From fa2eee801d2c36d217003e8c2f8a9ff4022fb7e3 Mon Sep 17 00:00:00 2001 From: PatStLouis Date: Thu, 6 Mar 2025 19:31:16 +0000 Subject: [PATCH 1/3] adds appropriate tags for tests to show up in report, comment out some tests Signed-off-by: PatStLouis --- tests/90-algorithms-jcs.js | 1 + tests/90-algorithms-rdfc.js | 1 + tests/90-algorithms-sd.js | 102 ++++----- tests/95-functions-sd.js | 417 ++++++++++++++++++------------------ 4 files changed, 263 insertions(+), 258 deletions(-) diff --git a/tests/90-algorithms-jcs.js b/tests/90-algorithms-jcs.js index e3d64f2..b663bf3 100644 --- a/tests/90-algorithms-jcs.js +++ b/tests/90-algorithms-jcs.js @@ -90,6 +90,7 @@ describe('Algorithms - Create Proof (ecdsa-jcs-2019)', function() { describe('Algorithms - Verify Proof (ecdsa-jcs-2019)', function() { setupReportableTestSuite(this); + this.implemented = [...verifiers.keys()]; for(const [columnId, {endpoints}] of verifiers) { describe(columnId, function() { const [verifier] = endpoints; diff --git a/tests/90-algorithms-rdfc.js b/tests/90-algorithms-rdfc.js index 9d1bb62..9b99596 100644 --- a/tests/90-algorithms-rdfc.js +++ b/tests/90-algorithms-rdfc.js @@ -74,6 +74,7 @@ describe('Algorithms - Create Proof (ecdsa-rdfc-2019)', function() { describe('Algorithms - Verify Proof (ecdsa-rdfc-2019)', function() { setupReportableTestSuite(this); + this.implemented = [...verifiers.keys()]; for(const [columnId, {endpoints}] of verifiers) { describe(columnId, function() { const [verifier] = endpoints; diff --git a/tests/90-algorithms-sd.js b/tests/90-algorithms-sd.js index dcaf441..cf1aa56 100644 --- a/tests/90-algorithms-sd.js +++ b/tests/90-algorithms-sd.js @@ -4,7 +4,7 @@ */ import { assertAllUtf8, - assertCryptosuiteProof, + // assertCryptosuiteProof, assertDataIntegrityProof } from './assertions.js'; import { @@ -12,7 +12,7 @@ import { generateCredential, inspectSdBaseProofValue, inspectSdDerivedProofValue, - isValidDatetime, + // isValidDatetime, proofExists, secureCredential, setupReportableTestSuite, @@ -139,54 +139,56 @@ describe('Algorithms - Base Proof Transformation (ecdsa-sd-2023)', function() { } }); -describe('Algorithms - Base Proof Configuration (ecdsa-sd-2023)', function() { - setupReportableTestSuite(this); - this.implemented = [...issuers.keys()]; - for(const [columnId, {endpoints}] of issuers) { - describe(columnId, function() { - const [issuer] = endpoints; - let securedCredential; - before(async function() { - const mandatoryPointers = ['/credentialSubject/name']; - securedCredential = await secureCredential( - {issuer, vc: generateCredential(), mandatoryPointers}); - }); - it('The proof options MUST contain a type identifier for the ' + - 'cryptographic suite (type) and MUST contain a cryptosuite ' + - 'identifier (cryptosuite).', - async function() { - this.test.link = 'https://www.w3.org/TR/vc-di-ecdsa/#proof-configuration-ecdsa-sd-2023'; - const proof = proofExists(securedCredential); - should.exist(proof.type, - 'Expected a type identifier on the proof.'); - should.exist(proof.cryptosuite, - 'Expected a cryptosuite identifier on the proof.'); - }); - it('If proofConfig.type is not set to DataIntegrityProof and/or ' + - 'proofConfig.cryptosuite is not set to ecdsa-sd-2023, ' + - 'an error MUST be raised and SHOULD convey an error type of ' + - 'PROOF_GENERATION_ERROR.', - async function() { - this.test.link = 'https://www.w3.org/TR/vc-di-ecdsa/#proof-configuration-ecdsa-sd-2023'; - const proof = proofExists(securedCredential); - assertCryptosuiteProof(proof, 'ecdsa-sd-2023'); - }); - it('If proofConfig.created is set and if the value is not a ' + - 'valid [XMLSCHEMA11-2] datetime, an error MUST be raised and ' + - 'SHOULD convey an error type of PROOF_GENERATION_ERROR.', - async function() { - this.test.link = 'https://www.w3.org/TR/vc-di-ecdsa/#proof-configuration-ecdsa-sd-2023'; - const proof = proofExists(securedCredential); - if(proof?.created) { - isValidDatetime(proof.created).should.equal( - true, - 'Expected created value to be a valid datetime string.' - ); - } - }); - }); - } -}); +// TODO, these tests are not appearing in the report so commenting out +// describe('Algorithms - Base Proof Configuration (ecdsa-sd-2023)', +// function() { +// setupReportableTestSuite(this); +// this.implemented = [...issuers.keys()]; +// for(const [columnId, {endpoints}] of issuers) { +// describe(columnId, function() { +// const [issuer] = endpoints; +// let securedCredential; +// before(async function() { +// const mandatoryPointers = ['/credentialSubject/name']; +// securedCredential = await secureCredential( +// {issuer, vc: generateCredential(), mandatoryPointers}); +// }); +// it('The proof options MUST contain a type identifier for the ' + +// 'cryptographic suite (type) and MUST contain a cryptosuite ' + +// 'identifier (cryptosuite).', +// async function() { +// this.test.link = 'https://www.w3.org/TR/vc-di-ecdsa/#proof-configuration-ecdsa-sd-2023'; +// const proof = proofExists(securedCredential); +// should.exist(proof.type, +// 'Expected a type identifier on the proof.'); +// should.exist(proof.cryptosuite, +// 'Expected a cryptosuite identifier on the proof.'); +// }); +// it('If proofConfig.type is not set to DataIntegrityProof and/or ' + +// 'proofConfig.cryptosuite is not set to ecdsa-sd-2023, ' + +// 'an error MUST be raised and SHOULD convey an error type of ' + +// 'PROOF_GENERATION_ERROR.', +// async function() { +// this.test.link = 'https://www.w3.org/TR/vc-di-ecdsa/#proof-configuration-ecdsa-sd-2023'; +// const