test: BSS+ signature proof (selective disclosure)interop tests with M…

…attr closes hyperledger-archives#2223 Signed-off-by: Dmitriy Kinoshenko <dkinoshenko@gmail.com>
kdimak · Dec 8, 2020 · 21e2e82 · 21e2e82
1 parent 262b158
commit 21e2e82
Show file tree

Hide file tree

Showing 6 changed files with 144 additions and 22 deletions.
diff --git a/pkg/doc/verifiable/credential.go b/pkg/doc/verifiable/credential.go
@@ -71,12 +71,11 @@ const defaultSchema = `{
       "oneOf": [
         {
           "type": "array",
-          "items": [
-            {
-              "type": "string",
-              "pattern": "^VerifiableCredential$"
-            }
-          ]
+          "minItems": 1,
+          "contains": {
+            "type": "string",
+            "pattern": "^VerifiableCredential$"
+          }
         },
         {
           "type": "string",
@@ -135,7 +134,7 @@ const defaultSchema = `{
           "items": {
             "$ref": "#/definitions/proof"
           }
-        },        
+        },
         {
           "type": "null"
         }

diff --git a/pkg/doc/verifiable/credential_ldp_test.go b/pkg/doc/verifiable/credential_ldp_test.go
@@ -536,20 +536,15 @@ func TestParseCredentialFromLinkedDataProof_BbsBlsSignature2020(t *testing.T) {
 func TestParseCredentialFromLinkedDataProof_BbsBlsSignatureProof2020(t *testing.T) {
 	r := require.New(t)
 
