diff --git a/crates/bbs/src/lib.rs b/crates/bbs/src/lib.rs index 2ce0b6c70..9d5d89b65 100644 --- a/crates/bbs/src/lib.rs +++ b/crates/bbs/src/lib.rs @@ -85,7 +85,7 @@ impl MultiSigningMethod for Multikey { Bbs::Baseline { header } => Signature::>::sign( Some(messages), secret, - &pk, + pk, Some(&header), ) .map_err(MessageSignatureError::signature_failed)? @@ -99,7 +99,7 @@ impl MultiSigningMethod for Multikey { let signer_blind = signer_blind.map(|b| BlindFactor::from_bytes(&b).unwrap()); BlindSignature::>::blind_sign( secret, - &pk, + pk, commitment_with_proof.as_deref(), Some(&header), Some(messages), diff --git a/crates/claims/core/src/verification/mod.rs b/crates/claims/core/src/verification/mod.rs index 430dd73d4..0a34f9a56 100644 --- a/crates/claims/core/src/verification/mod.rs +++ b/crates/claims/core/src/verification/mod.rs @@ -104,6 +104,19 @@ pub enum Invalid { Proof(#[from] InvalidProof), } +/// Arbitrary resource provider. +pub trait ResourceProvider { + /// Returns a reference to the resource of type `T`. + fn get_resource(&self) -> &T; +} + +/// Anything can return the unit resource. +impl ResourceProvider<()> for T { + fn get_resource(&self) -> &() { + &() + } +} + /// Type that provides a public key resolver. pub trait ResolverProvider { /// Public key resolver. diff --git a/crates/claims/crates/data-integrity/core/src/canonicalization.rs b/crates/claims/crates/data-integrity/core/src/canonicalization.rs index 2c6596c8e..449f3dbb3 100644 --- a/crates/claims/crates/data-integrity/core/src/canonicalization.rs +++ b/crates/claims/crates/data-integrity/core/src/canonicalization.rs @@ -39,7 +39,7 @@ where context: &C, data: &T, proof_configuration: ProofConfigurationRef<'_, S>, - _transformation_options: Option>, + _transformation_options: TransformationOptions, ) -> Result { let mut ld = LdEnvironment::default(); diff --git a/crates/claims/crates/data-integrity/core/src/proof/mod.rs b/crates/claims/crates/data-integrity/core/src/proof/mod.rs index 18a8e1ae6..ee77a36c9 100644 --- a/crates/claims/crates/data-integrity/core/src/proof/mod.rs +++ b/crates/claims/crates/data-integrity/core/src/proof/mod.rs @@ -1,12 +1,14 @@ use crate::suite::bounds::{OptionsRefOf, SignatureRefOf, VerificationMethodRefOf}; -use crate::suite::{CryptographicSuiteVerification, SerializeCryptographicSuite}; +use crate::suite::{ + CryptographicSuiteVerification, InputVerificationOptions, SerializeCryptographicSuite, +}; use crate::{ CloneCryptographicSuite, CryptographicSuite, DataIntegrity, DebugCryptographicSuite, DeserializeCryptographicSuite, }; use educe::Educe; use serde::{Deserialize, Serialize}; -use ssi_claims_core::{AttachProof, ProofValidationError, ProofValidity}; +use ssi_claims_core::{AttachProof, ProofValidationError, ProofValidity, ResourceProvider}; use ssi_core::{one_or_many::OneOrManyRef, OneOrMany}; use ssi_verification_methods_core::{ProofPurpose, ReferenceOrOwned}; use std::collections::BTreeMap; @@ -221,14 +223,18 @@ impl fmt::Debug for Proof { impl ssi_claims_core::ValidateProof for Proof where S: CryptographicSuiteVerification, + V: ResourceProvider>, { async fn validate_proof<'a>( &'a self, verifier: &'a V, claims: &'a T, ) -> Result { + let transformation_options = self + .suite() + .configure_verification(verifier.get_resource())?; self.suite() - .verify_proof(verifier, claims, self.borrowed()) + .verify_proof(verifier, claims, self.borrowed(), transformation_options) .await } } @@ -327,6 +333,7 @@ impl From>> for Proofs { impl ssi_claims_core::ValidateProof for Proofs where S: CryptographicSuiteVerification, + V: ResourceProvider>, { async fn validate_proof<'a>( &'a self, diff --git a/crates/claims/crates/data-integrity/core/src/suite/configuration.rs b/crates/claims/crates/data-integrity/core/src/suite/configuration.rs index a0eb2ed1e..dc62e7ae6 100644 --- a/crates/claims/crates/data-integrity/core/src/suite/configuration.rs +++ b/crates/claims/crates/data-integrity/core/src/suite/configuration.rs @@ -1,6 +1,6 @@ use std::marker::PhantomData; -use ssi_claims_core::SignatureError; +use ssi_claims_core::{ProofValidationError, SignatureError}; use ssi_json_ld::syntax::Context; use crate::{CryptographicSuite, ProofConfiguration, ProofOptions}; @@ -8,13 +8,16 @@ use crate::{CryptographicSuite, ProofConfiguration, ProofOptions}; pub type InputVerificationMethod = <::Configuration as ConfigurationAlgorithm>::InputVerificationMethod; pub type InputSuiteOptions = - <::Configuration as ConfigurationAlgorithm>::InputProofOptions; + <::Configuration as ConfigurationAlgorithm>::InputSuiteOptions; pub type InputProofOptions = ProofOptions, InputSuiteOptions>; pub type InputSignatureOptions = <::Configuration as ConfigurationAlgorithm>::InputSignatureOptions; +pub type InputVerificationOptions = + <::Configuration as ConfigurationAlgorithm>::InputVerificationOptions; + pub type TransformationOptions = <::Configuration as ConfigurationAlgorithm>::TransformationOptions; @@ -48,41 +51,72 @@ impl From for SignatureError { } } +impl From for ProofValidationError { + fn from(value: ConfigurationError) -> Self { + Self::other(value) + } +} + pub trait ConfigurationAlgorithm { /// Input type for the verification method. type InputVerificationMethod; /// Input suite-specific proof options. - type InputProofOptions; + /// + /// These options are stored in the `proof` object. + type InputSuiteOptions; - /// Input signature options. + /// Input suite-specific signature options. + /// + /// These options do not appear in the `proof` object. type InputSignatureOptions; + /// Input suite-specific verification options. + /// + /// These options do not appear in the `proof` object. + type InputVerificationOptions; + /// Document transformation options. type TransformationOptions; - fn configure( + fn configure_signature( suite: &S, - proof_options: ProofOptions, - signature_options: Self::InputSignatureOptions, + proof_options: ProofOptions, + signature_options: InputSignatureOptions, ) -> Result<(ProofConfiguration, Self::TransformationOptions), ConfigurationError>; + + fn configure_verification( + suite: &S, + verification_options: &InputVerificationOptions, + ) -> Result; } pub struct NoConfiguration; impl ConfigurationAlgorithm for NoConfiguration { type InputVerificationMethod = S::VerificationMethod; - type InputProofOptions = S::ProofOptions; + type InputSuiteOptions = S::ProofOptions; + type InputSignatureOptions = (); + + type InputVerificationOptions = (); + type TransformationOptions = (); - fn configure( + fn configure_signature( suite: &S, proof_options: ProofOptions, - _: (), - ) -> Result<(ProofConfiguration, ()), ConfigurationError> { + _: InputSignatureOptions, + ) -> Result<(ProofConfiguration, Self::TransformationOptions), ConfigurationError> { Ok((proof_options.into_configuration(suite.clone())?, ())) } + + fn configure_verification( + _suite: &S, + _verification_options: &InputVerificationOptions, + ) -> Result { + Ok(()) + } } pub struct AddProofContext(PhantomData); @@ -92,15 +126,16 @@ where C: Default + Into, { type InputVerificationMethod = S::VerificationMethod; - type InputProofOptions = S::ProofOptions; + type InputSuiteOptions = S::ProofOptions; type