proof = proofExists(securedCredential); +// assertCryptosuiteProof(proof, 'ecdsa-sd-2023'); +// }); +// it('If proofConfig.created is set and if the value is not a ' + +// 'valid [XMLSCHEMA11-2] datetime, an error MUST be raised and ' + +// 'SHOULD convey an error type of PROOF_GENERATION_ERROR.', +// async function() { +// this.test.link = 'https://www.w3.org/TR/vc-di-ecdsa/#proof-configuration-ecdsa-sd-2023'; +// const proof = proofExists(securedCredential); +// if(proof?.created) { +// isValidDatetime(proof.created).should.equal( +// true, +// 'Expected created value to be a valid datetime string.' +// ); +// } +// }); +// }); +// } +// }); describe('Algorithms - Base Proof Serialization (ecdsa-sd-2023)', function() { setupReportableTestSuite(this); diff --git a/tests/95-functions-sd.js b/tests/95-functions-sd.js index 142b837..8a33fe3 100644 --- a/tests/95-functions-sd.js +++ b/tests/95-functions-sd.js @@ -3,20 +3,20 @@ * SPDX-License-Identifier: BSD-3-Clause */ import { - createDisclosedVc, - encodeSdDerivedProofValue, + // createDisclosedVc, + // encodeSdDerivedProofValue, generateCredential, - inspectSdBaseProofValue, - inspectSdDerivedProofValue, - proofExists, + // inspectSdBaseProofValue, + // inspectSdDerivedProofValue, + // proofExists, secureCredential, setupReportableTestSuite, setupRow, - verifyError, - verifySuccess + // verifyError, + // verifySuccess } from './helpers.js'; import chai from 'chai'; -import {ecdsaSdVectors} from './vectors.js'; +// import {ecdsaSdVectors} from './vectors.js'; import {endpoints} from 'vc-test-suite-implementations'; const should = chai.should(); @@ -30,15 +30,15 @@ const {match: issuers} = endpoints.filterByTag({ property: 'issuers' }); -const {match: holders} = endpoints.filterByTag({ - tags: cryptosuites, - property: 'vcHolders' -}); +// const {match: holders} = endpoints.filterByTag({ +// tags: cryptosuites, +// property: 'vcHolders' +// }); -const {match: verifiers} = endpoints.filterByTag({ - tags: cryptosuites, - property: 'verifiers' -}); +// const {match: verifiers} = endpoints.filterByTag({ +// tags: cryptosuites, +// property: 'verifiers' +// }); describe('Functions - Selective Disclosure', function() { setupReportableTestSuite(this); @@ -66,198 +66,199 @@ describe('Functions - Selective Disclosure', function() { } }); -describe('Functions - ecdsa-sd-2023', function() { - setupReportableTestSuite(this); - this.implemented = [...issuers.keys()]; - for(const [columnId, {endpoints}] of issuers) { - describe(columnId, function() { - const [issuer] = endpoints; - let holder = null; - if(holders.get(columnId)) { - [holder] = holders.get(columnId)?.endpoints; - } else { - } - let verifier = null; - if(verifiers.get(columnId)) { - [verifier] = verifiers.get(columnId)?.endpoints; - } else { - } - let securedCredential; - let disclosedCredential; - let validDerivedProof; - before(async function() { - securedCredential = await secureCredential( - {issuer, vc: generateCredential()}); - validDerivedProof = - structuredClone(ecdsaSdVectors.derivedProof); - }); - // 3.5.2 serializeBaseProofValue - it('CBOR-encode components per [RFC8949] where CBOR ' + - 'tagging MUST NOT be used on any of the components.', - async function() { - this.test.link = 'https://www.w3.org/TR/vc-di-ecdsa/#selective-disclosure-functions'; - const proof = proofExists(securedCredential); - const decodedProof = - await inspectSdBaseProofValue(proof); - should.exist(decodedProof, - 'Implementation must not use CBOR tagging.' - ); - }); - // 3.5.3 parseBaseProofValue - it('If the proofValue string does not start with u, ' + - 'indicating that it is a multibase-base64url-no-pad-encoded value, ' + - 'an error MUST be raised and SHOULD convey an error type of ' + - 'PROOF_VERIFICATION_ERROR.', - async function() { - this.test.link = 'https://www.w3.org/TR/vc-di-ecdsa/#selective-disclosure-functions'; - if(holder) { - const proof = proofExists(securedCredential); - should.exist(proof.proofValue, - 'Expected proof to have proofValue.'); - // Create negative fixture - const invalidBaseCredential = structuredClone(securedCredential); - invalidBaseCredential.proof.proofValue = - invalidBaseCredential.proof.proofValue.slice(1); - ({disclosedCredential} = await createDisclosedVc( - { - selectivePointers: ['/credentialSubject/id'], - signedCredential: invalidBaseCredential, - vcHolder: holder - })); - should.not.exist(disclosedCredential?.proof, - '"Derive" endpoint should reject proof without multibase indicator.' - ); - } else { - this.skip(); - } - }); - // 3.5.3 parseBaseProofValue - it('If the decodedProofValue does not start with the ' + - 'ECDSA-SD base proof header bytes 0xd9, 0x5d, ' + - 'and 0x00, an error MUST be raised and SHOULD ' + - 'convey an error type of PROOF_VERIFICATION_ERROR.', - async function() { - this.test.link = 'https://www.w3.org/TR/vc-di-ecdsa/#selective-disclosure-functions'; - if(holder) { - const proof = proofExists(securedCredential); - should.exist(proof.proofValue, - 'Expected proof to have proofValue.'); - // Create negative fixture - const invalidBaseCredential = structuredClone(securedCredential); - invalidBaseCredential.proof.proofValue = - invalidBaseCredential.proof.proofValue.slice(0, 1) + - invalidBaseCredential.proof.proofValue.slice(4); - ({disclosedCredential} = await createDisclosedVc( - { - selectivePointers: ['/credentialSubject/id'], - signedCredential: invalidBaseCredential, - vcHolder: holder - })); - should.not.exist(disclosedCredential?.proof, - '"Derive" endpoint