Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Feat/key did secp256r1 now includes curves secp384r1 and secp521r1 as well #1884

Merged
merged 40 commits into from
Mar 3, 2022
Merged

Feat/key did secp256r1 now includes curves secp384r1 and secp521r1 as well #1884

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
40 commits
Select commit Hold shift + click to select a range
e0e1987
feat(key-did-resolver): secp256r1 support
bshambaugh May 29, 2021
259e1a1
commit changes pulled from private develop branch into feat/secp256r1…
bshambaugh Dec 2, 2021
758cd94
create test for 'const contentType = options.accept || DID_JSON' line…
bshambaugh Dec 2, 2021
ef92d46
remove unnecessary match anything test and clean up test comments
bshambaugh Dec 2, 2021
d6925e9
add comment about testing key-did-resolver
bshambaugh Dec 2, 2021
fcec718
update formatting about testing
bshambaugh Dec 2, 2021
182671a
update comments for README
bshambaugh Dec 2, 2021
522da64
fix typo
bshambaugh Dec 2, 2021
628ff1d
Update README with references
bshambaugh Dec 2, 2021
5dc23da
reformat README. move an additional reference to the end
bshambaugh Dec 2, 2021
316ab44
reformat readme
bshambaugh Dec 2, 2021
7e02d8f
update readme with preliminary new code, draft in progress
bshambaugh Dec 8, 2021
e71a570
test a hyperlink in README
bshambaugh Dec 8, 2021
bc37ee4
add additional documentation to README, still in draft
bshambaugh Dec 8, 2021
e49dca7
further cleanup of README
bshambaugh Dec 8, 2021
51b953c
add new content to README.md
bshambaugh Dec 8, 2021
a5747cc
finalize comments with README
bshambaugh Dec 8, 2021
4d6ad96
update the README with some final touches
bshambaugh Dec 8, 2021
b83cedd
update readme with new usage paragraph
bshambaugh Dec 8, 2021
113aa4e
clean up new usage paragraph
bshambaugh Dec 8, 2021
6b19122
reworded and added footnote
bshambaugh Dec 8, 2021
f0f25db
reworded and fixed footnote
bshambaugh Dec 8, 2021
fdf9061
added new footnote
bshambaugh Dec 8, 2021
1b3b212
fix typo
bshambaugh Dec 8, 2021
f20c98e
update README
bshambaugh Dec 8, 2021
463e1fb
added an additional footnote, to make 3
bshambaugh Dec 8, 2021
5dba8ff
update code snippet responses for the correct ids for the verificatio…
bshambaugh Dec 8, 2021
8007b5c
use multiformats instead of multibase
bshambaugh Dec 9, 2021
9c45f3f
update tests to use multiformats instead of multibase
bshambaugh Dec 9, 2021
0935ef1
add more test snapshots for secp521r1
bshambaugh Dec 13, 2021
58e4bb4
swap for spaces to make the linter happy
bshambaugh Dec 13, 2021
cb3d4ce
add did-keys for test vectors for P-521 from w3c/ccg
bshambaugh Dec 13, 2021
a8d4005
replace with only spaces to satisfy linter
bshambaugh Dec 13, 2021
8e0acad
Merge branch 'develop' into feat/key-did-secp256r1
bshambaugh Jan 24, 2022
7f06180
change error message in index.test.ts from 'Cannot read property 'key…
bshambaugh Jan 24, 2022
ea46f3b
Merge branch 'feat/key-did-secp256r1' of github.com:bshambaugh/js-cer…
bshambaugh Jan 24, 2022
8548fee
since dagJose does not need to be converted to be used as an ipld for…
bshambaugh Jan 25, 2022
9e64800
update readme to change Usage to Additional Usage Notes for the last …
bshambaugh Feb 4, 2022
df64b35
remove the include of jest in the package.json for the key-did-resolv…
bshambaugh Feb 6, 2022
614b4d7
import nistWeierstrassCommon as nist_weierstrass_common.js in (secp25…
bshambaugh Feb 9, 2022
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
247 changes: 246 additions & 1 deletion packages/key-did-resolver/README.md
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -10,8 +10,253 @@
```
$ npm install key-did-resolver
```
### Usage
This code includes support for the curves Ed25519, Secp256k1, Secp256r1 (P-256), Secp384r1 (P-384), and Secp521r1 (P-521) which follow the test vectors at:
[https://github.com/w3c-ccg/did-method-key/tree/main/test-vectors](https://github.com/w3c-ccg/did-method-key/tree/main/test-vectors)

