chore: Add WithRecoveryCommitment and WithUpdateCommitment

Signed-off-by: Firas Qutishat <firas.qutishat@securekey.com>
hyperledger-archives · Jan 21, 2021 · 73bf906 · 73bf906
1 parent 18c6f2a
commit 73bf906
Show file tree

Hide file tree

Showing 5 changed files with 101 additions and 56 deletions.
diff --git a/component/vdr/sidetree/client.go b/component/vdr/sidetree/client.go
@@ -22,6 +22,8 @@ import (
 	"net/http"
 	"strings"
 
+	"github.com/trustbloc/sidetree-core-go/pkg/hashing"
+
 	"github.com/hyperledger/aries-framework-go/pkg/common/log"
 	docdid "github.com/hyperledger/aries-framework-go/pkg/doc/did"
 	"github.com/trustbloc/sidetree-core-go/pkg/commitment"
@@ -247,8 +249,8 @@ func validateUpdateReq(updateDIDOpts *update.Opts) error {
 		return fmt.Errorf("next update public key is required")
 	}
 
-	if updateDIDOpts.RevealValue == "" {
-		return fmt.Errorf("reveal value is required")
+	if updateDIDOpts.UpdateCommitment == "" {
+		return fmt.Errorf("update commitment is required")
 	}
 
 	if updateDIDOpts.GetEndpoints == nil {
@@ -271,8 +273,8 @@ func validateRecoverReq(recoverDIDOpts *recovery.Opts) error {
 		return fmt.Errorf("signing key is required")
 	}
 
-	if recoverDIDOpts.RevealValue == "" {
-		return fmt.Errorf("reveal value is required")
+	if recoverDIDOpts.RecoveryCommitment == "" {
+		return fmt.Errorf("recovery commitment is required")
 	}
 
 	if recoverDIDOpts.GetEndpoints == nil {
@@ -287,8 +289,8 @@ func validateDeactivateReq(deactivateDIDOpts *deactivate.Opts) error {
 		return fmt.Errorf("signing key is required")
 	}
 
-	if deactivateDIDOpts.RevealValue == "" {
-		return fmt.Errorf("reveal value is required")
+	if deactivateDIDOpts.RecoveryCommitment == "" {
+		return fmt.Errorf("recovery commitment is required")
 	}
 
 	if deactivateDIDOpts.GetEndpoints == nil {
@@ -373,9 +375,19 @@ func (c *Client) buildUpdateRequest(did string, multiHashAlgorithm uint,
 		return nil, err
 	}
 
+	multihashCode, err := hashing.GetMultihashCode(updateDIDOpts.UpdateCommitment)
+	if err != nil {
+		return nil, err
+	}
+
+	rv, err := commitment.GetRevealValue(updateKey, uint(multihashCode))
+	if err != nil {
+		return nil, err
+	}
+
 	return client.NewUpdateRequest(&client.UpdateRequestInfo{
 		DidSuffix:        didSuffix,
-		RevealValue:      updateDIDOpts.RevealValue,
+		RevealValue:      rv,
 		UpdateCommitment: nextUpdateCommitment,
 		UpdateKey:        updateKey,
 		Patches:          patches,
@@ -411,8 +423,18 @@ func buildRecoverRequest(did string, multiHashAlgorithm uint, recoverDIDOpts *re
 		return nil, err
 	}
 
+	multihashCode, err := hashing.GetMultihashCode(recoverDIDOpts.RecoveryCommitment)
+	if err != nil {
+		return nil, err
+	}
+
+	rv, err := commitment.GetRevealValue(recoveryKey, uint(multihashCode))
+	if err != nil {
+		return nil, err
+	}
+
 	req, err := client.NewRecoverRequest(&client.RecoverRequestInfo{
-		DidSuffix: didSuffix, RevealValue: recoverDIDOpts.RevealValue, OpaqueDocument: string(docBytes),
+		DidSuffix: didSuffix, RevealValue: rv, OpaqueDocument: string(docBytes),
 		RecoveryCommitment: nextRecoveryCommitment, UpdateCommitment: nextUpdateCommitment,
 		MultihashCode: multiHashAlgorithm, Signer: signer, RecoveryKey: recoveryKey,
 	})
@@ -435,9 +457,19 @@ func buildDeactivateRequest(did string, deactivateDIDOpts *deactivate.Opts) ([]b
 		return nil, err
 	}
 
