-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy pathlibanoncreds.h
608 lines (536 loc) · 26.7 KB
/
libanoncreds.h
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310
311
312
313
314
315
316
317
318
319
320
321
322
323
324
325
326
327
328
329
330
331
332
333
334
335
336
337
338
339
340
341
342
343
344
345
346
347
348
349
350
351
352
353
354
355
356
357
358
359
360
361
362
363
364
365
366
367
368
369
370
371
372
373
374
375
376
377
378
379
380
381
382
383
384
385
386
387
388
389
390
391
392
393
394
395
396
397
398
399
400
401
402
403
404
405
406
407
408
409
410
411
412
413
414
415
416
417
418
419
420
421
422
423
424
425
426
427
428
429
430
431
432
433
434
435
436
437
438
439
440
441
442
443
444
445
446
447
448
449
450
451
452
453
454
455
456
457
458
459
460
461
462
463
464
465
466
467
468
469
470
471
472
473
474
475
476
477
478
479
480
481
482
483
484
485
486
487
488
489
490
491
492
493
494
495
496
497
498
499
500
501
502
503
504
505
506
507
508
509
510
511
512
513
514
515
516
517
518
519
520
521
522
523
524
525
526
527
528
529
530
531
532
533
534
535
536
537
538
539
540
541
542
543
544
545
546
547
548
549
550
551
552
553
554
555
556
557
558
559
560
561
562
563
564
565
566
567
568
569
570
571
572
573
574
575
576
577
578
579
580
581
582
583
584
585
586
587
588
589
590
591
592
593
594
595
596
597
598
599
600
601
602
603
604
605
606
607
608
#pragma once
/* Generated with cbindgen:0.26.0 */
/* Warning, this file is autogenerated by cbindgen. Don't modify this manually. */
#include <stdarg.h>
#include <stdbool.h>
#include <stddef.h>
#include <stdint.h>
#include <stdlib.h>
#define MAX_ATTRIBUTES_COUNT 125
enum ErrorCode
#ifdef __cplusplus
: size_t
#endif // __cplusplus
{
Success = 0,
Input = 1,
IOError = 2,
InvalidState = 3,
Unexpected = 4,
CredentialRevoked = 5,
InvalidUserRevocId = 6,
ProofRejected = 7,
RevocationRegistryFull = 8,
};
#ifndef __cplusplus
typedef size_t ErrorCode;
#endif // __cplusplus
/**
* ByteBuffer is a struct that represents an array of bytes to be sent over the FFI boundaries.
* There are several cases when you might want to use this, but the primary one for us
* is for returning protobuf-encoded data to Swift and Java. The type is currently rather
* limited (implementing almost no functionality), however in the future it may be
* more expanded.
*
* ## Caveats
*
* Note that the order of the fields is `len` (an i64) then `data` (a `*mut u8`), getting
* this wrong on the other side of the FFI will cause memory corruption and crashes.
* `i64` is used for the length instead of `u64` and `usize` because JNA has interop
* issues with both these types.
*
* ### `Drop` is not implemented
*
* ByteBuffer does not implement Drop. This is intentional. Memory passed into it will
* be leaked if it is not explicitly destroyed by calling [`ByteBuffer::destroy`], or
* [`ByteBuffer::destroy_into_vec`]. This is for two reasons:
*
* 1. In the future, we may allow it to be used for data that is not managed by
* the Rust allocator\*, and `ByteBuffer` assuming it's okay to automatically
* deallocate this data with the Rust allocator.
*
* 2. Automatically running destructors in unsafe code is a
* [frequent footgun](https://without.boats/blog/two-memory-bugs-from-ringbahn/)
* (among many similar issues across many crates).
*
* Note that calling `destroy` manually is often not needed, as usually you should
* be passing these to the function defined by [`define_bytebuffer_destructor!`] from
* the other side of the FFI.
