CL Anoncreds tink primitives based on ursa-wrapper-go (#3271)

Signed-off-by: alexander.shcherbakov <alexander.shcherbakov@avast.com>
hyperledger-archives · Jul 16, 2022 · 891248e · 891248e
1 parent e5f2607
commit 891248e
Show file tree

Hide file tree

Showing 34 changed files with 2,735 additions and 1 deletion.
diff --git a/.github/workflows/build.yml b/.github/workflows/build.yml
@@ -42,6 +42,25 @@ jobs:
       with:
         file: ./coverage.out
 
+  unitTestUrsa:
+    name: Unit test (Ursa/CL)
+    runs-on: ubuntu-18.04
+    container:
+      image: ghcr.io/hyperledger/ursa-wrapper-go/uwg-build # a container with libursa installed
+    timeout-minutes: 15
+    steps:
+      - name: Setup Go 1.17
+        uses: actions/setup-go@v2
+        with:
+          go-version: 1.17
+        id: go
+
+      - uses: actions/checkout@v2
+
+      - name: Run unit test (Ursa/CL)
+        timeout-minutes: 15
+        run: make unit-test-ursa
+
   unitTestMobile:
     name: Unit test (mobile)
     runs-on: ubuntu-18.04

diff --git a/Makefile b/Makefile
@@ -27,7 +27,7 @@ MOCKGEN=$(GOBIN_PATH)/mockgen
 GOMOCKS=pkg/internal/gomocks
 
 .PHONY: all
-all: clean checks unit-test unit-test-wasm unit-test-mobile bdd-test
+all: clean checks unit-test unit-test-ursa unit-test-wasm unit-test-mobile bdd-test
 
 .PHONY: checks
 checks: license lint generate-openapi-spec
@@ -44,6 +44,10 @@ license:
 unit-test: mocks
 	@scripts/check_unit.sh
 
+.PHONY: unit-test-ursa
+unit-test-ursa: mocks
+	@scripts/check_unit_ursa.sh
+
 .PHONY: benchmark
 benchmark:
 	@scripts/check_bench.sh

diff --git a/cmd/aries-agent-mobile/go.sum b/cmd/aries-agent-mobile/go.sum
@@ -189,6 +189,8 @@ github.com/hyperledger/aries-framework-go/component/storage/edv v0.0.0-202206061
 github.com/hyperledger/aries-framework-go/test/component v0.0.0-20220322085443-50e8f9bd208b/go.mod h1:HojN6OAh8ZtXBe5X2arcSOe1SLo5Dsjqto8ICjSLQ2g=
 github.com/hyperledger/aries-framework-go/test/component v0.0.0-20220428211718-66cc046674a1 h1:vxZ0DlFNLjgxMdBESLZu895AsI1JWL2SJerphwIn8Po=
 github.com/hyperledger/aries-framework-go/test/component v0.0.0-20220428211718-66cc046674a1/go.mod h1:lykx3N+GX+sAWSxO2Ycc4Dz+ynV9b0Fv4NdP+ms4Alc=
+github.com/hyperledger/ursa-wrapper-go v0.3.0 h1:ZYgPkPqy0AWEoU2Dhiziz91QacNdIX3j21UIOIVCXA8=
+github.com/hyperledger/ursa-wrapper-go v0.3.0/go.mod h1:nPSAuMasIzSVciQo22PedBk4Opph6bJ6ia3ms7BH/mk=
 github.com/ianlancetaylor/demangle v0.0.0-20181102032728-5e5cf60278f6/go.mod h1:aSSvb/t6k1mPoxDqO4vJh6VOCGPwU4O0C2/Eqndh1Sc=
 github.com/jessevdk/go-flags v0.0.0-20141203071132-1679536dcc89/go.mod h1:4FA24M0QyGHXBuZZK/XkWh8h0e1EYbRYJSGM75WSRxI=
 github.com/jessevdk/go-flags v1.4.0/go.mod h1:4FA24M0QyGHXBuZZK/XkWh8h0e1EYbRYJSGM75WSRxI=

