Add preliminary VC support

Cargo.toml

@@ -5,16 +5,29 @@ edition = "2021"
 
 [dependencies]
 async-trait = "0.1.78"
-c2pa = "0.32.4"
+c2pa = { version = "0.33.0", features = ["openssl_ffi_mutex"] }
+chrono = "0.4.38"
 ciborium = "0.2.2"
+coset = "0.3.8"
 hex-literal = "0.4.1"
+iref = "3.2.2"
+json-ld-syntax = "0.21.1"
 jumbf = "0.4.0"
+linked-data = { version = "0.1.2", features = ["derive"] }
+multibase = "0.9.1"
+non-empty-string = { version = "0.2.4", features = ["serde"] }
 serde = { version = "1.0.197", features = ["derive"] }
 serde_bytes = "0.11.14"
+serde_json = "1.0.117"
+ssi = "0.8.0"
+ssi-dids = "0.2.0"
+ssi-json-ld = "0.3.0"
+static-iref = "3.0"
 thiserror = "1.0.61"
+xsd-types = "0.9.5"
 
 [dev-dependencies]
 actix = "0.13.3"
-c2pa = { version = "0.32.4", features = ["file_io", "openssl_sign"] }
+c2pa = { version = "0.33.0", features = ["file_io", "openssl_sign", "openssl_ffi_mutex"] }
 serde = { version = "1.0.197", features = ["derive"] }
 tempfile = "3.10.1"

deny.toml

@@ -17,7 +17,16 @@ yanked = "allow" # "deny" # TODO: Re-enable when possible.
 
 ignore = [
   "RUSTSEC-2021-0127", # serde_cbor
-  "RUSTSEC-2024-0320", # yaml-rust
+
+  # The following dependencies come in through ssi crate.
+  # See https://github.com/spruceid/ssi/issues/599 and
+  # https://github.com/scouten-adobe/cawg-identity-core/issues/29.
+  "RUSTSEC-2021-0139", # ansi_term (unmaintained)
+  "RUSTSEC-2021-0145", # atty (unaligned read, possibly unmaintained)
+  "RUSTSEC-2021-0141", # dotenv (meant for dev/testing only)
+  "RUSTSEC-2023-0055", # lexical 6.1.1 (soundness issues)
+  "RUSTSEC-2022-0040", # owning_ref 0.4.1 (soundness issues, unmaintained)
+  "RUSTSEC-2023-0071", # rsa 0.6.1 (Marvin key recovery attack)
 ]
 
 # Deny multiple versions unless explicitly skipped.
@@ -37,6 +46,7 @@ allow = [
   "MIT",
   "MPL-2.0",
   "Unicode-DFS-2016",
+  "W3C-20150513", # needs review
   "Zlib",
 ]
 confidence-threshold = 0.9
@@ -52,6 +62,3 @@ license-files = [
 unknown-registry = "deny"
 unknown-git = "deny"
 allow-registry = ["https://github.com/rust-lang/crates.io-index"]
-allow-git = [
-  "https://github.com/contentauth/c2pa-rs.git"
-]

src/identity_assertion.rs → src/identity_assertion/mod.rs

@@ -11,19 +11,28 @@
 // specific language governing permissions and limitations under
 // each license.
 
-use std::{
-    collections::HashSet,
-    fmt::{Debug, Formatter},
-};
+use std::fmt::{Debug, Formatter};
 
-use async_trait::async_trait;
 use serde::{Deserialize, Serialize};
 use serde_bytes::ByteBuf;
 
 use crate::{
     builder::IdentityAssertionBuilder, internal, internal::debug_byte_slice::DebugByteSlice,
 };
 
