keep credential status encoding to be non-constant time to prevent br…

…eaking older credentials Signed-off-by: lovesh <[email protected]>
docknetwork · Jul 17, 2024 · 51c7897 · 51c7897
1 parent 98787fa
commit 51c7897
Show file tree

Hide file tree

Showing 30 changed files with 41 additions and 35 deletions.
diff --git a/src/anonymous-credentials/blinded-credential-request-builder.ts b/src/anonymous-credentials/blinded-credential-request-builder.ts
@@ -511,7 +511,8 @@ export abstract class BlindedCredentialRequestBuilder<SigParams> extends Version
     if (this._statusToBlind !== undefined) {
       const name = `${STATUS_STR}.${REV_ID_STR}`;
       const index = flattenedSchema[0].indexOf(name);
-      encodedAttributes.set(index, schema.encoder.encodeMessageConstantTime(name, this._statusToBlind[REV_ID_STR]));
+      // Keeping the encoding non-constant time to not break older credentials. This needs to be fixed
+      encodedAttributes.set(index, schema.encoder.encodeMessage(name, this._statusToBlind[REV_ID_STR]));
       attrNameToIndex.set(name, index);
       attributesWithoutVals[name] = null;
       unBlindedAttributes = {

diff --git a/src/anonymous-credentials/presentation-builder.ts b/src/anonymous-credentials/presentation-builder.ts
@@ -593,7 +593,8 @@ export class PresentationBuilder extends Versioned {
           accumulated: s[1],
           extra: s[3]
         };
-        const encodedRevId = useConstantTimeEncoding ? schema.encoder.encodeMessageConstantTime(`${STATUS_STR}.${REV_ID_STR}`, cred.credentialStatus[REV_ID_STR]) : schema.encoder.encodeMessage(`${STATUS_STR}.${REV_ID_STR}`, cred.credentialStatus[REV_ID_STR]);
+        // Keeping the encoding non-constant time to not break older credentials. This needs to be fixed
+        const encodedRevId = schema.encoder.encodeMessage(`${STATUS_STR}.${REV_ID_STR}`, cred.credentialStatus[REV_ID_STR]);
         credStatusAux.push([
           credIndex,
           cred.credentialStatus[TYPE_STR],

diff --git a/src/anonymous-credentials/schema.ts b/src/anonymous-credentials/schema.ts
@@ -605,6 +605,11 @@ export class CredentialSchema extends Versioned {
       encoders.set(SCHEMA_STR, defaultEncoder);
     }
 
+    // Overwrite encoder of status field to not break older credentials. This needs to be fixed at some point
+    if (encoders.has(`${STATUS_STR}.${REV_ID_STR}`)) {
+      encoders.set(`${STATUS_STR}.${REV_ID_STR}`, Encoder.defaultEncodeFunc())
+    }
+
     // Only supply default encoder if user requests to use defaults
     this.encoder = new Encoder(encoders, this.parsingOptions.useDefaults ? defaultEncoder : undefined);
   }

diff --git a/tests/anonymous-credentials/presentation.spec.ts b/tests/anonymous-credentials/presentation.spec.ts
@@ -1,5 +1,4 @@
 import { generateRandomFieldElement } from 'crypto-wasm-new';
-import fs from 'fs';
 import {
   AccumulatorPublicKey,
   AccumulatorSecretKey, areUint8ArraysEqual,
@@ -64,7 +63,7 @@ import {
   getExampleSchema,
   getKeys,
   setupPrefilledAccum,
-  verifyCred, writeSerializedObject
+  verifyCred,
 } from './utils';
 import exp = require('node:constants');
 

diff --git a/tests/anonymous-credentials/serialized-credential.spec.ts b/tests/anonymous-credentials/serialized-credential.spec.ts
