Lazy Multikey decoding.

crates/bbs/src/lib.rs

@@ -77,7 +77,7 @@ impl MultiSigningMethod<BBSplusSecretKey, Bbs> for Multikey {
     ) -> Result<Vec<u8>, MessageSignatureError> {
         use zkryptium::schemes::generics::{BlindSignature, Signature};
 
-        let DecodedMultikey::Bls12_381(pk) = self.decode()? else {
+        let DecodedMultikey::Bls12_381(pk) = self.public_key.decode()? else {
             return Err(MessageSignatureError::InvalidPublicKey);
         };
 

crates/claims/crates/data-integrity/suites/src/suites/w3c/bbs_2023/derive.rs

@@ -226,7 +226,7 @@ where
         .map(|quad| format!("{quad} .\n").into_bytes())
         .collect();
 
-    let DecodedMultikey::Bls12_381(pk) = verification_method.decode()? else {
+    let DecodedMultikey::Bls12_381(pk) = verification_method.public_key.decode()? else {
         return Err(DeriveError::InvalidPublicKey);
     };
 

crates/claims/crates/data-integrity/suites/src/suites/w3c/bbs_2023/hashing.rs

@@ -5,6 +5,7 @@ use ssi_data_integrity_core::{
     ProofConfigurationRef,
 };
 use ssi_rdf::{urdna2015::NormalizingSubstitution, IntoNQuads};
+use ssi_verification_methods::Multikey;
 
 use crate::Bbs2023;
 
@@ -21,6 +22,7 @@ impl HashingAlgorithm<Bbs2023> for Bbs2023Hashing {
     fn hash(
         input: TransformedData<Bbs2023>,
         _proof_configuration: ProofConfigurationRef<Bbs2023>,
+        _verification_method: &Multikey,
     ) -> Result<Self::Output, HashingError> {
         match input {
             Transformed::Base(t) => {

crates/claims/crates/data-integrity/suites/src/suites/w3c/bbs_2023/signature/base.rs

@@ -22,7 +22,7 @@ where
     T::MessageSigner: MultiMessageSigner<Bbs>,
 {
     // See: <https://www.w3.org/TR/vc-di-bbs/#base-proof-serialization-bbs-2023>
-    let DecodedMultikey::Bls12_381(public_key) = verification_method.decode()? else {
+    let DecodedMultikey::Bls12_381(public_key) = verification_method.public_key.decode()? else {
         return Err(SignatureError::InvalidPublicKey);
     };
     let feature_option = hash_data.transformed_document.options.feature_option;
@@ -44,7 +44,7 @@ where
 
     let message_signer = signer
         .for_method(Cow::Borrowed(verification_method))
-        .await
+        .await?
         .ok_or(SignatureError::MissingSigner)?;
 
     let (algorithm, description) = match feature_option {

crates/claims/crates/data-integrity/suites/src/suites/w3c/bbs_2023/tests/mod.rs

@@ -10,7 +10,7 @@ use lazy_static::lazy_static;
 use rdf_types::{BlankIdBuf, VocabularyMut};
 use serde::{Deserialize, Serialize};
 use ssi_bbs::{BBSplusPublicKey, BBSplusSecretKey};
-use ssi_claims_core::{ClaimsValidity, Validate};
+use ssi_claims_core::{ClaimsValidity, ValidateClaims};
 use ssi_di_sd_primitives::JsonPointerBuf;
 use ssi_json_ld::{JsonLdError, JsonLdNodeObject, JsonLdObject, JsonLdTypes};
 use ssi_rdf::{Interpretation, LdEnvironment, LinkedDataResource, LinkedDataSubject};
@@ -43,8 +43,8 @@ impl JsonLdNodeObject for JsonCredential {
     }
 }
 
-impl<E, P> Validate<E, P> for JsonCredential {
-    fn validate(&self, _env: &E, _proof: &P) -> ClaimsValidity {
+impl<E, P> ValidateClaims<E, P> for JsonCredential {
+    fn validate_claims(&self, _env: &E, _proof: &P) -> ClaimsValidity {
         Ok(())
     }
 }

crates/claims/crates/data-integrity/suites/src/suites/w3c/bbs_2023/transformation/mod.rs

