chore: update to latest kms-go

dataintegrity/suite/ecdsa2019/ecdsa2019.go

@@ -20,7 +20,7 @@ import (
 	"github.com/piprate/json-gold/ld"
 	"github.com/trustbloc/did-go/doc/ld/processor"
 	"github.com/trustbloc/kms-go/doc/jose/jwk"
-	"github.com/trustbloc/vc-go/signature/kmscrypto"
+	"github.com/trustbloc/kms-go/wrapper"
 
 	"github.com/trustbloc/vc-go/dataintegrity/models"
 	"github.com/trustbloc/vc-go/dataintegrity/suite"
@@ -51,7 +51,7 @@ func WithStaticSigner(signer Signer) SignerGetter {
 //
 // This SignerGetter assumes that the public key JWKs provided were received
 // from the same kmscrypto.KMSCrypto implementation.
-func WithKMSCryptoWrapper(kmsCrypto kmscrypto.KMSCryptoSigner) SignerGetter {
+func WithKMSCryptoWrapper(kmsCrypto wrapper.KMSCryptoSigner) SignerGetter {
 	return func(pub *jwk.JWK) (Signer, error) {
 		return kmsCrypto.FixedKeySigner(pub)
 	}
@@ -62,7 +62,7 @@ func WithKMSCryptoWrapper(kmsCrypto kmscrypto.KMSCryptoSigner) SignerGetter {
 //
 // Deprecated: use WithKMSCryptoWrapper instead.
 func WithLocalKMSSigner(kms models.KeyManager, kmsSigner KMSSigner) SignerGetter {
-	kcs := kmscrypto.NewKMSCryptoSigner(kms, kmsSigner)
+	kcs := wrapper.NewKMSCryptoSigner(kms, kmsSigner)
 
 	return func(pub *jwk.JWK) (Signer, error) {
 		kid, err := kmsKID(pub)

dataintegrity/suite/ecdsa2019/ecdsa2019_test.go

@@ -25,7 +25,7 @@ import (
 	"github.com/trustbloc/kms-go/doc/jose/jwk/jwksupport"
 	mockcrypto "github.com/trustbloc/kms-go/mock/crypto"
 	mockkms "github.com/trustbloc/kms-go/mock/kms"
-	"github.com/trustbloc/vc-go/signature/kmscrypto"
+	"github.com/trustbloc/kms-go/wrapper"
 
 	"github.com/trustbloc/vc-go/dataintegrity/models"
 	"github.com/trustbloc/vc-go/dataintegrity/suite"
@@ -50,7 +50,7 @@ func TestNew(t *testing.T) {
 	cryp := &mockcrypto.Crypto{}
 	kms := &mockkms.KeyManager{}
 
-	kc := kmscrypto.NewKMSCryptoSigner(kms, cryp)
+	kc := wrapper.NewKMSCryptoSigner(kms, cryp)
 
 	signerGetter := WithKMSCryptoWrapper(kc)
 
@@ -141,7 +141,7 @@ func successCase(t *testing.T) *testCase {
 func testSign(t *testing.T, tc *testCase) {
 	sigInit := NewSignerInitializer(&SignerInitializerOptions{
 		LDDocumentLoader: tc.docLoader,
-		SignerGetter:     WithKMSCryptoWrapper(kmscrypto.NewKMSCryptoSigner(tc.kms, tc.crypto)),
+		SignerGetter:     WithKMSCryptoWrapper(wrapper.NewKMSCryptoSigner(tc.kms, tc.crypto)),
 	})
 
 	signer, err := sigInit.Signer()

