Skip to content

Commit

Permalink
fix(sd_jwt): move from credential_definition to vct and clamis (#958)
Browse files Browse the repository at this point in the history
  • Loading branch information
matteo-cristino authored Nov 5, 2024
1 parent ad00236 commit 5e1034e
Show file tree
Hide file tree
Showing 2 changed files with 71 additions and 26 deletions.
38 changes: 15 additions & 23 deletions src/lua/zencode_sd_jwt.lua
Original file line number Diff line number Diff line change
Expand Up @@ -81,27 +81,16 @@ local function import_supported_selective_disclosure(obj)
end
res.authorization_servers = schema_get(obj, 'authorization_servers', import_url_f, tostring)
local creds = obj.credential_configurations_supported
for i=1,#creds do
check_display(creds[i].display)
check_support(creds[i], 'format', 'vc+sd-jwt')
check_support(creds[i], 'credential_signing_alg_values_supported', {'ES256'})
check_support(creds[i], 'cryptographic_binding_methods_supported', {"jwk", "did:dyne:sandbox.signroom"})
-- check_support(creds[i], 'proof_types_supported', {jwt = { proof_signing_alg_values_supported = {"ES256"}}})
if(not creds[i].credential_definition) then
error("Invalid supported selective disclosure: missing parameter credential_definition", 2)
end
if(not creds[i].credential_definition.type) then
error("Invalid supported selective disclosure: missing type parameter in credential_definition", 2)
end
if(not creds[i].credential_definition.credentialSubject) then
error("Invalid supported selective disclosure: missing credentialSubject parameter in credential_definition", 2)
end
for j=1,#creds[i].credential_definition.credentialSubject do
local display = creds[i].credential_definition.credentialSubject[j]
if display then
check_display(display)
end
for _,v in pairs(creds) do
check_display(v.display)
check_support(v, 'format', 'vc+sd-jwt')
check_support(v, 'credential_signing_alg_values_supported', {'ES256'})
check_support(v, 'cryptographic_binding_methods_supported', {"jwk", "did:dyne:sandbox.signroom"})
-- check_support(creds[i], 'proof_types_supported', {jwt = { proof_signing_alg_values_supported = {"ES256"}}})
if (not v.vct) then
error("Invalid supported selective disclosure: missing parameter vct", 2)
end
-- claims and everything in it are optional
end

res.credential_configurations_supported =
Expand Down Expand Up @@ -367,11 +356,14 @@ When("create selective disclosure request from '' with id '' for ''", function(s
local id = have(id_name)
local object = have(object_name)

local credential = ssd.credential_configurations_supported[O.to_string(id)]
local credential
for _,v in pairs(ssd.credential_configurations_supported) do
if v.vct == id then credential = v end
end
zencode_assert(credential, "Unknown credential id")
local credSubject = credential.credential_definition.credentialSubject
local claims = credential.claims
local fields = {}
for k,_ in pairs(credSubject) do
for k,_ in pairs(claims) do
table.insert(fields, O.from_str(k))
end
ACK.selective_disclosure_request = {
Expand Down
59 changes: 56 additions & 3 deletions test/zencode/sd_jwt.bats
Original file line number Diff line number Diff line change
Expand Up @@ -4,16 +4,69 @@ SUBDOC=sd_jwt

@test "Import metadata" {
cat <<EOF | save_asset metadata.keys.json
{"supported_selective_disclosure":{"authorization_servers":["http://server.example.org"],"credential_configurations_supported":{"IdentityCredential":{"credential_definition":{"credentialSubject":{"family_name":{"display":[{"locale":"en-US","name":"Family Name"}]},"given_name":{"display":[{"locale":"en-US","name":"Given Name"}]}},"type":["ab8c936e-b9ab-4cf5-9862-c3a25bb82996","VerifiableCredential","IdentityCredential"]},"credential_signing_alg_values_supported":["ES256"],"cryptographic_binding_methods_supported":["jwk","did:dyne:sandbox.signroom"],"display":[{"background_color":"#000000","locale":"en-US","name":"IdentityCredential","text_color":"#ffffff"}],"format":"vc+sd-jwt","proof_types_supported":{"jwt":{"proof_signing_alg_values_supported":["ES256"]}}}},"credential_endpoint":"http://issuer.example.org/credentials","credential_issuer":"http://issuer.example.org"}}
{
"supported_selective_disclosure":{
"credential_endpoint":"http://issuer.example.org/credentials",
"credential_issuer":"http://issuer.example.org",
"authorization_servers":[
"http://server.example.org"
],
"credential_configurations_supported":{
"IdentityCredential":{
"credential_signing_alg_values_supported":[
"ES256"
],
"cryptographic_binding_methods_supported":[
"jwk",
"did:dyne:sandbox.signroom"
],
"display":[
{
"background_color":"#000000",
"locale":"en-US",
"name":"IdentityCredential",
"text_color":"#ffffff"
}
],
"format":"vc+sd-jwt",
"proof_types_supported":{
"jwt":{
"proof_signing_alg_values_supported":[
"ES256"
]
}
},
"vct": "IdentityCredential",
"claims":{
"family_name":{
"display":[
{
"locale":"en-US",
"name":"Family Name"
}
]
},
"given_name":{
"display":[
{
"locale":"en-US",
"name":"Given Name"
}
]
}
}
}
}
}
}
EOF
cat <<EOF | zexe metadata.zen metadata.keys.json
Scenario 'sd_jwt': sign JSON
Given I have a 'supported selective disclosure'
and debug
Then print data
EOF
save_output 'metadata.out.json'
assert_output "$(cat metadata.keys.json)"
assert_output "$(cat metadata.keys.json | jq -c --sort-keys)"
}

@test "Import and export SDR" {
Expand Down

0 comments on commit 5e1034e

Please sign in to comment.