Fix: Update signature validation for did:web

EWC-consortium · Nov 20, 2024 · dc2c395 · dc2c395
1 parent a43267f
commit dc2c395
Show file tree

Hide file tree

Showing 2 changed files with 7 additions and 2 deletions.
diff --git a/...java/com/ewc/eudi_wallet_oidc_android/services/credentialValidation/SignatureValidator.kt b/...java/com/ewc/eudi_wallet_oidc_android/services/credentialValidation/SignatureValidator.kt
@@ -50,7 +50,12 @@ class SignatureValidator {
 
                 // If a valid JWK response is received, verify the JWT signature
                 if (response != null) {
-                    val isSignatureValid = verifyJwtSignature(jwt, response.toJSONString()) // Verify signature using the JWK response
+                   val splitJwt = try {
+                        jwt.split("~")[0]
+                    } catch (e: Exception){
+                        jwt
+                    }
+                    val isSignatureValid = verifyJwtSignature(splitJwt, response.toJSONString()) // Verify signature using the JWK response
                     isSignatureValid // Return the result of the signature verification
                 } else {
                     throw SignatureException("Invalid signature") // Throw an exception if JWK response is null

diff --git a/...et_oidc_android/services/credentialValidation/publicKeyExtraction/ProcessWebJWKFromKID.kt b/...et_oidc_android/services/credentialValidation/publicKeyExtraction/ProcessWebJWKFromKID.kt
@@ -38,7 +38,7 @@ class ProcessWebJWKFromKID {
         } else {
             "https://$domain/.well-known/did.json" // Use the default path if no additional path is given
         }
-        val jwkKey =fetchJwks(jwksUri =jwksUri, kid = null)
+        val jwkKey =fetchJwks(jwksUri =jwksUri, kid = did)
         val converted = convertToJWK(jwkKey)