feat: migrate refimpls from draft-00 to draft-01 claim names

- Rename `par` to `pred` (predecessor) in types, serialization, tests - Remove `pol`, `pol_decision` from core payload; move to `ect_ext` - Remove `sub` from payload (not part of ECT spec) - Update `typ` from `wimse-exec+jwt` to `exec+jwt` (accept both) - Rename MaxParLength to MaxPredLength everywhere - Update testdata, demos, READMEs with migration table - All Go tests pass, all 56 Python tests pass (90% coverage)
2026-04-03 10:55:58 +02:00
parent ba044f6626
commit 884d2dc836
33 changed files with 416 additions and 481 deletions
--- a/refimpl/go-lang/ect/verify_test.go
+++ b/refimpl/go-lang/ect/verify_test.go
@@ -11,15 +11,13 @@ func TestParse(t *testing.T) {
 	key, _ := GenerateKey()
 	now := time.Now()
 	payload := &Payload{
-		Iss:         "iss",
-		Aud:         []string{"aud"},
-		Iat:         now.Unix(),
-		Exp:         now.Add(time.Hour).Unix(),
-		Jti:         "jti-parse",
-		ExecAct:     "act",
-		Par:         []string{},
-		Pol:         "pol",
-		PolDecision: PolDecisionApproved,
+		Iss:     "iss",
+		Aud:     []string{"aud"},
+		Iat:     now.Unix(),
+		Exp:     now.Add(time.Hour).Unix(),
+		Jti:     "jti-parse",
+		ExecAct: "act",
+		Pred:    []string{},
 	}
 	compact, err := Create(payload, key, CreateOptions{KeyID: "kid"})
 	if err != nil {
@@ -50,15 +48,13 @@ func TestVerify_Expired(t *testing.T) {
 	key, _ := GenerateKey()
 	now := time.Now()
 	payload := &Payload{
-		Iss:         "iss",
-		Aud:         []string{"verifier"},
-		Iat:         now.Add(-1 * time.Hour).Unix(),
-		Exp:         now.Add(-1 * time.Minute).Unix(),
-		Jti:         "jti-exp",
-		ExecAct:     "act",
-		Par:         []string{},
-		Pol:         "pol",
-		PolDecision: PolDecisionApproved,
+		Iss:     "iss",
+		Aud:     []string{"verifier"},
+		Iat:     now.Add(-1 * time.Hour).Unix(),
+		Exp:     now.Add(-1 * time.Minute).Unix(),
+		Jti:     "jti-exp",
+		ExecAct: "act",
+		Pred:    []string{},
 	}
 	compact, _ := Create(payload, key, CreateOptions{KeyID: "kid"})
 	resolver := func(kid string) (*ecdsa.PublicKey, error) {
@@ -81,15 +77,13 @@ func TestVerify_Replay(t *testing.T) {
 	key, _ := GenerateKey()
 	now := time.Now()
 	payload := &Payload{
-		Iss:         "iss",
-		Aud:         []string{"v"},
-		Iat:         now.Unix(),
-		Exp:         now.Add(time.Hour).Unix(),
-		Jti:         "jti-replay",
-		ExecAct:     "act",
-		Par:         []string{},
-		Pol:         "p",
-		PolDecision: PolDecisionApproved,
+		Iss:     "iss",
+		Aud:     []string{"v"},
+		Iat:     now.Unix(),
+		Exp:     now.Add(time.Hour).Unix(),
+		Jti:     "jti-replay",
+		ExecAct: "act",
+		Pred:    []string{},
 	}
 	compact, _ := Create(payload, key, CreateOptions{KeyID: "kid"})
 	resolver := func(kid string) (*ecdsa.PublicKey, error) {
@@ -125,7 +119,7 @@ func TestVerify_WITSubjectMismatch(t *testing.T) {
