Merge pull request #131 from filip26/feat/v0140-prep

v0.14.0

README.md

@@ -11,23 +11,18 @@ An implementation of the [W3C Verifiable Credentials](https://www.w3.org/TR/vc-d
 
 ## Features
 
-* Verifying VC/VP   
-* Issuing VC/VP
-* Data Models
-  * [v2.0](https://w3c.github.io/vc-data-model/)
-  * [v1.1](https://www.w3.org/TR/vc-data-model/)
+* Issuer, Verifier, Holder
 * Signature Suites
-  * [W3C Data Integrity 1.0 Proofs](https://w3c-ccg.github.io/data-integrity-spec/)
-    * [ECDSA-RDFC-2019](https://github.com/filip26/iron-ecdsa-rdfc-2019)
+  * [W3C Data Integrity Cryptosuites](https://www.w3.org/TR/vc-data-integrity/)
+    * [ECDSA-SD-2023](https://github.com/filip26/iron-ecdsa-sd-2023) [selective disclosure]
     * [EdDSA-RDFC-2022](https://github.com/filip26/iron-eddsa-rdfc-2022)
-    * [ECDSA-SD-2023](https://github.com/filip26/iron-ecdsa-sd-2023) (planned)
+    * [ECDSA-RDFC-2019](https://github.com/filip26/iron-ecdsa-rdfc-2019) [P-256, P-384]
     * [BBS-2023](https://github.com/filip26/iron-bbs-cryptosuite-2023) (planned)
   * [Ed25519Signature2020](https://github.com/filip26/iron-ed25519-cryptosuite-2020)
-  * Have you implemented a signature provider? List it here, open PR.
-
-## Extensions
-* [Iridium](https://github.com/filip26/iridium-cbor-ld) - A CBOR-based Processor for Linked Data
-* [VC HTTP API & Service](https://github.com/filip26/iron-vc-api)
+  * Have you implemented a signature suite? List it here, open PR.
+* Data Models
+  * [v2.0](https://w3c.github.io/vc-data-model/)
+  * [v1.1](https://www.w3.org/TR/vc-data-model/)
 
 ## Installation
 
@@ -38,7 +33,7 @@ Java 17+
 <dependency>
     <groupId>com.apicatalog</groupId>
     <artifactId>iron-verifiable-credentials</artifactId>
-    <version>0.11.0</version>
+    <version>0.14.0</version>
 </dependency>
 
 ```
@@ -47,58 +42,92 @@ Java 17+
 Android 12+ (API Level >=31)
 
 ```gradle
-compile group: 'com.apicatalog', name: 'iron-verifiable-credentials-jre8', version: '0.11.0'
+implementation("com.apicatalog:iron-verifiable-credentials-jre8:0.14.0")
 ```
 
-## Documentation
-
-[![javadoc](https://javadoc.io/badge2/com.apicatalog/iron-verifiable-credentials/javadoc.svg)](https://javadoc.io/doc/com.apicatalog/iron-verifiable-credentials)
-
 ## Usage
 
-Please use together with a cryptosuite(s) of your choice, e.g. [EdDSA RDFC 2022](https://github.com/filip26/iron-eddsa-rdfc-2022). Read the suite(s) documentation for specifics.
+This repository provides common logic and primitives to easily implement a signature suite. It is intended to be used together with a suite, or suites, of your choice, e.g. [ECDSA SD 2023](https://github.com/filip26/iron-ecdsa-sd-2023). Read the suite(s) documentation for specifics.
 
-### Verifying 
+### Verifier
 
-```java
-
-try {
-  Vc.verify(credential|presentation, suites)
-
-    // optional
+```javascript
+// create a new verifier instance
+static Verifier VERIFIER = Verifier.with(SUITE1, SUITE2, ...)
+    // options
     .base(...)
-    .loader(documentLoader) 
-    .statusVerifier(...)
+    .loader(...)
     .useBundledContexts(true|false)
+    .statusValidator(...)
+    .subjectValidator(...)
+    // ...
+    ; 
 
-    // custom | suite specific | parameters
-    .param(..., ....)
-
-    // assert document validity
-    .isValid();
-
-} catch (VerificationError | DataError e) {
+try {
+  // verify the given input proof(s)
+  var verifiable = VERIFIER.verify(credential|presentation);
+
+  // or with runtime parameters e.g. domain, challenge, etc.
+  var verifiable = VERIFIER.verify(credential|presentation, parameters);
+
+  // get verified details
+  verifiable.subject()
+  verifiable.id()
+  verifiable.type()
+  // ...
+
+} catch (VerificationError | DocumentError e) {
   ...
 }
 
 ```
 
-### Issuing
+### Issuer
 
-```java
-Vc.sign(credential|presentation, keys, proofDraft)
+```javascript
+// create a new issuer instance
+Issuer ISSUER = SUITE.createIssuer(keyPairProvider)
+    // options
+    .base(...)
+    .loader(...)
+    .useBundledContexts(true|false)
+    // ...
+    ; 
 