+	multihashCode, err := hashing.GetMultihashCode(deactivateDIDOpts.RecoveryCommitment)
+	if err != nil {
+		return nil, err
+	}
+
+	rv, err := commitment.GetRevealValue(publicKey, uint(multihashCode))
+	if err != nil {
+		return nil, err
+	}
+
 	return client.NewDeactivateRequest(&client.DeactivateRequestInfo{
 		DidSuffix:   didSuffix,
-		RevealValue: deactivateDIDOpts.RevealValue,
+		RevealValue: rv,
 		RecoveryKey: publicKey,
 		Signer:      signer,
 	})

diff --git a/component/vdr/sidetree/client_test.go b/component/vdr/sidetree/client_test.go
@@ -46,15 +46,15 @@ func TestClient_DeactivateDID(t *testing.T) {
 		require.Contains(t, err.Error(), "signing key is required")
 	})
 
-	t.Run("test reveal value is empty", func(t *testing.T) {
+	t.Run("test recovery commitment is empty", func(t *testing.T) {
 		v := sidetree.New()
 
 		_, privKey, err := ed25519.GenerateKey(rand.Reader)
 		require.NoError(t, err)
 
 		err = v.DeactivateDID("did:ex:123", deactivate.WithSigningKey(privKey))
 		require.Error(t, err)
-		require.Contains(t, err.Error(), "reveal value is required")
+		require.Contains(t, err.Error(), "recovery commitment is required")
 	})
 
 	t.Run("test error from get endpoints", func(t *testing.T) {
@@ -64,11 +64,11 @@ func TestClient_DeactivateDID(t *testing.T) {
 		require.NoError(t, err)
 
 		err = v.DeactivateDID("did:ex:123", deactivate.WithSigningKey(privKey),
-			deactivate.WithRevealValue("value"))
+			deactivate.WithRecoveryCommitment("value"))
 		require.Error(t, err)
 		require.Contains(t, err.Error(), "sidetree get endpoints func is required")
 
-		err = v.DeactivateDID("did:ex:123", deactivate.WithRevealValue("value"),
+		err = v.DeactivateDID("did:ex:123", deactivate.WithRecoveryCommitment("value"),
 			deactivate.WithSigningKey(privKey),
 			deactivate.WithSidetreeEndpoint(func() ([]string, error) {
 				return nil, fmt.Errorf("failed to get endpoint")
@@ -80,7 +80,7 @@ func TestClient_DeactivateDID(t *testing.T) {
 	t.Run("test unsupported signing key", func(t *testing.T) {
 		v := sidetree.New()
 
-		err := v.DeactivateDID("did:ex:123", deactivate.WithRevealValue("value"),
+		err := v.DeactivateDID("did:ex:123", deactivate.WithRecoveryCommitment("value"),
 			deactivate.WithSigningKey("www"), deactivate.WithSidetreeEndpoint(func() ([]string, error) {
 				return []string{"url"}, nil
 			}))
@@ -94,7 +94,7 @@ func TestClient_DeactivateDID(t *testing.T) {
 		_, privKey, err := ed25519.GenerateKey(rand.Reader)
 		require.NoError(t, err)
 