-	sigSuite := bbsblssignatureproof2020.New(
-		suite.WithCompactProof(),
-		suite.WithVerifier(bbsblssignatureproof2020.NewG2PublicKeyVerifier([]byte("nonce"))))
-
-	vcJSON := `
-{
+	vcJSON := `{
   "@context": [
     "https://www.w3.org/2018/credentials/v1",
     "https://w3id.org/citizenship/v1",
     "https://w3c-ccg.github.io/ldp-bbs2020/context/v1"
   ],
   "id": "https://issuer.oidp.uscis.gov/credentials/83627465",
   "type": [
-	"VerifiableCredential",
+    "VerifiableCredential",
     "PermanentResidentCard"
   ],
   "description": "Government of Example Permanent Resident Card.",
@@ -570,14 +565,20 @@ func TestParseCredentialFromLinkedDataProof_BbsBlsSignatureProof2020(t *testing.
   "issuer": "did:example:489398593",
   "proof": {
     "type": "BbsBlsSignatureProof2020",
-    "created": "2020-12-06T19:23:10Z",
-    "nonce": "bm9uY2U=",
+    "created": "2020-12-08T09:13:30Z",
+    "nonce": "X2qLaTxoyidu7Z/TOBRNgPhbcgeIcOGMAXQrM65vP/ehcop2wwCeV4/HTcnF70zANOc=",
     "proofPurpose": "assertionMethod",
-    "proofValue": "ABkB/wbvi77V4fFx9Ewo4+52/X3Fdd79uRExQeet0PVrdP3wyExE5ib6fTVUGbnX6CK3UgNbli+RgYV21g9taTaIbS9g3HIX3csJRWm0sFNq2lxlXNF9I6skrRpJBt9VnjvXrFxTgEkuSbcrG4jaulj0mXLoZIuz8yrmXKBG+35TPiVXf1zh29RtXIKPHeZ7sWJ3RkKSAAAAdIx7On9kZkbGb9IECei4H4vjcZYJi7Q2Ywz4Bc/+4FCrMiu5C50T0nxScWFh4v2oHAAAAAI8/usecIohptQnf7ZO1UsTLH7u+NN5avFfxGTsmY9BVgS60Lbyzx89mmn2Ce5W3L9ZS4bkwS2CXeQXfl268oTWixysSv+L1q1+e6cdqlY/GA2LGWVCZoTli6mJ+EIDCNcSM75Hs8cTrDOfTuTmAwl9AAAACWyOb/UWrb1nWkbNTPpctXAUeuQjdbwogCTYKUiVK+LJbfpN+rU9WDpxRTjloBTrVttniuvb+mdatofrCCpFvKwowHK+W9/+AHSBteG0xfJoTvaa57PEsIm/Qf1N5WgB0ScpwyD1e6A0kPOqVI75+CkH5wa728ycOxS/upRp6GsMZgGP66yzZg7hIZrIj0LXWiP1nigcHzx3pImJHxwz3xhEB/4QGZwZB8VX1TlTrI5GSO3BuCIA5um/SJF09iPWAgF7KY0+XrcxXg808zDjuqMRgsD9gHlqomjVCeWUhzsFVAafbMJ9DsgcAKoaWg+0yJvvnTVEelS96uvwnKFrSTsmpQMsgEb9lRHKb+v/Xr4+0THjTn4n//uhCy51+tGU7g==",
+    "proofValue": "ABkB/wbvtko1Y9xNW55tg6AYrvZkJfcEGsTB3BDOJaDjfeUWtg0610W7IzPyWjy2BDX+9VLFo2KcVal2CPsRk0E98292Ocbotwby9hdStE1zFQrgrfeoiYNxTD0HrUa6DwZ4X9f/jhFHwvxEl681jjwcZJWHhbzLIzJf7ms68PgNpPG7saBOqi3IqK+pxg4bxG1dS8z2AAAAdK93JmDD/9JGPh6z+Ur5BenOfX6t9ineW1pFMg7kcwOFxHjQ6NOSk7UmwfVjunYk+QAAAAIjiRSXcTv/GBwgUDaUsFlLy5SZW91C9I1YiHwsIyTCxAhttkeWJzSaxq5ZhRaSfmzbfLZShkuXJmFTy/qRLYj5iNSGzPkS/AlRJU2MPr7MwViX3SHEmi/nejOSpxYn/oDc0c7TyFFpyshgEZxu2/S3AAAACQK2jcWuij0VZu7NvXEMnJ4LgnQPLH9IEiEhRD27+4FnHW4XOIvZSFyiMtyy+9FRJCO7RlabIhh2r9F8filWhcQxsm6iF2+fUmTykUzk8/rv0gdtbBy1/Oc3+yrsGlg4pByhm9Ze6mSns9caeosdWR6+A9kHy4aUlndXkV83pnrrKVmGcFxE03oxFHU6piwL1g2OCk3Qef1KV5QlIDjWKvk93zSh1QtPjvo8FKXMKF2DWxLSB9do874n2cW9Ae0qgh1vLRCp9Vf8Dh3EBApdxTTseiJ2Y97u+ktOJM/5qHOHP9sBRU+Y1W1HHC8dVl0QXedVdYk4uuKASD/zgpwjiSRIGRWpv6WRCioN+ItKtGQ55/aHCE8m9LpxpGAen/NnEg==",
     "verificationMethod": "did:example:489398593#test"
   }
-}
-`
+}`
+
+	nonceBytes, err := base64.StdEncoding.DecodeString("X2qLaTxoyidu7Z/TOBRNgPhbcgeIcOGMAXQrM65vP/ehcop2wwCeV4/HTcnF70zANOc=")
+	require.NoError(t, err)
+
+	sigSuite := bbsblssignatureproof2020.New(
+		suite.WithCompactProof(),
+		suite.WithVerifier(bbsblssignatureproof2020.NewG2PublicKeyVerifier(nonceBytes)))
 
 	pkBase58 := "oqpWYKaZD9M1Kbe94BVXpr8WTdFBNZyKv48cziTiQUeuhm7sBhCABMyYG4kcMrseC68YTFFgyhiNeBKjzdKk9MiRWuLv5H4FFujQsQK2KTAtzU8qTBiZqBHMmnLF4PL7Ytu"
 	pubKeyBytes := base58.Decode(pkBase58)

