alan-turing-institute · edchapman88 · Dec 21, 2023 · Aug 30, 2023 · Sep 6, 2023 · Sep 8, 2023
diff --git a/trustchain-api/Cargo.toml b/trustchain-api/Cargo.toml
@@ -8,12 +8,17 @@ edition = "2021"
 [dependencies]
 trustchain-core = { path = "../trustchain-core" }
 trustchain-ion = { path = "../trustchain-ion" }
+ps_sig = { git = "https://github.com/alan-turing-institute/RSS.git", rev = "ec9386e125d87c5f54898b34fbe0883b3b36ffd4" }
 
 async-trait = "0.1"
 serde_json = "1.0"
-ssi = {git="https://github.com/alan-turing-institute/ssi.git", branch="modify-encode-sign-jwt", features = ["http-did", "secp256k1"]}
-did-ion = {git="https://github.com/alan-turing-institute/ssi.git", branch="modify-encode-sign-jwt"}
+ssi = { git = "https://github.com/alan-turing-institute/ssi.git", rev = "1aa3223a384ee71df1333bbce04af445e852eab5", features = [
+    "http-did",
+    "secp256k1",
+    "rss",
+] }
+did-ion = { git = "https://github.com/alan-turing-institute/ssi.git", rev = "1aa3223a384ee71df1333bbce04af445e852eab5" }
 futures = "0.3.28"
 
 [dev-dependencies]
-tokio = {version = "1.20.1", features = ["full"]}
+tokio = { version = "1.20.1", features = ["full"] }
diff --git a/trustchain-api/src/api.rs b/trustchain-api/src/api.rs
@@ -248,10 +248,11 @@ pub trait TrustchainVPAPI {
 mod tests {
     use crate::api::{TrustchainVCAPI, TrustchainVPAPI};
     use crate::TrustchainAPI;
+    use did_ion::sidetree::PublicKeyEntry;
     use ssi::jsonld::ContextLoader;
     use ssi::ldp::now_ns;
     use ssi::one_or_many::OneOrMany;
-    use ssi::vc::{Credential, CredentialOrJWT, Presentation, VCDateTime};
+    use ssi::vc::{Credential, CredentialOrJWT, CredentialSubject, Presentation, VCDateTime};
     use trustchain_core::utils::init;
     use trustchain_core::vc::CredentialError;
     use trustchain_core::vp::PresentationError;
@@ -269,14 +270,8 @@ mod tests {
           "https://www.w3.org/2018/credentials/examples/v1",
           "https://w3id.org/citizenship/v1"
         ],
-        "credentialSchema": {
-          "id": "did:example:cdf:35LB7w9ueWbagPL94T9bMLtyXDj9pX5o",
-          "type": "did:example:schema:22KpkXgecryx9k7N6XN1QoN3gXwBkSU8SfyyYQG"
-        },
         "type": ["VerifiableCredential"],
         "issuer": "did:ion:test:EiAtHHKFJWAk5AsM3tgCut3OiBY4ekHTf66AAjoysXL65Q",
-        "issuanceDate": "2023-09-06T12:15:08.630033Z",
-        "image": "some_base64_representation",
         "credentialSubject": {
           "givenName": "Jane",
           "familyName": "Doe",
@@ -289,6 +284,33 @@ mod tests {
       }
       "#;
 
+    const UNSIGNED_DRIVERS_LICENCE_VC: &str = r###"{
+        "@context": [
+          "https://www.w3.org/2018/credentials/v1",
+          "https://w3id.org/vdl/v1"
+        ],
+        "type": [
+          "VerifiableCredential",
+          "Iso18013DriversLicense"
+        ],
+        "issuer": "did:ion:test:EiAtHHKFJWAk5AsM3tgCut3OiBY4ekHTf66AAjoysXL65Q",
+        "issuanceDate": "2023-11-23T11:43:26.806224Z",
+        "credentialSubject": {
+          "id": "did:example:12347abcd",
+          "Iso18013DriversLicense": {
+            "height": 1.8,
+            "weight": 70,
+            "nationality": "France",
+            "given_name": "Test",
+            "family_name": "A",
+            "issuing_country": "US",
+            "birth_date": "1958-07-17",
+            "age_in_years": 30,
+            "age_birth_year": 1958
+          }
+        }
+      }"###;
+
     #[ignore = "requires a running Sidetree node listening on http://localhost:3000"]
     #[tokio::test]
     async fn test_verify_credential() {
@@ -328,6 +350,110 @@ mod tests {
         }
     }
 
