@sphereon/ssi-sdk.credential-validation 0.32.1-next.54 → 0.33.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/dist/agent/CredentialValidation.d.ts.map +1 -1
- package/dist/agent/CredentialValidation.js +22 -21
- package/dist/agent/CredentialValidation.js.map +1 -1
- package/dist/ssi-sdk.credential-validation.d.ts +4 -4
- package/dist/tsdoc-metadata.json +1 -1
- package/dist/types/ICredentialValidation.d.ts +4 -4
- package/dist/types/ICredentialValidation.d.ts.map +1 -1
- package/package.json +8 -8
- package/plugin.schema.json +56 -77
- package/src/agent/CredentialValidation.ts +38 -36
- package/src/types/ICredentialValidation.ts +4 -4
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"CredentialValidation.d.ts","sourceRoot":"","sources":["../../src/agent/CredentialValidation.ts"],"names":[],"mappings":"AAUA,OAAO,
|
|
1
|
+
{"version":3,"file":"CredentialValidation.d.ts","sourceRoot":"","sources":["../../src/agent/CredentialValidation.ts"],"names":[],"mappings":"AAUA,OAAO,EAAE,YAAY,EAAmF,MAAM,cAAc,CAAA;AAI5H,OAAO,EAEL,qBAAqB,EAUtB,MAAM,UAAU,CAAA;AAOjB,eAAO,MAAM,2BAA2B,EAAE,KAAK,CAAC,MAAM,CAMrD,CAAA;AAED;;GAEG;AACH,qBAAa,oBAAqB,YAAW,YAAY;IACvD,QAAQ,CAAC,MAAM,MAA+B;IAC9C,QAAQ,CAAC,OAAO,EAAE,qBAAqB,CAMtC;IAED,OAAO,CAAC,aAAa;YAkBP,kBAAkB;YA0BlB,cAAc;YAad,cAAc;YA8Bd,WAAW;YAQX,6BAA6B;YA0B7B,YAAY;YAyBZ,qBAAqB;YA6CrB,uBAAuB;CAqBtC"}
|
|
@@ -21,13 +21,14 @@ const cross_fetch_1 = __importDefault(require("cross-fetch"));
|
|
|
21
21
|
const index_1 = require("../index");
|
|
22
22
|
var decodeFrom = kmp_mdoc_core_1.com.sphereon.kmp.decodeFrom;
|
|
23
23
|
var IssuerSignedCbor = kmp_mdoc_core_1.com.sphereon.mdoc.data.device.IssuerSignedCbor;
|
|
24
|
+
const ssi_sdk_core_1 = require("@sphereon/ssi-sdk.core");
|
|
24
25
|
// Exposing the methods here for any REST implementation
|
|
25
26
|
exports.credentialValidationMethods = [
|
|
26
27
|
'cvVerifyCredential',
|
|
27
28
|
'cvVerifySchema',
|
|
28
29
|
'cvVerifyMdoc',
|
|
29
30
|
'cvVerifySDJWTCredential',
|
|
30
|
-
'cvVerifyW3CCredential'
|
|
31
|
+
'cvVerifyW3CCredential',
|
|
31
32
|
];
|
|
32
33
|
/**
|
|
33
34
|
* {@inheritDoc ICredentialValidation}
|
|
@@ -40,7 +41,7 @@ class CredentialValidation {
|
|
|
40
41
|
cvVerifySchema: this.cvVerifySchema.bind(this),
|
|
41
42
|
cvVerifyMdoc: this.cvVerifyMdoc.bind(this),
|
|
42
43
|
cvVerifySDJWTCredential: this.cvVerifySDJWTCredential.bind(this),
|
|
43
|
-
cvVerifyW3CCredential: this.cvVerifyW3CCredential.bind(this)
|
|
44
|
+
cvVerifyW3CCredential: this.cvVerifyW3CCredential.bind(this),
|
|
44
45
|
};
|
|
45
46
|
}
|
|
46
47
|
detectSchemas(wrappedVC) {
|
|
@@ -61,12 +62,12 @@ class CredentialValidation {
|
|
|
61
62
|
cvVerifyCredential(args, context) {
|
|
62
63
|
return __awaiter(this, void 0, void 0, function* () {
|
|
63
64
|
var _a;
|
|
64
|
-
const { credential, hasher, policies } = args;
|
|
65
|
+
const { credential, hasher = ssi_sdk_core_1.defaultHasher, policies } = args;
|
|
65
66
|
// defaulting the schema validation to when_present
|
|
66
67
|
const schemaResult = yield this.cvVerifySchema({
|
|
67
68
|
credential,
|
|
68
69
|
validationPolicy: (_a = policies === null || policies === void 0 ? void 0 : policies.schemaValidation) !== null && _a !== void 0 ? _a : index_1.SchemaValidation.WHEN_PRESENT,
|
|
69
|
-
hasher
|
|
70
|
+
hasher,
|
|
70
71
|
});
|
|
71
72
|
if (!schemaResult.result) {
|
|
72
73
|
return schemaResult;
|
|
@@ -84,13 +85,13 @@ class CredentialValidation {
|
|
|
84
85
|
}
|
|
85
86
|
cvVerifySchema(args) {
|
|
86
87
|
return __awaiter(this, void 0, void 0, function* () {
|
|
87
|
-
const { credential, hasher, validationPolicy } = args;
|
|
88
|
+
const { credential, hasher = ssi_sdk_core_1.defaultHasher, validationPolicy } = args;
|
|
88
89
|
const wrappedCredential = ssi_types_1.CredentialMapper.toWrappedVerifiableCredential(credential, { hasher });
|
|
89
90
|
if (validationPolicy === index_1.SchemaValidation.NEVER) {
|
|
90
91
|
return {
|
|
91
92
|
result: true,
|
|
92
93
|
source: wrappedCredential,
|
|
93
|
-
subResults: []
|
|
94
|
+
subResults: [],
|
|
94
95
|
};
|
|
95
96
|
}
|
|
96
97
|
return this.validateSchema(wrappedCredential, validationPolicy);
|
|
@@ -105,14 +106,14 @@ class CredentialValidation {
|
|
|
105
106
|
return {
|
|
106
107
|
result: false,
|
|
107
108
|
source: wrappedVC,
|
|
108
|
-
subResults: []
|
|
109
|
+
subResults: [],
|
|
109
110
|
};
|
|
110
111
|
}
|
|
111
112
|
else {
|
|
112
113
|
return {
|
|
113
114
|
result: true,
|
|
114
115
|
source: wrappedVC,
|
|
115
|
-
subResults: []
|
|
116
|
+
subResults: [],
|
|
116
117
|
};
|
|
117
118
|
}
|
|
118
119
|
}
|
|
@@ -120,7 +121,7 @@ class CredentialValidation {
|
|
|
120
121
|
return {
|
|
121
122
|