@@ -9,7 +9,7 @@ use ssi_data_integrity_core::{
     ProofConfigurationRef,
 };
 use ssi_di_sd_primitives::canonicalize::create_hmac_id_label_map_function;
-use ssi_json_ld::{ContextLoaderEnvironment, Expandable, ExpandedDocument, JsonLdNodeObject};
+use ssi_json_ld::{Expandable, ExpandedDocument, JsonLdLoaderProvider, JsonLdNodeObject};
 use ssi_rdf::{urdna2015::NormalizingSubstitution, LexicalInterpretation};
 use std::collections::HashMap;
 
@@ -24,7 +24,7 @@ impl TransformationAlgorithm<Bbs2023> for Bbs2023Transformation {
 
 impl<T, C> TypedTransformationAlgorithm<Bbs2023, T, C> for Bbs2023Transformation
 where
-    C: ContextLoaderEnvironment,
+    C: JsonLdLoaderProvider,
     T: Serialize + JsonLdNodeObject + Expandable,
     T::Expanded<LexicalInterpretation, ()>: Into<ExpandedDocument>,
 {

crates/claims/crates/data-integrity/suites/src/suites/w3c/bbs_2023/verification.rs

@@ -25,7 +25,7 @@ impl VerificationAlgorithm<Bbs2023> for Bbs2023SignatureAlgorithm {
                 // Verify Derived Proof algorithm.
                 // See: <https://www.w3.org/TR/vc-di-bbs/#verify-derived-proof-bbs-2023>
 
-                let DecodedMultikey::Bls12_381(public_key) = method.decode()? else {
+                let DecodedMultikey::Bls12_381(public_key) = method.public_key.decode()? else {
                     return Err(ProofValidationError::InvalidKey);
                 };
 
@@ -120,7 +120,7 @@ fn create_verify_data3<'a>(
 
 #[cfg(test)]
 mod tests {
-    use ssi_claims_core::VerifiableClaims;
+    use ssi_claims_core::VerificationParameters;
     use ssi_data_integrity_core::DataIntegrity;
     use ssi_verification_methods::Multikey;
     use static_iref::uri;
@@ -144,6 +144,7 @@ mod tests {
         let mut methods = HashMap::new();
         methods.insert(VERIFICATION_METHOD_IRI.to_owned(), verification_method);
 
-        assert!(document.verify(&methods).await.unwrap().is_ok())
+        let params = VerificationParameters::from_resolver(methods);
+        assert!(document.verify(params).await.unwrap().is_ok())
     }
 }

crates/claims/crates/data-integrity/suites/src/suites/w3c/ecdsa_rdfc_2019.rs

@@ -2,8 +2,6 @@
 //!
 //! See: <https://www.w3.org/TR/vc-di-ecdsa/#ecdsa-rdfc-2019>
 use core::fmt;
-
-use k256::sha2::{Sha256, Sha384};
 use ssi_data_integrity_core::{
     canonicalization::{
         CanonicalClaimsAndConfiguration, CanonicalizeClaimsAndConfiguration,
@@ -14,9 +12,9 @@ use ssi_data_integrity_core::{
         standard::{HashingAlgorithm, HashingError},
         NoConfiguration,
     },
-    ProofConfigurationRef, StandardCryptographicSuite, TypeRef,
+    CryptosuiteStr, ProofConfigurationRef, StandardCryptographicSuite, TypeRef,
 };
-use ssi_verification_methods::Multikey;
+use ssi_verification_methods::{multikey::DecodedMultikey, Multikey};
 use static_iref::iri;
 
