chore: create didcomm v1 and v2 keys in mediator service (#3247)

Signed-off-by: Firas Qutishat <firas.qutishat@securekey.com>

pkg/didcomm/packer/legacy/authcrypt/authcrypt_test.go

@@ -169,8 +169,7 @@ func TestEncrypt(t *testing.T) {
 		badKey := "6ZAQ7QpmR9EqhJdwx1jQsjq6nnpehwVqUbhVxiEiYEV7"
 
 		_, err := packer.Pack("", []byte("Test Message"), senderKey, [][]byte{base58.Decode(badKey)})
-		require.EqualError(t, err, "pack: failed to build recipients: buildRecipients: failed to build "+
-			"recipient: buildRecipient: failed to convert public Ed25519 to Curve25519: error converting public key")
+		require.EqualError(t, err, "pack: failed to build recipients: recipients keys are empty")
 	})
 
 	recipientKey := createKey(t, testingKMS)
@@ -181,8 +180,7 @@ func TestEncrypt(t *testing.T) {
 
 		_, err := packer.Pack("", []byte("Test Message"), []byte{1, 2, 3}, [][]byte{recipientKey})
 		require.Error(t, err)
-		require.Contains(t, err.Error(), "getKeySet: failed to read json keyset from reader: cannot read data"+
-			" for keysetID")
+		require.Contains(t, err.Error(), "recipients keys are empty")
 	})
 
 	t.Run("Success test case: given keys, generate envelope", func(t *testing.T) {
@@ -306,8 +304,7 @@ func TestEncryptComponents(t *testing.T) {
 			"", []byte(
 				"Lorem Ipsum Dolor Sit Amet Consectetur Adispici Elit"),
 			base58.Decode(senderPub), [][]byte{base58.Decode(rec1Pub)})
-		require.EqualError(t, err, "pack: failed to build recipients: buildRecipients: failed to build "+
-			"recipient: buildRecipient: failed to generate random nonce: mock Reader has failed intentionally")
+		require.EqualError(t, err, "pack: failed to build recipients: recipients keys are empty")
 	})
 
 	t.Run("Failure: recipient sodiumBoxSeal nonce generation fails", func(t *testing.T) {
@@ -318,8 +315,7 @@ func TestEncryptComponents(t *testing.T) {
 			"",
 			[]byte("Lorem Ipsum Dolor Sit Amet Consectetur Adispici Elit"),
 			base58.Decode(senderPub), [][]byte{base58.Decode(rec1Pub)})
-		require.EqualError(t, err, "pack: failed to build recipients: buildRecipients: failed to build"+
-			" recipient: buildRecipient: failed to encrypt sender key: mock Reader has failed intentionally")
+		require.EqualError(t, err, "pack: failed to build recipients: recipients keys are empty")
 	})
 
 	t.Run("Success: 4 reads necessary for pack", func(t *testing.T) {

pkg/didcomm/packer/legacy/authcrypt/pack.go

@@ -16,12 +16,15 @@ import (
 	chacha "golang.org/x/crypto/chacha20poly1305"
 	"golang.org/x/crypto/poly1305"
 
+	"github.com/hyperledger/aries-framework-go/pkg/common/log"
 	"github.com/hyperledger/aries-framework-go/pkg/internal/cryptoutil"
 	"github.com/hyperledger/aries-framework-go/pkg/kms"
 	"github.com/hyperledger/aries-framework-go/pkg/kms/localkms"
 	"github.com/hyperledger/aries-framework-go/pkg/kms/webkms"
 )
 
+var logger = log.New("aries-framework/pkg/didcomm/packer/legacy")
+
 // Pack will encode the payload argument
 // Using the protocol defined by Aries RFC 0019.
 func (p *Packer) Pack(_ string, payload, sender []byte, recipientPubKeys [][]byte) ([]byte, error) {
@@ -101,15 +104,21 @@ func (p *Packer) buildEnvelope(nonce, payload, cek []byte, header *protected) ([
 }
 
 func (p *Packer) buildRecipients(cek *[chacha.KeySize]byte, senderKey []byte, recPubKeys [][]byte) ([]recipient, error) { // nolint: lll
-	encodedRecipients := make([]recipient, len(recPubKeys))
+	encodedRecipients := make([]recipient, 0)
 
-	for i, recKey := range recPubKeys {
+	for _, recKey := range recPubKeys {
 		rec, err := p.buildRecipient(cek, senderKey, recKey)
 		if err != nil {
-			return nil, fmt.Errorf("buildRecipients: failed to build recipient: %w", err)
+			logger.Warnf("buildRecipients: failed to build recipient: %w", err)
+
+			continue
 		}
 
