diff --git a/cmd/vc-rest/go.mod b/cmd/vc-rest/go.mod index bc9449ddc..53a57b1d5 100644 --- a/cmd/vc-rest/go.mod +++ b/cmd/vc-rest/go.mod @@ -22,6 +22,7 @@ require ( github.com/stretchr/testify v1.8.4 github.com/trustbloc/cmdutil-go v1.0.0 github.com/trustbloc/did-go v1.0.2-0.20230922190208-b53738d979e9 + github.com/trustbloc/kms-go v1.0.1-0.20230922134356-24e819a06a30 github.com/trustbloc/logutil-go v1.0.0 github.com/trustbloc/vc-go v1.0.3-0.20230927100750-6e0ff8399468 github.com/trustbloc/vcs v0.0.0 @@ -177,7 +178,6 @@ require ( github.com/tidwall/pretty v1.2.1 // indirect github.com/tidwall/sjson v1.2.5 // indirect github.com/trustbloc/bbs-signature-go v1.0.0 // indirect - github.com/trustbloc/kms-go v1.0.1-0.20230922134356-24e819a06a30 // indirect github.com/trustbloc/sidetree-core-go v1.0.0 // indirect github.com/valyala/bytebufferpool v1.0.0 // indirect github.com/valyala/fastjson v1.6.3 // indirect @@ -226,4 +226,8 @@ replace ( github.com/trustbloc/vcs/pkg/profile/reader => ../../component/profile/reader/file ) +replace github.com/trustbloc/kms-go => github.com/Moopli/kms-go v0.0.0-20230928053158-b92b3a5e8b1e + +replace github.com/trustbloc/vc-go => github.com/Moopli/vc-go v0.0.0-20230928053443-3bcf0df63996 + go 1.21 diff --git a/cmd/vc-rest/go.sum b/cmd/vc-rest/go.sum index 07d68b62d..6527d08fa 100644 --- a/cmd/vc-rest/go.sum +++ b/cmd/vc-rest/go.sum @@ -44,6 +44,10 @@ github.com/IBM/mathlib v0.0.3-0.20230605104224-932ab92f2ce0 h1:V3ElfC3Xs8bxJyc7V github.com/IBM/mathlib v0.0.3-0.20230605104224-932ab92f2ce0/go.mod h1:k0NBSWMYVgaZ2keDuI8DSwdIEhUNhp8XnlVmm6Xwyuk= github.com/Microsoft/go-winio v0.6.0 h1:slsWYD/zyx7lCXoZVlvQrj0hPTM1HI4+v1sIda2yDvg= github.com/Microsoft/go-winio v0.6.0/go.mod h1:cTAf44im0RAYeL23bpB+fzCyDH2MJiz2BO69KH/soAE= +github.com/Moopli/kms-go v0.0.0-20230928053158-b92b3a5e8b1e h1:fZz3QVC0MhylGwjUAt2g/18gpvLyp+gD1kdBlDUC6KI= +github.com/Moopli/kms-go v0.0.0-20230928053158-b92b3a5e8b1e/go.mod h1:7arOSG9GewtV1WiqYZ23dSZ6haamosSABwyG//cRaXQ= +github.com/Moopli/vc-go v0.0.0-20230928053443-3bcf0df63996 h1:WMAjakrYEl+87QJBF1kxAPsl/CjVO28xyPg24vZvLUg= +github.com/Moopli/vc-go v0.0.0-20230928053443-3bcf0df63996/go.mod h1:/PuAaqEkBj3csXcUGjve6Zgp4Heluoc1267owTjdURM= github.com/Nvveen/Gotty v0.0.0-20120604004816-cd527374f1e5 h1:TngWCqHvy9oXAN6lEVMRuU21PR1EtLVZJmdB18Gu3Rw= github.com/Nvveen/Gotty v0.0.0-20120604004816-cd527374f1e5/go.mod h1:lmUJ/7eu/Q8D7ML55dXQrVaamCz2vxCfdQBasLZfHKk= github.com/PaesslerAG/gval v1.0.0/go.mod h1:y/nm5yEyTeX6av0OfKJNp9rBNj2XrGhAf5+v24IBN1I= @@ -590,14 +594,10 @@ github.com/trustbloc/cmdutil-go v1.0.0 h1:QCe7wVEIASWmy9ZDD0l0tsQCEsX6fx+kBFX5Uq github.com/trustbloc/cmdutil-go v1.0.0/go.mod h1:o/v7C1z6d/5UrjaC6GAUc1hk0XVuE3M4tpyvsMMUw5k= github.com/trustbloc/did-go v1.0.2-0.20230922190208-b53738d979e9 h1:UA6QlD58VZnSd2EpFJCi9XctBY3naKouBOtjMss4ewc= github.com/trustbloc/did-go v1.0.2-0.20230922190208-b53738d979e9/go.mod h1:qqTm9zd5rGhHSOtC8jjadqM01Od9zcDbUiUYLv+M6ls= -github.com/trustbloc/kms-go v1.0.1-0.20230922134356-24e819a06a30 h1:nNmYk/CX3UrLe4a7qCaMjsc+IWcQdZlJGvY5D2gsewE= -github.com/trustbloc/kms-go v1.0.1-0.20230922134356-24e819a06a30/go.mod h1:7arOSG9GewtV1WiqYZ23dSZ6haamosSABwyG//cRaXQ= github.com/trustbloc/logutil-go v1.0.0 h1:KzNs9TRbnmn+M3oYw9UkrtOjNd3ZGO8aLgfYttMypcE= github.com/trustbloc/logutil-go v1.0.0/go.mod h1:JlxT0oZfNKgIlSNtgc001WEeDMxlnAvOM43gNm8DQVc= github.com/trustbloc/sidetree-core-go v1.0.0 h1:kzfKZOJ0sgDy9D1AYNcoR3JHutqtMtKvF2P9UwUcDjU= github.com/trustbloc/sidetree-core-go v1.0.0/go.mod h1:jdxAFuorlIwFOGVW6O455/lZqxg2mZkRHNTEolcZdDI= -github.com/trustbloc/vc-go v1.0.3-0.20230927100750-6e0ff8399468 h1:GizDlcTPMuOh8HHifl8qp+ohaGMhiIT7k4+NcI/CA/I= -github.com/trustbloc/vc-go v1.0.3-0.20230927100750-6e0ff8399468/go.mod h1:6I4D1Hlf5CpSXBbfOIf58ZPtheyT8ZdsorN2kef2ZxU= github.com/ugorji/go v1.1.7/go.mod h1:kZn38zHttfInRq0xu/PH0az30d+z6vm202qpg1oXVMw= github.com/ugorji/go v1.2.7/go.mod h1:nF9osbDWLy6bDVv/Rtoh6QgnvNDpmCalQV5urGCCS6M= github.com/ugorji/go/codec v1.1.7/go.mod h1:Ax+UKWsSmolVDwsd+7N3ZtXu+yMGCf907BLYF3GoBXY= diff --git a/cmd/vc-rest/startcmd/start.go b/cmd/vc-rest/startcmd/start.go index 2071dea95..6fce4184a 100644 --- a/cmd/vc-rest/startcmd/start.go +++ b/cmd/vc-rest/startcmd/start.go @@ -28,6 +28,7 @@ import ( "github.com/deepmap/oapi-codegen/pkg/securityprovider" "github.com/dgraph-io/ristretto" "github.com/trustbloc/did-go/doc/ld/documentloader" + "github.com/trustbloc/kms-go/wrapper/api" "golang.org/x/net/http2" "golang.org/x/net/http2/h2c" @@ -642,10 +643,14 @@ func buildEchoHandler( var oidc4ciService oidc4ci.ServiceInterface - var dataKeyEncryptor dataprotect.Crypto - dataKeyEncryptor = defaultVCSKeyManager.Crypto() + var dataKeyEncryptor api.EncrypterDecrypter + dataKeyEncryptor, err = defaultVCSKeyManager.Suite().EncrypterDecrypter() if conf.StartupParameters.dataEncryptionDisabled { dataKeyEncryptor = dataprotect.NewNilCrypto() + } else { + if err != nil { + return nil, fmt.Errorf("provided crypto suite does not support encryption/decryption: %w", err) + } } claimsDataProtector := dataprotect.NewDataProtector( dataKeyEncryptor, diff --git a/component/credentialstatus/credentialstatus_service_test.go b/component/credentialstatus/credentialstatus_service_test.go index c8f07323a..e1233afef 100644 --- a/component/credentialstatus/credentialstatus_service_test.go +++ b/component/credentialstatus/credentialstatus_service_test.go @@ -23,15 +23,11 @@ import ( "github.com/piprate/json-gold/ld" "github.com/stretchr/testify/require" longform "github.com/trustbloc/did-go/method/sidetreelongform" + "github.com/trustbloc/vcs/internal/mock/vcskms" vdr2 "github.com/trustbloc/did-go/vdr" vdr "github.com/trustbloc/did-go/vdr/api" vdrmock "github.com/trustbloc/did-go/vdr/mock" - "github.com/trustbloc/kms-go/doc/jose/jwk" - cryptomock "github.com/trustbloc/kms-go/mock/crypto" - mockkms "github.com/trustbloc/kms-go/mock/kms" - ariescrypto "github.com/trustbloc/kms-go/spi/crypto" - kmsapi "github.com/trustbloc/kms-go/spi/kms" "github.com/trustbloc/vc-go/verifiable" "github.com/trustbloc/vcs/component/credentialstatus/internal/testutil" @@ -43,7 +39,6 @@ import ( "github.com/trustbloc/vcs/pkg/doc/vc/vcutil" vcsverifiable "github.com/trustbloc/vcs/pkg/doc/verifiable" "github.com/trustbloc/vcs/pkg/event/spi" - "github.com/trustbloc/vcs/pkg/kms/signer" profileapi "github.com/trustbloc/vcs/pkg/profile" "github.com/trustbloc/vcs/pkg/service/credentialstatus" "github.com/trustbloc/vcs/pkg/service/credentialstatus/eventhandler" @@ -101,7 +96,7 @@ func TestCredentialStatusList_CreateStatusListEntry(t *testing.T) { mockProfileSrv := NewMockProfileService(gomock.NewController(t)) mockProfileSrv.EXPECT().GetProfile(profileID, profileVersion).AnyTimes().Return(getTestProfile(), nil) mockKMSRegistry := NewMockKMSRegistry(gomock.NewController(t)) - mockKMSRegistry.EXPECT().GetKeyManager(gomock.Any()).Times(5).Return(&mockKMS{}, nil) + mockKMSRegistry.EXPECT().GetKeyManager(gomock.Any()).Times(5).Return(&vcskms.MockKMS{}, nil) ctx := context.Background() cslVCStore := newMockCSLVCStore() @@ -239,7 +234,7 @@ func TestCredentialStatusList_UpdateVCStatus(t *testing.T) { mockProfileSrv := NewMockProfileService(gomock.NewController(t)) mockProfileSrv.EXPECT().GetProfile(profileID, profileVersion).AnyTimes().Return(profile, nil) mockKMSRegistry := NewMockKMSRegistry(gomock.NewController(t)) - mockKMSRegistry.EXPECT().GetKeyManager(gomock.Any()).AnyTimes().Return(&mockKMS{}, nil) + mockKMSRegistry.EXPECT().GetKeyManager(gomock.Any()).AnyTimes().Return(&vcskms.MockKMS{}, nil) cslVCStore := newMockCSLVCStore() cslIndexStore := newMockCSLIndexStore() crypto := vccrypto.New( @@ -358,7 +353,7 @@ func TestCredentialStatusList_UpdateVCStatus(t *testing.T) { mockProfileSrv := NewMockProfileService(gomock.NewController(t)) mockProfileSrv.EXPECT().GetProfile(profileID, profileVersion).AnyTimes().Return(getTestProfile(), nil) mockKMSRegistry := NewMockKMSRegistry(gomock.NewController(t)) - mockKMSRegistry.EXPECT().GetKeyManager(gomock.Any()).AnyTimes().Return(&mockKMS{}, nil) + mockKMSRegistry.EXPECT().GetKeyManager(gomock.Any()).AnyTimes().Return(&vcskms.MockKMS{}, nil) s, err := New(&Config{ ProfileService: mockProfileSrv, @@ -386,7 +381,7 @@ func TestCredentialStatusList_UpdateVCStatus(t *testing.T) { mockProfileSrv := NewMockProfileService(gomock.NewController(t)) mockProfileSrv.EXPECT().GetProfile(profileID, profileVersion).AnyTimes().Return(getTestProfile(), nil) mockKMSRegistry := NewMockKMSRegistry(gomock.NewController(t)) - mockKMSRegistry.EXPECT().GetKeyManager(gomock.Any()).AnyTimes().Return(&mockKMS{}, nil) + mockKMSRegistry.EXPECT().GetKeyManager(gomock.Any()).AnyTimes().Return(&vcskms.MockKMS{}, nil) s, err := New(&Config{ DocumentLoader: loader, @@ -423,7 +418,7 @@ func TestCredentialStatusList_UpdateVCStatus(t *testing.T) { mockProfileSrv := NewMockProfileService(gomock.NewController(t)) mockProfileSrv.EXPECT().GetProfile(profileID, profileVersion).AnyTimes().Return(getTestProfile(), nil) mockKMSRegistry := NewMockKMSRegistry(gomock.NewController(t)) - mockKMSRegistry.EXPECT().GetKeyManager(gomock.Any()).AnyTimes().Return(&mockKMS{}, nil) + mockKMSRegistry.EXPECT().GetKeyManager(gomock.Any()).AnyTimes().Return(&vcskms.MockKMS{}, nil) s, err := New(&Config{ DocumentLoader: loader, @@ -617,7 +612,7 @@ func TestCredentialStatusList_UpdateVCStatus(t *testing.T) { mockProfileSrv := NewMockProfileService(gomock.NewController(t)) mockProfileSrv.EXPECT().GetProfile(profileID, profileVersion).AnyTimes().Return(getTestProfile(), nil) mockKMSRegistry := NewMockKMSRegistry(gomock.NewController(t)) - mockKMSRegistry.EXPECT().GetKeyManager(gomock.Any()).AnyTimes().Return(&mockKMS{}, nil) + mockKMSRegistry.EXPECT().GetKeyManager(gomock.Any()).AnyTimes().Return(&vcskms.MockKMS{}, nil) mockEventPublisher := NewMockEventPublisher(gomock.NewController(t)) mockEventPublisher.EXPECT().Publish(gomock.Any(), eventTopic, gomock.Any()).Times(1).Return(errors.New("some error")) @@ -669,7 +664,7 @@ func TestCredentialStatusList_UpdateVCStatus(t *testing.T) { mockProfileSrv := NewMockProfileService(gomock.NewController(t)) mockProfileSrv.EXPECT().GetProfile(profileID, profileVersion).AnyTimes().Return(profile, nil) mockKMSRegistry := NewMockKMSRegistry(gomock.NewController(t)) - mockKMSRegistry.EXPECT().GetKeyManager(gomock.Any()).AnyTimes().Return(&mockKMS{}, nil) + mockKMSRegistry.EXPECT().GetKeyManager(gomock.Any()).AnyTimes().Return(&vcskms.MockKMS{}, nil) cslIndexStore := newMockCSLIndexStore() cslVCStore := newMockCSLVCStore() loader := testutil.DocumentLoader(t) @@ -1043,27 +1038,3 @@ func (m *mockVCStore) Put( m.s[fmt.Sprintf("%s_%s_%s", profileID, profileVersion, vcID)] = typedID return nil } - -type mockKMS struct { - crypto ariescrypto.Crypto -} - -func (m *mockKMS) NewVCSigner(creator string, signatureType vcsverifiable.SignatureType) (vc.SignerAlgorithm, error) { - if m.crypto == nil { - m.crypto = &cryptomock.Crypto{} - } - - return signer.NewKMSSigner(&mockkms.KeyManager{}, m.crypto, creator, signatureType, nil) -} - -func (m *mockKMS) SupportedKeyTypes() []kmsapi.KeyType { - return nil -} - -func (m *mockKMS) CreateJWKKey(_ kmsapi.KeyType) (string, *jwk.JWK, error) { - return "", nil, nil -} - -func (m *mockKMS) CreateCryptoKey(_ kmsapi.KeyType) (string, interface{}, error) { - return "", nil, nil -} diff --git a/component/credentialstatus/go.mod b/component/credentialstatus/go.mod index 40cf24a9c..53833f135 100644 --- a/component/credentialstatus/go.mod +++ b/component/credentialstatus/go.mod @@ -13,7 +13,6 @@ require ( github.com/spf13/cobra v1.7.0 github.com/stretchr/testify v1.8.4 github.com/trustbloc/did-go v1.0.2-0.20230922190208-b53738d979e9 - github.com/trustbloc/kms-go v1.0.1-0.20230922134356-24e819a06a30 github.com/trustbloc/logutil-go v1.0.0 github.com/trustbloc/vc-go v1.0.3-0.20230927100750-6e0ff8399468 github.com/trustbloc/vcs v0.0.0 @@ -114,6 +113,7 @@ require ( github.com/tidwall/pretty v1.2.1 // indirect github.com/tidwall/sjson v1.2.5 // indirect github.com/trustbloc/bbs-signature-go v1.0.0 // indirect + github.com/trustbloc/kms-go v1.0.1-0.20230922134356-24e819a06a30 // indirect github.com/trustbloc/sidetree-core-go v1.0.0 // indirect github.com/valyala/bytebufferpool v1.0.0 // indirect github.com/valyala/fasttemplate v1.2.1 // indirect @@ -146,4 +146,8 @@ require ( rsc.io/tmplfunc v0.0.3 // indirect ) +replace github.com/trustbloc/kms-go => github.com/Moopli/kms-go v0.0.0-20230928053158-b92b3a5e8b1e + +replace github.com/trustbloc/vc-go => github.com/Moopli/vc-go v0.0.0-20230928053443-3bcf0df63996 + replace github.com/trustbloc/vcs => ../../ diff --git a/component/credentialstatus/go.sum b/component/credentialstatus/go.sum index 3f3fbba0a..2d1602e9a 100644 --- a/component/credentialstatus/go.sum +++ b/component/credentialstatus/go.sum @@ -44,6 +44,10 @@ github.com/IBM/mathlib v0.0.3-0.20230605104224-932ab92f2ce0 h1:V3ElfC3Xs8bxJyc7V github.com/IBM/mathlib v0.0.3-0.20230605104224-932ab92f2ce0/go.mod h1:k0NBSWMYVgaZ2keDuI8DSwdIEhUNhp8XnlVmm6Xwyuk= github.com/Microsoft/go-winio v0.6.0 h1:slsWYD/zyx7lCXoZVlvQrj0hPTM1HI4+v1sIda2yDvg= github.com/Microsoft/go-winio v0.6.0/go.mod h1:cTAf44im0RAYeL23bpB+fzCyDH2MJiz2BO69KH/soAE= +github.com/Moopli/kms-go v0.0.0-20230928053158-b92b3a5e8b1e h1:fZz3QVC0MhylGwjUAt2g/18gpvLyp+gD1kdBlDUC6KI= +github.com/Moopli/kms-go v0.0.0-20230928053158-b92b3a5e8b1e/go.mod h1:7arOSG9GewtV1WiqYZ23dSZ6haamosSABwyG//cRaXQ= +github.com/Moopli/vc-go v0.0.0-20230928053443-3bcf0df63996 h1:WMAjakrYEl+87QJBF1kxAPsl/CjVO28xyPg24vZvLUg= +github.com/Moopli/vc-go v0.0.0-20230928053443-3bcf0df63996/go.mod h1:/PuAaqEkBj3csXcUGjve6Zgp4Heluoc1267owTjdURM= github.com/Nvveen/Gotty v0.0.0-20120604004816-cd527374f1e5 h1:TngWCqHvy9oXAN6lEVMRuU21PR1EtLVZJmdB18Gu3Rw= github.com/Nvveen/Gotty v0.0.0-20120604004816-cd527374f1e5/go.mod h1:lmUJ/7eu/Q8D7ML55dXQrVaamCz2vxCfdQBasLZfHKk= github.com/PaesslerAG/gval v1.0.0/go.mod h1:y/nm5yEyTeX6av0OfKJNp9rBNj2XrGhAf5+v24IBN1I= @@ -449,14 +453,10 @@ github.com/trustbloc/bbs-signature-go v1.0.0 h1:JOKmPRTpjbbGODt71i3wJyiEBcu5XEoe github.com/trustbloc/bbs-signature-go v1.0.0/go.mod h1:8xptu/lbVUDACQW10yiHtqATzC2kpTKQk5mKsKTD85Y= github.com/trustbloc/did-go v1.0.2-0.20230922190208-b53738d979e9 h1:UA6QlD58VZnSd2EpFJCi9XctBY3naKouBOtjMss4ewc= github.com/trustbloc/did-go v1.0.2-0.20230922190208-b53738d979e9/go.mod h1:qqTm9zd5rGhHSOtC8jjadqM01Od9zcDbUiUYLv+M6ls= -github.com/trustbloc/kms-go v1.0.1-0.20230922134356-24e819a06a30 h1:nNmYk/CX3UrLe4a7qCaMjsc+IWcQdZlJGvY5D2gsewE= -github.com/trustbloc/kms-go v1.0.1-0.20230922134356-24e819a06a30/go.mod h1:7arOSG9GewtV1WiqYZ23dSZ6haamosSABwyG//cRaXQ= github.com/trustbloc/logutil-go v1.0.0 h1:KzNs9TRbnmn+M3oYw9UkrtOjNd3ZGO8aLgfYttMypcE= github.com/trustbloc/logutil-go v1.0.0/go.mod h1:JlxT0oZfNKgIlSNtgc001WEeDMxlnAvOM43gNm8DQVc= github.com/trustbloc/sidetree-core-go v1.0.0 h1:kzfKZOJ0sgDy9D1AYNcoR3JHutqtMtKvF2P9UwUcDjU= github.com/trustbloc/sidetree-core-go v1.0.0/go.mod h1:jdxAFuorlIwFOGVW6O455/lZqxg2mZkRHNTEolcZdDI= -github.com/trustbloc/vc-go v1.0.3-0.20230927100750-6e0ff8399468 h1:GizDlcTPMuOh8HHifl8qp+ohaGMhiIT7k4+NcI/CA/I= -github.com/trustbloc/vc-go v1.0.3-0.20230927100750-6e0ff8399468/go.mod h1:6I4D1Hlf5CpSXBbfOIf58ZPtheyT8ZdsorN2kef2ZxU= github.com/valyala/bytebufferpool v1.0.0 h1:GqA5TC/0021Y/b9FG4Oi9Mr3q7XYx6KllzawFIhcdPw= github.com/valyala/bytebufferpool v1.0.0/go.mod h1:6bBcMArwyJ5K/AmCkWv1jt77kVWyCJ6HpOuEn7z0Csc= github.com/valyala/fasttemplate v1.2.1 h1:TVEnxayobAdVkhQfrfes2IzOB6o+z4roRkPF52WA1u4= diff --git a/component/event/go.mod b/component/event/go.mod index 98cea48a7..6664fb16f 100644 --- a/component/event/go.mod +++ b/component/event/go.mod @@ -136,4 +136,8 @@ require ( rsc.io/tmplfunc v0.0.3 // indirect ) +replace github.com/trustbloc/kms-go => github.com/Moopli/kms-go v0.0.0-20230928053158-b92b3a5e8b1e + +replace github.com/trustbloc/vc-go => github.com/Moopli/vc-go v0.0.0-20230928053443-3bcf0df63996 + replace github.com/trustbloc/vcs => ../../ diff --git a/component/event/go.sum b/component/event/go.sum index 61777156f..e290fc384 100644 --- a/component/event/go.sum +++ b/component/event/go.sum @@ -44,6 +44,10 @@ github.com/IBM/mathlib v0.0.3-0.20230605104224-932ab92f2ce0 h1:V3ElfC3Xs8bxJyc7V github.com/IBM/mathlib v0.0.3-0.20230605104224-932ab92f2ce0/go.mod h1:k0NBSWMYVgaZ2keDuI8DSwdIEhUNhp8XnlVmm6Xwyuk= github.com/Microsoft/go-winio v0.6.0 h1:slsWYD/zyx7lCXoZVlvQrj0hPTM1HI4+v1sIda2yDvg= github.com/Microsoft/go-winio v0.6.0/go.mod h1:cTAf44im0RAYeL23bpB+fzCyDH2MJiz2BO69KH/soAE= +github.com/Moopli/kms-go v0.0.0-20230928053158-b92b3a5e8b1e h1:fZz3QVC0MhylGwjUAt2g/18gpvLyp+gD1kdBlDUC6KI= +github.com/Moopli/kms-go v0.0.0-20230928053158-b92b3a5e8b1e/go.mod h1:7arOSG9GewtV1WiqYZ23dSZ6haamosSABwyG//cRaXQ= +github.com/Moopli/vc-go v0.0.0-20230928053443-3bcf0df63996 h1:WMAjakrYEl+87QJBF1kxAPsl/CjVO28xyPg24vZvLUg= +github.com/Moopli/vc-go v0.0.0-20230928053443-3bcf0df63996/go.mod h1:/PuAaqEkBj3csXcUGjve6Zgp4Heluoc1267owTjdURM= github.com/Nvveen/Gotty v0.0.0-20120604004816-cd527374f1e5 h1:TngWCqHvy9oXAN6lEVMRuU21PR1EtLVZJmdB18Gu3Rw= github.com/Nvveen/Gotty v0.0.0-20120604004816-cd527374f1e5/go.mod h1:lmUJ/7eu/Q8D7ML55dXQrVaamCz2vxCfdQBasLZfHKk= github.com/PaesslerAG/gval v1.0.0/go.mod h1:y/nm5yEyTeX6av0OfKJNp9rBNj2XrGhAf5+v24IBN1I= @@ -433,12 +437,8 @@ github.com/trustbloc/cmdutil-go v1.0.0 h1:QCe7wVEIASWmy9ZDD0l0tsQCEsX6fx+kBFX5Uq github.com/trustbloc/cmdutil-go v1.0.0/go.mod h1:o/v7C1z6d/5UrjaC6GAUc1hk0XVuE3M4tpyvsMMUw5k= github.com/trustbloc/did-go v1.0.2-0.20230922190208-b53738d979e9 h1:UA6QlD58VZnSd2EpFJCi9XctBY3naKouBOtjMss4ewc= github.com/trustbloc/did-go v1.0.2-0.20230922190208-b53738d979e9/go.mod h1:qqTm9zd5rGhHSOtC8jjadqM01Od9zcDbUiUYLv+M6ls= -github.com/trustbloc/kms-go v1.0.1-0.20230922134356-24e819a06a30 h1:nNmYk/CX3UrLe4a7qCaMjsc+IWcQdZlJGvY5D2gsewE= -github.com/trustbloc/kms-go v1.0.1-0.20230922134356-24e819a06a30/go.mod h1:7arOSG9GewtV1WiqYZ23dSZ6haamosSABwyG//cRaXQ= github.com/trustbloc/logutil-go v1.0.0 h1:KzNs9TRbnmn+M3oYw9UkrtOjNd3ZGO8aLgfYttMypcE= github.com/trustbloc/logutil-go v1.0.0/go.mod h1:JlxT0oZfNKgIlSNtgc001WEeDMxlnAvOM43gNm8DQVc= -github.com/trustbloc/vc-go v1.0.3-0.20230927100750-6e0ff8399468 h1:GizDlcTPMuOh8HHifl8qp+ohaGMhiIT7k4+NcI/CA/I= -github.com/trustbloc/vc-go v1.0.3-0.20230927100750-6e0ff8399468/go.mod h1:6I4D1Hlf5CpSXBbfOIf58ZPtheyT8ZdsorN2kef2ZxU= github.com/valyala/bytebufferpool v1.0.0 h1:GqA5TC/0021Y/b9FG4Oi9Mr3q7XYx6KllzawFIhcdPw= github.com/valyala/bytebufferpool v1.0.0/go.mod h1:6bBcMArwyJ5K/AmCkWv1jt77kVWyCJ6HpOuEn7z0Csc= github.com/valyala/fasttemplate v1.2.1 h1:TVEnxayobAdVkhQfrfes2IzOB6o+z4roRkPF52WA1u4= diff --git a/component/healthchecks/go.mod b/component/healthchecks/go.mod index f66c6ac5f..7c8728f68 100644 --- a/component/healthchecks/go.mod +++ b/component/healthchecks/go.mod @@ -44,4 +44,8 @@ require ( gopkg.in/yaml.v3 v3.0.1 // indirect ) +replace github.com/trustbloc/kms-go => github.com/Moopli/kms-go v0.0.0-20230928053158-b92b3a5e8b1e + +replace github.com/trustbloc/vc-go => github.com/Moopli/vc-go v0.0.0-20230928053443-3bcf0df63996 + replace github.com/trustbloc/vcs => ../../ diff --git a/component/oidc/fosite/go.mod b/component/oidc/fosite/go.mod index c97a554a3..f2af087c6 100644 --- a/component/oidc/fosite/go.mod +++ b/component/oidc/fosite/go.mod @@ -109,4 +109,8 @@ require ( gopkg.in/yaml.v3 v3.0.1 // indirect ) +replace github.com/trustbloc/kms-go => github.com/Moopli/kms-go v0.0.0-20230928053158-b92b3a5e8b1e + +replace github.com/trustbloc/vc-go => github.com/Moopli/vc-go v0.0.0-20230928053443-3bcf0df63996 + replace github.com/trustbloc/vcs => ../../../ diff --git a/component/profile/reader/file/go.mod b/component/profile/reader/file/go.mod index 3ae79e37f..0facd2ad3 100644 --- a/component/profile/reader/file/go.mod +++ b/component/profile/reader/file/go.mod @@ -45,20 +45,15 @@ require ( github.com/creasty/defaults v1.7.0 // indirect github.com/dave/jennifer v1.6.1 // indirect github.com/davecgh/go-spew v1.1.1 // indirect - github.com/deepmap/oapi-codegen v1.11.0 // indirect github.com/dgraph-io/ristretto v0.1.1 // indirect github.com/dustin/go-humanize v1.0.1 // indirect github.com/ecordell/optgen v0.0.9 // indirect github.com/evanphx/json-patch v4.11.0+incompatible // indirect github.com/fatih/structtag v1.2.0 // indirect github.com/fsnotify/fsnotify v1.6.0 // indirect - github.com/getkin/kin-openapi v0.94.0 // indirect - github.com/ghodss/yaml v1.0.1-0.20190212211648-25d852aebe32 // indirect github.com/go-jose/go-jose/v3 v3.0.1-0.20221117193127-916db76e8214 // indirect github.com/go-logr/logr v1.2.3 // indirect github.com/go-logr/stdr v1.2.2 // indirect - github.com/go-openapi/jsonpointer v0.19.5 // indirect - github.com/go-openapi/swag v0.22.3 // indirect github.com/golang/glog v1.1.1 // indirect github.com/golang/mock v1.6.0 // indirect github.com/golang/protobuf v1.5.3 // indirect @@ -71,7 +66,6 @@ require ( github.com/hashicorp/hcl v1.0.0 // indirect github.com/hyperledger/fabric-amcl v0.0.0-20230602173724-9e02669dceb2 // indirect github.com/inconshreveable/mousetrap v1.1.0 // indirect - github.com/josharian/intern v1.0.0 // indirect github.com/kawamuray/jsonpath v0.0.0-20201211160320-7483bafabd7e // indirect github.com/kilic/bls12-381 v0.1.1-0.20210503002446-7b7597926c69 // indirect github.com/klauspost/compress v1.15.9 // indirect @@ -79,7 +73,6 @@ require ( github.com/labstack/echo/v4 v4.9.0 // indirect github.com/labstack/gommon v0.3.1 // indirect github.com/magiconair/properties v1.8.7 // indirect - github.com/mailru/easyjson v0.7.7 // indirect github.com/mattn/go-colorable v0.1.13 // indirect github.com/mattn/go-isatty v0.0.16 // indirect github.com/mattn/goveralls v0.0.12 // indirect @@ -143,18 +136,19 @@ require ( golang.org/x/exp v0.0.0-20230817173708-d852ddb80c63 // indirect golang.org/x/mod v0.12.0 // indirect golang.org/x/net v0.14.0 // indirect - golang.org/x/oauth2 v0.7.0 // indirect golang.org/x/sync v0.3.0 // indirect golang.org/x/sys v0.11.0 // indirect golang.org/x/text v0.12.0 // indirect golang.org/x/tools v0.12.1-0.20230815132531-74c255bcf846 // indirect - google.golang.org/appengine v1.6.7 // indirect google.golang.org/protobuf v1.30.0 // indirect gopkg.in/ini.v1 v1.67.0 // indirect gopkg.in/square/go-jose.v2 v2.6.0 // indirect - gopkg.in/yaml.v2 v2.4.0 // indirect gopkg.in/yaml.v3 v3.0.1 // indirect rsc.io/tmplfunc v0.0.3 // indirect ) +replace github.com/trustbloc/kms-go => github.com/Moopli/kms-go v0.0.0-20230928053158-b92b3a5e8b1e + +replace github.com/trustbloc/vc-go => github.com/Moopli/vc-go v0.0.0-20230928053443-3bcf0df63996 + replace github.com/trustbloc/vcs => ../../../../ diff --git a/component/profile/reader/file/go.sum b/component/profile/reader/file/go.sum index ab4cf7407..530d1f779 100644 --- a/component/profile/reader/file/go.sum +++ b/component/profile/reader/file/go.sum @@ -44,6 +44,10 @@ github.com/IBM/mathlib v0.0.3-0.20230605104224-932ab92f2ce0 h1:V3ElfC3Xs8bxJyc7V github.com/IBM/mathlib v0.0.3-0.20230605104224-932ab92f2ce0/go.mod h1:k0NBSWMYVgaZ2keDuI8DSwdIEhUNhp8XnlVmm6Xwyuk= github.com/Microsoft/go-winio v0.6.0 h1:slsWYD/zyx7lCXoZVlvQrj0hPTM1HI4+v1sIda2yDvg= github.com/Microsoft/go-winio v0.6.0/go.mod h1:cTAf44im0RAYeL23bpB+fzCyDH2MJiz2BO69KH/soAE= +github.com/Moopli/kms-go v0.0.0-20230928053158-b92b3a5e8b1e h1:fZz3QVC0MhylGwjUAt2g/18gpvLyp+gD1kdBlDUC6KI= +github.com/Moopli/kms-go v0.0.0-20230928053158-b92b3a5e8b1e/go.mod h1:7arOSG9GewtV1WiqYZ23dSZ6haamosSABwyG//cRaXQ= +github.com/Moopli/vc-go v0.0.0-20230928053443-3bcf0df63996 h1:WMAjakrYEl+87QJBF1kxAPsl/CjVO28xyPg24vZvLUg= +github.com/Moopli/vc-go v0.0.0-20230928053443-3bcf0df63996/go.mod h1:/PuAaqEkBj3csXcUGjve6Zgp4Heluoc1267owTjdURM= github.com/Nvveen/Gotty v0.0.0-20120604004816-cd527374f1e5 h1:TngWCqHvy9oXAN6lEVMRuU21PR1EtLVZJmdB18Gu3Rw= github.com/Nvveen/Gotty v0.0.0-20120604004816-cd527374f1e5/go.mod h1:lmUJ/7eu/Q8D7ML55dXQrVaamCz2vxCfdQBasLZfHKk= github.com/PaesslerAG/gval v1.0.0/go.mod h1:y/nm5yEyTeX6av0OfKJNp9rBNj2XrGhAf5+v24IBN1I= @@ -130,23 +134,16 @@ github.com/consensys/gnark-crypto v0.9.1/go.mod h1:a2DQL4+5ywF6safEeZFEPGRiiGbjz github.com/containerd/continuity v0.3.0 h1:nisirsYROK15TAMVukJOUyGJjz4BNQJBVsNvAXZJ/eg= github.com/containerd/continuity v0.3.0/go.mod h1:wJEAIwKOm/pBZuBd0JmeTvnLquTB1Ag8espWhkykbPM= github.com/cpuguy83/go-md2man/v2 v2.0.2/go.mod h1:tgQtvFlXSQOSOSIRvRPT7W67SCa46tRHOmNcaadrF8o= -github.com/creack/pty v1.1.9/go.mod h1:oKZEueFk5CKHvIhNR5MUki03XCEU+Q6VDXinZuGJ33E= github.com/creasty/defaults v1.7.0 h1:eNdqZvc5B509z18lD8yc212CAqJNvfT1Jq6L8WowdBA= github.com/creasty/defaults v1.7.0/go.mod h1:iGzKe6pbEHnpMPtfDXZEr0NVxWnPTjb1bbDy08fPzYM= github.com/cristalhq/jwt/v4 v4.0.2 h1:g/AD3h0VicDamtlM70GWGElp8kssQEv+5wYd7L9WOhU= github.com/cristalhq/jwt/v4 v4.0.2/go.mod h1:HnYraSNKDRag1DZP92rYHyrjyQHnVEHPNqesmzs+miQ= -github.com/cyberdelia/templates v0.0.0-20141128023046-ca7fffd4298c/go.mod h1:GyV+0YP4qX0UQ7r2MoYZ+AvYDp12OF5yg4q8rGnyNh4= github.com/dave/jennifer v1.6.1 h1:T4T/67t6RAA5AIV6+NP8Uk/BIsXgDoqEowgycdQQLuk= github.com/dave/jennifer v1.6.1/go.mod h1:nXbxhEmQfOZhWml3D1cDK5M1FLnMSozpbFN/m3RmGZc= github.com/davecgh/go-spew v0.0.0-20171005155431-ecdeabc65495/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38= github.com/davecgh/go-spew v1.1.0/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38= github.com/davecgh/go-spew v1.1.1 h1:vj9j/u1bqnvCEfJOwUhtlOARqs3+rkHYY13jYWTU97c= github.com/davecgh/go-spew v1.1.1/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38= -github.com/decred/dcrd/crypto/blake256 v1.0.0/go.mod h1:sQl2p6Y26YV+ZOcSTP6thNdn47hh8kt6rqSlvmrXFAc= -github.com/decred/dcrd/dcrec/secp256k1/v4 v4.0.0-20210816181553-5444fa50b93d/go.mod h1:tmAIfUFEirG/Y8jhZ9M+h36obRZAk/1fcSpXwAVlfqE= -github.com/decred/dcrd/dcrec/secp256k1/v4 v4.0.1/go.mod h1:hyedUtir6IdtD/7lIxGeCxkaw7y45JueMRL4DIyJDKs= -github.com/deepmap/oapi-codegen v1.11.0 h1:f/X2NdIkaBKsSdpeuwLnY/vDI0AtPUrmB5LMgc7YD+A= -github.com/deepmap/oapi-codegen v1.11.0/go.mod h1:k+ujhoQGxmQYBZBbxhOZNZf4j08qv5mC+OH+fFTnKxM= github.com/dgraph-io/ristretto v0.1.1 h1:6CWw5tJNgpegArSHpNHJKldNeq03FQCwYvfMVWajOK8= github.com/dgraph-io/ristretto v0.1.1/go.mod h1:S1GPSBCYCIhmVNfcth17y2zZtQT6wzkzgwUve0VDWWA= github.com/dgryski/go-farm v0.0.0-20190423205320-6a90982ecee2 h1:tdlZCpZ/P9DhczCTSixgIKmwPv6+wP5DGjqLYw5SUiA= @@ -181,14 +178,6 @@ github.com/frankban/quicktest v1.14.4/go.mod h1:4ptaffx2x8+WTWXmUCuVU6aPUX1/Mz7z github.com/fsnotify/fsnotify v1.4.7/go.mod h1:jwhsz4b93w/PPRr/qN1Yymfu8t87LnFCMoQvtojpjFo= github.com/fsnotify/fsnotify v1.6.0 h1:n+5WquG0fcWoWp6xPWfHdbskMCQaFnG6PfBrh1Ky4HY= github.com/fsnotify/fsnotify v1.6.0/go.mod h1:sl3t1tCWJFWoRz9R8WJCbQihKKwmorjAbSClcnxKAGw= -github.com/getkin/kin-openapi v0.94.0 h1:bAxg2vxgnHHHoeefVdmGbR+oxtJlcv5HsJJa3qmAHuo= -github.com/getkin/kin-openapi v0.94.0/go.mod h1:LWZfzOd7PRy8GJ1dJ6mCU6tNdSfOwRac1BUPam4aw6Q= -github.com/ghodss/yaml v1.0.0/go.mod h1:4dBDuWmgqj2HViK6kFavaiC9ZROes6MMH2rRYeMEF04= -github.com/ghodss/yaml v1.0.1-0.20190212211648-25d852aebe32 h1:Mn26/9ZMNWSw9C9ERFA1PUxfmGpolnw2v0bKOREu5ew= -github.com/ghodss/yaml v1.0.1-0.20190212211648-25d852aebe32/go.mod h1:GIjDIg/heH5DOkXY3YJ/wNhfHsQHoXGjl8G8amsYQ1I= -github.com/gin-contrib/sse v0.1.0/go.mod h1:RHrZQHXnP2xjPF+u1gW/2HnVO7nvIa9PG3Gm+fLHvGI= -github.com/gin-gonic/gin v1.7.7/go.mod h1:axIBovoeJpVj8S3BwE0uPMTeReE4+AfFtqpqaZ1qq1U= -github.com/go-chi/chi/v5 v5.0.7/go.mod h1:DslCQbL2OYiznFReuXYUmQ2hGd1aDpCnlMNITLSKoi8= github.com/go-gl/glfw v0.0.0-20190409004039-e6da0acd62b1/go.mod h1:vR7hzQXu2zJy9AVAgeJqvqgH9Q5CA+iKCZ2gyEVpxRU= github.com/go-gl/glfw/v3.3/glfw v0.0.0-20191125211704-12ad95a8df72/go.mod h1:tQ2UAYgL5IevRw8kRxooKSPJfGvJ9fJQFa0TUsXzTg8= github.com/go-gl/glfw/v3.3/glfw v0.0.0-20200222043503-6f7a984d4dc4/go.mod h1:tQ2UAYgL5IevRw8kRxooKSPJfGvJ9fJQFa0TUsXzTg8= @@ -199,23 +188,8 @@ github.com/go-logr/logr v1.2.3 h1:2DntVwHkVopvECVRSlL5PSo9eG+cAkDCuckLubN+rq0= github.com/go-logr/logr v1.2.3/go.mod h1:jdQByPbusPIv2/zmleS9BjJVeZ6kBagPoEUsqbVz/1A= github.com/go-logr/stdr v1.2.2 h1:hSWxHoqTgW2S2qGc0LTAI563KZ5YKYRhT3MFKZMbjag= github.com/go-logr/stdr v1.2.2/go.mod h1:mMo/vtBO5dYbehREoey6XUKy/eSumjCCveDpRre4VKE= -github.com/go-openapi/jsonpointer v0.19.5 h1:gZr+CIYByUqjcgeLXnQu2gHYQC9o73G2XUeOFYEICuY= -github.com/go-openapi/jsonpointer v0.19.5/go.mod h1:Pl9vOtqEWErmShwVjC8pYs9cog34VGT37dQOVbmoatg= -github.com/go-openapi/swag v0.19.5/go.mod h1:POnQmlKehdgb5mhVOsnJFsivZCEZ/vjK9gh66Z9tfKk= -github.com/go-openapi/swag v0.21.1/go.mod h1:QYRuS/SOXUCsnplDa677K7+DxSOj6IPNl/eQntq43wQ= -github.com/go-openapi/swag v0.22.3 h1:yMBqmnQ0gyZvEb/+KzuWZOXgllrXT4SADYbvDaXHv/g= -github.com/go-openapi/swag v0.22.3/go.mod h1:UzaqsxGiab7freDnrUUra0MwWfN/q7tE4j+VcZ0yl14= -github.com/go-playground/assert/v2 v2.0.1/go.mod h1:VDjEfimB/XKnb+ZQfWdccd7VUvScMdVu0Titje2rxJ4= -github.com/go-playground/locales v0.13.0/go.mod h1:taPMhCMXrRLJO55olJkUXHZBHCxTMfnGwq/HNwmWNS8= -github.com/go-playground/locales v0.14.0/go.mod h1:sawfccIbzZTqEDETgFXqTho0QybSa7l++s0DH+LDiLs= -github.com/go-playground/universal-translator v0.17.0/go.mod h1:UkSxE5sNxxRwHyU+Scu5vgOQjsIJAF8j9muTVoKLVtA= -github.com/go-playground/universal-translator v0.18.0/go.mod h1:UvRDBj+xPUEGrFYl+lu/H90nyDXpg0fqeB/AQUGNTVA= -github.com/go-playground/validator/v10 v10.4.1/go.mod h1:nlOn6nFhuKACm19sB/8EGNn9GlaMV7XkbRSipzJ0Ii4= -github.com/go-playground/validator/v10 v10.11.0/go.mod h1:i+3WkQ1FvaUjjxh1kSvIA4dMGDBiPU55YFDl0WbKdWU= -github.com/goccy/go-json v0.9.7/go.mod h1:6MelG93GURQebXPDq3khkgXZkazVtN9CRI+MGFi0w8I= github.com/gogo/protobuf v1.3.2 h1:Ov1cvc58UF3b5XjBnZv7+opcTcQFZebYjWzi34vdm4Q= github.com/gogo/protobuf v1.3.2/go.mod h1:P1XiOD3dCwIKUDQYPy72D8LYyHL2YPYrpS2s69NZV8Q= -github.com/golang-jwt/jwt v3.2.2+incompatible/go.mod h1:8pz2t5EyA70fFQQSrl6XZXzqecmYZeUEB8OUGHkxJ+I= github.com/golang/glog v0.0.0-20160126235308-23def4e6c14b/go.mod h1:SBH7ygxi8pfUlaOkMMuAQtPIUF8ecWP5IEl/CR7VP2Q= github.com/golang/glog v1.1.1 h1:jxpi2eWoU84wbX9iIEyAeeoac3FLuifZpY9tcNUD9kw= github.com/golang/glog v1.1.1/go.mod h1:zR+okUeTbrL6EL3xHUDxZuEtGv04p5shwip1+mL/rLQ= @@ -246,13 +220,11 @@ github.com/golang/protobuf v1.4.1/go.mod h1:U8fpvMrcmy5pZrNK1lt4xCsGvpyWQ/VVv6QD github.com/golang/protobuf v1.4.2/go.mod h1:oDoupMAO8OvCJWAcko0GGGIgR6R6ocIYbsSw735rRwI= github.com/golang/protobuf v1.4.3/go.mod h1:oDoupMAO8OvCJWAcko0GGGIgR6R6ocIYbsSw735rRwI= github.com/golang/protobuf v1.5.0/go.mod h1:FsONVRAS9T7sI+LIUmWTfcYkHO4aIWwzhcaSAoJOfIk= -github.com/golang/protobuf v1.5.2/go.mod h1:XVQd3VNwM+JqD3oG2Ue2ip4fOMUkwXdXDdiuN0vRsmY= github.com/golang/protobuf v1.5.3 h1:KhyjKVUg7Usr/dYsdSqoFveMYd5ko72D+zANwlG1mmg= github.com/golang/protobuf v1.5.3/go.mod h1:XVQd3VNwM+JqD3oG2Ue2ip4fOMUkwXdXDdiuN0vRsmY= github.com/golang/snappy v0.0.1/go.mod h1:/XxbfmMg8lxefKM7IXC3fBNl/7bRcc72aCRzEWrmP2Q= github.com/golang/snappy v0.0.4 h1:yAGX7huGHXlcLOEtBnF4w7FQwA26wojNCwOYAEhLjQM= github.com/golang/snappy v0.0.4/go.mod h1:/XxbfmMg8lxefKM7IXC3fBNl/7bRcc72aCRzEWrmP2Q= -github.com/golangci/lint-1 v0.0.0-20181222135242-d2cdd8c08219/go.mod h1:/X8TswGSh1pIozq4ZwCfxS0WA5JGXguxk94ar/4c87Y= github.com/google/btree v0.0.0-20180813153112-4030bb1f1f0c/go.mod h1:lNA+9X1NB3Zf8V7Ke586lFgjr2dZNuvo3lPJSGZ5JPQ= github.com/google/btree v1.0.0/go.mod h1:lNA+9X1NB3Zf8V7Ke586lFgjr2dZNuvo3lPJSGZ5JPQ= github.com/google/go-cmp v0.2.0/go.mod h1:oXzfMopK8JAjlY9xF4vHSVASa0yLyX7SntLO5aqRK0M= @@ -268,7 +240,6 @@ github.com/google/go-cmp v0.5.5/go.mod h1:v8dTdLbMG2kIc/vJvl+f65V22dbkXbowE6jgT/ github.com/google/go-cmp v0.5.8/go.mod h1:17dUlkBOakJ0+DkrSSNjCkIjxS6bF9zb3elmeNGIjoY= github.com/google/go-cmp v0.5.9 h1:O2Tfq5qg4qc4AmwVlvv0oLiVAGB7enBSJ2x2DqQFi38= github.com/google/go-cmp v0.5.9/go.mod h1:17dUlkBOakJ0+DkrSSNjCkIjxS6bF9zb3elmeNGIjoY= -github.com/google/gofuzz v1.0.0/go.mod h1:dBl0BpW6vV/+mYPU4Po3pmUjxk6FQPldtuIdl/M65Eg= github.com/google/martian v2.1.0+incompatible/go.mod h1:9I4somxYTbIHy5NJKHRl3wXiIaQGbYVAs8BPL6v8lEs= github.com/google/martian/v3 v3.0.0/go.mod h1:y5Zk1BBys9G+gd6Jrk0W3cC1+ELVxBWuIGO+w/tUAp0= github.com/google/martian/v3 v3.1.0/go.mod h1:y5Zk1BBys9G+gd6Jrk0W3cC1+ELVxBWuIGO+w/tUAp0= @@ -295,7 +266,6 @@ github.com/google/uuid v1.3.0/go.mod h1:TIyPZe4MgqvfeYDBFedMoGGpEw/LqOeaOT+nhxU+ github.com/googleapis/gax-go/v2 v2.0.4/go.mod h1:0Wqv26UfaUD9n4G6kQubkQ+KchISgw+vpHVxEJEs9eg= github.com/googleapis/gax-go/v2 v2.0.5/go.mod h1:DWXyrwAJ9X0FpwwEdw+IPEYBICEFu5mhpdKc/us6bOk= github.com/googleapis/google-cloud-go-testing v0.0.0-20200911160855-bcd43fbb19e8/go.mod h1:dvDLG8qkwmyD9a/MJJN3XJcT3xFxOKAvTZGvuZmac9g= -github.com/gorilla/mux v1.8.0/go.mod h1:DVbg23sWSpFRCP0SfiEN6jmj59UnW/n46BH5rLB71So= github.com/gorilla/websocket v1.5.0 h1:PPwGk2jz7EePpoHN/+ClbZu8SPxiqlu12wZP/3sWmnc= github.com/gorilla/websocket v1.5.0/go.mod h1:YR8l580nyteQvAITg2hZ9XVh4b55+EU/adAjf1fMHhE= github.com/hashicorp/go-cleanhttp v0.5.2 h1:035FKYIWjmULyFRBKPs8TBQoi0x6d9G4xc9neXJWAZQ= @@ -321,15 +291,9 @@ github.com/imdario/mergo v0.3.13/go.mod h1:4lJ1jqUDcsbIECGy0RUJAXNIhg+6ocWgb1ALK github.com/inconshreveable/mousetrap v1.1.0 h1:wN+x4NVGpMsO7ErUn/mUI3vEoE6Jt13X2s0bqwp9tc8= github.com/inconshreveable/mousetrap v1.1.0/go.mod h1:vpF70FUmC8bwa3OWnCshd2FqLfsEA9PFc4w1p2J65bw= github.com/jessevdk/go-flags v0.0.0-20141203071132-1679536dcc89/go.mod h1:4FA24M0QyGHXBuZZK/XkWh8h0e1EYbRYJSGM75WSRxI= -github.com/jinzhu/copier v0.3.5 h1:GlvfUwHk62RokgqVNvYsku0TATCF7bAHVwEXoBh3iJg= -github.com/jinzhu/copier v0.3.5/go.mod h1:DfbEm0FYsaqBcKcFuvmOZb218JkPGtvSHsKg8S8hyyg= github.com/jmespath/go-jmespath v0.4.0/go.mod h1:T8mJZnbsbmF+m6zOOFylbeCJqk5+pHWvzYPziyZiYoo= github.com/jmespath/go-jmespath/internal/testify v1.5.1/go.mod h1:L3OGu8Wl2/fWfCI6z80xFu9LTZmf1ZRjMHUOPmWr69U= -github.com/josharian/intern v1.0.0 h1:vlS4z54oSdjm0bgjRigI+G1HpF+tI+9rE5LLzOg8HmY= -github.com/josharian/intern v1.0.0/go.mod h1:5DoeVV0s6jJacbCEi61lwdGj/aVlrQvzHFFd8Hwg//Y= github.com/jrick/logrotate v1.0.0/go.mod h1:LNinyqDIJnpAur+b8yyulnQw/wDuN1+BYKlTRt3OuAQ= -github.com/json-iterator/go v1.1.9/go.mod h1:KdQUCv79m/52Kvf8AW2vK1V8akMuk1QjK/uOdHXbAo4= -github.com/json-iterator/go v1.1.12/go.mod h1:e30LSqwooZae/UwlEbR2852Gd8hjQvJoHmT4TnhNGBo= github.com/jstemmer/go-junit-report v0.0.0-20190106144839-af01ea7f8024/go.mod h1:6v2b51hI/fHJwM22ozAgKL4VKDeJcHhJFhtBdhmNjmU= github.com/jstemmer/go-junit-report v0.9.1/go.mod h1:Brl9GWCQeLvo8nXZwPNNblvFj/XSXhF0NWZEnDohbsk= github.com/kawamuray/jsonpath v0.0.0-20201211160320-7483bafabd7e h1:Eh/0JuXDdcBHc39j4tFXKTy/AKiK7IQkGJXQxyryXiU= @@ -345,44 +309,23 @@ github.com/klauspost/cpuid/v2 v2.0.4 h1:g0I61F2K2DjRHz1cnxlkNSBIaePVoJIjjnHui8QH github.com/klauspost/cpuid/v2 v2.0.4/go.mod h1:FInQzS24/EEf25PyTYn52gqo7WaD8xa0213Md/qVLRg= github.com/kr/fs v0.1.0/go.mod h1:FFnZGqtBN9Gxj7eW1uZ42v5BccTP0vu6NEaFoC2HwRg= github.com/kr/pretty v0.1.0/go.mod h1:dAy3ld7l9f0ibDNOQOHHMYYIIbhfbHSm3C4ZsoJORNo= -github.com/kr/pretty v0.2.1/go.mod h1:ipq/a2n7PKx3OHsz4KJII5eveXtPO4qwEXGdVfWzfnI= -github.com/kr/pretty v0.3.0/go.mod h1:640gp4NfQd8pI5XOwp5fnNeVWj67G7CFk/SaSQn7NBk= github.com/kr/pretty v0.3.1 h1:flRD4NNwYAUpkphVc1HcthR4KEIFJ65n8Mw5qdRn3LE= github.com/kr/pretty v0.3.1/go.mod h1:hoEshYVHaxMs3cyo3Yncou5ZscifuDolrwPKZanG3xk= github.com/kr/pty v1.1.1/go.mod h1:pFQYn66WHrOpPYNljwOMqo10TkYh1fy3cYio2l3bCsQ= github.com/kr/text v0.1.0/go.mod h1:4Jbv+DJW3UT/LiOwJeYQe1efqtUx/iVham/4vfdArNI= github.com/kr/text v0.2.0 h1:5Nx0Ya0ZqY2ygV366QzturHI13Jq95ApcVaJBhpS+AY= github.com/kr/text v0.2.0/go.mod h1:eLer722TekiGuMkidMxC/pM04lWEeraHUUmBw8l2grE= -github.com/labstack/echo/v4 v4.7.2/go.mod h1:xkCDAdFCIf8jsFQ5NnbK7oqaF/yU1A1X20Ltm0OvSks= github.com/labstack/echo/v4 v4.9.0 h1:wPOF1CE6gvt/kmbMR4dGzWvHMPT+sAEUJOwOTtvITVY= github.com/labstack/echo/v4 v4.9.0/go.mod h1:xkCDAdFCIf8jsFQ5NnbK7oqaF/yU1A1X20Ltm0OvSks= github.com/labstack/gommon v0.3.1 h1:OomWaJXm7xR6L1HmEtGyQf26TEn7V6X88mktX9kee9o= github.com/labstack/gommon v0.3.1/go.mod h1:uW6kP17uPlLJsD3ijUYn3/M5bAxtlZhMI6m3MFxTMTM= github.com/leanovate/gopter v0.2.9 h1:fQjYxZaynp97ozCzfOyOuAGOU4aU/z37zf/tOujFk7c= github.com/leanovate/gopter v0.2.9/go.mod h1:U2L/78B+KVFIx2VmW6onHJQzXtFb+p5y3y2Sh+Jxxv8= -github.com/leodido/go-urn v1.2.0/go.mod h1:+8+nEpDfqqsY+g338gtMEUOtuK+4dEMhiQEgxpxOKII= -github.com/leodido/go-urn v1.2.1/go.mod h1:zt4jvISO2HfUBqxjfIshjdMTYS56ZS/qv49ictyFfxY= -github.com/lestrrat-go/backoff/v2 v2.0.8/go.mod h1:rHP/q/r9aT27n24JQLa7JhSQZCKBBOiM/uP402WwN8Y= -github.com/lestrrat-go/blackmagic v1.0.0/go.mod h1:TNgH//0vYSs8VXDCfkZLgIrVTTXQELZffUV0tz3MtdQ= -github.com/lestrrat-go/blackmagic v1.0.1/go.mod h1:UrEqBzIR2U6CnzVyUtfM6oZNMt/7O7Vohk2J0OGSAtU= -github.com/lestrrat-go/httpcc v1.0.1/go.mod h1:qiltp3Mt56+55GPVCbTdM9MlqhvzyuL6W/NMDA8vA5E= -github.com/lestrrat-go/iter v1.0.1/go.mod h1:zIdgO1mRKhn8l9vrZJZz9TUMMFbQbLeTsbqPDrJ/OJc= -github.com/lestrrat-go/iter v1.0.2/go.mod h1:Momfcq3AnRlRjI5b5O8/G5/BvpzrhoFTZcn06fEOPt4= -github.com/lestrrat-go/jwx v1.2.24/go.mod h1:zoNuZymNl5lgdcu6P7K6ie2QRll5HVfF4xwxBBK1NxY= -github.com/lestrrat-go/option v1.0.0/go.mod h1:5ZHFbivi4xwXxhxY9XHDe2FHo6/Z7WWmtT7T5nBBp3I= github.com/magiconair/properties v1.8.7 h1:IeQXZAiQcpL9mgcAe1Nu6cX9LLw6ExEHKjN0VQdvPDY= github.com/magiconair/properties v1.8.7/go.mod h1:Dhd985XPs7jluiymwWYZ0G4Z61jb3vdS329zhj2hYo0= -github.com/mailru/easyjson v0.0.0-20190614124828-94de47d64c63/go.mod h1:C1wdFJiN94OJF2b5HbByQZoLdCWB1Yqtg26g4irojpc= -github.com/mailru/easyjson v0.0.0-20190626092158-b2ccc519800e/go.mod h1:C1wdFJiN94OJF2b5HbByQZoLdCWB1Yqtg26g4irojpc= -github.com/mailru/easyjson v0.7.6/go.mod h1:xzfreul335JAWq5oZzymOObrkdz5UnU4kGfJJLY9Nlc= -github.com/mailru/easyjson v0.7.7 h1:UGYAvKxe3sBsEDzO8ZeWOSlIQfWFlxbzLZe7hwFURr0= -github.com/mailru/easyjson v0.7.7/go.mod h1:xzfreul335JAWq5oZzymOObrkdz5UnU4kGfJJLY9Nlc= -github.com/matryer/moq v0.2.7/go.mod h1:kITsx543GOENm48TUAQyJ9+SAvFSr7iGQXPoth/VUBk= github.com/mattn/go-colorable v0.1.11/go.mod h1:u5H1YNBxpqRaxsYJYSkiCWKzEfiAb1Gb520KVy5xxl4= -github.com/mattn/go-colorable v0.1.12/go.mod h1:u5H1YNBxpqRaxsYJYSkiCWKzEfiAb1Gb520KVy5xxl4= github.com/mattn/go-colorable v0.1.13 h1:fFA4WZxdEF4tXPZVKMLwD8oUnCTTo08duU7wxecdEvA= github.com/mattn/go-colorable v0.1.13/go.mod h1:7S9/ev0klgBDR4GtXTXX8a3vIGJpMovkB8vQcUbaXHg= -github.com/mattn/go-isatty v0.0.12/go.mod h1:cbi8OIDigv2wuxKPP5vlRcQ1OAZbq2CE4Kysco4FUpU= github.com/mattn/go-isatty v0.0.14/go.mod h1:7GGIvUiUoEMVVmxf/4nioHXj79iQHKdU27kJ6hsGG94= github.com/mattn/go-isatty v0.0.16 h1:bq3VjFmv/sOjHtdEhmkEV4x1AJtvUvOJ2PFAZ5+peKQ= github.com/mattn/go-isatty v0.0.16/go.mod h1:kYGgaQfpe5nmfYZH+SKPsOc2e4SrIfOl2e/yFXSvRLM= @@ -400,10 +343,6 @@ github.com/mmcloughlin/addchain v0.4.0/go.mod h1:A86O+tHqZLMNO4w6ZZ4FlVQEadcoqky github.com/mmcloughlin/profile v0.1.1/go.mod h1:IhHD7q1ooxgwTgjxQYkACGA77oFTDdFVejUS1/tS/qU= github.com/moby/term v0.0.0-20220808134915-39b0c02b01ae h1:O4SWKdcHVCvYqyDV+9CJA1fcDN2L11Bule0iFy3YlAI= github.com/moby/term v0.0.0-20220808134915-39b0c02b01ae/go.mod h1:E2VnQOmVuvZB6UYnnDB0qG5Nq/1tD9acaOpo6xmt0Kw= -github.com/modern-go/concurrent v0.0.0-20180228061459-e0a39a4cb421/go.mod h1:6dJC0mAP4ikYIbvyc7fijjWJddQyLn8Ig3JB5CqoB9Q= -github.com/modern-go/concurrent v0.0.0-20180306012644-bacd9c7ef1dd/go.mod h1:6dJC0mAP4ikYIbvyc7fijjWJddQyLn8Ig3JB5CqoB9Q= -github.com/modern-go/reflect2 v0.0.0-20180701023420-4b7aa43c6742/go.mod h1:bx2lNnkwVCuqBIxFjflWJWanXIb3RllmbCylyMrvgv0= -github.com/modern-go/reflect2 v1.0.2/go.mod h1:yWuevngMOJpCy52FWWMvUC8ws7m/LJsjYzDa0/r8luk= github.com/mohae/deepcopy v0.0.0-20170929034955-c48cc78d4826 h1:RWengNIwukTxcDr9M+97sNutRR1RKhG96O6jWumTTnw= github.com/mohae/deepcopy v0.0.0-20170929034955-c48cc78d4826/go.mod h1:TaXosZuwdSHYgviHp1DAtfrULt5eUgsSMsZf+YrPgl8= github.com/montanaflynn/stats v0.0.0-20171201202039-1bf9dbcd8cbe/go.mod h1:wL8QJuTMNUDYhXwkmfOly8iTdp5TEcJFWZD2D7SIkUc= @@ -423,7 +362,6 @@ github.com/multiformats/go-multihash v0.0.14/go.mod h1:VdAWLKTwram9oKAatUcLxBNUj github.com/multiformats/go-varint v0.0.5/go.mod h1:3Ls8CIEsrijN6+B7PbrXRPxHRPuXSrVKRY101jdMZYE= github.com/multiformats/go-varint v0.0.6 h1:gk85QWKxh3TazbLxED/NlDVv8+q+ReFJk7Y2W/KhfNY= github.com/multiformats/go-varint v0.0.6/go.mod h1:3Ls8CIEsrijN6+B7PbrXRPxHRPuXSrVKRY101jdMZYE= -github.com/niemeyer/pretty v0.0.0-20200227124842-a10e7caefd8e/go.mod h1:zD1mROLANZcx1PVRCS0qkT7pwLkGfwJo4zjcN/Tysno= github.com/oleiade/reflections v1.0.1 h1:D1XO3LVEYroYskEsoSiGItp9RUxG6jWnCVvrqH0HHQM= github.com/oleiade/reflections v1.0.1/go.mod h1:rdFxbxq4QXVZWj0F+e9jqjDkc7dbp97vkRixKo2JR60= github.com/onsi/ginkgo v1.6.0/go.mod h1:lLunBs/Ym6LB5Z9jYTR76FiuTmxDTDusOGeTQH+WWjE= @@ -451,7 +389,6 @@ github.com/pelletier/go-toml/v2 v2.0.9 h1:uH2qQXheeefCCkuBBSLi7jCiSmj3VRh2+Goq2N github.com/pelletier/go-toml/v2 v2.0.9/go.mod h1:tJU2Z3ZkXwnxa4DPO899bsyIoywizdUvyaeZurnPPDc= github.com/piprate/json-gold v0.5.1-0.20230111113000-6ddbe6e6f19f h1:HlPa7RcxTCrva5izPfTEfvYecO7LTahgmMRD1Qp13xg= github.com/piprate/json-gold v0.5.1-0.20230111113000-6ddbe6e6f19f/go.mod h1:WZ501QQMbZZ+3pXFPhQKzNwS1+jls0oqov3uQ2WasLs= -github.com/pkg/diff v0.0.0-20210226163009-20ebb0f2a09e/go.mod h1:pJLUxLENpZxwdsKMEsNbx1VGcRFpLqf3715MtcvvzbA= github.com/pkg/errors v0.9.1 h1:FEBLx1zS214owpjy7qsBeixbURkuhQAwrK5UwLGTwt4= github.com/pkg/errors v0.9.1/go.mod h1:bwawxfHBFNV+L2hUp1rHADufV3IMtnDRdf1r5NINEl0= github.com/pkg/sftp v1.13.1/go.mod h1:3HaPG6Dq1ILlpPZRO0HVMrsydcdLt6HRDccSgb87qRg= @@ -461,8 +398,6 @@ github.com/pquerna/cachecontrol v0.1.0 h1:yJMy84ti9h/+OEWa752kBTKv4XC30OtVVHYv/8 github.com/pquerna/cachecontrol v0.1.0/go.mod h1:NrUG3Z7Rdu85UNR3vm7SOsl1nFIeSiQnrHV5K9mBcUI= github.com/prometheus/client_model v0.0.0-20190812154241-14fe0d1b01d4/go.mod h1:xMI15A0UPsDsEKsMN9yxemIoYk6Tm2C1GtYGdfGttqA= github.com/rogpeppe/go-internal v1.3.0/go.mod h1:M8bDsm7K2OlrFYOpmOWEs/qY81heoFRclV5y23lUDJ4= -github.com/rogpeppe/go-internal v1.6.1/go.mod h1:xXDCJY+GAPziupqXw64V24skbSoqbTEfhy4qGm1nDQc= -github.com/rogpeppe/go-internal v1.8.0/go.mod h1:WmiCO8CzOY8rg0OYDC4/i/2WRWAB6poM+XZ2dLUbcbE= github.com/rogpeppe/go-internal v1.9.0 h1:73kH8U+JUqXU8lRuOHeVHaa/SZPifC7BkcraZVejAe8= github.com/rogpeppe/go-internal v1.9.0/go.mod h1:WtVeX8xhTBvf0smdhujwtBcq4Qrzq/fJaraNFVN+nFs= github.com/russross/blackfriday/v2 v2.1.0/go.mod h1:+Rmxgy9KzJVeS9/2gXHxylqXiyQDYRxCVz55jmeOWTM= @@ -522,18 +457,10 @@ github.com/trustbloc/cmdutil-go v1.0.0 h1:QCe7wVEIASWmy9ZDD0l0tsQCEsX6fx+kBFX5Uq github.com/trustbloc/cmdutil-go v1.0.0/go.mod h1:o/v7C1z6d/5UrjaC6GAUc1hk0XVuE3M4tpyvsMMUw5k= github.com/trustbloc/did-go v1.0.2-0.20230922190208-b53738d979e9 h1:UA6QlD58VZnSd2EpFJCi9XctBY3naKouBOtjMss4ewc= github.com/trustbloc/did-go v1.0.2-0.20230922190208-b53738d979e9/go.mod h1:qqTm9zd5rGhHSOtC8jjadqM01Od9zcDbUiUYLv+M6ls= -github.com/trustbloc/kms-go v1.0.1-0.20230922134356-24e819a06a30 h1:nNmYk/CX3UrLe4a7qCaMjsc+IWcQdZlJGvY5D2gsewE= -github.com/trustbloc/kms-go v1.0.1-0.20230922134356-24e819a06a30/go.mod h1:7arOSG9GewtV1WiqYZ23dSZ6haamosSABwyG//cRaXQ= github.com/trustbloc/logutil-go v1.0.0 h1:KzNs9TRbnmn+M3oYw9UkrtOjNd3ZGO8aLgfYttMypcE= github.com/trustbloc/logutil-go v1.0.0/go.mod h1:JlxT0oZfNKgIlSNtgc001WEeDMxlnAvOM43gNm8DQVc= github.com/trustbloc/sidetree-core-go v1.0.0 h1:kzfKZOJ0sgDy9D1AYNcoR3JHutqtMtKvF2P9UwUcDjU= github.com/trustbloc/sidetree-core-go v1.0.0/go.mod h1:jdxAFuorlIwFOGVW6O455/lZqxg2mZkRHNTEolcZdDI= -github.com/trustbloc/vc-go v1.0.3-0.20230927100750-6e0ff8399468 h1:GizDlcTPMuOh8HHifl8qp+ohaGMhiIT7k4+NcI/CA/I= -github.com/trustbloc/vc-go v1.0.3-0.20230927100750-6e0ff8399468/go.mod h1:6I4D1Hlf5CpSXBbfOIf58ZPtheyT8ZdsorN2kef2ZxU= -github.com/ugorji/go v1.1.7/go.mod h1:kZn38zHttfInRq0xu/PH0az30d+z6vm202qpg1oXVMw= -github.com/ugorji/go v1.2.7/go.mod h1:nF9osbDWLy6bDVv/Rtoh6QgnvNDpmCalQV5urGCCS6M= -github.com/ugorji/go/codec v1.1.7/go.mod h1:Ax+UKWsSmolVDwsd+7N3ZtXu+yMGCf907BLYF3GoBXY= -github.com/ugorji/go/codec v1.2.7/go.mod h1:WGN1fab3R1fzQlVQTkfxVtIBhWDRqOviHU95kRgeqEY= github.com/valyala/bytebufferpool v1.0.0 h1:GqA5TC/0021Y/b9FG4Oi9Mr3q7XYx6KllzawFIhcdPw= github.com/valyala/bytebufferpool v1.0.0/go.mod h1:6bBcMArwyJ5K/AmCkWv1jt77kVWyCJ6HpOuEn7z0Csc= github.com/valyala/fasttemplate v1.2.1 h1:TVEnxayobAdVkhQfrfes2IzOB6o+z4roRkPF52WA1u4= @@ -559,7 +486,6 @@ github.com/yuin/goldmark v1.1.27/go.mod h1:3hX8gzYuyVAZsxl0MRgGTJEmQBFcNTphYh9de github.com/yuin/goldmark v1.1.32/go.mod h1:3hX8gzYuyVAZsxl0MRgGTJEmQBFcNTphYh9decYSb74= github.com/yuin/goldmark v1.2.1/go.mod h1:3hX8gzYuyVAZsxl0MRgGTJEmQBFcNTphYh9decYSb74= github.com/yuin/goldmark v1.3.5/go.mod h1:mwnBkeHKe2W/ZEtQ+71ViKU8L12m81fl3OWwC1Zlc8k= -github.com/yuin/goldmark v1.4.1/go.mod h1:mwnBkeHKe2W/ZEtQ+71ViKU8L12m81fl3OWwC1Zlc8k= github.com/yuin/goldmark v1.4.13/go.mod h1:6yULJ656Px+3vBD8DxQVa3kxgyrAnzto9xy5taEt/CY= go.mongodb.org/mongo-driver v1.11.4 h1:4ayjakA013OdpGyL2K3ZqylTac/rMjrJOMZ1EHizXas= go.mongodb.org/mongo-driver v1.11.4/go.mod h1:PTSz5yu21bkT/wXpkS7WR5f0ddqw5quethTUn9WM+2g= @@ -597,11 +523,7 @@ golang.org/x/crypto v0.0.0-20200115085410-6d4e4cb37c7d/go.mod h1:LzIPMQfyMNhhGPh golang.org/x/crypto v0.0.0-20200302210943-78000ba7a073/go.mod h1:LzIPMQfyMNhhGPhUkYOs5KpL4U8rLKemX1yGLhDgUto= golang.org/x/crypto v0.0.0-20200622213623-75b288015ac9/go.mod h1:LzIPMQfyMNhhGPhUkYOs5KpL4U8rLKemX1yGLhDgUto= golang.org/x/crypto v0.0.0-20210421170649-83a5a9bb288b/go.mod h1:T9bdIzuCu7OtxOm1hfPfRQxPLYneinmdGuTeoZ9dtd4= -golang.org/x/crypto v0.0.0-20210817164053-32db794688a5/go.mod h1:GvvjBRRGRdwPK5ydBHafDWAxML/pGHZbMvKqRZ5+Abc= golang.org/x/crypto v0.0.0-20210921155107-089bfa567519/go.mod h1:GvvjBRRGRdwPK5ydBHafDWAxML/pGHZbMvKqRZ5+Abc= -golang.org/x/crypto v0.0.0-20211215153901-e495a2d5b3d3/go.mod h1:IxCIyHEi3zRg3s0A5j5BB6A9Jmi73HwBIUl50j+osU4= -golang.org/x/crypto v0.0.0-20220427172511-eb4f295cb31f/go.mod h1:IxCIyHEi3zRg3s0A5j5BB6A9Jmi73HwBIUl50j+osU4= -golang.org/x/crypto v0.0.0-20220513210258-46612604a0f9/go.mod h1:IxCIyHEi3zRg3s0A5j5BB6A9Jmi73HwBIUl50j+osU4= golang.org/x/crypto v0.0.0-20220622213112-05595931fe9d/go.mod