Improve Proof

bindings/wasm/src/credential/credential.rs

@@ -22,6 +22,7 @@ use crate::credential::ArrayStatus;
 use crate::credential::ArraySubject;
 use crate::credential::ICredential;
 use crate::credential::UrlOrIssuer;
+use crate::credential::WasmProof;
 use crate::error::Result;
 use crate::error::WasmResult;
 
@@ -195,18 +196,25 @@ impl WasmCredential {
     self.0.non_transferable
   }
 
-  /// Returns a copy of the proof used to verify the {@link Credential}.
+  /// Optional cryptographic proof, unrelated to JWT.
   #[wasm_bindgen]
-  pub fn proof(&self) -> Result<JsValue> {
-    // TODO: Update with proof.
-    JsValue::from_serde(&self.0.proof).wasm_result()
+  pub fn proof(&self) -> Option<WasmProof> {
+    self.0.proof.clone().map(WasmProof)
   }
 
   /// Returns a copy of the miscellaneous properties on the {@link Credential}.
   #[wasm_bindgen]
   pub fn properties(&self) -> Result<MapStringAny> {
     MapStringAny::try_from(&self.0.properties)
   }
+
+  /// Sets the proof property of the {@link Credential}.
+  ///
+  /// Note that this proof is not related to JWT.
+  #[wasm_bindgen(js_name = "setProof")]
+  pub fn set_proof(&mut self, proof: Option<WasmProof>) {
+    self.0.set_proof(proof.map(|wasm_proof| wasm_proof.0))
+  }
 }
 
 impl_wasm_json!(WasmCredential, Credential);

bindings/wasm/src/credential/jwt_presentation_validation/decoded_jwt_presentation.rs

@@ -5,8 +5,8 @@ use identity_iota::credential::DecodedJwtPresentation;
 use wasm_bindgen::prelude::*;
 
 use crate::common::WasmTimestamp;
-use crate::credential::jwt_presentation::WasmPresentation;
 use crate::credential::UnknownCredential;
+use crate::credential::WasmPresentation;
 use crate::jose::WasmJwsHeader;
 
 /// A cryptographically verified and decoded presentation.

bindings/wasm/src/credential/jwt_presentation_validation/jwt_presentation_validator.rs

@@ -4,8 +4,8 @@
 use super::decoded_jwt_presentation::WasmDecodedJwtPresentation;
 use super::options::WasmJwtPresentationValidationOptions;
 use crate::common::ImportedDocumentLock;
-use crate::credential::jwt_presentation::WasmPresentation;
 use crate::credential::WasmJwt;
+use crate::credential::WasmPresentation;
 use crate::did::IToCoreDocument;
 use crate::did::WasmCoreDID;
 use crate::error::Result;

bindings/wasm/src/credential/mod.rs

@@ -9,10 +9,11 @@ pub use self::domain_linkage_configuration::WasmDomainLinkageConfiguration;
 pub use self::jws::WasmJws;
 pub use self::jwt::WasmJwt;
 pub use self::jwt_credential_validation::*;
-pub use self::jwt_presentation::*;
 pub use self::jwt_presentation_validation::*;
 pub use self::options::WasmFailFast;
 pub use self::options::WasmSubjectHolderRelationship;
+pub use self::presentation::*;
+pub use self::proof::WasmProof;
 pub use self::types::*;
 
 mod credential;
@@ -23,8 +24,9 @@ mod domain_linkage_validator;
 mod jws;
 mod jwt;
 mod jwt_credential_validation;
-mod jwt_presentation;
 mod jwt_presentation_validation;
 mod linked_domain_service;
 mod options;
+mod presentation;
+mod proof;
 mod types;

bindings/wasm/src/credential/jwt_presentation/presentation.rs → bindings/wasm/src/credential/presentation/presentation.rs

@@ -16,6 +16,7 @@ use crate::credential::ArrayRefreshService;
 use crate::credential::ArrayUnknownCredential;
 use crate::credential::IPresentation;
 use crate::credential::UnknownCredential;
+use crate::credential::WasmProof;
 use crate::credential::WasmUnknownCredentialContainer;
 use crate::error::Result;
 use crate::error::WasmResult;
@@ -126,10 +127,18 @@ impl WasmPresentation {
       .map(|value| value.unchecked_into::<ArrayPolicy>())
   }
 
-  /// Optional proof that can be verified by users in addition to JWS.
+  /// Optional cryptographic proof, unrelated to JWT.
   #[wasm_bindgen]
-  pub fn proof(&self) -> Result<Option<MapStringAny>> {
-    self.0.proof.clone().map(MapStringAny::try_from).transpose()
+  pub fn proof(&self) -> Option<WasmProof> {
+    self.0.proof.clone().map(WasmProof)
+  }
+
+  /// Sets the proof property of the {@link Presentation}.
+  ///
+  /// Note that this proof is not related to JWT.
+  #[wasm_bindgen(js_name = "setProof")]
+  pub fn set_proof(&mut self, proof: Option<WasmProof>) {
+    self.0.set_proof(proof.map(|wasm_proof| wasm_proof.0))
   }
 