@@ -43,8 +43,8 @@ describe(`${Scheme} Credential creation and verification from JSON`, () => {
       const revEncFunc = semver.gte(credVersion, '0.7.0') ? cred.schema.encoder.encodeMessageConstantTime : cred.schema.encoder.encodeMessage;
       if (i === 3) {
         const accPkBin = fs.readFileSync(`${__dirname}/serialized-objects/accumulator_pk.bin`);
-        const accWitBin = semver.gte(credVersion, '0.7.0') ? fs.readFileSync(`${__dirname}/serialized-objects/accumulator_witness_const_time.bin`) : fs.readFileSync(`${__dirname}/serialized-objects/accumulator_witness.bin`);
-        const accVal = semver.gte(credVersion, '0.7.0') ? fs.readFileSync(`${__dirname}/serialized-objects/accumulator_value_const_time.bin`) : fs.readFileSync(`${__dirname}/serialized-objects/accumulator_value.bin`);
+        const accWitBin = semver.gte(credVersion, '0.7.0') ? fs.readFileSync(`${__dirname}/serialized-objects/accumulator_witness.bin`) : fs.readFileSync(`${__dirname}/serialized-objects/accumulator_witness.bin`);
+        const accVal = semver.gte(credVersion, '0.7.0') ? fs.readFileSync(`${__dirname}/serialized-objects/accumulator_value.bin`) : fs.readFileSync(`${__dirname}/serialized-objects/accumulator_value.bin`);
         accPk = AccumulatorPublicKey.fromBytes(accPkBin);
         const accWit = new VBMembershipWitness(accWitBin);
         const accum = new PositiveAccumulator({value: accVal, params: dockAccumulatorParams()});
@@ -55,8 +55,8 @@ describe(`${Scheme} Credential creation and verification from JSON`, () => {
       }
       if (i === 4) {
         const accPkBin = fs.readFileSync(`${__dirname}/serialized-objects/accumulator_pk4.bin`);
-        const accWitBin = semver.gte(credVersion, '0.7.0') ? fs.readFileSync(`${__dirname}/serialized-objects/accumulator_witness4_const_time.bin`) : fs.readFileSync(`${__dirname}/serialized-objects/accumulator_witness4.bin`);
-        const accVal = semver.gte(credVersion, '0.7.0') ? fs.readFileSync(`${__dirname}/serialized-objects/accumulator_value4_const_time.bin`) : fs.readFileSync(`${__dirname}/serialized-objects/accumulator_value4.bin`);
+        const accWitBin = semver.gte(credVersion, '0.7.0') ? fs.readFileSync(`${__dirname}/serialized-objects/accumulator_witness4.bin`) : fs.readFileSync(`${__dirname}/serialized-objects/accumulator_witness4.bin`);
+        const accVal = semver.gte(credVersion, '0.7.0') ? fs.readFileSync(`${__dirname}/serialized-objects/accumulator_value4.bin`) : fs.readFileSync(`${__dirname}/serialized-objects/accumulator_value4.bin`);
         accPk4 = AccumulatorPublicKey.fromBytes(accPkBin);
         const accWit = new VBMembershipWitness(accWitBin);
         const accum = new PositiveAccumulator({value: accVal, params: dockAccumulatorParams()});

diff --git a/tests/anonymous-credentials/serialized-objects/bbdt16-presentation-0.9.0.json b/tests/anonymous-credentials/serialized-objects/bbdt16-presentation-0.9.0.json
diff --git a/tests/anonymous-credentials/serialized-objects/bbdt16_credential1-0.7.0.json b/tests/anonymous-credentials/serialized-objects/bbdt16_credential1-0.7.0.json
@@ -1 +1 @@