diff --git a/test/bbs/data/revealDocument.json b/test/bbs/data/revealDocument.json
@@ -0,0 +1,15 @@
+{
+  "@context": [
+    "https://www.w3.org/2018/credentials/v1",
+    "https://w3id.org/citizenship/v1",
+    "https://w3c-ccg.github.io/ldp-bbs2020/context/v1"
+  ],
+  "type": ["VerifiableCredential", "PermanentResidentCard"],
+  "credentialSubject": {
+    "@explicit": true,
+    "type": ["PermanentResident", "Person"],
+    "givenName": {},
+    "familyName": {},
+    "gender": {}
+  }
+}
diff --git a/test/bbs/src/main.go b/test/bbs/src/main.go
@@ -9,6 +9,7 @@ SPDX-License-Identifier: Apache-2.0
 package main
 
 import (
+	"encoding/base64"
 	"encoding/json"
 	"errors"
 	"fmt"
@@ -20,12 +21,14 @@ import (
 	"github.com/hyperledger/aries-framework-go/pkg/doc/signature/jsonld"
 	"github.com/hyperledger/aries-framework-go/pkg/doc/signature/suite"
 	"github.com/hyperledger/aries-framework-go/pkg/doc/signature/suite/bbsblssignature2020"
+	"github.com/hyperledger/aries-framework-go/pkg/doc/signature/suite/bbsblssignatureproof2020"
 	"github.com/hyperledger/aries-framework-go/pkg/doc/verifiable"
 )
 
 func main() {
 	js.Global().Set("signVCAsync", js.FuncOf(signVCJS))
 	js.Global().Set("verifyVCAsync", js.FuncOf(verifyVCJS))
+	js.Global().Set("verifyProofVCAsync", js.FuncOf(verifyProofVCJS))
 
 	select {}
 }
@@ -60,6 +63,21 @@ func verifyVCJS(_ js.Value, args []js.Value) interface{} {
 	return nil
 }
 
+func verifyProofVCJS(_ js.Value, args []js.Value) interface{} {
+	vcObj, pubKeyObj, callback := args[0], args[1], args[2]
+
+	go func(pubKeyB64, vcJSON string, callback js.Value) {
+		err := verifyProofVC(pubKeyB64, vcJSON)
+		if err != nil {
+			callback.Invoke(err.Error())
+		} else {
+			callback.Invoke(js.Null())
+		}
+	}(vcObj.String(), pubKeyObj.String(), callback)
+
+	return nil
+}
+
 func signVC(privKeyB64, vcJSON, verificationMethod string) ([]byte, error) {
 	privKeyBytes := base58.Decode(privKeyB64)
 
@@ -118,3 +136,36 @@ func verifyVC(pubKeyB64, vcJSON string) error {
 
 	return err
 }
+
+func verifyProofVC(pubKeyB64, vcJSON string) error {
+	pubKeyBytes := base58.Decode(pubKeyB64)
+
+	var vcDoc map[string]interface{}
+
+	err := json.Unmarshal([]byte(vcJSON), &vcDoc)
+	if err != nil {
+		return fmt.Errorf("parse VC doc: %w", err)
+	}
+
+	proof := vcDoc["proof"].(map[string]interface{})
+	nonce := proof["nonce"].(string)
+
+	nonceBytes, err := base64.StdEncoding.DecodeString(nonce)
+	if err != nil {
+		return fmt.Errorf("nonce base64 format: %w", err)
+	}
+
+	sigSuite := bbsblssignatureproof2020.New(
+		suite.WithCompactProof(),
+		suite.WithVerifier(bbsblssignatureproof2020.NewG2PublicKeyVerifier(nonceBytes)))
+
+	jsonldDocLoader := createLDPBBS2020DocumentLoader()
+
+	_, err = verifiable.ParseCredential([]byte(vcJSON),
+		verifiable.WithJSONLDDocumentLoader(jsonldDocLoader),
+		verifiable.WithEmbeddedSignatureSuites(sigSuite),
+		verifiable.WithPublicKeyFetcher(verifiable.SingleKey(pubKeyBytes, "Bls12381G2Key2020")),
+	)
+
+	return err
+}
diff --git a/test/bbs/src/vc.js b/test/bbs/src/vc.js
@@ -29,3 +29,16 @@ exports.verifyAries = function verifyAries(publicKey, vc) {
         });
     });
 }
+
+exports.verifyProofAries = function verifyProofAries(publicKey, vc) {
+    return new Promise((resolve, reject) => {
+        verifyProofVCAsync(publicKey, vc, (err) => {
+            if (err) {
+                reject(err);
+                return;
+            }
+
+            resolve();
+        });
+    });
+}
diff --git a/test/bbs/test/bbs.js b/test/bbs/test/bbs.js
@@ -7,16 +7,17 @@ SPDX-License-Identifier: Apache-2.0
 const fs = require("fs");
 const assert = require('chai').assert;
 