   /// Returns a copy of the miscellaneous properties on the presentation.

bindings/wasm/src/credential/proof.rs

@@ -0,0 +1,45 @@
+// Copyright 2020-2023 IOTA Stiftung
+// SPDX-License-Identifier: Apache-2.0
+
+use identity_iota::core::Object;
+use identity_iota::credential::Proof;
+use wasm_bindgen::prelude::*;
+
+use crate::error::Result;
+use crate::error::WasmResult;
+
+/// Represents a cryptographic proof that can be used to validate verifiable credentials and
+/// presentations.
+///
+/// This representation does not inherently implement any standard; instead, it
+/// can be utilized to implement standards or user-defined proofs. The presence of the
+/// `type` field is necessary to accommodate different types of cryptographic proofs.
+///
+/// Note that this proof is not related to JWT and can be used in combination or as an alternative
+/// to it.
+#[wasm_bindgen(js_name = Proof)]
+pub struct WasmProof(pub(crate) Proof);
+
+#[wasm_bindgen(js_class = Proof)]
+impl WasmProof {
+  #[wasm_bindgen(constructor)]
+  pub fn constructor(_type: String, properties: JsValue) -> Result<WasmProof> {
+    let properties: Object = properties.into_serde().wasm_result()?;
+    Ok(WasmProof(Proof::new(_type, properties)))
+  }
+
+  /// Returns the type of proof.
+  #[wasm_bindgen(js_name = "type")]
+  pub fn _type(&self) -> String {
+    self.0._type.clone()
+  }
+
+  /// Returns the properties of the proof.
+  #[wasm_bindgen]
+  pub fn properties(&self) -> Result<JsValue> {
+    JsValue::from_serde(&self.0.properties).wasm_result()
+  }
+}
+
+impl_wasm_json!(WasmProof, Proof);
+impl_wasm_clone!(WasmProof, Proof);

bindings/wasm/tests/credentials.ts

@@ -120,7 +120,7 @@ describe("Credential", function() {
             properties.set("custom1", "asdf");
             properties.set("custom2", 1234);
             assert.deepStrictEqual(credential.properties(), properties);
-            assert.deepStrictEqual(credential.proof(), null);
+            assert.deepStrictEqual(credential.proof(), undefined);
         });
     });
 });

identity_credential/src/credential/credential.rs

@@ -27,6 +27,7 @@ use crate::error::Error;
 use crate::error::Result;
 
 use super::jwt_serialization::CredentialJwtClaims;
+use super::Proof;
 
 lazy_static::lazy_static! {
   static ref BASE_CONTEXT: Context = Context::Url(Url::parse("https://www.w3.org/2018/credentials/v1").unwrap());
@@ -77,9 +78,9 @@ pub struct Credential<T = Object> {
   /// Miscellaneous properties.
   #[serde(flatten)]
   pub properties: T,
-  /// Proof(s) used to verify a `Credential`
+  /// Optional cryptographic proof, unrelated to JWT.
   #[serde(skip_serializing_if = "Option::is_none")]
-  pub proof: Option<Object>,
+  pub proof: Option<Proof>,
 }
 
 impl<T> Credential<T> {
@@ -153,6 +154,13 @@ impl<T> Credential<T> {
     Ok(())
   }
 
+  /// Sets the proof property of the `Credential`.
+  ///
+  /// Note that this proof is not related to JWT.
+  pub fn set_proof(&mut self, proof: Option<Proof>) {
+    self.proof = proof;
+  }
+
   /// Serializes the [`Credential`] as a JWT claims set
   /// in accordance with [VC-JWT version 1.1](https://w3c.github.io/vc-jwt/#version-1.1).
   ///
@@ -166,16 +174,6 @@ impl<T> Credential<T> {
       .to_json()
       .map_err(|err| Error::JwtClaimsSetSerializationError(err.into()))
   }
-
-  /// Returns a reference to the proof.
-  pub fn proof(&self) -> Option<&Object> {
-    self.proof.as_ref()
-  }
-
-  /// Returns a mutable reference to the proof.
-  pub fn proof_mut(&mut self) -> Option<&mut Object> {
-    self.proof.as_mut()
-  }
 }
 
 impl<T> Display for Credential<T>

identity_credential/src/credential/jwt_serialization.rs

@@ -17,6 +17,7 @@ use crate::credential::Credential;
 use crate::credential::Evidence;
 use crate::credential::Issuer;
 use crate::credential::Policy;
+use crate::credential::Proof;
 use crate::credential::RefreshService;
 use crate::credential::Schema;
 use crate::credential::Status;
@@ -334,7 +335,7 @@ where
   properties: Cow<'credential, T>,
   /// Proof(s) used to verify a `Credential`
   #[serde(skip_serializing_if = "Option::is_none")]
-  proof: Option<Cow<'credential, Object>>,
+  proof: Option<Cow<'credential, Proof>>,
 }
 
