From e6d98cb22db41f5c1fec021d2ff3a9d5fb8931aa Mon Sep 17 00:00:00 2001 From: Manu Sporny Date: Mon, 4 Mar 2024 19:10:55 -0500 Subject: [PATCH 1/5] Add cryptosuite instantiation algorithm. --- index.html | 39 +++++++++++++++++++++++++++++++++++++++ 1 file changed, 39 insertions(+) diff --git a/index.html b/index.html index d2fa4f2..cf09b6d 100644 --- a/index.html +++ b/index.html @@ -487,6 +487,45 @@

Algorithms

by default, and abort processing upon detection.

+
+

Instantiate Cryptosuite

+ +

+This algorithm is used to configure a cryptographic suite to be used by the +Add Proof and +Verify Proof +functions in [[[VC-DATA-INTEGRITY]]]. The algorithm takes an options object +([=map=] |options|) as input and returns a [=data integrity cryptographic suite +instance|cryptosuite instance=] ([=struct=] |cryptosuite|). +

+ +
    +
  1. +Initialize |cryptosuite| to an empty [=struct=]. +
    2. +
  2. +If |options|.|type| does not equal `DataIntegrityProof`, return |cryptosuite|. +
    3. +
  3. +If |options|.|cryptosuite| is `bbs-2023` then: +
      +
    1. +Set |cryptosuite|.|createProof| to the algorithm in Section +[[[#create-base-proof-bbs-2023]]]. +
      2. +
    2. +Set |cryptosuite|.|verifyProof| to the algorithm in Section +[[[#verify-derived-proof-bbs-2023]]]. +
      3. +
    +
    4. +
  4. +Return |cryptosuite|. +
    5. +
+ +
+

Selective Disclosure Functions

From 2c71d939106db7728c659fcbe7fcc8795c5f4182 Mon Sep 17 00:00:00 2001 From: Manu Sporny Date: Mon, 4 Mar 2024 19:16:39 -0500 Subject: [PATCH 2/5] Add Create Base Proof to align w/ new cryptosuite interface. --- index.html | 55 +++++++++++++++++++++++++++++++++++++++--------------- 1 file changed, 40 insertions(+), 15 deletions(-) diff --git a/index.html b/index.html index cf09b6d..ec6a0e6 100644 --- a/index.html +++ b/index.html @@ -1091,24 +1091,49 @@

bbs-2023

-

Add Base Proof (bbs-2023)

+

Create Base Proof (bbs-2023)

-To generate a base proof, the algorithm in - -Section 4.1: Add Proof of the Data Integrity -[[VC-DATA-INTEGRITY]] specification MUST be executed. -For that algorithm, the cryptographic suite specific - -transformation algorithm is defined in Section -, the - -hashing algorithm is defined in Section , -and the - -proof serialization algorithm is defined in Section -. +The following algorithm specifies how to create a [=data integrity proof=] given +an unsecured data document. Required inputs are an +unsecured data document ([=map=] |unsecuredDocument|), and a set of proof +options ([=map=] |options|). A [=data integrity proof=] ([=map=]), or an error, +is produced as output.

+ +
    +
  1. +Let |proof| be a clone of the proof options, |options|. +
    2. +
  2. +Let |proofConfig| be the result of running the algorithm in +Section [[[#base-proof-configuration-bbs-2023]]] with +|options| passed as a parameter. +
    3. +
  3. +Let |transformedData| be the result of running the algorithm in Section with |unsecuredDocument|, +|proofConfig|, and |options| passed as parameters. +
    4. +
  4. +Let |hashData| be the result of running the algorithm in Section +[[[#base-proof-hashing-bbs-2023]]] with |transformedData| and |proofConfig| +passed as a parameters. +
    5. +
  5. +Let |proofBytes| be the result of running the algorithm in Section +[[[#base-proof-serialization-bbs-2023]]] with |hashData| and +|options| passed as parameters. +
    6. +
  6. +Let |proof|.|proofValue| be a +base64url-encoded Multibase value of the |proofBytes|. +
    7. +
  7. +Return |proof| as the [=data integrity proof=]. +
    8. +
+
From b0b5f6bfcf4f4f4a49e8c1a8c7418a2596bed026 Mon Sep 17 00:00:00 2001 From: Manu Sporny Date: Mon, 4 Mar 2024 19:32:25 -0500 Subject: [PATCH 3/5] Update Verify Derived Proof to use new cryptosuite interface. --- index.html | 59 +++++++++++++++++++++++++++++++++++++++++------------- 1 file changed, 45 insertions(+), 14 deletions(-) diff --git a/index.html b/index.html index ec6a0e6..8b95372 100644 --- a/index.html +++ b/index.html @@ -1435,27 +1435,49 @@