-		err = v.DeactivateDID("wrong", deactivate.WithRevealValue("value"), deactivate.WithSigningKey(privKey),
+		err = v.DeactivateDID("wrong", deactivate.WithRecoveryCommitment("value"), deactivate.WithSigningKey(privKey),
 			deactivate.WithSidetreeEndpoint(func() ([]string, error) {
 				return []string{"url"}, nil
 			}))
@@ -110,10 +110,17 @@ func TestClient_DeactivateDID(t *testing.T) {
 
 		v := sidetree.New(sidetree.WithAuthToken("tk1"))
 
-		_, privKey, err := ed25519.GenerateKey(rand.Reader)
+		pubKey, privKey, err := ed25519.GenerateKey(rand.Reader)
 		require.NoError(t, err)
 
-		err = v.DeactivateDID("did:ex:123", deactivate.WithRevealValue("value"),
+		signingPubKeyJWK, err := pubkey.GetPublicKeyJWK(pubKey)
+		require.NoError(t, err)
+
+		rv, err := commitment.GetRevealValue(signingPubKeyJWK, 18)
+		require.NoError(t, err)
+
+		err = v.DeactivateDID("did:ex:123",
+			deactivate.WithRecoveryCommitment(rv),
 			deactivate.WithSigningKey(privKey), deactivate.WithSidetreeEndpoint(func() ([]string, error) {
 				return []string{"url"}, nil
 			}))
@@ -139,7 +146,7 @@ func TestClient_DeactivateDID(t *testing.T) {
 		require.NoError(t, err)
 
 		err = v.DeactivateDID("did:ex:123", deactivate.WithSigningKey(privKey),
-			deactivate.WithRevealValue(rv), deactivate.WithSidetreeEndpoint(func() ([]string, error) {
+			deactivate.WithRecoveryCommitment(rv), deactivate.WithSidetreeEndpoint(func() ([]string, error) {
 				return []string{serv.URL}, nil
 			}), deactivate.WithSigningKeyID("k1"))
 		require.NoError(t, err)
@@ -178,7 +185,7 @@ func TestClient_RecoverDID(t *testing.T) {
 		require.Contains(t, err.Error(), "signing key is required")
 	})
 
-	t.Run("test reveal value is empty", func(t *testing.T) {
+	t.Run("test recovery commitment is empty", func(t *testing.T) {
 		v := sidetree.New()
 
 		pubKey, privKey, err := ed25519.GenerateKey(rand.Reader)
@@ -187,7 +194,7 @@ func TestClient_RecoverDID(t *testing.T) {
 		err = v.RecoverDID("did:ex:123", recovery.WithNextRecoveryPublicKey(pubKey),
 			recovery.WithNextUpdatePublicKey(pubKey), recovery.WithSigningKey(privKey))
 		require.Error(t, err)
-		require.Contains(t, err.Error(), "reveal value is required")
+		require.Contains(t, err.Error(), "recovery commitment is required")
 	})
 
 	t.Run("test error from get endpoints", func(t *testing.T) {
@@ -196,13 +203,13 @@ func TestClient_RecoverDID(t *testing.T) {
 		pubKey, privKey, err := ed25519.GenerateKey(rand.Reader)
 		require.NoError(t, err)
 
-		err = v.RecoverDID("did:ex:123", recovery.WithRevealValue("value"),
+		err = v.RecoverDID("did:ex:123", recovery.WithRecoveryCommitment("value"),
 			recovery.WithNextUpdatePublicKey(pubKey), recovery.WithNextRecoveryPublicKey(pubKey),
 			recovery.WithSigningKey(privKey))
 		require.Error(t, err)
 		require.Contains(t, err.Error(), "sidetree get endpoints func is required")
 
-		err = v.RecoverDID("did:ex:123", recovery.WithRevealValue("value"),
+		err = v.RecoverDID("did:ex:123", recovery.WithRecoveryCommitment("value"),
 			recovery.WithNextUpdatePublicKey(pubKey), recovery.WithNextRecoveryPublicKey(pubKey),
 			recovery.WithSigningKey(privKey), recovery.WithSidetreeEndpoint(func() ([]string, error) {
 				return nil, fmt.Errorf("failed to get endpoint")
@@ -217,7 +224,7 @@ func TestClient_RecoverDID(t *testing.T) {
 		pubKey, privKey, err := ed25519.GenerateKey(rand.Reader)
 		require.NoError(t, err)
 
