mirror of
https://github.com/oceanprotocol/ocean.js.git
synced 2024-11-26 20:39:05 +01:00
chore: add tests
This commit is contained in:
AdriGeorge
parent
4e975a602d
commit
367babb0ca
@ -1,4 +1,4 @@
|
|||||||
import { base64url, importJWK, JWTPayload, SignJWT } from 'jose'
|
import { base64url, importJWK, JWTPayload, jwtVerify, SignJWT } from 'jose'
|
||||||
import axios from 'axios'
|
import axios from 'axios'
|
||||||
import { ethers } from 'ethers'
|
import { ethers } from 'ethers'
|
||||||
import { IssuerKey, SignedCredential } from '../@types/IssuerSignature'
|
import { IssuerKey, SignedCredential } from '../@types/IssuerSignature'
|
||||||
@ -85,3 +85,41 @@ export async function signCredential(
|
|||||||
throw error
|
throw error
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
|
/**
|
||||||
|
* Verifies a verifiable credential's JWS using the issuer's public key.
|
||||||
|
* @param {string} jws - The JSON Web Signature (JWS) to verify.
|
||||||
|
* @param {string} issuerPublicKey - The public key of the issuer in hexadecimal format.
|
||||||
|
* @returns {Promise<JWTPayload>} - The verified payload of the credential.
|
||||||
|
* @throws {Error} If the verification fails.
|
||||||
|
*/
|
||||||
|
export async function verifyCredential(
|
||||||
|
jws: string,
|
||||||
|
issuerPublicKey: string
|
||||||
|
): Promise<JWTPayload> {
|
||||||
|
const publicKeyBuffer = Buffer.from(issuerPublicKey.substring(2), 'hex')
|
||||||
|
const xBuffer = publicKeyBuffer.slice(1, 33)
|
||||||
|
const yBuffer = publicKeyBuffer.slice(33, 65)
|
||||||
|
|
||||||
|
const x = base64url.encode(xBuffer as any as Uint8Array)
|
||||||
|
const y = base64url.encode(yBuffer as any as Uint8Array)
|
||||||
|
|
||||||
|
const publicJwk = {
|
||||||
|
kty: 'EC',
|
||||||
|
crv: 'secp256k1',
|
||||||
|
x,
|
||||||
|
y,
|
||||||
|
alg: 'ES256K',
|
||||||
|
use: 'sig'
|
||||||
|
}
|
||||||
|
|
||||||
|
const key = await importJWK(publicJwk, 'ES256K')
|
||||||
|
|
||||||
|
try {
|
||||||
|
const { payload } = await jwtVerify(jws, key)
|
||||||
|
return payload
|
||||||
|
} catch (error) {
|
||||||
|
console.error('Verification failed:', error)
|
||||||
|
throw error
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|||||||
75
test/unit/SignDDO.test.ts
Normal file
75
test/unit/SignDDO.test.ts
Normal file
@ -0,0 +1,75 @@
|
|||||||
|
import { assert } from 'chai'
|
||||||
|
import { signCredential, verifyCredential } from '../../src'
|
||||||
|
import { ethers } from 'ethers'
|
||||||
|
|
||||||
|
const mockVerifiableCredential = {
|
||||||
|
'@context': ['https://www.w3.org/2018/credentials/v1'],
|
||||||
|
type: ['VerifiableCredential'],
|
||||||
|
credentialSubject: { id: 'did:example:123' },
|
||||||
|
issuer: 'did:example:issuer',
|
||||||
|
issuanceDate: '2023-01-01T00:00:00Z'
|
||||||
|
}
|
||||||
|
|
||||||
|
describe('Credential Signing and Verification Functions', () => {
|
||||||
|
describe('signCredential', () => {
|
||||||
|
it('should sign the credential locally using a private key', async () => {
|
||||||
|
const privateKey =
|
||||||
|
'0xc594c6e5def4bab63ac29eed19a134c130388f74f019bc74b8f4389df2837a58'
|
||||||
|
|
||||||
|
const result = await signCredential(mockVerifiableCredential, privateKey)
|
||||||
|
|
||||||
|
assert.isString(result.jws, 'JWS should be a string')
|
||||||
|
assert.isObject(result.header, 'Header should be an object')
|
||||||
|
assert.equal(result.header.alg, 'ES256K', 'Algorithm should be ES256K')
|
||||||
|
assert.isString(result.issuer, 'Issuer should be a string')
|
||||||
|
})
|
||||||
|
})
|
||||||
|
|
||||||
|
describe('verifyCredential', () => {
|
||||||
|
it('should verify the signed credential with the correct public key', async () => {
|
||||||
|
const privateKey =
|
||||||
|
'0xc594c6e5def4bab63ac29eed19a134c130388f74f019bc74b8f4389df2837a58'
|
||||||
|
const wallet = new ethers.Wallet(privateKey)
|
||||||
|
const { publicKey } = wallet._signingKey()
|
||||||
|
|
||||||
|
const { jws } = await signCredential(mockVerifiableCredential, privateKey)
|
||||||
|
|
||||||
|
const payload = await verifyCredential(jws, publicKey)
|
||||||
|
assert.deepEqual(
|
||||||
|
{
|
||||||
|
type: payload.type,
|
||||||
|
credentialSubject: payload.credentialSubject,
|
||||||
|
issuer: payload.issuer,
|
||||||
|
issuanceDate: payload.issuanceDate
|
||||||
|
},
|
||||||
|
{
|
||||||
|
type: mockVerifiableCredential.type,
|
||||||
|
credentialSubject: mockVerifiableCredential.credentialSubject,
|
||||||
|
issuer: mockVerifiableCredential.issuer,
|
||||||
|
issuanceDate: mockVerifiableCredential.issuanceDate
|
||||||
|
},
|
||||||
|
'Payload should match the original credential'
|
||||||
|
)
|
||||||
|
})
|
||||||
|
|
||||||
|
it('should throw an error if verification fails due to an invalid signature', async () => {
|
||||||
|
const privateKey =
|
||||||
|
'0xc594c6e5def4bab63ac29eed19a134c130388f74f019bc74b8f4389df2837a58'
|
||||||
|
const invalidPublicKey =
|
||||||
|
'0x0491d20394c7c2b191c6db3a3a9e7eac21d9c6741dcf66010e0a743530d8c1b05656fb9b555ebc4162df5d1cf3e372a4e0230205932c27fcd998bdbe26399236f9'
|
||||||
|
|
||||||
|
const { jws } = await signCredential(mockVerifiableCredential, privateKey)
|
||||||
|
|
||||||
|
try {
|
||||||
|
await verifyCredential(jws, invalidPublicKey)
|
||||||
|
assert.fail('Expected error to be thrown')
|
||||||
|
} catch (error) {
|
||||||
|
assert.include(
|
||||||
|
error.message,
|
||||||
|
'Invalid JWK EC key',
|
||||||
|
'Error should indicate failed verification'
|
||||||
|
)
|
||||||
|
}
|
||||||
|
})
|
||||||
|
})
|
||||||
|
})
|
||||||
Loading…
x
Reference in New Issue
Block a user