diff --git a/Cargo.lock b/Cargo.lock index 0b0047b9..9cca0dfa 100644 --- a/Cargo.lock +++ b/Cargo.lock @@ -77,9 +77,9 @@ dependencies = [ "futures", "http-api-problem", "hyper 1.4.1", - "identity_core", - "identity_credential", - "identity_did", + "identity_core 1.3.1 (git+https://github.com/impierce/identity.rs?branch=fix/compile-fixes)", + "identity_credential 1.3.1 (git+https://github.com/impierce/identity.rs?branch=fix/compile-fixes)", + "identity_did 1.3.1 (git+https://github.com/impierce/identity.rs?branch=fix/compile-fixes)", "jsonwebtoken", "lazy_static", "mime", @@ -164,8 +164,8 @@ dependencies = [ "base64 0.22.1", "cqrs-es", "did_manager", - "identity_core", - "identity_credential", + "identity_core 1.3.1 (git+https://github.com/impierce/identity.rs?branch=fix/compile-fixes)", + "identity_credential 1.3.1 (git+https://github.com/impierce/identity.rs?branch=fix/compile-fixes)", "jsonwebtoken", "lazy_static", "mime", @@ -205,10 +205,10 @@ dependencies = [ "derivative", "did_manager", "futures", - "identity_core", - "identity_credential", - "identity_did", - "identity_document", + "identity_core 1.3.1 (git+https://github.com/impierce/identity.rs?branch=fix/compile-fixes)", + "identity_credential 1.3.1 (git+https://github.com/impierce/identity.rs?branch=fix/compile-fixes)", + "identity_did 1.3.1 (git+https://github.com/impierce/identity.rs?branch=fix/compile-fixes)", + "identity_document 1.3.1 (git+https://github.com/impierce/identity.rs?branch=fix/compile-fixes)", "jsonwebtoken", "lazy_static", "mime", @@ -241,8 +241,8 @@ dependencies = [ "cqrs-es", "derivative", "did_manager", - "identity_core", - "identity_credential", + "identity_core 1.3.1 (git+https://github.com/impierce/identity.rs?branch=fix/compile-fixes)", + "identity_credential 1.3.1 (git+https://github.com/impierce/identity.rs?branch=fix/compile-fixes)", "jsonwebtoken", "lazy_static", "oid4vc-core", @@ -287,6 +287,7 @@ name = "agent_shared" version = "0.1.0" dependencies = [ "async-trait", + "base64 0.22.1", "chrono", "config", "cqrs-es", @@ -337,12 +338,14 @@ dependencies = [ "anyhow", "async-std", "async-trait", + "base64 0.22.1", "chrono", "cqrs-es", "did_manager", "futures", - "identity_core", - "identity_credential", + "identity_core 1.3.1 (git+https://github.com/impierce/identity.rs?branch=fix/compile-fixes)", + "identity_credential 1.3.1 (git+https://github.com/impierce/identity.rs?branch=fix/compile-fixes)", + "identity_iota", "jsonwebtoken", "lazy_static", "oid4vc-core", @@ -351,6 +354,7 @@ dependencies = [ "oid4vp", "reqwest 0.12.5", "rstest", + "sd-jwt-payload 0.3.0 (git+https://github.com/iotaledger/sd-jwt-payload.git?rev=0300fc5)", "serde", "serde_json", "serial_test", @@ -1099,9 +1103,9 @@ dependencies = [ [[package]] name = "bls12_381_plus" -version = "0.8.15" +version = "0.8.17" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "dcdcbc984ce4bbbba587f9415ecfd5ed15c59b33defe276482c517b26a6a6716" +checksum = "68ed5f583bb45888c562e1f117f7f20ce86a640f1163c38fe665ac7a71190861" dependencies = [ "arrayref", "elliptic-curve 0.13.8", @@ -1442,7 +1446,7 @@ checksum = "f7144d30dcf0fafbce74250a3963025d8d52177934239851c917d29f1df280c2" [[package]] name = "consumer" version = "0.1.0" -source = "git+https://git@github.com/impierce/did-manager.git?tag=v1.0.0-beta.3#3ad5e3dba7bc76df8d6cb4a4fd2df2238d88710b" +source = "git+https://git@github.com/impierce/did-manager.git?rev=c1cfda0#c1cfda09ae1e5797ba013ead8aa6ace616b75a6d" dependencies = [ "did_iota", "did_jwk", @@ -1972,7 +1976,7 @@ dependencies = [ "serde", "serde_json", "sha2 0.9.9", - "x25519-dalek", + "x25519-dalek 1.1.1", ] [[package]] @@ -2008,9 +2012,9 @@ dependencies = [ [[package]] name = "did_iota" version = "0.1.0" -source = "git+https://git@github.com/impierce/did-manager.git?tag=v1.0.0-beta.3#3ad5e3dba7bc76df8d6cb4a4fd2df2238d88710b" +source = "git+https://git@github.com/impierce/did-manager.git?rev=c1cfda0#c1cfda09ae1e5797ba013ead8aa6ace616b75a6d" dependencies = [ - "bls12_381_plus 0.8.15", + "bls12_381_plus 0.8.17", "identity_iota", "identity_stronghold", "iota-sdk", @@ -2022,7 +2026,7 @@ dependencies = [ [[package]] name = "did_jwk" version = "0.1.0" -source = "git+https://git@github.com/impierce/did-manager.git?tag=v1.0.0-beta.3#3ad5e3dba7bc76df8d6cb4a4fd2df2238d88710b" +source = "git+https://git@github.com/impierce/did-manager.git?rev=c1cfda0#c1cfda09ae1e5797ba013ead8aa6ace616b75a6d" dependencies = [ "did-jwk", "identity_iota", @@ -2039,7 +2043,7 @@ dependencies = [ [[package]] name = "did_key" version = "0.1.0" -source = "git+https://git@github.com/impierce/did-manager.git?tag=v1.0.0-beta.3#3ad5e3dba7bc76df8d6cb4a4fd2df2238d88710b" +source = "git+https://git@github.com/impierce/did-manager.git?rev=c1cfda0#c1cfda09ae1e5797ba013ead8aa6ace616b75a6d" dependencies = [ "did-method-key", "identity_iota", @@ -2057,7 +2061,7 @@ dependencies = [ [[package]] name = "did_manager" version = "0.1.0" -source = "git+https://git@github.com/impierce/did-manager.git?tag=v1.0.0-beta.3#3ad5e3dba7bc76df8d6cb4a4fd2df2238d88710b" +source = "git+https://git@github.com/impierce/did-manager.git?rev=c1cfda0#c1cfda09ae1e5797ba013ead8aa6ace616b75a6d" dependencies = [ "consumer", "producer", @@ -2085,7 +2089,7 @@ dependencies = [ [[package]] name = "did_web" version = "0.1.0" -source = "git+https://git@github.com/impierce/did-manager.git?tag=v1.0.0-beta.3#3ad5e3dba7bc76df8d6cb4a4fd2df2238d88710b" +source = "git+https://git@github.com/impierce/did-manager.git?rev=c1cfda0#c1cfda09ae1e5797ba013ead8aa6ace616b75a6d" dependencies = [ "did-web", "identity_iota", @@ -2104,11 +2108,11 @@ dependencies = [ [[package]] name = "dif-presentation-exchange" version = "0.1.0" -source = "git+https://git@github.com/impierce/openid4vc.git?rev=7be5b72#7be5b7219be93e348a4ecd0231c764d53b4eda0e" +source = "git+https://git@github.com/impierce/openid4vc.git?rev=0f77733#0f777334977118af4ca7d6b650c6a9d84c9ec3a6" dependencies = [ "getset", "jsonpath_lib", - "jsonschema", + "jsonschema 0.17.1", "jsonwebtoken", "serde", "serde_json", @@ -2450,6 +2454,17 @@ dependencies = [ "regex", ] +[[package]] +name = "fancy-regex" +version = "0.13.