-		err = v.RecoverDID("did:ex:123", recovery.WithRevealValue("value"), recovery.WithSigningKey(privKey),
+		err = v.RecoverDID("did:ex:123", recovery.WithRecoveryCommitment("value"), recovery.WithSigningKey(privKey),
 			recovery.WithNextRecoveryPublicKey([]byte("wrong")), recovery.WithNextUpdatePublicKey(pubKey),
 			recovery.WithSidetreeEndpoint(func() ([]string, error) {
 				return []string{"url"}, nil
@@ -232,7 +239,7 @@ func TestClient_RecoverDID(t *testing.T) {
 		pubKey, privKey, err := ed25519.GenerateKey(rand.Reader)
 		require.NoError(t, err)
 
-		err = v.RecoverDID("did:ex:123", recovery.WithRevealValue("value"), recovery.WithSigningKey(privKey),
+		err = v.RecoverDID("did:ex:123", recovery.WithRecoveryCommitment("value"), recovery.WithSigningKey(privKey),
 			recovery.WithNextUpdatePublicKey([]byte("wrong")), recovery.WithNextRecoveryPublicKey(pubKey),
 			recovery.WithSidetreeEndpoint(func() ([]string, error) {
 				return []string{"url"}, nil
@@ -247,7 +254,7 @@ func TestClient_RecoverDID(t *testing.T) {
 		pubKey, _, err := ed25519.GenerateKey(rand.Reader)
 		require.NoError(t, err)
 
-		err = v.RecoverDID("did:ex:123", recovery.WithRevealValue("value"),
+		err = v.RecoverDID("did:ex:123", recovery.WithRecoveryCommitment("value"),
 			recovery.WithSigningKey("www"), recovery.WithNextUpdatePublicKey(pubKey),
 			recovery.WithNextRecoveryPublicKey(pubKey), recovery.WithSidetreeEndpoint(func() ([]string, error) {
 				return []string{"url"}, nil
@@ -262,7 +269,7 @@ func TestClient_RecoverDID(t *testing.T) {
 		pubKey, privKey, err := ed25519.GenerateKey(rand.Reader)
 		require.NoError(t, err)
 
-		err = v.RecoverDID("wrong", recovery.WithRevealValue("value"), recovery.WithSigningKey(privKey),
+		err = v.RecoverDID("wrong", recovery.WithRecoveryCommitment("value"), recovery.WithSigningKey(privKey),
 			recovery.WithNextUpdatePublicKey(pubKey), recovery.WithNextRecoveryPublicKey(pubKey),
 			recovery.WithSidetreeEndpoint(func() ([]string, error) {
 				return []string{"url"}, nil
@@ -280,7 +287,7 @@ func TestClient_RecoverDID(t *testing.T) {
 		ecPrivKey, err := ecdsa.GenerateKey(elliptic.P256(), rand.Reader)
 		require.NoError(t, err)
 
-		err = v.RecoverDID("did:ex:123", recovery.WithRevealValue("value"), recovery.WithSigningKey(ecPrivKey),
+		err = v.RecoverDID("did:ex:123", recovery.WithRecoveryCommitment("value"), recovery.WithSigningKey(ecPrivKey),
 			recovery.WithSigningKeyID("k1"), recovery.WithNextRecoveryPublicKey(pubKey),
 			recovery.WithSidetreeEndpoint(func() ([]string, error) {
 				return []string{"url"}, nil
@@ -307,7 +314,13 @@ func TestClient_RecoverDID(t *testing.T) {
 		ecPrivKey, err := ecdsa.GenerateKey(elliptic.P256(), rand.Reader)
 		require.NoError(t, err)
 