result: subResults.every((subResult) => subResult.result),
|
|
122
123
|
source: wrappedVC,
|
|
123
|
-
subResults
|
|
124
|
+
subResults,
|
|
124
125
|
};
|
|
125
126
|
});
|
|
126
127
|
}
|
|
@@ -144,7 +145,7 @@ class CredentialValidation {
|
|
|
144
145
|
console.error(error);
|
|
145
146
|
return {
|
|
146
147
|
result: false,
|
|
147
|
-
error: error
|
|
148
|
+
error: error,
|
|
148
149
|
};
|
|
149
150
|
}
|
|
150
151
|
const ajv = new _2020_1.default({ loadSchema: this.fetchSchema });
|
|
@@ -155,7 +156,7 @@ class CredentialValidation {
|
|
|
155
156
|
console.error(`Schema validation failed for `, wrappedVC.credential);
|
|
156
157
|
}
|
|
157
158
|
return {
|
|
158
|
-
result: valid
|
|
159
|
+
result: valid,
|
|
159
160
|
};
|
|
160
161
|
});
|
|
161
162
|
}
|
|
@@ -171,11 +172,11 @@ class CredentialValidation {
|
|
|
171
172
|
name: 'mdoc',
|
|
172
173
|
critical: true,
|
|
173
174
|
error: true,
|
|
174
|
-
message: (_a = error.message) !== null && _a !== void 0 ? _a : 'Mdoc Issuer Signed VC could not be verified'
|
|
175
|
+
message: (_a = error.message) !== null && _a !== void 0 ? _a : 'Mdoc Issuer Signed VC could not be verified',
|
|
175
176
|
};
|
|
176
177
|
});
|
|
177
|
-
return Object.assign({ source: ssi_types_1.CredentialMapper.toWrappedVerifiableCredential(credential), result: !verification.error, subResults: [] }, (verification.error && {
|
|
178
|
-
error: (_a = verification.message) !== null && _a !== void 0 ? _a : `Could not verify mdoc from issuer
|
|
178
|
+
return Object.assign({ source: ssi_types_1.CredentialMapper.toWrappedVerifiableCredential(credential, { hasher: ssi_sdk_core_1.defaultHasher }), result: !verification.error, subResults: [] }, (verification.error && {
|
|
179
|
+
error: (_a = verification.message) !== null && _a !== void 0 ? _a : `Could not verify mdoc from issuer`,
|
|
179
180
|
}));
|
|
180
181
|
});
|
|
181
182
|
}
|
|
@@ -188,9 +189,9 @@ class CredentialValidation {
|
|
|
188
189
|
if (typeof result === 'boolean') {
|
|
189
190
|
return Object.assign(Object.assign({
|
|
190
191
|
// FIXME the source is never used, need to start using this as the source of truth
|
|
191
|
-
source: ssi_types_1.CredentialMapper.toWrappedVerifiableCredential(args.credential), result }, (!result && {
|
|
192
|
+
source: ssi_types_1.CredentialMapper.toWrappedVerifiableCredential(args.credential, { hasher: ssi_sdk_core_1.defaultHasher }), result }, (!result && {
|
|
192
193
|
error: 'Invalid JWT VC',
|
|
193
|
-
errorDetails: `JWT VC was not valid with policies: ${JSON.stringify(policies)}
|
|
194
|
+
errorDetails: `JWT VC was not valid with policies: ${JSON.stringify(policies)}`,
|
|
194
195
|
})), { subResults: [] });
|
|
195
196
|
}
|
|
196
197
|
else {
|
|
@@ -211,18 +212,18 @@ class CredentialValidation {
|
|
|
211
212
|
console.error(error);
|
|
212
213
|
}
|
|
213
214
|
return {
|
|
214
|
-
source: ssi_types_1.CredentialMapper.toWrappedVerifiableCredential(credential),
|
|
215
|
+
source: ssi_types_1.CredentialMapper.toWrappedVerifiableCredential(credential, { hasher: ssi_sdk_core_1.defaultHasher }),
|
|
215
216
|
result: result.verified,
|
|
216
217
|
subResults,
|
|
217
218
|
error,
|
|
218
|
-
errorDetails
|
|
219
|
+
errorDetails,
|
|
219
220
|
};
|
|
220
221
|
}
|
|
221
222
|
});
|
|
222
223
|
}
|
|
223
224
|
cvVerifySDJWTCredential(args, context) {
|
|
224
225
|
return __awaiter(this, void 0, void 0, function* () {
|
|
225
|
-
const { credential, hasher } = args;
|
|
226
|
+
const { credential, hasher = ssi_sdk_core_1.defaultHasher } = args;
|
|
226
227
|
const verification = yield context.agent
|
|
227
228
|
.verifySdJwtVc({ credential })
|
|
228
229
|
.catch((error) => {
|
|
@@ -230,11 +231,11 @@ class CredentialValidation {
|
|
|
230
231
|
console.error(error);
|
|
231
232
|
return {
|
|
232
233
|
error: 'Invalid SD-JWT VC',
|
|
233
|
-
errorDetails: (_a = error.message) !== null && _a !== void 0 ? _a : 'SD-JWT VC could not be verified'
|
|
234
|
+
errorDetails: (_a = error.message) !== null && _a !== void 0 ? _a : 'SD-JWT VC could not be verified',
|
|
234
235
|
};
|
|
235
236
|
});
|
|
236
237
|
const result = 'header' in verification && 'payload' in verification;
|
|
237
|
-
return Object.assign({ source: ssi_types_1.CredentialMapper.toWrappedVerifiableCredential(credential, { hasher }), result, subResults: [] }, (!result && Object.assign({}, verification)));
|
|
238
|
+
return Object.assign({ source: ssi_types_1.CredentialMapper.toWrappedVerifiableCredential(credential, { hasher: hasher !== null && hasher !== void 0 ? hasher : ssi_sdk_core_1.defaultHasher }), result, subResults: [] }, (!result && Object.assign({}, verification)));
|
|
238
239
|
});
|
|
239
240
|
}
|
|
240
241
|
}
