Merge pull request #51 from sicpa-dlab/main

Release 0.3.0

Author: ashcherbakov

didcomm/__init__.py

@@ -1 +1 @@
-__version__ = "0.2.0"
+__version__ = "0.3.0"

didcomm/core/keys/forward_next_keys_selector.py

@@ -0,0 +1,18 @@
+from didcomm.common.resolvers import ResolversConfig
+from didcomm.common.types import DID_OR_DID_URL
+from didcomm.core.utils import is_did_url
+
+
+async def has_keys_for_forward_next(
+    _next: DID_OR_DID_URL, resolvers_config: ResolversConfig
+) -> bool:
+    if is_did_url(_next):
+        next_kids = [_next]
+    else:
+        next_did_doc = await resolvers_config.did_resolver.resolve(_next)
+        if next_did_doc is None:
+            return False
+        next_kids = next_did_doc.key_agreement_kids
+
+    secret_ids = await resolvers_config.secrets_resolver.get_keys(next_kids)
+    return len(secret_ids) > 0

didcomm/unpack.py

@@ -3,21 +3,22 @@
 from dataclasses import dataclass
 from typing import Optional, List, Union
 
-from authlib.common.encoding import to_unicode, to_bytes
+from authlib.common.encoding import to_unicode
 
 from didcomm.common.algorithms import AnonCryptAlg, AuthCryptAlg, SignAlg
 from didcomm.common.resolvers import ResolversConfig
 from didcomm.common.types import JWS, JSON, JSON_OBJ, DID_URL
 from didcomm.core.anoncrypt import unpack_anoncrypt, is_anoncrypted
 from didcomm.core.authcrypt import is_authcrypted, unpack_authcrypt
+from didcomm.core.from_prior import unpack_from_prior_in_place
+from didcomm.core.keys.forward_next_keys_selector import has_keys_for_forward_next
 from didcomm.core.serialization import (
     json_bytes_to_dict,
     json_str_to_dict,
     dict_to_json_bytes,
 )
 from didcomm.core.sign import is_signed, unpack_sign
 from didcomm.errors import DIDCommValueError
-from didcomm.core.from_prior import unpack_from_prior_in_place
 from didcomm.message import Message
 from didcomm.protocols.routing.forward import is_forward, ForwardMessage
 
@@ -44,11 +45,9 @@ async def unpack(
     unpack_config = unpack_config or UnpackConfig()
 
     if isinstance(packed_msg, str):
-        msg = to_bytes(packed_msg)
-        msg_as_dict = json_str_to_dict(packed_msg)
+        packed_msg = json_str_to_dict(packed_msg)
     elif isinstance(packed_msg, dict):
-        msg = dict_to_json_bytes(packed_msg)
-        msg_as_dict = packed_msg
+        pass
     else:
         # FIXME in python it should be a kind of TypeError instead
         raise DIDCommValueError(
@@ -62,6 +61,18 @@ async def unpack(
         anonymous_sender=False,
     )
 
+    return await _do_unpack(resolvers_config, packed_msg, unpack_config, metadata)
+
+
+async def _do_unpack(
+    resolvers_config: ResolversConfig,
+    packed_msg: JSON_OBJ,
+    unpack_config: UnpackConfig,
+    metadata: Metadata,
+) -> UnpackResult:
+    msg = dict_to_json_bytes(packed_msg)
+    msg_as_dict = packed_msg
+
     if is_anoncrypted(msg_as_dict):
         unwrap_anoncrypt_result = await unpack_anoncrypt(
             msg_as_dict,
@@ -76,11 +87,13 @@ async def unpack(
         metadata.encrypted_to = unwrap_anoncrypt_result.to_kids
         metadata.enc_alg_anon = unwrap_anoncrypt_result.alg
 
