jsonld-signatures
Advanced tools
Comparing version 8.0.2 to 9.0.0
# jsonld-signatures ChangeLog | ||
## 9.0.0 - 2021-04-06 | ||
### Changed | ||
- **BREAKING**: Remove `verificationMethod` param from suite constructor. It | ||
is now strictly initialized from `key.id` or `signer.id`. | ||
Increase validation on either key or signer/verifier parameters. | ||
### Fixed | ||
- Add missing `signer` and `verifier` parameters to the `LinkedDataSignature` | ||
constructor. This issue caused `this.signer` in subclasses to be `undefined`. | ||
## 8.0.2 - 2021-03-19 | ||
### Changed | ||
- In ProofSet, use the document's context for proof before defaulting to | ||
- In ProofSet, use the document's context for proof before defaulting to | ||
security context. | ||
@@ -23,3 +34,3 @@ | ||
- **BREAKING**: No longer shipping browser bundles. Due to splitting out suites | ||
into other packages, it becomes more pratical to create browser bundles at | ||
into other packages, it becomes more practical to create browser bundles at | ||
the application level with modern tools. | ||
@@ -26,0 +37,0 @@ - **BREAKING**: No longer exporting `crypto-ld` classes. |
@@ -14,31 +14,53 @@ /*! | ||
/** | ||
* @param type {string} Provided by subclass. | ||
* @param {object} options - Options hashmap. | ||
* @param {string} options.type - Suite name, provided by subclass. | ||
* @typedef LDKeyPair | ||
* @param {LDKeyPair} LDKeyClass - The crypto-ld key class that this suite | ||
* will use to sign/verify signatures. Provided by subclass. Used | ||
* during the `verifySignature` operation, to create an instance (containing | ||
* a `verifier()` property) of a public key fetched via a `documentLoader`. | ||
* | ||
* @param [verificationMethod] {string} A key id URL to the paired public key. | ||
* For `sign()` operations, either a `key` OR a `signer` is required. | ||
* For `verify()` operations, you can pass in a verifier (from KMS), or | ||
* the public key will be fetched via documentLoader. | ||
* | ||
* @param {object} [options.key] - An optional key object (containing an | ||
* `id` property, and either `signer` or `verifier`, depending on the | ||
* intended operation. Useful for when the application is managing keys | ||
* itself (when using a KMS, you never have access to the private key, | ||
* and so should use the `signer` param instead). | ||
* | ||
* @param {{sign: Function, id: string}} [options.signer] - Signer object | ||
* that has two properties: an async `sign()` method, and an `id`. This is | ||
* useful when interfacing with a KMS (since you don't get access to the | ||
* private key and its `signer`, the KMS client gives you only the signer | ||
* object to use). | ||
* | ||
* @param {{verify: Function, id: string}} [options.verifier] - Verifier | ||
* object that has two properties: an async `verify()` method, and an `id`. | ||
* Useful when working with a KMS-provided verifier. | ||
* | ||
* Advanced optional parameters and overrides: | ||
* | ||
* @param [proof] {object} a JSON-LD document with options to use for | ||
* the `proof` node (e.g. any other custom fields can be provided here | ||
* using a context different from security-v2). | ||
* @typedef {Object} LDKeyPair | ||
* @param {LDKeyPair} LDKeyClass - The crypto-ld key type that this suite | ||
* will use to sign/verify signatures. | ||
* @param [date] {string|Date} signing date to use if not passed. | ||
* @param [useNativeCanonize] {boolean} true to use a native canonize | ||
* algorithm. | ||
* @param {object} [options.proof] - A JSON-LD document with options to use | ||
* for the `proof` node (e.g. any other custom fields can be provided here | ||
* using a context different from security-v2). If not provided, this is | ||
* constructed during signing. | ||
* @param {string|Date} [options.date] - Signing date to use if not passed. | ||
* @param {boolean} [options.useNativeCanonize] - Whether to use a native | ||
* canonize algorithm. | ||
*/ | ||
constructor({ | ||
type, verificationMethod, proof, LDKeyClass, date, useNativeCanonize | ||
type, proof, LDKeyClass, date, key, signer, verifier, | ||
useNativeCanonize | ||
} = {}) { | ||
// validate common options | ||
if(verificationMethod !== undefined && | ||
typeof verificationMethod !== 'string') { | ||
throw new TypeError('"verificationMethod" must be a URL string.'); | ||
} | ||
super({type}); | ||
this.verificationMethod = verificationMethod; | ||
this.LDKeyClass = LDKeyClass; | ||
this.proof = proof; | ||
if(date !== undefined) { | ||
const vm = this._processSignatureParams({key, signer, verifier}); | ||
this.verificationMethod = vm.verificationMethod; | ||
this.key = vm.key; | ||
this.signer = vm.signer; | ||
this.verifier = vm.verifier; | ||
if(date) { | ||
this.date = new Date(date); | ||
@@ -283,2 +305,50 @@ if(isNaN(this.date)) { | ||
} | ||
/** | ||
* See constructor docstring for param details. | ||
* | ||
* @returns {{verificationMethod: string, key: LDKeyPair, | ||
* signer: {sign: Function, id: string}, | ||
* verifier: {verify: Function, id: string}}} - Validated and initialized | ||
* key-related parameters. | ||
*/ | ||
_processSignatureParams({key, signer, verifier}) { | ||
// We are explicitly not requiring a key or signer/verifier param to be | ||
// present, to support the verify() use case where the verificationMethod | ||
// is being fetched by the documentLoader | ||
const vm = {}; | ||
if(key) { | ||
vm.key = key; | ||
vm.verificationMethod = key.id; | ||
if(typeof key.signer === 'function') { | ||
vm.signer = key.signer(); | ||
} | ||
if(typeof key.verifier === 'function') { | ||
vm.verifier = key.verifier(); | ||
} | ||
if(!(vm.signer || vm.verifier)) { | ||
throw new TypeError( | ||
'The "key" parameter must contain a "signer" or "verifier" method.'); | ||
} | ||
} else { | ||
vm.verificationMethod = (signer && signer.id) || | ||
(verifier && verifier.id); | ||
vm.signer = signer; | ||
vm.verifier = verifier; | ||
} | ||
if(vm.signer) { | ||
if(typeof vm.signer.sign !== 'function') { | ||
throw new TypeError('A signer API has not been specified.'); | ||
} | ||
} | ||
if(vm.verifier) { | ||
if(typeof vm.verifier.verify !== 'function') { | ||
throw new TypeError('A verifier API has not been specified.'); | ||
} | ||
} | ||
return vm; | ||
} | ||
}; |
{ | ||
"name": "jsonld-signatures", | ||
"version": "8.0.2", | ||
"version": "9.0.0", | ||
"description": "An implementation of the Linked Data Signatures specifications for JSON-LD in JavaScript.", | ||
@@ -5,0 +5,0 @@ "homepage": "https://github.com/digitalbazaar/jsonld-signatures", |
63171
1191