From 44da2d76150c179c54e3818128a51be74331a0e4 Mon Sep 17 00:00:00 2001
From: PatStLouis <patrick.st-louis@opsecid.ca>
Date: Wed, 20 Nov 2024 05:35:13 +0000
Subject: [PATCH] improve proof handling when asserting a secured credential

Signed-off-by: PatStLouis <patrick.st-louis@opsecid.ca>
---
 tests/90-algorithms-rdfc.js | 187 ++++++++++++++++++++++++++++++++++++
 tests/helpers.js            |  17 ++++
 2 files changed, 204 insertions(+)

diff --git a/tests/90-algorithms-rdfc.js b/tests/90-algorithms-rdfc.js
index aea1789..a0d57bd 100644
--- a/tests/90-algorithms-rdfc.js
+++ b/tests/90-algorithms-rdfc.js
@@ -5,8 +5,17 @@
 import {
   generateCredential,
   isValidDatetime,
+<<<<<<< HEAD
   proofExists,
   secureCredential,
+=======
+<<<<<<< HEAD
+  isValidUtf8,
+=======
+  proofExists,
+  secureCredential,
+>>>>>>> 265e798 (improve proof handling when asserting a secured credential)
+>>>>>>> ec4cd6a (improve proof handling when asserting a secured credential)
   setupReportableTestSuite,
   setupRow
 } from './helpers.js';
@@ -33,10 +42,32 @@ describe('Algorithms - Transformation (ecdsa-rdfc-2019)', function() {
   for(const [columnId, {endpoints}] of issuers) {
     describe(columnId, function() {
       const [issuer] = endpoints;
+<<<<<<< HEAD
       let securedCredential;
       before(async function() {
         securedCredential = await secureCredential(
           {issuer, vc: generateCredential()});
+=======
+<<<<<<< HEAD
+      let issuedVc;
+      let proofs;
+      let rdfc2019Proofs = [];
+      before(async function() {
+        issuedVc = await createInitialVc({issuer, vc: validCredential});
+        proofs = getProofs(issuedVc);
+        if(proofs?.length) {
+          rdfc2019Proofs = proofs.filter(
+            proof => proof?.cryptosuite === cryptosuite);
+        }
+=======
+      let securedCredential;
+      let proofs;
+      before(async function() {
+        securedCredential = await secureCredential(
+          {issuer, vc: generateCredential()});
+        proofs = getProofs(securedCredential);
+>>>>>>> 265e798 (improve proof handling when asserting a secured credential)
+>>>>>>> ec4cd6a (improve proof handling when asserting a secured credential)
       });
       beforeEach(setupRow);
       it('The transformation options MUST contain a type identifier ' +
@@ -44,16 +75,34 @@ describe('Algorithms - Transformation (ecdsa-rdfc-2019)', function() {
           '(cryptosuite).',
       async function() {
         this.test.link = 'https://www.w3.org/TR/vc-di-ecdsa/#transformation-ecdsa-rdfc-2019';
+<<<<<<< HEAD
         const proof = proofExists(securedCredential);
+=======
+<<<<<<< HEAD
+        assertBefore();
+        for(const proof of rdfc2019Proofs) {
+          should.exist(proof.type, 'Expected a type identifier on ' +
+                                  'the proof.');
+          should.exist(proof.cryptosuite,
+            'Expected a cryptosuite identifier on the proof.');
+        }
+=======
+        const proof = proofExists(proofs);
+>>>>>>> ec4cd6a (improve proof handling when asserting a secured credential)
         should.exist(proof.type,
           'Expected a type identifier on the proof.');
         should.exist(proof.cryptosuite,
           'Expected a cryptosuite identifier on the proof.');
+<<<<<<< HEAD
+=======
+>>>>>>> 265e798 (improve proof handling when asserting a secured credential)
+>>>>>>> ec4cd6a (improve proof handling when asserting a secured credential)
       });
       it('Whenever this algorithm encodes strings, ' +
           'it MUST use UTF-8 encoding.',
       async function() {
         this.test.link = 'https://www.w3.org/TR/vc-di-ecdsa/#transformation-ecdsa-rdfc-2019';
+<<<<<<< HEAD
         const proof = proofExists(securedCredential);
         assertAllUtf8(proof);
       });
@@ -124,11 +173,113 @@ describe('Algorithms - Proof Configuration (ecdsa-rdfc-2019)', function() {
         const proof = proofExists(securedCredential);
         if(proof?.created) {
           isValidDatetime(proof.created).should.equal(
+=======
+<<<<<<< HEAD
+        assertBefore();
+        for(const proof of rdfc2019Proofs) {
+          should.exist(proof?.proofValue,
+            'Expected proofValue to exist.');
+          isValidUtf8(proof.proofValue).should.equal(
+>>>>>>> ec4cd6a (improve proof handling when asserting a secured credential)
+            true,
+            'Expected created value to be a valid datetime string.'