-   // optional
-   .base(...)
-   .loader(documentLoader) 
-   .statusVerifier(...)
-   .useBundledContexts(true|false)
+try {
+  // issue a new verifiable, i.e. sign the input and add a new proof
+  var verifiable = ISSUER.sign(credential|presentation, proofDraft).compacted();
+
+} catch (SigningError | DocumentError e) {
+  ...
+}
+```
 
-   // return signed document in a compacted form
-   .getCompacted(context);
+### Holder
+
+```javascript
+// create a new holder instance
+static Holder HOLDER = Holder.with(SUITE1, SUITE2, ...)
+    // options
+    .base(...)
+    .loader(...)
+    .useBundledContexts(true|false)
+    // ...
+    ; 
+
+try {
+  // derive a new signed credentials disclosing selected claims only
+  var verifiable = HOLDER.derive(credential, selectors).compacted();
 
+} catch (SigningError | DocumentError e) {
+  ...
+}
 ```
 
+## Documentation
+
+[![javadoc](https://javadoc.io/badge2/com.apicatalog/iron-verifiable-credentials/javadoc.svg)](https://javadoc.io/doc/com.apicatalog/iron-verifiable-credentials)
+
 ## Contributing
 
 All PR's welcome!
@@ -119,6 +148,10 @@ Fork and clone the project repository.
 > mvn -f pom_jre8.xml clean package
 ```
 
+## Extensions
+* [Iridium](https://github.com/filip26/iridium-cbor-ld) - A CBOR-based Processor for Linked Data
+* [VC HTTP API & Service](https://github.com/filip26/iron-vc-api)
+
 ## Resources
 
 * [VC Playground](https://vcplayground.org/)
@@ -137,4 +170,3 @@ Fork and clone the project repository.
 
 ## Commercial Support
 Commercial support is available at filip26@gmail.com
-,

pom.xml

@@ -8,7 +8,7 @@
     <parent>
         <groupId>com.apicatalog</groupId>
         <artifactId>iron</artifactId>
-        <version>0.14.0-SNAPSHOT</version>
+        <version>0.14.0</version>
         <relativePath>pom_parent.xml</relativePath>
     </parent>
 

pom_jre8.xml

@@ -8,7 +8,7 @@
 	<parent>
 		<groupId>com.apicatalog</groupId>
 		<artifactId>iron</artifactId>
-		<version>0.14.0-SNAPSHOT</version>
+		<version>0.14.0</version>
 		<relativePath>pom_parent.xml</relativePath>
 	</parent>
 

pom_parent.xml

@@ -5,7 +5,7 @@
 	<modelVersion>4.0.0</modelVersion>
 	<groupId>com.apicatalog</groupId>
 	<artifactId>iron</artifactId>
-	<version>0.14.0-SNAPSHOT</version>
+	<version>0.14.0</version>
 	<packaging>pom</packaging>
 
 	<name>Iron Verifiable Credentials</name>

src/main/java/com/apicatalog/ld/signature/sd/DocumentSelector.java

@@ -42,6 +42,12 @@ public Map<String, JsonValue> getValues(JsonObject document) {
     }
 
     public JsonObject getNodes(JsonObject document) {
+
+        // no mandatory pointers
+        if (pointers == null || pointers.isEmpty()) {
+            return JsonValue.EMPTY_JSON_OBJECT;
+        }
+
         JsonObject root = null;
 
         for (final JsonPointer pointer : pointers) {
@@ -59,6 +65,9 @@ public JsonObject getNodes(JsonObject document) {
     }
 
     static Collection<JsonPointer> toJsonPointers(Collection<String> pointers) {
+        if (pointers == null) {
+            return Collections.emptyList();
+        }
         return pointers.stream()
                 .sorted(Collections.reverseOrder())
                 .map(Json::createPointer)
@@ -110,7 +119,7 @@ private static JsonArray createArray(JsonArray target, JsonArray source, String[
             return source;
         }
 
-        JsonArrayBuilder array;
+        final JsonArrayBuilder array;
 
         final int arrayIndex = Integer.parseInt(segments[index]);
 

src/main/java/com/apicatalog/vc/Credential.java

@@ -42,7 +42,7 @@ protected Credential(ModelVersion version, JsonObject expanded) {
 
     /**
      * A date time when the credential has been issued. VC data model v1.1.
-     * Deprecated in favor of {@link Credential#getValidFrom()} by VC data model
+     * Deprecated in favor of {@link Credential#validFrom()} by VC data model
      * v2.0.
      * 
      * @see <a href="https://www.w3.org/TR/vc-data-model/#issuance-date">Issuance
@@ -53,28 +53,28 @@ protected Credential(ModelVersion version, JsonObject expanded) {
      * @return a date time from which the credential claims are valid or
      *         <code>null</code>.
      */
-    public Instant getIssuanceDate() {
+    public Instant issuanceDate() {
         return issuance;
     }
 
-    public void setIssuanceDate(Instant issuance) {
+    public void issuanceDate(Instant issuance) {
         this.issuance = issuance;
     }
 
