From f61e06be2f0925c2dff66dd4c90e10e97867a5ba Mon Sep 17 00:00:00 2001 From: Manu Sporny Date: Sun, 11 Feb 2024 17:25:34 -0500 Subject: [PATCH 01/10] Add suite selection algorithm. --- index.html | 156 ++++++++++++++++++++++++++++++++++++----------------- 1 file changed, 106 insertions(+), 50 deletions(-) diff --git a/index.html b/index.html index f6780ba..61de87c 100644 --- a/index.html +++ b/index.html @@ -140,6 +140,7 @@ } }, lint: {"no-unused-dfns": false}, + xref: ["infra", "VC-DATA-MODEL-2.0"], postProcess: [], otherLinks: [{ key: "Related Specifications", @@ -521,6 +522,111 @@

Algorithms

by default, and abort processing upon detection.

+
+

Suite Selection Algorithm

+ +

+This algorithm is used to configure a cryptographic suite to be used by the +Add Proof and +Verify Proof +functions in [[[VC-DATA-INTEGRITY]]]. The algorithm takes an options object +([=map=] |options|) as input and returns a cryptosuite +([=struct=] |cryptosuite|). +

+ +
    +
  1. +Initialize |cryptosuite| to an empty [=struct=]. +
    2. +
  2. +If |options|.|type| is `DataIntegrityProof` and |options|.|cryptosuite| is +`ecdsa-rdfc-2019` then: +
      +
    1. +Set |cryptosuite|.|transform| to the algorithm in Section +. +
      2. +
    2. +Set |cryptosuite|.|hash| to the algorithm in Section +. +
      3. +
    3. +Set |cryptosuite|.|createProofConfig| to the algorithm in Section +. +
      4. +
    4. +Set |cryptosuite|.|serializeProof| to the algorithm in Section +. +
      5. +
    5. +Set |cryptosuite|.|verifyProof| to the algorithm in Section +. +
      6. +
    +
    3. +
  3. +If |options|.|type| is `DataIntegrityProof` and |options|.|cryptosuite| is +`ecdsa-jcs-2019` then: +
      +
    1. +Set |cryptosuite|.|transform| to the algorithm in Section +. +
      2. +
    2. +Set |cryptosuite|.|hash| to the algorithm in Section +. +
      3. +
    3. +Set |cryptosuite|.|createProofConfig| to the algorithm in Section +. +
      4. +
    4. +Set |cryptosuite|.|serializeProof| to the algorithm in Section +. +
      5. +
    5. +Set |cryptosuite|.|verifyProof| to the algorithm in Section +. +
      6. +
    +
    4. +
  4. +If |options|.|type| is `DataIntegrityProof` and |options|.|cryptosuite| is +`ecdsa-sd-2023` then: +
      +
    1. +Set |cryptosuite|.|transform| to the algorithm in Section +. +
      2. +
    2. +Set |cryptosuite|.|hash| to the algorithm in Section +. +
      3. +
    3. +Set |cryptosuite|.|createProofConfig| to the algorithm in Section +. +
      4. +
    4. +Set |cryptosuite|.|serializeProof| to the algorithm in Section +. +
      5. +
    5. +Set |cryptosuite|.|deriveProof| to the algorithm in Section +. +
      6. +
    6. +Set |cryptosuite|.|verifyProof| to the algorithm in Section +. +
      7. +
    +
    5. +
  5. +Return |cryptosuite|. +
    6. +
+ +
+

ecdsa-rdfc-2019

@@ -540,16 +646,6 @@

Add Proof (ecdsa-rdfc-2019)

Section 4.1: Add Proof in the Data Integrity [[VC-DATA-INTEGRITY]] specification MUST be executed. -For that algorithm, the cryptographic suite specific - -transformation algorithm is defined in Section -, the - -hashing algorithm is defined in Section , -and the - -proof serialization algorithm is defined in Section -.

@@ -561,16 +657,6 @@

Verify Proof (ecdsa-rdfc-2019)

Section 4.2: Verify Proof in the Data Integrity [[VC-DATA-INTEGRITY]] specification MUST be executed. -For that algorithm, the cryptographic suite specific - -transformation algorithm is defined in Section -, the - -hashing algorithm is defined in Section , -and the - -proof verification algorithm is defined in Section -.

