Compact input to security context for consistency.

- When `compactProof` is `true`, also compact input document to ensure consistency when passed to proof purposes, etc.
digitalbazaar · Jan 1, 2019 · 7ca93f8 · 7ca93f8
1 parent 6265588
commit 7ca93f8
Show file tree

Hide file tree

Showing 4 changed files with 35 additions and 67 deletions.
diff --git a/lib/ProofSet.js b/lib/ProofSet.js
@@ -86,26 +86,23 @@ module.exports = class ProofSet {
 
     // preprocess document to prepare to remove existing proofs
     let input;
-    let existingProofs;
-    const proofProperty = suite.legacy ? 'signature' : 'proof';
     if(compactProof) {
-      // cannot assume security context terms, so do full expansion
-      ([input = {}] = await jsonld.expand(
-        document, {documentLoader, expansionMap}));
-      // excluding any existing proof(s)
-      if(suite.legacy) {
-        delete input[constants.SECURITY_SIGNATURE_URL];
-      } else {
-        delete input[constants.SECURITY_PROOF_URL];
-      }
+      // cannot assume security context terms, so do full compaction
+      input = await jsonld.compact(
+        document, constants.SECURITY_CONTEXT_URL,
+        {documentLoader, expansionMap, compactToRelative: false});
     } else {
-      // modify document in place to maximize optimization
-      input = document;
-      // save but exclude any existing proof(s)
-      existingProofs = input[proofProperty];
-      delete document[proofProperty];
+      // TODO: optimize to modify document in place to maximize optimization
+
+      // shallow copy document to allow removal of existing proofs
+      input = {...document};
     }
 
+    // save but exclude any existing proof(s)
+    const proofProperty = suite.legacy ? 'signature' : 'proof';
+    //const existingProofs = input[proofProperty];
+    delete input[proofProperty];
+
     // create the new proof (suites MUST output a proof using the security-v2
     // `@context`)
     const proof = await suite.createProof({
@@ -135,9 +132,9 @@ module.exports = class ProofSet {
       jsonld.addValue(document, key, compactProof[key]);
     } else {
       // in-place restore any existing proofs
-      if(existingProofs) {
+      /*if(existingProofs) {
         document[proofProperty] = existingProofs;
-      }
+      }*/
       // add new proof
       delete proof['@context'];
       jsonld.addValue(document, proofProperty, proof);
@@ -277,57 +274,31 @@ module.exports = class ProofSet {
 async function _getProofs({
   document, legacy, documentLoader, expansionMap, compactProof}) {
   // handle document preprocessing to find proofs
-  let proofProperty;
-  let proofPropertyUrl;
-  if(legacy) {
-    proofProperty = 'signature';
-    proofPropertyUrl = constants.SECURITY_SIGNATURE_URL;
-  } else {
-    proofProperty = 'proof';
-    proofPropertyUrl = constants.SECURITY_PROOF_URL;
-  }
+  const proofProperty = legacy ? 'signature' : 'proof';
   let proofSet;
   if(compactProof) {
-    // if we must compact the proof(s) then we must first expand the input
+    // if we must compact the proof(s) then we must first compact the input
     // document to find the proof(s)
-    ([document = {}] = await jsonld.expand(
-      document, {documentLoader, expansionMap}));
-    proofSet = jsonld.getValues(document, proofPropertyUrl);
-    delete document[proofPropertyUrl];
-  } else {
-    // since proofs needn't be compacted, assume matching term definitions
-    proofSet = jsonld.getValues(document, proofProperty);
-    delete document[proofProperty];
+    document = await jsonld.compact(
+      document, constants.SECURITY_CONTEXT_URL,
+      {documentLoader, expansionMap, compactToRelative: false});
   }
+  proofSet = jsonld.getValues(document, proofProperty);
+  delete document[proofProperty];
 
   if(proofSet.length === 0) {
     // no possible matches
     throw new Error('No matching proofs found in the given document.');
   }
 
-  if(compactProof) {
-    // compact proofs to SECURITY_CONTEXT_URL context
-    const expanded = {
-      [proofPropertyUrl]: proofSet
-    };
-    const ctx = jsonld.getValues(document, '@context');
-    expanded['@context'] = ctx;
-    const compact = await jsonld.compact(
-      expanded, constants.SECURITY_CONTEXT_URL,
-      {documentLoader, expansionMap, compactToRelative: false});
-    proofSet = jsonld.getValues(compact, proofProperty).map(proof => {
-      proof['@context'] = constants.SECURITY_CONTEXT_URL;
-      return proof;
-    });
-  } else {
-    // TODO: consider in-place editing to optimize
+  // TODO: consider in-place editing to optimize
+
+  // shallow copy proofs and add SECURITY_CONTEXT_URL
+  proofSet = proofSet.map(proof => ({
+    '@context': constants.SECURITY_CONTEXT_URL,
+    ...proof
+  }));
 
-    // merely shallow copy proofs and add SECURITY_CONTEXT_URL
-    proofSet = proofSet.map(proof => ({
-      '@context': constants.SECURITY_CONTEXT_URL,
-      ...proof
-    }));
-  }
   return {proofSet, document};
 }
 

diff --git a/lib/suites/GraphSignature2012.js b/lib/suites/GraphSignature2012.js
@@ -37,11 +37,10 @@ module.exports = class GraphSignature2012 extends LinkedDataSignature2015 {
    * @returns {Promise<{Uint8Array}>}.
    */
   async createVerifyData({
-    document, proof, documentLoader, expansionMap, compactProof}) {
+    document, proof, documentLoader, expansionMap}) {
     const c14n = await this.canonize(document, {
       documentLoader,
-      expansionMap,
-      skipExpansion: compactProof
+      expansionMap
     });
 
     let verifyData = '';

diff --git a/lib/suites/LinkedDataSignature.js b/lib/suites/LinkedDataSignature.js
@@ -201,14 +201,13 @@ module.exports = class LinkedDataSignature extends LinkedDataProof {
    * @returns {Promise<{Uint8Array}>}.
    */
   async createVerifyData({
-    document, proof, documentLoader, expansionMap, compactProof}) {
+    document, proof, documentLoader, expansionMap}) {
     // concatenate hash of c14n proof options and hash of c14n document
     const c14nProofOptions = await this.canonizeProof(
       proof, {documentLoader, expansionMap});
     const c14nDocument = await this.canonize(document, {
       documentLoader,
-      expansionMap,
-      skipExpansion: compactProof
+      expansionMap
     });
     return util.concat(
       util.sha256(c14nProofOptions),

diff --git a/lib/suites/LinkedDataSignature2015.js b/lib/suites/LinkedDataSignature2015.js
@@ -88,11 +88,10 @@ module.exports = class LinkedDataSignature2015 extends LinkedDataSignature {
    * @returns {Promise<{Uint8Array}>}.
    */
   async createVerifyData({
-    document, proof, documentLoader, expansionMap, compactProof}) {
+    document, proof, documentLoader, expansionMap}) {
     const c14n = await this.canonize(document, {
       documentLoader,
-      expansionMap,
-      skipExpansion: compactProof
+      expansionMap
     });
 
     let verifyData = '';