rfc0593

package
v0.0.0-...-57c6170 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Mar 1, 2023 License: Apache-2.0 Imports: 22 Imported by: 0

Documentation

Index

Constants

View Source 
const (
	// ProofVCDetailFormat is the attachment format used in the proposal, offer, and request message attachments.
	ProofVCDetailFormat = "aries/ld-proof-vc-detail@v1.0"
	// ProofVCFormat is the attachment format used in the issue-credential message attachment.
	ProofVCFormat = "aries/ld-proof-vc@v1.0"
	// StoreName is the name of the transient store used by AutoExecute.
	StoreName = "RFC0593TransientStore"
)

Variables

View Source 
var DefaultSignatureSuiteSpecs = map[string]SignatureSuiteSpec{
	ed25519signature2018.SignatureType: {
		KeyType:       kms.ED25519Type,
		KeyMultiCodec: fingerprint.ED25519PubKeyMultiCodec,
		Suite: func(opts ...suite.Opt) signer.SignatureSuite {
			return ed25519signature2018.New(opts...)
		},
		SignatureRepresentation: verifiable.SignatureJWS,
		Signer: func(p Provider, kh interface{}) Signer {
			return suite.NewCryptoSigner(p.Crypto(), kh)
		},
	},
	bbsblssignature2020.SignatureType: {
		KeyType:       kms.BLS12381G2Type,
		KeyMultiCodec: fingerprint.BLS12381g2PubKeyMultiCodec,
		Suite: func(opts ...suite.Opt) signer.SignatureSuite {
			return bbsblssignature2020.New(opts...)
		},
		SignatureRepresentation: verifiable.SignatureProofValue,
		Signer: func(p Provider, kh interface{}) Signer {
			return newBBSSigner(p.KMS(), p.Crypto(), kh)
		},
	},
}

DefaultSignatureSuiteSpecs are the signature suites supported by default. TODO make signaturesuite specs configurable.

View Source 
var ErrRFC0593NotApplicable = errors.New("RFC0593 is not applicable")

ErrRFC0593NotApplicable indicates RFC0593 does not apply to the message being handled because it does not contain an attachment with the proof format identifiers.

See also: ProofVCDetailFormat, ProofVCFormat.

Functions

func AutoExecute 

func AutoExecute(p Provider, next chan service.DIDCommAction) func(chan service.DIDCommAction)

AutoExecute will automatically execute the issue-credential V2 protocol using ReplayProposal, ReplayOffer, and IssueCredential by handling the associated actions if they contain RFC0593 attachments. Other actions are passed through to 'next'.

Usage: 

client := issuecredential.Client = ...
events = make(chan service.DIDCommAction)
err := client.RegisterActionEvent(events)
if err != nil {
    panic(err)
}
var p Provider = ...
next := make(chan service.DIDCommAction)
go AutoExecute(p, next)(events)
for event := range next {
    // handle events from issue-credential that do not conform to RFC0593
}

Note: use the protocol Middleware if the protocol needs to be started with a request-credential message.

See also: service.AutoExecuteActionEvent.

func CreateIssueCredentialMsg 

func CreateIssueCredentialMsg(p Provider, spec *CredentialSpec) (*issuecredential.IssueCredentialV2, error)

CreateIssueCredentialMsg creates an issue-credential message using the credential spec.

func FindAttachment 

func FindAttachment(formatType string,
	formats []issuecredential.Format, attachments []decorator.Attachment) (*decorator.Attachment, error)

FindAttachment returns the attachment corresponding to the RFC0593 format entry.

func RegisterMiddleware 

func RegisterMiddleware(mw Middleware, p ServiceProvider) error

RegisterMiddleware registers the Middleware in the IssueCredentialService looked up from the ServiceProvider.