Add Derived Proof (bbs-2023)

-

Verify Derived Proof (bbs-2023)

-The following algorithm attempts verification of a `bbs-2023` derived -proof. This algorithm is called by a verifier of an BBS-protected -verifiable credential. The inputs include a JSON-LD document -(document), a BBS disclosure proof (proof), and any -custom JSON-LD API options (such as a document loader). A single boolean -verification result value is produced as output. +The following algorithm specifies how to verify a [=data integrity proof=] given +an secured data document. Required inputs are an +secured data document ([=map=] |securedDocument|). This algorithm returns +a verification result, which is a [=struct=] whose +[=struct/items=] are: +

+ +
+
verified
+
`true` or `false`
+
verifiedDocument
+
+Null, if [=verification result/verified=] is +`false`; otherwise, an [=unsecured data document=] +
+
+ +

+To verify a derived proof, perform the following steps:

    - +
  1. +Let |unsecuredDocument| be a copy of |securedDocument| with +the `proof` value removed. +
    2. +
  2. +Let |proofConfig| be a copy of |securedDocument|.|proof| with `proofValue` +removed. +
    3. +
  3. +Let |proof| be the value of |securedDocument|.|proof|. +
  4. Initialize `bbsProof`, `proofHash`, `mandatoryHash`, `selectedIndexes`, `presentationHeader`, `pseudonym`, and `nonMandatory` to the values associated with their property names in the object returned when calling the algorithm in Section -, passing the `document`, `proof`, and any -custom JSON-LD API options (such as a document loader). +, passing the |unsecuredDocument|, |proof|, and +any custom JSON-LD API options (such as a document loader).
  5. Initialize `bbsHeader` to the concatenation of `proofHash` and `mandatoryHash` @@ -1463,7 +1485,7 @@

    Verify Derived Proof (bbs-2023)

    obtained from the UTF-8 encoding of the elements of the `nonMandatory` array.
  6. -Initialize `verificationResult` to the result of applying the verification +Initialize |verified| to the result of applying the verification algorithm below, depending on whether the |pseudonym| value is empty.
    1. @@ -1495,14 +1517,23 @@

      Verify Derived Proof (bbs-2023)

      hidden pid" cases.
    - +
    7. +
  7. +Return a [=verification result=] with [=struct/items=]: +
    +
    [=verified=]
    +
    |verified|
    +
    [=verifiedDocument=]
    +
    +|unsecuredDocument| if |verified| is `true`, otherwise Null +
    +
-
-

Optional Features

From 6d18d0ed76e46a0a1bdce36443b7ff308dfd6dbd Mon Sep 17 00:00:00 2001 From: Manu Sporny Date: Thu, 14 Mar 2024 15:36:10 -0400 Subject: [PATCH 4/5] Fix grammar, syntax, and markup in cryptosuite interface. Co-authored-by: Ted Thibodeau Jr --- index.html | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/index.html b/index.html index 8b95372..9c424ff 100644 --- a/index.html +++ b/index.html @@ -1111,8 +1111,8 @@

Create Base Proof (bbs-2023)

|options| passed as a parameter.
  • -Let |transformedData| be the result of running the algorithm in Section with |unsecuredDocument|, +Let |transformedData| be the result of running the algorithm in Section +[[[#base-proof-transformation-bbs-2023]]] with |unsecuredDocument|, |proofConfig|, and |options| passed as parameters.
  • @@ -1440,7 +1440,7 @@

    Verify Derived Proof (bbs-2023)

