need tests for DID Exchange / Connection Protocol

hyperledger-archives / aries-protocol-test-suite

Test Suite for testing protocol compliance of Aries Agents

https://wiki.hyperledger.org/display/aries

Apache License 2.0

25 stars 19 forks source link

need tests for DID Exchange / Connection Protocol #3

Open dhh1128 opened 5 years ago

dhh1128 commented 5 years ago

All of the following tests are needed.

An overly long invitation is rejected since it can't be turned into a QR code?
Agent can be either inviter or invitee.
A public DID can be used as an implicit invitation.
A connection resp that is not signed by the key used in the invitation generates a graceful error.
A connection resp sent before a connection req generates a graceful error.
A connection resp or connection req that uses a different thread from the previous message generates a graceful error.
A connection resp or req that uses the same thread as previous, but an inconsistent state (e.g., different DID Doc or endpoint) is rejected.
DID Docs with extra fields are handled.
DID Docs lacking required fields are rejected.
DID Docs lacking public keys of type {Ed25519|Secp256k1|RSA} are either handled fully, or generate a graceful error.
A plaintext version of a connection request or connection response is gracefully rejected.

dbluhm commented 5 years ago

Progress:

[ ] An overly long invitation is rejected since it can't be turned into a QR code?
[x] Agent can be either inviter or invitee.
[ ] A public DID can be used as an implicit invitation.
[ ] A connection resp that is not signed by the key used in the invitation generates a graceful error.
[ ] A connection resp sent before a connection req generates a graceful error.
[ ] A connection resp or connection req that uses a different thread from the previous message generates a graceful error.
[ ] A connection resp or req that uses the same thread as previous, but an inconsistent state (e.g., different DID Doc or endpoint) is rejected.
[ ] DID Docs with extra fields are handled.
[ ] DID Docs lacking required fields are rejected.
[ ] DID Docs lacking public keys of type {Ed25519|Secp256k1|RSA} are either handled fully, or generate a graceful error.
[ ] A plaintext version of a connection request or connection response is gracefully rejected.

dbluhm commented 5 years ago

A plaintext version of a connection request or connection response is gracefully rejected.

What would we consider a graceful rejection in this context? A 400?

dhh1128 commented 5 years ago

The condition that's triggering a graceful rejection is that the message trust context doesn't confer enough trust to proceed. I would expect a graceful rejection to be a problem report explaining that.

dbluhm commented 5 years ago

Given that there are no keys to figure out which connection sent the message, would we expect this message to be returned in plaintext to the active http connection?

dhh1128 commented 5 years ago

Actually, now that you point out that detail, I would be content with a 400