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"CredentialValidation.js","sourceRoot":"","sources":["../../src/agent/CredentialValidation.ts"],"names":[],"mappings":";;;;;;;;;;;;;;;AAAA,2DAA6C;AAE7C,mDAO4B;
|
|
1
|
+
{"version":3,"file":"CredentialValidation.js","sourceRoot":"","sources":["../../src/agent/CredentialValidation.ts"],"names":[],"mappings":";;;;;;;;;;;;;;;AAAA,2DAA6C;AAE7C,mDAO4B;AAE5B,8DAAoC;AACpC,0DAAmC;AACnC,8DAA+B;AAC/B,oCAYiB;AAEjB,IAAO,UAAU,GAAG,mBAAG,CAAC,QAAQ,CAAC,GAAG,CAAC,UAAU,CAAA;AAC/C,IAAO,gBAAgB,GAAG,mBAAG,CAAC,QAAQ,CAAC,IAAI,CAAC,IAAI,CAAC,MAAM,CAAC,gBAAgB,CAAA;AACxE,yDAAsD;AAEtD,wDAAwD;AAC3C,QAAA,2BAA2B,GAAkB;IACxD,oBAAoB;IACpB,gBAAgB;IAChB,cAAc;IACd,yBAAyB;IACzB,uBAAuB;CACxB,CAAA;AAED;;GAEG;AACH,MAAa,oBAAoB;IAAjC;QACW,WAAM,GAAG,cAAM,CAAC,qBAAqB,CAAA;QACrC,YAAO,GAA0B;YACxC,kBAAkB,EAAE,IAAI,CAAC,kBAAkB,CAAC,IAAI,CAAC,IAAI,CAAC;YACtD,cAAc,EAAE,IAAI,CAAC,cAAc,CAAC,IAAI,CAAC,IAAI,CAAC;YAC9C,YAAY,EAAE,IAAI,CAAC,YAAY,CAAC,IAAI,CAAC,IAAI,CAAC;YAC1C,uBAAuB,EAAE,IAAI,CAAC,uBAAuB,CAAC,IAAI,CAAC,IAAI,CAAC;YAChE,qBAAqB,EAAE,IAAI,CAAC,qBAAqB,CAAC,IAAI,CAAC,IAAI,CAAC;SAC7D,CAAA;IAsNH,CAAC;IApNS,aAAa,CAAC,SAAsC;QAC1D,IAAI,YAAY,IAAI,SAAS,EAAE,CAAC;YAC9B,MAAM,EAAE,UAAU,EAAE,GAAG,SAAS,CAAA;YAEhC,IAAI,kBAAkB,IAAI,UAAU,EAAE,CAAC;gBACrC,MAAM,EAAE,gBAAgB,EAAE,GAAG,UAAU,CAAA;gBAEvC,IAAI,KAAK,CAAC,OAAO,CAAC,gBAAgB,CAAC,EAAE,CAAC;oBACpC,OAAO,gBAAgB,CAAA;gBACzB,CAAC;qBAAM,IAAI,gBAAgB,EAAE,CAAC;oBAC5B,OAAO,CAAC,gBAAgB,CAAC,CAAA;gBAC3B,CAAC;YACH,CAAC;QACH,CAAC;QAED,OAAO,SAAS,CAAA;IAClB,CAAC;IAEa,kBAAkB,CAAC,IAA0B,EAAE,OAAwB;;;YACnF,MAAM,EAAE,UAAU,EAAE,MAAM,GAAG,4BAAa,EAAE,QAAQ,EAAE,GAAG,IAAI,CAAA;YAC7D,mDAAmD;YACnD,MAAM,YAAY,GAAG,MAAM,IAAI,CAAC,cAAc,CAAC;gBAC7C,UAAU;gBACV,gBAAgB,EAAE,MAAA,QAAQ,aAAR,QAAQ,uBAAR,QAAQ,CAAE,gBAAgB,mCAAI,wBAAgB,CAAC,YAAY;gBAC7E,MAAM;aACP,CAAC,CAAA;YACF,IAAI,CAAC,YAAY,CAAC,MAAM,EAAE,CAAC;gBACzB,OAAO,YAAY,CAAA;YACrB,CAAC;YACD,IAAI,4BAAgB,CAAC,sBAAsB,CAAC,UAAU,CAAC,EAAE,CAAC;gBACxD,OAAO,MAAM,IAAI,CAAC,YAAY,CAAC,EAAE,UAAU,EAAE,EAAE,OAAO,CAAC,CAAA;YACzD,CAAC;iBAAM,IAAI,4BAAgB,CAAC,cAAc,CAAC,UAAU,CAAC,EAAE,CAAC;gBACvD,OAAO,MAAM,IAAI,CAAC,uBAAuB,CAAC,EAAE,UAAU,EAAE,MAAM,EAAE,EAAE,OAAO,CAAC,CAAA;YAC5E,CAAC;iBAAM,CAAC;gBACN,OAAO,MAAM,IAAI,CAAC,qBAAqB,iCAEhC,IAAI,KACP,UAAU,EAAE,UAA2C,KAEzD,OAAO,CACR,CAAA;YACH,CAAC;QACH,CAAC;KAAA;IAEa,cAAc,CAAC,IAAwB;;YACnD,MAAM,EAAE,UAAU,EAAE,MAAM,GAAG,4BAAa,EAAE,gBAAgB,EAAE,GAAG,IAAI,CAAA;YACrE,MAAM,iBAAiB,GAAgC,4BAAgB,CAAC,6BAA6B,CAAC,UAAU,EAAE,EAAE,MAAM,EAAE,CAAC,CAAA;YAC7H,IAAI,gBAAgB,KAAK,wBAAgB,CAAC,KAAK,EAAE,CAAC;gBAChD,OAAO;oBACL,MAAM,EAAE,IAAI;oBACZ,MAAM,EAAE,iBAAiB;oBACzB,UAAU,EAAE,EAAE;iBACf,CAAA;YACH,CAAC;YACD,OAAO,IAAI,CAAC,cAAc,CAAC,iBAAiB,EAAE,gBAAgB,CAAC,CAAA;QACjE,CAAC;KAAA;IAEa,cAAc,CAAC,SAAsC,EAAE,gBAAmC;;YACtG,MAAM,OAAO,GAAwC,IAAI,CAAC,aAAa,CAAC,SAAS,CAAC,CAAA;YAClF,IAAI,CAAC,OAAO,EAAE,CAAC;gBACb,IAAI,gBAAgB,KAAK,wBAAgB,CAAC,MAAM,EAAE,CAAC;oBACjD,OAAO,CAAC,KAAK,CACX,wGAAwG,IAAI,CAAC,SAAS,CAAC,SAAS,CAAC,UAAU,EAAE,IAAI,EAAE,CAAC,CAAC,EAAE,CACxJ,CAAA;oBACD,OAAO;wBACL,MAAM,EAAE,KAAK;wBACb,MAAM,EAAE,SAAS;wBACjB,UAAU,EAAE,EAAE;qBACf,CAAA;gBACH,CAAC;qBAAM,CAAC;oBACN,OAAO;wBACL,MAAM,EAAE,IAAI;wBACZ,MAAM,EAAE,SAAS;wBACjB,UAAU,EAAE,EAAE;qBACf,CAAA;gBACH,CAAC;YACH,CAAC;YAED,MAAM,UAAU,GAA4B,MAAM,OAAO,CAAC,GAAG,CAAC,OAAO,CAAC,GAAG,CAAC,CAAC,MAAM,EAAE,EAAE,CAAC,IAAI,CAAC,6BAA6B,CAAC,SAAS,EAAE,MAAM,CAAC,CAAC,CAAC,CAAA;YAE7I,OAAO;gBACL,MAAM,EAAE,UAAU,CAAC,KAAK,CAAC,CAAC,SAAS,EAAE,EAAE,CAAC,SAAS,CAAC,MAAM,CAAC;gBACzD,MAAM,EAAE,SAAS;gBACjB,UAAU;aACX,CAAA;QACH,CAAC;KAAA;IAEa,WAAW,CAAC,GAAW;;YACnC,MAAM,QAAQ,GAAG,MAAM,IAAA,qBAAK,EAAC,GAAG,CAAC,CAAA;YACjC,IAAI,CAAC,QAAQ,CAAC,EAAE,EAAE,CAAC;gBACjB,MAAM,IAAI,KAAK,CAAC,+BAA+B,GAAG,EAAE,CAAC,CAAA;YACvD,CAAC;YACD,OAAO,QAAQ,CAAC,IAAI,EAAE,CAAA;QACxB,CAAC;KAAA;IAEa,6BAA6B,CAAC,SAAsC,EAAE,MAA6B;;YAC/G,MAAM,SAAS,GAAW,OAAO,MAAM,KAAK,QAAQ,CAAC,CAAC,CAAC,MAAM,CAAC,CAAC,CAAC,MAAM,CAAC,EAAE,CAAA;YACzE,IAAI,WAAW,CAAA;YACf,IAAI,CAAC;gBACH,WAAW,GAAG,MAAM,IAAI,CAAC,WAAW,CAAC,SAAS,CAAC,CAAA;YACjD,CAAC;YAAC,OAAO,KAAK,EAAE,CAAC;gBACf,OAAO,CAAC,KAAK,CAAC,KAAK,CAAC,CAAA;gBACpB,OAAO;oBACL,MAAM,EAAE,KAAK;oBACb,KAAK,EAAE,KAAK;iBACb,CAAA;YACH,CAAC;YAED,MAAM,GAAG,GAAG,IAAI,eAAO,CAAC,EAAE,UAAU,EAAE,IAAI,CAAC,WAAW,EAAE,CAAC,CAAA;YACzD,IAAA,qBAAU,EAAC,GAAG,CAAC,CAAA;YAEf,MAAM,QAAQ,GAAG,MAAM,GAAG,CAAC,YAAY,CAAC,WAAW,CAAC,CAAA;YACpD,MAAM,KAAK,GAAG,QAAQ,CAAC,SAAS,CAAC,UAAU,CAAC,CAAA;YAC5C,IAAI,CAAC,KAAK,EAAE,CAAC;gBACX,OAAO,CAAC,KAAK,CAAC,+BAA+B,EAAE,SAAS,CAAC,UAAU,CAAC,CAAA;YACtE,CAAC;YACD,OAAO;gBACL,MAAM,EAAE,KAAK;aACd,CAAA;QACH,CAAC;KAAA;IAEa,YAAY,CAAC,IAA8B,EAAE,OAAwB;;;YACjF,MAAM,EAAE,UAAU,EAAE,GAAG,IAAI,CAAA;YAE3B,MAAM,YAAY,GAAG,gBAAgB,CAAC,MAAM,CAAC,UAAU,CAAC,UAAU,CAAC,UAAU,EAAE,mBAAG,CAAC,QAAQ,CAAC,GAAG,CAAC,QAAQ,CAAC,SAAS,CAAC,CAAC,CAAA;YAEpH,MAAM,YAAY,GAAG,MAAM,OAAO,CAAC,KAAK,CAAC,sBAAsB,CAAC,EAAE,KAAK,EAAE,YAAY,CAAC,MAAM,EAAE,CAAC,UAAU,EAAE,CAAC,CAAC,KAAK,CAAC,CAAC,KAAY,EAAE,EAAE;;gBAClI,OAAO,CAAC,KAAK,CAAC,KAAK,CAAC,CAAA;gBACpB,OAAO;oBACL,IAAI,EAAE,MAAM;oBACZ,QAAQ,EAAE,IAAI;oBACd,KAAK,EAAE,IAAI;oBACX,OAAO,EAAE,MAAA,KAAK,CAAC,OAAO,mCAAI,6CAA6C;iBACzB,CAAA;YAClD,CAAC,CAAC,CAAA;YAEF,uBACE,MAAM,EAAE,4BAAgB,CAAC,6BAA6B,CAAC,UAA0C,EAAE,EAAE,MAAM,EAAE,4BAAa,EAAE,CAAC,EAC7H,MAAM,EAAE,CAAC,YAAY,CAAC,KAAK,EAC3B,UAAU,EAAE,EAAE,IACX,CAAC,YAAY,CAAC,KAAK,IAAI;gBACxB,KAAK,EAAE,MAAA,YAAY,CAAC,OAAO,mCAAI,mCAAmC;aACnE,CAAC,EACH;QACH,CAAC;KAAA;IAEa,qBAAqB,CAAC,IAA2B,EAAE,OAAwB;;;YACvF,2GAA2G;YAC3G,MAAM,EAAE,UAAU,EAAE,QAAQ,EAAE,GAAG,IAAI,CAAA;YAErC,MAAM,MAAM,GAA4B,CAAC,MAAM,OAAO,CAAC,KAAK,CAAC,gBAAgB,CAAC,IAAI,CAAC,CAA4B,CAAA;YAE/G,IAAI,OAAO,MAAM,KAAK,SAAS,EAAE,CAAC;gBAChC;oBACE,kFAAkF;oBAClF,MAAM,EAAE,4BAAgB,CAAC,6BAA6B,CAAC,IAAI,CAAC,UAA0C,EAAE,EAAE,MAAM,EAAE,4BAAa,EAAE,CAAC,EAClI,MAAM,IACH,CAAC,CAAC,MAAM,IAAI;oBACb,KAAK,EAAE,gBAAgB;oBACvB,YAAY,EAAE,uCAAuC,IAAI,CAAC,SAAS,CAAC,QAAQ,CAAC,EAAE;iBAChF,CAAC,KACF,UAAU,EAAE,EAAE,IACf;YACH,CAAC;iBAAM,CAAC;gBACN,kEAAkE;gBAClE,IAAI,KAAyB,CAAA;gBAC7B,IAAI,YAAgC,CAAA;gBACpC,MAAM,UAAU,GAAiC,EAAE,CAAA;gBACnD,IAAI,MAAM,CAAC,KAAK,EAAE,CAAC;oBACjB,KAAK,GAAG,MAAA,MAAA,MAAM,CAAC,KAAK,0CAAE,OAAO,mCAAI,EAAE,CAAA;oBACnC,YAAY,GAAG,MAAA,MAAA,MAAA,MAAM,CAAC,KAAK,0CAAE,OAAO,0CAAE,IAAI,mCAAI,EAAE,CAAA;oBAChD,YAAY,GAAG,CAAC,YAAY,KAAK,EAAE,CAAC,CAAC,CAAC,GAAG,YAAY,IAAI,CAAC,CAAC,CAAC,EAAE,CAAC,GAAG,CAAC,MAAA,MAAA,MAAA,MAAM,CAAC,KAAK,0CAAE,OAAO,0CAAE,GAAG,mCAAI,EAAE,CAAC,CAAA;oBACpG,IAAI,MAAA,MAAM,CAAC,KAAK,0CAAE,MAAM,EAAE,CAAC;wBACzB,KAAK,GAAG,CAAC,KAAK,KAAK,EAAE,CAAC,CAAC,CAAC,GAAG,KAAK,IAAI,CAAC,CAAC,CAAC,EAAE,CAAC,IAAG,MAAA,MAAA,MAAM,CAAC,KAAK,0CAAE,MAAM,0CAAE,GAAG,CAAC,CAAC,KAAK,EAAE,EAAE,WAAC,OAAA,MAAA,KAAK,CAAC,OAAO,mCAAI,KAAK,CAAC,IAAI,CAAA,EAAA,EAAE,IAAI,CAAC,IAAI,CAAC,CAAA,CAAA;wBACzH,YAAY;4BACV,CAAC,YAAY,KAAK,EAAE,CAAC,CAAC,CAAC,GAAG,YAAY,IAAI,CAAC,CAAC,CAAC,EAAE,CAAC;iCAChD,MAAA,MAAA,MAAM,CAAC,KAAK,0CAAE,MAAM,0CAAE,GAAG,CAAC,CAAC,KAAK,EAAE,EAAE,mBAAC,OAAA,CAAC,CAAA,MAAA,KAAK,aAAL,KAAK,uBAAL,KAAK,CAAE,OAAO,0CAAE,IAAI,EAAC,CAAC,CAAC,GAAG,KAAK,CAAC,OAAO,CAAC,IAAI,IAAI,CAAC,CAAC,CAAC,EAAE,CAAC,GAAG,CAAC,MAAA,MAAA,KAAK,aAAL,KAAK,uBAAL,KAAK,CAAE,OAAO,0CAAE,GAAG,mCAAI,EAAE,CAAC,CAAA,EAAA,EAAE,IAAI,CAAC,IAAI,CAAC,CAAA,CAAA;oBAC1I,CAAC;oBACD,OAAO,CAAC,KAAK,CAAC,KAAK,CAAC,CAAA;gBACtB,CAAC;gBAED,OAAO;oBACL,MAAM,EAAE,4BAAgB,CAAC,6BAA6B,CAAC,UAA0C,EAAE,EAAE,MAAM,EAAE,4BAAa,EAAE,CAAC;oBAC7H,MAAM,EAAE,MAAM,CAAC,QAAQ;oBACvB,UAAU;oBACV,KAAK;oBACL,YAAY;iBACb,CAAA;YACH,CAAC;QACH,CAAC;KAAA;IAEa,uBAAuB,CAAC,IAA+B,EAAE,OAAwB;;YAC7F,MAAM,EAAE,UAAU,EAAE,MAAM,GAAG,4BAAa,EAAE,GAAG,IAAI,CAAA;YAEnD,MAAM,YAAY,GAAuD,MAAM,OAAO,CAAC,KAAK;iBACzF,aAAa,CAAC,EAAE,UAAU,EAAE,CAAC;iBAC7B,KAAK,CAAC,CAAC,KAAY,EAA+B,EAAE;;gBACnD,OAAO,CAAC,KAAK,CAAC,KAAK,CAAC,CAAA;gBACpB,OAAO;oBACL,KAAK,EAAE,mBAAmB;oBAC1B,YAAY,EAAE,MAAA,KAAK,CAAC,OAAO,mCAAI,iCAAiC;iBACjE,CAAA;YACH,CAAC,CAAC,CAAA;YAEJ,MAAM,MAAM,GAAG,QAAQ,IAAI,YAAY,IAAI,SAAS,IAAI,YAAY,CAAA;YACpE,uBACE,MAAM,EAAE,4BAAgB,CAAC,6BAA6B,CAAC,UAA0C,EAAE,EAAE,MAAM,EAAE,MAAM,aAAN,MAAM,cAAN,MAAM,GAAI,4BAAa,EAAE,CAAC,EACvI,MAAM,EACN,UAAU,EAAE,EAAE,IACX,CAAC,CAAC,MAAM,sBAAS,YAAY,CAAE,CAAC,EACpC;QACH,CAAC;KAAA;CACF;AA9ND,oDA8NC"}
|
|
@@ -1,4 +1,4 @@
|
|
|
1
|
-
import {
|
|
1
|
+
import { HasherSync } from '@sphereon/ssi-types';
|
|
2
2
|
import { IAgentContext } from '@veramo/core';
|
|
3
3
|
import { IAgentPlugin } from '@veramo/core';
|
|
4
4
|
import { ICredentialVerifier } from '@veramo/core';
|
|
@@ -56,7 +56,7 @@ export declare enum SchemaValidation {
|
|
|
56
56
|
export declare type ValidateSchemaArgs = {
|
|
57
57
|
credential: OriginalVerifiableCredential;
|
|
58
58
|
validationPolicy?: SchemaValidation;
|
|
59
|
-
hasher?:
|
|
59
|
+
hasher?: HasherSync;
|
|
60
60
|
};
|
|
61
61
|
|
|
62
62
|
export declare type VerificationPolicies = {
|
|
@@ -82,7 +82,7 @@ export declare type VerificationSubResult = {
|
|
|
82
82
|
|
|
83
83
|
export declare type VerifyCredentialArgs = {
|
|
84
84
|
credential: OriginalVerifiableCredential;
|
|
85
|
-
hasher?:
|
|
85
|
+
hasher?: HasherSync;
|
|
86
86
|
fetchRemoteContexts: boolean;
|
|
87
87
|
policies?: VerificationPolicies;
|
|
88
88
|
};
|
|
@@ -93,7 +93,7 @@ export declare type VerifyMdocCredentialArgs = {
|
|
|
93
93
|
|
|
94
94
|
export declare type VerifySDJWTCredentialArgs = {
|
|
95
95
|
credential: string;
|
|
96
|
-
hasher?:
|
|
96
|
+
hasher?: HasherSync;
|
|
97
97
|
};
|
|
98
98
|
|
|
99
99
|
export declare type VerifyW3CCredentialArgs = {};
|
package/dist/tsdoc-metadata.json
CHANGED
|
@@ -1,5 +1,5 @@
|
|
|
1
1
|
import { IAgentContext, ICredentialVerifier, IPluginMethodMap } from '@veramo/core';
|
|
2
|
-
import {
|
|
2
|
+