-{"cryptoVersion":"0.7.0","credentialSchema":{"id":"data:application/json;charset=utf-8,","type":"JsonSchemaValidator2018","version":"0.5.0","details":"{\"jsonSchema\":{\"$schema\":\"http://json-schema.org/draft-07/schema#\",\"definitions\":{\"encryptableCompString\":{\"type\":\"string\"},\"encryptableString\":{\"type\":\"string\"}},\"properties\":{\"credentialSubject\":{\"properties\":{\"BMI\":{\"minimum\":0,\"multipleOf\":0.01,\"type\":\"number\"},\"SSN\":{\"$ref\":\"#/definitions/encryptableString\"},\"city\":{\"type\":\"string\"},\"country\":{\"type\":\"string\"},\"email\":{\"type\":\"string\"},\"fname\":{\"type\":\"string\"},\"height\":{\"minimum\":0,\"multipleOf\":0.1,\"type\":\"number\"},\"lname\":{\"type\":\"string\"},\"score\":{\"minimum\":-100,\"multipleOf\":0.1,\"type\":\"number\"},\"secret\":{\"type\":\"string\"},\"timeOfBirth\":{\"minimum\":0,\"type\":\"integer\"},\"userId\":{\"$ref\":\"#/definitions/encryptableCompString\"},\"weight\":{\"minimum\":0,\"multipleOf\":0.1,\"type\":\"number\"}},\"type\":\"object\"},\"proof\":{\"properties\":{\"type\":{\"type\":\"string\"}},\"type\":\"object\"}},\"type\":\"object\"},\"parsingOptions\":{\"defaultDecimalPlaces\":0,\"defaultMinimumDate\":-17592186044415,\"defaultMinimumInteger\":-4294967295,\"useDefaults\":false}}"},"credentialSubject":{"fname":"John","lname":"Smith","email":"[email protected]","SSN":"123-456789-0","userId":"user:123-xyz-#","country":"USA","city":"New York","timeOfBirth":1662010849619,"height":181.5,"weight":210.4,"BMI":23.25,"score":-13.5,"secret":"my-secret-that-wont-tell-anyone"},"proof":{"type":"Bls12381BBDT16MACDock2024","proofValue":"SYdh21D8qNH8m6Zp2d8HYRdna29rcR2LHrvTubzLbotAwLWEH9WNK8K4oaxW9yykG63Tjc3vp2Zt7NrSn53xvmHevSXLWGd3oVASxBCaKqKHUkTmh4oHokaJaVDKgqwt1bvWVsCY47nXgEwJt7pAVRdvq"}}
+{"cryptoVersion":"0.7.0","credentialSchema":{"id":"data:application/json;charset=utf-8,","type":"JsonSchemaValidator2018","version":"0.5.0","details":"{\"jsonSchema\":{\"$schema\":\"http://json-schema.org/draft-07/schema#\",\"definitions\":{\"encryptableCompString\":{\"type\":\"string\"},\"encryptableString\":{\"type\":\"string\"}},\"properties\":{\"credentialSubject\":{\"properties\":{\"BMI\":{\"minimum\":0,\"multipleOf\":0.01,\"type\":\"number\"},\"SSN\":{\"$ref\":\"#/definitions/encryptableString\"},\"city\":{\"type\":\"string\"},\"country\":{\"type\":\"string\"},\"email\":{\"type\":\"string\"},\"fname\":{\"type\":\"string\"},\"height\":{\"minimum\":0,\"multipleOf\":0.1,\"type\":\"number\"},\"lname\":{\"type\":\"string\"},\"score\":{\"minimum\":-100,\"multipleOf\":0.1,\"type\":\"number\"},\"secret\":{\"type\":\"string\"},\"timeOfBirth\":{\"minimum\":0,\"type\":\"integer\"},\"userId\":{\"$ref\":\"#/definitions/encryptableCompString\"},\"weight\":{\"minimum\":0,\"multipleOf\":0.1,\"type\":\"number\"}},\"type\":\"object\"},\"proof\":{\"properties\":{\"type\":{\"type\":\"string\"}},\"type\":\"object\"}},\"type\":\"object\"},\"parsingOptions\":{\"defaultDecimalPlaces\":0,\"defaultMinimumDate\":-17592186044415,\"defaultMinimumInteger\":-4294967295,\"useDefaults\":false}}"},"credentialSubject":{"fname":"John","lname":"Smith","email":"[email protected]","SSN":"123-456789-0","userId":"user:123-xyz-#","country":"USA","city":"New York","timeOfBirth":1662010849619,"height":181.5,"weight":210.4,"BMI":23.25,"score":-13.5,"secret":"my-secret-that-wont-tell-anyone"},"proof":{"type":"Bls12381BBDT16MACDock2024","proofValue":"ZGyG7MQrQvWs8cLYphyW6MTD86gPSG73EQKJ7RgHNZ8adscJ73gVwQ4nPqFfFbGub5QBi5iyWtKYqow6DosAdg6An4F6PcYkRqcvWcuVLitHy5si4PtTdQtb1XsiXmsoF2zBToATx94dwnhaW8LG3FFhE"}}