*
* Because this type is essentially *only* useful in unsafe or FFI code (and because
* the most common usage pattern does not require manually managing the memory), it
* does not implement `Drop`.
*
* \* Note: in the case of multiple Rust shared libraries loaded at the same time,
* there may be multiple instances of "the Rust allocator" (one per shared library),
* in which case we're referring to whichever instance is active for the code using
* the `ByteBuffer`. Note that this doesn't occur on all platforms or build
* configurations, but treating allocators in different shared libraries as fully
* independent is always safe.
*
* ## Layout/fields
*
* This struct's field are not `pub` (mostly so that we can soundly implement `Send`, but also so
* that we can verify rust users are constructing them appropriately), the fields, their types, and
* their order are *very much* a part of the public API of this type. Consumers on the other side
* of the FFI will need to know its layout.
*
* If this were a C struct, it would look like
*
* ```c,no_run
* struct ByteBuffer {
* // Note: This should never be negative, but values above
* // INT64_MAX / i64::MAX are not allowed.
* int64_t len;
* // Note: nullable!
* uint8_t *data;
* };
* ```
*
* In rust, there are two fields, in this order: `len: i64`, and `data: *mut u8`.
*
* For clarity, the fact that the data pointer is nullable means that `Option<ByteBuffer>` is not
* the same size as ByteBuffer, and additionally is not FFI-safe (the latter point is not
* currently guaranteed anyway as of the time of writing this comment).
*
* ### Description of fields
*
* `data` is a pointer to an array of `len` bytes. Note that data can be a null pointer and therefore
* should be checked.
*
* The bytes array is allocated on the heap and must be freed on it as well. Critically, if there
* are multiple rust shared libraries using being used in the same application, it *must be freed
* on the same heap that allocated it*, or you will corrupt both heaps.
*
* Typically, this object is managed on the other side of the FFI (on the "FFI consumer"), which
* means you must expose a function to release the resources of `data` which can be done easily
* using the [`define_bytebuffer_destructor!`] macro provided by this crate.
*/
typedef struct ByteBuffer {
int64_t len;
uint8_t *data;
} ByteBuffer;
typedef size_t ObjectHandle;
/**
* `FfiStr<'a>` is a safe (`#[repr(transparent)]`) wrapper around a
* nul-terminated `*const c_char` (e.g. a C string). Conceptually, it is
* similar to [`std::ffi::CStr`], except that it may be used in the signatures
* of extern "C" functions.
*
* Functions accepting strings should use this instead of accepting a C string
* directly. This allows us to write those functions using safe code without
* allowing safe Rust to cause memory unsafety.
*
* A single function for constructing these from Rust ([`FfiStr::from_raw`])
* has been provided. Most of the time, this should not be necessary, and users
* should accept `FfiStr` in the parameter list directly.
*
* ## Caveats
*
* An effort has been made to make this struct hard to misuse, however it is
* still possible, if the `'static` lifetime is manually specified in the
* struct. E.g.
*
* ```rust,no_run
* # use ffi_support::FfiStr;
* // NEVER DO THIS
* #[no_mangle]
* extern "C" fn never_do_this(s: FfiStr<'static>) {
* // save `s` somewhere, and access it after this
* // function returns.
