tap-agent 0.7.0

Rust implementation of the Transaction Authorization Protocol (TAP)
Documentation 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237

//! Message types and utilities for the TAP Agent.
//!
//! This module provides constants and types for working with TAP messages,
//! including security modes and message type identifiers.

use base64::{engine::general_purpose, Engine};
use serde::de::{self, MapAccess, Visitor};
use serde::ser::SerializeMap;
use serde::{Deserialize, Deserializer, Serialize, Serializer};

/// Decode a base64-encoded string, accepting both standard base64 and base64url (with or without padding).
pub fn base64_decode_flexible(input: &str) -> Result<Vec<u8>, base64::DecodeError> {
    general_purpose::URL_SAFE_NO_PAD
        .decode(input)
        .or_else(|_| general_purpose::URL_SAFE.decode(input))
        .or_else(|_| general_purpose::STANDARD.decode(input))
        .or_else(|_| general_purpose::STANDARD_NO_PAD.decode(input))
}

/// Security mode for message packing and unpacking.
///
/// Defines the level of protection applied to messages:
/// - `Plain`: No encryption or signing (insecure, only for testing)
/// - `Signed`: Message is signed but not encrypted (integrity protected)
/// - `AuthCrypt`: Message is authenticated and encrypted (confidentiality + integrity, sender revealed)
/// - `AnonCrypt`: Message is anonymously encrypted (confidentiality only, sender hidden)
/// - `Any`: Accept any security mode when unpacking (only used for receiving)
#[derive(Debug, Clone, Copy, PartialEq, Eq)]
pub enum SecurityMode {
    /// Plaintext - no encryption or signatures
    Plain,
    /// Signed - message is signed but not encrypted
    Signed,
    /// Authenticated and Encrypted - message is both signed and encrypted (sender revealed)
    AuthCrypt,
    /// Anonymous Encrypted - message is encrypted but not signed (sender hidden)
    AnonCrypt,
    /// Any security mode - used for unpacking when any mode is acceptable
    Any,
}

/// Message type identifiers used by the TAP Protocol
/// These constant strings are used to identify different message types
/// in the TAP protocol communications.
/// Type identifier for Presentation messages
pub const PRESENTATION_MESSAGE_TYPE: &str = "https://tap.rsvp/schema/1.0#Presentation";

pub const DIDCOMM_SIGNED: &str = "application/didcomm-signed+json";
pub const DIDCOMM_ENCRYPTED: &str = "application/didcomm-encrypted+json";

// JWS-related types

/// JWS (JSON Web Signature) supporting both General and Flattened serializations per RFC 7515.
///
/// When serializing:
/// - Single signature: uses Flattened JWS format (`protected`, `payload`, `signature` at top level)
/// - Multiple signatures: uses General JWS format (`payload`, `signatures` array)
///
/// When deserializing: accepts both formats.
#[derive(Debug)]
pub struct Jws {
    pub payload: String,
    pub signatures: Vec<JwsSignature>,
}

impl Serialize for Jws {
    fn serialize<S: Serializer>(&self, serializer: S) -> std::result::Result<S::Ok, S::Error> {
        if self.signatures.len() == 1 {
            // Flattened JWS: { "protected", "payload", "signature" }
            let sig = &self.signatures[0];
            let mut map = serializer.serialize_map(Some(3))?;
            map.serialize_entry("payload", &self.payload)?;
            map.serialize_entry("protected", &sig.protected)?;
            map.serialize_entry("signature", &sig.signature)?;
            map.end()
        } else {
            // General JWS: { "payload", "signatures": [...] }
            let mut map = serializer.serialize_map(Some(2))?;
            map.serialize_entry("payload", &self.payload)?;
            map.serialize_entry("signatures", &self.signatures)?;
            map.end()
        }
    }
}

impl<'de> Deserialize<'de> for Jws {
    fn deserialize<D: Deserializer<'de>>(deserializer: D) -> std::result::Result<Self, D::Error> {
        struct JwsVisitor;

        impl<'de> Visitor<'de> for JwsVisitor {
            type Value = Jws;

            fn expecting(&self, formatter: &mut std::fmt::Formatter) -> std::fmt::Result {
                formatter.write_str("a JWS in General or Flattened serialization")
            }