-		encodedRecipients[i] = *rec
+		encodedRecipients = append(encodedRecipients, *rec)
+	}
+
+	if len(encodedRecipients) == 0 {
+		return nil, fmt.Errorf("recipients keys are empty")
 	}
 
 	return encodedRecipients, nil

pkg/didcomm/protocol/mediator/service.go

@@ -22,7 +22,6 @@ import (
 	"github.com/hyperledger/aries-framework-go/pkg/didcomm/dispatcher"
 	"github.com/hyperledger/aries-framework-go/pkg/didcomm/protocol/decorator"
 	"github.com/hyperledger/aries-framework-go/pkg/didcomm/protocol/messagepickup"
-	"github.com/hyperledger/aries-framework-go/pkg/didcomm/transport"
 	"github.com/hyperledger/aries-framework-go/pkg/doc/util/kmsdidkey"
 	"github.com/hyperledger/aries-framework-go/pkg/framework/aries/api/vdr"
 	"github.com/hyperledger/aries-framework-go/pkg/internal/logutil"
@@ -392,29 +391,31 @@ func (s *Service) handleInboundRequest(c *callback) error {
 		c.msg.ID(),
 		c.options,
 		s.endpoint,
-		func() (string, error) {
-			for _, mtp := range s.mediaTypeProfiles {
-				switch mtp {
-				case transport.MediaTypeDIDCommV2Profile, transport.MediaTypeAIP2RFC0587Profile:
-					_, pubKeyBytes, e := s.kms.CreateAndExportPubKeyBytes(s.keyAgreementType)
-					if e != nil {
-						return "", fmt.Errorf("outboundGrant from handleInboundRequest: kms failed to create "+
-							"and export %v key: %w", s.keyAgreementType, e)
-					}
-
-					return kmsdidkey.BuildDIDKeyByKeyType(pubKeyBytes, s.keyAgreementType)
+		func() ([]string, error) {
+			if len(s.mediaTypeProfiles) > 0 {
+				_, pubKeyBytes, e := s.kms.CreateAndExportPubKeyBytes(s.keyAgreementType)
+				if e != nil {
+					return nil, fmt.Errorf("outboundGrant from handleInboundRequest: kms failed to create "+
+						"and export %v key: %w", s.keyAgreementType, e)
 				}
-			}
 
-			_, pubKeyBytes, er := s.kms.CreateAndExportPubKeyBytes(kms.ED25519Type)
-			if er != nil {
-				return "", fmt.Errorf("outboundGrant from handleInboundRequest: kms failed to create and "+
-					"export ED25519 key: %w", er)
-			}
+				didCommV2Key, errBuild := kmsdidkey.BuildDIDKeyByKeyType(pubKeyBytes, s.keyAgreementType)
+				if errBuild != nil {
+					return nil, errBuild
+				}
 
-			didKey, _ := fingerprint.CreateDIDKey(pubKeyBytes)
+				_, pubKeyBytes, er := s.kms.CreateAndExportPubKeyBytes(kms.ED25519Type)
+				if er != nil {
+					return nil, fmt.Errorf("outboundGrant from handleInboundRequest: kms failed to create and "+
+						"export ED25519 key: %w", er)
+				}
+
+				didKey, _ := fingerprint.CreateDIDKey(pubKeyBytes)
+
+				return []string{didKey, didCommV2Key}, nil
+			}
 
-			return didKey, er
+			return nil, nil
 		},
 	)
 	if err != nil {
@@ -426,7 +427,7 @@ func (s *Service) handleInboundRequest(c *callback) error {
 
 func outboundGrant(
 	msgID string, opts *Options,
-	defaultEndpoint string, defaultKey func() (string, error)) (*Grant, error) {
+	defaultEndpoint string, defaultKey func() ([]string, error)) (*Grant, error) {
 	grant := &Grant{
 		ID:          msgID,
 		Type:        GrantMsgType,
@@ -444,7 +445,7 @@ func outboundGrant(
 			return nil, fmt.Errorf("outboundGrant: failed to create keys : %w", err)
 		}
 
-		grant.RoutingKeys = []string{keys}
+		grant.RoutingKeys = keys
 	}
 
 	logger.Debugf("outbound grant: %+v", grant)

pkg/didcomm/protocol/mediator/service_test.go

@@ -338,6 +338,7 @@ func TestServiceRequestMsg(t *testing.T) {
 				CrAndExportPubKeyErr: expected,
 			},
 			OutboundDispatcherValue: &mockdispatcher.MockOutbound{},
+			MediaTypeProfilesValue:  []string{"value"},
 		})
 		require.NoError(t, err)