InputSignatureOptions = (); + type InputVerificationOptions = (); type TransformationOptions = (); - fn configure( + fn configure_signature( suite: &S, options: ProofOptions, - _: (), - ) -> Result<(ProofConfiguration, ()), ConfigurationError> { + _: InputSignatureOptions, + ) -> Result<(ProofConfiguration, Self::TransformationOptions), ConfigurationError> { let mut result = options.into_configuration(suite.clone())?; result.context = match result.context { None => Some(C::default().into()), @@ -110,4 +145,11 @@ where }; Ok((result, ())) } + + fn configure_verification( + _suite: &S, + _verification_options: &InputVerificationOptions, + ) -> Result { + Ok(()) + } } diff --git a/crates/claims/crates/data-integrity/core/src/suite/mod.rs b/crates/claims/crates/data-integrity/core/src/suite/mod.rs index d740f4065..26e078be3 100644 --- a/crates/claims/crates/data-integrity/core/src/suite/mod.rs +++ b/crates/claims/crates/data-integrity/core/src/suite/mod.rs @@ -58,12 +58,20 @@ pub trait CryptographicSuite: Clone { fn type_(&self) -> TypeRef; /// Generates a proof configuration from input options. - fn configure( + fn configure_signature( &self, proof_options: InputProofOptions, signature_options: InputSignatureOptions, ) -> Result<(ProofConfiguration, TransformationOptions), ConfigurationError> { - Self::Configuration::configure(self, proof_options, signature_options) + Self::Configuration::configure_signature(self, proof_options, signature_options) + } + + /// Generates a proof configuration from input options. + fn configure_verification( + &self, + verification_options: &InputVerificationOptions, + ) -> Result, ConfigurationError> { + Self::Configuration::configure_verification(self, verification_options) } /// Generates a verifiable document secured with this cryptographic suite. @@ -81,7 +89,7 @@ pub trait CryptographicSuite: Clone { Self: CryptographicSuiteSigning, { let (proof_configuration, transformation_options) = - self.configure(proof_options, signature_options)?; + self.configure_signature(proof_options, signature_options)?; let proof_configuration_ref = proof_configuration.borrowed(); let signature = self .generate_signature( diff --git a/crates/claims/crates/data-integrity/core/src/suite/standard/mod.rs b/crates/claims/crates/data-integrity/core/src/suite/standard/mod.rs index 395d039f7..952ca6f3c 100644 --- a/crates/claims/crates/data-integrity/core/src/suite/standard/mod.rs +++ b/crates/claims/crates/data-integrity/core/src/suite/standard/mod.rs @@ -1,7 +1,9 @@ //! Cryptographic suites. use std::borrow::Cow; -use ssi_claims_core::{ProofValidationError, ProofValidity, ResolverProvider, SignatureError}; +use ssi_claims_core::{ + ProofValidationError, ProofValidity, ResolverProvider, ResourceProvider, SignatureError, +}; use ssi_verification_methods_core::{Signer, VerificationMethodResolver, VerificationMethodSet}; use crate::{CryptographicSuite, ProofConfigurationRef, ProofRef, TypeRef}; @@ -20,7 +22,7 @@ pub use verification::*; use super::{ ConfigurationAlgorithm, CryptographicSuiteSigning, CryptographicSuiteVerification, - TransformationOptions, + InputVerificationOptions, TransformationOptions, }; // mod test_bbs; @@ -59,7 +61,7 @@ pub trait StandardCryptographicSuite: Clone { context: &C, unsecured_document: &T, proof_configuration: ProofConfigurationRef<'_, Self>, - transformation_options: Option>, + transformation_options: TransformationOptions, ) -> Result, TransformationError> where Self::Transformation: TypedTransformationAlgorithm, @@ -143,12 +145,7 @@ where .await?; let transformed = self - .transform( - context, - claims, - proof_configuration, - Some(transformation_options), - ) + .transform(context, claims, proof_configuration, transformation_options) .await?; let hashed = self.hash(transformed, proof_configuration, &method)?; @@ -165,7 +162,7 @@ where impl CryptographicSuiteVerification for S where - V: ResolverProvider, + V: ResolverProvider + ResourceProvider>, V::Resolver: VerificationMethodResolver, S::Transformation: TypedTransformationAlgorithm, S::SignatureAlgorithm: VerificationAlgorithm, @@ -175,6 +172,7 @@ where verifier: &V, claims: &C, proof: ProofRef<'_, Self>, + transformation_options: TransformationOptions, ) -> Result { let options = ssi_verification_methods_core::ResolutionOptions { accept: Some(Box::new(Self::VerificationMethod::type_set())), @@ -189,7 +187,12 @@ where let proof_configuration = proof.configuration(); let transformed = self - .transform(verifier, claims, proof_configuration, None) + .transform( + verifier, + claims, + proof_configuration, + transformation_options, + ) .await?; let hashed = self.hash(transformed, proof_configuration, &method)?; diff --git a/crates/claims/crates/data-integrity/core/src/suite/standard/transformation.rs b/crates/claims/crates/data-integrity/core/src/suite/standard/transformation.rs index 44c3ca90f..94c1d653c 100644 --- a/crates/claims/crates/data-integrity/core/src/suite/standard/transformation.rs +++ b/crates/claims/crates/data-integrity/core/src/suite/standard/transformation.rs @@ -72,7 +72,7 @@ pub trait TypedTransformationAlgorithm: context: &C, data: &T, proof_configuration: ProofConfigurationRef, - transformation_options: Option>, + transformation_options: TransformationOptions, ) -> Result; } @@ -82,14 +82,14 @@ impl TransformationAlgorithm for JsonObjectTransformat type Output = json_syntax::Object; } -impl TypedTransformationAlgorithm +impl TypedTransformationAlgorithm for JsonObjectTransformation { async fn transform( _context: &C, data: &T, _options: ProofConfigurationRef<'_, S>, - _transformation_options: Option>, + _transformation_options: TransformationOptions, ) -> Result { json_syntax::to_value(data) .map_err(TransformationError::JsonSerialization)? diff --git a/crates/claims/crates/data-integrity/core/src/suite/standard/verification.rs b/crates/claims/crates/data-integrity/core/src/suite/standard/verification.rs index 8b9da6ee6..8537660ea 100644 --- a/crates/claims/crates/data-integrity/core/src/suite/standard/verification.rs +++ b/crates/claims/crates/data-integrity/core/src/suite/standard/verification.rs @@ -5,7 +5,7 @@ use crate::{CryptographicSuite, ProofRef}; pub trait VerificationAlgorithm { fn verify( method: &S::VerificationMethod, - prepared_claims: S::PreparedClaims, + prepared_claims: ::PreparedClaims, proof: ProofRef, ) -> Result; } diff --git a/crates/claims/crates/data-integrity/core/src/suite/verification.rs b/crates/claims/crates/data-integrity/core/src/suite/verification.rs index 599a2e47b..b0106ca58 100644 --- a/crates/claims/crates/data-integrity/core/src/suite/verification.rs +++ b/crates/claims/crates/data-integrity/core/src/suite/verification.rs @@ -1,4 +1,4 @@ -use super::CryptographicSuite; +use super::{CryptographicSuite, TransformationOptions}; use crate::ProofRef; use ssi_claims_core::{ProofValidationError, ProofValidity}; @@ -9,5 +9,6 @@ pub trait CryptographicSuiteVerification: CryptographicSuite { verifier: &V, claims: &T, proof: ProofRef<'_, Self>, + transformation_options: TransformationOptions, ) -> Result; } diff --git a/crates/claims/crates/data-integrity/src/any/macros.rs b/crates/claims/crates/data-integrity/src/any/macros.rs