@@ -811,16 +897,6 @@

Add Proof (ecdsa-jcs-2019)

Section 4.1: Add Proof of the Data Integrity [[VC-DATA-INTEGRITY]] specification MUST be executed. -For that algorithm, the cryptographic suite-specific - -transformation algorithm is defined in Section -, the - -hashing algorithm is defined in Section , -and the - -proof serialization algorithm is defined in Section -.

@@ -832,16 +908,6 @@

Verify Proof (ecdsa-jcs-2019)

Section 4.2: Verify Proof of the Data Integrity [[VC-DATA-INTEGRITY]] specification MUST be executed. -For that algorithm, the cryptographic suite-specific - -transformation algorithm is defined in Section -, the - -hashing algorithm is defined in Section , -and the - -proof verification algorithm is defined in Section -.

@@ -2406,16 +2472,6 @@

Add Base Proof (ecdsa-sd-2023)

Section 4.1: Add Proof in the Data Integrity [[VC-DATA-INTEGRITY]] specification MUST be executed. -For that algorithm, the cryptographic suite specific - -transformation algorithm is defined in Section -, the - -hashing algorithm is defined in Section , -and the - -proof serialization algorithm is defined in Section -.

From b7da944311cb1ffd6ebad9c172a67a4962323b54 Mon Sep 17 00:00:00 2001 From: Manu Sporny Date: Fri, 16 Feb 2024 18:47:08 -0500 Subject: [PATCH 02/10] Align Create Proof and Verify Proof for ecdsa-rdfc-2019 with DI. --- index.html | 118 +++++++++++++++++++++++++++++++++++++++++++++++------ 1 file changed, 106 insertions(+), 12 deletions(-) diff --git a/index.html b/index.html index 61de87c..4bc2c85 100644 --- a/index.html +++ b/index.html @@ -140,7 +140,7 @@ } }, lint: {"no-unused-dfns": false}, - xref: ["infra", "VC-DATA-MODEL-2.0"], + xref: ["INFRA", "VC-DATA-MODEL-2.0", "VC-DATA-INTEGRITY"], postProcess: [], otherLinks: [{ key: "Related Specifications", @@ -639,25 +639,119 @@

ecdsa-rdfc-2019

-

Add Proof (ecdsa-rdfc-2019)

+

Create Proof (ecdsa-rdfc-2019)

+ +

+The following algorithm specifies how to create a [=data integrity proof=] given +an unsecured data document. Required inputs are an +unsecured data document ([=map=] |unsecuredDocument|), and a set of +proof options ([=map=] |options|). A [=data integrity proof=] ([=map=]), +or an error, is produced as output. +

+ +
    +
  1. +Let |proof| be an empty [=map=]. +
    2. +
  2. +Let |proof| be the result of running the algorithm in +Section with +|options| passed as a parameter. +
    3. +
  3. +Let |transformedData| be the result of running the algorithm in Section with |unsecuredDocument| and +|options| passed as parameters. +
    4. +
  4. +Let |hashData| be the result of running the algorithm in Section + with |transformedData| and |proofConfig| +passed as a parameters. +
    5. +
  5. +Let |proofBytes| be the result of running the algorithm in Section + with |hashData| and +|options| passed as parameters. +
    6. +
  6. +Let |proof|.|proofValue| be a +base58-btc-encoded Multibase value of the |proofBytes|. +
    7. +
  7. +Return |proof| as the [=data integrity proof=]. +
    8. +
-

-To generate a proof, the algorithm in - -Section 4.1: Add Proof in the Data Integrity -[[VC-DATA-INTEGRITY]] specification MUST be executed. -

Verify Proof (ecdsa-rdfc-2019)

+

-To verify a proof, the algorithm in - -Section 4.2: Verify Proof in the Data Integrity -[[VC-DATA-INTEGRITY]] specification MUST be executed. +The following algorithm specifies how to verify a [=data integrity proof=] given +an secured data document. Required inputs are an +secured data document ([=map=] |securedDocument|). This algorithm returns +a verification result, which is a [=struct=] whose +[=struct/items=] are:

+
+
verified
+
`true` or `false`
+
verifiedDocument
+
+Null, if [=verification result/verified=] is +`false`; otherwise, an [=unsecured data document=] +
+
+ +
    +
  1. +Let |unsecuredDocument| be a copy of |securedDocument| with +the `proof` value removed. +
    2. +
  2. +Let |proofConfig| be a copy of |securedDocument|.|proof| with `proofValue` +removed. +
    3. +
  3. +Let |proofBytes| be the +Multibase decoded base58-btc +value in |securedDocument|.|proof|.|proofValue|. +
    4. +
  4. +Let |transformedData| be the result of running the algorithm in Section with |unsecuredDocument| and +|proofConfig| passed as parameters. +
    5. +
  5. +Let |hashData| be the result of running the algorithm in Section + with |transformedData| and |proofConfig| +passed as a parameters. +
    6. +
  6. +Let |verified:boolean| be the result of running the algorithm in Section + algorithm on |hashData|, +|proofBytes|, and |proofConfig|. +
    7. +
  7. +If |proof|.|created| does not [=map/exist=], +an error MUST be raised and SHOULD convey an error type of + +MALFORMED_PROOF_ERROR. +
    8. +
  8. +Return a [=verification result=] with [=struct/items=]: +
    +
    [=verified=]
    +
    |verified|
    +
    [=verifiedDocument=]
    +
    +|unsecuredDocument| if |verified| is `true`, otherwise Null
    +
    +
    9. +
+
From 69b6b4591b689f41c8005f3029154a9758a08f66 Mon Sep 17 00:00:00 2001 From: Manu Sporny Date: Fri, 16 Feb 2024 19:00:30 -0500 Subject: [PATCH 03/10] Update Instantiate Cryptosuite algorithm. --- index.html | 77 ++++++++++++++---------------------------------------- 1 file changed, 19 insertions(+), 58 deletions(-) diff --git a/index.html b/index.html index 4bc2c85..5da49fc 100644 --- a/index.html +++ b/index.html @@ -523,14 +523,14 @@

Algorithms

-

Suite Selection Algorithm

+

Instantiate Cryptosuite

This algorithm is used to configure a cryptographic suite to be used by the -Add Proof and -Verify Proof +Add Proof and +Verify Proof functions in [[[VC-DATA-INTEGRITY]]]. The algorithm takes an options object -([=map=] |options|) as input and returns a cryptosuite +([=map=] |options|) as input and returns a [=cryptosuite instance=] ([=struct=] |cryptosuite|).

@@ -539,24 +539,15 @@

Suite Selection Algorithm

Initialize |cryptosuite| to an empty [=struct=].
  • -If |options|.|type| is `DataIntegrityProof` and |options|.|cryptosuite| is -`ecdsa-rdfc-2019` then: +If |options|.|type| does not equal `DataIntegrityProof`, an +`INVALID_PROOF_CONFIGURATION` error MUST be raised. +
    • +
  • +If |options|.|cryptosuite| is `ecdsa-rdfc-2019` then:
    1. -Set |cryptosuite|.|transform| to the algorithm in Section -. -
      2. -
    2. -Set |cryptosuite|.|hash| to the algorithm in Section -. -
      3. -
    3. -Set |cryptosuite|.|createProofConfig| to the algorithm in Section -. -
      4. -
    4. -Set |cryptosuite|.|serializeProof| to the algorithm in Section -. +Set |cryptosuite|.|createProof| to the algorithm in Section +.
    5. Set |cryptosuite|.|verifyProof| to the algorithm in Section @@ -565,24 +556,11 @@

      Suite Selection Algorithm

  • -If |options|.|type| is `DataIntegrityProof` and |options|.|cryptosuite| is -`ecdsa-jcs-2019` then: +If |options|.|cryptosuite| is `ecdsa-jcs-2019` then:
    1. -Set |cryptosuite|.|transform| to the algorithm in Section -. -
      2. -
    2. -Set |cryptosuite|.|hash| to the algorithm in Section -. -
      3. -
    3. -Set |cryptosuite|.|createProofConfig| to the algorithm in Section -. -
      4. -
    4. -Set |cryptosuite|.|serializeProof| to the algorithm in Section -. +Set |cryptosuite|.|createProof| to the algorithm in Section +.
    5. Set |cryptosuite|.|verifyProof| to the algorithm in Section @@ -591,28 +569,11 @@