 #[cfg(test)]

identity_credential/src/credential/mod.rs

@@ -14,6 +14,7 @@ mod jwt;
 mod jwt_serialization;
 mod linked_domain_service;
 mod policy;
+mod proof;
 mod refresh;
 #[cfg(feature = "revocation-bitmap")]
 mod revocation_bitmap_status;
@@ -29,6 +30,7 @@ pub use self::jws::Jws;
 pub use self::jwt::Jwt;
 pub use self::linked_domain_service::LinkedDomainService;
 pub use self::policy::Policy;
+pub use self::proof::Proof;
 pub use self::refresh::RefreshService;
 #[cfg(feature = "revocation-bitmap")]
 pub use self::revocation_bitmap_status::RevocationBitmapStatus;

identity_credential/src/credential/proof.rs

@@ -0,0 +1,96 @@
+// Copyright 2020-2023 IOTA Stiftung
+// SPDX-License-Identifier: Apache-2.0
+
+use identity_core::common::Object;
+use serde::Deserialize;
+use serde::Serialize;
+
+/// Represents a cryptographic proof that can be used to validate verifiable credentials and
+/// presentations.
+///
+/// This representation does not inherently implement any standard; instead, it
+/// can be utilized to implement standards or user-defined proofs. The presence of the
+/// `type` field is necessary to accommodate different types of cryptographic proofs.
+///
+/// Note that this proof is not related to JWT and can be used in combination or as an alternative
+/// to it.
+#[derive(Clone, Debug, PartialEq, Eq, Deserialize, Serialize)]
+pub struct Proof {
+  /// Type of proof.
+  #[serde(rename = "type")]
+  pub _type: String,
+
+  /// Properties of the proof, entries depend on the proof type.
+  #[serde(flatten)]
+  pub properties: Object,
+}
+
+impl Proof {
+  /// Creates a new `Proof`.
+  pub fn new(_type: String, properties: Object) -> Proof {
+    Self { _type, properties }
+  }
+}
+
+#[cfg(test)]
+mod tests {
+  use super::Proof;
+  use crate::credential::Credential;
+  use identity_core::common::Object;
+  use identity_core::convert::FromJson;
+
+  #[test]
+  fn test_from_json() {
+    let proof = r#"
+    {
+      "type": "test-proof",
+      "signature": "abc123"
+    }
+    "#;
+    let proof: Proof = Proof::from_json(proof).expect("proof deserialization failed");
+
+    assert_eq!(proof._type, "test-proof");
+    let value = proof
+      .properties
+      .get(&"signature".to_owned())
+      .expect("property in proof doesn't exist");
+    assert_eq!(value, "abc123");
+  }
+
+  #[test]
+  fn test_credential_from_json() {
+    let credential_json = r#"
+    {
+      "@context": [
+        "https://www.w3.org/2018/credentials/v1",
+        "https://www.w3.org/2018/credentials/examples/v1"
+      ],
+      "id": "http://example.edu/credentials/58473",
+      "type": ["VerifiableCredential", "AlumniCredential"],
+      "issuer": "https://example.edu/issuers/14",
+      "issuanceDate": "2010-01-01T19:23:24Z",
+      "credentialSubject": {
+        "id": "did:example:ebfeb1f712ebc6f1c276e12ec21",
+        "alumniOf": "Example University"
+      },
+      "proof": {
+        "type": "RsaSignature2018",
+        "created": "2017-06-18T21:19:10Z",
+        "proofPurpose": "assertionMethod",
+        "verificationMethod": "https://example.com/jdoe/keys/1",
+        "jws": "eyJhbGciOiJSUzI1NiIsImI2NCI6ZmFsc2UsImNyaXQiOlsiYjY0Il19..TCYt5XsITJX1CxPCT8yAV-TVkIEq_PbChOMqsLfRoPsnsgw5WEuts01mq-pQy7UJiN5mgRxD-WUcX16dUEMGlv50aqzpqh4Qktb3rk-BuQy72IFLOqV0G_zS245-kronKb78cPN25DGlcTwLtjPAYuNzVBAh4vGHSrQyHUdBBPM"
+      }
+    }
+    "#;
+
+    let proof: Proof = Credential::<Object>::from_json(credential_json).unwrap().proof.unwrap();
+
+    assert_eq!(proof._type, "RsaSignature2018");
+    let value = proof
+      .properties
+      .get(&"proofPurpose".to_owned())
+      .expect("property in proof doesn't exist");
+    assert_eq!(value, "assertionMethod");
+    assert_eq!(proof.properties.len(), 4);
+  }
+}

identity_credential/src/presentation/jwt_serialization.rs

@@ -15,6 +15,7 @@ use serde::de::DeserializeOwned;
 use crate::credential::IssuanceDateClaims;
 use crate::credential::Jwt;
 use crate::credential::Policy;
+use crate::credential::Proof;
 use crate::credential::RefreshService;
 use crate::presentation::Presentation;
 #[cfg(feature = "validator")]
@@ -123,7 +124,7 @@ where
   properties: Cow<'presentation, T>,
   /// Proof(s) used to verify a `Presentation`
   #[serde(skip_serializing_if = "Option::is_none")]
-  proof: Option<Cow<'presentation, Object>>,
+  proof: Option<Cow<'presentation, Proof>>,
 }
 
 #[cfg(feature = "validator")]