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "531e46835a22af56d1e3b66f04844bed63158bc094a628bec1d321d9b4c44bf2" +dependencies = [ + "bit-set", + "regex-automata 0.4.7", + "regex-syntax 0.8.4", +] + [[package]] name = "fastrand" version = "1.9.0" @@ -2563,6 +2578,21 @@ version = "1.0.7" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "3f9eec918d3f24069decb9af1554cad7c880e2da24a9afd88aca000531ab82c1" +[[package]] +name = "foreign-types" +version = "0.3.2" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "f6f339eb8adc052cd2ca78910fda869aefa38d22d5cb648e6485e4d3fc06f3b1" +dependencies = [ + "foreign-types-shared", +] + +[[package]] +name = "foreign-types-shared" +version = "0.1.1" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "00b0228411908ca8685dba7fc2cdd70ec9990a6e753e89b6ac91a84c40fbaf4b" + [[package]] name = "form_urlencoded" version = "1.2.1" @@ -2582,6 +2612,16 @@ dependencies = [ "num", ] +[[package]] +name = "fraction" +version = "0.15.3" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "0f158e3ff0a1b334408dc9fb811cd99b446986f4d8b741bb08f9df1604085ae7" +dependencies = [ + "lazy_static", + "num", +] + [[package]] name = "funty" version = "2.0.0" @@ -2883,7 +2923,7 @@ dependencies = [ "futures-sink", "futures-util", "http 0.2.12", - "indexmap 2.5.0", + "indexmap 2.6.0", "slab", "tokio", "tokio-util", @@ -2902,7 +2942,7 @@ dependencies = [ "futures-core", "futures-sink", "http 1.1.0", - "indexmap 2.5.0", + "indexmap 2.6.0", "slab", "tokio", "tokio-util", @@ -2947,6 +2987,12 @@ dependencies = [ "serde", ] +[[package]] +name = "hashbrown" +version = "0.15.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "1e087f84d4f86bf4b218b927129862374b72199ae7d8657835f1e89000eea4fb" + [[package]] name = "hashlink" version = "0.8.4" @@ -3309,10 +3355,24 @@ checksum = "b9e0384b61958566e926dc50660321d12159025e767c18e043daf26b70104c39" [[package]] name = "identity_core" version = "1.3.1" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "ee35f34cfc61310309a2cec6695e325676c425bfabc0b8fed9c42427d1ee6607" +source = "git+https://github.com/impierce/identity.rs?branch=fix/compile-fixes#d36175ce30d3be6c40da0c39f7d6c95ae424894e" +dependencies = [ + "js-sys", + "multibase 0.9.1", + "serde", + "serde_json", + "strum 0.25.0", + "thiserror", + "time", + "url", + "zeroize", +] + +[[package]] +name = "identity_core" +version = "1.3.1" +source = "git+https://github.com/impierce/identity.rs?rev=309c399#309c3998437de1fd07bdbc443fd029ee5f4c732c" dependencies = [ - "iota-crypto", "js-sys", "multibase 0.9.1", "serde", @@ -3327,19 +3387,50 @@ dependencies = [ [[package]] name = "identity_credential" version = "1.3.1" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "d4d0cf0ed8a8f1280ba518eed2990472d6d097bc430a62a81b3fcd7949054782" +source = "git+https://github.com/impierce/identity.rs?branch=fix/compile-fixes#d36175ce30d3be6c40da0c39f7d6c95ae424894e" dependencies = [ + "anyhow", "async-trait", "flate2", - "identity_core", - "identity_did", - "identity_document", - "identity_verification", - "indexmap 2.5.0", + "futures", + "identity_core 1.3.1 (git+https://github.com/impierce/identity.rs?branch=fix/compile-fixes)", + "identity_did 1.3.1 (git+https://github.com/impierce/identity.rs?branch=fix/compile-fixes)", + "identity_document 1.3.1 (git+https://github.com/impierce/identity.rs?branch=fix/compile-fixes)", + "identity_verification 1.3.1 (git+https://github.com/impierce/identity.rs?branch=fix/compile-fixes)", + "indexmap 2.6.0", "itertools 0.11.0", + "jsonschema 0.19.1", "once_cell", "roaring", + "sd-jwt-payload 0.2.1", + "sd-jwt-payload 0.3.0 (git+https://github.com/iotaledger/sd-jwt-payload.git?rev=0300fc5)", + "serde", + "serde-aux", + "serde_json", + "serde_repr", + "strum 0.25.0", + "thiserror", + "url", +] + +[[package]] +name = "identity_credential" +version = "1.3.1" +source = "git+https://github.com/impierce/identity.rs?rev=309c399#309c3998437de1fd07bdbc443fd029ee5f4c732c" +dependencies = [ + "anyhow", + "async-trait", + "futures", + "identity_core 1.3.1 (git+https://github.com/impierce/identity.rs?rev=309c399)", + "identity_did 1.3.1 (git+https://github.com/impierce/identity.rs?rev=309c399)", + "identity_document 1.3.1 (git+https://github.com/impierce/identity.rs?rev=309c399)", + "identity_verification 1.3.1 (git+https://github.com/impierce/identity.rs?rev=309c399)", + "indexmap 2.6.0", + "itertools 0.11.0", + "jsonschema 0.19.1", + "once_cell", + "sd-jwt-payload 0.2.1", + "sd-jwt-payload 0.3.0 (git+https://github.com/impierce/sd-jwt-payload.git?rev=318dad9)", "serde", "serde-aux", "serde_json", @@ -3352,12 +3443,26 @@ dependencies = [ [[package]] name = "identity_did" version = "1.3.1" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "a054fe2898b1d4e29260c128ecd3bb65fbb00846000b17713f2d28cf6b2da7c0" +source = "git+https://github.com/impierce/identity.rs?branch=fix/compile-fixes#d36175ce30d3be6c40da0c39f7d6c95ae424894e" +dependencies = [ + "did_url_parser", + "form_urlencoded", + "identity_core 1.3.1 (git+https://github.com/impierce/identity.rs?branch=fix/compile-fixes)", + "identity_jose 1.3.1 (git+https://github.com/impierce/identity.rs?branch=fix/compile-fixes)", + "serde", + "strum 0.25.0", + "thiserror", +] + +[[package]] +name = "identity_did" +version = "1.3.1" +source = "git+https://github.com/impierce/identity.rs?rev=309c399#309c3998437de1fd07bdbc443fd029ee5f4c732c" dependencies = [ "did_url_parser", "form_urlencoded", - "identity_core", + "identity_core 1.3.1 (git+https://github.com/impierce/identity.rs?rev=309c399)", + "identity_jose 1.3.1 (git+https://github.com/impierce/identity.rs?rev=309c399)", "serde", "strum 0.25.0", "thiserror", @@ -3366,14 +3471,28 @@ dependencies = [ [[package]] name = "identity_document" version = "1.3.1" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "76e59fe2e4b2c4843ef9e9cc37b70e864eff6021d42d982f596ce9949587dd7c" +source = "git+https://github.com/impierce/identity.rs?branch=fix/compile-fixes#d36175ce30d3be6c40da0c39f7d6c95ae424894e" dependencies = [ "did_url_parser", - "identity_core", - "identity_did", - "identity_verification", - "indexmap 2.5.0", + "identity_core 1.3.1 (git+https://github.com/impierce/identity.rs?branch=fix/compile-fixes)", + "identity_did 1.3.1 (git+https://github.com/impierce/identity.rs?branch=fix/compile-fixes)", + "identity_verification 1.3.1 (git+https://github.com/impierce/identity.rs?branch=fix/compile-fixes)", + "indexmap 2.6.0", + "serde", + "strum 0.25.0", + "thiserror", +] + +[[package]] +name = "identity_document" +version = "1.3.1" +source = "git+https://github.com/impierce/identity.rs?rev=309c399#309c3998437de1fd07bdbc443fd029ee5f4c732c" +dependencies = [ + "did_url_parser", + "identity_core 1.3.1 (git+https://github.com/impierce/identity.rs?rev=309c399)", + "identity_did 1.3.1 (git+https://github.com/impierce/identity.rs?rev=309c399)", + "identity_verification 1.3.1 (git+https://github.com/impierce/identity.rs?rev=309c399)", + "indexmap 2.6.0", "serde", "strum 0.25.0", "thiserror", @@ -3382,32 +3501,30 @@ dependencies = [ [[package]] name = "identity_iota" version = "1.3.1" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "6820c32c06bccb53b804aebbc15879f79395632c99e1add4b7e2f1b662611960" +source = "git+https://github.com/impierce/identity.rs?branch=fix/compile-fixes#d36175ce30d3be6c40da0c39f7d6c95ae424894e" dependencies = [ - "identity_core", - "identity_credential", - "identity_did", - "identity_document", + "identity_core 1.3.1 (git+https://github.com/impierce/identity.rs?branch=fix/compile-fixes)", + "identity_credential 1.3.1 (git+https://github.com/impierce/identity.rs?branch=fix/compile-fixes)", + "identity_did 1.3.1 (git+https://github.com/impierce/identity.rs?branch=fix/compile-fixes)", + "identity_document 1.3.1 (git+https://github.com/impierce/identity.rs?branch=fix/compile-fixes)", "identity_iota_core", "identity_resolver", "identity_storage", - "identity_verification", + "identity_verification 1.3.1 (git+https://github.com/impierce/identity.rs?branch=fix/compile-fixes)", ] [[package]] name = "identity_iota_core" version = "1.3.1" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "8bd8d4dec00632808f79bf7d85256f808abae7c8552ef6e102ea7350112900bf" +source = "git+https://github.com/impierce/identity.rs?branch=fix/compile-fixes#d36175ce30d3be6c40da0c39f7d6c95ae424894e" dependencies = [ "async-trait", "futures", - "identity_core", - "identity_credential", - "identity_did", - "identity_document", - "identity_verification", + "identity_core 1.3.1 (git+https://github.com/impierce/identity.rs?branch=fix/compile-fixes)", + "identity_credential 1.3.1 (git+https://github.com/impierce/identity.rs?branch=fix/compile-fixes)", + "identity_did 1.3.1 (git+https://github.com/impierce/identity.rs?branch=fix/compile-fixes)", + "identity_document 1.3.1 (git+https://github.com/impierce/identity.rs?branch=fix/compile-fixes)", + "identity_verification 1.3.1 (git+https://github.com/impierce/identity.rs?branch=fix/compile-fixes)", "iota-sdk", "num-derive 0.4.2", "num-traits", @@ -3422,11 +3539,26 @@ dependencies = [ [[package]] name = "identity_jose" version = "1.3.1" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "4a2bf6a6eeeb41729d65bdca82c9cdb3cc52847b8cc277892a60d68d008ba5b3" +source = "git+https://github.com/impierce/identity.rs?branch=fix/compile-fixes#d36175ce30d3be6c40da0c39f7d6c95ae424894e" dependencies = [ - "bls12_381_plus 0.8.15", - "identity_core", + "bls12_381_plus 0.8.17", + "identity_core 1.3.1 (git+https://github.com/impierce/identity.rs?branch=fix/compile-fixes)", + "iota-crypto", + "json-proof-token", + "serde", + "serde_json", + "subtle", + "thiserror", + "zeroize", +] + +[[package]] +name = "identity_jose" +version = "1.3.1" +source = "git+https://github.com/impierce/identity.rs?rev=309c399#309c3998437de1fd07bdbc443fd029ee5f4c732c" +dependencies = [ + "bls12_381_plus 0.8.17", + "identity_core 1.3.1 (git+https://github.com/impierce/identity.rs?rev=309c399)", "iota-crypto", "json-proof-token", "serde", @@ -3439,16 +3571,16 @@ dependencies = [ [[package]] name = "identity_resolver" version = "1.3.1" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "616265a5de38f03867d3d5ce269e723a8cf6d6d5ee90d5b19a5b9879ed14e821" +source = "git+https://github.com/impierce/identity.rs?branch=fix/compile-fixes#d36175ce30d3be6c40da0c39f7d6c95ae424894e" dependencies = [ + "anyhow", "async-trait", "futures", - "identity_core", - "identity_credential", - "identity_did", - "identity_document", + "identity_core 1.3.1 (git+https://github.com/impierce/identity.rs?branch=fix/compile-fixes)", + "identity_did 1.3.1 (git+https://github.com/impierce/identity.rs?branch=fix/compile-fixes)", + "identity_document 1.3.1 (git+https://github.com/impierce/identity.rs?branch=fix/compile-fixes)", "identity_iota_core", + "iota-sdk", "serde", "strum 0.25.0", "thiserror", @@ -3457,18 +3589,17 @@ dependencies = [ [[package]] name = "identity_storage" version = "1.3.1" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "5ee676abc86697f2ca52c86d3d34b1ae8558e62706623b470937be4fb93c169f" +source = "git+https://github.com/impierce/identity.rs?branch=fix/compile-fixes#d36175ce30d3be6c40da0c39f7d6c95ae424894e" dependencies = [ "anyhow", "async-trait", "futures", - "identity_core", - "identity_credential", - "identity_did", - "identity_document", + "identity_core 1.3.1 (git+https://github.com/impierce/identity.rs?branch=fix/compile-fixes)", + "identity_credential 1.3.1 (git+https://github.com/impierce/identity.rs?branch=fix/compile-fixes)", + "identity_did 1.3.1 (git+https://github.com/impierce/identity.rs?branch=fix/compile-fixes)", + "identity_document 1.3.1 (git+https://github.com/impierce/identity.rs?branch=fix/compile-fixes)", "identity_iota_core", - "identity_verification", + "identity_verification 1.3.1 (git+https://github.com/impierce/identity.rs?branch=fix/compile-fixes)", "seahash", "serde", "serde_json", @@ -3478,12 +3609,11 @@ dependencies = [ [[package]] name = "identity_stronghold" version = "1.3.1" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "84cee4d8723ebf1605ca3cd848a21494a7e2e5e44c1610a43bb8ebf3114b5916" +source = "git+https://github.com/impierce/identity.rs?branch=fix/compile-fixes#d36175ce30d3be6c40da0c39f7d6c95ae424894e" dependencies = [ "async-trait", "identity_storage", - "identity_verification", + "identity_verification 1.3.1 (git+https://github.com/impierce/identity.rs?branch=fix/compile-fixes)", "iota-crypto", "iota-sdk", "iota_stronghold", @@ -3495,12 +3625,12 @@ dependencies = [ [[package]] name = "identity_stronghold_ext" version = "0.1.0" -source = "git+https://git@github.com/impierce/did-manager.git?tag=v1.0.0-beta.3#3ad5e3dba7bc76df8d6cb4a4fd2df2238d88710b" +source = "git+https://git@github.com/impierce/did-manager.git?rev=c1cfda0#c1cfda09ae1e5797ba013ead8aa6ace616b75a6d" dependencies = [ "async-trait", "elliptic-curve 0.13.8", "identity_storage", - "identity_verification", + "identity_verification 1.3.1 (git+https://github.com/impierce/identity.rs?branch=fix/compile-fixes)", "iota-sdk", "iota_stronghold", "k256", @@ -3514,12 +3644,25 @@ dependencies = [ [[package]] name = "identity_verification" version = "1.3.1" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "949c048132a35d0337540958bdae866aedebbfaadb588d4604475355fe9646db" +source = "git+https://github.com/impierce/identity.rs?branch=fix/compile-fixes#d36175ce30d3be6c40da0c39f7d6c95ae424894e" +dependencies = [ + "identity_core 1.3.1 (git+https://github.com/impierce/identity.rs?branch=fix/compile-fixes)", + "identity_did 1.3.1 (git+https://github.com/impierce/identity.rs?branch=fix/compile-fixes)", + "identity_jose 1.3.1 (git+https://github.com/impierce/identity.rs?branch=fix/compile-fixes)", + "serde", + "serde_json", + "strum 0.25.0", + "thiserror", +] + +[[package]] +name = "identity_verification" +version = "1.3.1" +source = "git+https://github.com/impierce/identity.rs?rev=309c399#309c3998437de1fd07bdbc443fd029ee5f4c732c" dependencies = [ - "identity_core", - "identity_did", - "identity_jose", + "identity_core 1.3.1 (git+https://github.com/impierce/identity.rs?rev=309c399)", + "identity_did 1.3.1 (git+https://github.com/impierce/identity.rs?rev=309c399)", + "identity_jose 1.3.1 (git+https://github.com/impierce/identity.rs?rev=309c399)", "serde", "serde_json", "strum 0.25.0", @@ -3578,12 +3721,12 @@ dependencies = [ [[package]] name = "indexmap" -version = "2.5.0" +version = "2.6.0" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "68b900aa2f7301e21c36462b170ee99994de34dff39a4a6a528e80e7376d07e5" +checksum = "707907fe3c25f5424cce2cb7e1cbcafee6bdbe735ca90ef77c29e84591e5b9da" dependencies = [ "equivalent", - "hashbrown 0.14.5", + "hashbrown 0.15.0", "serde", ] @@ -3622,9 +3765,9 @@ dependencies = [ [[package]] name = "iota-crypto" -version = "0.23.1" +version = "0.23.2" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "a5db0e2d85e258d6d0db66f4a6bf1e8bdf5b10c3353aa87d98b168778d13fdc1" +checksum = "98a38db844c910d78825e173c083f2ef416b69cb091bba8ac1055763c6db065b" dependencies = [ "aead", "aes", @@ -3634,7 +3777,7 @@ dependencies = [ "blake2", "chacha20poly1305", "cipher", - "curve25519-dalek 3.2.0", + "curve25519-dalek 4.1.3", "digest 0.10.7", "ed25519-zebra", "generic-array", @@ -3651,7 +3794,7 @@ dependencies = [ "sha2 0.10.8", "tiny-keccak", "unicode-normalization", - "x25519-dalek", + "x25519-dalek 2.0.1", "zeroize", ] @@ -3825,6 +3968,24 @@ version = "1.0.11" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "49f1f14873335454500d59611f1cf4a4b0f786f9ac11f4312a78e4cf2566695b" +[[package]] +name = "josekit" +version = "0.8.7" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "54b85e2125819afc4fd2ae57416207e792c7e12797858e5db2a6c6f24a166829" +dependencies = [ + "anyhow", + "base64 0.22.1", + "flate2", + "once_cell", + "openssl", + "regex", + "serde", + "serde_json", + "thiserror", + "time", +] + [[package]] name = "js-sys" version = "0.3.69" @@ -3985,6 +4146,15 @@ dependencies = [ "treediff", ] +[[package]] +name = "json-pointer" +version = "0.3.4" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "5fe841b94e719a482213cee19dd04927cf412f26d8dc84c5a446c081e49c2997" +dependencies = [ + "serde_json", +] + [[package]] name = "json-proof-token" version = "0.3.5" @@ -3993,7 +4163,7 @@ checksum = "179551c27c512c948af1edaf4bd7e1d1486d223f8ec4fd41cd760f7645fd4197" dependencies = [ "cargo-license", "data-encoding", - "indexmap 2.5.0", + "indexmap 2.6.0", "json-unflattening", "serde", "serde_json", @@ -4064,8 +4234,8 @@ dependencies = [ "base64 0.21.7", "bytecount", "clap 4.5.7", - "fancy-regex", - "fraction", + "fancy-regex 0.11.0", + "fraction 0.13.1", "getrandom 0.2.15", "iso8601", "itoa", @@ -4083,6 +4253,34 @@ dependencies = [ "uuid", ] +[[package]] +name = "jsonschema" +version = "0.19.1" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "14a655181740aa66dfcb182daca1bc8109fda5c7c0399c4f30dcb155ab0d32a6" +dependencies = [ + "ahash 0.8.11", + "anyhow", + "base64 0.22.1", + "bytecount", + "fancy-regex 0.13.0", + "fraction 0.15.3", + "getrandom 0.2.15", + "iso8601", + "itoa", + "memchr", + "num-cmp", + "once_cell", + "parking_lot 0.12.3", + "percent-encoding", + "regex", + "serde", + "serde_json", + "time", + "url", + "uuid-simd", +] + [[package]] name = "jsonwebkey" version = "0.3.5" @@ -4768,7 +4966,7 @@ dependencies = [ [[package]] name = "oid4vc-core" version = "0.1.0" -source = "git+https://git@github.com/impierce/openid4vc.git?rev=7be5b72#7be5b7219be93e348a4ecd0231c764d53b4eda0e" +source = "git+https://git@github.com/impierce/openid4vc.git?rev=0f77733#0f777334977118af4ca7d6b650c6a9d84c9ec3a6" dependencies = [ "anyhow", "async-trait", @@ -4792,7 +4990,7 @@ dependencies = [ [[package]] name = "oid4vc-manager" version = "0.1.0" -source = "git+https://git@github.com/impierce/openid4vc.git?rev=7be5b72#7be5b7219be93e348a4ecd0231c764d53b4eda0e" +source = "git+https://git@github.com/impierce/openid4vc.git?rev=0f77733#0f777334977118af4ca7d6b650c6a9d84c9ec3a6" dependencies = [ "anyhow", "async-trait", @@ -4803,8 +5001,8 @@ dependencies = [ "did_url", "futures", "getset", - "identity_core", - "identity_credential", + "identity_core 1.3.1 (git+https://github.com/impierce/identity.rs?rev=309c399)", + "identity_credential 1.3.1 (git+https://github.com/impierce/identity.rs?rev=309c399)", "jsonwebtoken", "oid4vc-core", "oid4vci", @@ -4824,7 +5022,7 @@ dependencies = [ [[package]] name = "oid4vci" version = "0.1.0" -source = "git+https://git@github.com/impierce/openid4vc.git?rev=7be5b72#7be5b7219be93e348a4ecd0231c764d53b4eda0e" +source = "git+https://git@github.com/impierce/openid4vc.git?rev=0f77733#0f777334977118af4ca7d6b650c6a9d84c9ec3a6" dependencies = [ "anyhow", "derivative", @@ -4847,15 +5045,15 @@ dependencies = [ [[package]] name = "oid4vp" version = "0.1.0" -source = "git+https://git@github.com/impierce/openid4vc.git?rev=7be5b72#7be5b7219be93e348a4ecd0231c764d53b4eda0e" +source = "git+https://git@github.com/impierce/openid4vc.git?rev=0f77733#0f777334977118af4ca7d6b650c6a9d84c9ec3a6" dependencies = [ "anyhow", "chrono", "dif-presentation-exchange", "futures", "getset", - "identity_core", - "identity_credential", + "identity_core 1.3.1 (git+https://github.com/impierce/identity.rs?rev=309c399)", + "identity_credential 1.3.1 (git+https://github.com/impierce/identity.rs?rev=309c399)", "is_empty", "jsonwebtoken", "monostate", @@ -4883,12 +5081,50 @@ version = "0.3.1" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "c08d65885ee38876c4f86fa503fb49d7b507c2b62552df7c70b2fce627e06381" +[[package]] +name = "openssl" +version = "0.10.66" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "9529f4786b70a3e8c61e11179af17ab6188ad8d0ded78c5529441ed39d4bd9c1" +dependencies = [ + "bitflags 2.5.0", + "cfg-if", + "foreign-types", + "libc", + "once_cell", + "openssl-macros", + "openssl-sys", +] + +[[package]] +name = "openssl-macros" +version = "0.1.1" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "a948666b637a0f465e8564c73e89d4dde00d72d4d473cc972f390fc3dcee7d9c" +dependencies = [ + "proc-macro2", + "quote", + "syn 2.0.67", +] + [[package]] name = "openssl-probe" version = "0.1.5" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "ff011a302c396a5197692431fc1948019154afc178baf7d8e37367442a4601cf" +[[package]] +name = "openssl-sys" +version = "0.9.103" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "7f9e8deee91df40a943c71b917e5874b951d32a802526c85721ce3b776c929d6" +dependencies = [ + "cc", + "libc", + "pkg-config", + "vcpkg", +] + [[package]] name = "ordered-multimap" version = "0.6.0" @@ -4905,6 +5141,12 @@ version = "6.6.1" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "e2355d85b9a3786f481747ced0e0ff2ba35213a1f9bd406ed906554d7af805a1" +[[package]] +name = "outref" +version = "0.5.1" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "4030760ffd992bef45b0ae3f10ce1aba99e33464c90d14dd7c039884963ddc7a" + [[package]] name = "overload" version = "0.1.1" @@ -5472,7 +5714,7 @@ dependencies = [ [[package]] name = "producer" version = "0.1.0" -source = "git+https://git@github.com/impierce/did-manager.git?tag=v1.0.0-beta.3#3ad5e3dba7bc76df8d6cb4a4fd2df2238d88710b" +source = "git+https://git@github.com/impierce/did-manager.git?rev=c1cfda0#c1cfda09ae1e5797ba013ead8aa6ace616b75a6d" dependencies = [ "did_iota", "did_jwk", @@ -6293,6 +6535,65 @@ dependencies = [ "untrusted", ] +[[package]] +name = "sd-jwt-payload" +version = "0.2.1" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "f96560f8ef0ef51808661b53f49e640cf854d64339d204c33fec3528d9451da7" +dependencies = [ + "iota-crypto", + "itertools 0.12.1", + "json-pointer", + "multibase 0.9.1", + "rand 0.8.5", + "serde", + "serde_json", + "serde_with 3.8.1", + "strum 0.26.3", + "thiserror", +] + +[[package]] +name = "sd-jwt-payload" +version = "0.3.0" +source = "git+https://github.com/iotaledger/sd-jwt-payload.git?rev=0300fc5#0300fc5bb2bd6c595127f58a023e0cbb33a7d423" +dependencies = [ + "anyhow", + "async-trait", + "indexmap 2.6.0", + "iota-crypto", + "itertools 0.12.1", + "josekit", + "json-pointer", + "multibase 0.9.1", + "rand 0.8.5", + "serde", + "serde_json", + "serde_with 3.8.1", + "strum 0.26.3", + "thiserror", +] + +[[package]] +name = "sd-jwt-payload" +version = "0.3.0" +source = "git+https://github.com/impierce/sd-jwt-payload.git?rev=318dad9#318dad904f1a1c3d7e510b0446fc75c6c71a49b5" +dependencies = [ + "anyhow", + "async-trait", + "indexmap 2.6.0", + "iota-crypto", + "itertools 0.12.1", + "json-pointer", + "multibase 0.9.1", + "rand 0.8.5", + "serde", + "serde_json", + "serde_with 3.8.1", + "strum 0.26.3", + "thiserror", +] + [[package]] name = "sdd" version = "0.2.0" @@ -6409,12 +6710,13 @@ dependencies = [ [[package]] name = "serde_json" -version = "1.0.117" +version = "1.0.128" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "455182ea6142b14f93f4bc5320a2b31c1f266b66a4a5c858b013302a5d8cbfc3" +checksum = "6ff5456707a1de34e7e37f2a6fd3d3f808c318259cbd01ab6377795054b483d8" dependencies = [ - "indexmap 2.5.0", + "indexmap 2.6.0", "itoa", + "memchr", "ryu", "serde", ] @@ -6497,7 +6799,7 @@ dependencies = [ "chrono", "hex", "indexmap 1.9.3", - "indexmap 2.5.0", + "indexmap 2.6.0", "serde", "serde_derive", "serde_json", @@ -6535,7 +6837,7 @@ version = "0.9.34+deprecated" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "6a8b1a1a2ebf674015cc02edccce75287f1a0130d394307b36743c2f5d504b47" dependencies = [ - "indexmap 2.5.0", + "indexmap 2.6.0", "itoa", "ryu", "serde", @@ -6634,7 +6936,7 @@ dependencies = [ [[package]] name = "shared" version = "0.1.0" -source = "git+https://git@github.com/impierce/did-manager.git?tag=v1.0.0-beta.3#3ad5e3dba7bc76df8d6cb4a4fd2df2238d88710b" +source = "git+https://git@github.com/impierce/did-manager.git?rev=c1cfda0#c1cfda09ae1e5797ba013ead8aa6ace616b75a6d" dependencies = [ "identity_iota", "identity_storage", @@ -6710,7 +7012,7 @@ dependencies = [ [[package]] name = "siopv2" version = "0.1.0" -source = "git+https://git@github.com/impierce/openid4vc.git?rev=7be5b72#7be5b7219be93e348a4ecd0231c764d53b4eda0e" +source = "git+https://git@github.com/impierce/openid4vc.git?rev=0f77733#0f777334977118af4ca7d6b650c6a9d84c9ec3a6" dependencies = [ "anyhow", "async-trait", @@ -6868,7 +7170,7 @@ dependencies = [ "futures-util", "hashlink", "hex", - "indexmap 2.5.0", + "indexmap 2.6.0", "log", "memchr", "once_cell", @@ -7744,7 +8046,7 @@ version = "0.19.15" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "1b5bb770da30e5cbfde35a2d7b9b8a2c4b8ef89548a7a6aeab5c9a576e3e7421" dependencies = [ - "indexmap 2.5.0", + "indexmap 2.6.0", "toml_datetime", "winnow 0.5.40", ] @@ -7755,7 +8057,7 @@ version = "0.21.1" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "6a8534fd7f78b5405e860340ad6575217ce99f38d4d5c8f2442cb5ecb50090e1" dependencies = [ - "indexmap 2.5.0", + "indexmap 2.6.0", "toml_datetime", "winnow 0.5.40", ] @@ -7766,7 +8068,7 @@ version = "0.22.14" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "f21c7aaf97f1bd9ca9d4f9e73b0a6c74bd5afef56f2bc931943a6e1c37e04e38" dependencies = [ - "indexmap 2.5.0", + "indexmap 2.6.0", "serde", "serde_spanned", "toml_datetime", @@ -8158,6 +8460,17 @@ dependencies = [ "serde", ] +[[package]] +name = "uuid-simd" +version = "0.8.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "23b082222b4f6619906941c17eb2297fff4c2fb96cb60164170522942a200bd8" +dependencies = [ + "outref", + "uuid", + "vsimd", +] + [[package]] name = "valuable" version = "0.1.0" @@ -8182,6 +8495,12 @@ version = "0.9.4" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "49874b5167b65d7193b8aba1567f5c7d93d001cafc34600cee003eda787e483f" +[[package]] +name = "vsimd" +version = "0.8.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "5c3082ca00d5a5ef149bb8b555a72ae84c9c59f7250f013ac822ac2e49b19c64" + [[package]] name = "waker-fn" version = "1.2.0" @@ -8655,6 +8974,17 @@ dependencies = [ "zeroize", ] +[[package]] +name = "x25519-dalek" +version = "2.0.1" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "c7e468321c81fb07fa7f4c636c3972b9100f0346e5b6a9f2bd0603a52f7ed277" +dependencies = [ + "curve25519-dalek 4.1.3", + "rand_core 0.6.4", + "zeroize", +] + [[package]] name = "xattr" version = "1.3.1" @@ -8727,7 +9057,7 @@ dependencies = [ "crossbeam-utils", "displaydoc", "flate2", - "indexmap 2.5.0", + "indexmap 2.6.0", "memchr", "thiserror", "zopfli", @@ -8739,7 +9069,7 @@ version = "0.2.2" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "c734c171ed591a19dc1127351eb1b4d91864d3e53b2b6e9992bffcb7febf364a" dependencies = [ - "bls12_381_plus 0.8.15", + "bls12_381_plus 0.8.17", "cargo-license", "digest 0.10.7", "dotenv", diff --git a/Cargo.toml b/Cargo.toml index b6772fe2..05ef57f6 100644 --- a/Cargo.toml +++ b/Cargo.toml @@ -19,12 +19,13 @@ edition = "2021" rust-version = "1.76.0" [workspace.dependencies] -did_manager = { git = "https://git@github.com/impierce/did-manager.git", tag = "v1.0.0-beta.3" } -siopv2 = { git = "https://git@github.com/impierce/openid4vc.git", rev = "7be5b72" } -oid4vci = { git = "https://git@github.com/impierce/openid4vc.git", rev = "7be5b72" } -oid4vc-core = { git = "https://git@github.com/impierce/openid4vc.git", rev = "7be5b72" } -oid4vc-manager = { git = "https://git@github.com/impierce/openid4vc.git", rev = "7be5b72" } -oid4vp = { git = "https://git@github.com/impierce/openid4vc.git", rev = "7be5b72" } +# did_manager = { git = "https://git@github.com/impierce/did-manager.git", tag = "v1.0.0-beta.3" } +did_manager = { git = "https://git@github.com/impierce/did-manager.git", rev = "c1cfda0" } +siopv2 = { git = "https://git@github.com/impierce/openid4vc.git", rev = "0f77733" } +oid4vci = { git = "https://git@github.com/impierce/openid4vc.git", rev = "0f77733" } +oid4vc-core = { git = "https://git@github.com/impierce/openid4vc.git", rev = "0f77733" } +oid4vc-manager = { git = "https://git@github.com/impierce/openid4vc.git", rev = "0f77733" } +oid4vp = { git = "https://git@github.com/impierce/openid4vc.git", rev = "0f77733" } async-trait = "0.1" axum = { version = "0.7", features = ["tracing"] } @@ -32,22 +33,26 @@ base64 = "0.22" chrono = { version = "0.4", features = ["serde"] } cqrs-es = "0.4.2" futures = "0.3" -identity_core = "1.3" -identity_credential = { version = "1.3", default-features = false, features = [ +identity_core = { git = "https://github.com/impierce/identity.rs", branch = "fix/compile-fixes" } +identity_credential = { git = "https://github.com/impierce/identity.rs", branch = "fix/compile-fixes", default-features = false, features = [ "validator", "credential", "presentation", "domain-linkage", + "sd-jwt-vc" ] } -identity_did = { version = "1.3" } -identity_iota = { version = "1.3" } -identity_verification = { version = "1.3", default-features = false } + +identity_did = { git = "https://github.com/impierce/identity.rs", branch = "fix/compile-fixes" } +identity_document = { git = "https://github.com/impierce/identity.rs", branch = "fix/compile-fixes" } +identity_iota = { git = "https://github.com/impierce/identity.rs", branch = "fix/compile-fixes" } +identity_verification = { git = "https://github.com/impierce/identity.rs", branch = "fix/compile-fixes", default-features = false } jsonwebtoken = "9.3" lazy_static = "1.4" mime = { version = "0.3" } once_cell = { version = "1.19" } reqwest = { version = "0.12", default-features = false, features = ["json", "rustls-tls"] } rstest = "0.22" +sd-jwt-payload-rework = { package = "sd-jwt-payload", git = "https://github.com/iotaledger/sd-jwt-payload.git", rev = "0300fc5", default-features = false, features = ["sha"] } serde = { version = "1.0", default-features = false, features = ["derive"] } serde_json = { version = "1.0" } serde_with = "3.7" diff --git a/agent_identity/Cargo.toml b/agent_identity/Cargo.toml index 37156612..2a92fbbb 100644 --- a/agent_identity/Cargo.toml +++ b/agent_identity/Cargo.toml @@ -16,7 +16,7 @@ did_manager.workspace = true identity_credential.workspace = true identity_core.workspace = true identity_did.workspace = true -identity_document = { version = "1.3" } +identity_document.workspace = true jsonwebtoken.workspace = true oid4vc-core.workspace = true serde.workspace = true diff --git a/agent_shared/Cargo.toml b/agent_shared/Cargo.toml index 724864bd..21eaec68 100644 --- a/agent_shared/Cargo.toml +++ b/agent_shared/Cargo.toml @@ -6,6 +6,7 @@ rust-version.workspace = true [dependencies] async-trait.workspace = true +base64.workspace = true chrono.workspace = true config = { version = "0.14" } cqrs-es.workspace = true diff --git a/agent_shared/src/lib.rs b/agent_shared/src/lib.rs index e183167c..68067099 100644 --- a/agent_shared/src/lib.rs +++ b/agent_shared/src/lib.rs @@ -5,6 +5,7 @@ pub mod error; pub mod generic_query; pub mod handlers; pub mod url_utils; +pub mod verifier; pub use ::config::ConfigError; use identity_iota::verification::jws::JwsAlgorithm; diff --git a/agent_shared/src/verifier.rs b/agent_shared/src/verifier.rs new file mode 100644 index 00000000..64d048e5 --- /dev/null +++ b/agent_shared/src/verifier.rs @@ -0,0 +1,50 @@ +use std::str::FromStr as _; + +use base64::{engine::general_purpose::URL_SAFE_NO_PAD, Engine as _}; +use identity_iota::core::{FromJson as _, ToJson as _}; +use identity_iota::verification; +use identity_iota::verification::jws::{ + JwsVerifier, SignatureVerificationError, SignatureVerificationErrorKind, VerificationInput, +}; +use jsonwebtoken::crypto::verify; +use jsonwebtoken::{Algorithm, DecodingKey, Validation}; + +/// This `Verifier` uses `jsonwebtoken` under the hood to verify verification input. +pub struct Verifier; +impl JwsVerifier for Verifier { + fn verify( + &self, + input: VerificationInput, + public_key: &verification::jwk::Jwk, + ) -> Result<(), SignatureVerificationError> { + use SignatureVerificationErrorKind::*; + + let algorithm = + Algorithm::from_str(&input.alg.to_string()).map_err(|_| SignatureVerificationError::new(UnsupportedAlg))?; + + // Convert the `IotaIdentityJwk` first into a `jsonwebtoken::Jwk` and then into a `DecodingKey`. + let decoding_key = public_key + .to_json() + .ok() + .and_then(|public_key| jsonwebtoken::jwk::Jwk::from_json(&public_key).ok()) + .and_then(|jwk| DecodingKey::from_jwk(&jwk).ok()) + .ok_or(SignatureVerificationError::new(KeyDecodingFailure))?; + + let mut validation = Validation::new(algorithm); + validation.validate_aud = false; + validation.required_spec_claims.clear(); + + match verify( + &URL_SAFE_NO_PAD.encode(input.decoded_signature), + &input.signing_input, + &decoding_key, + algorithm, + ) { + Ok(true) => Ok(()), + Err(_) | Ok(false) => Err(SignatureVerificationError::new( + // TODO: more fine-grained error handling? + InvalidSignature, + )), + } + } +} diff --git a/agent_verification/Cargo.toml b/agent_verification/Cargo.toml index 4d0571a4..4c551ae3 100644 --- a/agent_verification/Cargo.toml +++ b/agent_verification/Cargo.toml @@ -12,7 +12,9 @@ anyhow = "1.0" async-trait.workspace = true chrono.workspace = true cqrs-es.workspace = true +did_manager.workspace = true futures.workspace = true +identity_credential.workspace = true jsonwebtoken.workspace = true oid4vc-core.workspace = true oid4vc-manager.workspace = true @@ -26,6 +28,10 @@ tracing.workspace = true url.workspace = true tokio.workspace = true +identity_iota.workspace = true +sd-jwt-payload-rework.workspace = true +base64.workspace = true + [dev-dependencies] agent_shared = { path = "../agent_shared", features = ["test_utils"] } agent_verification = { path = ".", features = ["test_utils"] } diff --git a/agent_verification/src/authorization_request/aggregate.rs b/agent_verification/src/authorization_request/aggregate.rs index 9d9e9678..a2da8908 100644 --- a/agent_verification/src/authorization_request/aggregate.rs +++ b/agent_verification/src/authorization_request/aggregate.rs @@ -6,11 +6,25 @@ use crate::{ }, services::VerificationServices, }; -use agent_shared::config::{config, get_preferred_signing_algorithm}; +use agent_shared::{ + config::{config, get_preferred_signing_algorithm}, + verifier::Verifier, +}; use async_trait::async_trait; +use base64::{engine::general_purpose::URL_SAFE_NO_PAD, Engine as _}; use cqrs_es::Aggregate; +use did_manager::Resolver; +use identity_credential::sd_jwt_vc::SdJwtVc; +use identity_iota::{ + core::ToJson as _, + credential::KeyBindingJWTValidationOptions, + did::DID as _, + document::DIDUrlQuery, + verification::jwk::{Jwk, JwkParams}, +}; use oid4vc_core::{authorization_request::ByReference, scope::Scope}; use oid4vp::{authorization_request::ClientIdScheme, Oid4vpParams}; +use sd_jwt_payload_rework::{RequiredKeyBinding, Sha256Hasher}; use serde::{Deserialize, Serialize}; use std::sync::Arc; use tracing::info; @@ -21,7 +35,7 @@ pub struct AuthorizationRequest { pub form_url_encoded_authorization_request: Option, pub signed_authorization_request_object: Option, pub id_token: Option, - pub vp_token: Option, + pub vp_tokens: Option>, pub state: Option, } @@ -155,18 +169,77 @@ impl Aggregate for AuthorizationRequest { }]) } GenericAuthorizationResponse::OID4VP(oid4vp_authorization_response) => { - let _ = relying_party - .validate_response(&oid4vp_authorization_response) - .await - .map_err(InvalidOID4VPAuthorizationResponse)?; - - let vp_token = match oid4vp_authorization_response.extension.oid4vp_parameters { - Oid4vpParams::Params { vp_token, .. } => vp_token, + let mut vp_tokens = match &oid4vp_authorization_response.extension.oid4vp_parameters { + Oid4vpParams::Params { vp_token, .. } => vec![vp_token.clone()], Oid4vpParams::Jwt { .. } => return Err(UnsupportedJwtParameterError), }; + for vp_token in &mut vp_tokens { + if let Ok(sd_jwt_vc) = vp_token.parse::() { + info!("VC SD-JWT: {}", sd_jwt_vc); + + if let Some(cnf) = &sd_jwt_vc.claims().cnf { + let jwk = match cnf { + RequiredKeyBinding::Jwk(jwk) => Jwk::from_params( + serde_json::from_value::(serde_json::json!