@digitalbazaar/vc 6.1.0 → 6.2.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/README.md +69 -4
- package/lib/index.js +2 -2
- package/package.json +1 -1
package/README.md
CHANGED
|
@@ -116,12 +116,75 @@ const signedVC = await vc.issue({credential, suite, documentLoader});
|
|
|
116
116
|
console.log(JSON.stringify(signedVC, null, 2));
|
|
117
117
|
```
|
|
118
118
|
|
|
119
|
+
### Issuing a Selective Disclosure Verifiable Credential
|
|
120
|
+
|
|
121
|
+
Pre-requisites:
|
|
122
|
+
|
|
123
|
+
* You have a private key (with id and controller) and corresponding suite
|
|
124
|
+
* You have are using a cryptosuite that supports selective disclosure, such
|
|
125
|
+
as `ecdsa-sd-2023`
|
|
126
|
+
* If you're using a custom `@context`, make sure it's resolvable
|
|
127
|
+
* (Recommended) You have a strategy for where to publish your Controller
|
|
128
|
+
Document and Public Key
|
|
129
|
+
|
|
130
|
+
```js
|
|
131
|
+
import * as vc from '@digitalbazaar/vc';
|
|
132
|
+
import * as ecdsaSd2023Cryptosuite from
|
|
133
|
+
'@digitalbazaar/ecdsa-sd-2023-cryptosuite';
|
|
134
|
+
import {DataIntegrityProof} from '@digitalbazaar/data-integrity';
|
|
135
|
+
|
|
136
|
+
const ecdsaKeyPair = await EcdsaMultikey.generate({
|
|
137
|
+
curve: 'P-256',
|
|
138
|
+
id: 'https://example.edu/issuers/keys/2',
|
|
139
|
+
controller: 'https://example.edu/issuers/565049'
|
|
140
|
+
});
|
|
141
|
+
|
|
142
|
+
// sample unsigned credential
|
|
143
|
+
const credential = {
|
|
144
|
+
"@context": [
|
|
145
|
+
"https://www.w3.org/2018/credentials/v1",
|
|
146
|
+
"https://www.w3.org/2018/credentials/examples/v1"
|
|
147
|
+
],
|
|
148
|
+
"id": "https://example.com/credentials/1872",
|
|
149
|
+
"type": ["VerifiableCredential", "AlumniCredential"],
|
|
150
|
+
"issuer": "https://example.edu/issuers/565049",
|
|
151
|
+
"issuanceDate": "2010-01-01T19:23:24Z",
|
|
152
|
+
"credentialSubject": {
|
|
153
|
+
"id": "did:example:ebfeb1f712ebc6f1c276e12ec21",
|
|
154
|
+
"alumniOf": "Example University"
|
|
155
|
+
}
|
|
156
|
+
};
|
|
157
|
+
|
|
158
|
+
// setup ecdsa-sd-2023 suite for signing selective disclosure VCs
|
|
159
|
+
const suite = new DataIntegrityProof({
|
|
160
|
+
signer: ecdsaKeyPair.signer(),
|
|
161
|
+
cryptosuite: createSignCryptosuite({
|
|
162
|
+
// require the `issuer` and `issuanceDate` fields to always be disclosed
|
|
163
|
+
// by the holder (presenter)
|
|
164
|
+
mandatoryPointers: [
|
|
165
|
+
'/issuanceDate',
|
|
166
|
+
'/issuer'
|
|
167
|
+
]
|
|
168
|
+
})
|
|
169
|
+
});
|
|
170
|
+
// use a proof ID to enable it to be found and transformed into a disclosure
|
|
171
|
+
// proof by the holder later
|
|
172
|
+
const proofId = `urn:uuid:${uuid()}`;
|
|
173
|
+
suite.proof = {id: proofId};
|
|
174
|
+
|
|
175
|
+
const signedVC = await vc.issue({credential, suite, documentLoader});
|
|
176
|
+
console.log(JSON.stringify(signedVC, null, 2));
|
|
177
|
+
```
|
|
178
|
+
|
|
119
179
|
### Deriving a Selective Disclosure Verifiable Credential
|
|
120
180
|
|
|
181
|
+
Note: This step is performed as a holder of a verifiable credential, not as
|
|
182
|
+
an issuer.
|
|
183
|
+
|
|
121
184
|
Pre-requisites:
|
|
122
185
|
|
|
123
186
|
* You have a verifiable credential that was issued using a cryptosuite that
|
|
124
|
-
|
|
187
|
+
supports selective disclosure, such as `ecdsa-sd-2023`
|
|
125
188
|
* If you're using a custom `@context`, make sure it's resolvable
|
|
126
189
|
|
|
127
190
|
```js
|
|
@@ -136,7 +199,7 @@ const {
|
|
|
136
199
|
createVerifyCryptosuite
|
|
137
200
|
} = ecdsaSd2023Cryptosuite;
|
|
138
201
|
|
|
139
|
-
//
|
|
202
|
+
// sample signed credential
|
|
140
203
|
const credential = {
|
|
141
204
|
"@context": [
|
|
142
205
|
"https://www.w3.org/2018/credentials/v1",
|
|
@@ -167,7 +230,7 @@ const credential = {
|
|
|
167
230
|
|
|
168
231
|
// note no `signer` needed; the selective disclosure credential will be
|
|
169
232
|
// derived from the base proof already provided by the issuer
|
|
170
|
-
const
|
|
233
|
+
const suite = new DataIntegrityProof({
|
|
171
234
|
cryptosuite: createDiscloseCryptosuite({
|
|
172
235
|
// the ID of the base proof to convert to a disclosure proof
|
|
173
236
|
proofId: 'urn:uuid:da088899-3439-41ea-a580-af3f1cf98cd3',
|
|
@@ -181,7 +244,9 @@ const ecdsaSdDeriveSuite = new DataIntegrityProof({
|
|
|
181
244
|
})
|
|
182
245
|
});
|
|
183
246
|
|
|
184
|
-
const derivedVC = await vc.derive({
|
|
247
|
+
const derivedVC = await vc.derive({
|
|
248
|
+
verifiableCredential, suite, documentLoader
|
|
249
|
+
});
|
|
185
250
|
console.log(JSON.stringify(derivedVC, null, 2));
|
|
186
251
|
```
|
|
187
252
|
|
package/lib/index.js
CHANGED
|
@@ -654,10 +654,10 @@ export function _checkCredential({
|
|
|
654
654
|
}
|
|
655
655
|
|
|
656
656
|
if('credentialStatus' in credential) {
|
|
657
|
-
if(!credential.credentialStatus.id) {
|
|
657
|
+
if(Array.isArray(credential.credentialStatus) ? credential.credentialStatus.some(cs => !cs.id) : !credential.credentialStatus.id) {
|
|
658
658
|
throw new Error('"credentialStatus" must include an id.');
|
|
659
659
|
}
|
|
660
|
-
if(!credential.credentialStatus.type) {
|
|
660
|
+
if(Array.isArray(credential.credentialStatus) ? credential.credentialStatus.some(cs => !cs.type) : !credential.credentialStatus.type) {
|
|
661
661
|
throw new Error('"credentialStatus" must include a type.');
|
|
662
662
|
}
|
|
663
663
|
}
|