diff --git a/src/data_types/w3c/constants.rs b/src/data_types/w3c/constants.rs index 8b6eb03b..3fd48386 100644 --- a/src/data_types/w3c/constants.rs +++ b/src/data_types/w3c/constants.rs @@ -6,7 +6,7 @@ use crate::data_types::w3c::uri::URI; // Contexts pub const W3C_CONTEXT: &str = "https://www.w3.org/2018/credentials/v1"; -pub const W3C_ANONCREDS_CONTEXT: &str = "https://github.io/anoncreds-w3c/context.json"; // FIXME: Change address +pub const W3C_ANONCREDS_CONTEXT: &str = "https://raw.githubusercontent.com/hyperledger/anoncreds-spec/main/data/anoncreds-w3c-context.json"; // Types pub const W3C_CREDENTIAL_TYPE: &str = "VerifiableCredential"; diff --git a/src/data_types/w3c/credential.rs b/src/data_types/w3c/credential.rs index 455b6c35..da10c65e 100644 --- a/src/data_types/w3c/credential.rs +++ b/src/data_types/w3c/credential.rs @@ -6,7 +6,9 @@ use std::string::ToString; use zeroize::Zeroize; use crate::data_types::w3c::constants::{ANONCREDS_CONTEXTS, ANONCREDS_CREDENTIAL_TYPES}; -use crate::data_types::w3c::credential_proof::{CredentialProof, CredentialSignatureProof}; +use crate::data_types::w3c::credential_proof::{ + CredentialProof, CredentialSignatureProof, NonAnonCredsDataIntegrityProof, +}; use crate::data_types::w3c::presentation_proof::{CredentialPresentationProof, PredicateAttribute}; use crate::data_types::{ cred_def::CredentialDefinitionId, @@ -348,6 +350,18 @@ impl W3CCredential { } } + pub fn add_anoncreds_signature_proof(&mut self, proof: CredentialSignatureProof) { + self.add_proof(CredentialProof::AnonCredsSignatureProof(proof)); + } + + pub fn add_non_anoncreds_integrity_proof(&mut self, proof: NonAnonCredsDataIntegrityProof) { + self.add_proof(CredentialProof::NonAnonCredsDataIntegrityProof(proof)); + } + + pub fn set_anoncreds_presentation_proof(&mut self, proof: CredentialPresentationProof) { + self.proof = OneOrMany::One(CredentialProof::AnonCredsCredentialPresentationProof(proof)); + } + pub fn get_credential_signature_proof(&self) -> Result<&CredentialSignatureProof> { self.proof .get_value(&|proof: &CredentialProof| proof.get_credential_signature_proof()) @@ -390,15 +404,15 @@ impl W3CCredential { Ok(()) } - pub fn schema_id(&self) -> &SchemaId { + pub fn get_schema_id(&self) -> &SchemaId { &self.credential_schema.schema } - pub fn cred_def_id(&self) -> &CredentialDefinitionId { + pub fn get_cred_def_id(&self) -> &CredentialDefinitionId { &self.credential_schema.definition } - pub fn rev_reg_id(&self) -> Option<&RevocationRegistryDefinitionId> { + pub fn get_rev_reg_id(&self) -> Option<&RevocationRegistryDefinitionId> { if let Some(credential_status) = self.credential_status.as_ref() { match credential_status.type_ { CredentialStatusType::AnonCredsCredentialStatusList2023 => { diff --git a/src/data_types/w3c/credential_proof.rs b/src/data_types/w3c/credential_proof.rs index f17a85bb..f9fe4c06 100644 --- a/src/data_types/w3c/credential_proof.rs +++ b/src/data_types/w3c/credential_proof.rs @@ -1,5 +1,6 @@ use crate::data_types::w3c::presentation_proof::CredentialPresentationProof; use crate::utils::encoded_object::EncodedObject; +use crate::Result; use anoncreds_clsignatures::{ CredentialSignature as CLCredentialSignature, RevocationRegistry, SignatureCorrectnessProof, Witness, @@ -14,7 +15,7 @@ pub enum CredentialProof { NonAnonCredsDataIntegrityProof(NonAnonCredsDataIntegrityProof), } -#[derive(Debug, Clone, Default, PartialEq, Eq, Serialize, Deserialize)] +#[derive(Debug, Clone, Serialize, Deserialize)] pub struct CredentialSignatureProof { #[serde(rename = "type")] pub type_: CredentialSignatureType, @@ -29,7 +30,7 @@ impl CredentialSignatureProof { } } - pub fn get_credential_signature(&self) -> crate::Result { + pub fn get_credential_signature(&self) -> Result { match self.type_ { CredentialSignatureType::AnonCredsProof2023 => { CredentialSignature::decode(&self.signature) @@ -53,7 +54,7 @@ impl Default for CredentialSignatureType { } impl CredentialProof { - pub fn get_credential_signature_proof(&self) -> crate::Result<&CredentialSignatureProof> { + pub fn get_credential_signature_proof(&self) -> Result<&CredentialSignatureProof> { match self { CredentialProof::AnonCredsSignatureProof(ref signature) => Ok(signature), _ => Err(err_msg!