Merge pull request #33 from andrewwhitehead/upd/cl-0.2

Update to anoncreds-clsignatures 0.2, lighten indy-utils

Author: andrewwhitehead

indy-credx/Cargo.toml

@@ -1,6 +1,6 @@
 [package]
 name = "indy-credx"
-version = "1.0.0"
+version = "1.0.1"
 authors = ["Hyperledger Indy Contributors <[email protected]>"]
 description = "Verifiable credential issuance and presentation for Hyperledger Indy (https://www.hyperledger.org/projects), which provides a distributed-ledger-based foundation for self-sovereign identity (https://sovrin.org)."
 edition = "2021"
@@ -25,6 +25,10 @@ vendored = ["indy-data-types/vendored"]
 [dependencies]
 env_logger = { version = "0.10", optional = true }
 ffi-support = { version = "0.4.0", optional = true }
+indy-data-types = { version = "0.6.1", features = [
+    "cl_native",
+], path = "../indy-data-types" }
+indy-utils = { version = "0.6.0", default-features = false, path = "../indy-utils" }
 log = "0.4"
 once_cell = "1"
 rand = "0.8"
@@ -34,13 +38,3 @@ serde_json = "1.0"
 sha2 = "0.10"
 thiserror = "1.0"
 zeroize = { version = "1", optional = true }
-
-[dependencies.indy-data-types]
-version = "0.6"
-path = "../indy-data-types"
-features = ["cl_native"]
-
-[dependencies.indy-utils]
-version = "0.5"
-path = "../indy-utils"
-default-features = false

indy-credx/src/services/helpers.rs

@@ -8,7 +8,7 @@ use indy_data_types::anoncreds::{
 
 use crate::anoncreds_clsignatures::{
     hash_credential_attribute, CredentialSchema, CredentialValues as ClCredentialValues,
-    Issuer as ClIssuer, MasterSecret as ClMasterSecret, NonCredentialSchema, SubProofRequest,
+    Issuer as ClIssuer, LinkSecret as ClLinkSecret, NonCredentialSchema, SubProofRequest,
     Verifier as ClVerifier,
 };
 use crate::error::Result;
@@ -45,7 +45,7 @@ pub fn build_non_credential_schema() -> Result<NonCredentialSchema> {
 
 pub fn build_credential_values(
     credential_values: &HashMap<String, AttributeValues>,
-    link_secret: Option<&ClMasterSecret>,
+    link_secret: Option<&ClLinkSecret>,
 ) -> Result<ClCredentialValues> {
     trace!(
         "build_credential_values >>> credential_values: {:?}",

indy-data-types/Cargo.toml

@@ -1,6 +1,6 @@
 [package]
 name = "indy-data-types"
-version = "0.6.0"
+version = "0.6.1"
 authors = ["Hyperledger Indy Contributors <[email protected]>"]
 description = "Common data types for Hyperledger Indy (https://www.hyperledger.org/projects), which provides a distributed-ledger-based foundation for self-sovereign identity (https://sovrin.org)."
 edition = "2021"
@@ -16,28 +16,31 @@ path = "src/lib.rs"
 crate-type = ["rlib"]
 
 [features]
-default = ["serde_support", "cl_native"]
-cl = ["serde_support"]
-cl_native = ["serde_support", "anoncreds-clsignatures/openssl_bn"]
-merkle_tree = ["indy-utils/hash", "hex"]
+default = ["anoncreds", "merkle_tree"]
+anoncreds = ["serde_support"]
+cl = ["anoncreds", "anoncreds-clsignatures", "serde_support"]
+cl_native = ["anoncreds", "anoncreds-clsignatures/openssl_bn", "serde_support"]
+merkle_tree = ["hex", "sha2"]
 rich_schema = []
-serde_support = ["serde", "serde_json", "anoncreds-clsignatures?/serde", "indy-utils/serde"]
+serde_support = [
+    "serde",
+    "serde_json",
+    "anoncreds-clsignatures?/serde",
+    "indy-utils/serde",
+]
 vendored = ["anoncreds-clsignatures?/openssl_vendored"]
 
 [dependencies]
-anoncreds-clsignatures = { version = "0.1", optional = true }
+anoncreds-clsignatures = { version = "0.2", optional = true }
+indy-utils = { version = "0.6.0", default-features = false, path = "../indy-utils" }
 hex = { version = "0.4", optional = true }
 once_cell = "1"
 regex = "1"
 serde = { version = "1.0", optional = true, features = ["derive"] }
 serde_json = { version = "1.0", optional = true, features = ["raw_value"] }
+sha2 = { version = "0.10", optional = true }
 zeroize = { version = "1", features = ["zeroize_derive"] }
 