diff --git a/cmd/aries-agent-rest/go.sum b/cmd/aries-agent-rest/go.sum
@@ -221,6 +221,8 @@ github.com/hyperledger/aries-framework-go/component/storage/edv v0.0.0-202206061
 github.com/hyperledger/aries-framework-go/test/component v0.0.0-20220322085443-50e8f9bd208b/go.mod h1:HojN6OAh8ZtXBe5X2arcSOe1SLo5Dsjqto8ICjSLQ2g=
 github.com/hyperledger/aries-framework-go/test/component v0.0.0-20220428211718-66cc046674a1 h1:vxZ0DlFNLjgxMdBESLZu895AsI1JWL2SJerphwIn8Po=
 github.com/hyperledger/aries-framework-go/test/component v0.0.0-20220428211718-66cc046674a1/go.mod h1:lykx3N+GX+sAWSxO2Ycc4Dz+ynV9b0Fv4NdP+ms4Alc=
+github.com/hyperledger/ursa-wrapper-go v0.3.0 h1:ZYgPkPqy0AWEoU2Dhiziz91QacNdIX3j21UIOIVCXA8=
+github.com/hyperledger/ursa-wrapper-go v0.3.0/go.mod h1:nPSAuMasIzSVciQo22PedBk4Opph6bJ6ia3ms7BH/mk=
 github.com/ianlancetaylor/demangle v0.0.0-20181102032728-5e5cf60278f6/go.mod h1:aSSvb/t6k1mPoxDqO4vJh6VOCGPwU4O0C2/Eqndh1Sc=
 github.com/inconshreveable/mousetrap v1.0.0 h1:Z8tu5sraLXCXIcARxBp/8cbvlwVa7Z1NHg9XEKhtSvM=
 github.com/inconshreveable/mousetrap v1.0.0/go.mod h1:PxqpIevigyE2G7u3NXJIT2ANytuPF1OarO4DADm73n8=

diff --git a/cmd/aries-js-worker/go.sum b/cmd/aries-js-worker/go.sum
@@ -187,6 +187,8 @@ github.com/hpcloud/tail v1.0.0/go.mod h1:ab1qPbhIpdTxEkNHXyeSf5vhxWSCs/tWer42PpO
 github.com/hyperledger/aries-framework-go/test/component v0.0.0-20220322085443-50e8f9bd208b/go.mod h1:HojN6OAh8ZtXBe5X2arcSOe1SLo5Dsjqto8ICjSLQ2g=
 github.com/hyperledger/aries-framework-go/test/component v0.0.0-20220428211718-66cc046674a1 h1:vxZ0DlFNLjgxMdBESLZu895AsI1JWL2SJerphwIn8Po=
 github.com/hyperledger/aries-framework-go/test/component v0.0.0-20220428211718-66cc046674a1/go.mod h1:lykx3N+GX+sAWSxO2Ycc4Dz+ynV9b0Fv4NdP+ms4Alc=
+github.com/hyperledger/ursa-wrapper-go v0.3.0 h1:ZYgPkPqy0AWEoU2Dhiziz91QacNdIX3j21UIOIVCXA8=
+github.com/hyperledger/ursa-wrapper-go v0.3.0/go.mod h1:nPSAuMasIzSVciQo22PedBk4Opph6bJ6ia3ms7BH/mk=
 github.com/ianlancetaylor/demangle v0.0.0-20181102032728-5e5cf60278f6/go.mod h1:aSSvb/t6k1mPoxDqO4vJh6VOCGPwU4O0C2/Eqndh1Sc=
 github.com/jessevdk/go-flags v0.0.0-20141203071132-1679536dcc89/go.mod h1:4FA24M0QyGHXBuZZK/XkWh8h0e1EYbRYJSGM75WSRxI=
 github.com/jessevdk/go-flags v1.4.0/go.mod h1:4FA24M0QyGHXBuZZK/XkWh8h0e1EYbRYJSGM75WSRxI=