go.mod

@@ -13,7 +13,6 @@ require (
 	github.com/btcsuite/btcd v0.22.3
 	github.com/btcsuite/btcutil v1.0.3-0.20201208143702-a53e38424cce
 	github.com/go-jose/go-jose/v3 v3.0.1-0.20221117193127-916db76e8214
-	github.com/google/tink/go v1.7.0
 	github.com/google/uuid v1.3.0
 	github.com/kawamuray/jsonpath v0.0.0-20201211160320-7483bafabd7e
 	github.com/mitchellh/mapstructure v1.5.0
@@ -23,8 +22,9 @@ require (
 	github.com/stretchr/testify v1.8.2
 	github.com/tidwall/gjson v1.14.3
 	github.com/tidwall/sjson v1.1.4
+	github.com/trustbloc/bbs-signature-go v1.0.0
 	github.com/trustbloc/did-go v1.0.1
-	github.com/trustbloc/kms-go v1.0.0
+	github.com/trustbloc/kms-go v1.0.1-0.20230922134356-24e819a06a30
 	github.com/xeipuuv/gojsonschema v1.2.0
 	golang.org/x/crypto v0.1.0
 	golang.org/x/exp v0.0.0-20230817173708-d852ddb80c63
@@ -39,8 +39,8 @@ require (
 	github.com/davecgh/go-spew v1.1.1 // indirect
 	github.com/golang/protobuf v1.5.2 // indirect
 	github.com/golang/snappy v0.0.4 // indirect
+	github.com/google/tink/go v1.7.0 // indirect
 	github.com/hyperledger/fabric-amcl v0.0.0-20230602173724-9e02669dceb2 // indirect
-	github.com/hyperledger/ursa-wrapper-go v0.3.1 // indirect
 	github.com/kilic/bls12-381 v0.1.1-0.20210503002446-7b7597926c69 // indirect
 	github.com/mmcloughlin/addchain v0.4.0 // indirect
 	github.com/mr-tron/base58 v1.2.0 // indirect

go.sum

@@ -62,8 +62,6 @@ github.com/google/uuid v1.3.0/go.mod h1:TIyPZe4MgqvfeYDBFedMoGGpEw/LqOeaOT+nhxU+
 github.com/hpcloud/tail v1.0.0/go.mod h1:ab1qPbhIpdTxEkNHXyeSf5vhxWSCs/tWer42PpOxQnU=
 github.com/hyperledger/fabric-amcl v0.0.0-20230602173724-9e02669dceb2 h1:B1Nt8hKb//KvgGRprk0h1t4lCnwhE9/ryb1WqfZbV+M=
 github.com/hyperledger/fabric-amcl v0.0.0-20230602173724-9e02669dceb2/go.mod h1:X+DIyUsaTmalOpmpQfIvFZjKHQedrURQ5t4YqquX7lE=
-github.com/hyperledger/ursa-wrapper-go v0.3.1 h1:Do+QrVNniY77YK2jTIcyWqj9rm/Yb5SScN0bqCjiibA=
-github.com/hyperledger/ursa-wrapper-go v0.3.1/go.mod h1:nPSAuMasIzSVciQo22PedBk4Opph6bJ6ia3ms7BH/mk=
 github.com/jessevdk/go-flags v0.0.0-20141203071132-1679536dcc89/go.mod h1:4FA24M0QyGHXBuZZK/XkWh8h0e1EYbRYJSGM75WSRxI=
 github.com/jrick/logrotate v1.0.0/go.mod h1:LNinyqDIJnpAur+b8yyulnQw/wDuN1+BYKlTRt3OuAQ=
 github.com/kawamuray/jsonpath v0.0.0-20201211160320-7483bafabd7e h1:Eh/0JuXDdcBHc39j4tFXKTy/AKiK7IQkGJXQxyryXiU=
@@ -123,10 +121,12 @@ github.com/tidwall/pretty v1.2.0 h1:RWIZEg2iJ8/g6fDDYzMpobmaoGh5OLl4AXtGUGPcqCs=
 github.com/tidwall/pretty v1.2.0/go.mod h1:ITEVvHYasfjBbM0u2Pg8T2nJnzm8xPwvNhhsoaGGjNU=
 github.com/tidwall/sjson v1.1.4 h1:bTSsPLdAYF5QNLSwYsKfBKKTnlGbIuhqL3CpRsjzGhg=
 github.com/tidwall/sjson v1.1.4/go.mod h1:wXpKXu8CtDjKAZ+3DrKY5ROCorDFahq8l0tey/Lx1fg=
+github.com/trustbloc/bbs-signature-go v1.0.0 h1:JOKmPRTpjbbGODt71i3wJyiEBcu5XEoeSMQaM0WHR7Q=
+github.com/trustbloc/bbs-signature-go v1.0.0/go.mod h1:8xptu/lbVUDACQW10yiHtqATzC2kpTKQk5mKsKTD85Y=
 github.com/trustbloc/did-go v1.0.1 h1:Q27Sx51c68QSCnrRxwPMHQqcS/fJKzbpYzPZ9457cDo=
 github.com/trustbloc/did-go v1.0.1/go.mod h1:+A6OLKYBSh5cGjc6qk3KZ1DXOAlfIjdUwqz+tzcjOKM=
-github.com/trustbloc/kms-go v1.0.0 h1:uV4J95DXKgpcxEQtRLJ6Aa9nk1CY8cLSUHgSwwzqJIQ=
-github.com/trustbloc/kms-go v1.0.0/go.mod h1:1rvrHRuIRT7qLapB0lSpFgy1CjFunx85EyEzcZpIxG8=
+github.com/trustbloc/kms-go v1.0.1-0.20230922134356-24e819a06a30 h1:nNmYk/CX3UrLe4a7qCaMjsc+IWcQdZlJGvY5D2gsewE=
+github.com/trustbloc/kms-go v1.0.1-0.20230922134356-24e819a06a30/go.mod h1:7arOSG9GewtV1WiqYZ23dSZ6haamosSABwyG//cRaXQ=
 github.com/xeipuuv/gojsonpointer v0.0.0-20180127040702-4e3ac2762d5f/go.mod h1:N2zxlSyiKSe5eX1tZViRH5QA0qijqEDrYZiPEAiq3wU=
 github.com/xeipuuv/gojsonpointer v0.0.0-20190905194746-02993c407bfb h1:zGWFAtiMcyryUHoUjUJX0/lt1H2+i2Ka2n+D3DImSNo=
 github.com/xeipuuv/gojsonpointer v0.0.0-20190905194746-02993c407bfb/go.mod h1:N2zxlSyiKSe5eX1tZViRH5QA0qijqEDrYZiPEAiq3wU=