            fn visit_map<M: MapAccess<'de>>(
                self,
                mut map: M,
            ) -> std::result::Result<Jws, M::Error> {
                let mut payload: Option<String> = None;
                let mut signatures: Option<Vec<JwsSignature>> = None;
                // Flattened fields
                let mut protected: Option<String> = None;
                let mut signature: Option<String> = None;

                while let Some(key) = map.next_key::<String>()? {
                    match key.as_str() {
                        "payload" => payload = Some(map.next_value()?),
                        "signatures" => signatures = Some(map.next_value()?),
                        "protected" => protected = Some(map.next_value()?),
                        "signature" => signature = Some(map.next_value()?),
                        _ => {
                            let _: serde_json::Value = map.next_value()?;
                        }
                    }
                }

                let payload = payload.ok_or_else(|| de::Error::missing_field("payload"))?;

                // Prefer General format if "signatures" is present
                if let Some(sigs) = signatures {
                    Ok(Jws {
                        payload,
                        signatures: sigs,
                    })
                } else if let (Some(prot), Some(sig)) = (protected, signature) {
                    // Flattened format
                    Ok(Jws {
                        payload,
                        signatures: vec![JwsSignature {
                            protected: prot,
                            signature: sig,
                        }],
                    })
                } else {
                    Err(de::Error::custom(
                        "JWS must have either 'signatures' array or 'protected'+'signature' fields",
                    ))
                }
            }
        }

        deserializer.deserialize_map(JwsVisitor)
    }
}

#[derive(Serialize, Deserialize, Debug)]
pub struct JwsSignature {
    pub protected: String,
    pub signature: String,
}

// Structure for decoded JWS protected field
#[derive(Serialize, Deserialize, Debug, Clone)]
pub struct JwsProtected {
    #[serde(default = "default_didcomm_signed")]
    pub typ: String,
    pub alg: String,
    pub kid: String,
}

// Helper function for JwsProtected typ default
fn default_didcomm_signed() -> String {
    DIDCOMM_SIGNED.to_string()
}

impl JwsSignature {
    /// Extracts the kid (key identifier) from the protected header
    pub fn get_kid(&self) -> Option<String> {
        if let Ok(protected_bytes) = base64_decode_flexible(&self.protected) {
            if let Ok(protected) = serde_json::from_slice::<JwsProtected>(&protected_bytes) {
                return Some(protected.kid);
            }
        }
        None
    }

    /// Decodes and returns the protected header
    pub fn get_protected_header(&self) -> Result<JwsProtected, Box<dyn std::error::Error>> {
        let protected_bytes = base64_decode_flexible(&self.protected)?;
        let protected = serde_json::from_slice::<JwsProtected>(&protected_bytes)?;
        Ok(protected)
    }
}
// JWE-related types

#[derive(Serialize, Deserialize, Debug)]
pub struct Jwe {
    pub ciphertext: String,
    pub protected: String,
    pub recipients: Vec<JweRecipient>,
    pub tag: String,
    pub iv: String,
}

#[derive(Serialize, Deserialize, Debug)]
pub struct JweRecipient {
    pub encrypted_key: String,
    pub header: JweHeader,
}

#[derive(Serialize, Deserialize, Debug)]
pub struct JweHeader {
    pub kid: String,
    #[serde(skip_serializing_if = "Option::is_none")]
    pub sender_kid: Option<String>,
}

// Structure for decoded JWE protected field
#[derive(Serialize, Deserialize, Debug)]
pub struct JweProtected {
    pub epk: EphemeralPublicKey,
    #[serde(default, skip_serializing_if = "String::is_empty")]
    pub apv: String,
    #[serde(default, skip_serializing_if = "String::is_empty")]
    pub apu: String,
    #[serde(default = "default_didcomm_encrypted")]
    pub typ: String,
    pub enc: String,
    pub alg: String,
}

// Helper function for JweProtected typ default
fn default_didcomm_encrypted() -> String {
    DIDCOMM_ENCRYPTED.to_string()
}

// Enum to handle different ephemeral public key types
#[derive(Serialize, Deserialize, Debug)]
#[serde(tag = "kty")]
pub enum EphemeralPublicKey {
    #[serde(rename = "EC")]
    Ec { crv: String, x: String, y: String },
    #[serde(rename = "OKP")]
    Okp { crv: String, x: String },
}