should reject proof without header.' - ); - } else { - this.skip(); - } - }); - // 3.5.7 serializeDerivedProofValue - it('CBOR-encode components per [RFC8949] where CBOR ' + - 'tagging MUST NOT be used on any of the components.', - async function() { - this.test.link = 'https://www.w3.org/TR/vc-di-ecdsa/#selective-disclosure-functions'; - if(holder) { - ({disclosedCredential} = await createDisclosedVc( - { - selectivePointers: ['/credentialSubject/id'], - signedCredential: securedCredential, - vcHolder: holder - })); - const decodedDerivedProofValue = - await inspectSdDerivedProofValue(disclosedCredential.proof); - should.exist(decodedDerivedProofValue, - 'Implementation must not use CBOR tagging.' - ); - } else { - this.skip(); - } - }); - // 3.5.8 parseDerivedProofValue - it('If the proofValue string does not start with u, ' + - 'indicating that it is a multibase-base64url-no-pad-encoded ' + - 'value, an error MUST be raised and SHOULD convey an ' + - 'error type of PROOF_VERIFICATION_ERROR.', - async function() { - this.test.link = 'https://www.w3.org/TR/vc-di-ecdsa/#selective-disclosure-functions'; - if(verifier) { - await verifySuccess(verifier, validDerivedProof); - // Clone a valid proof and slice the multibase header - const invalidDerivedProof = - structuredClone(validDerivedProof); - invalidDerivedProof.proof.proofValue = - invalidDerivedProof.proof.proofValue.slice(1); - await verifyError(verifier, invalidDerivedProof); - } else { - this.skip(); - } - }); - // 3.5.8 parseDerivedProofValue - it('If the decodedProofValue does not start with the ECDSA-SD ' + - 'disclosure proof header bytes 0xd9, 0x5d, and 0x01, ' + - 'an error MUST be raised and SHOULD convey an error ' + - 'type of PROOF_VERIFICATION_ERROR.', - async function() { - this.test.link = 'https://www.w3.org/TR/vc-di-ecdsa/#selective-disclosure-functions'; - if(verifier) { - await verifySuccess(verifier, validDerivedProof); - // Clone a valid proof and slice the ECDSA-SD disclosure proof header - const invalidDerivedProof = - structuredClone(validDerivedProof); - invalidDerivedProof.proof.proofValue = - invalidDerivedProof.proof.proofValue.slice(0, 1) + - invalidDerivedProof.proof.proofValue.slice(4); - await verifyError(verifier, invalidDerivedProof); - } else { - this.skip(); - } - }); - // 3.5.8 parseDerivedProofValue - it('Initialize components to an array that is the result of ' + - 'CBOR-decoding the bytes that follow the three-byte ' + - 'ECDSA-SD disclosure proof header. If the result is ' + - 'not an array of the following five elements — a byte array ' + - 'of length 64; a byte array of length 36; an array of byte arrays, ' + - 'each of length 64; a map of integers to byte arrays, ' + - 'each of length 32; and an array of integers — ' + - 'an error MUST be raised and SHOULD convey an error type of ' + - 'PROOF_VERIFICATION_ERROR.', - async function() { - this.test.link = 'https://www.w3.org/TR/vc-di-ecdsa/#selective-disclosure-functions'; - if(verifier) { - const validDerivedProofValue = - await inspectSdDerivedProofValue(validDerivedProof.proof); +// TODO, these tests are not appearing in the report so commenting out +// describe('Functions - ecdsa-sd-2023', function() { +// setupReportableTestSuite(this); +// this.implemented = [...issuers.keys()]; +// for(const [columnId, {endpoints}] of issuers) { +// describe(columnId, function() { +// const [issuer] = endpoints; +// let holder = null; +// if(holders.get(columnId)) { +// [holder] = holders.get(columnId)?.endpoints; +// } else { +// } +// let verifier = null; +// if(verifiers.get(columnId)) { +// [verifier] = verifiers.get(columnId)?.endpoints; +// } else { +// } +// let securedCredential; +// let disclosedCredential; +// let validDerivedProof; +// before(async function() { +// securedCredential = await secureCredential( +// {issuer, vc: generateCredential()}); +// validDerivedProof = +// structuredClone(ecdsaSdVectors.derivedProof); +// }); +// // 3.5.2 serializeBaseProofValue +// it('CBOR-encode components per [RFC8949] where CBOR ' + +// 'tagging MUST NOT be used on any of the components.', +// async function() { +// this.test.link = 'https://www.w3.org/TR/vc-di-ecdsa/#selective-disclosure-functions'; +// const proof = proofExists(securedCredential); +// const decodedProof = +// await inspectSdBaseProofValue(proof); +// should.exist(decodedProof, +// 'Implementation must not use CBOR tagging.' +// ); +// }); +// // 3.5.3 parseBaseProofValue +// it('If the proofValue string does not start with u, ' + +// 'indicating that it is a multibase-base64url-no-pad-encoded value, ' + +// 'an error MUST be raised and SHOULD convey an error type of ' + +// 'PROOF_VERIFICATION_ERROR.', +// async function() { +// this.test.link = 'https://www.w3.org/TR/vc-di-ecdsa/#selective-disclosure-functions'; +// if(holder) { +// const proof = proofExists(securedCredential); +// should.exist(proof.proofValue, +// 'Expected proof to have proofValue.'); +// // Create negative fixture +// const invalidBaseCredential = structuredClone(securedCredential); +// invalidBaseCredential.proof.proofValue = +// invalidBaseCredential.proof.proofValue.slice(1); +// ({disclosedCredential} = await createDisclosedVc( +// { +// selectivePointers: ['/credentialSubject/id'], +// signedCredential: invalidBaseCredential, +// vcHolder: holder +// })); +// should.not.exist(disclosedCredential?.proof, +// '"Derive" endpoint should reject proof without multibase indicator.' +// ); +// } else { +// this.skip(); +// } +// }); +// // 