search

digitalbazaar / ed25519-verification-key-2020

Javascript library for generating and working with Ed25519VerificationKey2020 key pairs, for use with crypto-ld.
BSD 3-Clause "New" or "Revised" License
3 stars 10 forks source link

Should this library throw errors defined in the `did:key` spec? #18

Open aljones15 opened 2 years ago

aljones15 commented 2 years ago

Did key spec now has standardized errors for did:key. While this library is not specifically a did:key library it does checks that the did:key spec expects to happen. These checks need to raise specific errors in order to conform to the spec. The errors that need to be raised are:

  1. invalidDid (when the publicKeyMultibase doesn't start with z)
  2. invalidPublicKeyLength (when the publicKey keyBuffer is not 32 bytes in length)

Currently this library has the following check:

https://github.com/digitalbazaar/ed25519-verification-key-2020/blob/56eb9210cf0b2f0dfaa42881e20a47d8723feb04/lib/Ed25519VerificationKey2020.js#L48-L53

https://github.com/digitalbazaar/ed25519-verification-key-2020/blob/56eb9210cf0b2f0dfaa42881e20a47d8723feb04/lib/Ed25519VerificationKey2020.js#L442-L451

For a public key this ensure the first letter in the multibaseKey is z and then it checks that the first bytes of the resulting Uint8Array matches the bytes of the const MULTICODEC_ED25519_PUB_HEADER = new Uint8Array([0xed, 0x01]);

So should we update this library to throw errors that conform to the did:key specs errors?

Currently not starting with a z should result in an invalidDid error (this might be updated to invalidDidKey) This would need to happen before the byte check.

Secondly we now need to throw this error: invalidPublicKeyLength

This just requires changing the error here so that it can be caught and reported back to an implementation:

https://github.com/digitalbazaar/ed25519-verification-key-2020/blob/56eb9210cf0b2f0dfaa42881e20a47d8723feb04/lib/ed25519.js#L132-L149

I think we should use Error.code to report these errors back like this:

export class InvalidDid extends Error {
  constructor(message) {
    super(message);
    this.name = 'InvalidDidError';
    this.code = 'invalidDid';
  }
}

export class InvalidPublicKeyLength extends Error {
  constructor(message) {
    super(message);
    this.name = 'InvalidPublicKeyLengthError';
    this.code = 'invalidPublicKeyLength';
  }
}

These can be caught later down the line and used for various aspects of conformance.