+    #[ignore = "requires a running Sidetree node listening on http://localhost:3000"]
+    #[tokio::test]
+    async fn test_verify_rss_credential() {
+        init();
+
+        // DID with RSS verification method
+        let issuer_did_suffix = "EiAtHHKFJWAk5AsM3tgCut3OiBY4ekHTf66AAjoysXL65Q";
+        let resolver = trustchain_resolver("http://localhost:3000/");
+        let vc: Credential = serde_json::from_str(UNSIGNED_DRIVERS_LICENCE_VC).unwrap();
+        let attestor = IONAttestor::new(issuer_did_suffix);
+
+        let signed_vc = attestor
+            .sign(
+                &vc,
+                None,
+                Some("QDsGIX_7NfNEaXdEeV7PJ5e_CwoH5LlF3srsCp5dcHA"),
+                &resolver,
+                &mut ContextLoader::default(),
+            )
+            .await
+            .unwrap();
+        println!("{}", serde_json::to_string_pretty(&signed_vc).unwrap());
+        let mut context_loader = ContextLoader::default();
+        let verifier = TrustchainVerifier::new(resolver);
+        let res = TrustchainAPI::verify_credential(
+            &signed_vc,
+            None,
+            ROOT_EVENT_TIME_1,
+            &verifier,
+            &mut context_loader,
+        )
+        .await;
+        // println!("{:?}", &res);
+        assert!(res.is_ok());
+    }
+
+    #[ignore = "requires a running Sidetree node listening on http://localhost:3000"]
+    #[tokio::test]
+    async fn test_redact_verify_rss_credential() {
+        init();
+
+        // DID with RSS verification method
+        let issuer_did_suffix = "did:ion:test:EiAtHHKFJWAk5AsM3tgCut3OiBY4ekHTf66AAjoysXL65Q";
+        let resolver = trustchain_resolver("http://localhost:3000/");
+        let vc: Credential = serde_json::from_str(UNSIGNED_DRIVERS_LICENCE_VC).unwrap();
+        let attestor = IONAttestor::new(issuer_did_suffix);
+
+        let mut signed_vc = attestor
+            .sign(
+                &vc,
+                None,
+                Some("QDsGIX_7NfNEaXdEeV7PJ5e_CwoH5LlF3srsCp5dcHA"),
+                &resolver,
+                &mut ContextLoader::default(),
+            )
+            .await
+            .unwrap();
+        // println!("{}", serde_json::to_string_pretty(&signed_vc).unwrap());
+        // derive redacted RSignature
+        let masked_cred_sub: CredentialSubject = serde_json::from_str(
+            r###"{
+              "id": "did:example:12347abcd",
+              "Iso18013DriversLicense": {
+                "height": null,
+                "weight": null,
+                "nationality": null,
+                "given_name": null,
+                "family_name": null,
+                "issuing_country": "US",
+                "birth_date": null,
+                "age_in_years": 30,
+                "age_birth_year": null
+              }
+            }"###,
+        )
+        .unwrap();
+        let mut masked_copy = signed_vc.clone();
+        masked_copy.credential_subject = OneOrMany::One(masked_cred_sub);
+
+        // produce redacted vc from redacted json
+        let mut context_loader = ContextLoader::default();
+        let verifier = TrustchainVerifier::new(resolver);
+        signed_vc
+            .rss_redact(
+                masked_copy,
+                &trustchain_resolver("http://localhost:3000/"),
+                &mut context_loader,
+            )
+            .await
+            .unwrap();
+        // println!("{}", serde_json::to_string_pretty(&signed_vc).unwrap());
+
+        let res = TrustchainAPI::verify_credential(
+            &signed_vc,
+            None,
+            ROOT_EVENT_TIME_1,
+            &verifier,
+            &mut context_loader,
+        )
+        .await;
+
+        assert!(res.is_ok());
+    }
+
     #[ignore = "requires a running Sidetree node listening on http://localhost:3000"]
     #[tokio::test]
     async fn test_verify_presentation() {
@@ -444,4 +570,16 @@ mod tests {
             .await
             .unwrap()
     }
+
+    #[test]
+    fn get_key_entry() {
+        use ps_sig::keys::Params;
+        use ssi::jwk::rss::generate_keys_jwk;
+        use ssi::jwk::JWK;
+
+        let key: JWK = generate_keys_jwk(64, &Params::new("test".to_string().as_bytes())).unwrap();
+        println!("{}", serde_json::to_string_pretty(&key).unwrap());
+        let entry: PublicKeyEntry = key.try_into().unwrap();
+        println!("{}", serde_json::to_string_pretty(&entry).unwrap());
+    }
 }
diff --git a/trustchain-cli/Cargo.toml b/trustchain-cli/Cargo.toml
@@ -13,11 +13,15 @@ trustchain-core = { path = "../trustchain-core" }
 trustchain-ion = { path = "../trustchain-ion" }
 trustchain-api = { path = "../trustchain-api" }
 