      Suite Selection Algorithm

  • -If |options|.|type| is `DataIntegrityProof` and |options|.|cryptosuite| is -`ecdsa-sd-2023` then: +If |options|.|cryptosuite| is `ecdsa-sd-2023` then:
    1. -Set |cryptosuite|.|transform| to the algorithm in Section -. -
      2. -
    2. -Set |cryptosuite|.|hash| to the algorithm in Section -. -
      3. -
    3. -Set |cryptosuite|.|createProofConfig| to the algorithm in Section -. -
      4. -
    4. -Set |cryptosuite|.|serializeProof| to the algorithm in Section -. -
      5. -
    5. -Set |cryptosuite|.|deriveProof| to the algorithm in Section -. +Set |cryptosuite|.|createProof| to the algorithm in Section +.
    6. Set |cryptosuite|.|verifyProof| to the algorithm in Section @@ -984,7 +945,7 @@

      ecdsa-jcs-2019

      -

      Add Proof (ecdsa-jcs-2019)

      +

      Create Proof (ecdsa-jcs-2019)

      To generate a proof, the algorithm in @@ -2559,7 +2520,7 @@

      ecdsa-sd-2023

      -

      Add Base Proof (ecdsa-sd-2023)

      +

      Create Base Proof (ecdsa-sd-2023)

      To generate a base proof, the algorithm in From 94fd162d898731d53c45be28cee7b986559930d6 Mon Sep 17 00:00:00 2001 From: Manu Sporny Date: Sun, 25 Feb 2024 13:51:36 -0500 Subject: [PATCH 04/10] Update link to "data integrity cryptographic suite instance". --- index.html | 7 ++----- 1 file changed, 2 insertions(+), 5 deletions(-) diff --git a/index.html b/index.html index 5da49fc..5c6a741 100644 --- a/index.html +++ b/index.html @@ -103,7 +103,6 @@ /*preProcess: [ webpayments.preProcess ], alternateFormats: [ {uri: "diff-20111214.html", label: "diff to previous version"} ], */ - xref: ["INFRA", "VC-DATA-INTEGRITY", "VC-DATA-MODEL-2.0"], localBiblio: { MULTIBASE: { title: "Multibase", @@ -139,9 +138,7 @@ href: "https://doi.org/10.6028/NIST.SP.800-57pt1r5" } }, - lint: {"no-unused-dfns": false}, xref: ["INFRA", "VC-DATA-MODEL-2.0", "VC-DATA-INTEGRITY"], - postProcess: [], otherLinks: [{ key: "Related Specifications", data: [{ @@ -530,8 +527,8 @@

      Instantiate Cryptosuite

      Add Proof and Verify Proof functions in [[[VC-DATA-INTEGRITY]]]. The algorithm takes an options object -([=map=] |options|) as input and returns a [=cryptosuite instance=] -([=struct=] |cryptosuite|). +([=map=] |options|) as input and returns a [=data integrity cryptographic suite +instance|cryptosuite instance=] ([=struct=] |cryptosuite|).

        From 58cb3f250e571e3f56c7e4345af3e07463e9aef2 Mon Sep 17 00:00:00 2001 From: Manu Sporny Date: Sun, 25 Feb 2024 14:16:35 -0500 Subject: [PATCH 05/10] Return an empty cryptosuite for invalid identifiers. --- index.html | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) diff --git a/index.html b/index.html index 5c6a741..1633f1a 100644 --- a/index.html +++ b/index.html @@ -536,8 +536,7 @@