( @@ -64,7 +65,7 @@ impl CredentialProof { pub(crate) fn get_mut_credential_signature_proof( &mut self, - ) -> crate::Result<&mut CredentialSignatureProof> { + ) -> Result<&mut CredentialSignatureProof> { match self { CredentialProof::AnonCredsSignatureProof(ref mut signature) => Ok(signature), _ => Err(err_msg!( @@ -73,7 +74,7 @@ impl CredentialProof { } } - pub fn get_presentation_proof(&self) -> crate::Result<&CredentialPresentationProof> { + pub fn get_presentation_proof(&self) -> Result<&CredentialPresentationProof> { match self { CredentialProof::AnonCredsCredentialPresentationProof(ref proof) => Ok(proof), _ => Err(err_msg!( diff --git a/src/data_types/w3c/presentation_proof.rs b/src/data_types/w3c/presentation_proof.rs index 6d4a8159..5105fb73 100644 --- a/src/data_types/w3c/presentation_proof.rs +++ b/src/data_types/w3c/presentation_proof.rs @@ -1,5 +1,6 @@ use crate::data_types::pres_request::{PredicateInfo, PredicateTypes}; use crate::utils::encoded_object::EncodedObject; +use crate::Result; use anoncreds_clsignatures::{AggregatedProof, SubProof}; use std::collections::HashSet; @@ -46,7 +47,7 @@ impl CredentialPresentationProof { } } - pub fn get_proof_value(&self) -> crate::Result { + pub fn get_proof_value(&self) -> Result { match self.type_ { PresentationProofType::AnonCredsPresentationProof2023 => { CredentialPresentationProofValue::decode(&self.proof_value) @@ -78,7 +79,7 @@ impl PresentationProof { } } - pub fn get_proof_value(&self) -> crate::Result { + pub fn get_proof_value(&self) -> Result { match self.type_ { PresentationProofType::AnonCredsPresentationProof2023 => { PresentationProofValue::decode(&self.proof_value) diff --git a/src/ffi/w3c/credential.rs b/src/ffi/w3c/credential.rs index 263f7954..b3af072d 100644 --- a/src/ffi/w3c/credential.rs +++ b/src/ffi/w3c/credential.rs @@ -6,7 +6,7 @@ use ffi_support::{rust_string_to_c, FfiStr}; use crate::data_types::credential::CredentialValuesEncoding; use crate::data_types::w3c::credential::CredentialAttributes; use crate::data_types::w3c::credential::W3CCredential; -use crate::data_types::w3c::credential_proof::{CredentialProof, NonAnonCredsDataIntegrityProof}; +use crate::data_types::w3c::credential_proof::NonAnonCredsDataIntegrityProof; use crate::data_types::w3c::uri::URI; use crate::error::Result; use crate::ffi::credential::{FfiCredRevInfo, _link_secret, _revocation_config}; @@ -202,7 +202,7 @@ pub extern "C" fn anoncreds_w3c_credential_add_non_anoncreds_integrity_proof( let mut cred = cred.load()?.cast_ref::()?.clone(); - cred.add_proof(CredentialProof::NonAnonCredsDataIntegrityProof(proof)); + cred.add_non_anoncreds_integrity_proof(proof); let cred = ObjectHandle::create(cred)?; unsafe { *cred_p = cred }; @@ -357,10 +357,10 @@ pub extern "C" fn anoncreds_w3c_credential_get_attribute( let cred = handle.load()?; let cred = cred.cast_ref::()?; let val = match name.as_opt_str().unwrap_or_default() { - "schema_id" => rust_string_to_c(cred.schema_id().clone()), - "cred_def_id" => rust_string_to_c(cred.cred_def_id().to_string()), + "schema_id" => rust_string_to_c(cred.get_schema_id().clone()), + "cred_def_id" => rust_string_to_c(cred.get_cred_def_id().to_string()), "rev_reg_id" => cred - .rev_reg_id() + .get_rev_reg_id() .map_or(ptr::null_mut(), |s| rust_string_to_c(s.to_string())), "rev_reg_index" => cred .get_credential_signature_proof()? diff --git a/src/services/issuer.rs b/src/services/issuer.rs index 429dcbb7..c414d36e 100644 --- a/src/services/issuer.rs +++ b/src/services/issuer.rs @@ -714,9 +714,7 @@ pub fn create_credential( ); let (credential_signature, signature_correctness_proof, rev_reg_id, rev_reg, witness) = - _create_credential( - cred_def, - cred_def_private, + CLCredentialIssuer::init(cred_def, cred_def_private)?.create_credential( cred_offer, cred_request, &cred_values, @@ -742,66 +740,102 @@ pub fn create_credential( Ok(credential) } -#[allow(clippy::too_many_arguments)] -#[allow(clippy::type_complexity)] -pub(crate) fn _create_credential( - cred_def: &CredentialDefinition, - cred_def_private: &CredentialDefinitionPrivate, - cred_offer: &CredentialOffer, - cred_request: &CredentialRequest, - cred_values: &CredentialValues, - revocation_config: Option, -) -> Result<( - anoncreds_clsignatures::CredentialSignature, - SignatureCorrectnessProof, - Option, - Option, - Option, -)> { - let cred_public_key: anoncreds_clsignatures::CredentialPublicKey = - cred_def.get_public_key().map_err(err_map!( +pub(crate) struct CLCredentialIssuer<'a> { + cred_def: &'a CredentialDefinition, + cred_def_private: &'a CredentialDefinitionPrivate, +} + +impl<'a> CLCredentialIssuer<'a> { + pub(crate) fn init( + cred_def: &'a CredentialDefinition, + cred_def_private: &'a CredentialDefinitionPrivate, + ) -> Result> { + Ok(CLCredentialIssuer { + cred_def, + cred_def_private, + }) + } + + #[allow(clippy::type_complexity)] + pub(crate) fn create_credential( + &self, + cred_offer: &CredentialOffer, + cred_request: &CredentialRequest, + cred_values: &CredentialValues, + revocation_config: Option, + ) -> Result<( + anoncreds_clsignatures::CredentialSignature, + SignatureCorrectnessProof, + Option, + Option, + Option, + )> { + let cred_public_key = self.cred_def.get_public_key().map_err(err_map!( Unexpected, "Error fetching public key from credential definition" ))?; - let cred_values = build_credential_values(cred_values, None)?; - - if let Some(rev_config) = revocation_config { - let rev_reg_def: &RevocationRegistryDefinitionValue = &rev_config.reg_def.value; - let rev_reg: Option = rev_config.status_list.into(); - let mut rev_reg = rev_reg.ok_or_else(|| { - err_msg!( - Unexpected, - "RevocationStatusList should have accumulator value" - ) - })?; - - let status = rev_config - .status_list - .get(rev_config.registry_idx as usize) - .ok_or_else(|| { + let cred_values = build_credential_values(cred_values, None)?; + + if let Some(rev_config) = revocation_config { + let rev_reg_def: &RevocationRegistryDefinitionValue = &rev_config.reg_def.value; + let rev_reg: Option = rev_config.status_list.into(); + let mut rev_reg = rev_reg.ok_or_else(|| { err_msg!( - "Revocation status list does not have the index {}", - rev_config.registry_idx + Unexpected, + "RevocationStatusList should have accumulator value" ) })?; - // This will be a temporary solution for the `issuance_on_demand` vs - // `issuance_by_default` state. Right now, we pass in the revcation status list and - // we check in this list whether the provided idx (revocation_config.registry_idx) - // is inside the revocation status list. If it is not in there we hit an edge case, - // which should not be possible within the happy flow. - // - // If the index is inside the revocation status list we check whether it is set to - // `true` or `false` within the bitvec. - // When it is set to `true`, or 1, we invert the value. This means that we use - // `issuance_on_demand`. - // When it is set to `false`, or 0, we invert the value. This means that we use - // `issuance_by_default`. - let issuance_by_default = !status; - - let (credential_signature, signature_correctness_proof, witness, _opt_delta) = - Issuer::sign_credential_with_revoc( + let status = rev_config + .status_list + .get(rev_config.registry_idx as usize) + .ok_or_else(|| { + err_msg!