@sphereon/ssi-sdk.sd-jwt 0.32.1-feature.MWALL.715.120 → 0.32.1-feature.MWALL.715.122

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (6) hide show
  1. package/package.json +5 -5
  2. package/src/__tests__/resources/BoardingPassCredential-vct.json +1 -1
  3. package/src/__tests__/resources/LoyaltyProgramAccountCredential-vct.json +1 -1
  4. package/src/__tests__/resources/ePassport VC Schema V1.0.sd-jwt.json +218 -189
  5. package/src/__tests__/resources/travel-agency-EmployeeAgencyCredential-vct.json +1 -1
  6. package/src/__tests__/sd-jwt-integrity.test.ts +1 -1
package/package.json CHANGED
@@ -1,6 +1,6 @@
1
1
  {
2
2
  "name": "@sphereon/ssi-sdk.sd-jwt",
3
- "version": "0.32.1-feature.MWALL.715.120+74c1336f",
3
+ "version": "0.32.1-feature.MWALL.715.122+cf8f502e",
4
4
  "source": "src/index.ts",
5
5
  "main": "dist/index.js",
6
6
  "types": "dist/index.d.ts",
@@ -21,9 +21,9 @@
21
21
  "@sphereon/ssi-sdk-ext.jwt-service": "0.27.1-next.14",
22
22
  "@sphereon/ssi-sdk-ext.key-utils": "0.27.1-next.14",
23
23
  "@sphereon/ssi-sdk-ext.x509-utils": "0.27.1-next.14",
24
- "@sphereon/ssi-sdk.agent-config": "0.32.1-feature.MWALL.715.120+74c1336f",
25
- "@sphereon/ssi-sdk.mdl-mdoc": "0.32.1-feature.MWALL.715.120+74c1336f",
26
- "@sphereon/ssi-types": "0.32.1-feature.MWALL.715.120+74c1336f",
24
+ "@sphereon/ssi-sdk.agent-config": "0.32.1-feature.MWALL.715.122+cf8f502e",
25
+ "@sphereon/ssi-sdk.mdl-mdoc": "0.32.1-feature.MWALL.715.122+cf8f502e",
26
+ "@sphereon/ssi-types": "0.32.1-feature.MWALL.715.122+cf8f502e",
27
27
  "@veramo/utils": "4.2.0",
28
28
  "debug": "^4.3.5",
29
29
  "uint8arrays": "3.1.1",
@@ -72,5 +72,5 @@
72
72
  "Verifiable Credential"
73
73
  ],
74
74
  "nx": {},
75
- "gitHead": "74c1336f4d76e055b40e759f43507b32b19151e3"
75
+ "gitHead": "cf8f502e67fd0f87c619d2c9dae5b407788dbe5e"
76
76
  }
package/src/__tests__/resources/BoardingPassCredential-vct.json CHANGED
@@ -2,7 +2,7 @@
2
2
  "name": "Boarding Pass Verifiable Credential",
3
3
  "schema_uri": "https://iata.trustregistry.nborbit.ca/.well-known/schema/boardingpass.json",
4
4
  "schema_uri#integrity": "sha256-LCPRPfq0BCFVgW469g8F58ng0Nti1RL0+pir1hcQRa8",
5
- "vct": "https://iata.trustregistry.nborbit.ca/.well-known/vct/boardingpass.json",
5
+ "vct": "https://iata.trustregistry.nborbit.ca/boardingpass",
6
6
  "description": "A Verifiable Credential for a boarding pass.",
7
7
  "display": [
8
8
  {
package/src/__tests__/resources/LoyaltyProgramAccountCredential-vct.json CHANGED
@@ -2,7 +2,7 @@
2
2
  "name": "Loyalty Program Account Verifiable Credential",
3
3
  "schema_uri": "https://iata.trustregistry.nborbit.ca/.well-known/schema/loyalty.json",
4
4
  "schema_uri#integrity": "sha256-E08U75Zcmn1iIxBlZx3V/QW0cshVZJmSQx97WfRSGI4",
5
- "vct": "https://iata.trustregistry.nborbit.ca/.well-known/vct/loyalty.json",
5
+ "vct": "https://iata.trustregistry.nborbit.ca/loyalty",
6
6
  "description": "A Verifiable Credential for loyalty program accounts.",
7
7
  "display": [
8
8
  {
package/src/__tests__/resources/ePassport VC Schema V1.0.sd-jwt.json CHANGED
@@ -1,197 +1,226 @@
1
1
  {
2
- "$schema": "https://json-schema.org/draft/2020-12/schema",
3
- "$id": "https://schemas.prod.digitalcredentials.iata.org/epassport.json",
4
- "title": "ePassport",
5
- "description": "Verifiable Credential for an ePassport.",
6