* }
* ```
*
* Instead, one of the following patterns should be used:
*
* ```
* # use ffi_support::FfiStr;
* #[no_mangle]
* extern "C" fn valid_use_1(s: FfiStr<'_>) {
* // Use of `s` after this function returns is impossible
* }
* // Alternative:
* #[no_mangle]
* extern "C" fn valid_use_2(s: FfiStr) {
* // Use of `s` after this function returns is impossible
* }
* ```
*/
typedef const char *FfiStr;
typedef struct FfiList_FfiStr {
size_t count;
const FfiStr *data;
} FfiList_FfiStr;
typedef struct FfiList_FfiStr FfiStrList;
typedef struct FfiCredRevInfo {
ObjectHandle reg_def;
ObjectHandle reg_def_private;
ObjectHandle status_list;
int64_t reg_idx;
} FfiCredRevInfo;
typedef struct FfiCredentialEntry {
ObjectHandle credential;
int32_t timestamp;
ObjectHandle rev_state;
} FfiCredentialEntry;
typedef struct FfiList_FfiCredentialEntry {
size_t count;
const struct FfiCredentialEntry *data;
} FfiList_FfiCredentialEntry;
typedef struct FfiCredentialProve {
int64_t entry_idx;
FfiStr referent;
int8_t is_predicate;
int8_t reveal;
} FfiCredentialProve;
typedef struct FfiList_FfiCredentialProve {
size_t count;
const struct FfiCredentialProve *data;
} FfiList_FfiCredentialProve;
typedef struct FfiList_ObjectHandle {
size_t count;
const ObjectHandle *data;
} FfiList_ObjectHandle;
typedef struct FfiList_i32 {
size_t count;
const int32_t *data;
} FfiList_i32;
/**
* Optional value for overriding the non-revoked interval in the [`PresentationRequest`]
* This only overrides the `from` value as a Revocation Status List is deemed valid until the next
* entry.
*
* E.g. if the ledger has Revocation Status List at timestamps [0, 100, 200],
* let's call them List0, List100, List200. Then:
*
* ```txt
*
* List0 is valid List100 is valid
* ______|_______ _______|_______
* | | |
* List 0 ----------- 100 ----------- 200
* ```
*
* A `nonrevoked_interval = {from: 50, to: 150}` should accept both List0 and
* List100.
*
*/
typedef struct FfiNonrevokedIntervalOverride {
FfiStr rev_reg_def_id;
/**
* Timestamp in the `PresentationRequest`
*/
int32_t requested_from_ts;
/**
* Timestamp from which verifier accepts,
* should be less than `req_timestamp`
*/
int32_t override_rev_status_list_ts;
} FfiNonrevokedIntervalOverride;
typedef struct FfiList_FfiNonrevokedIntervalOverride {
size_t count;
const struct FfiNonrevokedIntervalOverride *data;
} FfiList_FfiNonrevokedIntervalOverride;
#ifdef __cplusplus
extern "C" {
#endif // __cplusplus
void anoncreds_buffer_free(struct ByteBuffer buffer);
ErrorCode anoncreds_create_credential(ObjectHandle cred_def,
ObjectHandle cred_def_private,
ObjectHandle cred_offer,
ObjectHandle cred_request,
FfiStrList attr_names,
FfiStrList attr_raw_values,
FfiStrList attr_enc_values,
const struct FfiCredRevInfo *revocation,
ObjectHandle *cred_p);
ErrorCode anoncreds_create_credential_definition(FfiStr schema_id,
ObjectHandle schema,
FfiStr tag,
FfiStr issuer_id,
FfiStr signature_type,
int8_t support_revocation,
ObjectHandle *cred_def_p,
ObjectHandle *cred_def_pvt_p,
ObjectHandle *key_proof_p);
ErrorCode anoncreds_create_credential_offer(FfiStr schema_id,
FfiStr cred_def_id,
ObjectHandle key_proof,
ObjectHandle *cred_offer_p);
ErrorCode anoncreds_create_credential_request(FfiStr entropy,
