DVS (Designated Verifier Signature) scheme allows a client entity to sign a message/document which could be verified only by the designated verifier. The signatures are produces on the user’s side either by the JS Client Library as described in this article or the mobile applications using the Android and iOS SDKs.
You can read more about DVS in the concepts section.
# What Can Be Signed
We will be using the term ‘document’ in this article to represent the data that will be cryptographically signed. This however does not mean there are restrictions on the type of data that you want to sign. DVS can be used on any blob of data as the signature will be produced for the hash digest of the data rather than the raw value itself. On top of what you will traditionally consider a document, you can also sign any type of transaction, like a transfer of financial funds or a representation of a write operation to be stored in an audit log.
It is important to note that the usage of a hash digests instead of the raw data also means that the actual value of what is being signed will never be transmitted to the MIRACL Trust platform. This holds true for all parts of the process - both signing and verification.
# Implementation
In order to create and verify signatures you need to:
- Integrate the DVS JS Client library in your web frontend and/or integrate the Android/iOS SDK in your mobile application.
- Alter the endpoint that you have in your backend for creation of the document to return a SHA256 hash digest of the document and timestamp of creation and return those in the response.
- Invoke the sign method of the library/SDK to produce the signature.
- Create an endpoint in your backend, which will accept the signature data and verify it against the MIRACL Trust platform as described in Signature Verification.
# JS Client Library
# Installation
In order to sign documents in the browser, you need to include the MIRACL Trust DVS client library and related CSS served from our CDN.
<link rel="stylesheet" type="text/css" href="https://cdn.mpin.io/dvs/css/dvs.css" media="screen"/>
<script type="text/javascript" src="https://cdn.mpin.io/dvs/dvs.client.min.js"></script>
# Usage
Before using the DVS client library, you need to configure and initialize it.
var dvs = new DVS({
userId: "test@example.com",
clientId: "{{ ClientID }}",
redirectURI: "http://127.0.0.1/login",
pinPolicy: "same"
});
dvs.init(function () {
// You can call the sign method here.
});
Specifying the value same for pinPolicy means that the user will use the
same PIN for signing documents and for authentication. This means that there is
no need to manually manage the identity used for signing with the
hasIdentity, createIdentity and deleteIdentity methods of the library.
If not set to same you will have to additionaly create the signing identity:
dvs.hasIdentity(function success() {
// User already has an identity.
}, function fail() {
dvs.createIdentity(function success(data) {
// The user now has an identity and can sign documents.
}, function fail(error) {
// Creation was not successful.
console.error(error);
});
});
After you have ensured that user has a signing identity either by using
pinPolicy: "same" or creating one by invoking createIdentity, you can call
the sign method. This will produce a cryptographic signature of the provided
document, which you will be able to store and verify:
dvs.sign({
doc: "This is a test document for signing",
hash: "a85675951451ebbcccb4c4d1a41dfe6cbf0f037ef505ffccd3d314930b3d7316",
timestamp: 1608300866
}, function success(signature) {
// The signature was created successfully.
// You can now send it to your backend for verification.
console.log(signature);
}, function fail(error){
// The signing was not successful.
// This can happen if the user entered a wrong PIN or
// there was a malicious attempt to temper with the signing.
});
You can see a full list of configuration options in the MIRACL Trust DVS JS Reference.
# Examples
<!DOCTYPE html>
<html>
<head>
<title>DVS Same PIN</title>
<link rel="stylesheet" type="text/css" href="https://cdn.mpin.io/dvs/css/dvs.css" media="screen"/>
<script type="text/javascript" src="https://cdn.mpin.io/dvs/dvs.client.min.js"></script>
</head>
<body>
<script type="text/javascript">
var dvs = new DVS({
userId: "test@example.com",
clientId: "{{ ClientID }}",
redirectURI: "http://127.0.0.1/login",
pinPolicy: "same"
});
dvs.init(function () {
dvs.sign({
doc: "This is a test document for signing",
hash: "a85675951451ebbcccb4c4d1a41dfe6cbf0f037ef505ffccd3d314930b3d7316",
timestamp: 1608300866
}, function success(signature) {
console.log(signature);
}, function fail(error){
console.error(error);
});
});
</script>
</body>
</html>
<!DOCTYPE html>
<html>
<head>
<title>DVS Different PINs</title>
<link rel="stylesheet" type="text/css" href="https://cdn.mpin.io/dvs/css/dvs.css" media="screen"/>
<script type="text/javascript" src="https://cdn.mpin.io/dvs/dvs.client.min.js"></script>
</head>
<body>
<script type="text/javascript">
var dvs = new DVS({
userId: "test@example.com",
clientId: "{{ ClientID }}",
redirectURI: "http://127.0.0.1/login",
pinPolicy: "different"
});
function signExample() {
console.info("Start signing");
dvs.sign({
doc: "This is a test document for signing",
hash: "a85675951451ebbcccb4c4d1a41dfe6cbf0f037ef505ffccd3d314930b3d7316",
timestamp: 1608300866
}, function success(signature) {
console.info("Successful signature:");
console.log(signature);
}, function fail(error){
console.error(error);
});
}
dvs.init(function () {
dvs.hasIdentity(function success() {
signExample();
}, function fail() {
console.info("Start registration");
dvs.createIdentity(function success(data) {
console.info("Successful registration:");
console.log(data);
signExample();
}, function fail(error) {
console.error(error);
});
});
});
</script>
</body>
</html>
# Signature Verification
Signature verification is done by making a request to the /dvs/verify endpoint
of the MIRACL Trust platform from your backend. If the verification is successful
in the response you will receive a certificate in the form of a signed JWT (JSON
Web Token). The payload of the request must contain the signature object
produced from the client library, the timestamp of the signing (must be the same
timestamp passed to the sign method of the client library) and a type parameter
set to verification.
