From 818ba5feae19a615c05c5c16ae29b96e95537e17 Mon Sep 17 00:00:00 2001 From: Christiantyemele Date: Wed, 26 Jun 2024 11:23:07 +0100 Subject: [PATCH 01/10] fix(configuration): changing resolver --- .gitignore | 2 +- Cargo.toml | 4 +++- 2 files changed, 4 insertions(+), 2 deletions(-) diff --git a/.gitignore b/.gitignore index 942fd4e6..cc1c28c4 100644 --- a/.gitignore +++ b/.gitignore @@ -2,7 +2,7 @@ # will have compiled files and executables debug/ target/ - +.idea # Remove Cargo.lock from gitignore if creating an executable, leave it for libraries # More information here https://doc.rust-lang.org/cargo/guide/cargo-toml-vs-cargo-lock.html Cargo.lock diff --git a/Cargo.toml b/Cargo.toml index 9b0da1b3..79b6fbb7 100644 --- a/Cargo.toml +++ b/Cargo.toml @@ -1,4 +1,6 @@ [workspace] + members = [ - "did-endpoint", "generic-server", "mediator-coordination", "mediator-server", "oob-messages", "server-plugin", + "did-endpoint", "generic-server", "mediator-coordination", "mediator-server", "oob-messages", "server-plugin" ] +resolver = "2" \ No newline at end of file From a9adfbc901909056ede24ce95faeccd78d81e54d Mon Sep 17 00:00:00 2001 From: Christiantyemele <144161981+Christiantyemele@users.noreply.github.com> Date: Wed, 26 Jun 2024 11:25:37 +0100 Subject: [PATCH 02/10] Delete .gitignore --- .gitignore | 23 ----------------------- 1 file changed, 23 deletions(-) delete mode 100644 .gitignore diff --git a/.gitignore b/.gitignore deleted file mode 100644 index cc1c28c4..00000000 --- a/.gitignore +++ /dev/null @@ -1,23 +0,0 @@ -# Generated by Cargo -# will have compiled files and executables -debug/ -target/ -.idea -# Remove Cargo.lock from gitignore if creating an executable, leave it for libraries -# More information here https://doc.rust-lang.org/cargo/guide/cargo-toml-vs-cargo-lock.html -Cargo.lock - -# These are backup files generated by rustfmt -**/*.rs.bk - -# MSVC Windows builds of rustc generate these, which store debugging information -*.pdb - -# Rust-Analyzer directory -.rust-analyzer/ - -# setting json -.vscode/settings.json - -# Mac OS X Finder metadata -.DS_Store From f47fcb2bc4081885fd53d7c7b660b779a3096d9a Mon Sep 17 00:00:00 2001 From: Hermann Core <65020150+Hermann-Core@users.noreply.github.com> Date: Wed, 26 Jun 2024 13:17:24 +0100 Subject: [PATCH 03/10] Revert "feat(configuration): setting up workspace" --- .gitignore | 23 +++++++++++++++++++++++ Cargo.toml | 4 +--- 2 files changed, 24 insertions(+), 3 deletions(-) create mode 100644 .gitignore diff --git a/.gitignore b/.gitignore new file mode 100644 index 00000000..942fd4e6 --- /dev/null +++ b/.gitignore @@ -0,0 +1,23 @@ +# Generated by Cargo +# will have compiled files and executables +debug/ +target/ + +# Remove Cargo.lock from gitignore if creating an executable, leave it for libraries +# More information here https://doc.rust-lang.org/cargo/guide/cargo-toml-vs-cargo-lock.html +Cargo.lock + +# These are backup files generated by rustfmt +**/*.rs.bk + +# MSVC Windows builds of rustc generate these, which store debugging information +*.pdb + +# Rust-Analyzer directory +.rust-analyzer/ + +# setting json +.vscode/settings.json + +# Mac OS X Finder metadata +.DS_Store diff --git a/Cargo.toml b/Cargo.toml index 79b6fbb7..9b0da1b3 100644 --- a/Cargo.toml +++ b/Cargo.toml @@ -1,6 +1,4 @@ [workspace] - members = [ - "did-endpoint", "generic-server", "mediator-coordination", "mediator-server", "oob-messages", "server-plugin" + "did-endpoint", "generic-server", "mediator-coordination", "mediator-server", "oob-messages", "server-plugin", ] -resolver = "2" \ No newline at end of file From ead4328bb759fce62e5b6bed8b9abd38030811a9 Mon Sep 17 00:00:00 2001 From: meps_test1 Date: Thu, 27 Jun 2024 16:56:46 +0100 Subject: [PATCH 04/10] Creation of the did-endpoint documentation Signed-off-by: meps_test1 --- did-endpoint/README.md | 164 +++++++++++++++++++++++++++++++++++++++++ 1 file changed, 164 insertions(+) create mode 100644 did-endpoint/README.md diff --git a/did-endpoint/README.md b/did-endpoint/README.md new file mode 100644 index 00000000..fc29b574 --- /dev/null +++ b/did-endpoint/README.md @@ -0,0 +1,164 @@ +# did-endpoint +## Overview +The `did-endpoint` is a robust, flexible, and extendable framework for managing Decentralized Identifiers (DIDs) + +## Purpose +The did-endpoint aims to simplify the management of DIDs by providing a centralized service that supports multiple DID methods + +## Features +- **Turns an HTTP(S) URL into a did:web id:** +- **Generates keys and forward them for DID generation:** +- **Builds and persists DID document:** +- **Validates the integrity of the persisted diddoc:** +- **generates a verifiable presentation (VP):** + +## Usage +- **Turns an HTTP(S) URL into a did:web id:** +```rust +can_url_to_did_web_id() -> Result<(), Box> { + assert_eq!( + url_to_did_web_id("localhost:8080")?, + "did:web:localhost%3A8080", + ); +} +``` +- **Generates keys and forward them for DID generation::** +```rust +authentication_key = Jwk { + key: Key::Okp(Okp { + crv: OkpCurves::Ed25519, + x: Bytes::from( + String::from( + "d75a980182b10ab2463c5b1be1b4d97e06ec21ebac8552059996bd962d77f259", + ) + .into_bytes(), + ), + d: None, + }), + prm: Parameters::default(), + }; + +assertion_key = Jwk { + key: Key::Okp(Okp { + crv: OkpCurves::Ed25519, + x: Bytes::from( + String::from( + "d75a980182b10ab2463c5b1be1b4d97e06ec21ebac8552059996bd962d77f259", + ) + .into_bytes(), + ), + d: None, + }), + prm: Parameters::default(), + }; + + agreement_key = Jwk { + key: Key::Okp(Okp { + crv: OkpCurves::X25519, + x: Bytes::from( + String::from( + "d75a980182b10ab2463c5b1be1b4d97e06ec21ebac8552059996bd962d77f259", + ) + .into_bytes(), + ), + d: None, + }), + prm: Parameters::default(), + } +diddoc = gen_diddoc( + &storage_dirpath, + &server_public_domain, + authentication_key.clone(), + assertion_key.clone(), + agreement_key.clone(), + ) +``` +- **Builds and persists DID document:** +```rust +expected_verification_methods = vec![ + VerificationMethod { + id: "did:web:example.com#keys-1".to_string(), + public_key: Some(KeyFormat::Jwk(authentication_key)), + ..VerificationMethod::new( + "did:web:example.com#keys-1".to_string(), + String::from("JsonWebKey2020"), + "did:web:example.com".to_string(), + ) + }, + VerificationMethod { + id: "did:web:example.com#keys-2".to_string(), + public_key: Some(KeyFormat::Jwk(assertion_key)), + ..VerificationMethod::new( + "did:web:example.com#keys-2".to_string(), + String::from("JsonWebKey2020"), + "did:web:example.com".to_string(), + ) + }, + VerificationMethod { + id: "did:web:example.com#keys-3".to_string(), + public_key: Some(KeyFormat::Jwk(agreement_key)), + ..VerificationMethod::new( + "did:web:example.com#keys-3".to_string(), + String::from("JsonWebKey2020"), + "did:web:example.com".to_string(), + ) + }, + ] +``` +- **Validates the integrity of the persisted diddoc:** +```rust +(storage_dirpath, server_public_domain) = setup(); + + didgen(&storage_dirpath, &server_public_domain).unwrap(); + assert!(validate_diddoc(&storage_dirpath).is_ok()); + + cleanup(&storage_dirpath); +``` +- **generates a verifiable presentation (VP):** +```rust + // Generate test-restricted did.json + let (storage_dirpath, expected_diddoc) = setup_ephemeral_diddoc(); + + let app = routes(); + let response = app + .oneshot( + Request::builder() + .uri(format!( + "/.well-known/did/pop.json?challenge={}", + uuid::Uuid::new_v4() + )) + .body(Body::empty()) + .unwrap(), + ) + .await + .unwrap(); + + assert_eq!(response.status(), StatusCode::OK); + + let body = hyper::body::to_bytes(response.into_body()).await.unwrap(); + let vp: VerifiablePresentation = serde_json::from_slice(&body).unwrap(); + + let vc = vp.verifiable_credential.get(0).unwrap(); + let diddoc = serde_json::from_value(json!