- "type": "object",
7
- "required": ["electronicPassport", "iss", "iat", "vct", "cnf"],
8
- "properties": {
9
- "electronicPassport": {
10
- "title": "Electronic Passport",
11
- "description": "A passport that has an embedded electronic microprocessor chip, which contains biometric information that can be used to authenticate the identity of the passport holder. Also known as an e-passport, biometric passport, or a digital passport. Note filler characters are not required.",
12
- "type": "object",
13
- "required": ["dataGroup1", "dataGroup2EncodedFaceBiometrics", "docSecurityObject"],
14
- "properties": {
15
- "dataGroup1": {
16
- "title": "Data Group 1",
17
- "description": "Data Group 1 (DG1) of the machine readable zone (MRZ). Reference: Section 4.7.1 of Doc 9303 Machine Readable Travel Documents, Eighth Edition 2021, Part 10: Logical Data Structure (LDS) for Storage of Biometrics and Other Data in the Contactless Integrated Circuit (IC).",
18
- "type": "object",
19
- "required": ["birthdate", "docTypeCode", "expiryDate", "sexCode", "holdersName", "issuerCode", "natlCode", "passportNumberIdentifier"],
20
- "properties": {
21
- "birthdate": {
22
- "title": "Data Group 1 Birthdate",
23
- "description": "Date of birth of the passport holder as recorded by the issuing State or organization.",
24
- "type": "string",
25
- "pattern": "^[0-9<]{2}([0<][1-9<]|[1<][0-2<])([0<][1-9<]|[12<][0-9<]|[3<][01<])$"
26
- },
27
- "docTypeCode": {
28
- "title": "Data Group 1 Document Type Code",
29
- "description": "Capital letter P to designate an ePassport. One additional capital letter may be used, in the character position after the letter P and at the discretion of the issuing State or organization, to designate other types of passports such as MRP issued to diplomatic staff.",
30
- "type": "string",
31
- "pattern": "^P.$"
32
- },
33
- "expiryDate": {
34
- "title": "Data Group 1 Expiry Date",
35
- "description": "Date of expiry of the ePassport.",
36
- "type": "string",
37
- "pattern": "^[0-9]{2}([0][1-9]|[1][0-2])([0][1-9]|[12][0-9]|[3][01])$"
38
- },
39
- "sexCode": {
40
- "title": "Sex Code",
41
- "description": "Sex of the passport holder; typically, F for Female, M for Male or < for non-specified.",
42
- "type": "string",
43
- "enum": ["F", "M", "<"]
44
- },
45
- "holdersName": {
46
- "title": "Data Group 1 Holders Name",
47
- "description": "Full name of the holder, as identified by the issuing State or organization.",
48
- "type": "string",
49
- "minLength": 1,
50
- "maxLength": 39
51
- },
52
- "issuerCode": {
53
- "title": "Data Group 1 Issuer Code",
54
- "description": "Code of the State or Organization responsible for the issuance of the ePassport.",
55
- "type": "string",
56
- "maxLength": 13
57
- },
58
- "natlCode": {
59
- "title": "Data Group 1 Nationality Text",
60
- "description": "The code for the nationality of the holder of the ePassport.",
61
- "type": "string",
62
- "minLength": 3,
63
- "maxLength": 3
64
- },
65
- "passportNumberIdentifier": {
66
- "title": "Data Group 1 Passport Number Identifier",
67
- "description": "As given by the issuing State or organization to uniquely identify the document from all other MRTDs issued by the State or organization.",
68
- "type": "string",
69
- "maxLength": 9
70
- }
71
- }
72
- },
73
- "dataGroup15": {
74