+pub(crate) mod named_actor;
+use named_actor::NamedActor;
+pub use named_actor::VerifiedIdentities;
+
+pub(crate) mod signer_payload;
+use signer_payload::{HashedUri, SignerPayload};
+
+pub(crate) mod signature_handler;
+use signature_handler::SignatureHandler;
+
+pub(crate) mod validation_error;
+use validation_error::{ValidationError, ValidationResult};
+
 /// This struct represents the raw content of the identity assertion.
 ///
 /// Use [`IdentityAssertionBuilder`] and [`ManifestBuilder`] to
@@ -173,6 +182,20 @@
             }
         }
 
+        // TO DO: Allow configuration of signature handler list.
+        // For now, we hard-code the VC/creator identity assertion signature handler.
+
+        let vc_handler = crate::w3c_vc::CoseVcSignatureHandler {};
+        if let Ok(named_actor) = vc_handler
+            .check_signature(signer_payload, &self.signature)
+            .await
+        {
+            return Ok(IdentityAssertionReport {
+                signer_payload,
+                named_actor,
+            });
+        }
+
         Err(ValidationError::UnknownSignatureType(
             self.signer_payload.sig_type.clone(),
         ))
@@ -217,192 +240,6 @@
     }
 }
 
-/// The set of data to be signed by the credential holder.
-#[derive(Clone, Debug, Deserialize, Eq, Serialize, PartialEq)]
-pub struct SignerPayload {
-    /// List of assertions referenced by this credential signature
-    pub referenced_assertions: Vec<HashedUri>,
-
-    /// A string identifying the data type of the `signature` field
-    pub sig_type: String,
-}
-
-impl SignerPayload {
-    fn check_against_manifest(&self, manifest: &c2pa::Manifest) -> ValidationResult<()> {
-        // All assertions mentioned in referenced_assertions
-        // also need to be referenced in the claim.
-
-        for ref_assertion in self.referenced_assertions.iter() {
-            if let Some(claim_assertion) = manifest
-                .assertion_references()
-                .find(|a| a.url() == ref_assertion.url)
-            {
-                if claim_assertion.hash() != ref_assertion.hash {
-                    return Err(ValidationError::AssertionMismatch(
-                        ref_assertion.url.to_owned(),
-                    ));
-                }
-                if let Some(alg) = claim_assertion.alg().as_ref() {
-                    if Some(alg) != ref_assertion.alg.as_ref() {
-                        return Err(ValidationError::AssertionMismatch(
-                            ref_assertion.url.to_owned(),
-                        ));
-                    }
-                } else {
-                    return Err(ValidationError::AssertionMismatch(
-                        ref_assertion.url.to_owned(),
-                    ));
-                }
-            } else {
-                return Err(ValidationError::AssertionNotInClaim(
-                    ref_assertion.url.to_owned(),
-                ));
-            }
-        }
-
-        // Ensure that a hard binding assertion is present.
-
-        let ref_assertion_labels: Vec<String> = self
-            .referenced_assertions
-            .iter()
-            .map(|ra| ra.url.to_owned())
-            .collect();
-
-        if !ref_assertion_labels.iter().any(|ra| {
-            if let Some((_jumbf_prefix, label)) = ra.rsplit_once('/') {
-                label.starts_with("c2pa.hash.")
-            } else {
-                false
-            }
-        }) {
-            return Err(ValidationError::NoHardBindingAssertion);
-        }
-
-        // Make sure no assertion references are duplicated.
-
-        let mut labels = HashSet::<String>::new();
-
-        for label in &ref_assertion_labels {
-            let label = label.clone();
-            if labels.contains(&label) {
-                return Err(ValidationError::MultipleAssertionReferenced(label));
-            }
-            labels.insert(label);
-        }
-
-        Ok(())
-    }
-}
-
-/// A `SignatureHandler` can read one kind of signature from an identity