(vc.credential_subject)).unwrap(); + + assert_eq!( + json_canon::to_string(&diddoc).unwrap(), + json_canon::to_string(&expected_diddoc).unwrap() + ); + + let Some(proofs) = &vp.proof else { panic!("Verifiable presentation carries no proof") }; + let Proofs::SetOfProofs(proofs) = proofs else { unreachable!() }; + for proof in proofs { + let pubkey = resolve_vm_for_public_key(&diddoc, &proof.verification_method) + .expect("ResolutionError"); + let verifier = EdDsaJcs2022 { + proof: proof.clone(), + key_pair: pubkey.try_into().expect("Failure to convert to KeyPair"), + proof_value_codec: None, + }; + + assert!(verifier.verify(json!(vp)).is_ok()); + } + + cleanup(&storage_dirpath); +``` \ No newline at end of file From 922178f2835025dcb8479b21ab7fd8fd551fe02b Mon Sep 17 00:00:00 2001 From: meps_test1 Date: Wed, 3 Jul 2024 09:31:01 +0100 Subject: [PATCH 05/10] did-endpoint documentation Signed-off-by: meps_test1 --- did-endpoint/README.md | 19 +++++++++---------- 1 file changed, 9 insertions(+), 10 deletions(-) diff --git a/did-endpoint/README.md b/did-endpoint/README.md index fc29b574..67f44d0b 100644 --- a/did-endpoint/README.md +++ b/did-endpoint/README.md @@ -3,7 +3,7 @@ The `did-endpoint` is a robust, flexible, and extendable framework for managing Decentralized Identifiers (DIDs) ## Purpose -The did-endpoint aims to simplify the management of DIDs by providing a centralized service that supports multiple DID methods +The DID endpoint aims to simplify the management of Decentralized Identifiers (DIDs) by providing a decentralized service that supports multiple DID methods. ## Features - **Turns an HTTP(S) URL into a did:web id:** @@ -15,16 +15,15 @@ The did-endpoint aims to simplify the management of DIDs by providing a centrali ## Usage - **Turns an HTTP(S) URL into a did:web id:** ```rust -can_url_to_did_web_id() -> Result<(), Box> { - assert_eq!( + //This is a function call to url_to_did_web_id with the argument "localhost:8080". + //"localhost:8080" is the URL that you want to convert into a did:web identifier. url_to_did_web_id("localhost:8080")?, + //This is the expected output, which is the did:web identifier corresponding to the given URL "did:web:localhost%3A8080", - ); -} ``` - **Generates keys and forward them for DID generation::** ```rust -authentication_key = Jwk { +let authentication_key = Jwk { key: Key::Okp(Okp { crv: OkpCurves::Ed25519, x: Bytes::from( @@ -38,7 +37,7 @@ authentication_key = Jwk { prm: Parameters::default(), }; -assertion_key = Jwk { +let assertion_key = Jwk { key: Key::Okp(Okp { crv: OkpCurves::Ed25519, x: Bytes::from( @@ -52,7 +51,7 @@ assertion_key = Jwk { prm: Parameters::default(), }; - agreement_key = Jwk { +let agreement_key = Jwk { key: Key::Okp(Okp { crv: OkpCurves::X25519, x: Bytes::from( @@ -65,7 +64,7 @@ assertion_key = Jwk { }), prm: Parameters::default(), } -diddoc = gen_diddoc( +let diddoc = gen_diddoc( &storage_dirpath, &server_public_domain, authentication_key.clone(), @@ -161,4 +160,4 @@ expected_verification_methods = vec![ } cleanup(&storage_dirpath); -``` \ No newline at end of file +``` From 7e882c7b245b1b9aea73eb209cf82a6f67c207a1 Mon Sep 17 00:00:00 2001 From: meps_test1 Date: Wed, 3 Jul 2024 09:48:15 +0100 Subject: [PATCH 06/10] modification of did-endpoint documentation Signed-off-by: meps_test1 --- did-endpoint/README.