- "title": "Data Group 15",
75
- "description": "Data group 15 defined by ICAO for ePassport. Reference: Section 4.7.15.1 of Doc 9303 Machine Readable Travel Documents, Eighth Edition 2021, Part 10: Logical Data Structure (LDS) for Storage of Biometrics and Other Data in the Contactless Integrated Circuit (IC).",
76
- "type": "object",
77
- "required": ["activeAuthentication"],
78
- "properties": {
79
- "activeAuthentication": {
80
- "title": "Active Authentication",
81
- "description": "Active Authentication authenticates the contactless IC by signing a challenge sent by the IFD (inspection system) with a private key known only to the IC. For this purpose the contactless IC contains its own Active Authentication Key pair (KPrAA and KPuAA). A hash representation of Data Group 15 (Public Key (KPuAA) info) is stored in the Document Security Object (SOD) and therefore authenticated by the issuer's digital signature. The corresponding Private Key (KPrAA) is stored in the contactless IC's secure memory. By authenticating the visual MRZ (through the hashed MRZ in the Document Security Object (SOD)) in combination with the challenge response, using the eMRTD's Active Authentication Key Pair (KPrAA and KPuAA), the inspection system verifies that the Document Security Object (SOD) has been read from the genuine contactless IC stored in the genuine eMRTD.",
82
- "type": "object",
83
- "required": ["publicKeyBinaryObject"],
84
- "properties": {
85
- "publicKeyBinaryObject": {
86
- "title": "Active Authentication Public Key Binary Object",
87
- "description": "Public key for use in active authentication. Example uri format data:application/octet-stream;base64,...",
88
- "type": "string",
89
- "format": "uri"
90
- }
91
- }
92
- }
93
- }
2
+ "name": "ePassport Verifiable Credential",
3
+ "schema_uri": "https://iata.trustregistry.nborbit.ca/.well-known/schema/epassport.json",
4
+ "schema_uri#integrity": "sha256-ro3/ER87HPcrdV1JliUeH5JRDKNO+PThBd1gMf84EKc",
5
+ "vct": "https://iata.trustregistry.nborbit.ca/epassport",
6
+ "description": "A Verifiable Credential for an ePassport.",
7
+ "display": [
8
+ {
9
+ "description": "A Verifiable Credential for an ePassport.",
10
+ "lang": "en-US",
11
+ "name": "ePassport Verifiable Credential",
12
+ "rendering": {
13
+ "simple": {
14
+ "background_color": "#CB2210",
15
+ "logo": {
16
+ "alt_text": "ePassport Verifiable Credential Logo",
17
+ "uri": "https://iata.trustregistry.nborbit.ca/logo/epassport-logo.png",
18
+ "uri#integrity": "sha256-SSp0p9SBIotc7FIi/pkqbMthx4Gmx+g+IXnMdOOQXl4"
19
+ },
20
+ "text_color": "#F9F9F9"
94
21
  },
95
- "dataGroup2EncodedFaceBiometrics": {
96
- "title": "Data Group 2 Encoded Face Biometrics",
97
- "description": "First, most recent, face biometric image from data group 2. Reference: Section 4.7.2 of Doc 9303 Machine Readable Travel Documents, Eighth Edition 2021, Part 10: Logical Data Structure (LDS) for Storage of Biometrics and Other Data in the Contactless Integrated Circuit (IC).",
98
- "type": "object",
99
- "required": ["faceBiometricDataEncodedPicture"],
22
+ "svg_template": {
100
23
  "properties": {
101
- "faceBiometricDataEncodedPicture": {
102
- "title": "Data Group 2 Encoded Face Biometrics Face Biometric Data Encoded Picture",
103
- "description": "First, most recent, face biometric image from data group 2. Example uri, data:image/jpeg;base64,...",