-/// assertion, assess the validity of the signature, and return information
-/// about the corresponding credential subject.
-#[async_trait]
-pub trait SignatureHandler {
-    /// Returns true if this handler can process a signature with
-    /// the given `sig_type` code.
-    fn can_handle_sig_type(sig_type: &str) -> bool;
-
-    /// Check the signature, returning an instance of [`NamedActor`] if
-    /// the signature is valid.
-    ///
-    /// Will only be called if `can_handle_sig_type` returns `true`
-    /// for this signature.
-    async fn check_signature<'a>(
-        &self,
-        signer_payload: &SignerPayload,
-        signature: &'a [u8],
-    ) -> ValidationResult<Box<dyn NamedActor<'a>>>;
-}
-
-/// A `NamedActor` is the actor named by a signature in an identity
-/// assertion.
-pub trait NamedActor<'a>: Debug {
-    /// Return the name of the subject suitable for user experience display.
-    fn display_name(&self) -> Option<String>;
-
-    /// Return `true` if the subject's credentials chain up to a suitable trust
-    /// list for this kind of signature.
-    fn is_trusted(&self) -> bool;
-}
-
-/// A `HashedUri` provides a reference to content available within the same
-/// manifest store.
-///
-/// This is described in §8.3, “[URI References],” of the C2PA Technical
-/// Specification.
-///
-/// [URI References]: https://c2pa.org/specifications/specifications/2.0/specs/C2PA_Specification.html#_uri_references
-#[derive(Clone, Deserialize, Eq, PartialEq, Serialize)]
-pub struct HashedUri {
-    /// JUMBF URI reference
-    pub url: String,
-
-    /// A string identifying the cryptographic hash algorithm used to compute
-    /// the hash
-    #[serde(skip_serializing_if = "Option::is_none")]
-    pub alg: Option<String>,
-
-    /// Byte string containing the hash value
-    #[serde(with = "serde_bytes")]
-    pub hash: Vec<u8>,
-}
-
-impl Debug for HashedUri {
-    fn fmt(&self, f: &mut Formatter<'_>) -> Result<(), std::fmt::Error> {
-        f.debug_struct("HashedUri")
-            .field("url", &self.url)
-            .field("alg", &self.alg)
-            .field("hash", &DebugByteSlice(&self.hash))
-            .finish()
-    }
-}
-
-/// Describes the ways in which a CAWG identity
-/// assertion can fail validation as described in
-/// [§7. Validating the identity assertion].
-///
-/// [§7. Validating the identity assertion]: https://creator-assertions.github.io/identity/1.0-draft/#_validating_the_identity_assertion
-/// [`IdentityAssertion`]: crate::IdentityAssertion
-#[derive(Clone, Debug, Eq, thiserror::Error, PartialEq)]
-pub enum ValidationError {
-    /// The named assertion could not be found in the claim.
-    #[error("No assertion with the label {0:#?} in the claim")]
-    AssertionNotInClaim(String),
-
-    /// The named assertion exists in the claim, but the hash does not match.
-    #[error("The assertion with the label {0:#?} is not the same as in the claim")]
-    AssertionMismatch(String),
-
-    /// The named assertion was referenced more than once in the identity
-    /// assertion.
-    #[error("The assertion with the label {0:#?} is referenced multiple times")]
-    MultipleAssertionReferenced(String),
-
-    /// No hard-binding assertion was referenced in the identity assertion.
-    #[error("No hard binding assertion is referenced")]
-    NoHardBindingAssertion,
-
-    /// The `sig_type` field is not recognized.
-    #[error("Unable to parse a signature of type {0:#?}")]
-    UnknownSignatureType(String),
-
-    /// The signature is not valid.
-    #[error("Signature is invalid")]
-    InvalidSignature,
-
-    /// The `pad1` or `pad2` fields contain values other than 0x00 bytes.
-    #[error("Invalid padding")]
-    InvalidPadding,
-
-    /// Unexpected error while parsing or validating the identity assertion.
-    #[error("Unexpected error")]
-    UnexpectedError,
-}
-
-/// Result type for validation operations.
-pub type ValidationResult<T> = std::result::Result<T, ValidationError>;
-
 /// This struct is returned when the data in an identity assertion is deemed
 /// valid.
 #[derive(Debug)]