See also: NewMiddleware.

func ValidateVCMatchesSpecOptions 

func ValidateVCMatchesSpecOptions(vc *verifiable.Credential, options *CredentialSpecOptions) error

ValidateVCMatchesSpecOptions ensures the vc matches the spec.

func VerifyCredential 

func VerifyCredential(p Provider,
	options *CredentialSpecOptions, name string, msg service.DIDCommMsg) (interface{}, error)

VerifyCredential verifies the credential received in an RFC0593 issue-credential message.

The credential is validated to ensure it complies with the given CredentialSpecOptions.

The credential will then be saved with the given name.

Usage: 

var p Provider = ...
client := issuecredential.Client = ...
var events chan service.DIDCommAction = ...
err := client.RegisterActionEvent(events)
if err != nil {
    panic(err)
}
var options *CredentialSpecOptions
for event := range events {
    switch event.Message.Type() {
    case issuecredential.OfferCredentialMsgType:
        arg, opts, err := ReplayOffer(p, event.Message)
        if err != nil {
            event.Stop(err)
        }

        options = opts
        event.Continue(arg)
    case issuecredential.IssueCredentialMsgType:
        arg, err := VerifyCredential(p, options, "my_vc", event.Message)
        if errors.Is(err, ErrRFC0593NotApplicable) {
            // inspect and handle the event yourself
            arg, err = handleEvent(event)
        }

        if err != nil {
            event.Stop(err)
        }

        event.Continue(arg)
    }
}

Types

type CredentialSpec 

type CredentialSpec struct {
	Template json.RawMessage        `json:"credential"`
	Options  *CredentialSpecOptions `json:"options"`
}

CredentialSpec is the attachment payload in messages conforming to the RFC0593 format.

func GetCredentialSpec 

func GetCredentialSpec(p JSONLDDocumentLoaderProvider,
	formats []issuecredential.Format, attachments []decorator.Attachment) (*CredentialSpec, error)

GetCredentialSpec extracts the CredentialSpec from the formats and attachments.

type CredentialSpecOptions 

type CredentialSpecOptions struct {
	ProofPurpose string            `json:"proofPurpose"`
	Created      string            `json:"created"`
	Domain       string            `json:"domain"`
	Challenge    string            `json:"challenge"`
	Status       *CredentialStatus `json:"credentialStatus"`
	ProofType    string            `json:"proofType"`
}

CredentialSpecOptions are the options for issuance of the credential. TODO support CredentialStatus.

func IssueCredential 

func IssueCredential(p Provider, msg service.DIDCommMsg) (interface{}, *CredentialSpecOptions, error)

IssueCredential attaches an LD proof to the template VC in the inbound request message and attaches the verifiable credential to an outbound issue-credential message.

Usage: 

var p Provider = ...
client := issuecredential.Client = ...
var events chan service.DIDCommAction = ...
err := client.RegisterActionEvent(events)
if err != nil {
    panic(err)
}
for event := range events {
    if event.Message.Type() == issuecredential.RequestCredentialMsgType {
        arg, options, err := IssueCredential(p, event.Message)
        if errors.Is(err, ErrRFC0593NotApplicable) {
            // inspect and handle the event yourself
            arg, err = handleEvent(event)
        }

        if err != nil {
            event.Stop(err)
        }

        // inspect options

        event.Continue(arg)
    }
}

func ReplayOffer 

func ReplayOffer(p JSONLDDocumentLoaderProvider, msg service.DIDCommMsg) (interface{}, *CredentialSpecOptions, error)

ReplayOffer replays the inbound offered CredentialSpec as an outbound request that can be sent back to the original sender.

Usage: 

var p JSONLDDocumentLoaderProvider = ...
client := issuecredential.Client = ...
var events chan service.DIDCommAction = ...
err := client.RegisterActionEvent(events)
if err != nil {
    panic(err)
}
for event := range events {
    if event.Message.Type() == issuecredential.OfferCredentialMsgType {
        arg, options, err := ReplayOffer(p, event.Message)
        if errors.Is(err, ErrRFC0593NotApplicable) {
            // inspect and handle the event yourself
            arg, err = handleEvent(event)
        }

        if err != nil {
            event.Stop(err)
        }

        // inspect options

        event.Continue(arg)
    }
}

func ReplayProposal 

func ReplayProposal(p JSONLDDocumentLoaderProvider,
	msg service.DIDCommMsg) (interface{}, *CredentialSpecOptions, error)

ReplayProposal replays the inbound proposed CredentialSpec as an outbound offer that can be sent back to the original sender.

