From 4b1a05844a1d553c9ba9d0361682e8ce27e6efda Mon Sep 17 00:00:00 2001
From: Arnaud Mimart <33665250+amimart@users.noreply.github.com>
Date: Fri, 2 Feb 2024 10:58:26 +0100
Subject: [PATCH] fix(dataverse): consider proof options in signed message

---
 .../okp4-dataverse/src/credential/crypto.rs   | 10 ++++---
 .../okp4-dataverse/src/credential/proof.rs    | 26 +++++++++++++++++--
 contracts/okp4-dataverse/src/credential/vc.rs |  3 ++-
 .../testdata/proof-ed255192020-options.nq     |  4 +++
 4 files changed, 37 insertions(+), 6 deletions(-)
 create mode 100644 contracts/okp4-dataverse/testdata/proof-ed255192020-options.nq

diff --git a/contracts/okp4-dataverse/src/credential/crypto.rs b/contracts/okp4-dataverse/src/credential/crypto.rs
index fbe3de5d..848e8f2b 100644
--- a/contracts/okp4-dataverse/src/credential/crypto.rs
+++ b/contracts/okp4-dataverse/src/credential/crypto.rs
@@ -34,12 +34,16 @@ impl From<(CanonicalizationAlg, DigestAlg, SignatureAlg)> for CryptoSuite {
 impl CryptoSuite {
     pub fn verify_document(
         &self,
-        unsecured_document: &[Quad<'_>],
+        unsecured_doc: &[Quad<'_>],
+        proof_opts: &[Quad<'_>],
         proof_value: &[u8],
         pub_key: &[u8],
     ) -> Result<bool, VerificationError> {
-        let transformed_document = self.canonicalize(unsecured_document)?;
-        let hash = self.hash(transformed_document);
+        let unsecured_doc_canon = self.canonicalize(unsecured_doc)?;
+        let proof_opts_canon = self.canonicalize(proof_opts)?;
+
+        let hash = [self.hash(proof_opts_canon), self.hash(unsecured_doc_canon)].concat();
+
         self.verify(&hash, proof_value, pub_key)
     }
 
diff --git a/contracts/okp4-dataverse/src/credential/proof.rs b/contracts/okp4-dataverse/src/credential/proof.rs
index daaa5964..93b1380a 100644
--- a/contracts/okp4-dataverse/src/credential/proof.rs
+++ b/contracts/okp4-dataverse/src/credential/proof.rs
@@ -6,7 +6,7 @@ use crate::credential::rdf_marker::{
 };
 use itertools::Itertools;
 use okp4_rdf::dataset::{Dataset, QuadIterator};
-use rio_api::model::{GraphName, Literal, Term};
+use rio_api::model::{GraphName, Literal, Quad, Term};
 
 #[derive(Debug, PartialEq)]
 pub enum Proof<'a> {
@@ -39,12 +39,18 @@ impl<'a> Proof<'a> {
         }
     }
 
-    pub fn value(&'a self) -> &'a [u8] {
+    pub fn signature(&'a self) -> &'a [u8] {
         match self {
             Proof::Ed25519Signature2020(p) => &p.value,
         }
     }
 
+    pub fn options(&'a self) -> &'a [Quad<'a>] {
+        match self {
+            Proof::Ed25519Signature2020(p) => p.options.as_ref(),
+        }
+    }
+
     fn extract_verification_method(
         dataset: &'a Dataset<'a>,
         proof_graph: GraphName<'a>,
@@ -193,6 +199,7 @@ pub struct Ed25519Signature2020Proof<'a> {
     created: &'a str,
     purpose: ProofPurpose,
     value: Vec<u8>,
+    options: Dataset<'a>,
 }
 
 impl<'a> TryFrom<(&'a Dataset<'a>, GraphName<'a>)> for Ed25519Signature2020Proof<'a> {
@@ -211,6 +218,17 @@ impl<'a> TryFrom<(&'a Dataset<'a>, GraphName<'a>)> for Ed25519Signature2020Proof
             created: Proof::extract_created(dataset, proof_graph)?,
             purpose: p_purpose.into(),
             value: p_value,
+            options: Dataset::new(
+                dataset
+                    .skip_pattern(
+                        None,
+                        Some(PROOF_RDF_PROOF_VALUE),
+                        None,
+                        Some(Some(proof_graph)),
+                    )
+                    .map(|quad| *quad)
+                    .collect(),
+            ),
         })
     }
 }
@@ -289,6 +307,9 @@ mod test {
 
     #[test]
     fn proof_from_dataset() {
+        let quads = testutil::read_test_quads("proof-ed255192020-options.nq");
+        let proof_ok_options = Dataset::from(quads.as_slice());
+
         let cases: Vec<(&str, Result<Proof<'_>, InvalidProofError>)> = vec![
             (
                 "proof-ed255192020-ok.nq",
@@ -301,6 +322,7 @@ mod test {
                     },
                     purpose: ProofPurpose::AssertionMethod,
                     value: BASE64_STANDARD.decode("371GN4kfgVEWv3/QY9qx1buNm9gYJGWgYOgMSVKOsnoJekPoQV2fjqR+3XMjd3avpQlARFyD/3a0J5tUS4aBCQ==").unwrap(),
+                    options: proof_ok_options,
                 })),
             ),
             (
diff --git a/contracts/okp4-dataverse/src/credential/vc.rs b/contracts/okp4-dataverse/src/credential/vc.rs
index d275b1d4..85ba39a3 100644
--- a/contracts/okp4-dataverse/src/credential/vc.rs
+++ b/contracts/okp4-dataverse/src/credential/vc.rs
@@ -83,7 +83,8 @@ impl<'a> VerifiableCredential<'a> {
         let crypto_suite = proof.crypto_suite();
         crypto_suite.verify_document(
             self.unsecured_document.as_ref(),
-            proof.value(),
+            proof.options(),
+            proof.signature(),
             proof.pub_key(),
         )
     }
diff --git a/contracts/okp4-dataverse/testdata/proof-ed255192020-options.nq b/contracts/okp4-dataverse/testdata/proof-ed255192020-options.nq
new file mode 100644
index 00000000..e40227b6
--- /dev/null
+++ b/contracts/okp4-dataverse/testdata/proof-ed255192020-options.nq
@@ -0,0 +1,4 @@
+_:b1 <http://purl.org/dc/terms/created> "2023-11-29T10:07:56Z"^^<http://www.w3.org/2001/XMLSchema#dateTime> _:b0 .
+_:b1 <http://www.w3.org/1999/02/22-rdf-syntax-ns#type> <https://w3id.org/security#Ed25519Signature2020> _:b0 .
+_:b1 <https://w3id.org/security#proofPurpose> <https://w3id.org/security#assertionMethod> _:b0 .
+_:b1 <https://w3id.org/security#verificationMethod> <did:key:z6MkqxFfjh6HNFuNSGmqVDJxL4fcdbcBco7CNHBLjEo125wu#z6MkqxFfjh6HNFuNSGmqVDJxL4fcdbcBco7CNHBLjEo125wu> _:b0 .