104
- "type": "string",
105
- "format": "uri"
106
- }
107
- }
108
- },
109
- "digitalTravelCredential": {
110
- "title": "Digital Travel Credential",
111
- "description": "Travel credentials in a digital format that are meant to temporarily or permanently substitute a conventional passport by a digital representation of the traveler's identity. Reference: Section 2.1.3 of Machine Readable Travel Documents, Digital Travel Credentials (DTC), Virtual Component Data Structure and PKI Mechanisms, Technical Report, Version 1.2 October 2020.",
112
- "type": "object",
113
- "required": ["dTCContentInfo"],
114
- "properties": {
115
- "dTCContentInfo": {
116
- "title": "DTC-VC as DTCContentInfo encoded Structure",
117
- "description": "DER encoded DTC-VC. Example uri format data:application/octet-stream;base64,...",
118
- "type": "string",
119
- "format": "uri"
120
- }
121
- }
122
- },
123
- "docSecurityObject": {
124
- "title": "Document Security Object",
125
- "description": "Document Security Object which contains the hashing information including hashed ePassport data. Reference: Section 4.6.2 of Doc 9303 Machine Readable Travel Documents, Eighth Edition 2021, Part 10: Logical Data Structure (LDS) for Storage of Biometrics and Other Data in the Contactless Integrated Circuit (IC).",
126
- "type": "object",
127
- "required": ["dataGroupHash", "digestHashAlgorithmIdentifier", "versionNumber"],
128
- "properties": {
129
- "digestHashAlgorithmIdentifier": {
130
- "title": "Document Security Object Digest Hash Algorithm Identifier",
131
- "description": "Digest Algorithm Identifier used to perform hashing on the data groups.",
132
- "type": "string",
133
- "maxLength": 35
134
- },
135
- "versionNumber": {
136
- "title": "Document Security Object Version Number",
137
- "description": "Security object version.",
138
- "type": "number"
139
- },
140
- "dataGroupHash": {
141
- "title": "Data Group Hash",
142
- "description": "Data group with corresponding hash value.",
143
- "type": "array",
144
- "items": {
145
- "type": "object",
146
- "title": "Data Group Hash",
147
- "description": "Data group with corresponding hash value.",
148
- "required": ["dataGroupNumber", "valueBinaryObject"],
149
- "properties": {
150
- "dataGroupNumber": {
151
- "title": "Data Group Hash Data Group Number",
152
- "description": "Data group number.",
153
- "type": "integer",
154
- "minimum": 1,
155
- "maximum": 16
156
- },
157
- "valueBinaryObject": {
158
- "title": "Data Group Hash Value Binary Object",
159
- "description": "Hash value for the corresponding data group. Example uri format data:application/octet-stream;base64,...",
160
- "type": "string",
161
- "format": "uri"
162
- }
163
- }
164
- }
165
- }
166
- }
24
+ "color_scheme": "light",
25
+ "contrast": "high",
26
+ "orientation": "landscape"
27
+ },
28
+ "uri": "https://iata.trustregistry.nborbit.ca/svg/epassport.svg",
29
+ "uri#integrity": "sha256-+2b8yT2jzbRuoHh5KnI6RzorWNTN/eL67ZvEV+abEfA"
167
30
  }
168
31
  }
32
+ }
33
+ ],
34
+ "claims": [
35
+ {
36
+ "display": [
37
+ {
38
+ "description": "Information about the electronic passport.",
39
+ "label": "Electronic Passport",
40
+ "lang": "en-US"
41
+ }
42
+ ],
43
+ "path": ["electronicPassport"]
44
+ },
45
+ {
46
+ "display": [
47
+ {
48