diff --git a/tests/anonymous-credentials/serialized-objects/bbdt16_credential2-0.7.0.json b/tests/anonymous-credentials/serialized-objects/bbdt16_credential2-0.7.0.json
@@ -1 +1 @@
-{"cryptoVersion":"0.7.0","credentialSchema":{"id":"data:application/json;charset=utf-8,","type":"JsonSchemaValidator2018","version":"0.5.0","details":"{\"jsonSchema\":{\"$schema\":\"http://json-schema.org/draft-07/schema#\",\"definitions\":{\"encryptableCompString\":{\"type\":\"string\"},\"encryptableString\":{\"type\":\"string\"}},\"properties\":{\"credentialSubject\":{\"properties\":{\"fname\":{\"type\":\"string\"},\"isbool\":{\"type\":\"boolean\"},\"lname\":{\"type\":\"string\"},\"location\":{\"properties\":{\"city\":{\"type\":\"string\"},\"country\":{\"type\":\"string\"}},\"type\":\"object\"},\"physical\":{\"properties\":{\"BMI\":{\"minimum\":0,\"multipleOf\":0.01,\"type\":\"number\"},\"height\":{\"minimum\":0,\"multipleOf\":0.1,\"type\":\"number\"},\"weight\":{\"minimum\":0,\"multipleOf\":0.1,\"type\":\"number\"}},\"type\":\"object\"},\"score\":{\"minimum\":-100,\"multipleOf\":0.1,\"type\":\"number\"},\"sensitive\":{\"properties\":{\"SSN\":{\"$ref\":\"#/definitions/encryptableString\"},\"email\":{\"type\":\"string\"},\"secret\":{\"type\":\"string\"},\"userId\":{\"$ref\":\"#/definitions/encryptableCompString\"}},\"type\":\"object\"},\"timeOfBirth\":{\"minimum\":0,\"type\":\"integer\"}},\"type\":\"object\"},\"proof\":{\"properties\":{\"type\":{\"type\":\"string\"}},\"type\":\"object\"}},\"type\":\"object\"},\"parsingOptions\":{\"defaultDecimalPlaces\":0,\"defaultMinimumDate\":-17592186044415,\"defaultMinimumInteger\":-4294967295,\"useDefaults\":false}}"},"credentialSubject":{"fname":"John","lname":"Smith","isbool":true,"sensitive":{"secret":"my-secret-that-wont-tell-anyone","email":"[email protected]","SSN":"123-456789-0","userId":"user:123-xyz-#"},"location":{"country":"USA","city":"New York"},"timeOfBirth":1662010849619,"physical":{"height":181.5,"weight":210,"BMI":23.25},"score":-13.5},"proof":{"type":"Bls12381BBDT16MACDock2024","proofValue":"RZZQMAgNiS1LgJCAUx6QMeosiszTk8qEUY8uBagTtATdfeSeYaA61iqPoDde9QBrdd231bbjnnTNyLiim4WZj4bM1SzKv3xkamw5CDY5PK1EPyhRJ66qLRCqrH3d3vPt1g2TFvUzt7jNV3ZvErfsSgTHw"}}
+{"cryptoVersion":"0.7.0","credentialSchema":{"id":"data:application/json;charset=utf-8,","type":"JsonSchemaValidator2018","version":"0.5.0","details":"{\"jsonSchema\":{\"$schema\":\"http://json-schema.org/draft-07/schema#\",\"definitions\":{\"encryptableCompString\":{\"type\":\"string\"},\"encryptableString\":{\"type\":\"string\"}},\"properties\":{\"credentialSubject\":{\"properties\":{\"fname\":{\"type\":\"string\"},\"isbool\":{\"type\":\"boolean\"},\"lname\":{\"type\":\"string\"},\"location\":{\"properties\":{\"city\":{\"type\":\"string\"},\"country\":{\"type\":\"string\"}},\"type\":\"object\"},\"physical\":{\"properties\":{\"BMI\":{\"minimum\":0,\"multipleOf\":0.01,\"type\":\"number\"},\"height\":{\