3.5.3 parseBaseProofValue +// it('If the decodedProofValue does not start with the ' + +// 'ECDSA-SD base proof header bytes 0xd9, 0x5d, ' + +// 'and 0x00, an error MUST be raised and SHOULD ' + +// 'convey an error type of PROOF_VERIFICATION_ERROR.', +// async function() { +// this.test.link = 'https://www.w3.org/TR/vc-di-ecdsa/#selective-disclosure-functions'; +// if(holder) { +// const proof = proofExists(securedCredential); +// should.exist(proof.proofValue, +// 'Expected proof to have proofValue.'); +// // Create negative fixture +// const invalidBaseCredential = structuredClone(securedCredential); +// invalidBaseCredential.proof.proofValue = +// invalidBaseCredential.proof.proofValue.slice(0, 1) + +// invalidBaseCredential.proof.proofValue.slice(4); +// ({disclosedCredential} = await createDisclosedVc( +// { +// selectivePointers: ['/credentialSubject/id'], +// signedCredential: invalidBaseCredential, +// vcHolder: holder +// })); +// should.not.exist(disclosedCredential?.proof, +// '"Derive" endpoint should reject proof without header.' +// ); +// } else { +// this.skip(); +// } +// }); +// // 3.5.7 serializeDerivedProofValue +// it('CBOR-encode components per [RFC8949] where CBOR ' + +// 'tagging MUST NOT be used on any of the components.', +// async function() { +// this.test.link = 'https://www.w3.org/TR/vc-di-ecdsa/#selective-disclosure-functions'; +// if(holder) { +// ({disclosedCredential} = await createDisclosedVc( +// { +// selectivePointers: ['/credentialSubject/id'], +// signedCredential: securedCredential, +// vcHolder: holder +// })); +// const decodedDerivedProofValue = +// await inspectSdDerivedProofValue(disclosedCredential.proof); +// should.exist(decodedDerivedProofValue, +// 'Implementation must not use CBOR tagging.' +// ); +// } else { +// this.skip(); +// } +// }); +// // 3.5.8 parseDerivedProofValue +// it('If the proofValue string does not start with u, ' + +// 'indicating that it is a multibase-base64url-no-pad-encoded ' + +// 'value, an error MUST be raised and SHOULD convey an ' + +// 'error type of PROOF_VERIFICATION_ERROR.', +// async function() { +// this.test.link = 'https://www.w3.org/TR/vc-di-ecdsa/#selective-disclosure-functions'; +// if(verifier) { +// await verifySuccess(verifier, validDerivedProof); +// // Clone a valid proof and slice the multibase header +// const invalidDerivedProof = +// structuredClone(validDerivedProof); +// invalidDerivedProof.proof.proofValue = +// invalidDerivedProof.proof.proofValue.slice(1); +// await verifyError(verifier, invalidDerivedProof); +// } else { +// this.skip(); +// } +// }); +// // 3.5.8 parseDerivedProofValue +// it('If the decodedProofValue does not start with the ECDSA-SD ' + +// 'disclosure proof header bytes 0xd9, 0x5d, and 0x01, ' + +// 'an error MUST be raised and SHOULD convey an error ' + +// 'type of PROOF_VERIFICATION_ERROR.', +// async function() { +// this.test.link = 'https://www.w3.org/TR/vc-di-ecdsa/#selective-disclosure-functions'; +// if(verifier) { +// await verifySuccess(verifier, validDerivedProof); +// // Clone a valid proof and slice the ECDSA-SD disclosure proof header +// const invalidDerivedProof = +// structuredClone(validDerivedProof); +// invalidDerivedProof.proof.proofValue = +// invalidDerivedProof.proof.proofValue.slice(0, 1) + +// invalidDerivedProof.proof.proofValue.slice(4); +// await verifyError(verifier, invalidDerivedProof); +// } else { +// this.skip(); +// } +// }); +// // 3.5.8 parseDerivedProofValue +// it('Initialize components to an array that is the result of ' + +// 'CBOR-decoding the bytes that follow the three-byte ' + +// 'ECDSA-SD disclosure proof header. If the result is ' + +// 'not an array of the following five elements — a byte array ' + +// 'of length 64; a byte array of length 36; an array of byte arrays, ' + +// 'each of length 64; a map of integers to byte arrays, ' + +// 'each of length 32; and an array of integers — ' + +// 'an error MUST be raised and SHOULD convey an error type of ' + +// 'PROOF_VERIFICATION_ERROR.', +// async function() { +// this.test.link = 'https://www.w3.org/TR/vc-di-ecdsa/#selective-disclosure-functions'; +// if(verifier) { +// const validDerivedProofValue = +// await inspectSdDerivedProofValue(validDerivedProof.proof); - // Create invalid bodies for negative tests - let invalidDerivedProof = structuredClone(validDerivedProof); - const invalidDerivedProofValue = - structuredClone(validDerivedProofValue); +// // Create invalid bodies for negative tests +// let invalidDerivedProof = structuredClone(validDerivedProof); +// const invalidDerivedProofValue = +// structuredClone(validDerivedProofValue); - // add a non bytearray element in the labelMap array - invalidDerivedProof = structuredClone(validDerivedProof); - invalidDerivedProofValue.labelMap.push = 'not a bytearray'; - invalidDerivedProof.proof = - encodeSdDerivedProofValue(invalidDerivedProof); - await verifyError(verifier, invalidDerivedProof); +// // add a non bytearray element in the labelMap array +// invalidDerivedProof = structuredClone(validDerivedProof); +// invalidDerivedProofValue.labelMap.push = 'not a bytearray'; +// invalidDerivedProof.proof = +// encodeSdDerivedProofValue(invalidDerivedProof); +// await verifyError(verifier, invalidDerivedProof); - // replace an integer with a string in the mandatoryIndexes array - invalidDerivedProof = structuredClone(validDerivedProof); - invalidDerivedProofValue.mandatoryIndexes[0] = '0'; - invalidDerivedProof.proof = - encodeSdDerivedProofValue(invalidDerivedProof); - await verifyError(verifier, invalidDerivedProof); - } else { - this.skip(); - } - }); - }); - } -}); +// // replace an integer with a string in the mandatoryIndexes array +// invalidDerivedProof = structuredClone(validDerivedProof); +// invalidDerivedProofValue.mandatoryIndexes[0] = '0'; +// invalidDerivedProof.proof = +// encodeSdDerivedProofValue(invalidDerivedProof); +// await verifyError(verifier, invalidDerivedProof); +// } else { +// this.skip(); +// } +// }); +// }); +// } +// }); From 0c348bed19de4ec0b7372d0be3a21b83f38349e5 Mon Sep 17 00:00:00 2001 From: PatStLouis Date: Thu, 6 Mar 2025 21:01:13 +0000 Subject: [PATCH 2/3] enable verifier tests Signed-off-by: PatStLouis --- tests/95-functions-sd.js | 392 +++++++++++++++++++-------------------- 1 file changed, 188 insertions(+), 204 deletions(-) diff --git a/tests/95-functions-sd.js b/tests/95-functions-sd.js index 8a33fe3..c30a917 100644 --- a/tests/95-functions-sd.js +++ b/tests/95-functions-sd.js @@ -4,19 +4,19 @@ */ import { // createDisclosedVc, - // encodeSdDerivedProofValue, + encodeSdDerivedProofValue, generateCredential, - // inspectSdBaseProofValue, - // inspectSdDerivedProofValue, - // proofExists, + inspectSdBaseProofValue, + inspectSdDerivedProofValue, + proofExists, secureCredential, setupReportableTestSuite, setupRow, - // verifyError, - // verifySuccess + verifyError, + verifySuccess } from './helpers.js'; import chai from 'chai'; -// import {ecdsaSdVectors} from './vectors.js'; +import {ecdsaSdVectors} from './vectors.js'; import {endpoints} from 'vc-test-suite-implementations'; const should = chai.should(); @@ -35,10 +35,10 @@ const {match: issuers} = endpoints.filterByTag({ // property: 'vcHolders' // }); -// const {match: verifiers} = endpoints.filterByTag({ -// tags: cryptosuites, -// property: 'verifiers' -// }); +const {match: verifiers} = endpoints.filterByTag({ + tags: cryptosuites, + property: 'verifiers' +}); describe('Functions - Selective Disclosure', function() { setupReportableTestSuite(this); @@ -66,199 +66,183 @@ describe('Functions - Selective Disclosure', function() { } }); -// TODO, these tests are not appearing in the report so commenting out -// describe('Functions - ecdsa-sd-2023', function() { -// setupReportableTestSuite(this); -// this.implemented = [...issuers.keys()]; -// for(const [columnId, {endpoints}] of issuers) { -// describe(columnId, function() { -// const [issuer] = endpoints; -// let holder = null; -// if(holders.get(columnId)) { -// [holder] = holders.get(columnId)?.endpoints; -// } else { -// } -// let verifier = null; -// if(verifiers.get(columnId)) { -// [verifier] = verifiers.get(columnId)?.endpoints; -// } else { -// } -// let securedCredential; -// let disclosedCredential; -// let validDerivedProof; -// before(async function() { -// securedCredential = await secureCredential( -// {issuer, vc: generateCredential()}); -// validDerivedProof = -// structuredClone(ecdsaSdVectors.derivedProof); -// }); -// // 3.5.2 serializeBaseProofValue -// it('CBOR-encode components per [RFC8949] where CBOR ' + -// 'tagging MUST NOT be used on any of the components.', -// async function() { -// this.test.link = 'https://www.w3.org/TR/vc-di-ecdsa/#selective-disclosure-functions'; -// const proof = proofExists(securedCredential); -// const decodedProof = -// await inspectSdBaseProofValue(proof); -// should.exist(decodedProof, -// 'Implementation must not use CBOR tagging.' -// ); -// }); -// // 3.5.3 parseBaseProofValue -// it('If the proofValue string does not start with u, ' + -// 'indicating that it is a multibase-base64url-no-pad-encoded value, ' + -// 'an error MUST be raised and SHOULD convey an error type of ' + -// 'PROOF_VERIFICATION_ERROR.', -// async function() { -// this.test.link = 'https://www.w3.org/TR/vc-di-ecdsa/#selective-disclosure-functions'; -// if(holder) { -// const proof = proofExists(securedCredential); -// should.exist(proof.proofValue, -// 'Expected proof to have proofValue.'); -// // Create negative fixture -// const invalidBaseCredential = structuredClone(securedCredential); -// invalidBaseCredential.proof.proofValue = -// invalidBaseCredential.proof.proofValue.slice(1); -// ({disclosedCredential} = await createDisclosedVc( -// { -// selectivePointers: ['/credentialSubject/id'], -// signedCredential: invalidBaseCredential, -// vcHolder: holder -// })); -// should.not.exist(disclosedCredential?.proof, -// '"Derive" endpoint should reject proof without multibase indicator.' -// ); -// } else { -// this.skip(); -// } -// }); -// // 3.5.3 parseBaseProofValue -// it('If the decodedProofValue does not start with the ' + -// 'ECDSA-SD base proof header bytes 0xd9, 0x5d, ' + -// 'and 0x00, an error MUST be raised and SHOULD ' + -// 'convey an error type of PROOF_VERIFICATION_ERROR.', -// async function() { -// this.test.link = 'https://www.w3.org/TR/vc-di-ecdsa/#selective-disclosure-functions'; -// if(holder) { -// const proof = proofExists(securedCredential); -// should.exist(proof.proofValue, -// 'Expected proof to have proofValue.'); -// // Create negative fixture -// const invalidBaseCredential = structuredClone(securedCredential); -// invalidBaseCredential.proof.proofValue = -// invalidBaseCredential.proof.proofValue.slice(0, 1) + -// invalidBaseCredential.proof.proofValue.slice(4); -// ({disclosedCredential} = await createDisclosedVc( -// { -// selectivePointers: ['/credentialSubject/id'], -// signedCredential: invalidBaseCredential, -// vcHolder: holder -// })); -// should.not.exist(disclosedCredential?.proof, -// '"Derive" endpoint should reject proof without header.' -// ); -// } else { -// this.skip(); -// } -// }); -// // 3.5.7 serializeDerivedProofValue -// it('CBOR-encode components per [RFC8949] where CBOR ' + -// 'tagging MUST NOT be used on any of the components.', -// async function() { -// this.test.link = 'https://www.w3.org/TR/vc-di-ecdsa/#selective-disclosure-functions'; -// if(holder) { -// ({disclosedCredential} = await createDisclosedVc( -// { -// selectivePointers: ['/credentialSubject/id'], -// signedCredential: securedCredential, -// vcHolder: holder -// })); -// const decodedDerivedProofValue = -// await inspectSdDerivedProofValue(disclosedCredential.proof); -// should.exist(decodedDerivedProofValue, -// 'Implementation must not use CBOR tagging.' -// ); -// } else { -// this.skip(); -// } -// }); -// // 3.5.8 parseDerivedProofValue -// it('If the proofValue string does not start with u, ' + -// 'indicating that it is a multibase-base64url-no-pad-encoded ' + -// 'value, an error MUST be raised and SHOULD convey an ' + -// 'error type of PROOF_VERIFICATION_ERROR.', -// async function() { -// this.test.link = 'https://www.w3.org/TR/vc-di-ecdsa/#selective-disclosure-functions'; -// if(verifier) { -// await verifySuccess(verifier, validDerivedProof); -// // Clone a valid proof and slice the multibase header -// const invalidDerivedProof = -// structuredClone(validDerivedProof); -// invalidDerivedProof.proof.proofValue = -// invalidDerivedProof.proof.proofValue.slice(1); -// await verifyError(verifier, invalidDerivedProof); -// } else { -// this.skip(); -// } -// }); -// // 3.5.8 parseDerivedProofValue -// it('If the decodedProofValue does not start with the ECDSA-SD ' + -// 'disclosure proof header bytes 0xd9, 0x5d, and 0x01, ' + -// 'an error MUST be raised and SHOULD convey an error ' + -// 'type of PROOF_VERIFICATION_ERROR.', -// async function() { -// this.test.link = 'https://www.w3.org/TR/vc-di-ecdsa/#selective-disclosure-functions'; -// if(verifier) { -// await verifySuccess(verifier, validDerivedProof); -// // Clone a valid proof and slice the ECDSA-SD disclosure proof header -// const invalidDerivedProof = -// structuredClone(validDerivedProof); -// invalidDerivedProof.proof.proofValue = -// invalidDerivedProof.proof.proofValue.slice(0, 1) + -// invalidDerivedProof.proof.proofValue.slice(4); -// await verifyError(verifier, invalidDerivedProof); -// } else { -// this.skip(); -// } -// }); -// // 3.5.8 parseDerivedProofValue -// it('Initialize components to an array that is the result of ' + -// 'CBOR-decoding the bytes that follow the three-byte ' + -// 'ECDSA-SD disclosure proof header. If the result is ' + -// 'not an array of the following five elements — a byte array ' + -// 'of length 64; a byte array of length 36; an array of byte arrays, ' + -// 'each of length 64; a map of integers to byte arrays, ' + -// 'each of length 32; and an array of integers — ' + -// 'an error MUST be raised and SHOULD convey an error type of ' + -// 'PROOF_VERIFICATION_ERROR.', -// async function() { -// this.test.link = 'https://www.w3.org/TR/vc-di-ecdsa/#selective-disclosure-functions'; -// if(verifier) { -// const validDerivedProofValue = -// await inspectSdDerivedProofValue(validDerivedProof.proof); +describe('Functions - ecdsa-sd-2023', function() { + setupReportableTestSuite(this); + this.implemented = [...issuers.keys()]; + for(const [columnId, {endpoints}] of issuers) { + describe(columnId, function() { + const [issuer] = endpoints; + const [verifier] = verifiers.get(columnId)?.endpoints; + // let holder = null; + // if(holders.get(columnId)) { + // [holder] = holders.get(columnId)?.endpoints; + // } else { + // } + let securedCredential; + // let disclosedCredential; + let validDerivedProof; + beforeEach(setupRow); + before(async function() { + securedCredential = await secureCredential( + {issuer, vc: generateCredential()}); + validDerivedProof = + structuredClone(ecdsaSdVectors.derivedProof); + }); + // 3.5.2 serializeBaseProofValue + it('CBOR-encode components per [RFC8949] where CBOR ' + + 'tagging MUST NOT be used on any of the components.', + async function() { + this.test.link = 'https://www.w3.org/TR/vc-di-ecdsa/#selective-disclosure-functions'; + const proof = proofExists(securedCredential); + const decodedProof = + await inspectSdBaseProofValue(proof); + should.exist(decodedProof, + 'Implementation must not use CBOR tagging.' + ); + }); + // 3.5.3 parseBaseProofValue + // it('If the proofValue string does not start with u, ' + + // 'indicating that it is a multibase-base64url-no-pad-encoded value, ' + + // 'an error MUST be raised and SHOULD convey an error type of ' + + // 'PROOF_VERIFICATION_ERROR.', + // async function() { + // this.test.link = 'https://www.w3.org/TR/vc-di-ecdsa/#selective-disclosure-functions'; + // if(holder) { + // const proof = proofExists(securedCredential); + // should.exist(proof.proofValue, + // 'Expected proof to have proofValue.'); + // // Create negative fixture + // const invalidBaseCredential = structuredClone(securedCredential); + // invalidBaseCredential.proof.proofValue = + // invalidBaseCredential.proof.proofValue.slice(1); + // ({disclosedCredential} = await createDisclosedVc( + // { + // selectivePointers: ['/credentialSubject/id'], + // signedCredential: invalidBaseCredential, + // vcHolder: holder + // })); + // should.not.exist(disclosedCredential?.proof, + // '"Derive" endpoint should reject proof without multibase