import { HasherSync, WrappedVerifiableCredential, WrappedVerifiablePresentation } from '@sphereon/ssi-types';
|
|
3
3
|
import { ImDLMdoc } from '@sphereon/ssi-sdk.mdl-mdoc';
|
|
4
4
|
import { OriginalVerifiableCredential } from '@sphereon/ssi-types/dist';
|
|
5
5
|
export interface ICredentialValidation extends IPluginMethodMap {
|
|
@@ -16,7 +16,7 @@ export declare enum SchemaValidation {
|
|
|
16
16
|
}
|
|
17
17
|
export type VerifyCredentialArgs = {
|
|
18
18
|
credential: OriginalVerifiableCredential;
|
|
19
|
-
hasher?:
|
|
19
|
+
hasher?: HasherSync;
|
|
20
20
|
fetchRemoteContexts: boolean;
|
|
21
21
|
policies?: VerificationPolicies;
|
|
22
22
|
};
|
|
@@ -29,14 +29,14 @@ export type VerificationPolicies = {
|
|
|
29
29
|
export type ValidateSchemaArgs = {
|
|
30
30
|
credential: OriginalVerifiableCredential;
|
|
31
31
|
validationPolicy?: SchemaValidation;
|
|
32
|
-
hasher?:
|
|
32
|
+
hasher?: HasherSync;
|
|
33
33
|
};
|
|
34
34
|
export type VerifyMdocCredentialArgs = {
|
|
35
35
|
credential: string;
|
|
36
36
|
};
|
|
37
37
|
export type VerifySDJWTCredentialArgs = {
|
|
38
38
|
credential: string;
|
|
39
|
-
hasher?:
|
|
39
|
+
hasher?: HasherSync;
|
|
40
40
|
};
|
|
41
41
|
export type VerifyW3CCredentialArgs = {};
|
|
42
42
|
export type VerificationResult = {
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"ICredentialValidation.d.ts","sourceRoot":"","sources":["../../src/types/ICredentialValidation.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,aAAa,EAAE,mBAAmB,EAAE,gBAAgB,EAAE,MAAM,cAAc,CAAA;AACnF,OAAO,EAAE,
|
|
1
|
+
{"version":3,"file":"ICredentialValidation.d.ts","sourceRoot":"","sources":["../../src/types/ICredentialValidation.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,aAAa,EAAE,mBAAmB,EAAE,gBAAgB,EAAE,MAAM,cAAc,CAAA;AACnF,OAAO,EAAE,UAAU,EAAE,2BAA2B,EAAE,6BAA6B,EAAE,MAAM,qBAAqB,CAAA;AAC5G,OAAO,EAAE,QAAQ,EAAE,MAAM,4BAA4B,CAAA;AACrD,OAAO,EAAE,4BAA4B,EAAE,MAAM,0BAA0B,CAAA;AAEvE,MAAM,WAAW,qBAAsB,SAAQ,gBAAgB;IAC7D,kBAAkB,CAAC,IAAI,EAAE,oBAAoB,EAAE,OAAO,EAAE,eAAe,GAAG,OAAO,CAAC,kBAAkB,CAAC,CAAA;IACrG,cAAc,CAAC,IAAI,EAAE,kBAAkB,GAAG,OAAO,CAAC,kBAAkB,CAAC,CAAA;IACrE,YAAY,CAAC,IAAI,EAAE,wBAAwB,EAAE,OAAO,EAAE,eAAe,GAAG,OAAO,CAAC,kBAAkB,CAAC,CAAA;IACnG,uBAAuB,CAAC,IAAI,EAAE,yBAAyB,EAAE,OAAO,EAAE,eAAe,GAAG,OAAO,CAAC,kBAAkB,CAAC,CAAA;IAC/G,qBAAqB,CAAC,IAAI,EAAE,uBAAuB,EAAE,OAAO,EAAE,eAAe,GAAG,OAAO,CAAC,kBAAkB,CAAC,CAAA;CAC5G;AAED,oBAAY,gBAAgB;IAC1B,MAAM,WAAW;IACjB,KAAK,UAAU;IACf,YAAY,iBAAiB;CAC9B;AAED,MAAM,MAAM,oBAAoB,GAAG;IACjC,UAAU,EAAE,4BAA4B,CAAA;IACxC,MAAM,CAAC,EAAE,UAAU,CAAA;IACnB,mBAAmB,EAAE,OAAO,CAAA;IAC5B,QAAQ,CAAC,EAAE,oBAAoB,CAAA;CAChC,CAAA;AAED,MAAM,MAAM,oBAAoB,GAAG;IACjC,gBAAgB,CAAC,EAAE,gBAAgB,CAAA;IACnC,gBAAgB,CAAC,EAAE,OAAO,CAAA;IAC1B,cAAc,EAAE,OAAO,CAAA;IACvB,YAAY,EAAE,OAAO,CAAA;CACtB,CAAA;AAED,MAAM,MAAM,kBAAkB,GAAG;IAC/B,UAAU,EAAE,4BAA4B,CAAA;IACxC,gBAAgB,CAAC,EAAE,gBAAgB,CAAA;IACnC,MAAM,CAAC,EAAE,UAAU,CAAA;CACpB,CAAA;AAED,MAAM,MAAM,wBAAwB,GAAG;IAAE,UAAU,EAAE,MAAM,CAAA;CAAE,CAAA;AAE7D,MAAM,MAAM,yBAAyB,GAAG;IACtC,UAAU,EAAE,MAAM,CAAA;IAClB,MAAM,CAAC,EAAE,UAAU,CAAA;CACpB,CAAA;AAED,MAAM,MAAM,uBAAuB,GAAG,EAAE,CAAA;AAExC,MAAM,MAAM,kBAAkB,GAAG;IAC/B,MAAM,EAAE,OAAO,CAAA;IACf,MAAM,EAAE,2BAA2B,GAAG,6BAA6B,CAAA;IACnE,UAAU,EAAE,KAAK,CAAC,qBAAqB,CAAC,CAAA;IACxC,KAAK,CAAC,EAAE,MAAM,GAAG,SAAS,CAAA;IAC1B,YAAY,CAAC,EAAE,MAAM,CAAA;CACtB,CAAA;AAED,MAAM,MAAM,qBAAqB,GAAG;IAClC,MAAM,EAAE,OAAO,CAAA;IACf,KAAK,CAAC,EAAE,MAAM,CAAA;IACd,YAAY,CAAC,EAAE,MAAM,CAAA;CACtB,CAAA;AAED,MAAM,MAAM,2BAA2B,GAAG;IACxC,KAAK,CAAC,EAAE,MAAM,CAAA;IACd,YAAY,CAAC,EAAE,MAAM,CAAA;CACtB,CAAA;AAED,MAAM,MAAM,eAAe,GAAG,aAAa,CAAC,QAAQ,GAAG,mBAAmB,CAAC,CAAA"}
|
package/package.json
CHANGED
|
@@ -1,6 +1,6 @@
|
|
|
1
1
|
{
|
|
2
2
|
"name": "@sphereon/ssi-sdk.credential-validation",
|
|
3
|
-
"version": "0.
|
|
3
|
+
"version": "0.33.0",
|
|
4
4
|
"source": "src/index.ts",
|
|
5
5
|
"main": "dist/index.js",
|
|
6
6
|
"types": "dist/index.d.ts",
|
|
@@ -16,18 +16,18 @@
|
|
|
16
16
|
},
|
|
17
17
|
"dependencies": {
|
|
18
18
|
"@sphereon/kmp-mdoc-core": "0.2.0-SNAPSHOT.26",
|
|
19
|
-
"@sphereon/ssi-sdk.agent-config": "0.
|
|
20
|
-
"@sphereon/ssi-sdk.core": "0.
|
|
21
|
-
"@sphereon/ssi-sdk.mdl-mdoc": "0.
|
|
22
|
-
"@sphereon/ssi-sdk.sd-jwt": "0.
|
|
23
|
-
"@sphereon/ssi-types": "0.
|
|
19
|
+
"@sphereon/ssi-sdk.agent-config": "0.33.0",
|
|
20
|
+
"@sphereon/ssi-sdk.core": "0.33.0",
|
|
21
|
+
"@sphereon/ssi-sdk.mdl-mdoc": "0.33.0",
|
|
22
|
+
"@sphereon/ssi-sdk.sd-jwt": "0.33.0",
|
|
23
|
+
"@sphereon/ssi-types": "0.33.0",
|
|
24
24
|
"@veramo/core": "4.2.0",
|
|
25
25
|
"@veramo/utils": "4.2.0",
|
|
26
26
|
"ajv": "^8.17.1",
|
|
27
27
|
"ajv-formats": "^3.0.1",
|
|
28
28
|
"cross-fetch": "^3.1.8",
|
|
29
29
|
"debug": "^4.3.5",
|
|
30
|
-
"typeorm": "^0.3.