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/did-endpoint/README.md b/did-endpoint/README.md index 67f44d0b..3810a5fd 100644 --- a/did-endpoint/README.md +++ b/did-endpoint/README.md @@ -5,7 +5,7 @@ The `did-endpoint` is a robust, flexible, and extendable framework for managing ## Purpose The DID endpoint aims to simplify the management of Decentralized Identifiers (DIDs) by providing a decentralized service that supports multiple DID methods. -## Features +## Features - **Turns an HTTP(S) URL into a did:web id:** - **Generates keys and forward them for DID generation:** - **Builds and persists DID document:** From d6a32898d83ed4ead391ea9ad3a4d5f9e6aae5cc Mon Sep 17 00:00:00 2001 From: meps_test1 Date: Wed, 3 Jul 2024 13:00:40 +0100 Subject: [PATCH 07/10] modification of did-endpoint documentation Signed-off-by: meps_test1 --- did-endpoint/README.md | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/did-endpoint/README.md b/did-endpoint/README.md index 3810a5fd..84f505d2 100644 --- a/did-endpoint/README.md +++ b/did-endpoint/README.md @@ -74,7 +74,7 @@ let diddoc = gen_diddoc( ``` - **Builds and persists DID document:** ```rust -expected_verification_methods = vec![ +let expected_verification_methods = vec![ VerificationMethod { id: "did:web:example.com#keys-1".to_string(), public_key: Some(KeyFormat::Jwk(authentication_key)), @@ -106,7 +106,7 @@ expected_verification_methods = vec![ ``` - **Validates the integrity of the persisted diddoc:** ```rust -(storage_dirpath, server_public_domain) = setup(); +let (storage_dirpath, server_public_domain) = setup(); didgen(&storage_dirpath, &server_public_domain).unwrap(); assert!(validate_diddoc(&storage_dirpath).is_ok()); From 90915a4332f35b2c266a717f354dacd82a802e61 Mon Sep 17 00:00:00 2001 From: meps_test1 Date: Wed, 3 Jul 2024 13:26:29 +0100 Subject: [PATCH 08/10] modification of did-endpoint documentation Signed-off-by: meps_test1 --- did-endpoint/README.md | 69 +++++++++++------------------------------- 1 file changed, 17 insertions(+), 52 deletions(-) diff --git a/did-endpoint/README.md b/did-endpoint/README.md index 84f505d2..5d5b21e4 100644 --- a/did-endpoint/README.md +++ b/did-endpoint/README.md @@ -9,8 +9,7 @@ The DID endpoint aims to simplify the management of Decentralized Identifiers (D - **Turns an HTTP(S) URL into a did:web id:** - **Generates keys and forward them for DID generation:** - **Builds and persists DID document:** -- **Validates the integrity of the persisted diddoc:** -- **generates a verifiable presentation (VP):** +- **Proof of Possession:** ## Usage - **Turns an HTTP(S) URL into a did:web id:** @@ -104,60 +103,26 @@ let expected_verification_methods = vec![ }, ] ``` -- **Validates the integrity of the persisted diddoc:** -```rust -let (storage_dirpath, server_public_domain) = setup(); - - didgen(&storage_dirpath, &server_public_domain).unwrap(); - assert!(validate_diddoc(&storage_dirpath).is_ok()); - - cleanup(&storage_dirpath); -``` -- **generates a verifiable presentation (VP):** -```rust - // Generate test-restricted did.json - let (storage_dirpath, expected_diddoc) = setup_ephemeral_diddoc(); - - let app = routes(); - let response = app - .oneshot( - Request::builder() - .uri(format!( - "/.well-known/did/pop.json?challenge={}", - uuid::Uuid::new_v4() - )) - .body(Body::empty()) - .unwrap(), - ) - .await - .unwrap(); +- ## **Proof of Possession:** +- **Challenge Handling:** + Retrieves a challenge from incoming query parameters to initiate PoP. +- Key Store Retrieval: - assert_eq!(response.status(), StatusCode::OK); + Fetches cryptographic keys from a specified storage directory (STORAGE_DIRPATH) to sign and verify proofs. +- DID Document and Verification Methods: - let body = hyper::body::to_bytes(response.into_body()).await.unwrap(); - let vp: VerifiablePresentation = serde_json::from_slice(&body).unwrap(); + Loads the DID document and its associated verification methods, which contain public keys for cryptographic operations. +- Verifiable Credential (VC) Construction: - let vc = vp.verifiable_credential.get(0).unwrap(); - let diddoc = serde_json::from_value(json!