( + "Revocation status list does not have the index {}", + rev_config.registry_idx + ) + })?; + + // This will be a temporary solution for the `issuance_on_demand` vs + // `issuance_by_default` state. Right now, we pass in the revcation status list and + // we check in this list whether the provided idx (revocation_config.registry_idx) + // is inside the revocation status list. If it is not in there we hit an edge case, + // which should not be possible within the happy flow. + // + // If the index is inside the revocation status list we check whether it is set to + // `true` or `false` within the bitvec. + // When it is set to `true`, or 1, we invert the value. This means that we use + // `issuance_on_demand`. + // When it is set to `false`, or 0, we invert the value. This means that we use + // `issuance_by_default`. + let issuance_by_default = !status; + + let (credential_signature, signature_correctness_proof, witness, _opt_delta) = + Issuer::sign_credential_with_revoc( + &cred_request.entropy()?, + &cred_request.blinded_ms, + &cred_request.blinded_ms_correctness_proof, + cred_offer.nonce.as_native(), + cred_request.nonce.as_native(), + &cred_values, + &cred_public_key, + &self.cred_def_private.value, + rev_config.registry_idx, + rev_reg_def.max_cred_num, + issuance_by_default, + &mut rev_reg, + &rev_config.reg_def_private.value, + )?; + Ok(( + credential_signature, + signature_correctness_proof, + rev_config.status_list.id(), + Some(rev_reg), + Some(witness), + )) + } else { + let (signature, correctness_proof) = Issuer::sign_credential( &cred_request.entropy()?, &cred_request.blinded_ms, &cred_request.blinded_ms_correctness_proof, @@ -809,32 +843,10 @@ pub(crate) fn _create_credential( cred_request.nonce.as_native(), &cred_values, &cred_public_key, - &cred_def_private.value, - rev_config.registry_idx, - rev_reg_def.max_cred_num, - issuance_by_default, - &mut rev_reg, - &rev_config.reg_def_private.value, + &self.cred_def_private.value, )?; - Ok(( - credential_signature, - signature_correctness_proof, - rev_config.status_list.id(), - Some(rev_reg), - Some(witness), - )) - } else { - let (signature, correctness_proof) = Issuer::sign_credential( - &cred_request.entropy()?, - &cred_request.blinded_ms, - &cred_request.blinded_ms_correctness_proof, - cred_offer.nonce.as_native(), - cred_request.nonce.as_native(), - &cred_values, - &cred_public_key, - &cred_def_private.value, - )?; - Ok((signature, correctness_proof, None, None, None)) + Ok((signature, correctness_proof, None, None, None)) + } } } diff --git a/src/services/prover.rs b/src/services/prover.rs index 919234ba..9616e1a5 100644 --- a/src/services/prover.rs +++ b/src/services/prover.rs @@ -252,12 +252,11 @@ pub fn process_credential( trace!("process_credential >>> credential: {:?}, cred_request_metadata: {:?}, link_secret: {:?}, cred_def: {:?}, rev_reg_def: {:?}", credential, cred_request_metadata, secret!(&link_secret), cred_def, rev_reg_def); - _process_credential( + CLCredentialProver::init(link_secret)?.process_credential( &mut credential.signature, &credential.signature_correctness_proof, &credential.values, cred_request_metadata, - link_secret, cred_def, rev_reg_def, credential.rev_reg.as_ref(), @@ -269,42 +268,6 @@ pub fn process_credential( Ok(()) } -#[allow(clippy::too_many_arguments)] -pub fn _process_credential( - signature: &mut CLCredentialSignature, - signature_correctness_proof: &SignatureCorrectnessProof, - credential_values: &CredentialValues, - cred_request_metadata: &CredentialRequestMetadata, - link_secret: &LinkSecret, - cred_def: &CredentialDefinition, - rev_reg_def: Option<&RevocationRegistryDefinition>, - rev_reg: Option<&RevocationRegistry>, - witness: Option<&Witness>, -) -> Result<()> { - let credential_pub_key = CredentialPublicKey::build_from_parts( - &cred_def.value.primary, - cred_def.value.revocation.as_ref(), - )?; - let credential_values = build_credential_values(credential_values, Some(link_secret))?; - let rev_pub_key = rev_reg_def.map(|d| &d.value.public_keys.accum_key); - - Prover::process_credential_signature( - signature, - &credential_values, - signature_correctness_proof, - &cred_request_metadata.link_secret_blinding_data, - &credential_pub_key, - cred_request_metadata.nonce.as_native(), - rev_pub_key, - rev_reg, - witness, - )?; - - trace!("process_credential <<< "); - - Ok(()) -} - /// Process an incoming credential as received from the issuer. /// /// # Example @@ -802,6 +765,52 @@ fn update_requested_proof( Ok(()) } +pub(crate) struct CLCredentialProver<'a> { + link_secret: &'a LinkSecret, +} + +impl<'a> CLCredentialProver<'a> { + pub(crate) fn init(link_secret: &'a LinkSecret) -> Result> { + Ok(CLCredentialProver { link_secret }) + } + + #[allow(clippy::type_complexity)] + pub(crate) fn process_credential( + &self, + signature: &mut CLCredentialSignature, + signature_correctness_proof: &SignatureCorrectnessProof, + credential_values: &CredentialValues, + cred_request_metadata: &CredentialRequestMetadata, + cred_def: &CredentialDefinition, + rev_reg_def: Option<&RevocationRegistryDefinition>, + rev_reg: Option<&RevocationRegistry>, + witness: Option<&Witness>, + ) -> Result<()> { + let credential_pub_key = CredentialPublicKey::build_from_parts( + &cred_def.value.primary, + cred_def.value.revocation.as_ref(), + )?; + let credential_values = build_credential_values(credential_values, Some(self.link_secret))?; + let rev_pub_key = rev_reg_def.map(|d| &d.value.public_keys.accum_key); + + Prover::process_credential_signature( + signature, + &credential_values, + signature_correctness_proof, + &cred_request_metadata.link_secret_blinding_data, + &credential_pub_key, + cred_request_metadata.nonce.as_native(), + rev_pub_key, + rev_reg, + witness, + )?; + + trace!("process_credential <<< "); + + Ok(()) + } +} + pub(crate) struct CLProofBuilder<'a> { proof_builder: ProofBuilder, non_credential_schema: NonCredentialSchema, diff --git a/src/services/w3c/credential_conversion.rs b/src/services/w3c/credential_conversion.rs index 8be99aaa..2417b92e 100644 --- a/src/services/w3c/credential_conversion.rs +++ b/src/services/w3c/credential_conversion.rs @@ -3,9 +3,7 @@ use crate::data_types::credential::CredentialValuesEncoding; use crate::data_types::w3c::credential::{ CredentialAttributes, CredentialSchema, CredentialStatus, W3CCredential, }; -use crate::data_types::w3c::credential_proof::{ - CredentialProof, CredentialSignature, CredentialSignatureProof, -}; +use crate::data_types::w3c::credential_proof::{CredentialSignature, CredentialSignatureProof}; use crate::types::Credential; use crate::utils::validation::Validatable; use crate::Error; @@ -122,7 +120,7 @@ pub fn credential_to_w3c( w3c_credential.set_credential_status(CredentialStatus::new(rev_reg_id)) } w3c_credential.set_attributes(attributes); - w3c_credential.add_proof(CredentialProof::AnonCredsSignatureProof(proof)); + w3c_credential.add_anoncreds_signature_proof(proof); trace!( "w3c_process_credential <<< w3c_credential {:?}", @@ -220,9 +218,9 @@ pub fn credential_from_w3c(w3c_credential: &W3CCredential) -> Result>> cred_def: {:?}, cred_def_private: {:?}, cred_offer.nonce: {:?}, cred_request: {:?},\ cred_values: {:?}, revocation_config: {:?}", cred_def, secret!(&cred_def_private), &cred_offer.nonce, &cred_request, secret!