separate decode and verify

Cybersecurity-LINKS · Dec 11, 2023 · 91b4fec · 91b4fec
1 parent e544031
commit 91b4fec
Show file tree

Hide file tree

Showing 5 changed files with 37 additions and 34 deletions.
diff --git a/Cargo.toml b/Cargo.toml
@@ -1,6 +1,6 @@
 [package]
 name = "json-proof-token"
-version = "0.2.1"
+version = "0.2.2"
 edition = "2021"
 authors = ["LINKS Foundation"]
 repository = "https://github.com/Cybersecurity-LINKS/json-proof-token"

diff --git a/README.md b/README.md
@@ -130,7 +130,7 @@ Add this to your Cargo.toml:
 
 ```
 [dependencies]
-json-proof-token = "0.2.1"
+json-proof-token = "0.2.2"
 ```
 
 ### Example

diff --git a/examples/jpt.rs b/examples/jpt.rs
@@ -74,13 +74,7 @@ fn main() {
     // jpt_claims.set_claim(Some("age"), 42);
     jpt_claims.set_iss("https://issuer.example".to_owned());
     jpt_claims.set_claim(Some("vc"), custom_claims, true);
-    jpt_claims.set_claim(Some("test"), json!({
-        "a": "b",
-        "c": 1,
-        "d": {
-            "f": "g"
-        }
-    }), false);
+
 
 
     println!("JptClaims: {:#?}", jpt_claims);
@@ -119,7 +113,7 @@ fn main() {
     let compact_issued_jwp = issued_jwp.encode(SerializationType::COMPACT, &bbs_jwk).unwrap();
     println!("Compact JWP: {}", compact_issued_jwp);
 
-    let decoded_issued_jwp = JwpIssued::decode(compact_issued_jwp, SerializationType::COMPACT, &bbs_jwk.to_public().unwrap()).unwrap();
+    let decoded_issued_jwp = JwpIssued::decode_and_verify(compact_issued_jwp, SerializationType::COMPACT, &bbs_jwk.to_public().unwrap()).unwrap();
 
     println!("DECODED ISSUED JWP \n{:?}", decoded_issued_jwp);
 
@@ -140,6 +134,6 @@ fn main() {
 
     println!("Compact Presented JWP: {}", compact_presented_jwp);
 
-    let decoded_presentation_jwp = JwpPresented::decode(compact_presented_jwp, SerializationType::COMPACT, &bbs_jwk.to_public().unwrap()).unwrap();
+    let decoded_presentation_jwp = JwpPresented::decode_and_verify(compact_presented_jwp, SerializationType::COMPACT, &bbs_jwk.to_public().unwrap()).unwrap();
     println!("DECODED PRESENTED JWP \n{:?}", decoded_presentation_jwp);
 }
diff --git a/src/jwp/issued.rs b/src/jwp/issued.rs
@@ -60,7 +60,7 @@ impl JwpIssued {
         Ok(jwp)
     }
 
-    pub fn decode(encoded_jwp: String, serialization: SerializationType, key: &Jwk) -> Result<Self, CustomError>{
+    pub fn decode(encoded_jwp: String, serialization: SerializationType) -> Result<Self, CustomError> {
         match serialization {
             SerializationType::COMPACT => {
                 let (encoded_issuer_protected_header, encoded_payloads, encoded_proof) = expect_three!(encoded_jwp.splitn(3, '.')); 
@@ -84,19 +84,22 @@ impl JwpIssued {
                 }
 
