UNPKG

di-wings

Version:

Aviary Tech's common library for decentralized identity

310 lines 14.6 kB
import { type DocumentLoader, type VerificationResult } from "../../../crypto"; import type { DataIntegrityProof, ProofOptions } from "../proofs/data-integrity"; import { Multikey } from "../../../crypto/keypairs/Multikey"; import type { VerifiableCredential } from "../types"; interface VerifyData { bbsProof: Uint8Array; proofHash: Uint8Array; mandatoryHash: Uint8Array; selectiveIndexes: number[]; presentationHeader: Uint8Array; nonMandatory: Uint8Array[]; featureOption: string; pseudonym?: string; lengthBBSMessages?: number; } interface TransformationOptions { type: string; cryptosuite: string; verificationMethod: string; mandatoryPointers?: string[]; documentLoader?: (url: string) => Promise<any>; } interface HashData { proofHash: string; mandatoryHash: string; [key: string]: any; } export declare class BBSCryptosuiteManager { static name: string; private readonly keypair; constructor(keypair: Multikey); /** * Compares two byte arrays * * @param a - The first byte array * @param b - The second byte array * @returns boolean */ private static compareBytes; /** * Gets the public key from the keypair * * @returns Uint8Array */ private getPublicKey; /** * Signs messages using the BBS signature scheme * * @param header - The header to use for signing * @param messages - The messages to sign * @returns Uint8Array */ private sign; /** * Performs blind signing for anonymous holder binding * * @param header - The header to use for signing * @param messages - The messages to sign * @param commitment - The commitment to use for signing * @param signer_blind - The signer blind to use for signing * @returns Promise<Uint8Array> */ private blindSign; /** * Generates a cryptographically random PID * * @returns string */ private generatePid; /** * Signs with PID for pseudonym issuer pid feature * * @param header - The header to use for signing * @param messages - The messages to sign * @param pid - The PID to use for signing * @returns Uint8Array */ private signWithPid; /** * Signs with hidden PID for pseudonym hidden pid feature * * @param header - The header to use for signing * @param messages - The messages to sign * @param commitment - The commitment to use for signing * @returns Promise<{ signature: Uint8Array, signer_blind: Uint8Array }> */ private signWithHiddenPid; /** * https://www.w3.org/TR/vc-di-bbs/#serializebaseproofvalue * Data Integrity BBS Cryptosuite v1.0 * 3.3.1 - serializes the components of a bbs-2023 base proof value. * * params: * @param bbsSignature - Uint8Array * @param bbsHeader - Uint8Array * @param publicKey - Uint8Array * @param hmacKey - Uint8Array * @param mandatoryPointers - string[] * @param featureOption - string * @param pid - string * @param signer_blind - Uint8Array * @returns string */ static serializeBaseProofValue(bbsSignature: Uint8Array, bbsHeader: Uint8Array, publicKey: Uint8Array, hmacKey: Uint8Array, mandatoryPointers: string[], featureOption: string, pid?: Uint8Array, signer_blind?: Uint8Array): string; /** * https://www.w3.org/TR/vc-di-bbs/#parsebaseproofvalue * Data Integrity BBS Cryptosuite v1.0 * 3.3.2 - Parses the components of a bbs-2023 selective disclosure base proof value. * * @param proofValue - The proof value string to parse * @returns ParsedBaseProof containing the parsed components * @throws Error if parsing fails or proof value is invalid */ private static parseBaseProofValue; /** * https://www.w3.org/TR/vc-di-bbs/#createdisclosuredata * Data Integrity BBS Cryptosuite v1.0 * 3.3.3 - Creates data to be used to generate a derived proof. * * @param document - The JSON-LD document to create disclosure data for * @param proof - The BBS base proof to derive from * @param selectivePointers - Array of JSON pointers indicating statements to selectively disclose * @param featureOption - The feature option being used (baseline, anonymous_holder_binding, etc) * @param options - Additional options including document loader * @param presentationHeader - Optional BBS presentation header * @param additionalFeatureOptions - Additional options required by specific features * @returns DisclosureData containing the data needed for derived proof generation * @throws Error if data creation fails or required parameters are missing */ private static createDisclosureData; /** * https://www.w3.org/TR/vc-di-bbs/#compresslabelmap * Data Integrity BBS Cryptosuite v1.0 * 3.3.4 - Compresses a label map according to the BBS cryptosuite specification * * @param labelMap - Array of label mappings to compress * @returns Object containing compressed label mappings * @throws Error if compression fails or input is invalid */ private static compressLabelMap; /** * https://www.w3.org/TR/vc-di-bbs/#decompresslabelmap * Data Integrity BBS Cryptosuite v1.0 * 3.3.5 - Decompresses a label map according to the BBS cryptosuite specification. * * @param compressedLabelMap - Object containing compressed label mappings as key-value pairs * @returns Array of strings representing the decompressed label map * @throws Error if decompression fails or input is invalid */ private static decompressLabelMap; /** * https://www.w3.org/TR/vc-di-bbs/#serializederivedproofvalue * Data Integrity BBS Cryptosuite v1.0 * 3.3.6 - Serializes a derived proof value according to the BBS cryptosuite specification * * @param bbsProof - The BBS proof to serialize * @param labelMap - Array of label mappings * @param mandatoryIndexes - Array of mandatory statement indexes * @param selectiveIndexes - Array of selectively disclosed statement indexes * @param presentationHeader - Optional BBS presentation header * @param featureOption - The feature option being used (baseline, anonymous_holder_binding, etc) * @param pseudonym - Optional pseudonym value for pseudonym features * @param lengthBBSMessages - Optional length of BBS messages for certain features * @returns Uint8Array containing the serialized derived proof value * @throws Error if serialization fails or feature option is unsupported */ static serializeDerivedProofValue(bbsProof: Uint8Array, labelMap: { [key: string]: string; }, mandatoryIndexes: number[], selectiveIndexes: number[], presentationHeader: Uint8Array, featureOption: string, pseudonym?: string, lengthBBSMessages?: number): string; /** * https://www.w3.org/TR/vc-di-bbs/#parsederivedproofvalue * Data Integrity BBS Cryptosuite v1.0 * 3.3.7 - Parses the components of the derived proof value. * * @param proofValue - The derived proof value string to parse * @returns DerivedProofValue containing the parsed components * @throws Error if parsing fails or proof value is invalid */ private static parseDerivedProofValue; /** * https://www.w3.org/TR/vc-di-bbs/#createverifydata * Data Integrity BBS Cryptosuite v1.0 * 3.3.8 - Creates the data needed to perform verification of a BBS-protected verifiable credential. * * @param document - The JSON-LD document to verify * @param proof - The BBS disclosure proof to verify * @param options - Additional options including document loader * @returns VerifyData containing the data needed for verification * @throws Error if data creation fails or required parameters are missing */ static createVerifyData(document: any, proof: DataIntegrityProof, options: { documentLoader?: (url: string) => Promise<any>; }): Promise<VerifyData>; /** * https://www.w3.org/TR/vc-di-bbs/#create-base-proof-bbs-2023 * Data Integrity BBS Cryptosuite v1.0 * 3.4.1 - Creates a data integrity proof given an unsecured data document. * * @param unsecuredDocument - The unsecured data document to create a proof for * @param options - Proof options containing type, cryptosuite, verificationMethod etc * @param mandatoryPointers - Array of JSON pointers indicating mandatory statements * @param featureOption - Optional feature to use (baseline, anonymous_holder_binding, etc) * @param commitment_with_proof - Optional commitment with proof required for certain features * @returns Promise<DataIntegrityProof> The created proof * @throws Error if proof creation fails */ createBaseProof(unsecuredDocument: any, options: ProofOptions, mandatoryPointers?: string[], featureOption?: string, commitment_with_proof?: Uint8Array): Promise<DataIntegrityProof>; static createProof(document: any, options: ProofOptions): Promise<DataIntegrityProof>; /** * https://www.w3.org/TR/vc-di-bbs/#base-proof-transformation-bbs-2023 * Data Integrity BBS Cryptosuites v1.0 * 3.4.2 - Transforms an unsecured input document into a transformed document ready * to be provided as input to the hashing algorithm. * * @param unsecuredDocument - The unsecured data document to transform * @param options - Transformation options containing type, cryptosuite, verificationMethod and optional mandatoryPointers * @returns Transformed document containing