-[dependencies.indy-utils]
-version = "0.5"
-path = "../indy-utils"
-default-features = false
-
 [dev-dependencies]
 hex = "0.4"
 rand = "0.8"

indy-data-types/src/anoncreds/cred_def.rs

@@ -1,3 +1,4 @@
+#[cfg(any(feature = "cl", feature = "cl_native"))]
 use crate::anoncreds_clsignatures::CredentialPublicKey;
 use crate::identifiers::cred_def::CredentialDefinitionId;
 use crate::identifiers::schema::SchemaId;

indy-data-types/src/anoncreds/link_secret.rs

@@ -2,20 +2,20 @@ use std::fmt;
 
 use serde::{Deserialize, Serialize};
 
-use crate::anoncreds_clsignatures::{MasterSecret as ClMasterSecret, Prover as ClProver};
+use crate::anoncreds_clsignatures::{LinkSecret as ClLinkSecret, Prover as ClProver};
 use crate::ConversionError;
 
 #[derive(Serialize, Deserialize)]
 pub struct LinkSecret {
-    pub value: ClMasterSecret,
+    pub value: ClLinkSecret,
 }
 
 impl LinkSecret {
     #[cfg(any(feature = "cl", feature = "cl_native"))]
     #[inline]
     pub fn new() -> Result<Self, ConversionError> {
-        let value = ClProver::new_master_secret().map_err(|err| {
-            ConversionError::from_msg(format!("Error creating master secret: {}", err))
+        let value = ClProver::new_link_secret().map_err(|err| {
+            ConversionError::from_msg(format!("Error creating link secret: {}", err))
         })?;
         Ok(Self { value })
     }

indy-data-types/src/lib.rs

@@ -21,6 +21,7 @@ pub use indy_utils::{invalid, ConversionError, Validatable, ValidationError};
 #[cfg(any(feature = "cl", feature = "cl_native"))]
 pub use anoncreds_clsignatures;
 
+#[cfg(feature = "anoncreds")]
 /// Type definitions related Indy credential issuance and verification
 pub mod anoncreds;
 

indy-utils/src/hash.rs renamed to indy-data-types/src/merkle_tree/hash.rs

@@ -1,13 +1,13 @@
 pub use sha2::Digest;
 
-use super::ValidationError;
+use crate::ValidationError;
 
 /// Derive a new hash type
 #[macro_export]
 macro_rules! hash_type {
     ($modname:ident, $digest:path, $doc:expr) => {
         #[doc=$doc]
-        #[allow(non_snake_case)]
+        #[allow(non_snake_case, unused)]
         pub mod $modname {
             use once_cell::sync::Lazy;
             use sha2::Digest;

indy-data-types/src/merkle_tree/merkletree.rs

@@ -1,8 +1,7 @@
-use indy_utils::hash::{
+use super::hash::{
     TreeHash,
     SHA256::{digest_empty, DigestType as Hash},
 };
-
 use super::proof::{Lemma, Proof};
 use super::tree::{LeavesIntoIterator, LeavesIterator, Tree, TreeLeafData};
 use crate::ValidationError;

indy-data-types/src/merkle_tree/mod.rs

@@ -1,11 +1,12 @@
-use indy_utils::hash::{TreeHash, SHA256::DigestType as Hash};
-
+use self::hash::{TreeHash, SHA256::DigestType as Hash};
 use self::tree::{Tree, TreeLeafData};
 use crate::ValidationError;
 
-mod merkletree;
 pub use self::merkletree::MerkleTree;
+pub use self::proof::Positioned;
 
+mod hash;
+mod merkletree;
 mod proof;
 mod tree;
 
@@ -199,6 +200,25 @@ impl MerkleTree {
         }
         Ok(())
     }
+
+    pub fn check_inclusion_proof(
+        root_hash: &[u8],
+        leaf_value: &TreeLeafData,
+        path: &[Positioned<TreeLeafData>],
+    ) -> Result<bool, ValidationError> {
+        let mut check_hash = Hash::hash_leaf(leaf_value)?;
+        for node in path {
+            match node {
+                Positioned::Left(data) => {
+                    check_hash = Hash::hash_nodes(data, &check_hash)?;
+                }
+                Positioned::Right(data) => {
+                    check_hash = Hash::hash_nodes(&check_hash, data)?;
+                }
+            }
+        }
+        Ok(check_hash == root_hash)
+    }
 }
 
 #[cfg(test)]
@@ -443,4 +463,27 @@ mod tests {
             .consistency_proof(&full_root_hash, 8, &proofs_for_8)
             .unwrap());
     }
+
+    #[test]
+    fn check_inclusion_proof_works() {
+        let nodes = [
+            (true, "Gf9aBhHCtBpTYbJXQWnt1DU8q33hwi6nN4f3NhnsBgMZ"),
+            (false, "68TGAdRjeQ29eNcuFYhsX5uLakGQLgKMKp5wSyPzt9Nq"),
+            (true, "25KLEkkyCEPSBj4qMFE3AcH87mFocyJEuPJ5xzPGwDgz"),
+        ];
+        let path: Vec<Positioned<Vec<u8>>> = nodes
+            .iter()
+            .map(|(side, val)| {
+                let val = base58::decode(val).unwrap();
+                if *side {
+                    Positioned::Right(val)
+                } else {
+                    Positioned::Left(val)
+                }
+            })
+            .collect();
+        let root_hash = base58::decode("CrA5sqYe3ruf2uY7d8re7ePmyHqptHqANtMZcfZd4BvK").unwrap();
+        let leaf_value = b"\x81\xa13\xa13".to_vec(); // {"3":"3"} serialized via rmp
+        assert!(MerkleTree::check_inclusion_proof(&root_hash, &leaf_value, &path).unwrap());
+    }
 }

