateKey = (await openpgp.key.readArmored(
wallet.keys[fromKid].privateKey
)).keys[0];
const fromKid = fromPublicKeyId.split("#").pop();
const privateKey = (
await openpgp.key.readArmored(wallet.keys[fromKid].privateKey)
).keys[0];

@@ -22,0 +22,0 @@ const options = {

8

src/v2/func/encryptForWithWalletAndResolver.spec.js

@@ -21,4 +21,4 @@ const fixtures = require("../__fixtures__");

data,
fromPublicKeyId: "did:example:456#kid=" + fixtures.testWalletKeys[0].kid,
toPublicKeyId: "did:example:456#kid=" + fixtures.testWalletKeys[0].kid,
fromPublicKeyId: "did:example:456#" + fixtures.testWalletKeys[0].kid,
toPublicKeyId: "did:example:456#" + fixtures.testWalletKeys[0].kid,
wallet,

@@ -29,6 +29,6 @@ resolver: walletResolver

expect(payload.fromPublicKeyId).toBe(
"did:example:456#kid=" + fixtures.testWalletKeys[0].kid
"did:example:456#" + fixtures.testWalletKeys[0].kid
);
expect(payload.toPublicKeyId).toBe(
"did:example:456#kid=" + fixtures.testWalletKeys[0].kid
"did:example:456#" + fixtures.testWalletKeys[0].kid
);

@@ -35,0 +35,0 @@

2

src/v2/func/index.js
const createKeypair = require("./createKeypair");
const createDIDKeyKeypair = require("./createDIDKeyKeypair");
const createWallet = require("./createWallet");

@@ -13,2 +14,3 @@ const addKeyToWallet = require("./addKeyToWallet");

createKeypair,
createDIDKeyKeypair,
createWallet,

@@ -15,0 +17,0 @@ addKeyToWallet,

3

src/v2/func/resolver.js

@@ -6,3 +6,4 @@ const getJson = require("./getJson");

resolve: did => {
const cleanedDID = did.split('#').shift();
// use universal resolver...
const cleanedDID = did.split("#").shift();
const url = didToDIDDocumentURL(cleanedDID);

@@ -9,0 +10,0 @@ return getJson(url).catch(e => {

53

src/v2/func/signWithWallet.js
const openpgp = require("openpgp");
const OpenPgpSignature2019 = require("@transmute/openpgpsignature2019");
const { Ed25519KeyPair } = require("crypto-ld");
const jsigs = require("jsonld-signatures");
const { Ed25519Signature2018 } = jsigs.suites;
const { AssertionProofPurpose } = jsigs.purposes;
const createPublicKeyIDFromDIDAndKey = require("./createPublicKeyIDFromDIDAndKey");
const wrappedDocumentLoader = require("./wrappedDocumentLoader");
const createDIDDoc = require("./createDIDDoc");
const signWithWallet = async (data, did, kid, wallet) => {
return OpenPgpSignature2019.sign({
data,
domain: "GitHubDID",
signatureAttribute: "proof",
creator: createPublicKeyIDFromDIDAndKey(did, wallet.keys[kid]),
privateKey: (await openpgp.key.readArmored(wallet.keys[kid].privateKey))
.keys[0]
});
// console.log(wallet.keys[kid]);
if (wallet.keys[kid].encoding === "base58") {
// console.log(wallet.keys[kid].publicKey);
const publicKeyId = createPublicKeyIDFromDIDAndKey(did, wallet.keys[kid]);
const didDoc = createDIDDoc(wallet, {
includeKeysWithTags: [did],
id: did
});
const signed = await jsigs.sign(data, {
documentLoader: wrappedDocumentLoader({
//args that are needed in the wrapper.. such as zcaps
}),
suite: new Ed25519Signature2018({
verificationMethod: publicKeyId,
key: new Ed25519KeyPair({
privateKeyBase58: wallet.keys[kid].privateKey,
publicKeyBase58: wallet.keys[kid].publicKey
})
}),
purpose: new AssertionProofPurpose({ controller: didDoc }),
compactProof: false
});
return signed;
} else {
return OpenPgpSignature2019.sign({
data,
domain: "GitHubDID",
signatureAttribute: "proof",
creator: createPublicKeyIDFromDIDAndKey(did, wallet.keys[kid]),
privateKey: (await openpgp.key.readArmored(wallet.keys[kid].privateKey))
.keys[0]
});
}
};
module.exports = signWithWallet;