 /// The `ecdsa-rdfc-2019` cryptosuite.
@@ -45,7 +43,7 @@ impl StandardCryptographicSuite for EcdsaRdfc2019 {
     type ProofOptions = ();
 
     fn type_(&self) -> TypeRef {
-        TypeRef::DataIntegrityProof("ecdsa-rdfc-2019")
+        TypeRef::DataIntegrityProof(CryptosuiteStr::new("ecdsa-rdfc-2019").unwrap())
     }
 }
 
@@ -59,19 +57,29 @@ impl HashingAlgorithm<EcdsaRdfc2019> for EcdsaRdfc2019HashingAlgorithm {
         proof_configuration: ProofConfigurationRef<EcdsaRdfc2019>,
         verification_method: &Multikey,
     ) -> Result<Self::Output, HashingError> {
-        match verification_method.public_key.codec() {
-            ssi_multicodec::P256_PUB => HashCanonicalClaimsAndConfiguration::<Sha256>::hash(
-                input,
-                proof_configuration,
-                verification_method,
-            )
-            .map(EcdsaRdfc2019Hash::Sha256),
-            ssi_multicodec::P384_PUB => HashCanonicalClaimsAndConfiguration::<Sha384>::hash(
-                input,
-                proof_configuration,
-                verification_method,
-            )
-            .map(EcdsaRdfc2019Hash::Sha384),
+        match verification_method
+            .public_key
+            .decode()
+            .map_err(|_| HashingError::InvalidKey)?
+        {
+            #[cfg(feature = "secp256r1")]
+            DecodedMultikey::P256(_) => {
+                HashCanonicalClaimsAndConfiguration::<k256::sha2::Sha256>::hash(
+                    input,
+                    proof_configuration,
+                    verification_method,
+                )
+                .map(EcdsaRdfc2019Hash::Sha256)
+            }
+            #[cfg(feature = "secp384r1")]
+            DecodedMultikey::P384(_) => {
+                HashCanonicalClaimsAndConfiguration::<k256::sha2::Sha384>::hash(
+                    input,
+                    proof_configuration,
+                    verification_method,
+                )
+                .map(EcdsaRdfc2019Hash::Sha384)
+            }
             _ => Err(HashingError::InvalidKey),
         }
     }
@@ -117,9 +125,15 @@ impl<O> AlgorithmSelection<Multikey, O> for ES256OrES384 {
         verification_method: &Multikey,
         _options: &O,
     ) -> Result<Self, AlgorithmSelectionError> {
-        match verification_method.public_key.codec() {
-            ssi_multicodec::P256_PUB => Ok(Self::ES256),
-            ssi_multicodec::P384_PUB => Ok(Self::ES384),
+        match verification_method
+            .public_key
+            .decode()
+            .map_err(|_| AlgorithmSelectionError::InvalidKey)?
+        {
+            #[cfg(feature = "secp256r1")]
+            DecodedMultikey::P256(_) => Ok(Self::ES256),
+            #[cfg(feature = "secp384r1")]
+            DecodedMultikey::P384(_) => Ok(Self::ES384),
             _ => Err(AlgorithmSelectionError::InvalidKey),
         }
     }

crates/claims/crates/data-integrity/suites/tests/suite.rs

@@ -85,10 +85,7 @@ impl VerificationMethodResolver for MultikeyRing {
                     Ok(Cow::Owned(ssi_verification_methods::Multikey {
                         id: id.to_owned(),
                         controller: UriBuf::new(controller.to_owned().into_bytes()).unwrap(),
-                        public_key: ssi_verification_methods::multikey::PublicKey::decode(
-                            public_key,
-                        )
-                        .unwrap(),
+                        public_key: public_key.into(),
                     }))
                 }
                 None => Err(VerificationMethodResolutionError::UnknownKey),

crates/multicodec/src/lib.rs

@@ -5,7 +5,7 @@ pub use codec::*;
 
 include!(concat!(env!("OUT_DIR"), "/table.rs"));
 
-#[derive(Debug, thiserror::Error)]
+#[derive(Debug, Clone, thiserror::Error)]
 pub enum Error {
     #[error(transparent)]
     Varint(#[from] unsigned_varint::decode::Error),