Iron ECDSA SD 2023 Signature Suite

An implementation of the W3C ECDSA SD 2023 in Java.

Features

• W3C ECDSA SD Signature 2023
  • Verifier, Issuer, Holder
  • Key pair generator
  • P-256 (secp256r1), P-384 (secp384r1) [planned]
• VC HTTP API & Service

Installation

Maven

Java 17+

<dependency>
    <groupId>com.apicatalog</groupId>
    <artifactId>iron-ecdsa-sd-2023</artifactId>
    <version>0.14.0</version>
</dependency>

<dependency>
    <groupId>com.apicatalog</groupId>
    <artifactId>iron-verifiable-credentials</artifactId>
    <version>0.14.0</version>
</dependency>

Gradle

Android 12+ (API Level 31+)

implementation("com.apicatalog:iron-ecdsa-sd-2023-jre8:0.14.0")
implementation("com.apicatalog:iron-verifiable-credentials-jre8:0.14.0")

Verifier

// create a new verifier instance
static Verifier VERIFIER = Verifier.with(new ECDSASelective2023())
    // options
    .loader(...)
    .statusValidator(...)
    .subjectValidator(...);

try {
  // verify the given input proof(s)
  var verifiable = VERIFIER.verify(credential|presentation);
  
  // or with runtime parameters e.g. domain, challenge, etc.
  var verifiable = VERIFIER.verify(credential|presentation, parameters);
  
  // get verified details
  verifiable.subject()
  verifiable.id()
  verifiable.type()
  // ...
  
} catch (VerificationError | DocumentError e) {
  ...
}

Issuer

// create a signature suite static instance
static SignatureSuite SUITE = new ECDSASelective2023();

// create a new issuer instance
Issuer ISSUER = SUITE.createIssuer(keyPairProvider)
  // options
  .loader(...);
    
try {
  // create a new proof draft using P-256
  var draft = SUITE.createP256Draft(verificationMethod, purpose);
  // mandatory pointers
  draft.selectors(...); 
  
  // keys
  draft.proofKeys(proofKeys);
  draft.hmacKey(hmacKey);
  // or generate the keys
  draft.useGeneratedHmacKey(32);
  draft.useGeneratedProofKeys();
  
  // custom options
  draft.created(...);
  draft.domain(...);
  ...

  // issue a new verifiable, i.e. sign the input and add a new proof
  var verifiable = ISSUER.sign(credential|presentation, draft).compacted();
  
} catch (SigningError | DocumentError e) {
  ...
}

Holder

// create a signature suite static instance
static SignatureSuite SUITE = new ECDSASelective2023();

// create a new issuer instance
Holder HOLDER = Holder.with(SUITE);
  // options
  .loader(...);
    
try {

  // derive a new verifiable disclosing only selected claims
  var verifiable = HOLDER.derive(credential|presentation, selectors).compacted();
  
} catch (SigningError | DocumentError e) {
  ...
}

Documentation

Contributing

All PR's welcome!

Building

Fork and clone the project repository.

Java 17

> cd iron-ecdsa-sd-2023
> mvn clean package

Java 8

> cd iron-ecdsa-sd-2023
> mvn -f pom_jre8.xml clean package

Resources

• W3C ECDSA SD 2023
• Iron Verifiable Credentials

Sponsors

Commercial Support

Commercial support is available at filip26@gmail.com