Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Fix serialization of byte arrays in SD-JWT #132

Merged
merged 11 commits into from
Sep 27, 2024
Merged

Fix serialization of byte arrays in SD-JWT #132

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
11 commits
Select commit Hold shift + click to select a range
ebfe10e
SIOPv2: Support requesting multiple credentials
nodh Sep 26, 2024
23fa4f8
Refactor code
nodh Sep 26, 2024
c0e8025
Mark field removed in current spec as deprecated
nodh Sep 26, 2024
e8c484b
SIOP: Move parameters from constructor to request options
nodh Sep 26, 2024
2f172c6
SIOP: Add option to set response type for requests
nodh Sep 26, 2024
c650799
SIOP: Add validations in case only id token was requested
nodh Sep 27, 2024
01c71b5
Fix serialization of byte arrays in SD-JWT
nodh Sep 19, 2024
c10ef81
Add UInt test case for SD-JWT serialization
nodh Sep 26, 2024
ae1335c
SD-JWT: Use JSON primitives instead of Any for disclosures
nodh Sep 26, 2024
f7927c1
Use constants for claim names in tests
nodh Sep 27, 2024
547288a
Spell out function name
nodh Sep 27, 2024
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
6 changes: 6 additions & 0 deletions CHANGELOG.md
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -39,6 +39,12 @@ Release NEXT:
- Introudce `OAuth2Client` to extract creating authentication requests and token requests from OID4VCI `WalletService`
- Refactor `SimpleAuthorizationService` to extract actual authentication and authorization into `AuthorizationServiceStrategy`
- Implement JWE encryption with AES-CBC-HMAC algorithms
- SIOPv2/OpenID4VP: Support requesting and receiving claims from different credentials, i.e. a combined presentation
- Require request options on every method in `OidcSiopVerifier`
- Move `credentialScheme`, `representation`, `requestedAttributes` from `RequestOptions` to `RequestOptionsCredentials`
- In `OidcSiopVerifier` move `responseUrl` from constructor parameter to `RequestOptions`
- Add `IdToken` as result case to `OidcSiopVerifier.AuthnResponseResult`, when only an `id_token` is requested and received
- Disclosures for SD-JWT (in class `SelectiveDisclosureItem`) now contain a `JsonPrimitive` for the value, so that implementers can deserialize the value accordingly

Release 4.1.2:
* In `OidcSiopVerifier` add parameter `nonceService` to externalize creation and validation of nonces, e.g. for deployments in load-balanced environments
Expand Down
2 changes: 2 additions & 0 deletions dif-data-classes/src/commonMain/kotlin/at/asitplus/dif/PresentationDefinition.kt
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -20,11 +20,13 @@ data class PresentationDefinition(
val purpose: String? = null,
@SerialName("input_descriptors")
val inputDescriptors: Collection<InputDescriptor>,
@Deprecated(message = "Removed in DIF Presentation Exchange 2.0.0", ReplaceWith("inputDescriptors.format"))
@SerialName("format")
val formats: FormatHolder? = null,
@SerialName("submission_requirements")
val submissionRequirements: Collection<SubmissionRequirement>? = null,
) {
@Deprecated(message = "Removed in DIF Presentation Exchange 2.0.0")
constructor(
inputDescriptors: Collection<InputDescriptor>,
formats: FormatHolder
Expand Down
22 changes: 3 additions & 19 deletions vck-aries/src/commonMain/kotlin/at/asitplus/wallet/lib/aries/PresentProofProtocol.kt
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,31 +1,14 @@
package at.asitplus.wallet.lib.aries

