From 30c2a9525a7356105644ade5278edba092abbf20 Mon Sep 17 00:00:00 2001 From: reinkrul Date: Wed, 7 Feb 2024 15:11:08 +0100 Subject: [PATCH] VDR: Fix resolving keys for did:web DIDs with port (#2779) --- go.mod | 2 +- go.sum | 4 ++-- vdr/resolver/did_test.go | 5 ++++- vdr/resolver/key_test.go | 14 ++++++++++++++ 4 files changed, 21 insertions(+), 4 deletions(-) diff --git a/go.mod b/go.mod index 7a45dec884..0293cf6f19 100644 --- a/go.mod +++ b/go.mod @@ -25,7 +25,7 @@ require ( github.com/nats-io/nats-server/v2 v2.10.10 github.com/nats-io/nats.go v1.32.0 github.com/nuts-foundation/crypto-ecies v0.0.0-20211207143025-5b84f9efce2b - github.com/nuts-foundation/go-did v0.11.0 + github.com/nuts-foundation/go-did v0.12.0 github.com/nuts-foundation/go-leia/v4 v4.0.1 github.com/nuts-foundation/go-stoabs v1.9.0 // check the oapi-codegen tool version in the makefile when upgrading the runtime diff --git a/go.sum b/go.sum index 11707a3c89..d851939f1a 100644 --- a/go.sum +++ b/go.sum @@ -485,8 +485,8 @@ github.com/nightlyone/lockfile v1.0.0/go.mod h1:rywoIealpdNse2r832aiD9jRk8ErCatR github.com/npillmayer/nestext v0.1.3/go.mod h1:h2lrijH8jpicr25dFY+oAJLyzlya6jhnuG+zWp9L0Uk= github.com/nuts-foundation/crypto-ecies v0.0.0-20211207143025-5b84f9efce2b h1:80icUxWHwE1MrIOOEK5rxrtyKOgZeq5Iu1IjAEkggTY= github.com/nuts-foundation/crypto-ecies v0.0.0-20211207143025-5b84f9efce2b/go.mod h1:6YUioYirD6/8IahZkoS4Ypc8xbeJW76Xdk1QKcziNTM= -github.com/nuts-foundation/go-did v0.11.0 h1:RTem1MlVoOOoLa/Y2miYRy70Jex0/kJBTCPH5RtUmrY= -github.com/nuts-foundation/go-did v0.11.0/go.mod h1:2e2H2Hqk0SWrrGZEg97dbK/ZFIkkFB65hNWdOSbylrg= +github.com/nuts-foundation/go-did v0.12.0 h1:XmttEpFOxrUXzdXHj2x9h8KlhhPgyr02vgtygWg8xnY= +github.com/nuts-foundation/go-did v0.12.0/go.mod h1:cZiOP2Is9hgIsP5g1FqkfhBDi8f6ktxkP6K4iTX9qns= github.com/nuts-foundation/go-leia/v4 v4.0.1 h1:+Sbk3Bew1QnRUqRXSOwomMw3nIZgncmTX425J7U5Q34= github.com/nuts-foundation/go-leia/v4 v4.0.1/go.mod h1:eaZuWIolpU61TMvTMcen85+SOEOnHiALdg5SxqLXzz8= github.com/nuts-foundation/go-stoabs v1.9.0 h1:zK+ugfolaJYyBvGwsRuavLVdycXk4Yw/1gI+tz17lWQ= diff --git a/vdr/resolver/did_test.go b/vdr/resolver/did_test.go index f0b0cbf743..d7b9ddef78 100644 --- a/vdr/resolver/did_test.go +++ b/vdr/resolver/did_test.go @@ -95,8 +95,11 @@ func Test_deactivatedError_Is(t *testing.T) { } func newDidDoc() did.Document { + return newDidDocWithDID(did.MustParseDID("did:example:sakjsakldjsakld")) +} + +func newDidDocWithDID(id did.DID) did.Document { privateKey, _ := ecdsa.GenerateKey(elliptic.P256(), rand.Reader) - id := did.MustParseDID("did:example:sakjsakldjsakld") keyID := did.DIDURL{DID: id} keyID.Fragment = "key-1" vm, _ := did.NewVerificationMethod(keyID, ssi.JsonWebKey2020, id, privateKey.Public()) diff --git a/vdr/resolver/key_test.go b/vdr/resolver/key_test.go index d9db59ea7e..cc7c6ad3cd 100644 --- a/vdr/resolver/key_test.go +++ b/vdr/resolver/key_test.go @@ -23,6 +23,7 @@ import ( "github.com/stretchr/testify/assert" "github.com/stretchr/testify/require" "go.uber.org/mock/gomock" + "strings" "testing" ) @@ -40,6 +41,19 @@ func TestKeyResolver_ResolveKey(t *testing.T) { assert.Equal(t, doc.VerificationMethod[0].ID.URI(), keyId) assert.NotNil(t, key) }) + t.Run("ok - did:web with port", func(t *testing.T) { + // This test checks for regression of DID.URI() double-encoding, causing %3A to be encoded to %253A + // This was fixed in go-did v0.12.0 + ctrl := gomock.NewController(t) + resolver := NewMockDIDResolver(ctrl) + keyResolver := DIDKeyResolver{Resolver: resolver} + doc := newDidDocWithDID(did.MustParseDID("did:web:example.com%3A8443")) + resolver.EXPECT().Resolve(doc.ID, gomock.Any()).AnyTimes().Return(&doc, nil, nil) + + keyId, _, err := keyResolver.ResolveKey(doc.ID, nil, AssertionMethod) + require.NoError(t, err) + assert.Truef(t, strings.HasPrefix(keyId.String(), doc.ID.String()), "%s does not start with DID %s", keyId, doc.ID) + }) t.Run("error - document not found", func(t *testing.T) { unknownDID := did.MustParseDID("did:example:123")