|
|
30
|
+
"typeorm": "^0.3.21"
|
|
31
31
|
},
|
|
32
32
|
"devDependencies": {
|
|
33
33
|
"@veramo/remote-client": "4.2.0",
|
|
@@ -54,5 +54,5 @@
|
|
|
54
54
|
"Credential",
|
|
55
55
|
"VerifiableCredential"
|
|
56
56
|
],
|
|
57
|
-
"gitHead": "
|
|
57
|
+
"gitHead": "c575bdd6642bda761881f0152e0a70ddc82d7f61"
|
|
58
58
|
}
|
package/plugin.schema.json
CHANGED
|
@@ -9,7 +9,7 @@
|
|
|
9
9
|
"$ref": "#/components/schemas/OriginalVerifiableCredential"
|
|
10
10
|
},
|
|
11
11
|
"hasher": {
|
|
12
|
-
"$ref": "#/components/schemas/
|
|
12
|
+
"$ref": "#/components/schemas/HasherSync"
|
|
13
13
|
},
|
|
14
14
|
"fetchRemoteContexts": {
|
|
15
15
|
"type": "boolean"
|
|
@@ -536,7 +536,7 @@
|
|
|
536
536
|
"additionalProperties": {
|
|
537
537
|
"anyOf": [
|
|
538
538
|
{
|
|
539
|
-
"$ref": "#/components/schemas/alias-d-jwt-vc.d.ts-
|
|
539
|
+
"$ref": "#/components/schemas/alias-d-jwt-vc.d.ts-197-306-d-jwt-vc.d.ts-0-8006"
|
|
540
540
|
},
|
|
541
541
|
{
|
|
542
542
|
"not": {}
|
|
@@ -547,7 +547,7 @@
|
|
|
547
547
|
{
|
|
548
548
|
"type": "array",
|
|
549
549
|
"items": {
|
|
550
|
-
"$ref": "#/components/schemas/alias-d-jwt-vc.d.ts-
|
|
550
|
+
"$ref": "#/components/schemas/alias-d-jwt-vc.d.ts-197-306-d-jwt-vc.d.ts-0-8006"
|
|
551
551
|
}
|
|
552
552
|
}
|
|
553
553
|
]
|
|
@@ -578,7 +578,7 @@
|
|
|
578
578
|
"additionalProperties": {
|
|
579
579
|
"anyOf": [
|
|
580
580
|
{
|
|
581
|
-
"$ref": "#/components/schemas/alias-d-jwt-vc.d.ts-
|
|
581
|
+
"$ref": "#/components/schemas/alias-d-jwt-vc.d.ts-197-306-d-jwt-vc.d.ts-0-8006"
|
|
582
582
|
},
|
|
583
583
|
{
|
|
584
584
|
"not": {}
|
|
@@ -589,7 +589,7 @@
|
|
|
589
589
|
{
|
|
590
590
|
"type": "array",
|
|
591
591
|
"items": {
|
|
592
|
-
"$ref": "#/components/schemas/alias-d-jwt-vc.d.ts-
|
|
592
|
+
"$ref": "#/components/schemas/alias-d-jwt-vc.d.ts-197-306-d-jwt-vc.d.ts-0-8006"
|
|
593
593
|
}
|
|
594
594
|
}
|
|
595
595
|
]
|
|
@@ -599,7 +599,7 @@
|
|
|
599
599
|
}
|
|
600
600
|
]
|
|
601
601
|
},
|
|
602
|
-
"alias-d-jwt-vc.d.ts-
|
|
602
|
+
"alias-d-jwt-vc.d.ts-197-306-d-jwt-vc.d.ts-0-8006": {
|
|
603
603
|
"anyOf": [
|
|
604
604
|
{
|
|
605
605
|
"type": "string"
|
|
@@ -615,7 +615,7 @@
|
|
|
615
615
|
"additionalProperties": {
|
|
616
616
|
"anyOf": [
|
|
617
617
|
{
|
|
618
|
-
"$ref": "#/components/schemas/alias-d-jwt-vc.d.ts-
|
|
618
|
+
"$ref": "#/components/schemas/alias-d-jwt-vc.d.ts-197-306-d-jwt-vc.d.ts-0-8006"
|
|
619
619
|
},
|
|
620
620
|
{
|
|
621
621
|
"not": {}
|
|
@@ -626,7 +626,7 @@
|
|
|
626
626
|
{
|
|
627
627
|
"type": "array",
|
|
628
628
|
"items": {
|
|
629
|
-
"$ref": "#/components/schemas/alias-d-jwt-vc.d.ts-
|
|
629
|
+
"$ref": "#/components/schemas/alias-d-jwt-vc.d.ts-197-306-d-jwt-vc.d.ts-0-8006"
|
|
630
630
|
}
|
|
631
631
|
}
|
|
632
632
|
]
|
|
@@ -698,7 +698,7 @@
|
|
|
698
698
|
"additionalProperties": {
|
|
699
699
|
"anyOf": [
|
|
700
700
|
{
|
|
701
|
-
"$ref": "#/components/schemas/alias-d-jwt-vc.d.ts-
|
|
701
|
+
"$ref": "#/components/schemas/alias-d-jwt-vc.d.ts-197-306-d-jwt-vc.d.ts-0-8006"
|
|
702
702
|
},
|
|
703
703
|
{
|
|
704
704
|
"not": {}
|
|
@@ -709,7 +709,7 @@
|
|
|
709
709
|
{
|
|
710
710
|
"type": "array",
|
|
711
711
|
"items": {
|
|
712
|
-
"$ref": "#/components/schemas/alias-d-jwt-vc.d.ts-
|
|
712
|
+
"$ref": "#/components/schemas/alias-d-jwt-vc.d.ts-197-306-d-jwt-vc.d.ts-0-8006"
|
|
713
713
|
}
|
|
714
714
|
},
|
|
715
715
|
{
|
|
@@ -770,15 +770,30 @@
|
|
|
770
770
|
"type": "object",
|
|
771
771
|
"properties": {}
|
|
772
772
|
},
|
|
773
|
-
"
|
|
774
|
-
"$comment": "(data: string, alg: string) => Uint8Array",
|
|
773
|
+
"HasherSync": {
|
|
774
|
+
"$comment": "(data: string | ArrayBuffer, alg: string) => Uint8Array",
|
|
775
775
|
"type": "object",
|
|
776
776
|
"properties": {
|
|
777
777
|
"namedArgs": {
|
|
778
778
|
"type": "object",
|
|
779
779
|
"properties": {
|
|
780
780
|
"data": {
|
|
781
|
-
"
|
|
781
|
+
"anyOf": [
|
|
782
|
+
{
|
|
783
|
+
"type": "string"
|
|
784
|
+
},
|
|
785
|
+
{
|
|
786
|
+
"type": "object",
|
|
787
|
+
"properties": {
|
|
788
|
+
"byteLength": {
|
|
789
|
+
"type": "number"
|
|
790
|
+
}
|
|
791
|
+
},
|
|
792
|
+
"required": [
|
|
793
|
+
"byteLength"
|
|
794
|
+
]
|
|
795
|
+
}
|
|
796
|
+
]
|
|
782
797
|
},
|
|
783
798
|
"alg": {
|
|
784
799
|
"type": "string"
|
|
@@ -895,19 +910,11 @@
|
|
|
895
910
|
"description": "In case of JWT credential it will be the decoded version. In other cases it will be the same as original one"
|
|
896
911
|
},
|
|
897
912
|
"type": {
|
|
898
|
-
"
|
|
899
|
-
|
|
900
|
-
|
|
901
|
-
|
|
902
|
-
|
|
903
|
-
{
|
|
904
|
-
"type": "string",
|
|
905
|
-
"const": "jwt-encoded"
|
|
906
|
-
},
|
|
907
|
-
{
|
|
908
|
-
"type": "string",
|
|
909
|
-
"const": "jwt-decoded"
|
|
910
|
-
}
|
|
913
|
+
"type": "string",
|
|
914
|
+
"enum": [
|
|
915
|
+
"json-ld",
|
|
916
|
+
"jwt-encoded",
|
|
917
|
+
"jwt-decoded"
|
|
911
918
|
],
|
|
912
919
|
"description": "Type of this credential. Supported types are json-ld, jwt (decoded/encoded)"
|
|
913
920
|
},
|
|
@@ -953,15 +960,10 @@
|
|
|
953
960
|
"description": "Decoded version of the SD-JWT payload. This is the decoded payload, rather than the whole SD-JWT as the `decoded` property is used in e.g. PEX to check for path filters from fields. The full decoded credential can be found in the `credential` field."
|
|
954
961
|
},
|
|
955
962
|
"type": {
|
|
956
|
-
"
|
|
957
|
-
|
|
958
|
-
|
|
959
|
-
|
|
960
|
-
},
|
|
961
|
-
{
|
|
962
|
-
"type": "string",
|
|
963
|
-
"const": "sd-jwt-vc-encoded"
|
|
964
|
-
}
|
|
963
|
+
"type": "string",
|
|
964
|
+
"enum": [
|
|
965
|
+
"sd-jwt-vc-decoded",
|
|
966
|
+
"sd-jwt-vc-encoded"
|
|
965
967
|
],
|
|
966
968
|
"description": "Type of this credential."
|
|
967
969
|
},
|
|
@@ -1006,15 +1008,10 @@
|
|
|
1006
1008
|
"description": "Record where keys are the namespaces and the values are objects again with the namespace values"
|
|
1007
1009
|
},
|
|
1008
1010
|
"type": {
|
|
1009
|
-
"
|
|
1010
|
-
|
|
1011
|
-
|
|
1012
|
-
|
|
1013
|
-
},
|
|
1014
|
-
{
|
|
1015
|
-
"type": "string",
|
|
1016
|
-
"const": "mso_mdoc-encoded"
|
|
1017
|
-
}
|
|
1011
|
+
"type": "string",
|
|
1012
|
+
"enum": [
|
|
1013
|
+
"mso_mdoc-decoded",
|
|
1014
|
+
"mso_mdoc-encoded"
|
|
1018
1015
|
],
|
|
1019
1016
|
"description": "Type of this credential."
|
|
1020
1017
|
},
|
|
@@ -1089,19 +1086,11 @@
|
|
|
1089
1086
|
"description": "In case of JWT VP it will be the decoded version. In other cases it will be the same as original one"
|
|
1090
1087
|
},
|
|
1091
1088
|
"type": {
|
|
1092
|
-
"
|
|
1093
|
-
|
|
1094
|
-
|
|
1095
|
-
|
|
1096
|
-
|
|
1097
|
-
{
|
|
1098
|
-
"type": "string",
|
|
1099
|
-
"const": "jwt-encoded"
|
|
1100
|
-
},
|
|
1101
|
-
{
|
|
1102
|
-
"type": "string",
|
|
1103
|
-
"const": "jwt-decoded"
|
|
1104
|
-
}
|
|
1089
|
+
"type": "string",
|
|
1090
|
+
"enum": [
|
|
1091
|
+
"json-ld",
|
|
1092
|
+
"jwt-encoded",
|
|
1093
|
+
"jwt-decoded"
|
|
1105
1094
|
],
|
|
1106
1095
|
"description": "Type of this Presentation. Supported types are json-ld and jwt (decoded/encoded) and sd-jwt-vc (decoded/encoded)"
|
|
1107
1096
|
},
|
|
@@ -1369,15 +1358,10 @@
|
|
|
1369
1358
|
"description": "Decoded version of the SD-JWT payload. This is the decoded payload, rather than the whole SD-JWT."