Usage: 

var p JSONLDDocumentLoaderProvider = ...
client := issuecredential.Client = ...
var events chan service.DIDCommAction = ...
err := client.RegisterActionEvent(events)
if err != nil {
    panic(err)
}
for event := range events {
    if event.Message.Type() == issuecredential.ProposeCredentialMsgType {
        arg, options, err := ReplayProposal(p, event.Message)
        if errors.Is(err, ErrRFC0593NotApplicable) {
            // inspect and handle the event yourself
            arg, err = handleEvent(event)
        }

        if err != nil {
            event.Stop(err)
        }

        // inspect options

        event.Continue(arg)
    }
}

type CredentialStatus 

type CredentialStatus struct {
	Type string `json:"type"`
}

CredentialStatus is the requested status for the credential.

type IssueCredentialService 

type IssueCredentialService interface {
	AddMiddleware(...issuecredential.Middleware)
}

IssueCredentialService defines the API required on the issue-credential protocol service implementation.

type JSONLDDocumentLoaderProvider 

type JSONLDDocumentLoaderProvider interface {
	JSONLDDocumentLoader() ld.DocumentLoader
}

JSONLDDocumentLoaderProvider provides an ld.DocumentLoader.

See also: context.Provider.

type Middleware 

type Middleware issuecredential.Middleware

Middleware is the RFC0593 issuecredential.Middleware that can be injected into the protocol service.

func NewMiddleware 

func NewMiddleware(p TransientStorage) (Middleware, error)

NewMiddleware returns a new Middleware that can be used with the issuecredential protocol service in conjunction with AutoExecute when the protocol needs to be started with a request-credential message.

Usage: 

framework, err := aries.New()
if err != nil {
    panic(err)
}
ctx, err := framework.Context()
if err != nil {
    panic(err)
}
mw, err := NewMiddleware(ctx)
if err != nil {
    panic(err)
}
err = RegisterMiddleware(mw, ctx)
if err != nil {
    panic(err)
}
client := issuecredential.Client = ...
events = make(chan service.DIDCommAction)
err := client.RegisterActionEvent(events)
if err != nil {
    panic(err)
}
next := make(chan service.DIDCommAction)
go AutoExecute(ctx, next)(events)
for event := range next {
    // handle events from issue-credential that do not conform to RFC0593
}

See also: AutoExecute.

type Provider 

type Provider interface {
	JSONLDDocumentLoaderProvider
	TransientStorage
	KMS() kms.KeyManager
	Crypto() crypto.Crypto
	VDRegistry() vdr.Registry
}

Provider provides all dependencies.

See also: context.Provider.

type ServiceProvider 

type ServiceProvider interface {
	Service(name string) (interface{}, error)
}

ServiceProvider is used to lookup the issuecredential service.

type SignatureSuiteSpec 

type SignatureSuiteSpec struct {
	KeyType                 kms.KeyType
	KeyMultiCodec           uint64
	SignatureRepresentation verifiable.SignatureRepresentation
	Suite                   func(...suite.Opt) signer.SignatureSuite
	Signer                  func(Provider, interface{}) Signer
}

SignatureSuiteSpec specifies how to instantiate a signature suite and its proof.

type Signer 

type Signer interface {
	Sign(data []byte) ([]byte, error)
	Alg() string
}

Signer is used to create signer.SignatureSuite and attach LD proofs.

type TransientStorage 

type TransientStorage interface {
	ProtocolStateStorageProvider() storage.Provider
}

TransientStorage provides transient storage.

Source Files

View all Source files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.