@bedrock/vc-verifier 20.1.0 → 20.1.1
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/lib/verify.js +49 -32
- package/package.json +1 -1
package/lib/verify.js
CHANGED
|
@@ -30,9 +30,40 @@ export async function verifyPresentation({
|
|
|
30
30
|
config, presentation, challenge, domain, checks
|
|
31
31
|
} = {}) {
|
|
32
32
|
if(presentation?.type !== 'EnvelopedVerifiablePresentation') {
|
|
33
|
-
|
|
33
|
+
const result = await di.verifyPresentation({
|
|
34
34
|
config, presentation, challenge, domain, checks
|
|
35
35
|
});
|
|
36
|
+
if(result.verified || !result.presentationResult?.verified) {
|
|
37
|
+
// the whole VP and all its VCs were verified or the VP itself failed
|
|
38
|
+
// verification, so no extra work needed below
|
|
39
|
+
return result;
|
|
40
|
+
}
|
|
41
|
+
|
|
42
|
+
// note that the presentation itself verified, but the VCs therein might
|
|
43
|
+
// not because some of them might be enveloped VCs and the underlying
|
|
44
|
+
// `vc` library doesn't support this; therefore only use the presentation
|
|
45
|
+
// result and let the code below check VCs to ensure any enveloped VCs
|
|
46
|
+
// will also be checked
|
|
47
|
+
let {verifiableCredential = []} = presentation;
|
|
48
|
+
if(!Array.isArray(verifiableCredential)) {
|
|
49
|
+
verifiableCredential = [verifiableCredential];
|
|
50
|
+
}
|
|
51
|
+
const hasEnvelopedCredential = verifiableCredential.some(
|
|
52
|
+
vc => vc?.type === 'EnvelopedVerifiableCredential');
|
|
53
|
+
if(!hasEnvelopedCredential) {
|
|
54
|
+
// no enveloped VCs, return result
|
|
55
|
+
return result;
|
|
56
|
+
}
|
|
57
|
+
|
|
58
|
+
// try to verify each VC in the VP again but with envelope support
|
|
59
|
+
const credentialResults = await Promise.all(verifiableCredential.map(
|
|
60
|
+
credential => verifyCredential({config, credential, checks})));
|
|
61
|
+
const verified = credentialResults.every(({verified}) => verified);
|
|
62
|
+
if(verified) {
|
|
63
|
+
result.verified = true;
|
|
64
|
+
}
|
|
65
|
+
result.credentialResults = credentialResults;
|
|
66
|
+
return result;
|
|
36
67
|
}
|
|
37
68
|
|
|
38
69
|
const presentationResult = await verifyEnvelopedPresentation({
|
|
@@ -43,39 +74,25 @@ export async function verifyPresentation({
|
|
|
43
74
|
let credentialResults;
|
|
44
75
|
if(!verified) {
|
|
45
76
|
credentialResults = [];
|
|
77
|
+
} else if(presentationResult.presentation?.proof) {
|
|
78
|
+
// presentation in the envelope has a `proof`, so recurse to check it
|
|
79
|
+
const proofResult = await verifyPresentation({
|
|
80
|
+
config, presentation: presentationResult.presentation,
|
|
81
|
+
challenge, domain, checks
|
|
82
|
+
});
|
|
83
|
+
verified = !!(verified && proofResult.presentationResult?.verified);
|
|
84
|
+
presentationResult.proofResult = proofResult;
|
|
85
|
+
({credentialResults} = proofResult);
|
|
46
86
|
} else {
|
|
47
|
-
//
|
|
48
|
-
|
|
49
|
-
|
|
50
|
-
|
|
51
|
-
// result and let the code below check VCs to ensure any enveloped VCs
|
|
52
|
-
// will also be checked
|
|
53
|
-
if(presentationResult.presentation.proof) {
|
|
54
|
-
const proofResult = await di.verifyPresentation({
|
|
55
|
-
config, presentation: presentationResult.presentation,
|
|
56
|
-
challenge, domain, checks
|
|
57
|
-
});
|
|
58
|
-
presentationResult.proofResult = proofResult;
|
|
59
|
-
verified = !!(verified && proofResult.presentationResult?.verified);
|
|
60
|
-
if(proofResult.verified) {
|
|
61
|
-
// the whole VP was verified, so include the credential results, no
|
|
62
|
-
// need to repeat below to ensure enveloped credentials are checked
|
|
63
|
-
// as there aren't any
|
|
64
|
-
credentialResults = proofResult.credentialResults;
|
|
65
|
-
}
|
|
66
|
-
}
|
|
67
|
-
|
|
68
|
-
if(!credentialResults) {
|
|
69
|
-
// verify each VC in the VP
|
|
70
|
-
let {verifiableCredential = []} = presentationResult.presentation;
|
|
71
|
-
if(!Array.isArray(verifiableCredential)) {
|
|
72
|
-
verifiableCredential = [verifiableCredential];
|
|
73
|
-
}
|
|
74
|
-
credentialResults = await Promise.all(verifiableCredential.map(
|
|
75
|
-
credential => verifyCredential({config, credential, checks})));
|
|
76
|
-
verified = verified && credentialResults.every(
|
|
77
|
-
({verified}) => verified);
|
|
87
|
+
// verify each VC in the VP
|
|
88
|
+
let {verifiableCredential = []} = presentationResult.presentation;
|
|
89
|
+
if(!Array.isArray(verifiableCredential)) {
|
|
90
|
+
verifiableCredential = [verifiableCredential];
|
|
78
91
|
}
|
|
92
|
+
credentialResults = await Promise.all(verifiableCredential.map(
|
|
93
|
+
credential => verifyCredential({config, credential, checks})));
|
|
94
|
+
verified = verified && credentialResults.every(
|
|
95
|
+
({verified}) => verified);
|
|
79
96
|
}
|
|
80
97
|
return {
|
|
81
98
|
...presentationResult,
|