Use vc-derive-credential to create a derived credential with selectiv…

…ely disclosed claims and a BBS+ signature vc-derive-credential, when combined with --nonce, now verifies a BBS+ derived credential Check hashes that are revealed from BBS+ derived credential verification with the claims in the derived credential. Turn off canonicalization for now if using BBS+. Update to_nquads_vec to into_nquads_vec, following new conventions
spruceid · Feb 1, 2023 · 957090c · 957090c
1 parent 3e7bebc
commit 957090c
Show file tree

Hide file tree

Showing 16 changed files with 585 additions and 24 deletions.
diff --git a/did-key/src/lib.rs b/did-key/src/lib.rs
@@ -197,7 +197,9 @@ impl DIDResolver for DIDKey {
             && data[1] == DID_KEY_BLS12381_G2_PREFIX[1]
         {
             {
-                if data.len() - 2 != 96 {
+                // A BBS+ public key may have more than one generator; hence, the length may
+                // exceed 96
+                if data.len() - 2 < 96 {
                     return (
                         ResolutionMetadata::from_error(ERROR_INVALID_DID),
                         None,

diff --git a/ssi-json-ld/Cargo.toml b/ssi-json-ld/Cargo.toml
@@ -21,9 +21,10 @@ futures = "0.3"
 lazy_static = "1.4"
 combination = "0.1"
 grdf = "0.16.2"
+hex = "0.4"
 ssi-contexts = { version = "0.1.3", path = "../contexts/" }
 ssi-crypto = { path = "../ssi-crypto", version = "0.1" }
 
 [dev-dependencies]
 difference = "2.0"
-nquads-syntax = "0.10.0"
+nquads-syntax = "0.10.0"
diff --git a/ssi-json-ld/src/lib.rs b/ssi-json-ld/src/lib.rs
@@ -487,6 +487,7 @@ where
     L::Context: Into<json_ld::syntax::context::Value<Span>>,
     L::ContextError: Send,
 {
+    eprintln!("json_to_dataset: enter");
     use json_ld::JsonLdProcessor;
 
     let options = Options {
@@ -500,10 +501,12 @@ where
     let doc = json_ld::RemoteDocument::new(None, None, json);
     let mut generator =
         rdf_types::generator::Blank::new_with_prefix("b".to_string()).with_default_metadata();
+    eprintln!("json_to_dataset: 1");
     let mut to_rdf = doc
         .to_rdf_using(&mut generator, loader, options)
         .await
         .map_err(Box::new)?;
+    eprintln!("json_to_dataset: 2");
     Ok(to_rdf
         .cloned_quads()
         .map(|q| {

diff --git a/ssi-json-ld/src/rdf.rs b/ssi-json-ld/src/rdf.rs
@@ -12,6 +12,7 @@ pub type DataSet =
 /// See <https://www.w3.org/TR/n-quads/>.
 pub trait IntoNQuads {
     fn into_nquads(self) -> String;
+    fn into_nquads_vec(self) -> Vec<String>;
 }
 
 impl<Q: IntoIterator> IntoNQuads for Q
@@ -27,6 +28,16 @@ where
         lines.dedup();
         lines.join("")
     }
+
+    fn into_nquads_vec(self) -> Vec<String> {
+        let mut lines = self
+        .into_iter()
+        .map(|quad| NQuadsStatement(quad.borrow()).to_string())
+        .collect::<Vec<String>>();
+        lines.sort();
+        lines.dedup();
+        lines
+    }
 }
 
 /// Wrapper to display an RDF Quad as an N-Quads statement.

diff --git a/ssi-jwk/Cargo.toml b/ssi-jwk/Cargo.toml
@@ -33,6 +33,8 @@ tezos = ["blake2b_simd", "secp256k1", "secp256r1", "bs58"]
 ring = ["dep:ring"]
 
 [dependencies]
+# todo make bbs optional based on bbs feature
+bbs = { version = "0.4" }
 num-bigint = "0.4"
 simple_asn1 = "^0.5.2"
 zeroize = { version = "1.5", features = ["zeroize_derive"] }

diff --git a/ssi-jwk/src/lib.rs b/ssi-jwk/src/lib.rs
@@ -6,6 +6,7 @@ use std::convert::TryFrom;
 use std::result::Result;
 use zeroize::Zeroize;
 pub mod error;
+use bbs::prelude::*;
 pub use error::Error;
 
 #[cfg(feature = "ripemd-160")]
@@ -255,6 +256,7 @@ pub enum Algorithm {
     ESKeccakKR,
     ESBlake2b,
     ESBlake2bK,
+    BLS12381G2,
     #[doc(hidden)]
     AleoTestnet1Signature,
     // Per the specs it should only be `none` but `None` is kept for backwards compatibility
@@ -337,6 +339,21 @@ impl JWK {
         crate::aleo::generate_private_key_jwk().map_err(Error::AleoGeneratePrivateKey)
     }
 
+    //#[cfg(feature = "bbs")]
+    pub fn generate_bls12381_2020() -> Result<JWK, Error> {
+        let (pk, sk) = Issuer::new_keys(100).unwrap();
+        let pk_bytes = pk.to_bytes_compressed_form();
+        let sk_bytes = sk.to_bytes_compressed_form().to_vec();
+
+        let params = Params::OKP(OctetParams {
+            curve: "Bls12381G2".to_string(),
+            public_key: Base64urlUInt(pk_bytes),
+            private_key: Some(Base64urlUInt(sk_bytes)),
+        });
+
+        Ok(JWK::from(params))
+    }
+
     pub fn get_algorithm(&self) -> Option<Algorithm> {
         if let Some(algorithm) = self.algorithm {
             return Some(algorithm);
@@ -348,6 +365,9 @@ impl JWK {
             Params::OKP(okp_params) if okp_params.curve == "Ed25519" => {
                 return Some(Algorithm::EdDSA);
             }
+            Params::OKP(okp_params) if okp_params.curve == "Bls12381G2" => {
+                return Some(Algorithm::BLS12381G2);
+            }
             #[cfg(feature = "aleo")]
             Params::OKP(okp_params) if okp_params.curve == crate::aleo::OKP_CURVE => {
                 return Some(Algorithm::AleoTestnet1Signature);

diff --git a/ssi-jws/Cargo.toml b/ssi-jws/Cargo.toml
@@ -32,6 +32,7 @@ tezos = ["ssi-jwk/tezos", "secp256k1", "secp256r1", "ed25519"]
 ring = ["ssi-jwk/ring", "dep:ring", "rand", "blake2"]
 
 [dependencies]
+bbs = { version = "0.4.1" }
 thiserror = "1.0"
 serde = { version = "1.0", features = ["derive"] }
 serde_json = "1.0"