Add dedicated stronghold crate (#1243)

* Move stronghold to a dedicated crate

* Remove ununsed dependencies

* Fix compilation in all feature combinations

* Fix unused imports warning in all feature comb.

Cargo.toml

@@ -10,6 +10,7 @@ members = [
   "identity_iota_core",
   "identity_resolver",
   "identity_verification",
+  "identity_stronghold",
   "identity_jose",
   "identity_eddsa_verifier",
   "examples",

examples/0_basic/8_stronghold.rs

@@ -15,10 +15,10 @@ use identity_iota::storage::JwkDocumentExt;
 use identity_iota::storage::JwkMemStore;
 use identity_iota::storage::JwsSignatureOptions;
 use identity_iota::storage::Storage;
-use identity_iota::storage::StrongholdStorage;
 use identity_iota::verification::jws::DecodedJws;
 use identity_iota::verification::jws::JwsAlgorithm;
 use identity_iota::verification::MethodScope;
+use identity_stronghold::StrongholdStorage;
 use iota_sdk::client::secret::stronghold::StrongholdSecretManager;
 use iota_sdk::client::Client;
 use iota_sdk::client::Password;

examples/Cargo.toml

@@ -7,9 +7,9 @@ publish = false
 
 [dependencies]
 anyhow = "1.0.62"
-identity_eddsa_verifier = { path = "../identity_eddsa_verifier" }
-identity_iota = { path = "../identity_iota", features = ["memstore", "domain-linkage"] }
-identity_storage = { path = "../identity_storage", features = ["stronghold"] }
+identity_eddsa_verifier = { path = "../identity_eddsa_verifier", default-features = false }
+identity_iota = { path = "../identity_iota", default-features = false, features = ["memstore", "domain-linkage"] }
+identity_stronghold = { path = "../identity_stronghold", default-features = false }
 iota-sdk = { version = "1.0", default-features = false, features = ["tls", "client", "stronghold"] }
 primitive-types = "0.12.1"
 rand = "0.8.5"

identity_credential/src/validator/jwt_credential_validation/jwt_credential_validator_utils.rs

@@ -7,9 +7,7 @@ use identity_core::common::OneOrMany;
 use identity_core::common::Timestamp;
 use identity_core::common::Url;
 use identity_core::convert::FromJson;
-use identity_did::CoreDID;
 use identity_did::DID;
-use identity_document::document::CoreDocument;
 use identity_verification::jws::Decoder;
 
 use super::JwtValidationError;
@@ -88,11 +86,14 @@ impl JwtCredentialValidatorUtils {
   ///
   /// Only supports `RevocationBitmap2022`.
   #[cfg(feature = "revocation-bitmap")]
-  pub fn check_status<DOC: AsRef<CoreDocument>, T>(
+  pub fn check_status<DOC: AsRef<identity_document::document::CoreDocument>, T>(
     credential: &Credential<T>,
     trusted_issuers: &[DOC],
     status_check: crate::validator::StatusCheck,
   ) -> ValidationUnitResult {
+    use identity_did::CoreDID;
+    use identity_document::document::CoreDocument;
+
     if status_check == crate::validator::StatusCheck::SkipAll {
       return Ok(());
     }
@@ -128,7 +129,7 @@ impl JwtCredentialValidatorUtils {
   /// Check the given `status` against the matching [`RevocationBitmap`] service in the
   /// issuer's DID Document.
   #[cfg(feature = "revocation-bitmap")]
-  fn check_revocation_bitmap_status<DOC: AsRef<CoreDocument> + ?Sized>(
+  fn check_revocation_bitmap_status<DOC: AsRef<identity_document::document::CoreDocument> + ?Sized>(
     issuer: &DOC,
     status: crate::credential::RevocationBitmapStatus,
   ) -> ValidationUnitResult {

identity_iota/Cargo.toml

@@ -23,7 +23,7 @@ identity_verification = { version = "=0.7.0-alpha.7", path = "../identity_verifi
 
