fix: remove skid from the recipient header (#188)

* fix: remove skid recipient header param since skid is now meant to be only in the protected header * fix: update test cases to have no skid in the recipient header
decentralized-identity · Jun 11, 2021 · 0682cd1 · 0682cd1
1 parent 90a5c23
commit 0682cd1
Show file tree

Hide file tree

Showing 3 changed files with 61 additions and 69 deletions.
diff --git a/src/__tests__/JWE.test.ts b/src/__tests__/JWE.test.ts
@@ -12,7 +12,7 @@ import {
   createAuthEncrypter,
   createAuthDecrypter
 } from '../xc20pEncryption'
-import { decodeBase64url, encodeBase64url } from '../util'
+import { bytesToBase64, decodeBase64url, encodeBase64url } from '../util'
 import * as u8a from 'uint8arrays'
 import { randomBytes } from '@stablelib/random'
 import { generateKeyPairFromSeed } from '@stablelib/x25519'
@@ -256,24 +256,22 @@ describe('JWE', () => {
         expect(await decryptJWE(jwe, decrypter)).toEqual(cleartext)
       })
 
-      it('Creates with skid, kid, no apu and no apv', async () => {
+      it('Creates with kid, no apu and no apv', async () => {
         const kid = 'did:example:receiver#key-1'
-        const skid = 'did:example:sender#key-1'
         const encrypter = xc20pAuthEncrypterEcdh1PuV3x25519WithXc20PkwV2(recipientKey.publicKey, senderKey.secretKey, {
-          kid,
-          skid
+          kid
         })
         expect.assertions(6)
         const jwe = await createJWE(cleartext, [encrypter])
         expect(jwe.aad).toBeUndefined()
-        expect(JSON.parse(decodeBase64url(jwe.protected))).toEqual({ enc: 'XC20P', skid: skid })
+        expect(JSON.parse(decodeBase64url(jwe.protected))).toEqual({ enc: 'XC20P' })
         expect(jwe.recipients[0].header.kid).toEqual(kid)
         expect(jwe.recipients[0].header.apu).toBeUndefined()
         expect(jwe.recipients[0].header.apv).toBeUndefined()
         expect(await decryptJWE(jwe, decrypter)).toEqual(cleartext)
       })
 
-      it('Creates with no skid, no kid, apu and apv', async () => {
+      it('Creates with no kid, apu and apv', async () => {
         const apu = encodeBase64url('Alice')
         const apv = encodeBase64url('Bob')
         const encrypter = xc20pAuthEncrypterEcdh1PuV3x25519WithXc20PkwV2(recipientKey.publicKey, senderKey.secretKey, {
@@ -290,21 +288,19 @@ describe('JWE', () => {
         expect(await decryptJWE(jwe, decrypter)).toEqual(cleartext)
       })
 
-      it('Creates with skid, kid, apu and apv', async () => {
+      it('Creates with kid, apu and apv', async () => {
         const kid = 'did:example:receiver#key-1'
-        const skid = 'did:example:sender#key-1'
         const apu = encodeBase64url('Alice')
         const apv = encodeBase64url('Bob')
         const encrypter = xc20pAuthEncrypterEcdh1PuV3x25519WithXc20PkwV2(recipientKey.publicKey, senderKey.secretKey, {
           kid,
-          skid,
           apu,
           apv
         })
         expect.assertions(6)
         const jwe = await createJWE(cleartext, [encrypter])
         expect(jwe.aad).toBeUndefined()
-        expect(JSON.parse(decodeBase64url(jwe.protected))).toEqual({ enc: 'XC20P', skid: skid })
+        expect(JSON.parse(decodeBase64url(jwe.protected))).toEqual({ enc: 'XC20P' })
         expect(jwe.recipients[0].header.kid).toEqual(kid)
         expect(jwe.recipients[0].header.apu).toEqual(apu)
         expect(jwe.recipients[0].header.apv).toEqual(apv)
@@ -313,10 +309,11 @@ describe('JWE', () => {
 