h1:IxCIyHEi3zRg3s0A5j5BB6A9Jmi73HwBIUl50j+osU4= golang.org/x/crypto v0.0.0-20220722155217-630584e8d5aa/go.mod h1:IxCIyHEi3zRg3s0A5j5BB6A9Jmi73HwBIUl50j+osU4= golang.org/x/crypto v0.12.0 h1:tFM/ta59kqch6LlvYnPa0yx5a83cL2nHflFhYKvv9Yk= @@ -642,7 +564,6 @@ golang.org/x/mod v0.3.0/go.mod h1:s0Qsj1ACt9ePp/hMypM3fl4fZqREWJwdYDEqhRiZZUA= golang.org/x/mod v0.4.0/go.mod h1:s0Qsj1ACt9ePp/hMypM3fl4fZqREWJwdYDEqhRiZZUA= golang.org/x/mod v0.4.1/go.mod h1:s0Qsj1ACt9ePp/hMypM3fl4fZqREWJwdYDEqhRiZZUA= golang.org/x/mod v0.4.2/go.mod h1:s0Qsj1ACt9ePp/hMypM3fl4fZqREWJwdYDEqhRiZZUA= -golang.org/x/mod v0.6.0-dev.0.20220106191415-9b9b3d81d5e3/go.mod h1:3p9vT2HGsQu2K1YbXdKPJLVgG5VJdoTa1poYQBtP1AY= golang.org/x/mod v0.6.0-dev.0.20220419223038-86c51ed26bb4/go.mod h1:jJ57K6gSWd91VN4djpZkiMVwK6gcyfeH4XE8wZrZaV4= golang.org/x/mod v0.8.0/go.mod h1:iBbtSCu2XBx23ZKBPSOrRkjjQPZFPuis4dIYUhu/chs= golang.org/x/mod v0.10.0/go.mod h1:iBbtSCu2XBx23ZKBPSOrRkjjQPZFPuis4dIYUhu/chs= @@ -681,9 +602,7 @@ golang.org/x/net v0.0.0-20201209123823-ac852fbbde11/go.mod h1:m0MpNAwzfU5UDzcl9v golang.org/x/net v0.0.0-20201224014010-6772e930b67b/go.mod h1:m0MpNAwzfU5UDzcl9v0D8zg8gWTRqZa9RBIspLL5mdg= golang.org/x/net v0.0.0-20210226172049-e18ecbb05110/go.mod h1:m0MpNAwzfU5UDzcl9v0D8zg8gWTRqZa9RBIspLL5mdg= golang.org/x/net v0.0.0-20210405180319-a5a99cb37ef4/go.mod h1:p54w0d4576C0XHj96bSt6lcn1PtDYWL6XObtHCRCNQM= -golang.org/x/net v0.0.0-20211015210444-4f30a5c0130f/go.mod h1:9nx3DQGgdP8bBQD5qxJ1jj9UTztislL4KSBs9R2vV5Y= golang.org/x/net v0.0.0-20211112202133-69e39bad7dc2/go.mod h1:9nx3DQGgdP8bBQD5qxJ1jj9UTztislL4KSBs9R2vV5Y= -golang.org/x/net v0.0.0-20220513224357-95641704303c/go.mod h1:CfG3xpIq0wQ8r1q4Su4UZFWDARRcnwPjda9FqA0JpMk= golang.org/x/net v0.0.0-20220722155237-a158d28d115b/go.mod h1:XRhObCWvk6IyKnWLug+ECip1KBveYUHfp+8e9klMJ9c= golang.org/x/net v0.6.0/go.mod h1:2Tu9+aMcznHK/AK1HMvgo6xiTLG5rD5rZLDS+rp2Bjs= golang.org/x/net v0.9.0/go.mod h1:d48xBJpPfHeWQsugry2m+kC02ZBRGRgulfHnEXEuWns= @@ -729,7 +648,6 @@ golang.org/x/sys v0.0.0-20191001151750-bb3f8db39f24/go.mod h1:h1NjWce9XRLGQEsW7w golang.org/x/sys v0.0.0-20191204072324-ce4227a45e2e/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= golang.org/x/sys v0.0.0-20191228213918-04cbcbbfeed8/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= golang.org/x/sys v0.0.0-20200113162924-86b910548bc1/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= -golang.org/x/sys v0.0.0-20200116001909-b77594299b42/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= golang.org/x/sys v0.0.0-20200122134326-e047566fdf82/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= golang.org/x/sys v0.0.0-20200202164722-d101bd2416d5/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= golang.org/x/sys v0.0.0-20200212091648-12a6c2dcc1e4/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= @@ -756,12 +674,8 @@ golang.org/x/sys v0.0.0-20210423185535-09eb48e85fd7/go.mod h1:h1NjWce9XRLGQEsW7w golang.org/x/sys v0.0.0-20210510120138-977fb7262007/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= golang.org/x/sys v0.0.0-20210615035016-665e8c7367d1/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= golang.org/x/sys v0.0.0-20210630005230-0f9fa26af87c/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= -golang.org/x/sys v0.0.0-20210806184541-e5e7981a1069/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= golang.org/x/sys v0.0.0-20210927094055-39ccf1dd6fa6/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= -golang.org/x/sys v0.0.0-20211019181941-9d821ace8654/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= golang.org/x/sys v0.0.0-20211103235746-7861aae1554b/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= -golang.org/x/sys v0.0.0-20211216021012-1d35b9e2eb4e/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= -golang.org/x/sys v0.0.0-20220513210249-45d2b4557a2a/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= golang.org/x/sys v0.0.0-20220520151302-bc2c85ada10a/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= golang.org/x/sys v0.0.0-20220722155257-8c9f86f7a55f/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= golang.org/x/sys v0.0.0-20220811171246-fbc7d0a398ab/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= @@ -790,8 +704,6 @@ golang.org/x/text v0.12.0/go.mod h1:TvPlkZtksWOMsz7fbANvkp4WM8x/WCo/om8BMLbz+aE= golang.org/x/time v0.0.0-20181108054448-85acf8d2951c/go.mod h1:tRJNPiyCQ0inRvYxbN9jk5I+vvW/OXSQhTDSoE431IQ= golang.org/x/time v0.0.0-20190308202827-9d24e82272b4/go.mod h1:tRJNPiyCQ0inRvYxbN9jk5I+vvW/OXSQhTDSoE431IQ= golang.org/x/time v0.0.0-20191024005414-555d28b269f0/go.mod h1:tRJNPiyCQ0inRvYxbN9jk5I+vvW/OXSQhTDSoE431IQ= -golang.org/x/time v0.0.0-20201208040808-7e3f01d25324/go.mod h1:tRJNPiyCQ0inRvYxbN9jk5I+vvW/OXSQhTDSoE431IQ= -golang.org/x/time v0.0.0-20220411224347-583f2d630306/go.mod h1:tRJNPiyCQ0inRvYxbN9jk5I+vvW/OXSQhTDSoE431IQ= golang.org/x/tools v0.0.0-20180917221912-90fa682c2a6e/go.mod h1:n7NCudcB/nEzxVGmLbDWY5pfWTLqBcC2KZ6jyYvM4mQ= golang.org/x/tools v0.0.0-20190114222345-bf090417da8b/go.mod h1:n7NCudcB/nEzxVGmLbDWY5pfWTLqBcC2KZ6jyYvM4mQ= golang.org/x/tools v0.0.0-20190226205152-f727befe758c/go.mod h1:9Yl7xja0Znq3iFh3HoIrodX9oNMXvdceNzlUR8zjMvY= @@ -840,7 +752,6 @@ golang.org/x/tools v0.0.0-20210105154028-b0ab187a4818/go.mod h1:emZCQorbCU4vsT4f golang.org/x/tools v0.0.0-20210108195828-e2f9c7f1fc8e/go.mod h1:emZCQorbCU4vsT4fOWvOPXz4eW1wZW4PmDk9uLelYpA= golang.org/x/tools v0.1.0/go.mod h1:xkSsbof2nBLbhDlRMhhhyNLN/zl3eTqcnHD5viDpcZ0= golang.org/x/tools v0.1.1/go.mod h1:o0xws9oXOQQZyjljx8fwUC0k7L1pTE6eaCbjGeHmOkk= -golang.org/x/tools v0.1.10/go.mod h1:Uh6Zz+xoGYZom868N8YTex3t7RhtHDBrE8Gzo9bV56E= golang.org/x/tools v0.1.12/go.mod h1:hNGJHUnrk76NpqgfD5Aqm5Crs+Hm0VOH/i9J2+nxYbc= golang.org/x/tools v0.6.0/go.mod h1:Xwgl3UAJ/d3gWutnCtw505GrjyAbvKui8lOU390QaIU= golang.org/x/tools v0.8.0/go.mod h1:JxBZ99ISMI5ViVkT1tr6tdNmXeTrcpVSD3vZ1RsRdN4= @@ -850,7 +761,6 @@ golang.org/x/xerrors v0.0.0-20190717185122-a985d3407aa7/go.mod h1:I/5z698sn9Ka8T golang.org/x/xerrors v0.0.0-20191011141410-1b5146add898/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0= golang.org/x/xerrors v0.0.0-20191204190536-9bdfabe68543/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0= golang.org/x/xerrors v0.0.0-20200804184101-5ec99f83aff1/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0= -golang.org/x/xerrors v0.0.0-20220411194840-2f41105eb62f/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0= google.golang.org/api v0.4.0/go.mod h1:8k5glujaEP+g9n7WNsDg8QP6cUVNI86fCNMcbazEtwE= google.golang.org/api v0.7.0/go.mod h1:WtwebWUNSVBH/HAw79HIFXZNqEvBhG+Ra+ax0hx3E3M= google.golang.org/api v0.8.0/go.mod h1:o4eAsZoiT+ibD93RtjEohWalFOjRDx6CVaqeizhEnKg= @@ -942,12 +852,10 @@ google.golang.org/protobuf v1.24.0/go.mod h1:r/3tXBNzIEhYS9I1OUVjXDlt8tc493IdKGj google.golang.org/protobuf v1.25.0/go.mod h1:9JNX74DMeImyA3h4bdi1ymwjUzf21/xIlbajtzgsN7c= google.golang.org/protobuf v1.26.0-rc.1/go.mod h1:jlhhOSvTdKEhbULTjvd4ARK9grFBp09yW+WbY/TyQbw= google.golang.org/protobuf v1.26.0/go.mod h1:9q0QmTI4eRPtz6boOQmLYwt+qCgq0jsYwAQnmE0givc= -google.golang.org/protobuf v1.28.0/go.mod h1:HV8QOd/L58Z+nl8r43ehVNZIU/HEI6OcFqwMG9pJV4I= google.golang.org/protobuf v1.30.0 h1:kPPoIgf3TsEvrm0PFe15JQ+570QVxYzEvvHqChK+cng= google.golang.org/protobuf v1.30.0/go.mod h1:HV8QOd/L58Z+nl8r43ehVNZIU/HEI6OcFqwMG9pJV4I= gopkg.in/check.v1 v0.0.0-20161208181325-20d25e280405/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0= gopkg.in/check.v1 v1.0.0-20180628173108-788fd7840127/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0= -gopkg.in/check.v1 v1.0.0-20200227125254-8fa46927fb4f/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0= gopkg.in/check.v1 v1.0.0-20201130134442-10cb98267c6c h1:Hei/4ADfdWqJk1ZMxUNpqntNwaWcugrBjAiHlqqRiVk= gopkg.in/check.v1 v1.0.0-20201130134442-10cb98267c6c/go.mod h1:JHkPIbrfpd72SG/EVd6muEfDQjcINNoR0C8j2r3qZ4Q= gopkg.in/errgo.v2 v2.1.0/go.mod h1:hNsd1EY+bozCKY1Ytp96fpM3vjJbqLJn88ws8XvfDNI= @@ -960,11 +868,9 @@ gopkg.in/tomb.v1 v1.0.0-20141024135613-dd632973f1e7/go.mod h1:dt/ZhP58zS4L8KSrWD gopkg.in/yaml.v2 v2.2.1/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= gopkg.in/yaml.v2 v2.2.2/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= gopkg.in/yaml.v2 v2.2.8/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= -gopkg.in/yaml.v2 v2.3.0/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= gopkg.in/yaml.v2 v2.4.0 h1:D8xgwECY7CYvx+Y2n4sBz93Jn9JRvxdiyyo8CTfuKaY= gopkg.in/yaml.v2 v2.4.0/go.mod h1:RDklbk79AGWmwhnvt/jBztapEOGDOx6ZbXqjP6csGnQ= gopkg.in/yaml.v3 v3.0.0-20200313102051-9f266ea9e77c/go.mod h1:K4uyk7z7BCEPqu6E+C64Yfv1cQ7kz7rIZviUmN+EgEM= -gopkg.in/yaml.v3 v3.0.0-20200615113413-eeeca48fe776/go.mod h1:K4uyk7z7BCEPqu6E+C64Yfv1cQ7kz7rIZviUmN+EgEM= gopkg.in/yaml.v3 v3.0.0-20210107192922-496545a6307b/go.mod h1:K4uyk7z7BCEPqu6E+C64Yfv1cQ7kz7rIZviUmN+EgEM= gopkg.in/yaml.v3 v3.0.1 h1:fxVm/GzAzEWqLHuvctI91KS9hhNmmWOoWu0XTYJS7CA= gopkg.in/yaml.v3 v3.0.1/go.mod h1:K4uyk7z7BCEPqu6E+C64Yfv1cQ7kz7rIZviUmN+EgEM= diff --git a/component/wallet-cli/go.mod b/component/wallet-cli/go.mod index 1a0910a0c..17c0687a7 100644 --- a/component/wallet-cli/go.mod +++ b/component/wallet-cli/go.mod @@ -182,4 +182,8 @@ require ( rsc.io/tmplfunc v0.0.3 // indirect ) +replace github.com/trustbloc/kms-go => github.com/Moopli/kms-go v0.0.0-20230928053158-b92b3a5e8b1e + +replace github.com/trustbloc/vc-go => github.com/Moopli/vc-go v0.0.0-20230928053443-3bcf0df63996 + replace github.com/trustbloc/vcs => ../../ diff --git a/component/wallet-cli/go.sum b/component/wallet-cli/go.sum index 1df717634..493a86f8f 100644 --- a/component/wallet-cli/go.sum +++ b/component/wallet-cli/go.sum @@ -44,6 +44,10 @@ github.com/IBM/mathlib v0.0.3-0.20230605104224-932ab92f2ce0 h1:V3ElfC3Xs8bxJyc7V github.com/IBM/mathlib v0.0.3-0.20230605104224-932ab92f2ce0/go.mod h1:k0NBSWMYVgaZ2keDuI8DSwdIEhUNhp8XnlVmm6Xwyuk= github.com/Microsoft/go-winio v0.6.0 h1:slsWYD/zyx7lCXoZVlvQrj0hPTM1HI4+v1sIda2yDvg= github.com/Microsoft/go-winio v0.6.0/go.mod h1:cTAf44im0RAYeL23bpB+fzCyDH2MJiz2BO69KH/soAE= +github.com/Moopli/kms-go v0.0.0-20230928053158-b92b3a5e8b1e h1:fZz3QVC0MhylGwjUAt2g/18gpvLyp+gD1kdBlDUC6KI= +github.com/Moopli/kms-go v0.0.0-20230928053158-b92b3a5e8b1e/go.mod h1:7arOSG9GewtV1WiqYZ23dSZ6haamosSABwyG//cRaXQ= +github.com/Moopli/vc-go v0.0.0-20230928053443-3bcf0df63996 h1:WMAjakrYEl+87QJBF1kxAPsl/CjVO28xyPg24vZvLUg= +github.com/Moopli/vc-go v0.0.0-20230928053443-3bcf0df63996/go.mod h1:/PuAaqEkBj3csXcUGjve6Zgp4Heluoc1267owTjdURM= github.com/Nvveen/Gotty v0.0.0-20120604004816-cd527374f1e5 h1:TngWCqHvy9oXAN6lEVMRuU21PR1EtLVZJmdB18Gu3Rw= github.com/Nvveen/Gotty v0.0.0-20120604004816-cd527374f1e5/go.mod h1:lmUJ/7eu/Q8D7ML55dXQrVaamCz2vxCfdQBasLZfHKk= github.com/PaesslerAG/gval v1.0.0/go.mod h1:y/nm5yEyTeX6av0OfKJNp9rBNj2XrGhAf5+v24IBN1I= @@ -560,14 +564,10 @@ github.com/trustbloc/bbs-signature-go v1.0.0 h1:JOKmPRTpjbbGODt71i3wJyiEBcu5XEoe github.com/trustbloc/bbs-signature-go v1.0.0/go.mod h1:8xptu/lbVUDACQW10yiHtqATzC2kpTKQk5mKsKTD85Y= github.com/trustbloc/did-go v1.0.2-0.20230922190208-b53738d979e9 h1:UA6QlD58VZnSd2EpFJCi9XctBY3naKouBOtjMss4ewc= github.com/trustbloc/did-go v1.0.2-0.20230922190208-b53738d979e9/go.mod h1:qqTm9zd5rGhHSOtC8jjadqM01Od9zcDbUiUYLv+M6ls= -github.com/trustbloc/kms-go v1.0.1-0.20230922134356-24e819a06a30 h1:nNmYk/CX3UrLe4a7qCaMjsc+IWcQdZlJGvY5D2gsewE= -github.com/trustbloc/kms-go v1.0.1-0.20230922134356-24e819a06a30/go.mod h1:7arOSG9GewtV1WiqYZ23dSZ6haamosSABwyG//cRaXQ= github.com/trustbloc/logutil-go v1.0.0-rc1 h1:rRJbvgQfrlUfyej+mY0nuQJymGqjRW4oZEwKi544F4c= github.com/trustbloc/logutil-go v1.0.0-rc1/go.mod h1:JlxT0oZfNKgIlSNtgc001WEeDMxlnAvOM43gNm8DQVc= github.com/trustbloc/sidetree-core-go v1.0.0 h1:kzfKZOJ0sgDy9D1AYNcoR3JHutqtMtKvF2P9UwUcDjU= github.com/trustbloc/sidetree-core-go v1.0.0/go.mod h1:jdxAFuorlIwFOGVW6O455/lZqxg2mZkRHNTEolcZdDI= -github.com/trustbloc/vc-go v1.0.3-0.20230927100750-6e0ff8399468 h1:GizDlcTPMuOh8HHifl8qp+ohaGMhiIT7k4+NcI/CA/I= -github.com/trustbloc/vc-go v1.0.3-0.20230927100750-6e0ff8399468/go.mod h1:6I4D1Hlf5CpSXBbfOIf58ZPtheyT8ZdsorN2kef2ZxU= github.com/trustbloc/vcs/component/oidc/fosite v0.0.0-20230724110323-79c5330617d6 h1:iqqHGeoI6fXZbjtjvV9OCql7XQtr8P4LQBE9d2j9Ll8= github.com/trustbloc/vcs/component/oidc/fosite v0.0.0-20230724110323-79c5330617d6/go.mod h1:D/dD0ld+XRAt/MjhKnrpaVbaKTe5Zq9uAXONf5c4OxU= github.com/ugorji/go v1.1.7/go.mod h1:kZn38zHttfInRq0xu/PH0az30d+z6vm202qpg1oXVMw= diff --git a/component/wallet-cli/internal/vdrutil/vdrutil.go b/component/wallet-cli/internal/vdrutil/vdrutil.go index 21f4aa040..6813d3298 100644 --- a/component/wallet-cli/internal/vdrutil/vdrutil.go +++ b/component/wallet-cli/internal/vdrutil/vdrutil.go @@ -16,6 +16,7 @@ import ( longform "github.com/trustbloc/did-go/method/sidetreelongform" vdrapi "github.com/trustbloc/did-go/vdr/api" "github.com/trustbloc/kms-go/spi/kms" + "github.com/trustbloc/kms-go/wrapper/api" "github.com/trustbloc/vcs/pkg/doc/vc/crypto" "github.com/trustbloc/vcs/pkg/kms/key" @@ -26,11 +27,6 @@ type CreateResult struct { KeyID string } -type keyManager interface { - Get(keyID string) (interface{}, error) - CreateAndExportPubKeyBytes(kt kms.KeyType, opts ...kms.KeyOpts) (string, []byte, error) -} - var DefaultVdrUtil = &VDRUtil{} //nolint type VDRUtil struct { @@ -40,22 +36,23 @@ func (v *VDRUtil) Create( didMethod string, keyType kms.KeyType, registry vdrapi.Registry, - keyManager keyManager, + keyCreator api.RawKeyCreator, ) (*CreateResult, error) { switch strings.ToLower(didMethod) { case "ion": - return v.createION(keyType, registry, keyManager) + return v.createION(keyType, registry, keyCreator) case "key": - return v.CreateKey(keyType, registry, keyManager) + return v.CreateKey(keyType, registry, keyCreator) case "jwk": - return v.CreateJWK(keyType, registry, keyManager) + return v.CreateJWK(keyType, registry, keyCreator) default: return nil, fmt.Errorf("did method [%v] is not supported", didMethod) } } -func (v *VDRUtil) CreateKey(keyType kms.KeyType, registry vdrapi.Registry, keyManager keyManager) (*CreateResult, error) { //nolint: unparam - verMethod, err := v.newVerMethods(1, keyManager, keyType) +func (v *VDRUtil) CreateKey(keyType kms.KeyType, registry vdrapi.Registry, keyCreator api.KeyCreator, +) (*CreateResult, error) { //nolint: unparam + verMethod, err := v.newVerMethods(1, keyCreator, keyType) if err != nil { return nil, fmt.Errorf("did:key: failed to create new ver method: %w", err) } @@ -77,8 +74,9 @@ func (v *VDRUtil) CreateKey(keyType kms.KeyType, registry vdrapi.Registry, keyMa }, nil } -func (v *VDRUtil) CreateJWK(keyType kms.KeyType, registry vdrapi.Registry, keyManager keyManager) (*CreateResult, error) { //nolint: unparam - verMethod, err := v.newVerMethods(1, keyManager, keyType) +func (v *VDRUtil) CreateJWK(keyType kms.KeyType, registry vdrapi.Registry, keyCreator api.KeyCreator, +) (*CreateResult, error) { //nolint: unparam + verMethod, err := v.newVerMethods(1, keyCreator, keyType) if err != nil { return nil, fmt.Errorf("did:key: failed to create new ver method: %w", err) } @@ -100,8 +98,9 @@ func (v *VDRUtil) CreateJWK(keyType kms.KeyType, registry vdrapi.Registry, keyMa }, nil } -func (v *VDRUtil) createION(keyType kms.KeyType, registry vdrapi.Registry, keyManager keyManager) (*CreateResult, error) { - verMethod, err := v.newVerMethods(1, keyManager, keyType) +func (v *VDRUtil) createION(keyType kms.KeyType, registry vdrapi.Registry, keyCreator api.RawKeyCreator, +) (*CreateResult, error) { + verMethod, err := v.newVerMethods(1, keyCreator, keyType) if err != nil { return nil, fmt.Errorf("did:ion failed to create new ver method: %w", err) } @@ -126,7 +125,7 @@ func (v *VDRUtil) createION(keyType kms.KeyType, registry vdrapi.Registry, keyMa types := [2]string{"update", "recovery"} for i := 0; i < 2; i++ { - keyURLs[i], keys[i], err = key.CryptoKeyCreator(keyType)(keyManager) + keyURLs[i], keys[i], err = key.CryptoKeyCreator(keyCreator)(keyType) if err != nil { return nil, fmt.Errorf("did:orb: failed to create %s key: %w", types[i], err) } @@ -152,12 +151,12 @@ func (v *VDRUtil) createION(keyType kms.KeyType, registry vdrapi.Registry, keyMa }, nil } -func (v *VDRUtil) newVerMethods(count int, km keyManager, - keyType kms.KeyType) ([]*did.VerificationMethod, error) { +func (v *VDRUtil) newVerMethods(count int, keyCreator api.KeyCreator, keyType kms.KeyType, +) ([]*did.VerificationMethod, error) { methods := make([]*did.VerificationMethod, count) for i := 0; i < count; i++ { - keyID, j, err := key.JWKKeyCreator(keyType)(km) + keyID, j, err := key.JWKKeyCreator(keyCreator)(keyType) if err != nil { return nil, fmt.Errorf("failed to create key: %w", err) } diff --git a/component/wallet-cli/pkg/walletrunner/aries_services.go b/component/wallet-cli/pkg/walletrunner/aries_services.go index bbce13c74..74e3e7918 100644 --- a/component/wallet-cli/pkg/walletrunner/aries_services.go +++ b/component/wallet-cli/pkg/walletrunner/aries_services.go @@ -11,16 +11,14 @@ import ( jsonld "github.com/piprate/json-gold/ld" vdrapi "github.com/trustbloc/did-go/vdr/api" - "github.com/trustbloc/kms-go/spi/crypto" - "github.com/trustbloc/kms-go/spi/kms" "github.com/trustbloc/kms-go/spi/storage" + "github.com/trustbloc/kms-go/wrapper/api" ) type ariesServices struct { storageProvider storage.Provider vdrRegistry vdrapi.Registry - crypto crypto.Crypto - kms kms.KeyManager + suite api.Suite documentLoader jsonld.DocumentLoader mediaTypeProfiles []string } @@ -37,12 +35,8 @@ func (p *ariesServices) VDRegistry() vdrapi.Registry { return p.vdrRegistry } -func (p *ariesServices) Crypto() crypto.Crypto { - return p.crypto -} - -func (p *ariesServices) KMS() kms.KeyManager { - return p.kms +func (p *ariesServices) Suite() api.Suite { + return p.suite } func (p *ariesServices) JSONLDDocumentLoader() jsonld.DocumentLoader { diff --git a/component/wallet-cli/pkg/walletrunner/wallet.go b/component/wallet-cli/pkg/walletrunner/wallet.go index f5f94ed3b..a4033fc2a 100644 --- a/component/wallet-cli/pkg/walletrunner/wallet.go +++ b/component/wallet-cli/pkg/walletrunner/wallet.go @@ -91,6 +91,11 @@ func (s *Service) CreateWallet() error { s.vcProviderConf.WalletParams.Token = token } + creator, err := s.ariesServices.suite.RawKeyCreator() + if err != nil { + return err + } + if shouldCreateWallet { var createRes *vdrutil.CreateResult for i := 0; i < s.vcProviderConf.WalletDidCount; i++ { @@ -98,7 +103,7 @@ func (s *Service) CreateWallet() error { s.vcProviderConf.DidMethod, kms.KeyType(s.vcProviderConf.DidKeyType), s.ariesServices.vdrRegistry, - s.ariesServices.kms, + creator, ) if err != nil { return err diff --git a/component/wallet-cli/pkg/walletrunner/wallet_runner.go b/component/wallet-cli/pkg/walletrunner/wallet_runner.go index a787fd100..fbdbeba11 100644 --- a/component/wallet-cli/pkg/walletrunner/wallet_runner.go +++ b/component/wallet-cli/pkg/walletrunner/wallet_runner.go @@ -30,13 +30,12 @@ import ( "github.com/trustbloc/did-go/method/web" "github.com/trustbloc/did-go/vdr" vdrapi "github.com/trustbloc/did-go/vdr/api" - "github.com/trustbloc/kms-go/crypto/tinkcrypto" "github.com/trustbloc/kms-go/kms" - "github.com/trustbloc/kms-go/kms/localkms" "github.com/trustbloc/kms-go/secretlock/noop" kmsapi "github.com/trustbloc/kms-go/spi/kms" "github.com/trustbloc/kms-go/spi/secretlock" "github.com/trustbloc/kms-go/spi/storage" + "github.com/trustbloc/kms-go/wrapper/localsuite" "golang.org/x/oauth2" "github.com/trustbloc/vcs/component/wallet-cli/internal/formatter" @@ -215,28 +214,15 @@ func (s *Service) createAgentServices(vcProviderConf *vcprovider.Config) (*aries provider.documentLoader = loader - cryptoImpl, err := tinkcrypto.New() - if err != nil { - return nil, fmt.Errorf("failed to create local DataProtector: %w", err) - } - - provider.crypto = cryptoImpl - kmsStore, err := kms.NewAriesProviderWrapper(provider.storageProvider) if err != nil { return nil, fmt.Errorf("failed to create Aries KMS store wrapper") } - kmsProv := kmsProvider{ - store: kmsStore, - secretLockService: &noop.NoLock{}, - } - - localKMS, err := localkms.New("local-lock://agentSDK", &kmsProv) + provider.suite, err = localsuite.NewLocalCryptoSuite("local-lock://agentSDK", kmsStore, &noop.NoLock{}) if err != nil { - return nil, fmt.Errorf("failed to create local KMS: %w", err) + return nil, fmt.Errorf("failed to create local crypto suite: %w", err) } - provider.kms = localKMS vrd, err := createVDR(vcProviderConf) if err != nil { diff --git a/component/wallet-cli/pkg/walletrunner/wallet_runner_oidc4ci.go b/component/wallet-cli/pkg/walletrunner/wallet_runner_oidc4ci.go index 7acaa362f..1df876626 100644 --- a/component/wallet-cli/pkg/walletrunner/wallet_runner_oidc4ci.go +++ b/component/wallet-cli/pkg/walletrunner/wallet_runner_oidc4ci.go @@ -482,22 +482,15 @@ func (s *Service) getCredential( credentialFormat, issuerURI string, ) (interface{}, time.Duration, error) { - km := s.ariesServices.KMS() - cr := s.ariesServices.Crypto() - didKeyID := s.vcProviderConf.WalletParams.DidKeyID[0] - kmsSigner, err := signer.NewKMSSigner( - km, - cr, - strings.Split(didKeyID, "#")[1], - s.vcProviderConf.WalletParams.SignType, - nil, - ) + fks, err := s.ariesServices.Suite().FixedKeyMultiSigner(strings.Split(didKeyID, "#")[1]) if err != nil { return nil, 0, fmt.Errorf("create kms signer: %w", err) } + kmsSigner := signer.NewKMSSigner(fks, s.vcProviderConf.WalletParams.SignType, nil) + claims := &JWTProofClaims{ Issuer: s.oauthClient.ClientID, IssuedAt: time.Now().Unix(), diff --git a/component/wallet-cli/pkg/walletrunner/wallet_runner_oidc4vp.go b/component/wallet-cli/pkg/walletrunner/wallet_runner_oidc4vp.go index b7f4ee4cb..94b30db22 100644 --- a/component/wallet-cli/pkg/walletrunner/wallet_runner_oidc4vp.go +++ b/component/wallet-cli/pkg/walletrunner/wallet_runner_oidc4vp.go @@ -21,12 +21,11 @@ import ( "github.com/google/uuid" "github.com/trustbloc/did-go/method/jwk" + "github.com/trustbloc/kms-go/wrapper/api" "github.com/valyala/fastjson" didkey "github.com/trustbloc/did-go/method/key" "github.com/trustbloc/kms-go/doc/jose" - "github.com/trustbloc/kms-go/spi/crypto" - "github.com/trustbloc/kms-go/spi/kms" "github.com/trustbloc/vc-go/jwt" "github.com/trustbloc/vc-go/presexch" "github.com/trustbloc/vc-go/verifiable" @@ -361,7 +360,7 @@ func (e *VPFlowExecutor) getIDTokenClaims(requestPresentationSubmission *presexc } func (e *VPFlowExecutor) signIDTokenJWT(idToken *IDTokenClaims, signatureType vcs.SignatureType) (string, error) { - idTokenJWS, err := signTokenJWT(idToken, e.walletDidKeyID[0], e.ariesServices.crypto, e.ariesServices.kms, signatureType) + idTokenJWS, err := signTokenJWT(idToken, e.walletDidKeyID[0], e.ariesServices.suite, signatureType) if err != nil { return "", fmt.Errorf("sign id_token: %w", err) } @@ -480,8 +479,7 @@ func (e *VPFlowExecutor) signPresentationLDP(vp *verifiable.Presentation, signat KMSKeyID: strings.Split(didKeyID, "#")[1], SignatureType: signatureType, SignatureRepresentation: verifiable.SignatureProofValue, - KMS: vcskms.GetAriesKeyManager( - e.ariesServices.kms, e.ariesServices.crypto, vcskms.Local, noop.GetMetrics()), + KMS: vcskms.GetAriesKeyManager(e.ariesServices.suite, vcskms.Local, noop.GetMetrics()), }, vp, vccrypto.WithChallenge(e.requestObject.Nonce), @@ -508,7 +506,7 @@ func (e *VPFlowExecutor) signPresentationJWT(vp *verifiable.Presentation, signat vpTokenJWS := strings.ReplaceAll(string(vpTokenBytes), `"type":"VerifiablePresentation"`, `"type":["VerifiablePresentation"]`) - vpTokenJWS, err = signTokenJWT(vpTokenJWS, didKeyID, e.ariesServices.crypto, e.ariesServices.kms, signatureType) + vpTokenJWS, err = signTokenJWT(vpTokenJWS, didKeyID, e.ariesServices.suite, signatureType) if err != nil { return "", fmt.Errorf("sign vp_token: %w", err) } @@ -599,14 +597,15 @@ func (e *VPFlowExecutor) GetSubjectID(creds []*verifiable.Credential) (string, e return subjectID, nil } -func signTokenJWT(claims interface{}, didKeyID string, crpt crypto.Crypto, - km kms.KeyManager, signType vcs.SignatureType) (string, error) { - - kmsSigner, err := signer.NewKMSSigner(km, crpt, strings.Split(didKeyID, "#")[1], signType, nil) +func signTokenJWT(claims interface{}, didKeyID string, suite api.Suite, signType vcs.SignatureType, +) (string, error) { + fks, err := suite.FixedKeyMultiSigner(strings.Split(didKeyID, "#")[1]) if err != nil { return "", fmt.Errorf("create kms signer: %w", err) } + kmsSigner := signer.NewKMSSigner(fks, signType, nil) + signerKeyID := didKeyID if strings.Contains(didKeyID, "did:key") { diff --git a/go.mod b/go.mod index 7f8c80a7f..0a4e1ac76 100644 --- a/go.mod +++ b/go.mod @@ -19,7 +19,6 @@ require ( github.com/getkin/kin-openapi v0.94.0 github.com/go-jose/go-jose/v3 v3.0.1-0.20221117193127-916db76e8214 github.com/golang/mock v1.6.0 - github.com/google/tink/go v1.7.0 github.com/google/uuid v1.3.0 github.com/jinzhu/copier v0.3.5 github.com/klauspost/compress v1.15.9 @@ -110,6 +109,7 @@ require ( github.com/golang/protobuf v1.5.3 // indirect github.com/golang/snappy v0.0.4 // indirect github.com/google/shlex v0.0.0-20191202100458-e7afc7fbc510 // indirect + github.com/google/tink/go v1.7.0 // indirect github.com/gorilla/websocket v1.5.0 // indirect github.com/hashicorp/go-cleanhttp v0.5.2 // indirect github.com/hashicorp/go-retryablehttp v0.7.4 // indirect @@ -188,3 +188,7 @@ require ( gopkg.in/yaml.v3 v3.0.1 // indirect rsc.io/tmplfunc v0.0.3 // indirect ) + +replace github.com/trustbloc/kms-go => github.com/Moopli/kms-go v0.0.0-20230928053158-b92b3a5e8b1e + +replace github.com/trustbloc/vc-go => github.com/Moopli/vc-go v0.0.0-20230928053443-3bcf0df63996 diff --git a/go.sum b/go.sum index 43c9f5e55..00e2a2a4b 100644 --- a/go.sum +++ b/go.sum @@ -44,6 +44,10 @@ github.com/IBM/mathlib v0.0.3-0.20230605104224-932ab92f2ce0 h1:V3ElfC3Xs8bxJyc7V github.com/IBM/mathlib v0.0.3-0.20230605104224-932ab92f2ce0/go.mod h1:k0NBSWMYVgaZ2keDuI8DSwdIEhUNhp8XnlVmm6Xwyuk= github.com/Microsoft/go-winio v0.6.0 h1:slsWYD/zyx7lCXoZVlvQrj0hPTM1HI4+v1sIda2yDvg= github.com/Microsoft/go-winio v0.6.0/go.mod h1:cTAf44im0RAYeL23bpB+fzCyDH2MJiz2BO69KH/soAE= +github.com/Moopli/kms-go v0.0.0-20230928053158-b92b3a5e8b1e h1:fZz3QVC0MhylGwjUAt2g/18gpvLyp+gD1kdBlDUC6KI= +github.com/Moopli/kms-go v0.0.0-20230928053158-b92b3a5e8b1e/go.mod h1:7arOSG9GewtV1WiqYZ23dSZ6haamosSABwyG//cRaXQ= +github.com/Moopli/vc-go v0.0.0-20230928053443-3bcf0df63996 h1:WMAjakrYEl+87QJBF1kxAPsl/CjVO28xyPg24vZvLUg= +github.com/Moopli/vc-go v0.0.0-20230928053443-3bcf0df63996/go.mod h1:/PuAaqEkBj3csXcUGjve6Zgp4Heluoc1267owTjdURM= github.com/Nvveen/Gotty v0.0.0-20120604004816-cd527374f1e5 h1:TngWCqHvy9oXAN6lEVMRuU21PR1EtLVZJmdB18Gu3Rw= github.com/Nvveen/Gotty v0.0.0-20120604004816-cd527374f1e5/go.mod h1:lmUJ/7eu/Q8D7ML55dXQrVaamCz2vxCfdQBasLZfHKk= github.com/PaesslerAG/gval v1.0.0/go.mod h1:y/nm5yEyTeX6av0OfKJNp9rBNj2XrGhAf5+v24IBN1I= @@ -625,12 +629,8 @@ github.com/trustbloc/bbs-signature-go v1.0.0 h1:JOKmPRTpjbbGODt71i3wJyiEBcu5XEoe github.com/trustbloc/bbs-signature-go v1.0.0/go.mod h1:8xptu/lbVUDACQW10yiHtqATzC2kpTKQk5mKsKTD85Y= github.com/trustbloc/did-go v1.0.2-0.20230922190208-b53738d979e9 h1:UA6QlD58VZnSd2EpFJCi9XctBY3naKouBOtjMss4ewc= github.com/trustbloc/did-go v1.0.2-0.20230922190208-b53738d979e9/go.mod h1:qqTm9zd5rGhHSOtC8jjadqM01Od9zcDbUiUYLv+M6ls= -github.com/trustbloc/kms-go v1.0.1-0.20230922134356-24e819a06a30 h1:nNmYk/CX3UrLe4a7qCaMjsc+IWcQdZlJGvY5D2gsewE= -github.com/trustbloc/kms-go v1.0.1-0.20230922134356-24e819a06a30/go.mod h1:7arOSG9GewtV1WiqYZ23dSZ6haamosSABwyG//cRaXQ= github.com/trustbloc/logutil-go v1.0.0-rc1 h1:rRJbvgQfrlUfyej+mY0nuQJymGqjRW4oZEwKi544F4c= github.com/trustbloc/logutil-go v1.0.0-rc1/go.mod h1:JlxT0oZfNKgIlSNtgc001WEeDMxlnAvOM43gNm8DQVc= -github.com/trustbloc/vc-go v1.0.3-0.20230927100750-6e0ff8399468 h1:GizDlcTPMuOh8HHifl8qp+ohaGMhiIT7k4+NcI/CA/I= -github.com/trustbloc/vc-go v1.0.3-0.20230927100750-6e0ff8399468/go.mod h1:6I4D1Hlf5CpSXBbfOIf58ZPtheyT8ZdsorN2kef2ZxU= github.com/trustbloc/vcs/component/oidc/fosite v0.0.0-20230724110323-79c5330617d6 h1:iqqHGeoI6fXZbjtjvV9OCql7XQtr8P4LQBE9d2j9Ll8= github.com/trustbloc/vcs/component/oidc/fosite v0.0.0-20230724110323-79c5330617d6/go.mod h1:D/dD0ld+XRAt/MjhKnrpaVbaKTe5Zq9uAXONf5c4OxU= github.com/ugorji/go v1.1.7/go.mod h1:kZn38zHttfInRq0xu/PH0az30d+z6vm202qpg1oXVMw= diff --git a/internal/mock/vcskms/vcskms.go b/internal/mock/vcskms/vcskms.go new file mode 100644 index 000000000..ae0bcc2f5 --- /dev/null +++ b/internal/mock/vcskms/vcskms.go @@ -0,0 +1,70 @@ +/* +Copyright Gen Digital Inc. All Rights Reserved. + +SPDX-License-Identifier: Apache-2.0 +*/ + +package vcskms + +import ( + "github.com/trustbloc/kms-go/doc/jose/jwk" + mockwrapper "github.com/trustbloc/kms-go/mock/wrapper" + kmsapi "github.com/trustbloc/kms-go/spi/kms" + "github.com/trustbloc/kms-go/wrapper/api" + "github.com/trustbloc/vcs/pkg/doc/vc" + vcsverifiable "github.com/trustbloc/vcs/pkg/doc/verifiable" + "github.com/trustbloc/vcs/pkg/kms" + "github.com/trustbloc/vcs/pkg/kms/signer" +) + +// MockKMS mocks kms.VCSKeyManager. +// +// Set either MockKMS.Signer or MockKMS.FixedSigner. +type MockKMS struct { + Signer api.KMSCryptoMultiSigner + FixedSigner api.FixedKeyMultiSigner + VCSignerErr error + KeyTypes []kmsapi.KeyType +} + +// NewVCSigner mock. +func (m *MockKMS) NewVCSigner(creator string, signatureType vcsverifiable.SignatureType) (vc.SignerAlgorithm, error) { + if m.VCSignerErr != nil { + return nil, m.VCSignerErr + } + + var ( + fks api.FixedKeyMultiSigner + err error + ) + + if m.FixedSigner != nil { + fks = m.FixedSigner + } else if m.Signer != nil { + fks, err = m.Signer.FixedMultiSignerGivenKID(creator) + if err != nil { + return nil, err + } + } else { + fks = &mockwrapper.MockFixedKeyCrypto{} + } + + return signer.NewKMSSigner(fks, signatureType, nil), nil +} + +// SupportedKeyTypes unimplemented stub. +func (m *MockKMS) SupportedKeyTypes() []kmsapi.KeyType { + return m.KeyTypes +} + +// CreateJWKKey unimplemented stub. +func (m *MockKMS) CreateJWKKey(_ kmsapi.KeyType) (string, *jwk.JWK, error) { + return "", nil, nil +} + +// CreateCryptoKey unimplemented stub. +func (m *MockKMS) CreateCryptoKey(_ kmsapi.KeyType) (string, interface{}, error) { + return "", nil, nil +} + +var _ kms.VCSKeyManager = &MockKMS{} diff --git a/pkg/cslmanager/cslmanager_test.go b/pkg/cslmanager/cslmanager_test.go index 67d3c1c9b..fc81a5a4f 100644 --- a/pkg/cslmanager/cslmanager_test.go +++ b/pkg/cslmanager/cslmanager_test.go @@ -21,17 +21,13 @@ import ( "github.com/golang/mock/gomock" "github.com/google/uuid" + "github.com/trustbloc/vcs/internal/mock/vcskms" "github.com/stretchr/testify/require" "github.com/trustbloc/did-go/doc/did" model "github.com/trustbloc/did-go/doc/did/endpoint" vdrmock "github.com/trustbloc/did-go/vdr/mock" - "github.com/trustbloc/kms-go/doc/jose/jwk" - cryptomock "github.com/trustbloc/kms-go/mock/crypto" - mockkms "github.com/trustbloc/kms-go/mock/kms" - ariescrypto "github.com/trustbloc/kms-go/spi/crypto" - "github.com/trustbloc/kms-go/spi/kms" "github.com/trustbloc/vc-go/verifiable" "github.com/trustbloc/vcs/pkg/doc/vc" @@ -41,7 +37,6 @@ import ( "github.com/trustbloc/vcs/pkg/doc/vc/vcutil" vcsverifiable "github.com/trustbloc/vcs/pkg/doc/verifiable" "github.com/trustbloc/vcs/pkg/internal/testutil" - "github.com/trustbloc/vcs/pkg/kms/signer" profileapi "github.com/trustbloc/vcs/pkg/profile" "github.com/trustbloc/vcs/pkg/service/credentialstatus" ) @@ -61,7 +56,7 @@ func TestCredentialStatusList_CreateCSLEntry(t *testing.T) { t.Run("test success", func(t *testing.T) { mockKMSRegistry := NewMockKMSRegistry(gomock.NewController(t)) - mockKMSRegistry.EXPECT().GetKeyManager(gomock.Any()).Times(5).Return(&mockKMS{}, nil) + mockKMSRegistry.EXPECT().GetKeyManager(gomock.Any()).Times(5).Return(&vcskms.MockKMS{}, nil) ctx := context.Background() cslIndexStore := newMockCSLIndexStore() @@ -144,7 +139,7 @@ func TestCredentialStatusList_CreateCSLEntry(t *testing.T) { profile.VCConfig.Status.Type = "undefined" mockKMSRegistry := NewMockKMSRegistry(gomock.NewController(t)) - mockKMSRegistry.EXPECT().GetKeyManager(gomock.Any()).Times(1).Return(&mockKMS{}, nil) + mockKMSRegistry.EXPECT().GetKeyManager(gomock.Any()).Times(1).Return(&vcskms.MockKMS{}, nil) cslIndexStore := newMockCSLIndexStore() cslVCStore := newMockCSLVCStore() @@ -241,7 +236,7 @@ func TestCredentialStatusList_CreateCSLEntry(t *testing.T) { t.Run("test error from CSL VC store", func(t *testing.T) { mockKMSRegistry := NewMockKMSRegistry(gomock.NewController(t)) - mockKMSRegistry.EXPECT().GetKeyManager(gomock.Any()).AnyTimes().Return(&mockKMS{}, nil) + mockKMSRegistry.EXPECT().GetKeyManager(gomock.Any()).AnyTimes().Return(&vcskms.MockKMS{}, nil) ctx := context.Background() cslIndexStore := newMockCSLIndexStore() @@ -272,7 +267,7 @@ func TestCredentialStatusList_CreateCSLEntry(t *testing.T) { t.Run("test error put typedID to store - list size too small", func(t *testing.T) { mockKMSRegistry := NewMockKMSRegistry(gomock.NewController(t)) - mockKMSRegistry.EXPECT().GetKeyManager(gomock.Any()).Times(1).Return(&mockKMS{}, nil) + mockKMSRegistry.EXPECT().GetKeyManager(gomock.Any()).Times(1).Return(&vcskms.MockKMS{}, nil) s, err := New(&Config{ CSLIndexStore: newMockCSLIndexStore(), @@ -344,7 +339,7 @@ func TestCredentialStatusList_CreateCSLEntry(t *testing.T) { t.Run("test error from store csl list in store", func(t *testing.T) { mockKMSRegistry := NewMockKMSRegistry(gomock.NewController(t)) - mockKMSRegistry.EXPECT().GetKeyManager(gomock.Any()).Times(1).Return(&mockKMS{}, nil) + mockKMSRegistry.EXPECT().GetKeyManager(gomock.Any()).Times(1).Return(&vcskms.MockKMS{}, nil) s, err := New(&Config{ CSLVCStore: newMockCSLVCStore(), @@ -368,7 +363,7 @@ func TestCredentialStatusList_CreateCSLEntry(t *testing.T) { t.Run("test error update latest list id", func(t *testing.T) { mockKMSRegistry := NewMockKMSRegistry(gomock.NewController(t)) - mockKMSRegistry.EXPECT().GetKeyManager(gomock.Any()).Times(1).Return(&mockKMS{}, nil) + mockKMSRegistry.EXPECT().GetKeyManager(gomock.Any()).Times(1).Return(&vcskms.MockKMS{}, nil) s, err := New(&Config{ CSLVCStore: newMockCSLVCStore(), @@ -392,7 +387,7 @@ func TestCredentialStatusList_CreateCSLEntry(t *testing.T) { t.Run("test error put typedID to store", func(t *testing.T) { mockKMSRegistry := NewMockKMSRegistry(gomock.NewController(t)) - mockKMSRegistry.EXPECT().GetKeyManager(gomock.Any()).Times(1).Return(&mockKMS{}, nil) + mockKMSRegistry.EXPECT().GetKeyManager(gomock.Any()).Times(1).Return(&vcskms.MockKMS{}, nil) s, err := New(&Config{ @@ -589,30 +584,6 @@ func (m *mockVCStore) Put( return nil } -type mockKMS struct { - crypto ariescrypto.Crypto -} - -func (m *mockKMS) NewVCSigner(creator string, signatureType vcsverifiable.SignatureType) (vc.SignerAlgorithm, error) { - if m.crypto == nil { - m.crypto = &cryptomock.Crypto{} - } - - return signer.NewKMSSigner(&mockkms.KeyManager{}, m.crypto, creator, signatureType, nil) -} - -func (m *mockKMS) SupportedKeyTypes() []kms.KeyType { - return nil -} - -func (m *mockKMS) CreateJWKKey(_ kms.KeyType) (string, *jwk.JWK, error) { - return "", nil, nil -} - -func (m *mockKMS) CreateCryptoKey(_ kms.KeyType) (string, interface{}, error) { - return "", nil, nil -} - func TestService_getUnusedIndex(t *testing.T) { type fields struct { listSize int diff --git a/pkg/dataprotect/dataprotect.go b/pkg/dataprotect/dataprotect.go index ba7170c43..075316adf 100644 --- a/pkg/dataprotect/dataprotect.go +++ b/pkg/dataprotect/dataprotect.go @@ -8,13 +8,15 @@ package dataprotect import ( "context" + + "github.com/trustbloc/kms-go/wrapper/api" ) //go:generate mockgen -source dataprotect.go -destination dataprotect_mocks_test.go -package dataprotect_test -type Crypto interface { - Decrypt(cipher, aad, nonce []byte, kh interface{}) ([]byte, error) - Encrypt(msg, aad []byte, kh interface{}) ([]byte, []byte, error) +type encDec interface { + Encrypt(msg []byte, aad []byte, kid string) (cipher []byte, nonce []byte, err error) + Decrypt(cipher []byte, aad []byte, nonce []byte, kid string) (msg []byte, err error) } type dataEncryptor interface { @@ -28,23 +30,23 @@ type DataCompressor interface { } type DataProtector struct { - keyProtector Crypto cryptoKeyID string dataProtector dataEncryptor dataCompressor DataCompressor + encDec api.EncrypterDecrypter } func NewDataProtector( - crypto Crypto, + keyEncryptor encDec, cryptoKeyID string, dataEncryptor dataEncryptor, dataCompressor DataCompressor, ) *DataProtector { return &DataProtector{ - keyProtector: crypto, cryptoKeyID: cryptoKeyID, dataProtector: dataEncryptor, dataCompressor: dataCompressor, + encDec: keyEncryptor, } } @@ -65,7 +67,7 @@ func (d *DataProtector) Encrypt(_ context.Context, msg []byte) (*EncryptedData, return nil, err } - encryptedKey, nonce, err := d.keyProtector.Encrypt(key, nil, d.cryptoKeyID) + encryptedKey, nonce, err := d.encDec.Encrypt(key, nil, d.cryptoKeyID) if err != nil { return nil, err } @@ -78,7 +80,7 @@ func (d *DataProtector) Encrypt(_ context.Context, msg []byte) (*EncryptedData, } func (d *DataProtector) Decrypt(_ context.Context, data *EncryptedData) ([]byte, error) { - decryptedKey, err := d.keyProtector.Decrypt(nil, data.EncryptedKey, data.EncryptedNonce, d.cryptoKeyID) + decryptedKey, err := d.encDec.Decrypt(data.EncryptedKey, nil, data.EncryptedNonce, d.cryptoKeyID) if err != nil { return nil, err } diff --git a/pkg/dataprotect/dataprotect_test.go b/pkg/dataprotect/dataprotect_test.go index e9f07a06b..e52370e70 100644 --- a/pkg/dataprotect/dataprotect_test.go +++ b/pkg/dataprotect/dataprotect_test.go @@ -13,7 +13,6 @@ import ( "github.com/golang/mock/gomock" "github.com/stretchr/testify/assert" - "github.com/trustbloc/vcs/pkg/dataprotect" ) @@ -23,11 +22,16 @@ const ( func TestNewDataProtectorEncrypt(t *testing.T) { t.Run("success", func(t *testing.T) { - keyProtector := NewMockCrypto(gomock.NewController(t)) + keyProtector := NewMockencDec(gomock.NewController(t)) encrypt := NewMockdataEncryptor(gomock.NewController(t)) compress := NewMockDataCompressor(gomock.NewController(t)) - p := dataprotect.NewDataProtector(keyProtector, cryptoKeyID, encrypt, compress) + p := dataprotect.NewDataProtector( + keyProtector, + cryptoKeyID, + encrypt, + compress, + ) data := []byte{0x1, 0x2, 0x66, 0x32} dataCompressed := []byte{0x5, 0x6, 0x7} @@ -52,12 +56,17 @@ func TestNewDataProtectorEncrypt(t *testing.T) { }) t.Run("data encrypt err", func(t *testing.T) { - keyProtector := NewMockCrypto(gomock.NewController(t)) + keyProtector := NewMockencDec(gomock.NewController(t)) encrypt := NewMockdataEncryptor(gomock.NewController(t)) compress := NewMockDataCompressor(gomock.NewController(t)) compress.EXPECT().Compress(gomock.Any()).Return(nil, nil) - p := dataprotect.NewDataProtector(keyProtector, cryptoKeyID, encrypt, compress) + p := dataprotect.NewDataProtector( + keyProtector, + cryptoKeyID, + encrypt, + compress, + ) encrypt.EXPECT().Encrypt(gomock.Any()). Return(nil, nil, errors.New("data encrypt err")) @@ -67,12 +76,17 @@ func TestNewDataProtectorEncrypt(t *testing.T) { }) t.Run("encrypt err", func(t *testing.T) { - keyProtector := NewMockCrypto(gomock.NewController(t)) + keyProtector := NewMockencDec(gomock.NewController(t)) encrypt := NewMockdataEncryptor(gomock.NewController(t)) compress := NewMockDataCompressor(gomock.NewController(t)) compress.EXPECT().Compress(gomock.Any()).Return(nil, nil) - p := dataprotect.NewDataProtector(keyProtector, cryptoKeyID, encrypt, compress) + p := dataprotect.NewDataProtector( + keyProtector, + cryptoKeyID, + encrypt, + compress, + ) encrypt.EXPECT().Encrypt(gomock.Any()). Return(nil, nil, nil) keyProtector.EXPECT().Encrypt(gomock.Any(), nil, cryptoKeyID). @@ -84,12 +98,17 @@ func TestNewDataProtectorEncrypt(t *testing.T) { }) t.Run("compress err", func(t *testing.T) { - keyProtector := NewMockCrypto(gomock.NewController(t)) + keyProtector := NewMockencDec(gomock.NewController(t)) encrypt := NewMockdataEncryptor(gomock.NewController(t)) compress := NewMockDataCompressor(gomock.NewController(t)) compress.EXPECT().Compress(gomock.Any()).Return(nil, errors.New("can not compress")) - p := dataprotect.NewDataProtector(keyProtector, cryptoKeyID, encrypt, compress) + p := dataprotect.NewDataProtector( + keyProtector, + cryptoKeyID, + encrypt, + compress, + ) resp, err := p.Encrypt(context.TODO(), []byte{0x0}) assert.ErrorContains(t, err, "can not compress") @@ -99,11 +118,16 @@ func TestNewDataProtectorEncrypt(t *testing.T) { func TestDecrypt(t *testing.T) { t.Run("success", func(t *testing.T) { - keyProtector := NewMockCrypto(gomock.NewController(t)) + keyProtector := NewMockencDec(gomock.NewController(t)) dataProtector := NewMockdataEncryptor(gomock.NewController(t)) compress := NewMockDataCompressor(gomock.NewController(t)) - p := dataprotect.NewDataProtector(keyProtector, cryptoKeyID, dataProtector, compress) + p := dataprotect.NewDataProtector( + keyProtector, + cryptoKeyID, + dataProtector, + compress, + ) data := []byte{0x1, 0x2, 0x66, 0x32} dataDecompressed := []byte{0x1, 0x1, 0x2} @@ -117,7 +141,7 @@ func TestDecrypt(t *testing.T) { Return(data, nil) keyProtector.EXPECT(). - Decrypt(nil, encryptedKey, nonce, cryptoKeyID). + Decrypt(encryptedKey, nil, nonce, cryptoKeyID). Return(key, nil) dec, err := p.Decrypt(context.TODO(), &dataprotect.EncryptedData{ @@ -131,11 +155,16 @@ func TestDecrypt(t *testing.T) { }) t.Run("fail decrypt key", func(t *testing.T) { - keyProtector := NewMockCrypto(gomock.NewController(t)) + keyProtector := NewMockencDec(gomock.NewController(t)) dataProtector := NewMockdataEncryptor(gomock.NewController(t)) compress := NewMockDataCompressor(gomock.NewController(t)) - p := dataprotect.NewDataProtector(keyProtector, cryptoKeyID, dataProtector, compress) + p := dataprotect.NewDataProtector( + keyProtector, + cryptoKeyID, + dataProtector, + compress, + ) encryptedData := []byte{0x99, 0x55, 0x66} encryptedKey := []byte{0x88, 0x77} @@ -156,11 +185,16 @@ func TestDecrypt(t *testing.T) { }) t.Run("fail decrypt key", func(t *testing.T) { - keyProtector := NewMockCrypto(gomock.NewController(t)) + keyProtector := NewMockencDec(gomock.NewController(t)) dataProtector := NewMockdataEncryptor(gomock.NewController(t)) compress := NewMockDataCompressor(gomock.NewController(t)) - p := dataprotect.NewDataProtector(keyProtector, cryptoKeyID, dataProtector, compress) + p := dataprotect.NewDataProtector( + keyProtector, + cryptoKeyID, + dataProtector, + compress, + ) encryptedData := []byte{0x99, 0x55, 0x66} encryptedKey := []byte{0x88, 0x77} @@ -184,11 +218,16 @@ func TestDecrypt(t *testing.T) { }) t.Run("fail decompress", func(t *testing.T) { - keyProtector := NewMockCrypto(gomock.NewController(t)) + keyProtector := NewMockencDec(gomock.NewController(t)) dataProtector := NewMockdataEncryptor(gomock.NewController(t)) compress := NewMockDataCompressor(gomock.NewController(t)) - p := dataprotect.NewDataProtector(keyProtector, cryptoKeyID, dataProtector, compress) + p := dataprotect.NewDataProtector( + keyProtector, + cryptoKeyID, + dataProtector, + compress, + ) data := []byte{0x1, 0x2, 0x66, 0x32} encryptedData := []byte{0x99, 0x55, 0x66} @@ -201,7 +240,7 @@ func TestDecrypt(t *testing.T) { Return(data, nil) keyProtector.EXPECT(). - Decrypt(nil, encryptedKey, nonce, cryptoKeyID). + Decrypt(encryptedKey, nil, nonce, cryptoKeyID). Return(key, nil) dec, err := p.Decrypt(context.TODO(), &dataprotect.EncryptedData{ diff --git a/pkg/dataprotect/nilcrypto.go b/pkg/dataprotect/nilcrypto.go index ca77e624c..7f736e4e2 100644 --- a/pkg/dataprotect/nilcrypto.go +++ b/pkg/dataprotect/nilcrypto.go @@ -13,10 +13,10 @@ func NewNilCrypto() *NilCrypto { return &NilCrypto{} } -func (n *NilCrypto) Encrypt(msg, _ []byte, _ interface{}) ([]byte, []byte, error) { +func (n *NilCrypto) Encrypt(msg, _ []byte, _ string) ([]byte, []byte, error) { return msg, nil, nil } -func (n *NilCrypto) Decrypt(_, aad, _ []byte, _ interface{}) ([]byte, error) { +func (n *NilCrypto) Decrypt(_, aad, _ []byte, _ string) ([]byte, error) { return aad, nil } diff --git a/pkg/dataprotect/nilcrypto_test.go b/pkg/dataprotect/nilcrypto_test.go index 0b540bfbe..21761e25a 100644 --- a/pkg/dataprotect/nilcrypto_test.go +++ b/pkg/dataprotect/nilcrypto_test.go @@ -18,11 +18,11 @@ func TestNilCryptoEncryptDecrypt(t *testing.T) { nilCrypto := dataprotect.NewNilCrypto() testData := []byte("This is a sample text to demonstrate the NilCrypto encryption and decryption process.") - encryptedData, _, err := nilCrypto.Encrypt(testData, nil, nil) + encryptedData, _, err := nilCrypto.Encrypt(testData, nil, "") assert.NoError(t, err, "Failed to encrypt data") assert.Equal(t, testData, encryptedData, "Encrypted data should be the same as original data") - decryptedData, err := nilCrypto.Decrypt(nil, encryptedData, nil, nil) + decryptedData, err := nilCrypto.Decrypt(nil, encryptedData, nil, "") assert.NoError(t, err, "Failed to decrypt data") assert.Equal(t, testData, decryptedData, "Decrypted data should be the same as original data") } @@ -31,7 +31,7 @@ func TestNilCryptoEncryptError(t *testing.T) { nilCrypto := dataprotect.NewNilCrypto() testData := make([]byte, 0) - _, _, err := nilCrypto.Encrypt(testData, nil, nil) + _, _, err := nilCrypto.Encrypt(testData, nil, "") assert.NoError(t, err, "Encrypt should not return an error when encrypting empty data") } @@ -39,6 +39,6 @@ func TestNilCryptoDecryptError(t *testing.T) { nilCrypto := dataprotect.NewNilCrypto() testData := make([]byte, 0) - _, err := nilCrypto.Decrypt(nil, testData, nil, nil) + _, err := nilCrypto.Decrypt(nil, testData, nil, "") assert.NoError(t, err, "Decrypt should not return an error when decrypting empty data") } diff --git a/pkg/doc/vc/crypto/crypto_test.go b/pkg/doc/vc/crypto/crypto_test.go index