mandatory and non-mandatory statements * @throws Error if transformation fails or options are invalid */ static baseProofTransformation(unsecuredDocument: any, options: TransformationOptions): Promise<{ mandatory: string[]; nonMandatory: string[]; hmacKey: Uint8Array; mandatoryPointers: string[]; }>; /** * https://www.w3.org/TR/vc-di-bbs/#baseproofhashing * Data Integrity BBS Cryptosuites v1.0 * 3.4.3 - Cryptographically hashes a transformed data document and proof configuration * into cryptographic hash data that is ready to be provided as input to baseProofSerialization. * * @param transformedDocument - The transformed document containing mandatory and non-mandatory statements * @param canonicalProofConfig - The canonical proof configuration * @returns HashData containing proofHash and mandatoryHash * @throws Error if hashing fails */ static baseProofHashing(transformedDocument: any, canonicalProofConfig: string): HashData; /** * 3.4.4 - generates a proof configuration from a set of proof options that is used as input to baseProofHashing. * * params: * @param options - ProofOptions * @param context - string[] * @returns Promise<string> */ static baseProofConfiguration(options: ProofOptions, context: string[]): Promise<string>; /** * https://www.w3.org/TR/vc-di-bbs/#base-proof-serialization * Data Integrity BBS Cryptosuite v1.0 * 3.4.5 - Creates a base proof by processing hash data according to feature options * * @param hashData - Hash data containing proofHash, mandatoryPointers, mandatoryHash, etc * @param featureOption - The feature option to use (baseline, anonymous_holder_binding, etc) * @param commitment_with_proof - Optional commitment with proof for certain feature options * @param keypair - The keypair to use for signing * @returns Uint8Array containing the proof value as digital proof * @throws Error if required parameters are missing or signing fails */ baseProofSerialization(hashData: HashData, featureOption: string, commitment_with_proof?: Uint8Array): Promise<Uint8Array>; /** * https://www.w3.org/TR/vc-di-bbs/#add-derived-proof-bbs-2023 * Data Integrity BBS Cryptosuites v1.0 * 3.4.6 - Creates a selective disclosure derived proof from a BBS base proof * * @param document - The JSON-LD document to create a derived proof for * @param proof - The BBS base proof to derive from * @param selectivePointers - Array of JSON pointers indicating statements to selectively disclose * @param featureOption - The feature option to use (baseline, anonymous_holder_binding, etc) * @param options - Additional options including document loader * @param presentationHeader - Optional BBS presentation header * @param holderSecret - Required for anonymous_holder_binding * @param proverBlind - Required for anonymous_holder_binding and pseudonym_hidden_pid * @param verifier_id - Required for pseudonym features * @param pid - Required for pseudonym_hidden_pid * @returns The document with derived proof * @throws Error if proof creation fails or required parameters are missing */ static addDerivedProof(document: any, proof: DataIntegrityProof, selectivePointers: string[], featureOption?: string, options?: { documentLoader?: DocumentLoader; }, presentationHeader?: Uint8Array, holderSecret?: string, proverBlind?: string, verifier_id?: string, pid?: string): Promise<VerifiableCredential>; /** * https://www.w3.org/TR/vc-di-bbs/#verify-derived-proof-bbs-2023 * Data Integrity BBS Cryptosuite v1.0 * 3.4.7 - Verifies a derived proof according to the BBS cryptosuite specification * * @param document - The document containing the derived proof to verify * @param proof - The derived proof to verify * @param options - Additional options including document loader * @returns Promise<{ verified: boolean, verifiedDocument: any | null }> */ static verifyDerivedProof(securedDocument: any, options?: { documentLoader?: DocumentLoader; }): Promise<{ verified: boolean; verifiedDocument: any; }>; /** * Verifies a BBS proof according to the cryptosuite specification * * @param document - The document containing the proof to verify * @param proof - The proof to verify * @param options - Optional verification options * @returns Promise<boolean> indicating if verification succeeded */ static verifyProof(document: Record<string, unknown>, proof: DataIntegrityProof, options?: { documentLoader?: DocumentLoader; }): Promise<VerificationResult>; } export {}; //# sourceMappingURL=bbs.d.ts.map