        Instantiate Cryptosuite

        Initialize |cryptosuite| to an empty [=struct=].
      1. -If |options|.|type| does not equal `DataIntegrityProof`, an -`INVALID_PROOF_CONFIGURATION` error MUST be raised. +If |options|.|type| does not equal `DataIntegrityProof`, return |cryptosuite|.
      2. If |options|.|cryptosuite| is `ecdsa-rdfc-2019` then: From 68e36b20f5f5347168ebaff1a981f05e84063ebc Mon Sep 17 00:00:00 2001 From: Manu Sporny Date: Sun, 25 Feb 2024 14:38:49 -0500 Subject: [PATCH 06/10] Use `proofConfig` instead of `proof`. Co-authored-by: Dave Longley --- index.html | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/index.html b/index.html index 1633f1a..9115914 100644 --- a/index.html +++ b/index.html @@ -608,17 +608,17 @@

        Create Proof (ecdsa-rdfc-2019)

        1. -Let |proof| be an empty [=map=]. +Let |proof| be a clone of the proof options, |options|.
        2. -Let |proof| be the result of running the algorithm in +Let |proofConfig| be the result of running the algorithm in Section with |options| passed as a parameter.
        3. Let |transformedData| be the result of running the algorithm in Section with |unsecuredDocument| and -|options| passed as parameters. +href="#transformation-ecdsa-rdfc-2019"> with |unsecuredDocument|, +|proofConfig|, and |options| passed as parameters.
        4. Let |hashData| be the result of running the algorithm in Section From e399b31523b08a8b89f194275b8d8f61c9dbf72a Mon Sep 17 00:00:00 2001 From: Manu Sporny Date: Sun, 25 Feb 2024 15:03:34 -0500 Subject: [PATCH 07/10] Align ecdsa-jcs-2019 create proof algorithm to new interface. --- index.html | 86 +++++++++++++++++++++++++++++++++++++----------------- 1 file changed, 60 insertions(+), 26 deletions(-) diff --git a/index.html b/index.html index 9115914..3963adc 100644 --- a/index.html +++ b/index.html @@ -598,53 +598,52 @@

          ecdsa-rdfc-2019

          Create Proof (ecdsa-rdfc-2019)

          -

          +

          The following algorithm specifies how to create a [=data integrity proof=] given an unsecured data document. Required inputs are an -unsecured data document ([=map=] |unsecuredDocument|), and a set of -proof options ([=map=] |options|). A [=data integrity proof=] ([=map=]), -or an error, is produced as output. -

          +unsecured data document ([=map=] |unsecuredDocument|), and a set of proof +options ([=map=] |options|). A [=data integrity proof=] ([=map=]), or an error, +is produced as output. +

          -
            -
          1. +
              +
            1. Let |proof| be a clone of the proof options, |options|. -
              2. -
            2. +
              3. +
            3. Let |proofConfig| be the result of running the algorithm in Section with |options| passed as a parameter. -
              4. -
            4. +
              5. +
            5. Let |transformedData| be the result of running the algorithm in Section with |unsecuredDocument|, |proofConfig|, and |options| passed as parameters. -
              6. -
            6. +
              7. +
            7. Let |hashData| be the result of running the algorithm in Section with |transformedData| and |proofConfig| passed as a parameters. -
              8. -
            8. +
              9. +
            9. Let |proofBytes| be the result of running the algorithm in Section with |hashData| and |options| passed as parameters. -
              10. -
            10. +
              11. +
            11. Let |proof|.|proofValue| be a base58-btc-encoded Multibase value of the |proofBytes|. -
              12. -
            12. +
              13. +
            13. Return |proof| as the [=data integrity proof=]. -
              14. -
            +
            2. +

          Verify Proof (ecdsa-rdfc-2019)

          -

          The following algorithm specifies how to verify a [=data integrity proof=] given an secured data document. Required inputs are an @@ -943,12 +942,47 @@

          ecdsa-jcs-2019

          Create Proof (ecdsa-jcs-2019)

          +

          -To generate a proof, the algorithm in - -Section 4.1: Add Proof of the Data Integrity -[[VC-DATA-INTEGRITY]] specification MUST be executed. +The following algorithm specifies how to create a [=data integrity proof=] given +an unsecured data document. Required inputs are an +unsecured data document ([=map=] |unsecuredDocument|), and a set of proof +options ([=map=] |options|). A [=data integrity proof=] ([=map=]), or an error, +is produced as output.