## Usage
This code has been tested with the following `did:key`[^1] providers:
| Curve | Repositry |
| ------------------- | -------------------------------------------------------------- |
| Ed25519 | https://github.com/ceramicnetwork/key-did-provider-ed25519 |
| Secp256k1 | https://github.com/ceramicnetwork/key-did-provider-secp256k1 |
| P-256, P-384, P-521 | https://github.com/bshambaugh/did-key-creator |
Copy link
Contributor Author

@bshambaugh bshambaugh Dec 9, 2021
edited
Loading

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Random thought. https://github.com/bshambaugh/did-key-creator may need to live over in https://github.com/ceramicstudio .


Compressed[^2] forms of P-256, P-384, and P-521 are preferred. [^3]

[^1]: The syntax of a did:key is `did:key:id`. The did:key `id` is the `base58btc string` representation of the `Uint8Array (byte array)` consisting of the `the multicodec name` followed by `the public key {raw,uncompressed,compressed}`.

[^2]: Compressed keys are the X coordinate of the public key with a prefix that depends on the sign of the Y curve coordinate. The prefix is '02' if even and '03' if odd.

[^3]: During development there was not yet consensus on using all compressed keys. Support for uncompressed keys with the '04' prefix and
raw keys (just the x,y bytes with no prefix) was kept for the P-256 and P-384 curves.

### Code
Using [@ceramicnetwork/core](https://developers.ceramic.network/reference/typescript/modules/_ceramicnetwork_core.html) with secp256k1 did-key:
```
import KeyDIDResolver from 'key-did-resolver'
import {Resolver} from 'did-resolver'
import {Ceramic} from '@ceramicnetwork/core'
import * as IPFS from 'ipfs-core'
import dagJose from 'dag-jose'
import {convert} from 'blockcodec-to-ipld-format'

const ipfs = await IPFS.create({
ipld: { formats: [dagJose] },
})

const config = {}
const ceramic = await Ceramic.create(ipfs, config)
const keyDidResolver = KeyDIDResolver.getResolver(ceramic)
console.log(keyDidResolver)
const didResolver = new Resolver(keyDidResolver)
const doc = await didResolver.resolve('did:key:z6MktvqCyLxTsXUH1tUZncNdVeEZ7hNh7npPRbUU27GTrYb8')

console.log(doc)
console.log(doc.didDocument.verificationMethod)
```

Using [@ceramicnetwork/http-client](https://developers.ceramic.network/reference/typescript/modules/_ceramicnetwork_http_client.html) with secp256k1 did-key:
```
// Usage from cloned GitHub Repository:
// import * as keyDIDResolver from '../js-ceramic/packages/key-did-resolver/lib/index.js';
import KeyDIDResolver from 'key-did-resolver'
import {Resolver} from 'did-resolver'

import { CeramicClient } from '@ceramicnetwork/http-client'
const API_URL = "https://ceramic-clay.3boxlabs.com" // or your ceramic endpoint
const ceramic = new CeramicClient(API_URL)

const keyDidResolver = KeyDIDResolver.getResolver(ceramic)
const didResolver = new Resolver(keyDidResolver)
const doc = await didResolver.resolve('did:key:zQ3shokFTS3brHcDQrn82RUDfCZESWL1ZdCEJwekUDPQiYBme')

console.log(doc)
console.log(doc.didDocument.verificationMethod)
```

