baseid_mdl/

lifecycle.rs

//! mdoc implementation of the unified credential lifecycle traits.
//!
//! `MdocLifecycle` implements `CredentialIssuer`, `CredentialVerifier`, and
//! `CredentialPresenter` for the ISO 18013-5 mdoc format. Predicates are not
//! supported and return `UnsupportedPredicate`.

use std::collections::BTreeMap;

use baseid_core::claims::{ClaimDisclosure, ClaimSet, DisclosureSelection};
use baseid_core::error::{CredentialError, CryptoError, SerializationError};
use baseid_core::lifecycle::{
    CredentialIssuer, CredentialPresenter, CredentialVerifier, IssuanceOptions, IssuedCredential,
    PresentationOptions, PresentedCredential, RevocationStatus, VerificationOutcome,
};
use baseid_core::types::CredentialFormat;
use baseid_crypto::signer::{Signer, Verifier};
use serde::{Deserialize, Serialize};

use sha2::{Digest, Sha256};

use crate::mdoc::{DataElement, MobileDocument};
use crate::mso::{MobileSecurityObject, ValidityInfo};

/// Wire format for an issued mdoc credential.
///
/// Matches the ISO 18013-5 `IssuerSigned` structure:
/// - `doc_type`: the document type string
/// - `namespaces`: the CBOR-encoded namespaces
/// - `issuer_auth`: the COSE_Sign1 bytes (signed MSO)
#[derive(Debug, Clone, Serialize, Deserialize)]
struct IssuerSigned {
    #[serde(rename = "docType")]
    doc_type: String,
    namespaces: BTreeMap<String, Vec<DataElement>>,
    #[serde(rename = "issuerAuth")]
    issuer_auth: Vec<u8>,
}

/// mdoc credential lifecycle implementation.
///
/// Wraps COSE_Sign1 signing/verification and MSO digest operations behind
/// the unified lifecycle traits.
pub struct MdocLifecycle<'a> {
    signer: &'a dyn Signer,
    verifier: &'a dyn Verifier,
    doc_type: String,
}

impl<'a> MdocLifecycle<'a> {
    /// Create a new mdoc lifecycle handler.
    ///
    /// # Arguments
    /// * `signer` - Key for signing (issuance)
    /// * `verifier` - Key for verification
    /// * `doc_type` - Document type (e.g., `"org.iso.18013.5.1.mDL"`)
    pub fn new(signer: &'a dyn Signer, verifier: &'a dyn Verifier, doc_type: &str) -> Self {
        Self {
            signer,
            verifier,
            doc_type: doc_type.to_string(),
        }
    }

    /// Derive the default namespace from the doc_type.
    ///
    /// For `"org.iso.18013.5.1.mDL"`, returns `"org.iso.18013.5.1"`.
    fn default_namespace(&self) -> String {
        // Strip trailing ".mDL" or similar suffix
        if let Some(pos) = self.doc_type.rfind('.') {
            self.doc_type[..pos].to_string()
        } else {
            self.doc_type.clone()
        }
    }
}

impl CredentialIssuer for MdocLifecycle<'_> {
    fn format(&self) -> CredentialFormat {
        CredentialFormat::Mdl
    }

    fn issue(
        &self,
        issuer_did: &str,
        subject_did: Option<&str>,
        claims: &ClaimSet,
        options: &IssuanceOptions,
    ) -> baseid_core::Result<IssuedCredential> {
        let default_ns = self.default_namespace();
        let mut namespaces: BTreeMap<String, Vec<DataElement>> = BTreeMap::new();

        // Convert ClaimSet → MobileDocument namespaces
        for (ns_key, ns_claims) in claims.namespaces() {
            // Map default namespace ("") to the doc_type-derived namespace
            let target_ns = if ns_key.is_empty() {
                default_ns.clone()
            } else {
                ns_key.to_string()
            };

            let elements: Vec<DataElement> = ns_claims
                .iter()
                .map(|(name, value)| DataElement {
                    identifier: name.clone(),
                    value: value.clone(),
                })
                .collect();

            namespaces.entry(target_ns).or_default().extend(elements);
        }

        let doc = MobileDocument {
            doc_type: self.doc_type.clone(),
            namespaces: namespaces.clone(),
        };