index f53bf8706..26bcfb827 100644 --- a/crates/claims/crates/data-integrity/src/any/macros.rs +++ b/crates/claims/crates/data-integrity/src/any/macros.rs @@ -182,6 +182,7 @@ macro_rules! crypto_suites { verifier: &V, claims: &T, proof: ssi_data_integrity_core::ProofRef<'_, Self>, + transformation_options: () ) -> Result { match self { $( @@ -197,7 +198,8 @@ macro_rules! crypto_suites { &ssi_data_integrity_suites::$name, &verifier, claims, - Self::project_proof(proof) + Self::project_proof(proof), + transformation_options ).await }, )* @@ -398,11 +400,12 @@ macro_rules! crypto_suites { #[allow(unused_variables)] impl ssi_data_integrity_core::suite::ConfigurationAlgorithm for AnyConfigurationAlgorithm { type InputVerificationMethod = ssi_verification_methods::AnyMethod; - type InputProofOptions = crate::AnyInputSuiteOptions; + type InputSuiteOptions = crate::AnyInputSuiteOptions; type InputSignatureOptions = (); + type InputVerificationOptions = (); type TransformationOptions = (); - fn configure( + fn configure_signature( suite: &AnySuite, options: ssi_data_integrity_core::suite::InputProofOptions, signature_options: () @@ -415,7 +418,7 @@ macro_rules! crypto_suites { options )?; - let (proof_configuration, transformation_options) = ::configure( + let (proof_configuration, transformation_options) = ::configure_signature( &ssi_data_integrity_suites::$name, options, signature_options @@ -437,6 +440,13 @@ macro_rules! crypto_suites { )) } } + + fn configure_verification( + _suite: &AnySuite, + _verification_options: &() + ) -> Result<(), ssi_data_integrity_core::suite::ConfigurationError> { + Ok(()) + } } #[derive(Debug, Clone)] diff --git a/crates/claims/crates/data-integrity/suites/src/suites/unspecified/eip712_signature_2021.rs b/crates/claims/crates/data-integrity/suites/src/suites/unspecified/eip712_signature_2021.rs index 60dfdb26a..443b3b730 100644 --- a/crates/claims/crates/data-integrity/suites/src/suites/unspecified/eip712_signature_2021.rs +++ b/crates/claims/crates/data-integrity/suites/src/suites/unspecified/eip712_signature_2021.rs @@ -112,7 +112,7 @@ where context: &C, data: &T, proof_configuration: ProofConfigurationRef<'_, Eip712Signature2021>, - _transformation_options: Option<()>, + _transformation_options: (), ) -> Result { let mut ld = LdEnvironment::default(); diff --git a/crates/claims/crates/data-integrity/suites/src/suites/w3c/bbs_2023/derive.rs b/crates/claims/crates/data-integrity/suites/src/suites/w3c/bbs_2023/derive.rs index 8845cd749..0d1972fe0 100644 --- a/crates/claims/crates/data-integrity/suites/src/suites/w3c/bbs_2023/derive.rs +++ b/crates/claims/crates/data-integrity/suites/src/suites/w3c/bbs_2023/derive.rs @@ -232,7 +232,7 @@ where let bbs_proof = match (&feature_option, &decoded_base_proof.description) { (DerivedFeatureOption::Baseline, Bbs2023SignatureDescription::Baseline) => proof_gen( - &pk, + pk, &decoded_base_proof.signature_bytes, &decoded_base_proof.bbs_header, presentation_header, diff --git a/crates/claims/crates/data-integrity/suites/src/suites/w3c/bbs_2023/mod.rs b/crates/claims/crates/data-integrity/suites/src/suites/w3c/bbs_2023/mod.rs index 28fb0315a..cd4929498 100644 --- a/crates/claims/crates/data-integrity/suites/src/suites/w3c/bbs_2023/mod.rs +++ b/crates/claims/crates/data-integrity/suites/src/suites/w3c/bbs_2023/mod.rs @@ -10,7 +10,7 @@ use ssi_di_sd_primitives::JsonPointerBuf; use ssi_verification_methods::Multikey; pub(crate) mod transformation; -pub use transformation::{Bbs2023Transformation, Transformed}; +pub use transformation::{Bbs2023Transformation, Bbs2023TransformationOptions, Transformed}; mod