       it('Creates with data in protected header', async () => {
         const encrypter = xc20pAuthEncrypterEcdh1PuV3x25519WithXc20PkwV2(recipientKey.publicKey, senderKey.secretKey)
+        const skid = 'did:example:sender#key-1'
         expect.assertions(3)
-        const jwe = await createJWE(cleartext, [encrypter], { more: 'protected' })
+        const jwe = await createJWE(cleartext, [encrypter], { skid, more: 'protected' })
         expect(jwe.aad).toBeUndefined()
-        expect(JSON.parse(decodeBase64url(jwe.protected))).toEqual({ enc: 'XC20P', more: 'protected' })
+        expect(JSON.parse(decodeBase64url(jwe.protected))).toEqual({ enc: 'XC20P', skid, more: 'protected' })
         expect(await decryptJWE(jwe, decrypter)).toEqual(cleartext)
       })
 
@@ -377,7 +374,6 @@ describe('JWE', () => {
     describe('Multiple recipients', () => {
       let cleartext, senderkey
       const recipients = []
-      const skid = 'did:example:sender#key-1'
 
       beforeEach(() => {
         senderkey = generateKeyPairFromSeed(randomBytes(32))
@@ -390,7 +386,7 @@ describe('JWE', () => {
             encrypter: xc20pAuthEncrypterEcdh1PuV3x25519WithXc20PkwV2(
               recipients[0].recipientkey.publicKey,
               senderkey.secretKey,
-              { kid: recipients[0].kid, skid }
+              { kid: recipients[0].kid }
             ),
             decrypter: xc20pAuthDecrypterEcdh1PuV3x25519WithXc20PkwV2(
               recipients[0].recipientkey.secretKey,
@@ -406,7 +402,7 @@ describe('JWE', () => {
             encrypter: xc20pAuthEncrypterEcdh1PuV3x25519WithXc20PkwV2(
               recipients[1].recipientkey.publicKey,
               senderkey.secretKey,
-              { kid: recipients[1].kid, skid }
+              { kid: recipients[1].kid }
             ),
             decrypter: xc20pAuthDecrypterEcdh1PuV3x25519WithXc20PkwV2(
               recipients[1].recipientkey.secretKey,
@@ -420,18 +416,19 @@ describe('JWE', () => {
         expect.assertions(4)
         const jwe = await createJWE(cleartext, [recipients[0].encrypter, recipients[1].encrypter])
         expect(jwe.aad).toBeUndefined()
-        expect(JSON.parse(decodeBase64url(jwe.protected))).toEqual({ enc: 'XC20P', skid: skid })
+        expect(JSON.parse(decodeBase64url(jwe.protected))).toEqual({ enc: 'XC20P' })
         expect(await decryptJWE(jwe, recipients[0].decrypter)).toEqual(cleartext)
         expect(await decryptJWE(jwe, recipients[1].decrypter)).toEqual(cleartext)
       })
 
       it('Creates with data in protected header', async () => {
         expect.assertions(4)
+        const skid = 'did:example:sender#key-1'
         const jwe = await createJWE(cleartext, [recipients[0].encrypter, recipients[1].encrypter], {
-          more: 'protected'
+          more: 'protected', skid
         })
         expect(jwe.aad).toBeUndefined()
-        expect(JSON.parse(decodeBase64url(jwe.protected))).toEqual({ enc: 'XC20P', skid: skid, more: 'protected' })
+        expect(JSON.parse(decodeBase64url(jwe.protected))).toEqual({ enc: 'XC20P', more: 'protected', skid })
         expect(await decryptJWE(jwe, recipients[0].decrypter)).toEqual(cleartext)
         expect(await decryptJWE(jwe, recipients[0].decrypter)).toEqual(cleartext)
       })
@@ -446,7 +443,7 @@ describe('JWE', () => {
           aad
         )
         expect(u8a.fromString(jwe.aad, 'base64url')).toEqual(aad)
-        expect(JSON.parse(decodeBase64url(jwe.protected))).toEqual({ enc: 'XC20P', skid: skid, more: 'protected' })
+        expect(JSON.parse(decodeBase64url(jwe.protected))).toEqual({ enc: 'XC20P', more: 'protected' })
         expect(await decryptJWE(jwe, recipients[0].decrypter)).toEqual(cleartext)
         expect(await decryptJWE(jwe, recipients[1].decrypter)).toEqual(cleartext)
         delete jwe.aad