### Output
Using [@ceramicnetwork/core](https://developers.ceramic.network/reference/typescript/modules/_ceramicnetwork_core.html) with secp256k1 did-key:
```
{
didResolutionMetadata: { contentType: 'application/did+json' },
didDocument: {
id: 'did:key:zQ3shokFTS3brHcDQrn82RUDfCZESWL1ZdCEJwekUDPQiYBme',
verificationMethod: [ [Object] ],
authentication: [
'did:key:zQ3shokFTS3brHcDQrn82RUDfCZESWL1ZdCEJwekUDPQiYBme#zQ3shokFTS3brHcDQrn82RUDfCZESWL1ZdCEJwekUDPQiYBme'
],
assertionMethod: [
'did:key:zQ3shokFTS3brHcDQrn82RUDfCZESWL1ZdCEJwekUDPQiYBme#zQ3shokFTS3brHcDQrn82RUDfCZESWL1ZdCEJwekUDPQiYBme'
],
capabilityDelegation: [
'did:key:zQ3shokFTS3brHcDQrn82RUDfCZESWL1ZdCEJwekUDPQiYBme#zQ3shokFTS3brHcDQrn82RUDfCZESWL1ZdCEJwekUDPQiYBme'
],
capabilityInvocation: [
'did:key:zQ3shokFTS3brHcDQrn82RUDfCZESWL1ZdCEJwekUDPQiYBme#zQ3shokFTS3brHcDQrn82RUDfCZESWL1ZdCEJwekUDPQiYBme'
]
},
didDocumentMetadata: {}
}
[
{
id: 'did:key:zQ3shokFTS3brHcDQrn82RUDfCZESWL1ZdCEJwekUDPQiYBme#zQ3shokFTS3brHcDQrn82RUDfCZESWL1ZdCEJwekUDPQiYBme',
type: 'Secp256k1VerificationKey2018',
controller: 'did:key:zQ3shokFTS3brHcDQrn82RUDfCZESWL1ZdCEJwekUDPQiYBme',
publicKeyBase58: '23o6Sau8NxxzXcgSc3PLcNxrzrZpbLeBn1izfv3jbKhuv'
}
]

```
Using [@ceramicnetwork/http-client](https://developers.ceramic.network/reference/typescript/modules/_ceramicnetwork_http_client.html) with secp256k1 did-key:
```
Swarm listening on /ip4/127.0.0.1/tcp/4011/p2p/QmYGmd8VoQ1sZ82diHEzhbPxfrjrxryLMnJem4UaNnEf8K
Swarm listening on /ip4/10.0.0.5/tcp/4011/p2p/QmYGmd8VoQ1sZ82diHEzhbPxfrjrxryLMnJem4UaNnEf8K
Swarm listening on /ip4/127.0.0.1/tcp/4012/ws/p2p/QmYGmd8VoQ1sZ82diHEzhbPxfrjrxryLMnJem4UaNnEf8K
Swarm listening on /ip4/10.0.0.5/tcp/4012/ws/p2p/QmYGmd8VoQ1sZ82diHEzhbPxfrjrxryLMnJem4UaNnEf8K
Connecting to ceramic network 'inmemory' using pubsub topic '/ceramic/inmemory-2974851949'
Peer discovery is not supported for ceramic network: inmemory. This node may fail to load documents from other nodes on the network.
This node with peerId QmYGmd8VoQ1sZ82diHEzhbPxfrjrxryLMnJem4UaNnEf8K is not included in the peer list for Ceramic network inmemory. It will not be discoverable by other nodes in the network, and so data created against this node will not be available to the rest of the network.
Connected to anchor service '<inmemory>' with supported anchor chains ['inmemory:12345']
{ key: [AsyncFunction: key] }
{
didResolutionMetadata: { contentType: 'application/did+json' },
didDocument: {
id: 'did:key:zQ3shokFTS3brHcDQrn82RUDfCZESWL1ZdCEJwekUDPQiYBme',
verificationMethod: [ [Object] ],
authentication: [
'did:key:zQ3shokFTS3brHcDQrn82RUDfCZESWL1ZdCEJwekUDPQiYBme#zQ3shokFTS3brHcDQrn82RUDfCZESWL1ZdCEJwekUDPQiYBme'
],
assertionMethod: [
'did:key:zQ3shokFTS3brHcDQrn82RUDfCZESWL1ZdCEJwekUDPQiYBme#zQ3shokFTS3brHcDQrn82RUDfCZESWL1ZdCEJwekUDPQiYBme'
],
capabilityDelegation: [
'did:key:zQ3shokFTS3brHcDQrn82RUDfCZESWL1ZdCEJwekUDPQiYBme#zQ3shokFTS3brHcDQrn82RUDfCZESWL1ZdCEJwekUDPQiYBme'
],
capabilityInvocation: [
'did:key:zQ3shokFTS3brHcDQrn82RUDfCZESWL1ZdCEJwekUDPQiYBme#zQ3shokFTS3brHcDQrn82RUDfCZESWL1ZdCEJwekUDPQiYBme'
]
},
didDocumentMetadata: {}
}
[
{
id: 'did:key:zQ3shokFTS3brHcDQrn82RUDfCZESWL1ZdCEJwekUDPQiYBme#zQ3shokFTS3brHcDQrn82RUDfCZESWL1ZdCEJwekUDPQiYBme',
type: 'Secp256k1VerificationKey2018',
controller: 'did:key:zQ3shokFTS3brHcDQrn82RUDfCZESWL1ZdCEJwekUDPQiYBme',
publicKeyBase58: '23o6Sau8NxxzXcgSc3PLcNxrzrZpbLeBn1izfv3jbKhuv'
}
]