-        if is_forward(msg_as_dict) and unpack_config.unwrap_re_wrapping_forward:
+        if unpack_config.unwrap_re_wrapping_forward and is_forward(msg_as_dict):
             fwd_msg = ForwardMessage.from_json(msg)
-            msg_as_dict = fwd_msg.forwarded_msg
-            msg = dict_to_json_bytes(msg_as_dict)
-            metadata.re_wrapped_in_forward = True
+            if await has_keys_for_forward_next(fwd_msg.body.next, resolvers_config):
+                metadata.re_wrapped_in_forward = True
+                return await _do_unpack(
+                    resolvers_config, fwd_msg.forwarded_msg, unpack_config, metadata
+                )
 
     if is_authcrypted(msg_as_dict):
         unwrap_authcrypt_result = await unpack_authcrypt(

docs/release.md

@@ -0,0 +1,14 @@
+## Release
+
+Assumptions:
+
+*   `main` branch can wait until release PR is merged
+
+The steps:
+
+1.  **release**:
+    1.  **review adjust if needed the release version in `main`** to match the changes from the latest release following the [SemVer rules](https://semver.org/#summary).
+    2.  [create](https://github.com/sicpa-dlab/didcomm-python/compare/stable...main) a **PR from `main` to `stable`** (you may likely want to name it as `release-<version>`)
+    3.  once merged [release pipeline](https://github.com/sicpa-dlab/didcomm-python/actions/workflows/release.yml) will publish the release to [PyPI](https://pypi.org/project/didcomm)
+2.  **bump next release version in `main`**
+    *   **Note** decision about the next release version should be based on the same [SemVer](https://semver.org/) rules and the expected changes. Usually it would be either a MINOR or MAJOR (if incompatible changes are planned) release.

tests/test_vectors/did_doc/did_doc_charlie.py

@@ -37,7 +37,7 @@
             {
                 "kty": "OKP",
                 "crv": "Ed25519",
-                "x": "G-boxFB6vOZBu-wXkm-9Lh79I8nf9Z50cILaOgKKGww",
+                "x": "VDXDwuGKVq91zxU6q7__jLDUq8_C5cuxECgd-1feFTE",
             }
         ),
     ),

tests/test_vectors/secrets/mock_secrets_resolver_charlie.py

@@ -32,9 +32,9 @@
         value=json_dumps(
             {
                 "kty": "OKP",
-                "d": "pFRUKkyzx4kHdJtFSnlPA9WzqkDT1HWV0xZ5OYZd2SY",
+                "d": "T2azVap7CYD_kB8ilbnFYqwwYb5N-GcD6yjGEvquZXg",
                 "crv": "Ed25519",
-                "x": "G-boxFB6vOZBu-wXkm-9Lh79I8nf9Z50cILaOgKKGww",
+                "x": "VDXDwuGKVq91zxU6q7__jLDUq8_C5cuxECgd-1feFTE",
             }
         ),
     ),

tests/unit/unpack/test_unpack_forward.py

@@ -3,13 +3,60 @@
 from didcomm.core.serialization import dict_to_json
 from didcomm.message import Message
 from didcomm.pack_encrypted import pack_encrypted
-from didcomm.protocols.routing.forward import unpack_forward, wrap_in_forward
+from didcomm.protocols.routing.forward import (
+    unpack_forward,
+    wrap_in_forward,
+    ForwardMessage,
+    is_forward,
+)
 from didcomm.unpack import unpack, UnpackConfig
 from tests.test_vectors.common import ALICE_DID, BOB_DID
 
 
 @pytest.mark.asyncio
-async def test_mediator_re_wrap_to_receiver(
+async def test_mediator_re_wrap_anoncrypt_to_receiver(
+    resolvers_config_alice, resolvers_config_bob, resolvers_config_mediator1
+):
+    # ALICE
+    message = Message(
+        body={"aaa": 1, "bbb": 2},
+        id="1234567890",
+        type="my-protocol/1.0",
+        to=[BOB_DID],
+        created_time=1516269022,
+        expires_time=1516385931,
+    )
+    pack_result = await pack_encrypted(
+        resolvers_config=resolvers_config_alice,
+        message=message,
+        to=BOB_DID,
+    )
+
+    # BOB MEDIATOR 1: re-wrap to Bob
+    old_forward_bob = await unpack_forward(
+        resolvers_config_mediator1, pack_result.packed_msg, True
+    )
+    new_packed_forward_bob = await wrap_in_forward(
+        resolvers_config=resolvers_config_mediator1,
+        packed_msg=old_forward_bob.forwarded_msg,
+        to=old_forward_bob.forward_msg.body.next,
+        routing_keys=[old_forward_bob.forward_msg.body.next],
+        headers={"expires_time": 99999},
+    )
+
+    # BOB
+    unpack_result_bob = await unpack(
+        resolvers_config_bob,
+        dict_to_json(new_packed_forward_bob.msg_encrypted.msg),
+        unpack_config=UnpackConfig(unwrap_re_wrapping_forward=True),
+    )
+
+    assert unpack_result_bob.message == message
+    assert unpack_result_bob.metadata.re_wrapped_in_forward
+
+
+@pytest.mark.asyncio
+async def test_mediator_re_wrap_authcrypt_to_receiver(
     resolvers_config_alice, resolvers_config_bob, resolvers_config_mediator1
 ):
     # ALICE
@@ -50,3 +97,46 @@ async def test_mediator_re_wrap_to_receiver(
 