-		err = v.RecoverDID("did:ex:123", recovery.WithRevealValue("value"),
+		signingPubKeyJWK, err := pubkey.GetPublicKeyJWK(&ecPrivKey.PublicKey)
+		require.NoError(t, err)
+
+		rv, err := commitment.GetRevealValue(signingPubKeyJWK, 18)
+		require.NoError(t, err)
+
+		err = v.RecoverDID("did:ex:123", recovery.WithRecoveryCommitment(rv),
 			recovery.WithSidetreeEndpoint(func() ([]string, error) {
 				return []string{serv.URL}, nil
 			}), recovery.WithSigningKey(ecPrivKey), recovery.WithSigningKeyID("k1"),
@@ -352,7 +365,7 @@ func TestClient_RecoverDID(t *testing.T) {
 
 		err = v.RecoverDID("did:ex:123", recovery.WithSidetreeEndpoint(func() ([]string, error) {
 			return []string{serv.URL}, nil
-		}), recovery.WithSigningKey(signingKey), recovery.WithRevealValue(rv),
+		}), recovery.WithSigningKey(signingKey), recovery.WithRecoveryCommitment(rv),
 			recovery.WithSigningKeyID("k1"), recovery.WithNextRecoveryPublicKey(pubKey),
 			recovery.WithNextUpdatePublicKey(pubKey), recovery.WithPublicKey(&doc.PublicKey{
 				ID:   "key3",
@@ -384,15 +397,15 @@ func TestClient_UpdateDID(t *testing.T) {
 		require.Contains(t, err.Error(), "next update public key is required")
 	})
 
-	t.Run("reveal value is empty", func(t *testing.T) {
+	t.Run("update commitment is empty", func(t *testing.T) {
 		v := sidetree.New()
 
 		pubKey, privKey, err := ed25519.GenerateKey(rand.Reader)
 		require.NoError(t, err)
 
 		err = v.UpdateDID("did:ex:123", update.WithSigningKey(privKey), update.WithNextUpdatePublicKey(pubKey))
 		require.Error(t, err)
-		require.Contains(t, err.Error(), "reveal value is required")
+		require.Contains(t, err.Error(), "update commitment is required")
 	})
 
 	t.Run("test error from get endpoints", func(t *testing.T) {
@@ -401,12 +414,12 @@ func TestClient_UpdateDID(t *testing.T) {
 		pubKey, privKey, err := ed25519.GenerateKey(rand.Reader)
 		require.NoError(t, err)
 
-		err = v.UpdateDID("did:ex:123", update.WithRevealValue("value"), update.WithNextUpdatePublicKey(pubKey),
+		err = v.UpdateDID("did:ex:123", update.WithUpdateCommitment("value"), update.WithNextUpdatePublicKey(pubKey),
 			update.WithSigningKey(privKey))
 		require.Error(t, err)
 		require.Contains(t, err.Error(), "sidetree get endpoints func is required")
 
-		err = v.UpdateDID("did:ex:123", update.WithRevealValue("value"), update.WithNextUpdatePublicKey(pubKey),
+		err = v.UpdateDID("did:ex:123", update.WithUpdateCommitment("value"), update.WithNextUpdatePublicKey(pubKey),
 			update.WithSigningKey(privKey), update.WithSidetreeEndpoint(func() ([]string, error) {
 				return nil, fmt.Errorf("failed to get endpoints")
 			}))
@@ -420,7 +433,7 @@ func TestClient_UpdateDID(t *testing.T) {
 		_, privKey, err := ed25519.GenerateKey(rand.Reader)
 		require.NoError(t, err)
 