        // Build validity info from options
        let now = options
            .valid_from
            .clone()
            .unwrap_or_else(|| "2024-01-01T00:00:00Z".to_string());
        let valid_until = options
            .valid_until
            .clone()
            .unwrap_or_else(|| "2099-12-31T23:59:59Z".to_string());

        let validity = ValidityInfo {
            signed: now.clone(),
            valid_from: now,
            valid_until,
        };

        // Create MSO and sign it
        let mso = MobileSecurityObject::create(&doc, validity)?;
        let issuer_auth = crate::cose::sign_mso(&mso, self.signer)?;

        // Package as IssuerSigned CBOR
        let issuer_signed = IssuerSigned {
            doc_type: self.doc_type.clone(),
            namespaces,
            issuer_auth,
        };

        let mut cbor_bytes = Vec::new();
        ciborium::into_writer(&issuer_signed, &mut cbor_bytes)
            .map_err(|_| SerializationError::Cbor)?;

        Ok(IssuedCredential {
            data: cbor_bytes,
            format: CredentialFormat::Mdl,
            id: options.credential_id.clone(),
            issuer: issuer_did.to_string(),
            subject: subject_did.map(|s| s.to_string()),
        })
    }
}

impl CredentialVerifier for MdocLifecycle<'_> {
    fn format(&self) -> CredentialFormat {
        CredentialFormat::Mdl
    }

    fn verify(&self, credential_data: &[u8]) -> baseid_core::Result<VerificationOutcome> {
        // 1. Deserialize the IssuerSigned CBOR structure
        let issuer_signed: IssuerSigned =
            ciborium::from_reader(credential_data).map_err(|_| SerializationError::Cbor)?;

        // 2. Verify COSE_Sign1 signature and extract MSO
        let mso = crate::cose::verify_signed_mso(&issuer_signed.issuer_auth, self.verifier)?;

        // 3. Verify element digests (supports selective disclosure)
        //    Each present element's CBOR hash must match some digest in the MSO
        //    for that namespace. Missing elements are OK (selective disclosure).
        if mso.doc_type != issuer_signed.doc_type {
            return Err(CryptoError::VerificationFailed.into());
        }

        for (ns_key, elements) in &issuer_signed.namespaces {
            let mso_entries = mso
                .value_digests
                .get(ns_key)
                .ok_or(CryptoError::VerificationFailed)?;

            // Collect MSO digests for quick lookup
            let mso_digests: Vec<&[u8]> = mso_entries.iter().map(|e| e.digest.as_slice()).collect();

            for element in elements {
                let cbor = element.to_cbor()?;
                let hash = Sha256::digest(&cbor);
                if !mso_digests.iter().any(|d| *d == &hash[..]) {
                    return Err(CryptoError::VerificationFailed.into());
                }
            }
        }

        // 4. Convert MobileDocument → ClaimSet
        let default_ns = self.default_namespace();
        let mut claim_set = ClaimSet::new();

        for (ns_key, elements) in &issuer_signed.namespaces {
            // Map doc_type-derived namespace back to default ("")
            let claim_ns = if *ns_key == default_ns {
                ""
            } else {
                ns_key.as_str()
            };

            for element in elements {
                claim_set.insert(claim_ns, &element.identifier, element.value.clone());
            }
        }

        // Extract validity info
        let valid_until = Some(mso.validity_info.valid_until.clone());

        Ok(VerificationOutcome {
            valid: true,
            format: CredentialFormat::Mdl,
            issuer: String::new(), // mdoc doesn't carry issuer DID in the MSO
            subject: None,
            claims: claim_set,
            unlinkable: false,
            predicates_verified: vec![],
            valid_until,
            revocation_status: RevocationStatus::NotChecked,
        })
    }
}

impl CredentialPresenter for MdocLifecycle<'_> {
    fn format(&self) -> CredentialFormat {
        CredentialFormat::Mdl
    }

    fn present(
        &self,
        credential_data: &[u8],
        disclosure: &DisclosureSelection,
        _options: &PresentationOptions,
    ) -> baseid_core::Result<PresentedCredential> {
        // mdoc does not support predicates
        if disclosure.has_predicates() {
            return Err(CredentialError::UnsupportedPredicate.into());
        }