import at.asitplus.dif.*
import at.asitplus.signum.indispensable.josef.JsonWebKey
import at.asitplus.signum.indispensable.josef.JwsAlgorithm
import at.asitplus.wallet.lib.agent.Holder
import at.asitplus.wallet.lib.agent.Verifier
import at.asitplus.wallet.lib.data.AriesGoalCodeParser
import at.asitplus.wallet.lib.data.ConstantIndex
import at.asitplus.wallet.lib.data.SchemaIndex
import at.asitplus.dif.Constraint
import at.asitplus.dif.ConstraintField
import at.asitplus.dif.ConstraintFilter
import at.asitplus.dif.DifInputDescriptor
import at.asitplus.dif.FormatContainerJwt
import at.asitplus.dif.FormatHolder
import at.asitplus.dif.PresentationDefinition
import at.asitplus.wallet.lib.msg.AttachmentFormatReference
import at.asitplus.wallet.lib.msg.JsonWebMessage
import at.asitplus.wallet.lib.msg.JwmAttachment
import at.asitplus.wallet.lib.msg.OutOfBandInvitation
import at.asitplus.wallet.lib.msg.OutOfBandInvitationBody
import at.asitplus.wallet.lib.msg.OutOfBandService
import at.asitplus.wallet.lib.msg.Presentation
import at.asitplus.wallet.lib.msg.PresentationBody
import at.asitplus.wallet.lib.msg.RequestPresentation
import at.asitplus.wallet.lib.msg.RequestPresentationAttachment
import at.asitplus.wallet.lib.msg.RequestPresentationAttachmentOptions
import at.asitplus.wallet.lib.msg.RequestPresentationBody
import at.asitplus.wallet.lib.msg.*
import com.benasher44.uuid.uuid4
import io.github.aakira.napier.Napier
import kotlinx.serialization.encodeToString
Expand Down Expand Up @@ -203,6 +186,7 @@ class PresentProofProtocol(
.also { this.state = State.REQUEST_PRESENTATION_SENT }
}

@Suppress("DEPRECATION")
private fun buildRequestPresentationMessage(
credentialScheme: ConstantIndex.CredentialScheme,
parentThreadId: String? = null,
Expand Down
14 changes: 10 additions & 4 deletions vck-aries/src/commonTest/kotlin/at/asitplus/wallet/lib/aries/DummyCredentialDataProvider.kt
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -8,8 +8,13 @@ import at.asitplus.wallet.lib.agent.CredentialToBeIssued
import at.asitplus.wallet.lib.agent.IssuerCredentialDataProvider
import at.asitplus.wallet.lib.data.AtomicAttribute2023
import at.asitplus.wallet.lib.data.ConstantIndex
import at.asitplus.wallet.lib.data.ConstantIndex.AtomicAttribute2023.CLAIM_DATE_OF_BIRTH
import at.asitplus.wallet.lib.data.ConstantIndex.AtomicAttribute2023.CLAIM_FAMILY_NAME
import at.asitplus.wallet.lib.data.ConstantIndex.AtomicAttribute2023.CLAIM_GIVEN_NAME
import at.asitplus.wallet.lib.data.ConstantIndex.AtomicAttribute2023.CLAIM_PORTRAIT
import at.asitplus.wallet.lib.iso.IssuerSignedItem
import kotlinx.datetime.Clock
import kotlinx.datetime.LocalDate
import kotlin.random.Random
import kotlin.time.Duration.Companion.minutes

Expand All @@ -31,9 +36,10 @@ class DummyCredentialDataProvider(
val subjectId = subjectPublicKey.didEncoded
val expiration = clock.now() + defaultLifetime
val claims = listOf(
ClaimToBeIssued("given_name", "Susanne"),
ClaimToBeIssued("family_name", "Meier"),
ClaimToBeIssued("date_of_birth", "1990-01-01"),
ClaimToBeIssued(CLAIM_GIVEN_NAME, "Susanne"),
ClaimToBeIssued(CLAIM_FAMILY_NAME, "Meier"),
ClaimToBeIssued(CLAIM_DATE_OF_BIRTH, LocalDate.parse("1990-01-01")),
ClaimToBeIssued(CLAIM_PORTRAIT, Random.nextBytes(32)),
)
when (representation) {
ConstantIndex.CredentialRepresentation.SD_JWT -> CredentialToBeIssued.VcSd(
Expand All @@ -42,7 +48,7 @@ class DummyCredentialDataProvider(
)

ConstantIndex.CredentialRepresentation.PLAIN_JWT -> CredentialToBeIssued.VcJwt(
subject = AtomicAttribute2023(subjectId, "given_name", "Susanne"),
subject = AtomicAttribute2023(subjectId, CLAIM_GIVEN_NAME, "Susanne"),
expiration = expiration,
)

Expand Down
Loading
Loading