Update to Rust 2024 edition

.github/workflows/build.yml

@@ -1,7 +1,7 @@
 name: "Anoncreds"
 
 env:
-  RUST_VERSION: "1.81.0"
+  RUST_VERSION: "1.85.0"
   CROSS_VERSION: "0.2.4"
 
 on:
@@ -350,6 +350,9 @@ jobs:
       matrix:
         architecture:
           [aarch64-apple-ios, aarch64-apple-ios-sim, x86_64-apple-ios]
+    env:
+      IPHONEOS_DEPLOYMENT_TARGET: 10.0
+      IPHONESIMULATOR_DEPLOYMENT_TARGET: 10.0
 
     steps:
       - name: Checkout

Cargo.toml

@@ -5,13 +5,13 @@ authors = [
     "Hyperledger AnonCreds Contributors <anoncreds@lists.hyperledger.org>",
 ]
 description = "Verifiable credential issuance and presentation for Hyperledger AnonCreds (https://www.hyperledger.org/projects), which provides a foundation for self-sovereign identity."
-edition = "2021"
+edition = "2024"
 license = "Apache-2.0"
 readme = "../README.md"
 repository = "https://github.com/hyperledger/anoncreds-rs/"
 categories = ["authentication", "cryptography"]
 keywords = ["hyperledger", "ssi", "verifiable", "credentials"]
-rust-version = "1.58"
+rust-version = "1.85"
 
 [lib]
 name = "anoncreds"
@@ -28,25 +28,25 @@ zeroize = ["dep:zeroize"]
 
 [dependencies]
 anoncreds-clsignatures = "0.3.2"
-base64 = { version = "0.21.5", optional = true }
+base64 = { version = "0.22", optional = true }
 bitvec = { version = "1.0.1", features = ["serde"] }
 bs58 = "0.5.0"
 chrono = { version = "0.4.31", optional = true, features = ["serde"] }
-env_logger = { version = "0.9.3", optional = true }
+env_logger = { version = "0.11", optional = true }
 ffi-support = { version = "0.4.0", optional = true }
 log = "0.4.17"
-once_cell = "1.17.1"
-rand = "0.8.5"
+once_cell = "1"
+rand = "0.9"
 regex = "1.7.1"
 rmp-serde = { version = "1.1.2", optional = true }
 serde = { version = "1.0.155", features = ["derive"] }
 serde_json = { version = "1.0.94", features = ["raw_value"] }
 sha2 = "0.10.6"
-thiserror = "1.0.39"
+thiserror = "2"
 zeroize = { version = "1.5.7", optional = true, features = ["zeroize_derive"] }
 
 [dev-dependencies]
-rstest = "0.18.2"
+rstest = "0.26"
 
 [profile.release]
 codegen-units = 1

Cross.toml

@@ -0,0 +1,8 @@
+[build.env]
+passthrough = ["CFLAGS"]
+
+[target.aarch64-unknown-linux-gnu]
+image = "ghcr.io/rust-cross/manylinux2014-cross:aarch64"
+
+[target.x86_64-unknown-linux-gnu]
+image = "ghcr.io/rust-cross/manylinux2014-cross:x86_64"