# Verification Request Example
curl --user "${clientId}:${clientSecret}" --data '{"signature":{"dtas":"WyIyNWUwYzMxY2ZlYjk5NGNjYWY3ZWE4OGQxYjBiNmQwMDMyM2MxNDI5ZWVjMzEzNzFiZTVmNTM3NjhiMjcxNjBkIiwiMjVlMGMzMWNmZWI5OTRjY2FmN2VhODhkMWIwYjZkMDAzMjNjMTQyOWVlYzMxMzcxYmU1ZjUzNzY4YjI3MTYwZCJd","hash":"74657374","mpinId":"7b22696174223a313631343736333336322c22757365724944223a2274657374406578616d706c652e636f6d222c22634944223a2238366364336536342d663634312d343136612d626638302d363462396237656566386561222c2273616c74223a2263483141545930367879754555574d667551466a4351222c2276223a352c2273636f7065223a5b22647673225d2c22647461223a5b5d2c227674223a22647673227d","publicKey":"16ef9515c8c35a3b11dc04f256c721a57b16857a612efe41ccfbf22514926b3511d51044366da78da224529447c04a9cf9dc4fbe142e783b02f9566e88b49ba700a5820ab2eafd9a541e1e37a7c04a1f75bfc8646979fb90886022a9c05b51b82382a1ba59a5ebad707930ef0692bba152b8faf596eead347a933d0b15ca2d0a","u":"040cbde168ab69a65fff10b0cde73dd2e19d0d230cc7011247d2e476540ffaf3800a92075babe5e823313a5c1d020c4318fb68bdea6dd19b64837061451700525e","v":"041be8fa9de40ed2925ca446048a2896532b88762f8b6e090f25f33a437c50396f09d441a500f7fa9646df5cbad7f4c8c2426c8e29e252d1a9c70ffa6d7dcd9201"},"timestamp":123,"type":"verification"}' https://api.mpin.io/dvs/verify
# Verification Response Example
{
"certificate":"eyJhbGciOiJSUzI1NiIsImtpZCI6InMxIn0.eyJjQXQiOjE2NDk0MDQ1ODAsImV4cCI6MTY0OTQwNDU5MCwiaGFzaCI6Ijc0NjU3Mzc0In0.BoMXXJVdiJ3TNQ1m_qz2GMo9J9EniUHJz14XMmVOBJPBWjw6UWTn2G2henNOauB7t6oBqqtLhRudLr3KY1kLgWorOSXlvISoZicEFGsmUfEXS-hxP3d01acE0cRnqMmi1Au4VXbREdwLy7I7Cwb4ptLrziYvkEVh7KdbAMsD6Bw"
}
# Certificate Validation
After you receive the certificate you need to verify its validity by using the
JWKS (public JSON Web Key Set) published on the /dvs/jwks endpoint. Here is an
example response from this endpoint:
{
"keys":
[
{
"kty": "RSA",
"use": "sig",
"kid": "s1",
"n": "kWp2zRA23Z3vTL4uoe8kTFptxBVFunIoP4t_8TDYJrOb7D1iZNDXVeEsYKp6ppmrTZDAgd-cNOTKLd4M39WJc5FN0maTAVKJc7NxklDeKc4dMe1BGvTZNG4MpWBo-taKULlYUu0ltYJuLzOjIrTHfarucrGoRWqM0sl3z2-fv9k",
"e": "AQAB"
}
]
}
The header of the JWT certificate contains the algorithm and the ID (kid) of
the key used for signing the token in the following form:
{
"alg": "RS256",
"kid": "s1"
}
When validating the signature of the token, the key with the same kid from the
/dvs/jwks response needs to be used.
Most JWT libraries have support for remote key sets and signature verification. For a list of libraries implementing JWT decoding and signature verification you can visit jtw.io.
# Certificate Payload
The JWT certificate contains a payload in the following form:
{
"cAt": 1649404580,
"exp": 1649404590,
"hash": "74657374"
}
You need to ensure that the hash in the certificate matches the hash of the document that was signed. As the certificate only serves as proof for the current verification request, it is quite short-lived. There is no need to store the certificate. If necessary, you can make another verification request to ensure the validity of the signature.
# Rotation of JWKS
When necessary, MIRACL Trust can change the singing key for the JWT certificate.
Certificates issued after the rotation will have the new kid in their header.
Your implementation needs to ensure that the JWKS is fetched again from the
/dvs/jwks endpoint when it encounters a new kid.
# API Reference
- POST
https://api.mpin.io/dvs/verify
Authorization: "Basic <base64(clientId:clientSecret)>"
Payload:
{
signature: {
hash: string,
mpinId: string,
publicKey: string,
dtas: string,
u: string,
v: string
},
timestamp: string,
type: string
}
Response:
{
certificate: string
}
- GET
https://api.mpin.io/dvs/jwks
Response:
{
keys: [
{
kty: string,
use: string,
kid: string,
n: string,
e: string
}
]
}