FfiStr prover_did,
ObjectHandle cred_def,
FfiStr link_secret,
FfiStr link_secret_id,
ObjectHandle cred_offer,
ObjectHandle *cred_req_p,
ObjectHandle *cred_req_meta_p);
ErrorCode anoncreds_create_link_secret(const char **link_secret_p);
ErrorCode anoncreds_create_or_update_revocation_state(ObjectHandle rev_reg_def,
ObjectHandle rev_status_list,
int64_t rev_reg_index,
FfiStr tails_path,
ObjectHandle rev_state,
ObjectHandle old_rev_status_list,
ObjectHandle *rev_state_p);
ErrorCode anoncreds_create_presentation(ObjectHandle pres_req,
struct FfiList_FfiCredentialEntry credentials,
struct FfiList_FfiCredentialProve credentials_prove,
FfiStrList self_attest_names,
FfiStrList self_attest_values,
FfiStr link_secret,
struct FfiList_ObjectHandle schemas,
FfiStrList schema_ids,
struct FfiList_ObjectHandle cred_defs,
FfiStrList cred_def_ids,
ObjectHandle *presentation_p);
ErrorCode anoncreds_create_revocation_registry_def(ObjectHandle cred_def,
FfiStr cred_def_id,
FfiStr _issuer_id,
FfiStr tag,
FfiStr rev_reg_type,
int64_t max_cred_num,
FfiStr tails_dir_path,
ObjectHandle *reg_def_p,
ObjectHandle *reg_def_private_p);
ErrorCode anoncreds_create_revocation_status_list(ObjectHandle cred_def,
FfiStr rev_reg_def_id,
ObjectHandle rev_reg_def,
ObjectHandle reg_rev_priv,
FfiStr _issuer_id,
int8_t issuance_by_default,
int64_t timestamp,
ObjectHandle *rev_status_list_p);
ErrorCode anoncreds_create_schema(FfiStr schema_name,
FfiStr schema_version,
FfiStr issuer_id,
FfiStrList attr_names,
ObjectHandle *result_p);
/**
* Create Credential in W3C form according to the specification.
*
* # Params
* cred_def: object handle pointing to the credential definition
* cred_def_private: object handle pointing to the private part of credential definition
* cred_offer: object handle pointing to the credential offer
* cred_request: object handle pointing to the credential request
* attr_names: list of attribute names
* attr_raw_values: list of attribute raw values
* revocation: object handle pointing to the credential revocation info
* w3c_version: version of w3c verifiable credential specification (1.1 or 2.0) to use
* cred_p: reference that will contain credential (in W3C form) instance pointer
*
* # Returns
* Error code
*/
ErrorCode anoncreds_create_w3c_credential(ObjectHandle cred_def,
ObjectHandle cred_def_private,
ObjectHandle cred_offer,
ObjectHandle cred_request,
FfiStrList attr_names,
FfiStrList attr_raw_values,
const struct FfiCredRevInfo *revocation,
FfiStr w3c_version,
ObjectHandle *cred_p);
/**
* Create W3C Presentation according to the specification.
*
* # Params
* pres_req: object handle pointing to presentation request
* credentials: credentials (in W3C form) to use for presentation preparation
* credentials_prove: attributes and predicates to prove per credential
* link_secret: holder link secret
* schemas: list of credential schemas
* schema_ids: list of schemas ids
* cred_defs: list of credential definitions
* cred_def_ids: list of credential definitions ids
* w3c_version: version of w3c verifiable credential specification (1.1 or 2.0) to use
* presentation_p: reference that will contain created presentation (in W3C form) instance pointer.