docs/design/w3c/w3c-representation.md

@@ -55,7 +55,7 @@ Methods purpose - have to forms of credentials (probably even duplicate in walle
 ///
 /// # Returns
 /// Error code
-#[no_mangle]
+#[unsafe(no_mangle)]
 pub extern "C" fn anoncreds_credential_to_w3c(
     cred: ObjectHandle,
     issuer_id: FfiStr,
@@ -71,7 +71,7 @@ pub extern "C" fn anoncreds_credential_to_w3c(
 ///
 /// # Returns
 /// Error code
-#[no_mangle]
+#[unsafe(no_mangle)]
 pub extern "C" fn anoncreds_credential_from_w3c(
     cred: ObjectHandle,
     cred_p: *mut ObjectHandle,
@@ -120,7 +120,7 @@ The reasons for adding duplication methods:
 ///
 /// # Returns
 /// Error code
-#[no_mangle]
+#[unsafe(no_mangle)]
 pub extern "C" fn anoncreds_create_w3c_credential(
     cred_def: ObjectHandle,
     cred_def_private: ObjectHandle,
@@ -145,7 +145,7 @@ pub extern "C" fn anoncreds_create_w3c_credential(
 ///
 /// # Returns
 /// Error code
-#[no_mangle]
+#[unsafe(no_mangle)]
 pub extern "C" fn anoncreds_process_w3c_credential(
     cred: ObjectHandle,
     cred_req_metadata: ObjectHandle,
@@ -166,7 +166,7 @@ pub extern "C" fn anoncreds_process_w3c_credential(
 ///
 /// # Returns
 /// Error code
-#[no_mangle]
+#[unsafe(no_mangle)]
 pub extern "C" fn anoncreds_w3c_credential_get_integrity_proof_details(
     handle: ObjectHandle,
     cred_proof_info_p: *mut ObjectHandle,
@@ -188,7 +188,7 @@ pub extern "C" fn anoncreds_w3c_credential_get_integrity_proof_details(
 ///
 /// # Returns
 /// Error code
-#[no_mangle]
+#[unsafe(no_mangle)]
 pub extern "C" fn anoncreds_create_w3c_presentation(
     pres_req: ObjectHandle,
     credentials: FfiList<FfiCredentialEntry>,
@@ -219,7 +219,7 @@ pub extern "C" fn anoncreds_create_w3c_presentation(
 ///
 /// # Returns
 /// Error code
-#[no_mangle]
+#[unsafe(no_mangle)]
 pub extern "C" fn anoncreds_verify_w3c_presentation(
     presentation: ObjectHandle,
     pres_req: ObjectHandle,

src/data_types/cred_def.rs

@@ -18,6 +18,14 @@ pub enum SignatureType {
     CL,
 }
 
+impl SignatureType {
+    pub const fn as_str(&self) -> &'static str {
+        match self {
+            Self::CL => CL_SIGNATURE_TYPE,
+        }
+    }
+}
+
 impl FromStr for SignatureType {
     type Err = ConversionError;
 
@@ -29,6 +37,12 @@ impl FromStr for SignatureType {
     }
 }
 
+impl std::fmt::Display for SignatureType {
+    fn fmt(&self, f: &mut std::fmt::Formatter<'_>) -> std::fmt::Result {
+        f.write_str(self.as_str())
+    }
+}
+
 #[derive(Debug, Serialize, Deserialize)]
 pub struct CredentialDefinitionData {
     pub primary: CredentialPrimaryPublicKey,

src/data_types/cred_request.rs

@@ -4,7 +4,7 @@ use crate::cl::{
 };
 use crate::error::{Result, ValidationError};
 use crate::invalid;
-use crate::utils::validation::{is_uri_identifier, Validatable, LEGACY_DID_IDENTIFIER};
+use crate::utils::validation::{LEGACY_DID_IDENTIFIER, Validatable, is_uri_identifier};
 
 use super::{cred_def::CredentialDefinitionId, nonce::Nonce};
 

src/data_types/credential.rs

@@ -4,11 +4,11 @@ use std::collections::HashMap;
 #[cfg(feature = "zeroize")]
 use zeroize::Zeroize;
 
+use crate::Error;
 use crate::cl::{CredentialSignature, RevocationRegistry, SignatureCorrectnessProof, Witness};
 use crate::error::{ConversionError, ValidationError};
 use crate::types::MakeCredentialValues;
 use crate::utils::validation::Validatable;
-use crate::Error;
 
 use super::rev_reg_def::RevocationRegistryDefinitionId;
 use super::{cred_def::CredentialDefinitionId, schema::SchemaId};

src/data_types/link_secret.rs

@@ -1,6 +1,6 @@
 use std::fmt;
 
-use crate::cl::{bn::BigNumber, Prover as CryptoProver};
+use crate::cl::{Prover as CryptoProver, bn::BigNumber};
 use crate::error::ConversionError;
 
 pub struct LinkSecret(pub(crate) BigNumber);

src/data_types/macros.rs

@@ -3,8 +3,8 @@ macro_rules! impl_anoncreds_object_identifier {
     ($i:ident) => {
         use $crate::error::ValidationError;
         use $crate::utils::validation::{
-            Validatable, LEGACY_CRED_DEF_IDENTIFIER, LEGACY_DID_IDENTIFIER,
-            LEGACY_REV_REG_DEF_IDENTIFIER, LEGACY_SCHEMA_IDENTIFIER, URI_IDENTIFIER,
+            LEGACY_CRED_DEF_IDENTIFIER, LEGACY_DID_IDENTIFIER, LEGACY_REV_REG_DEF_IDENTIFIER,
+            LEGACY_SCHEMA_IDENTIFIER, URI_IDENTIFIER, Validatable,
         };
 