          + +
            +
          1. +Let |proof| be a clone of the proof options, |options|. +
            2. +
          2. +Let |proofConfig| be the result of running the algorithm in +Section with +|options| passed as a parameter. +
            3. +
          3. +Let |transformedData| be the result of running the algorithm in Section with |unsecuredDocument|, +|proofConfig|, and |options| passed as parameters. +
            4. +
          4. +Let |hashData| be the result of running the algorithm in Section + with |transformedData| and |proofConfig| +passed as a parameters. +
            5. +
          5. +Let |proofBytes| be the result of running the algorithm in Section + with |hashData| and +|options| passed as parameters. +
            6. +
          6. +Let |proof|.|proofValue| be a +base58-btc-encoded Multibase value of the |proofBytes|. +
            7. +
          7. +Return |proof| as the [=data integrity proof=]. +
            8. +
          From 4d0bb8e4edac027b7fc3b2ea8a0ec2bfb3d4d413 Mon Sep 17 00:00:00 2001 From: Manu Sporny Date: Sun, 25 Feb 2024 15:07:23 -0500 Subject: [PATCH 08/10] Align ecdsa-sd-2023 create proof algorithm to new interface. --- index.html | 43 +++++++++++++++++++++++++++++++++++++++---- 1 file changed, 39 insertions(+), 4 deletions(-) diff --git a/index.html b/index.html index 3963adc..ae19d60 100644 --- a/index.html +++ b/index.html @@ -2552,12 +2552,47 @@

          ecdsa-sd-2023

          Create Base Proof (ecdsa-sd-2023)

          +

          -To generate a base proof, the algorithm in - -Section 4.1: Add Proof in the Data Integrity -[[VC-DATA-INTEGRITY]] specification MUST be executed. +The following algorithm specifies how to create a [=data integrity proof=] given +an unsecured data document. Required inputs are an +unsecured data document ([=map=] |unsecuredDocument|), and a set of proof +options ([=map=] |options|). A [=data integrity proof=] ([=map=]), or an error, +is produced as output.

          + +
            +
          1. +Let |proof| be a clone of the proof options, |options|. +
            2. +
          2. +Let |proofConfig| be the result of running the algorithm in +Section with +|options| passed as a parameter. +
            3. +
          3. +Let |transformedData| be the result of running the algorithm in Section with |unsecuredDocument|, +|proofConfig|, and |options| passed as parameters. +
            4. +
          4. +Let |hashData| be the result of running the algorithm in Section + with |transformedData| and |proofConfig| +passed as a parameters. +
            5. +
          5. +Let |proofBytes| be the result of running the algorithm in Section + with |hashData| and +|options| passed as parameters. +
            6. +
          6. +Let |proof|.|proofValue| be a +base64-url-encoded Multibase value of the |proofBytes|. +
            7. +
          7. +Return |proof| as the [=data integrity proof=]. +
            8. +
          From a994106bfe53ca652c7ebd213f769e0880553bba Mon Sep 17 00:00:00 2001 From: Manu Sporny Date: Sun, 25 Feb 2024 15:15:48 -0500 Subject: [PATCH 09/10] Align ecdsa-jcs-2019 verify proof algorithm to new interface. --- index.html | 56 ++++++++++++++++++++++++++++++++++++++++++++++++++---- 1 file changed, 52 insertions(+), 4 deletions(-) diff --git a/index.html b/index.html index ae19d60..8933039 100644 --- a/index.html +++ b/index.html @@ -989,11 +989,59 @@

          Create Proof (ecdsa-jcs-2019)

          Verify Proof (ecdsa-jcs-2019)

          -To verify a proof, the algorithm in - -Section 4.2: Verify Proof of the Data Integrity -[[VC-DATA-INTEGRITY]] specification MUST be executed. +The following algorithm specifies how to verify a [=data integrity proof=] given +an secured data document. Required inputs are an +secured data document ([=map=] |securedDocument|). This algorithm returns +a [=verification result=]:

