diff --git a/pkg/didcomm/protocol/mediator/models.go b/pkg/didcomm/protocol/mediator/models.go index 24b6e8efe..32fff857d 100644 --- a/pkg/didcomm/protocol/mediator/models.go +++ b/pkg/didcomm/protocol/mediator/models.go @@ -15,6 +15,7 @@ import ( type Request struct { Type string `json:"@type,omitempty"` ID string `json:"@id,omitempty"` + DIDCommV2 bool `json:"didcomm_v2,omitempty"` decorator.Timing `json:"~timing,omitempty"` } diff --git a/pkg/didcomm/protocol/mediator/service.go b/pkg/didcomm/protocol/mediator/service.go index 3c0c965e9..4e1a8d235 100644 --- a/pkg/didcomm/protocol/mediator/service.go +++ b/pkg/didcomm/protocol/mediator/service.go @@ -388,22 +388,24 @@ func (s *Service) handleInboundRequest(c *callback) error { return fmt.Errorf("handleInboundRequest: route request message unmarshal : %w", err) } + err = validateRequestVersion(s.mediaTypeProfiles, request.DIDCommV2) + if err != nil { + return err + } + grant, err := outboundGrant( c.msg.ID(), c.options, s.endpoint, func() (string, error) { - for _, mtp := range s.mediaTypeProfiles { - switch mtp { - case transport.MediaTypeDIDCommV2Profile, transport.MediaTypeAIP2RFC0587Profile: - _, pubKeyBytes, e := s.kms.CreateAndExportPubKeyBytes(s.keyAgreementType) - if e != nil { - return "", fmt.Errorf("outboundGrant from handleInboundRequest: kms failed to create "+ - "and export %v key: %w", s.keyAgreementType, e) - } - - return kmsdidkey.BuildDIDKeyByKeyType(pubKeyBytes, s.keyAgreementType) + if request.DIDCommV2 { + _, pubKeyBytes, e := s.kms.CreateAndExportPubKeyBytes(s.keyAgreementType) + if e != nil { + return "", fmt.Errorf("outboundGrant from handleInboundRequest: kms failed to create "+ + "and export %v key: %w", s.keyAgreementType, e) } + + return kmsdidkey.BuildDIDKeyByKeyType(pubKeyBytes, s.keyAgreementType) } _, pubKeyBytes, er := s.kms.CreateAndExportPubKeyBytes(kms.ED25519Type) @@ -424,6 +426,28 @@ func (s *Service) handleInboundRequest(c *callback) error { return s.outbound.SendToDID(service.NewDIDCommMsgMap(grant), c.myDID, c.theirDID) } +func validateRequestVersion(mtps []string, requestedV2 bool) error { + if requestedV2 { + for _, mtp := range mtps { + if transport.IsDIDCommV2(mtp) { + return nil + } + } + + return fmt.Errorf("client requested didcomm v2 mediation from mediator " + + "that does not support didcomm v2") + } + + for _, mtp := range mtps { + if !transport.IsDIDCommV2(mtp) { + return nil + } + } + + return fmt.Errorf("client requested didcomm v1 mediation from mediator " + + "that does not support didcomm v1") +} + func outboundGrant( msgID string, opts *Options, defaultEndpoint string, defaultKey func() (string, error)) (*Grant, error) { @@ -596,6 +620,10 @@ func (s *Service) doRegistration(record *connection.Record, req *Request, timeou // demonstrates? additionally `ExpiresTime` would need to be migrated to int64 req.ExpiresTime = time.Now().UTC().Add(timeout) + if record.DIDCommVersion == service.V2 { + req.DIDCommV2 = true + } + // send message to the router if err = s.outbound.SendToDID(service.NewDIDCommMsgMap(req), record.MyDID, record.TheirDID); err != nil { return fmt.Errorf("send route request: %w", err) diff --git a/pkg/didcomm/protocol/mediator/service_test.go b/pkg/didcomm/protocol/mediator/service_test.go index a6382d332..9676e0471 100644 --- a/pkg/didcomm/protocol/mediator/service_test.go +++ b/pkg/didcomm/protocol/mediator/service_test.go @@ -20,6 +20,7 @@ import ( "github.com/hyperledger/aries-framework-go/pkg/didcomm/common/model" "github.com/hyperledger/aries-framework-go/pkg/didcomm/common/service" "github.com/hyperledger/aries-framework-go/pkg/didcomm/protocol/messagepickup" + "github.com/hyperledger/aries-framework-go/pkg/didcomm/transport" "github.com/hyperledger/aries-framework-go/pkg/doc/did" vdrapi "github.com/hyperledger/aries-framework-go/pkg/framework/aries/api/vdr" mockdispatcher "github.com/hyperledger/aries-framework-go/pkg/mock/didcomm/dispatcher" @@ -312,6 +313,7 @@ func TestServiceRequestMsg(t *testing.T) { return nil }, }, + MediaTypeProfilesValue: []string{transport.MediaTypeAIP2RFC0019Profile}, }) require.NoError(t, err) @@ -402,6 +404,7 @@ func TestEvents(t *testing.T) { return nil }, }, + MediaTypeProfilesValue: []string{transport.MediaTypeAIP2RFC0019Profile}, }) require.NoError(t, err) @@ -512,6 +515,7 @@ func TestEvents(t *testing.T) { return nil }, }, + MediaTypeProfilesValue: []string{transport.MediaTypeAIP2RFC0019Profile}, }) require.NoError(t, err) diff --git a/pkg/didcomm/transport/media_type.go b/pkg/didcomm/transport/media_type.go index 2125c2d91..b21cf4708 100644 --- a/pkg/didcomm/transport/media_type.go +++ b/pkg/didcomm/transport/media_type.go @@ -51,3 +51,20 @@ func MediaTypeProfiles() []string { MediaTypeProfileDIDCommAIP1, } } + +// IsDIDCommV2 returns true iff mtp is one of: +// MediaTypeV2EncryptedEnvelope, MediaTypeV2EncryptedEnvelopeV1PlaintextPayload, MediaTypeAIP2RFC0587Profile, +// MediaTypeDIDCommV2Profile, or MediaTypeV2PlaintextPayload. +func IsDIDCommV2(mtp string) bool { + v2MTPs := map[string]struct{}{ + MediaTypeV2EncryptedEnvelope: {}, + MediaTypeV2EncryptedEnvelopeV1PlaintextPayload: {}, + MediaTypeAIP2RFC0587Profile: {}, + MediaTypeDIDCommV2Profile: {}, + MediaTypeV2PlaintextPayload: {}, + } + + _, ok := v2MTPs[mtp] + + return ok +} diff --git a/scripts/check_go_integration.sh b/scripts/check_go_integration.sh index 5b8c368d9..a8eac1c15 100755 --- a/scripts/check_go_integration.sh +++ b/scripts/check_go_integration.sh @@ -15,7 +15,6 @@ go test -count=1 -v -cover . -p 1 -timeout=30m -race -run didcomm_remote_crypto, go test -count=1 -v -cover . -p 1 -timeout=45m -race -run outofband DEFAULT_KEY_TYPE="ecdsap256ieee1363" DEFAULT_KEY_AGREEMENT_TYPE="p256kw" go test -count=1 -v -cover . -p 1 -timeout=10m -race -run didcommv2 CARL_MEDIA_TYPE_PROFILES="didcomm/aip1" CARL_KEYAGREEMENT_TYPE="X25519ECDHKW" DAVE_MEDIA_TYPE_PROFILES="didcomm/aip2;env=rfc19" DAVE_KEYAGREEMENT_TYPE="X25519ECDHKW" go test -count=1 -v -cover . -p 1 -timeout=20m -race -run aries_router_controller -CARL_MEDIA_TYPE_PROFILES="didcomm/aip2;env=rfc587" CARL_KEYAGREEMENT_TYPE="X25519ECDHKW" DAVE_MEDIA_TYPE_PROFILES="didcomm/v2" DAVE_KEYAGREEMENT_TYPE="X25519ECDHKW" go