diff --git a/component/storage/edv/go.sum b/component/storage/edv/go.sum
@@ -218,6 +218,8 @@ github.com/hyperledger/aries-framework-go/test/component v0.0.0-20210820153043-8
 github.com/hyperledger/aries-framework-go/test/component v0.0.0-20220217153004-1622c70e5767/go.mod h1:HojN6OAh8ZtXBe5X2arcSOe1SLo5Dsjqto8ICjSLQ2g=
 github.com/hyperledger/aries-framework-go/test/component v0.0.0-20220428211718-66cc046674a1 h1:vxZ0DlFNLjgxMdBESLZu895AsI1JWL2SJerphwIn8Po=
 github.com/hyperledger/aries-framework-go/test/component v0.0.0-20220428211718-66cc046674a1/go.mod h1:lykx3N+GX+sAWSxO2Ycc4Dz+ynV9b0Fv4NdP+ms4Alc=
+github.com/hyperledger/ursa-wrapper-go v0.3.0 h1:ZYgPkPqy0AWEoU2Dhiziz91QacNdIX3j21UIOIVCXA8=
+github.com/hyperledger/ursa-wrapper-go v0.3.0/go.mod h1:nPSAuMasIzSVciQo22PedBk4Opph6bJ6ia3ms7BH/mk=
 github.com/ianlancetaylor/demangle v0.0.0-20181102032728-5e5cf60278f6/go.mod h1:aSSvb/t6k1mPoxDqO4vJh6VOCGPwU4O0C2/Eqndh1Sc=
 github.com/jessevdk/go-flags v0.0.0-20141203071132-1679536dcc89/go.mod h1:4FA24M0QyGHXBuZZK/XkWh8h0e1EYbRYJSGM75WSRxI=
 github.com/jessevdk/go-flags v1.4.0/go.mod h1:4FA24M0QyGHXBuZZK/XkWh8h0e1EYbRYJSGM75WSRxI=

diff --git a/component/storage/indexeddb/go.sum b/component/storage/indexeddb/go.sum
@@ -224,6 +224,8 @@ github.com/hyperledger/aries-framework-go/test/component v0.0.0-20210820153043-8
 github.com/hyperledger/aries-framework-go/test/component v0.0.0-20220217153004-1622c70e5767/go.mod h1:HojN6OAh8ZtXBe5X2arcSOe1SLo5Dsjqto8ICjSLQ2g=
 github.com/hyperledger/aries-framework-go/test/component v0.0.0-20220322085443-50e8f9bd208b h1:tq8CYv5vCJBSG2CjWKNt4l1BzZVJUy+GGF4U80fJV8o=
 github.com/hyperledger/aries-framework-go/test/component v0.0.0-20220322085443-50e8f9bd208b/go.mod h1:HojN6OAh8ZtXBe5X2arcSOe1SLo5Dsjqto8ICjSLQ2g=
+github.com/hyperledger/ursa-wrapper-go v0.3.0 h1:ZYgPkPqy0AWEoU2Dhiziz91QacNdIX3j21UIOIVCXA8=
+github.com/hyperledger/ursa-wrapper-go v0.3.0/go.mod h1:nPSAuMasIzSVciQo22PedBk4Opph6bJ6ia3ms7BH/mk=
 github.com/ianlancetaylor/demangle v0.0.0-20181102032728-5e5cf60278f6/go.mod h1:aSSvb/t6k1mPoxDqO4vJh6VOCGPwU4O0C2/Eqndh1Sc=
 github.com/jessevdk/go-flags v0.0.0-20141203071132-1679536dcc89/go.mod h1:4FA24M0QyGHXBuZZK/XkWh8h0e1EYbRYJSGM75WSRxI=
 github.com/jessevdk/go-flags v1.4.0/go.mod h1:4FA24M0QyGHXBuZZK/XkWh8h0e1EYbRYJSGM75WSRxI=