+ "description": "Data Group 1 of the electronic passport.",
49
+ "label": "Data Group 1",
50
+ "lang": "en-US"
51
+ }
52
+ ],
53
+ "path": ["electronicPassport", "dataGroup1"]
54
+ },
55
+ {
56
+ "display": [
57
+ {
58
+ "description": "Date of birth of the passport holder.",
59
+ "label": "Birthdate",
60
+ "lang": "en-US"
61
+ }
62
+ ],
63
+ "path": ["electronicPassport", "dataGroup1", "birthdate"]
64
+ },
65
+ {
66
+ "display": [
67
+ {
68
+ "description": "Document type code, such as 'P' for an ePassport.",
69
+ "label": "Document Type Code",
70
+ "lang": "en-US"
71
+ }
72
+ ],
73
+ "path": ["electronicPassport", "dataGroup1", "docTypeCode"]
74
+ },
75
+ {
76
+ "display": [
77
+ {
78
+ "description": "Expiry date of the ePassport.",
79
+ "label": "Expiry Date",
80
+ "lang": "en-US"
81
+ }
82
+ ],
83
+ "path": ["electronicPassport", "dataGroup1", "expiryDate"]
84
+ },
85
+ {
86
+ "display": [
87
+ {
88
+ "description": "Sex of the passport holder.",
89
+ "label": "Sex Code",
90
+ "lang": "en-US"
91
+ }
92
+ ],
93
+ "path": ["electronicPassport", "dataGroup1", "sexCode"]
94
+ },
95
+ {
96
+ "display": [
97
+ {
98
+ "description": "Full name of the passport holder.",
99
+ "label": "Holder's Name",
100
+ "lang": "en-US"
101
+ }
102
+ ],
103
+ "path": ["electronicPassport", "dataGroup1", "holdersName"]
104
+ },
105
+ {
106
+ "display": [
107
+ {
108
+ "description": "Issuer code of the ePassport.",
109
+ "label": "Issuer Code",
110
+ "lang": "en-US"
111
+ }
112
+ ],
113
+ "path": ["electronicPassport", "dataGroup1", "issuerCode"]
114
+ },
115
+ {
116
+ "display": [
117
+ {
118
+ "description": "Nationality code of the passport holder.",
119
+ "label": "Nationality Code",
120
+ "lang": "en-US"
121
+ }
122
+ ],
123
+ "path": ["electronicPassport", "dataGroup1", "natlCode"]
124
+ },
125
+ {
126
+ "display": [
127
+ {
128
+ "description": "Unique identifier for the passport.",
129
+ "label": "Passport Number",
130
+ "lang": "en-US"
131
+ }
132
+ ],
133
+ "path": ["electronicPassport", "dataGroup1", "passportNumberIdentifier"]
134
+ },
135
+ {
136
+ "display": [
137
+ {
138
+ "description": "Encoded face biometric data from Data Group 2.",
139
+ "label": "Encoded Face Biometrics",
140
+ "lang": "en-US"
141
+ }
142
+ ],
143
+ "path": ["electronicPassport", "dataGroup2EncodedFaceBiometrics", "faceBiometricDataEncodedPicture"]
144
+ },
145
+ {
146
+ "display": [
147
+ {
148
+ "description": "Data group 15 containing the public key for active authentication.",
149
+ "label": "Data Group 15",
150
+ "lang": "en-US"
151
+ }
152
+ ],
153
+ "path": ["electronicPassport", "dataGroup15"]
154
+ },
155
+ {
156
+ "display": [
157
+ {
158
+ "description": "Public key for active authentication.",
159
+ "label": "Active Authentication Public Key",
160
+ "lang": "en-US"
161
+ }
162
+ ],
163
+ "path": ["electronicPassport", "dataGroup15", "activeAuthentication", "publicKeyBinaryObject"]
169
164
  },
170
- "iss": {
171
- "title": "Issuer",
172
- "description": "URI identifying the issuer of the credential.",
173
- "type": "string",
174
- "format": "uri"
175
- },
176
- "iat": {
177
- "title": "Issued At",
178
- "description": "The time at which the credential was issued (Unix timestamp).",
179
- "type": "integer"
180
- },
181
- "exp": {
182
- "title": "Expiration",
183
