Skip to content

Commit

Permalink
feat: add support for data-integrity migration (#1831)
Browse files Browse the repository at this point in the history
  • Loading branch information
skynet2 authored Jan 7, 2025
1 parent fba3ae6 commit e5030f3
Show file tree
Hide file tree
Showing 2 changed files with 33 additions and 4 deletions.
16 changes: 12 additions & 4 deletions pkg/doc/vc/crypto/dataIntegrity.go
Original file line number Diff line number Diff line change
Expand Up @@ -20,7 +20,8 @@ import (
)

const (
dataIntegrityProofContext = "https://w3id.org/security/data-integrity/v2"
dataIntegrityProofContextV1 = "https://w3id.org/security/data-integrity/v1"
dataIntegrityProofContextV2 = "https://w3id.org/security/data-integrity/v2"
)

// signCredentialLDP adds verifiable.DataIntegrityProofContext to the VC.
Expand Down Expand Up @@ -68,9 +69,16 @@ func (c *Crypto) signCredentialLDPDataIntegrity(signerData *vc.Signer,
}

// Update VC context for Data Integrity.
if !lo.Contains(vc.Contents().Context, verifiable.V2ContextURI) { // for v2 its already embedded
if !lo.Contains(vc.Contents().Context, dataIntegrityProofContext) {
vc = vc.WithModifiedContext(append(vc.Contents().Context, dataIntegrityProofContext))
contexts := vc.Contents().Context
if !lo.Contains(contexts, verifiable.V2ContextURI) { // for v2 its already embedded
if lo.Contains(contexts, dataIntegrityProofContextV1) { // backward compatibility. Migrate old creds to v2
contexts = lo.Filter(contexts, func(s string, _ int) bool {
return s != dataIntegrityProofContextV1
})
}

if !lo.Contains(contexts, dataIntegrityProofContextV2) {
vc = vc.WithModifiedContext(append(contexts, dataIntegrityProofContextV2))
}
}

Expand Down
21 changes: 21 additions & 0 deletions pkg/doc/vc/crypto/dataIntegrity_test.go
Original file line number Diff line number Diff line change
Expand Up @@ -101,6 +101,27 @@ func TestCrypto_SignCredentialLDPDataIntegrity(t *testing.T) { //nolint:gocognit
require.NotEmpty(t, signedVC.Proofs()[0]["proofValue"])
})

t.Run("Success with v1 migration", func(t *testing.T) {
unsignedVc = unsignedVc.WithModifiedContext(
append(unsignedVc.Contents().Context, dataIntegrityProofContextV1),
)

signedVC, err := c.signCredentialLDPDataIntegrity(testSigner, unsignedVc)
require.NoError(t, err)
require.Equal(t, 1, len(signedVC.Proofs()))

require.Equal(t, "DataIntegrityProof", signedVC.Proofs()[0]["type"])
require.Equal(t, "ecdsa-2019", signedVC.Proofs()[0]["cryptosuite"])
require.Equal(t, "#key1", signedVC.Proofs()[0]["verificationMethod"])
require.Equal(t, "assertionMethod", signedVC.Proofs()[0]["proofPurpose"])
require.Empty(t, signedVC.Proofs()[0]["challenge"])
require.Empty(t, signedVC.Proofs()[0]["domain"])
require.NotEmpty(t, signedVC.Proofs()[0]["proofValue"])

require.NotContains(t, signedVC.Contents().Context, dataIntegrityProofContextV1)
require.Contains(t, signedVC.Contents().Context, dataIntegrityProofContextV2)
})

t.Run("Success ecdsa-rdfc-2019", func(t *testing.T) {
legacySigner := getTestLDPDataIntegritySigner(
ecdsa2019.SuiteTypeNew,
Expand Down

0 comments on commit e5030f3

Please sign in to comment.