|
|
1370
1359
|
},
|
|
1371
1360
|
"type": {
|
|
1372
|
-
"
|
|
1373
|
-
|
|
1374
|
-
|
|
1375
|
-
|
|
1376
|
-
},
|
|
1377
|
-
{
|
|
1378
|
-
"type": "string",
|
|
1379
|
-
"const": "sd-jwt-vc-encoded"
|
|
1380
|
-
}
|
|
1361
|
+
"type": "string",
|
|
1362
|
+
"enum": [
|
|
1363
|
+
"sd-jwt-vc-decoded",
|
|
1364
|
+
"sd-jwt-vc-encoded"
|
|
1381
1365
|
],
|
|
1382
1366
|
"description": "Type of this Presentation."
|
|
1383
1367
|
},
|
|
@@ -1428,15 +1412,10 @@
|
|
|
1428
1412
|
"description": "Decoded version of the SD-JWT payload. This is the decoded payload, rather than the whole SD-JWT."
|
|
1429
1413
|
},
|
|
1430
1414
|
"type": {
|
|
1431
|
-
"
|
|
1432
|
-
|
|
1433
|
-
|
|
1434
|
-
|
|
1435
|
-
},
|
|
1436
|
-
{
|
|
1437
|
-
"type": "string",
|
|
1438
|
-
"const": "mso_mdoc-decoded"
|
|
1439
|
-
}
|
|
1415
|
+
"type": "string",
|
|
1416
|
+
"enum": [
|
|
1417
|
+
"mso_mdoc-encoded",
|
|
1418
|
+
"mso_mdoc-decoded"
|
|
1440
1419
|
],
|
|
1441
1420
|
"description": "Type of this Presentation."
|
|
1442
1421
|
},
|
|
@@ -1514,7 +1493,7 @@
|
|
|
1514
1493
|
"$ref": "#/components/schemas/SchemaValidation"
|
|
1515
1494
|
},
|
|
1516
1495
|
"hasher": {
|
|
1517
|
-
"$ref": "#/components/schemas/
|
|
1496
|
+
"$ref": "#/components/schemas/HasherSync"
|
|
1518
1497
|
}
|
|
1519
1498
|
},
|
|
1520
1499
|
"required": [
|
|
@@ -1528,7 +1507,7 @@
|
|
|
1528
1507
|
"type": "string"
|
|
1529
1508
|
},
|
|
1530
1509
|
"hasher": {
|
|
1531
|
-
"$ref": "#/components/schemas/
|
|
1510
|
+
"$ref": "#/components/schemas/HasherSync"
|
|
1532
1511
|
}
|
|
1533
1512
|
},
|
|
1534
1513
|
"required": [
|
|
@@ -6,13 +6,9 @@ import {
|
|
|
6
6
|
ICredentialSchemaType,
|
|
7
7
|
IVerifyResult,
|
|
8
8
|
OriginalVerifiableCredential,
|
|
9
|
-
WrappedVerifiableCredential
|
|
9
|
+
WrappedVerifiableCredential,
|
|
10
10
|
} from '@sphereon/ssi-types'
|
|
11
|
-
import {
|
|
12
|
-
IAgentPlugin,
|
|
13
|
-
IVerifyCredentialArgs,
|
|
14
|
-
W3CVerifiableCredential as VeramoW3CVerifiableCredential
|
|
15
|
-
} from '@veramo/core'
|
|
11
|
+
import { IAgentPlugin, IVerifyCredentialArgs, W3CVerifiableCredential as VeramoW3CVerifiableCredential } from '@veramo/core'
|
|
16
12
|
import addFormats from 'ajv-formats'
|
|
17
13
|
import Ajv2020 from 'ajv/dist/2020'
|
|
18
14
|
import fetch from 'cross-fetch'
|
|
@@ -27,11 +23,12 @@ import {
|
|
|
27
23
|
VerificationSubResult,
|
|
28
24
|
VerifyCredentialArgs,
|
|
29
25
|
VerifyMdocCredentialArgs,
|
|
30
|
-
VerifySDJWTCredentialArgs
|
|
26
|
+
VerifySDJWTCredentialArgs,
|
|
31
27
|
} from '../index'
|
|
32
28
|
import IVerifySignatureResult = com.sphereon.crypto.generic.IVerifySignatureResult
|
|
33
29
|
import decodeFrom = com.sphereon.kmp.decodeFrom
|
|
34
30
|
import IssuerSignedCbor = com.sphereon.mdoc.data.device.IssuerSignedCbor
|
|
31
|
+
import { defaultHasher } from '@sphereon/ssi-sdk.core'
|
|
35
32
|
|
|
36
33
|
// Exposing the methods here for any REST implementation
|
|
37
34
|
export const credentialValidationMethods: Array<string> = [
|
|
@@ -39,7 +36,7 @@ export const credentialValidationMethods: Array<string> = [
|
|
|
39
36
|
'cvVerifySchema',
|
|
40
37
|
'cvVerifyMdoc',
|
|
41
38
|
'cvVerifySDJWTCredential',
|
|
42
|
-
'cvVerifyW3CCredential'
|
|
39
|
+
'cvVerifyW3CCredential',
|
|
43
40
|
]
|
|
44
41
|
|
|
45
42
|
/**
|
|
@@ -52,7 +49,7 @@ export class CredentialValidation implements IAgentPlugin {
|
|
|
52
49
|
cvVerifySchema: this.cvVerifySchema.bind(this),
|
|
53
50
|
cvVerifyMdoc: this.cvVerifyMdoc.bind(this),
|
|
54
51
|
cvVerifySDJWTCredential: this.cvVerifySDJWTCredential.bind(this),
|
|
55
|
-
cvVerifyW3CCredential: this.cvVerifyW3CCredential.bind(this)
|
|
52
|
+
cvVerifyW3CCredential: this.cvVerifyW3CCredential.bind(this),
|
|
56
53
|
}
|
|
57
54
|
|
|
58
55
|
private detectSchemas(wrappedVC: WrappedVerifiableCredential): ICredentialSchemaType[] | undefined {
|
|
@@ -74,12 +71,12 @@ export class CredentialValidation implements IAgentPlugin {
|
|
|
74
71
|
}
|
|
75
72
|
|
|
76
73
|
private async cvVerifyCredential(args: VerifyCredentialArgs, context: RequiredContext): Promise<VerificationResult> {
|
|
77
|
-
const { credential, hasher, policies } = args
|
|
74
|
+
const { credential, hasher = defaultHasher, policies } = args
|
|
78
75
|
// defaulting the schema validation to when_present
|
|
79
76
|
const schemaResult = await this.cvVerifySchema({
|
|
80
77
|
credential,
|
|
81
78
|
validationPolicy: policies?.schemaValidation ?? SchemaValidation.WHEN_PRESENT,
|
|
82
|
-
hasher
|
|
79
|
+
hasher,
|
|
83
80
|
})
|
|
84
81
|
if (!schemaResult.result) {
|
|
85
82
|
return schemaResult
|
|
@@ -89,21 +86,24 @@ export class CredentialValidation implements IAgentPlugin {
|
|
|
89
86
|
} else if (CredentialMapper.isSdJwtEncoded(credential)) {
|
|
90
87
|
return await this.cvVerifySDJWTCredential({ credential, hasher }, context)
|
|
91
88
|
} else {
|
|
92
|
-
return await this.cvVerifyW3CCredential(
|
|
93
|
-
|
|
94
|
-
|
|
95
|
-
|
|
89
|
+
return await this.cvVerifyW3CCredential(
|
|
90
|
+
{
|
|
91
|
+
...args,
|
|
92
|
+
credential: credential as VeramoW3CVerifiableCredential,
|
|
93
|
+
},
|
|
94
|
+
context,
|
|
95
|
+
)
|
|
96
96
|
}
|
|
97
97
|
}
|
|
98
98
|
|
|
99
99
|
private async cvVerifySchema(args: ValidateSchemaArgs): Promise<VerificationResult> {
|
|
100
|
-
const { credential, hasher, validationPolicy } = args
|
|
100
|
+
const { credential, hasher = defaultHasher, validationPolicy } = args
|
|
101
101
|
const wrappedCredential: WrappedVerifiableCredential = CredentialMapper.toWrappedVerifiableCredential(credential, { hasher })
|
|
102
102
|
if (validationPolicy === SchemaValidation.NEVER) {
|
|
103
103
|
return {
|
|
104
104
|
result: true,
|
|
105
105
|
source: wrappedCredential,
|
|
106
|
-
subResults: []
|
|
106
|
+
subResults: [],
|
|
107
107
|
}
|
|
108
108
|
}
|
|
109
109
|
return this.validateSchema(wrappedCredential, validationPolicy)
|
|
@@ -113,17 +113,19 @@ export class CredentialValidation implements IAgentPlugin {
|
|
|
113
113
|
const schemas: ICredentialSchemaType[] | undefined = this.detectSchemas(wrappedVC)
|
|
114
114
|
if (!schemas) {
|
|
115
115
|
if (validationPolicy === SchemaValidation.ALWAYS) {
|
|
116
|
-
console.error(
|
|
116
|
+
console.error(
|
|
117
|
+
`No schema found for credential, but validation policy is set to ALWAYS. Returning false. Credential: ${JSON.stringify(wrappedVC.credential, null, 2)}`,
|
|
118
|
+
)
|
|
117
119
|
return {
|
|
118
120
|
result: false,
|
|
119
121
|
source: wrappedVC,