        // Deserialize the issued credential
        let issuer_signed: IssuerSigned =
            ciborium::from_reader(credential_data).map_err(|_| SerializationError::Cbor)?;

        let default_ns = self.default_namespace();

        // Apply selective disclosure at element level within namespaces
        let mut filtered_namespaces: BTreeMap<String, Vec<DataElement>> = BTreeMap::new();

        for (ns_key, elements) in &issuer_signed.namespaces {
            let mut kept = Vec::new();

            for element in elements {
                // Check namespaced disclosure first, then default namespace
                let namespaced_disc = disclosure.get(ns_key, &element.identifier);
                let default_disc = if *ns_key == default_ns {
                    disclosure.get("", &element.identifier)
                } else {
                    None
                };

                let disc = namespaced_disc.or(default_disc);

                match disc {
                    Some(ClaimDisclosure::Hide) => {
                        // Omit this element
                    }
                    Some(ClaimDisclosure::Reveal) | None => {
                        // Include: explicitly revealed or not mentioned (default include)
                        kept.push(element.clone());
                    }
                    Some(ClaimDisclosure::Predicate(_)) => {
                        // Should not reach here — checked above
                        return Err(CredentialError::UnsupportedPredicate.into());
                    }
                }
            }

            if !kept.is_empty() {
                filtered_namespaces.insert(ns_key.clone(), kept);
            }
        }

        // Re-serialize with filtered namespaces + original issuerAuth
        let presented = IssuerSigned {
            doc_type: issuer_signed.doc_type,
            namespaces: filtered_namespaces,
            issuer_auth: issuer_signed.issuer_auth,
        };

        let mut cbor_bytes = Vec::new();
        ciborium::into_writer(&presented, &mut cbor_bytes).map_err(|_| SerializationError::Cbor)?;

        Ok(PresentedCredential {
            data: cbor_bytes,
            format: CredentialFormat::Mdl,
            unlinkable: false,
        })
    }
}

#[cfg(test)]
mod tests {
    use super::*;
    use baseid_core::claims::PredicateType;
    use baseid_core::types::KeyType;
    use baseid_crypto::KeyPair;
    use serde_json::json;

    fn setup() -> (KeyPair, ClaimSet) {
        let kp = KeyPair::generate(KeyType::Ed25519).unwrap();
        let mut claims = ClaimSet::new();
        claims.insert("", "family_name", json!("Doe"));
        claims.insert("", "given_name", json!("John"));
        claims.insert("", "document_number", json!("DL-123456"));
        claims.insert("", "birth_date", json!("1990-01-15"));
        (kp, claims)
    }

    fn make_lifecycle(kp: &KeyPair) -> MdocLifecycle<'_> {
        MdocLifecycle::new(kp, &kp.public, "org.iso.18013.5.1.mDL")
    }

    #[test]
    fn issue_and_verify() {
        let (kp, claims) = setup();
        let lifecycle = make_lifecycle(&kp);

        let issued = lifecycle
            .issue(
                "did:key:issuer",
                Some("did:key:holder"),
                &claims,
                &IssuanceOptions::default(),
            )
            .unwrap();

        assert_eq!(issued.format, CredentialFormat::Mdl);
        assert_eq!(issued.issuer, "did:key:issuer");
        assert_eq!(issued.subject, Some("did:key:holder".to_string()));

        let outcome = lifecycle.verify(&issued.data).unwrap();
        assert!(outcome.valid);
        assert_eq!(outcome.format, CredentialFormat::Mdl);
        assert_eq!(outcome.claims.get("", "family_name"), Some(&json!("Doe")));
        assert_eq!(outcome.claims.get("", "given_name"), Some(&json!("John")));
        assert_eq!(
            outcome.claims.get("", "document_number"),
            Some(&json!("DL-123456"))
        );
        assert!(!outcome.unlinkable);
    }