```

The code for other curves is similar. Changing the did:key string is sufficient.

#### code snippet for ed25519
```
const doc = await didResolver.resolve('did:key:z6MktvqCyLxTsXUH1tUZncNdVeEZ7hNh7npPRbUU27GTrYb8')
```

#### code snippet for P-256
```
const doc = await didResolver.resolve('did:key:zDnaeUKTWUXc1HDpGfKbEK31nKLN19yX5aunFd7VK1CUMeyJu')
```

#### code snippet for P-384
```
const doc = await didResolver.resolve('did:key:z82LkvCwHNreneWpsgPEbV3gu1C6NFJEBg4srfJ5gdxEsMGRJUz2sG9FE42shbn2xkZJh54')
```

#### code snippet for P-521
```
const doc = await didResolver.resolve('did:key:z2J9gcGhudjgwsDLv4qJVM6DysnsjWRS6ggtCsSYpV9TGxd9WGoE1EkPxdvPcqEs7eLsQA985AGXPuqttPP7WJ5Qdiz27U3t')
```
Note: All P-*** curves are compressed

The verification method results are slightly different. Here is a sampling:

#### did document verificationMethod for ed25519:
```
[
{
id: 'did:key:z6MktvqCyLxTsXUH1tUZncNdVeEZ7hNh7npPRbUU27GTrYb8#z6MktvqCyLxTsXUH1tUZncNdVeEZ7hNh7npPRbUU27GTrYb8',
type: 'Ed25519VerificationKey2018',
controller: 'did:key:z6MktvqCyLxTsXUH1tUZncNdVeEZ7hNh7npPRbUU27GTrYb8',
publicKeyBase58: 'FUaAP6i2XyyouPds73QneYgZJ86qhua2jaZYBqJSwKok'
}
]
```

#### did document verificationMethod for P-256:
```
[
{
id: 'did:key:zDnaeUKTWUXc1HDpGfKbEK31nKLN19yX5aunFd7VK1CUMeyJu#zDnaeUKTWUXc1HDpGfKbEK31nKLN19yX5aunFd7VK1CUMeyJu',
type: 'JsonWebKey2020',
controller: 'did:key:zDnaeUKTWUXc1HDpGfKbEK31nKLN19yX5aunFd7VK1CUMeyJu',
publicKeyJwk: {
kty: 'EC',
crv: 'P-256',
x: 'OcPddBMXKURtwbPaZ9SfwEb8vwcvzFufpRwFuXQwf5Y',
y: 'nEA7FjXwRJ8CvUInUeMxIaRDTxUvKysqP2dSGcXZJfY'
}
}
]
```