 [dev-dependencies]
 anyhow = "1.0.64"
-iota-sdk = { version = "1.0", default-features = false, features = ["tls", "client", "stronghold"] }
+iota-sdk = { version = "1.0", default-features = false, features = ["tls", "client"] }
 rand = "0.8.5"
 tokio = { version = "1.29.0", features = ["full"] }
 

identity_storage/Cargo.toml

@@ -4,7 +4,7 @@ version = "0.7.0-alpha.7"
 authors.workspace = true
 edition.workspace = true
 homepage.workspace = true
-keywords = ["iota", "storage", "identity", "kms", "stronghold"]
+keywords = ["iota", "storage", "identity", "kms"]
 license.workspace = true
 readme = "./README.md"
 repository.workspace = true
@@ -20,16 +20,13 @@ identity_did = { version = "=0.7.0-alpha.7", path = "../identity_did", default-f
 identity_document = { version = "=0.7.0-alpha.7", path = "../identity_document", default-features = false }
 identity_iota_core = { version = "=0.7.0-alpha.7", path = "../identity_iota_core", default-features = false, optional = true }
 identity_verification = { version = "=0.7.0-alpha.7", path = "../identity_verification", default_features = false }
-iota-crypto = { version = "0.23", default-features = false, features = ["blake2b", "ed25519", "random"], optional = true }
-iota-sdk = { version = "1.0", default-features = false, features = ["tls", "client", "stronghold"], optional = true }
-iota_stronghold = { version = "2.0", optional = true, default-features = false }
+iota-crypto = { version = "0.23", default-features = false, features = ["ed25519"], optional = true }
 rand = { version = "0.8.5", default-features = false, features = ["std", "std_rng"], optional = true }
 seahash = { version = "4.1.0", default_features = false }
 serde.workspace = true
 serde_json.workspace = true
 thiserror.workspace = true
 tokio = { version = "1.29.0", default-features = false, features = ["macros", "sync"], optional = true }
-zeroize = { version = "1.6.0", default_features = false, optional = true }
 
 [dev-dependencies]
 identity_credential = { version = "=0.7.0-alpha.7", path = "../identity_credential", features = ["revocation-bitmap"] }
@@ -44,6 +41,4 @@ memstore = ["dep:tokio", "dep:rand", "dep:iota-crypto"]
 # Enables `Send` + `Sync` bounds for the storage traits.
 send-sync-storage = []
 # Implements the JwkStorageDocumentExt trait for IotaDocument
-# Exposes the stronghold implementations for the storage traits.
-stronghold = ["dep:tokio", "dep:iota-sdk", "dep:iota_stronghold", "dep:zeroize", "dep:rand", "dep:iota-crypto"]
 iota-document = ["dep:identity_iota_core"]

identity_storage/src/key_id_storage/mod.rs

@@ -12,8 +12,6 @@
 mod key_id_storage;
 mod key_id_storage_error;
 mod method_digest;
-#[cfg(feature = "stronghold")]
-mod stronghold;
 
 #[cfg(feature = "memstore")]
 mod memstore;

identity_storage/src/key_id_storage/tests/mod.rs

@@ -2,6 +2,4 @@
 // SPDX-License-Identifier: Apache-2.0
 
 mod memstore;
-#[cfg(feature = "stronghold")]
-mod stronghold;
 mod utils;

identity_storage/src/key_storage/mod.rs

@@ -6,7 +6,7 @@
 //! This module provides the [`JwkStorage`] trait that
 //! abstracts over storages that store JSON Web Keys.
 
-#[cfg(any(feature = "stronghold", feature = "memstore"))]
+#[cfg(feature = "memstore")]
 mod ed25519;
 mod jwk_gen_output;
 mod jwk_storage;
@@ -15,8 +15,6 @@ mod key_storage_error;
 mod key_type;
 #[cfg(feature = "memstore")]
 mod memstore;
-#[cfg(feature = "stronghold")]
-mod stronghold;
 
 #[cfg(test)]
 pub(crate) mod tests;
@@ -28,5 +26,3 @@ pub use key_storage_error::*;
 pub use key_type::*;
 #[cfg(feature = "memstore")]
 pub use memstore::*;
-#[cfg(feature = "stronghold")]
-pub use stronghold::*;

identity_storage/src/key_storage/tests/mod.rs

@@ -3,8 +3,5 @@
 
 mod memstore;
 
-#[cfg(feature = "stronghold")]
-mod stronghold;
-
 #[cfg(test)]
 pub(crate) mod utils;

identity_storage/src/lib.rs

@@ -17,13 +17,7 @@
 pub mod key_id_storage;
 pub mod key_storage;
 pub mod storage;
-#[cfg(feature = "stronghold")]
-pub mod stronghold_storage;
-#[cfg(test)]
-mod test_utils;
 
 pub use key_id_storage::*;
 pub use key_storage::*;
 pub use storage::*;
-#[cfg(feature = "stronghold")]
-pub use stronghold_storage::*;