test: check that existing P-256 publicKeyHex keys can be recomputed

decentralized-identity · Feb 24, 2023 · 7be8f0b · 7be8f0b
1 parent 22648aa
commit 7be8f0b
Show file tree

Hide file tree

Showing 7 changed files with 118 additions and 9 deletions.
diff --git a/__tests__/data.migration.test.ts b/__tests__/data.migration.test.ts
@@ -0,0 +1,106 @@
+// noinspection ES6PreferShortImport
+
+import { KeyManagementSystem, SecretBox } from '../packages/kms-local/src'
+import { Entities, KeyStore, migrations, PrivateKeyStore, } from '../packages/data-store/src'
+import { PrivateKeyStoreJson } from '../packages/data-store-json/src'
+
+import { DataSource } from 'typeorm'
+import * as fs from 'fs'
+
+import { jest } from '@jest/globals'
+import { fileURLToPath } from 'url'
+import { dirname } from 'path'
+
+// @ts-ignore TS1343
+const __filename = fileURLToPath(import.meta.url)
+const __dirname = dirname(__filename)
+
+jest.setTimeout(60000)
+
+const dbEncryptionKey = '29739248cad1bd1a0fc4d9b75cd4d2990de535baf5caadfdf8d8f86664aa830c'
+
+describe('data handling tests', () => {
+  describe('can recompute p256 keys from old database', () => {
+    const fixture = __dirname + '/fixtures/local-database-before-p256key-migration.sqlite'
+    const databaseFile = fixture + '.tmp'
+    // intentionally using DataSource instead of Promise<DataSource> to test compatibility
+    let dbConnection: DataSource
+
+    beforeAll(async () => {
+      await fs.promises.copyFile(fixture, databaseFile)
+      dbConnection = new DataSource({
+        name: 'test',
+        type: 'sqlite',
+        database: databaseFile,
+        synchronize: false,
+        migrations: migrations,
+        migrationsRun: true,
+        logging: false,
+        entities: Entities,
+      })
+    })
+
+    afterAll(async () => {
+      await dbConnection.destroy()
+      await fs.promises.unlink(databaseFile)
+    })
+
+    it('should recompute p256 keys', async () => {
+      const kmsLocal = new KeyManagementSystem(
+        new PrivateKeyStore(dbConnection, new SecretBox(dbEncryptionKey)),
+      )
+      const managedKeyStore = new KeyStore(dbConnection)
+      // list known private keys. kms-local will compute the correct public keys
+      const allPrivKeys = await kmsLocal.listKeys()
+      const keyIds: string[] = []
+      for (const privKey of allPrivKeys) {
+        if (privKey.type === 'Secp256r1') {
+          const managedKey = await managedKeyStore.getKey({ kid: privKey.kid })
+          if (managedKey.publicKeyHex.length === 64) {
+            keyIds.push(privKey.kid)
+            managedKey.publicKeyHex = privKey.publicKeyHex
+          }
+          await managedKeyStore.importKey(managedKey)
+        }
+      }
+      for (const kid of keyIds) {
+        const managedKey = await managedKeyStore.getKey({ kid })
+        expect(managedKey.publicKeyHex.length).toEqual(66)
+        expect(managedKey.publicKeyHex).toMatch(/^(02|03).*/)
+      }
+    })
+  })
+  describe('kms-local maintains public key values for listKeys', () => {
+    it('when using data-store-json', async () => {
+      const memoryJsonStore = {
+        notifyUpdate: () => Promise.resolve(),
+      }
+      const kmsLocal = new KeyManagementSystem(
+        new PrivateKeyStoreJson(memoryJsonStore, new SecretBox(dbEncryptionKey)),
+      )
+      const key = await kmsLocal.createKey({ type: 'Secp256r1' })
+      const allPrivKeys = await kmsLocal.listKeys()
+      const foundKey = allPrivKeys.find((k) => k.kid === key.kid)
+      expect(foundKey?.publicKeyHex).toEqual(key.publicKeyHex)
+    })
+
+    it('when using data-store', async () => {
+      const dbConnection = new DataSource({
+        type: 'sqlite',
+        database: ':memory:',
+        entities: Entities,
+        synchronize: false,
+        migrations: migrations,
+        migrationsRun: true,
+        logging: false,
+      })
+      const kmsLocal = new KeyManagementSystem(
+        new PrivateKeyStore(dbConnection, new SecretBox(dbEncryptionKey)),
+      )
+      const key = await kmsLocal.createKey({ type: 'Secp256r1' })
+      const allPrivKeys = await kmsLocal.listKeys()
+      const foundKey = allPrivKeys.find((k) => k.kid === key.kid)
+      expect(foundKey?.publicKeyHex).toEqual(key.publicKeyHex)
+    })
+  })
+})
diff --git a/__tests__/fixtures/local-database-before-p256key-migration.sqlite b/__tests__/fixtures/local-database-before-p256key-migration.sqlite
diff --git a/__tests__/initial.migration.test.ts b/__tests__/initial.migration.test.ts
@@ -34,18 +34,19 @@ import { KeyManager } from '../packages/key-manager/src'
 import { DIDManager } from '../packages/did-manager/src'
 import { FakeDidProvider, FakeDidResolver } from '../packages/test-utils/src'
 