(&raw_credential_values), revocation_config, - ); + ); let encoding = encoding.unwrap_or_default(); let credential_values = raw_credential_values.encode(&encoding)?; let (credential_signature, signature_correctness_proof, rev_reg_id, rev_reg, witness) = - _create_credential( - cred_def, - cred_def_private, + CLCredentialIssuer::init(cred_def, cred_def_private)?.create_credential( cred_offer, cred_request, &credential_values, @@ -117,20 +113,20 @@ pub fn create_credential( rev_reg, witness, ); - let mut credential = W3CCredential::new(); - credential.set_issuer(cred_def.issuer_id.to_owned()); - credential.set_credential_schema(CredentialSchema::new( + let proof = CredentialSignatureProof::new(signature); + let credential_schema = CredentialSchema::new( cred_offer.schema_id.to_owned(), cred_offer.cred_def_id.to_owned(), encoding, - )); - if let Some(rev_reg_id) = rev_reg_id { - credential.set_credential_status(CredentialStatus::new(rev_reg_id)); - } + ); + + let mut credential = W3CCredential::new(); + credential.set_issuer(cred_def.issuer_id.to_owned()); + credential.set_credential_schema(credential_schema); credential.set_attributes(raw_credential_values); - credential.add_proof(CredentialProof::AnonCredsSignatureProof( - CredentialSignatureProof::new(signature), - )); + credential.add_anoncreds_signature_proof(proof); + rev_reg_id + .map(|rev_reg_id| credential.set_credential_status(CredentialStatus::new(rev_reg_id))); trace!( "create_w3c_credential <<< credential {:?}", diff --git a/src/services/w3c/prover.rs b/src/services/w3c/prover.rs index d690cfe7..9c85792b 100644 --- a/src/services/w3c/prover.rs +++ b/src/services/w3c/prover.rs @@ -2,7 +2,6 @@ use crate::data_types::cred_def::{CredentialDefinition, CredentialDefinitionId}; use crate::data_types::pres_request::PresentationRequestPayload; use crate::data_types::schema::{Schema, SchemaId}; use crate::data_types::w3c::credential::{CredentialSubject, W3CCredential}; -use crate::data_types::w3c::one_or_many::OneOrMany; use crate::data_types::w3c::presentation::W3CPresentation; use crate::error::Result; use crate::types::{ @@ -11,14 +10,12 @@ use crate::types::{ }; use crate::utils::validation::Validatable; -use crate::data_types::w3c::credential_proof::{ - CredentialProof, CredentialSignature, CredentialSignatureProof, -}; +use crate::data_types::w3c::credential_proof::{CredentialSignature, CredentialSignatureProof}; use crate::data_types::w3c::presentation_proof::{ CredentialAttributesMapping, CredentialPresentationProof, CredentialPresentationProofValue, PredicateAttribute, PresentationProof, PresentationProofValue, }; -use crate::prover::{CLProofBuilder, _process_credential}; +use crate::prover::{CLCredentialProver, CLProofBuilder}; use std::collections::HashMap; /// Process an incoming credential in W3C form as received from the issuer. @@ -112,12 +109,11 @@ pub fn process_credential( let proof = w3c_credential.get_mut_credential_signature_proof()?; let mut signature = proof.get_credential_signature()?; - _process_credential( + CLCredentialProver::init(link_secret)?.process_credential( &mut signature.signature, &signature.signature_correctness_proof, &cred_values, cred_request_metadata, - link_secret, cred_def, rev_reg_def, signature.rev_reg.as_ref(), @@ -169,9 +165,9 @@ pub fn create_presentation( .encode(&credential.credential_schema.encoding)?; let proof = credential.get_credential_signature_proof()?; let signature = proof.get_credential_signature()?; - let schema_id = credential.schema_id(); - let cred_def_id = credential.cred_def_id(); - let rev_reg_id = credential.rev_reg_id(); + let schema_id = credential.get_schema_id(); + let cred_def_id = credential.get_cred_def_id(); + let rev_reg_id = credential.get_rev_reg_id(); proof_builder.add_sub_proof( &credential_values, @@ -196,16 +192,17 @@ pub fn create_presentation( // cl signatures generates sub proofs and aggregated at once at the end // so we need to iterate over credentials