internal/testutil/kmscryptoutil/kmscryptoutil.go

@@ -14,12 +14,12 @@ import (
 	mockkms "github.com/trustbloc/kms-go/mock/kms"
 	"github.com/trustbloc/kms-go/secretlock/noop"
 	"github.com/trustbloc/kms-go/spi/kms"
+	"github.com/trustbloc/kms-go/wrapper"
 	mockstorage "github.com/trustbloc/vc-go/legacy/mock/storage"
-	"github.com/trustbloc/vc-go/signature/kmscrypto"
 )
 
 // LocalKMSCrypto creates a kmscrypto.KMSCrypto instance that uses localkms and tinkcrypto.
-func LocalKMSCrypto(t *testing.T) kmscrypto.KMSCrypto {
+func LocalKMSCrypto(t *testing.T) wrapper.KMSCrypto {
 	kc, err := LocalKMSCryptoErr()
 	require.NoError(t, err)
 
@@ -28,7 +28,7 @@ func LocalKMSCrypto(t *testing.T) kmscrypto.KMSCrypto {
 
 // LocalKMSCryptoErr creates a kmscrypto.KMSCrypto instance that uses localkms and tinkcrypto.
 // This API returns error instead of expecting a test manager.
-func LocalKMSCryptoErr() (kmscrypto.KMSCrypto, error) {
+func LocalKMSCryptoErr() (wrapper.KMSCrypto, error) {
 	storeProv := mockstorage.NewMockStoreProvider()
 
 	kmsProv, err := mockkms.NewProviderForKMS(storeProv, &noop.NoLock{})
@@ -46,7 +46,7 @@ func LocalKMSCryptoErr() (kmscrypto.KMSCrypto, error) {
 		return nil, err
 	}
 