 	now := time.Now()
 	payload := &Payload{
 		Iss: "iss", Aud: []string{"v"}, Iat: now.Unix(), Exp: now.Add(time.Hour).Unix(),
-		Jti: "jti-wit", ExecAct: "act", Par: []string{}, Pol: "p", PolDecision: PolDecisionApproved,
+		Jti: "jti-wit", ExecAct: "act", Pred: []string{},
 	}
 	compact, _ := Create(payload, key, CreateOptions{KeyID: "kid"})
 	resolver := func(kid string) (*ecdsa.PublicKey, error) {
@@ -147,7 +141,7 @@ func TestVerify_IATTooFarPast(t *testing.T) {
 	now := time.Now()
 	payload := &Payload{
 		Iss: "iss", Aud: []string{"v"}, Iat: now.Add(-1 * time.Hour).Unix(), Exp: now.Add(time.Hour).Unix(),
-		Jti: "jti-iat", ExecAct: "act", Par: []string{}, Pol: "p", PolDecision: PolDecisionApproved,
+		Jti: "jti-iat", ExecAct: "act", Pred: []string{},
 	}
 	compact, _ := Create(payload, key, CreateOptions{KeyID: "kid"})
 	resolver := func(kid string) (*ecdsa.PublicKey, error) {
@@ -169,7 +163,7 @@ func TestVerify_IATInFuture(t *testing.T) {
 	now := time.Now()
 	payload := &Payload{
 		Iss: "iss", Aud: []string{"v"}, Iat: now.Add(60 * time.Second).Unix(), Exp: now.Add(2 * time.Hour).Unix(),
-		Jti: "jti-fut", ExecAct: "act", Par: []string{}, Pol: "p", PolDecision: PolDecisionApproved,
+		Jti: "jti-fut", ExecAct: "act", Pred: []string{},
 	}
 	compact, _ := Create(payload, key, CreateOptions{KeyID: "kid"})
 	resolver := func(kid string) (*ecdsa.PublicKey, error) {
@@ -191,7 +185,7 @@ func TestVerify_ResolveKeyError(t *testing.T) {
 	now := time.Now()
 	payload := &Payload{
 		Iss: "iss", Aud: []string{"v"}, Iat: now.Unix(), Exp: now.Add(time.Hour).Unix(),
-		Jti: "jti-err", ExecAct: "act", Par: []string{}, Pol: "p", PolDecision: PolDecisionApproved,
+		Jti: "jti-err", ExecAct: "act", Pred: []string{},
 	}
 	compact, _ := Create(payload, key, CreateOptions{KeyID: "kid"})
 	resolver := func(kid string) (*ecdsa.PublicKey, error) {
@@ -211,7 +205,7 @@ func TestVerify_WithDAG(t *testing.T) {
 	now := time.Now()
 	root := &Payload{
 		Iss: "iss", Aud: []string{"v"}, Iat: now.Unix(), Exp: now.Add(time.Hour).Unix(),
-		Jti: "jti-root", ExecAct: "act", Par: []string{}, Pol: "p", PolDecision: PolDecisionApproved,
+		Jti: "jti-root", ExecAct: "act", Pred: []string{},
 	}
 	compactRoot, _ := Create(root, key, CreateOptions{KeyID: "kid"})
 	resolver := func(kid string) (*ecdsa.PublicKey, error) {
@@ -230,7 +224,7 @@ func TestVerify_WithDAG(t *testing.T) {
 	_, _ = ledger.Append(compactRoot, parsed.Payload)
 	child := &Payload{
 		Iss: "iss", Aud: []string{"v"}, Iat: now.Unix() + 1, Exp: now.Add(time.Hour).Unix(),
-		Jti: "jti-child", ExecAct: "act2", Par: []string{"jti-root"}, Pol: "p", PolDecision: PolDecisionApproved,
+		Jti: "jti-child", ExecAct: "act2", Pred: []string{"jti-root"},
 	}
 	compactChild, _ := Create(child, key, CreateOptions{KeyID: "kid"})
 	parsed2, err := Verify(compactChild, opts)