-clap = { version = "4.0.32", features=["derive", "cargo"] }
-did-ion = {git="https://github.com/alan-turing-institute/ssi.git", branch="modify-encode-sign-jwt"}
-lazy_static="1.4.0"
+clap = { version = "4.0.32", features = ["derive", "cargo"] }
+did-ion = { git = "https://github.com/alan-turing-institute/ssi.git", rev = "1aa3223a384ee71df1333bbce04af445e852eab5" }
+lazy_static = "1.4.0"
 serde = { version = "1.0", features = ["derive"] }
 serde_json = "1.0"
-ssi = {git="https://github.com/alan-turing-institute/ssi.git", branch="modify-encode-sign-jwt", features = ["http-did", "secp256k1"]}
-tokio = {version = "1.20.1", features = ["full"]}
-toml="0.7.2"
+ssi = { git = "https://github.com/alan-turing-institute/ssi.git", rev = "1aa3223a384ee71df1333bbce04af445e852eab5", features = [
+    "http-did",
+    "secp256k1",
+    "rss",
+] }
+tokio = { version = "1.20.1", features = ["full"] }
+toml = "0.7.2"
diff --git a/trustchain-cli/src/bin/main.rs b/trustchain-cli/src/bin/main.rs
@@ -227,6 +227,14 @@ async fn main() -> Result<(), Box<dyn std::error::Error>> {
                             println!("Proof... Invalid");
                             err?;
                         }
+                        err @ Err(CredentialError::NoProofPresent) => {
+                            println!("Proof... ❌ (missing proof)");
+                            err?;
+                        }
+                        err @ Err(CredentialError::MissingVerificationMethod) => {
+                            println!("Proof... ❌ (missing verification method)");
+                            err?;
+                        }
                         err @ Err(CredentialError::NoIssuerPresent) => {
                             println!("Proof... ✅");
                             println!("Issuer... ❌ (missing issuer)");

diff --git a/trustchain-core/Cargo.toml b/trustchain-core/Cargo.toml
@@ -6,21 +6,27 @@ edition = "2021"
 
 
 [dependencies]
+ps_sig = { git = "https://github.com/alan-turing-institute/RSS.git", rev = "ec9386e125d87c5f54898b34fbe0883b3b36ffd4" }
+
 async-trait = "0.1"
 base64 = "0.13"
 canonical_json = "0.4.0"
 chrono = "0.4"
-did-method-key = {git="https://github.com/alan-turing-institute/ssi.git", branch="modify-encode-sign-jwt"}
+did-method-key = { git = "https://github.com/alan-turing-institute/ssi.git", rev = "1aa3223a384ee71df1333bbce04af445e852eab5" }
 futures = "0.3.21"
-petgraph = {version = "0.6"}
+petgraph = { version = "0.6" }
 serde = { version = "1.0", features = ["derive"] }
 serde_jcs = "0.1.0"
 serde_json = "1.0"
 sha2 = "0.10.7"
-ssi = {git="https://github.com/alan-turing-institute/ssi.git", branch="modify-encode-sign-jwt", features = ["http-did", "secp256k1"]}
+ssi = { git = "https://github.com/alan-turing-institute/ssi.git", rev = "1aa3223a384ee71df1333bbce04af445e852eab5", features = [
+    "http-did",
+    "secp256k1",
+    "rss",
+] }
 tempfile = { version = "3.3" }
 thiserror = "1.0"
-tokio = {version = "1.20.1", features = ["full"]}
+tokio = { version = "1.20.1", features = ["full"] }
 
 [dev-dependencies]
 mockall = "0.11.2"