hashing; pub use hashing::{Bbs2023Hashing, HashData}; @@ -60,7 +60,7 @@ impl TryFrom for Bbs2023 { } #[derive(Clone)] -pub struct Bbs2023InputOptions { +pub struct Bbs2023SignatureOptions { pub mandatory_pointers: Vec, pub feature_option: FeatureOption, @@ -91,20 +91,33 @@ impl ConfigurationAlgorithm for Bbs2023Configuration { type InputVerificationMethod = Multikey; /// Input suite-specific proof options. - type InputProofOptions = (); + type InputSuiteOptions = (); /// Input signature options. - type InputSignatureOptions = Bbs2023InputOptions; + type InputSignatureOptions = Bbs2023SignatureOptions; + + type InputVerificationOptions = (); /// Document transformation options. - type TransformationOptions = Bbs2023InputOptions; + type TransformationOptions = Bbs2023TransformationOptions; - fn configure( + fn configure_signature( type_: &Bbs2023, options: InputProofOptions, - signature_options: Bbs2023InputOptions, - ) -> Result<(ProofConfiguration, Bbs2023InputOptions), ConfigurationError> { + signature_options: Bbs2023SignatureOptions, + ) -> Result<(ProofConfiguration, Bbs2023TransformationOptions), ConfigurationError> + { let proof_configuration = options.into_configuration(*type_)?; - Ok((proof_configuration, signature_options)) + Ok(( + proof_configuration, + Bbs2023TransformationOptions::BaseSignature(signature_options), + )) + } + + fn configure_verification( + _suite: &Bbs2023, + _verification_options: &ssi_data_integrity_core::suite::InputVerificationOptions, + ) -> Result { + Ok(Bbs2023TransformationOptions::DerivedVerification) } } diff --git a/crates/claims/crates/data-integrity/suites/src/suites/w3c/bbs_2023/signature/base.rs b/crates/claims/crates/data-integrity/suites/src/suites/w3c/bbs_2023/signature/base.rs index 0bccda0e6..6bcdf60da 100644 --- a/crates/claims/crates/data-integrity/suites/src/suites/w3c/bbs_2023/signature/base.rs +++ b/crates/claims/crates/data-integrity/suites/src/suites/w3c/bbs_2023/signature/base.rs @@ -97,7 +97,7 @@ where Ok(Bbs2023Signature::encode_base( &signature, bbs_header, - &public_key, + public_key, hmac_key, mandatory_pointers, description, diff --git a/crates/claims/crates/data-integrity/suites/src/suites/w3c/bbs_2023/signature/mod.rs b/crates/claims/crates/data-integrity/suites/src/suites/w3c/bbs_2023/signature/mod.rs index b6dd98fff..cfb9a5458 100644 --- a/crates/claims/crates/data-integrity/suites/src/suites/w3c/bbs_2023/signature/mod.rs +++ b/crates/claims/crates/data-integrity/suites/src/suites/w3c/bbs_2023/signature/mod.rs @@ -83,7 +83,7 @@ mod tests { use crate::{ bbs_2023::{ - hashing::BaseHashData, transformation::TransformedBase, Bbs2023InputOptions, + hashing::BaseHashData, transformation::TransformedBase, Bbs2023SignatureOptions, FeatureOption, HashData, HmacKey, }, Bbs2023, @@ -185,7 +185,7 @@ _:b5 \"2023\"^^( loader: &impl ssi_json_ld::Loader, unsecured_document: &T, canonical_configuration: Vec, - transform_options: Bbs2023InputOptions, + transform_options: Bbs2023SignatureOptions, ) -> Result where T: JsonLdNodeObject + Expandable, @@ -84,7 +84,10 @@ mod tests { use ssi_verification_methods::{ProofPurpose, ReferenceOrOwned}; use crate::{ - bbs_2023::{Bbs2023InputOptions, Bbs2023Transformation, FeatureOption, HmacKey}, + bbs_2023::{ + Bbs2023SignatureOptions, Bbs2023Transformation, Bbs2023TransformationOptions, + FeatureOption, HmacKey, + }, Bbs2023, }; @@ -165,7 +168,7 @@ mod tests { &context, &*UNSIGNED_BASE_DOCUMENT, proof_configuration.borrowed(), - Some(Bbs2023InputOptions { + Bbs2023TransformationOptions::BaseSignature(Bbs2023SignatureOptions { mandatory_pointers: MANDATORY_POINTERS.clone(), feature_option: FeatureOption::Baseline, commitment_with_proof: None, diff --git a/crates/claims/crates/data-integrity/suites/src/suites/w3c/bbs_2023/transformation/mod.rs b/crates/claims/crates/data-integrity/suites/src/suites/w3c/bbs_2023/transformation/mod.rs index c1f4f8cf6..66a5a5af1 100644 --- a/crates/claims/crates/data-integrity/suites/src/suites/w3c/bbs_2023/transformation/mod.rs +++ b/crates/claims/crates/data-integrity/suites/src/suites/w3c/bbs_2023/transformation/mod.rs @@ -1,4 +1,4 @@ -use super::{Bbs2023InputOptions, HmacKey}; +use super::{Bbs2023SignatureOptions, HmacKey}; use crate::Bbs2023; use hmac::Hmac; use k256::sha2::Sha256; @@ -32,7 +32,7 @@ where context: &C, unsecured_document: &T, proof_configuration: ProofConfigurationRef<'_, Bbs2023>, - transformation_options: Option, + transformation_options: Bbs2023TransformationOptions, ) -> Result { let canonical_configuration = proof_configuration .expand(context, unsecured_document) @@ -41,15 +41,17 @@ where .nquads_lines(); match transformation_options { - Some(transform_options) => base::base_proof_transformation( - context.loader(), - unsecured_document, - canonical_configuration, - transform_options, - ) - .await - .map(Transformed::Base), - None => derived::create_verify_data1( + Bbs2023TransformationOptions::BaseSignature(transform_options) => { + base::base_proof_transformation( + context.loader(), + unsecured_document, + canonical_configuration, + transform_options, + ) + .await + .map(Transformed::Base) + } + Bbs2023TransformationOptions::DerivedVerification => derived::create_verify_data1( context.loader(), unsecured_document, canonical_configuration, @@ -104,7 +106,7 @@ impl Transformed { /// See: #[derive(Clone)] pub struct TransformedBase { - pub options: Bbs2023InputOptions, + pub options: Bbs2023SignatureOptions, pub mandatory: Vec, pub non_mandatory: Vec, pub hmac_key: HmacKey, @@ -117,3 +119,9 @@ pub struct TransformedDerived { pub quads: Vec, pub canonical_id_map: NormalizingSubstitution, } + +#[derive(Clone)] +pub enum Bbs2023TransformationOptions { + BaseSignature(Bbs2023SignatureOptions), + DerivedVerification, +} diff --git a/crates/claims/crates/data-integrity/suites/src/suites/w3c/bbs_2023/verification.rs b/crates/claims/crates/data-integrity/suites/src/suites/w3c/bbs_2023/verification.rs index 477f7b1c9..f7ff118b8 100644 --- a/crates/claims/crates/data-integrity/suites/src/suites/w3c/bbs_2023/verification.rs +++ b/crates/claims/crates/data-integrity/suites/src/suites/w3c/bbs_2023/verification.rs @@ -44,7 +44,7 @@ impl VerificationAlgorithm for Bbs2023SignatureAlgorithm { match data.feature_option { DerivedFeatureOption::Baseline => proof_verify( - &public_key, + public_key, &data.base_signature, &bbs_header, data.presentation_header.as_deref(), diff --git a/crates/claims/crates/data-integrity/suites/src/suites/w3c/ethereum_eip712_signature_2021.rs b/crates/claims/crates/data-integrity/suites/src/suites/w3c/ethereum_eip712_signature_2021.rs index 68cd4620f..58fd527c1 100644 --- a/crates/claims/crates/data-integrity/suites/src/suites/w3c/ethereum_eip712_signature_2021.rs +++ b/crates/claims/crates/data-integrity/suites/src/suites/w3c/ethereum_eip712_signature_2021.rs @@ -275,7 +275,7 @@ where context: &C, data: &T, proof_configuration: ProofConfigurationRef<'_, S>, - _transformation_options: Option>, + _transformation_options: TransformationOptions, ) -> Result { let types = match proof_configuration.options.types() { Some(TypesOrURI::Object(types)) => Some(types.clone()),