"minimum\":0,\"multipleOf\":0.1,\"type\":\"number\"},\"weight\":{\"minimum\":0,\"multipleOf\":0.1,\"type\":\"number\"}},\"type\":\"object\"},\"score\":{\"minimum\":-100,\"multipleOf\":0.1,\"type\":\"number\"},\"sensitive\":{\"properties\":{\"SSN\":{\"$ref\":\"#/definitions/encryptableString\"},\"email\":{\"type\":\"string\"},\"secret\":{\"type\":\"string\"},\"userId\":{\"$ref\":\"#/definitions/encryptableCompString\"}},\"type\":\"object\"},\"timeOfBirth\":{\"minimum\":0,\"type\":\"integer\"}},\"type\":\"object\"},\"proof\":{\"properties\":{\"type\":{\"type\":\"string\"}},\"type\":\"object\"}},\"type\":\"object\"},\"parsingOptions\":{\"defaultDecimalPlaces\":0,\"defaultMinimumDate\":-17592186044415,\"defaultMinimumInteger\":-4294967295,\"useDefaults\":false}}"},"credentialSubject":{"fname":"John","lname":"Smith","isbool":true,"sensitive":{"secret":"my-secret-that-wont-tell-anyone","email":"[email protected]","SSN":"123-456789-0","userId":"user:123-xyz-#"},"location":{"country":"USA","city":"New York"},"timeOfBirth":1662010849619,"physical":{"height":181.5,"weight":210,"BMI":23.25},"score":-13.5},"proof":{"type":"Bls12381BBDT16MACDock2024","proofValue":"bmmenNYXjPNaZ3RArxpME4ev9jUvp98BSivuL6myVNjwxHXA1se27RnNgndJoyJPay3H7omJiXHjqE6YL8TruyB2bEUCG2n61QzTQfitgJH6gVNumznNMDNeWv5x3qMCr4HTiHFGmWtsMVFgNuYFyyKcV"}}
diff --git a/tests/anonymous-credentials/serialized-objects/bbdt16_credential3-0.7.0.json b/tests/anonymous-credentials/serialized-objects/bbdt16_credential3-0.7.0.json
@@ -1 +1 @@
-{"cryptoVersion":"0.7.0","credentialSchema":{"id":"data:application/json;charset=utf-8,","type":"JsonSchemaValidator2018","version":"0.5.0","details":"{\"jsonSchema\":{\"$schema\":\"http://json-schema.org/draft-07/schema#\",\"definitions\":{\"encryptableCompString\":{\"type\":\"string\"},\"encryptableString\":{\"type\":\"string\"}},\"properties\":{\"credentialStatus\":{\"properties\":{\"id\":{\"type\":\"string\"},\"revocationCheck\":{\"type\":\"string\"},\"revocationId\":{\"type\":\"string\"},\"type\":{\"type\":\"string\"}},\"type\":\"object\"},\"credentialSubject\":{\"properties\":{\"fname\":{\"type\":\"string\"},\"lessSensitive\":{\"properties\":{\"department\":{\"properties\":{\"location\":{\"properties\":{\"geo\":{\"properties\":{\"lat\":{\"minimum\":-90,\"multipleOf\":0.001,\"type\":\"number\"},\"long\":{\"minimum\":-180,\"multipleOf\":0.001,\"type\":\"number\"}},\"type\":\"object\"},\"name\":{\"type\":\"string\"}},\"type\":\"object\"},\"name\":{\"type\":\"string\"}},\"type\":\"object\"},\"location\":{\"properties\":{\"city\":{\"type\":\"string\"},\"country\":{\"type\":\"string\"}},\"type\":\"object\"}},\"type\":\"object\"},\"lname\":{\"type\":\"string\"},\"rank\":{\"minimum\":0,\"type\":\"integer\"},\"sensitive\":{\"properties\":{\"SSN\":{\"$ref\":\"#/definitions/encryptableString\"},\"email\":{\"type\":\"string\"},\"phone\":{\"type\":\"string\"},\"very\":{\"properties\":{\"secret\":{\"type\":\"string\"}},\"type\":\"object\"}},\"type\":\"object\"}},\"type\":\"object\"},\"proof\":{\"properties\":{\"type\":{\"type\":\"string\"}},\"type\":\"object\"}},\"type\":\"object\"},\"parsingOptions\":{\"defaultDecimalPlaces\":0,\"defaultMinimumDate\":-17592186044415,\"defaultMinimumInteger\":-4294967295,\"useDefaults\":false}}"},"credentialSubject":{"fname":"John","lname":"Smith","sensitive":{"very":{"secret":"my-secret-that-wont-tell-anyone"},"email":"[email