indy-data-types/src/merkle_tree/proof.rs

@@ -1,5 +1,4 @@
-use indy_utils::hash::{TreeHash, SHA256::DigestType as Hash};
-
+use super::hash::{TreeHash, SHA256::DigestType as Hash};
 use super::tree::{Tree, TreeLeafData};
 use crate::ValidationError;
 
@@ -46,13 +45,13 @@ impl Proof {
 
                 Some(Positioned::Left(ref hash)) => {
                     let combined = Hash::hash_nodes(hash, &sub.node_hash)?;
-                    let hashes_match = combined.to_vec().as_slice() == lemma.node_hash.as_slice();
+                    let hashes_match = combined == lemma.node_hash;
                     Ok(hashes_match && self.validate_lemma(sub)?)
                 }
 
                 Some(Positioned::Right(ref hash)) => {
                     let combined = Hash::hash_nodes(&sub.node_hash, hash)?;
-                    let hashes_match = combined.to_vec().as_slice() == lemma.node_hash.as_slice();
+                    let hashes_match = combined == lemma.node_hash;
                     Ok(hashes_match && self.validate_lemma(sub)?)
                 }
             },

indy-data-types/src/merkle_tree/tree.rs

@@ -1,7 +1,6 @@
 use std::cmp;
 
-use indy_utils::hash::{TreeHash, SHA256::DigestType as Hash};
-
+use super::hash::{TreeHash, SHA256::DigestType as Hash};
 use crate::ValidationError;
 
 pub type TreeLeafData = Vec<u8>;

indy-utils/Cargo.toml

@@ -1,6 +1,6 @@
 [package]
 name = "indy-utils"
-version = "0.5.2"
+version = "0.6.0"
 authors = ["Hyperledger Indy Contributors <[email protected]>"]
 description = "Utilities for Hyperledger Indy (https://www.hyperledger.org/projects), which provides a distributed-ledger-based foundation for self-sovereign identity (https://sovrin.org)."
 edition = "2018"
@@ -16,29 +16,30 @@ path = "src/lib.rs"
 crate-type = ["rlib"]
 
 [features]
-default = ["ed25519", "hash", "txn_signature"]
-base64 = ["base64_rs"]
+default = ["ed25519"]
 ed25519 = ["curve25519-dalek", "ed25519-dalek", "rand", "sha2", "x25519-dalek"]
-hash = ["sha2"]
-txn_signature = ["hex", "sha2", "serde", "serde_json"]
 
 [dependencies]
-base64_rs = { package = "base64", version = "0.13", optional = true }
-bs58 = "0.4"
-curve25519-dalek = { version = "3.1", default-features = false, features = ["u64_backend"], optional = true }
-ed25519-dalek = { version = "1.0", default-features = false, features = ["u64_backend"], optional = true }
-hex = { version = "0.4", optional = true }
+bs58 = "0.5"
+curve25519-dalek = { version = "3.1", default-features = false, features = [
+    "u64_backend",
+], optional = true }
+ed25519-dalek = { version = "1.0", default-features = false, features = [
+    "u64_backend",
+], optional = true }
 once_cell = "1.9"
 rand = { version = "0.8", optional = true }
 regex = "1.3"
 serde = { version = "1.0", optional = true, features = ["derive"] }
 serde_json = { version = "1.0", optional = true }
-sha2 = { version = "0.9", optional = true }
+sha2 = { version = "0.10", optional = true }
 thiserror = "1.0"
-x25519-dalek = { version = "=1.2", default-features = false, features = ["u64_backend"], optional = true }
+x25519-dalek = { version = "=1.2", default-features = false, features = [
+    "u64_backend",
+], optional = true }
 zeroize = { version = "1.3" }
 
 [dev-dependencies]
-async-global-executor = "1.2"
+async-global-executor = "2.3"
 serde = { version = "1.0", features = ["derive"] }
 serde_json = "1.0"

indy-utils/src/base64.rs

@@ -27,15 +27,3 @@ pub mod did;
 
 /// Indy signing keys and verification keys
 pub mod keys;
-
-/// Base64 encoding and decoding
-#[cfg(feature = "base64")]
-pub mod base64;
-
-/// Hash algorithms
-#[cfg(feature = "hash")]
-pub mod hash;
-
-/// Generation of normalized ledger transaction for signing
-#[cfg(feature = "txn_signature")]
-pub mod txn_signature;