*
* # Returns
* Error code
*/
ErrorCode anoncreds_create_w3c_presentation(ObjectHandle pres_req,
struct FfiList_FfiCredentialEntry credentials,
struct FfiList_FfiCredentialProve credentials_prove,
FfiStr link_secret,
struct FfiList_ObjectHandle schemas,
FfiStrList schema_ids,
struct FfiList_ObjectHandle cred_defs,
FfiStrList cred_def_ids,
FfiStr w3c_version,
ObjectHandle *presentation_p);
ErrorCode anoncreds_credential_definition_from_json(struct ByteBuffer json, ObjectHandle *result_p);
ErrorCode anoncreds_credential_definition_private_from_json(struct ByteBuffer json,
ObjectHandle *result_p);
ErrorCode anoncreds_credential_from_json(struct ByteBuffer json, ObjectHandle *result_p);
/**
* Convert credential in W3C form into legacy credential form
*
* # Params
* cred: object handle pointing to credential in W3C form to convert
* cred_p: reference that will contain converted credential (in legacy form) instance pointer
*
* # Returns
* Error code
*/
ErrorCode anoncreds_credential_from_w3c(ObjectHandle cred, ObjectHandle *cred_p);
ErrorCode anoncreds_credential_get_attribute(ObjectHandle handle,
FfiStr name,
const char **result_p);
ErrorCode anoncreds_credential_offer_from_json(struct ByteBuffer json, ObjectHandle *result_p);
ErrorCode anoncreds_credential_request_from_json(struct ByteBuffer json, ObjectHandle *result_p);
ErrorCode anoncreds_credential_request_metadata_from_json(struct ByteBuffer json,
ObjectHandle *result_p);
/**
* Convert credential in legacy form into W3C AnonCreds credential form
*
* # Params
* cred: object handle pointing to credential in legacy form to convert
* issuer_id: issuer_id of the credential. Can be extracted from the cred_def and will be used as the `issuer` field in the w3c credential
* w3c_version: version of w3c verifiable credential specification (1.1 or 2.0) to use
* cred_p: reference that will contain converted credential (in W3C form) instance pointer
*
* # Returns
* Error code
*/
ErrorCode anoncreds_credential_to_w3c(ObjectHandle cred,
FfiStr issuer_id,
FfiStr w3c_version,
ObjectHandle *cred_p);
ErrorCode anoncreds_encode_credential_attributes(FfiStrList attr_raw_values, const char **result_p);
ErrorCode anoncreds_generate_nonce(const char **nonce_p);
ErrorCode anoncreds_get_current_error(const char **error_json_p);
ErrorCode anoncreds_key_correctness_proof_from_json(struct ByteBuffer json, ObjectHandle *result_p);
void anoncreds_object_free(ObjectHandle handle);
ErrorCode anoncreds_object_get_json(ObjectHandle handle, struct ByteBuffer *result_p);
ErrorCode anoncreds_object_get_type_name(ObjectHandle handle, const char **result_p);
ErrorCode anoncreds_presentation_from_json(struct ByteBuffer json, ObjectHandle *result_p);
ErrorCode anoncreds_presentation_request_from_json(struct ByteBuffer json, ObjectHandle *result_p);
ErrorCode anoncreds_process_credential(ObjectHandle cred,
ObjectHandle cred_req_metadata,
FfiStr link_secret,
ObjectHandle cred_def,
ObjectHandle rev_reg_def,
ObjectHandle *cred_p);
/**
* Process an incoming W3C credential received from the issuer.
*
* # Params
* cred: object handle pointing to the credential in W3C form
* cred_req_metadata: object handle pointing to the credential request metadata
* link_secret: holder link secret
* cred_def: object handle pointing to the credential definition
* rev_reg_def: object handle pointing to the revocation registry definition
* cred_p: reference that will contain credential (in W3C form) instance pointer
*
* # Returns
* Error code
*/
ErrorCode anoncreds_process_w3c_credential(ObjectHandle cred,
ObjectHandle cred_req_metadata,
FfiStr link_secret,
ObjectHandle cred_def,
ObjectHandle rev_reg_def,
ObjectHandle *cred_p);
ErrorCode anoncreds_revocation_registry_definition_from_json(struct ByteBuffer json,
ObjectHandle *result_p);
ErrorCode anoncreds_revocation_registry_definition_get_attribute(ObjectHandle handle,
FfiStr name,
const char **result_p);
ErrorCode anoncreds_revocation_registry_definition_private_from_json(struct ByteBuffer json,
ObjectHandle *result_p);
ErrorCode anoncreds_revocation_registry_from_json(struct ByteBuffer json, ObjectHandle *result_p);
ErrorCode anoncreds_revocation_state_from_json(struct ByteBuffer json, ObjectHandle *result_p);
ErrorCode anoncreds_revocation_status_list_from_json(struct ByteBuffer json,
ObjectHandle *result_p);
ErrorCode anoncreds_schema_from_json(struct ByteBuffer json, ObjectHandle *result_p);
ErrorCode anoncreds_set_default_logger(void);
/**
* Public destructor for strings managed by the other side of the FFI.
