Skip to content

Commit

Permalink
chore: ValidateCredentialProof updates
Browse files Browse the repository at this point in the history
Signed-off-by: Mykhailo Sizov <[email protected]>
  • Loading branch information
mishasizov-SK committed Sep 4, 2023
1 parent 3c19d4e commit ca3ac4d
Show file tree
Hide file tree
Showing 2 changed files with 14 additions and 22 deletions.
34 changes: 13 additions & 21 deletions pkg/service/verifycredential/verifycredential_service.go
Original file line number Diff line number Diff line change
Expand Up @@ -112,56 +112,48 @@ func (s *Service) VerifyCredential(ctx context.Context, credential *verifiable.C
return result, nil
}

func (s *Service) parseAndVerifyLDPVC(vcBytes []byte) (*verifiable.Credential, error) {
func (s *Service) parseAndVerifyVC(vcBytes []byte, isJWT bool) (*verifiable.Credential, error) {
diVerifier, err := s.getDataIntegrityVerifier()
if err != nil {
return nil, fmt.Errorf("get data integrity verifier: %w", err)
}

cred, err := verifiable.ParseCredential(vcBytes,
opts := []verifiable.CredentialOpt{
verifiable.WithPublicKeyFetcher(
verifiable.NewVDRKeyResolver(s.vdr).PublicKeyFetcher(),
),
verifiable.WithJSONLDDocumentLoader(s.documentLoader),
verifiable.WithStrictValidation(),
verifiable.WithDataIntegrityVerifier(diVerifier),
// Use empty domain and challenge in order to skip the validation.
// See usage of vcInVPValidation variable in ValidateCredentialProof method.
// TODO: define verifier purpose field.
verifiable.WithExpectedDataIntegrityFields(crypto.Authentication, "", ""),
)
if err != nil {
return nil, fmt.Errorf("verifiable credential proof validation error : %w", err)
}

return cred, nil
}
if !isJWT {
opts = append(opts, verifiable.WithStrictValidation())
}

func (s *Service) parseAndVerifyJWTVC(vcBytes []byte) error {
_, err := verifiable.ParseCredential(vcBytes,
verifiable.WithPublicKeyFetcher(
verifiable.NewVDRKeyResolver(s.vdr).PublicKeyFetcher(),
),
verifiable.WithJSONLDDocumentLoader(s.documentLoader))
cred, err := verifiable.ParseCredential(vcBytes, opts...)
if err != nil {
return fmt.Errorf("verifiable credential proof validation error : %w", err)
return nil, fmt.Errorf("verifiable credential proof validation error : %w", err)
}

return nil
return cred, nil
}

// ValidateCredentialProof validate credential proof.
func (s *Service) ValidateCredentialProof(_ context.Context, vcByte []byte, proofChallenge, proofDomain string,
vcInVPValidation, isJWT bool) error { // nolint: lll,gocyclo
if isJWT {
return s.parseAndVerifyJWTVC(vcByte)
}

credential, err := s.parseAndVerifyLDPVC(vcByte)
credential, err := s.parseAndVerifyVC(vcByte, isJWT)
if err != nil {
return err
}

if len(credential.JWT) > 0 {
return nil
}

if len(credential.Proofs) == 0 {
return errors.New("verifiable credential doesn't contains proof")
}
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -698,7 +698,7 @@ func TestService_ValidateCredentialProof(t *testing.T) {
vcInVPValidation: false,
isJWT: true,
},
wantErr: false,
wantErr: true,
},
}
for _, tt := range tests {
Expand Down

0 comments on commit ca3ac4d

Please sign in to comment.