          + +
            +
          1. +Let |unsecuredDocument| be a copy of |securedDocument| with +the `proof` value removed. +
            2. +
          2. +Let |proofConfig| be a copy of |securedDocument|.|proof| with `proofValue` +removed. +
            3. +
          3. +Let |proofBytes| be the +Multibase decoded base58-btc +value in |securedDocument|.|proof|.|proofValue|. +
            4. +
          4. +Let |transformedData| be the result of running the algorithm in Section with |unsecuredDocument| and +|proofConfig| passed as parameters. +
            5. +
          5. +Let |hashData| be the result of running the algorithm in Section + with |transformedData| and |proofConfig| +passed as a parameters. +
            6. +
          6. +Let |verified:boolean| be the result of running the algorithm in Section + algorithm on |hashData|, +|proofBytes|, and |proofConfig|. +
            7. +
          7. +If |proof|.|created| does not [=map/exist=], +an error MUST be raised and SHOULD convey an error type of + +MALFORMED_PROOF_ERROR. +
            8. +
          8. +Return a [=verification result=] with [=struct/items=]: +
            +
            [=verified=]
            +
            |verified|
            +
            [=verifiedDocument=]
            +
            +|unsecuredDocument| if |verified| is `true`, otherwise Null
            +
            +
            9. +
          +
          From 3ad673c8fbadcc55cdb92719765e387779b03820 Mon Sep 17 00:00:00 2001 From: Manu Sporny Date: Sun, 25 Feb 2024 15:37:45 -0500 Subject: [PATCH 10/10] Align ecdsa-sd-2023 verify proof algorithm to new interface. --- index.html | 31 +++++++++++++++++++++++-------- 1 file changed, 23 insertions(+), 8 deletions(-) diff --git a/index.html b/index.html index 8933039..5d686a2 100644 --- a/index.html +++ b/index.html @@ -2924,12 +2924,15 @@

          Verify Derived Proof (ecdsa-sd-2023)

          proof. This algorithm is called by a verifier of an ECDSA-SD-protected [=verifiable credential=]. The inputs include a JSON-LD document (document), an ECDSA-SD disclosure proof (proof), and any -custom JSON-LD API options, such as a document loader. A single boolean -verification result value is produced as output. +custom JSON-LD API options, such as a document loader. This algorithm returns +a [=verification result=]:

          1. +Let `unsecuredDocument` be a copy of `document` with the `proof` value removed. +
            2. +
          2. Initialize `baseSignature`, `proofHash`, `publicKey`, `signatures`, `nonMandatory`, and `mandatoryHash` to the values associated with their property names in the object returned when calling the algorithm in Section @@ -2952,30 +2955,42 @@

            Verify Derived Proof (ecdsa-sd-2023)

            `mandatoryHash`.
          3. -Initialize `verificationResult` be the result of applying the verification +Initialize `verified` to true. +
            4. +
          4. +Initialize `verificationCheck` be the result of applying the verification algorithm of the Elliptic Curve Digital Signature Algorithm (ECDSA) [FIPS-186-5], with `toVerify` as the data to be verified against the `baseSignature` using -the public key specified by `publicKeyBytes`. If `verificationResult` is -`false`, return `false`. +the public key specified by `publicKeyBytes`. If `verificationCheck` is +`false`, set `verified` to false.
          5. For every entry (`index`, `signature`) in `signatures`, verify every signature for every selectively disclosed (non-mandatory) statement:
            1. -Initialize `verificationResult` to the result of applying the verification +Initialize `verificationCheck` to the result of applying the verification algorithm Elliptic Curve Digital Signature Algorithm (ECDSA) [FIPS-186-5], with the UTF-8 representation of the value at `index` of `nonMandatory` as the data to be verified against `signature` using the public key specified by `publicKeyBytes`.
            2. -If `verificationResult` is `false`, return `false`. +If `verificationCheck` is `false`, set `verified` to false.
          6. -Return `verificationResult` as verification result. +Return a [=verification result=] with [=struct/items=]: +
            +
            [=verified=]
            +
            The value of `verified`
            +
            [=verifiedDocument=]
            +
            +`unsecuredDocument` if `verified` is `true`, otherwise Null +
            +