diff --git a/go.mod b/go.mod
@@ -20,6 +20,7 @@ require (
 	github.com/hyperledger/aries-framework-go/component/storage/edv v0.0.0-20220606124520-53422361c38c
 	github.com/hyperledger/aries-framework-go/component/storageutil v0.0.0-20220322085443-50e8f9bd208b
 	github.com/hyperledger/aries-framework-go/spi v0.0.0-20220606124520-53422361c38c
+	github.com/hyperledger/ursa-wrapper-go v0.3.0
 	github.com/jinzhu/copier v0.0.0-20190924061706-b57f9002281a
 	github.com/kawamuray/jsonpath v0.0.0-20201211160320-7483bafabd7e
 	github.com/kilic/bls12-381 v0.1.1-0.20210503002446-7b7597926c69
@@ -63,4 +64,6 @@ require (
 	gopkg.in/yaml.v3 v3.0.1 // indirect
 )
 
+// replace github.com/hyperledger/ursa-wrapper-go => github.com/ashcherbakov/ursa-wrapper-go v0.3.1
+
 go 1.17
diff --git a/go.sum b/go.sum
@@ -234,6 +234,8 @@ github.com/hyperledger/aries-framework-go/test/component v0.0.0-20210820153043-8
 github.com/hyperledger/aries-framework-go/test/component v0.0.0-20220217153004-1622c70e5767/go.mod h1:HojN6OAh8ZtXBe5X2arcSOe1SLo5Dsjqto8ICjSLQ2g=
 github.com/hyperledger/aries-framework-go/test/component v0.0.0-20220428211718-66cc046674a1 h1:vxZ0DlFNLjgxMdBESLZu895AsI1JWL2SJerphwIn8Po=
 github.com/hyperledger/aries-framework-go/test/component v0.0.0-20220428211718-66cc046674a1/go.mod h1:lykx3N+GX+sAWSxO2Ycc4Dz+ynV9b0Fv4NdP+ms4Alc=
+github.com/hyperledger/ursa-wrapper-go v0.3.0 h1:ZYgPkPqy0AWEoU2Dhiziz91QacNdIX3j21UIOIVCXA8=
+github.com/hyperledger/ursa-wrapper-go v0.3.0/go.mod h1:nPSAuMasIzSVciQo22PedBk4Opph6bJ6ia3ms7BH/mk=
 github.com/ianlancetaylor/demangle v0.0.0-20181102032728-5e5cf60278f6/go.mod h1:aSSvb/t6k1mPoxDqO4vJh6VOCGPwU4O0C2/Eqndh1Sc=
 github.com/jessevdk/go-flags v0.0.0-20141203071132-1679536dcc89/go.mod h1:4FA24M0QyGHXBuZZK/XkWh8h0e1EYbRYJSGM75WSRxI=
 github.com/jessevdk/go-flags v1.4.0/go.mod h1:4FA24M0QyGHXBuZZK/XkWh8h0e1EYbRYJSGM75WSRxI=