(jwk)) + .map_err(|e| InvalidCnfParameterError(e.to_string()))?, + ), + RequiredKeyBinding::Kid(kid) => { + info!("Cnf `kid` value: {kid}"); + + let did_url = identity_iota::did::DIDUrl::parse(kid) + .map_err(|e| InvalidDidUrlError(format!("Invalid DID URL: {}", e)))?; + + let resolver = Resolver::new().await; + + let document = resolver + .resolve(did_url.did().as_str()) + .await + .map_err(|e| UnsupportedDidMethodError(e.to_string()))?; + + let verification_method = document + .resolve_method( + DIDUrlQuery::from(&did_url), + Some(identity_iota::verification::MethodScope::VerificationMethod), + ) + .ok_or(MissingVerificationMethodError)?; + + verification_method + .data() + .public_key_jwk() + .ok_or(MissingVerificationMethodKeyError)? + .clone() + } + _ => return Err(UnsupportedCnfParameterError), + }; + + sd_jwt_vc + .validate_key_binding( + &Verifier, + &jwk, + &Sha256Hasher::new(), + &KeyBindingJWTValidationOptions::default(), + ) + .map_err(|_| InvalidKeyBindingError)?; + } + let disclosed_object = sd_jwt_vc.into_disclosed_object(&Sha256Hasher::new()).unwrap(); + + info!("Disclosed object: {:?}", disclosed_object); + + *vp_token = URL_SAFE_NO_PAD.encode( + disclosed_object + .to_json_vec() + .map_err(|e| InvalidDisclosedObjectError(e.to_string()))?, + ); + } else { + let _ = relying_party + .validate_response(&oid4vp_authorization_response) + .await + .map_err(InvalidOID4VPAuthorizationResponse)?; + } + } Ok(vec![OID4VPAuthorizationResponseVerified { - vp_token, + vp_tokens, state: oid4vp_authorization_response.state, }]) } @@ -200,8 +273,8 @@ impl Aggregate for AuthorizationRequest { self.id_token.replace(id_token); self.state = state; } - OID4VPAuthorizationResponseVerified { vp_token, state } => { - self.vp_token.replace(vp_token); + OID4VPAuthorizationResponseVerified { vp_tokens, state } => { + self.vp_tokens.replace(vp_tokens); self.state = state; } } @@ -228,6 +301,7 @@ pub mod tests { use oid4vc_manager::ProviderManager; use oid4vci::VerifiableCredentialJwt; use oid4vp::oid4vp::AuthorizationResponseInput; + use oid4vp::oid4vp::PresentationInputType; use oid4vp::PresentationDefinition; use rstest::rstest; use serde_json::json; @@ -355,7 +429,7 @@ pub mod tests { state: Some("state".to_string()), }, "vp_token" => AuthorizationRequestEvent::OID4VPAuthorizationResponseVerified { - vp_token: token, + vp_tokens: vec![token], state: Some("state".to_string()), }, _ => unreachable!("Invalid response type."), @@ -444,7 +518,9 @@ pub mod tests { .generate_response( oid4vp_authorization_request, AuthorizationResponseInput { - verifiable_presentation, + verifiable_presentation_input: vec![PresentationInputType::Unsigned( + verifiable_presentation, + )], presentation_submission, }, ) diff --git a/agent_verification/src/authorization_request/error.rs b/agent_verification/src/authorization_request/error.rs index 1f8ac2c9..4ee03a1b 100644 --- a/agent_verification/src/authorization_request/error.rs +++ b/agent_verification/src/authorization_request/error.rs @@ -14,4 +14,20 @@ pub enum AuthorizationRequestError { InvalidOID4VPAuthorizationResponse(#[source] anyhow::Error), #[error("`jwt` parameter is not supported yet")] UnsupportedJwtParameterError, + #[error("`cnf` parameter must be a JWK or a `kid` string")] + UnsupportedCnfParameterError, + #[error("Invalid `cnf` parameter: {0}")] + InvalidCnfParameterError(String), + #[error("Invalid key binding")] + InvalidKeyBindingError, + #[error("Invalid DID URL: {0}")] + InvalidDidUrlError(String), + #[error("Unsupported DID method: {0}")] + UnsupportedDidMethodError(String), + #[error("Unable to find verification method")] + MissingVerificationMethodError, + #[error("No verification method key found")] + MissingVerificationMethodKeyError, + #[error("Invalid disclosed object: {0}")] + InvalidDisclosedObjectError(String), } diff --git a/agent_verification/src/authorization_request/event.rs b/agent_verification/src/authorization_request/event.rs index 2f66ec4e..51a51d16 100644 --- a/agent_verification/src/authorization_request/event.rs +++ b/agent_verification/src/authorization_request/event.rs @@ -18,7 +18,7 @@ pub enum AuthorizationRequestEvent { state: Option, }, OID4VPAuthorizationResponseVerified { - vp_token: String, + vp_tokens: Vec, state: Option, }, } diff --git a/agent_verification/src/authorization_request/views/mod.rs b/agent_verification/src/authorization_request/views/mod.rs index 10e258b2..1c98e6a5 100644 --- a/agent_verification/src/authorization_request/views/mod.rs +++ b/agent_verification/src/authorization_request/views/mod.rs @@ -29,8 +29,8 @@ impl View for AuthorizationRequest { self.id_token.replace(id_token.clone()); self.state.clone_from(state); } - OID4VPAuthorizationResponseVerified { vp_token, state } => { - self.vp_token.replace(vp_token.clone()); + OID4VPAuthorizationResponseVerified { vp_tokens, state } => { + self.vp_tokens.replace(vp_tokens.clone()); self.state.clone_from(state); } } diff --git a/agent_verification/src/services.rs b/agent_verification/src/services.rs index 613b79ec..4a8397fb 100644 --- a/agent_verification/src/services.rs +++ b/agent_verification/src/services.rs @@ -3,7 +3,7 @@ use agent_shared::config::{config, get_all_enabled_did_methods, get_preferred_di use jsonwebtoken::Algorithm; use oid4vc_core::{client_metadata::ClientMetadataResource, Subject}; use oid4vc_manager::RelyingPartyManager; -use oid4vp::ClaimFormatProperty; +use oid4vp::{ClaimFormatDesignation, ClaimFormatProperty}; use serde_json::json; use std::{collections::HashMap, str::FromStr, sync::Arc}; @@ -58,7 +58,13 @@ impl Service for VerificationServices { .map(|(c, _)| { ( c.clone(), - ClaimFormatProperty::Alg(signing_algorithms_supported.clone()), + match c { + ClaimFormatDesignation::VcSdJwt => ClaimFormatProperty::SdJwt { + sd_jwt_alg_values: signing_algorithms_supported.clone(), + kb_jwt_alg_values: vec![], + }, + _ => ClaimFormatProperty::Alg(signing_algorithms_supported.clone()), + }, ) }) .collect(),