-	return kmscrypto.NewKMSCrypto(kms, cr), nil
+	return wrapper.NewKMSCrypto(kms, cr), nil
 }
 
 // PubKeyBytesToJWK converts the given public key to a JWK.

internal/testutil/signatureutil/internal/signer/crypto_signer.go

@@ -10,16 +10,15 @@ import (
 	"fmt"
 
 	"github.com/trustbloc/kms-go/doc/jose/jwk"
-	"github.com/trustbloc/vc-go/signature/kmscrypto"
-
 	kmsapi "github.com/trustbloc/kms-go/spi/kms"
+	"github.com/trustbloc/kms-go/wrapper"
 )
 
 // CryptoSigner defines signer based on crypto.
 type CryptoSigner struct {
 	PubJWK      *jwk.JWK
 	alg         string
-	fixedCrypto kmscrypto.FixedKeyCrypto
+	fixedCrypto wrapper.FixedKeyCrypto
 }
 
 // Sign will sign document and return signature.
@@ -38,7 +37,7 @@ func (s *CryptoSigner) Alg() string {
 }
 
 // NewCryptoSigner creates a new CryptoSigner.
-func NewCryptoSigner(kmsCrypto kmscrypto.KMSCrypto, keyType kmsapi.KeyType, alg string) (*CryptoSigner, error) {
+func NewCryptoSigner(kmsCrypto wrapper.KMSCrypto, keyType kmsapi.KeyType, alg string) (*CryptoSigner, error) {
 	pubJWK, err := kmsCrypto.Create(keyType)
 	if err != nil {
 		return nil, fmt.Errorf("create key: %w", err)

internal/testutil/signatureutil/internal/signer/crypto_signer_test.go

@@ -13,8 +13,9 @@ import (
 	"testing"
 
 	"github.com/stretchr/testify/require"
+	mockwrapper "github.com/trustbloc/kms-go/mock/wrapper"
 	kmsapi "github.com/trustbloc/kms-go/spi/kms"
-	mockkmscrypto "github.com/trustbloc/vc-go/internal/mock/kmscrypto"
+
 	"github.com/trustbloc/vc-go/internal/testutil/kmscryptoutil"
 	. "github.com/trustbloc/vc-go/internal/testutil/signatureutil/internal/signer"
 )
@@ -67,7 +68,7 @@ func TestNewCryptoSigner(t *testing.T) {
 	}
 
 	t.Run("error corner cases", func(t *testing.T) {
-		mockKC := &mockkmscrypto.MockKMSCrypto{
+		mockKC := &mockwrapper.MockKMSCrypto{
 			CreateErr: errors.New("key creation error"),
 		}
 		signer, err := NewCryptoSigner(mockKC, kmsapi.ED25519Type, "")

internal/testutil/signatureutil/signer.go

@@ -13,9 +13,10 @@ import (
 
 	"github.com/stretchr/testify/require"
 	kmsapi "github.com/trustbloc/kms-go/spi/kms"
+	"github.com/trustbloc/kms-go/wrapper"
+
 	"github.com/trustbloc/vc-go/internal/testutil/kmscryptoutil"
 	"github.com/trustbloc/vc-go/internal/testutil/signatureutil/internal/signer"
-	"github.com/trustbloc/vc-go/signature/kmscrypto"
 )
 
 // TODO: neither NewCryptoSigner or NewSigner is used by wallet-sdk or vcs. This
@@ -31,7 +32,7 @@ func CryptoSigner(t *testing.T, keyType kmsapi.KeyType) Signer {
 }
 
 // NewCryptoSigner creates a new signer based on crypto if possible.
-func NewCryptoSigner(kmsCrypto kmscrypto.KMSCrypto, keyType kmsapi.KeyType) (Signer, error) {
+func NewCryptoSigner(kmsCrypto wrapper.KMSCrypto, keyType kmsapi.KeyType) (Signer, error) {
 	var alg string
 