-const {signAries, verifyAries} = require("../src/vc.js");
+const {signAries, verifyAries, verifyProofAries} = require("../src/vc.js");
 
-const {Bls12381G2KeyPair, BbsBlsSignature2020} = require("@mattrglobal/jsonld-signatures-bbs");
-const {extendContextLoader, sign: signMattr, verify: verifyMattr, purposes} = require("jsonld-signatures");
+const {Bls12381G2KeyPair, BbsBlsSignature2020, BbsBlsSignatureProof2020, deriveProof: deriveProofMattr} = require("@mattrglobal/jsonld-signatures-bbs");
+const {extendContextLoader, sign: signMattr, verify: verifyMattr, purposes,} = require("jsonld-signatures");
 const {documentLoaders} = require("jsonld");
 
 const bbsContext = JSON.parse(fs.readFileSync("data/context/ldp-bbs2020.jsonld", 'utf-8'));
 const citizenVocab = JSON.parse(fs.readFileSync("data/context/citizenship.jsonld", 'utf-8'));
 const vc = JSON.parse(fs.readFileSync("data/inputDocument.json", 'utf-8'));
 const keyPairOptions = JSON.parse(fs.readFileSync("data/keyPair.json", 'utf-8'));
+const revealDocument = JSON.parse(fs.readFileSync("data/revealDocument.json", 'utf-8'));
 
 const documents = {
     "did:example:489398593#test": keyPairOptions,
@@ -45,6 +46,29 @@ const customDocLoader = (url) => {
 
 const documentLoader = extendContextLoader(customDocLoader);
 
+function fixTypeOrder(derivedProof) {
+    let types = derivedProof["type"];
+    if (!Array.isArray(types)) {
+        return;
+    }
+
+    if (types[0] == "VerifiableCredential") {
+        return;
+    }
+
+    let fixedTypes = new Array(types.length);
+    let typeInd = 0;
+    fixedTypes[typeInd++] = "VerifiableCredential" ;
+
+    for (let i = 0; i < types.length; i++) {
+        if (types[i] != "VerifiableCredential") {
+            fixedTypes[typeInd++] = types[i];
+        }
+    }
+
+    derivedProof["type"] = fixedTypes;
+}
+
 describe("BBS+ interop fixtures", function () {
     this.timeout(10_000);
 
@@ -82,6 +106,25 @@ describe("BBS+ interop fixtures", function () {
 
         await verifyAries(keyPairOptions.publicKeyBase58, JSON.stringify(signedDocument));
     })
+
+    it('derive signature proof with Mattr and verify with Aries', async function () {
+        const keyPair = await new Bls12381G2KeyPair(keyPairOptions);
+
+        const signedDocument = await signMattr(vc, {
+            suite: new BbsBlsSignature2020({key: keyPair}),
+            purpose: new purposes.AssertionProofPurpose(),
+            documentLoader
+        });
+
+        const derivedProof = await deriveProofMattr(signedDocument, revealDocument, {
+            suite: new BbsBlsSignatureProof2020(),
+            documentLoader,
+        });
+
+        // fixTypeOrder(derivedProof)
+
+        await verifyProofAries(keyPairOptions.publicKeyBase58, JSON.stringify(derivedProof));
+    })
 })
 
 function sleep(ms) {