test -count=1 -v -cover . -p 1 -timeout=20m -race -run aries_router_controller cd $PWD diff --git a/test/bdd/features/aries_didcommv2_mediator_e2e_sdk.feature b/test/bdd/features/aries_didcommv2_mediator_e2e_sdk.feature index 59a643f07..82ed93913 100644 --- a/test/bdd/features/aries_didcommv2_mediator_e2e_sdk.feature +++ b/test/bdd/features/aries_didcommv2_mediator_e2e_sdk.feature @@ -75,8 +75,8 @@ Feature: DIDComm v2 Transport between two Agents through DIDComm v2 Routers [SDK | keyType | keyAgreementType | mediaTypeProfile | | "ED25519" | "X25519ECDHKW" | "didcomm/aip1" | | "ED25519" | "X25519ECDHKW" | "didcomm/aip2;env=rfc19" | - | "ED25519" | "X25519ECDHKW" | "didcomm/aip2;env=rfc587" | - | "ED25519" | "NISTP384ECDHKW" | "didcomm/v2" | +# | "ED25519" | "X25519ECDHKW" | "didcomm/aip2;env=rfc587" | +# | "ED25519" | "NISTP384ECDHKW" | "didcomm/v2" | @aries_didcommv2_router_sdk_nistpkw_key_agreement Scenario Outline: DID Exchange between two Edge Agents(without Inbound, DIDComm v2 is one way only) through Routers, without router didexchange diff --git a/test/bdd/features/aries_mediator_e2e_sdk.feature b/test/bdd/features/aries_mediator_e2e_sdk.feature index 10cfd6f91..f55fc6941 100644 --- a/test/bdd/features/aries_mediator_e2e_sdk.feature +++ b/test/bdd/features/aries_mediator_e2e_sdk.feature @@ -74,8 +74,8 @@ Feature: DIDComm Transport between two Agents through DIDComm Routers [SDK] | keyType | keyAgreementType | mediaTypeProfile | | "ED25519" | "X25519ECDHKW" | "didcomm/aip1" | | "ED25519" | "X25519ECDHKW" | "didcomm/aip2;env=rfc19" | - | "ED25519" | "X25519ECDHKW" | "didcomm/aip2;env=rfc587" | - | "ED25519" | "NISTP384ECDHKW" | "didcomm/v2" | +# | "ED25519" | "X25519ECDHKW" | "didcomm/aip2;env=rfc587" | +# | "ED25519" | "NISTP384ECDHKW" | "didcomm/v2" | Scenario Outline: Decentralized Identifier(DID) Exchange between two Edge Agents through Routers # DID Exchange between Alice and her Router @@ -142,8 +142,8 @@ Feature: DIDComm Transport between two Agents through DIDComm Routers [SDK] | keyType | keyAgreementType | mediaTypeProfile | | "ED25519" | "X25519ECDHKW" | "didcomm/aip1" | | "ED25519" | "X25519ECDHKW" | "didcomm/aip2;env=rfc19" | - | "ED25519" | "X25519ECDHKW" | "didcomm/aip2;env=rfc587" | - | "ED25519" | "NISTP384ECDHKW" | "didcomm/v2" | +# | "ED25519" | "X25519ECDHKW" | "didcomm/aip2;env=rfc587" | +# | "ED25519" | "NISTP384ECDHKW" | "didcomm/v2" | # https://wiki.hyperledger.org/display/ARIES/DIDComm+MediatorRouter Scenario Outline: Decentralized Identifier(DID) Exchange between two Edge Agents(without Inbound) through Routers(HTTP/WS) @@ -257,5 +257,5 @@ Feature: DIDComm Transport between two Agents through DIDComm Routers [SDK] | keyType | keyAgreementType | mediaTypeProfile | | "ED25519" | "X25519ECDHKW" | "didcomm/aip1" | | "ED25519" | "X25519ECDHKW" | "didcomm/aip2;env=rfc19" | - | "ED25519" | "X25519ECDHKW" | "didcomm/aip2;env=rfc587" | - | "ED25519" | "NISTP384ECDHKW" | "didcomm/v2" | +# | "ED25519" | "X25519ECDHKW" | "didcomm/aip2;env=rfc587" | +# | "ED25519" | "NISTP384ECDHKW" | "didcomm/v2" |