     assert unpack_result_bob.message == message
     assert unpack_result_bob.metadata.re_wrapped_in_forward
+
+
+@pytest.mark.asyncio
+async def test_unwrap_re_wrapping_forward_mode_for_no_re_wrapping(
+    resolvers_config_alice, resolvers_config_bob, resolvers_config_mediator1
+):
+    # ALICE
+    message = Message(
+        body={"aaa": 1, "bbb": 2},
+        id="1234567890",
+        type="my-protocol/1.0",
+        to=[BOB_DID],
+        created_time=1516269022,
+        expires_time=1516385931,
+    )
+    pack_result = await pack_encrypted(
+        resolvers_config=resolvers_config_alice,
+        message=message,
+        to=BOB_DID,
+    )
+
+    # BOB MEDIATOR 1
+    unpack_result_mediator = await unpack(
+        resolvers_config_mediator1,
+        pack_result.packed_msg,
+        unpack_config=UnpackConfig(unwrap_re_wrapping_forward=True),
+    )
+
+    msg_mediator_as_dict = unpack_result_mediator.message.as_dict()
+    assert is_forward(msg_mediator_as_dict)
+    forward_message = ForwardMessage.from_dict(msg_mediator_as_dict)
+    assert forward_message.body.next == BOB_DID
+    assert not unpack_result_mediator.metadata.re_wrapped_in_forward
+
+    # BOB
+    unpack_result_bob = await unpack(
+        resolvers_config_bob,
+        forward_message.forwarded_msg,
+        unpack_config=UnpackConfig(unwrap_re_wrapping_forward=True),
+    )
+
+    assert unpack_result_bob.message == message
+    assert not unpack_result_bob.metadata.re_wrapped_in_forward

tests/unit/unpack/test_unpack_plaintext_with_from_prior.py

@@ -14,7 +14,7 @@
         "to": ["did:example:bob"],
         "created_time": 1516269022,
         "expires_time": 1516385931,
-        "from_prior": "eyJ0eXAiOiJKV1QiLCJhbGciOiJFZERTQSIsImtpZCI6ImRpZDpleGFtcGxlOmNoYXJsaWUja2V5LTEifQ.eyJpc3MiOiJkaWQ6ZXhhbXBsZTpjaGFybGllIiwic3ViIjoiZGlkOmV4YW1wbGU6YWxpY2UiLCJhdWQiOiIxMjMiLCJleHAiOjEyMzQsIm5iZiI6MTIzNDUsImlhdCI6MTIzNDU2LCJqdGkiOiJkZmcifQ.9F1o6duu_lC6LTZN-RN3R6uUl_p63ma30i8nNu2xoCmOc-lE9G1z1-iZ2jZ81kFmq5aOMyhcVXat6TOGJdcVDA",
+        "from_prior": "eyJhbGciOiJFZERTQSIsInR5cCI6IkpXVCIsImtpZCI6ImRpZDpleGFtcGxlOmNoYXJsaWUja2V5LTEifQ.eyJpc3MiOiJkaWQ6ZXhhbXBsZTpjaGFybGllIiwic3ViIjoiZGlkOmV4YW1wbGU6YWxpY2UiLCJhdWQiOiIxMjMiLCJleHAiOjEyMzQsIm5iZiI6MTIzNDUsImlhdCI6MTIzNDU2LCJqdGkiOiJkZmcifQ.xIdfOLizPZMOZPAqMatEuBk0OrVge6jN1nxYlWUISz0XUXdW6TbwDbMgTinx2CLxtxev_gqEuZw5c98E3-eaAQ",
         "body": {"messagespecificattribute": "and its value"},
     }
 )