protected]","phone":"801009801","SSN":"123-456789-0"},"lessSensitive":{"location":{"country":"USA","city":"New York"},"department":{"name":"Random","location":{"name":"Somewhere","geo":{"lat":-23.658,"long":2.556}}}},"rank":6},"credentialStatus":{"type":"DockVBAccumulator2022","id":"dock:accumulator:accumId123","revocationCheck":"membership","revocationId":"user:A-123"},"proof":{"type":"Bls12381BBDT16MACDock2024","proofValue":"TAUnE6nupiVrRyVPUgHR2jAH1AxmE6gNFPRWtm1sLq1qLprbWPczCzGfk8aj5ip3mjBdBtRDahqkzJUdqRL8BTC4tEG4rWYTgMeoBRbP9oFQwk2CWeeFtpZjv17KzjJNVezQdamQgk1h1DJH7czxqt9yj"}}
+{"cryptoVersion":"0.7.0","credentialSchema":{"id":"data:application/json;charset=utf-8,","type":"JsonSchemaValidator2018","version":"0.5.0","details":"{\"jsonSchema\":{\"$schema\":\"http://json-schema.org/draft-07/schema#\",\"definitions\":{\"encryptableCompString\":{\"type\":\"string\"},\"encryptableString\":{\"type\":\"string\"}},\"properties\":{\"credentialStatus\":{\"properties\":{\"id\":{\"type\":\"string\"},\"revocationCheck\":{\"type\":\"string\"},\"revocationId\":{\"type\":\"string\"},\"type\":{\"type\":\"string\"}},\"type\":\"object\"},\"credentialSubject\":{\"properties\":{\"fname\":{\"type\":\"string\"},\"lessSensitive\":{\"properties\":{\"department\":{\"properties\":{\"location\":{\"properties\":{\"geo\":{\"properties\":{\"lat\":{\"minimum\":-90,\"multipleOf\":0.001,\"type\":\"number\"},\"long\":{\"minimum\":-180,\"multipleOf\":0.001,\"type\":\"number\"}},\"type\":\"object\"},\"name\":{\"type\":\"string\"}},\"type\":\"object\"},\"name\":{\"type\":\"string\"}},\"type\":\"object\"},\"location\":{\"properties\":{\"city\":{\"type\":\"string\"},\"country\":{\"type\":\"string\"}},\"type\":\"object\"}},\"type\":\"object\"},\"lname\":{\"type\":\"string\"},\"rank\":{\"minimum\":0,\"type\":\"integer\"},\"sensitive\":{\"properties\":{\"SSN\":{\"$ref\":\"#/definitions/encryptableString\"},\"email\":{\"type\":\"string\"},\"phone\":{\"type\":\"string\"},\"very\":{\"properties\":{\"secret\":{\"type\":\"string\"}},\"type\":\"object\"}},\"type\":\"object\"}},\"type\":\"object\"},\"proof\":{\"properties\":{\"type\":{\"type\":\"string\"}},\"type\":\"object\"}},\"type\":\"object\"},\"parsingOptions\":{\"defaultDecimalPlaces\":0,\"defaultMinimumDate\":-17592186044415,\"defaultMinimumInteger\":-4294967295,\"useDefaults\":false}}"},"credentialSubject":{"fname":"John","lname":"Smith","sensitive":{"very":{"secret":"my-secret-that-wont-tell-anyone"},"email":"[email protected]","phone":"801009801","SSN":"123-456789-0"},"lessSensitive":{"location":{"country":"USA","city":"New York"},"department":{"name":"Random","location":{"name":"Somewhere","geo":{"lat":-23.658,"long":2.556}}}},"rank":6},"credentialStatus":{"type":"DockVBAccumulator2022","id":"dock:accumulator:accumId123","revocationCheck":"membership","revocationId":"user:A-123"},"proof":{"type":"Bls12381BBDT16MACDock2024","proofValue":"SzRVJBkFmjYw2nTWHceYaUo31ZR1SNrBL87HemGiSFLyBY1EWQEBqFe9EDLJsR8Tzz59MvHPkrmxpWxLR3jGRGssfcNaLz8667VcUmPjgxyWe9U19EqMFGQCxJNnc1HqqeunGBBCyPoQTmHj6q5pkZ3K4"}}