21

src/v2/func/signWithWallet.spec.js

@@ -6,3 +6,3 @@ const fixtures = require("../__fixtures__");

describe("signWithWallet", () => {
it("can sign with wallet", async () => {
it("can sign with gpg wallet", async () => {
const wallet = await createWallet({

@@ -20,7 +20,22 @@ keys: fixtures.testWalletKeys

expect(signed.proof.creator).toBe(
"did:example:456#kid=" + fixtures.testWalletKeys[0].kid
"did:example:456#" + fixtures.testWalletKeys[0].kid
);
});
// console.log(JSON.stringify(signed));
it("can sign with did:key wallet", async () => {
const wallet = await createWallet({
keys: fixtures.testWalletKeys
});
const data = {
"@context": ["https://w3id.org/identity/v1"],
givenName: "Alice"
};
const kid = Object.keys(wallet.keys)[1];
const signed = await signWithWallet(data, "did:example:456", kid, wallet);
expect(signed.proof.verificationMethod).toBe(
"did:example:456#" + fixtures.testWalletKeys[1].kid
);
});
});

33

src/v2/func/verifyWithResolver.js
const getPublicKeyFromDIDDoc = require("./getPublicKeyFromDIDDoc");
const OpenPgpSignature2019 = require("@transmute/openpgpsignature2019");
const wrappedDocumentLoader = require("./wrappedDocumentLoader");
const jsigs = require("jsonld-signatures");
const { Ed25519Signature2018 } = jsigs.suites;
const { AssertionProofPurpose } = jsigs.purposes;
const { Ed25519KeyPair } = require("crypto-ld");
const verifyWithResolver = async (signedData, resolver) => {
const doc = await resolver.resolve(signedData.proof.creator);
const publicKey = getPublicKeyFromDIDDoc(doc, signedData.proof.creator);
const verificationMethod = signedData.proof.verificationMethod
? signedData.proof.verificationMethod
: signedData.proof.creator;
const doc = await resolver.resolve(verificationMethod);
const didPublicKey = doc.publicKey.find(k => {
return k.id == verificationMethod;
});
if (didPublicKey.type === "Ed25519VerificationKey2018") {
const result = await jsigs.verify(signedData, {
documentLoader: wrappedDocumentLoader({
//args that are needed in the wrapper.. such as zcaps
}),
suite: new Ed25519Signature2018({
key: new Ed25519KeyPair(didPublicKey)
}),
purpose: new AssertionProofPurpose({ controller: doc })
});
return result.verified;
}
return OpenPgpSignature2019.verify({
data: signedData,
signatureAttribute: "proof",
publicKey
publicKey: getPublicKeyFromDIDDoc(doc, verificationMethod)
});

@@ -12,0 +39,0 @@ };

18

src/v2/func/verifyWithResolver.spec.js

@@ -5,3 +5,5 @@ const fixtures = require("../__fixtures__");

const verifyWithResolver = require("./verifyWithResolver");
const createDIDDocFromWallet = require("./createDIDDocFromWallet");
jest.setTimeout(10 * 1000);
describe("verifyWithResolver", () => {

@@ -13,9 +15,17 @@ it("can verify with walletResolver", async () => {

const doc = await createDIDDocFromWallet(wallet, {
signWithKID: fixtures.testWalletKeys[1].kid,
includeKeysWithTags: ["did:example:456"],
id: "did:example:456",
publicKey: [],
service: [],
authentication: []
});
// console.log(doc);
const walletResolver = createWalletResolver(wallet);
const verified = await verifyWithResolver(
fixtures.signedJson,
walletResolver
);
const verified = await verifyWithResolver(doc, walletResolver);
expect(verified).toBe(true);
});
});
SocketSocket SOC 2 Logo

Product

  • Package Alerts
  • Integrations
  • Docs
  • Pricing
  • FAQ
  • Roadmap
  • Changelog

About

Packages

npm

Go

Maven

PyPI

Rubygems

Stay in touch

Get open source security insights delivered straight into your inbox.

  • Terms
  • Privacy
  • Security

Made with ⚡️ by Socket Inc