     /**
      * VC data model v1.1 only. Deprecated in favor of
-     * {@link Credential#getValidUntil()} by VC data model v2.0.
+     * {@link Credential#validUntil()} by VC data model v2.0.
      * 
      * @see <a href=
      *      "https://www.w3.org/TR/vc-data-model/#expiration">Expiration</a>.
      * 
      * @return the expiration date or <code>null</code> if not set
      */
-    public Instant getExpiration() {
+    public Instant expiration() {
         return expiration;
     }
 
-    public void setExpiration(Instant expiration) {
+    public void expiration(Instant expiration) {
         this.expiration = expiration;
     }
 
@@ -88,11 +88,11 @@ public void setExpiration(Instant expiration) {
      * 
      * @return a date time
      */
-    public Instant getValidFrom() {
+    public Instant validFrom() {
         return validFrom;
     }
 
-    public void setValidFrom(Instant validFrom) {
+    public void validFrom(Instant validFrom) {
         this.validFrom = validFrom;
     }
 
@@ -104,11 +104,11 @@ public void setValidFrom(Instant validFrom) {
      * 
      * @return the date and time the credential ceases to be valid
      */
-    public Instant getValidUntil() {
+    public Instant validUntil() {
         return validUntil;
     }
 
-    public void setValidUntil(Instant validUntil) {
+    public void validUntil(Instant validUntil) {
         this.validUntil = validUntil;
     }
 
@@ -140,7 +140,7 @@ public boolean isNotValidYet() {
      * @see <a href="https://www.w3.org/TR/vc-data-model/#issuer">Issuerr</a>
      * @return {@link JsonObject} representing the issuer in an expanded form
      */
-    public JsonValue getIssuer() {
+    public JsonValue issuer() {
         return issuer;
     }
 
@@ -149,7 +149,7 @@ public JsonValue getIssuer() {
      * 
      * @return
      */
-    public JsonValue getStatus() {
+    public JsonValue status() {
         return status;
     }
 
@@ -160,7 +160,7 @@ public JsonValue getStatus() {
      * 
      * @return
      */
-    public JsonValue getSubject() {
+    public JsonValue subject() {
         return subject;
     }
 
@@ -247,16 +247,16 @@ public static Credential of(final ModelVersion version, final JsonObject documen
         credential.status = (document.get(VcVocab.STATUS.uri()));
 
         // issuance date - mandatory for verification
-        credential.setIssuanceDate(node.scalar(VcVocab.ISSUANCE_DATE).xsdDateTime());
+        credential.issuanceDate(node.scalar(VcVocab.ISSUANCE_DATE).xsdDateTime());
 
         // expiration date - optional
-        credential.setExpiration(node.scalar(VcVocab.EXPIRATION_DATE).xsdDateTime());
+        credential.expiration(node.scalar(VcVocab.EXPIRATION_DATE).xsdDateTime());
 
         // validFrom - optional
-        credential.setValidFrom(node.scalar(VcVocab.VALID_FROM).xsdDateTime());
+        credential.validFrom(node.scalar(VcVocab.VALID_FROM).xsdDateTime());
 
         // validUntil - optional
-        credential.setValidUntil(node.scalar(VcVocab.VALID_UNTIL).xsdDateTime());
+        credential.validUntil(node.scalar(VcVocab.VALID_UNTIL).xsdDateTime());
 
         return credential;
     }

src/main/java/com/apicatalog/vc/holder/Holder.java

@@ -2,6 +2,7 @@
 
 import java.util.Arrays;
 import java.util.Collection;
+import java.util.Collections;
 import java.util.Objects;
 import java.util.stream.Collectors;
 import java.util.stream.Stream;
@@ -143,16 +144,18 @@ protected ExpandedVerifiable deriveProof(JsonStructure context, final JsonObject
 
         final JsonObject derivedProof = proof.derive(context, unsigned, selectors);
 
-        Collection<String> combinedPointers = Stream.of(
-                ((BaseProofValue) proofValue).pointers(),
-                selectors,
-                Arrays.asList("/" + Keywords.CONTEXT))
-                .flatMap(Collection::stream)
-                .collect(Collectors.toList());
+        final Collection<String> combinedPointers = Stream.of(
+                        ((BaseProofValue) proofValue).pointers(),
+                        (selectors != null ? selectors : Collections.<String>emptyList()),
+                        Arrays.asList("/" + Keywords.CONTEXT))
+                        .flatMap(Collection::stream)
+                        .collect(Collectors.toList());
+
+        final JsonObject reveal = DocumentSelector.of(combinedPointers).getNodes(document);
 
         try {
             return new ExpandedVerifiable(EmbeddedProof.addProof(
-                    JsonLd.expand(JsonDocument.of(DocumentSelector.of(combinedPointers).getNodes(document)))
+                    JsonLd.expand(JsonDocument.of(reveal))
                             .loader(loader)
                             .get().getJsonObject(0),
                     derivedProof), context, loader);