b92c771a0..ad6019cf7 100644 --- a/pkg/doc/vc/crypto/crypto_test.go +++ b/pkg/doc/vc/crypto/crypto_test.go @@ -24,22 +24,20 @@ import ( ariesmockstorage "github.com/trustbloc/did-go/legacy/mock/storage" vdrapi "github.com/trustbloc/did-go/vdr/api" vdrmock "github.com/trustbloc/did-go/vdr/mock" - "github.com/trustbloc/kms-go/crypto/tinkcrypto" - "github.com/trustbloc/kms-go/doc/util/jwkkid" - "github.com/trustbloc/kms-go/kms/localkms" - cryptomock "github.com/trustbloc/kms-go/mock/crypto" - mockkms "github.com/trustbloc/kms-go/mock/kms" + arieskms "github.com/trustbloc/kms-go/kms" + mockwrapper "github.com/trustbloc/kms-go/mock/wrapper" "github.com/trustbloc/kms-go/secretlock/noop" - ariescrypto "github.com/trustbloc/kms-go/spi/crypto" "github.com/trustbloc/kms-go/spi/kms" + "github.com/trustbloc/kms-go/wrapper/api" + "github.com/trustbloc/kms-go/wrapper/localsuite" "github.com/trustbloc/vc-go/dataintegrity/suite/ecdsa2019" "github.com/trustbloc/vc-go/sdjwt/common" "github.com/trustbloc/vc-go/verifiable" + "github.com/trustbloc/vcs/internal/mock/vcskms" "github.com/trustbloc/vcs/pkg/doc/vc" vcsverifiable "github.com/trustbloc/vcs/pkg/doc/verifiable" "github.com/trustbloc/vcs/pkg/internal/testutil" - "github.com/trustbloc/vcs/pkg/kms/signer" ) const ( @@ -236,9 +234,8 @@ func TestCrypto_SignCredentialLDP(t *testing.T) { //nolint:gocognit DID: "did:trustbloc:abc", SignatureType: "Ed25519Signature2018", Creator: "did:trustbloc:abc#key1", - KMS: &mockVCSKeyManager{ - kms: &mockkms.KeyManager{}, - crypto: &cryptomock.Crypto{SignErr: fmt.Errorf("failed to sign")}}, + KMS: &vcskms.MockKMS{ + FixedSigner: &mockwrapper.MockFixedKeyCrypto{SignErr: fmt.Errorf("failed to sign")}}, }, createVC(t, verifiable.CredentialContents{ID: "http://example.edu/credentials/1872"})) require.Error(t, err) @@ -333,16 +330,19 @@ func TestCrypto_SignCredentialJWT(t *testing.T) { }) require.NoError(t, err) - customKMS := createKMS(t) + suite := createCryptoSuite(t) - customCrypto, err := tinkcrypto.New() + customSigner, err := suite.KMSCryptoMultiSigner() require.NoError(t, err) - keyID, _, err := customKMS.CreateAndExportPubKeyBytes(kms.ED25519Type) + keyCreator, err := suite.KeyCreator() + require.NoError(t, err) + + pk, err := keyCreator.Create(kms.ED25519Type) require.NoError(t, err) didDoc := createDIDDoc(didID, func(vm *did.VerificationMethod) { - vm.ID = didID + "#" + keyID + vm.ID = didID + "#" + pk.KeyID }) type fields struct { @@ -367,7 +367,7 @@ func TestCrypto_SignCredentialJWT(t *testing.T) { }, }, args: args{ - signerData: getJWTSigner(customCrypto, customKMS, keyID), + signerData: getJWTSigner(customSigner, pk.KeyID), getVC: func() *verifiable.Credential { return unsignedVc }, @@ -383,13 +383,13 @@ func TestCrypto_SignCredentialJWT(t *testing.T) { }, }, args: args{ - signerData: getJWTSigner(customCrypto, customKMS, keyID), + signerData: getJWTSigner(customSigner, pk.KeyID), getVC: func() *verifiable.Credential { return unsignedVc }, opts: []SigningOpts{ WithSignatureType("JsonWebSignature2020"), - WithVerificationMethod(didID + "#" + keyID), + WithVerificationMethod(didID + "#" + pk.KeyID), WithPurpose(AssertionMethod), }, }, @@ -403,13 +403,13 @@ func TestCrypto_SignCredentialJWT(t *testing.T) { }, }, args: args{ - signerData: getSDJWTSigner(customCrypto, customKMS, keyID), + signerData: getSDJWTSigner(customSigner, pk.KeyID), getVC: func() *verifiable.Credential { return unsignedVc }, opts: []SigningOpts{ WithSignatureType("JsonWebSignature2020"), - WithVerificationMethod(didID + "#" + keyID), + WithVerificationMethod(didID + "#" + pk.KeyID), WithPurpose(AssertionMethod), }, }, @@ -423,8 +423,7 @@ func TestCrypto_SignCredentialJWT(t *testing.T) { }, }, args: args{ - signerData: getSDJWTSigner( - &cryptomock.Crypto{SignErr: fmt.Errorf("failed to sign")}, customKMS, keyID), + signerData: getSDJWTSigner(&mockwrapper.MockKMSCrypto{SignErr: fmt.Errorf("failed to sign")}, pk.KeyID), getVC: func() *verifiable.Credential { return unsignedVc }, @@ -440,7 +439,7 @@ func TestCrypto_SignCredentialJWT(t *testing.T) { }, }, args: args{ - signerData: getJWTSigner(customCrypto, customKMS, keyID), + signerData: getJWTSigner(customSigner, pk.KeyID), getVC: func() *verifiable.Credential { return unsignedVc }, @@ -456,7 +455,7 @@ func TestCrypto_SignCredentialJWT(t *testing.T) { }, }, args: args{ - signerData: getJWTSigner(customCrypto, customKMS, keyID), + signerData: getJWTSigner(customSigner, pk.KeyID), getVC: func() *verifiable.Credential { return unsignedVc }, @@ -476,7 +475,7 @@ func TestCrypto_SignCredentialJWT(t *testing.T) { }, }, args: args{ - signerData: getJWTSigner(customCrypto, customKMS, keyID), + signerData: getJWTSigner(customSigner, pk.KeyID), getVC: func() *verifiable.Credential { return unsignedVc }, @@ -492,7 +491,7 @@ func TestCrypto_SignCredentialJWT(t *testing.T) { }, }, args: args{ - signerData: getJWTSigner(customCrypto, customKMS, keyID), + signerData: getJWTSigner(customSigner, pk.KeyID), getVC: func() *verifiable.Credential { return unsignedVcNoSub }, @@ -511,11 +510,10 @@ func TestCrypto_SignCredentialJWT(t *testing.T) { signerData: &vc.Signer{ DID: didID, SignatureType: "Ed25519Signature2018", - Creator: didID + "#" + keyID, - KMSKeyID: keyID, - KMS: &mockVCSKeyManager{ - crypto: customCrypto, - kms: customKMS, + Creator: didID + "#" + pk.KeyID, + KMSKeyID: pk.KeyID, + KMS: &vcskms.MockKMS{ + Signer: customSigner, }, Format: vcsverifiable.Jwt, KeyType: "unsupported", @@ -535,8 +533,7 @@ func TestCrypto_SignCredentialJWT(t *testing.T) { }, }, args: args{ - signerData: getJWTSigner( - &cryptomock.Crypto{SignErr: fmt.Errorf("failed to sign")}, customKMS, keyID), + signerData: getJWTSigner(&mockwrapper.MockKMSCrypto{SignErr: fmt.Errorf("failed to sign")}, pk.KeyID), getVC: func() *verifiable.Credential { return unsignedVc }, @@ -582,9 +579,8 @@ func TestCrypto_SignCredentialBBS(t *testing.T) { SignatureType: "BbsBlsSignature2020", Creator: "did:trustbloc:abc#key1", KMSKeyID: "key1", - KMS: &mockVCSKeyManager{ - crypto: &cryptomock.Crypto{}, - kms: &mockkms.KeyManager{}, + KMS: &vcskms.MockKMS{ + FixedSigner: &mockwrapper.MockFixedKeyCrypto{}, }, }, createVC(t, verifiable.CredentialContents{ID: "http://example.edu/credentials/1872"})) require.NoError(t, err) @@ -668,12 +664,12 @@ func TestSignCredential(t *testing.T) { require.False(t, signedVC.IsJWT()) }) t.Run("sign credential LDP Data Integrity - success", func(t *testing.T) { - customKMS := createKMS(t) + suite := createCryptoSuite(t) - _, keyBytes, err := customKMS.CreateAndExportPubKeyBytes(kms.ECDSAP256IEEEP1363) + keyCreator, err := suite.KeyCreator() require.NoError(t, err) - key, err := jwkkid.BuildJWK(keyBytes, kms.ECDSAP256IEEEP1363) + key, err := keyCreator.Create(kms.ECDSAP256IEEEP1363) require.NoError(t, err) const signingDID = "did:foo:bar" @@ -752,9 +748,8 @@ func TestSignCredential(t *testing.T) { SignatureType: "Ed25519Signature2018", Creator: "did:trustbloc:abc#key1", KMSKeyID: "key1", - KMS: &mockVCSKeyManager{ - crypto: &cryptomock.Crypto{}, - kms: &mockkms.KeyManager{}, + KMS: &vcskms.MockKMS{ + FixedSigner: &mockwrapper.MockFixedKeyCrypto{}, }, }, unsignedVC) require.Error(t, err) @@ -784,9 +779,8 @@ func TestSignCredential(t *testing.T) { Creator: "did:trustbloc:abc#key1", KMSKeyID: "key1", KeyType: kms.ED25519Type, - KMS: &mockVCSKeyManager{ - crypto: &cryptomock.Crypto{}, - kms: &mockkms.KeyManager{}, + KMS: &vcskms.MockKMS{ + FixedSigner: &mockwrapper.MockFixedKeyCrypto{}, }, Format: vcsverifiable.Jwt, }, unsignedVC) @@ -817,9 +811,8 @@ func TestSignCredential(t *testing.T) { SignatureType: "Ed25519Signature2018", Creator: "did:trustbloc:abc#key1", KMSKeyID: "key1", - KMS: &mockVCSKeyManager{ - crypto: &cryptomock.Crypto{}, - kms: &mockkms.KeyManager{}, + KMS: &vcskms.MockKMS{ + FixedSigner: &mockwrapper.MockFixedKeyCrypto{}, }, Format: vcsverifiable.Jwt, }, unsignedVC) @@ -835,9 +828,8 @@ func getTestLDPSigner() *vc.Signer { Creator: "did:trustbloc:abc#key1", KMSKeyID: "key1", KeyType: kms.ED25519, - KMS: &mockVCSKeyManager{ - crypto: &cryptomock.Crypto{}, - kms: &mockkms.KeyManager{}, + KMS: &vcskms.MockKMS{ + FixedSigner: &mockwrapper.MockFixedKeyCrypto{}, }, Format: vcsverifiable.Ldp, DataIntegrityProof: vc.DataIntegrityProofConfig{ @@ -857,17 +849,15 @@ func getTestLDPDataIntegritySigner() *vc.Signer { } func getJWTSigner( - customCrypto ariescrypto.Crypto, - customKMS kms.KeyManager, + customSigner api.KMSCryptoMultiSigner, kid string) *vc.Signer { return &vc.Signer{ DID: didID, SignatureType: "Ed25519Signature2018", Creator: didID + "#" + kid, KMSKeyID: kid, - KMS: &mockVCSKeyManager{ - crypto: customCrypto, - kms: customKMS, + KMS: &vcskms.MockKMS{ + Signer: customSigner, }, Format: vcsverifiable.Jwt, KeyType: kms.ED25519Type, @@ -875,40 +865,24 @@ func getJWTSigner( } func getSDJWTSigner( - customCrypto ariescrypto.Crypto, - customKMS kms.KeyManager, + customSigner api.KMSCryptoMultiSigner, kid string) *vc.Signer { - s := getJWTSigner(customCrypto, customKMS, kid) + s := getJWTSigner(customSigner, kid) s.SDJWT = vc.SDJWT{Enable: true, HashAlg: crypto.SHA384} return s } -func createKMS(t *testing.T) *localkms.LocalKMS { +func createCryptoSuite(t *testing.T) api.Suite { t.Helper() - p, err := mockkms.NewProviderForKMS(ariesmockstorage.NewMockStoreProvider(), &noop.NoLock{}) + p, err := arieskms.NewAriesProviderWrapper(ariesmockstorage.NewMockStoreProvider()) require.NoError(t, err) - k, err := localkms.New("local-lock://custom/primary/key/", p) + suite, err := localsuite.NewLocalCryptoSuite("local-lock://custom/primary/key/", p, &noop.NoLock{}) require.NoError(t, err) - return k -} - -type mockVCSKeyManager struct { - err error - crypto ariescrypto.Crypto - kms kms.KeyManager -} - -func (m *mockVCSKeyManager) NewVCSigner(creator string, - signatureType vcsverifiable.SignatureType) (vc.SignerAlgorithm, error) { - if m.err != nil { - return nil, m.err - } - - return signer.NewKMSSigner(m.kms, m.crypto, creator, signatureType, nil) + return suite } type opt func(vm *did.VerificationMethod) @@ -1027,8 +1001,8 @@ func TestCrypto_NewJWTSigned(t *testing.T) { }, getSignerData: func() *vc.Signer { s := getTestLDPSigner() - s.KMS = &mockVCSKeyManager{ - err: errors.New("some error"), + s.KMS = &vcskms.MockKMS{ + VCSignerErr: errors.New("some error"), } return s diff --git a/pkg/doc/vc/crypto/dataIntegrity_test.go b/pkg/doc/vc/crypto/dataIntegrity_test.go index 5b2100053..13dfcd3fe 100644 --- a/pkg/doc/vc/crypto/dataIntegrity_test.go +++ b/pkg/doc/vc/crypto/dataIntegrity_test.go @@ -11,22 +11,21 @@ import ( utiltime "github.com/trustbloc/did-go/doc/util/time" vdrapi "github.com/trustbloc/did-go/vdr/api" vdrmock "github.com/trustbloc/did-go/vdr/mock" - "github.com/trustbloc/kms-go/doc/util/jwkkid" - cryptomock "github.com/trustbloc/kms-go/mock/crypto" - mockkms "github.com/trustbloc/kms-go/mock/kms" + mockwrapper "github.com/trustbloc/kms-go/mock/wrapper" kmsapi "github.com/trustbloc/kms-go/spi/kms" "github.com/trustbloc/vc-go/verifiable" + "github.com/trustbloc/vcs/internal/mock/vcskms" "github.com/trustbloc/vcs/pkg/internal/testutil" ) func TestCrypto_SignCredentialLDPDataIntegrity(t *testing.T) { //nolint:gocognit - customKMS := createKMS(t) + suite := createCryptoSuite(t) - _, keyBytes, err := customKMS.CreateAndExportPubKeyBytes(kmsapi.ECDSAP256IEEEP1363) + keyCreator, err := suite.KeyCreator() require.NoError(t, err) - key, err := jwkkid.BuildJWK(keyBytes, kmsapi.ECDSAP256IEEEP1363) + key, err := keyCreator.Create(kmsapi.ECDSAP256IEEEP1363) require.NoError(t, err) const signingDID = "did:foo:bar" @@ -133,11 +132,8 @@ func TestCrypto_SignCredentialLDPDataIntegrity(t *testing.T) { //nolint:gocognit t.Run("Error get signer", func(t *testing.T) { ariesSigner := getTestLDPDataIntegritySigner() - ariesSigner.KMS = &mockVCSKeyManager{ - crypto: &cryptomock.Crypto{}, - kms: &mockkms.KeyManager{ - GetKeyErr: errors.New("some error"), - }, + ariesSigner.KMS = &vcskms.MockKMS{ + Signer: &mockwrapper.MockKMSCrypto{FixedKeyCryptoErr: errors.New("some error")}, } signedVC, err := c.signCredentialLDPDataIntegrity(ariesSigner, unsignedVc) diff --git a/pkg/internal/testutil/credential.go b/pkg/internal/testutil/credential.go index e303b521a..6a5630817 100644 --- a/pkg/internal/testutil/credential.go +++ b/pkg/internal/testutil/credential.go @@ -19,12 +19,12 @@ import ( ariesmockstorage "github.com/trustbloc/did-go/legacy/mock/storage" vdrapi "github.com/trustbloc/did-go/vdr/api" vdrmock "github.com/trustbloc/did-go/vdr/mock" - "github.com/trustbloc/kms-go/crypto/tinkcrypto" - "github.com/trustbloc/kms-go/doc/jose/jwk/jwksupport" - "github.com/trustbloc/kms-go/kms/localkms" - mockkms "github.com/trustbloc/kms-go/mock/kms" + "github.com/trustbloc/kms-go/doc/jose/jwk" + "github.com/trustbloc/kms-go/kms" "github.com/trustbloc/kms-go/secretlock/noop" kmskeytypes "github.com/trustbloc/kms-go/spi/kms" + "github.com/trustbloc/kms-go/wrapper/api" + "github.com/trustbloc/kms-go/wrapper/localsuite" "github.com/trustbloc/vc-go/signature/suite" "github.com/trustbloc/vc-go/signature/suite/jsonwebsignature2020" "github.com/trustbloc/vc-go/verifiable" @@ -69,25 +69,27 @@ func proveVC( customKMS := createKMS(t) - customCrypto, err := tinkcrypto.New() + created, err := time.Parse(time.RFC3339, "2018-03-15T00:00:00Z") require.NoError(t, err) - created, err := time.Parse(time.RFC3339, "2018-03-15T00:00:00Z") + kc, err := customKMS.KMSCrypto() require.NoError(t, err) - keyID, kh, err := customKMS.Create(kt) + pk, err := kc.Create(kt) require.NoError(t, err) - pkBytes, _, err := customKMS.ExportPubKeyBytes(keyID) + fks, err := kc.FixedKeySigner(pk) require.NoError(t, err) - didDoc := createDIDDoc(t, "did:trustblock:abc", keyID, pkBytes, kt) + didDoc := createDIDDoc(t, "did:trustblock:abc", pk.KeyID, pk) + + signer := suite.NewCryptoWrapperSigner(fks) // Sign switch sf { case vcsverifiable.Ldp: signerSuite := jsonwebsignature2020.New( - suite.WithSigner(suite.NewCryptoSigner(customCrypto, kh))) + suite.WithSigner(signer)) err = credential.AddLinkedDataProof(&verifiable.LinkedDataProofContext{ SignatureType: "JsonWebSignature2020", Suite: signerSuite, @@ -107,7 +109,7 @@ func proveVC( jwsAlgName, err := jwsAlgo.Name() require.NoError(t, err) - joseSigner := jws.NewSigner(didDoc.VerificationMethod[0].ID, jwsAlgName, suite.NewCryptoSigner(customCrypto, kh)) + joseSigner := jws.NewSigner(didDoc.VerificationMethod[0].ID, jwsAlgName, signer) sdjwtCredential, err := credential.MakeSDJWT(joseSigner, didDoc.VerificationMethod[0].ID, verifiable.MakeSDJWTWithNonSelectivelyDisclosableClaims([]string{"id", "type", "@type"}), @@ -122,7 +124,7 @@ func proveVC( credential = vcParsed } else { credential, err = credential.CreateSignedJWTVC( - false, jwsAlgo, suite.NewCryptoSigner(customCrypto, kh), didDoc.VerificationMethod[0].ID) + false, jwsAlgo, signer, didDoc.VerificationMethod[0].ID) require.NoError(t, err) } } @@ -134,7 +136,7 @@ func proveVC( } } -func createDIDDoc(t *testing.T, didID, keyID string, pubKeyBytes []byte, kt kmskeytypes.KeyType) *did.Doc { +func createDIDDoc(t *testing.T, didID, keyID string, pubJWK *jwk.JWK) *did.Doc { t.Helper() const ( @@ -152,9 +154,7 @@ func createDIDDoc(t *testing.T, didID, keyID string, pubKeyBytes []byte, kt kmsk Priority: 0, } - j, _ := jwksupport.PubKeyBytesToJWK(pubKeyBytes, kt) - - mv, _ := did.NewVerificationMethodFromJWK(creator, keyType, "", j) + mv, _ := did.NewVerificationMethodFromJWK(creator, keyType, "", pubJWK) createdTime := time.Now() @@ -171,14 +171,18 @@ func createDIDDoc(t *testing.T, didID, keyID string, pubKeyBytes []byte, kt kmsk } } -func createKMS(t *testing.T) *localkms.LocalKMS { +func createKMS(t *testing.T) api.Suite { t.Helper() - p, err := mockkms.NewProviderForKMS(ariesmockstorage.NewMockStoreProvider(), &noop.NoLock{}) + storeProv, err := kms.NewAriesProviderWrapper(ariesmockstorage.NewMockStoreProvider()) require.NoError(t, err) - k, err := localkms.New("local-lock://custom/primary/key/", p) + cryptoSuite, err := localsuite.NewLocalCryptoSuite( + "local-lock://custom/primary/key/", + storeProv, + &noop.NoLock{}, + ) require.NoError(t, err) - return k + return cryptoSuite } diff --git a/pkg/internal/testutil/jwt.go b/pkg/internal/testutil/jwt.go index 27517f769..0f23cdef1 100644 --- a/pkg/internal/testutil/jwt.go +++ b/pkg/internal/testutil/jwt.go @@ -13,9 +13,9 @@ import ( "github.com/trustbloc/did-go/doc/did" vdrapi "github.com/trustbloc/did-go/vdr/api" vdrmock "github.com/trustbloc/did-go/vdr/mock" - "github.com/trustbloc/kms-go/crypto/tinkcrypto" "github.com/trustbloc/kms-go/doc/jose" "github.com/trustbloc/kms-go/spi/kms" + "github.com/trustbloc/kms-go/wrapper/api" "github.com/trustbloc/vc-go/jwt" "github.com/trustbloc/vc-go/signature/suite" "github.com/trustbloc/vc-go/verifiable" @@ -24,7 +24,7 @@ import ( type SignedClaimsJWTResult struct { JWT string VDR vdrapi.Registry - Kh interface{} + Signer api.FixedKeySigner VerMethodDIDKeyID string } @@ -33,16 +33,16 @@ func SignedClaimsJWT(t *testing.T, claims interface{}) *SignedClaimsJWTResult { customKMS := createKMS(t) - customCrypto, err := tinkcrypto.New() + kc, err := customKMS.KMSCrypto() require.NoError(t, err) - keyID, kh, err := customKMS.Create(kms.ED25519Type) + pk, err := kc.Create(kms.ED25519Type) require.NoError(t, err) - pkBytes, _, err := customKMS.ExportPubKeyBytes(keyID) + fks, err := kc.FixedKeySigner(pk) require.NoError(t, err) - didDoc := createDIDDoc(t, "did:trustblock:abc", keyID, pkBytes, kms.ED25519Type) + didDoc := createDIDDoc(t, "did:trustblock:abc", pk.KeyID, pk) jwsAlgo, err := verifiable.KeyTypeToJWSAlgo(kms.ED25519Type) require.NoError(t, err) @@ -52,7 +52,7 @@ func SignedClaimsJWT(t *testing.T, claims interface{}) *SignedClaimsJWTResult { token, err := jwt.NewSigned(claims, jose.Headers{ jose.HeaderKeyID: didDoc.VerificationMethod[0].ID, - }, verifiable.GetJWTSigner(suite.NewCryptoSigner(customCrypto, kh), algName)) + }, verifiable.GetJWTSigner(suite.NewCryptoWrapperSigner(fks), algName)) require.NoError(t, err) jws, err := token.Serialize(false) @@ -65,18 +65,15 @@ func SignedClaimsJWT(t *testing.T, claims interface{}) *SignedClaimsJWTResult { return &did.DocResolution{DIDDocument: didDoc}, nil }, }, - Kh: kh, + Signer: fks, VerMethodDIDKeyID: didDoc.VerificationMethod[0].ID, } } func SignedClaimsJWTWithExistingPrivateKey( - t *testing.T, verMethodDIDKeyID string, kh interface{}, claims interface{}) string { + t *testing.T, verMethodDIDKeyID string, signer api.FixedKeySigner, claims interface{}) string { t.Helper() - customCrypto, err := tinkcrypto.New() - require.NoError(t, err) - jwsAlgo, err := verifiable.KeyTypeToJWSAlgo(kms.ED25519Type) require.NoError(t, err) @@ -85,7 +82,7 @@ func SignedClaimsJWTWithExistingPrivateKey( token, err := jwt.NewSigned(claims, jose.Headers{ jose.HeaderKeyID: verMethodDIDKeyID, - }, verifiable.GetJWTSigner(suite.NewCryptoSigner(customCrypto, kh), algName)) + }, verifiable.GetJWTSigner(suite.NewCryptoWrapperSigner(signer), algName)) require.NoError(t, err) jws, err := token.Serialize(false) diff --git a/pkg/internal/testutil/presentation.go b/pkg/internal/testutil/presentation.go index 890bdb980..64d8172b9 100644 --- a/pkg/internal/testutil/presentation.go +++ b/pkg/internal/testutil/presentation.go @@ -15,8 +15,9 @@ import ( jsonld "github.com/trustbloc/did-go/doc/ld/processor" vdrapi "github.com/trustbloc/did-go/vdr/api" vdrmock "github.com/trustbloc/did-go/vdr/mock" - "github.com/trustbloc/kms-go/crypto/tinkcrypto" + "github.com/trustbloc/kms-go/doc/jose/jwk" "github.com/trustbloc/kms-go/spi/kms" + "github.com/trustbloc/kms-go/wrapper/api" "github.com/trustbloc/vc-go/signature/suite" "github.com/trustbloc/vc-go/signature/suite/jsonwebsignature2020" "github.com/trustbloc/vc-go/verifiable" @@ -27,7 +28,7 @@ import ( type SignedPresentationResult struct { Presentation *verifiable.Presentation VDR vdrapi.Registry - Kh interface{} + Kh *jwk.JWK VerMethodDIDKeyID string } @@ -73,23 +74,23 @@ func proveVP( customKMS := createKMS(t) - customCrypto, err := tinkcrypto.New() + kc, err := customKMS.KMSCrypto() require.NoError(t, err) - keyID, kh, err := customKMS.Create(kms.ED25519Type) + pk, err := kc.Create(kms.ED25519Type) require.NoError(t, err) - pkBytes, _, err := customKMS.ExportPubKeyBytes(keyID) + fks, err := kc.FixedKeySigner(pk) require.NoError(t, err) - didDoc := createDIDDoc(t, "did:trustblock:abc", keyID, pkBytes, kms.ED25519Type) + didDoc := createDIDDoc(t, "did:trustblock:abc", pk.KeyID, pk) // Sign switch format { case vcs.Ldp: - addLDP(t, presentation, didDoc.VerificationMethod[0].ID, customCrypto, kh, opts...) + addLDP(t, presentation, didDoc.VerificationMethod[0].ID, fks, opts...) case vcs.Jwt: - signJWS(t, presentation, didDoc.VerificationMethod[0].ID, customCrypto, kh) + signJWS(t, presentation, didDoc.VerificationMethod[0].ID, fks) } return &SignedPresentationResult{ @@ -99,7 +100,7 @@ func proveVP( return &did.DocResolution{DIDDocument: didDoc}, nil }, }, - Kh: kh, + Kh: pk, VerMethodDIDKeyID: didDoc.VerificationMethod[0].ID, } } @@ -110,13 +111,13 @@ func SignedVPWithExistingPrivateKey( presentation *verifiable.Presentation, format vcs.Format, verMethodDIDKeyID string, - kh interface{}, + signer api.FixedKeySigner, opts ...LDPOpt, ) *verifiable.Presentation { t.Helper() return proveVPWithExistingPrivateKey( - t, presentation, format, verMethodDIDKeyID, kh, opts...) + t, presentation, format, verMethodDIDKeyID, signer, opts...) } func proveVPWithExistingPrivateKey( @@ -124,20 +125,17 @@ func proveVPWithExistingPrivateKey( presentation *verifiable.Presentation, format vcs.Format, verMethodDIDKeyID string, - kh interface{}, + signer api.FixedKeySigner, opts ...LDPOpt, ) *verifiable.Presentation { t.Helper() - customCrypto, err := tinkcrypto.New() - require.NoError(t, err) - // Sign switch format { case vcs.Ldp: - addLDP(t, presentation, verMethodDIDKeyID, customCrypto, kh, opts...) + addLDP(t, presentation, verMethodDIDKeyID, signer, opts...) case vcs.Jwt: - signJWS(t, presentation, verMethodDIDKeyID, customCrypto, kh) + signJWS(t, presentation, verMethodDIDKeyID, signer) } return presentation @@ -147,8 +145,7 @@ func signJWS( t *testing.T, presentation *verifiable.Presentation, keyID string, - customCrypto *tinkcrypto.Crypto, - kh interface{}, + fks api.FixedKeySigner, ) { t.Helper() @@ -158,7 +155,7 @@ func signJWS( jwsAlgo, err := verifiable.KeyTypeToJWSAlgo(kms.ED25519Type) require.NoError(t, err) - jws, err := claims.MarshalJWS(jwsAlgo, suite.NewCryptoSigner(customCrypto, kh), keyID) + jws, err := claims.MarshalJWS(jwsAlgo, suite.NewCryptoWrapperSigner(fks), keyID) require.NoError(t, err) presentation.JWT = jws @@ -168,8 +165,7 @@ func addLDP( t *testing.T, presentation *verifiable.Presentation, keyID string, - customCrypto *tinkcrypto.Crypto, - kh interface{}, + fks api.FixedKeySigner, opts ...LDPOpt, ) { t.Helper() @@ -178,7 +174,7 @@ func addLDP( require.NoError(t, err) signerSuite := jsonwebsignature2020.New( - suite.WithSigner(suite.NewCryptoSigner(customCrypto, kh))) + suite.WithSigner(suite.NewCryptoWrapperSigner(fks))) ctx := &verifiable.LinkedDataProofContext{ SignatureType: "JsonWebSignature2020", diff --git a/pkg/kms/arieskms.go b/pkg/kms/arieskms.go index 978e2c0e5..c683260ac 100644 --- a/pkg/kms/arieskms.go +++ b/pkg/kms/arieskms.go @@ -16,15 +16,14 @@ import ( "github.com/aws/aws-sdk-go-v2/config" "github.com/aws/aws-sdk-go-v2/service/kms" "github.com/trustbloc/did-go/legacy/mem" - "github.com/trustbloc/kms-go/crypto/tinkcrypto" - webcrypto "github.com/trustbloc/kms-go/crypto/webkms" "github.com/trustbloc/kms-go/doc/jose/jwk" arieskms "github.com/trustbloc/kms-go/kms" - "github.com/trustbloc/kms-go/kms/localkms" - "github.com/trustbloc/kms-go/kms/webkms" "github.com/trustbloc/kms-go/secretlock/local" kmsapi "github.com/trustbloc/kms-go/spi/kms" "github.com/trustbloc/kms-go/spi/secretlock" + "github.com/trustbloc/kms-go/wrapper/api" + "github.com/trustbloc/kms-go/wrapper/localsuite" + "github.com/trustbloc/kms-go/wrapper/websuite" awssvc "github.com/trustbloc/vcs/pkg/kms/aws" "github.com/trustbloc/vcs/pkg/storage/mongodb" "github.com/trustbloc/vcs/pkg/storage/mongodb/arieskmsstore" @@ -59,58 +58,42 @@ const ( storageTypeMongoDBOption = "mongodb" ) -type keyManager interface { - Get(keyID string) (interface{}, error) - CreateAndExportPubKeyBytes(kt kmsapi.KeyType, opts ...kmsapi.KeyOpts) (string, []byte, error) -} - -type Crypto interface { - Sign(msg []byte, kh interface{}) ([]byte, error) - SignMulti(messages [][]byte, kh interface{}) ([]byte, error) - Decrypt(cipher, aad, nonce []byte, kh interface{}) ([]byte, error) - Encrypt(msg, aad []byte, kh interface{}) ([]byte, []byte, error) -} - type metricsProvider interface { SignTime(value time.Duration) } type KeyManager struct { - keyManager keyManager - crypto Crypto - kmsType Type - metrics metricsProvider + kmsType Type + metrics metricsProvider + suite api.Suite } -func GetAriesKeyManager(keyManager keyManager, crypto Crypto, kmsType Type, metrics metricsProvider) *KeyManager { +func GetAriesKeyManager(suite api.Suite, kmsType Type, metrics metricsProvider) *KeyManager { return &KeyManager{ - keyManager: keyManager, - crypto: crypto, - kmsType: kmsType, - metrics: metrics, + suite: suite, + kmsType: kmsType, + metrics: metrics, } } func NewAriesKeyManager(cfg *Config, metrics metricsProvider) (*KeyManager, error) { switch cfg.KMSType { case Local: - km, cr, err := createLocalKMS(cfg) + suite, err := createLocalKMS(cfg) if err != nil { return nil, err } return &KeyManager{ - kmsType: cfg.KMSType, - keyManager: km, - crypto: cr, - metrics: metrics, + kmsType: cfg.KMSType, + metrics: metrics, + suite: suite, }, nil case Web: return &KeyManager{ - kmsType: cfg.KMSType, - keyManager: webkms.New(cfg.Endpoint, cfg.HTTPClient), - crypto: webcrypto.New(cfg.Endpoint, cfg.HTTPClient), - metrics: metrics, + kmsType: cfg.KMSType, + metrics: metrics, + suite: websuite.NewWebCryptoSuite(cfg.Endpoint, cfg.HTTPClient), }, nil case AWS: awsConfig, err := config.LoadDefaultConfig( @@ -121,13 +104,12 @@ func NewAriesKeyManager(cfg *Config, metrics metricsProvider) (*KeyManager, erro return nil, err } - awsSvc := awssvc.New(&awsConfig, nil, "", awssvc.WithKeyAliasPrefix(cfg.AliasPrefix)) + awsSuite := awssvc.NewSuite(&awsConfig, nil, "", awssvc.WithKeyAliasPrefix(cfg.AliasPrefix)) return &KeyManager{ - kmsType: cfg.KMSType, - keyManager: awsSvc, - crypto: awsSvc, - metrics: metrics, + kmsType: cfg.KMSType, + metrics: metrics, + suite: awsSuite, }, nil } @@ -146,33 +128,18 @@ func prepareResolver(endpoint string, reg string) aws.EndpointResolverWithOption } } -func createLocalKMS(cfg *Config) (keyManager, Crypto, error) { +func createLocalKMS(cfg *Config) (api.Suite, error) { secretLockService, err := createLocalSecretLock(cfg.SecretLockKeyPath) if err != nil { - return nil, nil, err + return nil, err } kmsStore, err := createStore(cfg.DBType, cfg.DBURL, cfg.DBPrefix) if err != nil { - return nil, nil, err - } - - kmsProv := kmsProvider{ - storageProvider: kmsStore, - secretLockService: secretLockService, - } - - localKms, err := localkms.New(keystoreLocalPrimaryKeyURI, kmsProv) - if err != nil { - return nil, nil, err - } - - crypto, err := tinkcrypto.New() - if err != nil { - return nil, nil, err + return nil, err } - return localKms, crypto, nil + return localsuite.NewLocalCryptoSuite(keystoreLocalPrimaryKeyURI, kmsStore, secretLockService) } func (km *KeyManager) SupportedKeyTypes() []kmsapi.KeyType { @@ -183,21 +150,36 @@ func (km *KeyManager) SupportedKeyTypes() []kmsapi.KeyType { return ariesSupportedKeyTypes } -func (km *KeyManager) Crypto() Crypto { - return km.crypto +func (km *KeyManager) Suite() api.Suite { + return km.suite } func (km *KeyManager) CreateJWKKey(keyType kmsapi.KeyType) (string, *jwk.JWK, error) { - return key.JWKKeyCreator(keyType)(km.keyManager) + creator, err := km.Suite().KeyCreator() + if err != nil { + return "", nil, err + } + + return key.JWKKeyCreator(creator)(keyType) } func (km *KeyManager) CreateCryptoKey(keyType kmsapi.KeyType) (string, interface{}, error) { - return key.CryptoKeyCreator(keyType)(km.keyManager) + creator, err := km.Suite().RawKeyCreator() + if err != nil { + return "", nil, err + } + + return key.CryptoKeyCreator(creator)(keyType) } func (km *KeyManager) NewVCSigner( creator string, signatureType vcsverifiable.SignatureType) (vc.SignerAlgorithm, error) { - return signer.NewKMSSigner(km.keyManager, km.crypto, creator, signatureType, km.metrics) + fks, err := km.Suite().FixedKeyMultiSigner(creator) + if err != nil { + return nil, err + } + + return signer.NewKMSSigner(fks, signatureType, km.metrics), nil } func createLocalSecretLock(keyPath string) (secretlock.Service, error) { @@ -233,16 +215,3 @@ func createStore(typ, url, prefix string) (kmsapi.Store, error) { return nil, fmt.Errorf("not supported database type: %s", typ) } } - -type kmsProvider struct { - storageProvider kmsapi.Store - secretLockService secretlock.Service -} - -func (k kmsProvider) StorageProvider() kmsapi.Store { - return k.storageProvider -} - -func (k kmsProvider) SecretLock() secretlock.Service { - return k.secretLockService -} diff --git a/pkg/kms/arieskms_test.go b/pkg/kms/arieskms_test.go index 061d5575f..c9704b8cb 100644 --- a/pkg/kms/arieskms_test.go +++ b/pkg/kms/arieskms_test.go @@ -157,7 +157,7 @@ func TestNewAWSKeyManager(t *testing.T) { Endpoint: "url", }, nil) - require.NotNil(t, km.Crypto()) + require.NotNil(t, km.Suite()) require.NotNil(t, km) require.NoError(t, err) diff --git a/pkg/kms/aws/service.go b/pkg/kms/aws/service.go index 5415e671c..f0b782250 100644 --- a/pkg/kms/aws/service.go +++ b/pkg/kms/aws/service.go @@ -127,8 +127,11 @@ func New( } } +// TODO this API swapped cipher and aad, so dataprotect passed them in swapped +// I fixed that, but if any other code uses the aws wrapper's Decrypt, it would also need changing + // Decrypt data. -func (s *Service) Decrypt(_, aad, _ []byte, kh interface{}) ([]byte, error) { +func (s *Service) Decrypt(cipher, _, _ []byte, kh interface{}) ([]byte, error) { startTime := time.Now() defer func() { @@ -147,7 +150,7 @@ func (s *Service) Decrypt(_, aad, _ []byte, kh interface{}) ([]byte, error) { } input := &kms.DecryptInput{ - CiphertextBlob: aad, + CiphertextBlob: cipher, EncryptionAlgorithm: s.encryptionAlgo, KeyId: aws.String(keyID), } diff --git a/pkg/kms/aws/service_test.go b/pkg/kms/aws/service_test.go index dc47d13e9..1d01443f1 100644 --- a/pkg/kms/aws/service_test.go +++ b/pkg/kms/aws/service_test.go @@ -641,9 +641,9 @@ func TestDecrypt(t *testing.T) { }) decryptedData, err := svc.Decrypt( - nil, encrypted, nil, + nil, "aws-kms://arn:aws:kms:ca-central-1:111122223333:alias/800d5768-3fd7-4edd-a4b8-4c81c3e4c147", ) @@ -673,8 +673,8 @@ func TestDecrypt(t *testing.T) { }) decrypted, err := svc.Decrypt( - msg, nil, + msg, nil, "aws-kms://arn:aws:kms:ca-central-1:111122223333:alias/800d5768-3fd7-4edd-a4b8-4c81c3e4c147", ) diff --git a/pkg/kms/aws/wrapper.go b/pkg/kms/aws/wrapper.go new file mode 100644 index 000000000..e656839ae --- /dev/null +++ b/pkg/kms/aws/wrapper.go @@ -0,0 +1,143 @@ +/* +Copyright Gen Digital Inc. All Rights Reserved. +SPDX-License-Identifier: Apache-2.0 +*/ + +package aws + +import ( + "github.com/aws/aws-sdk-go-v2/aws" + "github.com/trustbloc/kms-go/wrapper/api" + + "github.com/trustbloc/kms-go/doc/jose/jwk" + "github.com/trustbloc/kms-go/doc/jose/jwk/jwksupport" + "github.com/trustbloc/kms-go/spi/kms" +) + +// NewSuite returns a api.Suite built on top of aws kms. +func NewSuite(awsConfig *aws.Config, + metrics metricsProvider, + healthCheckKeyID string, + opts ...Opts) api.Suite { + svc := New(awsConfig, metrics, healthCheckKeyID, opts...) + + return &suiteImpl{ + svc: svc, + } +} + +type suiteImpl struct { + svc *Service +} + +func (s *suiteImpl) KMSCryptoVerifier() (api.KMSCryptoVerifier, error) { + return nil, api.ErrNotSupported +} + +func (s *suiteImpl) KeyCreator() (api.KeyCreator, error) { + return keyCreator{svc: s.svc}, nil +} + +type keyCreator struct { + svc *Service +} + +func (c keyCreator) Create(keyType kms.KeyType) (*jwk.JWK, error) { + kid, pkBytes, err := c.svc.CreateAndExportPubKeyBytes(keyType) + if err != nil { + return nil, err + } + + pk, err := jwksupport.PubKeyBytesToJWK(pkBytes, keyType) + if err != nil { + return nil, err + } + + pk.KeyID = kid + + return pk, nil +} + +func (s *suiteImpl) KMSCrypto() (api.KMSCrypto, error) { + return nil, api.ErrNotSupported +} + +func (s *suiteImpl) FixedKeyCrypto(*jwk.JWK) (api.FixedKeyCrypto, error) { + return nil, api.ErrNotSupported +} + +func (s *suiteImpl) RawKeyCreator() (api.RawKeyCreator, error) { + return &rawCreator{svc: s.svc}, nil +} + +type rawCreator struct { + svc *Service + keyCreator +} + +func (r *rawCreator) CreateRaw(keyType kms.KeyType) (string, interface{}, error) { + kid, pkBytes, err := r.svc.CreateAndExportPubKeyBytes(keyType) + if err != nil { + return "", nil, err + } + + pk, err := jwksupport.PubKeyBytesToKey(pkBytes, keyType) + if err != nil { + return "", nil, err + } + + return kid, pk, nil +} + +func (s *suiteImpl) KMSCryptoSigner() (api.KMSCryptoSigner, error) { + return &signer{svc: s.svc}, nil +} + +type signer struct { + svc *Service +} + +func (s *signer) Sign(msg []byte, pub *jwk.JWK) ([]byte, error) { + return s.svc.Sign(msg, pub.KeyID) +} + +func (s *signer) FixedKeySigner(pub *jwk.JWK) (api.FixedKeySigner, error) { + return &fixedKeySigner{svc: s.svc, kid: pub.KeyID}, nil +} + +func (s *suiteImpl) FixedKeySigner(kid string) (api.FixedKeySigner, error) { + return &fixedKeySigner{svc: s.svc, kid: kid}, nil +} + +func (s *suiteImpl) KMSCryptoMultiSigner() (api.KMSCryptoMultiSigner, error) { + return nil, api.ErrNotSupported +} + +func (s *suiteImpl) FixedKeyMultiSigner(string) (api.FixedKeyMultiSigner, error) { + return nil, api.ErrNotSupported +} + +type fixedKeySigner struct { + svc *Service + kid string +} + +func (f *fixedKeySigner) Sign(msg []byte) ([]byte, error) { + return f.svc.Sign(msg, f.kid) +} + +func (s *suiteImpl) EncrypterDecrypter() (api.EncrypterDecrypter, error) { + return &encDec{svc: s.svc}, nil +} + +type encDec struct { + svc *Service +} + +func (e *encDec) Encrypt(msg, aad []byte, kid string) ([]byte, []byte, error) { + return e.svc.Encrypt(msg, aad, kid) +} + +func (e *encDec) Decrypt(cipher, aad, nonce []byte, kid string) ([]byte, error) { + return e.svc.Decrypt(cipher, aad, nonce, kid) +} diff --git a/pkg/kms/key/creator.go b/pkg/kms/key/creator.go index 624364c38..6e3a05870 100644 --- a/pkg/kms/key/creator.go +++ b/pkg/kms/key/creator.go @@ -1,5 +1,5 @@ /* -Copyright SecureKey Technologies Inc. All Rights Reserved. +Copyright Gen Digital Inc. All Rights Reserved. SPDX-License-Identifier: Apache-2.0 */ @@ -7,148 +7,45 @@ SPDX-License-Identifier: Apache-2.0 package key //nolint: cyclop import ( - "crypto/ecdsa" - "crypto/ed25519" - "crypto/elliptic" - "crypto/x509" - "crypto/x509/pkix" - "encoding/asn1" "fmt" - "github.com/btcsuite/btcd/btcec" - jose2 "github.com/go-jose/go-jose/v3" - "github.com/trustbloc/bbs-signature-go/bbs12381g2pub" "github.com/trustbloc/kms-go/doc/jose/jwk" - "github.com/trustbloc/kms-go/doc/jose/jwk/jwksupport" - "github.com/trustbloc/kms-go/doc/util/jwkkid" "github.com/trustbloc/kms-go/spi/kms" + "github.com/trustbloc/kms-go/wrapper/api" ) -type keyManager interface { - CreateAndExportPubKeyBytes(kt kms.KeyType, opts ...kms.KeyOpts) (string, []byte, error) -} - -type publicKeyInfo struct { - Raw asn1.RawContent - Algorithm pkix.AlgorithmIdentifier - PublicKey asn1.BitString -} - // JWKKeyCreator creates a new key of the given type using a given key manager, returning the key's ID // and public key in JWK format. -func JWKKeyCreator(kt kms.KeyType) func(keyManager) (string, *jwk.JWK, error) { - return func(km keyManager) (string, *jwk.JWK, error) { - keyID, keyBytes, err := km.CreateAndExportPubKeyBytes(kt) +func JWKKeyCreator(kc api.KeyCreator) func(kms.KeyType) (string, *jwk.JWK, error) { + return func(kt kms.KeyType) (string, *jwk.JWK, error) { + j, err := kc.Create(kt) if err != nil { - return "", nil, fmt.Errorf("failed to create new JWK key: %w", err) - } - - var j *jwk.JWK - - switch kt { // nolint:exhaustive // deferring all other key types to BuildJWK(). - case kms.ED25519Type: - j = &jwk.JWK{ - JSONWebKey: jose2.JSONWebKey{ - Key: ed25519.PublicKey(keyBytes), - KeyID: keyID, - }, - Kty: "OKP", - Crv: "Ed25519", // TODO where is the constant for this? - } - case kms.ECDSASecp256k1DER: - var pki publicKeyInfo - var rest []byte - if rest, err = asn1.Unmarshal(keyBytes, &pki); err != nil { - return "", nil, err - } else if len(rest) != 0 { - return "", nil, fmt.Errorf("x509: trailing data after ASN.1 of public-key") - } - - var pubKey *btcec.PublicKey - pubKey, err = btcec.ParsePubKey(pki.PublicKey.RightAlign(), btcec.S256()) - if err != nil { - return "", nil, err - } - - j, err = jwksupport.JWKFromKey(pubKey.ToECDSA()) - if err != nil { - return "", nil, err - } - case kms.BLS12381G2Type: - j, err = jwksupport.PubKeyBytesToJWK(keyBytes, kt) - if err != nil { - return "", nil, err - } - default: - var err error - - j, err = jwkkid.BuildJWK(keyBytes, kt) - if err != nil { - return "", nil, fmt.Errorf("failed to convert key to JWK: %w", err) - } + return "", nil, fmt.Errorf("failed to convert key to JWK: %w", err) } - return keyID, j, nil + return j.KeyID, j, nil } } // CryptoKeyCreator creates a new key of the given type using a given key manager, returning the key's ID // and public key in one of the crypto.PublicKey formats. -func CryptoKeyCreator(kt kms.KeyType) func(keyManager) (string, interface{}, error) { - return func(km keyManager) (string, interface{}, error) { - keyID, keyBytes, err := km.CreateAndExportPubKeyBytes(kt) - if err != nil { - return "", nil, fmt.Errorf("failed to create new crypto key: %w", err) - } - - var pubKey interface{} - +func CryptoKeyCreator(kc api.RawKeyCreator) func(kms.KeyType) (string, interface{}, error) { + return func(kt kms.KeyType) (string, interface{}, error) { switch kt { // nolint:exhaustive // default catch-all - case kms.ECDSAP256TypeDER, kms.ECDSAP384TypeDER, kms.ECDSAP521TypeDER: - pubKey, err = x509.ParsePKIXPublicKey(keyBytes) + case + kms.ECDSAP256TypeDER, kms.ECDSAP384TypeDER, kms.ECDSAP521TypeDER, + kms.ECDSAP256TypeIEEEP1363, kms.ECDSAP384TypeIEEEP1363, kms.ECDSAP521TypeIEEEP1363, + kms.ECDSASecp256k1DER, + kms.BLS12381G2Type, + kms.ED25519Type: + keyID, pubKey, err := kc.CreateRaw(kt) if err != nil { - return "", nil, fmt.Errorf("failed to parse ecdsa key in DER format: %w", err) - } - case kms.ECDSAP256TypeIEEEP1363, kms.ECDSAP384TypeIEEEP1363, kms.ECDSAP521TypeIEEEP1363: - curves := map[kms.KeyType]elliptic.Curve{ - kms.ECDSAP256TypeIEEEP1363: elliptic.P256(), - kms.ECDSAP384TypeIEEEP1363: elliptic.P384(), - kms.ECDSAP521TypeIEEEP1363: elliptic.P521(), - } - crv := curves[kt] - x, y := elliptic.Unmarshal(crv, keyBytes) - pubKey = &ecdsa.PublicKey{ - Curve: crv, - X: x, - Y: y, - } - case kms.ED25519Type: - pubKey = ed25519.PublicKey(keyBytes) - case kms.ECDSASecp256k1DER: - var pki publicKeyInfo - var rest []byte - if rest, err = asn1.Unmarshal(keyBytes, &pki); err != nil { - return "", nil, err - } else if len(rest) != 0 { - return "", nil, fmt.Errorf("x509: trailing data after ASN.1 of public-key") - } - - var btPK *btcec.PublicKey - btPK, err = btcec.ParsePubKey(pki.PublicKey.RightAlign(), btcec.S256()) - if err != nil { - return "", nil, err + return "", nil, fmt.Errorf("failed to create new crypto key: %w", err) } - pubKey = btPK.ToECDSA() - case kms.BLS12381G2Type: - pubKey, err = bbs12381g2pub.UnmarshalPublicKey(keyBytes) - if err != nil { - return "", nil, err - } + return keyID, pubKey, nil default: return "", nil, fmt.Errorf("unsupported key type: %s", kt) } - - return keyID, pubKey, nil } } diff --git a/pkg/kms/key/creator_test.go b/pkg/kms/key/creator_test.go index 378cda13a..5971ff668 100644 --- a/pkg/kms/key/creator_test.go +++ b/pkg/kms/key/creator_test.go @@ -13,12 +13,15 @@ import ( "testing" "github.com/stretchr/testify/require" - "github.com/trustbloc/kms-go/kms/localkms" + ariesmockstorage "github.com/trustbloc/did-go/legacy/mock/storage" + "github.com/trustbloc/kms-go/doc/jose/jwk" + arieskms "github.com/trustbloc/kms-go/kms" + mockwrapper "github.com/trustbloc/kms-go/mock/wrapper" "github.com/trustbloc/kms-go/secretlock/noop" + "github.com/trustbloc/kms-go/wrapper/api" + "github.com/trustbloc/kms-go/wrapper/localsuite" "github.com/trustbloc/bbs-signature-go/bbs12381g2pub" - "github.com/trustbloc/did-go/legacy/mem" - mockkms "github.com/trustbloc/kms-go/mock/kms" "github.com/trustbloc/kms-go/spi/kms" "github.com/trustbloc/vcs/pkg/kms/key" @@ -33,43 +36,26 @@ func TestJWKKeyCreator(t *testing.T) { kms.ECDSAP521TypeIEEEP1363: "P-521", kms.BLS12381G2Type: "BLS12381_G2", } - k := newKMS(t) + keyCreator, get := newKMS(t) for kmsType, name := range curves { - keyID, jwk, err := key.JWKKeyCreator(kmsType)(k) - require.NoError(t, err) - _, err = k.Get(keyID) + keyID, jwk, err := key.JWKKeyCreator(keyCreator)(kmsType) require.NoError(t, err) + require.NoError(t, get(keyID)) require.NotNil(t, jwk) require.Equal(t, name, jwk.Crv) } }) - t.Run("error if kms cannot create key", func(t *testing.T) { + t.Run("error in key creator", func(t *testing.T) { expected := errors.New("test") - k := &mockkms.KeyManager{ - CrAndExportPubKeyErr: expected, + kc := &mockwrapper.MockKMSCrypto{ + CreateErr: expected, } - _, _, err := key.JWKKeyCreator(kms.ED25519Type)(k) + _, _, err := key.JWKKeyCreator(kc)(kms.ED25519Type) require.ErrorIs(t, err, expected) - }) - - t.Run("error building JWK", func(t *testing.T) { - k := &mockkms.KeyManager{} - _, _, err := key.JWKKeyCreator(kms.ECDSAP256TypeIEEEP1363)(k) - require.Error(t, err) require.Contains(t, err.Error(), "failed to convert key to JWK") }) - t.Run("error parse BLS12381_G2", func(t *testing.T) { - k := &mockkms.KeyManager{} - _, _, err := key.JWKKeyCreator(kms.BLS12381G2Type)(k) - require.Error(t, err) - }) - t.Run("error parse p256k1", func(t *testing.T) { - _, _, err := key.JWKKeyCreator(kms.ECDSASecp256k1DER)(&kmsMock{}) - require.Error(t, err) - require.Contains(t, err.Error(), "asn1: syntax error") - }) } func TestCryptoKeyCreator(t *testing.T) { @@ -84,67 +70,56 @@ func TestCryptoKeyCreator(t *testing.T) { kms.ECDSAP521TypeDER: &ecdsa.PublicKey{}, kms.BLS12381G2Type: &bbs12381g2pub.PublicKey{}, } - k := newKMS(t) + keyCreator, get := newKMS(t) for kmsType, cryptoType := range curves { - keyID, pubKey, err := key.CryptoKeyCreator(kmsType)(k) - require.NoError(t, err) - _, err = k.Get(keyID) + keyID, pubKey, err := key.CryptoKeyCreator(keyCreator)(kmsType) require.NoError(t, err) + require.NoError(t, get(keyID), kmsType) require.NotNil(t, pubKey) require.IsType(t, cryptoType, pubKey) } }) - t.Run("error if kms cannot create the key", func(t *testing.T) { + t.Run("error in key creator", func(t *testing.T) { expected := errors.New("test") - k := &mockkms.KeyManager{ - CrAndExportPubKeyErr: expected, + kc := &mockwrapper.MockKMSCrypto{ + CreateErr: expected, } - _, _, err := key.CryptoKeyCreator(kms.ED25519Type)(k) + _, _, err := key.CryptoKeyCreator(kc)(kms.ED25519Type) require.ErrorIs(t, err, expected) }) - - t.Run("error on invalid key DER format", func(t *testing.T) { - k := &mockkms.KeyManager{} - _, _, err := key.CryptoKeyCreator(kms.ECDSAP256TypeDER)(k) - require.Error(t, err) - require.Contains(t, err.Error(), "failed to parse ecdsa key in DER format") - }) - - t.Run("error on unsupported key type", func(t *testing.T) { - _, _, err := key.CryptoKeyCreator(kms.NISTP256ECDHKW)(newKMS(t)) - require.Error(t, err) - require.Contains(t, err.Error(), "unsupported key type") - }) - t.Run("error parse p256k1", func(t *testing.T) { - _, _, err := key.CryptoKeyCreator(kms.ECDSASecp256k1DER)(&kmsMock{}) - require.Error(t, err) - require.Contains(t, err.Error(), "asn1: syntax error") - }) - - t.Run("error parse BLS12381G2", func(t *testing.T) { - _, _, err := key.CryptoKeyCreator(kms.BLS12381G2Type)(&kmsMock{}) - require.Error(t, err) - require.Contains(t, err.Error(), "invalid size of public key") - }) } -func newKMS(t *testing.T) kms.KeyManager { +func newKMS(t *testing.T) (api.RawKeyCreator, func(kid string) error) { t.Helper() - p, err := mockkms.NewProviderForKMS(mem.NewProvider(), &noop.NoLock{}) + p, err := arieskms.NewAriesProviderWrapper(ariesmockstorage.NewMockStoreProvider()) require.NoError(t, err) - keyManager, err := localkms.New("local-lock://custom/master/key/", p) + suite, err := localsuite.NewLocalCryptoSuite("local-lock://custom/primary/key/", p, &noop.NoLock{}) require.NoError(t, err) - return keyManager -} + kc, err := suite.RawKeyCreator() + require.NoError(t, err) -type kmsMock struct { -} + signer, err := suite.KMSCryptoMultiSigner() + require.NoError(t, err) + + return kc, func(kid string) error { + j := &jwk.JWK{} + j.KeyID = kid + + msg := []byte("message") + msgs := [][]byte{msg} + + // some primitives can only Sign, some can only SignMulti + _, e := signer.Sign(msg, j) + _, e2 := signer.SignMulti(msgs, j) + if e != nil && e2 != nil { + return e + } -func (m *kmsMock) CreateAndExportPubKeyBytes(_ kms.KeyType, _ ...kms.KeyOpts) (string, []byte, error) { - return "k1", []byte{}, nil + return nil + } } diff --git a/pkg/kms/signer/arieskms.go b/pkg/kms/signer/arieskms.go index f29c36801..337539fb9 100644 --- a/pkg/kms/signer/arieskms.go +++ b/pkg/kms/signer/arieskms.go @@ -1,5 +1,5 @@ /* -Copyright SecureKey Technologies Inc. All Rights Reserved. +Copyright Gen Digital Inc. All Rights Reserved. SPDX-License-Identifier: Apache-2.0 */ @@ -10,6 +10,7 @@ import ( "strings" "time" + "github.com/trustbloc/kms-go/wrapper/api" vcsverifiable "github.com/trustbloc/vcs/pkg/doc/verifiable" noopMetricsProvider "github.com/trustbloc/vcs/pkg/observability/metrics/noop" ) @@ -21,39 +22,24 @@ type metricsProvider interface { // KMSSigner to crypto sign a message. // Note: do not create an instance of KMSSigner directly. Use NewKMSSigner() instead. type KMSSigner struct { - keyHandle interface{} - crypto crypto signatureType vcsverifiable.SignatureType bbs bool metrics metricsProvider + multiSigner api.FixedKeyMultiSigner } -type keyManager interface { - Get(keyID string) (interface{}, error) -} - -type crypto interface { - Sign(msg []byte, kh interface{}) ([]byte, error) - SignMulti(messages [][]byte, kh interface{}) ([]byte, error) -} - -func NewKMSSigner(keyManager keyManager, c crypto, kmsKeyID string, - signatureType vcsverifiable.SignatureType, metrics metricsProvider) (*KMSSigner, error) { - kh, err := keyManager.Get(kmsKeyID) - if err != nil { - return nil, err - } - +func NewKMSSigner(multiSigner api.FixedKeyMultiSigner, + signatureType vcsverifiable.SignatureType, metrics metricsProvider) *KMSSigner { if metrics == nil { metrics = &noopMetricsProvider.NoMetrics{} } return &KMSSigner{ - keyHandle: kh, crypto: c, signatureType: signatureType, bbs: signatureType == vcsverifiable.BbsBlsSignature2020, metrics: metrics, - }, nil + multiSigner: multiSigner, + } } func (s *KMSSigner) Sign(data []byte) ([]byte, error) { @@ -64,10 +50,10 @@ func (s *KMSSigner) Sign(data []byte) ([]byte, error) { }() if s.bbs { - return s.crypto.SignMulti(s.textToLines(string(data)), s.keyHandle) + return s.multiSigner.SignMulti(s.textToLines(string(data))) } - v, err := s.crypto.Sign(data, s.keyHandle) + v, err := s.multiSigner.Sign(data) if err != nil { return nil, err } diff --git a/pkg/kms/signer/arieskms_test.go b/pkg/kms/signer/arieskms_test.go index 408c2c2fc..2f2e65c7d 100644 --- a/pkg/kms/signer/arieskms_test.go +++ b/pkg/kms/signer/arieskms_test.go @@ -11,11 +11,8 @@ import ( "reflect" "testing" - "github.com/google/tink/go/keyset" - mockcrypto "github.com/trustbloc/kms-go/mock/crypto" - mockkms "github.com/trustbloc/kms-go/mock/kms" - "github.com/trustbloc/kms-go/spi/kms" - + mockwrapper "github.com/trustbloc/kms-go/mock/wrapper" + "github.com/trustbloc/kms-go/wrapper/api" vcsverifiable "github.com/trustbloc/vcs/pkg/doc/verifiable" noopMetricsProvider "github.com/trustbloc/vcs/pkg/observability/metrics/noop" ) @@ -43,7 +40,8 @@ func TestKMSSigner_Alg(t *testing.T) { func TestKMSSigner_Sign(t *testing.T) { type fields struct { keyHandle interface{} - getCrypto func() crypto + signValue []byte + signErr error bbs bool } type args struct { @@ -60,13 +58,9 @@ func TestKMSSigner_Sign(t *testing.T) { name: "BBS SignMulti OK", fields: fields{ keyHandle: nil, - getCrypto: func() crypto { - return &mockcrypto.Crypto{ - BBSSignValue: []byte("signed"), - BBSSignErr: nil, - } - }, - bbs: true, + signValue: []byte("signed"), + signErr: nil, + bbs: true, }, args: args{ data: []byte("to sign"), @@ -78,13 +72,9 @@ func TestKMSSigner_Sign(t *testing.T) { name: "BBS SignMulti Error", fields: fields{ keyHandle: nil, - getCrypto: func() crypto { - return &mockcrypto.Crypto{ - BBSSignValue: nil, - BBSSignErr: errors.New("some error"), - } - }, - bbs: true, + signValue: nil, + signErr: errors.New("some error"), + bbs: true, }, args: args{ data: []byte("to sign"), @@ -96,13 +86,9 @@ func TestKMSSigner_Sign(t *testing.T) { name: "Sign OK", fields: fields{ keyHandle: nil, - getCrypto: func() crypto { - return &mockcrypto.Crypto{ - SignValue: []byte("signed"), - SignErr: nil, - } - }, - bbs: false, + signValue: []byte("signed"), + signErr: nil, + bbs: false, }, args: args{ data: []byte("to sign"), @@ -114,13 +100,9 @@ func TestKMSSigner_Sign(t *testing.T) { name: "Sign Error", fields: fields{ keyHandle: nil, - getCrypto: func() crypto { - return &mockcrypto.Crypto{ - SignValue: nil, - SignErr: errors.New("some error"), - } - }, - bbs: false, + signValue: nil, + signErr: errors.New("some error"), + bbs: false, }, args: args{ data: []byte("to sign"), @@ -129,19 +111,24 @@ func TestKMSSigner_Sign(t *testing.T) { wantErr: true, }, } + for _, tt := range tests { t.Run(tt.name, func(t *testing.T) { s := &KMSSigner{ - keyHandle: tt.fields.keyHandle, - crypto: tt.fields.getCrypto(), - bbs: tt.fields.bbs, - metrics: &noopMetricsProvider.NoMetrics{}, + bbs: tt.fields.bbs, + metrics: &noopMetricsProvider.NoMetrics{}, + multiSigner: &mockwrapper.MockFixedKeyCrypto{ + SignVal: tt.fields.signValue, + SignErr: tt.fields.signErr, + }, } + got, err := s.Sign(tt.args.data) if (err != nil) != tt.wantErr { t.Errorf("Sign() error = %v, wantErr %v", err, tt.wantErr) return } + if !reflect.DeepEqual(got, tt.want) { t.Errorf("Sign() got = %v, want %v", got, tt.want) } @@ -205,10 +192,10 @@ func TestKMSSigner_textToLines(t *testing.T) { } func TestNewKMSSigner(t *testing.T) { + wantSigner := &mockwrapper.MockFixedKeyCrypto{} + type args struct { - keyManager kms.KeyManager - c crypto - creator string + multiSigner api.FixedKeyMultiSigner signatureType vcsverifiable.SignatureType } tests := []struct { @@ -220,17 +207,11 @@ func TestNewKMSSigner(t *testing.T) { { name: "OK", args: args{ - keyManager: &mockkms.KeyManager{ - GetKeyValue: &keyset.Handle{}, - GetKeyErr: nil, - }, - c: &mockcrypto.Crypto{}, - creator: "example#key1", + multiSigner: wantSigner, signatureType: vcsverifiable.Ed25519Signature2018, }, want: &KMSSigner{ - keyHandle: &keyset.Handle{}, - crypto: &mockcrypto.Crypto{}, + multiSigner: wantSigner, signatureType: vcsverifiable.Ed25519Signature2018, bbs: false, metrics: &noopMetricsProvider.NoMetrics{}, @@ -240,45 +221,22 @@ func TestNewKMSSigner(t *testing.T) { { name: "OK BBS", args: args{ - keyManager: &mockkms.KeyManager{ - GetKeyValue: &keyset.Handle{}, - GetKeyErr: nil, - }, - c: &mockcrypto.Crypto{}, - creator: "example#key1", + multiSigner: wantSigner, signatureType: vcsverifiable.BbsBlsSignature2020, }, want: &KMSSigner{ - keyHandle: &keyset.Handle{}, - crypto: &mockcrypto.Crypto{}, + multiSigner: wantSigner, signatureType: vcsverifiable.BbsBlsSignature2020, bbs: true, metrics: &noopMetricsProvider.NoMetrics{}, }, wantErr: false, }, - { - name: "Error key manager", - args: args{ - keyManager: &mockkms.KeyManager{ - GetKeyValue: nil, - GetKeyErr: errors.New("some error"), - }, - c: &mockcrypto.Crypto{}, - creator: "example#key1", - signatureType: vcsverifiable.BbsBlsSignature2020, - }, - want: nil, - wantErr: true, - }, } for _, tt := range tests { t.Run(tt.name, func(t *testing.T) { - got, err := NewKMSSigner(tt.args.keyManager, tt.args.c, tt.args.creator, tt.args.signatureType, nil) - if (err != nil) != tt.wantErr { - t.Errorf("NewKMSSigner() error = %v, wantErr %v", err, tt.wantErr) - return - } + got := NewKMSSigner(tt.args.multiSigner, tt.args.signatureType, nil) + if !reflect.DeepEqual(got, tt.want) { t.Errorf("NewKMSSigner() got = %v, want %v", got, tt.want) } diff --git a/pkg/restapi/v1/verifier/controller_test.go b/pkg/restapi/v1/verifier/controller_test.go index a4c57d939..092f2f29a 100644 --- a/pkg/restapi/v1/verifier/controller_test.go +++ b/pkg/restapi/v1/verifier/controller_test.go @@ -477,7 +477,7 @@ func TestController_CheckAuthorizationResponse(t *testing.T) { vpToken := testutil.SignedClaimsJWTWithExistingPrivateKey(t, signedClaimsJWTResult.VerMethodDIDKeyID, - signedClaimsJWTResult.Kh, + signedClaimsJWTResult.Signer, &vpTokenClaims{ Nonce: validNonce, Aud: validAud, @@ -522,7 +522,7 @@ func TestController_CheckAuthorizationResponse(t *testing.T) { vpToken := testutil.SignedClaimsJWTWithExistingPrivateKey(t, signedClaimsJWTResult.VerMethodDIDKeyID, - signedClaimsJWTResult.Kh, + signedClaimsJWTResult.Signer, &vpTokenClaims{ VP: &verifiable.Presentation{ Context: []string{ @@ -578,7 +578,7 @@ func TestController_CheckAuthorizationResponse(t *testing.T) { }, vcsverifiable.Ldp, signedClaimsJWTResult.VerMethodDIDKeyID, - signedClaimsJWTResult.Kh, + signedClaimsJWTResult.Signer, func(ldpc *verifiable.LinkedDataProofContext) { ldpc.Domain = validAud ldpc.Challenge = validNonce @@ -614,7 +614,7 @@ func TestController_CheckAuthorizationResponse(t *testing.T) { vpToken := testutil.SignedClaimsJWTWithExistingPrivateKey(t, signedClaimsJWTResult.VerMethodDIDKeyID, - signedClaimsJWTResult.Kh, + signedClaimsJWTResult.Signer, &vpTokenClaims{ Nonce: validNonce, Aud: validAud, @@ -660,7 +660,7 @@ func TestController_CheckAuthorizationResponse(t *testing.T) { vpToken := testutil.SignedClaimsJWTWithExistingPrivateKey(t, signedClaimsJWTResult.VerMethodDIDKeyID, - signedClaimsJWTResult.Kh, + signedClaimsJWTResult.Signer, &vpTokenClaims{ Nonce: "some_invalid", Aud: validAud, @@ -706,7 +706,7 @@ func TestController_CheckAuthorizationResponse(t *testing.T) { vpToken := testutil.SignedClaimsJWTWithExistingPrivateKey(t, signedClaimsJWTResult.VerMethodDIDKeyID, - signedClaimsJWTResult.Kh, + signedClaimsJWTResult.Signer, &vpTokenClaims{ Nonce: validNonce, Aud: "some_invalid", @@ -752,7 +752,7 @@ func TestController_CheckAuthorizationResponse(t *testing.T) { vpToken := testutil.SignedClaimsJWTWithExistingPrivateKey(t, signedClaimsJWTResult.VerMethodDIDKeyID, - signedClaimsJWTResult.Kh, + signedClaimsJWTResult.Signer, &vpTokenClaims{ Nonce: validNonce, Aud: "some_invalid", @@ -844,7 +844,7 @@ func TestController_CheckAuthorizationResponse(t *testing.T) { vpToken := testutil.SignedClaimsJWTWithExistingPrivateKey(t, signedClaimsJWTResult.VerMethodDIDKeyID, - signedClaimsJWTResult.Kh, + signedClaimsJWTResult.Signer, &vpTokenClaims{ Nonce: validNonce, Aud: "some_invalid", @@ -936,7 +936,7 @@ func TestController_CheckAuthorizationResponse(t *testing.T) { vpToken := testutil.SignedClaimsJWTWithExistingPrivateKey(t, signedClaimsJWTResult.VerMethodDIDKeyID, - signedClaimsJWTResult.Kh, + signedClaimsJWTResult.Signer, &vpTokenClaims{ Nonce: validNonce, Aud: validAud, @@ -1036,7 +1036,7 @@ func TestController_CheckAuthorizationResponse(t *testing.T) { }, vcsverifiable.Ldp, signedClaimsJWTResult.VerMethodDIDKeyID, - signedClaimsJWTResult.Kh, + signedClaimsJWTResult.Signer, func(ldpc *verifiable.LinkedDataProofContext) { ldpc.Domain = validAud // ldpc.Challenge = validNonce @@ -1086,7 +1086,7 @@ func TestController_CheckAuthorizationResponse(t *testing.T) { }, vcsverifiable.Ldp, signedClaimsJWTResult.VerMethodDIDKeyID, - signedClaimsJWTResult.Kh, + signedClaimsJWTResult.Signer, func(ldpc *verifiable.LinkedDataProofContext) { // ldpc.Domain = validAud ldpc.Challenge = validNonce diff --git a/pkg/service/credentialstatus/eventhandler/eventhandler_service_test.go b/pkg/service/credentialstatus/eventhandler/eventhandler_service_test.go index 6b49a82dc..013c7e550 100644 --- a/pkg/service/credentialstatus/eventhandler/eventhandler_service_test.go +++ b/pkg/service/credentialstatus/eventhandler/eventhandler_service_test.go @@ -19,14 +19,10 @@ import ( "github.com/golang/mock/gomock" "github.com/piprate/json-gold/ld" "github.com/stretchr/testify/require" + "github.com/trustbloc/vcs/internal/mock/vcskms" "github.com/trustbloc/did-go/doc/did" vdrmock "github.com/trustbloc/did-go/vdr/mock" - "github.com/trustbloc/kms-go/doc/jose/jwk" - cryptomock "github.com/trustbloc/kms-go/mock/crypto" - mockkms "github.com/trustbloc/kms-go/mock/kms" - ariescrypto "github.com/trustbloc/kms-go/spi/crypto" - "github.com/trustbloc/kms-go/spi/kms" "github.com/trustbloc/vc-go/verifiable" "github.com/trustbloc/vcs/pkg/doc/vc" @@ -35,7 +31,6 @@ import ( vcsverifiable "github.com/trustbloc/vcs/pkg/doc/verifiable" "github.com/trustbloc/vcs/pkg/event/spi" "github.com/trustbloc/vcs/pkg/internal/testutil" - "github.com/trustbloc/vcs/pkg/kms/signer" profileapi "github.com/trustbloc/vcs/pkg/profile" "github.com/trustbloc/vcs/pkg/service/credentialstatus" ) @@ -121,7 +116,7 @@ func TestService_HandleEvent(t *testing.T) { mockProfileSrv := NewMockProfileService(gomock.NewController(t)) mockProfileSrv.EXPECT().GetProfile(gomock.Any(), gomock.Any()).AnyTimes().Return(profile, nil) mockKMSRegistry := NewMockKMSRegistry(gomock.NewController(t)) - mockKMSRegistry.EXPECT().GetKeyManager(gomock.Any()).AnyTimes().Return(&mockKMS{}, nil) + mockKMSRegistry.EXPECT().GetKeyManager(gomock.Any()).AnyTimes().Return(&vcskms.MockKMS{}, nil) crypto := vccrypto.New( &vdrmock.VDRegistry{ResolveValue: createDIDDoc("did:test:abc")}, loader) @@ -226,7 +221,7 @@ func TestService_handleEventPayload(t *testing.T) { mockProfileSrv := NewMockProfileService(gomock.NewController(t)) mockProfileSrv.EXPECT().GetProfile(gomock.Any(), gomock.Any()).AnyTimes().Return(profile, nil) mockKMSRegistry := NewMockKMSRegistry(gomock.NewController(t)) - mockKMSRegistry.EXPECT().GetKeyManager(gomock.Any()).AnyTimes().Return(&mockKMS{}, nil) + mockKMSRegistry.EXPECT().GetKeyManager(gomock.Any()).AnyTimes().Return(&vcskms.MockKMS{}, nil) crypto := vccrypto.New( &vdrmock.VDRegistry{ResolveValue: createDIDDoc("did:test:abc")}, loader) @@ -447,7 +442,7 @@ func TestService_signCSL(t *testing.T) { mockProfileSrv := NewMockProfileService(gomock.NewController(t)) mockProfileSrv.EXPECT().GetProfile(gomock.Any(), gomock.Any()).AnyTimes().Return(profile, nil) mockKMSRegistry := NewMockKMSRegistry(gomock.NewController(t)) - mockKMSRegistry.EXPECT().GetKeyManager(gomock.Any()).AnyTimes().Return(&mockKMS{}, nil) + mockKMSRegistry.EXPECT().GetKeyManager(gomock.Any()).AnyTimes().Return(&vcskms.MockKMS{}, nil) crypto := vccrypto.New( &vdrmock.VDRegistry{ResolveValue: createDIDDoc("did:test:abc")}, loader) @@ -814,27 +809,3 @@ func createDIDDoc(didID string) *did.Doc { CapabilityDelegation: []did.Verification{{VerificationMethod: signingKey}}, } } - -type mockKMS struct { - crypto ariescrypto.Crypto -} - -func (m *mockKMS) NewVCSigner(creator string, signatureType vcsverifiable.SignatureType) (vc.SignerAlgorithm, error) { - if m.crypto == nil { - m.crypto = &cryptomock.Crypto{} - } - - return signer.NewKMSSigner(&mockkms.KeyManager{}, m.crypto, creator, signatureType, nil) -} - -func (m *mockKMS) SupportedKeyTypes() []kms.KeyType { - return nil -} - -func (m *mockKMS) CreateJWKKey(_ kms.KeyType) (string, *jwk.JWK, error) { - return "", nil, nil -} - -func (m *mockKMS) CreateCryptoKey(_ kms.KeyType) (string, interface{}, error) { - return "", nil, nil -} diff --git a/pkg/service/issuecredential/issuecredential_service_test.go b/pkg/service/issuecredential/issuecredential_service_test.go index 350a327e5..a9f50ff4a 100644 --- a/pkg/service/issuecredential/issuecredential_service_test.go +++ b/pkg/service/issuecredential/issuecredential_service_test.go @@ -18,18 +18,17 @@ import ( "github.com/golang/mock/gomock" "github.com/stretchr/testify/require" + arieskms "github.com/trustbloc/kms-go/kms" + "github.com/trustbloc/kms-go/wrapper/api" + "github.com/trustbloc/kms-go/wrapper/localsuite" + "github.com/trustbloc/vcs/internal/mock/vcskms" "github.com/trustbloc/did-go/doc/did" "github.com/trustbloc/did-go/doc/did/endpoint" util "github.com/trustbloc/did-go/doc/util/time" ariesmockstorage "github.com/trustbloc/did-go/legacy/mock/storage" vdrmock "github.com/trustbloc/did-go/vdr/mock" - "github.com/trustbloc/kms-go/crypto/tinkcrypto" - "github.com/trustbloc/kms-go/doc/jose/jwk" - "github.com/trustbloc/kms-go/kms/localkms" - mockkms "github.com/trustbloc/kms-go/mock/kms" "github.com/trustbloc/kms-go/secretlock/noop" - ariescrypto "github.com/trustbloc/kms-go/spi/crypto" "github.com/trustbloc/kms-go/spi/kms" "github.com/trustbloc/vc-go/verifiable" @@ -38,7 +37,6 @@ import ( "github.com/trustbloc/vcs/pkg/doc/vc/vcutil" vcs "github.com/trustbloc/vcs/pkg/doc/verifiable" "github.com/trustbloc/vcs/pkg/internal/testutil" - "github.com/trustbloc/vcs/pkg/kms/signer" profileapi "github.com/trustbloc/vcs/pkg/profile" "github.com/trustbloc/vcs/pkg/service/credentialstatus" "github.com/trustbloc/vcs/pkg/service/issuecredential" @@ -47,14 +45,17 @@ import ( func TestService_IssueCredential(t *testing.T) { t.Parallel() - customKMS := createKMS(t) + cryptoSuite := createCryptoSuite(t) - customCrypto, err := tinkcrypto.New() + keyCreator, err := cryptoSuite.KeyCreator() + require.NoError(t, err) + + customSigner, err := cryptoSuite.KMSCryptoMultiSigner() require.NoError(t, err) kmsRegistry := NewMockKMSRegistry(gomock.NewController(t)) kmsRegistry.EXPECT().GetKeyManager(gomock.Any()).AnyTimes().Return( - &mockVCSKeyManager{crypto: customCrypto, kms: customKMS}, nil) + &vcskms.MockKMS{Signer: customSigner}, nil) ctx := context.Background() @@ -111,10 +112,10 @@ func TestService_IssueCredential(t *testing.T) { } for _, sigRepresentationTextCase := range tests { t.Run(sigRepresentationTextCase.name, func(t *testing.T) { - keyID, _, err := customKMS.CreateAndExportPubKeyBytes(ktTestCase.kt) + pubKey, err := keyCreator.Create(ktTestCase.kt) require.NoError(t, err) - didDoc := createDIDDoc("did:trustblock:abc", keyID) + didDoc := createDIDDoc("did:trustblock:abc", pubKey.KeyID) crypto := vccrypto.New( &vdrmock.VDRegistry{ResolveValue: didDoc}, testutil.DocumentLoader(t)) @@ -137,7 +138,7 @@ func TestService_IssueCredential(t *testing.T) { SigningDID: &profileapi.SigningDID{ DID: didDoc.ID, Creator: didDoc.VerificationMethod[0].ID, - KMSKeyID: keyID, + KMSKeyID: pubKey.KeyID, }}, ) require.NoError(t, err) @@ -176,10 +177,10 @@ func TestService_IssueCredential(t *testing.T) { for _, ktTestCase := range tests { t.Run(ktTestCase.name, func(t *testing.T) { - keyID, _, err := customKMS.CreateAndExportPubKeyBytes(ktTestCase.kt) + pubKey, err := keyCreator.Create(ktTestCase.kt) require.NoError(t, err) - didDoc := createDIDDoc("did:trustblock:abc", keyID) + didDoc := createDIDDoc("did:trustblock:abc", pubKey.KeyID) crypto := vccrypto.New( &vdrmock.VDRegistry{ResolveValue: didDoc}, testutil.DocumentLoader(t)) @@ -202,7 +203,7 @@ func TestService_IssueCredential(t *testing.T) { SigningDID: &profileapi.SigningDID{ DID: didDoc.ID, Creator: didDoc.VerificationMethod[0].ID, - KMSKeyID: keyID, + KMSKeyID: pubKey.KeyID, }}, ) require.NoError(t, err) @@ -301,10 +302,10 @@ func TestService_IssueCredential(t *testing.T) { }, }, nil) - keyID, _, err := customKMS.CreateAndExportPubKeyBytes(kms.ED25519Type) + pubKey, err := keyCreator.Create(kms.ED25519Type) require.NoError(t, err) - didDoc := createDIDDoc("did:trustblock:abc", keyID) + didDoc := createDIDDoc("did:trustblock:abc", pubKey.KeyID) crypto := vccrypto.New( &vdrmock.VDRegistry{ResolveValue: didDoc}, testutil.DocumentLoader(t)) @@ -436,33 +437,14 @@ func createDIDDoc(didID, keyID string) *did.Doc { //nolint:unparam } } -func createKMS(t *testing.T) *localkms.LocalKMS { +func createCryptoSuite(t *testing.T) api.Suite { t.Helper() - p, err := mockkms.NewProviderForKMS(ariesmockstorage.NewMockStoreProvider(), &noop.NoLock{}) + p, err := arieskms.NewAriesProviderWrapper(ariesmockstorage.NewMockStoreProvider()) require.NoError(t, err) - k, err := localkms.New("local-lock://custom/primary/key/", p) + suite, err := localsuite.NewLocalCryptoSuite("local-lock://custom/primary/key/", p, &noop.NoLock{}) require.NoError(t, err) - return k -} - -type mockVCSKeyManager struct { - crypto ariescrypto.Crypto - kms *localkms.LocalKMS -} - -func (m *mockVCSKeyManager) NewVCSigner(creator string, signatureType vcs.SignatureType) (vc.SignerAlgorithm, error) { - return signer.NewKMSSigner(m.kms, m.crypto, creator, signatureType, nil) -} - -func (m *mockVCSKeyManager) SupportedKeyTypes() []kms.KeyType { - return nil -} -func (m *mockVCSKeyManager) CreateJWKKey(_ kms.KeyType) (string, *jwk.JWK, error) { - return "", nil, nil -} -func (m *mockVCSKeyManager) CreateCryptoKey(_ kms.KeyType) (string, interface{}, error) { - return "", nil, nil + return suite } diff --git a/pkg/service/oidc4vp/oidc4vp_service_test.go b/pkg/service/oidc4vp/oidc4vp_service_test.go index 24dae6849..d46174ca7 100644 --- a/pkg/service/oidc4vp/oidc4vp_service_test.go +++ b/pkg/service/oidc4vp/oidc4vp_service_test.go @@ -22,6 +22,10 @@ import ( "github.com/samber/lo" "github.com/stretchr/testify/assert" "github.com/stretchr/testify/require" + arieskms "github.com/trustbloc/kms-go/kms" + "github.com/trustbloc/kms-go/wrapper/api" + "github.com/trustbloc/kms-go/wrapper/localsuite" + "github.com/trustbloc/vcs/internal/mock/vcskms" "github.com/trustbloc/did-go/doc/did" ldcontext "github.com/trustbloc/did-go/doc/ld/context" @@ -30,24 +34,16 @@ import ( ariesmockstorage "github.com/trustbloc/did-go/legacy/mock/storage" vdrapi "github.com/trustbloc/did-go/vdr/api" vdrmock "github.com/trustbloc/did-go/vdr/mock" - "github.com/trustbloc/kms-go/crypto/tinkcrypto" - "github.com/trustbloc/kms-go/doc/jose/jwk" "github.com/trustbloc/kms-go/doc/util/fingerprint" - "github.com/trustbloc/kms-go/doc/util/jwkkid" - "github.com/trustbloc/kms-go/kms/localkms" - mockkms "github.com/trustbloc/kms-go/mock/kms" "github.com/trustbloc/kms-go/secretlock/noop" - ariescrypto "github.com/trustbloc/kms-go/spi/crypto" "github.com/trustbloc/kms-go/spi/kms" "github.com/trustbloc/vc-go/presexch" "github.com/trustbloc/vc-go/signature/suite" "github.com/trustbloc/vc-go/verifiable" - "github.com/trustbloc/vcs/pkg/doc/vc" vcsverifiable "github.com/trustbloc/vcs/pkg/doc/verifiable" "github.com/trustbloc/vcs/pkg/event/spi" "github.com/trustbloc/vcs/pkg/internal/testutil" - "github.com/trustbloc/vcs/pkg/kms/signer" profileapi "github.com/trustbloc/vcs/pkg/profile" "github.com/trustbloc/vcs/pkg/service/oidc4vp" ) @@ -65,14 +61,17 @@ const ( ) func TestService_InitiateOidcInteraction(t *testing.T) { - customKMS := createKMS(t) + cryptoSuite := createCryptoSuite(t) - customCrypto, err := tinkcrypto.New() + keyCreator, err := cryptoSuite.KeyCreator() + require.NoError(t, err) + + customSigner, err := cryptoSuite.KMSCryptoMultiSigner() require.NoError(t, err) kmsRegistry := NewMockKMSRegistry(gomock.NewController(t)) kmsRegistry.EXPECT().GetKeyManager(gomock.Any()).AnyTimes().Return( - &mockVCSKeyManager{crypto: customCrypto, kms: customKMS}, nil) + &vcskms.MockKMS{Signer: customSigner}, nil) txManager := NewMockTransactionManager(gomock.NewController(t)) txManager.EXPECT().CreateTx(gomock.Any(), gomock.Any(), gomock.Any()).AnyTimes().Return(&oidc4vp.Transaction{ @@ -96,7 +95,7 @@ func TestService_InitiateOidcInteraction(t *testing.T) { TokenLifetime: time.Second * 100, }) - keyID, _, err := customKMS.CreateAndExportPubKeyBytes(kms.ED25519Type) + pubKey, err := keyCreator.Create(kms.ED25519Type) require.NoError(t, err) correctProfile := &profileapi.Verifier{ @@ -123,8 +122,8 @@ func TestService_InitiateOidcInteraction(t *testing.T) { }, SigningDID: &profileapi.SigningDID{ DID: "did:test:acde", - Creator: "did:test:acde#" + keyID, - KMSKeyID: keyID, + Creator: "did:test:acde#" + pubKey.KeyID, + KMSKeyID: pubKey.KeyID, }, } @@ -246,15 +245,15 @@ func TestService_InitiateOidcInteraction(t *testing.T) { } func TestService_VerifyOIDCVerifiablePresentation(t *testing.T) { - keyManager := createKMS(t) + cryptoSuite := createCryptoSuite(t) - crypto, err := tinkcrypto.New() + w, err := cryptoSuite.KMSCrypto() require.NoError(t, err) txManager := NewMockTransactionManager(gomock.NewController(t)) profileService := NewMockProfileService(gomock.NewController(t)) presentationVerifier := NewMockPresentationVerifier(gomock.NewController(t)) - vp, pd, issuer, vdr, loader := newVPWithPD(t, keyManager, crypto) + vp, pd, issuer, vdr, loader := newVPWithPD(t, w) s := oidc4vp.NewService(&oidc4vp.Config{ EventSvc: &mockEvent{}, @@ -348,8 +347,8 @@ func TestService_VerifyOIDCVerifiablePresentation(t *testing.T) { testLoader := testutil.DocumentLoader(t) - vp1, issuer1, vdr1 := newVPWithPS(t, keyManager, crypto, mergedPS, "PhDDegree") - vp2, issuer2, vdr2 := newVPWithPS(t, keyManager, crypto, mergedPS, "BachelorDegree") + vp1, issuer1, vdr1 := newVPWithPS(t, w, mergedPS, "PhDDegree") + vp2, issuer2, vdr2 := newVPWithPS(t, w, mergedPS, "BachelorDegree") combinedDIDResolver := &vdrmock.VDRegistry{ ResolveFunc: func(didID string, opts ...vdrapi.DIDMethodOption) (*did.DocResolution, error) { @@ -435,8 +434,8 @@ func TestService_VerifyOIDCVerifiablePresentation(t *testing.T) { testLoader := testutil.DocumentLoader(t) - vp1, issuer1, vdr1 := newVPWithPS(t, keyManager, crypto, mergedPS, "PhDDegree") - vp2, issuer2, vdr2 := newVPWithPS(t, keyManager, crypto, mergedPS, "BachelorDegree") + vp1, issuer1, vdr1 := newVPWithPS(t, w, mergedPS, "PhDDegree") + vp2, issuer2, vdr2 := newVPWithPS(t, w, mergedPS, "BachelorDegree") combinedDIDResolver := &vdrmock.VDRegistry{ ResolveFunc: func(didID string, opts ...vdrapi.DIDMethodOption) (*did.DocResolution, error) { @@ -757,36 +756,16 @@ func TestService_RetrieveClaims(t *testing.T) { }) } -func createKMS(t *testing.T) *localkms.LocalKMS { +func createCryptoSuite(t *testing.T) api.Suite { t.Helper() - p, err := mockkms.NewProviderForKMS(ariesmockstorage.NewMockStoreProvider(), &noop.NoLock{}) + p, err := arieskms.NewAriesProviderWrapper(ariesmockstorage.NewMockStoreProvider()) require.NoError(t, err) - k, err := localkms.New("local-lock://custom/primary/key/", p) + cryptoSuite, err := localsuite.NewLocalCryptoSuite("local-lock://custom/primary/key/", p, &noop.NoLock{}) require.NoError(t, err) - return k -} - -type mockVCSKeyManager struct { - crypto ariescrypto.Crypto - kms *localkms.LocalKMS -} - -func (m *mockVCSKeyManager) NewVCSigner(creator string, - signatureType vcsverifiable.SignatureType) (vc.SignerAlgorithm, error) { - return signer.NewKMSSigner(m.kms, m.crypto, creator, signatureType, nil) -} - -func (m *mockVCSKeyManager) SupportedKeyTypes() []kms.KeyType { - return []kms.KeyType{kms.ED25519Type} -} -func (m *mockVCSKeyManager) CreateJWKKey(_ kms.KeyType) (string, *jwk.JWK, error) { - return "", nil, nil -} -func (m *mockVCSKeyManager) CreateCryptoKey(_ kms.KeyType) (string, interface{}, error) { - return "", nil, nil + return cryptoSuite } type mockEvent struct { @@ -801,15 +780,14 @@ func (m *mockEvent) Publish(_ context.Context, _ string, _ ...