#### did document verificationMethod for P-384:
```
[
{
id: 'did:key:z82LkvCwHNreneWpsgPEbV3gu1C6NFJEBg4srfJ5gdxEsMGRJUz2sG9FE42shbn2xkZJh54#z82LkvCwHNreneWpsgPEbV3gu1C6NFJEBg4srfJ5gdxEsMGRJUz2sG9FE42shbn2xkZJh54',
type: 'JsonWebKey2020',
controller: 'did:key:z82LkvCwHNreneWpsgPEbV3gu1C6NFJEBg4srfJ5gdxEsMGRJUz2sG9FE42shbn2xkZJh54',
publicKeyJwk: {
kty: 'EC',
crv: 'P-384',
x: 'CA-iNoHDg1lL8pvX3d1uvExzVfCz7Rn6tW781Ub8K5MrDf2IMPyL0RTDiaLHC1JT',
y: 'Kpnrn8DkXUD3ge4mFxi-DKr0DYO2KuJdwNBrhzLRtfMa3WFMZBiPKUPfJj8dYNl_'
}
}
]
```

#### did document verificationMethod for P-521:
```
[
{
id: 'did:key:z2J9gcGhudjgwsDLv4qJVM6DysnsjWRS6ggtCsSYpV9TGxd9WGoE1EkPxdvPcqEs7eLsQA985AGXPuqttPP7WJ5Qdiz27U3t#z2J9gcGhudjgwsDLv4qJVM6DysnsjWRS6ggtCsSYpV9TGxd9WGoE1EkPxdvPcqEs7eLsQA985AGXPuqttPP7WJ5Qdiz27U3t',
type: 'JsonWebKey2020',
controller: 'did:key:z2J9gcGhudjgwsDLv4qJVM6DysnsjWRS6ggtCsSYpV9TGxd9WGoE1EkPxdvPcqEs7eLsQA985AGXPuqttPP7WJ5Qdiz27U3t',
publicKeyJwk: {
kty: 'EC',
crv: 'P-521',
x: 'ATkofCC8_KAAJ3XSRayyPk8WqF9qahhoQVjbHtzbe5MSaaFiMKBZr-CurF9IcpJD-YYEukPmarSKFpXLtwAdiONT',
y: 'AWuYkJ7iaFhfz_dzFemaBnuq1WFnoZeIha7KpE9benPTX9FQhAoyHY-2qO4IyqGe1XGGtx8eJXvp57xMtUXm2rAH'
}
}
]
```

### Testing
Due to problems with parsing JSON with BigInt, tests need to be run with Jest in Serial mode. Use **_npm run test -- --runInBand_** .

### References

[Standards for Efficient Cryptography
SEC 2: Recommended Elliptic Curve Domain Parameters
Certicom Research
Contact: Daniel R. L. Brown ([email protected])
January 27, 2010
Version 2.0 ], http://www.secg.org/sec2-v2.pdf


[FIPS PUB 186-4 ,FEDERAL INFORMATION PROCESSING STANDARDS
PUBLICATION, Digital Signature Standard (DSS)], https://nvlpubs.nist.gov/nistpubs/FIPS/NIST.FIPS.186-4.pdf

[Compact representation of an elliptic curve point, Network Working Group, A.J. Jivsov, March 15, 2014],
https://tools.ietf.org/id/draft-jivsov-ecc-compact-05.html

## Additional Usage Notes

See the [ceramic developer site](https://developers.ceramic.network/) for more details about how to use this package.

Expand Down
2 changes: 2 additions & 0 deletions packages/key-did-resolver/package.json
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -34,6 +34,8 @@
},
"dependencies": {
"@stablelib/ed25519": "^1.0.2",
"bigint-mod-arith": "^3.0.0",
"multiformats": "^9.5.2",
"uint8arrays": "^3.0.0",
"varint": "^6.0.0"
},
Expand Down
Loading