indicator.' + // ); + // } else { + // this.skip(); + // } + // }); + // 3.5.3 parseBaseProofValue + // it('If the decodedProofValue does not start with the ' + + // 'ECDSA-SD base proof header bytes 0xd9, 0x5d, ' + + // 'and 0x00, an error MUST be raised and SHOULD ' + + // 'convey an error type of PROOF_VERIFICATION_ERROR.', + // async function() { + // this.test.link = 'https://www.w3.org/TR/vc-di-ecdsa/#selective-disclosure-functions'; + // if(holder) { + // const proof = proofExists(securedCredential); + // should.exist(proof.proofValue, + // 'Expected proof to have proofValue.'); + // // Create negative fixture + // const invalidBaseCredential = structuredClone(securedCredential); + // invalidBaseCredential.proof.proofValue = + // invalidBaseCredential.proof.proofValue.slice(0, 1) + + // invalidBaseCredential.proof.proofValue.slice(4); + // ({disclosedCredential} = await createDisclosedVc( + // { + // selectivePointers: ['/credentialSubject/id'], + // signedCredential: invalidBaseCredential, + // vcHolder: holder + // })); + // should.not.exist(disclosedCredential?.proof, + // '"Derive" endpoint should reject proof without header.' + // ); + // } else { + // this.skip(); + // } + // }); + // 3.5.7 serializeDerivedProofValue + // it('CBOR-encode components per [RFC8949] where CBOR ' + + // 'tagging MUST NOT be used on any of the components.', + // async function() { + // this.test.link = 'https://www.w3.org/TR/vc-di-ecdsa/#selective-disclosure-functions'; + // if(holder) { + // ({disclosedCredential} = await createDisclosedVc( + // { + // selectivePointers: ['/credentialSubject/id'], + // signedCredential: securedCredential, + // vcHolder: holder + // })); + // const decodedDerivedProofValue = + // await inspectSdDerivedProofValue(disclosedCredential.proof); + // should.exist(decodedDerivedProofValue, + // 'Implementation must not use CBOR tagging.' + // ); + // } else { + // this.skip(); + // } + // }); + // 3.5.8 parseDerivedProofValue + it('If the proofValue string does not start with u, ' + + 'indicating that it is a multibase-base64url-no-pad-encoded ' + + 'value, an error MUST be raised and SHOULD convey an ' + + 'error type of PROOF_VERIFICATION_ERROR.', + async function() { + this.test.link = 'https://www.w3.org/TR/vc-di-ecdsa/#selective-disclosure-functions'; + await verifySuccess(verifier, validDerivedProof); + // Clone a valid proof and slice the multibase header + const invalidDerivedProof = + structuredClone(validDerivedProof); + invalidDerivedProof.proof.proofValue = + invalidDerivedProof.proof.proofValue.slice(1); + await verifyError(verifier, invalidDerivedProof); + }); + // 3.5.8 parseDerivedProofValue + it('If the decodedProofValue does not start with the ECDSA-SD ' + + 'disclosure proof header bytes 0xd9, 0x5d, and 0x01, ' + + 'an error MUST be raised and SHOULD convey an error ' + + 'type of PROOF_VERIFICATION_ERROR.', + async function() { + this.test.link = 'https://www.w3.org/TR/vc-di-ecdsa/#selective-disclosure-functions'; + await verifySuccess(verifier, validDerivedProof); + // Clone a valid proof and slice the ECDSA-SD disclosure proof header + const invalidDerivedProof = + structuredClone(validDerivedProof); + invalidDerivedProof.proof.proofValue = + invalidDerivedProof.proof.proofValue.slice(0, 1) + + invalidDerivedProof.proof.proofValue.slice(4); + await verifyError(verifier, invalidDerivedProof); + }); + // 3.5.8 parseDerivedProofValue + it('Initialize components to an array that is the result of ' + + 'CBOR-decoding the bytes that follow the three-byte ' + + 'ECDSA-SD disclosure proof header. If the result is ' + + 'not an array of the following five elements — a byte array ' + + 'of length 64; a byte array of length 36; an array of byte arrays, ' + + 'each of length 64; a map of integers to byte arrays, ' + + 'each of length 32; and an array of integers — ' + + 'an error MUST be raised and SHOULD convey an error type of ' + + 'PROOF_VERIFICATION_ERROR.', + async function() { + this.test.link = 'https://www.w3.org/TR/vc-di-ecdsa/#selective-disclosure-functions'; + const validDerivedProofValue = + await inspectSdDerivedProofValue(validDerivedProof.proof); -// // Create invalid bodies for negative tests -// let invalidDerivedProof = structuredClone(validDerivedProof); -// const invalidDerivedProofValue = -// structuredClone(validDerivedProofValue); + // Create invalid bodies for negative tests + let invalidDerivedProof = structuredClone(validDerivedProof); + const invalidDerivedProofValue = + structuredClone(validDerivedProofValue); -// // add a non bytearray element in the labelMap array -// invalidDerivedProof = structuredClone(validDerivedProof); -// invalidDerivedProofValue.labelMap.push = 'not a bytearray'; -// invalidDerivedProof.proof = -// encodeSdDerivedProofValue(invalidDerivedProof); -// await verifyError(verifier, invalidDerivedProof); + // add a non bytearray element in the labelMap array + invalidDerivedProof = structuredClone(validDerivedProof); + invalidDerivedProofValue.labelMap.push = 'not a bytearray'; + invalidDerivedProof.proof = + encodeSdDerivedProofValue(invalidDerivedProof); + await verifyError(verifier, invalidDerivedProof); -// // replace an integer with a string in the mandatoryIndexes array -// invalidDerivedProof = structuredClone(validDerivedProof); -// invalidDerivedProofValue.mandatoryIndexes[0] = '0'; -// invalidDerivedProof.proof = -// encodeSdDerivedProofValue(invalidDerivedProof); -// await verifyError(verifier, invalidDerivedProof); -// } else { -// this.skip(); -// } -// }); -// }); -// } -// }); + // replace an integer with a string in the mandatoryIndexes array + invalidDerivedProof = structuredClone(validDerivedProof); + invalidDerivedProofValue.mandatoryIndexes[0] = '0'; + invalidDerivedProof.proof = + encodeSdDerivedProofValue(invalidDerivedProof); + await verifyError(verifier, invalidDerivedProof); + }); + }); + } +}); From 4504f498e6663434012a6c418805546a439dff26 Mon Sep 17 00:00:00 2001 From: PatStLouis Date: Thu, 6 Mar 2025 22:00:41 +0000 Subject: [PATCH 3/3] change test description for base proof config Signed-off-by: PatStLouis --- tests/90-algorithms-sd.js | 104 +++++++++++++++++++------------------- 1 file changed, 52 insertions(+), 52 deletions(-) diff --git a/tests/90-algorithms-sd.js b/tests/90-algorithms-sd.js index cf1aa56..ce9ee22 100644 --- a/tests/90-algorithms-sd.js +++ b/tests/90-algorithms-sd.js @@ -4,7 +4,7 @@ */ import { assertAllUtf8, - // assertCryptosuiteProof, + assertCryptosuiteProof, assertDataIntegrityProof } from './assertions.js'; import { @@ -12,7 +12,7 @@ import { generateCredential, inspectSdBaseProofValue, inspectSdDerivedProofValue, - // isValidDatetime, + isValidDatetime, proofExists, secureCredential, setupReportableTestSuite, @@ -139,56 +139,56 @@ describe('Algorithms - Base Proof Transformation (ecdsa-sd-2023)', function() { } }); -// TODO, these tests are not appearing in the report so commenting out -// describe('Algorithms - Base Proof Configuration (ecdsa-sd-2023)', -// function() { -// setupReportableTestSuite(this); -// this.implemented = [...issuers.keys()]; -// for(const [columnId, {endpoints}] of issuers) { -// describe(columnId, function() { -// const [issuer] = endpoints; -// let securedCredential; -// before(async function() { -// const mandatoryPointers = ['/credentialSubject/name']; -// securedCredential = await secureCredential( -// {issuer, vc: generateCredential(), mandatoryPointers}); -// }); -// it('The proof options MUST contain a type identifier for the ' + -// 'cryptographic suite (type) and MUST contain a cryptosuite ' + -// 'identifier (cryptosuite).', -// async function() { -// this.test.link = 'https://www.w3.org/TR/vc-di-ecdsa/#proof-configuration-ecdsa-sd-2023'; -// const proof = proofExists(securedCredential); -// should.exist(proof.type, -// 'Expected a type identifier on the proof.'); -// should.exist(proof.cryptosuite, -// 'Expected a cryptosuite identifier on the proof.'); -// }); -// it('If proofConfig.type is not set to DataIntegrityProof and/or ' + -// 'proofConfig.cryptosuite is not set to ecdsa-sd-2023, ' + -// 'an error MUST be raised and SHOULD convey an error type of ' + -// 'PROOF_GENERATION_ERROR.', -// async function() { -// this.test.link = 'https://www.w3.org/TR/vc-di-ecdsa/#proof-configuration-ecdsa-sd-2023'; -// const proof = proofExists(securedCredential); -// assertCryptosuiteProof(proof, 'ecdsa-sd-2023'); -// }); -// it('If proofConfig.created is set and if the value is not a ' + -// 'valid [XMLSCHEMA11-2] datetime, an error MUST be raised and ' + -// 'SHOULD convey an error type of PROOF_GENERATION_ERROR.', -// async function() { -// this.test.link = 'https://www.w3.org/TR/vc-di-ecdsa/#proof-configuration-ecdsa-sd-2023'; -// const proof = proofExists(securedCredential); -// if(proof?.created) { -// isValidDatetime(proof.created).should.equal( -// true, -// 'Expected created value to be a valid datetime string.' -// ); -// } -// }); -// }); -// } -// }); +describe('Algorithms - Base Proof Configuration', + function() { + setupReportableTestSuite(this); + this.implemented = [...issuers.keys()]; + for(const [columnId, {endpoints}] of issuers) { + describe(columnId, function() { + const [issuer] = endpoints; + let securedCredential; + before(async function() { + const mandatoryPointers = ['/credentialSubject/name']; + securedCredential = await secureCredential( + {issuer, vc: generateCredential(), mandatoryPointers}); + }); + beforeEach(setupRow); + it('The proof options MUST contain a type identifier for the ' + + 'cryptographic suite (type) and MUST contain a cryptosuite ' + + 'identifier (cryptosuite).', + async function() { + this.test.link = 'https://www.w3.org/TR/vc-di-ecdsa/#proof-configuration-ecdsa-sd-2023'; + const proof = proofExists(securedCredential); + should.exist(proof.type, + 'Expected a type identifier on the proof.'); + should.exist(proof.cryptosuite, + 'Expected a cryptosuite identifier on the proof.'); + }); + it('If proofConfig.type is not set to DataIntegrityProof and/or ' + + 'proofConfig.cryptosuite is not set to ecdsa-sd-2023, ' + + 'an error MUST be raised and SHOULD convey an error type of ' + + 'PROOF_GENERATION_ERROR.', + async function() { + this.test.link = 'https://www.w3.org/TR/vc-di-ecdsa/#proof-configuration-ecdsa-sd-2023'; + const proof = proofExists(securedCredential); + assertCryptosuiteProof(proof, 'ecdsa-sd-2023'); + }); + it('If proofConfig.created is set and if the value is not a ' + + 'valid [XMLSCHEMA11-2] datetime, an error MUST be raised and ' + + 'SHOULD convey an error type of PROOF_GENERATION_ERROR.', + async function() { + this.test.link = 'https://www.w3.org/TR/vc-di-ecdsa/#proof-configuration-ecdsa-sd-2023'; + const proof = proofExists(securedCredential); + if(proof?.created) { + isValidDatetime(proof.created).should.equal( + true, + 'Expected created value to be a valid datetime string.' + ); + } + }); + }); + } + }); describe('Algorithms - Base Proof Serialization (ecdsa-sd-2023)', function() { setupReportableTestSuite(this);