         #[derive(Debug, Clone, PartialEq, Eq, Hash, Deserialize, Serialize, Default)]
@@ -53,7 +53,7 @@ macro_rules! impl_anoncreds_object_identifier {
                         return Err($crate::invalid!(
                             "type: {} does not have a validation regex",
                             invalid_name,
-                        ))
+                        ));
                     }
                 };
 

src/data_types/nonce.rs

@@ -2,10 +2,10 @@ use std::convert::TryFrom;
 use std::fmt;
 use std::hash::{Hash, Hasher};
 
-use crate::cl::{new_nonce, Nonce as CryptoNonce};
+use crate::cl::{Nonce as CryptoNonce, new_nonce};
 use crate::error::ConversionError;
 use serde::de::{Error, SeqAccess};
-use serde::{de::Visitor, Deserialize, Deserializer, Serialize, Serializer};
+use serde::{Deserialize, Deserializer, Serialize, Serializer, de::Visitor};
 use serde_json::Value;
 
 pub struct Nonce {

src/data_types/pres_request.rs

@@ -2,7 +2,7 @@ use anoncreds_clsignatures::PredicateType;
 use std::collections::HashMap;
 use std::fmt;
 
-use serde::{de, ser, Deserialize, Deserializer, Serialize, Serializer};
+use serde::{Deserialize, Deserializer, Serialize, Serializer, de, ser};
 use serde_json::Value;
 
 use super::credential::Credential;
@@ -250,7 +250,9 @@ impl Validatable for PresentationRequest {
         let version = self.version();
 
         if value.requested_attributes.is_empty() && value.requested_predicates.is_empty() {
-            return Err(invalid!("Presentation request validation failed: both `requested_attributes` and `requested_predicates` are empty"));
+            return Err(invalid!(
+                "Presentation request validation failed: both `requested_attributes` and `requested_predicates` are empty"
+            ));
         }
 
         for requested_attribute in value.requested_attributes.values() {
@@ -270,10 +272,13 @@ impl Validatable for PresentationRequest {
             }
 
             if has_name && has_names {
-                return Err(invalid!("Presentation request validation failed: there is a requested attribute with both name and names: {:?}", requested_attribute));
+                return Err(invalid!(
+                    "Presentation request validation failed: there is a requested attribute with both name and names: {:?}",
+                    requested_attribute
+                ));
             }
 
-            if let Some(ref restrictions) = requested_attribute.restrictions {
+            if let Some(restrictions) = &requested_attribute.restrictions {
                 _process_operator(restrictions, &version)?;
             }
         }
@@ -285,7 +290,7 @@ impl Validatable for PresentationRequest {
                     requested_predicate
                 ));
             }
-            if let Some(ref restrictions) = requested_predicate.restrictions {
+            if let Some(restrictions) = &requested_predicate.restrictions {
                 _process_operator(restrictions, &version)?;
             }
         }
@@ -299,37 +304,35 @@ fn _process_operator(
     version: &PresentationRequestVersion,
 ) -> Result<(), ValidationError> {
     match restriction_op {
-        Query::Eq(ref tag_name, ref tag_value)
-        | Query::Neq(ref tag_name, ref tag_value)
-        | Query::Gt(ref tag_name, ref tag_value)
-        | Query::Gte(ref tag_name, ref tag_value)
-        | Query::Lt(ref tag_name, ref tag_value)
-        | Query::Lte(ref tag_name, ref tag_value)
-        | Query::Like(ref tag_name, ref tag_value) => {
-            _check_restriction(tag_name, tag_value, version)
-        }
-        Query::In(ref tag_name, ref tag_values) => {
+        Query::Eq(tag_name, tag_value)
+        | Query::Neq(tag_name, tag_value)
+        | Query::Gt(tag_name, tag_value)
+        | Query::Gte(tag_name, tag_value)
+        | Query::Lt(tag_name, tag_value)
+        | Query::Lte(tag_name, tag_value)
+        | Query::Like(tag_name, tag_value) => _check_restriction(tag_name, tag_value, version),
+        Query::In(tag_name, tag_values) => {
             tag_values
                 .iter()
                 .map(|tag_value| _check_restriction(tag_name, tag_value, version))
                 .collect::<Result<Vec<()>, ValidationError>>()?;
             Ok(())
         }
-        Query::Exist(ref tag_names) => {
+        Query::Exist(tag_names) => {
             tag_names
                 .iter()
                 .map(|tag_name| _check_restriction(tag_name, "", version))
                 .collect::<Result<Vec<()>, ValidationError>>()?;
             Ok(())
         }
-        Query::And(ref operators) | Query::Or(ref operators) => {
+        Query::And(operators) | Query::Or(operators) => {
             operators
                 .iter()
                 .map(|operator| _process_operator(operator, version))
                 .collect::<Result<Vec<()>, ValidationError>>()?;
             Ok(())
         }
-        Query::Not(ref operator) => _process_operator(operator, version),
+        Query::Not(operator) => _process_operator(operator, version),
     }
 }
 
