Skip to content

Commit

Permalink
fix didVerify will always return false when hash multiple signer keys…
Browse files Browse the repository at this point in the history 
… and not sign with the first (#34)

Co-authored-by: github-actions[bot] <action@github.com>
release-as: 0.7.2
  • Loading branch information
@zzcwoshizz @actions-user
zzcwoshizz and actions-user committed Jan 18, 2023
1 parent 97cf853 commit adf1dae
Showing 1 changed file with 18 additions and 12 deletions.
30 changes: 18 additions & 12 deletions packages/verify/src/didVerify.ts
View file
Original file line number Diff line number Diff line change
Expand Up @@ -2,14 +2,24 @@
// SPDX-License-Identifier: Apache-2.0

import type { HexString } from '@zcloak/crypto/types';
import type { DidDocument, DidUrl } from '@zcloak/did-resolver/types';
import type { DidDocument, DidUrl, VerificationMethodType } from '@zcloak/did-resolver/types';

import { u8aToU8a } from '@polkadot/util';

import { decodeMultibase, ed25519Verify, secp256k1Verify } from '@zcloak/crypto';
import { ed25519Verify, secp256k1Verify } from '@zcloak/crypto';
import { helpers } from '@zcloak/did';
import { DidResolver } from '@zcloak/did-resolver';
import { defaultResolver } from '@zcloak/did-resolver/defaults';

const VERIFIERS: Record<
VerificationMethodType,
(message: Uint8Array, signature: HexString | Uint8Array, publicKey: Uint8Array) => boolean
> = {
EcdsaSecp256k1VerificationKey2019: secp256k1Verify,
Ed25519VerificationKey2020: ed25519Verify,
X25519KeyAgreementKey2019: () => false
};

/**
* @name didVerify
* @summary Verifies the signature on the supplied message.
Expand Down Expand Up @@ -58,18 +68,14 @@ export async function didVerify(
? await resolverOrDidDocument.resolve(didUrl)
: resolverOrDidDocument;

const finded = document.verificationMethod?.find((method) => {
return method.id;
});

if (!finded) return false;
const did = helpers.fromDidDocument(document);

const publicKey = decodeMultibase(finded.publicKeyMultibase);
for (const [, { publicKey, type }] of did.keyRelationship) {
const isTrue = VERIFIERS[type](messageU8a, signature, publicKey);

if (finded.type === 'EcdsaSecp256k1VerificationKey2019') {
return secp256k1Verify(messageU8a, signature, publicKey);
} else if (finded.type === 'Ed25519VerificationKey2020') {
return ed25519Verify(messageU8a, signature, publicKey);
if (isTrue) {
return isTrue;
}
}

return false;
Expand Down

0 comments on commit adf1dae

Please sign in to comment.