- "description": "The time at which the credential expires (Unix timestamp).",
184
- "type": "integer"
185
- },
186
- "vct": {
187
- "title": "Verifiable Credential Type",
188
- "description": "A URI or string identifying the type or context of this credential.",
189
- "type": "string"
190
- },
191
- "cnf": {
192
- "title": "Confirmation",
193
- "description": "Proof-of-possession key information used to bind the credential to a specific holder.",
194
- "type": "object"
165
+ {
166
+ "display": [
167
+ {
168
+ "description": "Document security object containing hashing information.",
169
+ "label": "Document Security Object",
170
+ "lang": "en-US"
171
+ }
172
+ ],
173
+ "path": ["electronicPassport", "docSecurityObject"]
174
+ },
175
+ {
176
+ "display": [
177
+ {
178
+ "description": "Digest hash algorithm used for the document security object.",
179
+ "label": "Digest Hash Algorithm",
180
+ "lang": "en-US"
181
+ }
182
+ ],
183
+ "path": ["electronicPassport", "docSecurityObject", "digestHashAlgorithmIdentifier"]
184
+ },
185
+ {
186
+ "display": [
187
+ {
188
+ "description": "Version number of the document security object.",
189
+ "label": "Version Number",
190
+ "lang": "en-US"
191
+ }
192
+ ],
193
+ "path": ["electronicPassport", "docSecurityObject", "versionNumber"]
194
+ },
195
+ {
196
+ "display": [
197
+ {
198
+ "description": "Data group hash values within the document security object.",
199
+ "label": "Data Group Hash",
200
+ "lang": "en-US"
201
+ }
202
+ ],
203
+ "path": ["electronicPassport", "docSecurityObject", "dataGroupHash", null]
204
+ },
205
+ {
206
+ "display": [
207
+ {
208
+ "description": "Data group number for the hash.",
209
+ "label": "Data Group Number",
210
+ "lang": "en-US"
211
+ }
212
+ ],
213
+ "path": ["electronicPassport", "docSecurityObject", "dataGroupHash", null, "dataGroupNumber"]
214
+ },
215
+ {
216
+ "display": [
217
+ {
218
+ "description": "Hash value for the data group.",
219
+ "label": "Hash Value",
220
+ "lang": "en-US"
221
+ }
222
+ ],
223
+ "path": ["electronicPassport", "docSecurityObject", "dataGroupHash", null, "valueBinaryObject"]
195
224
  }
196
- }
225
+ ]
197
226
  }
package/src/__tests__/resources/travel-agency-EmployeeAgencyCredential-vct.json CHANGED
@@ -2,7 +2,7 @@
2
2
  "name": "Employee Agency Verifiable Credential",
3
3
  "schema_uri": "https://iata.trustregistry.nborbit.ca/.well-known/schema/employee.json",
4
4
  "schema_uri#integrity": "sha256-WFMhTljMTe7UrWbol6llL3T0K4VkxPgd0QoXzQHMKNQ",
5
- "vct": "https://iata.trustregistry.nborbit.ca/.well-known/vct/employee.json",
5
+ "vct": "https://iata.trustregistry.nborbit.ca/employee",
6
6
  "description": "A Verifiable Credential for employees working at a travel agency",
7
7
  "display": [
8
8
  {
package/src/__tests__/sd-jwt-integrity.test.ts CHANGED
@@ -54,7 +54,7 @@ describe('VCT Integrity', () => {
54
54
  )
55
55
  })
56
56
 
57
- it('create vct integrity values for loyalty program account', async () => {
57
+ it('create vct integrity values for loyalty prograam account', async () => {
58
58
  const vct: string = fs.readFileSync(__dirname + '/resources/LoyaltyProgramAccountCredential-vct.json', 'utf8')
59
59
  const vctIntegrity = await createIntegrity({ input: vct, hasher, alg: 'sha256' })
60
60
  await validateIntegrity({ input: vct, integrityValue: vctIntegrity, hasher })