-import { DataSourceOptions, DataSource } from 'typeorm'
+import { DataSource, DataSourceOptions } from 'typeorm'
 import { Resolver } from 'did-resolver'
 import { getResolver as ethrDidResolver } from 'ethr-did-resolver'
 import { getResolver as webDidResolver } from 'web-did-resolver'
 import * as fs from 'fs'
 
 import { jest } from '@jest/globals'
-import { fileURLToPath } from 'url';
-import { dirname } from 'path';
+import { fileURLToPath } from 'url'
+import { dirname } from 'path'
 
-const __filename = fileURLToPath(import.meta.url);
-const __dirname = dirname(__filename);
+// @ts-ignore TS1343
+const __filename = fileURLToPath(import.meta.url)
+const __dirname = dirname(__filename)
 
 jest.setTimeout(60000)
 

diff --git a/packages/cli/src/__tests__/cli.test.ts b/packages/cli/src/__tests__/cli.test.ts
@@ -24,7 +24,7 @@ describe('cli version', () => {
   })
 
   // this seems to fail because of an incompatibility between jest and the `multiformats@11` transitive dependency
-  it.skip('should load the agent', async () => {
+  it('should load the agent', async () => {
     const { agent } = await createObjects(await getConfig('./packages/cli/default/default.yml'), {
       agent: '/agent',
     })

diff --git a/packages/kms-local/src/__tests__/kms-local.test.ts b/packages/kms-local/src/__tests__/kms-local.test.ts
@@ -106,7 +106,7 @@ describe('@veramo/kms-local Secp256r1 support', () => {
     const kms = new KeyManagementSystem(new MemoryPrivateKeyStore())
     const key = await kms.createKey({type: 'Secp256r1'})
     expect(key.type).toEqual('Secp256r1')
-    expect(key.publicKeyHex).toHaveLength(64)
+    expect(key.publicKeyHex).toHaveLength(66)
     expect(key.kid).toBeDefined()
     expect(key.meta).toEqual({
       "algorithms": [
@@ -120,7 +120,7 @@ describe('@veramo/kms-local Secp256r1 support', () => {
     const privateKeyHex = '96fe4d2b4a5d3abc4679fe39aa5d4b76990ff416e6ff403a58bd722cf8352f94'
     const key = await kms.importKey({kid: 'test', privateKeyHex, type: 'Secp256r1'})
     expect(key.type).toEqual('Secp256r1')
-    expect(key.publicKeyHex).toEqual('930fc234a12c939ccb1591a7c394088a30a32e81ac832ed8a0136e32bd73f792')
+    expect(key.publicKeyHex).toEqual('03930fc234a12c939ccb1591a7c394088a30a32e81ac832ed8a0136e32bd73f792')
     expect(key.kid).toEqual('test')
     expect(key.meta).toEqual({
       "algorithms": [

diff --git a/packages/test-react-app/package.json b/packages/test-react-app/package.json
@@ -14,9 +14,9 @@
     "@veramo/did-jwt": "^5.0.0",
     "@veramo/did-manager": "^5.0.0",
     "@veramo/did-provider-ethr": "^5.0.0",
+    "@veramo/did-provider-jwk": "^5.0.0",
     "@veramo/did-provider-key": "^5.0.0",
     "@veramo/did-provider-pkh": "^5.0.0",
-    "@veramo/did-provider-jwk": "^5.0.0",
     "@veramo/did-provider-web": "^5.0.0",
     "@veramo/did-resolver": "^5.0.0",
     "@veramo/key-manager": "^5.0.0",

diff --git a/packages/test-react-app/tsconfig.json b/packages/test-react-app/tsconfig.json
@@ -29,7 +29,9 @@
     { "path": "../did-jwt" },
     { "path": "../did-manager" },
     { "path": "../did-provider-ethr" },
+    { "path": "../did-provider-jwk" },
     { "path": "../did-provider-key" },
+    { "path": "../did-provider-pkh" },
     { "path": "../did-provider-web" },
     { "path": "../did-resolver" },
     { "path": "../key-manager" },