(vc.credential_subject)).unwrap(); + Constructs a Verifiable Credential (VC) using the DID document, indicating it as a type of Verifiable Credential and DID Document. +- Verifiable Presentation (VP) Creation: - assert_eq!( - json_canon::to_string(&diddoc).unwrap(), - json_canon::to_string(&expected_diddoc).unwrap() - ); + Constructs a Verifiable Presentation (VP) containing the VC and other necessary metadata, such as context and ID. +- Proof of Possession Generation: - let Some(proofs) = &vp.proof else { panic!("Verifiable presentation carries no proof") }; - let Proofs::SetOfProofs(proofs) = proofs else { unreachable!() }; - for proof in proofs { - let pubkey = resolve_vm_for_public_key(&diddoc, &proof.verification_method) - .expect("ResolutionError"); - let verifier = EdDsaJcs2022 { - proof: proof.clone(), - key_pair: pubkey.try_into().expect("Failure to convert to KeyPair"), - proof_value_codec: None, - }; + Generates proofs of possession for each verification method listed in the DID document. + Uses cryptographic keys to sign the challenge and embeds these proofs into the VP. +- Output: - assert!(verifier.verify(json!(vp)).is_ok()); - } + Returns the final VP with embedded proofs as a JSON response - cleanup(&storage_dirpath); -``` From af2349bd6bbccc151bd21a8dc44fdb56b1c23f1d Mon Sep 17 00:00:00 2001 From: meps_test1 Date: Wed, 3 Jul 2024 15:33:56 +0100 Subject: [PATCH 09/10] modification of the did-endpoint documentation --- did-endpoint/README.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/did-endpoint/README.md b/did-endpoint/README.md index 5d5b21e4..f70cdddc 100644 --- a/did-endpoint/README.md +++ b/did-endpoint/README.md @@ -115,7 +115,7 @@ let expected_verification_methods = vec![ - Verifiable Credential (VC) Construction: Constructs a Verifiable Credential (VC) using the DID document, indicating it as a type of Verifiable Credential and DID Document. -- Verifiable Presentation (VP) Creation: +- Verifiable Presentation (VP) Creation: Constructs a Verifiable Presentation (VP) containing the VC and other necessary metadata, such as context and ID. - Proof of Possession Generation: From fe4fcf0c313992b8916cac6d6709268e53ce3330 Mon Sep 17 00:00:00 2001 From: meps_test1 Date: Wed, 3 Jul 2024 16:16:03 +0100 Subject: [PATCH 10/10] did-endpoint documentation --- did-endpoint/README.md | 14 +++++++------- 1 file changed, 7 insertions(+), 7 deletions(-) diff --git a/did-endpoint/README.md b/did-endpoint/README.md index f70cdddc..e3ba3a60 100644 --- a/did-endpoint/README.md +++ b/did-endpoint/README.md @@ -106,23 +106,23 @@ let expected_verification_methods = vec![ - ## **Proof of Possession:** - **Challenge Handling:** Retrieves a challenge from incoming query parameters to initiate PoP. -- Key Store Retrieval: +- **Key Store Retrieval:** Fetches cryptographic keys from a specified storage directory (STORAGE_DIRPATH) to sign and verify proofs. -- DID Document and Verification Methods: +- **DID Document and Verification Methods:** Loads the DID document and its associated verification methods, which contain public keys for cryptographic operations. -- Verifiable Credential (VC) Construction: +- **Verifiable Credential (VC) Construction:** Constructs a Verifiable Credential (VC) using the DID document, indicating it as a type of Verifiable Credential and DID Document. -- Verifiable Presentation (VP) Creation: +- **Verifiable Presentation (VP) Creation:** Constructs a Verifiable Presentation (VP) containing the VC and other necessary metadata, such as context and ID. -- Proof of Possession Generation: +- **Proof of Possession Generation:** Generates proofs of possession for each verification method listed in the DID document. Uses cryptographic keys to sign the challenge and embeds these proofs into the VP. -- Output: +- **Output:** - Returns the final VP with embedded proofs as a JSON response + Returns the final VP with embedded proofs as a JSON response