diff --git a/pkg/crypto/tinkcrypto/primitive/cl/api/issuer.go b/pkg/crypto/tinkcrypto/primitive/cl/api/issuer.go
@@ -0,0 +1,19 @@
+//go:build ursa
+// +build ursa
+
+/*
+Copyright Avast Software. All Rights Reserved.
+
+SPDX-License-Identifier: Apache-2.0
+*/
+
+
+package api
+
+// Issuer is the signing interface primitive for CL signatures used by Tink.
+type Issuer interface {
+	GetCredentialDefinition() (*CredentialDefinition, error)
+	CreateCredentialOffer() (*CredentialOffer, error)
+	IssueCredential(values map[string]interface{}, credentialRequest *CredentialRequest, credOffer *CredentialOffer) (*Credential, error)
+	Free() error
+}
diff --git a/pkg/crypto/tinkcrypto/primitive/cl/api/model.go b/pkg/crypto/tinkcrypto/primitive/cl/api/model.go
@@ -0,0 +1,144 @@
+//go:build ursa
+// +build ursa
+
+/*
+Copyright Avast Software. All Rights Reserved.
+
+SPDX-License-Identifier: Apache-2.0
+*/
+
+package api
+
+import (
+	"github.com/hyperledger/ursa-wrapper-go/pkg/libursa/ursa"
+)
+
+type CredentialDefinition struct {
+	CredPubKey              *ursa.CredentialDefPubKey
+	CredDefCorrectnessProof *ursa.CredentialDefKeyCorrectnessProof
+	Attrs                   []string
+}
+
+func (s *CredentialDefinition) Free() error {
+	err := s.CredPubKey.Free()
+	if err != nil {
+		return err
+	}
+	err = s.CredDefCorrectnessProof.Free()
+	if err != nil {
+		return err
+	}
+	return nil
+}
+
+type CredentialOffer struct {
+	Nonce *ursa.Nonce
+}
+
+func (s *CredentialOffer) Free() error {
+	err := s.Nonce.Free()
+	if err != nil {
+		return err
+	}
+	return nil
+}
+
+type CredentialRequest struct {
+	BlindedCredentialSecrets *ursa.BlindedCredentialSecrets
+	Nonce                    *ursa.Nonce
+	ProverId                 string
+}
+
+func (s *CredentialRequest) Free() error {
+	err := s.BlindedCredentialSecrets.Handle.Free()
+	if err != nil {
+		return err
+	}
+	err = s.BlindedCredentialSecrets.BlindingFactor.Free()
+	if err != nil {
+		return err
+	}
+	err = s.BlindedCredentialSecrets.CorrectnessProof.Free()
+	if err != nil {
+		return err
+	}
+	err = s.Nonce.Free()
+	if err != nil {
+		return err
+	}
+	return nil
+}
+
+type Credential struct {
+	Signature *ursa.CredentialSignature
+	Values    map[string]interface{}
+	SigProof  *ursa.CredentialSignatureCorrectnessProof
+}
+
+func (s *Credential) Free() error {
+	err := s.Signature.Free()
+	if err != nil {
+		return err
+	}
+	err = s.SigProof.Free()
+	if err != nil {
+		return err
+	}
+	return nil
+}
+
+type PresentationRequest struct {
+	Items []*PresentationRequestItem
+	Nonce *ursa.Nonce
+}
+
+func (s *PresentationRequest) Free() error {
+	err := s.Nonce.Free()
+	if err != nil {
+		return err
+	}
+	return nil
+}
+
+type PresentationRequestItem struct {
+	RevealedAttrs []string
+	Predicates    []*Predicate
+}
+
+type Predicate struct {
+	Attr  string
+	PType string
+	Value int32
+}
+
+type Proof struct {
+	Proof     *ursa.ProofHandle
+	SubProofs []*SubProof
+}
+
+func (s *Proof) Free() error {
+	err := s.Proof.Free()
+	if err != nil {
+		return err
+	}
+	for _, subProof := range s.SubProofs {
+		err = subProof.Free()
+		if err != nil {
+			return err
+		}
+	}
+	return nil
+}
+
+type SubProof struct {
+	SubProof *ursa.SubProofRequestHandle
+	Attrs    []string
+}
+
+func (s *SubProof) Free() error {
+	err := s.SubProof.Free()
+	if err != nil {
+		return err
+	}
+	return nil
+}
diff --git a/pkg/crypto/tinkcrypto/primitive/cl/api/prover.go b/pkg/crypto/tinkcrypto/primitive/cl/api/prover.go
@@ -0,0 +1,18 @@
+//go:build ursa
+// +build ursa
+
+/*
+Copyright Avast Software. All Rights Reserved.
+
+SPDX-License-Identifier: Apache-2.0
+*/
+
+package api
+
+// Prover interface primitive for CL signatures used by Tink.
+type Prover interface {
+	CreateCredentialRequest(credOffer *CredentialOffer, credDef *CredentialDefinition, proverId string) (*CredentialRequest, error)
+	ProcessCredential(credential *Credential, credRequest *CredentialRequest, credDef *CredentialDefinition) error
+	CreateProof(presentationRequest *PresentationRequest, credentials []*Credential, credDefs []*CredentialDefinition) (*Proof, error)
+	Free() error
+}