|
|
120
|
-
subResults: []
|
|
122
|
+
subResults: [],
|
|
121
123
|
}
|
|
122
124
|
} else {
|
|
123
125
|
return {
|
|
124
126
|
result: true,
|
|
125
127
|
source: wrappedVC,
|
|
126
|
-
subResults: []
|
|
128
|
+
subResults: [],
|
|
127
129
|
}
|
|
128
130
|
}
|
|
129
131
|
}
|
|
@@ -133,7 +135,7 @@ export class CredentialValidation implements IAgentPlugin {
|
|
|
133
135
|
return {
|
|
134
136
|
result: subResults.every((subResult) => subResult.result),
|
|
135
137
|
source: wrappedVC,
|
|
136
|
-
subResults
|
|
138
|
+
subResults,
|
|
137
139
|
}
|
|
138
140
|
}
|
|
139
141
|
|
|
@@ -154,7 +156,7 @@ export class CredentialValidation implements IAgentPlugin {
|
|
|
154
156
|
console.error(error)
|
|
155
157
|
return {
|
|
156
158
|
result: false,
|
|
157
|
-
error: error
|
|
159
|
+
error: error,
|
|
158
160
|
}
|
|
159
161
|
}
|
|
160
162
|
|
|
@@ -167,7 +169,7 @@ export class CredentialValidation implements IAgentPlugin {
|
|
|
167
169
|
console.error(`Schema validation failed for `, wrappedVC.credential)
|
|
168
170
|
}
|
|
169
171
|
return {
|
|
170
|
-
result: valid
|
|
172
|
+
result: valid,
|
|
171
173
|
}
|
|
172
174
|
}
|
|
173
175
|
|
|
@@ -182,17 +184,17 @@ export class CredentialValidation implements IAgentPlugin {
|
|
|
182
184
|
name: 'mdoc',
|
|
183
185
|
critical: true,
|
|
184
186
|
error: true,
|
|
185
|
-
message: error.message ?? 'Mdoc Issuer Signed VC could not be verified'
|
|
187
|
+
message: error.message ?? 'Mdoc Issuer Signed VC could not be verified',
|
|
186
188
|
} satisfies IVerifySignatureResult<ICoseKeyJson>
|
|
187
189
|
})
|
|
188
190
|
|
|
189
191
|
return {
|
|
190
|
-
source: CredentialMapper.toWrappedVerifiableCredential(credential as OriginalVerifiableCredential),
|
|
192
|
+
source: CredentialMapper.toWrappedVerifiableCredential(credential as OriginalVerifiableCredential, { hasher: defaultHasher }),
|
|
191
193
|
result: !verification.error,
|
|
192
194
|
subResults: [],
|
|
193
195
|
...(verification.error && {
|
|
194
|
-
error: verification.message ?? `Could not verify mdoc from issuer
|
|
195
|
-
})
|
|
196
|
+
error: verification.message ?? `Could not verify mdoc from issuer`,
|
|
197
|
+
}),
|
|
196
198
|
}
|
|
197
199
|
}
|
|
198
200
|
|
|
@@ -205,13 +207,13 @@ export class CredentialValidation implements IAgentPlugin {
|
|
|
205
207
|
if (typeof result === 'boolean') {
|
|
206
208
|
return {
|
|
207
209
|
// FIXME the source is never used, need to start using this as the source of truth
|
|
208
|
-
source: CredentialMapper.toWrappedVerifiableCredential(args.credential as OriginalVerifiableCredential),
|
|
210
|
+
source: CredentialMapper.toWrappedVerifiableCredential(args.credential as OriginalVerifiableCredential, { hasher: defaultHasher }),
|
|
209
211
|
result,
|
|
210
212
|
...(!result && {
|
|
211
213
|
error: 'Invalid JWT VC',
|
|
212
|
-
errorDetails: `JWT VC was not valid with policies: ${JSON.stringify(policies)}
|
|
214
|
+
errorDetails: `JWT VC was not valid with policies: ${JSON.stringify(policies)}`,
|
|
213
215
|
}),
|
|
214
|
-
subResults: []
|
|
216
|
+
subResults: [],
|
|
215
217
|
}
|
|
216
218
|
} else {
|
|
217
219
|
// TODO look at what this is doing and make it simple and readable
|
|
@@ -232,17 +234,17 @@ export class CredentialValidation implements IAgentPlugin {
|
|
|
232
234
|
}
|
|
233
235
|
|
|
234
236
|
return {
|
|
235
|
-
source: CredentialMapper.toWrappedVerifiableCredential(credential as OriginalVerifiableCredential),
|
|
237
|
+
source: CredentialMapper.toWrappedVerifiableCredential(credential as OriginalVerifiableCredential, { hasher: defaultHasher }),
|
|
236
238
|
result: result.verified,
|
|
237
239
|
subResults,
|
|
238
240
|
error,
|
|
239
|
-
errorDetails
|
|
241
|
+
errorDetails,
|
|
240
242
|
}
|
|
241
243
|
}
|
|
242
244
|
}
|
|
243
245
|
|
|
244
246
|
private async cvVerifySDJWTCredential(args: VerifySDJWTCredentialArgs, context: RequiredContext): Promise<VerificationResult> {
|
|
245
|
-
const { credential, hasher } = args
|
|
247
|
+
const { credential, hasher = defaultHasher } = args
|
|
246
248
|
|
|
247
249
|
const verification: IVerifySdJwtVcResult | CredentialVerificationError = await context.agent
|
|
248
250
|
.verifySdJwtVc({ credential })
|
|
@@ -250,16 +252,16 @@ export class CredentialValidation implements IAgentPlugin {
|
|
|
250
252
|
console.error(error)
|
|
251
253
|
return {
|
|
252
254
|
error: 'Invalid SD-JWT VC',
|
|
253
|
-
errorDetails: error.message ?? 'SD-JWT VC could not be verified'
|
|
255
|
+
errorDetails: error.message ?? 'SD-JWT VC could not be verified',
|
|
254
256
|
}
|
|
255
257
|
})
|
|
256
258
|
|
|
257
259
|
const result = 'header' in verification && 'payload' in verification
|
|
258
260
|
return {
|
|
259
|
-
source: CredentialMapper.toWrappedVerifiableCredential(credential as OriginalVerifiableCredential, { hasher }),
|
|
261
|
+
source: CredentialMapper.toWrappedVerifiableCredential(credential as OriginalVerifiableCredential, { hasher: hasher ?? defaultHasher }),
|
|
260
262
|
result,
|
|
261
263
|
subResults: [],
|
|
262
|
-
...(!result && { ...verification })
|
|
264
|
+
...(!result && { ...verification }),
|
|
263
265
|
}
|
|
264
266
|
}
|
|
265
267
|
}
|
|
@@ -1,5 +1,5 @@
|
|
|
1
1
|
import { IAgentContext, ICredentialVerifier, IPluginMethodMap } from '@veramo/core'
|
|
2
|
-
import {
|
|
2
|
+
import { HasherSync, WrappedVerifiableCredential, WrappedVerifiablePresentation } from '@sphereon/ssi-types'
|
|
3
3
|
import { ImDLMdoc } from '@sphereon/ssi-sdk.mdl-mdoc'
|
|
4
4
|
import { OriginalVerifiableCredential } from '@sphereon/ssi-types/dist'
|
|
5
5
|
|
|
@@ -19,7 +19,7 @@ export enum SchemaValidation {
|
|
|
19
19
|
|
|
20
20
|
export type VerifyCredentialArgs = {
|
|
21
21
|
credential: OriginalVerifiableCredential
|
|
22
|
-
hasher?:
|
|
22
|
+
hasher?: HasherSync
|
|
23
23
|
fetchRemoteContexts: boolean
|
|
24
24
|
policies?: VerificationPolicies
|
|
25
25
|
}
|
|
@@ -34,14 +34,14 @@ export type VerificationPolicies = {
|
|
|
34
34
|
export type ValidateSchemaArgs = {
|
|
35
35
|
credential: OriginalVerifiableCredential
|
|
36
36
|
validationPolicy?: SchemaValidation
|
|
37
|
-
hasher?:
|
|
37
|
+
hasher?: HasherSync
|
|
38
38
|
}
|
|
39
39
|
|
|
40
40
|
export type VerifyMdocCredentialArgs = { credential: string }
|
|
41
41
|
|
|
42
42
|
export type VerifySDJWTCredentialArgs = {
|
|
43
43
|
credential: string
|
|
44
|
-
hasher?:
|
|
44
|
+
hasher?: HasherSync
|
|
45
45
|
}
|
|
46
46
|
|
|
47
47
|
export type VerifyW3CCredentialArgs = {}
|