 	// Note: signer.CryptoSigner doesn't support secp256k1 or rsa, as kms-go

jwt/didsignjwt/signjwt.go

@@ -19,7 +19,7 @@ import (
 	"github.com/trustbloc/kms-go/doc/jose/jwk/jwksupport"
 	"github.com/trustbloc/kms-go/doc/util/jwkkid"
 	"github.com/trustbloc/kms-go/doc/util/kmssigner"
-	"github.com/trustbloc/vc-go/signature/kmscrypto"
+	"github.com/trustbloc/kms-go/wrapper"
 
 	"github.com/trustbloc/vc-go/jwt"
 )
@@ -65,7 +65,7 @@ type SignerGetter func(vm *did.VerificationMethod) (Signer, error)
 //
 // Deprecated: use UseKMSCryptoWrapperSigner instead.
 func UseDefaultSigner(r keyReader, s cryptoSigner) SignerGetter {
-	kcs := kmscrypto.NewKMSCryptoSigner(r, s)
+	kcs := wrapper.NewKMSCryptoSigner(r, s)
 
 	return UseKMSCryptoWrapperSigner(kcs)
 }
@@ -74,7 +74,7 @@ func UseDefaultSigner(r keyReader, s cryptoSigner) SignerGetter {
 //
 // Note: this API assumes that the KMS KID is the same as is used by localkms,
 // allowing it to be determined based on the public key.
-func UseKMSCryptoWrapperSigner(crypto kmscrypto.KMSCryptoSigner) SignerGetter {
+func UseKMSCryptoWrapperSigner(crypto wrapper.KMSCryptoSigner) SignerGetter {
 	return func(vm *did.VerificationMethod) (Signer, error) {
 		var pubJWK *jwk.JWK
 

presexch/definition_test.go

@@ -22,11 +22,11 @@ import (
 	"github.com/PaesslerAG/jsonpath"
 	"github.com/google/uuid"
 	"github.com/stretchr/testify/require"
+	"github.com/trustbloc/bbs-signature-go/bbs12381g2pub"
 	lddocloader "github.com/trustbloc/did-go/doc/ld/documentloader"
 	ldprocessor "github.com/trustbloc/did-go/doc/ld/processor"
 	ldtestutil "github.com/trustbloc/did-go/doc/ld/testutil"
 	utiltime "github.com/trustbloc/did-go/doc/util/time"
-	"github.com/trustbloc/kms-go/crypto/primitive/bbs12381g2pub"
 	"github.com/trustbloc/kms-go/doc/jose/jwk"
 	"github.com/trustbloc/kms-go/doc/util/fingerprint"
 	"github.com/trustbloc/kms-go/spi/kms"

presexch/example_v2_test.go

@@ -16,9 +16,9 @@ import (
 
 	"github.com/piprate/json-gold/ld"
 	"github.com/stretchr/testify/require"
+	"github.com/trustbloc/bbs-signature-go/bbs12381g2pub"
 	ldprocessor "github.com/trustbloc/did-go/doc/ld/processor"
 	ldtestutil "github.com/trustbloc/did-go/doc/ld/testutil"
-	"github.com/trustbloc/kms-go/crypto/primitive/bbs12381g2pub"
 	"github.com/trustbloc/kms-go/spi/kms"
 	"github.com/trustbloc/vc-go/internal/testutil/kmscryptoutil"
 	"github.com/trustbloc/vc-go/internal/testutil/signatureutil"

presexch/match_submission_requirements_test.go

@@ -16,8 +16,8 @@ import (
 
 	"github.com/google/uuid"
 	"github.com/stretchr/testify/require"
+	"github.com/trustbloc/bbs-signature-go/bbs12381g2pub"
 	ldprocessor "github.com/trustbloc/did-go/doc/ld/processor"
-	"github.com/trustbloc/kms-go/crypto/primitive/bbs12381g2pub"
 
 	utiltime "github.com/trustbloc/did-go/doc/util/time"
 	"github.com/trustbloc/vc-go/presexch"