    #[test]
    fn issue_with_namespaced_claims() {
        let kp = KeyPair::generate(KeyType::Ed25519).unwrap();
        let lifecycle = make_lifecycle(&kp);

        let mut claims = ClaimSet::new();
        claims.insert("org.iso.18013.5.1", "family_name", json!("Smith"));
        claims.insert("org.iso.18013.5.1", "given_name", json!("Alice"));
        claims.insert("org.iso.18013.5.1.aamva", "DHS_compliance", json!("F"));

        let issued = lifecycle
            .issue("did:key:issuer", None, &claims, &IssuanceOptions::default())
            .unwrap();

        let outcome = lifecycle.verify(&issued.data).unwrap();
        assert!(outcome.valid);
        // Default mdoc namespace maps back to "" in ClaimSet
        assert_eq!(outcome.claims.get("", "family_name"), Some(&json!("Smith")));
        assert_eq!(outcome.claims.get("", "given_name"), Some(&json!("Alice")));
        // Non-default namespaces are preserved as-is
        assert_eq!(
            outcome
                .claims
                .get("org.iso.18013.5.1.aamva", "DHS_compliance"),
            Some(&json!("F"))
        );
    }

    #[test]
    fn present_selective_disclosure() {
        let (kp, claims) = setup();
        let lifecycle = make_lifecycle(&kp);

        let issued = lifecycle
            .issue(
                "did:key:issuer",
                Some("did:key:holder"),
                &claims,
                &IssuanceOptions::default(),
            )
            .unwrap();

        // Reveal only name, hide document_number and birth_date
        let disclosure = DisclosureSelection::new()
            .reveal("family_name")
            .reveal("given_name")
            .hide("document_number")
            .hide("birth_date");

        let presented = lifecycle
            .present(&issued.data, &disclosure, &PresentationOptions::default())
            .unwrap();

        assert_eq!(presented.format, CredentialFormat::Mdl);
        assert!(!presented.unlinkable);

        // Verify the presentation — only revealed claims present
        let outcome = lifecycle.verify(&presented.data).unwrap();
        assert!(outcome.valid);
        assert_eq!(outcome.claims.get("", "family_name"), Some(&json!("Doe")));
        assert_eq!(outcome.claims.get("", "given_name"), Some(&json!("John")));
        assert_eq!(outcome.claims.get("", "document_number"), None);
        assert_eq!(outcome.claims.get("", "birth_date"), None);
    }

    #[test]
    fn predicate_returns_unsupported() {
        let (kp, claims) = setup();
        let lifecycle = make_lifecycle(&kp);

        let issued = lifecycle
            .issue("did:key:issuer", None, &claims, &IssuanceOptions::default())
            .unwrap();

        let disclosure = DisclosureSelection::new()
            .reveal("family_name")
            .predicate("birth_date", PredicateType::LessThan(json!("2008-03-01")));

        let result = lifecycle.present(&issued.data, &disclosure, &PresentationOptions::default());
        assert!(result.is_err());

        let err = result.unwrap_err();
        assert!(
            format!("{err}").contains("Predicate"),
            "Error should mention predicate: {err}"
        );
    }

    #[test]
    fn issuance_with_options() {
        let (kp, claims) = setup();
        let lifecycle = make_lifecycle(&kp);

        let opts = IssuanceOptions {
            credential_id: Some("urn:uuid:mdl-1234".to_string()),
            types: vec!["mDL".to_string()],
            valid_from: Some("2024-01-01T00:00:00Z".to_string()),
            valid_until: Some("2025-01-01T00:00:00Z".to_string()),
            status: None,
        };

        let issued = lifecycle
            .issue("did:key:issuer", Some("did:key:holder"), &claims, &opts)
            .unwrap();

        assert_eq!(issued.id, Some("urn:uuid:mdl-1234".to_string()));

        let outcome = lifecycle.verify(&issued.data).unwrap();
        assert_eq!(
            outcome.valid_until,
            Some("2025-01-01T00:00:00Z".to_string())
        );
    }

    #[test]
    fn format_method() {
        let kp = KeyPair::generate(KeyType::Ed25519).unwrap();
        let lifecycle = make_lifecycle(&kp);

        assert_eq!(CredentialIssuer::format(&lifecycle), CredentialFormat::Mdl);
        assert_eq!(
            CredentialVerifier::format(&lifecycle),
            CredentialFormat::Mdl
        );
        assert_eq!(
            CredentialPresenter::format(&lifecycle),
            CredentialFormat::Mdl
        );
    }
}