@@ -342,8 +345,10 @@ fn _check_restriction(
         && Credential::QUALIFIABLE_TAGS.contains(&tag_name)
         && validation::is_uri_identifier(tag_value)
     {
-        return Err(invalid!("Presentation request validation failed: fully qualified identifiers can not be used for presentation request of the first version. \
-                    Please, set \"ver\":\"2.0\" to use fully qualified identifiers."));
+        return Err(invalid!(
+            "Presentation request validation failed: fully qualified identifiers can not be used for presentation request of the first version. \
+                    Please, set \"ver\":\"2.0\" to use fully qualified identifiers."
+        ));
     }
     Ok(())
 }

src/data_types/w3c/constants.rs

@@ -1,5 +1,5 @@
 use once_cell::sync::Lazy;
-use serde_json::{json, Value};
+use serde_json::{Value, json};
 use std::collections::HashSet;
 
 use crate::data_types::w3c::context::{Context, Contexts};

src/data_types/w3c/context.rs

@@ -1,9 +1,9 @@
+use crate::data_types::w3c::VerifiableCredentialSpecVersion;
 use crate::data_types::w3c::constants::{
     ANONCREDS_VC_1_1_CONTEXTS, ANONCREDS_VC_2_0_CONTEXTS, ISSUER_DEPENDENT_VOCABULARY,
     W3C_DATA_INTEGRITY_CONTEXT, W3C_VC_1_1_BASE_CONTEXT, W3C_VC_2_0_BASE_CONTEXT,
 };
 use crate::data_types::w3c::uri::URI;
-use crate::data_types::w3c::VerifiableCredentialSpecVersion;
 
 #[derive(Debug, Clone, PartialEq, Eq, Deserialize, Serialize)]
 #[serde(untagged)]

src/data_types/w3c/credential.rs

@@ -3,18 +3,18 @@ use serde::{Deserialize, Serialize};
 use std::collections::HashSet;
 use std::string::ToString;
 
+use crate::Result;
+use crate::data_types::w3c::VerifiableCredentialSpecVersion;
 use crate::data_types::w3c::constants::ANONCREDS_CREDENTIAL_TYPES;
 use crate::data_types::w3c::context::Contexts;
 use crate::data_types::w3c::credential_attributes::CredentialSubject;
 use crate::data_types::w3c::proof::{
     CredentialPresentationProofValue, CredentialSignatureProofValue, DataIntegrityProof,
 };
-use crate::data_types::w3c::VerifiableCredentialSpecVersion;
 use crate::data_types::{
     issuer_id::IssuerId,
     w3c::{constants::W3C_CREDENTIAL_TYPE, one_or_many::OneOrMany, uri::URI},
 };
-use crate::Result;
 
 /// AnonCreds W3C Credential definition
 /// Note, that this definition is tied to AnonCreds W3C form

src/data_types/w3c/format.rs

@@ -1,5 +1,5 @@
 pub mod base64_msgpack {
-    use serde::{de::Visitor, ser::Error, Deserialize, Serialize};
+    use serde::{Deserialize, Serialize, de::Visitor, ser::Error};
     use std::marker::PhantomData;
 
     use crate::utils::{base64, msg_pack};

src/data_types/w3c/presentation.rs

@@ -1,11 +1,11 @@
 use serde::{Deserialize, Serialize};
 
+use crate::Result;
+use crate::data_types::w3c::VerifiableCredentialSpecVersion;
 use crate::data_types::w3c::constants::{ANONCREDS_PRESENTATION_TYPES, W3C_PRESENTATION_TYPE};
 use crate::data_types::w3c::context::Contexts;
 use crate::data_types::w3c::credential::{Types, W3CCredential};
 use crate::data_types::w3c::proof::{DataIntegrityProof, PresentationProofValue};
-use crate::data_types::w3c::VerifiableCredentialSpecVersion;
-use crate::Result;
 
 /// AnonCreds W3C Presentation definition
 /// Note, that this definition is tied to AnonCreds W3C form