again an put sub proofs into their proofs for (present, sub_proof) in credentials.0.iter().zip(cl_proof.proofs) { - let mapping = build_mapping(pres_req, present)?; + let mapping = build_mapping(pres_req, &present)?; let credential_subject = build_credential_subject(pres_req, present)?; let proof_value = CredentialPresentationProofValue::new(sub_proof); - let proof = CredentialPresentationProof::new(proof_value, mapping, present.timestamp); - let verifiable_credential = W3CCredential { - credential_subject, - proof: OneOrMany::One(CredentialProof::AnonCredsCredentialPresentationProof(proof)), - ..present.cred.to_owned() - }; - presentation.add_verifiable_credential(verifiable_credential); + let proof = + CredentialPresentationProof::new(proof_value, mapping, present.timestamp); + + let mut credential = present.cred.to_owned(); + credential.set_anoncreds_presentation_proof(proof); + credential.set_attributes(credential_subject.attributes); + + presentation.add_verifiable_credential(credential); } trace!( diff --git a/src/services/w3c/verifier.rs b/src/services/w3c/verifier.rs index 2db433c3..57cf5dee 100644 --- a/src/services/w3c/verifier.rs +++ b/src/services/w3c/verifier.rs @@ -81,9 +81,9 @@ pub fn verify_presentation( for verifiable_credential in presentation.verifiable_credential.iter() { let credential_proof = verifiable_credential.get_presentation_proof()?; let proof_data = credential_proof.get_proof_value()?; - let schema_id = &verifiable_credential.schema_id(); - let cred_def_id = &verifiable_credential.cred_def_id(); - let rev_reg_id = verifiable_credential.rev_reg_id(); + let schema_id = &verifiable_credential.get_schema_id(); + let cred_def_id = &verifiable_credential.get_cred_def_id(); + let rev_reg_id = verifiable_credential.get_rev_reg_id(); let mut revealed_attribute: HashSet = credential_proof.mapping.revealed_attributes.clone(); @@ -104,7 +104,6 @@ pub fn verify_presentation( let valid = proof_verifier.verify(&proof)?; trace!("verify_w3c_presentation <<< valid: {:?}", valid); - Ok(valid) } @@ -124,9 +123,9 @@ fn collect_received_attrs_and_predicates( let presentation_proof = verifiable_credential.get_presentation_proof()?; let identifier: Identifier = Identifier { - schema_id: verifiable_credential.schema_id().to_owned(), - cred_def_id: verifiable_credential.cred_def_id().to_owned(), - rev_reg_id: verifiable_credential.rev_reg_id().cloned(), + schema_id: verifiable_credential.get_schema_id().to_owned(), + cred_def_id: verifiable_credential.get_cred_def_id().to_owned(), + rev_reg_id: verifiable_credential.get_rev_reg_id().cloned(), timestamp: None, }; for revealed_attribute in &presentation_proof.mapping.revealed_attributes { diff --git a/tests/anoncreds_demos.rs b/tests/anoncreds_demos.rs index fa4772e9..3416fd68 100644 --- a/tests/anoncreds_demos.rs +++ b/tests/anoncreds_demos.rs @@ -3345,9 +3345,7 @@ fn anoncreds_demo_works_for_issue_w3c_credential_add_identity_proof_present_w3c_ X16dUEMGlv50aqzpqh4Qktb3rk-BuQy72IFLOqV0G_zS245-kronKb78cPN25DGlcTwLtj PAYuNzVBAh4vGHSrQyHUdBBPM" }); - issue_cred.add_proof(CredentialProof::NonAnonCredsDataIntegrityProof( - rsa_signature, - )); + issue_cred.add_non_anoncreds_integrity_proof(rsa_signature); issue_cred.set_subject_id(URI::from("did:example:ebfeb1f712ebc6f1c276e12ec21")); issue_cred.add_context(URI::from("https://www.w3.org/2018/credentials/examples/v1")); issue_cred.add_type("AlumniCredential".to_string()); diff --git a/tests/utils/mock.rs b/tests/utils/mock.rs index 2dc95e5f..0fae5028 100644 --- a/tests/utils/mock.rs +++ b/tests/utils/mock.rs @@ -1160,6 +1160,6 @@ impl RevocableCredential for Credential { impl RevocableCredential for W3CCredential { fn rev_reg_id(&self) -> Option<&RevocationRegistryDefinitionId> { - self.rev_reg_id() + self.get_rev_reg_id() } }