                 let proof = base64url_decode(encoded_proof);
-                let issuer_header_oct = serde_json::to_vec(&issuer_protected_header).unwrap();
-
-                match Self::verify_proof(issuer_protected_header.alg, key, &proof, &issuer_header_oct, &payloads) {
-                    Ok(_) => {
-                        Ok(Self{issuer_protected_header, payloads, proof: Some(proof)})
-                    },
-                    Err(e) => Err(e),
-                }            
+                Ok(Self{issuer_protected_header, payloads, proof: Some(proof)})          
             },
             SerializationType::JSON => todo!()
         }
-
-        // Base64UrlDecodedSerializable::deserialize(&'a self)
+    }
+
+    pub fn verify(&self, key: &Jwk) ->Result<(), CustomError> {
+        let issuer_header_oct = serde_json::to_vec(&self.issuer_protected_header).unwrap();
+        let proof = self.proof.as_ref().ok_or(CustomError::InvalidIssuedProof)?;
+        Self::verify_proof(self.issuer_protected_header.alg, key, proof, &issuer_header_oct, &self.payloads)  
+    }
+
+    pub fn decode_and_verify(encoded_jwp: String, serialization: SerializationType, key: &Jwk) -> Result<Self, CustomError> {
+        let jwp = Self::decode(encoded_jwp, serialization)?;
+        jwp.verify(key)?;
+        Ok(jwp)
     }
 
 

diff --git a/src/jwp/presented.rs b/src/jwp/presented.rs
@@ -40,7 +40,7 @@ pub struct JwpPresented {
 }
 
 impl JwpPresented {
-
+    //TODO: get in input a JwpIssued directly
     pub fn new(issuer_protected_header: IssuerProtectedHeader, presentation_protected_header: PresentationProtectedHeader, payloads: Payloads) -> Self {
         Self { issuer_protected_header, presentation_protected_header, payloads, proof: None}
     }
@@ -59,8 +59,7 @@ impl JwpPresented {
         Ok(jwp)
     }
 
-
-    pub fn decode(encoded_jwp: String, serialization: SerializationType, key: &Jwk) -> Result<Self, CustomError> {
+    pub fn decode(encoded_jwp: String, serialization: SerializationType) -> Result<Self, CustomError> {
         match serialization {
             SerializationType::COMPACT => {
                 let (encoded_issuer_protected_header, encoded_presentation_protected_header, encoded_payloads, encoded_proof) = expect_four!(encoded_jwp.splitn(4, '.'));
@@ -83,20 +82,27 @@ impl JwpPresented {
                 }
 
                 let proof = base64url_decode(encoded_proof);
-                let issuer_header_oct = serde_json::to_vec(&issuer_protected_header).unwrap();
-                let presentation_header_oct = serde_json::to_vec(&presentation_protected_header).unwrap();
-
-                match Self::verify_proof(presentation_protected_header.alg, key, &proof, &presentation_header_oct, &issuer_header_oct, &payloads) {
-                    Ok(_) => {
-                        Ok(Self{issuer_protected_header, payloads, proof: Some(proof), presentation_protected_header})
-                    },
-                    Err(e) => Err(e),
-                }            
+
+                Ok(Self{issuer_protected_header, payloads, proof: Some(proof), presentation_protected_header})      
             },
             SerializationType::JSON => todo!()
         }
     }
 
+    pub fn verify(&self, key: &Jwk) -> Result<(), CustomError> {
+        let issuer_header_oct = serde_json::to_vec(&self.issuer_protected_header).unwrap();
+        let presentation_header_oct = serde_json::to_vec(&self.presentation_protected_header).unwrap();
+        let proof = self.proof.as_ref().ok_or(CustomError::InvalidPresentedProof)?;
+        Self::verify_proof(self.presentation_protected_header.alg, key, &proof, &presentation_header_oct, &issuer_header_oct, &self.payloads)
+    }
+
+
+    pub fn decode_and_verify(encoded_jwp: String, serialization: SerializationType, key: &Jwk) -> Result<Self, CustomError> {
+        let jwp = Self::decode(encoded_jwp, serialization)?;
+        jwp.verify(key)?;
+        Ok(jwp)
+    }
+
 
     pub fn set_disclosed(&mut self, index: usize, disclosed: bool) -> Result<(), CustomError>{
         self.payloads.set_disclosed(index, disclosed)