*
* # Safety
*
* This will free the string pointer it gets passed in as an argument,
* and thus can be wildly unsafe if misused.
*
* See the documentation of `ffi_support::destroy_c_string` and
* `ffi_support::define_string_destructor!` for further info.
*/
void anoncreds_string_free(char *s);
ErrorCode anoncreds_update_revocation_status_list(ObjectHandle cred_def,
ObjectHandle rev_reg_def,
ObjectHandle rev_reg_priv,
ObjectHandle rev_current_list,
struct FfiList_i32 issued,
struct FfiList_i32 revoked,
int64_t timestamp,
ObjectHandle *new_rev_status_list_p);
ErrorCode anoncreds_update_revocation_status_list_timestamp_only(int64_t timestamp,
ObjectHandle rev_current_list,
ObjectHandle *rev_status_list_p);
ErrorCode anoncreds_verify_presentation(ObjectHandle presentation,
ObjectHandle pres_req,
struct FfiList_ObjectHandle schemas,
FfiStrList schema_ids,
struct FfiList_ObjectHandle cred_defs,
FfiStrList cred_def_ids,
struct FfiList_ObjectHandle rev_reg_defs,
FfiStrList rev_reg_def_ids,
struct FfiList_ObjectHandle rev_status_list,
struct FfiList_FfiNonrevokedIntervalOverride nonrevoked_interval_override,
int8_t *result_p);
/**
* Verity W3C styled Presentation
*
* # Params
* presentation: object handle pointing to presentation
* pres_req: object handle pointing to presentation request
* schemas: list of credential schemas
* schema_ids: list of schemas ids
* cred_defs: list of credential definitions
* cred_def_ids: list of credential definitions ids
* rev_reg_defs: list of revocation definitions
* rev_reg_def_ids: list of revocation definitions ids
* rev_status_list: revocation status list
* nonrevoked_interval_override: not-revoked interval
* result_p: reference that will contain presentation verification result.
*
* # Returns
* Error code
*/
ErrorCode anoncreds_verify_w3c_presentation(ObjectHandle presentation,
ObjectHandle pres_req,
struct FfiList_ObjectHandle schemas,
FfiStrList schema_ids,
struct FfiList_ObjectHandle cred_defs,
FfiStrList cred_def_ids,
struct FfiList_ObjectHandle rev_reg_defs,
FfiStrList rev_reg_def_ids,
struct FfiList_ObjectHandle rev_status_list,
struct FfiList_FfiNonrevokedIntervalOverride nonrevoked_interval_override,
int8_t *result_p);
char *anoncreds_version(void);
ErrorCode anoncreds_w3c_credential_from_json(struct ByteBuffer json, ObjectHandle *result_p);
/**
* Get credential signature information required for proof building and verification
* This information is aggregated from `anoncredsvc-2023` and `anoncredspresvc-2023` proofs.
* It's needed for Holder and Verifier for public entities resolving
* {`schema_id`, `cred_def_id`, `rev_reg_id`, `rev_reg_index`, `timestamp`}
*
* # Params
* handle: object handle pointing to the credential (in W3 form)
* cred_proof_info_p: reference that will contain credential information
*
* # Returns
* Error code
*/
ErrorCode anoncreds_w3c_credential_get_integrity_proof_details(ObjectHandle handle,
ObjectHandle *cred_proof_info_p);
ErrorCode anoncreds_w3c_credential_proof_get_attribute(ObjectHandle handle,
FfiStr name,
const char **result_p);
ErrorCode anoncreds_w3c_presentation_from_json(struct ByteBuffer json, ObjectHandle *result_p);
#ifdef __cplusplus
} // extern "C"
#endif // __cplusplus