-		err = v.UpdateDID("did:ex:123", update.WithRevealValue("value"), update.WithSigningKey(privKey),
+		err = v.UpdateDID("did:ex:123", update.WithUpdateCommitment("value"), update.WithSigningKey(privKey),
 			update.WithNextUpdatePublicKey([]byte("wrong")), update.WithSidetreeEndpoint(func() ([]string, error) {
 				return []string{"url"}, nil
 			}))
@@ -434,7 +447,7 @@ func TestClient_UpdateDID(t *testing.T) {
 		pubKey, _, err := ed25519.GenerateKey(rand.Reader)
 		require.NoError(t, err)
 
-		err = v.UpdateDID("did:ex:123", update.WithRevealValue("value"), update.WithSigningKey("www"),
+		err = v.UpdateDID("did:ex:123", update.WithUpdateCommitment("value"), update.WithSigningKey("www"),
 			update.WithNextUpdatePublicKey(pubKey), update.WithSidetreeEndpoint(func() ([]string, error) {
 				return []string{"url"}, nil
 			}))
@@ -448,7 +461,7 @@ func TestClient_UpdateDID(t *testing.T) {
 		pubKey, privKey, err := ed25519.GenerateKey(rand.Reader)
 		require.NoError(t, err)
 
-		err = v.UpdateDID("wrong", update.WithRevealValue("value"), update.WithSigningKey(privKey),
+		err = v.UpdateDID("wrong", update.WithUpdateCommitment("value"), update.WithSigningKey(privKey),
 			update.WithNextUpdatePublicKey(pubKey), update.WithSidetreeEndpoint(func() ([]string, error) {
 				return []string{"url"}, nil
 			}))
@@ -478,7 +491,7 @@ func TestClient_UpdateDID(t *testing.T) {
 
 		err = v.UpdateDID("did:ex:123", update.WithSidetreeEndpoint(func() ([]string, error) {
 			return []string{serv.URL}, nil
-		}), update.WithSigningKey(signingKey), update.WithRevealValue(rv),
+		}), update.WithSigningKey(signingKey), update.WithUpdateCommitment(rv),
 			update.WithNextUpdatePublicKey(pubKey), update.WithRemoveService("svc1"),
 			update.WithRemoveService("svc1"), update.WithRemovePublicKey("k1"),
 			update.WithRemovePublicKey("k2"), update.WithAddPublicKey(&doc.PublicKey{
@@ -513,7 +526,7 @@ func TestClient_UpdateDID(t *testing.T) {
 
 		err = v.UpdateDID("did:ex:123", update.WithSidetreeEndpoint(func() ([]string, error) {
 			return []string{serv.URL}, nil
-		}), update.WithSigningKey(signingKey), update.WithRevealValue(rv),
+		}), update.WithSigningKey(signingKey), update.WithUpdateCommitment(rv),
 			update.WithNextUpdatePublicKey(pubKey), update.WithRemoveService("svc1"),
 			update.WithRemoveService("svc1"), update.WithRemovePublicKey("k1"),
 			update.WithRemovePublicKey("k2"), update.WithAddPublicKey(&doc.PublicKey{

diff --git a/component/vdr/sidetree/option/deactivate/option.go b/component/vdr/sidetree/option/deactivate/option.go
@@ -13,10 +13,10 @@ import (
 
 // Opts deactivate did opts.
 type Opts struct {
-	GetEndpoints func() ([]string, error)
-	SigningKey   crypto.PrivateKey
-	SigningKeyID string
-	RevealValue  string
+	GetEndpoints       func() ([]string, error)
+	SigningKey         crypto.PrivateKey
+	SigningKeyID       string
+	RecoveryCommitment string
 }
 
 // Option is a deactivate DID option.
@@ -43,9 +43,9 @@ func WithSigningKeyID(id string) Option {
 	}
 }
 
-// WithRevealValue sets reveal value.
-func WithRevealValue(rv string) Option {
+// WithRecoveryCommitment sets recovery commitment.
+func WithRecoveryCommitment(recoveryCommitment string) Option {
 	return func(opts *Opts) {
-		opts.RevealValue = rv
+		opts.RecoveryCommitment = recoveryCommitment
 	}
 }