+          );
+        }
+=======
+        const proof = proofExists(proofs);
+        assertAllUtf8(proof);
+>>>>>>> 265e798 (improve proof handling when asserting a secured credential)
+      });
+<<<<<<< HEAD
+=======
+      it('If options.type is not set to the string DataIntegrityProof or ' +
+              'options.cryptosuite is not set to the string ecdsa-rdfc-2019, ' +
+              'an error MUST be raised and SHOULD convey an error type ' +
+              'of PROOF_TRANSFORMATION_ERROR.',
+      async function() {
+        this.test.link = 'https://www.w3.org/TR/vc-di-ecdsa/#transformation-ecdsa-rdfc-2019';
+<<<<<<< HEAD
+        assertBefore();
+        for(const proof of rdfc2019Proofs) {
+          should.exist(proof.type,
+            'Expected a type identifier on the proof.');
+          should.exist(proof.cryptosuite,
+            'Expected a cryptosuite identifier on the proof.');
+          proof.type.should.equal('DataIntegrityProof',
+            'Expected DataIntegrityProof type.');
+          proof.cryptosuite.should.equal('ecdsa-rdfc-2019',
+            'Expected ecdsa-rdfc-2019 cryptosuite.');
+=======
+        const proof = proofExists(proofs);
+        should.exist(proof.type,
+          'Expected a type identifier on the proof.');
+        should.exist(proof.cryptosuite,
+          'Expected a cryptosuite identifier on the proof.');
+        proof.type.should.equal('DataIntegrityProof',
+          'Expected DataIntegrityProof type.');
+        proof.cryptosuite.should.equal('ecdsa-rdfc-2019',
+          'Expected ecdsa-rdfc-2019 cryptosuite.');
+      });
+    });
+  }
+});
+
+describe('Algorithms - Proof Configuration (ecdsa-rdfc-2019)', function() {
+  setupReportableTestSuite(this);
+  this.implemented = [...issuers.keys()];
+  for(const [columnId, {endpoints}] of issuers) {
+    describe(columnId, function() {
+      const [issuer] = endpoints;
+      let securedCredential;
+      let proofs;
+      before(async function() {
+        securedCredential = await secureCredential(
+          {issuer, vc: generateCredential()});
+        proofs = getProofs(securedCredential);
+      });
+      beforeEach(setupRow);
+      it('The proof options MUST contain a type identifier for the ' +
+        'cryptographic suite (type) and MUST contain a cryptosuite ' +
+        'identifier (cryptosuite).',
+      async function() {
+        this.test.link = 'https://www.w3.org/TR/vc-di-ecdsa/#proof-configuration-ecdsa-rdfc-2019';
+        const proof = proofExists(proofs);
+        should.exist(proof.type,
+          'Expected a type identifier on the proof.');
+        should.exist(proof.cryptosuite,
+          'Expected a cryptosuite identifier on the proof.');
+      });
+      it('If proofConfig.type is not set to DataIntegrityProof ' +
+        'and/or proofConfig.cryptosuite is not set to ecdsa-rdfc-2019, ' +
+        'an error MUST be raised and SHOULD convey an error type ' +
+        'of PROOF_GENERATION_ERROR.',
+      async function() {
+        this.test.link = 'https://www.w3.org/TR/vc-di-ecdsa/#proof-configuration-ecdsa-rdfc-2019';
+        const proof = proofExists(proofs);
+        should.exist(proof.type,
+          'Expected a type identifier on the proof.');
+        should.exist(proof.cryptosuite,
+          'Expected a cryptosuite identifier on the proof.');
+        proof.type.should.equal('DataIntegrityProof',
+          'Expected DataIntegrityProof type.');
+        proof.cryptosuite.should.equal('ecdsa-rdfc-2019',
+          'Expected ecdsa-rdfc-2019 cryptosuite.');
+      });
+      it('If proofConfig.created is set and if the value is not a ' +
+        'valid [XMLSCHEMA11-2] datetime, an error MUST be raised and ' +
+        'SHOULD convey an error type of PROOF_GENERATION_ERROR.',
+      async function() {
+        this.test.link = 'https://www.w3.org/TR/vc-di-ecdsa/#proof-configuration-ecdsa-rdfc-2019';
+        const proof = proofExists(proofs);
+        if(proof?.created) {
+          isValidDatetime(proof.created).should.equal(
             true,
             'Expected created value to be a valid datetime string.'