    The following algorithm specifies how to verify a [=data integrity proof=] given -an secured data document. Required inputs are an +an secured data document. Required inputs are a secured data document ([=map=] |securedDocument|). This algorithm returns a verification result, which is a [=struct=] whose [=struct/items=] are: From 892868fd8aefecf1cdf2f626722582ed37dc19e5 Mon Sep 17 00:00:00 2001 From: Manu Sporny Date: Thu, 14 Mar 2024 15:51:15 -0400 Subject: [PATCH 5/5] Fix formatting in verify derived proof. --- index.html | 51 ++++++++++++++++++++++----------------------------- 1 file changed, 22 insertions(+), 29 deletions(-) diff --git a/index.html b/index.html index 9c424ff..88b5388 100644 --- a/index.html +++ b/index.html @@ -1474,10 +1474,10 @@

    Verify Derived Proof (bbs-2023)

  • Initialize `bbsProof`, `proofHash`, `mandatoryHash`, `selectedIndexes`, -`presentationHeader`, `pseudonym`, and `nonMandatory` to the values associated with their -property names in the object returned when calling the algorithm in Section -, passing the |unsecuredDocument|, |proof|, and -any custom JSON-LD API options (such as a document loader). +`presentationHeader`, `pseudonym`, and `nonMandatory` to the values associated +with their property names in the object returned when calling the algorithm in +Section , passing the |unsecuredDocument|, +|proof|, and any custom JSON-LD API options (such as a document loader).
  • Initialize `bbsHeader` to the concatenation of `proofHash` and `mandatoryHash` @@ -1489,32 +1489,25 @@

    Verify Derived Proof (bbs-2023)

    algorithm below, depending on whether the |pseudonym| value is empty.
    1. -If the |pseudonym| value is empty, -initialize `verificationResult` to the result of applying the verification -algorithm -`ProofVerify(PK, proof, header, ph, disclosed_messages, disclosed_indexes)` of -[[CFRG-BBS-SIGNATURE]] -with `PK` set as the public key of the original issuer, `proof` set as `bbsProof`, -`header` set as `bbsHeader`, `disclosed_messages` set as `disclosedMessages`, -`ph` set as `presentationHeader`, and `disclosed_indexes` set as -`selectiveIndexes`. Return `verificationResult` as verification result. -This applies to the regular BBS proof case as well as "anonymous holder binding" +If the |pseudonym| value is empty, initialize |verified| to the result of +applying the verification algorithm `ProofVerify(PK, proof, header, ph, +disclosed_messages, disclosed_indexes)` of [[CFRG-BBS-SIGNATURE]] with `PK` set +as the public key of the original issuer, `proof` set as `bbsProof`, `header` +set as `bbsHeader`, `disclosed_messages` set as `disclosedMessages`, `ph` set as +`presentationHeader`, and `disclosed_indexes` set as `selectiveIndexes`. This +applies to the regular BBS proof case as well as "anonymous holder binding" case.
    2. -If the |pseudonym| value is not empty, -initialize `verificationResult` to the result of applying the verification -algorithm -`PseudonymProofVerify(PK, proof, header, ph, disclosed_messages, disclosed_indexes, pseudonym)` -of -[[CFRG-Pseudonym-BBS-Signature]], -with `PK` set as the public key of the original issuer, `proof` set as `bbsProof`, -`header` set as `bbsHeader`, `disclosed_messages` set as `disclosedMessages`, -`ph` set as `presentationHeader`, `disclosed_indexes` set as -`selectiveIndexes`, and `pseudonym`. Return `verificationResult` as -verification result. -This applies to the "pseudonym with issuer known pid" and "pseudonym with -hidden pid" cases. +If the |pseudonym| value is not empty, initialize |verified| to the result of +applying the verification algorithm `PseudonymProofVerify(PK, proof, header, ph, +disclosed_messages, disclosed_indexes, pseudonym)` of +[[CFRG-Pseudonym-BBS-Signature]], with `PK` set as the public key of the +original issuer, `proof` set as `bbsProof`, `header` set as `bbsHeader`, +`disclosed_messages` set as `disclosedMessages`, `ph` set as +`presentationHeader`, `disclosed_indexes` set as `selectiveIndexes`, and +`pseudonym`. This applies to the "pseudonym with issuer known pid" and +"pseudonym with hidden pid" cases.
    • @@ -1525,8 +1518,8 @@

    Verify Derived Proof (bbs-2023)

    |verified|
    [=verifiedDocument=]
    -|unsecuredDocument| if |verified| is `true`, otherwise Null +|unsecuredDocument| if |verified| is `true`, otherwise +Null