*spi.Event) error return nil } -func newVPWithPD(t *testing.T, keyManager kms.KeyManager, crypto ariescrypto.Crypto) ( +func newVPWithPD(t *testing.T, keyCreatorSigner wrapperCreatorSigner) ( *verifiable.Presentation, *presexch.PresentationDefinition, string, vdrapi.Registry, *lddocloader.DocumentLoader) { uri := randomURI() customType := "CustomType" - expected, issuer, pubKeyFetcher := newSignedJWTVC(t, keyManager, crypto, []string{uri}, - "", "", []string{customType}) + expected, issuer, pubKeyFetcher := newSignedJWTVC(t, keyCreatorSigner, []string{uri}, "", "", []string{customType}) defs := &presexch.PresentationDefinition{ InputDescriptors: []*presexch.InputDescriptor{{ @@ -831,10 +809,11 @@ func newVPWithPD(t *testing.T, keyManager kms.KeyManager, crypto ariescrypto.Cry ), defs, issuer, pubKeyFetcher, docLoader } -func newVPWithPS(t *testing.T, keyManager kms.KeyManager, crypto ariescrypto.Crypto, +func newVPWithPS(t *testing.T, keyCreatorSigner wrapperCreatorSigner, ps *presexch.PresentationSubmission, value string) ( *verifiable.Presentation, string, vdrapi.Registry) { - expected, issuer, pubKeyFetcher := newSignedJWTVC(t, keyManager, crypto, nil, + + expected, issuer, pubKeyFetcher := newSignedJWTVC(t, keyCreatorSigner, nil, "degree", value, []string{}) return newVP(t, ps, @@ -906,26 +885,28 @@ func newDegreeVC(issuer string, degreeType string, ctx []string, customTypes []s return cred } +type wrapperCreatorSigner interface { + api.KeyCreator + api.KMSCryptoSigner +} + func newSignedJWTVC(t *testing.T, - keyManager kms.KeyManager, crypto ariescrypto.Crypto, ctx []string, + keyCreatorSigner wrapperCreatorSigner, ctx []string, vcType string, value string, customTypes []string) (*verifiable.Credential, string, vdrapi.Registry) { t.Helper() - keyID, kh, err := keyManager.Create(kms.ED25519Type) + pub, err := keyCreatorSigner.Create(kms.ED25519Type) require.NoError(t, err) - signer := suite.NewCryptoSigner(crypto, kh) - - pubKey, kt, err := keyManager.ExportPubKeyBytes(keyID) + fks, err := keyCreatorSigner.FixedKeySigner(pub) require.NoError(t, err) - require.Equal(t, kms.ED25519Type, kt) - key, err := jwkkid.BuildJWK(pubKey, kms.ED25519) - require.NoError(t, err) + signer := suite.NewCryptoWrapperSigner(fks) - issuer, verMethod := fingerprint.CreateDIDKeyByCode(fingerprint.ED25519PubKeyMultiCodec, pubKey) + issuer, verMethod, err := fingerprint.CreateDIDKeyByJwk(pub) + require.NoError(t, err) - verificationMethod, err := did.NewVerificationMethodFromJWK(verMethod, "JsonWebKey2020", issuer, key) + verificationMethod, err := did.NewVerificationMethodFromJWK(verMethod, "JsonWebKey2020", issuer, pub) require.NoError(t, err) didResolver := &vdrmock.VDRegistry{ diff --git a/pkg/service/verifycredential/verifycredential_service_test.go b/pkg/service/verifycredential/verifycredential_service_test.go index 3824880be..c609b91e5 100644 --- a/pkg/service/verifycredential/verifycredential_service_test.go +++ b/pkg/service/verifycredential/verifycredential_service_test.go @@ -14,15 +14,14 @@ import ( "github.com/golang/mock/gomock" "github.com/stretchr/testify/require" + "github.com/trustbloc/kms-go/kms" + "github.com/trustbloc/kms-go/wrapper/api" + "github.com/trustbloc/kms-go/wrapper/localsuite" "github.com/trustbloc/did-go/doc/did" ariesmockstorage "github.com/trustbloc/did-go/legacy/mock/storage" vdrapi "github.com/trustbloc/did-go/vdr/api" vdrmock "github.com/trustbloc/did-go/vdr/mock" - "github.com/trustbloc/kms-go/crypto/tinkcrypto" - "github.com/trustbloc/kms-go/doc/util/jwkkid" - "github.com/trustbloc/kms-go/kms/localkms" - mockkms "github.com/trustbloc/kms-go/mock/kms" "github.com/trustbloc/kms-go/secretlock/noop" kmskeytypes "github.com/trustbloc/kms-go/spi/kms" "github.com/trustbloc/vc-go/dataintegrity" @@ -734,15 +733,12 @@ func Test_DataIntegrity_SignVerify(t *testing.T) { } } ` - mockKMS := createKMS(t) + localSuite := createKMS(t) - mockCrypto, err := tinkcrypto.New() + signer, err := localSuite.KMSCrypto() require.NoError(t, err) - _, keyBytes, err := mockKMS.CreateAndExportPubKeyBytes(kmskeytypes.ECDSAP256IEEEP1363) - require.NoError(t, err) - - key, err := jwkkid.BuildJWK(keyBytes, kmskeytypes.ECDSAP256IEEEP1363) + key, err := signer.Create(kmskeytypes.ECDSAP256IEEEP1363) require.NoError(t, err) const signingDID = "did:foo:bar" @@ -760,7 +756,7 @@ func Test_DataIntegrity_SignVerify(t *testing.T) { }} signerSuite := ecdsa2019.NewSignerInitializer(&ecdsa2019.SignerInitializerOptions{ - SignerGetter: ecdsa2019.WithLocalKMSSigner(mockKMS, mockCrypto), + SignerGetter: ecdsa2019.WithKMSCryptoWrapper(signer), LDDocumentLoader: docLoader, }) @@ -829,16 +825,16 @@ func makeMockDIDResolution(id string, vm *did.VerificationMethod, vr did.Verific } } -func createKMS(t *testing.T) *localkms.LocalKMS { +func createKMS(t *testing.T) api.Suite { t.Helper() - p, err := mockkms.NewProviderForKMS(ariesmockstorage.NewMockStoreProvider(), &noop.NoLock{}) + store, err := kms.NewAriesProviderWrapper(ariesmockstorage.NewMockStoreProvider()) require.NoError(t, err) - k, err := localkms.New("local-lock://custom/primary/key/", p) + localSuite, err := localsuite.NewLocalCryptoSuite("local-lock://custom/primary/key/", store, &noop.NoLock{}) require.NoError(t, err) - return k + return localSuite } func createVC(t *testing.T, vcc verifiable.CredentialContents) *verifiable.Credential { vc, err := verifiable.CreateCredential(vcc, nil) diff --git a/test/bdd/go.mod b/test/bdd/go.mod index 0211f5660..9ebe45136 100644 --- a/test/bdd/go.mod +++ b/test/bdd/go.mod @@ -7,12 +7,15 @@ module github.com/trustbloc/vcs/test/bdd go 1.21 require ( + github.com/aws/aws-sdk-go-v2 v1.21.0 + github.com/aws/aws-sdk-go-v2/config v1.18.4 github.com/aws/aws-sdk-go-v2/service/cognitoidentityprovider v1.26.1 github.com/cucumber/godog v0.12.5 github.com/google/uuid v1.3.0 github.com/gorilla/mux v1.8.0 github.com/greenpau/go-calculator v1.0.1 github.com/jedib0t/go-pretty/v6 v6.4.6 + github.com/labstack/echo/v4 v4.9.0 github.com/ory/fosite v0.44.0 github.com/rdumont/assistdog v0.0.0-20201106100018-168b06230d14 github.com/samber/lo v1.38.1 @@ -24,6 +27,7 @@ require ( github.com/trustbloc/vcs v0.1.9-0.20230210204445-f2870a36f0ea github.com/trustbloc/vcs/component/wallet-cli v0.0.0-20230710195911-02aad4f0fcec github.com/trustbloc/vcs/test/stress v0.0.0-00010101000000-000000000000 + go.uber.org/zap v1.23.0 golang.org/x/oauth2 v0.7.0 ) @@ -33,8 +37,6 @@ require ( github.com/PaesslerAG/jsonpath v0.1.1 // indirect github.com/VictoriaMetrics/fastcache v1.5.7 // indirect github.com/asaskevich/govalidator v0.0.0-20230301143203-a9d515a09cc2 // indirect - github.com/aws/aws-sdk-go-v2 v1.21.0 // indirect - github.com/aws/aws-sdk-go-v2/config v1.18.4 // indirect github.com/aws/aws-sdk-go-v2/credentials v1.13.4 // indirect github.com/aws/aws-sdk-go-v2/feature/ec2/imds v1.12.20 // indirect github.com/aws/aws-sdk-go-v2/internal/configsources v1.1.41 // indirect @@ -93,7 +95,6 @@ require ( github.com/kilic/bls12-381 v0.1.1-0.20210503002446-7b7597926c69 // indirect github.com/klauspost/compress v1.15.9 // indirect github.com/klauspost/cpuid/v2 v2.0.4 // indirect - github.com/labstack/echo/v4 v4.9.0 // indirect github.com/labstack/gommon v0.3.1 // indirect github.com/magiconair/properties v1.8.7 // indirect github.com/mailru/easyjson v0.7.7 // indirect @@ -158,7 +159,6 @@ require ( go.opentelemetry.io/otel/trace v1.14.0 // indirect go.uber.org/atomic v1.9.0 // indirect go.uber.org/multierr v1.8.0 // indirect - go.uber.org/zap v1.23.0 // indirect golang.org/x/crypto v0.12.0 // indirect golang.org/x/exp v0.0.0-20230817173708-d852ddb80c63 // indirect golang.org/x/mod v0.12.0 // indirect @@ -176,6 +176,10 @@ require ( rsc.io/tmplfunc v0.0.3 // indirect ) +replace github.com/trustbloc/kms-go => github.com/Moopli/kms-go v0.0.0-20230928053158-b92b3a5e8b1e + +replace github.com/trustbloc/vc-go => github.com/Moopli/vc-go v0.0.0-20230928053443-3bcf0df63996 + replace ( github.com/trustbloc/vcs => ../.. github.com/trustbloc/vcs/component/wallet-cli => ../../component/wallet-cli diff --git a/test/bdd/go.sum b/test/bdd/go.sum index 6d525994e..9ee13d5bb 100644 --- a/test/bdd/go.sum +++ b/test/bdd/go.sum @@ -45,6 +45,10 @@ github.com/IBM/mathlib v0.0.3-0.20230605104224-932ab92f2ce0 h1:V3ElfC3Xs8bxJyc7V github.com/IBM/mathlib v0.0.3-0.20230605104224-932ab92f2ce0/go.mod h1:k0NBSWMYVgaZ2keDuI8DSwdIEhUNhp8XnlVmm6Xwyuk= github.com/Microsoft/go-winio v0.6.0 h1:slsWYD/zyx7lCXoZVlvQrj0hPTM1HI4+v1sIda2yDvg= github.com/Microsoft/go-winio v0.6.0/go.mod h1:cTAf44im0RAYeL23bpB+fzCyDH2MJiz2BO69KH/soAE= +github.com/Moopli/kms-go v0.0.0-20230928053158-b92b3a5e8b1e h1:fZz3QVC0MhylGwjUAt2g/18gpvLyp+gD1kdBlDUC6KI= +github.com/Moopli/kms-go v0.0.0-20230928053158-b92b3a5e8b1e/go.mod h1:7arOSG9GewtV1WiqYZ23dSZ6haamosSABwyG//cRaXQ= +github.com/Moopli/vc-go v0.0.0-20230928053443-3bcf0df63996 h1:WMAjakrYEl+87QJBF1kxAPsl/CjVO28xyPg24vZvLUg= +github.com/Moopli/vc-go v0.0.0-20230928053443-3bcf0df63996/go.mod h1:/PuAaqEkBj3csXcUGjve6Zgp4Heluoc1267owTjdURM= github.com/Nvveen/Gotty v0.0.0-20120604004816-cd527374f1e5 h1:TngWCqHvy9oXAN6lEVMRuU21PR1EtLVZJmdB18Gu3Rw= github.com/Nvveen/Gotty v0.0.0-20120604004816-cd527374f1e5/go.mod h1:lmUJ/7eu/Q8D7ML55dXQrVaamCz2vxCfdQBasLZfHKk= github.com/OneOfOne/xxhash v1.2.2/go.mod h1:HSdplMjZKSmBqAxg5vPj2TmRDmfkzw+cTzAElWljhcU= @@ -694,14 +698,10 @@ github.com/trustbloc/cmdutil-go v0.0.0-20221125151303-09d42adcc811 h1:0e1d1w9o66 github.com/trustbloc/cmdutil-go v0.0.0-20221125151303-09d42adcc811/go.mod h1:o/v7C1z6d/5UrjaC6GAUc1hk0XVuE3M4tpyvsMMUw5k= github.com/trustbloc/did-go v1.0.2-0.20230922190208-b53738d979e9 h1:UA6QlD58VZnSd2EpFJCi9XctBY3naKouBOtjMss4ewc= github.com/trustbloc/did-go v1.0.2-0.20230922190208-b53738d979e9/go.mod h1:qqTm9zd5rGhHSOtC8jjadqM01Od9zcDbUiUYLv+M6ls= -github.com/trustbloc/kms-go v1.0.1-0.20230922134356-24e819a06a30 h1:nNmYk/CX3UrLe4a7qCaMjsc+IWcQdZlJGvY5D2gsewE= -github.com/trustbloc/kms-go v1.0.1-0.20230922134356-24e819a06a30/go.mod h1:7arOSG9GewtV1WiqYZ23dSZ6haamosSABwyG//cRaXQ= github.com/trustbloc/logutil-go v1.0.0-rc1 h1:rRJbvgQfrlUfyej+mY0nuQJymGqjRW4oZEwKi544F4c= github.com/trustbloc/logutil-go v1.0.0-rc1/go.mod h1:JlxT0oZfNKgIlSNtgc001WEeDMxlnAvOM43gNm8DQVc= github.com/trustbloc/sidetree-core-go v1.0.0 h1:kzfKZOJ0sgDy9D1AYNcoR3JHutqtMtKvF2P9UwUcDjU= github.com/trustbloc/sidetree-core-go v1.0.0/go.mod h1:jdxAFuorlIwFOGVW6O455/lZqxg2mZkRHNTEolcZdDI= -github.com/trustbloc/vc-go v1.0.3-0.20230927100750-6e0ff8399468 h1:GizDlcTPMuOh8HHifl8qp+ohaGMhiIT7k4+NcI/CA/I= -github.com/trustbloc/vc-go v1.0.3-0.20230927100750-6e0ff8399468/go.mod h1:6I4D1Hlf5CpSXBbfOIf58ZPtheyT8ZdsorN2kef2ZxU= github.com/trustbloc/vcs/component/oidc/fosite v0.0.0-20230724110323-79c5330617d6 h1:iqqHGeoI6fXZbjtjvV9OCql7XQtr8P4LQBE9d2j9Ll8= github.com/trustbloc/vcs/component/oidc/fosite v0.0.0-20230724110323-79c5330617d6/go.mod h1:D/dD0ld+XRAt/MjhKnrpaVbaKTe5Zq9uAXONf5c4OxU= github.com/ugorji/go v1.1.7/go.mod h1:kZn38zHttfInRq0xu/PH0az30d+z6vm202qpg1oXVMw= diff --git a/test/stress/go.mod b/test/stress/go.mod index 311a9250c..e2a1c4bff 100644 --- a/test/stress/go.mod +++ b/test/stress/go.mod @@ -27,19 +27,19 @@ require ( github.com/PaesslerAG/jsonpath v0.1.1 // indirect github.com/VictoriaMetrics/fastcache v1.5.7 // indirect github.com/asaskevich/govalidator v0.0.0-20230301143203-a9d515a09cc2 // indirect - github.com/aws/aws-sdk-go-v2 v1.17.7 // indirect + github.com/aws/aws-sdk-go-v2 v1.21.0 // indirect github.com/aws/aws-sdk-go-v2/config v1.18.4 // indirect github.com/aws/aws-sdk-go-v2/credentials v1.13.4 // indirect github.com/aws/aws-sdk-go-v2/feature/ec2/imds v1.12.20 // indirect - github.com/aws/aws-sdk-go-v2/internal/configsources v1.1.31 // indirect - github.com/aws/aws-sdk-go-v2/internal/endpoints/v2 v2.4.25 // indirect + github.com/aws/aws-sdk-go-v2/internal/configsources v1.1.41 // indirect + github.com/aws/aws-sdk-go-v2/internal/endpoints/v2 v2.4.35 // indirect github.com/aws/aws-sdk-go-v2/internal/ini v1.3.27 // indirect github.com/aws/aws-sdk-go-v2/service/internal/presigned-url v1.9.25 // indirect github.com/aws/aws-sdk-go-v2/service/kms v1.20.0 // indirect github.com/aws/aws-sdk-go-v2/service/sso v1.11.26 // indirect github.com/aws/aws-sdk-go-v2/service/ssooidc v1.13.9 // indirect github.com/aws/aws-sdk-go-v2/service/sts v1.17.6 // indirect - github.com/aws/smithy-go v1.13.5 // indirect + github.com/aws/smithy-go v1.14.2 // indirect github.com/bluele/gcache v0.0.2 // indirect github.com/btcsuite/btcd v0.22.3 // indirect github.com/btcsuite/btcutil v1.0.3-0.20201208143702-a53e38424cce // indirect @@ -174,6 +174,10 @@ require ( rsc.io/tmplfunc v0.0.3 // indirect ) +replace github.com/trustbloc/kms-go => github.com/Moopli/kms-go v0.0.0-20230928053158-b92b3a5e8b1e + +replace github.com/trustbloc/vc-go => github.com/Moopli/vc-go v0.0.0-20230928053443-3bcf0df63996 + replace ( github.com/trustbloc/vcs => ../.. github.com/trustbloc/vcs/component/wallet-cli => ../../component/wallet-cli diff --git a/test/stress/go.sum b/test/stress/go.sum index c4312ce64..16192cc47 100644 --- a/test/stress/go.sum +++ b/test/stress/go.sum @@ -44,6 +44,10 @@ github.com/IBM/mathlib v0.0.3-0.20230605104224-932ab92f2ce0 h1:V3ElfC3Xs8bxJyc7V github.com/IBM/mathlib v0.0.3-0.20230605104224-932ab92f2ce0/go.mod h1:k0NBSWMYVgaZ2keDuI8DSwdIEhUNhp8XnlVmm6Xwyuk= github.com/Microsoft/go-winio v0.6.0 h1:slsWYD/zyx7lCXoZVlvQrj0hPTM1HI4+v1sIda2yDvg= github.com/Microsoft/go-winio v0.6.0/go.mod h1:cTAf44im0RAYeL23bpB+fzCyDH2MJiz2BO69KH/soAE= +github.com/Moopli/kms-go v0.0.0-20230928053158-b92b3a5e8b1e h1:fZz3QVC0MhylGwjUAt2g/18gpvLyp+gD1kdBlDUC6KI= +github.com/Moopli/kms-go v0.0.0-20230928053158-b92b3a5e8b1e/go.mod h1:7arOSG9GewtV1WiqYZ23dSZ6haamosSABwyG//cRaXQ= +github.com/Moopli/vc-go v0.0.0-20230928053443-3bcf0df63996 h1:WMAjakrYEl+87QJBF1kxAPsl/CjVO28xyPg24vZvLUg= +github.com/Moopli/vc-go v0.0.0-20230928053443-3bcf0df63996/go.mod h1:/PuAaqEkBj3csXcUGjve6Zgp4Heluoc1267owTjdURM= github.com/Nvveen/Gotty v0.0.0-20120604004816-cd527374f1e5 h1:TngWCqHvy9oXAN6lEVMRuU21PR1EtLVZJmdB18Gu3Rw= github.com/Nvveen/Gotty v0.0.0-20120604004816-cd527374f1e5/go.mod h1:lmUJ/7eu/Q8D7ML55dXQrVaamCz2vxCfdQBasLZfHKk= github.com/PaesslerAG/gval v1.0.0/go.mod h1:y/nm5yEyTeX6av0OfKJNp9rBNj2XrGhAf5+v24IBN1I= @@ -61,8 +65,9 @@ github.com/asaskevich/govalidator v0.0.0-20230301143203-a9d515a09cc2 h1:DklsrG3d github.com/asaskevich/govalidator v0.0.0-20230301143203-a9d515a09cc2/go.mod h1:WaHUgvxTVq04UNunO+XhnAqY/wQc+bxr74GqbsZ/Jqw= github.com/aws/aws-sdk-go-v2 v1.17.2/go.mod h1:uzbQtefpm44goOPmdKyAlXSNcwlRgF3ePWVW6EtJvvw= github.com/aws/aws-sdk-go-v2 v1.17.3/go.mod h1:uzbQtefpm44goOPmdKyAlXSNcwlRgF3ePWVW6EtJvvw= -github.com/aws/aws-sdk-go-v2 v1.17.7 h1:CLSjnhJSTSogvqUGhIC6LqFKATMRexcxLZ0i/Nzk9Eg= github.com/aws/aws-sdk-go-v2 v1.17.7/go.mod h1:uzbQtefpm44goOPmdKyAlXSNcwlRgF3ePWVW6EtJvvw= +github.com/aws/aws-sdk-go-v2 v1.21.0 h1:gMT0IW+03wtYJhRqTVYn0wLzwdnK9sRMcxmtfGzRdJc= +github.com/aws/aws-sdk-go-v2 v1.21.0/go.mod h1:/RfNgGmRxI+iFOB1OeJUyxiU+9s88k3pfHvDagGEp0M= github.com/aws/aws-sdk-go-v2/config v1.18.4 h1:VZKhr3uAADXHStS/Gf9xSYVmmaluTUfkc0dcbPiDsKE= github.com/aws/aws-sdk-go-v2/config v1.18.4/go.mod h1:EZxMPLSdGAZ3eAmkqXfYbRppZJTzFTkv8VyEzJhKko4= github.com/aws/aws-sdk-go-v2/credentials v1.13.4 h1:nEbHIyJy7mCvQ/kzGG7VWHSBpRB4H6sJy3bWierWUtg= @@ -71,12 +76,12 @@ github.com/aws/aws-sdk-go-v2/feature/ec2/imds v1.12.20 h1:tpNOglTZ8kg9T38NpcGBxu github.com/aws/aws-sdk-go-v2/feature/ec2/imds v1.12.20/go.mod h1:d9xFpWd3qYwdIXM0fvu7deD08vvdRXyc/ueV+0SqaWE= github.com/aws/aws-sdk-go-v2/internal/configsources v1.1.26/go.mod h1:2E0LdbJW6lbeU4uxjum99GZzI0ZjDpAb0CoSCM0oeEY= github.com/aws/aws-sdk-go-v2/internal/configsources v1.1.27/go.mod h1:a1/UpzeyBBerajpnP5nGZa9mGzsBn5cOKxm6NWQsvoI= -github.com/aws/aws-sdk-go-v2/internal/configsources v1.1.31 h1:sJLYcS+eZn5EeNINGHSCRAwUJMFVqklwkH36Vbyai7M= -github.com/aws/aws-sdk-go-v2/internal/configsources v1.1.31/go.mod h1:QT0BqUvX1Bh2ABdTGnjqEjvjzrCfIniM9Sc8zn9Yndo= +github.com/aws/aws-sdk-go-v2/internal/configsources v1.1.41 h1:22dGT7PneFMx4+b3pz7lMTRyN8ZKH7M2cW4GP9yUS2g= +github.com/aws/aws-sdk-go-v2/internal/configsources v1.1.41/go.mod h1:CrObHAuPneJBlfEJ5T3szXOUkLEThaGfvnhTf33buas= github.com/aws/aws-sdk-go-v2/internal/endpoints/v2 v2.4.20/go.mod h1:/+6lSiby8TBFpTVXZgKiN/rCfkYXEGvhlM4zCgPpt7w= github.com/aws/aws-sdk-go-v2/internal/endpoints/v2 v2.4.21/go.mod h1:+Gxn8jYn5k9ebfHEqlhrMirFjSW0v0C9fI+KN5vk2kE= -github.com/aws/aws-sdk-go-v2/internal/endpoints/v2 v2.4.25 h1:1mnRASEKnkqsntcxHaysxwgVoUUp5dkiB+l3llKnqyg= -github.com/aws/aws-sdk-go-v2/internal/endpoints/v2 v2.4.25/go.mod h1:zBHOPwhBc3FlQjQJE/D3IfPWiWaQmT06Vq9aNukDo0k= +github.com/aws/aws-sdk-go-v2/internal/endpoints/v2 v2.4.35 h1:SijA0mgjV8E+8G45ltVHs0fvKpTj8xmZJ3VwhGKtUSI= +github.com/aws/aws-sdk-go-v2/internal/endpoints/v2 v2.4.35/go.mod h1:SJC1nEVVva1g3pHAIdCp7QsRIkMmLAgoDquQ9Rr8kYw= github.com/aws/aws-sdk-go-v2/internal/ini v1.3.27 h1:N2eKFw2S+JWRCtTt0IhIX7uoGGQciD4p6ba+SJv4WEU= github.com/aws/aws-sdk-go-v2/internal/ini v1.3.27/go.mod h1:RdwFVc7PBYWY33fa2+8T1mSqQ7ZEK4ILpM0wfioDC3w= github.com/aws/aws-sdk-go-v2/service/internal/presigned-url v1.9.20/go.mod h1:Xs52xaLBqDEKRcAfX/hgjmD3YQ7c/W+BEyfamlO/W2E= @@ -90,8 +95,9 @@ github.com/aws/aws-sdk-go-v2/service/ssooidc v1.13.9 h1:wihKuqYUlA2T/Rx+yu2s6NDA github.com/aws/aws-sdk-go-v2/service/ssooidc v1.13.9/go.mod h1:2E/3D/mB8/r2J7nK42daoKP/ooCwbf0q1PznNc+DZTU= github.com/aws/aws-sdk-go-v2/service/sts v1.17.6 h1:VQFOLQVL3BrKM/NLO/7FiS4vcp5bqK0mGMyk09xLoAY= github.com/aws/aws-sdk-go-v2/service/sts v1.17.6/go.mod h1:Az3OXXYGyfNwQNsK/31L4R75qFYnO641RZGAoV3uH1c= -github.com/aws/smithy-go v1.13.5 h1:hgz0X/DX0dGqTYpGALqXJoRKRj5oQ7150i5FdTePzO8= github.com/aws/smithy-go v1.13.5/go.mod h1:Tg+OJXh4MB2R/uN61Ko2f6hTZwB/ZYGOtib8J3gBHzA= +github.com/aws/smithy-go v1.14.2 h1:MJU9hqBGbvWZdApzpvoF2WAIJDbtjK2NDJSiJP7HblQ= +github.com/aws/smithy-go v1.14.2/go.mod h1:Tg+OJXh4MB2R/uN61Ko2f6hTZwB/ZYGOtib8J3gBHzA= github.com/benbjohnson/clock v1.1.0 h1:Q92kusRqC1XV2MjkWETPvjJVqKetz1OzxZB7mHJLju8= github.com/benbjohnson/clock v1.1.0/go.mod h1:J11/hYXuz8f4ySSvYwY0FKfm+ezbsZBKZxNJlLklBHA= github.com/bluele/gcache v0.0.2 h1:WcbfdXICg7G/DGBh1PFfcirkWOQV+v077yF1pSy3DGw= @@ -563,14 +569,10 @@ github.com/trustbloc/bbs-signature-go v1.0.0 h1:JOKmPRTpjbbGODt71i3wJyiEBcu5XEoe github.com/trustbloc/bbs-signature-go v1.0.0/go.mod h1:8xptu/lbVUDACQW10yiHtqATzC2kpTKQk5mKsKTD85Y= github.com/trustbloc/did-go v1.0.2-0.20230922190208-b53738d979e9 h1:UA6QlD58VZnSd2EpFJCi9XctBY3naKouBOtjMss4ewc= github.com/trustbloc/did-go v1.0.2-0.20230922190208-b53738d979e9/go.mod h1:qqTm9zd5rGhHSOtC8jjadqM01Od9zcDbUiUYLv+M6ls= -github.com/trustbloc/kms-go v1.0.1-0.20230922134356-24e819a06a30 h1:nNmYk/CX3UrLe4a7qCaMjsc+IWcQdZlJGvY5D2gsewE= -github.com/trustbloc/kms-go v1.0.1-0.20230922134356-24e819a06a30/go.mod h1:7arOSG9GewtV1WiqYZ23dSZ6haamosSABwyG//cRaXQ= github.com/trustbloc/logutil-go v1.0.0-rc1 h1:rRJbvgQfrlUfyej+mY0nuQJymGqjRW4oZEwKi544F4c= github.com/trustbloc/logutil-go v1.0.0-rc1/go.mod h1:JlxT0oZfNKgIlSNtgc001WEeDMxlnAvOM43gNm8DQVc= github.com/trustbloc/sidetree-core-go v1.0.0 h1:kzfKZOJ0sgDy9D1AYNcoR3JHutqtMtKvF2P9UwUcDjU= github.com/trustbloc/sidetree-core-go v1.0.0/go.mod h1:jdxAFuorlIwFOGVW6O455/lZqxg2mZkRHNTEolcZdDI= -github.com/trustbloc/vc-go v1.0.3-0.20230927100750-6e0ff8399468 h1:GizDlcTPMuOh8HHifl8qp+ohaGMhiIT7k4+NcI/CA/I= -github.com/trustbloc/vc-go v1.0.3-0.20230927100750-6e0ff8399468/go.mod h1:6I4D1Hlf5CpSXBbfOIf58ZPtheyT8ZdsorN2kef2ZxU= github.com/trustbloc/vcs/component/oidc/fosite v0.0.0-20230724110323-79c5330617d6 h1:iqqHGeoI6fXZbjtjvV9OCql7XQtr8P4LQBE9d2j9Ll8= github.com/trustbloc/vcs/component/oidc/fosite v0.0.0-20230724110323-79c5330617d6/go.mod h1:D/dD0ld+XRAt/MjhKnrpaVbaKTe5Zq9uAXONf5c4OxU= github.com/ugorji/go v1.1.7/go.mod h1:kZn38zHttfInRq0xu/PH0az30d+z6vm202qpg1oXVMw=