           );
+>>>>>>> 265e798 (improve proof handling when asserting a secured credential)
         }
       });
+>>>>>>> ec4cd6a (improve proof handling when asserting a secured credential)
     });
   }
 });
@@ -139,10 +290,32 @@ describe('Algorithms - Proof Serialization (ecdsa-rdfc-2019)', function() {
   for(const [columnId, {endpoints}] of issuers) {
     describe(columnId, function() {
       const [issuer] = endpoints;
+<<<<<<< HEAD
+      let securedCredential;
+      before(async function() {
+        securedCredential = await secureCredential(
+          {issuer, vc: generateCredential()});
+=======
+<<<<<<< HEAD
+      let issuedVc;
+      let proofs;
+      let rdfc2019Proofs = [];
+      before(async function() {
+        issuedVc = await createInitialVc({issuer, vc: validCredential});
+        proofs = getProofs(issuedVc);
+        if(proofs?.length) {
+          rdfc2019Proofs = proofs.filter(
+            proof => proof?.cryptosuite === cryptosuite);
+        }
+=======
       let securedCredential;
+      let proofs;
       before(async function() {
         securedCredential = await secureCredential(
           {issuer, vc: generateCredential()});
+        proofs = getProofs(securedCredential);
+>>>>>>> 265e798 (improve proof handling when asserting a secured credential)
+>>>>>>> ec4cd6a (improve proof handling when asserting a secured credential)
       });
       beforeEach(setupRow);
       it('The proof options MUST contain a type identifier for the ' +
@@ -150,9 +323,23 @@ describe('Algorithms - Proof Serialization (ecdsa-rdfc-2019)', function() {
         '(cryptosuite).',
       async function() {
         this.test.link = 'https://www.w3.org/TR/vc-di-ecdsa/#proof-serialization-ecdsa-rdfc-2019';
+<<<<<<< HEAD
         const proof = proofExists(securedCredential);
         should.exist(proof.type,
           'Expected a type identifier on the proof.');
+=======
+<<<<<<< HEAD
+        assertBefore();
+        for(const proof of rdfc2019Proofs) {
+          should.exist(proof.type,
+            'Expected a type identifier on the proof.');
+        }
+=======
+        const proof = proofExists(proofs);
+        should.exist(proof.type,
+          'Expected a type identifier on the proof.');
+>>>>>>> 265e798 (improve proof handling when asserting a secured credential)
+>>>>>>> ec4cd6a (improve proof handling when asserting a secured credential)
       });
     });
   }
diff --git a/tests/helpers.js b/tests/helpers.js
index 2fe728a..c57dfaa 100644
--- a/tests/helpers.js
+++ b/tests/helpers.js
@@ -287,10 +287,16 @@ export function setupRow() {
   };
 }
 
+<<<<<<< HEAD
 export function proofExists(securedCredential) {
   should.exist(securedCredential,
     'Expected issuer to have issued a credential.');
   const proofs = getProofs(securedCredential);
+=======
+<<<<<<< HEAD
+=======
+export function proofExists(proofs) {
+>>>>>>> ec4cd6a (improve proof handling when asserting a secured credential)
   should.exist(proofs,
     'Expected credential to have a proof.');
   proofs.length.should.be.gte(1,
@@ -298,6 +304,17 @@ export function proofExists(securedCredential) {
   return proofs[0];
 }
 
+<<<<<<< HEAD
+=======
+export function assertSecuredCredential(securedCredential) {
+  should.exist(securedCredential,
+    'Expected issuer to have issued a credential.');
+  const proofs = getProofs(securedCredential);
+  proofExists(proofs);
+}
+
+>>>>>>> 265e798 (improve proof handling when asserting a secured credential)
+>>>>>>> ec4cd6a (improve proof handling when asserting a secured credential)
 export async function verifySuccess(verifier, securedCredential) {
   const body = {
     verifiableCredential: securedCredential